Removed rpms
============

 - cura-engine-lulzbot
 - hdf5_1_10_11-gnu-openmpi2-hpc
 - hdf5_1_10_11-gnu-openmpi2-hpc-devel
 - hdf5_1_10_11-gnu-openmpi2-hpc-devel-static
 - hdf5_1_10_11-gnu-openmpi2-hpc-module
 - kernel-livepatch-6_4_0-150600_17-default
 - libKF5Auth5-32bit
 - libfcitx-4_2_9-32bit
 - libhdf5_1_10_11-gnu-openmpi2-hpc
 - libhdf5_cpp_1_10_11-gnu-openmpi2-hpc
 - libhdf5_fortran_1_10_11-gnu-openmpi2-hpc
 - libhdf5_hl_1_10_11-gnu-openmpi2-hpc
 - libhdf5_hl_cpp_1_10_11-gnu-openmpi2-hpc
 - libhdf5hl_fortran_1_10_11-gnu-openmpi2-hpc
 - libzrtpcpp-devel
 - libzrtpcpp4
 - rabbitmq-server-bash-completion
 - rabbitmq-server-zsh-completion
 - twinkle

Added rpms
==========

 - pipewire-spa-plugins-0_2-jack
 - registries-conf-default
 - registries-conf-suse

Package Source Changes
======================

OpenBoard
+- update to release version 1.7.1
+- remove upstreamed patches
+  * remove 0830-cmake-community-builds.patch
+  * remove 9686-cmake-add-shortcut-manager.patch
+- update patch to match updated sources
+  * replace 0686-shortcut-configuration.patch by 0955-shortcut-configuration.patch
+
bcc
+- Fix incorrect offset calculation when consecutive bitfields are
+  present (bsc#1219096)
+  * add fix-alignment-issue-on-x86_64-due-to-consecutive-bit.patch
+
desktop-translations
+- Update to version 84.87.20240503.9343de5:
+  * Update for SLES 15 SP6 RC / Leap 15.6 RC poo#131735
+  * Manually remove further invalid character occurances
+  * Fix Browse C:\ drive incorrect escaping
+
+- Update to version 84.87.20240502.b932b7c:
+  * Add download_data_from_download-o-o.sh
+  * Added translation using Weblate (Latvian)
+  * Disable appstream and polkit extraction
+  * Leap 15.6 desktop-file-translations
+  * Translated using Weblate (Arabic)
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Croatian)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Dutch)
+  * Translated using Weblate (English (United Kingdom))
+  * Translated using Weblate (Finnish)
+  * Translated using Weblate (German)
+  * Translated using Weblate (Greek)
+  * Translated using Weblate (Indonesian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Japanese)
+  * Translated using Weblate (Latvian)
+  * Translated using Weblate (Lithuanian)
+  * Translated using Weblate (Polish)
+  * Translated using Weblate (Portuguese)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Serbian (latin) (sr@latin))
+  * Translated using Weblate (Slovak)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Turkish)
+
+- Update to version 84.87.20230410.dc72281:
+  * Translated using Weblate (Latvian)
+  * Translated using Weblate (Latvian)
+  * Translated using Weblate (German)
+  * Translated using Weblate (Polish)
+  * Translated using Weblate (Polish)
+  * Translated using Weblate (Lithuanian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Finnish)
+  * Translated using Weblate (Polish)
+  * Translated using Weblate (Polish)
+  * Translated using Weblate (Polish)
+  * Translated using Weblate (Polish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Persian)
+  * Translated using Weblate (Persian)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+
distrobox
+- Update to version 1.7.2.1
+  + changes from 1.7.2.1
+  * chore(init): Add sudo to Wolfi (#1375)
+  * Add fedora toolbox 40 to list of compatible images (#1377)
+  * init: fix setting empty DISPLAY variable, breaking gpg
+  + changes from 1.7.2
+  * all: properly handle env vars and configs in all commands
+    (#1328)
+  * chore: bump CI actions, minor fixes to README and other
+    files (#1345)
+  * docs: Specify that distrobox is in the extra repo (#1316)
+  * docs: Support latest alpine (#1341)
+  * docs: Update copyright in footer (#1365)
+  * docs: Update useful_tips.md (#1330)
+  * enter: make log_timestamp date format universally
+    compatible (#1343)
+  * export: cancel export when trying to delete (#1340)
+  * export: consider only absolute candidate icon paths that
+    exist (#1318)
+  * init: Support musl variant of Void Linux (#1327)
+  * init: add explicit creation of /etc/fish/conf.d (#1348)
+  * init: massively speed up apt/pacman/xbps deps install (#1324)
+  * install: use more portable install(1) arguments (#1364)
+  * CI: fix hostname test
+  * CI: try to ensure enough disk space
+  * CI: use shell-funcheck
+  * all: improve function docs
+  * assemble: add custom hostname support
+  * create: fix regression with rootless runc 1.20~rc1 (#1359)
+  * docs: add Slackware 15 (#1357)
+  * docs: move upgrading instruction a bit more ahead (#1342)
+  * docs: update xhost command to be silent (#1350)
+  * enter: Fix support for Active Directory usernames including
+    backslashes (#1360)
+  * enter: fix regression in fish shell login with initful
+    systems
+  * enter: fix typo in command generation (#1331)
+  * export: fix duplicate extra_flags (#1311)
+  * export: use different symbol for IFS (#1351)
+  * init, create: use $CONTAINER_ID to distinguish container's
+    prompts. Use host's hostname by default.
+  * init: ensure fish config is sourced only on interactive
+    shell (#1292)
+  * init: fix endless hook append (#1320)
+  * init: fix performance regression in skel file setup (#1317)
+  * init: forward wayland display only if it is set
+  * rm: revert 22bc081, simplify removal of exported
+    app/bins (#1301)
+
+- Update to 1.7.1
+  * all: ensure no side effects on global variables
+  * create the binary export path if it doesn't exist (#1291)
+  * docs: Add info on upgrading package on steamdeck (#1271)
+  * docs: remove extra ` from xhost command by (#1284)
+  * enter: Add option to run with clean PATH (#1299)
+  * fix: missing .fifo logfile in distrobox-enter (#1307)
+  * init: ignore findmnt error in routine remounting (#1289) (#1296)
+  * init: mask suspend/hibernate/hybrid-sleep
+  * init: massively speed up apk deps install by @JamiKettunen in (#1298)
+  * rm: do not block container removal if we cannot start it
+
+- Update to current git version in order to include the code that
+  fixes the problem of ImageMagick not being able to resize the
+  icons dynamically. This means including the following commits:
+  * install: fix linting
+  * assemble: fix regression in file reading
+  * chore: fix typo (#1283)
+  * install: fix installation script (#1282)
+  * install: add fixed resolution png icons for use on desktops (#1280)
+  * Update install (#1278)
+
+- Update to 1.7.0.1
+  * install: fix version
+  * distrobox-generate-entry: respect DBX_CONTAINER_MANAGER variable
+  * distrobox-init: do not fail if locale cannot be set by
+  * Don't create empty XAUTH* variables.
+  * Add DISTROBOX_EXPORT_PATH env var for distrobox-export.
+  * distrobox-init: use "zypper se --match-exact" (instead of "zypper se -x")
+  * init: better detection of file watching trigger
+  * enter: fix shell when entering initful container after
+  * export: fix quotes arount exported binary path
+  * upgrade: fix execution with new enter behavior
+  * enter: do not use a shell when executing a custom command
+  * export: fix execution of binaries with spaces in the name
+  * rm: do not fail if no exports are found
+
+- Removed:
+  * 0001-Fix-systemd-init-container-startup-1069.patch
+- Update to 1.7.0
+  * added --enter-flags to distrobox-export to specify additional
+    distrobox flags to use when entering
+  * added --hostname flag to distrobox-create so you can choose a
+    different hostname than the box name
+  * added --unshare-groups to distrobox-create to allow unsharing
+    user's additional groups inside the container
+  * better login shell management
+  * better systemd support for initful containers
+  * fixed multiple bins and apps exports declaration in assemble
+  * improved NVidia support
+  * improved Wolfi container support
+  * improved rootful containers support for exported graphical apps
+  * improved terminfo support
+  * new distrobox-export --list-apps and --list-binaries to show
+    exported apps and binaries
+
+- Add flatpak as a dependency, as we need it for distrobox-host-exec
+  to work properly (bsc#1220037)
+
+- Add 0001-Fix-systemd-init-container-startup-1069.patch:
+  * run podman exec command as root since some distros would ask
+    for user password when using su to login even though the user
+    has no password in /etc/shadow
+  * fix pam_systemd not being checked for su
+
dracut
+- Update to version 059+suse.521.g8412a1c0:
+  * fix(suse-initrd): clean return of installkernel() (bsc#1223467)
+
+- Update to version 059+suse.519.g3edf43b4:
+  * chore(suse): remove obsolete fillup template (bsc#1223467)
+
dtb-aarch64
+- drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679).
+- commit 0c69759
+
+- rds: tcp: Fix use-after-free of net in reqsk_timer_handler()
+  (CVE-2024-26865 bsc#1223062).
+- commit 4df5c35
+
+- Update
+  patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch
+  (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699).
+- Update
+  patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch
+  (git-fixes CVE-2024-26959 bsc#1223667).
+- Update
+  patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch
+  (git-fixes CVE-2024-27059 bsc#1223738).
+- Update
+  patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch
+  (git-fixes CVE-2024-27071 bsc#1223734).
+- Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch
+  (git-fixes CVE-2024-27038 bsc#1223816).
+- Update
+  patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch
+  (git-fixes CVE-2024-27039 bsc#1223821).
+- Update
+  patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch
+  (git-fixes CVE-2024-26970 bsc#1223644).
+- Update
+  patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch
+  (git-fixes CVE-2024-26969 bsc#1223645).
+- Update
+  patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch
+  (git-fixes CVE-2024-26968 bsc#1223642).
+- Update
+  patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch
+  (git-fixes CVE-2024-26966 bsc#1223646).
+- Update
+  patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch
+  (git-fixes CVE-2024-26965 bsc#1223648).
+- Update
+  patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch
+  (git-fixes CVE-2024-27037 bsc#1223717).
+- Update
+  patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch
+  (git-fixes CVE-2024-27051 bsc#1223769).
+- Update
+  patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch
+  (git-fixes CVE-2024-26974 bsc#1223638).
+- Update
+  patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch
+  (git-fixes CVE-2024-27040 bsc#1223711).
+- Update
+  patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch
+  (git-fixes CVE-2024-27045 bsc#1223826).
+- Update
+  patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch
+  (git-fixes CVE-2024-27044 bsc#1223723).
+- Update
+  patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch
+  (git-fixes CVE-2024-27041 bsc#1223714).
+- Update
+  patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch
+  (git-fixes CVE-2024-27042 bsc#1223823).
+- Update
+  patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch
+  (git-fixes CVE-2024-26979 bsc#1223628).
+- Update
+  patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch
+  (jsc#PED-7542 CVE-2024-27023 bsc#1223776).
+- Update
+  patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch
+  (git-fixes CVE-2024-27075 bsc#1223842).
+- Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch
+  (git-fixes CVE-2024-27043 bsc#1223824).
+- Update
+  patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch
+  (git-fixes CVE-2024-27074 bsc#1223844).
+- Update
+  patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch
+  (git-fixes CVE-2024-27076 bsc#1223779).
+- Update
+  patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch
+  (git-fixes CVE-2024-27073 bsc#1223843).
+- Update
+  patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch
+  (git-fixes CVE-2024-27072 bsc#1223837).
+- Update
+  patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch
+  (git-fixes CVE-2024-27077 bsc#1223780).
+- Update
+  patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch
+  (git-fixes CVE-2024-27078 bsc#1223781).
+- Update
+  patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch
+  (git-fixes CVE-2024-27047 bsc#1223828).
+- Update
+  patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch
+  (git-fixes CVE-2024-26956 bsc#1223663).
+- Update
+  patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch
+  (git-fixes CVE-2024-26955 bsc#1223657).
+- Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch
+  (git-fixes CVE-2024-26977 bsc#1223631).
+- Update
+  patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch
+  (git-fixes CVE-2024-26975 bsc#1223632).
+- Update
+  patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch
+  (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819).
+- Update
+  patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch
+  (bsc#1221816 CVE-2024-26931 bsc#1223627).
+- Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch
+  (bsc#1221816 CVE-2024-26929 bsc#1223715).
+- Update
+  patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch
+  (bsc#1221816 CVE-2024-26930 bsc#1223626).
+- Update
+  patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch
+  (git-fixes CVE-2024-27068 bsc#1223808).
+- Update
+  patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch
+  (git-fixes CVE-2024-27060 bsc#1223725).
+- Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch
+  (git-fixes CVE-2024-26919 bsc#1223847).
+- Update
+  patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch
+  (git-fixes CVE-2024-27048 bsc#1223760).
+- Update
+  patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch
+  (git-fixes CVE-2024-27052 bsc#1223829).
+- Update
+  patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch
+  (git-fixes CVE-2024-27391 bsc#1223709).
+- Update
+  patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch
+  (git-fixes CVE-2024-27053 bsc#1223737).
+- commit 9296e40
+
+- Update
+  patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch
+  (git-fixes CVE-2023-52650 bsc#1223770).
+- Update
+  patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch
+  (git-fixes CVE-2023-52649 bsc#1223768).
+- Update
+  patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch
+  (git-fixes CVE-2023-52648 bsc#1223765).
+- Update
+  patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch
+  (git-fixes CVE-2023-52647 bsc#1223764).
+- commit f67398e
+
+- Update
+  patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch
+  (bsc#1215199 CVE-2022-48669 bsc#1223756).
+- commit e9a7939
+
+- Delete
+  patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace.
+  (bsc#1222654)
+- commit dc5c22e
+
+- Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch.
+- commit ca33aea
+
+- btrfs: qgroup: always free reserved space for extent records
+  (bsc#1216196).
+- commit 5a30b4d
+
+- Update
+  patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch
+  (git-fixes CVE-2024-26927 bsc#1223525).
+- commit d3c5f91
+
+- Update
+  patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch
+  (bsc#1219485 bsc#1219451 git-fixes).
+- Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch
+  (bsc#1219485 bsc#1219451 git-fixes).
+- Update
+  patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch
+  (bsc#1141539 git-fixes).
+- commit 73a9e98
+
+- net/ipv6: avoid possible UAF in ip6_route_mpath_notify()
+  (CVE-2024-26852 bsc#1223057)
+- commit 9474f59
+
+- kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415)
+- commit 689bcfa
+
elixir
-- Use pregenerated documentation
-
-- Switch from %patch0 to %autosetup
-
-- Update to Elixir 1.15.7:
-  * Fix build for Erlang 26
-  * Changelog available at https://hexdocs.pm/elixir/1.15.7/changelog.html
-- Add 0001-Use-PID-valid-for-32-bit-systems-closes-12741.patch:
-  * Fix build for 32bit
-- Add 0001-Use-PID-valid-for-32-bit-systems-followup-to-12741-1.patch:
-  * Fix build for 32bit
-
-- Add _multibuild to define 2nd spec file as additional flavor.
-  Eliminates the need for source package links in OBS.
-
-- Drop git as a requires and switch buildrequires from git to git-core
-  * Git is not needed to use Elixir, only to run some tests
-  (which git-core can accomplish on its own without git)
-
-- Elixir 1.14.2
-  * 1. Enhancements
-    Elixir
-    [Code] Add Code.eval_quoted_with_env/4 with support for the :prune_binding option
-    ExUnit
-    [ExUnit.Case] Allow test cases to not be registered on use
-    [ExUnit.DocTest] Include :doctest and :doctest_line as meta tags
-    [ExUnit.Formatter] Expose ExUnit.Formatter.format_assertion_diff/4
-    Mix
-    [Mix] Mix.install/2 accepts atoms as paths
-  * 2. Bug fixes
-    Elixir
-    [Code.Formatter] Fix size*unit shortcut in bitstring
-    [Kernel] Generate unique variables for macro expansion of defguard
-    [Protocol] Expand :for in protocols with the appropriate env
-    ExUnit
-    [ExUnit] Do not run duplicate cases on ExUnit.run/1
-    Mix
-    [mix test] Ensure proper error message when there is no test directory
-- Elixir 1.14.1
-  * 1. Enhancements
-    Elixir
-    [Kernel] Perform partial expansion of literals in module attributes
-    [Kernel] Do not add compile-time dependencies for literals as defaults in Application.compile_env/3 inside module attributes
-    [Macro] Add Macro.expand_literals/2 and Macro.expand_literals/3
-    [System] Add :close_stdin to System.shell/2
-    Mix
-    [mix test] Accept --all-warnings option
-  * 2. Bug fixes
-    Elixir
-    [Kernel] Fix misleading warning when :uniq is given in for comprehensions and the result is unused
-    [Kernel] Improve error message for when there is a conflicting struct and ignoring module conflict
-    [Kernel] Do not delete @enforce_keys attribute after defstruct declaration
-    [Kernel] Do not crash the checker on modules with missing :debug_info chunk
-    [Macro] Fix error in Macro.to_string/2 when converting an AST with :erlang.binary_to_atom/2
-    [String] Fix String.split/3 and String.next_grapheme/1 returning invalid results on invalid UTF-8 encoding
-    [System] Do not close stdin by default in System.shell/2
-    [URI] Do not return uri.port as :undefined in certain cases in URI.new/1
-    ExUnit
-    [ExUnit.DocTest] Do not crash when both :moduledoc and functions are specified in :only
-    IEx
-    [CLI] Fix invalid argument handling when --no-pry is given
-    Mix
-    [mix format] Do not cache inputs from .formatter.exs so they are properly re-evaluted on every call
-
-- Elixir 1.14
-  * 1. Enhancements
-    EEx
-    [EEx] Support multi-line comments to EEx via <%!-- --%>
-    [EEx] Add EEx.tokenize/2
-    Elixir
-    [Access] Add Access.slice/1
-    [Application] Add Application.compile_env/4 and Application.compile_env!/3 to read the compile-time environment inside macros
-    [Calendar] Support ISO8601 basic format parsing with DateTime.from_iso8601/2
-    [Calendar] Add day/hour/minute on add/diff across different calendar modules
-    [Code] Add :normalize_bitstring_modifiers to Code.format_string!/2
-    [Code] Emit deprecation and type warnings for invalid options in on Code.compile_string/2 and Code.compile_quoted/2
-    [Code] Warn if an outdated lexical tracker is given on eval
-    [Code] Add Code.env_for_eval/1 and Code.eval_quoted_with_env/3
-    [Code] Improve stacktraces from eval operations on Erlang/OTP 25+
-    [Code.Fragment] Add support for __MODULE__ in several functions
-    [Code.Fragment] Support surround and context suggestions across multiple lines
-    [Enum] Allow slicing with steps in Enum.slice/2
-    [File] Support dereference_symlinks: true in File.cp/3 and File.cp_r/3
-    [Float] Do not show floats in scientific notation if below 1.0e16 and the fractional value is precisely zero
-    [Float] Add Float.min_finite/0 and Float.max_finite/0
-    [Inspect] Improve error reporting when there is a faulty implementation of the Inspect protocol
-    [Inspect] Allow :optional when deriving the Inspect protocol for hiding fields that match their default value
-    [Inspect] Inspect struct fields in the order they are declared in defstruct
-    [Inspect] Use expression-based inspection for Date.Range, MapSet, and Version.Requirement
-    [IO] Support Macro.Env and keywords as stacktrace definitions in IO.warn/2
-    [IO] Add IO.ANSI.syntax_colors/0 and related configuration to be shared across IEx and dbg
-    [Kernel] Add new dbg/0-2 macro
-    [Kernel] Allow any guard expression as the size of a bitstring in a pattern match
-    [Kernel] Allow composite types with pins as the map key in a pattern match
-    [Kernel] Print escaped version of control chars when they show up as unexpected tokens
-    [Kernel] Warn on confusable non-ASCII identifiers
-    [Kernel] Add .. as a nullary operator that returns 0..-1//1
-    [Kernel] Implement Unicode Technical Standard #39 recommendations. In particular, we warn for confusable scripts and restrict identifiers to single-scripts or highly restrictive mixed-scripts
-    [Kernel] Automatically perform NFC conversion of identifiers
-    [Kernel] Add binary_slice/2 and binary_slice/3
-    [Kernel] Lazily expand module attributes to avoid compile-time deps
-    [Kernel] Automatically cascade generated: true annotations on macro expansion
-    [Keyword] Add Keyword.from_keys/2 and Keyword.replace_lazy/3
-    [List] Add List.keysort/3 with support for a sorter function
-    [Macro] Add Macro.classify_atom/1 and Macro.inspect_atom/2
-    [Macro] Add Macro.expand_literal/2 and Macro.path/2
-    [Macro.Env] Add Macro.Env.prune_compile_info/1
-    [Map] Add Map.from_keys/2 and Map.replace_lazy/3
-    [MapSet] Add MapSet.filter/2, MapSet.reject/2, and MapSet.symmetric_difference/2
-    [Node] Add Node.spawn_monitor/2 and Node.spawn_monitor/4
-    [Module] Support new @after_verify attribute for executing code whenever a module is verified
-    [PartitionSupervisor] Add PartitionSupervisor that starts multiple isolated partitions of the same child for scalability
-    [Path] Add Path.safe_relative/1 and Path.safe_relative_to/2
-    [Registry] Add Registry.count_select/2
-    [Stream] Add Stream.duplicate/2 and Stream.transform/5
-    [String] Support empty lookup lists in String.replace/3, String.split/3, and String.splitter/3
-    [String] Allow slicing with steps in String.slice/2
-    [Task] Add :zip_input_on_exit option to Task.async_stream/3
-    [Task] Store :mfa in the Task struct for reflection purposes
-    [URI] Add URI.append_query/2
-    [Version] Add Version.to_string/1
-    [Version] Colorize Version.Requirement source in the Inspect protocol
-    ExUnit
-    [ExUnit] Add ExUnit.Callbacks.start_link_supervised!/2
-    [ExUnit] Add ExUnit.run/1 to rerun test modules
-    [ExUnit] Colorize summary in yellow with message when all tests are excluded
-    [ExUnit] Display friendly error when test name is too long
-    IEx
-    [IEx] Evaluate --dot-iex line by line
-    [IEx] Add line-by-line evaluation of IEx breakpoints
-    [IEx.Autocomplete] Autocomplete bitstrings modifiers (after :: inside <<...>>)
-    [IEx.Helpers] Allow an atom to be given to pid/1
-    [IEx.Helpers] Support sigils in h/1
-    Logger
-    [Logger] Add Logger.put_process_level/2
-    Mix
-    [Mix] Add :config_path and :lockfile options to Mix.install/2
-    [mix compile] Add --no-optional-deps to skip optional dependencies to test compilation works without optional dependencies
-    [mix compile] Include column information on error diagnostics when possible
-    [mix deps] Mix.Dep.Converger now tells which deps formed a cycle
-    [mix do] Support --app option to restrict recursive tasks in umbrella projects
-    [mix do] Allow using + as a task separator instead of comma
-    [mix format] Support filename in mix format - when reading from stdin
-    [mix format] Compile if mix format plugins are missing
-    [mix new] Do not allow projects to be created with application names that conflict with multi-arg Erlang VM switches
-    [mix profile] Return the return value of the profiled function
-    [mix release] Make BEAM compression opt-in
-    [mix release] Let :runtime_config_path accept false to skip the config/runtime.exs
-    [mix test] Improve error message when suite fails due to coverage
-    [mix test] Support :test_elixirc_options and default to not generating docs nor debug info chunk for tests
-    [mix xref] Support --group flag in mix xref graph
-  * 2. Bug fixes
-    Elixir
-    [Calendar] Handle widths with "0" in them in Calendar.strftime/3
-    [CLI] Improve errors on incorrect --rpc-eval usage
-    [CLI] Return proper exit code on Windows
-    [Code] Do not emit warnings when formatting code
-    [Enum] Allow slices to overflow on both starting and ending positions
-    [Kernel] Do not allow restricted characters in identifiers according to UTS39
-    [Kernel] Define __exception__ field as true when expanding exceptions in typespecs
-    [Kernel] Warn if any of True, False, and Nil aliases are used
-    [Kernel] Warn on underived @derive attributes
-    [Kernel] Remove compile-time dependency from defimpl :for
-    [Kernel] Track all arities on imported functions
-    [Kernel] Fix equality in guards for dynamic ranges without steps
-    [Module] Fix loop while unifying type variables
-    [Protocol] Warn if a protocol has no definitions
-    [Regex] Show list options when inspecting a Regex manually defined with Regex.compile/2
-    [String] Allow slices to overflow on both starting and ending positions
-    [System] Raise non-generic exception on missing env in System.fetch_env!/1 to mirror map operations
-    ExUnit
-    [ExUnit] Do not crash when diffing unknown bindings in guards
-    [ExUnit] Properly print diffs when comparing improper lists with strings at the tail position
-    [ExUnit] Add short hash to tmp_dir in ExUnit to avoid test name collision
-    [ExUnit] Do not store logs in the CLI formatter (this reduces memory usage for suites with capture_log)
-    [ExUnit] Run ExUnit.after_suite/1 callback even when no tests run
-    [ExUnit] Fix scenario where setup with imported function from within describe failed to compile
-    IEx
-    [IEx] Disallow short-hand pipe after matches
-    [IEx] Fix exports/1 in IEx for long function names
-    Mix
-    [mix compile.elixir] Fix --warnings-as-errors when used with --all-warnings
-    [mix compile.elixir] Ensure semantic recompilation cascades to path dependencies
-    [mix compile.elixir] Lock the compiler to avoid concurrent usage
-    [mix format] Do not add new lines if the formatted file is empty
-    [mix format] Properly compile dependencies on mix format
-    [mix release] Only set RELEASE_MODE after env.{sh,bat} are executed
-    [mix release] Allow application mode configuration to cascade to dependencies
-    [mix xref] Do not emit already consolidated warnings during mix xref trace
-    [Mix] Do not start apps with runtime: false on Mix.install/2
-  * 3. Soft deprecations (no warnings emitted)
-    Elixir
-    [File] Passing a callback as third argument to File.cp/3 and File.cp_r/3 is deprecated.
-    Instead pass the callback the :on_conflict key of a keyword list
-    EEx
-    [EEx] Using <%# ... %> for comments is deprecated. Please use <% # ... %> or the new multi-line comments with <%!-- ... --%>
-    Logger
-    [Logger] Deprecate Logger.enable/1 and Logger.disable/1 in favor of Logger.put_process_level/2
-    Mix
-    [mix cmd] The --app option in mix cmd CMD is deprecated in favor of the more efficient mix do --app app cmd CMD
-  * 4. Hard deprecations
-    Elixir
-    [Application] Calling Application.get_env/3 and friends in the module body is now discouraged, use Application.compile_env/3 instead
-    [Bitwise] use Bitwise is deprecated, use import Bitwise instead
-    [Bitwise] ~~~ is deprecated in favor of bnot for clarity
-    [Kernel.ParallelCompiler] Returning a list or two-element tuple from :each_cycle is deprecated, return a {:compile | :runtime, modules, warnings} tuple instead
-    [Kernel] Deprecate the operator <|> to avoid ambiguity with upcoming extended numerical operators
-    [String] Deprecate passing a binary compiled pattern to String.starts_with?/2
-    Logger
-    [Logger] Deprecate $levelpad on message formatting
-    Mix
-    [Mix] Mix.Tasks.Xref.calls/1 is deprecated in favor of compilation tracers
-  * 5. Backwards incompatible changes
-    Mix
-    [mix local.rebar] Remove support for rebar2, which has not been updated in 5 years, and is no longer supported on recent Erlang/OTP versions
-
-- Elixir 1.13.4
-  * 1. Enhancements
-    Elixir
-    [Code] Allow iodata to be returned in sigil formatting functions
-    [Code] Pass opening delimiter information to sigil formatting functions
-  * 2. Bug fixes
-    Elixir
-    [Kernel] Tweak type unification to fix infinite loop with recursive vars
-    [Kernel] Add compile-time dependencies on require
-    [Registry] Make Registry send work with named triplets
-  * 3. Deprecations
-    Mix
-    [mix rebar] Deprecate Rebar 2 as it no longer works on Erlang/OTP 25
-
-- Elixir 1.13.3
-  * 1. Enhancements
-    Mix
-    [mix format] Supply file and line to formatter plugins
-    [mix format] Support embedded Elixir expressions inside formatter plugins
-  * 2. Bug fixes
-    Elixir
-    [Code] Fix duplicate bindings causing errors during evaluation
-    [Kernel] Make sure signatures stored in the Documentation chunk does not contain newlines
-    [Kernel] Fix infinite loop when compiling guards with recursive map access
-    [Macro] Fix error on Macro.to_string/1 when the plain alias Elixir is given
-    [String] Fix error for certain codepoint combinations in String.split_at/2
-    Mix
-    [mix compile] Recompile project files when exports from dependencies change
-    [mix test] Fix total coverage always showing in red even when above the threshold
-
-- Elixir 1.13.2
-  * 1. Enhancements
-    Mix
-    [mix format] Allow plugins to also format .ex and .exs files
-    [mix release] Allow bypassing application mode validation in release spec
-    [mix test] Print a message when the suite fails due to the coverage threshold
-  * 2. Bug fixes
-    Elixir
-    [Code] Do not emit warnings on Code.Fragment.container_cursor_to_quoted/2
-    [Kernel] Fix a crash when a for-comprehension with :uniq was used inside another comprehension with :uniq
-    [Kernel] Ensure env.context_modules is properly set inside optimized defmodule
-    [Keyword] Deprecate the recently added Keyword.map/2 as it is equivalent to Keyword.new/2
-    [Map] Deprecate the recently added Map.map/2 as it is equivalent to Map.new/2
-    [Protocol] Warn on zero arity callbacks inside protocols
-
-- Elixir 1.13.1
-  * 1. Bug fixes
-    Elixir
-    [Code] Do not show code snippets in `SyntaxError` and `TokenMissingError` if line is empty
-    [Exception] Do not fail blaming `ArgumentError` for improper lists on `apply/3`
-    [Macro] Set a max `line_length` for `Macro.to_string/1`
-    [Macro] Fix formatting of lists on module attributes for `Macro.to_string/1`
-    [String] Fix incorrect codepoint byte counting in `slice` with negative positions in ranges
-    [Task] Ensure async streams can be consumed from another process than the one that creates them
-    [URI] Undeprecate `URI.parse/1` as `URI.new/1` is too strict in many common cases
-    [URI] Make sure `URI.new/1` returns nil for empty paths
-    IEx
-    [IEx] Make sure the `--version` flag halts IEx
-    Mix
-    [Mix] Make protocol consolidation part of the `Mix.install/2` cache
-
-- Elixir 1.13.0
-  * Enhancements
-    EEx
-    [EEx] Add `:parser_options` to EEx functions
-    Elixir
-    [Calendar] Add `c:Calendar.year_of_era/3` to support calendars where the beginning of a new era does not align with
-    the beginning of a new year
-    [CLI] Support `--short-version` on the CLI that does not boot the VM
-    [Code] Add `Code.string_to_quoted_with_comments/2` and `Code.quoted_to_algebra/2`
-    [Code] Add more `:token_metadata` to aliases and remote calls when parsing strings
-    [Code] Add `Code.Fragment` module to provide best-effort information from code fragments.
-    The module currently provides an updated `Code.Fragment.cursor_context/2` with operator support and
-    `Code.Fragment.surround_context/2` which looks at a given position in a fragment and find its surrounding delimiters
-    [Code] Allow custom sigil formatting on `Code.format_string!/2`
-    [Code] Add `{:on_module, bytecode, :none}` trace to compilation tracers
-    [Enum] Optimize `Enum.concat/1` for lists of lists
-    [Enum] Add `Enum.slide/3`
-    [Exception] Better format Elixir exceptions in Erlang
-    [Inspect] Allow default inspect fun to be set globally with `Inspect.Opts.default_inspect_fun/1`
-    [IO] Allow `:eof` to be given as limit to `IO.getn/2`
-    [Kernel] Support the `:sigils` option in `import Mod, only: :sigils` and allow the sigil modifiers to be also digits
-    [Kernel] Make `get_in` consistently abort and return `nil` when `nil` values are found (previously Elixir would raise
-    an error in this case). This allows a user to use `get_in` as a safe navigation operator.
-    [Kernel] Improve compilation times by reducing the amount of copies of the AST across compiler processes
-    [Kernel] Raise if trying to define a module with a slash in its name
-    [Kernel] Warn when `?\` is used and there is no need for a escape character
-    [Kernel] Track structs in typespecs as export deps instead of compile-time deps
-    [Kernel] Add power operator (`**/2`)
-    [Keyword] Add `Keyword.validate/2`
-    [Keyword] Implement `Keyword.filter/2` and `Keyword.map/2`
-    [List] Add `List.keyfind!/3`
-    [Macro] Add `Macro.prewalker/1` and `Macro.postwalker/1`
-    [Macro.Env] Add the following reflection functions: `required?/2`, `lookup_import/2`, `fetch_alias/2`, and `fetch_macro_alias/2`
-    [Map] Implement `Map.filter/2` and `Map.map/2`
-    [Module] Support `:nillify_clauses` in `Module.get_definition/3`
-    [Module] Add `Module.attributes_in/1` and `Module.overridables_in/1`
-    [OptionParser] Add "did you mean?" suggestions to `OptionParser.ParseError` messages
-    [Record] Add record reflection via `@__records__`
-    [Task] Add `Task.completed/1`
-    [Task] Add `Task.ignore/1` to keep a task running but ignoring all of its results
-    [Task] Reduce the amount of copying `Task.async*` functions
-    [URI] Add `URI.new/1` and `URI.new!/1`
-    ExUnit
-    [ExUnit] Show hint if comparing different but equivalent strings
-    [ExUnit.CaptureIO] Add `with_io/3` to return result with captured io
-    [ExUnit.CaptureLog] Add `with_log/2` to return result with captured logs
-    IEx
-    [IEx.Autocomplete] Add path autocompletion whenever when the cursor follows `"./` or `"/` or `"DRIVER:` where
-    `DRIVER` is a single letter
-    [IEx.Autocomplete] Add autocompletion for sigils, struct names, and struct fields
-    [IEx.Helpers] Allow multiple modules to be given to `r/1`
-    Logger
-    [Logger] Add `Logger.put_application_level/2`
-    [Logger] Print all log levels in accordance to Erlang/OTP. This also means `[warn]` is now shown as `[warning]`
-    Mix
-    [Mix] Add `MIX_INSTALL_FORCE` environment variable support
-    [Mix] Support `:config` and `:system_env` in `Mix.install/2`
-    [Mix] Add `Mix.installed?/0`
-    [Mix.Shell] Add `:default` option to `Mix.Shell.yes?`
-    [mix archive.install] Run `loadconfig` before building archive
-    [mix compile] Move Elixir version check to before deps are compiled, in order to give feedback earlier
-    [mix compile.elixir] Do not recompile files if their modification time change but their contents are still the same and the .beam files are still on disk
-    [mix compile.elixir] Do not recompile all Elixir sources when Erlang modules change, only dependent ones
-    [mix compile.elixir] Do not recompile Elixir files if `mix.exs` changes, instead recompile only files using `Mix.Project` or trigger a recompilation if a compiler option changes
-    [mix compile.elixir] Only recompile needed files when a dependency is added, updated or removed
-    [mix compile.elixir] Only recompile needed files when a dependency is configured
-    [mix deps] Add `:subdir` option to git deps
-    [mix escript.install] Run `loadconfig` before building escript
-    [mix format] Support `:plugins` in `mix format` that can hook into custom extensions and sigils
-    [mix format] Add `Mix.Tasks.Format.formatter_for_file/2`
-    [mix local.rebar] No longer support `sub_dirs` in Rebar 2 to help migration towards Rebar 3
-    [mix local.rebar] Support `--if-missing` option when installing Rebar
-    [mix local.rebar] Set `REBAR_PROFILE=prod` when compiling Rebar dependencies
-    [mix test] Support `--profile-require=time` to profile the time loading test files themselves
-    [mix test] Allow filtering modules from coverage using regex
-    [mix test] Allow the exit status of ExUnit to be configured and set the default to 2
-    [mix test] Exit with a status of 3 when coverage falls below threshold
-    [mix test] Write failed manifest when suite fails due to --warnings-as-errors
-    [mix test] Ignore `MIX_TEST_PARTITION` when partitions set to 1
-    [mix xref] Support multiple sinks and sources in `mix xref graph`
-    [mix xref] Add `trace` subcommand to print compilation dependencies between files
-    [mix xref] Add `--fail-above` option to `mix xref`
-    [mix xref] Add `--label compile-connected` to `mix xref`
-  * 2. Bug fixes
-    EEx
-    [EEx] Accept comments in EEx between do and the first clause
-    [EEx] Accept EEx expressions where `->` is followed by newline
-    Elixir
-    [Application] Allow any expression as first argument of `compile_env`
-    [Application] Warn if `Application.compile_env` or `Application.compile_env!` are called without a require
-    [Code] Make sure `:static_atoms_encoder` in `Code.string_to_quoted/2` also applies to quoted keyword keys
-    [Code] Ensure bindings with no context are returned as atoms instead of `{binding, nil}` in eval operations
-    [Inspect] Fix a bug when inspecting a non-binary bitstring with colors
-    [Kernel] Reject bidirectional formatting characters in strings and comments
-    [Kernel] Support escaping of terminators in uppercase sigils heredocs for consistency
-    [Kernel] Raise if `__CALLER__` or `__ENV__` or `__STACKTRACE__` are used in match
-    [Kernel] Improve error message on invalid argument for `byte_size` from binary concat
-    [Kernel] Raise when aliasing non-Elixir modules without `:as`
-    [Kernel] Allow `unquote_splicing` inside `%{...}` without parens
-    [Kernel] Ensure that waiting on a struct expansion inside a typespec is correctly tracked as waiting time in the compiler
-    [Kernel] Correctly parse the atom `.` as a keyword list key
-    [Kernel] Do not leak variables from the first generator in `with` and `for` special forms
-    [Kernel] Fix column number on strings with NFD characters
-    [Kernel] Fix a bug where a combination of dynamic line in `quote` with `unquote` of remote calls would emit invalid AST metadata
-    [OptionParser] Validate switch types/modifiers early on to give more precise feedback
-    [Protocol] Add `defdelegate` to the list of unallowed macros inside protocols as protocols do not allow function definitions
-    [Protocol] Warn if `@callback`, `@macrocallback` and `@optional_callbacks` are defined inside protocol
-    [Protocol] Ensure protocol metadata is deterministic on consolidation
-    [Range] Always show step when range is descending
-    [String] Update Unicode database to version 14.0
-    [URI] Only percent decode if followed by hex digits (according to https://url.spec.whatwg.org/#percent-decode)
-    [Version] Ensure proper precedence of `and`/`or` in version requirements
-    ExUnit
-    [ExUnit] Fix formatter and counters from `ExUnit.run/0` to consider all tests in a module whenever if a module's `setup_all` fails
-    [ExUnit] Allow doctests newlines to be terminated by CRLF
-    IEx
-    [IEx] Fix the loss of `.iex.exs` context after a pry session
-    [IEx] Stop evaluator before exiting IEx server to avoid evaluators leaking
-    Logger
-    [Logger] Raise clear error message for invalid `:compile_time_purge_matching` configuration
-    [Logger] Fix a bug where Logger would not reset its discard counter under some scenarios
-    Mix
-    [mix compile.elixir] Track transitive runtime dependencies coming from local/path dependencies
-    [mix compile.elixir] Recompile file if `@external_resource` is deleted
-    [mix compile.elixir] Print number of compiling files on all compiler cycles. This will make the `Compiling N files (.ex)` show up multiple times if necessary
-    [mix deps] Raise if local dep is unavailable while compiling
-    [mix deps.unlock] Fix blank output when unlocking a dependency that is not locked
-    [mix local.install] Do not respect `MIX_DEPS_PATH` for install commands
-    [mix release] Improve release scripts by making sure shell errors cascade (this is done by avoiding exporting and defining variables in a single step)
-    [mix release] Do not boot release if `RELEASE_COOKIE` is empty
-    [mix release] Allow releases running as a daemon to be restarted
-    [mix release] Raise proper error message when non-serializable values are in configs
-    [mix test] Fix coverage engine to also tag `case`, `cond`, and `receive` branches where the right side is a literal
-  * 3. Soft-deprecations (no warnings emitted)
-    Elixir
-    [Code] Environment options in `Code.eval_quoted/3` and `Code.eval_string/3`, such as `:aliases` and `:tracers`, have been deprecated in favor of passing an environment
-    [IO] `:all` on `IO.getn` is deprecated in favor of `:eof`
-    [URI] `URI.parse/1` is deprecated in favor of `URI.new/1` and `URI.new!/1`
-    Mix
-    [mix format] `Mix.Tasks.Format.formatter_opts_for_file/2` is deprecated in favor of `Mix.Tasks.Format.formatter_for_file/2`
-  * 4. Hard-deprecations
-    Elixir
-    [Code] `Code.cursor_context/2` is deprecated, use `Code.Fragment.cursor_context/2` instead
-    [Macro] `Macro.to_string/2` is deprecated, use `Macro.to_string/1` instead
-    [System] `System.get_pid/0` is deprecated, use `System.pid/0` instead
-    [Version] Using `!` or `!=` in version requirements is deprecated, use `~>` or `>=` instead
-    Mix
-    [mix escript.build] `:strip_beam` option is deprecated in favor of `:strip_beams`
-    [Mix] `:exit_code` in `Mix.raise/2` has been deprecated in favor of `:exit_status`
-    [Mix.Config] `Mix.Config` is deprecated in favor of `Config` module
-  Full release notes: https://github.com/elixir-lang/elixir/releases/tag/v1.13.0
-  - Drop 0001-Add-retries-to-tests-that-write-to-stderr-on-Windows.patch:
-  upstreamed
-
-- Add 0001-Add-retries-to-tests-that-write-to-stderr-on-Windows.patch:
-  fix build for Factory
-
-- Elixir 1.12.3
-  * Bug fixes
-    Elixir
-    [Code] Make sure that bindings in the default context returned by `Code.eval_*` functions are not returned as tagged tuples
-    [Kernel] Do not crash when handling ambiguity errors
-    [Range] Still match on old range patterns throughout the stdlib
-    IEx
-    [IEx.Autocomplete] Do not error autocompletion with module attribute
-    Mix
-    [Mix] Rename inconsistent `:exit_code` option to `:exit_status` on `Mix.raise/2`
-
-- Elixir 1.12.2
-  * Bug fixes
-    Elixir
-    [Kernel] Ensure deprecated macros emit warnings
-    Mix
-    [mix deps] Ensure unconstrained rebar deps generate valid mix specifications
-  * Enhancements
-    Elixir
-    [elixirc] Change the output of `--profile time` to make it easier to detect outliers
-    [Application] Do not add compile time deps on args to `Application.compile_env/2` and `Application.compile_env!/2`
-    [Enum] Optimize `Enum.into/3` and `Map.new/2`
-    Mix
-    [mix compile] Compile most recently changed files first
-    [mix compile, mix run, mix test] Speed up the time taken to load dependencies. This should make the usage of Mix inside projects quite more responsive
-
-- Elixir 1.12.1
-  * Bug fixes
-    Elixir
-    [Code] Make sure `Code.format_string!/2` formats multiline expression inside interpolation on the first run
-    [Macro] Revert keeping of underscores between digits in camelize
-    Mix
-    [Mix] Make sure `Mix.install/2` expand paths for deps
-    [mix deps.get] Silence false positives on `httpc` warnings
-    [mix test] Do not run the whole suite when there are no --failed tests as it won't behave as expected inside umbrellas
-
-- Elixir 1.12
-  * Enhancements
-    EEx
-    [EEx.Engine] Add `c:EEx.Engine.handle_text/3` callback that receives text metadata
-    [EEx.Engine] Emit warnings for unused "do" expression in EEx
-    Elixir
-    [Code] Add `Code.cursor_context/2` to return the context of a code snippet
-    [Code] Do not add newlines around interpolation on code formatting.
-    Note this means formatted code that has interpolation after the line length on Elixir v1.12 won't be considered as formatted on earlier Elixir versions
-    [Code] Do not add brackets when keywords is used in the access syntax
-    [Calendar] Support basic datetime format in `Calendar.ISO` parsing functions
-    [Code] Improve evaluation performance on systems running on Erlang/OTP 24+
-    [Date] Support steps via `Date.range/3`
-    [DateTime] Add `offset` to `DateTime.to_iso8601/2` (now `to_iso8601/3`)
-    [Enum] Add `Enum.count_until/2` and `Enum.count_until/3`
-    [Enum] Add `Enum.product/1`
-    [Enum] Add `Enum.zip_with/2`, `Enum.zip_with/3`, `Enum.zip_reduce/3`, and `Enum.zip_reduce/4`
-    [Enum] Add support for functions as the second argument of `Enum.with_index/2`
-    [Exception] Show `error_info` data for exceptions coming from Erlang
-    [Float] Add `Float.pow/2`
-    [Integer] Add `Integer.pow/2` and `Integer.extended_gcd/2`
-    [IO] Add `IO.stream/0` and `IO.binstream/0` which default to STDIO with line orientation
-    [List] Add default value for `List.first/1` and `List.last/1`
-    [Kernel] Add `first..last//step` as support for stepped ranges
-    [Kernel] Also warn for literal structs on `min/2` and `max/2`
-    [Kernel] Add `Kernel.tap/2` and `Kernel.then/2`
-    [Kernel] Do not add runtime dependencies to remotes in typespecs
-    [Kernel] When there is an unused variable warning and there is a variable with the same name previously defined, suggest the user may have wanted to use the pin operator
-    [Kernel] Improve error messages on invalid character right after a number
-    [Kernel] Show removal and deprecated tips from Erlang/OTP
-    [Macro] Add export dependencies on `Macro.struct!/2`
-    [Macro] Support `:newline` to customize newlines escaping in `Macro.unescape_string/2`
-    [Module] Raise on invalid `@dialyzer` attributes
-    [Module] Add `Module.get_definition/2` and `Module.delete_definition/2`
-    [Module] Allow `@on_load` to be a private function
-    [Module] Validate `@dialyzer` related module attributes
-    [Module] Add `Module.reserved_attributes/0` to list all reserved attributes by the language
-    [Range] Add `Range.new/3` and `Range.size/1`
-    [Regex] Add offset option to `Regex.scan/3` and `Regex.run/3`
-    [Registry] Support `:compression` on `Registry` tables
-    [Registry] Support `Registry.values/3` for reading values under a given key-pid pair
-    [Stream] Add `Stream.zip_with/2` and `Stream.zip_with/3`
-    [String] Add `:turkic` mode option to String case functions
-    [String] Update to Unicode 13.0
-    [System] Add `System.trap_signal/3` and `System.untrap_signal/2`
-    [System] Add `System.shell/2` to invoke a command that is interpreted by the shell
-    [Tuple] Add `Tuple.sum/1` and `Tuple.product/1`
-    [URI] Support RFC3986 compliant encoding and decoding of queries via the `:rfc3986` option
-    ExUnit
-    [ExUnit] Intercept SIGQUIT (via Ctrl+\\) and show a list of all aborted tests as well as intermediate test results
-    [ExUnit] Interpolate module attributes in match assertions diffs
-    [ExUnit] Print how much time is spent on `async` vs `sync` tests
-    [ExUnit] Improve error messages for doctests
-    [ExUnit] Compile doctests faster (often by two times)
-    [ExUnit] Add `ExUnit.async_run/0` and `ExUnit.await_run/1`
-    IEx
-    [IEx] Make IEx' parser configurable to allow special commands
-    [IEx] Show function signature when pressing tab after the opening parens of a function
-    [IEx] If an IEx expression starts with a binary operator, such as `|>`, automatically pipe in the result of the last expression
-    Mix
-    [Mix] Add `Mix.install/2` for dynamically installing a list of dependencies
-    [Mix] Support `:exit_code` option in `Mix.raise/2`
-    [Mix] Discard `MIX_ENV` and `MIX_TARGET` values if they are empty strings
-    [Mix] Print the time taken to execute a task with on `MIX_DEBUG=1`
-    [mix compile.erlang] Compile multiple files in parallel
-    [mix escript.build] Deep merge configuration and ensure argv is set when executing `config/runtime.exs`
-    [mix release] Add `RELEASE_PROG` to releases with the name of the executable starting the release
-    [mix release] Support `remote.vm.args` to customize how the connecting VM boots
-    [mix test] Run all available tests if there are no pending `--failed` tests. This provides a better workflow as you no longer need to toggle the `--failed` flag between runs
-  * Bug fixes
-    Elixir
-    [CLI] Ensure `-e ""` (with an empty string) parses correctly on Windows
-    [Inspect] Do not override user supplied `:limit` option for derived implementations
-    [Kernel] Allow heredoc inside a heredoc interpolation
-    [Kernel] Preserve CRLF on heredocs
-    [Kernel] Public functions without documentation now appear as an empty map on `Code.fetch_docs/1`,
-    unless they start with underscore, where they remain as `:none`. This aligns Elixir's implementation with EEP48
-    [Kernel] Do not crash when complex literals (binaries and maps) are used in guards
-    [Kernel] Properly parse keywords (such as `end`) followed by the `::` operator
-    [Kernel] Do not ignore unimplemented signatures from generated functions
-    [Kernel] Improve error message when an expression follows a keyword list without brackets
-    [Macro] `Macro.decompose_call/1` now also consider tuples with more than 2 elements to not be valid calls
-    [Macro] Fix `Macro.to_string/1` double-escaping of escape characters in sigils
-    [Macro] Fix `Macro.underscore/1` on digits preceded by capitals: "FOO10" now becomes "foo10" instead of "fo_o10"
-    [Macro] Preserve underscores between digits on `Macro.underscore/1`
-    [OptionParser] Properly parse when numbers follow-up aliases, for example, `-ab3` is now parsed as `-a -b 3`
-    [Path] Fix `Path.relative_to/2` when referencing self
-    [Path] Do not crash when a volume is given to `Path.absname/1`, such as "c:"
-    [Task] Ensure `Task.async_stream/2` with `ordered: false` discard results as they are emitted, instead of needlessly accumulating inside the stream manager
-    [Task] Raise if `:max_concurrency` is set to 0 on streaming operations
-    [URI] Do not discard empty paths on `URI.merge/2`
-    ExUnit
-    [ExUnit.Case] Make `@tag tmp_dir` an absolute directory, avoiding inconsistencies if the test changes the current working directory
-    [ExUnit.Diff] Fix cases where the diffing algorithm would fail to print a pattern correct
-    IEx
-    [IEx] Fix auto-completion inside remote shells
-    Mix
-    [mix app.config] Do not emit false positive warnings when configured dependencies that have `runtime: false` set
-    [mix compile.elixir] Ensure that a manifest is generated even with no source code
-    [mix compile.elixir] Make sure export dependencies trigger recompilation when the dependency is removed as well as when the whole file is removed
-    [mix compile.elixir] Do not emit false positive warnings when a path dependency adds a module that is then used by the current application in the same `mix compile` cycle
-    [mix test] Ensure protocols within the current project are consolidated when `--cover` is given
-    [mix release] Improve compliance of release scripts with stripped down Linux installations
-    [mix release] Preserve file mode when copying non-beam ebin files
-    [mix xref] Ensure args are passed to the underlying `mix compile` call
-  * Soft-deprecations (no warnings emitted)
-    Elixir
-    [Kernel] Using `first..last` to match on ranges is soft-deprecated and will warn on future Elixir versions. Use `first..last//step` instead
-    [Kernel] Using `first..last` to create decreasing ranges is soft-deprecated and will warn on future versions. Use `first..last//-1` instead
-  * Hard-deprecations
-    EEx
-    [EEx.Engine] `use EEx.Engine` is deprecated in favor of explicit delegation
-    Elixir
-    [Kernel] The binary operator `^^^` is deprecated. If you are using `Bitwise.^^^/2`, use `Bitwise.bxor/2` instead
-    [Kernel] Deprecate `@foo()` in favor of `@foo`
-    [System] Deprecate `System.stacktrace/0` (it was already deprecated outside of catch/rescue and now it is deprecated everywhere)
-    Mix
-    [mix compile] The `:xref` compiler is deprecated and it has no effect. Please remove it from your mix.exs file.
