Packages changed:
  MozillaFirefox (120.0.1 -> 121.0)
  cronie
  libzypp (17.31.25 -> 17.31.27)
  lsof (4.99.0 -> 4.99.3)
  protobuf
  rubygem-agama (6 -> 7)
  traceroute (2.1.3 -> 2.1.5)
  xmlsec1 (1.2.37 -> 1.2.38)
  yast2-firstboot (5.0.0 -> 5.0.1)
  yast2-installation (5.0.2 -> 5.0.3)

=== Details ===

==== MozillaFirefox ====
Version update (120.0.1 -> 121.0)
Subpackages: MozillaFirefox-translations-common

- Mozilla Firefox 121.0
  https://www.mozilla.org/en-US/firefox/121.0/releasenotes
  MFSA 2023-56 (bsc#1217974)
  * CVE-2023-6856 (bmo#1843782)
    Heap-buffer-overflow affecting WebGL DrawElementsInstanced
    method with Mesa VM driver
  * CVE-2023-6135 (bmo#1853908)
    NSS susceptible to "Minerva" attack
  * CVE-2023-6865 (bmo#1864123)
    Potential exposure of uninitialized data in EncryptingOutputStream
  * CVE-2023-6857 (bmo#1796023)
    Symlinks may resolve to smaller than expected buffers
  * CVE-2023-6858 (bmo#1826791)
    Heap buffer overflow in nsTextFragment
  * CVE-2023-6859 (bmo#1840144)
    Use-after