-    Full release notes: https://github.com/elixir-lang/elixir/releases/tag/v1.12.0
-
-- Elixir 1.11.4
-  * Enhancements
-    Elixir
-    [Kernel] Update formatting when printing warnings and errors from Erlang/OTP 24+
-    [Kernel] Support float-16 on bitstrings
-    Mix
-    [mix local.rebar] This task will now install rebar3 version 3.14.4, compiled with Erlang/OTP 21
-
-    Elixir
-    [Macro] Add Macro.unique_var/2 and Macro.generate_unique_arguments/2
+  Elixir
+  [Macro] Add Macro.unique_var/2 and Macro.generate_unique_arguments/2
-    Elixir
-    [Code] Do not raise when checking for operator ambiguity when :static_atoms_encoder is set in Code.string_to_quoted
-    [Kernel] Emit undefined function warnings from with
-    [Kernel] Do not fail type checking when literals are used in guards
-    [Module] Do not warn for attributes used in @after_compile
-    [Record] Make sure nested record names do not clobber each other
-    ExUnit
-    [ExUnit.Assertions] Do not crash if there are macros and module attributes on the left side of ++
-    IEx
-    [IEx.Helpers] Do not use Unicode chars if ANSI is disabled
-    Mix
-    [mix deps.compile] Fix compatibility with rebar v3.14
-    [mix release] Do not use private ram_file:compress/1
-    [mix xref] Do not crash when retrieving calls for modules in memory
+  Elixir
+  [Code] Do not raise when checking for operator ambiguity when :static_atoms_encoder is set in Code.string_to_quoted
+  [Kernel] Emit undefined function warnings from with
+  [Kernel] Do not fail type checking when literals are used in guards
+  [Module] Do not warn for attributes used in @after_compile
+  [Record] Make sure nested record names do not clobber each other
+  ExUnit
+  [ExUnit.Assertions] Do not crash if there are macros and module attributes on the left side of ++
+  IEx
+  [IEx.Helpers] Do not use Unicode chars if ANSI is disabled
+  Mix
+  [mix deps.compile] Fix compatibility with rebar v3.14
+  [mix release] Do not use private ram_file:compress/1
+  [mix xref] Do not crash when retrieving calls for modules in memory
-    Elixir
-    [Code] Do not crash when getting docs for missing `erts` appdir
-    [Kernel] Raise meaningful error if `:erlang.is_record` is used in guards
-    [Kernel] Prune tracers when fetching `__ENV__` inside functions
-    Mix
-    [mix] Fix regression where aliases could not call themselves recursively
-    [mix compile] Do not discard tracers that are set programatically
+  Elixir
+  [Code] Do not crash when getting docs for missing `erts` appdir
+  [Kernel] Raise meaningful error if `:erlang.is_record` is used in guards
+  [Kernel] Prune tracers when fetching `__ENV__` inside functions
+  Mix
+  [mix] Fix regression where aliases could not call themselves recursively
+  [mix compile] Do not discard tracers that are set programatically
-    Elixir
-    [Code] Ignore tracers if lexical tracker is dead or explicitly nil when evaling code with an environment
-    [GenServer] Do not show warning when using `super` in `GenServer.child_spec/1`
-    [Kernel] Do not crash when :reduce is set to `nil` in comprehensions
-    [Kernel] Fix a scenario where undefined function warnings were not being emitted
-    IEx
-    [IEx.Helpers] Properly handle tags inside typespec when showing Erlang docs
-    Logger
-    [Logger] Do not deadlock Logger if handler crashes on sync mode
-    Mix
-    [Mix] Add inet6 fallback to Mix usage of httpc
-    [mix compile.app] Do not list apps that do not match the current target
+  Elixir
+  [Code] Ignore tracers if lexical tracker is dead or explicitly nil when evaling code with an environment
+  [GenServer] Do not show warning when using `super` in `GenServer.child_spec/1`
+  [Kernel] Do not crash when :reduce is set to `nil` in comprehensions
+  [Kernel] Fix a scenario where undefined function warnings were not being emitted
+  IEx
+  [IEx.Helpers] Properly handle tags inside typespec when showing Erlang docs
+  Logger
+  [Logger] Do not deadlock Logger if handler crashes on sync mode
+  Mix
+  [Mix] Add inet6 fallback to Mix usage of httpc
+  [mix compile.app] Do not list apps that do not match the current target
-    EEx
-    [EEx] Track column information in EEx templates when enabled in the compiler
-    [EEx] Show column information in EEx error messages
-    [EEx] Support `:indentation` option when compiling EEx templates for proper column tracking
-    Elixir
-    [Access] Add `Access.at!/1`
-    [Calendar] Add `Calendar.strftime/3` for datetime formatting
-    [Calendar] Add linear integer representations to Calendar modules:
+  EEx
+  [EEx] Track column information in EEx templates when enabled in the compiler
+  [EEx] Show column information in EEx error messages
+  [EEx] Support `:indentation` option when compiling EEx templates for proper column tracking
+  Elixir
+  [Access] Add `Access.at!/1`
+  [Calendar] Add `Calendar.strftime/3` for datetime formatting
+  [Calendar] Add linear integer representations to Calendar modules:
-    [Calendar] Add `new!` to Date/Time/NaiveDateTime/DateTime (`new` has also been added to `DateTime` for completeness)
-    [Calendar] Support custom starting day of the week in `Date.day_of_week/2`
-    [Calendar] Add `Date.beginning_of_month/1` and `Date.end_of_month/1`
-    [Calendar] Add `Date.beginning_of_week/2` and `Date.end_of_week/2`
-    [Code] Add `:column` to `Code.string_to_quoted*/2`
-    [Code] Add `Code.can_await_module_compilation?/0` to check if the parallel compiler is enabled
+  [Calendar] Add `new!` to Date/Time/NaiveDateTime/DateTime (`new` has also been added to `DateTime` for completeness)
+  [Calendar] Support custom starting day of the week in `Date.day_of_week/2`
+  [Calendar] Add `Date.beginning_of_month/1` and `Date.end_of_month/1`
+  [Calendar] Add `Date.beginning_of_week/2` and `Date.end_of_week/2`
+  [Code] Add `:column` to `Code.string_to_quoted*/2`
+  [Code] Add `Code.can_await_module_compilation?/0` to check if the parallel compiler is enabled
-    [Config] Support `config_env/0` and `config_target/0` in `config` files
-    [Config] Allow `import_config` to be disabled for some configuration files
-    [Enum] Allow a sorting function on `Enum.min_max_by/3,4`, including the new `compare/2` conventions
-    [Kernel] Add `is_struct/2` guard
-    [Kernel] Add `is_exception/1` and `is_exception/2` guards
-    [Kernel] Support `map.field` syntax in guards
-    [Kernel] Add `+++` and `---` with right associativity to the list of custom operators
-    [Kernel] Warn if a variable that looks like a compiler variable (such as `__MODULE__`) is unused
-    [Kernel.ParallelCompiler] Report individual file compilation times when `profile: :time` is given
-    [Kernel.ParallelCompiler] Improve precision of `:long_compilation_threshold` so it takes only compilation times into
+  [Config] Support `config_env/0` and `config_target/0` in `config` files
+  [Config] Allow `import_config` to be disabled for some configuration files
+  [Enum] Allow a sorting function on `Enum.min_max_by/3,4`, including the new `compare/2` conventions
+  [Kernel] Add `is_struct/2` guard
+  [Kernel] Add `is_exception/1` and `is_exception/2` guards
+  [Kernel] Support `map.field` syntax in guards
+  [Kernel] Add `+++` and `---` with right associativity to the list of custom operators
+  [Kernel] Warn if a variable that looks like a compiler variable (such as `__MODULE__`) is unused
+  [Kernel.ParallelCompiler] Report individual file compilation times when `profile: :time` is given
+  [Kernel.ParallelCompiler] Improve precision of `:long_compilation_threshold` so it takes only compilation times into
-    [Registry] Add `Registry.delete_meta/2`
-    [Task] Add `Task.await_many/2`
-    ExUnit
-    [ExUnit] Add support for coloring on Windows 10 consoles/shells
-    [ExUnit] Add `ExUnit.fetch_test_supervisor/0`
-    [ExUnit] Add `@tag :tmp_dir` support to ExUnit. The temporary directory is automatically created and pruned before each test
-    [ExUnit] Add file and line to ExUnit's `--trace`
-    [ExUnit.Assertion] Allow receive timeouts to be computed at runtime
-    [ExUnit.Case] Add `register_test/6` to speed up compilation of custom tests
-    [ExUnit.Doctest] Allow users to add tags to doctests
-    IEx
-    [IEx] Add support for coloring on Windows 10 consoles/shells
-    [IEx.Helpers] Show docs from Erlang modules that have been compiled with the docs chunk
-    Logger
-    [Logger] Add `notice`, `critical`, `alert`, and `emergency` log levels
-    [Logger] Support structured logging by logging maps or keyword lists
-    [Logger] Allow level to be set per module with `Logger.put_module_level/2`
-    [Logger] Include `erl_level` in Logger's metadata
-    Mix
-    [mix] Add `MIX_BUILD_ROOT` to config `_build` dir
-    [mix] Introduce `MIX_XDG` as a simpler mechanism to opt-in to the XDG specification
-    [mix] Allow requirements for a Mix task to be listed via the `@requirements` module attribute
-    [mix] Allow optional dependencies to be defined in `:extra_applications` and `:applications`
-    [mix app.config] Add new `mix app.config` task that compiles applications and loads runtime configuration
-    [mix archive.install] Support `--repo` option on Hex packages
-    [mix compile] Support the `__mix_recompile__?/0` callback for custom behaviour on when Mix should recompile a given
+  [Registry] Add `Registry.delete_meta/2`
+  [Task] Add `Task.await_many/2`
+  ExUnit
+  [ExUnit] Add support for coloring on Windows 10 consoles/shells
+  [ExUnit] Add `ExUnit.fetch_test_supervisor/0`
+  [ExUnit] Add `@tag :tmp_dir` support to ExUnit. The temporary directory is automatically created and pruned before each test
+  [ExUnit] Add file and line to ExUnit's `--trace`
+  [ExUnit.Assertion] Allow receive timeouts to be computed at runtime
+  [ExUnit.Case] Add `register_test/6` to speed up compilation of custom tests
+  [ExUnit.Doctest] Allow users to add tags to doctests
+  IEx
+  [IEx] Add support for coloring on Windows 10 consoles/shells
+  [IEx.Helpers] Show docs from Erlang modules that have been compiled with the docs chunk
+  Logger
+  [Logger] Add `notice`, `critical`, `alert`, and `emergency` log levels
+  [Logger] Support structured logging by logging maps or keyword lists
+  [Logger] Allow level to be set per module with `Logger.put_module_level/2`
+  [Logger] Include `erl_level` in Logger's metadata
+  Mix
+  [mix] Add `MIX_BUILD_ROOT` to config `_build` dir
+  [mix] Introduce `MIX_XDG` as a simpler mechanism to opt-in to the XDG specification
+  [mix] Allow requirements for a Mix task to be listed via the `@requirements` module attribute
+  [mix] Allow optional dependencies to be defined in `:extra_applications` and `:applications`
+  [mix app.config] Add new `mix app.config` task that compiles applications and loads runtime configuration
+  [mix archive.install] Support `--repo` option on Hex packages
+  [mix compile] Support the `__mix_recompile__?/0` callback for custom behaviour on when Mix should recompile a given
-    [mix compile.elixir] Mark modules for path dependencies as "Export dependencies" if they changed but their public
+  [mix compile.elixir] Mark modules for path dependencies as "Export dependencies" if they changed but their public
-    [mix compile.elixir] Track application boundaries in the Elixir compiler.
+  [mix compile.elixir] Track application boundaries in the Elixir compiler.
-    [mix deps] Sort the dependencies alphabetically before printing
-    [mix deps] Use `origin/HEAD` as the default Git ref in dependencies
-    [mix deps] Redact Git `username`/`password` in output log
-    [mix deps] Support rebar3's `git_subdir` resource type
-    [mix deps.compile] Allow local deps to be skipped on `mix deps.compile`
-    {mix deps.unlock] Print which dependencies get unlocked when using the `--unused` flag
-    [mix escript.install] Support `--repo` option on Hex packages
-    [mix new] Add `@impl` to application generated by `mix new --sup`
-    [mix release] Enable overriding `sys.config` location via `RELEASE_SYS_CONFIG` env var
-    [mix release] Boot a release under configuration in interactive mode and then swap to embedded mode
+  [mix deps] Sort the dependencies alphabetically before printing
+  [mix deps] Use `origin/HEAD` as the default Git ref in dependencies
+  [mix deps] Redact Git `username`/`password` in output log
+  [mix deps] Support rebar3's `git_subdir` resource type
+  [mix deps.compile] Allow local deps to be skipped on `mix deps.compile`
+  {mix deps.unlock] Print which dependencies get unlocked when using the `--unused` flag
+  [mix escript.install] Support `--repo` option on Hex packages
+  [mix new] Add `@impl` to application generated by `mix new --sup`
+  [mix release] Enable overriding `sys.config` location via `RELEASE_SYS_CONFIG` env var
+  [mix release] Boot a release under configuration in interactive mode and then swap to embedded mode
-    [mix release] Add `rel_templates_path` to configure the source of template files such as "env.sh.eex", "vm.args.eex"
+  [mix release] Add `rel_templates_path` to configure the source of template files such as "env.sh.eex", "vm.args.eex"
-    [mix release] Allow some chunks to be kept in the `:strip_beams` config
-    [mix test] Allow `:ignore_modules` inside `:test_coverage` option
-    [mix test.coverage] Add `mix test.coverage` that aggregates coverage results from umbrellas and OS partitioning
-    [mix xref] Make the `--label` option for `mix xref graph` transitive by default and add `--only-direct` for only
+  [mix release] Allow some chunks to be kept in the `:strip_beams` config
+  [mix test] Allow `:ignore_modules` inside `:test_coverage` option
+  [mix test.coverage] Add `mix test.coverage` that aggregates coverage results from umbrellas and OS partitioning
+  [mix xref] Make the `--label` option for `mix xref graph` transitive by default and add `--only-direct` for only
-    [mix xref] Add `--format cycles` support for `mix xref graph`
-    [mix xref] Add support to `mix xref graph` for using `--source` and `--sink` at the same time
+  [mix xref] Add `--format cycles` support for `mix xref graph`
+  [mix xref] Add support to `mix xref graph` for using `--source` and `--sink` at the same time
-    EEx
-    [EEx] Make trimming behaviour via the `:trim` option more consistent
-    Elixir
-    [Application] Warn if non-atom keys are given to `put_env`, `get_env`, `fetch_env`, and `delete_env`
-    [Code] Do not send language keyword through the `:static_atoms_encoder` in `Code.string_to_quoted`
-    [Kernel] Validate values given to `:line` in quote to avoid emitting invalid ASTs
-    [Kernel] Report the correct line number when raising inside a macro
-    [Kernel] Fix an issue where `elixirc` would not accept paths with backslash (`\`) separators on Windows
-    [Kernel] Properly parse `&//2` (i.e. the capture of the division operator)
-    [Kernel] Raise `CompileError` when trying to define reserved types
-    [Kernel] Improve compiler error message when using `|` in a `def` signature
-    [Kernel] Improve error message when trying to use invalid list operators in guards
-    [Kernel.SpecialForms] Add `|/2` to the list of special forms to avoid inconsistent behaviour on overrides
-    [Keyword] Enforce keys to be atoms in `Keyword.keys/1`
-    [Record] Keep lexical ordering when creating records
-    [Registry] Do not crash when a process with key-value has been registered using `:via` and it fails to start on `init`
-    [URI] `URI.decode_query/2` emits an empty string for parameters without values, according to
+  EEx
+  [EEx] Make trimming behaviour via the `:trim` option more consistent
+  Elixir
+  [Application] Warn if non-atom keys are given to `put_env`, `get_env`, `fetch_env`, and `delete_env`
+  [Code] Do not send language keyword through the `:static_atoms_encoder` in `Code.string_to_quoted`
+  [Kernel] Validate values given to `:line` in quote to avoid emitting invalid ASTs
+  [Kernel] Report the correct line number when raising inside a macro
+  [Kernel] Fix an issue where `elixirc` would not accept paths with backslash (`\`) separators on Windows
+  [Kernel] Properly parse `&//2` (i.e. the capture of the division operator)
+  [Kernel] Raise `CompileError` when trying to define reserved types
+  [Kernel] Improve compiler error message when using `|` in a `def` signature
+  [Kernel] Improve error message when trying to use invalid list operators in guards
+  [Kernel.SpecialForms] Add `|/2` to the list of special forms to avoid inconsistent behaviour on overrides
+  [Keyword] Enforce keys to be atoms in `Keyword.keys/1`
+  [Record] Keep lexical ordering when creating records
+  [Registry] Do not crash when a process with key-value has been registered using `:via` and it fails to start on `init`
+  [URI] `URI.decode_query/2` emits an empty string for parameters without values, according to
-    [Version] Add defaults and enforce keys in `Version` struct
-    ExUnit
-    [ExUnit.CaptureIO] Fix race condition where a dead capture would still be considered as active
-    [ExUnit.Diff] Do not crash when failing to eval/inspect struct
-    [ExUnit.Diff] Properly diff numbers in respect to `==` and `===` operators
-    IEx
-    [IEx] Fix tokenizer emitting repeated warnings in the REPL
-    [IEx] Ensure `--dot-iex` is preserved when restarting the evaluator and after shell respawn
-    [IEx.Pry] Ensure `IEx.pry` can be triggered more than twice when invoked from the same process
-    Mix
-    [mix cmd] Fix a bug where only the first --app option would be executed
-    [mix compile] Fix an issue where new protocol implementations would not propagate when running `mix compile` from
+  [Version] Add defaults and enforce keys in `Version` struct
+  ExUnit
+  [ExUnit.CaptureIO] Fix race condition where a dead capture would still be considered as active
+  [ExUnit.Diff] Do not crash when failing to eval/inspect struct
+  [ExUnit.Diff] Properly diff numbers in respect to `==` and `===` operators
+  IEx
+  [IEx] Fix tokenizer emitting repeated warnings in the REPL
+  [IEx] Ensure `--dot-iex` is preserved when restarting the evaluator and after shell respawn
+  [IEx.Pry] Ensure `IEx.pry` can be triggered more than twice when invoked from the same process
+  Mix
+  [mix cmd] Fix a bug where only the first --app option would be executed
+  [mix compile] Fix an issue where new protocol implementations would not propagate when running `mix compile` from
-    [mix deps.compile] Use `gmake` instead of `make` when compiling deps on NetBSD/DragonFlyBSD
-    [mix release] Load `.app` from dependencies path when it is a project dependency
-    [mix release] Always include "rel/overlays" in the list of overlays directories if available
-    [mix release] Change `erts/bin/erl` binary mode to `0o755`
-    [mix test] Compare to test coverage threshold inclusively
-    Logger
-    [Logger] Print metadata for all types that implement String.Chars
+  [mix deps.compile] Use `gmake` instead of `make` when compiling deps on NetBSD/DragonFlyBSD
+  [mix release] Load `.app` from dependencies path when it is a project dependency
+  [mix release] Always include "rel/overlays" in the list of overlays directories if available
+  [mix release] Change `erts/bin/erl` binary mode to `0o755`
+  [mix test] Compare to test coverage threshold inclusively
+  Logger
+  [Logger] Print metadata for all types that implement String.Chars
-    Elixir
-    [Exception] `Exception.exception?/1` is deprecated in favor of `Kernel.is_exception/1`
-    [Regex] `Regex.regex?/1` is deprecated in favor of `Kernel.is_struct/2`
-    Logger
-    [Logger] `warn` log level is deprecated in favor of `warning`
-    Mix
-    [mix release] `config/releases.exs` is deprecated in favor of a more general purpose `config/runtime.exs`
+  Elixir
+  [Exception] `Exception.exception?/1` is deprecated in favor of `Kernel.is_exception/1`
+  [Regex] `Regex.regex?/1` is deprecated in favor of `Kernel.is_struct/2`
+  Logger
+  [Logger] `warn` log level is deprecated in favor of `warning`
+  Mix
+  [mix release] `config/releases.exs` is deprecated in favor of a more general purpose `config/runtime.exs`
-    Elixir
-    [Supervisor] Deprecate `Supervisor.start_child/2` and `Supervisor.terminate_child/2` in favor of `DynamicSupervisor`
-    [Supervisor.Spec] Deprecate `Supervisor.Spec.worker/3` and `Supervisor.Spec.supervisor/3` in favor of the new typespecs
-    [System] Deprecate `System.stacktrace/0` in favor of `__STACKTRACE__`
-    Mix
-    [Mix.Project] Deprecate `Mix.Project.compile/2` in favor of `Mix.Task.run("compile", args)`
-    Full release notes: https://github.com/elixir-lang/elixir/releases/tag/v1.11.0
+  Elixir
+  [Supervisor] Deprecate `Supervisor.start_child/2` and `Supervisor.terminate_child/2` in favor of `DynamicSupervisor`
+  [Supervisor.Spec] Deprecate `Supervisor.Spec.worker/3` and `Supervisor.Spec.supervisor/3` in favor of the new typespecs
+  [System] Deprecate `System.stacktrace/0` in favor of `__STACKTRACE__`
+  Mix
+  [Mix.Project] Deprecate `Mix.Project.compile/2` in favor of `Mix.Task.run("compile", args)`
+  Full release notes: https://github.com/elixir-lang/elixir/releases/tag/v1.11.0
-    Elixir
-    [Kernel] Fix a bug where custom types were printed as built-in types
-    [Kernel] Don't add compile-time dependency on defdelegate
-    [Kernel] Add line numbers to warnings on deprecated imports
-    [Kernel] Report the correct line number when raising inside a macro
-    [Task] Include callers in translated Logger metadata for Task
-    [Task] Fix Task PID and caller in Task Supervisor reports
-    ExUnit
-    [ExUnit.Formatter] Avoid crashes when diffing guards when the pattern does not match
-    [ExUnit.Formatter] Also blame exceptions that come from linked and trapped exits
-    IEx
-    [IEx.Helpers] Do not crash when printing a type that cannot be code formatted
-    Mix
-    [mix app.start] Fix reading .app file located in archives (.ez files)
-    [mix local.hex] Provide more guidance when Hex can't be installed
-    [mix release] Properly encode config in releases
+  Elixir
+  [Kernel] Fix a bug where custom types were printed as built-in types
+  [Kernel] Don't add compile-time dependency on defdelegate
+  [Kernel] Add line numbers to warnings on deprecated imports
+  [Kernel] Report the correct line number when raising inside a macro
+  [Task] Include callers in translated Logger metadata for Task
+  [Task] Fix Task PID and caller in Task Supervisor reports
+  ExUnit
+  [ExUnit.Formatter] Avoid crashes when diffing guards when the pattern does not match
+  [ExUnit.Formatter] Also blame exceptions that come from linked and trapped exits
+  IEx
+  [IEx.Helpers] Do not crash when printing a type that cannot be code formatted
+  Mix
+  [mix app.start] Fix reading .app file located in archives (.ez files)
+  [mix local.hex] Provide more guidance when Hex can't be installed
+  [mix release] Properly encode config in releases
-    Elixir
-    [Code] Return `[{mod, bin}]` from `Code.compile_file/2`, `Code.require_file/2`, `Code.load_file/2`
-    [Code] Make sure the formatter respects newlines before and after module attributes
-    [Kernel.ParallelCompiler] Fix a bug where the parallel compiler would raise in long compilation cycles
-    [Kernel.ParallelCompiler] Fix a bug where the parallel compiler would raise if some of the modules being compiled referred to a module that has been loaded directly to memory
-    [Module] Fix accidental breaking change where bodiless clauses had their body value on `@on_definition` callbacks set to an empty list instead of `nil`
-    [String] Undeprecate `String.normalize/2` normalize and fix infinite loop caused by certain invalid strings
-    ExUnit
-    [ExUnit.Assertions] Fix pattern matching diff when matching on pinned variables
-    [ExUnit.Assertions] Fix pattern matching diff when matching variable struct names
-    [ExUnit.Assertions] Fix pattern matching diff when matching on the binary concat operator (`<>`) and the left side is not a literal string
-    [ExUnit.Assertions] Fix pattern matching diff when matching on pseudo-vars (`__MODULE__`, `__DIR__`, etc)
-    Mix
-    [mix release] Respect the `:path` option when creating a `:tar` file for releases
+  Elixir
+  [Code] Return `[{mod, bin}]` from `Code.compile_file/2`, `Code.require_file/2`, `Code.load_file/2`
+  [Code] Make sure the formatter respects newlines before and after module attributes
+  [Kernel.ParallelCompiler] Fix a bug where the parallel compiler would raise in long compilation cycles
+  [Kernel.ParallelCompiler] Fix a bug where the parallel compiler would raise if some of the modules being compiled referred to a module that has been loaded directly to memory
+  [Module] Fix accidental breaking change where bodiless clauses had their body value on `@on_definition` callbacks set to an empty list instead of `nil`
+  [String] Undeprecate `String.normalize/2` normalize and fix infinite loop caused by certain invalid strings
+  ExUnit
+  [ExUnit.Assertions] Fix pattern matching diff when matching on pinned variables
+  [ExUnit.Assertions] Fix pattern matching diff when matching variable struct names
+  [ExUnit.Assertions] Fix pattern matching diff when matching on the binary concat operator (`<>`) and the left side is not a literal string
+  [ExUnit.Assertions] Fix pattern matching diff when matching on pseudo-vars (`__MODULE__`, `__DIR__`, etc)
+  Mix
+  [mix release] Respect the `:path` option when creating a `:tar` file for releases
-  Enhancements
+    Enhancements
erlang
-- Disable rpmlint tests on SLE-15 where they currently fail
-
-- This codestream wasn't affected by bsc#1207113
-
-- Changes for 26.2.1:
-  * erts: Removed unnecessary PCRE source tar-ball.
-  * ssh: With this change (being response to CVE-2023-48795),
-    ssh can negotiate "strict KEX" OpenSSH extension with
-    peers supporting it; also
-    'chacha20-poly1305@openssh.com' algorithm becomes a
-    less preferred cipher.
-    If strict KEX availability cannot be ensured on both
-    connection sides, affected encryption modes(CHACHA and
-    CBC) can be disabled with standard ssh configuration.
-    This will provide protection against vulnerability, but
-    at a cost of affecting interoperability. See
-    Configuring algorithms in SSH. (bsc#1218192, CVE-2023-48795)
-- Changes for 26.2:
-  * all: Replaced unintentional Erlang Public License 1.1
-    headers in some files with the intended Apache License
-    2.0 header.
-  * otp: The removal of the deprecated slave module, originally
-    planned for OTP 27, has been postponed to OTP 29.
-  * asn1: Fix benign warning from gcc 11 about mismatching call
-    to free().
-  * crypto: Enable engine support for OpenSSL versions 3.
-  * edoc: Emit <code> instead of <tt>.
-- Disable test suite for now, it has many false positives and
-  takes a very long time.
-
-- Changes for 26.1.2:
-  * erts: If the external term format encoding of an argument list
-    part of a distributed spawn operation was faulty, the newly
-    spawned remote process could misbehave. The misbehavior
-    included hanging or interpret an incoming message as an
-    argument list to use. This was very unlikely to happen unless
-    using an alternate implementation of the distribution protocol
-    which made a faulty encoding of the argument list. The child
-    process will now detect this error and terminate before
-    executing the user specified code.
-  * erts: Fix bugs where if the body of a matchspec would return a
-    map with a variable ('$1', '$_' etc) as one of the keys or
-    values and the variable was not an immidiate, the term would
-    not be copied to the receiving processes heap. This would later
-    corrupt the term in the table as the GC could place move
-    markers in it, which in turn would cause the VM to crash. Bug
-    has been present for since OTP 17.0.
-  * xmerl: The xmerl version 1.3.32 was released in OTP 26.0.1, but
-    the incorrect version number of 1.3.31.1 was used for it. This
-    incorrect version number continued to appear in OTP 26.0.2, OTP
-    26.1, and OTP 26.1.1. The actual xmerl code in these OTP
-    versions however corresponds to xmerl version 1.3.32.
-- Changes for 26.1.1:
-  * wx: The wx application would fail to build on macOS with Xcode
-    15.
-  * compiler: The compiler could become extremely slow for modules
-    containing huge functions.
-  * stdlib: Garbage collect the shell process when reducing the
-    amount of saved history and results.
-- Changes for 26.1:
-  * crypto: Fix VM crash caused by crypto being purged and reloaded
-    (by init:restart for example) on OS with musl libc (such as
-    Alpine linux).
-  * crypto: Improved understanding of LibreSSL versions. Support
-    chacha20 and chacha20_poly1305 for LibreSSL 3.7. Reflect
-    removal of support for the DSS/DSA algorithm which was done in
-    LibreSSL 2.6.1.
-  * crypto: FIPS supported by crypto for OpenSSL 3.0.* and 3.1.*.
-  * asn1: The ASN.1 compiler would ignore a constraint such as
-    (SIZE (1..4), ...), causing incorrect behavior of the encoding
-    and decoding function for the PER and UPER backends. Corrected
-    to handle the constraint in the same way as (SIZE (1..4, ...)).
-  * asn1: The JER backend has been internally refactored in a way
-    that is compatible for applications that use the documented
-    API. However, for a group of ASN.1 modules that depend on each
-    other (for example, S1AP-PDU-Descriptions, S1AP-Contents, and
-    so on), all modules in the group must be recompiled if on of
-    the group members is recompiled.
-  * observer: Closing the trace log window via the menu did not
-    work.
-  * erts: maps:put with existing key and identical value was not
-    optimized as a no-op correctly if having the same 32-bit hash
-    as another key in the map. In practice very rare and harmless.
-  * erts: Fixed an issue with truncated crash slogans on failed
-    emulator start.
-  * erts: Fixed a bug where the emulator was unable to determine
-    the current cgroup CPU quota.
-  * erts: A process optimized for parallel signal delivery could
-    under some circumstances lose wakeup information. That is, the
-    processes was not woken up to take care of the signal, so the
-    signal would not be taken care of until the process was woken
-    by another signal. Only processes configured with
-    message_queue_data set to off_heap utilize this optimization.
-  * erts: Function socket:close/1 could cause a VM crash on
-    Windows.
-  * erts: Fixed a bug in the ARM JIT where it could accidentally
-    add garbage trailing bits when creating bitstrings whose size
-    wasn't an even multiple of 8 bits.
-  * erts: Fix erlang:system_info/1 documentation to show correct
-    types.
-  * erts: Expanded the documentation about how to use the
-    standard_io, standard_error and user I/O devices. Added the
-    types io:standard_io/0, io:standard:error/0 and io:user/0.
-  * erts: Fix compilation with GNU termcap.
-  * erts: Delivery time of message signals to a process not
-    executing any receive expressions could become very long,
-    potentially infinite. For example, a process checking for
-    messages using process_info(self(), message_queue_len) or
-    process_info(self(), messages) and avoiding to execute a
-    receive expression matching on messages could be very slow in
-    detecting new messages. Note that you are still discouraged
-    from using process_info() this way. A process that wants to
-    check if there are messages available to handle should execute
-    a receive expression matching on messages.
-  * erts: On AArch64 (ARM64), when calculating both the quotient
-    and remainder with a divisor begin a power two, the remainder
-    could be incorrectly calculated.
-  * erts: Fix bug causing "magic" references in a compressed ETS
-    table to not keep the referred object alive. The symptom would
-    be the referred object being garbage collected prematurely and
-    the reference appearing stale, not referring to anything.
-    Examples of such magically referred objects are atomics and NIF
-    resources.
-  * erts: Matching out short bitstrings with a fixed size not
-    divisible by 8 could could lead to the runtime system
-    terminating with an "Overrun heap and stack" error.
-  * erts: A constant flow of incoming non-message signals could
-    prevent a process needing to execute dirty from doing so.
-  * erts: A BEAM file usually contains a chunk with the tag "Type"
-    containing type information that can be used by the JIT. The
-    beam_lib:strip/1 takes care to preserve that chunk, but a
-    build/release tool that does customized stripping could
-    accidentally remove the chunk. Loading a BEAM file without the
-    "Type" chunk could cause incorrect behavior of the loaded code.
-  * erts: gen_udp:recv/* for Unix Domain Socket in binary mode and
-    passive mode has been fixed to not crash.
-  * erts: The cleanup operation of not yet delivered signals to a
-    terminated process yielded excessively.
-  * erts: Fixed minor hashing issue with the local option of
-    term_to_binary()/term_to_iovec().
-  * erts: Update gen_tcp_socket and gen_udp_socket to handle
-    'completion' (socket on Windows).
-  * erts: Add support for Unix Domain Sockets (only for STREAM
-    sockets) on Windows for 'socket'.
-  * erts: In Erlang/OTP 27, by default escripts will be compiled
-    before being executed. That means that the compiler application
-    must be installed. It is possible to force the escript to be
-    interpreted by adding the directive -mode(interpret). to the
-    escript file. In Erlang/OTP 28, support for interpreting an
-    escript will be removed.
-  * erts: Add basic support for socket ioctl on Windows.
-  * erts: Removed erts/etc/darwin/Info.plist, as it is no longer
-    necessary after macos 10.12
-  * erts: Add support for (Windows) socket option exclusiveaddruse.
-  * erts: [socket] Add support for the 'nopush' option.
-  * erts: Add support for socket option 'BSP STATE'.
-  * erts: Add tcp socket options 'keepcnt', 'keepidle' and
-    'keepintvl'.
-  * erts: Add support for misc (Windows) socket options
-    ('max_msg_size' and 'maxdg').
-  * compiler: The compiler could run forever when compiling a call
-    to is_record/3 with a huge positive tuple size. The call
-    is_record(A, a, 0) would crash the compiler when used in a
-    function body. When used in a guard the compiler would emit
-    incorrect code that would accept {a> as a record.
-  * compiler: Fixed a bug that caused dialyzer to crash when
-    analyzing bogus code that contained the literal atom undefined
-    in segment sizes.
-  * compiler: The compiler would crash when compiling some modules
-    that contained a call to erlang:load_nif/2.
-  * compiler: Fixed a bug that caused the compiler to crash on
-    legal code.
-  * compiler: The compiler could crash when attempting to compile a
-    call to is_list/1 in a complex expression.
-  * compiler: A complex guard expression using the or operator
-    could succeed when it was supposed to fail.
-  * compiler: Compiling nested try/catch and catch expression could
-    result in an internal compiler error.
-  * compiler: Using the bnot operator in a complex expression could
-    cause the compiler to terminate with an internal consistency
-    failure diagnostic.
-  * compiler: Fixed a bug that caused the compiler to crash in a
-    binary optimization pass.
-  * compiler: The compiler could terminate with an internal error
-    when attempting to compile a binary pattern that could not
-    possibly match.
-  * compiler: Fixed various performance issues related to the alias
-    optimization pass.
-  * erl_docgen: Expanded the documentation about how to use the
-    standard_io, standard_error and user I/O devices. Added the
-    types io:standard_io/0, io:standard:error/0 and io:user/0.
-  * mnesia: Do not delete old backup file if the new backup fails.
-  * megaco: Make megaco transports handle gen_tcp | gen_udp with
-    socket backend on Windows (completion).
-  * common_test: With this change, ct_hooks manual refers to CTH
-    execution order section in user guide.
-  * common_test: With this change, Config data from
-    pre_end_per_testcase hook is delivered to post_end_per_testcase
-    callback in case of testcase timetrap or linked process crash.
-  * common_test: With this change, remaining references to not
-    supported vts tool in ct_run are removed (mainly relates to
-    docs and ct_run help message).
-  * common_test: With this change, prompt search functionality in
-    ct_telnet handles unicode input.
-  * common_test: Expanded the documentation about how to use the
-    standard_io, standard_error and user I/O devices. Added the
-    types io:standard_io/0, io:standard:error/0 and io:user/0.
-  * stdlib: The compiler could run forever when compiling a call to
-    is_record/3 with a huge positive tuple size. The call
-    is_record(A, a, 0) would crash the compiler when used in a
-    function body. When used in a guard the compiler would emit
-    incorrect code that would accept {a> as a record.
-  * stdlib: Fix bug in ets:tab2file that could make it fail if
-    another Erlang process created the same file at the same time.
-  * stdlib: An {else_clause,Value} exception will now be reported
-    nicely in the shell.
-  * stdlib: Correct return value for error case, so that it matches
-    the documented and intended return value {error,
-    {already_started, pid()} when local registered names are used.
-  * stdlib: sys:get_state/1,2 and sys:replace_state/2,3 has been
-    corrected to handle a state named error as a state name, not as
-    a failed system callback. For the standard server behaviours
-    this was an issue only for gen_statem (and gen_fsm) when the
-    state name was error, and for gen_server if the complete state
-    was {error,_}.
-  * stdlib: Multiple problems were fixed in
-    filelib:safe_relative_path/2. If its second argument was a path
-    that contained symbolic links, an incorrect result patch could
-    be returned. Also, paths were sometimes falsely considered
-    unsafe.
-  * stdlib: Fix deadlock when erl.exe is used as part of a pipe on
-    Windows and trying to set the encoding of the standard_io
-    device.
-  * stdlib: Expanded the documentation about how to use the
-    standard_io, standard_error and user I/O devices. Added the
-    types io:standard_io/0, io:standard:error/0 and io:user/0.
-  * stdlib: Fix h/2,3 to properly render multi-clause
-    documentation.
-  * stdlib: Timers created by timer:apply_after/4,
-    apply_interval/4, and apply_repeatedly/4 would silently fail to
-    do the apply if it was not possible to spawn a process when the
-    timer expired. This has now been corrected, and if the spawn
-    fails, the system will be taken down producing a crash dump.
-  * stdlib: When an Erlang source file lacked a module definition,
-    there would be a spurious "module name must not be empty"
-    diagnostic for each spec in the file.
-  * stdlib: The argument descriptions for option types in argparse
-    have been made less ambiguous.
-  * stdlib: Clarified the documentation of normal shutdown reason
-    on gen_server:call/2,3
-  * stdlib: Pattern matching and equivalence (=:=, =/=) comparisons
-    on 0.0 will now raise a warning, as it will no longer be
-    considered equivalent to -0.0 in OTP 27. If a match on 0.0
-    specifically is desired (distinct from -0.0), the warning can
-    be suppressed by writing +0.0 instead. The arithmetic
-    comparison operators are unaffected, including arithmetic
-    equality (==). *** POTENTIAL INCOMPATIBILITY ***
-  * stdlib: The semantics of the gen_{server,statem,event}
-    behaviour's synchronous start behaviour introduced in OTP-26.0
-    with OTP-18471, has been clarified in the documentation.
-  * stdlib: Added functionality to set a custom multiline prompt.
-  * stdlib: A warning for (accidental use of) Triple-Quoted Strings
-    has been implemented as per EEP 64. *** POTENTIAL
-    INCOMPATIBILITY ***
-  * stdlib: The keyboard shortcuts for the shell are now
-    configurable.
-  * kernel: Fixed an issue with truncated crash slogans on failed
-    emulator start.
-  * kernel: Fix shell:start_interactive function specification.
-  * kernel: Fix code:get_doc/1 to return missing, when it can't
-    find erts instead of crashing.
-  * kernel: Function socket:close/1 could cause a VM crash on
-    Windows.
-  * kernel: Fix deadlock when erl.exe is used as part of a pipe on
-    Windows and trying to set the encoding of the standard_io
-    device.
-  * kernel: Expanded the documentation about how to use the
-    standard_io, standard_error and user I/O devices. Added the
-    types io:standard_io/0, io:standard:error/0 and io:user/0.
-  * kernel: Fix logger's overload protection mechanism to only
-    fetch memory used by messages when needed.
-  * kernel: Fixed a number of socket-related issues causing
-    incompatibilities with gen_tcp and gen_udp respectively.
-  * kernel: gen_tcp:connect with socket address and socket (inet-)
-    backend fails because of missing callback function.
-  * kernel: The DNS RR cache used by `inet_res` has been fixed to
-    preserve insert order, which is beneficial when the DNS server
-    returns RRs in some specific order for e.g load balancing
-    purposes.
-  * kernel: The options `reuseport`, `reuseport_lb` and
-    `exclusiveaddruse` were accidentally not allowed for e.g
-    `gen_udp:open/1,2`, which has now been corrected.
-  * kernel: gen_udp:recv/* for Unix Domain Socket in binary mode
-    and passive mode has been fixed to not crash.
-  * kernel: Fixed issue where cursor would not be placed at the end
-    of the expression when navigating shell history.
-  * kernel: Update gen_tcp_socket and gen_udp_socket to handle
-    'completion' (socket on Windows).
-  * kernel: Add support for Unix Domain Sockets (only for STREAM
-    sockets) on Windows for 'socket'.
-  * kernel: Add basic support for socket ioctl on Windows.
-  * kernel: The file:location/0 type is now exported.
-  * kernel: Add support for (Windows) socket option
-    exclusiveaddruse.
-  * kernel: [socket] Add support for the 'nopush' option.
-  * kernel: Add support for socket option 'BSP STATE'.
-  * kernel: Add tcp socket options 'keepcnt', 'keepidle' and
-    'keepintvl'.
-  * kernel: Add support for misc (Windows) socket options
-    ('max_msg_size' and 'maxdg').
-  * kernel: The keyboard shortcuts for the shell are now
-    configurable.
-  * kernel: Optimized code_server to reduce repeated work when
-    loading the same module concurrently.
-  * debugger: The call int:no_break(Module) did not remove any
-    breakpoints.
-  * debugger: The maybe expression is now supported in the
-    Debugger.
-  * debugger: The maybe expression is now supported in the
-    Debugger.
-  * debugger: The call int:no_break(Module) did not remove any
-    breakpoints.
-  * ssl: Avoid function clause error in ssl:getopts/2 by handling
-    that inet:getopts may return an empty list during some
-    circumstances, such as the socket being in a closing state.
-  * ssl: The API function `ssl:recv/3` has been tightened to
-    disallow negative length, which has never been documented to
-    work, but was passed through and caused strange errors.
-  * ssl: When a client initiated renegotiation was rejected and the
-    client socket was in active mode the expected error message to
-    the controlling process was not sent.
-  * ssl: Add some guidance for signature algorithms configuration
-    in ssl applications users guide.
-  * snmp: Make snmp handle gen_udp with socket backend on Windows
-    (completion).
-  * public_key: Country name comparison shall be case insensitive
-  * public_key: Add check to disallow duplicate certs in a path
-  * inets: With this change, re_write httpd works as expected and
-    does not return error.
-  * inets: Fixed a bug so httpd does not crash when stopped at the
-    wrong time during TLS connection negotiation, or any other
-    theoretically as slow connection setup.
-  * inets: Enhance error handling and avoid that the HTTP client
-    hangs on headers provided on the wrong format.
-  * inets: With this change, error report generated by httpd during
-    connection setup contains socket type information.
-  * inets: Stop and restart of the httpd server in the Inets
-    application has been refactored to a more synchronous and OTP
-    supervisor friendly approach. This should increase stability
-    and for example avoid a supervisor report from
-    httpd_connection_sup about killed child process(es) in some
-    cases when stopping or restarting httpd.
-  * dialyzer: Fixed a bug that caused dialyzer to crash when
-    analyzing bogus code that contained the literal atom undefined
-    in segment sizes.
-  * dialyzer: Dialyzer could crash when attempting to analyze a
-    module that defined a type called product/.
-- Changes for 26.0.2:
-  * erts: Fix using the IME (Input Method Editor) to enter text in
-    cmd.exe and powershell.exe on Windows.
-  * erts: Multiple socket:accept calls issue. When making multiple
-    accept calls, only the last call is active.
-  * erts: Fix the shell to ignore terminal delay when the terminal
-    capabilities report that they should be used.
-  * erts: Fix "oldshell" to echo characters while typing on
-    Windows.
-  * erts: On Windows, a call to the function socket:close, when
-    there are waiting active calls to read, write or accept
-    functions, could hang.
-  * erts: Fix issues when reading or configuring standard_io on
-    Windows when erl.exe is started using -noshell flag.
-  * erts: The following functions are now much faster when given a
-    long list or binary:
-  * erts: On AArch64 (ARM64), equality and non-equality tests with
-    literal bitstrings could succeed when they should fail and vice
-    versa.
-  * compiler: Fixed a type handling bug that would cause an
-    internal consistence failure for correct code.
-  * compiler: Fixed a bug that could cause the stack trace of throw
-    exceptions to be erroneously optimized out.
-  * compiler: Complex guard expression using 'or' were not always
-    fully evaluated, making guards that were supposed to fail
-    succeed.
-  * stdlib: Fix bug where when you entered Alt+Enter in the
-    terminal, the cursor would move to the last line, instead of
-    moving to the next line.
-  * stdlib: Fix eof handling when reading from stdin when erlang is
-    started using -noshell.
-  * stdlib: Fixed problem where output would disappear if it was
-    received after a prompt was written in the shell.
-  * stdlib: The following functions are now much faster when given
-    a long list or binary:
-  * kernel: Fix bug where when you entered Alt+Enter in the
-    terminal, the cursor would move to the last line, instead of
-    moving to the next line.
-  * kernel: Fix so that the shell does not crash on startup when
-    termcap is not available.
-  * kernel: Multiple socket:accept calls issue. When making
-    multiple accept calls, only the last call is active.
-  * kernel: Fix the shell to ignore terminal delay when the
-    terminal capabilities report that they should be used.
-  * kernel: Fix "oldshell" to echo characters while typing on
-    Windows.
-  * kernel: Fix eof handling when reading from stdin when erlang is
-    started using -noshell.
-  * kernel: On Windows, a call to the function socket:close, when
-    there are waiting active calls to read, write or accept
-    functions, could hang.
-  * kernel: Fix issues when reading or configuring standard_io on
-    Windows when erl.exe is started using -noshell flag.
-  * kernel: gen_udp:connect with inet_backend = socket fails when
-    the Address is a hostname (string or atom).
-  * kernel: Fixed problem which would cause shell to crash if
-    particular escape sequence was written to stdout.
-  * kernel: Fixed problem where output would disappear if it was
-    received after a prompt was written in the shell.
-  * kernel: Fix a crash where the location of erts could not be
-    found in rebar3 dev builds.
-  * kernel: Introduce the KERNEL application parameter
-    standard_io_encoding that can be used to set the default
-    encoding for standard_io. This option needs to be set to latin1
-    if the application wants to treat all input data as bytes
-    rather than utf-8 encoded characters.
-  * ssl: Added keylog information to all protocol versions in
-    ssl:connection_information/2.
-  * ssl: Add RFC-6083 considerations for DTLS to enable gen_sctp
-    based callback for the transport.
-  * ssh: Added multiline editing support to ssh clients connected
-    through OTP ssh daemon.
-
-- Changes for 26.0.1:
-  * erts: Build of the socket nif failed on Solaris 11.
-  * erts: Fixed two reduction-counting bugs relating to binaries.
-  * erts: Constructing a binary segment not aligned with a byte
-    boundary, with a size not fitting in 31 bits, and with a value
-    not fitting in a 64-bit word could crash the runtime system.
-  * erts: When a binary construction failed because of bad size for
-    a segment, the error information was not always correct.
-  * erts: Fixed a crash when calling a fun that was defined in a
-    module that had been upgraded.
-  * kernel: The POSIX error exdev was sometimes incorrectly
-    described as "cross domain link" in some error messages.
-  * kernel: Corrected the socket send function description (send
-    with Timeout = nowait). The send function(s) could not return
-    {ok, {RestData, SelectInfo}}
-  * stdlib: The POSIX error exdev was sometimes incorrectly
-    described as "cross domain link" in some error messages.
-  * ssl: Make sure that selection of client certificates handle
-    both TLS-1.3 and TLS-1.2 names correctly. Could cause valid
-    client certificate to not be selected, and an empty client
-    certificate message to be sent to server.
-  * ssl: Improved ssl:format_error/1 to handle more error tuples.
-  * ssl: Fixed hanging ssl:connect when ssl application is not
-    started.
-  * ssl: Correct handling of retransmission timers, current
-    behavior could cause unwanted delays.
-  * inets: Do not make the default ssl options by calling
-    httpc:ssl_verify_host_options(true) if ssl options are supplied
-    by the user.
-  * xmerl: New options to xmerl_scan and xmerl_sax_parser so one
-    can limit the behaviour of the parsers to avoid some XML
-    security issues. xmerl_scan gets one new option:
-    xmerl_sax_parser gets the following options: The old option
-    skip_external_dtd is still valid and the same as
-    {external_entities, none} and {fail_undeclared_ref, false} but
-    just affects DTD's and not other external references.
-  * compiler: Fixed a bug where a failing bsl expression in a guard
-    threw an exception instead of causing the guard to fail.
-  * compiler: Fixed a bug that would case the validator to reject
-    legal code.
-  * compiler: The compiler could re-order clauses matching binaries
-    so that the incorrect clause would match. That could only
-    happen for code that used the option {error_location,line} or
-    for code without line or column number information (e.g.
-    generated by a parse transform).
-  * compiler: Complex guard expression using the or operator and
-    guard BIFs that can fail could sometimes be miscompiled so that
-    the guard would succeed even if a call to a guard BIF failed.
-  * compiler: With optimizations disabled, a try/catch construct
-    could return an incorrect value.
-  * compiler: In rare circumstance, a combination of binary
-    construction and binary_part/3 would cause the compiler to
-    generate unsafe code that would crash the runtime system.
-  * compiler: The compiler could be very slow when compiling guards
-    with multiple guard tests separated with 'or' or ';'.
-  * compiler: Complex guard expressions using 'or' and map updates
-    could succeed even if the map update failed.
-
-- Version 26.0:
-  * Leex has been extended with optional column number support.
-  * The family of enumeration functions in module lists has been
-    extended with enumerate/3 that allows a step value to be
-    supplied.
-  * Update Unicode to version 15.0.0.
-  * proc_lib:start*/* has become synchronous when the started
-    process fails. This requires that a failing process use a new
-    function proc_lib:init_fail/2,3, or exits, to indicate failure. All
-    OTP behaviours have been fixed to do this.
-  * auto-complete of variables, record names, record fields names,
-    map keys, function parameter types and filenames.
-  * Open external editor in the shell to edit the current
-    expression.
-  * defining records (with types), functions, specs and types in
-    the shell.
-  * Creation and matching of binaries with segments of fixed sizes
-    have been optimized.
-  * Creation and matching of UTF-8 segments have been optimized.
-  * Appending to binaries has been optimized.
-  * The compiler and JIT now generate better code for creation of
-    small maps where all keys are literals known at compile time.
-  * Thanks to the optimizations above the performance of the base64
-    module has been significantly improved. For example, on an
-    x86_64 system with the JIT both encode and decode are almost
-    three times faster than in Erlang/OTP 25.
-  * Map comprehensions as suggested in EEP 58 has now been
-    implemented.
-  * Some map operations have been optimized by changing the
-    internal sort order of atom keys. This changes the
-    (undocumented) order of how atom keys in small maps are printed
-    and returned by maps:to_list/1 and maps:next/1. The new order
-    is unpredictable and may change between different invocations
-    of the Erlang VM.
-  * Introducing the new function maps:iterator/2 for creating an
-    interator that return the map elements in a deterministic
-    order. There are also new modifiers k and K for the format
-    string in io:format() to support printing map elements ordered.
-  * Added the new built-in type dynamic() introduced in EEP 61, PR
-    introducing EEP 61 improving support for gradual type checkers.
-  * Dialyzer has a new incremental mode that be invoked by giving
-    the --incremental option when running Dialyzer. This new
-    incremental mode is likely to become the default in a future
-    release.
-  * Multi time warp mode is now enabled by default. This assumes
-    that all code executing on the system is time warp safe.
-  * Support for UTF-8 atoms and strings in the NIF interface
-    including new functions enif_make_new_atom,
-    enif_make_new_atom_len and enif_get_string_length.
-  * The BIFs min/2 and max/2 are now allowed to be used in guards
-    and match specs.
-  * Improved the selective receive optimization, which can now be
-    enabled for references returned from other functions. This
-    greatly improves the performance of gen_server:send_request/3,
-    gen_server:wait_response/2, and similar functions.
-  * It is no longer necessary to enable a feature in the runtime
-    system in order to load modules that are using it. It is
-    sufficient to enable the feature in the compiler when compiling
-    it.
-  * inet:setopts/2 has got 3 new options: reuseport, reuseport_lb
-    and exclusiveaddruse.
-  * Fix so that -fno-omit-frame-pointer is applied to all of the
-    Erlang VM when using the JIT so that tools, such as perf, can
-    crawl the process stacks.
-  * In the lists module, the zip family of functions now takes
-    options to allow handling lists of different lengths.
-  * Added the zip:zip_get_crc32/2 function to retrieve the CRC32
-    checksum from an opened ZIP archive. gen_server optimized by
-    caching callback functions
-  * The modules Erlang DNS resolver inet_res and helper modules
-    have been updated for RFC6891; to handle OPT RR with DNSSEC OK
-    (DO) bit.
-  * Introduced application:get_supervisor/1.
-  * Cache OTP boot code paths, to limit how many folders that are
-    being accessed during a module lookup. Can be disabled with
-  - cache_boot_path false.
-  * Support for Kernel TLS (kTLS), has been added to the SSL
-    application, for TLS distribution (-proto_dist inet_tls), the
-    SSL option {ktls, true}.
-  * Improved error checking and handling of ssl options.
-  * Mitigate memory usage from large certificate chains by lowering
-    the maximum handshake size. This should not effect the common
-    cases, if needed it can be configured to a higher value.
-  * For security reasons the SHA1 and DSA algorithms are no longer
-    among the default values.
-  * Add encoding and decoding of use_srtp hello extension to
-    facilitate for DTLS users to implement SRTP functionality.
-
-- Changes for 25.3.2.2:
-  * compiler: The compiler could be very slow when compiling guards
-    with multiple guard tests separated with 'or' or ';'.
-- Changes for 25.3.2.1:
-  * xmerl: New options to xmerl_scan and xmerl_sax_parser so one
-    can limit the behaviour of the parsers to avoid some XML
-    security issues. xmerl_scan gets one new option:
-    xmerl_sax_parser gets the following options: The old option
-    skip_external_dtd is still valid and the same as
-    {external_entities, none} and {fail_undeclared_ref, false} but
-    just affects DTD's and not other external references.
-  * erts: Fixed a crash during tracing on certain platforms that
-    cannot use the machine stack for Erlang code (mainly OpenBSD
-    and Linux with musl).
-  * erts: Constructing a binary segment not aligned with a byte
-    boundary, with a size not fitting in 31 bits, and with a value
-    not fitting in a 64-bit word could crash the runtime system.
-  * erts: Further robustify implementation of large maps (> 32
-    keys). Keys that happen to have same internal 32-bit hash
-    values are now put in collision nodes which are traversed with
-    linear search. This removes the demand for the internal hash
-    function when salted to eventually produce different hashes for
-    all possible pairs of unequal terms.
-  * stdlib: Static supervisors are very idle processes after they
-    have started so they will now be hibernated after start to
-    improve resource management.
-  * compiler: Fixed a bug where a failing bsl expression in a guard
-    threw an exception instead of causing the guard to fail.
-  * compiler: Complex guard expression using the or operator and
-    guard BIFs that can fail could sometimes be miscompiled so that
-    the guard would succeed even if a call to a guard BIF failed.
-
-- Changes for 25.3.2:
-  * compiler: Fixed type handling bugs that could cause an internal
-    error in the compiler for correct code.
-  * os_mon: Avoid error report from failing erlang:port_close at
-    shutdown of cpu_sup and memsup. Bug exists since OTP 25.3
-    (os_mon-2.8.1).
-  * erts: If a runtime system which was starting the distribution
-    already had existing pids, ports, or references referring to a
-    node with the same nodename/creation pair that the runtime
-    system was about to use, these already existing pids, ports, or
-    references would not work as expected in various situations
-    after the node had gone alive. This could only occur if the
-    runtime system was communicated such pids, ports, or references
-    prior to the distribution was started. That is, it was
-    extremely unlikely to happen unless the distribution was
-    started dynamically and was even then very unlikely to happen.
-    The runtime system now checks for already existing pids, ports,
-    and references with the same nodename/creation pair that it is
-    about to use. If such are found another creation will be chosen
-    in order to avoid these issues.
-- Changes for 25.3.1:
-  * snmp: Attempts to minimize the number of the error reports
-    during a failed agent init.
-  * compiler: When a map update such as #{}#{key:=value} that
-    should fail with an exception was unused, the exception would
-    be lost.
-  * compiler: Fixed bug in the validator that made it reject valid
-    code.
-  * crypto: With this change, random errors are fixed for
-    crypto:generate_key calls with OpenSSL 3.
-  * erts: Fixed a bug in the loader that prevented certain modules
-    compiled with no_ssa_opt from being loaded.
-  * erts: Implementations of the call() driver callback that
-    returned a faulty encoded result could cause a memory leak and
-    could cause invalid data on the heap of the processes calling
-    erlang:port_call/3.
-  * erts: Fixed a memory corruption issue when upgrading code. The
-    bug was introduced in OTP 25.3
-  * erts: Fixed configure tests for a few ARM-specific
-    instructions, which prevented the emulator from being built on
-    some platforms.
-  * erts: Aliases created in combination with a monitor using the
-    {alias, explicit_unalias} option stopped working from remote
-    nodes when a 'DOWN' signal had been received due to the monitor
-    or if the monitor was removed using the erlang:demonitor() BIF.
-    This bug was introduced in OTP 24.3.4.10 and OTP 25.3.
-  * erts: In rare circumstances, bit syntax matching of an invalid
-    code point for a utf32 would crash the runtime system.
-  * erts: Building the runtime system failed when native atomic
-    support was missing. Note that execution on such systems have
-    only been rudimentary tested.
-  * erl_interface: Fixed configure tests for a few ARM-specific
-    instructions, which prevented the emulator from being built on
-    some platforms.
-  * eldap: Added a new function eldap:info/1 that returns the
-    socket and the transport protocol for the eldap connection.
-  * inets: Correct timing related pipelining/keepalive queue bug,
-    that could result in unexpected "socket_remotly_closed" errors.
-  * inets: With this change, upon remote socket closure current
-    request is added to a retried queue (either pipeline or
-    keep_alive, but not both).
-  * ssl: With this change, ssl:connection_information/2 returns
-    correct keylog data after TLS1.3 key update.
-  * ssl: Client signature algorithm list input order is now honored
-    again , it was accidently reversed by a previous fix.
-  * stdlib: The type specs in the erl_parse module has been updated
-    to include the maybe construct and the ! operator.
-  * wx: Improve debug prints from the nifs. Some minor fixes for
-    wxWidgets-3.2. Fixed OpenGL debug functions.
-
-- Changes for 25.3:
-  * reltool: Fixed a bug that would cause analysis to crash.
-  * stdlib: Fixed a bug that would cause analysis to crash.
-  * stdlib: Fixed a crash when formatting stack traces for error
-    reports.
-  * stdlib: Instead of crashing, the list_to_integer/1 and
-    list_to_integer/2 BIFs now raise the system_limit exception for
-    overlong lists that can't be converted to integers. Similarly,
-    the string:to_integer/1 BIF now returns {error,system_limit}
-    for overlong lists.
-  * stdlib: Removal of non-necessary undefined types added to the
-    state's supervisor record.
-  * compiler: Fixed a bug that would cause the compiler to hang.
-  * compiler: Fixed a crash when compiling code that contained
-    maybe expressions.
-  * compiler: Constructing a binary with an explicit size of all
-    for a binary segment would crash the compiler.
-  * compiler: The compiler would generate incorrect code for the
-    following type of expression: Pattern = BoundVar1 = . . . =
-    BoundVarN = Expression An exception should be raised if any of
-    the bound variables have different values than Expression. The
-    compiler would generate code that would cause the bound
-    variables to be bound to the value of Expressionwhether the
-    value matched or not.
-  * xmerl: Replace size/1 with either tuple_size/1 or byte_size/1
-    The size/1 BIF is not optimized by the JIT, and its use can
-    result in worse types for Dialyzer. When one knows that the
-    value being tested must be a tuple, tuple_size/1 should always
-    be preferred. When one knows that the value being tested must
-    be a binary, byte_size/1 should be preferred. However,
-    byte_size/1 also accepts a bitstring (rounding up size to a
-    whole number of bytes), so one must make sure that the call to
-    byte_size/ is preceded by a call to is_binary/1 to ensure that
-    bitstrings are rejected. Note that the compiler removes
-    redundant calls to is_binary/1, so if one is not sure whether
-    previous code had made sure that the argument is a binary, it
-    does not harm to add an is_binary/1 test immediately before the
-    call to byte_size/1.
-  * megaco: Replace size/1 with either tuple_size/1 or byte_size/1
-    The size/1 BIF is not optimized by the JIT, and its use can
-    result in worse types for Dialyzer. When one knows that the
-    value being tested must be a tuple, tuple_size/1 should always
-    be preferred. When one knows that the value being tested must
-    be a binary, byte_size/1 should be preferred. However,
-    byte_size/1 also accepts a bitstring (rounding up size to a
-    whole number of bytes), so one must make sure that the call to
-    byte_size/ is preceded by a call to is_binary/1 to ensure that
-    bitstrings are rejected. Note that the compiler removes
-    redundant calls to is_binary/1, so if one is not sure whether
-    previous code had made sure that the argument is a binary, it
-    does not harm to add an is_binary/1 test immediately before the
-    call to byte_size/1.
-  * debugger: Fixed a bug that would cause analysis to crash.
-  * erts: Fixed a bug on Windows where file:read_file_info/1 would
-    fail for files with corrupt metadata.
-  * erts: Fix process_info(_, binary) to again include "writable
-    binaries" which were lost in OTP-25.0. Writable binaries are an
-    optimization used when binaries are appended upon in a loop.
-  * erts: Fix rare race when receiving fragmented messages on a
-    terminating connection. Could potentially cause memory leaks as
-    well as double free crashes. Bug exists since OTP 22.0.
-  * erts: Fixed bug that could maybe cause problems when a file
-    descriptor number is closed by a linked in driver and then
-    opened (reused) and passed to enif_select by a NIF. No actual
-    symptoms seen, only failed internal assertions in debug build.
-  * erts: The runtime system could crash when tracing a process
-    executing on a dirty scheduler.
-  * erts: In the binary syntax, attempting to match out integers
-    with size exceeding 2 GiB could crash the runtime system.
-  * erts: Fixed edge case in floating-point negation where A = 0.0,
-    B = -A did not produce B = -0.0 on x86_64 JIT.
-  * erts: Fixed an issue in the JIT that could crash the emulator
-    on some platforms.
-  * erts: Added meta data to the windows installer.
-  * erts: Fixed ETS insertion order into bag and duplicate_bag of
-    tuples with identical keys when passed in a list to
-    ets:insert/2. The insert order has been head-to-tail but was
-    accidentally changed in OTP 23.0. For bag it was reverted
-    (tail-to-head), while for duplicate_bag it was sometimes
-    reverted depending on the length of the list and number of
-    "reductions" left for the calling process. This fix changes the
-    insert order of ets:insert/2 back to always be head-to-tail of
-    the list argument.
-  * erts: With the JIT for AArch64 (AMD64), calling bxor in with
-    non-integer arguments in a guard would crash the runtime
-    system.
-  * erts: Fix bug regarding process flag max_heap_size. Could cause
-    strange behavior when a process was killed due to exceeding the
-    limit.
-  * erts: Fixed binary comprehensions to be similar to other
-    creation of binary data with respect to its contribution of
-    triggering garbage collection.
-  * erts: In rare circumstances, when a process exceeded its
-    allowed heap size set by option max_heap_size, it would not be
-    killed as it should be, but instead enter a kind of zombie
-    state it would never get out of.
-  * erts: Instead of crashing, the list_to_integer/1 and
-    list_to_integer/2 BIFs now raise the system_limit exception for
-    overlong lists that can't be converted to integers. Similarly,
-    the string:to_integer/1 BIF now returns {error,system_limit}
-    for overlong lists.
-  * erts: Active process aliases of a process at its termination
-    leaked memory.
-  * erts: Support for fully asynchronous distributed signaling
-    where send operations never block. This functionality is by
-    default disabled and can be enabled per process. For more
-    information see the documentation of process_flag(async_dist,
-    Bool).
-  * erts: Added the +JPperf no_fp option to explicitly disable
-    Erlang frame pointers otherwise added when using the +JPperf
-    map option.
-  * erl_interface: Accept connection setup from OTP 23 and 24 nodes
-    that are not using epmd.
-  * erl_interface: The ei API for decoding/encoding terms is not
-    fully 64-bit compatible since terms that have a representation
-    on the external term format larger than 2 GB cannot be handled.
-  * syntax_tools: erl_syntax_lib:annotate_bindings/1,2 will now
-    properly annotate named functions and their arguments.
-  * kernel: Fixed a bug on Windows where file:read_file_info/1
-    would fail for files with corrupt metadata.
-  * kernel: Accept connection setup from OTP 23 and 24 nodes that
-    are not using epmd.
-  * public_key: As different solutions of verifying certificate
-    revocation exists move the decode of 'CRLDistributionPoints' so
-    that it will only be decode. When it is actually used in the
-    verification process. This would enable interoperability with
-    systems that use certificates with an invalid empty
-    CRLDistributionPoints extension that they want to ignore and
-    make verification by other means.
-  * public_key: public_key:pkix_path_validation validates
-    certificates expiring after 2050
-  * public_key: Do not leave exit message in message queue after
-    calling cacerts_load() on MacOS.
-  * public_key: Replace size/1 with either tuple_size/1 or
-    byte_size/1 The size/1 BIF is not optimized by the JIT, and its
-    use can result in worse types for Dialyzer. When one knows that
-    the value being tested must be a tuple, tuple_size/1 should
-    always be preferred. When one knows that the value being tested
-    must be a binary, byte_size/1 should be preferred. However,
-    byte_size/1 also accepts a bitstring (rounding up size to a
-    whole number of bytes), so one must make sure that the call to
-    byte_size/ is preceded by a call to is_binary/1 to ensure that
-    bitstrings are rejected. Note that the compiler removes
-    redundant calls to is_binary/1, so if one is not sure whether
-    previous code had made sure that the argument is a binary, it
-    does not harm to add an is_binary/1 test immediately before the
-    call to byte_size/1.
-  * ssl: Fixed that new dtls connections from the same client ip
-    port combination works. If there is a process waiting for
-    accept the new connection will connect to that, otherwise it
-    will try to re-connect to the old server connection.
-  * ssl: When shutting down a node that uses SSL distribution
-    (-proto_dist inet_tls), a confusing error message about an
-    unexpected process exit was printed. This particular message is
-    no longer generated.
-  * ssl: fixes the type spec for ssl:format_error/1
-  * ssl: Replace size/1 with either tuple_size/1 or byte_size/1 The
-    size/1 BIF is not optimized by the JIT, and its use can result
-    in worse types for Dialyzer. When one knows that the value
-    being tested must be a tuple, tuple_size/1 should always be
-    preferred. When one knows that the value being tested must be a
-    binary, byte_size/1 should be preferred. However, byte_size/1
-    also accepts a bitstring (rounding up size to a whole number of
-    bytes), so one must make sure that the call to byte_size/ is
-    preceded by a call to is_binary/1 to ensure that bitstrings are
-    rejected. Note that the compiler removes redundant calls to
-    is_binary/1, so if one is not sure whether previous code had
-    made sure that the argument is a binary, it does not harm to
-    add an is_binary/1 test immediately before the call to
-    byte_size/1.
-  * jinterface: Accept connection setup from OTP 23 and 24 nodes
-    that are not using epmd.
-  * os_mon: The port programs used by cpu_sup and memsup are now
-    gracefully shut down when cpu_sup and memsup are shut down.
-  * eunit: Replace size/1 with either tuple_size/1 or byte_size/1
-    The size/1 BIF is not optimized by the JIT, and its use can
-    result in worse types for Dialyzer. When one knows that the
-    value being tested must be a tuple, tuple_size/1 should always
-    be preferred. When one knows that the value being tested must
-    be a binary, byte_size/1 should be preferred. However,
-    byte_size/1 also accepts a bitstring (rounding up size to a
-    whole number of bytes), so one must make sure that the call to
-    byte_size/ is preceded by a call to is_binary/1 to ensure that
-    bitstrings are rejected. Note that the compiler removes
-    redundant calls to is_binary/1, so if one is not sure whether
-    previous code had made sure that the argument is a binary, it
-    does not harm to add an is_binary/1 test immediately before the
-    call to byte_size/1.
-  * crypto: A user defined runtime library path configured using
-  - -with-ssl-rpath=<PATHS> could fail to be enabled.
-  * crypto: Ensure that configure fails if a user defined runtime
-    library path has been passed by the user, but cannot set.
-  * mnesia: Improved consistency for dirty writes when a table was
-    added with add_table_copy/3. Fixed a problem with sticky write,
-    which could lead to inconsistent data.
-  * mnesia: Replace size/1 with either tuple_size/1 or byte_size/1
-    The size/1 BIF is not optimized by the JIT, and its use can
-    result in worse types for Dialyzer. When one knows that the
-    value being tested must be a tuple, tuple_size/1 should always
-    be preferred. When one knows that the value being tested must
-    be a binary, byte_size/1 should be preferred. However,
-    byte_size/1 also accepts a bitstring (rounding up size to a
-    whole number of bytes), so one must make sure that the call to
-    byte_size/ is preceded by a call to is_binary/1 to ensure that
-    bitstrings are rejected. Note that the compiler removes
-    redundant calls to is_binary/1, so if one is not sure whether
-    previous code had made sure that the argument is a binary, it
-    does not harm to add an is_binary/1 test immediately before the
-    call to byte_size/1.
-  * common_test: Renamed undocumented macro CT_PEER/3 to
-    CT_PEER_REL/3.
-  * ssh: With this change, PKCS8 formatted private key file is
-    properly decoded and SSH daemon with such key can be started.
-  * ssh: Replace size/1 with either tuple_size/1 or byte_size/1 The
-    size/1 BIF is not optimized by the JIT, and its use can result
-    in worse types for Dialyzer. When one knows that the value
-    being tested must be a tuple, tuple_size/1 should always be
-    preferred. When one knows that the value being tested must be a
-    binary, byte_size/1 should be preferred. However, byte_size/1
-    also accepts a bitstring (rounding up size to a whole number of
-    bytes), so one must make sure that the call to byte_size/ is
-    preceded by a call to is_binary/1 to ensure that bitstrings are
-    rejected. Note that the compiler removes redundant calls to
-    is_binary/1, so if one is not sure whether previous code had
-    made sure that the argument is a binary, it does not harm to
-    add an is_binary/1 test immediately before the call to
-    byte_size/1.
-  * inets: With this change, handling of URI to a folder, with
-    missing trailing / and a query component present is fixed.
-  * inets: Adds more type information to the inets app, thus
-    improving the errors that static analysis tools can detect. The
-    addition of type information to records and the updates to
-    function heads help static analysis tools to understand that
-    some values in the records cannot be 'undefined', thus making
-    static tools to type check correctly more modules in the inets
-    app
-  * inets: Replace size/1 with either tuple_size/1 or byte_size/1
-    The size/1 BIF is not optimized by the JIT, and its use can
-    result in worse types for Dialyzer. When one knows that the
-    value being tested must be a tuple, tuple_size/1 should always
-    be preferred. When one knows that the value being tested must
-    be a binary, byte_size/1 should be preferred. However,
-    byte_size/1 also accepts a bitstring (rounding up size to a
-    whole number of bytes), so one must make sure that the call to
-    byte_size/ is preceded by a call to is_binary/1 to ensure that
-    bitstrings are rejected. Note that the compiler removes
-    redundant calls to is_binary/1, so if one is not sure whether
-    previous code had made sure that the argument is a binary, it
-    does not harm to add an is_binary/1 test immediately before the
-    call to byte_size/1.
-  * snmp: Replace size/1 with either tuple_size/1 or byte_size/1
-    The size/1 BIF is not optimized by the JIT, and its use can
-    result in worse types for Dialyzer. When one knows that the
-    value being tested must be a tuple, tuple_size/1 should always
-    be preferred. When one knows that the value being tested must
-    be a binary, byte_size/1 should be preferred. However,
-    byte_size/1 also accepts a bitstring (rounding up size to a
-    whole number of bytes), so one must make sure that the call to
-    byte_size/ is preceded by a call to is_binary/1 to ensure that
-    bitstrings are rejected. Note that the compiler removes
-    redundant calls to is_binary/1, so if one is not sure whether
-    previous code had made sure that the argument is a binary, it
-    does not harm to add an is_binary/1 test immediately before the
-    call to byte_size/1.
-  * ftp: Replace size/1 with either tuple_size/1 or byte_size/1 The
-    size/1 BIF is not optimized by the JIT, and its use can result
-    in worse types for Dialyzer. When one knows that the value
-    being tested must be a tuple, tuple_size/1 should always be
-    preferred. When one knows that the value being tested must be a
-    binary, byte_size/1 should be preferred. However, byte_size/1
-    also accepts a bitstring (rounding up size to a whole number of
-    bytes), so one must make sure that the call to byte_size/ is
-    preceded by a call to is_binary/1 to ensure that bitstrings are
-    rejected. Note that the compiler removes redundant calls to
-    is_binary/1, so if one is not sure whether previous code had
-    made sure that the argument is a binary, it does not harm to
-    add an is_binary/1 test immediately before the call to
-    byte_size/1.
-  * dialyzer: Fixed a bug that would cause analysis to crash.
-  * dialyzer: Replace size/1 with either tuple_size/1 or
-    byte_size/1 The size/1 BIF is not optimized by the JIT, and its
-    use can result in worse types for Dialyzer. When one knows that
-    the value being tested must be a tuple, tuple_size/1 should
-    always be preferred. When one knows that the value being tested
-    must be a binary, byte_size/1 should be preferred. However,
-    byte_size/1 also accepts a bitstring (rounding up size to a
-    whole number of bytes), so one must make sure that the call to
-    byte_size/ is preceded by a call to is_binary/1 to ensure that
-    bitstrings are rejected. Note that the compiler removes
-    redundant calls to is_binary/1, so if one is not sure whether
-    previous code had made sure that the argument is a binary, it
-    does not harm to add an is_binary/1 test immediately before the
-    call to byte_size/1.
-  * tftp: Replace size/1 with either tuple_size/1 or byte_size/1
-    The size/1 BIF is not optimized by the JIT, and its use can
-    result in worse types for Dialyzer. When one knows that the
-    value being tested must be a tuple, tuple_size/1 should always
-    be preferred. When one knows that the value being tested must
-    be a binary, byte_size/1 should be preferred. However,
-    byte_size/1 also accepts a bitstring (rounding up size to a
-    whole number of bytes), so one must make sure that the call to
-    byte_size/ is preceded by a call to is_binary/1 to ensure that
-    bitstrings are rejected. Note that the compiler removes
-    redundant calls to is_binary/1, so if one is not sure whether
-    previous code had made sure that the argument is a binary, it
-    does not harm to add an is_binary/1 test immediately before the
-    call to byte_size/1.
-- Changes for 25.2.3:
-  * erts: Comparisons between small numbers and pids or ports would
-    in some edge cases say that the number was greater than the pid
-    or port, violating the term order.
-  * erts: process_info(Pid, status) when Pid /= self() could return
-    an erroneous result.
-  * ssl: Maximize compatibility by ignoring change_cipher_spec
-    during handshake even if middle_box_mode is not negotiated
-    (mandated by client)
-  * ssl: Move assert of middlebox message after an
-    hello_retry_request to maximize interoperability. Does not
-    changes semantics of the protocol only allows unexpected
-    message delay from server.
-  * ssh: With this change, ssh application does not crash when
-    formatting some of info reports for unsuccessful connections.
-  * ssh: With this change, ssh does not log extensively long
-    messages.
-  * inets: Ensure graceful shutdown
-  * inets: Return type of the type specification for function
-    httpc:cookie_header/{1,2,3} has been fixed from -spec
-    cookie_header(url()) -> [{ field(), value() }] | {error,
-    Reason} to -spec cookie_header(url()) -> { field(), value() } |
-    {error, Reason}
-- Changes for 25.2.2:
-  * ftp: Fixes calls to ftp:nlist/2 returning {error, epath} when
-    the file / folder exists
-- Changes for 25.2.1:
-  * compiler: Fixed a bug that could cause legal code to fail
-    validation.
-  * compiler: Eliminated a rare crash in the beam_types module.
-  * erts: Fixed a bug in selective receive optimization that could
-    crash 32-bit emulators.
-  * erts: A race condition which was very rarely triggered could
-    cause the signal queue of a process to become inconsistent
-    causing the runtime system to crash.
-  * kernel: The tcp connect option 'bind_to_device' could not be
-    used with inet_backend = 'socket'. 'inet' requires value type
-    binarry() and 'socket' requires value type 'string()'.
-  * kernel: Minor issue processing options when calling
-    gen_tcp:connect with a sockaddr() and inet_backend = socket.
-  * common_test: Change timeout to infinity for gen_server calls in
-    cth_log_redirect
-  * inets: fixes a missing case of the type specification for
-    httpd:info/2/3/4
-  * snmp: Single threaded agent crash when vacm table not properly
-    initiated.
-
-- Changes for 25.2:
-  * erts: Fix perf/gdb JIT symbols to not contain CodeInfoPrologue
-    for the JIT internal module erts_beamasm.
-  * erts: Fixed minor memory leaks.
-  * erts: Fix bugs in ets:insert and ets:insert_new when called
-    with a list of tuples to insert while a concurrent process
-    either deletes or renames the table. The table deletion could
-    be done with ets:delete/1 or be caused by termination of the
-    table owning process. Symptoms are either VM crash or strange
-    incorrect behavior from the insert operation. The risk of
-    triggering the bugs increases with the length of the list of
-    tuple to insert. Bugs exist since OTP 23.0.
-  * erts: Boost execution of scheduled thread progress jobs. This
-    to prevent memory exhaustion in extremely rapid
-    allocation/deallocation scenarios, such as repeated ETS table
-    creations/deletions.
-  * erts: Fix segv crash during crash dumping an ETS table doing
-    ets:delete_all_objects.
-  * erts: Spec for function net:if_names/0 incorrect
-  * erts: Fix bug in binary_to_term decoding a binary term 2Gbyte
-    or larger.
-  * erts: Documentation of erlang:module_loaded/1 has been
-    adjusted:
-  * erts: Fix list_to_atom/1 for negative code points. Could either
-    return with a positive code point or fail with an incorrect
-    exception.
-  * erts: Fix rare bug causing VM crash when sending to a pid of a
-    spawning process returned from erlang:processes/0. Only seen
-    when provoked by system process literal_area_collector,
-    triggered by a module purge operation, on a VM started with
-    +Meamin (no customized allocators).
-  * erts: gen_udp:open/2 with option(s) add_membership or
-    drop_membership would drop earlier options.
-  * erts: The inet:setopts/2 {reuseaddr, true} option will now be
-    ignored on Windows unless the socket is an UDP socket. For more
-    information see the documentation of the reuseaddr option part
-    of the documentation of inet:setopts/2. Prior to OTP 25 the
-    {reuseaddr, true} option was ignored for all sockets on
-    Windows, but as of OTP 25.0 this was changed so that it was not
-    ignored for any sockets. *** POTENTIAL INCOMPATIBILITY ***
-  * erts: Fix bug in binary_to_term decoding a list of length 1G or
-    longer.
-  * erts: Fix bug in binary_to_term (and distributed receive) when
-    decoding a large map (>32 keys) with unsorted small maps (<=
-    32) as keys of the large map. This was only a problem if the
-    term was encoded by erl_interface, jinterface or otherwise, as
-    the VM itself always encodes small maps with sorted keys. The
-    "binary_to_term" would appear as successful but the created
-    large map was internally inconsistent. The smaller key-maps
-    could not be found with maps:get and friends. Other operations
-    such as map compare and merge could probably also give
-    incorrect results.
-  * erts: Fix Windows bug in open_port({spawn, Command}, ..) when
-    Command is found via the OS search PATH and that directory path
-    contains white spaces. The port program would start but the
-    command line arguments to it could be incorrect.
-  * ftp: fix unexpected result ok when calling ftp:nlist repeatedly
-  * inets: This change allows body requests to httpc:request/5 be
-    an iolist()
-  * inets: addition of type specs in httpc.erl
-  * inets: httpc: Add support for HTTP 308 status code
-  * dialyzer: Dialyzer would crash when attempting to analyze a bit
-    syntax segment size having an literal non-integer size such as
-    [].
-  * dialyzer: Dialyzer could crash when trying to analyze a
-    convoluted nested expression involving funs,
-  * kernel: Fixed shutdown crash in gen_tcp socket backend, when
-    the other end closed the socket.
-  * kernel: erl_tar can now read gzip-compressed tar files that are
-    padded. There is a new option compressed_one for file:open/2
-    that will read a single member from a gzip file,
-  * kernel: Fix os:cmd to not translate all exceptions thrown to
-    badarg. For example emfile from erlang:open_port was translated
-    to badarg. This bug has existed since Erlang/OTP 24.
-  * kernel: Spec for function net:if_names/0 incorrect
-  * kernel: Missing ctrl option name transation for TOS and TTL (on
-    FreeBSD) when using gen_udp with the 'socket' inet_backend.
-  * kernel: gen_udp:open/2 with option(s) add_membership or
-    drop_membership would drop earlier options.
-  * kernel: The inet:setopts/2 {reuseaddr, true} option will now be
-    ignored on Windows unless the socket is an UDP socket. For more
-    information see the documentation of the reuseaddr option part
-    of the documentation of inet:setopts/2. Prior to OTP 25 the
-    {reuseaddr, true} option was ignored for all sockets on
-    Windows, but as of OTP 25.0 this was changed so that it was not
-    ignored for any sockets. *** POTENTIAL INCOMPATIBILITY ***
-  * kernel: The distribution socket option handling in
-    inet_tcp_dist has been cleaned up to clarify which were
-    mandatory and which just had default values.
-  * kernel: Improve warning message format for gen_tcp_socket.
-  * snmp: Explicitly close the socket(s) when terminating
-    (default-) net-if process.
-  * stdlib: erl_tar can now read gzip-compressed tar files that are
-    padded. There is a new option compressed_one for file:open/2
-    that will read a single member from a gzip file,
-  * stdlib: A concurrent call to ets:rename could cause
-    ets:delete_all_objects to fail halfway through with badarg.
-  * stdlib: It is not allowed to call functions from guards. The
-    compiler failed to reject a call in a guard when done by
-    constructing a record with a default initialization expression
-    that called a function.
-  * stdlib: The compiler could crash when using a record with
-    complex field initialization expression as a filter in a list
-    comprehension.
-  * stdlib: unicode:characters_to_binary() could build
-    unnecessarily large call stack.
-  * stdlib: Improve error message for ets:new/2 name clash. Say
-    "name already exists" instead of less specific "invalid
-    options".
-  * mnesia: Fixed crash which could happen during startup if too
-    many decisions where sent from remote nodes.
-  * os_mon: The disk_space_check_interval configuration parameter
-    of disksup can now be set to values smaller than a minute.
-  * ssh: graceful shutdown of ssh_conection_handler when connection
-    is closed by peer
-  * common_test: Fix starting of peer nodes on old releases when
-    the compile server was active and the current Erlang
-    installation contained non-latin1 characters in its path.
-  * public_key: Disregard LDAP URIs when HTTP URIs are expected.
-  * ssl: With this change, tls_sender process is hibernated after
-    sufficient inactivity.
-  * ssl: Correct handling of legacy schemes so that ECDSA certs
-    using sha1 may be used for some TLS-1.3 configurations.
-  * ssl: With this change, tls_sender does not cause logger crash
-    upon key update.
-  * ssl: Enhance warning message
-  * ssl: Provide server option to make certificate_authorities
-    extension in the TLS-1.3 servers certificate request optional.
-    This will allow clients to send incomplete chains that may be
-    reconstructable and thereby verifiable by the server, but that
-    would not adhere to the certificate_authorities extension.
-  * ssl: If the verify_fun handles four arguments the DER cert will
-    be supplied as one of the arguments.
-  * megaco: A very minor improvement to the measurement tool.
-  * observer: A WX event race could causes a crash in when handling
-    socket or port info.
-  * observer: Improve the nodes menu to include more nodes.
-  * compiler: Line number in compiler messages would be truncated
-    to 4 digits for line numbers greater than 9999.
-  * compiler: In rare circumstance, matching a binary as part of a
-    receive clause could cause the compiler to terminate because of
-    an internal consistency check failure.
-  * compiler: Compiling a function with complex bit syntax matching
-    such as f(<<X:0, _:X>>, <<Y:0, _:Y>>) -> ok. could crash the
-    compiler.
-  * compiler: It is not allowed to call functions from guards. The
-    compiler failed to reject a call in a guard when done by
-    constructing a record with a default initialization expression
-    that called a function.
-  * compiler: The compiler could crash when using a record with
-    complex field initialization expression as a filter in a list
-    comprehension.
-  * wx: Added environment variable WX_MACOS_NON_GUI_APP to allow
-    user to override OSXIsGUIApplication behavior.
-
-- Changes for 25.1.2:
-  * mnesia: Don't fill the logs if mnesia can't connect to all
-    nodes, due to partitioned network.
-  * erts: Add abandon carrier free utilization limit (+Muacful)
-    option to erts_alloc. This option allows the user to mark
-    unused segments in a memory carrier as re-useable by the OS if
-    needed. This functionality was a non-configurable default
-    before Erlang/OTP 25, but removed due to performance issues.
-
-- Changes for 25.1.1:
-  * dialyzer: Dialyzer could crash when analyzing Elixir code that
-    used intricate macros.
-  * dialyzer: The --input_list_file option has been added.
-  * ssl: Fixes handling of symlinks in cacertfile option.
-  * eunit: With this change, eunit exact_execution option works
-    with application primitive.
-  * stdlib: peer nodes failed to halt when the process supervising
-    the control connection crashed. When an alternative control
-    connection was used, this supervision process also quite
-    frequently crashed when the peer node was stopped by the node
-    that started it which caused the peer node to linger without
-    ever halting.
-  * asn1: For the per and uper ASN.1 encoding rules, encoding and
-    decoding the SEQUENCE OF and SET OF constructs with 16384 items
-    or more is now supported.
-  * erts: Listen sockets created with the socket module, leaked
-    (erlang-) monitors.
-  * erts: Notifications about available distribution data sent to
-    distribution controller processes could be lost. Distribution
-    controller processes can be used when implementing an
-    alternative distribution carrier. The default distribution over
-    tcp was not effected and the bug was also not present on
-    x86/x86_64 platforms.
-  * kernel: Listen sockets created with the socket module, leaked
-    (erlang-) monitors.
-  * kernel: peer nodes failed to halt when the process supervising
-    the control connection crashed. When an alternative control
-    connection was used, this supervision process also quite
-    frequently crashed when the peer node was stopped by the node
-    that started it which caused the peer node to linger without
-    ever halting.
-- Changes for 25.1:
-  * dialyzer: Two bugs have been fixed in Dialyzer's checking of
-    behaviors: When a mandatory callback function is present but
-    not exported, Dialyzer would not complain about a missing
-    callback. When an optional callback function was not exported
-    and had incompatible arguments and/or the return values were
-    incompatible, Dialyzer would complain. This has been changed to
-    suppress the warning, because the function might not be
-    intended to be a callback function, for instance if a release
-    added a new optional callback function (such as format_status/1
-    for the gen_server behaviour added in OTP 25).
-  * dialyzer: The no_extra_return and no_missing_return warnings
-    can now be suppressed through -dialyzer directives in source
-    code.
-  * jinterface: Fix javadoc build error by adding option -encoding
-    UTF-8.
-  * diameter: There is a new configure option, --enable-
-    deterministic-build, which will apply the deterministic
-    compiler option when building Erlang/OTP. The deterministic
-    option has been improved to eliminate more sources of non-
-    determinism in several applications.
-  * crypto: Fix configure with --with-ssl and --disable-dynamic-
-    ssl-lib on Windows.
-  * crypto: Remove all references correctly in the garbage
-    collection if an engine handle was not explicit unloaded.
-  * crypto: Changed the behaviour of the engine load/unload
-    functions The engine load/unload functions have got changed
-    semantics to get a more consistent behaviour and work correct
-    when variables are garbage collected. The load functions now
-    don't register the methods for the engine to replace. That will
-    now be handled with the new functions
-    engine_register/engine_unregister if needed. Some functions are
-    removed from the documentation and therefor the API, but they
-    are left in the code for compatibility. *** POTENTIAL
-    INCOMPATIBILITY ***
-  * crypto: Fixed a naming bug for AES-CFB and Blowfish-CFB/OFB
-    when linked with OpenSSL 3.0 cryptolib.
-  * crypto: Sign/verify does now behave as in OTP-24 and earlier
-    for eddsa.
-  * crypto: Pass elliptic curve names from crypto.erl to crypto's
-    nif.
-  * crypto: The configure option --disable-deprecated-warnings is
-    removed. It was used for some releases when the support for
-    OpenSSL 3.0 was not completed. It is not needed in OTP 25.
-  * crypto: Crypto is now considered to be usable with the OpenSSL
-    3.0 cryptolib for production code. ENGINE and FIPS are not yet
-    fully functional.
-  * crypto: Do not exit if the legacy provider is missing in
-    libcrypto 3.0.
-  * ssl: Reject unexpected application data in all relevant places
-    for all TLS versions. Also, handle TLS-1.3 middlebox
-    compatibility with more care. This will make malicious
-    connections fail early and further, mitigate possible DoS
-    attacks, that would be caught by the handshake timeout. Thanks
-    to Aina Toky Rasoamanana and Olivier Levillain from Télécom
-    SudParis for alerting us of the issues in our implementation.
-  * ssl: With this change, value of cacertfile option will be
-    adjusted before loading certs from the file. Adjustments
-    include converting relative paths to absolute and converting
-    symlinks to actual file path. Thanks to Marcus Johansson
-  * ssl: In TLS-1.3, if chain certs are missing (so server auth
-    domain adherence can not be determined) send peer cert and hope
-    the server is able to recreate a chain in its auth domain.
-  * ssl: Make sure periodical refresh of CA certificate files
-    repopulates cache properly.
-  * ssl: Correct internal CRL cache functions to use internal
-    format consistently.
-  * ssl: Incorrect handling of client middlebox negotiation for
-    TLS-1.3 could result in that a TLS-1.3 server would not use
-    middlebox mode although the client was expecting it too and
-    failing the negotiation with unexpected message.
-  * ssl: If the "User" process, the process starting the TLS
-    connection, gets killed in the middle of spawning the dynamic
-    connection tree make sure we do not leave any processes behind.
-  * ssl: A vulnerability has been discovered and corrected. It is
-    registered as CVE-2022-37026 "Client Authentication Bypass".
-    Corrections have been released on the supported tracks with
-    patches 23.3.4.15, 24.3.4.2, and 25.0.2. The vulnerability
-    might also exist in older OTP versions. We recommend that
-    impacted users upgrade to one of these versions or later on the
-    respective tracks. OTP 25.1 would be an even better choice.
-    Impacted are those who are running an ssl/tls/dtls server using
-    the ssl application either directly or indirectly via other
-    applications. For example via inets (httpd), cowboy, etc. Note
-    that the vulnerability only affects servers that request client
-    certification, that is sets the option {verify, verify_peer}.
-    (bsc#1205318)
-  * eunit: With this change, Eunit can optionally not try to
-    execute related module with "_tests" suffix. This might be used
-    for avoiding duplicated executions when source and test modules
-    are located in the same folder.
-  * erl_docgen: Update DTD to allow XML tag em under pre.
-  * inets: Add httpc:ssl_verify_host_options/1 to help setting
-    default ssl options for the https client.
-  * inets: This change fixes dialyzer warnings generated for
-    inets/httpd examples (includes needed adjustment of spec for
-    ssh_sftp module).
-  * inets: Remove documentation of no longer supported callback.
-  * stdlib: Fixed inconsistency bugs in global due to
-    nodeup/nodedown messages not being delivered before/after
-    traffic over connections. Also fixed various other
-    inconsistency bugs and deadlocks in both global_group and
-    global. As building blocks for these fixes, a new BIF
-    erlang:nodes/2 has been introduced and
-    net_kernel:monitor_nodes/2 has been extended. The -hidden and
-  - connect_all command line arguments did not work if multiple
-    instances were present on the command line which has been
-    fixed. The new kernel parameter connect_all has also been
-    introduced in order to replace the -connect_all command line
-    argument.
-  * stdlib: Fix the public_key:ssh* functions to be listed under
-    the correct release in the Removed Functionality User's Guide.
-  * stdlib: The type spec for format_status/1 in gen_statem,
-    gen_server and gen_event has been corrected to state that the
-    return value is of the same type as the argument (instead of
-    the same value as the argument).
-  * stdlib: If the timer server child spec was already present in
-    kernel_sup but it was not started, the timer server would fail
-    to start with an {error, already_present} error instead of
-    restarting the server.
-  * stdlib: When changing callback module in gen_statem the
-    state_enter calls flag from the old module was used in for the
-    first event in the new module, which could confuse the new
-    module and cause malfunction. This bug has been corrected. With
-    this change some sys debug message formats have been modified,
-    which can be a problem for debug code relying on the format.
-  * ** POTENTIAL INCOMPATIBILITY ***
-  * stdlib: There is a new configure option, --enable-
-    deterministic-build, which will apply the deterministic
-    compiler option when building Erlang/OTP. The deterministic
-    option has been improved to eliminate more sources of non-
-    determinism in several applications.
-  * stdlib: The rfc339_to_system_time/1,2 functions now allows the
-    minutes part to be omitted from the time zone.
-  * stdlib: The receive statement in gen_event has been optimized
-    to not use selective receive (which was never needed, and could
-    cause severe performance degradation under heavy load).
-  * stdlib: Add new API function erl_features:configurable/0
-  * parsetools: There is a new configure option, --enable-
-    deterministic-build, which will apply the deterministic
-    compiler option when building Erlang/OTP. The deterministic
-    option has been improved to eliminate more sources of non-
-    determinism in several applications.
-  * public_key: Support more Linux distributions in cacerts_load/0.
-  * public_key: Correct asn1 typenames available in type
-    pki_asn1_type()
-  * public_key: Sign/verify does now behave as in OTP-24 and
-    earlier for eddsa.
-  * snmp: Improved the get-bulk response max size calculation. Its
-    now possible to configure 'empty pdu size', see appendix c for
-    more info.
-  * snmp: Fix various example dialyzer issues
-  * ssh: Handling rare race condition at channel close.
-  * ssh: New ssh option no_auth_needed to skip the ssh
-    authentication. Use with caution!
-  * ssh: This change fixes dialyzer warnings generated for
-    inets/httpd examples (includes needed adjustment of spec for
-    ssh_sftp module).
-  * ssh: The new function ssh:daemon_replace_options/2 makes it
-    possible to change the Options in a running SSH server.
-    Established connections are not affected, only those created
-    after the call to this new function.
-  * ssh: Add a timeout as option max_initial_idle_time. It closes a
-    connection that does not allocate a channel within the timeout
-    time. For more information about timeouts, see the Timeouts
-    section in the User's Guide Hardening chapter.
-  * observer: Fixed units in gui.
-  * xmerl: There is a new configure option, --enable-deterministic-
-    build, which will apply the deterministic compiler option when
-    building Erlang/OTP. The deterministic option has been improved
-    to eliminate more sources of non-determinism in several
-    applications.
-  * asn1: There is a new configure option, --enable-deterministic-
-    build, which will apply the deterministic compiler option when
-    building Erlang/OTP. The deterministic option has been improved
-    to eliminate more sources of non-determinism in several
-    applications.
-  * erts: Fixed inconsistency bugs in global due to nodeup/nodedown
-    messages not being delivered before/after traffic over
-    connections. Also fixed various other inconsistency bugs and
-    deadlocks in both global_group and global. As building blocks
-    for these fixes, a new BIF erlang:nodes/2 has been introduced
-    and net_kernel:monitor_nodes/2 has been extended. The -hidden
-    and -connect_all command line arguments did not work if
-    multiple instances were present on the command line which has
-    been fixed. The new kernel parameter connect_all has also been
-    introduced in order to replace the -connect_all command line
-    argument.
-  * erts: Fixed IPv6 multicast_if and membership socket options.
-  * erts: Accept funs (NEW_FUN_EXT) with incorrectly encoded size
-    field. This is a workaround for a bug (OTP-18104) existing in
-    OTP 23 and 24 that could cause incorrect size fields in certain
-    cases. The emulator does not use the decoded size field, but
-    erl_interface still does and is not helped by this workaround.
-  * erts: Fixed issue with inet:getifaddrs hanging on pure IPv6
-    Windows
-  * erts: Fix faulty distribution encoding of terms with either The
-    symptom could be failed decoding on the receiving side leading
-    to aborted connection. Fix OTP-18093 is a workaround for theses
-    bugs that makes the VM accepts such faulty encoded funs. The
-    first encoding bug toward pending connection exists only in OTP
-    23 and 24, but the second one exists also on OTP 25.
-  * erts: Fixed emulator crash that could happen during crashdump
-    generation of ETS tables with options ordered_set and
-    {write_concurrency,true}.
-  * erts: Retrieval of monotonic and system clock resolution on
-    MacOS could cause a crash and/or erroneous results.
-  * erts: Fix bug where the max allowed size of erl +hmax was lower
-    than what was allowed by process_flag.
-  * erts: On computers with ARM64 (AArch64) processors, the JIT
-    could generate incorrect code when more than 4095 bits were
-    skipped at the tail end of a binary match.
-  * erts: In rare circumstances, an is_binary/1 guard test could
-    succeed when given a large integer.
-  * erts: Fix bug causing ets:info (and sometimes ets:whereis) to
-    return 'undefined' for an existing table if a concurrent
-    process were doing ets:insert with a long list on the same
-    table.
-  * erts: Fix writing and reading of more than 2 GB in a single
-    read/write operation on macOS. Before this fix attempting to
-    read/write more than 2GB would result in {error,einval}.
-  * erts: Fix bug sometimes causing emulator crash at node shutdown
-    when there are pending connections. Only seen when running duel
-    distribution protocols, inet_drv and inet_tls_dist.
-  * erts: Yield when adjusting large process message queues due to
-    The message queue adjustment work will now be interleaved with
-    all other types of work that processes have to do, even other
-    message queue adjustment work.
-  * erts: Add rudimentary debug feature (option) for the inet-
-    driver based sockets, such as gen_tcp and gen_udp.
-  * erts: Introduced the hidden and dist_listen options to
-    net_kernel:start/2. Also documented the -dist_listen command
-    line argument which was erroneously documented as a kernel
-    parameter and not as a command line argument.
-  * erts: New documentation chapter "Debugging NIFs and Port
-    Drivers" under Interoperability Tutorial.
-  * erts: Add new API function erl_features:configurable/0
-  * kernel: Fixed inconsistency bugs in global due to
-    nodeup/nodedown messages not being delivered before/after
-    traffic over connections. Also fixed various other
-    inconsistency bugs and deadlocks in both global_group and
-    global. As building blocks for these fixes, a new BIF
-    erlang:nodes/2 has been introduced and
-    net_kernel:monitor_nodes/2 has been extended. The -hidden and
-  - connect_all command line arguments did not work if multiple
-    instances were present on the command line which has been
-    fixed. The new kernel parameter connect_all has also been
-    introduced in order to replace the -connect_all command line
-    argument.
-  * kernel: Fixed IPv6 multicast_if and membership socket options.
-  * kernel: Fixed issue with inet:getifaddrs hanging on pure IPv6
-    Windows
-  * kernel: The type specifications for inet:getopts/2 and
-    inet:setopts/2 have been corrected regarding SCTP options.
-  * kernel: The type specifications for inet:parse_* have been
-    tightened.
-  * kernel: Fix gen_tcp:connect/3 spec to include the inet_backend
-    option.
-  * kernel: Fix bug where using a binary as the format when calling
-    logger:log(Level, Format, Args) (or any other logging function)
-    would cause a crash or incorrect logging.
-  * kernel: Add rudimentary debug feature (option) for the inet-
-    driver based sockets, such as gen_tcp and gen_udp.
-  * kernel: Introduced the hidden and dist_listen options to
-    net_kernel:start/2. Also documented the -dist_listen command
-    line argument which was erroneously documented as a kernel
-    parameter and not as a command line argument.
-  * kernel: Scope and group monitoring have been introduced in pg.
-    For more information see the documentation of
-    pg:monitor_scope(), pg:monitor(), and pg:demonitor().
-  * kernel: A new function global:disconnect/0 has been introduced
-    with which one can cleanly disconnect a node from all other
-    nodes in a cluster of global nodes.
-  * compiler: The compiler will now forbid using the empty atom ''
-    as module name. Also forbidden are modules names containing
-    control characters, and module names containing only spaces and
-    soft hyphens.
-  * compiler: The bin_opt_info and recv_opt_info options would
-    cause the compiler to crash when attempting to compile
-    generated code without location information.
-  * compiler: In rare circumstances involving floating point
-    operations, the compiler could terminate with an internal
-    consistency check failure.
-  * compiler: In rare circumstances when doing arithmetic
-    instructions on non-numbers, the compiler could crash.
-  * compiler: In rare circumstances, complex boolean expressions in
-    nested cases could cause the compiler to crash.
-  * compiler: Expression similar to #{assoc:=V} = #key=>self()}, V
-    would return the empty map instead of raising an exception.
-  * compiler: Eliminated a crash in the beam_ssa_bool pass of the
-    compiler when compiling a complex guard expression.
-  * compiler: In rare circumstances, the compiler could crash with
-    an internal consistency check failure.
-  * compiler: When compiling with the option inline_list_funcs, the
-    compiler could produce a nonsensical warning.
-  * compiler: When given the no_ssa_opt option, the compiler could
-    terminate with an internal consistency failure diagnostic when
-    compiling map matching.
-  * compiler: Made warnings for existing atoms being keywords in
-    experimental features more precise, by not warning about quoted
-    atoms.
-  * compiler: There is a new configure option, --enable-
-    deterministic-build, which will apply the deterministic
-    compiler option when building Erlang/OTP. The deterministic
-    option has been improved to eliminate more sources of non-
-    determinism in several applications.
-  * megaco: Fixed various dialyzer related issues in the examples
-    and the application proper.
-  * megaco: There is a new configure option, --enable-
-    deterministic-build, which will apply the deterministic
-    compiler option when building Erlang/OTP. The deterministic
-    option has been improved to eliminate more sources of non-
-    determinism in several applications.
-  * common_test: Fix cth_surefire to handle when a suite is not
-    compiled with debug_info. This bug has been present since
-    Erlang/OTP 25.0.
-  * common_test: Common Test now preserves stack traces for throws.
-
-- Changes for 25.0.4:
-  * kernel: A call to net_kernel:setopts(new, Opts) at the same
-    time as a connection was being set up could cause a deadlock
-    between the net_kernel process and the process setting up the
-    connection.
-  * erts: The monitor/3 BIF did not apply options to the created
-    monitor if the target process or port did not exist. That is,
-    the corresponding down message would get a `DOWN` tag even if a
-    custom tag had been set, and the returned reference was not an
-    alias even if the alias option had been passed.
-  * erts: The erlang:monotonic_time/1, erlang:system_time/1,
-    erlang:time_offset/1, and os:system_time/1 BIFs erroneously
-    failed when passed the argument native.
-
-- Changes for 25.0.3:
-  * erts: Distributed exit signals could be lost under the
-    following conditions:
-  * erts: A race could cause process_info(Pid, message_queue_len)
-    on other processes to return invalid results.
-  * erts: Fixed reduction counting for handling process system
-    tasks.
-  * erts: Priority elevation of terminating processes did not work
-    which could cause execution of such processes to be delayed.
-  * erts: An unlink operation made by a process that terminated
-    before the unlink operation completed, i.e., before it had
-    received an unlink-ack signal from the linked process, caused
-    an exit signal to erroneously be sent from the terminating
-    process to the process being unlinked. This exit signal would
-    most often be ignored by the receiver, but if the receiver of
-    the exit signal concurrently set up a new link, it could
-    receive the exit signal with the actual exit reason of the
-    terminating process instead of a noproc exit reason. It is
-    however very hard to detect that this has happened and has no
-    obvious negative consequences, so it should be considered
-    harmless. A distributed unlink-ack signal received by a
-    terminating process was also not properly removed which could
-    cause a minor memory leak.
-  * ssl: The link to crypto:engine_load refered the function with
-    wrong arity.
-
-- Changes for 25.0.2:
-  * ssl: Improved handling of unexpected messages during the
-    handshake, taking the right action for unexpected messages.
-  * erts: On computers with the ARM64 (AArch64) architecture (such
-    as Apple Silicon Macs) a rem expression followed by a div
-    expression with the same operands could evaluate to the wrong
-    result if the result of the rem expression was unused.
-- Changes for 25.0.1:
-  * ssl: When a TLS-1.3 enabled client tried to talk to a TLS-1.2
-    server that coalesces TLS-1.2 handshake message over one TLS
-    record, the connection could fail due to some message being
-    handled in the wrong state, this has been fixed.
-  * ssl: Correctly handles supported protocol version change from
-    default to something else by sni_fun supplied to
-    ssl:handshake/[2,3] together with a TCP-socket (so called
-    upgrade).
-  * ssl: Also, TLS-1.3 should respond with a protocol version alert
-    if previous versions, that are supported but not configured,
-    are attempted.
-  * kernel: The DNS resolver inet_res has been fixed to ignore
-    trailing dot difference in the request domain between the sent
-    request and the received response, when validating a response.
-  * kernel: A bug in inet_res has been fixed where a missing
-    internal {ok,_} wrapper caused inet_res:resolve/* to return a
-    calculated host name instead of an `{ok,Msg} tuple, when
-    resolving an IP address or a host name that is an IP address
-    string.
-  * kernel: The erlang:is_alive() BIF could return true before
-    configured distribution service was available. This bug was
-    introduced in OTP 25.0 ERTS version 13.0. The
-    erlang:monitor_node() and erlang:monitor() BIFs could
-    erroneously fail even though configured distribution service
-    was available. This occurred if these BIFs were called after
-    the distribution had been started using dynamic node name
-    assignment but before the name had been assigned.
-  * kernel: Added the missing mandatory address/0 callback in the
-    gen_tcp_dist example.
-  * erts: A spawn_reply signal from a remote node could be delayed
-    and be delivered after other signals from the newly spawned
-    process. When this bug triggered, the connection to the node
-    where the process was spawned sometimes could be taken down due
-    to the bug. The following error message would then be logged if
-    this happened: Missing 'spawn_reply' signal from the node
-    <RemoteNode> detected by <Pid> on the node <LocalNode>. The
-    node <RemoteNode> probably suffers from the bug with ticket id
-    OTP-17737. This bug only affected processes which had enabled
-    off_heap message_queue_data and parallel reception of signals
-    had been automatically enabled. This bug was introduced in OTP
-    25.0, ERTS version 13.0.
-  * erts: Fixed type spec of erlang:system_info(dist_ctrl).
-  * erts: The zlib built in to the runtime system has been updated
-    to version 1.2.12. (Note that on most platforms, the platform's
-    own zlib is used.)
-  * erts: The erlang:is_alive() BIF could return true before
-    configured distribution service was available. This bug was
-    introduced in OTP 25.0 ERTS version 13.0. The
-    erlang:monitor_node() and erlang:monitor() BIFs could
-    erroneously fail even though configured distribution service
-    was available. This occurred if these BIFs were called after
-    the distribution had been started using dynamic node name
-    assignment but before the name had been assigned.
-  * crypto: Note in the documentation that MODP (rfc3526) groups
-    and OpenSSL 3.0 can give an error if a call to
-    crypto:generate_key/2 specifies a key length, and that length
-    is to small.
-  * crypto: The cmac now uses only the 3.0 API
-  * crypto: Documentation is now updated with which OpenSSL
-    cryptolib versions that OTP currently is tested.
-  * dialyzer: Fixed the documentation for the missing_return and
-    extra_return options.
-  * mnesia: Fixed add_table_copy which could leave a table lock if
-    the receiving node went down during the operation.
-  * ssh: Binaries can be limited in logs with the parameter
-    max_log_item_len. The default value is 500 bytes.
-  * stdlib: In the initial release of Erlang/OTP 25, the expression
-    bound to the _ pseudo-field in a record initialization would
-    always be evaluated once, even if all other fields in the
-    record were explicitly initialized. That would break the use
-    case of binding the expression error(...) to _ in order to get
-    an exception if not all fields were initialized. The behavior
-    of binding to _ has been reverted to the pre-OTP 25 behavior,
-    that is, to not evaluate the expression if all fields have been
-    bound to explicit values.
-
-- Version 25.0:
-  - stdlib
-  * New function filelib:ensure_path/1 will ensure that all
-    directories for the given path exists
-  * New functions groups_from_list/2 and groups_from_list/3 in
-    the maps module
-  * New functions uniq/1 uniq/2 in the lists module
-  * New PRNG added to the rand module, for fast pseudo-random
-    numers.
-  - compiler, kernel, stdlib, syntax_tools:
-  * Added support for selectable features as described in EEP-60.
-    Features can be enabled/disabled during compilation with
-    options (ordinary and +term) to erlc as well as with
-    directives in the file. Similar options can be used to erl
-    for enabling/disabling features allowed at runtime. The new
-    maybe expression EEP-49 is fully supported as the feature
-    maybe_expr.
-  - erts & JIT:
-  * The JIT now works for 64-bit ARM processors.
-  * The JIT now does type-based optimizations based on type
-    information in the BEAM files.
-  * Improved the JIT’s support for external tools like perf and
-    gdb, allowing them to show line numbers and even the original
-    Erlang source code when that can be found.
-  - erts, stdlib, kernel:
-  * Users can now configure ETS tables with the
-    {write_concurrency, auto} option. This option forces tables
-    to automatically change the number of locks that are used at
-    run-time depending on how much concurrency is detected. The
-    {decentralized_counters, true} option is enabled by default
-    when {write_concurrency, auto} is active.
-  * Benchmark results comparing this option with the other ETS
-    optimization options are available here: benchmarks.
-  * To enable more optimizations, BEAM files compiled with OTP 21
-    and earlier cannot be loaded in OTP 25.
-  * The signal queue of a process with the process flag
-    message_queue_data=off_heap has been optimized to allow
-    parallel reception of signals from multiple processes. This
-    can improve performance when many processes are sending in
-    parallel to one process. See benchmark.
-  * The Erlang installation directory is now relocatable on the
-    file system given that the paths in the installation’s
-    RELEASES file are paths that are relative to the
-    installations root directory.
-  * A new option called short has been added to the functions
-    erlang:float_to_list/2 and erlang:float_to_binary/2. This
-    option creates the shortest correctly rounded string
-    representation of the given float that can be converted back
-    to the same float again.
-  * Introduction of quote/1 and unquote/1 functions in the
-    uri_string module - a replacement for the deprecated
-    functions http_uri:encode and http_uri:decode.
-  * The new module peer supersedes the slave module. The slave
-    module is now deprecated and will be removed in OTP 27.
-  * global will now by default prevent overlapping partitions due
-    to network issues. This is done by actively disconnecting
-    from nodes that reports that they have lost connections to
-    other nodes. This will cause fully connected partitions to
-    form instead of leaving the network in a state with
-    overlapping partitions.
-  * It is possible to turn off the new behavior by setting the
-    the kernel configuration parameter
-    prevent_overlapping_partitions to false. Doing this will
-    retain the same behavior as in OTP 24 and earlier.
-  * The format_status/2 callback for gen_server, gen_statem and
-    gen_event has been deprecated in favor of the new
-    format_status/1 callback.
-  * The new callback adds the possibility to limit and change
-    many more things than the just the state.
-  * The timer module has been modernized and made more efficient,
-    which makes the timer server less susceptible to being
-    overloaded. The timer:sleep/1 function now accepts an
-    arbitrarily large integer.
-  - compiler:
-  * The maybe ... end construction as proposed in EEP-49 has been
-    implemented. It can simplify complex code where otherwise
-    deeply nested cases would have to be used.
-  * To enable maybe, give the option {enable_feature,maybe_expr}
-    to the compiler. The exact option to use will change in a
-    coming release candidate and then it will also be possible to
-    use from inside the module being compiled.
-  * When a record matching or record update fails, a {badrecord,
-    ExpectedRecordTag} exception used to be raised. In this
-    release, the exception has been changed to {badrecord,
-    ActualValue}, where ActualValue is the value that was found
-    instead of the expected record.
-  * Add compile attribute -nifs() to empower compiler and loader
-    with information about which functions may be overridden as
-    NIFs by erlang:load_nif/2.
-  * Improved and more detailed error messages when binary
-    construction with the binary syntax fails. This applies both
-    for error messages in the shell and for
-    erl_error:format_exception/3,4.
-  * Change format of feature options and directives for better
-    consistency. Options to erlc and the -compile(..) directive
-    now has the format {feature, feature-name, enable | disable}.
-    The -feature(..) now has the format -feature(feature-name,
-    enable | disable).
-  - crypto:
-  * Add crypto:hash_equals/2 which is a constant time comparision
-    of hashvalues.
-  - ssl:
-  * Introducing a new (still experimental) option
-    {certs_keys,[cert_key_conf()]}. With this a list of a
-    certificates with their associated key may be used to
-    authenticate the client or the server. The certificate key
-    pair that is considered best and matches negotiated
-    parameters for the connection will be selected.
-  - public_key:
-  * Functions for retrieving OS provided CA-certs added.
-  - dialyzer:
-  * Optimize operations in the erl_types module. Parallelize the
-    Dialyzer pass remote.
-  * Added the missing_return and extra_return options to raise
-    warnings when specifications differ from inferred types.
-    These are similar to, but not quite as verbose as overspecs
-    and underspecs.
-  * Dialyzer now better understands the types for min/2, max/2,
-    and erlang:raise/3. Because of that, Dialyzer can potentially
-    generate new warnings. In particular, functions that use
-    erlang:raise/3 could now need a spec with a no_return()
-    return type to avoid an unwanted warning.
-
-- Fix build for Factory. Currently, any Java version
-  is fine for Erlang.
-
-- Changes for 24.3.2:
-  * erl_interface: Fix compile error regarding gethostbyaddr_r on
-    Android. Error introduced in OTP 24.3.
-  * kernel: Fix failed accepted connection setup after previous
-    established connection from same node closed down silently.
-  * kernel: Fixed a problem where typing Ctrl-R in the shell could
-    hang if there were some problem with the history log file.
-- Changes for 24.3.1:
-  * dialyzer: There could be spurious warnings for unknown types
-    when a type was a subtype of an existing type that was a
-    subtype of an unknown type.
-  * ssl: Client certification could fail for TLS-1.3 servers that
-    did not include the certificat_authorties extension in its
-    certificate request message.
-- Changes for 24.3:
-  * megaco: The compilation time is no longer recorded in BEAM
-    files. There remained several undocumented functions that
-    attempted to retrieve compilation times. Those have now been
-    removed.
-  * megaco: Update the performance and debug chapters of the megaco
-    user's guide. Also some updates to the meas tools.
-  * compiler: The expression <<0/native-float>>=Bin would always
-    fail to match, while <<0/float-native>>=Bin would match
-    (provided that Bin contained the binary representation of 0.0)
-  * compiler: The compiler will now compile huge functions with
-    straight-line code faster.
-  * erl_interface: Add --enable-ei-dynamic-lib configure option
-    that will make erl_interface also release a dynamic library
-    version of libei.
-  * erl_interface: The ei API for decoding/encoding terms is not
-    fully 64-bit compatible since terms that have a representation
-    on the external term format larger than 2 GB cannot be handled.
-  * sasl: Fix bug in systools:make_script/1 documentation.
-  * inets: The compilation time is no longer recorded in BEAM
-    files. There remained several undocumented functions that
-    attempted to retrieve compilation times. Those have now been
-    removed.
-  * inets: Documentation fix for inets:services_info/0, which now
-    describes that Info might be a Reason term() in case when
-    {error, Reason} is returned as service info.
-  * crypto: The crypto app in OTP can since OTP-24.2 be compiled,
-    linked and used with the new OpenSSL 3.0 cryptolib. The crypto
-    app has 3.0 support has been improved, but is still *not
-    recommended* for other usages than experiments and alpha
-    testing. There are not yet any guaranties that it works, not
-    even together with other OTP applications like for example SSL
-    and SSH, although there are no known errors. Since the previous
-    release, OTP-24.2, the following improvements have been done: -
-    It has been tested during nearly every nightly test on the OTP
-    lab - The hash algorithms md4 and ripemd160 have been enabled
-    with OpenSSL 3.0. - The ciphers blowfish_cbc, blowfish_ecb,
-    des_cbc, des_cfb, des_ecb, rc2_cbc and rc4 have been enabled
-    with OpenSSL 3.0. Disabled or unsupported with OpenSSL 3.0 are
-    still: - ENGINE support - FIPS mode - Other providers than the
-    built-in ones - Compiling and linking with OpenSSL 3.0
-    cryptolib in compatibility modes (for example to behave as
-    1.1.1) and, the ciphers blowfish_cfb64 and blowfish_ofb64 are
-    not supported and will not be either. Deprecated functions in
-    the OpenSSL 3.0 cryptolib must not be disabled as OTP/crypto
-    still uses some of the deprecated API functions. The gcc flag
-  - Wno-deprecated-declarations is set to prevent deprecation
-    warnings to be printed when compiling.
-  * crypto: Crypto is adapted to LibreSSL 3.5.0 on OpenBSD.
-  * crypto: New configure option ( --disable-otp-test-engine) to
-    prohibit the build of the OTP test engine used in some test
-    suites. The reason is that the test engine could be hard to
-    compile on for instance LibreSSL 3.5.0. For that particular
-    cryptolib version (or higher), this configure option is set
-    automatically.
-  * jinterface: Fix bug in OtpOutputStream.write_pid/4 and
-    write_ref/3 causing faulty encodig. Bug exists since OTP 23.0.
-  * wx: Removed the static_data option from wxImage creation
-    functions, as it was broken and could lead to crashes. Now
-    image data is always copied to wxWidgets as was the default
-    behavior. Removed some non working wxGridEvent event types,
-    which have there own events in newer wxWidgets versions, and
-    added a couple of event types that where missing in wx.
-  * asn1: Add support for the maps option in combination with the
-    jer backend.
-  * snmp: The compilation time is no longer recorded in BEAM files.
-    There remained several undocumented functions that attempted to
-    retrieve compilation times. Those have now been removed.
-  * snmp: [agent] Remove expectation of socket being a port.
-  * common_test: OTP internal test fix.
-  * runtime_tools: Fixed bug in scheduler:utilization(Seconds) that
-    would leave the scheduler_wall_time system flag incorrectly
-    enabled.
-  * runtime_tools: Add scheduler:get_sample/0 and get_sample_all/0.
-    Also clarify scheduler module documentation about how it
-    depends on system flag scheduler_wall_time.
-  * erts: Fixed a bug in the x86 JIT that might cause floating
-    point instructions to wrongly throw an exception.
-  * erts: Preserve correct nodedown_reason if supervised
-    distribution controller processes exit with {shutdown, Reason}.
-  * erts: Handling of send_timeout for gen_tcp has been corrected
-    so that the timeout is honored also when sending 0 bytes.
-  * erts: By default global does not take any actions to restore a
-    fully connected network when connections are lost due to
-    network issues. This is problematic for all applications
-    expecting a fully connected network to be provided, such as for
-    example mnesia, but also for global itself. A network of
-    overlapping partitions might cause the internal state of global
-    to become inconsistent. Such an inconsistency can remain even
-    after such partitions have been brought together to form a
-    fully connected network again. The effect on other applications
-    that expects that a fully connected network is maintained may
-    vary, but they might misbehave in very subtle hard to detect
-    ways during such a partitioning. In order to prevent such
-    issues, we have introduced a prevent overlapping partitions fix
-    which can be enabled using the prevent_overlapping_partitions
-    kernel(6) parameter. When this fix has been enabled, global
-    will actively disconnect from nodes that reports that they have
-    lost connections to other nodes. This will cause fully
-    connected partitions to form instead of leaving the network in
-    a state with overlapping partitions. Note that this fix has to
-    be enabled on all nodes in the network in order to work
-    properly. Since this quite substantially changes the behavior,
-    this fix is currently disabled by default. Since you might get
-    hard to detect issues without this fix you are, however,
-    strongly advised to enable this fix in order to avoid issues
-    such as the ones described above. As of OTP 25 this fix will
-    become enabled by default.
-  * erts: Corrected the type specification of erlang:seq_trace/2.
-  * erts: Fix memory leak when tracing on running on a process that
-    only handle system tasks or non-message signals (for example
-    process_info requests).
-  * erts: Add support for using socket:sockaddr_in() and
-    socket:sockaddr_in6() when using gen_sctp, gen_tcp and gen_udp.
-    This will make it possible to use Link Local IPv6 addresses.
-  * erts: Show on_load failure reasons in embedded mode.
-  * erts: Compile date saved in the Erlang VM executable has been
-    removed.
-  * erts: Improve documentation for the dynamic node name feature.
-  * ssh: Fix makefile dependency bugs.
-  * ssh: Fixed faulty OpenSSH decoding of Ed25519/Ed448 keys in the
-    OpenSSH format openssh_key_v1.
-  * ssh: Correction of ssh_file typing, specially for the
-    experimental openssh-key-v1 encoding.
-  * ssh: Improper tag for private ED keys when encoding with
-    ssh:encode/2. The tuple had ed_priv as first element, but
-    should have had ed_pri. This is now corrected. *** POTENTIAL
-    INCOMPATIBILITY ***
-  * ssh: Add support for Ed25519/Ed448 SSH host keys in the RFC
-    4716 format ("-----BEGIN EC PRIVATE KEY-----") generated by for
-    example openssl or via Erlang functions (i.e.
-    public_key:generate_key({namedCurve, ed25519})). Ed25519 SSH
-    host keys generated by ssh-keygen was, and are still,
-    supported.
-  * kernel: Handling of send_timeout for gen_tcp has been corrected
-    so that the timeout is honored also when sending 0 bytes.
-  * kernel: By default global does not take any actions to restore
-    a fully connected network when connections are lost due to
-    network issues. This is problematic for all applications
-    expecting a fully connected network to be provided, such as for
-    example mnesia, but also for global itself. A network of
-    overlapping partitions might cause the internal state of global
-    to become inconsistent. Such an inconsistency can remain even
-    after such partitions have been brought together to form a
-    fully connected network again. The effect on other applications
-    that expects that a fully connected network is maintained may
-    vary, but they might misbehave in very subtle hard to detect
-    ways during such a partitioning. In order to prevent such
-    issues, we have introduced a prevent overlapping partitions fix
-    which can be enabled using the prevent_overlapping_partitions
-    kernel(6) parameter. When this fix has been enabled, global
-    will actively disconnect from nodes that reports that they have
-    lost connections to other nodes. This will cause fully
-    connected partitions to form instead of leaving the network in
-    a state with overlapping partitions. Note that this fix has to
-    be enabled on all nodes in the network in order to work
-    properly. Since this quite substantially changes the behavior,
-    this fix is currently disabled by default. Since you might get
-    hard to detect issues without this fix you are, however,
-    strongly advised to enable this fix in order to avoid issues
-    such as the ones described above. As of OTP 25 this fix will
-    become enabled by default.
-  * kernel: Fix bug where logger would crash when logging a report
-    including improper lists.
-  * kernel: Make erlang:set_cookie work for dynamic node names.
-  * kernel: Add support for using socket:sockaddr_in() and
-    socket:sockaddr_in6() when using gen_sctp, gen_tcp and gen_udp.
-    This will make it possible to use Link Local IPv6 addresses.
-  * kernel: A net_tickintensity kernel parameter has been
-    introduced. It can be used to control the amount of ticks
-    during a net_ticktime period. A new net_kernel:start/2 function
-    has also been introduced in order to make it easier to add new
-    options. The use of net_kernel:start/1 has been deprecated.
-  * kernel: Improve documentation for the dynamic node name
-    feature.
-  * erl_docgen: Fix css for large tables and images on small
-    screens
-  * erl_docgen: Fix bug with codeinclude tag that caused it to not
-    include the code if used in a correct, but unexpected way.
-  * observer: Calculate the display width in etop, instead of hard-
-    coding it to 89 characters.
-  * debugger: Fix record index matching, it was broken and could
-    never match.
-  * ssl: Improved error handling.
-  * ssl: Before this change, net_kernel used with TLS distribution
-    might be leaking processes in case of connectivity issues.
-  * ssl: Fix makefile dependency bugs.
-  * ssl: Make sure the TLS sender process handles explicit calls to
-    erlang:disconnect_node properly, avoiding potential hanging
-    problems in net_kernel.
-  * ssl: Add support for TLS-1.3 certificate_authorities extension.
-    And process certificate_authorities field in pre-TLS-1.3
-    certificate requests.
-  * ssl: Support password fun for protected keyfiles in ssl:connect
-    function.
-  * ssl: Add in some cases earlier detection of possible DoS
-    attacks by malicious clients sending unexpected TLS messages
-    instead of the client hello. Note that such attacks are already
-    mitigated by providing a timeout for the TLS handshake.
-  * eldap: Fix eldap extensibleMatch dnAttributes option. According
-    to the ldap ASN1 the dnAttributes should be a bool, instead it
-    was generated as a string.
-  * eldap: Implemented paged searches according to https://www.rfc-
-    editor.org/rfc/rfc2696.txt
-  * public_key: Support password fun for protected keyfiles in
-    ssl:connect function.
-  * stdlib: The compilation time is no longer recorded in BEAM
-    files. There remained several undocumented functions that
-    attempted to retrieve compilation times. Those have now been
-    removed.
-  * mnesia: Reduce the number of locks taken during table copying,
-    should reduce the startup time on large systems.
-  * diameter: The compilation time is no longer recorded in BEAM
-    files. There remained several undocumented functions that
-    attempted to retrieve compilation times. Those have now been
-    removed.
-
-- Changes for 24.2.2:
-  * inets: Avoid intermediate ungraceful shutdown of the HTTP
-    server.
-  * ssh: The ssh sever parallel_login option was missing in OTP-24
-
-- Changes for 24.2.1:
-  * ssl: Improve SNI (server name indication) handling so that
-    protocol version can be selected with regards to SNI. Also,
-    make sure that ssl:connection_information/1 returns the correct
-    SNI value.
-  * ssl: Fixed cipher suite listing functions so that the listing
-    of all cipher suites will be complete. Another fix for cipher
-    suite handling in OTP-24.1 accidentally excludes a few cipher
-    suites from the listing of all cipher suites.
-  * ssl: Reenable legacy cipher suite TLS_RSA_WITH_3DES_EDE_CBC_SHA
-    for explicit configuration in TLS-1.2, not supported by
-    default.
-  * ssl: Avoid unnecessary logs by better adjusting the tls_sender
-    process to the new supervisor structure in OTP-24.2
-  * erts: Fixed a memory leak in file:read_file_info/2 and
-    file:read_file/1 on Windows.
-  * erts: Fix GC emulator crash when spawn_request was used when
-    message tracing was enabled.
-
-- Changes for 24.2:
-  * compiler: When the compiler is invoked by Dialyzer, it will no
-    longer apply an optimization of binary patterns that would turn
-    the pattern <<"bar">> into <<6447474:24>>, which would be very
-    confusing when printed out by Dialyzer.
-  * compiler: The compiler would replace known failing calls (such
-    as atom_to_list(42)) with a call to error(badarg). With the
-    extended error information introduced in OTP 24 (EEP 54), those
-    "optimized" calls would not have extended error information. To
-    ensure that as much extended error information as possible is
-    available, the compiler now keeps the original call even when
-    it is known to fail.
-  * sasl: Make release_handler even more resilient against exiting
-    processes during upgrade. Same kind of bug fix as OTP-16744
-    released in sasl-4.0.1 (OTP 23.1).
-  * ssl: Allow re-connect on DTLS sockets Can happen when a
-    computer reboots and connects from the same client port without
-    the server noticing should be allowed according to RFC.
-  * ssl: Fix tls and non-tls distribution to use
-    erl_epmd:address_please to figure out if IPv4 or IPv6 addresses
-    should be used when connecting to the remote node. Before this
-    fix, a dns lookup of the remote node hostname determined which
-    IP version was to be used which meant that the hostname had to
-    resolve to a valid ip address.
-  * ssl: Use supervisor significant child to manage tls connection
-    process and tls sender process dependency.
-  * ssl: Random generation adjustment for TLS1.3
-  * ssl: Allow any {03,XX} TLS record version in the client hello
-    for maximum interoperability
-  * mnesia: Documentation and minor code cleanup.
-  * common_test: Before this change, group handling grammar was
-    ambiguous and also group paths did not support test specs.
-  * common_test: Before this change, it was not possible to link to
-    a particular header entry in Common Test log. Change adds right
-    aligned anchor icons in HTML test logs.
-  * parsetools: The default parser include file for yecc (yeccpre)
-    will no longer crash when attempting to print tokens when
-    reporting an error.
-  * tools: Erlang-mode fixed for newer versions of xref using CL-
-    Lib structures instead of EIEIO classes.
-  * inets: Correct HTTP server URI handling to fully rely on
-    uri_string. The server could mistreat some URI paths that in
-    turn could result in incorrect responses being generated.
-  * inets: Extend header values to httpc:request/5 to allow
-    binary() as well. Make error detection of invalid arguments to
-    httpc:request/5 be more precise so an error is returned in more
-    cases instead of causing a hang or function_clause. Be more
-    precise in documentation regarding the types of arguments being
-    accepted.
-  * crypto: Fixed the C-warning "implicit declaration of function
-    'OpenSSL_version_num'" if compiling with an early LibreSSL
-    version.
-  * crypto: FIPS availability was not checked correctly for AEAD
-    ciphers.
-  * crypto: Fixed that cipher aliases (like aes_cbc etc) could be
-    present even if the aliased cipher(s) (like aes_128_cbc,
-    aes_256_cbc,... etc) was missing.
-  * crypto: The crypto app in OTP can now be compiled, linked and
-    used with the new OpenSSL 3.0 cryptolib. It has not yet been
-    extensively tested and is in this release *not recommended* for
-    other usages than experiments and alpha testing. There are not
-    yet any guaranties that it works, not even together with other
-    OTP applications like for example SSL and SSH, although there
-    are no known errors. Compiling and linking with OpenSSL 3.0
-    cryptolib in compatibility modes (for example to behave as
-    1.1.1) are not tested. It is not tested with external
-    providers. The support for FIPS mode does not yet work, and is
-    disabled when compiled with OpenSSL 3.0. Deprecated functions
-    in the OpenSSL 3.0 cryptolib must not be disabled as OTP/crypto
-    still uses some of the deprecated API functions. The gcc flag
-  - Wno-deprecated-declarations is set to prevent deprecation
-    warnings to be printed when compiling. The hash algorithms md4
-    and ripemd160 are disabled temporarily when compiled with
-    OpenSSL 3.0. The ciphers blowfish_cbc, blowfish_cfb64,
-    blowfish_ecb, blowfish_ofb64, des_cbc, des_cfb, des_ecb,
-    rc2_cbc and rc4 are disabled temporarily when compiled with
-    OpenSSL 3.0.
-  * crypto: The error handling in crypto is partly refactored using
-    the new error reporting support. Errors earlier propagated like
-    exceptions are still so, but when the failing function is
-    called from the terminal - for example during failure hunting -
-    a more descriptive text is produced.
-  * crypto: A new function crypto:info/0 which presents some data
-    about the compilation and linkage of the crypto nif is added.
-  * crypto: Added the pbkdf2_hmac/5 function to the crypto module.
-    It calls the PKCS5_PBKDF2_HMAC function which implements PBKD2
-    with HMAC in an efficient way.
-  * stdlib: Fix rendering of nbsp on terminals that do not support
-    unicode.
-  * stdlib: Improved the erl_error printout for when re fails to
-    compile a regular expression to also print hints about why the
-    compilation failed.
-  * stdlib: Fixed spec for supervisor_bridge:start_link().
-  * stdlib: Added missing shutdown clauses in supervisor which
-    could cause erroneous error reports.
-  * stdlib: Add the no_auto_import_types to erl_lint to allow a
-    module to define types of the same name as a predefined type.
-  * erts: When matching and constructing utf16 segments in the
-    binary syntax, the native flag would be ignored. That is, the
-    endian would always be big endian even on a little-endian
-    computer (almost all modern computers).
-  * erts: Fix the help printout of +JPperf.
-  * erts: Fix bug that could cause Erlang to deadlock during
-    creation of an Erlang crash dump.
-  * erts: Fixed C++ build errors on some aarch64 platforms.
-  * erts: For macOS, the Info.plist file embedded in the runtime
-    system now only contains the absolute minimum amount of
-    information needed for the web view in wx to work towards
-    localhost. The other fields have been removed, allowing an
-    application packaged in a bundle to specify the application
-    name and other parameter in its own Info.plist file.
-  * erts: Fix bug in internal stacks (WSTACK and ESTACK) used by
-    term_to_binary/2 to encode terms. The bug could cause a
-    segfault if a very very large map was to be encoded with the
-    deterministic option given.
-  * erts: Improve the error printout when open_port/2 fails because
-    of invalid arguments.
-  * erts: Fix bug in crash dumps where the stackframe of a process
-    would be printed using an incorrect format. Crash dump viewer
-    has also been fixed to be able read the broken stack format.
-    The bug has existed since Erlang/OTP 23.0.
-  * erts: An option for enabling dirty scheduler specific allocator
-    instances has been introduced. By default such allocator
-    instances are disabled. For more information see the
-    documentation of the +Mdai erl command line argument.
-  * erts: Minor optimization of receive markers in message queues.
-  * erts: All predefined types have been added to the erlang module
-    together with documentation. Any reference to a predefined type
-    now links to that documentation so that the user can view it.
-  * erts: Suppress a code checker warning caused by debug builds of
-    YCF. YCF tries to get a conservative estimate of the bottom of
-    the stack by reading and returning a call stack allocated
-    variable.
-  * erts: Add file and product properties to erl.exe and werl.exe.
-  * erts: Micro optimization in bitstring append operations.
-  * erts: Responsiveness of processes executing on normal or low
-    priority could suffer due to code purging or literal area
-    removal on systems with a huge amount of processes. This since
-    during these operations all processes on the system were
-    scheduled for execution at once. This problem has been fixed by
-    introducing a limit on outstanding purge and copy literal
-    requests in the system. By default this limit is set to twice
-    the amount of schedulers on the system. This will ensure that
-    schedulers will have enough work scheduled to perform these
-    operations as quickly as possible at the same time as other
-    work will be interleaved to a much higher degree. Performance
-    of these operations will however be somewhat degraded due to
-    the overhead of enforcing this limit compared to when using a
-    very large limit. This limit can be set by passing the +zosrl
-    command line argument to erl, or by calling
-    erlang:system_flag(outstanding_system_requests_limit,
-    NewLimit).
-  * kernel: socket:which_sockets( pid() ) uses wrong keyword when
-    looking up socket owner ('ctrl' instead of 'owner').
-  * kernel: In epmd_ntop, the #if defined(EPMD6) conditional was
-    inverted and it was only including the IPv6-specific code when
-    EPMD6 was undefined. This was causing IPv6 addrs to be
-    interpreted as IPv4 addrs and generating nonsense IPv4
-    addresses as output. Several places were incorrectly using
-    'num_sockets' instead of 'i' to index into the iserv_addr array
-    during error logging. This would result in a read into
-    uninitialized data in the iserv_addr array. Thanks to John
-    Eckersberg for providing this fix.
-  * kernel: Minor fix of the erl_uds_dist distribution module
-    example.
-  * kernel: A bug has been fixed for the legacy TCP socket adaption
-    module gen_tcp_socket where it did bind to a socket address
-    when given a file descriptor, but should not.
-  * kernel: Improve the error printout when open_port/2 fails
-    because of invalid arguments.
-  * kernel: Calling socket:monitor/1 on an already closed socket
-    should succeed and result in an immediate DOWN message. This
-    has now been fixed.
-  * kernel: Fix the configuration option logger_metadata to work.
-  * kernel: Fix tls and non-tls distribution to use
-    erl_epmd:address_please to figure out if IPv4 or IPv6 addresses
-    should be used when connecting to the remote node. Before this
-    fix, a dns lookup of the remote node hostname determined which
-    IP version was to be used which meant that the hostname had to
-    resolve to a valid ip address.
-  * kernel: Add logger:reconfigure/0.
-  * kernel: Add socket function ioctl/2,3,4 for socket device
-    control.
-  * kernel: Add simple support for socknames/1 for gen_tcp_socket
-    and gen_udp_socket.
-  * kernel: The types for callback result types in gen_statem has
-    bee augmented with arity 2 types where it is possible for a
-    callback module to specify the type of the callback data, so
-    the callback module can get type validation of it.
-  * erl_docgen: Fix codeinclude tag to correctly respect the type
-    attribute.
-  * erl_docgen: The HTML documentation has been updated to collapse
-    better on small screens.
-  * erl_docgen: All predefined types have been added to the erlang
-    module together with documentation. Any reference to a
-    predefined type now links to that documentation so that the
-    user can view it.
-  * snmp: Handling of test config flag when starting "empty".
-  * snmp: Add support for new authentication algorithms (SHA-224,
-    SHA-256, SHA-384 and SHA-512), according to RFC 7860.
-  * snmp: Improve debug info for (snmp) manager.
-  * wx: Fix crash in cleanup code when a gui application is
-    exiting. Fix errors in the OpenGL wrapper that could cause
-    crashes and improve the documentation.
-  * edoc: Add option link_predefined_types that is used to create
-    links to erlang predefined types. This is mainly to be used by
-    erl_docgen when creating the Erlang/OTP documentation.
-  * dialyzer: Fixed a crash when opaque types contained certain
-    unicode characters.
-  * dialyzer: When the compiler is invoked by Dialyzer, it will no
-    longer apply an optimization of binary patterns that would turn
-    the pattern <<"bar">> into <<6447474:24>>, which would be very
-    confusing when printed out by Dialyzer.
-  * observer: Fix bug in crash dumps where the stackframe of a
-    process would be printed using an incorrect format. Crash dump
-    viewer has also been fixed to be able read the broken stack
-    format. The bug has existed since Erlang/OTP 23.0.
-  * ssh: The value of the connect_timeout option is now used as
-    default value for the negotiation timeout.
-  * ssh: Add better error handling in connect/2,3,4. Detect
-    incorrect arguments and return an informative error tuple
-    instead of throwing a function_clause or similar.
-  * ssh: Make ssh algorithm selection better handle dynamic changes
-    changes in crypto fips mode.
-  * megaco: [megaco_tcp] When connect fails, include more info in
-    the error reason.
-- Changes for 24.1.7:
-  * ssh: Fixed a race condition in the acceptor loop: if a client
-    disconnected immediately after the tcp connect, the server
-    could cease handling connection on that address:port.
-- Changes for 24.1.6:
-  * ssl: Correct typo of ECC curve name in signature algorithm
-    handling. Will make the signature algorithm
-    ecdsa_secp521r1_sha512 succeed.
-  * ssl: Suppress authenticity warning when option verify_none is
-    explicitly supplied.
-- Changes for 24.1.5:
-  * erts: The runtime system could call select() with a too large
-    timeout value when executing on MacOS. This could in turn cause
-    the runtime system to crash.
-  * erts: The fix for Linux's behaviour when reconnecting an UDP
-    socket in PR-5120 released in OTP-24.1.2 has been refined to
-    only dissolve the socket's connection before a connect if the
-    socket is already connected, that is: only for a reconnect.
-    This allows code to open a socket with an ephemeral port, get
-    the port number and connect; without the port number changing
-    (on Linux). This turned out to have at least one valid use case
-    (besides test cases). Should one reconnect the socket then the
-    port number may change, on Linux; it is a known quirk, which
-    can be worked around by binding to a specific port number when
-    opening the socket. If you can do without an ephemeral port,
-    that is...
-  * erts: Certain distributed signals that for various reasons must
-    to be forced into the distribution buffer even when it is full
-    would instead be lost if the distribution buffer was full when
-    sent. The effected signals:
-  * kernel: The internal, undocumented, but used, module inet_dns
-    has been fixed to handle mDNS high bit usage of the Class
-    field. Code that uses the previously obsolete, undocumented and
-    unused record field #dns_rr.func will need to be updated since
-    that field is now used as a boolean flag for the mDNS high
-    Class bit. Code that uses the also undocumented record
-    [#]dns_query will need to be recompiled since a boolean field
-    [#]dns_query.unicast_response has been added for the mDNS high
-    Class bit. *** POTENTIAL INCOMPATIBILITY ***
-  * kernel: The fix for Linux's behaviour when reconnecting an UDP
-    socket in PR-5120 released in OTP-24.1.2 has been refined to
-    only dissolve the socket's connection before a connect if the
-    socket is already connected, that is: only for a reconnect.
-    This allows code to open a socket with an ephemeral port, get
-    the port number and connect; without the port number changing
-    (on Linux). This turned out to have at least one valid use case
-    (besides test cases). Should one reconnect the socket then the
-    port number may change, on Linux; it is a known quirk, which
-    can be worked around by binding to a specific port number when
-    opening the socket. If you can do without an ephemeral port,
-    that is...
-- Changes for 24.1.4:
-  * erts: Fix bug where a gen_tcp write error that happened during
-    a delayed_send would cause a use after free segfault.
-  * erts: Fix x86 JIT bug where a rem instruction could cause a
-    segfault if given values that would cause an badarith
-    exception.
-- Changes for 24.1.3:
-  * ssl: Fix TLS-1.2 RSA-PSS negotiation and also fix broken
-    certificate request message for pre-TLS-1.3 servers.
-  * ssl: Fix CRL issuer verification that under some circumstances
-    could fail with a function_clause error.
-  * erts: Reduction counter was not updated before and after doing
-    apply operations on the runtime system with the jit enabled.
-    This caused reduction counting to get out of sync if a garbage
-    collection was made as part of the apply operation.
-  * erts: This fixes a bug in erts_factory_undo that caused the
-    heap to not be reset correctly. The erts_factory_undo function
-    is, for example, called when a binary_to_term/1 call fails to
-    reset the heap to its state before the binary_to_term/1 call.
-    This can cause the heap to contain invalid terms which
-    potentially can cause issues (e.g., crashes) when the whole
-    heap is scanned.
-  * erts: When attempting to construct a binary with an segment
-    having an illegal type for the size (e.g. an atom), there could
-    be an unnecessary memory allocation (and subsequent
-    deallocation) before the operation failed. Amended to fail
-    before allocating any memory for the binary.
-  * erts: Fix bug in persistent_term when a key-value pair contains
-    a magic reference that is referred more than once. Magic
-    references are NIF resources or returned from BIFs like
-    ets:new, atomics:new. The bug could cause the memory of the
-    referred resource to be prematurely deallocated. The bug also
-    apply to magic references in message passing on a runtime built
-    with configure option --enable-sharing-preserving. Bug exist
-    for 64-bit since OTP-24.0 and for 32-bit since OTP-20.0.
-  * erts: Fixed a crash when inspecting the stack trace of an
-    exception raised at a very high line number. This bug was
-    introduced in OTP 24.
-  * erts: The following two bugs that caused erlang:demonitor() to
-    behave erroneously have been fixed. The bugs were only
-    triggered if the monitor that was removed by demonitor() had
-    previously been created simultaneously as a monitor and as an
-    alias.
-
-- Changes for 24.1.2:
-  * kernel: The undocumented DNS encode/decode module inet_dns has
-    been cleaned up to handle the difference between "symbolic" and
-    "raw" records in a more consistent manner. PR-5145/OTP-17584
-    introduced a change that contributed to an already existing
-    confusion, which this correction should remedy.
-  * erts: The python scripts that existed in
-    erts/lib_src/yielding_c_fun/lib/tiny_regex_c/scripts had a
-    license that was incompatible with Erlang/OTP's license. This
-    ticket removes these scripts that were not used by us.
-  * ssl: Before that change, TLS downgrade could occasionally fail
-    when data intended for downgraded socket were delivered
-    together with CLOSE_NOTIFY alert to ssl app.
-  * ssl: Avoid re-encoding of decoded certificates. This could
-    cause unexpected failures as some subtle encoding errors can be
-    tolerated when decoding but hence creating another sequence of
-    bytes if the decoded value is re-encoded.
-  * ssl: Fix possible process leak when the process doing
-    ssl:transport_accept dies before initiating the TLS handshake.
-  * ssl: Fix dtls memory leak, the replay window code was broken.
-  * public_key: Avoid re-encoding of decoded certificates. This
-    could cause unexpected failures as some subtle encoding errors
-    can be tolerated when decoding but hence creating another
-    sequence of bytes if the decoded value is re-encoded.
-  * crypto: Fixed minor memory leak at crypto module purge.
-  * crypto: Fix possible inconsistency in fips mode when linking
-    with some cryptolibs.
-- Changes for 24.1.1:
-  * kernel: Add more info about the socket 'type' ('socket' or
-    'port') for the DOWN message when monitoring sockets.
-  * stdlib: Fixed a bug that could cause a child to become orphaned
-    when a supervisor died between unlinking and sending the
-    shutdown signal to this child. There was also a possibility for
-    erratic supervisor reports caused by a race between a
-    supervisor shutting down a child and that child exiting by
-    itself at the same time.
-  * erts: A race between an exiting port and handling of
-    simultaneously received signals to that port could cause a
-    runtime system crash. The effected signals are link, monitor
-    and demonitor. On OTP 22 a similiar race could also cause a
-    memory leak when receiving an unlink signal.
-  * erts: A user defined tag on a monitor message could cause the
-    runtime system to crash when the monitor message had been
-    received.
-  * erts: A call to erlang:demonitor(Ref) where the reference Ref
-    referred to an active alias, but not an active monitor, caused
-    the runtime system to crash.
-  * erts: The message queue of a process entered an inconsistent
-    state after a receive expression with an invalid timeout value
-    was executed. If the exception raised due to the invalid
-    timeout value was caught, the following receive expression
-    executed by the process could fail to match messages already
-    present in the message queue. On OTP 24 this could also cause
-    the whole runtime system to crash.
-  * erts: Sending a Port ! {PortOwner, close} signal from a process
-    other than the port owner could erroneously trigger a badsig
-    exit signal being sent to the port owner process even though
-    the correct PortOwner had been passed in the signal.
-  * snmp: Sockets are monitored, but the handling of the 'DOWN'
-    message expected a new style socket ('socket'), old style
-    (port) was not handled.
-- Changes for 24.1:
-  * kernel: The extended error information has been corrected and
-    improved for the following BIFs: binary_to_existing_atom/2,
-    list_to_existing_atom/1, erlang:send_after/{3,4}, and
-    erlang:start_timer/{3,4}.
-  * kernel: Fixed rare bug that could cause net_kernel process to
-    hang for ever. Have seen to happen with massive number of TLS
-    connections while remote nodes are restarting. Bug exists since
-    OTP-22.0.
-  * kernel: Improve handling of closed sockets for inet:info/1.
-  * kernel: This change fixes a performance problem introduced in
-    pull-request #2675. Pull-request #2675 made so the system tried
-    to start children of already started applications which is
-    unnecessary. This change fixes this performance problem.
-  * kernel: Fix code:get_doc/1 to not crash when module is located
-    in an escript.
-  * kernel: Parsing of the result value in the native DNS resolver
-    has been made more defensive against incorrect results.
-  * kernel: A bug in the option handling for the legacy socket
-    adaptor, that is; when using inet_backend = socket, has been
-    fixed. Now socket options are set before the bind() call so
-    options regarding, for example address reuse have the desired
-    effect.
-  * kernel: inet:ntoa/1 has been fixed to not accept invalid
-    numerical addresses.
-  * kernel: Parsing of DNS records has been improved for records of
-    known types to not accept and present malformed ones in raw
-    format.
-  * kernel: The ip_mreq() type for the {ip,add_membership} and
-    {ip,drop_membership} socket options has been corrected to have
-    an interface field instead of, incorrectly, an address field.
-  * kernel: Add simple utility function to display existing sockets
-    i the erlang shell (socket:i/0).
-  * kernel: gen_udp can now be configured to use the socket inet-
-    backend (in the same way as gen_tcp).
-  * kernel: Functions erlang:set_cookie(Cookie) and
-    erlang:get_cookie(Node) have been added for completeness and to
-    facilitate configuring distributed nodes with different
-    cookies. The documentation regarding distribution cookies has
-    been improved to be less vague.
-  * kernel: A workaround has been implemented for Linux's quirky
-    behaviour to not adjust the source IP address when connecting a
-    connected (reconnecing) UDP socket. The workaround is to, on
-    Linux, always dissolve any connection before connecting an UDP
-    socket.
-  * kernel: Documented our recommendation against opening NFS-
-    mounted files, FIFOs, devices, and similar using file:open/2.
-  * debugger: Improve record handling, print known records with
-    record syntax.
-  * observer: Atoms with Unicode code points greater than 255 (for
-    example Greek or Cyrillic characters) would not be displayed
-    correctly by crashdump_viewer.
-  * observer: Fix the crashdump_viewer to be able to parse
-    monitor_node/2 monitors correctly.
-  * observer: Observer now has a sectiion for new socket.
-  * observer: Added a trace all button to the trace window.
-  * parsetools: Fix a bug in Leex which caused the Erlang Compiler
-    to generate warnings.
-  * parsetools: Fix a bug in Yecc which caused the Erlang Compiler
-    to generate warnings.
-  * mnesia: Fixed that index keys was deleted for set tables when
-    mnesia:delete_object/1 tried to delete a non-existing record.
-  * mnesia: Optimized table loading and added max_transfer_size
-    configuration parameter.
-  * stdlib: Fix io:format with ~p to no longer interpret floats as
-    printable characters.
-  * stdlib: Fix specs for base64 encode/decode functions to also
-    include 0.
-  * stdlib: The failing call io:format("~p\n") would result in a
-    warning for line number 0 instead of the correct line and
-    column numbers. This has been corrected, and all warnings for
-    failing calls to io:format() has been rephrased to make it
-    clearer exactly what the problem is.
-  * stdlib: When the options warn_missing_spec and export_all were
-    given, there would only be warnings for missing specs for
-    functions that had been explicitly exported using an -export
-    attribute.
-  * stdlib: Calling c:ls/1 with an atom whose contents is the the
-    name of a file (as opposed to a directory) would crash.
-  * stdlib: The MODULE and MODULE_STRING macros would always appear
-    to be defined (when tested by -ifdef), even though no -module()
-    declaration had been seen yet. Changed so that -ifdef ?MODULE.
-    will not consider ?MODULE defined if -module() has not been
-    previously seen.
-  * stdlib: Fix bug with rendering of missing types and callbacks
-    in shell_docs.
-  * stdlib: When the deterministic option was given to the
-    compiler, the ?FILE macro would be expanded to full path of the
-    source file before the first include directive and to base part
-    of the filename after include directive.
-  * stdlib: Fixed broken win32reg:delete_key and fixed
-    win32reg:value for default value.
-  * stdlib: Fixed error information for the call maps:get(some_key,
-    [#]{}).
-  * stdlib: Most output functions in the io module now print extra
-    error information when provided with invalid arguments. The
-    functions are: io:format, io:fwrite, io:put_chars, io:nl and
-    io:write.
-  * stdlib: EEP-54 (Provide more information about errors) now
-    includes two new return values for the format_error callback,
-    general and reason. Multi-line error descriptions returned from
-    a format_error callback are now correctly indented. The
-    documentation for erl_error, error/3 and Errors and Error
-    Handling in the Erlang Reference Manual have been extended.
-  * stdlib: In the documentation for the lists module, it has been
-    clarified that predicate funs must return a boolean.
-  * stdlib: The documentation for c:c/1, c:c/2, and c:c/3 has been
-    clarified.
-  * tools: The cover tool would not work on modules compiled with
-    the tuple_calls option.
-  * common_test: Float allowed as multiply_timetraps parameter.
-  * common_test: Remove usage of legacy API macro and functions.
-  * erts: Atoms with Unicode code points greater than 255 (for
-    example Greek or Cyrillic characters) would not be displayed
-    correctly by crashdump_viewer.
-  * erts: Fix rare minor memory leak related to jit code loading.
-  * erts: The extended error information has been corrected and
-    improved for the following BIFs: binary_to_existing_atom/2,
-    list_to_existing_atom/1, erlang:send_after/{3,4}, and
-    erlang:start_timer/{3,4}.
-  * erts: Fix bug provoked when building with gcc 10 and link time
-    optimization (-flto), causing Erlang compiler to crash. Bug
-    exists since OTP-24.0.
-  * erts: Corrected bugs where builds were not reducible even when
-    the deterministic option was given. In particular, modules with
-    map literals with more than 32 elements could cause this
-    problem. As part of this fix, the term_to_binary BIF now
-    accepts the option deterministic.
-  * erts: After an exception has been caught in a process, the
-    stack trace would be kept in the process longer than necessary.
-  * erts: Fix rare race bug in memory management of distribution
-    entries. Have been seen to cause VM crash when massive number
-    of repeated concurrent failing connection attempts.
-  * erts: The configure test for --disable-esock-socket-registry
-    has been corrected so disabling now works.
-  * erts: init:stop() no longer unloads loaded code before
-    terminating the runtime system. On systems with slow CPUs (such
-    as Raspberry PI Zero), that can significantly speed up
-    termination of the runtime system.
-  * erts: Fixed match specifications that use maps in either the
-    guard or the body to work properly. With this fix both keys and
-    values in maps can be expressions. Various other crashes and
-    bugs when using maps in match specifications have also been
-    fixed.
-  * erts: Parsing of the result value in the native DNS resolver
-    has been made more defensive against incorrect results.
-  * erts: When binary_to_term/2 failed, the extended error
-    information would always blame the second argument even if the
-    actual error was in the first argument.
-  * erts: On 32-bit computers, binary_to_term/1,2 is now more
-    resilient against corrupted binaries containing maps in the
-    external format.
-  * erts: A call to process_info(Pid, status) could erroneously
-    report the status running when it should have reported waiting.
-    This occurred when the calling process was executing on a
-    higher priority than the process being inspected. This bug has
-    been present since OTP 21.0 (erts version 10.0).
-  * erts: Optimize memory usage of erts internal processes used
-    during code loading/purging by hibernating them after a long
-    time of inactivity.
-  * erts: Add the type erlang:stacktrace/0.
-  * erts: The arity argument of error/2,3 can now be none to
-    indicate that the calling functions arity should be used.
-  * erts: Optimize match spec compiler for immediate (single word)
-    constant terms.
-  * erts: Functions erlang:set_cookie(Cookie) and
-    erlang:get_cookie(Node) have been added for completeness and to
-    facilitate configuring distributed nodes with different
-    cookies. The documentation regarding distribution cookies has
-    been improved to be less vague.
-  * erts: A workaround has been implemented for Linux's quirky
-    behaviour to not adjust the source IP address when connecting a
-    connected (reconnecing) UDP socket. The workaround is to, on
-    Linux, always dissolve any connection before connecting an UDP
-    socket.
-  * erts: The internal documentation for how to use Yielding C Fun
-    (YCF) has been updated to contain text about best practices for
-    using YCF for ERTS.
-  * erts: Optimize garbage collection for processes with large
-    number of binaries, funs and/or external pids/ports/refs.
-  * erl_docgen: Fix codeinclude tags to work as part of reference
-    manual documentation.
-  * erl_docgen: Fix creation of link elements with anchors in
-    EEP-48 style documentation.
-  * dialyzer: Do not crash if a PLT file no longer exists.
-  * dialyzer: Fix bug in erl_types related to maps.
-  * dialyzer: Fix bugs in erl_types regarding improper lists.
-  * dialyzer: The underspecs and overspecs options will now
-    generate correct warnings for misused opaque types.
-  * eunit: In an eunit test, when a test case times out, include a
-    stacktrace.
-  * snmp: It is now possible to configure the built-in net-if
-    processes (both agent and manager) to use the new (gen_udp-)
-    option 'inet_backend'.
-  * asn1: A parameterized type with a SEQUENCE with extension
-    ("...") made the compiler backend to crash. The previous fix
-    for this in GH-4514 was not complete.
-  * wx: Fix crash when closing an application.
-  * wx: Some functions with overloaded color arguments could not be
-    used. For example the copy constructor wxTextAttr:new(TextAttr)
-    did not work.
-  * wx: Added the Microsoft Edge WebView loader dll to the
-    installer on windows.
-  * wx: Handle specific Mac gui application events.
-  * erl_interface: erl_call now prints an error when the arguments
-    cannot be parsed.
-  * erl_interface: The ei API for decoding/encoding terms is not
-    fully 64-bit compatible since terms that have a representation
-    on the external term format larger than 2 GB cannot be handled.
-  * edoc: Fix broken documentation link in edoc_extract:file/4.
-  * ssl: Fix Makefile dependency generation to work no matter what
-    the ERL_TOP folder is called.
-  * ssl: If trying to downgrade a TLS-1.3 connection to a plain TCP
-    connection, possible TLS-1.3 session ticket messages will be
-    ignored in the "downgrade" state while waiting for the close
-    notify alert.
-  * ssl: Corrected error handling to correctly generate an
-    insufficient security alert when there are no suitable groups
-    that can be negotiated in TLS-1.3 instead of crashing resulting
-    in an internal error alert.
-  * ssl: Properly handle default session data storage. When a
-    client tries to reuse an expired session the default server
-    storage handling would crash loosing other session data. This
-    would cause a error report and possible loss of abbreviated
-    handshakes.
-  * ssl: Add support for RSA-PSS-PSS signatures and
-    signature_algorithms_cert in TLS-1.2. This is a TLS-1.3 RFC
-    requirement to backport this functionality.
-  * ssl: Use inet:monitor/1 to monitor listen-sockets so that we
-    are compatible with the new socket backend for gen_tcp.
-  * ssl: Enhance ssl:prf/4 handling and testing
-  * ssl: Enhanced cipher suite filtering functionality, making sure
-    TLS-1.3 and TLS-1.2 cipher suites can be supported correctly
-    together even when TLS-1.2 anonymous ciphers are included.
-  * ssl: Enhance gracefulness especially in TLS-1.3
-  * os_mon: On a Mac with Apple Silicon, memsup:get_os_wordsize/0
-    would return 32 instead of 64.
-  * ssh: Fixed that a slow start (>30s) of a client subsystem could
-    cause a log entry with the password.
-  * ssh: Fixed an error when running as an sftp server and a client
-    requests a directory contents listing. The fix is to handle the
-    error code {error, eacces} as {error, enoent} in the
-    ssh_sftpd:get_attrs/5 internal function; that is, just skip it.
-  * ssh: The "Key exchange failed" Info Report is now more
-    informative.
-  * inets: Before this change hrefs in dir listing page contained
-    percentage encoded forward slashes which did not work properly
-    with httpd.
-  * inets: Restored HTTP headers handling in inets/mod_esi.
-  * inets: inets/httpd dir listing icons and other improvements
-  * inets: httpc: Improve performance by removing redundant URI
-    handling
-  * compiler: If a parse transform raised an exception using
-    throw/1 or exit/1, the compiler would report that as an
-    internal compiler error, which would be confusing. Amended to
-    report that the parse transform failed.
-  * compiler: The failing call io:format("~p\n") would result in a
-    warning for line number 0 instead of the correct line and
-    column numbers. This has been corrected, and all warnings for
-    failing calls to io:format() has been rephrased to make it
-    clearer exactly what the problem is.
-  * compiler: When the options warn_missing_spec and export_all
-    were given, there would only be warnings for missing specs for
-    functions that had been explicitly exported using an -export
-    attribute.
-  * compiler: In rare circumstances, the compiler could emit an
-    incorrect warning for a term that was constructed but never
-    used.
-  * compiler: Corrected bugs where builds were not reducible even
-    when the deterministic option was given. In particular, modules
-    with map literals with more than 32 elements could cause this
-    problem. As part of this fix, the term_to_binary BIF now
-    accepts the option deterministic.
-  * compiler: The MODULE and MODULE_STRING macros would always
-    appear to be defined (when tested by -ifdef), even though no
-  - module() declaration had been seen yet. Changed so that -ifdef
-    ?MODULE. will not consider ?MODULE defined if -module() has not
-    been previously seen.
-  * compiler: In a guard, not (X =:= true) would incorrectly
-    evaluate to false for non-boolean values of X.
-  * compiler: When the deterministic option was given to the
-    compiler, the ?FILE macro would be expanded to full path of the
-    source file before the first include directive and to base part
-    of the filename after include directive.
-  * public_key: public_key:pkix_sign/2 now honors the salt length
-    from the provided input parameters. Earlier this could result
-    in incorrect signatures if not using recommended defaults.
-  * public_key: When decoding an 'ECPrivateKey' unwrap the private
-    key. For more precise information see RFC 8410, section 7.
-  * runtime_tools: Observer now has a sectiion for new socket.
-  * runtime_tools: The dbg docs have been expanded to include the
-    meaning of all the function name acronyms.
-  * megaco: It is now possible to configure the built-in transports
-    (megaco_tcp and megaco udp) to use the new (gen_udp- and
-    gen_tcp-) option 'inet_backend'.
-  * crypto: Fix bug in crypto:ensure_engine_unloaded. Also fixed
-    minor memory leak related to engine unloading.
-  * crypto: Fixes that FIPS enable and disable (or vice versa) on
-    Windows sometimes leads to core dump at the time of process
-    exit.
-  * crypto: Disable fips if cryptolib < 1.0.1 and OTP/crypto is
-    configured with --enable-fips If not, there could be compiling
-    or loading problems with antique OpenSSL versions.
-  * jinterface: Fixed rare race bug that could cause
-    NullPointerException on local close of connection.
-- Changes for 24.0.6:
-  * erts: A call to the process_info() BIF could end up hanging for
-    ever due to a bug introduced when the new selective receive
-    optimization was introduced in OTP 24.0. Note that this bug
-    only effects process_info().
-  * erts: Fix buffer overrun problem in the tty driver. The problem
-    happens on some platforms when using the CTRL+R functionality
-    of newshell with very long strings in the history.
-  * erts: Fix race-condition that could cause a crash when tracing
-    scheduling or garbage collections on a process that was running
-    on a dirty scheduler.
-  * erts: Fix rare bug where re:run would crash/return invalid
-    results when given a subbinary as subject. This bug has existed
-    since Erlang/OTP 20.0.
-  * erts: binary_to_term/1,2 is now more resilient against
-    corrupted binaries containing maps in the external format.
-
-- Added hardening to systemd service(s) (bsc#1181400). Modified:
-  * epmd.service
-
-- Changes for 24.0.5:
-  * kernel: For gen_tcp:connect/3,4 it is possible to specify a
-    specific source port, which should be enough to bind the socket
-    to an address with that port before connecting. Unfortunately
-    that feature was lost in OTP-17216 that made it mandatory to
-    specify the source address to get an address binding, and
-    ignored a specified source port if no source address was
-    specified. That bug has now been corrected.
-- Changes for 24.0.4:
-  * stdlib: Fix a bug that could cause a crash when formatting
-    tuples using the control sequences p or P and limiting the
-    output with the option chars_limit.
-  * ssl: Handle cross-signed root certificates when old root
-    expired as reported in GH-4877.
-  * ssl: The signature selection algorithm has been changed to also
-    verify if the client supports signatures using the elliptic
-    curve of the server's public/private key pair. This change
-    fixes #4958.
-  * ssl: Slight optimization of certificate decoding.
-  * public_key: Handle cross-signed root certificates when old root
-    expired as reported in GH-4877.
-  * common_test: An incoming NETCONF notification received before a
-    call to ct_netconfc:create_subscription/* caused the connection
-    process to fail with badarg. Unexpected notifications are now
-    logged in the same way as other unexpected messages.
-  * common_test: Add 'receiver' option to ct_netconfc To allow a
-    destination for incoming NETCONF notifications to be specified
-    at sessions creation. Previously, a caller of
-    create_subscription/* became the destination, but RFC 5277
-    create-subscription is no longer the only way in which NETCONF
-    notifications can be ordered.
-
-- Fix more directories not owned by the package (boo#1187546)
-
-- Changes for 24.0.3:
-  * erts: A call to erlang:cancel_timer(_, [{info, false}]) could
-    cause the calling process to block forever in the call. Note
-    that only the synchronous version of the call (that is, the
-    async option is false) in combination with the info option set
-    to false was effected by this bug.
-  * erts: Microstate accounting (msacc) and os:perf_counter()
-    unintentionally used system time instead of monotonic time for
-    time measurements on a lot of systems. These systems were all
-    non x86/x86_64 systems or x86/x86_64 systems without a reliable
-    and constant rdtsc instruction. The lock counting (lcnt) built
-    runtime system also unintentionally used system time instead of
-    monotonic time for time measurements on all systems.
-  * erts: Simultaneous calls to
-    erlang:system_flag(schedulers_online, _) could cause callers to
-    end up in a suspended state forever.
-  * dialyzer: Do not expose line number 0 in messages if there are
-    other locations to use.
-  * dialyzer: In rare circumstances, Dialyzer could crash analyzing
-    code with a list comprehension whose value was ignored. (Thanks
-    to Ulf Wiger for reporting this bug.)
-  * ssh: Filter out sensitive data (passwords etc) from progress
-    reports and supervisor reports.
-  * inets: Improved user input handling in inets/mod_esi preventing
-    unnecessary atom creation.
-  * compiler: A compiler optimization pass could crash when given
-    odd but legal code using throw/1.
-- Changes for 24.0.2:
-  * kernel: Fix a race condition in Global.
-  * kernel: After a node restart with init:restart/0,1, the module
-    socket was not usable because supporting tables had been
-    cleared and not re-initialized. This has now been fixed.
-    Handling of the "." domain as a search domain was incorrect and
-    caused a crash in the DNS resolver inet_res, which has now been
-    fixed.
-  * kernel: Handling of combinations of the fd option and binding
-    to an address has been corrected, especially for the local
-    address family.
-  * kernel: Bug fixes and code cleanup for the new socket
-    implementation, such as: Assertions on the result of
-    demonitoring has been added in the NIF code, where appropriate.
-    Internal state handling for socket close in the NIF code has
-    been reviewed. Looping over close() for EINTR in the NIF code
-    has been removed, since it is strongly discouraged on Linux and
-    Posix is not clear about if it is allowed. The inet_backend
-    temporary socket option for legacy gen_tcp sockets has been
-    documented. The return value from net:getaddrinfo/2 has been
-    corrected: the protocol field is now an atom(), instead of,
-    incorrectly, list(atom()). The documentation has also been
-    corrected about this return type. Deferred close of a
-    socket:sendfile/* file was broken and has been corrected. Some
-    debug code, not enabled by default, in the socket NIF has been
-    corrected to not accidentally core dump for debug printouts of
-    more or less innocent events.
-  * stdlib: Fix a bug that could cause a loop when formatting terms
-    using the control sequences p or P and limiting the output with
-    the option chars_limit.
-  * erts: Not yet handled alias-message signals in the signal queue
-    at the time when a garbage collection was performed could cause
-    a memory corruption which in turn could result in a crash of
-    the runtime system. This bug was introduced in OTP 24.0.
-  * erts: Fixed bug when using external pids/ports in keys of big
-    maps (> 32). Could cause runtime crash. Bug exists since OTP
-    24.0.
-  * erts: After a node restart with init:restart/0,1, the module
-    socket was not usable because supporting tables had been
-    cleared and not re-initialized. This has now been fixed.
-    Handling of the "." domain as a search domain was incorrect and
-    caused a crash in the DNS resolver inet_res, which has now been
-    fixed.
-  * erts: A call to port_command() could cause a scheduler to end
-    up in an eternal loop if the port was busy and the calling
-    process had incoming signals at the time of the call. This bug
-    was introduced in OTP 23.3.2 (ERTS version 11.2.1), OTP
-    22.3.4.18 (ERTS version 10.7.2.10), and OTP 21.3.8.23 (ERTS
-    version 10.3.5.18).
-  * erts: Bug fixes and code cleanup for the new socket
-    implementation, such as: Assertions on the result of
-    demonitoring has been added in the NIF code, where appropriate.
-    Internal state handling for socket close in the NIF code has
-    been reviewed. Looping over close() for EINTR in the NIF code
-    has been removed, since it is strongly discouraged on Linux and
-    Posix is not clear about if it is allowed. The inet_backend
-    temporary socket option for legacy gen_tcp sockets has been
-    documented. The return value from net:getaddrinfo/2 has been
-    corrected: the protocol field is now an atom(), instead of,
-    incorrectly, list(atom()). The documentation has also been
-    corrected about this return type. Deferred close of a
-    socket:sendfile/* file was broken and has been corrected. Some
-    debug code, not enabled by default, in the socket NIF has been
-    corrected to not accidentally core dump for debug printouts of
-    more or less innocent events.
-  * erts: Dirty execution of a process in combination with an
-    unlink signal from a port to the process could cause the signal
-    queue of the process to enter into an inconsistent state. The
-    result of the inconsistency typically caused a crash of the
-    runtime system. This bug was introduced in OTP 23.3 (ERTS
-    version 11.2).
-  * erl_docgen: Fix links generated in specs to types in other
-    applications to point to the correct place. This bug was
-    introduced in Erlang/OTP 24.0.
-  * ssl: Fix cache invalidation problem for CA certs provided by
-    the cacertfile option.
-  * ssh: Avoid an extra blank line in the ssh known_hosts file
-  * compiler: Fixed a bug that could cause after blocks to be
-    ignored when erlang:raise/3 was used in a catch block.
-  * compiler: Fixed a bug in the validation pass that could cause
-    it to reject valid code.
-  * crypto: EC keys are now zero-padded to the expected length if
-    needed.
-
-- Use sysusers-tools to provide epmd user
-- Fix directories not owned by the package (boo#1187546)
-
-- Install RPM macros file to %{_rpmmacrodir} (boo#1185667)
-
-- Changes for 24.0.1:
-  * erl_interface: Commit of generated configure script.
-  * wx: Fix build problems when wxWidgets are built with -enable-
-    std.
-  * wx: Commit of generated configure script.
-  * crypto: Removed a risk for coredump.
-  * crypto: Fixed and documented the DED_LDFLAGS_CONFTEST
-    configuration variable in $ERL_TOP/HOWTO/INSTALL.md.
-  * crypto: Commit of generated configure script.
-  * common_test: Commit of generated configure script.
-  * ssh: Add missing known_hosts and authorized_keys file types to
-    ssh_file:decode/2 and ssh_file:encode/2.
-  * erts: Commit of generated configure script.
-  * snmp: Commit of generated configure script.
-  * megaco: Commit of generated configure script.
-  * odbc: Commit of generated configure script.
-
-- Version 24.0:
-  - Highlights compiler:
-  * The compiler will now inline funs that are used only once
-    immediately after their definition.
-  * Compiler warnings and errors now include column numbers in
-    addition to line numbers.
-  * Variables bound between the keywords 'try' and 'of' can now
-    be used in the clauses following the 'of' keyword (that is,
-    in the success case when no exception was raised).
-  * Generators in list and binary comprehensions will now raise a
-    {bad_generator,Generator} exception if the generator has an
-    incorrect type Similarly, when a filter does not evaluate to
-    a boolean, a {bad_filter,Filter} exception will be raised.
-  * Warnings for expressions whose result was ignored that could
-    be suppressed by using the anonymous variable '_' can now be
-    suppressed with a variable beginning with '_'.
-  * Selective receive optimization will now be applied much more
-    often. The new recv_opt_info compile flag can be used to
-    print diagnostics relating to this optimization. You can read
-    more about the selective receive optimization in the
-    Efficiency Guide.
-  - erts, kernel, stdlib:
-  * hex encoding and decoding functions added in the binary module
-  * The BeamAsm JIT-compiler has been added to Erlang/OTP and
-    will give a significant performance boost for many
-    applications. The JIT-compiler is enabled by default on most
-    x86 64-bit platforms that have a C++ compiler that can
-    compile C++17. To verify that a JIT enabled emulator is
-    running you can use erlang:system_info(emu_flavor).
-  * A compatibility adaptor for gen_tcp to use the new socket API
-    has been implemented (gen_tcp_socket).
-  * Extended error information for failing BIF calls as proposed
-    in EEP 54 has been implemented.
-  * Process aliases as outlined by EEP 53 has been introduced.
-  * Implementation of EEP 56 in supervisor. It adds the concept
-    of significant children as well as the auto_shutdown
-    supervisor flag. See the supervisor manual page for more
-    information.
-  - ftp:
-  * Add support for FTPES (explicit FTP over TLS).
-  - ssl:
-  * Make TLS handshakes in Erlang distribution concurrent.
-  * TLS connections now support EdDSA certificates.
-  - wx:
-  * The application has been completely rewritten in order to use
-    wxWidgets version 3 as its base.
-  * Added support for wxWebView.
-  - edoc:
-  * EDoc is now capable of emitting EEP-48 doc chunks. This means
-    that, with some configuration, community projects can now
-    provide documentation for shell_docs the same way that OTP
-    libraries did since OTP 23.0.
-
-- Pack doc/chunks into %{_libdir} (boo#1184492)
-
-- Use wxWidgets < 3.1 (boo#1180488)
-
-- Changes for 23.2.2:
-  * crypto: Fixed usage of AC_CONFIG_AUX_DIRS() macros in configure
-    script sources.
-  * odbc: Fixed usage of AC_CONFIG_AUX_DIRS() macros in configure
-    script sources.
-  * snmp: Fixed usage of AC_CONFIG_AUX_DIRS() macros in configure
-    script sources.
-  * erts: The suspend_process() and resume_process() BIFs did not
-    check their arguments properly which could cause an emulator
-    crash.
-  * erts: The runtime system would get into an infinite loop if the
-    runtime system was started with more than 1023 file descriptors
-    already open.
-  * megaco: Fixed usage of AC_CONFIG_AUX_DIRS() macros in configure
-    script sources.
-  * erl_interface: Integers outside of the range [-(1 bsl 32) - 1,
-    (1 bsl 32) -1] were previously intended to be printed in an
-    internal bignum format by ei_print_term() and
-    ei_s_print_term(). Unfortunately the implementation has been
-    buggy since OTP R13B02 and since then produced results with
-    random content which also could crash the calling program. This
-    fix replaces the printing of the internal format with printing
-    in hexadecimal form and extend the range for printing in
-    decimal form. Currently integers in the range [-(1 bsl 64), (1
-    bsl 64)] are printed in decimal form and integers outside of
-    this range in Erlang hexadecimal form.
-  * erl_interface: The ei API for decoding/encoding terms is not
-    fully 64-bit compatible since terms that have a representation
-    on the external term format larger than 2 GB cannot be handled.
-  * ssl: Fix CVE-2020-35733 this only affects ssl-10.2 (OTP-23.2).
-    This vulnerability could enable a man in the middle attack
-    using a fake chain to a known trusted ROOT. Also limits
-    alternative chain handling, for handling of possibly extraneous
-    certs, to improve memory management.
-  * ssl: Add support for AES CCM based cipher suites defined in RFC
-    7251 Also Correct cipher suite name conversion to OpenSSL
-    names. A few names where corrected earlier in OTP-16267 For
-    backwards compatible reasons we support usage of openSSL names
-    for cipher suites. Mostly anonymous suites names where
-    incorrect, but also some legacy suites.
-- Changes for 23.2.1:
-  * erts: Fix emulator crash when sending small bit-strings over
-    Erlang distribution while the connection is being setup. The
-    fault was introduced in OTP-23.0
-- Changes for 23.2:
-  * erl_docgen: Fix links in titles to github and anchors to work.
-  * erl_docgen: Fix some typing errors on variable names in
-    documentation examples.
-  * mnesia: Avoid potential performance issue, if the input queue
-    to mnesia_tm is long.
-  * crypto: Build the supported curves cache in the NIF when crypto
-    is loaded, no matter how it is loaded. This prevents a possible
-    problem with different processes starting the crypto
-    application concurrently.
-  * crypto: It is now possible to build with crypto and openssl
-    gprof-enabled and statically link them into the VM.
-  * crypto: Fixed performance loss in HMAC when using older OpenSSL
-    due to mutex issues. A workaround is implemented to allow
-    fallback from using the EVP API for HMAC operations. On some
-    architectures this may improve the performance, especially with
-    old OpenSSL versions. This fallback to low-level functions is
-    always enabled for openssl versions before 1.0.2.
-  * kernel: The apply call's in logger.hrl are now called with
-    erlang prefix to avoid clashed with local apply/3 functions.
-  * kernel: Fix memory leak in pg.
-  * kernel: Fix crash in logger_proxy due to stray gen_server:call
-    replies not being handled. The stray replies come when logger
-    is under heavy load and the flow control mechanism is reaching
-    its limit.
-  * kernel: Fixed a bug in erl_epmd:names() that caused it to
-    return the illegal return value noport instead of {error,
-    Reason} where Reason is the actual error reason. This bug also
-    propagated to net_adm:names(). This bug was introduced in
-    kernel version 7.1 (OTP 23.1).
-  * kernel: Add export of some resolver documented types.
-  * kernel: Add configurable retry timeout for resolver lookups.
-  * kernel: gen_server:multi_call() has been optimized in the
-    special case of only calling the local node with timeout set to
-    infinity.
-  * public_key: Corrected dialyzer spec for pkix_path_validation/3
-  * snmp: If an attempt was made to send a v1 trap on a IPv6
-    transport this could cause a master agent crash (if the agent
-    was *not* multi-threaded).
-  * snmp: The deprecation info for a couple of the deprecated MIB
-    compiler functions where incorrect. Referred to functions in
-    the 'snmpa' module instead of 'snmpc'.
-  * snmp: Make it possible for the agent to configure separate
-    transports (sockets) for request-responder and trap-sender.
-  * snmp: The mib server cache handling has been improved. First,
-    the default gclimit has been changed from 100 to infinity (to
-    ensure the size is as small as possible). Also, the method of
-    removing old elements has been optimized.
-  * snmp: It is now possible to configure the agent in such a way
-    that the order of outgoing notifications are processed in order
-    in the agent. What happens after the notification message has
-    left the agent (been sent) is of course still out of our
-    control.
-  * snmp: Improve handling of the udp_error message. Basically an
-    improved error/warning message.
-  * wx: Add popup menu callback to wxTaskBarIcon:new/1.
-  * dialyzer: Clarify warning option -Wunmatched_returns in
-    dialyzer(3).
-  * tools: Correct the Xref analysis exports_not_used to not report
-    internally generated behaviour_info/1.
-  * syntax_tools: In the syntax_tools application, the igor module
-    and all functions in erl_tidy except file/2 have been
-    deprecated.
-  * compiler: Several minor compiler bugs have been fixed:
-    Constructing a binary with a list as a size of a binary segment
-    could generate a BEAM file that could not be loaded. When
-    matching a binary segment of type float and ignoring the
-    matched out value, the match would always succeed, even if the
-    size was invalid or the value of the float was NaN or some
-    other non-numeric float value. Attempting to construct an
-    invalid external fun (e.g. fun m:f:bad) is supposed to raise a
-    'badarg' exception, but if the value was never used, no
-    exception would be raised.
-  * compiler: Fixed multiple bugs in the validator that could cause
-    it to reject valid code.
-  * compiler: The compiler could crash when a binary comprehension
-    had a generator that depended on another generator.
-  * compiler: Fixed a bug in the type optimization pass that could
-    yield incorrect values or cause the wrong clauses to be
-    executed.
-  * erts: Fixed bug which could cause VM crash when a NIF is loaded
-    at the same time as the Erlang implementation of the NIF is
-    called. Bug exists since OTP 23.0.
-  * erts: Fixed enif_make_map_* functions in debug build when given
-    environment from enif_alloc_env.
-  * erts: Fixed broken configuration option --disable-pie.
-  * erts: Fixed rare distribution bug in race between received
-    signal (link/monitor/spawn_request/spawn_reply) and
-    disconnection. Symptom: VM crash. Since: OTP 21.0.
-  * erts: Fixed a performance issue when extremely many items were
-    stored in the process dictionary. (Fixing this bug also
-    eliminates a compiler warning emitted by the latest version of
-    Clang.)
-  * erts: Remove -ftree-copyrename from flags passed to compiler
-    when building erts. The flag is not used by modern gcc's and is
-    not supported by clang.
-  * erts: Modules using complicated nested binary comprehensions
-    could fail to load.
-  * erts: Fixed a race in file:read_file/1 were an incomplete file
-    could be returned if another OS process swapped the file out
-    while reading.
-  * erts: The call list_to_integer("10", true) would return 4
-    instead of raising an exception. Certain other atoms would also
-    be interpreted as a number base.
-  * erts: On macOS 11 (Big Sur), erl would not start if the maximum
-    number of file descriptors were unlimited (ulimit -n
-    unlimited).
-  * erts: Add manifest to all executables and dynamic libraries.
-  * xmerl: Corrected namespace and expanded name in the old dom
-    backend example module.
-  * xmerl: Corrected a bug that in some cases didn't allow
-    unresolved references when skip_external_dtd option used.
-  * ssh: Fixed problems in the ssh cli/shell handling. Most
-    important are: 1) the ssh:shell function did sometimes cause
-    the input to be echoed twice, 2) the ssh:shell function didn't
-    transfer the LANG and LC_ALL shell variables to the connected
-    server which sometimes made Unicode handling erroneous, 3)
-    Unicode was not always transferred correctly to and from the
-    peer.
-  * ssh: The SSH protocol message SSH_MSG_DISCONNECT was sometimes
-    sent instead of SSH_MSG_CHANNEL_FAILURE
-  * ssh: The ssh_cli module now always sends the exit-status to
-    connected clients so they can use that to check for successful
-    command execution.
-  * ssh: A new option pk_check_user enables checking of the
-    client's user name in the server when doing public key
-    authentication.
-  * stdlib: This change fixes the handling of deep lists in the
-    path component when using uri_string:recompose/1.
-  * stdlib: Fix shell_docs to clear shell decorations
-    (bold/underline) when paginating output. Fix various small
-    renderings issues when integrating shell_docs with edoc.
-  * stdlib: Improved the API and documentation of the uri_string
-    module. Added a new chapter to the Users Guide about Uniform
-    Resource Identifiers and their handling with the new API. Added
-    two new API functions: uri_string:allowed_characters/0 and
-    uri_string:percent_decode/1. This change has been marked as
-    potentially incompatible as uri_string:normalize/2 used to
-    decode percent-encoded character triplets that corresponded to
-    characters not in the reserved set. After this change,
-    uri_string:normalize/2 will only decode those percent-encoded
-    triplets that correspond to characters in the unreserved set
-    (ALPHA / DIGIT / "-" / "." / "_" / "~"). *** POTENTIAL
-    INCOMPATIBILITY ***
-  * stdlib: The shell_docs module has been expanded with the
-    possibility to configure unicode, ansi and column size for the
-    rendered text.
-  * megaco: Empty statistics descriptor (now) allowed in both
-    encode and decode for version 3.
-  * ssl: SSL's Erlang Distribution Protocol modules inet_tls_dist
-    and inet6_tls_dist lacked a callback function, so the start
-    flag "-dist_listen false" did not work, which has now been
-    fixed.
-  * ssl: Correct OpenSSL names for newer cipher suites using DHE in
-    their name that accidentally got the wrong value when fixing
-    other older names using EDH instead.
-  * ssl: This change improves the handling of DTLS listening
-    dockets, making it possible to open multiple listeners on the
-    same port with different IP addresses.
-  * ssl: Fix a bug that causes cross-build failure. This change
-    excludes the ssl.d dependency file from the source tarballs.
-  * ssl: This change fixes ssl:peername/1 when called on a DTLS
-    client socket.
-  * ssl: Retain emulation of active once on a closed socket to
-    behave as before 23.1
-  * ssl: Corrected server session cache entry deletion pre TLS-1.3.
-    May increase session reuse.
-  * ssl: Handle extraneous certs in certificate chains as well as
-    chains that are incomplete but can be reconstructed or
-    unordered chains. The cert and certfile options will now accept
-    a list of certificates so that the user may specify the chain
-    explicitly. Also, the default value of the depth option has
-    been increased to allow longer chains by default.
-  * ssl: This change implements optional NSS-style keylog in
-    ssl:connection_information/2 for debugging purposes. The keylog
-    contains various TLS secrets that can be loaded in Wireshark to
-    decrypt TLS packets.
-  * ssl: Use new gen_statem feature of changing callback mode to
-    improve code maintainability.
-  * ssl: The handling of Service Name Indication has been aligned
-    with RFC8446.
-  * ssl: Add explicit session reuse option to TLS clients for pre
-    TLS-1.3 sessions. Also, add documentation to Users Guide for
-    such sessions.
-  * inets: Fix an issue about HTML-escaped filename in inets.
-  * common_test: Add behaviour for test suites
-- Changes for 23.1.5:
-  * ssh: An ssh-client can take an accepted socket from a listening
-    socket and do an ssh:connect/2 on it. Multiple clients on
-    sockets accepted from the same listening socket had stopped
-    working. This is corrected now.
-- Changes for 23.1.4:
-  * ssh: The inet option raw was not passed on from the ssh option
-    list to inet.
-
-- Changes for 23.1.3:
-  * erts: Fixed a crash when exceptions were thrown during call
-    time tracing.
-  * ssh: A supervisor sub-tree could be left if the connection
-    handler process is brutally killed. This will make the
-    max_sessions checking option to count the existing sessions
-    erroneously and could finally block further sessions.
-- Changes for 23.1.2:
-  * compiler: Fixed a bug in the boolean optimization pass that
-    caused the compiler to confuse different clauses.
-  * erts: Fixed bugs causing issues when enabling the ERTS internal
-    allocators on a system built with the undocumented and
-    unsupported SMALL_MEMORY feature.
-  * erts: The inet driver used to use 16 as maximum elements in an
-    I/O vector passed to writev() (and WSASend() on Windows). When
-    the data to send contained lots of elements, this caused a
-    performance degradation since repeated calls to writev() had to
-    be made to a much larger extent. The inet driver now looks up
-    actual maximum amount of elements that can be used on the
-    system, instead of just assuming 16. On most systems this will
-    result in a maximum amount of I/O vector elements of 1024. As
-    of OTP 23.0 the term encoding of signals to send over the
-    distribution are encoded into I/O vectors of buffers instead of
-    into a single buffer. Reference counted binaries are referred
-    to directly from the I/O vector instead of being copied into
-    the single buffer. That is, Erlang signals containing huge
-    amounts of reference counted binaries was effected by this
-    performance degradation.
-  * erts: In the distributed case, a faulty reply option in a call
-    to the spawn_request() BIF erroneously caused a badarg
-    exception instead of a badopt error message reply.
-
-- Changes for 23.1.1:
-  * erts: inet:setopts([{active,once}]) wakes up IO polling thread
-    unnecessarily, leading to lock contention and visibly higher
-    CPU utilization.
-  * erts: Two bugs in the ERTS internal thread wakeup functionality
-    have been fixed. These bugs mainly hit when all threads in the
-    system tried to go to sleep. When the bugs were triggered,
-    certain operations were delayed until a thread woke up due to
-    some other reason. Most important operations effected were code
-    loading, persistent term updates, and memory deallocation.
-  * erts: Fixed bug in ets:select_replace/2 on compressed tables
-    that could produce faulty results or VM crash. Bug exists since
-    OTP 20.
-  * erts: When compiling Erlang/OTP on macOS using Xcode 12, the
-    performance of the BEAM interpreter would be degraded.
-  * erts: As of OTP 22, the allocator specific memory carrier pools
-    were replaced by a node global carrier pool. This unfortunately
-    caused substantial memory fragmentation in some cases due to
-    long lived data being spread into carriers used by allocators
-    mainly handling short lived data. A new command line argument
-    +M<S>cp has been introduced with which one can enable the old
-    behavior as well as configuring other behaviors for the carrier
-    pools. In order to configure the old behavior, with allocator
-    specific carrier pools for all allocators, pass +Mucp :
-    (including the colon character) as a command line argument to
-    erl when starting the Erlang system. The default configuration
-    for carrier pools will be changed to +Mucp : some time in the
-    future, but not in this patch.
-  * os_mon: The configuration parameter
-    memsup_improved_system_memory_data has been introduced. It can
-    be used to modify the result returned by
-    memsup:get_system_memory_data(). For more information see the
-    memsup documentation. Note that the configuration parameter is
-    intended to be removed in OTP 24 and the modified result is
-    intended to be used as of OTP 24.
-  * ssh: Fix decoder bug.
-  * compiler: Fixed a performance bug that could be triggered by
-    tuple matching in very large functions.
-  * public_key: Fix the issue that pem_decode will crash with an
-    invalid input.
-- Changes for 23.1:
-  * kernel: A fallback has been implemented for file:sendfile when
-    using inet_backend socket
-  * kernel: Make default TCP distribution honour option backlog in
-    inet_dist_listen_options.
-  * kernel: Raw option handling for the experimental gen_tcp_socket
-    backend was broken so that all raw options were ignored by for
-    example gen_tcp:listen/2, a bug that now has been fixed.
-    Reported by Jan Uhlig.
-  * kernel: Accept fails with inet-backend socket.
-  * kernel: Fixed various minor errors in the socket backend of
-    gen_tcp.
-  * kernel: Correct disk_log:truncate/1 to count the header. Also
-    correct the documentation to state that disk_log:truncate/1 can
-    be used with external disk logs.
-  * kernel: Fix erl_epmd:port_please/2,3 type specs to include all
-    possible error values.
-  * kernel: Fix erl -erl_epmd_port to work properly. Before this
-    fix it did not work at all.
-  * kernel: Fix typespec for internal function
-    erlang:seq_trace_info/1 to allow term() as returned label. This
-    in turn fixes so that calls to seq_trace:get_token/1 can be
-    correctly analyzer by dialyzer.
-  * kernel: Fix erroneous double registration of processes in pg
-    when distribution is dynamically started.
-  * kernel: Make (use of) the socket registry optional (still
-    enabled by default). Its now possible to build OTP with the
-    socket registry turned off, turn it off by setting an
-    environment variable and controlling in runtime (via function
-    calls and arguments when creating sockets).
-  * kernel: erl -remsh nodename no longer requires the hostname to
-    be given when used together with dynamic nodenames.
-  * observer: Fix graph windows flickering on windows.
-  * mnesia: FIx mnesia delete object handling in transaction
-    storage. In a transaction mnesia:read/1 could indicate that
-    exiting objects did not exist after another object was deleted.
-  * mnesia: Fixed crash during startup, which could happen if a
-    table was deleted on another node.
-  * stdlib: The functions digraph:in_edges/2 and
-    digraph:out_edges/2 would return false edges if called for a
-    vertex that had a '_' atom in its name term.
-  * stdlib: filelib:wildcard("not-a-directory/..") should return an
-    empty list. On Windows it returned "not-a-directory/..".
-  * stdlib: Fix the typespec of shell_docs:render to use the
-    correct type for an MFA.
-  * stdlib: Fix uri_string:recompose/1 when host is present but
-    input path is not absolute. This change prevents the recompose
-    operation to change the top level domain of the host when the
-    path does not start with a slash.
-  * stdlib: The epp module would return a badly formed error term
-    when an 'if' preprocessor directive referenced an undefined
-    symbol. epp:format_error/1 would crash when called with the bad
-    error term.
-  * stdlib: lists:sublist(List, Start, Len) failed with an
-    exception if Start > length(List) + 1 even though it is
-    explicitly documented that "It is not an error for Start+Len to
-    exceed the length of the list".
-  * tools: Correct the Xref analysis locals_not_used to find
-    functions called exclusively from on_load functions.
-  * erts: Update the documentation of the abstract format to use
-    ANNO instead of LINE.
-  * erts: The emulator will no longer revert to the default number
-    of schedulers when running under a CPU quota lower than 1 CPU.
-  * erts: Fixed a problem with crash dumps. When a process that
-    contained reference to literals internally created by the
-    runtime system (such as the tuple returned by os:type/0), the
-    literal would not be included in the crash dump and the
-    crashdump viewer would complain about the heap being
-    incomplete.
-  * erts: Fix configure detection of PGO for clang.
-  * erts: The to_erl program has been fixed to correctly interpret
-    newline as only newline and not newline+return. This bug would
-    cause the terminal to behave strangely when using lines longer
-    than the terminal size.
-  * erts: A race condition when changing process priority by
-    calling process_flag(priority, Prio) could cause elevation of
-    priority for a system task to be ignored. This bug hit if the
-    system task was scheduled on the process calling process_flag()
-    at the same time as the priority was changed. The bug is quite
-    harmless and should hit very seldom if ever.
-  * erts: Adjust /bin/sh to /system/bin/sh in scripts when
-    installing on Android.
-  * erts: In rare circumstances, when loading a BEAM file generated
-    by an alternative code generator (not the Erlang compiler in
-    OTP) or from handwritten or patched BEAM code, the loader could
-    do an unsafe optimization.
-  * erts: A memory and file descriptor leak in socket has been
-    fixed. (When a newly opened socket that had not entered the fd
-    into the VM's poll set (neither received, sent, accepted nor
-    connected) was abandoned without closing (process died), after
-    assigning a different controlling process, then a memory block
-    and the file descriptor could be leaked.)
-  * erts: The documentation of statistics(run_queue) erroneously
-    stated that it returns the total length of all normal run
-    queues when it is the total length of all normal and dirty CPU
-    run queues that is returned. The documentation has been updated
-    to reflect the actual behavior.
-  * erts: Changes in order to build on the Haiku operating system.
-    Thanks to Calvin Buckley
-  * erts: When building the inet driver on Windows, there where
-    many compiler warnings regarding type casting (used when
-    calling the debug macro). This has now been resolved.
-  * erts: Make (use of) the socket registry optional (still enabled
-    by default). Its now possible to build OTP with the socket
-    registry turned off, turn it off by setting an environment
-    variable and controlling in runtime (via function calls and
-    arguments when creating sockets).
-  * erts: Change default filename encoding on android to UTF-8.
-  * erts: Clarification of the format of the atom cache header used
-    by the distribution.
-  * erl_docgen: Repaired lost function "since" versions in the
-    right margin of the module reference HTML documentation.
-  * erl_docgen: Remove erlang compilation warnings and trailing
-    whitespaces.
-  * ftp: Avoid timing issue when setting active once on a socket
-    that is being closed by the peer.
-  * ftp: Avoid timing issue when setting active once on a socket
-    that is being closed by the peer.
-  * dialyzer: In rare circumstance, dialyzer wold crash when
-    analyzing a list comprehension.
-  * eunit: Fixed compiler warning.
-  * snmp: For agent fix PrivParams for SNMPv3 USM with AES privacy,
-    as earlier fixed for the manager in OTP_16541.
-  * snmp: The SNMP Agent missed to re-activate datagram reception
-    in an odd timeout case and went deaf. This bug has been fixed.
-  * snmp: Use of deprecated functions in example 2 has been removed
-    (no more compiler warnings).
-  * snmp: A file descriptor leak has been plugged. When calling the
-    reconfigure function of a mib, it opened the config file(s) but
-    never closed them on successful read.
-  * asn1: Changes in order to build on the Haiku operating system.
-    Thanks to Calvin Buckley
-  * syntax_tools: Minor documentation fix of erl_syntax:operator/1.
-  * erl_interface: Fix erl_interface on windows to be compiled with
-    correct flags to make internal primitives reentrant.
-  * erl_interface: Fixed ei_get_type to set *size to zero for
-    floats, pids, port and refs according to documentation.
-  * erl_interface: Fix ei_connect when using a dynamic node name to
-    force usage of distribution version 6. This bug caused erl_call
-  - R -address to not work properly.
-  * erl_interface: Changes in order to build on the Haiku operating
-    system. Thanks to Calvin Buckley
-  * erl_interface: The ei API for decoding/encoding terms is not
-    fully 64-bit compatible since terms that have a representation
-    on the external term format larger than 2 GB cannot be handled.
-  * ssl: If a passive socket is created, ssl:recv/2,3 is never
-    called and then the peer closes the socket the controlling
-    process will no longer receive an active close message.
-  * ssl: Data deliver with ssl:recv/2,3 could fail for when using
-    packet mode. This has been fixed by correcting the flow control
-    handling of passive sockets when packet mode is used.
-  * ssl: This change fixes a potential man-in-the-middle
-    vulnerability when the ssl client is configured to
-    automatically handle session tickets ({session_tickets, auto}).
-  * ssl: Fix the internal handling of options 'verify' and
-    'verify_fun'. This change fixes a vulnerability when setting
-    the ssl option 'verify' to verify_peer in a continued handshake
-    won't take any effect resulting in the acceptance of expired
-    peer certificates.
-  * ssl: This change fixes the handling of stateless session
-    tickets when anti-replay is enabled.
-  * ssl: Fix a crash due to the faulty handling of stateful session
-    tickets received by servers expecting stateless session
-    tickets. This change also improves the handling of
-    faulty/invalid tickets.
-  * ssl: Correct flow ctrl checks from OTP-16764 to work as
-    intended. Probably will not have a noticeable affect but will
-    make connections more well behaved under some circumstances.
-  * ssl: Distribution over TLS could exhibit livelock-like
-    behaviour when there is a constant stream of distribution
-    messages. Distribution data is now chunked every 16 Mb to avoid
-    that.
-  * ssl: Implement the cookie extension for TLS 1.3.
-  * ssl: Experimental OCSP client support.
-  * ssl: TLS 1.0 -TLS-1.2 sessions tables now have a absolute max
-    value instead of using a shrinking mechanism when reaching the
-    limit. To avoid out of memory problems under heavy load
-    situations. Note that this change infers that implementations
-    of ssl_session_cache_api needs to implement the size function
-    (introduce in OTP 19) for session reuse to be optimally
-    utilized.
-  * os_mon: memsup now returns the correct amount of system memory
-    on macOS.
-  * os_mon: Fix memsup:get_os_wordsize/0 to return the current size
-    on aarch64.
-  * ssh: Fixed a bug when a message to ssh-agent was divided into
-    separate packets.
-  * ssh: Fix a bug that could crash the cli server if a too large
-    cli-window was requested from the client.
-  * ssh: Increased test coverage.
-  * ssh: A chapter about hardening the OTP SSH is added to the
-    User's Guide.
-  * ssh: The internal Diffie-Hellman high level API for key
-    generation was slow in old and by OpenSSL now unsupported
-    cryptolib versions (1.0.1 and earlier). If such a cryptolib is
-    used anyhow, the low-level API is used internally in the crypto
-    application.
-  * ssh: A new timeout is defined for daemons: hello_timeout. The
-    timeout is supposed to be used as a simple DoS attack
-    protection. It closes an incoming TCP-connection if no valid
-    first SSH message is received from the client within the
-    timeout limit after the TCP initial connection setup. The
-    initial value is 30s by compatibility reasons, but could be
-    lowered if needed, for example in the code or in a config file.
-  * inets: Clarify the handling of percent encoded characters in
-    http client.
-  * inets: fix crash for undefined port in uri.
-  * inets: Avoid timing issue when setting active once on a socket
-    that is being closed by the peer.
-  * inets: Handle message body of response with 1XX status code as
-    next http message.
-  * inets: Fix a crash in http server when setopts is called on a
-    socket closed by the peer.
-  * inets: A vulnerability in the httpd module (inets application)
-    regarding directory traversal that was introduced in OTP 22.3.1
-    and corrected in OTP 22.3.4.6. It was also introduced in OTP
-    23.0 and corrected in OTP 23.1 The vulnerability is registered
-    as CVE-2020-25623 (boo#1177354) The vulnerability is only exposed
-    if the http server (httpd) in the inets application is used. The
-    vulnerability makes it possible to read arbitrary files which
-    the Erlang system has read access to with for example a
-    specially prepared http request.
-  * inets: Add support of PATCH method in mod_esi.
-  * compiler: If the update of a map with the 'Map#{Key := Value}'
-    syntax failed, the line number in the stack backtrace could be
-    incorrect.
-  * compiler: Fixed a performance bug that slowed down compilation
-    of modules with deeply nested terms.
-  * compiler: The compiler could in rare circumstances do an an
-    unsafe optimization that would result in a matching of a nested
-    map pattern would fail to match.
-  * compiler: Fixed a bug in the validator that caused it to reject
-    valid code.
-  * public_key: Fixed an insignificant whitespace issue when
-    decoding PEM file.
-  * public_key: Experimental OCSP client support.
-  * public_key: Use user returned path validation error for
-    selfsigned cert. It allows users of the ssl application to
-    customize the generated TLS alert, within the range of defined
-    alerts.
-  * public_key: add API function to retrieve the subject-ID of an
-    X509 certificate
-  * runtime_tools: Fixed a crash in appmon_info triggered by trying
-    to read port info from a port that was in the process of
-    terminating. appmon_info is used by observer to get information
-    from the observed node.
-  * megaco: The expected number of warnings when (yecc) generating
-    v2 and v3 (text) parser's was incorrect.
-  * hipe: Fixed a warning issued when building the hipe
-    application.
-  * odbc: Changes in order to build on the Haiku operating system.
-    Thanks to Calvin Buckley
-  * crypto: Fix type spec bug in crypto for crypto_init and
-    crypto:one_time
-  * crypto: The deprecation message for crypto:rand_uniform/2
-    indicated a non-existent function. The correct one
-    (rand:uniform/1) is now suggested.
-  * crypto: Implemented a workaround to allow fallback from using
-    the EVP API for Diffie-Hellman key generation
-  * crypto: The internal Diffie-Hellman high level API for key
-    generation was slow in old and by OpenSSL now unsupported
-    cryptolib versions (1.0.1 and earlier). If such a cryptolib is
-    used anyhow, the low-level API is used internally in the crypto
-    application.
-  * sasl: Make release_handler more resilient against exiting
-    processes during upgrade.
-- Changes for 23.0.4:
-  * stdlib: When a temporary child of a simple_one_for_one
-    supervisor died, the internal state of the supervisor would be
-    corrupted in a way that would cause the supervisor to retain
-    the start arguments for subsequent children started by the
-    supervisor, causing unnecessary growth of the supervisor's
-    heap. There state corruption could potentially cause other
-    problems as well.
-  * erts: The ERTS internal I/O poll implementation could get into
-    an inconsistent state causing input events to be ignored.
-  * megaco: The v2 and v3 parsers could not properly decode some
-    IPv6 addresses.
-
-- Changes for 23.0.3:
-  * erts: Fixed bug in erlang:load_nif/2 that could cause it to
-    throw badarg exception if a concurrent code change operation
-    was in progress. Bug existed since OTP 23.0.
-  * erts: Minor fix of debug compiled VM.
-  * erts: An unintentional reuse of an already used emulator
-    internal event object could cause a wakeup signal to a thread
-    to be lost. In worst case this could cause the runtime system
-    to hang. This hang was however quite rare.
-  * erts: NIF threads and driver threads on non-Linux systems
-    leaked internal resources when terminating. On Windows these
-    resources were one event per thread. On most other systems one
-    mutex and one condition variable per thread. On these other
-    systems that also lacked pthread_cond_timedwait() also a pipe
-    with its file descriptors was leaked.
-  * compiler: When calls to is_map_key were repeated, the compiler
-    could terminate with an internal consistency failure.
-  * compiler: Fixed a bug in the type inference pass that could
-    cause the compiler to hang.
-
-- Changes for 23.0.2:
-  * erts: Fixed bug when sending an export fun (eg lists:reverse/1)
-    on a not yet established connection. It could cause VM crash.
-    Bug exists since OTP 23.0.
-  * megaco: The mini parser could not properly decode some IPv6
-    addresses.
-- Changes for 23.0.1:
-  * erts: The functionality utilized by BIFs for temporary
-    disabling of garbage collection while yielding could cause
-    system task queues to become inconsistent on a process
-    executing such a BIF. Process system tasks are for example
-    utilized when purging code, garbage collecting literal data,
-    and when issuing an ordinary garbage collection from another
-    process. The bug does not trigger frequently. Multiple code
-    purges in direct sequence makes it more likely that this bug is
-    triggered. In the cases observed, this has resulted in a
-    hanging code purge operation.
-  * erts: SCTP and UDP recv/2,3 hangs indefinitely if socket is
-    closed while recv is called (socket in passive mode).
-  * compiler: In rare circumstances, a guard using 'not' could
-    evaluate to the wrong boolean value.
-  * compiler: A guard expression that referenced a variable bound
-    to a boolean expression could evaluate to the wrong value.
-
-- Version 23.0:
-- Potential Incompatibilities:
-  * SSL:Support for SSL 3.0 is completely removed. TLS 1.3 is added
-    to the list of default supported versions.
-  * erl_interface: Removed the deprecated parts of erl_interface
-    (erl_interface.h and essentially all C functions with prefix
-    erl_).
-  * The deprecated erlang:get_stacktrace/0 BIF now returns an empty
-    list instead of a stacktrace. erlang:get_stacktrace/0 is
-    scheduled for removal in OTP 24.
-- Improvements and new features:
-  * ssh: OpenSSH 6.5 introduced a new file representation of keys
-    called openssh-key-v1. This is now supported with the exception
-    of handling encrypted keys.
-  * Algorithm configuration could now be done in a .config file. This
-    is useful for example to enable an algorithm that is disabled by
-    default without need to change the code.
-  * SSL: Support for the middlebox compatibility mode makes the TLS
-    1.3 handshake look more like a TLS 1.2 handshake and increases
-    the chance of successfully establishing TLS 1.3 connections
-    through legacy middleboxes.
-  * Add support for key exchange with Edward curves and PSS-RSA
-    padding in signature verification
-  * The possibility to run Erlang distribution without relying on
-    EPMD has been extended.
-  * A first EXPERIMENTAL socket backend to gen_tcp and inet has been
-    implemented. gen_udp and gen_sctp will follow.
-  * Putting {inet_backend, socket} as first option to listen() or
-    connect() makes it easy to try this for existing code
-  * A new module erpc in kernel which implements an enhanced subset
-    of the operations provided by the rpc module. Enhanced in the
-    sense that it makes it possible to distinguish between returned
-    value, raised exceptions and other errors. erpc also has better
-    performance and scalability than the original rpc implementation.
-    This by utilizing the newly introduced spawn_request() BIF. Also
-    the rpc module benefits from these improvements by utilizing erpc
-    when possible.
-  * Scalability and performance Improvements plus new functionality
-    regarding distributed spawn operations.
-  * In binary matching, the size of the segment to be matched is now
-    allowed to be a guard expression (EEP-52)
-  * When matching with maps the keys can now be guard expressions
-    (EEP-52).
-  * ssh: support for TCP/IP port forwarding, a.k.a tunnelling a.k.a
-    as tcp-forward/direct-tcp is implemented. In the OpenSSH client,
-    this corresponds to the options -L and -R.
-  * Allow underscores in numeric literals to improve readability.
-    Examples: 123_456_789, 16#1234_ABCD.
-  * New functions in the shell for displaying documentation for
-    Erlang modules, functions and types.
-  * kernel: The module pg with a new implementation of distributed
-    named process groups is introduced. The old module pg2 is
-    deprecated and scheduled for removal in OTP 24.
+- negotiate "strict KEX" OpenSSH feature, when negotiated between
+  peers apply strict KEX(bsc#1218192, CVE-2023-48795)
+  * fix-CVE-2023-48795.patch
+
+- Update to 23.3.4.19 to completely fix (CVE-2022-37026,
+  bsc#1205318, jira#PED-6209)
+  * This Removes SSL support but adds TLS 1.3
+  * Other minor fixes and features especially in the ssh area.
+  * Remove the following patches included upstream
+  * fix-upstream-CVE-2022-37026.patch
+  * feature-upstream-ocsp.patch
+  * feature-upstream-ocsp-2.patch
+  * feature-upstream-ocsp-3.patch
+  * Remove the following patches not in use
+  * feature-upstream-testsuite-enhancement.patch
+  * feature-upstream-testsuite-enhancement-2.patch
+
+- Fix a regression in bsc#1205318 CVE-2022-37026-client-auth-bypass.patch
+  (bsc#1207113)
+  * Removed
+  * CVE-2022-37026-client-auth-bypass.patch
+  * Added
+  * feature-upstream-ocsp.patch
+  * feature-upstream-ocsp-2.patch
+  * feature-upstream-ocsp-3.patch
+  * fix-upstream-CVE-2022-37026.patch
+- Make testsuite run for just ssl but leave it commented out for
+  production
+  * feature-upstream-testsuite-enhancement.patch
+  * feature-upstream-testsuite-enhancement-2.patch
+
+- Add CVE-2022-37026-client-auth-bypass.patch to fix Client
+  Authorization Bypass (CVE-2022-37026, bsc#1205318). Patches
+  gh#erlang/otp@cd5024867e7b and gh#erlang/otp@6a1baa36e4e6).
ffmpeg-4
+- Add ffmpeg-CVE-2023-50010.patch:
+  Backporting e4d2666b from upstream, fixes the out of array access.
+  (CVE-2023-50010 bsc#1223256)
+
gh
+- Update to version 2.49.2:
+  * build(deps): bump github.com/sigstore/protobuf-specs from 0.3.1 to 0.3.2
+  * Add further docs to Option type
+  * Comment further on config changes
+  * Remove unnecessary config list variable
+  * Fix mistaken find and replace for Option type
+  * Fix repo fork to use remote protocol if none configured
+  * Avoid reconstructing config Options on each use
+  * Make config list less fallible
+  * Provide more type safety around config values
+  * Move config interfaces into gh package (#9060)
+  * Fix typos
+  * Creating doc to capture Codespace usage guidance
+  * Fix test function name
+  * Add test to verify JSON fields section is rendered in Markdown
+  * Output `JSON Fields` section in Markdown
+  * Add test to verify JSON fields section is rendered
+  * Add `jsonCmd` test command variable
+  * Output `JSON Fields` section
+  * Output `JSON FIELDS`
+  * Add tests to verify proper `help:json-fields` annotations
+  * Add `help:json-fields` annotation
+  * Add `FormatSlice` function
+  * Add --latest=false example to `release create` command
+  * Update create.go
+  * Add --latest=false to `gh release create` docs
+
+- Reenable all tests
+  https://github.com/cli/cli/issues/8928 looks resolved.
+- Update to version 2.49.1:
+  * Fix `attestation verify` source repository check bug
+  * Fix unused params across project
+  * Add support for jobs with long filenames
+  * Run `attestation` command set integration tests separately
+  * build(deps): bump golang.org/x/net from 0.22.0 to 0.23.0
+  * Adjust short and long to be the same
+  * Do not mutate headers when initialising tableprinter
+  * Document relationship between host and active account
+
+- Update to version 2.49.0:
+  * Document repo clone protocol behaviour
+  * whitespace aligment for inspect/inspect.go
+  * whitespace alignment in attestation/attestation.go
+  * Added tweaked note to tuf-root-verify
+  * Tweaked gh attestation help strings to generate nicer cli manual site.
+  * Update attestation's beta designation
+  * Update cli/go-gh to v2.9.0
+  * Add beta designation on attestation command set
+  * Test `gh at verify -b` does not require auth
+  * Use ghinstance package for attestation host checks
+  * Test cmdutil.IsAuthCheckEnabled cases
+  * Fix issue with closing pager stream (#9020)
+  * Support long URLs in `gh repo clone` (#9008)
+  * check for enterprise host
+  * Add missing title field for projectv2
+  * Match query fields with `ProjectV2` type
+  * Include `URL` in `ProjectV2` type
+  * Include `projectsV2` in GraphQL query
+  * Remove unnecessary defensive check
+  * Test verification failures when attestations are bad
+  * Rework sigstore tests for easier maintenance
+  * Make error more obvious when bundle has wrong extension
+  * Add colon at the end of secret prompts (#9004)
+  * Use cmdutil.ExactArgs instead of MinimumArgs; also add tests
+  * proof of concept for flag-level disable auth check
+  * remove hidden flag from attestation command (#8998)
+  * Update `gh attestation verify` output (#8991)
+  * Just base verification policy on trusted root, not bundle
+  * Support offline mode for `gh attestation verify`
+  * build(deps): bump google.golang.org/grpc from 1.62.1 to 1.62.2
+  * `gh attestation tuf-root-verify` offline test fix (#8975)
+  * Update `sigstore-go` dependency to v0.3.0 (#8977)
+  * build(deps): bump golang.org/x/net from 0.21.0 to 0.23.0
+  * Make it clearer that job flag is meant to be an ID
+  * Ignore run-id when providing also job for rerun
+
+- Update to version 2.48.0:
+  * Update install_linux.md (#8950)
+  * Remove unnecessary --help comment
+  * Fix `go` directive in `go.mod` (#8956)
+  * Use `filepath.Join` to support different platforms
+  * Run `go mod tidy`
+  * Refactor into table tests
+  * Explain `--skip-ssh-key` usage in long doc
+  * Tidy `go.mod`
+  * Fix cache contention in Go CI jobs
+  * Fix `attestation` cmd offline unit test failure (#8933)
+  * Change subcommands default to be more user friendly
+  * Add unit test, update naming, ensure DSSE envelope is in-toto
+  * Updates from linter feedback
+  * Add support to `attestation` command for more predicate types.
+  * Close zip file in run view tests
+  * Ensure run log cache creates cache dir if it doesn't exist
+  * Test `--skip-ssh-key` is captured correctly
+  * Add test to verify skipped SSH key prompts
+  * Add `--skip-ssh-key` to options
+  * Add `SkipSSHKey` field to `LoginOptions`
+  * Add tests for non-happy field paths
+  * Fix api cache test
+  * Use testify in git url tests
+  * Ensure cache dir is always available in RunLogCache
+  * Remove RunLogCache interface
+  * Use real Run Log Cache in run view tests
+  * Capture error on Run Log Cache Exists
+  * Rework Run Log Cache so that cache dir is injected
+  * Expose CacheDir on Config
+  * Minorly refactor scheme normalization in git ParseURL
+  * Test for parsing error in git ParseURL
+  * Remove naked returns from git ParseURL
+  * Fix parsing IPv6 remote URLs (#8893)
+  * Add codeowners entry for the GitHub TUF root included in the `attestation` command set (#8919)
+  * Add comment to explain `showSelectedReposInfo` assignment
+  * Rename const to avoid CodeQL error
+  * Add tests to verify `numSelectedRepos` is populated when necessary
+  * Populate `numSelectedRepos` only if needed
+  * build(deps): bump google.golang.org/grpc from 1.61.1 to 1.61.2
+  * Run defers in queue
+  * Resolve PR comments
+  * Wrap JSON arrays, objects in array with --slurp
+  * Resolve PR comments
+  * Clarify --merge-pages docs
+  * Replace --paginate-all with --merge-pages
+  * Resolve test issues
+  * Add more JSON merge tests
+  * Move jsonmerge package to internal
+  * Merge JSON responses from `gh api`
+  * Add tests for `FindByRepo`
+  * Apply suggestions from code review
+  * Improve error message returned by `FindByRepo`
+  * Add test cases to verify exported JSON has non-zero `numSelectedRepos`
+  * Populate `numSelectedRepos` in non-interactive mode, if explicitly selected
+  * Anchor the log filename to the start
+  * Add pr url pattern
+  * Test pr url lock
+  * update example for deeply nested array update
+  * allow multiple items in nested array
+
+- Update to version 2.47.0:
+  * Bump go-gh to v2.8.0 and go mod tidy
+  * build(deps): bump github.com/sigstore/protobuf-specs from 0.3.0 to 0.3.1
+  * Bump glamour to v0.7.0 and go mod tidy
+  * build(deps): bump github.com/google/go-containerregistry
+  * build(deps): bump github.com/gorilla/websocket from 1.5.0 to 1.5.1
+  * build(deps): bump google.golang.org/grpc from 1.61.0 to 1.61.1
+  * Rely on go.mod go version in all workflows (#8911)
+  * Upgrade to Go 1.22 (#8836)
+  * build(deps): bump github.com/docker/docker
+  * build(deps): bump gopkg.in/go-jose/go-jose.v2 from 2.6.1 to 2.6.3
+  * gh-attestation cmd integration (#8698)
+  * fix segfault in `gh repo rename`
+  * Bump go-gh to 2.7.0
+  * Fix typo in auth switch help example
+
+- Update to version 2.46.0:
+  * Include draft ID in project item list JSON (#8754)
+  * build(deps): bump github.com/cpuguy83/go-md2man/v2 from 2.0.3 to 2.0.4
+  * Document run watch and view not supporting fine grained PATs
+  * Document auth switch behaviour for two or more accounts
+  * Improve discovery of `gh auth status`
+  * grammar: avoid e.g.+etc. together
+  * Fix the description of `gh release upload`
+  * Bump go-keyring to fix race condition
+  * feat: support `dry-run` in gh `pr create` (#8376)
+  * build(deps): bump google.golang.org/protobuf from 1.30.0 to 1.33.0
+  * fixed doc string
+  * remove repetitive word
+  * Fix breaking test for PR/issue # change
+  * Enhance 2nd round of issue and PR number output
+  * Apply first round of owner/repo#number consistency
+  * fix: format files
+  * feat(merge): add owner/repo in prompt
+
+- Update to version 2.45.0:
+  * Bump cli/go-gh v2.6.0 for tenant using GH_TOKEN (#8787)
+  * Support `project view --web` with TTY (#8773)
+  * Handle case: some system set 600 mod for new file.
+  * Clarify helptext for `gh search issues` and `gh search repos` regarding archived repos
+  * Make minor cache list ref flag adjustments
+  * Update incorrect regex comment for client Commits
+  * Use regex to split apart the git client Commit logs
+  * Use null byte separators when fetching comments from git
+  * Add new tests to git client Commits
+  * Remove unnecessary split conditional from client Commits
+  * Extract new test helper for git client Commits
+  * redirect users to the `gh environment` command
+  * Revert "make comments in the default config file more informative"
+  * make comments in the default config file more informative
+  * fixed whitespace
+  * Clarify helptext for search prs regarding archived repos
+  * bug: fixed the result.Operation variable prior to patchRepoVariable being called in the setVariable function.
+  * Remove mainLoop label from garden
+  * feat: Add `ref` option to `gh cache list`
+  * chore: simplify parameter `owner`
+  * Support for `[HOST/]OWNER/REPO` format
+  * Replace `assert` with `require` in testing
+  * Simplify install command for Debian & Ubuntu
+  * Remove `--format` flag and add description for not specifying `--repo` and `--team` flag
+  * Fix printed project number
+  * Support for directory based repo and `GH_REPO` env variable
+  * Change the output of link` and `unlink`
+  * Refactor `OrganizationTeam`
+  * Replace `httpmock` with `gock` in testing
+  * handle flags with `cmdutil.MutuallyExclusive`, and move mutation methods to `queries.go`
+  * fix wording, move conditional blocks to functions, and add api to retrieve the ID of a team
+  * Fix wording
+  * Add testing for link and unlink
+  * Support for team
+  * Support for unlink
+  * Remove support for team
+  * Link Project to Repository or Team Command
+
+- Update to version 2.44.1:
+  * Fix PR create regression around title and body when there is only one commit by @williammartin in #8707
+- Update to version 2.44.0:
+  * Feature: added Order flag for release list command by @leevic31 in #8632
+  * autofill with body by @guerinoni in #8423
+  * Add default values to web manual and man pages by @zsloane in #8395
+  * build(deps): bump microsoft/setup-msbuild from 1.3.2 to 2.0.0 by @dependabot in #8648
+  * Documentation for built-in aliases by @Rebeccasun31 in #8367
+  * Add more detail to fork failure message by @chrisroat in #8614
+  * feat: Add cache key option to gh cache list by @toshimaru in #8667
+
+- Update to version 2.43.1:
+  * Avoid parsing create or update label http response
+  * go mod tidy
+  * Upgrade cli/go-gh to v2.5.0 for home-manager fix
+  * Fix linting error
+  * Parse SSH args before creating the shell
+  * Send activity signals during non-interactive codespace SSH command
+  * build(deps): bump microsoft/setup-msbuild from 1.3.1 to 1.3.2
+  * Specify refspec to push to the correct branch in the event of a conflicting tag
+  * Update Arch repo to [extra]
+  * added URL for newly created repo (#8574)
+  * build(deps): bump actions/cache from 3 to 4 (#8594)
+  * Add force flag to setup-git command (#8552)
+  * fix: Prevent nil dereference in `pr view`. (#8566)
+  * search repos command add usage example for --archived=false (#8391)
+  * Add --json export flags to release list command (#8474)
+  * Add json export flags to variable list command (#8516)
+  * build(deps): bump actions/download-artifact from 3 to 4 (#8466)
+  * build(deps): bump actions/upload-artifact from 3 to 4 (#8467)
+  * Remove project JSON formatting objects (#8541)
+  * Fix some typos raised by codespell
+  * Add Webi as an option for installation (#8555)
+  * Align devcontainer Go version with go.mod (#8570)
+  * Move create codespace permission opt out behind `else` to fix token permissions
+  * chore: Unify calling gh in examples (#8560)
+  * Mark-up `gh-config` settings with backticks
+
+- Update to version 2.42.1:
+  * Add Webi as an option for installation (#8555)
+  * Align devcontainer Go version with go.mod (#8570)
+  * Move create codespace permission opt out behind `else` to fix token permissions
+  * chore: Unify calling gh in examples (#8560)
+
+- Update to version 2.42.0:
+  * Prevent downloading releases with assets that match windows reserved filenames (#8517)
+  * Support template, jq flags with standard format flag (#7832)
+  * Mark-up `gh-config` settings with backticks
+
+- Update to version 2.41.0:
+  * Update deployment.yml
+  * Update pkg/cmd/browse/browse.go
+  * build(deps): bump golang.org/x/crypto from 0.14.0 to 0.17.0 (#8473)
+  * Ensure Windows sign script fails based on signtool
+  * Update deployment workflow for final HSM solution
+  * Fix signtool invocation
+  * Fix sign script fail conditions
+  * Fix HSM goreleaser calling sign script
+  * Fix HSM Windows signing
+  * Fix issue sourcing signtool for Windows signing
+  * build(deps): bump github/codeql-action from 2 to 3
+  * Verify the downloaded zip for `gh run view --log`
+  * Add missing PowerShell file from previous commit
+  * Unify Windows sign process on signtool
+  * Add more help message to browse command
+
glibc
+- ulp-prologue-into-asm-functions.patch: Avoid creating ULP prologue
+  for _start routine (bsc#1221940)
+
+- nscd-netgroup-cache-timeout.patch: Use time_t for return type of
+  addgetnetgrentX (CVE-2024-33602, bsc#1223425)
+- Also add libc_nonshared.a workaround to 32-bit x86 compat package
+  (bsc#1221482)
+
-  (CVE-2024-33599, bsc#1223423)
+  (CVE-2024-33599, bsc#1223423, BZ #31677)
-  (CVE-2024-33600, bsc#1223424)
+  (CVE-2024-33600, bsc#1223424, BZ #31678)
-  (CVE-2024-33600, bsc#1223424)
+  (CVE-2024-33600, bsc#1223424, BZ #31678)
-  CVE-2024-33602, bsc#1223425)
+  CVE-2024-33602, bsc#1223425, BZ #31680)
glibc:i686
+- ulp-prologue-into-asm-functions.patch: Avoid creating ULP prologue
+  for _start routine (bsc#1221940)
+
+- nscd-netgroup-cache-timeout.patch: Use time_t for return type of
+  addgetnetgrentX (CVE-2024-33602, bsc#1223425)
+- Also add libc_nonshared.a workaround to 32-bit x86 compat package
+  (bsc#1221482)
+
-  (CVE-2024-33599, bsc#1223423)
+  (CVE-2024-33599, bsc#1223423, BZ #31677)
-  (CVE-2024-33600, bsc#1223424)
+  (CVE-2024-33600, bsc#1223424, BZ #31678)
-  (CVE-2024-33600, bsc#1223424)
+  (CVE-2024-33600, bsc#1223424, BZ #31678)
-  CVE-2024-33602, bsc#1223425)
+  CVE-2024-33602, bsc#1223425, BZ #31680)
glibc:utils
+- ulp-prologue-into-asm-functions.patch: Avoid creating ULP prologue
+  for _start routine (bsc#1221940)
+
+- nscd-netgroup-cache-timeout.patch: Use time_t for return type of
+  addgetnetgrentX (CVE-2024-33602, bsc#1223425)
+- Also add libc_nonshared.a workaround to 32-bit x86 compat package
+  (bsc#1221482)
+
-  (CVE-2024-33599, bsc#1223423)
+  (CVE-2024-33599, bsc#1223423, BZ #31677)
-  (CVE-2024-33600, bsc#1223424)
+  (CVE-2024-33600, bsc#1223424, BZ #31678)
-  (CVE-2024-33600, bsc#1223424)
+  (CVE-2024-33600, bsc#1223424, BZ #31678)
-  CVE-2024-33602, bsc#1223425)
+  CVE-2024-33602, bsc#1223425, BZ #31680)
guestfs-tools
+- Add Requires on libguestfs which will pull in
+  libguestfs-appliance and all its dependencies. (bsc#1223444)
+  guestfs-tools.spec
+
+- Upstream bug fixes
+  Update-virt-customize-generated-files.patch
+  Initialise-bar-fp-as-NULL.patch
+
installation-images:openSUSE
+- merge gh#openSUSE/installation-images#713
+- refresh ssh_host_rsa_key (jsc#PED-129)
+- 16.59.13
+
+- merge gh#openSUSE/installation-images#712
+- increase XZ compression level for initrd (bsc#1223982)
+- support ZSTD compression for initrd
+- 16.59.12
+
jeos-firstboot
+- Update to version 1.3.0.8:
+  * Resolve cycle w.r.t. wicked (bsc#1223391)
+
kernel-64kb
+- drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679).
+- commit 0c69759
+
+- rds: tcp: Fix use-after-free of net in reqsk_timer_handler()
+  (CVE-2024-26865 bsc#1223062).
+- commit 4df5c35
+
+- Update
+  patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch
+  (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699).
+- Update
+  patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch
+  (git-fixes CVE-2024-26959 bsc#1223667).
+- Update
+  patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch
+  (git-fixes CVE-2024-27059 bsc#1223738).
+- Update
+  patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch
+  (git-fixes CVE-2024-27071 bsc#1223734).
+- Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch
+  (git-fixes CVE-2024-27038 bsc#1223816).
+- Update
+  patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch
+  (git-fixes CVE-2024-27039 bsc#1223821).
+- Update
+  patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch
+  (git-fixes CVE-2024-26970 bsc#1223644).
+- Update
+  patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch
+  (git-fixes CVE-2024-26969 bsc#1223645).
+- Update
+  patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch
+  (git-fixes CVE-2024-26968 bsc#1223642).
+- Update
+  patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch
+  (git-fixes CVE-2024-26966 bsc#1223646).
+- Update
+  patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch
+  (git-fixes CVE-2024-26965 bsc#1223648).
+- Update
+  patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch
+  (git-fixes CVE-2024-27037 bsc#1223717).
+- Update
+  patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch
+  (git-fixes CVE-2024-27051 bsc#1223769).
+- Update
+  patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch
+  (git-fixes CVE-2024-26974 bsc#1223638).
+- Update
+  patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch
+  (git-fixes CVE-2024-27040 bsc#1223711).
+- Update
+  patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch
+  (git-fixes CVE-2024-27045 bsc#1223826).
+- Update
+  patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch
+  (git-fixes CVE-2024-27044 bsc#1223723).
+- Update
+  patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch
+  (git-fixes CVE-2024-27041 bsc#1223714).
+- Update
+  patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch
+  (git-fixes CVE-2024-27042 bsc#1223823).
+- Update
+  patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch
+  (git-fixes CVE-2024-26979 bsc#1223628).
+- Update
+  patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch
+  (jsc#PED-7542 CVE-2024-27023 bsc#1223776).
+- Update
+  patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch
+  (git-fixes CVE-2024-27075 bsc#1223842).
+- Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch
+  (git-fixes CVE-2024-27043 bsc#1223824).
+- Update
+  patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch
+  (git-fixes CVE-2024-27074 bsc#1223844).
+- Update
+  patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch
+  (git-fixes CVE-2024-27076 bsc#1223779).
+- Update
+  patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch
+  (git-fixes CVE-2024-27073 bsc#1223843).
+- Update
+  patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch
+  (git-fixes CVE-2024-27072 bsc#1223837).
+- Update
+  patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch
+  (git-fixes CVE-2024-27077 bsc#1223780).
+- Update
+  patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch
+  (git-fixes CVE-2024-27078 bsc#1223781).
+- Update
+  patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch
+  (git-fixes CVE-2024-27047 bsc#1223828).
+- Update
+  patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch
+  (git-fixes CVE-2024-26956 bsc#1223663).
+- Update
+  patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch
+  (git-fixes CVE-2024-26955 bsc#1223657).
+- Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch
+  (git-fixes CVE-2024-26977 bsc#1223631).
+- Update
+  patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch
+  (git-fixes CVE-2024-26975 bsc#1223632).
+- Update
+  patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch
+  (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819).
+- Update
+  patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch
+  (bsc#1221816 CVE-2024-26931 bsc#1223627).
+- Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch
+  (bsc#1221816 CVE-2024-26929 bsc#1223715).
+- Update
+  patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch
+  (bsc#1221816 CVE-2024-26930 bsc#1223626).
+- Update
+  patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch
+  (git-fixes CVE-2024-27068 bsc#1223808).
+- Update
+  patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch
+  (git-fixes CVE-2024-27060 bsc#1223725).
+- Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch
+  (git-fixes CVE-2024-26919 bsc#1223847).
+- Update
+  patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch
+  (git-fixes CVE-2024-27048 bsc#1223760).
+- Update
+  patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch
+  (git-fixes CVE-2024-27052 bsc#1223829).
+- Update
+  patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch
+  (git-fixes CVE-2024-27391 bsc#1223709).
+- Update
+  patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch
+  (git-fixes CVE-2024-27053 bsc#1223737).
+- commit 9296e40
+
+- Update
+  patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch
+  (git-fixes CVE-2023-52650 bsc#1223770).
+- Update
+  patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch
+  (git-fixes CVE-2023-52649 bsc#1223768).
+- Update
+  patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch
+  (git-fixes CVE-2023-52648 bsc#1223765).
+- Update
+  patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch
+  (git-fixes CVE-2023-52647 bsc#1223764).
+- commit f67398e
+
+- Update
+  patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch
+  (bsc#1215199 CVE-2022-48669 bsc#1223756).
+- commit e9a7939
+
+- Delete
+  patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace.
+  (bsc#1222654)
+- commit dc5c22e
+
+- Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch.
+- commit ca33aea
+
+- btrfs: qgroup: always free reserved space for extent records
+  (bsc#1216196).
+- commit 5a30b4d
+
+- Update
+  patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch
+  (git-fixes CVE-2024-26927 bsc#1223525).
+- commit d3c5f91
+
+- Update
+  patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch
+  (bsc#1219485 bsc#1219451 git-fixes).
+- Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch
+  (bsc#1219485 bsc#1219451 git-fixes).
+- Update
+  patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch
+  (bsc#1141539 git-fixes).
+- commit 73a9e98
+
+- net/ipv6: avoid possible UAF in ip6_route_mpath_notify()
+  (CVE-2024-26852 bsc#1223057)
+- commit 9474f59
+
+- kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415)
+- commit 689bcfa
+
kernel-azure
+- btrfs: qgroup: always free reserved space for extent records
+  (bsc#1216196).
+- commit 5a30b4d
+
+- Update
+  patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch
+  (git-fixes CVE-2024-26927 bsc#1223525).
+- commit d3c5f91
+
+- Update
+  patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch
+  (bsc#1219485 bsc#1219451 git-fixes).
+- Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch
+  (bsc#1219485 bsc#1219451 git-fixes).
+- Update
+  patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch
+  (bsc#1141539 git-fixes).
+- commit 73a9e98
+
+- net/ipv6: avoid possible UAF in ip6_route_mpath_notify()
+  (CVE-2024-26852 bsc#1223057)
+- commit 9474f59
+
+- kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415)
+- commit 689bcfa
+
+- Update kabi files: updated for post-PublicRC
+- commit f978f5f
+
+- Update
+  patches.suse/Bluetooth-btrtl-fix-out-of-bounds-memory-access.patch
+  (git-fixes CVE-2024-26890 bsc#1223192).
+- Update
+  patches.suse/RDMA-mlx5-Fix-fortify-source-warning-while-accessing.patch
+  (jsc#PED-3311 CVE-2024-26907 bsc#1223203).
+- Update
+  patches.suse/Revert-drm-amd-flush-any-delayed-gfxoff-on-suspend-e.patch
+  (git-fixes CVE-2024-26916 bsc#1223137).
+- Update
+  patches.suse/crypto-xilinx-call-finalize-with-bh-disabled.patch
+  (git-fixes CVE-2024-26877 bsc#1223140).
+- Update
+  patches.suse/dm-call-the-resume-method-on-internal-suspend-65e8.patch
+  (git-fixes CVE-2024-26880 bsc#1223188).
+- Update
+  patches.suse/drm-amd-display-Fix-dcn35-8k30-Underflow-Corruption-.patch
+  (git-fixes CVE-2024-26913 bsc#1223204).
+- Update
+  patches.suse/drm-amd-display-fix-incorrect-mpc_combine-array-size.patch
+  (git-fixes CVE-2024-26914 bsc#1223205).
+- Update patches.suse/drm-amdgpu-Reset-IH-OVERFLOW_CLEAR-bit.patch
+  (git-fixes CVE-2024-26915 bsc#1223207).
+- Update
+  patches.suse/firmware-arm_scmi-Fix-double-free-in-SMC-transport-c.patch
+  (git-fixes CVE-2024-26893 bsc#1223196).
+- Update
+  patches.suse/net-tls-fix-use-after-free-with-partial-reads-and-as.patch
+  (bsc#1221858 CVE-2024-26582 bsc#1220214).
+- Update
+  patches.suse/wifi-ath9k-delay-all-of-ath9k_wmi_event_tasklet-unti.patch
+  (git-fixes CVE-2024-26897 bsc#1223323).
+- Update
+  patches.suse/wifi-mt76-mt7921e-fix-use-after-free-in-free_irq.patch
+  (git-fixes CVE-2024-26892 bsc#1223195).
+- Update
+  patches.suse/wifi-wilc1000-prevent-use-after-free-on-vif-when-cle.patch
+  (git-fixes CVE-2024-26895 bsc#1223197).
+- commit d9b565f
+
+- Bluetooth: hci_sync: Using hci_cmd_sync_submit when removing
+  Adv Monitor (bsc#1219216).
+- commit 81c5485
+
+- Update
+  patches.suse/0001-fs-hugetlb-fix-NULL-pointer-dereference-in-hugetlbs_.patch
+  (bsc#1219264 CVE-2024-0841 CVE-2024-26688 bsc#1222482).
+- Update
+  patches.suse/0002-iommu-vt-d-Don-t-issue-ATS-Invalidation-request-when.patch
+  (git-fixes CVE-2024-26891 bsc#1223037).
+- Update
+  patches.suse/ACPI-processor_idle-Fix-memory-leak-in-acpi_processo.patch
+  (git-fixes CVE-2024-26894 bsc#1223043).
+- Update
+  patches.suse/ASoC-qcom-Fix-uninitialized-pointer-dmactl.patch
+  (git-fixes CVE-2024-26799 bsc#1222415).
+- Update
+  patches.suse/Bluetooth-Avoid-potential-use-after-free-in-hci_erro.patch
+  (git-fixes CVE-2024-26801 bsc#1222413).
+- Update patches.suse/Bluetooth-af_bluetooth-Fix-deadlock.patch
+  (git-fixes CVE-2024-26886 bsc#1223044).
+- Update
+  patches.suse/IB-hfi1-Fix-a-memleak-in-init_credit_return.patch
+  (git-fixes CVE-2024-26839 bsc#1222975).
+- Update
+  patches.suse/RDMA-irdma-Fix-KASAN-issue-with-tasklet.patch
+  (git-fixes CVE-2024-26838 bsc#1222974).
+- Update
+  patches.suse/RDMA-srpt-Do-not-register-event-handler-until-srpt-d.patch
+  (git-fixes CVE-2024-26872 bsc#1223115).
+- Update
+  patches.suse/afs-Fix-endless-loop-in-directory-parsing.patch
+  (git-fixes CVE-2024-26848 bsc#1223030).
+- Update
+  patches.suse/afs-Increase-buffer-size-in-afs_update_volume_status.patch
+  (git-fixes CVE-2024-26736 bsc#1222586).
+- Update
+  patches.suse/btrfs-fix-double-free-of-anonymous-device-after-snap.patch
+  (bsc#1219126 CVE-2024-23850 CVE-2024-26792 bsc#1222430).
+- Update
+  patches.suse/cachefiles-fix-memory-leak-in-cachefiles_add_cache.patch
+  (bsc#1220265 CVE-2024-26840 bsc#1222976).
+- Update
+  patches.suse/ceph-prevent-use-after-free-in-encode_cap_msg.patch
+  (bsc#1221391 CVE-2024-26689 bsc#1222503).
+- Update
+  patches.suse/clk-meson-Add-missing-clocks-to-axg_clk_regmaps.patch
+  (git-fixes CVE-2024-26879 bsc#1223066).
+- Update
+  patches.suse/crypto-algif_hash-Remove-bogus-SGL-free-on-zero-leng.patch
+  (git-fixes CVE-2024-26824 bsc#1223081).
+- Update
+  patches.suse/dmaengine-fsl-qdma-init-irq-after-reg-initialization.patch
+  (git-fixes CVE-2024-26788 bsc#1222783).
+- Update
+  patches.suse/dmaengine-idxd-Ensure-safe-user-copy-of-completion-r.patch
+  (bsc#1221428 git-fixes CVE-2024-26746 bsc#1222444).
+- Update
+  patches.suse/drm-amd-display-Fix-MST-Null-Ptr-for-RV.patch
+  (git-fixes CVE-2024-26700 bsc#1222870).
+- Update
+  patches.suse/drm-amd-display-Fix-memory-leak-in-dm_sw_fini.patch
+  (git-fixes CVE-2024-26833 bsc#1223036).
+- Update
+  patches.suse/drm-amd-display-Fix-potential-null-pointer-dereferen.patch
+  (git-fixes CVE-2024-26729 bsc#1222552).
+- Update
+  patches.suse/drm-amd-display-Prevent-potential-buffer-overflow-in.patch
+  (git-fixes CVE-2024-26797 bsc#1222425).
+- Update
+  patches.suse/drm-bridge-adv7511-fix-crash-on-irq-during-probe.patch
+  (git-fixes CVE-2024-26876 bsc#1223119).
+- Update
+  patches.suse/drm-buddy-Fix-alloc_range-error-handling-code.patch
+  (git-fixes CVE-2024-26911 bsc#1223055).
+- Update
+  patches.suse/drm-mediatek-Fix-a-null-pointer-crash-in-mtk_drm_crt.patch
+  (git-fixes CVE-2024-26874 bsc#1223048).
+- Update
+  patches.suse/drm-nouveau-fix-several-DMA-buffer-leaks.patch
+  (git-fixes CVE-2024-26912 bsc#1223064).
+- Update
+  patches.suse/efi-runtime-Fix-potential-overflow-of-soft-reserved-.patch
+  (git-fixes CVE-2024-26843 bsc#1223014).
+- Update
+  patches.suse/fbcon-always-restore-the-old-font-data-in-fbcon_do_s.patch
+  (git-fixes CVE-2024-26798 bsc#1222798).
+- Update
+  patches.suse/i40e-Do-not-allow-untrusted-VF-to-remove-administrat.patch
+  (git-fixes CVE-2024-26830 bsc#1223012).
+- Update
+  patches.suse/iio-adc-ad4130-zero-initialize-clock-init-data.patch
+  (git-fixes CVE-2024-26711 bsc#1222420).
+- Update
+  patches.suse/md-Don-t-suspend-the-array-for-interrupted-reshape-9e46.patch
+  (git-fixes CVE-2024-26755 bsc#1222529).
+- Update patches.suse/media-ir_toy-fix-a-memleak-in-irtoy_tx.patch
+  (git-fixes CVE-2024-26829 bsc#1223027).
+- Update
+  patches.suse/media-pvrusb2-fix-uaf-in-pvr2_context_set_notify.patch
+  (git-fixes CVE-2024-26875 bsc#1223118).
+- Update
+  patches.suse/msft-hv-2942-hv_netvsc-Register-VF-in-netvsc_probe-if-NET_DEVICE_.patch
+  (git-fixes CVE-2024-26820 bsc#1223078).
+- Update
+  patches.suse/net-bnx2x-Prevent-access-to-a-freed-page-in-page_poo.patch
+  (bsc#1215322 CVE-2024-26859 bsc#1223049).
+- Update
+  patches.suse/net-veth-clear-GRO-when-clearing-XDP-even-when-down.patch
+  (git-fixes CVE-2024-26803 bsc#1222788).
+- Update
+  patches.suse/nfc-nci-free-rx_data_reassembly-skb-on-NCI-device-cl.patch
+  (git-fixes CVE-2024-26825 bsc#1223065).
+- Update
+  patches.suse/nilfs2-fix-data-corruption-in-dsync-block-recovery-f.patch
+  (git-fixes CVE-2024-26697 bsc#1222550).
+- Update
+  patches.suse/nilfs2-fix-hang-in-nilfs_lookup_dirty_data_buffers.patch
+  (git-fixes CVE-2024-26696 bsc#1222549).
+- Update
+  patches.suse/powerpc-iommu-Fix-the-missing-iommu_group_put-during.patch
+  (jsc#PED-7779 jsc#PED-7780 git-fixes CVE-2024-26709
+  bsc#1222418).
+- Update
+  patches.suse/powerpc-kasan-Limit-KASAN-thread-size-increase-to-32.patch
+  (bsc#1215199 CVE-2024-26710 bsc#1222419).
+- Update
+  patches.suse/powerpc-pseries-iommu-DLPAR-add-doesn-t-completely-i.patch
+  (bsc#1215199 bsc#1219077 ltc#204477 CVE-2024-26738 bsc#1222607).
+- Update
+  patches.suse/powerpc-rtas-use-correct-function-name-for-resetting.patch
+  (bsc#1215199 CVE-2024-26847 bsc#1223026).
+- Update patches.suse/ppp_async-limit-MRU-to-64K.patch (git-fixes
+  CVE-2024-26675 bsc#1222379).
+- Update
+  patches.suse/scsi-Revert-scsi-fcoe-Fix-potential-deadlock-on-fip-ctlr_lock.patch
+  (git-fixes bsc#1219141 CVE-2024-26917 bsc#1223056).
+- Update
+  patches.suse/wifi-iwlwifi-mvm-fix-a-crash-when-we-run-out-of-stat.patch
+  (git-fixes CVE-2024-26693 bsc#1222451).
+- Update
+  patches.suse/wifi-mac80211-fix-race-condition-on-enabling-fast-xm.patch
+  (git-fixes CVE-2024-26779 bsc#1222772).
+- Update
+  patches.suse/wifi-wfx-fix-memory-leak-when-starting-AP.patch
+  (git-fixes CVE-2024-26896 bsc#1223042).
+- Update
+  patches.suse/xen-events-close-evtchn-after-mapping-cleanup.patch
+  (git-fixes CVE-2024-26687 bsc#1222435).
+- commit a69636a
+
+- Update
+  patches.suse/iio-core-fix-memleak-in-iio_device_register_sysfs.patch
+  (git-fixes CVE-2023-52643 bsc#1222960).
+- Update
+  patches.suse/media-rc-bpf-attach-detach-requires-write-permission.patch
+  (git-fixes CVE-2023-52642 bsc#1223031).
+- Update
+  patches.suse/wifi-b43-Stop-wake-correct-queue-in-DMA-Tx-path-when.patch
+  (git-fixes CVE-2023-52644 bsc#1222961).
+- commit 2c2d37f
+
+- Update patch reference of iio fix (CVE-2024-26702 bsc#1222424)
+- commit 9436142
+
+- nvme-tcp: strict pdu pacing to avoid send stalls on TLS
+  (bsc#1221858).
+- tls: fix peeking with sync+async decryption (bsc#1221858).
+- tls: don't skip over different type records from the rx_list
+  (bsc#1221858).
+- tls: stop recv() if initial process_rx_list gave us non-DATA
+  (bsc#1221858).
+- tls: break out of main loop when PEEK gets a non-data record
+  (bsc#1221858).
+- net: tls: fix returned read length with async decrypt
+  (bsc#1221858).
+- net: tls: fix use-after-free with partial reads and async
+  (bsc#1221858).
+- net: tls, fix WARNIING in __sk_msg_free (bsc#1221858).
+- commit 9d8d293
+
kernel-debug
+- drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679).
+- commit 0c69759
+
+- rds: tcp: Fix use-after-free of net in reqsk_timer_handler()
+  (CVE-2024-26865 bsc#1223062).
+- commit 4df5c35
+
+- Update
+  patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch
+  (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699).
+- Update
+  patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch
+  (git-fixes CVE-2024-26959 bsc#1223667).
+- Update
+  patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch
+  (git-fixes CVE-2024-27059 bsc#1223738).
+- Update
+  patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch
+  (git-fixes CVE-2024-27071 bsc#1223734).
+- Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch
+  (git-fixes CVE-2024-27038 bsc#1223816).
+- Update
+  patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch
+  (git-fixes CVE-2024-27039 bsc#1223821).
+- Update
+  patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch
+  (git-fixes CVE-2024-26970 bsc#1223644).
+- Update
+  patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch
+  (git-fixes CVE-2024-26969 bsc#1223645).
+- Update
+  patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch
+  (git-fixes CVE-2024-26968 bsc#1223642).
+- Update
+  patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch
+  (git-fixes CVE-2024-26966 bsc#1223646).
+- Update
+  patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch
+  (git-fixes CVE-2024-26965 bsc#1223648).
+- Update
+  patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch
+  (git-fixes CVE-2024-27037 bsc#1223717).
+- Update
+  patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch
+  (git-fixes CVE-2024-27051 bsc#1223769).
+- Update
+  patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch
+  (git-fixes CVE-2024-26974 bsc#1223638).
+- Update
+  patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch
+  (git-fixes CVE-2024-27040 bsc#1223711).
+- Update
+  patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch
+  (git-fixes CVE-2024-27045 bsc#1223826).
+- Update
+  patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch
+  (git-fixes CVE-2024-27044 bsc#1223723).
+- Update
+  patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch
+  (git-fixes CVE-2024-27041 bsc#1223714).
+- Update
+  patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch
+  (git-fixes CVE-2024-27042 bsc#1223823).
+- Update
+  patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch
+  (git-fixes CVE-2024-26979 bsc#1223628).
+- Update
+  patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch
+  (jsc#PED-7542 CVE-2024-27023 bsc#1223776).
+- Update
+  patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch
+  (git-fixes CVE-2024-27075 bsc#1223842).
+- Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch
+  (git-fixes CVE-2024-27043 bsc#1223824).
+- Update
+  patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch
+  (git-fixes CVE-2024-27074 bsc#1223844).
+- Update
+  patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch
+  (git-fixes CVE-2024-27076 bsc#1223779).
+- Update
+  patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch
+  (git-fixes CVE-2024-27073 bsc#1223843).
+- Update
+  patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch
+  (git-fixes CVE-2024-27072 bsc#1223837).
+- Update
+  patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch
+  (git-fixes CVE-2024-27077 bsc#1223780).
+- Update
+  patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch
+  (git-fixes CVE-2024-27078 bsc#1223781).
+- Update
+  patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch
+  (git-fixes CVE-2024-27047 bsc#1223828).
+- Update
+  patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch
+  (git-fixes CVE-2024-26956 bsc#1223663).
+- Update
+  patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch
+  (git-fixes CVE-2024-26955 bsc#1223657).
+- Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch
+  (git-fixes CVE-2024-26977 bsc#1223631).
+- Update
+  patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch
+  (git-fixes CVE-2024-26975 bsc#1223632).
+- Update
+  patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch
+  (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819).
+- Update
+  patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch
+  (bsc#1221816 CVE-2024-26931 bsc#1223627).
+- Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch
+  (bsc#1221816 CVE-2024-26929 bsc#1223715).
+- Update
+  patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch
+  (bsc#1221816 CVE-2024-26930 bsc#1223626).
+- Update
+  patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch
+  (git-fixes CVE-2024-27068 bsc#1223808).
+- Update
+  patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch
+  (git-fixes CVE-2024-27060 bsc#1223725).
+- Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch
+  (git-fixes CVE-2024-26919 bsc#1223847).
+- Update
+  patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch
+  (git-fixes CVE-2024-27048 bsc#1223760).
+- Update
+  patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch
+  (git-fixes CVE-2024-27052 bsc#1223829).
+- Update
+  patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch
+  (git-fixes CVE-2024-27391 bsc#1223709).
+- Update
+  patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch
+  (git-fixes CVE-2024-27053 bsc#1223737).
+- commit 9296e40
+
+- Update
+  patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch
+  (git-fixes CVE-2023-52650 bsc#1223770).
+- Update
+  patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch
+  (git-fixes CVE-2023-52649 bsc#1223768).
+- Update
+  patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch
+  (git-fixes CVE-2023-52648 bsc#1223765).
+- Update
+  patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch
+  (git-fixes CVE-2023-52647 bsc#1223764).
+- commit f67398e
+
+- Update
+  patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch
+  (bsc#1215199 CVE-2022-48669 bsc#1223756).
+- commit e9a7939
+
+- Delete
+  patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace.
+  (bsc#1222654)
+- commit dc5c22e
+
+- Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch.
+- commit ca33aea
+
+- btrfs: qgroup: always free reserved space for extent records
+  (bsc#1216196).
+- commit 5a30b4d
+
+- Update
+  patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch
+  (git-fixes CVE-2024-26927 bsc#1223525).
+- commit d3c5f91
+
+- Update
+  patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch
+  (bsc#1219485 bsc#1219451 git-fixes).
+- Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch
+  (bsc#1219485 bsc#1219451 git-fixes).
+- Update
+  patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch
+  (bsc#1141539 git-fixes).
+- commit 73a9e98
+
+- net/ipv6: avoid possible UAF in ip6_route_mpath_notify()
+  (CVE-2024-26852 bsc#1223057)
+- commit 9474f59
+
+- kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415)
+- commit 689bcfa
+
kernel-default
+- drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679).
+- commit 0c69759
+
+- rds: tcp: Fix use-after-free of net in reqsk_timer_handler()
+  (CVE-2024-26865 bsc#1223062).
+- commit 4df5c35
+
+- Update
+  patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch
+  (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699).
+- Update
+  patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch
+  (git-fixes CVE-2024-26959 bsc#1223667).
+- Update
+  patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch
+  (git-fixes CVE-2024-27059 bsc#1223738).
+- Update
+  patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch
+  (git-fixes CVE-2024-27071 bsc#1223734).
+- Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch
+  (git-fixes CVE-2024-27038 bsc#1223816).
+- Update
+  patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch
+  (git-fixes CVE-2024-27039 bsc#1223821).
+- Update
+  patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch
+  (git-fixes CVE-2024-26970 bsc#1223644).
+- Update
+  patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch
+  (git-fixes CVE-2024-26969 bsc#1223645).
+- Update
+  patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch
+  (git-fixes CVE-2024-26968 bsc#1223642).
+- Update
+  patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch
+  (git-fixes CVE-2024-26966 bsc#1223646).
+- Update
+  patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch
+  (git-fixes CVE-2024-26965 bsc#1223648).
+- Update
+  patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch
+  (git-fixes CVE-2024-27037 bsc#1223717).
+- Update
+  patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch
+  (git-fixes CVE-2024-27051 bsc#1223769).
+- Update
+  patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch
+  (git-fixes CVE-2024-26974 bsc#1223638).
+- Update
+  patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch
+  (git-fixes CVE-2024-27040 bsc#1223711).
+- Update
+  patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch
+  (git-fixes CVE-2024-27045 bsc#1223826).
+- Update
+  patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch
+  (git-fixes CVE-2024-27044 bsc#1223723).
+- Update
+  patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch
+  (git-fixes CVE-2024-27041 bsc#1223714).
+- Update
+  patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch
+  (git-fixes CVE-2024-27042 bsc#1223823).
+- Update
+  patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch
+  (git-fixes CVE-2024-26979 bsc#1223628).
+- Update
+  patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch
+  (jsc#PED-7542 CVE-2024-27023 bsc#1223776).
+- Update
+  patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch
+  (git-fixes CVE-2024-27075 bsc#1223842).
+- Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch
+  (git-fixes CVE-2024-27043 bsc#1223824).
+- Update
+  patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch
+  (git-fixes CVE-2024-27074 bsc#1223844).
+- Update
+  patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch
+  (git-fixes CVE-2024-27076 bsc#1223779).
+- Update
+  patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch
+  (git-fixes CVE-2024-27073 bsc#1223843).
+- Update
+  patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch
+  (git-fixes CVE-2024-27072 bsc#1223837).
+- Update
+  patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch
+  (git-fixes CVE-2024-27077 bsc#1223780).
+- Update
+  patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch
+  (git-fixes CVE-2024-27078 bsc#1223781).
+- Update
+  patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch
+  (git-fixes CVE-2024-27047 bsc#1223828).
+- Update
+  patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch
+  (git-fixes CVE-2024-26956 bsc#1223663).
+- Update
+  patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch
+  (git-fixes CVE-2024-26955 bsc#1223657).
+- Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch
+  (git-fixes CVE-2024-26977 bsc#1223631).
+- Update
+  patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch
+  (git-fixes CVE-2024-26975 bsc#1223632).
+- Update
+  patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch
+  (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819).
+- Update
+  patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch
+  (bsc#1221816 CVE-2024-26931 bsc#1223627).
+- Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch
+  (bsc#1221816 CVE-2024-26929 bsc#1223715).
+- Update
+  patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch
+  (bsc#1221816 CVE-2024-26930 bsc#1223626).
+- Update
+  patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch
+  (git-fixes CVE-2024-27068 bsc#1223808).
+- Update
+  patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch
+  (git-fixes CVE-2024-27060 bsc#1223725).
+- Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch
+  (git-fixes CVE-2024-26919 bsc#1223847).
+- Update
+  patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch
+  (git-fixes CVE-2024-27048 bsc#1223760).
+- Update
+  patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch
+  (git-fixes CVE-2024-27052 bsc#1223829).
+- Update
+  patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch
+  (git-fixes CVE-2024-27391 bsc#1223709).
+- Update
+  patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch
+  (git-fixes CVE-2024-27053 bsc#1223737).
+- commit 9296e40
+
+- Update
+  patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch
+  (git-fixes CVE-2023-52650 bsc#1223770).
+- Update
+  patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch
+  (git-fixes CVE-2023-52649 bsc#1223768).
+- Update
+  patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch
+  (git-fixes CVE-2023-52648 bsc#1223765).
+- Update
+  patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch
+  (git-fixes CVE-2023-52647 bsc#1223764).
+- commit f67398e
+
+- Update
+  patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch
+  (bsc#1215199 CVE-2022-48669 bsc#1223756).
+- commit e9a7939
+
+- Delete
+  patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace.
+  (bsc#1222654)
+- commit dc5c22e
+
+- Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch.
+- commit ca33aea
+
+- btrfs: qgroup: always free reserved space for extent records
+  (bsc#1216196).
+- commit 5a30b4d
+
+- Update
+  patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch
+  (git-fixes CVE-2024-26927 bsc#1223525).
+- commit d3c5f91
+
+- Update
+  patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch
+  (bsc#1219485 bsc#1219451 git-fixes).
+- Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch
+  (bsc#1219485 bsc#1219451 git-fixes).
+- Update
+  patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch
+  (bsc#1141539 git-fixes).
+- commit 73a9e98
+
+- net/ipv6: avoid possible UAF in ip6_route_mpath_notify()
+  (CVE-2024-26852 bsc#1223057)
+- commit 9474f59
+
+- kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415)
+- commit 689bcfa
+
kernel-docs
+- drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679).
+- commit 0c69759
+
+- rds: tcp: Fix use-after-free of net in reqsk_timer_handler()
+  (CVE-2024-26865 bsc#1223062).
+- commit 4df5c35
+
+- Update
+  patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch
+  (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699).
+- Update
+  patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch
+  (git-fixes CVE-2024-26959 bsc#1223667).
+- Update
+  patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch
+  (git-fixes CVE-2024-27059 bsc#1223738).
+- Update
+  patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch
+  (git-fixes CVE-2024-27071 bsc#1223734).
+- Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch
+  (git-fixes CVE-2024-27038 bsc#1223816).
+- Update
+  patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch
+  (git-fixes CVE-2024-27039 bsc#1223821).
+- Update
+  patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch
+  (git-fixes CVE-2024-26970 bsc#1223644).
+- Update
+  patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch
+  (git-fixes CVE-2024-26969 bsc#1223645).
+- Update
+  patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch
+  (git-fixes CVE-2024-26968 bsc#1223642).
+- Update
+  patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch
+  (git-fixes CVE-2024-26966 bsc#1223646).
+- Update
+  patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch
+  (git-fixes CVE-2024-26965 bsc#1223648).
+- Update
+  patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch
+  (git-fixes CVE-2024-27037 bsc#1223717).
+- Update
+  patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch
+  (git-fixes CVE-2024-27051 bsc#1223769).
+- Update
+  patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch
+  (git-fixes CVE-2024-26974 bsc#1223638).
+- Update
+  patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch
+  (git-fixes CVE-2024-27040 bsc#1223711).
+- Update
+  patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch
+  (git-fixes CVE-2024-27045 bsc#1223826).
+- Update
+  patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch
+  (git-fixes CVE-2024-27044 bsc#1223723).
+- Update
+  patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch
+  (git-fixes CVE-2024-27041 bsc#1223714).
+- Update
+  patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch
+  (git-fixes CVE-2024-27042 bsc#1223823).
+- Update
+  patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch
+  (git-fixes CVE-2024-26979 bsc#1223628).
+- Update
+  patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch
+  (jsc#PED-7542 CVE-2024-27023 bsc#1223776).
+- Update
+  patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch
+  (git-fixes CVE-2024-27075 bsc#1223842).
+- Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch
+  (git-fixes CVE-2024-27043 bsc#1223824).
+- Update
+  patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch
+  (git-fixes CVE-2024-27074 bsc#1223844).
+- Update
+  patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch
+  (git-fixes CVE-2024-27076 bsc#1223779).
+- Update
+  patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch
+  (git-fixes CVE-2024-27073 bsc#1223843).
+- Update
+  patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch
+  (git-fixes CVE-2024-27072 bsc#1223837).
+- Update
+  patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch
+  (git-fixes CVE-2024-27077 bsc#1223780).
+- Update
+  patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch
+  (git-fixes CVE-2024-27078 bsc#1223781).
+- Update
+  patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch
+  (git-fixes CVE-2024-27047 bsc#1223828).
+- Update
+  patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch
+  (git-fixes CVE-2024-26956 bsc#1223663).
+- Update
+  patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch
+  (git-fixes CVE-2024-26955 bsc#1223657).
+- Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch
+  (git-fixes CVE-2024-26977 bsc#1223631).
+- Update
+  patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch
+  (git-fixes CVE-2024-26975 bsc#1223632).
+- Update
+  patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch
+  (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819).
+- Update
+  patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch
+  (bsc#1221816 CVE-2024-26931 bsc#1223627).
+- Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch
+  (bsc#1221816 CVE-2024-26929 bsc#1223715).
+- Update
+  patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch
+  (bsc#1221816 CVE-2024-26930 bsc#1223626).
+- Update
+  patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch
+  (git-fixes CVE-2024-27068 bsc#1223808).
+- Update
+  patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch
+  (git-fixes CVE-2024-27060 bsc#1223725).
+- Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch
+  (git-fixes CVE-2024-26919 bsc#1223847).
+- Update
+  patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch
+  (git-fixes CVE-2024-27048 bsc#1223760).
+- Update
+  patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch
+  (git-fixes CVE-2024-27052 bsc#1223829).
+- Update
+  patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch
+  (git-fixes CVE-2024-27391 bsc#1223709).
+- Update
+  patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch
+  (git-fixes CVE-2024-27053 bsc#1223737).
+- commit 9296e40
+
+- Update
+  patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch
+  (git-fixes CVE-2023-52650 bsc#1223770).
+- Update
+  patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch
+  (git-fixes CVE-2023-52649 bsc#1223768).
+- Update
+  patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch
+  (git-fixes CVE-2023-52648 bsc#1223765).
+- Update
+  patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch
+  (git-fixes CVE-2023-52647 bsc#1223764).
+- commit f67398e
+
+- Update
+  patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch
+  (bsc#1215199 CVE-2022-48669 bsc#1223756).
+- commit e9a7939
+
+- Delete
+  patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace.
+  (bsc#1222654)
+- commit dc5c22e
+
+- Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch.
+- commit ca33aea
+
+- btrfs: qgroup: always free reserved space for extent records
+  (bsc#1216196).
+- commit 5a30b4d
+
+- Update
+  patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch
+  (git-fixes CVE-2024-26927 bsc#1223525).
+- commit d3c5f91
+
+- Update
+  patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch
+  (bsc#1219485 bsc#1219451 git-fixes).
+- Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch
+  (bsc#1219485 bsc#1219451 git-fixes).
+- Update
+  patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch
+  (bsc#1141539 git-fixes).
+- commit 73a9e98
+
+- net/ipv6: avoid possible UAF in ip6_route_mpath_notify()
+  (CVE-2024-26852 bsc#1223057)
+- commit 9474f59
+
+- kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415)
+- commit 689bcfa
+
kernel-kvmsmall
+- drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679).
+- commit 0c69759
+
+- rds: tcp: Fix use-after-free of net in reqsk_timer_handler()
+  (CVE-2024-26865 bsc#1223062).
+- commit 4df5c35
+
+- Update
+  patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch
+  (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699).
+- Update
+  patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch
+  (git-fixes CVE-2024-26959 bsc#1223667).
+- Update
+  patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch
+  (git-fixes CVE-2024-27059 bsc#1223738).
+- Update
+  patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch
+  (git-fixes CVE-2024-27071 bsc#1223734).
+- Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch
+  (git-fixes CVE-2024-27038 bsc#1223816).
+- Update
+  patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch
+  (git-fixes CVE-2024-27039 bsc#1223821).
+- Update
+  patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch
+  (git-fixes CVE-2024-26970 bsc#1223644).
+- Update
+  patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch
+  (git-fixes CVE-2024-26969 bsc#1223645).
+- Update
+  patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch
+  (git-fixes CVE-2024-26968 bsc#1223642).
+- Update
+  patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch
+  (git-fixes CVE-2024-26966 bsc#1223646).
+- Update
+  patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch
+  (git-fixes CVE-2024-26965 bsc#1223648).
+- Update
+  patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch
+  (git-fixes CVE-2024-27037 bsc#1223717).
+- Update
+  patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch
+  (git-fixes CVE-2024-27051 bsc#1223769).
+- Update
+  patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch
+  (git-fixes CVE-2024-26974 bsc#1223638).
+- Update
+  patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch
+  (git-fixes CVE-2024-27040 bsc#1223711).
+- Update
+  patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch
+  (git-fixes CVE-2024-27045 bsc#1223826).
+- Update
+  patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch
+  (git-fixes CVE-2024-27044 bsc#1223723).
+- Update
+  patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch
+  (git-fixes CVE-2024-27041 bsc#1223714).
+- Update
+  patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch
+  (git-fixes CVE-2024-27042 bsc#1223823).
+- Update
+  patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch
+  (git-fixes CVE-2024-26979 bsc#1223628).
+- Update
+  patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch
+  (jsc#PED-7542 CVE-2024-27023 bsc#1223776).
+- Update
+  patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch
+  (git-fixes CVE-2024-27075 bsc#1223842).
+- Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch
+  (git-fixes CVE-2024-27043 bsc#1223824).
+- Update
+  patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch
+  (git-fixes CVE-2024-27074 bsc#1223844).
+- Update
+  patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch
+  (git-fixes CVE-2024-27076 bsc#1223779).
+- Update
+  patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch
+  (git-fixes CVE-2024-27073 bsc#1223843).
+- Update
+  patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch
+  (git-fixes CVE-2024-27072 bsc#1223837).
+- Update
+  patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch
+  (git-fixes CVE-2024-27077 bsc#1223780).
+- Update
+  patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch
+  (git-fixes CVE-2024-27078 bsc#1223781).
+- Update
+  patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch
+  (git-fixes CVE-2024-27047 bsc#1223828).
+- Update
+  patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch
+  (git-fixes CVE-2024-26956 bsc#1223663).
+- Update
+  patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch
+  (git-fixes CVE-2024-26955 bsc#1223657).
+- Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch
+  (git-fixes CVE-2024-26977 bsc#1223631).
+- Update
+  patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch
+  (git-fixes CVE-2024-26975 bsc#1223632).
+- Update
+  patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch
+  (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819).
+- Update
+  patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch
+  (bsc#1221816 CVE-2024-26931 bsc#1223627).
+- Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch
+  (bsc#1221816 CVE-2024-26929 bsc#1223715).
+- Update
+  patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch
+  (bsc#1221816 CVE-2024-26930 bsc#1223626).
+- Update
+  patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch
+  (git-fixes CVE-2024-27068 bsc#1223808).
+- Update
+  patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch
+  (git-fixes CVE-2024-27060 bsc#1223725).
+- Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch
+  (git-fixes CVE-2024-26919 bsc#1223847).
+- Update
+  patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch
+  (git-fixes CVE-2024-27048 bsc#1223760).
+- Update
+  patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch
+  (git-fixes CVE-2024-27052 bsc#1223829).
+- Update
+  patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch
+  (git-fixes CVE-2024-27391 bsc#1223709).
+- Update
+  patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch
+  (git-fixes CVE-2024-27053 bsc#1223737).
+- commit 9296e40
+
+- Update
+  patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch
+  (git-fixes CVE-2023-52650 bsc#1223770).
+- Update
+  patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch
+  (git-fixes CVE-2023-52649 bsc#1223768).
+- Update
+  patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch
+  (git-fixes CVE-2023-52648 bsc#1223765).
+- Update
+  patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch
+  (git-fixes CVE-2023-52647 bsc#1223764).
+- commit f67398e
+
+- Update
+  patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch
+  (bsc#1215199 CVE-2022-48669 bsc#1223756).
+- commit e9a7939
+
+- Delete
+  patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace.
+  (bsc#1222654)
+- commit dc5c22e
+
+- Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch.
+- commit ca33aea
+
+- btrfs: qgroup: always free reserved space for extent records
+  (bsc#1216196).
+- commit 5a30b4d
+
+- Update
+  patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch
+  (git-fixes CVE-2024-26927 bsc#1223525).
+- commit d3c5f91
+
+- Update
+  patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch
+  (bsc#1219485 bsc#1219451 git-fixes).
+- Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch
+  (bsc#1219485 bsc#1219451 git-fixes).
+- Update
+  patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch
+  (bsc#1141539 git-fixes).
+- commit 73a9e98
+
+- net/ipv6: avoid possible UAF in ip6_route_mpath_notify()
+  (CVE-2024-26852 bsc#1223057)
+- commit 9474f59
+
+- kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415)
+- commit 689bcfa
+
kernel-obs-build
+- drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679).
+- commit 0c69759
+
+- rds: tcp: Fix use-after-free of net in reqsk_timer_handler()
+  (CVE-2024-26865 bsc#1223062).
+- commit 4df5c35
+
+- Update
+  patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch
+  (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699).
+- Update
+  patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch
+  (git-fixes CVE-2024-26959 bsc#1223667).
+- Update
+  patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch
+  (git-fixes CVE-2024-27059 bsc#1223738).
+- Update
+  patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch
+  (git-fixes CVE-2024-27071 bsc#1223734).
+- Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch
+  (git-fixes CVE-2024-27038 bsc#1223816).
+- Update
+  patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch
+  (git-fixes CVE-2024-27039 bsc#1223821).
+- Update
+  patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch
+  (git-fixes CVE-2024-26970 bsc#1223644).
+- Update
+  patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch
+  (git-fixes CVE-2024-26969 bsc#1223645).
+- Update
+  patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch
+  (git-fixes CVE-2024-26968 bsc#1223642).
+- Update
+  patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch
+  (git-fixes CVE-2024-26966 bsc#1223646).
+- Update
+  patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch
+  (git-fixes CVE-2024-26965 bsc#1223648).
+- Update
+  patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch
+  (git-fixes CVE-2024-27037 bsc#1223717).
+- Update
+  patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch
+  (git-fixes CVE-2024-27051 bsc#1223769).
+- Update
+  patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch
+  (git-fixes CVE-2024-26974 bsc#1223638).
+- Update
+  patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch
+  (git-fixes CVE-2024-27040 bsc#1223711).
+- Update
+  patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch
+  (git-fixes CVE-2024-27045 bsc#1223826).
+- Update
+  patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch
+  (git-fixes CVE-2024-27044 bsc#1223723).
+- Update
+  patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch
+  (git-fixes CVE-2024-27041 bsc#1223714).
+- Update
+  patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch
+  (git-fixes CVE-2024-27042 bsc#1223823).
+- Update
+  patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch
+  (git-fixes CVE-2024-26979 bsc#1223628).
+- Update
+  patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch
+  (jsc#PED-7542 CVE-2024-27023 bsc#1223776).
+- Update
+  patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch
+  (git-fixes CVE-2024-27075 bsc#1223842).
+- Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch
+  (git-fixes CVE-2024-27043 bsc#1223824).
+- Update
+  patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch
+  (git-fixes CVE-2024-27074 bsc#1223844).
+- Update
+  patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch
+  (git-fixes CVE-2024-27076 bsc#1223779).
+- Update
+  patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch
+  (git-fixes CVE-2024-27073 bsc#1223843).
+- Update
+  patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch
+  (git-fixes CVE-2024-27072 bsc#1223837).
+- Update
+  patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch
+  (git-fixes CVE-2024-27077 bsc#1223780).
+- Update
+  patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch
+  (git-fixes CVE-2024-27078 bsc#1223781).
+- Update
+  patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch
+  (git-fixes CVE-2024-27047 bsc#1223828).
+- Update
+  patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch
+  (git-fixes CVE-2024-26956 bsc#1223663).
+- Update
+  patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch
+  (git-fixes CVE-2024-26955 bsc#1223657).
+- Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch
+  (git-fixes CVE-2024-26977 bsc#1223631).
+- Update
+  patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch
+  (git-fixes CVE-2024-26975 bsc#1223632).
+- Update
+  patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch
+  (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819).
+- Update
+  patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch
+  (bsc#1221816 CVE-2024-26931 bsc#1223627).
+- Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch
+  (bsc#1221816 CVE-2024-26929 bsc#1223715).
+- Update
+  patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch
+  (bsc#1221816 CVE-2024-26930 bsc#1223626).
+- Update
+  patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch
+  (git-fixes CVE-2024-27068 bsc#1223808).
+- Update
+  patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch
+  (git-fixes CVE-2024-27060 bsc#1223725).
+- Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch
+  (git-fixes CVE-2024-26919 bsc#1223847).
+- Update
+  patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch
+  (git-fixes CVE-2024-27048 bsc#1223760).
+- Update
+  patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch
+  (git-fixes CVE-2024-27052 bsc#1223829).
+- Update
+  patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch
+  (git-fixes CVE-2024-27391 bsc#1223709).
+- Update
+  patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch
+  (git-fixes CVE-2024-27053 bsc#1223737).
+- commit 9296e40
+
+- Update
+  patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch
+  (git-fixes CVE-2023-52650 bsc#1223770).
+- Update
+  patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch
+  (git-fixes CVE-2023-52649 bsc#1223768).
+- Update
+  patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch
+  (git-fixes CVE-2023-52648 bsc#1223765).
+- Update
+  patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch
+  (git-fixes CVE-2023-52647 bsc#1223764).
+- commit f67398e
+
+- Update
+  patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch
+  (bsc#1215199 CVE-2022-48669 bsc#1223756).
+- commit e9a7939
+
+- Delete
+  patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace.
+  (bsc#1222654)
+- commit dc5c22e
+
+- Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch.
+- commit ca33aea
+
+- btrfs: qgroup: always free reserved space for extent records
+  (bsc#1216196).
+- commit 5a30b4d
+
+- Update
+  patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch
+  (git-fixes CVE-2024-26927 bsc#1223525).
+- commit d3c5f91
+
+- Update
+  patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch
+  (bsc#1219485 bsc#1219451 git-fixes).
+- Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch
+  (bsc#1219485 bsc#1219451 git-fixes).
+- Update
+  patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch
+  (bsc#1141539 git-fixes).
+- commit 73a9e98
+
+- net/ipv6: avoid possible UAF in ip6_route_mpath_notify()
+  (CVE-2024-26852 bsc#1223057)
+- commit 9474f59
+
+- kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415)
+- commit 689bcfa
+
kernel-obs-qa
+- drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679).
+- commit 0c69759
+
+- rds: tcp: Fix use-after-free of net in reqsk_timer_handler()
+  (CVE-2024-26865 bsc#1223062).
+- commit 4df5c35
+
+- Update
+  patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch
+  (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699).
+- Update
+  patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch
+  (git-fixes CVE-2024-26959 bsc#1223667).
+- Update
+  patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch
+  (git-fixes CVE-2024-27059 bsc#1223738).
+- Update
+  patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch
+  (git-fixes CVE-2024-27071 bsc#1223734).
+- Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch
+  (git-fixes CVE-2024-27038 bsc#1223816).
+- Update
+  patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch
+  (git-fixes CVE-2024-27039 bsc#1223821).
+- Update
+  patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch
+  (git-fixes CVE-2024-26970 bsc#1223644).
+- Update
+  patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch
+  (git-fixes CVE-2024-26969 bsc#1223645).
+- Update
+  patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch
+  (git-fixes CVE-2024-26968 bsc#1223642).
+- Update
+  patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch
+  (git-fixes CVE-2024-26966 bsc#1223646).
+- Update
+  patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch
+  (git-fixes CVE-2024-26965 bsc#1223648).
+- Update
+  patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch
+  (git-fixes CVE-2024-27037 bsc#1223717).
+- Update
+  patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch
+  (git-fixes CVE-2024-27051 bsc#1223769).
+- Update
+  patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch
+  (git-fixes CVE-2024-26974 bsc#1223638).
+- Update
+  patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch
+  (git-fixes CVE-2024-27040 bsc#1223711).
+- Update
+  patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch
+  (git-fixes CVE-2024-27045 bsc#1223826).
+- Update
+  patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch
+  (git-fixes CVE-2024-27044 bsc#1223723).
+- Update
+  patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch
+  (git-fixes CVE-2024-27041 bsc#1223714).
+- Update
+  patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch
+  (git-fixes CVE-2024-27042 bsc#1223823).
+- Update
+  patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch
+  (git-fixes CVE-2024-26979 bsc#1223628).
+- Update
+  patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch
+  (jsc#PED-7542 CVE-2024-27023 bsc#1223776).
+- Update
+  patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch
+  (git-fixes CVE-2024-27075 bsc#1223842).
+- Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch
+  (git-fixes CVE-2024-27043 bsc#1223824).
+- Update
+  patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch
+  (git-fixes CVE-2024-27074 bsc#1223844).
+- Update
+  patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch
+  (git-fixes CVE-2024-27076 bsc#1223779).
+- Update
+  patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch
+  (git-fixes CVE-2024-27073 bsc#1223843).
+- Update
+  patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch
+  (git-fixes CVE-2024-27072 bsc#1223837).
+- Update
+  patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch
+  (git-fixes CVE-2024-27077 bsc#1223780).
+- Update
+  patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch
+  (git-fixes CVE-2024-27078 bsc#1223781).
+- Update
+  patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch
+  (git-fixes CVE-2024-27047 bsc#1223828).
+- Update
+  patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch
+  (git-fixes CVE-2024-26956 bsc#1223663).
+- Update
+  patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch
+  (git-fixes CVE-2024-26955 bsc#1223657).
+- Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch
+  (git-fixes CVE-2024-26977 bsc#1223631).
+- Update
+  patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch
+  (git-fixes CVE-2024-26975 bsc#1223632).
+- Update
+  patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch
+  (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819).
+- Update
+  patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch
+  (bsc#1221816 CVE-2024-26931 bsc#1223627).
+- Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch
+  (bsc#1221816 CVE-2024-26929 bsc#1223715).
+- Update
+  patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch
+  (bsc#1221816 CVE-2024-26930 bsc#1223626).
+- Update
+  patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch
+  (git-fixes CVE-2024-27068 bsc#1223808).
+- Update
+  patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch
+  (git-fixes CVE-2024-27060 bsc#1223725).
+- Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch
+  (git-fixes CVE-2024-26919 bsc#1223847).
+- Update
+  patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch
+  (git-fixes CVE-2024-27048 bsc#1223760).
+- Update
+  patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch
+  (git-fixes CVE-2024-27052 bsc#1223829).
+- Update
+  patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch
+  (git-fixes CVE-2024-27391 bsc#1223709).
+- Update
+  patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch
+  (git-fixes CVE-2024-27053 bsc#1223737).
+- commit 9296e40
+
+- Update
+  patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch
+  (git-fixes CVE-2023-52650 bsc#1223770).
+- Update
+  patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch
+  (git-fixes CVE-2023-52649 bsc#1223768).
+- Update
+  patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch
+  (git-fixes CVE-2023-52648 bsc#1223765).
+- Update
+  patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch
+  (git-fixes CVE-2023-52647 bsc#1223764).
+- commit f67398e
+
+- Update
+  patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch
+  (bsc#1215199 CVE-2022-48669 bsc#1223756).
+- commit e9a7939
+
+- Delete
+  patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace.
+  (bsc#1222654)
+- commit dc5c22e
+
+- Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch.
+- commit ca33aea
+
+- btrfs: qgroup: always free reserved space for extent records
+  (bsc#1216196).
+- commit 5a30b4d
+
+- Update
+  patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch
+  (git-fixes CVE-2024-26927 bsc#1223525).
+- commit d3c5f91
+
+- Update
+  patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch
+  (bsc#1219485 bsc#1219451 git-fixes).
+- Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch
+  (bsc#1219485 bsc#1219451 git-fixes).
+- Update
+  patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch
+  (bsc#1141539 git-fixes).
+- commit 73a9e98
+
+- net/ipv6: avoid possible UAF in ip6_route_mpath_notify()
+  (CVE-2024-26852 bsc#1223057)
+- commit 9474f59
+
+- kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415)
+- commit 689bcfa
+
kernel-source
+- drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679).
+- commit 0c69759
+
+- rds: tcp: Fix use-after-free of net in reqsk_timer_handler()
+  (CVE-2024-26865 bsc#1223062).
+- commit 4df5c35
+
+- Update
+  patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch
+  (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699).
+- Update
+  patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch
+  (git-fixes CVE-2024-26959 bsc#1223667).
+- Update
+  patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch
+  (git-fixes CVE-2024-27059 bsc#1223738).
+- Update
+  patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch
+  (git-fixes CVE-2024-27071 bsc#1223734).
+- Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch
+  (git-fixes CVE-2024-27038 bsc#1223816).
+- Update
+  patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch
+  (git-fixes CVE-2024-27039 bsc#1223821).
+- Update
+  patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch
+  (git-fixes CVE-2024-26970 bsc#1223644).
+- Update
+  patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch
+  (git-fixes CVE-2024-26969 bsc#1223645).
+- Update
+  patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch
+  (git-fixes CVE-2024-26968 bsc#1223642).
+- Update
+  patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch
+  (git-fixes CVE-2024-26966 bsc#1223646).
+- Update
+  patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch
+  (git-fixes CVE-2024-26965 bsc#1223648).
+- Update
+  patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch
+  (git-fixes CVE-2024-27037 bsc#1223717).
+- Update
+  patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch
+  (git-fixes CVE-2024-27051 bsc#1223769).
+- Update
+  patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch
+  (git-fixes CVE-2024-26974 bsc#1223638).
+- Update
+  patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch
+  (git-fixes CVE-2024-27040 bsc#1223711).
+- Update
+  patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch
+  (git-fixes CVE-2024-27045 bsc#1223826).
+- Update
+  patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch
+  (git-fixes CVE-2024-27044 bsc#1223723).
+- Update
+  patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch
+  (git-fixes CVE-2024-27041 bsc#1223714).
+- Update
+  patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch
+  (git-fixes CVE-2024-27042 bsc#1223823).
+- Update
+  patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch
+  (git-fixes CVE-2024-26979 bsc#1223628).
+- Update
+  patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch
+  (jsc#PED-7542 CVE-2024-27023 bsc#1223776).
+- Update
+  patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch
+  (git-fixes CVE-2024-27075 bsc#1223842).
+- Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch
+  (git-fixes CVE-2024-27043 bsc#1223824).
+- Update
+  patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch
+  (git-fixes CVE-2024-27074 bsc#1223844).
+- Update
+  patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch
+  (git-fixes CVE-2024-27076 bsc#1223779).
+- Update
+  patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch
+  (git-fixes CVE-2024-27073 bsc#1223843).
+- Update
+  patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch
+  (git-fixes CVE-2024-27072 bsc#1223837).
+- Update
+  patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch
+  (git-fixes CVE-2024-27077 bsc#1223780).
+- Update
+  patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch
+  (git-fixes CVE-2024-27078 bsc#1223781).
+- Update
+  patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch
+  (git-fixes CVE-2024-27047 bsc#1223828).
+- Update
+  patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch
+  (git-fixes CVE-2024-26956 bsc#1223663).
+- Update
+  patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch
+  (git-fixes CVE-2024-26955 bsc#1223657).
+- Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch
+  (git-fixes CVE-2024-26977 bsc#1223631).
+- Update
+  patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch
+  (git-fixes CVE-2024-26975 bsc#1223632).
+- Update
+  patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch
+  (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819).
+- Update
+  patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch
+  (bsc#1221816 CVE-2024-26931 bsc#1223627).
+- Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch
+  (bsc#1221816 CVE-2024-26929 bsc#1223715).
+- Update
+  patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch
+  (bsc#1221816 CVE-2024-26930 bsc#1223626).
+- Update
+  patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch
+  (git-fixes CVE-2024-27068 bsc#1223808).
+- Update
+  patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch
+  (git-fixes CVE-2024-27060 bsc#1223725).
+- Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch
+  (git-fixes CVE-2024-26919 bsc#1223847).
+- Update
+  patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch
+  (git-fixes CVE-2024-27048 bsc#1223760).
+- Update
+  patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch
+  (git-fixes CVE-2024-27052 bsc#1223829).
+- Update
+  patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch
+  (git-fixes CVE-2024-27391 bsc#1223709).
+- Update
+  patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch
+  (git-fixes CVE-2024-27053 bsc#1223737).
+- commit 9296e40
+
+- Update
+  patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch
+  (git-fixes CVE-2023-52650 bsc#1223770).
+- Update
+  patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch
+  (git-fixes CVE-2023-52649 bsc#1223768).
+- Update
+  patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch
+  (git-fixes CVE-2023-52648 bsc#1223765).
+- Update
+  patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch
+  (git-fixes CVE-2023-52647 bsc#1223764).
+- commit f67398e
+
+- Update
+  patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch
+  (bsc#1215199 CVE-2022-48669 bsc#1223756).
+- commit e9a7939
+
+- Delete
+  patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace.
+  (bsc#1222654)
+- commit dc5c22e
+
+- Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch.
+- commit ca33aea
+
+- btrfs: qgroup: always free reserved space for extent records
+  (bsc#1216196).
+- commit 5a30b4d
+
+- Update
+  patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch
+  (git-fixes CVE-2024-26927 bsc#1223525).
+- commit d3c5f91
+
+- Update
+  patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch
+  (bsc#1219485 bsc#1219451 git-fixes).
+- Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch
+  (bsc#1219485 bsc#1219451 git-fixes).
+- Update
+  patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch
+  (bsc#1141539 git-fixes).
+- commit 73a9e98
+
+- net/ipv6: avoid possible UAF in ip6_route_mpath_notify()
+  (CVE-2024-26852 bsc#1223057)
+- commit 9474f59
+
+- kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415)
+- commit 689bcfa
+
kernel-source-azure
+- btrfs: qgroup: always free reserved space for extent records
+  (bsc#1216196).
+- commit 5a30b4d
+
+- Update
+  patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch
+  (git-fixes CVE-2024-26927 bsc#1223525).
+- commit d3c5f91
+
+- Update
+  patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch
+  (bsc#1219485 bsc#1219451 git-fixes).
+- Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch
+  (bsc#1219485 bsc#1219451 git-fixes).
+- Update
+  patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch
+  (bsc#1141539 git-fixes).
+- commit 73a9e98
+
+- net/ipv6: avoid possible UAF in ip6_route_mpath_notify()
+  (CVE-2024-26852 bsc#1223057)
+- commit 9474f59
+
+- kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415)
+- commit 689bcfa
+
+- Update kabi files: updated for post-PublicRC
+- commit f978f5f
+
+- Update
+  patches.suse/Bluetooth-btrtl-fix-out-of-bounds-memory-access.patch
+  (git-fixes CVE-2024-26890 bsc#1223192).
+- Update
+  patches.suse/RDMA-mlx5-Fix-fortify-source-warning-while-accessing.patch
+  (jsc#PED-3311 CVE-2024-26907 bsc#1223203).
+- Update
+  patches.suse/Revert-drm-amd-flush-any-delayed-gfxoff-on-suspend-e.patch
+  (git-fixes CVE-2024-26916 bsc#1223137).
+- Update
+  patches.suse/crypto-xilinx-call-finalize-with-bh-disabled.patch
+  (git-fixes CVE-2024-26877 bsc#1223140).
+- Update
+  patches.suse/dm-call-the-resume-method-on-internal-suspend-65e8.patch
+  (git-fixes CVE-2024-26880 bsc#1223188).
+- Update
+  patches.suse/drm-amd-display-Fix-dcn35-8k30-Underflow-Corruption-.patch
+  (git-fixes CVE-2024-26913 bsc#1223204).
+- Update
+  patches.suse/drm-amd-display-fix-incorrect-mpc_combine-array-size.patch
+  (git-fixes CVE-2024-26914 bsc#1223205).
+- Update patches.suse/drm-amdgpu-Reset-IH-OVERFLOW_CLEAR-bit.patch
+  (git-fixes CVE-2024-26915 bsc#1223207).
+- Update
+  patches.suse/firmware-arm_scmi-Fix-double-free-in-SMC-transport-c.patch
+  (git-fixes CVE-2024-26893 bsc#1223196).
+- Update
+  patches.suse/net-tls-fix-use-after-free-with-partial-reads-and-as.patch
+  (bsc#1221858 CVE-2024-26582 bsc#1220214).
+- Update
+  patches.suse/wifi-ath9k-delay-all-of-ath9k_wmi_event_tasklet-unti.patch
+  (git-fixes CVE-2024-26897 bsc#1223323).
+- Update
+  patches.suse/wifi-mt76-mt7921e-fix-use-after-free-in-free_irq.patch
+  (git-fixes CVE-2024-26892 bsc#1223195).
+- Update
+  patches.suse/wifi-wilc1000-prevent-use-after-free-on-vif-when-cle.patch
+  (git-fixes CVE-2024-26895 bsc#1223197).
+- commit d9b565f
+
+- Bluetooth: hci_sync: Using hci_cmd_sync_submit when removing
+  Adv Monitor (bsc#1219216).
+- commit 81c5485
+
+- Update
+  patches.suse/0001-fs-hugetlb-fix-NULL-pointer-dereference-in-hugetlbs_.patch
+  (bsc#1219264 CVE-2024-0841 CVE-2024-26688 bsc#1222482).
+- Update
+  patches.suse/0002-iommu-vt-d-Don-t-issue-ATS-Invalidation-request-when.patch
+  (git-fixes CVE-2024-26891 bsc#1223037).
+- Update
+  patches.suse/ACPI-processor_idle-Fix-memory-leak-in-acpi_processo.patch
+  (git-fixes CVE-2024-26894 bsc#1223043).
+- Update
+  patches.suse/ASoC-qcom-Fix-uninitialized-pointer-dmactl.patch
+  (git-fixes CVE-2024-26799 bsc#1222415).
+- Update
+  patches.suse/Bluetooth-Avoid-potential-use-after-free-in-hci_erro.patch
+  (git-fixes CVE-2024-26801 bsc#1222413).
+- Update patches.suse/Bluetooth-af_bluetooth-Fix-deadlock.patch
+  (git-fixes CVE-2024-26886 bsc#1223044).
+- Update
+  patches.suse/IB-hfi1-Fix-a-memleak-in-init_credit_return.patch
+  (git-fixes CVE-2024-26839 bsc#1222975).
+- Update
+  patches.suse/RDMA-irdma-Fix-KASAN-issue-with-tasklet.patch
+  (git-fixes CVE-2024-26838 bsc#1222974).
+- Update
+  patches.suse/RDMA-srpt-Do-not-register-event-handler-until-srpt-d.patch
+  (git-fixes CVE-2024-26872 bsc#1223115).
+- Update
+  patches.suse/afs-Fix-endless-loop-in-directory-parsing.patch
+  (git-fixes CVE-2024-26848 bsc#1223030).
+- Update
+  patches.suse/afs-Increase-buffer-size-in-afs_update_volume_status.patch
+  (git-fixes CVE-2024-26736 bsc#1222586).
+- Update
+  patches.suse/btrfs-fix-double-free-of-anonymous-device-after-snap.patch
+  (bsc#1219126 CVE-2024-23850 CVE-2024-26792 bsc#1222430).
+- Update
+  patches.suse/cachefiles-fix-memory-leak-in-cachefiles_add_cache.patch
+  (bsc#1220265 CVE-2024-26840 bsc#1222976).
+- Update
+  patches.suse/ceph-prevent-use-after-free-in-encode_cap_msg.patch
+  (bsc#1221391 CVE-2024-26689 bsc#1222503).
+- Update
+  patches.suse/clk-meson-Add-missing-clocks-to-axg_clk_regmaps.patch
+  (git-fixes CVE-2024-26879 bsc#1223066).
+- Update
+  patches.suse/crypto-algif_hash-Remove-bogus-SGL-free-on-zero-leng.patch
+  (git-fixes CVE-2024-26824 bsc#1223081).
+- Update
+  patches.suse/dmaengine-fsl-qdma-init-irq-after-reg-initialization.patch
+  (git-fixes CVE-2024-26788 bsc#1222783).
+- Update
+  patches.suse/dmaengine-idxd-Ensure-safe-user-copy-of-completion-r.patch
+  (bsc#1221428 git-fixes CVE-2024-26746 bsc#1222444).
+- Update
+  patches.suse/drm-amd-display-Fix-MST-Null-Ptr-for-RV.patch
+  (git-fixes CVE-2024-26700 bsc#1222870).
+- Update
+  patches.suse/drm-amd-display-Fix-memory-leak-in-dm_sw_fini.patch
+  (git-fixes CVE-2024-26833 bsc#1223036).
+- Update
+  patches.suse/drm-amd-display-Fix-potential-null-pointer-dereferen.patch
+  (git-fixes CVE-2024-26729 bsc#1222552).
+- Update
+  patches.suse/drm-amd-display-Prevent-potential-buffer-overflow-in.patch
+  (git-fixes CVE-2024-26797 bsc#1222425).
+- Update
+  patches.suse/drm-bridge-adv7511-fix-crash-on-irq-during-probe.patch
+  (git-fixes CVE-2024-26876 bsc#1223119).
+- Update
+  patches.suse/drm-buddy-Fix-alloc_range-error-handling-code.patch
+  (git-fixes CVE-2024-26911 bsc#1223055).
+- Update
+  patches.suse/drm-mediatek-Fix-a-null-pointer-crash-in-mtk_drm_crt.patch
+  (git-fixes CVE-2024-26874 bsc#1223048).
+- Update
+  patches.suse/drm-nouveau-fix-several-DMA-buffer-leaks.patch
+  (git-fixes CVE-2024-26912 bsc#1223064).
+- Update
+  patches.suse/efi-runtime-Fix-potential-overflow-of-soft-reserved-.patch
+  (git-fixes CVE-2024-26843 bsc#1223014).
+- Update
+  patches.suse/fbcon-always-restore-the-old-font-data-in-fbcon_do_s.patch
+  (git-fixes CVE-2024-26798 bsc#1222798).
+- Update
+  patches.suse/i40e-Do-not-allow-untrusted-VF-to-remove-administrat.patch
+  (git-fixes CVE-2024-26830 bsc#1223012).
+- Update
+  patches.suse/iio-adc-ad4130-zero-initialize-clock-init-data.patch
+  (git-fixes CVE-2024-26711 bsc#1222420).
+- Update
+  patches.suse/md-Don-t-suspend-the-array-for-interrupted-reshape-9e46.patch
+  (git-fixes CVE-2024-26755 bsc#1222529).
+- Update patches.suse/media-ir_toy-fix-a-memleak-in-irtoy_tx.patch
+  (git-fixes CVE-2024-26829 bsc#1223027).
+- Update
+  patches.suse/media-pvrusb2-fix-uaf-in-pvr2_context_set_notify.patch
+  (git-fixes CVE-2024-26875 bsc#1223118).
+- Update
+  patches.suse/msft-hv-2942-hv_netvsc-Register-VF-in-netvsc_probe-if-NET_DEVICE_.patch
+  (git-fixes CVE-2024-26820 bsc#1223078).
+- Update
+  patches.suse/net-bnx2x-Prevent-access-to-a-freed-page-in-page_poo.patch
+  (bsc#1215322 CVE-2024-26859 bsc#1223049).
+- Update
+  patches.suse/net-veth-clear-GRO-when-clearing-XDP-even-when-down.patch
+  (git-fixes CVE-2024-26803 bsc#1222788).
+- Update
+  patches.suse/nfc-nci-free-rx_data_reassembly-skb-on-NCI-device-cl.patch
+  (git-fixes CVE-2024-26825 bsc#1223065).
+- Update
+  patches.suse/nilfs2-fix-data-corruption-in-dsync-block-recovery-f.patch
+  (git-fixes CVE-2024-26697 bsc#1222550).
+- Update
+  patches.suse/nilfs2-fix-hang-in-nilfs_lookup_dirty_data_buffers.patch
+  (git-fixes CVE-2024-26696 bsc#1222549).
+- Update
+  patches.suse/powerpc-iommu-Fix-the-missing-iommu_group_put-during.patch
+  (jsc#PED-7779 jsc#PED-7780 git-fixes CVE-2024-26709
+  bsc#1222418).
+- Update
+  patches.suse/powerpc-kasan-Limit-KASAN-thread-size-increase-to-32.patch
+  (bsc#1215199 CVE-2024-26710 bsc#1222419).
+- Update
+  patches.suse/powerpc-pseries-iommu-DLPAR-add-doesn-t-completely-i.patch
+  (bsc#1215199 bsc#1219077 ltc#204477 CVE-2024-26738 bsc#1222607).
+- Update
+  patches.suse/powerpc-rtas-use-correct-function-name-for-resetting.patch
+  (bsc#1215199 CVE-2024-26847 bsc#1223026).
+- Update patches.suse/ppp_async-limit-MRU-to-64K.patch (git-fixes
+  CVE-2024-26675 bsc#1222379).
+- Update
+  patches.suse/scsi-Revert-scsi-fcoe-Fix-potential-deadlock-on-fip-ctlr_lock.patch
+  (git-fixes bsc#1219141 CVE-2024-26917 bsc#1223056).
+- Update
+  patches.suse/wifi-iwlwifi-mvm-fix-a-crash-when-we-run-out-of-stat.patch
+  (git-fixes CVE-2024-26693 bsc#1222451).
+- Update
+  patches.suse/wifi-mac80211-fix-race-condition-on-enabling-fast-xm.patch
+  (git-fixes CVE-2024-26779 bsc#1222772).
+- Update
+  patches.suse/wifi-wfx-fix-memory-leak-when-starting-AP.patch
+  (git-fixes CVE-2024-26896 bsc#1223042).
+- Update
+  patches.suse/xen-events-close-evtchn-after-mapping-cleanup.patch
+  (git-fixes CVE-2024-26687 bsc#1222435).
+- commit a69636a
+
+- Update
+  patches.suse/iio-core-fix-memleak-in-iio_device_register_sysfs.patch
+  (git-fixes CVE-2023-52643 bsc#1222960).
+- Update
+  patches.suse/media-rc-bpf-attach-detach-requires-write-permission.patch
+  (git-fixes CVE-2023-52642 bsc#1223031).
+- Update
+  patches.suse/wifi-b43-Stop-wake-correct-queue-in-DMA-Tx-path-when.patch
+  (git-fixes CVE-2023-52644 bsc#1222961).
+- commit 2c2d37f
+
+- Update patch reference of iio fix (CVE-2024-26702 bsc#1222424)
+- commit 9436142
+
+- nvme-tcp: strict pdu pacing to avoid send stalls on TLS
+  (bsc#1221858).
+- tls: fix peeking with sync+async decryption (bsc#1221858).
+- tls: don't skip over different type records from the rx_list
+  (bsc#1221858).
+- tls: stop recv() if initial process_rx_list gave us non-DATA
+  (bsc#1221858).
+- tls: break out of main loop when PEEK gets a non-data record
+  (bsc#1221858).
+- net: tls: fix returned read length with async decrypt
+  (bsc#1221858).
+- net: tls: fix use-after-free with partial reads and async
+  (bsc#1221858).
+- net: tls, fix WARNIING in __sk_msg_free (bsc#1221858).
+- commit 9d8d293
+
kernel-syms
+- drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679).
+- commit 0c69759
+
+- rds: tcp: Fix use-after-free of net in reqsk_timer_handler()
+  (CVE-2024-26865 bsc#1223062).
+- commit 4df5c35
+
+- Update
+  patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch
+  (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699).
+- Update
+  patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch
+  (git-fixes CVE-2024-26959 bsc#1223667).
+- Update
+  patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch
+  (git-fixes CVE-2024-27059 bsc#1223738).
+- Update
+  patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch
+  (git-fixes CVE-2024-27071 bsc#1223734).
+- Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch
+  (git-fixes CVE-2024-27038 bsc#1223816).
+- Update
+  patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch
+  (git-fixes CVE-2024-27039 bsc#1223821).
+- Update
+  patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch
+  (git-fixes CVE-2024-26970 bsc#1223644).
+- Update
+  patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch
+  (git-fixes CVE-2024-26969 bsc#1223645).
+- Update
+  patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch
+  (git-fixes CVE-2024-26968 bsc#1223642).
+- Update
+  patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch
+  (git-fixes CVE-2024-26966 bsc#1223646).
+- Update
+  patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch
+  (git-fixes CVE-2024-26965 bsc#1223648).
+- Update
+  patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch
+  (git-fixes CVE-2024-27037 bsc#1223717).
+- Update
+  patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch
+  (git-fixes CVE-2024-27051 bsc#1223769).
+- Update
+  patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch
+  (git-fixes CVE-2024-26974 bsc#1223638).
+- Update
+  patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch
+  (git-fixes CVE-2024-27040 bsc#1223711).
+- Update
+  patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch
+  (git-fixes CVE-2024-27045 bsc#1223826).
+- Update
+  patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch
+  (git-fixes CVE-2024-27044 bsc#1223723).
+- Update
+  patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch
+  (git-fixes CVE-2024-27041 bsc#1223714).
+- Update
+  patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch
+  (git-fixes CVE-2024-27042 bsc#1223823).
+- Update
+  patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch
+  (git-fixes CVE-2024-26979 bsc#1223628).
+- Update
+  patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch
+  (jsc#PED-7542 CVE-2024-27023 bsc#1223776).
+- Update
+  patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch
+  (git-fixes CVE-2024-27075 bsc#1223842).
+- Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch
+  (git-fixes CVE-2024-27043 bsc#1223824).
+- Update
+  patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch
+  (git-fixes CVE-2024-27074 bsc#1223844).
+- Update
+  patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch
+  (git-fixes CVE-2024-27076 bsc#1223779).
+- Update
+  patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch
+  (git-fixes CVE-2024-27073 bsc#1223843).
+- Update
+  patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch
+  (git-fixes CVE-2024-27072 bsc#1223837).
+- Update
+  patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch
+  (git-fixes CVE-2024-27077 bsc#1223780).
+- Update
+  patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch
+  (git-fixes CVE-2024-27078 bsc#1223781).
+- Update
+  patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch
+  (git-fixes CVE-2024-27047 bsc#1223828).
+- Update
+  patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch
+  (git-fixes CVE-2024-26956 bsc#1223663).
+- Update
+  patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch
+  (git-fixes CVE-2024-26955 bsc#1223657).
+- Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch
+  (git-fixes CVE-2024-26977 bsc#1223631).
+- Update
+  patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch
+  (git-fixes CVE-2024-26975 bsc#1223632).
+- Update
+  patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch
+  (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819).
+- Update
+  patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch
+  (bsc#1221816 CVE-2024-26931 bsc#1223627).
+- Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch
+  (bsc#1221816 CVE-2024-26929 bsc#1223715).
+- Update
+  patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch
+  (bsc#1221816 CVE-2024-26930 bsc#1223626).
+- Update
+  patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch
+  (git-fixes CVE-2024-27068 bsc#1223808).
+- Update
+  patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch
+  (git-fixes CVE-2024-27060 bsc#1223725).
+- Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch
+  (git-fixes CVE-2024-26919 bsc#1223847).
+- Update
+  patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch
+  (git-fixes CVE-2024-27048 bsc#1223760).
+- Update
+  patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch
+  (git-fixes CVE-2024-27052 bsc#1223829).
+- Update
+  patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch
+  (git-fixes CVE-2024-27391 bsc#1223709).
+- Update
+  patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch
+  (git-fixes CVE-2024-27053 bsc#1223737).
+- commit 9296e40
+
+- Update
+  patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch
+  (git-fixes CVE-2023-52650 bsc#1223770).
+- Update
+  patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch
+  (git-fixes CVE-2023-52649 bsc#1223768).
+- Update
+  patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch
+  (git-fixes CVE-2023-52648 bsc#1223765).
+- Update
+  patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch
+  (git-fixes CVE-2023-52647 bsc#1223764).
+- commit f67398e
+
+- Update
+  patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch
+  (bsc#1215199 CVE-2022-48669 bsc#1223756).
+- commit e9a7939
+
+- Delete
+  patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace.
+  (bsc#1222654)
+- commit dc5c22e
+
+- Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch.
+- commit ca33aea
+
+- btrfs: qgroup: always free reserved space for extent records
+  (bsc#1216196).
+- commit 5a30b4d
+
+- Update
+  patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch
+  (git-fixes CVE-2024-26927 bsc#1223525).
+- commit d3c5f91
+
+- Update
+  patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch
+  (bsc#1219485 bsc#1219451 git-fixes).
+- Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch
+  (bsc#1219485 bsc#1219451 git-fixes).
+- Update
+  patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch
+  (bsc#1141539 git-fixes).
+- commit 73a9e98
+
+- net/ipv6: avoid possible UAF in ip6_route_mpath_notify()
+  (CVE-2024-26852 bsc#1223057)
+- commit 9474f59
+
+- kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415)
+- commit 689bcfa
+
kernel-syms-azure
+- btrfs: qgroup: always free reserved space for extent records
+  (bsc#1216196).
+- commit 5a30b4d
+
+- Update
+  patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch
+  (git-fixes CVE-2024-26927 bsc#1223525).
+- commit d3c5f91
+
+- Update
+  patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch
+  (bsc#1219485 bsc#1219451 git-fixes).
+- Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch
+  (bsc#1219485 bsc#1219451 git-fixes).
+- Update
+  patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch
+  (bsc#1141539 git-fixes).
+- commit 73a9e98
+
+- net/ipv6: avoid possible UAF in ip6_route_mpath_notify()
+  (CVE-2024-26852 bsc#1223057)
+- commit 9474f59
+
+- kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415)
+- commit 689bcfa
+
+- Update kabi files: updated for post-PublicRC
+- commit f978f5f
+
+- Update
+  patches.suse/Bluetooth-btrtl-fix-out-of-bounds-memory-access.patch
+  (git-fixes CVE-2024-26890 bsc#1223192).
+- Update
+  patches.suse/RDMA-mlx5-Fix-fortify-source-warning-while-accessing.patch
+  (jsc#PED-3311 CVE-2024-26907 bsc#1223203).
+- Update
+  patches.suse/Revert-drm-amd-flush-any-delayed-gfxoff-on-suspend-e.patch
+  (git-fixes CVE-2024-26916 bsc#1223137).
+- Update
+  patches.suse/crypto-xilinx-call-finalize-with-bh-disabled.patch
+  (git-fixes CVE-2024-26877 bsc#1223140).
+- Update
+  patches.suse/dm-call-the-resume-method-on-internal-suspend-65e8.patch
+  (git-fixes CVE-2024-26880 bsc#1223188).
+- Update
+  patches.suse/drm-amd-display-Fix-dcn35-8k30-Underflow-Corruption-.patch
+  (git-fixes CVE-2024-26913 bsc#1223204).
+- Update
+  patches.suse/drm-amd-display-fix-incorrect-mpc_combine-array-size.patch
+  (git-fixes CVE-2024-26914 bsc#1223205).
+- Update patches.suse/drm-amdgpu-Reset-IH-OVERFLOW_CLEAR-bit.patch
+  (git-fixes CVE-2024-26915 bsc#1223207).
+- Update
+  patches.suse/firmware-arm_scmi-Fix-double-free-in-SMC-transport-c.patch
+  (git-fixes CVE-2024-26893 bsc#1223196).
+- Update
+  patches.suse/net-tls-fix-use-after-free-with-partial-reads-and-as.patch
+  (bsc#1221858 CVE-2024-26582 bsc#1220214).
+- Update
+  patches.suse/wifi-ath9k-delay-all-of-ath9k_wmi_event_tasklet-unti.patch
+  (git-fixes CVE-2024-26897 bsc#1223323).
+- Update
+  patches.suse/wifi-mt76-mt7921e-fix-use-after-free-in-free_irq.patch
+  (git-fixes CVE-2024-26892 bsc#1223195).
+- Update
+  patches.suse/wifi-wilc1000-prevent-use-after-free-on-vif-when-cle.patch
+  (git-fixes CVE-2024-26895 bsc#1223197).
+- commit d9b565f
+
+- Bluetooth: hci_sync: Using hci_cmd_sync_submit when removing
+  Adv Monitor (bsc#1219216).
+- commit 81c5485
+
+- Update
+  patches.suse/0001-fs-hugetlb-fix-NULL-pointer-dereference-in-hugetlbs_.patch
+  (bsc#1219264 CVE-2024-0841 CVE-2024-26688 bsc#1222482).
+- Update
+  patches.suse/0002-iommu-vt-d-Don-t-issue-ATS-Invalidation-request-when.patch
+  (git-fixes CVE-2024-26891 bsc#1223037).
+- Update
+  patches.suse/ACPI-processor_idle-Fix-memory-leak-in-acpi_processo.patch
+  (git-fixes CVE-2024-26894 bsc#1223043).
+- Update
+  patches.suse/ASoC-qcom-Fix-uninitialized-pointer-dmactl.patch
+  (git-fixes CVE-2024-26799 bsc#1222415).
+- Update
+  patches.suse/Bluetooth-Avoid-potential-use-after-free-in-hci_erro.patch
+  (git-fixes CVE-2024-26801 bsc#1222413).
+- Update patches.suse/Bluetooth-af_bluetooth-Fix-deadlock.patch
+  (git-fixes CVE-2024-26886 bsc#1223044).
+- Update
+  patches.suse/IB-hfi1-Fix-a-memleak-in-init_credit_return.patch
+  (git-fixes CVE-2024-26839 bsc#1222975).
+- Update
+  patches.suse/RDMA-irdma-Fix-KASAN-issue-with-tasklet.patch
+  (git-fixes CVE-2024-26838 bsc#1222974).
+- Update
+  patches.suse/RDMA-srpt-Do-not-register-event-handler-until-srpt-d.patch
+  (git-fixes CVE-2024-26872 bsc#1223115).
+- Update
+  patches.suse/afs-Fix-endless-loop-in-directory-parsing.patch
+  (git-fixes CVE-2024-26848 bsc#1223030).
+- Update
+  patches.suse/afs-Increase-buffer-size-in-afs_update_volume_status.patch
+  (git-fixes CVE-2024-26736 bsc#1222586).
+- Update
+  patches.suse/btrfs-fix-double-free-of-anonymous-device-after-snap.patch
+  (bsc#1219126 CVE-2024-23850 CVE-2024-26792 bsc#1222430).
+- Update
+  patches.suse/cachefiles-fix-memory-leak-in-cachefiles_add_cache.patch
+  (bsc#1220265 CVE-2024-26840 bsc#1222976).
+- Update
+  patches.suse/ceph-prevent-use-after-free-in-encode_cap_msg.patch
+  (bsc#1221391 CVE-2024-26689 bsc#1222503).
+- Update
+  patches.suse/clk-meson-Add-missing-clocks-to-axg_clk_regmaps.patch
+  (git-fixes CVE-2024-26879 bsc#1223066).
+- Update
+  patches.suse/crypto-algif_hash-Remove-bogus-SGL-free-on-zero-leng.patch
+  (git-fixes CVE-2024-26824 bsc#1223081).
+- Update
+  patches.suse/dmaengine-fsl-qdma-init-irq-after-reg-initialization.patch
+  (git-fixes CVE-2024-26788 bsc#1222783).
+- Update
+  patches.suse/dmaengine-idxd-Ensure-safe-user-copy-of-completion-r.patch
+  (bsc#1221428 git-fixes CVE-2024-26746 bsc#1222444).
+- Update
+  patches.suse/drm-amd-display-Fix-MST-Null-Ptr-for-RV.patch
+  (git-fixes CVE-2024-26700 bsc#1222870).
+- Update
+  patches.suse/drm-amd-display-Fix-memory-leak-in-dm_sw_fini.patch
+  (git-fixes CVE-2024-26833 bsc#1223036).
+- Update
+  patches.suse/drm-amd-display-Fix-potential-null-pointer-dereferen.patch
+  (git-fixes CVE-2024-26729 bsc#1222552).
+- Update
+  patches.suse/drm-amd-display-Prevent-potential-buffer-overflow-in.patch
+  (git-fixes CVE-2024-26797 bsc#1222425).
+- Update
+  patches.suse/drm-bridge-adv7511-fix-crash-on-irq-during-probe.patch
+  (git-fixes CVE-2024-26876 bsc#1223119).
+- Update
+  patches.suse/drm-buddy-Fix-alloc_range-error-handling-code.patch
+  (git-fixes CVE-2024-26911 bsc#1223055).
+- Update
+  patches.suse/drm-mediatek-Fix-a-null-pointer-crash-in-mtk_drm_crt.patch
+  (git-fixes CVE-2024-26874 bsc#1223048).
+- Update
+  patches.suse/drm-nouveau-fix-several-DMA-buffer-leaks.patch
+  (git-fixes CVE-2024-26912 bsc#1223064).
+- Update
+  patches.suse/efi-runtime-Fix-potential-overflow-of-soft-reserved-.patch
+  (git-fixes CVE-2024-26843 bsc#1223014).
+- Update
+  patches.suse/fbcon-always-restore-the-old-font-data-in-fbcon_do_s.patch
+  (git-fixes CVE-2024-26798 bsc#1222798).
+- Update
+  patches.suse/i40e-Do-not-allow-untrusted-VF-to-remove-administrat.patch
+  (git-fixes CVE-2024-26830 bsc#1223012).
+- Update
+  patches.suse/iio-adc-ad4130-zero-initialize-clock-init-data.patch
+  (git-fixes CVE-2024-26711 bsc#1222420).
+- Update
+  patches.suse/md-Don-t-suspend-the-array-for-interrupted-reshape-9e46.patch
+  (git-fixes CVE-2024-26755 bsc#1222529).
+- Update patches.suse/media-ir_toy-fix-a-memleak-in-irtoy_tx.patch
+  (git-fixes CVE-2024-26829 bsc#1223027).
+- Update
+  patches.suse/media-pvrusb2-fix-uaf-in-pvr2_context_set_notify.patch
+  (git-fixes CVE-2024-26875 bsc#1223118).
+- Update
+  patches.suse/msft-hv-2942-hv_netvsc-Register-VF-in-netvsc_probe-if-NET_DEVICE_.patch
+  (git-fixes CVE-2024-26820 bsc#1223078).
+- Update
+  patches.suse/net-bnx2x-Prevent-access-to-a-freed-page-in-page_poo.patch
+  (bsc#1215322 CVE-2024-26859 bsc#1223049).
+- Update
+  patches.suse/net-veth-clear-GRO-when-clearing-XDP-even-when-down.patch
+  (git-fixes CVE-2024-26803 bsc#1222788).
+- Update
+  patches.suse/nfc-nci-free-rx_data_reassembly-skb-on-NCI-device-cl.patch
+  (git-fixes CVE-2024-26825 bsc#1223065).
+- Update
+  patches.suse/nilfs2-fix-data-corruption-in-dsync-block-recovery-f.patch
+  (git-fixes CVE-2024-26697 bsc#1222550).
+- Update
+  patches.suse/nilfs2-fix-hang-in-nilfs_lookup_dirty_data_buffers.patch
+  (git-fixes CVE-2024-26696 bsc#1222549).
+- Update
+  patches.suse/powerpc-iommu-Fix-the-missing-iommu_group_put-during.patch
+  (jsc#PED-7779 jsc#PED-7780 git-fixes CVE-2024-26709
+  bsc#1222418).
+- Update
+  patches.suse/powerpc-kasan-Limit-KASAN-thread-size-increase-to-32.patch
+  (bsc#1215199 CVE-2024-26710 bsc#1222419).
+- Update
+  patches.suse/powerpc-pseries-iommu-DLPAR-add-doesn-t-completely-i.patch
+  (bsc#1215199 bsc#1219077 ltc#204477 CVE-2024-26738 bsc#1222607).
+- Update
+  patches.suse/powerpc-rtas-use-correct-function-name-for-resetting.patch
+  (bsc#1215199 CVE-2024-26847 bsc#1223026).
+- Update patches.suse/ppp_async-limit-MRU-to-64K.patch (git-fixes
+  CVE-2024-26675 bsc#1222379).
+- Update
+  patches.suse/scsi-Revert-scsi-fcoe-Fix-potential-deadlock-on-fip-ctlr_lock.patch
+  (git-fixes bsc#1219141 CVE-2024-26917 bsc#1223056).
+- Update
+  patches.suse/wifi-iwlwifi-mvm-fix-a-crash-when-we-run-out-of-stat.patch
+  (git-fixes CVE-2024-26693 bsc#1222451).
+- Update
+  patches.suse/wifi-mac80211-fix-race-condition-on-enabling-fast-xm.patch
+  (git-fixes CVE-2024-26779 bsc#1222772).
+- Update
+  patches.suse/wifi-wfx-fix-memory-leak-when-starting-AP.patch
+  (git-fixes CVE-2024-26896 bsc#1223042).
+- Update
+  patches.suse/xen-events-close-evtchn-after-mapping-cleanup.patch
+  (git-fixes CVE-2024-26687 bsc#1222435).
+- commit a69636a
+
+- Update
+  patches.suse/iio-core-fix-memleak-in-iio_device_register_sysfs.patch
+  (git-fixes CVE-2023-52643 bsc#1222960).
+- Update
+  patches.suse/media-rc-bpf-attach-detach-requires-write-permission.patch
+  (git-fixes CVE-2023-52642 bsc#1223031).
+- Update
+  patches.suse/wifi-b43-Stop-wake-correct-queue-in-DMA-Tx-path-when.patch
+  (git-fixes CVE-2023-52644 bsc#1222961).
+- commit 2c2d37f
+
+- Update patch reference of iio fix (CVE-2024-26702 bsc#1222424)
+- commit 9436142
+
+- nvme-tcp: strict pdu pacing to avoid send stalls on TLS
+  (bsc#1221858).
+- tls: fix peeking with sync+async decryption (bsc#1221858).
+- tls: don't skip over different type records from the rx_list
+  (bsc#1221858).
+- tls: stop recv() if initial process_rx_list gave us non-DATA
+  (bsc#1221858).
+- tls: break out of main loop when PEEK gets a non-data record
+  (bsc#1221858).
+- net: tls: fix returned read length with async decrypt
+  (bsc#1221858).
+- net: tls: fix use-after-free with partial reads and async
+  (bsc#1221858).
+- net: tls, fix WARNIING in __sk_msg_free (bsc#1221858).
+- commit 9d8d293
+
kernel-zfcpdump
+- drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679).
+- commit 0c69759
+
+- rds: tcp: Fix use-after-free of net in reqsk_timer_handler()
+  (CVE-2024-26865 bsc#1223062).
+- commit 4df5c35
+
+- Update
+  patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch
+  (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699).
+- Update
+  patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch
+  (git-fixes CVE-2024-26959 bsc#1223667).
+- Update
+  patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch
+  (git-fixes CVE-2024-27059 bsc#1223738).
+- Update
+  patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch
+  (git-fixes CVE-2024-27071 bsc#1223734).
+- Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch
+  (git-fixes CVE-2024-27038 bsc#1223816).
+- Update
+  patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch
+  (git-fixes CVE-2024-27039 bsc#1223821).
+- Update
+  patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch
+  (git-fixes CVE-2024-26970 bsc#1223644).
+- Update
+  patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch
+  (git-fixes CVE-2024-26969 bsc#1223645).
+- Update
+  patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch
+  (git-fixes CVE-2024-26968 bsc#1223642).
+- Update
+  patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch
+  (git-fixes CVE-2024-26966 bsc#1223646).
+- Update
+  patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch
+  (git-fixes CVE-2024-26965 bsc#1223648).
+- Update
+  patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch
+  (git-fixes CVE-2024-27037 bsc#1223717).
+- Update
+  patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch
+  (git-fixes CVE-2024-27051 bsc#1223769).
+- Update
+  patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch
+  (git-fixes CVE-2024-26974 bsc#1223638).
+- Update
+  patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch
+  (git-fixes CVE-2024-27040 bsc#1223711).
+- Update
+  patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch
+  (git-fixes CVE-2024-27045 bsc#1223826).
+- Update
+  patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch
+  (git-fixes CVE-2024-27044 bsc#1223723).
+- Update
+  patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch
+  (git-fixes CVE-2024-27041 bsc#1223714).
+- Update
+  patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch
+  (git-fixes CVE-2024-27042 bsc#1223823).
+- Update
+  patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch
+  (git-fixes CVE-2024-26979 bsc#1223628).
+- Update
+  patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch
+  (jsc#PED-7542 CVE-2024-27023 bsc#1223776).
+- Update
+  patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch
+  (git-fixes CVE-2024-27075 bsc#1223842).
+- Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch
+  (git-fixes CVE-2024-27043 bsc#1223824).
+- Update
+  patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch
+  (git-fixes CVE-2024-27074 bsc#1223844).
+- Update
+  patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch
+  (git-fixes CVE-2024-27076 bsc#1223779).
+- Update
+  patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch
+  (git-fixes CVE-2024-27073 bsc#1223843).
+- Update
+  patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch
+  (git-fixes CVE-2024-27072 bsc#1223837).
+- Update
+  patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch
+  (git-fixes CVE-2024-27077 bsc#1223780).
+- Update
+  patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch
+  (git-fixes CVE-2024-27078 bsc#1223781).
+- Update
+  patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch
+  (git-fixes CVE-2024-27047 bsc#1223828).
+- Update
+  patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch
+  (git-fixes CVE-2024-26956 bsc#1223663).
+- Update
+  patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch
+  (git-fixes CVE-2024-26955 bsc#1223657).
+- Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch
+  (git-fixes CVE-2024-26977 bsc#1223631).
+- Update
+  patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch
+  (git-fixes CVE-2024-26975 bsc#1223632).
+- Update
+  patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch
+  (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819).
+- Update
+  patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch
+  (bsc#1221816 CVE-2024-26931 bsc#1223627).
+- Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch
+  (bsc#1221816 CVE-2024-26929 bsc#1223715).
+- Update
+  patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch
+  (bsc#1221816 CVE-2024-26930 bsc#1223626).
+- Update
+  patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch
+  (git-fixes CVE-2024-27068 bsc#1223808).
+- Update
+  patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch
+  (git-fixes CVE-2024-27060 bsc#1223725).
+- Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch
+  (git-fixes CVE-2024-26919 bsc#1223847).
+- Update
+  patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch
+  (git-fixes CVE-2024-27048 bsc#1223760).
+- Update
+  patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch
+  (git-fixes CVE-2024-27052 bsc#1223829).
+- Update
+  patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch
+  (git-fixes CVE-2024-27391 bsc#1223709).
+- Update
+  patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch
+  (git-fixes CVE-2024-27053 bsc#1223737).
+- commit 9296e40
+
+- Update
+  patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch
+  (git-fixes CVE-2023-52650 bsc#1223770).
+- Update
+  patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch
+  (git-fixes CVE-2023-52649 bsc#1223768).
+- Update
+  patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch
+  (git-fixes CVE-2023-52648 bsc#1223765).
+- Update
+  patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch
+  (git-fixes CVE-2023-52647 bsc#1223764).
+- commit f67398e
+
+- Update
+  patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch
+  (bsc#1215199 CVE-2022-48669 bsc#1223756).
+- commit e9a7939
+
+- Delete
+  patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace.
+  (bsc#1222654)
+- commit dc5c22e
+
+- Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch.
+- commit ca33aea
+
+- btrfs: qgroup: always free reserved space for extent records
+  (bsc#1216196).
+- commit 5a30b4d
+
+- Update
+  patches.suse/ASoC-SOF-Add-some-bounds-checking-to-firmware-data.patch
+  (git-fixes CVE-2024-26927 bsc#1223525).
+- commit d3c5f91
+
+- Update
+  patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch
+  (bsc#1219485 bsc#1219451 git-fixes).
+- Update patches.suse/0001-s390-qdio-handle-deferred-cc1.patch
+  (bsc#1219485 bsc#1219451 git-fixes).
+- Update
+  patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch
+  (bsc#1141539 git-fixes).
+- commit 73a9e98
+
+- net/ipv6: avoid possible UAF in ip6_route_mpath_notify()
+  (CVE-2024-26852 bsc#1223057)
+- commit 9474f59
+
+- kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415)
+- commit 689bcfa
+
libcontainers-common
+- Introduce new subpackage that ships registries.conf that uses
+  registry.suse.com as the only unqualified registry while pulling images on
+  SL Micro and SP6. (jsc#SMO-376, jsc#PED-8289)
+
+- Add patch to keep containers.conf modifications in sync with upstream (bsc#1213556)
+  + 0001-containers.conf-SUSE-clear-cni-config-dir-for-ALP.patch
+- Fallback to podman's default capabilities and journal driver via containers.conf
+- New release 20240408
+- bump bundled c/common to 0.58.0
+- bump bundled c/image to 5.30.0
+- bump bundled c/storage to 1.53.0
+
+- reenable SUSE registry key validation for new key.
+
+- disable the SUSE registry key validation temporary to switch the key on
+  registry.suse.com.
+
+- New release 20240206
+- bump bundled c/common to 0.57.4
+- bump bundled c/image to 0.29.2
+- conditionally require libcontainers-sles-mounds for product(SLE-Micro) as well
+  (SLE Micro 6.0 now no longer provides product(SUSE_SLE) and instead only
+  provides product(SLE-Micro)), fixes bsc#1216443
+
+- New release 20231204
+-  bump c/common to 0.57.0
+  * Bump to v0.56.0 by
+  * Fix typo in comment
+  * fix(deps): update module github.com/opencontainers/image-spec to v1.1.0-rc5
+  * Fix specification of unix:///run
+  * libimage/layer_tree: if parent is empty and a manifest list then ignore check.
+  * fix(deps): update module github.com/onsi/ginkgo/v2 to v2.12.1
+  * Split up util package into pkg/password, pkg/copy, pkg/version
+  * Remove ActiveDestination method to move into podman
+  * Default machine CPUs to Cores/2
+  * pkg/config: do NOT set StaticDir and VolumeDir
+  * Implement negated label match function
+  * chore: import packages only once
+  * CoC: fix email link
+-  bump c/storage to 1.51.0
+  * Bump to v1.50.2
+  * overlay, composefs: mount loop device RO
+  * Run codespell on code
+  * fix(deps): update module github.com/klauspost/compress to v1.17.0
+  * store: serialize container deletion
+  * pkg/system: reduce retry timeout for EnsureRemoveAll
+  * overlay, composefs: use data-only lower layers
+  * store: call RecordWrite() before graphDriver Cleanup()
+  * fix(deps): update module golang.org/x/sys to v0.13.0
+-  bump c/image to 5.29.0
+  * Bump to v5.28.0
+  * fix(deps): update module github.com/containers/storage to v1.50.2
+  * Run codespell on code
+  * fix(deps): update module github.com/opencontainers/image-spec to v1.1.0-rc5
+  * Use constants and types from opencontainers/image-spec/specs-go/v1
+  * progress: set Current before Refill
+  * copy: fix nil pointer dereference when checking compression algorithm
+  * fix(deps): update module github.com/klauspost/compress to v1.17.0
+  * fix(deps): update module github.com/sylabs/sif/v2 to v2.14.0
+  * ociarchive: Add new ArchiveFileNotFoundError
+
libguestfs
+- Set Recommends on zerofree and ntfsprogs for libguestfs-appliance
+
+- Switch Recommends to Requires for several packages in the
+  libguestfs-appliance which is where the tools from these
+  packages are used. (bsc#1223444)
+
+- Require ntfs-3g for libguestfs-winsupport
+  libguestfs.spec
+
+- Upstream bug fixes
+  Split-chown-parameter-on-character.patch
+  Initialise-bar-fp-as-NULL.patch
+
+- bsc#1206361 - SLES 15 SP5 Beta2 - virt-customize ssh-inject fails
+  (s390x/kvm/libvirt) (-> Server-Applications module)
+  use-rtc-driftfix-slew-for-x86-only.patch
+
+- BuildRequire pkgconfig(libzstd) additionaly to zstd: we need the
+  devel package. In the past, it was pulled in by indirect deps.
+
+- Copy sorted packagelist to packages during supermin appliance
+  setup. (bsc#1215586)
+  libguestfs.spec
+
libnvme
+- Update to version 1.8+26.gc96fbe8:
+  * fabrics: keyring is a long (bsc#1216982)
+  * config-schema.json.in: tls keys and keyrings are strings (bsc#1216982)
+  * linux: Add nvme_scan_tls_keys() (bsc#1216982)
+  * json: dump TLS key data in PSK interchange format (bsc#1216982)
+  * json: import TLS key from PSK interchange format (bsc#1216982)
+  * json: export TLS key in PSK interchange format (bsc#1216982)
+  * tree: read TLS key in nvme_configure_ctrl() (bsc#1216982)
+  * linux: rework nvme_insert_tls_key_versioned() (bsc#1216982)
+  * linux: add nvme_import_tls_key() (bsc#1216982)
+  * linux: add nvme_export_tls_key() (bsc#1216982)
+  * crc32: Add CRC32 algorithm (bsc#1216982)
+  * linux: add nvme_update_key() (bsc#1216982)
+  * linux: add nvme_read_key() (bsc#1216982)
+  * linux: allow for NULL argument in nvme_lookup_keyring() (bsc#1216982)
+  * tree: use strtou32 to read lba_size
+  * tree: fix lba_count size calculation
+  * libnvme : record the nvme pci adapter physical slot (bsc#1223208)
+  * tree: fix mem leak in nvme_ns_init() (bsc#1223331)
+
nvme-cli
+- Update to version2.8+19.g47882bb:
+  * nvme: fix mem leak in multiple key related functions (bsc#1223331)
+  * fabrics: fix mem leak in nvmf_check_hostid_and_hostnqn() (bsc#1223331)
+  * nvme: check-tls-key fails despite having hostnqn file (bsc#1223331)
+  * nvme: print retained key for gen-tls-key's -i option too (bsc#1223331)
+  * nvme-print: print more details in ns-descs verbose output (bsc#1223331)
+  * nvme: use library functions for importing and exporting TLS keys (bsc#1216982)
+  * nvme: Fix to cleanup free raw_secret memory allocated
+
openssl-1_1
+- Security fix: [bsc#1222548, CVE-2024-2511]
+  * Fix unconstrained session cache growth in TLSv1.3
+  * Add openssl-CVE-2024-2511.patch
+
openssl-3
+- Security fix: [bsc#1222548, CVE-2024-2511]
+  * Fix unconstrained session cache growth in TLSv1.3
+  * Add openssl-CVE-2024-2511.patch
+
opensuse-welcome
+- Update to version 0.1.9+git.55.08b0379:
+  * Update README.md
+  * Refresh README with build instructions
+  * adding donate button to allow donations to the Geeko Foundation
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Russian)
+
+- remove dependency on /usr/bin/python3 using
+  %python3_fix_shebang_path macro, [bsc#1212476]
+
osinfo-db
+- bsc#1222738 - virt-manager shows SLE Micro 6.0 in suggested OS
+  version should be SL Micro 6.0
+  add-slm6.0-support.patch
+  Drop add-slem6.0-support.patch
+
ovmf
+- Add the following patches from edk2-stable202402 for CVE-2022-36763:
+  - ovmf-SecurityPkg-DxeTpm2MeasureBootLib-SECURITY-PATCH-4117.patch
+    1ddcb9fc6b41 SecurityPkg: : Adding CVE 2022-36763 to SecurityFixes.yaml
+  - ovmf-SecurityPkg-DxeTpmMeasureBootLib-SECURITY-PATCH-4117.patch
+    4776a1b39ee0 SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4117 - CVE 2022-36763
+  - ovmf-SecurityPkg-Adding-CVE-2022-36763-to-SecurityFixes.y.patch
+    224446543206 SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4117 - CVE 2022-36763
+    (bsc#1218678, CVE-2022-36763)
+- Add the following patches from edk2-stable202402 for CVE-2022-36764:
+  - ovmf-SecurityPkg-DxeTpm2MeasureBootLib-SECURITY-PATCH-4118.patch
+    8f6d343ae639 SecurityPkg: : Adding CVE 2022-36764 to SecurityFixes.yaml
+  - ovmf-SecurityPkg-DxeTpmMeasureBootLib-SECURITY-PATCH-4118.patch
+    0d341c01eeab SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4118 - CVE 2022-36764
+  - ovmf-SecurityPkg-Adding-CVE-2022-36764-to-SecurityFixes.y.patch
+    c7b279442181 SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4118 - CVE 2022-36764
+    (bsc#1218679, CVE-2022-36764)
+- All the above patches for CVE-2022-36763 and CVE-2022-36764 need the
+  following patches. We also backported them:
+  - ovmf-SecurityPkg-DxeTpm2MeasureBootLib-SECURITY-PATCH-4117-4118-symbol-rename.patch
+    264636d8e698 SecurityPkg: : Updating SecurityFixes.yaml after symbol rename
+  - ovmf-SecurityPkg-DxeTpmMeasureBootLib-SECURITY-PATCH-4117-4118-symbol-rename.patch
+    326db0c90720 SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4117/4118 symbol rename
+  - ovmf-SecurityPkg-Updating-SecurityFixes.yaml-after-symbol.patch
+    40adbb7f628d SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4117/4118 symbol rename
+    (bsc#1218678, CVE-2022-36763)(bsc#1218679, CVE-2022-36764)
+
package-translations
+- Update to version 89.87.20240323.9bdb784:
+  * Update for Leap 15.6 RC poo#131735
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (English (United Kingdom))
+  * Translated using Weblate (Finnish)
+  * Translated using Weblate (French)
+  * Translated using Weblate (German)
+  * Translated using Weblate (Japanese)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Ukrainian)
+
pam_pkcs11
+- Fix for bsc#1221255:
+  * Add patch 0001-Set-slot_num-configuration-parameter-to-0-by-default.patch
+
-- Updated to version 0.6.6:
-  * Compatible with pcsc-lite-1.6.
-  * New mapper API.
-  * Minor fixes.
-  * Translaton updates.
-
patterns-base
+- Cherry-pick SLE change
+  * Enhanced base system: drop recommendation of openssh-server-config-rootlogin
+  * Latest openssh in SP6 restores the previous behaviour of previous
+    Service Packs by default, and drops the package.
+    This essentially reverts the previous change. A new package,
+    openssh-server-config-disallow-rootlogin can be installed to set
+    PermitRootLogin to prohibit-password (bsc#1223486).
+
patterns-server
+- kvm and xen: drop recommendation of openssh-server-config-rootlogin
+  * Latest openssh in SP6 restores the previous behaviour of previous
+    Service Packs by default, and drops the package.
+    This essentially reverts the previous change. A new package,
+    openssh-server-config-disallow-rootlogin can be installed to set
+    PermitRootLogin to prohibit-password (bsc#1223486).
+
pipewire
+- Update to version 1.0.5+git36.60deeb2 to fix several crashes,
+  NULL checks, format strings and other issues:
+  * spa: libcamera: fix RGB mappings
+  * pw-dump: destroy all objects not just those matching the pattern
+  * pw-dump: fix string memory leak on error
+  * json: fix high surrogate escapes
+  * core: handle import errors better
+  * gst/src: fix crash when current_caps is NULL
+  * gst/src: Avoid unnecessary renegotiations during streaming
+  * gst/src: Cleanups for src_negotiate()
+  * pw-mon: fix type confusion in core event handler
+  * gst: fix stream params memory leak
+  * gst: handle some more errors
+  * treewide: fix errno assignments
+  * alsa-pcm: don't force quantum for iec958 formats
+  * journal: prepend code location to messages at debug log levels
+  * module-rt: fix compiler warning
+  * filter-chain: fix arguments of calloc
+  * combine-stream tag forward
+  * Add album to tag metadata
+  * impl-node: avoid bitfield races
+  * treewide: fix some format string issues
+  * conf: warn when match actions are missing
+  * module-protocol-simple: handle 'node.name' property
+  * module-ffado: only start after ports are configured
+  * context: fill basic properties early
+  * combine-stream: fix latency-compensate with resample.disabled=true
+  * profiler: remove unused data-loop
+  * v4l2: fix printf format
+  * spa: v4l2: encode device id into a json array
+  * spa: libcamera: encode device ids into a json array
+  * impl-port: avoid doing work when the port is destroyed
+  * impl-port: use 0 size when clearing IO
+  * stream: log a warning when media.class and direction mismatch
+  * module-loopback: only enable delay with valid rate and channels
+  * alsa: fix race when updating the eventfd
+  * audioconvert: also clamp monitor volume to min/max
+  * combine-stream: actually make use of resample.disable
+
+- Update to version 1.0.5:
+  * Highlights
+  - pw_stream can now report timestamps on buffers and the
+    expected amount of samples for the resampler.
+  - The GStreamer element now has more correct timestamps using
+    the new pw_stream timestamps as a fallback.
+  - The FFADO module now handles suspend and resume better.
+  - A regression in v4l2 was fixed when parsing malformed
+    filters.
+  - A potential memory/fd leak was fixed in client-node.
+  - Many more small bugfixes and improvements.
+  * PipeWire
+  - pw_stream now reports the expected resampler input or output
+    size in the pw_time structure. (#3750)
+  - pw_stream now also adds a time field to the buffer, which
+    contains the time of the graph when the buffer was received
+    in the stream.
+  - Fix a compiler error when compiling with -Werror=shadow.
+    (#3915)
+  - The config parser will warn when invalid config is detected.
+  * Modules
+  - The FFADO module now opens and closes when suspending. This
+    fixes some problems when FFADO properties are changed while
+    suspended. (#3558)
+  - Filter-chain will now warn when invalid config is detected.
+  - Echo-cancel will now handle manage the state of the
+    echo-cancel plugin better, making sure run() is not called
+    after deactivate().
+  - Fix some potential memory/fd leaks in client-node.
+  * SPA
+  - Improve reading the bound ALSA controls.
+  - The resampler can now also report the number of expected
+    output samples.
+  - The ALSA ACP device objects have some more properties like
+    the card.id and alsa.components. (#3912)
+  - Fix a potential string corruption when parsing JSON strings.
+  - V4l2 now sets the latency on the port. (#3910)
+  - alsa-udev now has an option to expose the device even if
+    busy. (#3914)
+  - Improve null-audio-sink channel handling. (#3931)
+  - v4l2 will now drop the first frame because it often contains
+    wrong timestamps or garbage. (#3910)
+  - A regression in v4l2 was fixed where invalid/empty properties
+    in the filter would make it error early. (#3959)
+  * GStreamer
+  - The source now falls back to the new pw_buffer time for the
+    timestamps.
+  * Docs
+  - Sync with the master branch.
+
+- Move the jack spa plugin from the pipewire-spa-plugins-0_2
+  package to a new pipewire-spa-plugins-0_2-jack package. This
+  allows to not Suggest the pipewire-libjack package from
+  pipewire-spa-plugins-0_2 since that's only used to connect
+  pipewire as a client to a jack server which is not common at all
+  (boo#1222253).
+
+- Avoid %if %{pkg_vcmp gcc < 8}, instead replicate the condition
+  from the BuildRequires section.
+
product-builder
+- 1.2.17
+  * fix PowerPC build failure introduced in 1.2.16 (bsc#1224010)
+
+- 1.2.16
+  * PowerPC: no more -part partitions (bsc#1206021)
+
python-Django
-- Import fix-safemimetext-set_payload.patch from the Factory version, fixes
-  tests on python 3.11.9+ (gh#django/django@b231bcd19e57, bsc#1222880)
+- Add fix-safemimetext-set_payload.patch, to support python 3.11.9+
+  (gh#django/django@b231bcd19e57, bsc#1222880)
-- Add CVE-2024-27351.patch patch (CVE-2024-27351, bsc#1220358)
+-  Update to 4.2.11 (CVE-2024-27351, bsc#1220358)
+  * CVE-2024-27351: Potential regular expression denial-of-service in
+    django.utils.text.Truncator.words()
+  * Fixed a regression in Django 4.2.10 where intcomma template filter
+    could return a leading comma for string representation of floats
+- Remove python3122.patch, already upstream
+
+- Add python3122.patch to fix tests with python 3.12.2
+  gh#django/django#17843
+- Update to 4.2.10 (bsc#1219683, CVE-2024-24680):
+  - Django 4.2.10 fixes a security issue with severity "moderate" in
+    4.2.9.
+    CVE-2024-24680: Potential denial-of-service in intcomma template
+    filter The intcomma template filter was subject to a potential
+    denial-of-service attack when used with very long strings.
python3-sip4
+- Rename the macros.python_all-sip4 file to macros.python3_all-sip4
+  so it doesn't conflict with the file from python311-sip4-common
+  and also rename the macro defined within from %python_sip_api_ver
+  to %python3_sip_api_ver in case the sip api version of one of the
+  packages changes in the future (bsc#1224000)
+
rabbitmq-server
-- Sync Factory version (3.12.11) Into SLE-15-SP6
-- The following bugs were fixed in upstream updates rather then
-  via patching.
-  * CVE-2021-22116
-  * CVE-2021-32718
-  * CVE-2021-32719
-  * CVE-2022-31008
-  * CVE-2023-46118
-  * bsc#1186203
-  * bsc#1187818
-  * bsc#1187819
-  * bsc#1199431
-  * bsc#1205267
-  * bsc#1216582
-- The following patches are no longer needed
-  * bsc1199431.patch
-  * fix-CVE-2021-22116.patch
-  * fix-CVE-2021-32718.patch
-  * fix-CVE-2021-32719.patch
-  * fix-CVE-2022-31008-0.patch
-  * fix-CVE-2022-31008-1.patch
-  * fix-CVE-2022-31008-2.patch
-  * fix-CVE-2022-31008-3.patch
-  * fix-CVE-2023-46118-0.patch
-  * fix-CVE-2023-46118-1.patch
-- The following are the dropped changelog entries minus datestamps
-- Simon Lees <sflees@suse.de>
-  Danilo Spinella <danilo.spinella@suse.com>
+
-  Danilo Spinella <danilo.spinella@suse.com>
+
-  Danilo Spinella <danilo.spinella@suse.com>
+
-- update to 3.12.11:
-  * Quorum queue declared when one of cluster nodes was down
-    could trigger connection exceptions.
-  * Avoids a rare exception that could stop TCP socket writes on
-    a client connection.
-  * `queue_deleted` and `queue_created` internal events now
-    include queue type as a module name, and not an inconsistent
-    (with the other queue and stream types) value `classic`.
-  * Definition files that are virtual host-specific cannot be
-    imported on boot. Such files will now be detected early and
-    the import process will terminate after logging a more
-    informative message.
-  * Several AMQP 1.0 application properties are now more
-    correctly converted to AMQP 0-9-1 headers by
-    cross-protocol Shovels.
-  * The priority property now populates an AMQP 1.0 header with
-    the same name, per AMQP 1.0 spec.
-  * Metric label values now escape certain non-ASCII characters.
-  * Avoids an exception when an MQTT client that used a QoS 0
-    subscription reconnects and its original connection node
-    is down.
-  * Avoids an exception when an MQTT client connection was force-
-    closed via the HTTP API.
-  * Certain CLI commands could not be run in a shell script loop,
-    unless the script explicitly redirected standard input.
-  * `rabbitmq-diagnostics cluster_status` now responds much
-    quicker when a cluster node has gone down, were shut down,
-    or otherwise has become unreachable by the rest of the cluster.
-  * Reverted a change to `DELETE /api/queues/{vhost}/{name}` that
-    allowed removal of exclusive queues and introduced
-    unexpected side effects.
-  * `DELETE /api/policies/{vhost}/{policy}` returned a 500
-    response instead of a 404 one when target virtual host did
-    not exist.
-  * Avoid log noise when an HTTP API request is issued against a
-    booting or very freshly booted node.
-  * HTTP API endpoints that involves contacting multiple nodes
-    now respond much quicker when a cluster node
-    has gone down, were shut down, or otherwise has become
-    unreachable by the rest of the cluster
-  * Definition exported for just one virtual host cannot be
-    imported at node boot time.
-  * Now such files are detected early with a clear log message
-    and immediate node boot process termination.
-  * To obtain source code of the entire distribution, please
-    download the archive named `rabbitmq-server-3.12.11.tar.xz`
-    instead of the source tarball produced by GitHub.
-
-- update to 3.12.10:
-  * Avoids two Shovels being started after an upgrade from 3.12.6
-    or older versions.
-  * When a topic permission was deleted, an internal event of type
-    permission.deleted was emitted in some cases, instead of
-    topic.permission.deleted.
-  * Shovels on 3.12.8 nodes failed during a rolling cluster upgrade
-    due to internal identifier format changes.
-  * Avoids an unnecessary warning in the logs.
-  * avoids a potential exception in the autoheal partition handler.
-  * raft.segment_max_entries is now validated to prevent the value
-    from overflowing its 16-bit segment file field. Maximum
-    supported value is now 65535.
-
--  update to 3.12.7:
-  * Stream replication connections configured to use exclusively
-    TLSv1.3 failed.
-  * On startup, stream replicas will handle one more potential
-    case of segment file corruption after an unclean shutdown.
-  * `default_policies.*.queue_pattern` definition in
-    `rabbitmq.conf` was incorrectly parsed.
-  * Avoid log noise when inter-node connections frequently fail
-    and recover.
-  * Optimized stream index scans. Longer scans could result in
-    some replicas stopping with a timeout.
-  * Classic queue storage version is now a supported key for
-    operator policies.
-  * Queue length limit overflow behavior now can be configured
-    via operator policies.
-  * Several `list_stream_*` commands (available via both
-    `rabbitmq-diagnostics` and `rabbitmq-streams`) commands now
-    can display replica node in addition to other fields.
-  * `rabbitmqctl add_user` now can accept a pre-generated salted
-    password instead of a plain text password, both as a
-    positional argument and via standard input:
-  * Message consumption with the "Nack message, requeue: true"
-    option did not actually requeue deliveries.
-  * HTTP API request body size is now limited to 10 MiB by
-    default.
-  * Two endpoints, one that accepts messages for publishing
-    (note: publishing over the HTTP API is greatly discouraged)
-  * and another for definition import,
-  * will now reject larger transfers with a `400 Bad Request`
-    response.
-  * `DELETE /api/queues/{vhost}/{name}` now can delete exclusive
-    queues.
-  * Key supported by operator policies are now grouped by queue
-    type in the UI.
-  * Improved data safety for confirms in environments where the
-    plugin uses classic queues.
-  * Avoid an exception when a not fully established MQTT-over-
-    WebSockets connection terminated.
-  * Recovery of bindings of durable queues bound to a transient
-    JMS topic exchange failed.
-  * Recovery of bindings of durable queues bound to a transient
-    `x-modulo-hash` exchange failed.
-  * Recovery of bindings of durable queues bound to a transient
-    recent history exchange failed.
-  * `osiris` has been upgraded to `1.6.9`
-  * Queue recovery on node restart in certain conditions could
-    run into an exception
-  * `file_handle_cache` operations are now safer when handling
-    non-existent keys.
-  * Fixed a potential resource leak in at-least-once dead
-    lettering from quorum queues.
-  * AMQP 1.0 clients that try to publish in a way that results in
-    the message not being routed anywhere are now notified with
-    a more sensible settlement status.
-  * Prometheus scraping API endpoints now support optional
-    authentication.
-  * The plugin now filters out values that are `undefined` or
-    `NaN`, simply excluding them from the API endpoint response.
-    Previously, if a metric was not computed for any reason (e.g.
-    free disk space monitor was disabled on the node),
-    its value could end up being rendered as `undefined` or `NaN`,
-    two values that Prometheus scrapers cannot handle (for
-  * The plugin will now enforce maximum STOMP frame size. Frames
-    larger than that size will be rejected. The default maximum
-    size is 4 MiB. It can be increased or decreased:
-  * ``` ini
-  * # increase maximum supported STOMP frame size to 10 MiB
-  * stomp.max_frame_size = 10485760
-  * ```
-  * To reduce it from the default 4 MiB to 2 MiB:
-  * ``` ini
-  * # 2 MiB
-  * stomp.max_frame_size = 2097152
-  * ```
-  * Shovel will gracefully stop when its destination (target)
-    does not exist.
-  * Such shovels will then be periodically restarted to retry.
-  * It is now possible to opt in to deactivate file handle cache
-    use in the plugin:
-  * ``` ini
-  * web_mqtt.use_file_handle_cache = false
-  * ```
-  * It is now possible to opt in to deactivate file handle cache
-    use in the plugin:
-  * ``` ini
-  * web_stomp.use_file_handle_cache = false
-  * ```
-  * `ra` was upgraded to `2.6.3`
-  * Declaration of a classic queue could run into an exception.
-  * Classic queues v1 (CQv1) that had a backlog of messages
-    stored by 3.9 and earlier versions could run into an exception
-    during queue index recovery after an upgrade to 3.10.x or any
-    later series.
-  * Nodes that had a large number of quorum queues could observe
-    accumulation of Erlang processes under significant load.
-  * Feature flag discovery on a newly added node could discover
-    an incomplete inventory of feature flags.
-  * Feature flag discovery operations will now be retried
-    multiple times in case of network failures.
-  * Nodes in clusters that had quorum queues and non-mirrored
-    classic queues on stopped (or failed) nodes could run into an
-    exception.
-  * The same exception could affect `rabbitmqctl list_queues`.
-  * Proxy Protocol v2 LOCAL packets were not supported.
-  * When a quorum queue does not find its local replica data
-    files on boot, it will now log a warning.
-  * An attempt to clear limits of a non-existent virtual host
-    failed with a 500 status code.
-  * The "Queues" tab in the UI was renamed to "Queue and Streams"
-    to better reflect its contents.
-  * New HTTP API endpoints for quorum queue replica management,
-    equivalent to the `rabbitmq-queues` commands that manage replicas.
-  * ```
-  * POST /api/queues/quorum/{vhost}/{name}/replicas/add
-  * DELETE /api/queues/quorum/{vhost}/{name}/replicas/remove
-  * POST /api/queues/quorum/replicas/on/{node}/grow
-  * DELETE /api/queues/quorum/replicas/on/{node}/shrink
-  * ```
-  * Stream client connections that authenticated using x.509
-    certificates failed.
-  * Only set OAuth 2 client's CA certificate file setting when it
-    is defined.
-  * The plugin will now accept JWT tokens without a `scope`. Such
-    tokens would only be useful when the plugin is used exclusively
-    for authentication and not authorization.
-  * `oauth2` is now an accepted alias for the OAuth 2
-    authentication and authorization backend:
-  * ```
-  * auth_backends.1 = oauth2
-  * ```
-  * Previously the only option for OAuth 2 was using a full
-    module name, `rabbit_auth_backend_oauth2`.
-  * STOMP plugin log entries had an extra line feed character.
-  * `ra` was upgraded to `2.6.2`
-
-- Improve erlang-rabbitmq-client Provides:
-  The package provides two erlang applications: amqp_client and rabbit_common
-  which are expected to be Required as erlang-%{appname}
-
-- Update to 3.12.0
-  * Optimizations for both quorum and classic queues: improved throughput,
-    lower throughput variability, lower latency, lower memory footprint
-  * More mature and efficient implementation of (non-mirrored) classic
-    queues v2 (CQv2)
-  * Classic queue lazy and non-lazy modes no longer apply: classic
-    queues v2 always behave very similarly
-  * to the lazy mode in earlier release series: moving data to disk
-    aggressively and only keeping a subset of data in memory
-  * Significantly reduced MQTT and Web MQTT memory footprint per connection
-  * OAuth 2, OIDC, IDP support
-  * Even more configurability of the OAuth 2 plugin
-- More bugfixes and enhancements:
-  https://www.rabbitmq.com/changelog.html
-
-- Update to 3.11.3
-  + Core Server
-  * Stream unsubscription leaked metric counters.
-  * Stream could become unavailable in certain node or network
-    failure scenarios.
-  * It is now possible to pre-configure virtual host limits for
-    groups of virtual hosts.
-  * Quorum queue replicas no longer try to contact their unreachable
-    peers for metrics.
-  + CLI Tools
-  * rabbitmq-diagnostics status now handles server responses where
-    free disk space is not yet computed.
-  * All enabled (explicitly or as a dependency) plugins are scanned.
-  * rabbitmq-diagnostics memory_breakdown now returns results much
-    faster in environments with a large number of quorum queues.
-
-- Update to version 3.10.10:
-  + Core Server
-  * Partially reverts an unsafe inter-node communication
-    optimization that could affect classic mirrored queue
-    operation ordering.
-  * Classic mirrored queue leader replica issued to much credit
-    to follower replicas, resulting in an uneven load and
-    memory footprint between them.
-  * Intra-cluster communication link metric collector could run
-    into an exception when peer connection has just been
-    re-established, e.g. after a peer node restart.
-  + MQTT Plugin
-  * When a node was put into maintenance mode, it closed all MQTT
-    client connections cluster-wide instead of just local client
-    connections.
-- For updates between 3.10.5 and 3.10.9, please see
-  https://www.rabbitmq.com/changelog.html
-
-- Update to 3.10.5
-  * Quorum queue could run into an exception when dead lettering a message
-    under certain conditions.
-- Changes from 3.10.4
-  * Avoid seeding default user in old clusters that still use the deprecated
-    management.load_definitions option.
-  * Streams could run into an exception or fetch stale stream position
-    data in some scenarios.
-  * rabbitmqctl set_log_level did not have any effect on logging via
-    amq.rabbitmq.log
-
-- Update to 3.10.2
-  * Default log level used a four-character severity abbreviation
-    instead of more common longer format, for example, warn instead
-    of warning.
-  * Fix CLI tools failed to run on Erlang 25
-
-- add upstream signing key and verify source signature
-
-- Update to 3.10.0
-  * See https://github.com/rabbitmq/rabbitmq-server/blob/v3.10.x/release-notes/3.10.0.md
-    for the full changelog.
-  * Potentially breaking changes
-  - Messages delivered by a quorum queue and negatively acknowledged
-    with a requeue will be added to the back of the queue until the
-    queue has redelivery limit set. With a redelivery limit, requeueing
-    will use the original position of the message if possible.
-  - idle_since field now uses RFC 3339 format.
-
-- Update to 3.9.14
-  * See https://github.com/rabbitmq/rabbitmq-server/blob/v3.9.x/release-notes/3.9.14.md
-    for the full changelog.
-  * Build time compatibility with Elixir 1.13 (gh#rabbitmq/rabbitmq-server#4019)
-  - Drop Elixir-1.13-OptionParser-no-longer-supports-atom-val.patch
-  - Drop Support-Elixir-1.13.patch
-  * Adapt to a breaking Erlang 24.3 LDAP client change.
-
-- Add zsh BuildRequires to fix "directories not owned by a package"
-  in zsh-completion.
-
-- Update to 3.9.13
-  * Core Server Bug Fixes and Enhancements
-  - Disk space monitor now correctly parses output on (at least
-    some) systems where non-ASCII characters are used in paths.
-  - Stream leader election is now deterministic when cluster is
-    undergoing a rolling upgrade.
-  - Queue and binding definition import can be delayed until a
-    moment when at least N nodes (e.g. three) have joined the
-    cluster.
-- Allow building with Elixir 1.13.x
-  * Support-Elixir-1.13.patch
-  * Elixir-1.13-OptionParser-no-longer-supports-atom-val.patch
-
-- Update to 3.9.12
-  * See https://github.com/rabbitmq/rabbitmq-server/blob/v3.9.x/release-notes/3.9.12.md
-    for the full changelog.
-  * Core Server Bug Fixes and Enhancements
-  - (Fix) Authentication and authorization backend exceptions
-    could potentially leak user-provided credentials to node log.
-  - Unnamed parameters and policies in definition files will now
-    be rejected as invalid.
-
-- Update to 3.9.11
-  * Core Server Bug Fixes
-  - When a TLS-enabled listener failed to stop, it logged all of
-    its settings which could contain sensitive values.
-  * Core Server Enhancements
-  - Quorum queues now store commands for enqueued messages in a
-    more compact format on disk (some derivative data has been dropped).
-  - queue.declare-ok response to AMQP 0-9-1 clients operating on
-    a stream could return a ready-for-delivery message count
-    value that was out of sync with the stream leader replica.
-  - Classic queues now deliver more efficiently on channels that
-    had global QoS changed during consumer operation.
-  * Prometheus Plugin Enhancements
-  - New optional metrics provided by the GET /metrics/detailed
-    endpoint. These metrics are cluster-wide, and therefore must
-    not be aggregated.
-  * Management Agent Plugin Enhancements
-  - Disabling the plugin will stop metric collection performed
-    periodically by queues, streams, connections, et cetera.
-- Changes in 3.9.10:
-  * Core Server Bug Fixes
-  - Make stream coordinator more defensive to rapid declaration
-    and deletion cycles.
-  * Core Server Enhancements
-  - Several inter-node communication listener settings are now
-    exposed to rabbitmq.conf:
-    + distribution.listener.port_range.min = 25675
-    + distribution.listener.port_range.max = 25675
-    + distribution.listener.interface = 192.168.0.1
-  * OAuth 2 Plugin Bug Fixes
-  - Signing keys specified in rabbitmq.conf were not translated
-    correctly, resulting in exceptions during permission checks.
-- Drop upstreamed patch
-  * harden_rabbitmq-server.service.patch: https://github.com/rabbitmq/rabbitmq-server/pull/3770
-
-- Update to 3.9.9:
-  * Core Server Bug Fixes
-  - Fixed an issue where node monitor could produce a false network
-    partition when one of the cluster members was restarted.
-  - Message store resiliency improvements.
-  - Reduced log noise in certain scenarios where a new queue leader
-    is elected.
-  - Queue leader rebalancing now logs less.
-  * Prometheus Plugin Bug Fixes
-  - TLS-enabled Prometheus endpoint listener port was not correctly
-    stored internally.
-  * Management Plugin Bug Fixes
-  - Persistent message count is now displayed correctly on
-    individual queue pages.
-  - Restore compatibility with IE 11.
-  * Consistent Hashing Exchange Plugin Bug Fixes
-  - Corrected deletion of duplicate bindings between an exchange
-    and a queue.
-  * Enhancements
-  - Core Server: cluster_formation.target_cluster_size_hint is a
-    new configuration setting that can be used to specify expected
-    initial cluster size.
-  - Prometheus Plugin: Metric rendering efficiency improvements
-    (mostly latency).
-- Don't install the (now gone) OCF script.
-- Refreshed patch:
-  * harden_rabbitmq-server.service.patch
-
-- Added hardening to systemd service(s) (bsc#1181400). Added patch(es):
-  * harden_rabbitmq-server.service.patch
-  Modified:
-  * rabbitmq-server.service
-
-- Update to 3.9.8:
-  * Core Server Bug Fixes
-  - When the mandatory flag was used when publishing to classic
-    queues, but publisher confirms were not, channels memory
-    usage would grow indefinitely.
-  - rabbitmq-diagnostics memory_breakdown failed to read memory
-    of connection reader, writer and channel processes.
-  - In some environments, Stream replicas advertised IP
-    addresses that could not be reached by cluster peers.
-    RabbitMQ node hostnames are now advertised as well so that
-    other peers can resolve them to get an externally visible IP
-    address.
-  * Prometheus Plugin Enhancements
-  - More data is exposed via the GET /metrics/detailed endpoint.
-  * Management Plugin Bug Fixes
-  - When setting topic permissions, the list of exchanges in the
-    UI now honors the currently selected virtual host.
-  * AWS Peer Discovery Plugin Enhancements
-  - The plugin now logs more details for failed AWS API
-    requests.
-  * Web STOMP Plugin Enhancements
-  - STOMP-over-WebSockets connections now can consume from
-    streams.
-
-- Update to 3.9.7:
-  + All Components
-  * All bytecode is now compiled using the +deterministic
-    compiler flag. This should eliminate the capture of some
-    irrelevant build environment attributes in produced
-    artifacts, improve consistency between builds, and reduce the
-    file level diff between release artifacts.
-  + Core Server
-  * Enhancements
-  - Classic queue shutdown now uses a much higher timeout (up
-    to 10 minutes instead of 30 seconds).
-  - In environments with many queues (especially mirrored
-    queues) and many consumers this means that the chance of
-    queue indices rebuilding after node restart is now
-    substantially lower.
-  * Bug Fixes
-  - Quorum queues no longer leak memory and disk space when a
-    consumer is repeatedly added and cancelled on an empty
-    queue.
-  + Prometheus Plugin
-  * Enhancements
-  - More configurability for metrics exposed via the Prometheus
-    endpoint.
-  + Shovel Plugin
-  * Bug Fixes
-  - Shovel URIs could be logged with credentials in some
-    scenarios.
-  + Dependency Upgrades
-  * observer_cli has been upgraded from 1.6.2 to 1.7.1
-
-- Update to 3.9.6:
-  + Core Server
-  * Bug Fixes
-  - TLS information delivered in Proxy protocol header is now
-    attached to connection metrics as if it was provided by a
-    non-proxying client.
-  - max_message_size had a one-off error in the validator.
-  - mirroring_sync_batch_size was incorrectly validated as if
-    it represented batch size in bytes.
-  + Stream Plugin
-  * Bug Fixes
-  - Offset parameters were not stored correctly in some cases.
-  - Partitions list order is now stable.
-  - When stream clients close connections abruptly, publisher
-    and consumer metrics get cleaned up correctly.
-  + Management Plugin
-  * Enhancements
-  - Stream publishers are now listed on the individual stream
-    page.
-  - Counters have been added to the tiles of several sections
-    on detail pages.
-  + Dependency Upgrades
-  * Osiris was upgraded to 1.2.0
-  * Ranch was upgraded to 2.1.0
-- Removes socat dependency from specs.
-  (gh#rabbitmq/rabbitmq-packaging#8)
-- Fix rpmlint errors:
-  * E: script-without-shebang for autocomplete scripts
-  * E: dir-or-file-in-run /run/rabbitmq
-
-- Update to 3.9.5:
-  + Core Server
-  * Bug Fixes
-  - Virtual host metadata (description, tags) was not imported
-    from definitions.
-  - Reduced unnecessary debug logging from streams.
-  + AWS Peer Discovery Plugin
-  * Enhancements
-  - AWS API calls are now retried multiple times.
-  + Management Plugin
-  * Enhancements
-  - PUT /api/vhosts/{name} now can update metadata (tags and
-    descriptions) for existing virtual hosts.
-
-- Add install-bin and install-man to make target, and install into
-  /usr/lib instead of /usr/lib64 on 64-bit platforms (boo#1189784).
-- Add deps/rabbit/docs/set_rabbitmq_policy.sh.example to %doc.
-
-- Separate autocomplete files into individual packages.
-
-- Update to 3.9.4:
-  * Bug fixes, see https://www.rabbitmq.com/changelog.html
-- Major changes from 3.9.0:
-  * Streams: a new messaging abstraction complementary to queues
-  * Support for Erlang 24
-  * Kubernetes Cluster Operator and Messaging Topology Operator
-  * Minimum required Erlang version is now 23.2
-- Fix spec file to align with gh#rabbitmq/rabbitmq-packaging/RPMS/Fedora/rabbitmq-server.spec.
-- Update rabbitmq-server.service and rabbitmq-server.logrotate.
-- Remove unused sources:
-  + Already in source:
-  * advanced.config.example
-  * rabbitmq-script-wrapper
-  * rabbitmq.conf.example
-  * rabbitmq.config.example
-  + Deprecated:
-  * rabbitmq-server.init
-  * rabbitmq-server.sysconfig
-
-- Use /run instead of deprecated /var/run in tmpfiles.conf
-  (bsc#1185075)
-
-- Update to RabbitMQ 3.8.16
-  * This is the first release to drop support for Erlang 22.3 and
-  introduce support for the upcoming Erlang 24 release
-  * AWS Peer Discovery Plugin was unintentionally excluded from the
-  distribution in 3.8.15 and has now been added back.
-  * Management Plugin: Messaging polling HTTP API endpoint leaked
-  temporary connections it used in case of a polling timeout.
-
-- Update to RabbitMQ 3.8.15
-  * Fixed quorum queues did not take snapshots as frequently as they
-    are expected to with some configurations.
-  * Fixed quorum queue name was unintentionally limited: the length
-    of virtual host and actual queue name was limited to 254 characters
-  * Fixed deleting a quorum queue would leave some of its internal
-    metrics data around.
-  * Client destination address is now obtained w.r.t. the Proxy
-    protocol settings.
-  * Full changes:
-    https://github.com/rabbitmq/rabbitmq-server/releases/tag/v3.8.15
-- Update to RabbitMQ 3.8.14
-  * Fixed direct reply-to failed witn an exception on Erlang 22.3
-- Update to RabbitMQ 3.8.13
-  * Fixed nodes that had an unusually long name could overflow
-    message property lengths with the direct reply-to identifier
-    they generated.
-- Update to RabbitMQ 3.8.12
-  * Maintenance mode no longer transfers leaders of classic mirrored
-    queue.
-  * Exclusive queues that happen to be matched by classic queue
-    mirroring policies will no longer be considered for rebalancing
-    operations since they are not actually mirrored
-  * Default replica count for quorum queues was using an incorrect
-    configuration key name. The default value is now 3, so in a
-    cluster of five or seven nodes, only three will host replicas
-    for newly declared quorum queues.
-  * Default runtime busy waiting settings were changed to none by
-    default, which reduces CPU footprint on nodes that are mostly idle.
-  * Definition import now imports runtime parameters after exchanges,
-    queues, and bindings to reduce the likelihood of starting dynamic
-    Shovels from racing with topology imports.
-  * Fixed memory monitor could run into an exception if queried very
-    early on node boot before it was fully initialized.
-
rshim
+- Update to 2.0.29.1 (jsc#PED-6843 jsc#PED-6979)
+  * Output SECURE_NIC_MODE in /dev/rshim<N>/misc
+  * Allow remote installation via bfb-install
+  * Make DROP_MODE more robust
+  * Avoid race in bfb push when accessing from BMC and rshim tool in parallel
+  * Fix handshake between NIC F and rshim over PCIe
+
suseconnect-ng
-- Allow "--rollback" flag to run on readonly filesystem (bsc#1220679)
+- Update to version 1.9.0
+  * Fix certificate import for Yast when using a registration proxy with
+    self-signed SSL certificate (bsc#1223107)
+
+- Update to version 1.8.0
+  * Allow "--rollback" flag to run on readonly filesystem (bsc#1220679)
systemd
+- Restore the gpt-auto generator. The workaround is not needed anymore as commit
+  d317008225 (see below) should fix the issue reported in bsc#1218671.
+
+- Import commit e8d77af4240894da620de74fbc7823aaaa448fef
+  d317008225 gpt-auto-generator: be more defensive when checking the presence of ESP in fstab
+  fed117d448 journalctl: explicitly check < 0 for error
+  41d9e82099 journalctl: make --until work again with --after-cursor and --lines (bsc#1221906)
+
tpm2
+- Add 0001-tpm2_checkquote-Fix-check-of-magic-number.patch: tpm2_checkquote
+  did not check whether the magic number in the attest is equal to
+  TPM2_GENERATED_VALUE, which might allow a malicious actor to generate
+  arbitrary quote data, undetected by tpm2_checkquote (bsc#1223687, CVE-2024-29038).
+- Add 0001-tpm2_checkquote-Add-comparison-of-pcr-selection.patch:
+  tpm2_checkquote did not compare the --pcr parameter passed to the tool with
+  the attest. A malicious actor might thus be able to fake a valid
+  attestation (bsc#1223689, CVE-2024-29039).
+
tpm2-0-tss
+- add 0001-FAPI-Fix-check-of-magic-number-in-verify-quote.patch: fixes
+  CVE-2024-29040 (bsc#1223690): Missing verification of the magic number in
+  Fapi_VerifyQuote(), which might allow an attacker to generate arbitrary
+  quote data, which would not be detected by Fapi_VerifyQuote().
+
trousers
+- fix runtime requirements for stat and udevadm (bsc#1221770). On minimal
+  systems this can cause the %pretrans or %post scriptlets to fail because of
+  missing tools.
+
-- trousers-wrap_large_key_overflow.patch: Do not wrap keys larger than
-  2048 bit, as the space on the TPM is limited to that amount. (bnc#868933)
-
virt-manager
+- bsc#1222738 - virt-manager shows SLE Micro 6.0 in suggested OS
+  version should be SL Micro 6.0
+  virtinst-add-slm-detection-support.patch
+
+- Disable mdev tests with introduction of libvirt 10.1.0
+  virt-manager.spec
+
virt-v2v
+- bsc#1223444 - New virt-v2v dependency on btrfsprogs causes error
+  with zypper dup on systems without btrfs installed
+  Drop Requires on the following packages and move them into
+  libguestfs-appliance
+  btrfsprogs, curl, dhcp-client, e2fsprogs, gptfdisk
+  ntfsprogs, xfsprogs
+
wireplumber
+- Better fix for (bsc#1223916) that basically turns the main
+  profile into the (to be in 0.5.3) video-only profile unless
+  wireplumber-audio is installed which now turns the main profile
+  into exactly upstream's main profile.
+
+- Add patch from upstream to fix a json log issue:
+  * 0001-lua-json-fix-error-ouput.patch
+- Add patch from upstream to add a method to merge json containers:
+  * 0002-lua-json-add-method-to-merge-json-containers.patch
+- Add patch from upstream to fix merging a particular case
+  of configuration options:
+  * 0003-json-utils-fix-overriding-of-non-container-values-when.patch
+- Fix wireplumber not starting successfully when audio support is
+  not enabled since the main profile now requires it. The best
+  option would be to use a video-only profile but it's too late
+  to change the way wireplumber is started in SLE/Leap, so the
+  solution just makes audio/bluetooth optional for now
+  (bsc#1223916)
+  * split-config-file.py
+
+- Update to version 0.5.2:
+  * Highlights:
+  - Added support for loading configuration files other than the
+    default wireplumber.conf within Lua scripts (!629)
+  - Added support for loading single-section configuration files,
+    without fragments (!629)
+  - Updated the node.software-dsp script to be able to load
+    filter-chain graphs from external configuration files, which
+    is needed for Asahi Linux audio DSP configuration (!629)
+  * Fixes:
+  - Fixed destroying camera nodes when the camera device is
+    removed (#627, !631)
+  - Fixed an issue with Bluetooth BAP device set naming (!632)
+  - Fixed an issue caused by the pipewire event loop not being
+    "entered" as expected (!634, #638)
+  - A false positive warning about no modules being loaded is
+    now suppressed when using libpipewire >= 1.0.5 (#620)
+  - Default nodes can now be selected using priority.driver when
+    priority.session is not set (#642)
+  * Changes:
+  - The library version is now generated following pipewire's
+    versioning scheme: libwireplumber-0.5.so.0.5.2 becomes
+    libwireplumber-0.5.so.0.0502.0 (!633)
+- Remove patches from upstream that are already in 0.5.2:
+  * 0001-core-set-context.modules.allow-empty-to-silence-warning-in.patch
+  * 0002-monitor-utils-clear-cam-data-after-creating-nodes.patch
+  * 0003-monitors_bluez-fix-BAP-device-set-node-naming.patch
+
+- Add patch from upstream to silence a warning on pipewire
+  (since 1.0.5):
+  * 0001-core-set-context.modules.allow-empty-to-silence-warning-in.patch
+- Add patch from upstream to fix a dangling reference to a device:
+  * 0002-monitor-utils-clear-cam-data-after-creating-nodes.patch
+- Add patch from upstream to fix BAP node naming:
+  * 0003-monitors_bluez-fix-BAP-device-set-node-naming.patch
+
yast2
+- Properly close nested progress callbacks (bsc#1223281)
+- 4.6.8
+
yast2-trans
+- Update to version 84.87.20240428.f3ddce30c5:
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Hungarian)
+  * Translated using Weblate (Hungarian)
+  * Translated using Weblate (Japanese)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+
+- Update to version 84.87.20240421.63804708b7:
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Slovak)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Dutch)
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Japanese)
+  * New POT for text domain 'storage'.
+  * New POT for text domain 'docker'.
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+
+- Update to version 84.87.20240414.d73f60d6af:
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+
+- Update to version 84.87.20240407.b46e9ca4fd:
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Slovak)
+  * Translated using Weblate (Dutch)
+  * Translated using Weblate (Japanese)
+  * Translated using Weblate (Catalan)
+  * New POT for text domain 'bootloader'.
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+
+- Update to version 84.87.20240331.90b1d91d29:
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Japanese)
+  * New POT for text domain 'rmt'.
+  * New POT for text domain 'control'.
+
+- Update to version 84.87.20240324.ae2a0736e6:
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * New POT for text domain 'gtk'.
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (German)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (German)
+
+- Update to version 84.87.20240317.9b1b5b2b95:
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Slovak)
+  * Translated using Weblate (Dutch)
+  * Translated using Weblate (Indonesian)
+  * Translated using Weblate (Japanese)
+  * New POT for text domain 'bootloader'.
+  * New POT for text domain 'registration'.
+  * New POT for text domain 'packager'.
+  * Translated using Weblate (French)
+  * Added translation using Weblate (French)
+  * Translated using Weblate (Catalan)
+
+- Update to version 84.87.20240309.6826dab25a:
+  * Translated using Weblate (Lithuanian)
+  * Translated using Weblate (Lithuanian)
+  * Translated using Weblate (Lithuanian)
+  * Translated using Weblate (Lithuanian)
+  * New POT for text domain 'storage'.
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Japanese)
+  * New POT for text domain 'xpram'.
+  * New POT for text domain 's390'.
+  * New POT for text domain 'sap-installation-wizard'.
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (French)
+  * Translated using Weblate (French)
+  * Translated using Weblate (French)
+  * Translated using Weblate (French)
+  * Translated using Weblate (French)
+  * Translated using Weblate (French)
+  * Translated using Weblate (French)
+  * Translated using Weblate (French)
+  * Translated using Weblate (French)
+  * Translated using Weblate (French)
+  * Translated using Weblate (French)
+  * Translated using Weblate (French)
+  * Translated using Weblate (French)
+  * Translated using Weblate (Chinese (Taiwan) (zh_TW))
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Chinese (Taiwan) (zh_TW))
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Chinese (Taiwan) (zh_TW))
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Chinese (Taiwan) (zh_TW))
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Chinese (Taiwan) (zh_TW))
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Chinese (Taiwan) (zh_TW))
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Chinese (Taiwan) (zh_TW))
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Chinese (Taiwan) (zh_TW))
+  * Translated using Weblate (Chinese (Taiwan) (zh_TW))
+  * Translated using Weblate (Chinese (Taiwan) (zh_TW))
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Chinese (Taiwan) (zh_TW))
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Chinese (Taiwan) (zh_TW))
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Chinese (Taiwan) (zh_TW))
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (German)
+
+- Update to version 84.87.20240304.419739cb87:
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Chinese (Taiwan) (zh_TW))
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Slovak)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Japanese)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Dutch)
+  * Translated using Weblate (German)
+  * New POT for text domain 'bootloader'.
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+
+- Update to version 84.87.20240224.f7ab2886c1:
+  * Translated using Weblate (Ukrainian)
+  * Translated using Weblate (Ukrainian)
+  * Translated using Weblate (Ukrainian)
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Finnish)
+  * Translated using Weblate (Finnish)
+  * Translated using Weblate (Finnish)
+  * Translated using Weblate (Finnish)
+  * Translated using Weblate (Finnish)
+  * Translated using Weblate (Finnish)
+  * Translated using Weblate (Spanish)
+
+- Update to version 84.87.20240219.f6e4117fe0:
+  * Translated using Weblate (Japanese)
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Czech)
+  * New POT for text domain 'packager'.
+  * New POT for text domain 'installation'.
+  * New POT for text domain 'hana-ha'.
+  * New POT for text domain 'control'.
+
+- Update to version 84.87.20240210.1383f689ba:
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Czech)
+  * New POT for text domain 'control'.
+  * Translated using Weblate (Slovak)
+  * Translated using Weblate (Indonesian)
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Dutch)
+  * Translated using Weblate (Japanese)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Catalan)
+
+- Update to version 84.87.20240205.897f2593b3:
+  * New POT for text domain 'control'.
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * New POT for text domain 'installation'.
+
+- Update to version 84.87.20240126.9c7185e3f6:
+  * New POT for text domain 'installation'.
+  * New POT for text domain 'base'.
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * New POT for text domain 'sap-installation-wizard'.
+
+- Update to version 84.87.20240120.54f4b9f06a:
+  * New POT for text domain 'sap-installation-wizard'.
+  * Translated using Weblate (Indonesian)
+  * Translated using Weblate (Indonesian)
+  * Translated using Weblate (Indonesian)
+
+- Update to version 84.87.20240112.f631673f01:
+  * Translated using Weblate (Russian)
+  * New POT for text domain 'packager'.
+  * New POT for text domain 'users'.
+  * New POT for text domain 'proxy'.
+  * New POT for text domain 'nis'.
+  * New POT for text domain 'network'.
+  * New POT for text domain 'installation'.
+  * New POT for text domain 'firewall'.
+
+- Update to version 84.87.20240105.ae431f155e:
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (Romanian)
+
+- Update to version 84.87.20231230.7bdda36766:
+  * New POT for text domain 'security'.
+  * New POT for text domain 'pam'.
+  * New POT for text domain 'ntp-client'.
+  * New POT for text domain 'add-on'.
+  * Translated using Weblate (Georgian)
+  * New POT for text domain 'installation'.
+  * New POT for text domain 'autoinst'.
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+
+- Update to version 84.87.20231224.d98b72cc24:
+  * Translated using Weblate (Japanese)
+  * Translated using Weblate (Slovak)
+  * Translated using Weblate (Dutch)
+  * Translated using Weblate (Catalan)
+  * New POT for text domain 'update'.
+  * New POT for text domain 'firstboot'.
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Portuguese (Brazil))
+  * New POT for text domain 'installation'.
+  * Translated using Weblate (Slovak)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+
+- Update to version 84.87.20231216.c47de7a4bf:
+  * Translated using Weblate (Slovak)
+  * Translated using Weblate (Dutch)
+  * Translated using Weblate (Japanese)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Catalan)
+  * New POT for text domain 'pam'.
+  * New POT for text domain 'control'.
+  * Translated using Weblate (Indonesian)
+  * Translated using Weblate (Indonesian)
+  * Translated using Weblate (Indonesian)
+  * Translated using Weblate (Indonesian)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Japanese)
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Japanese)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+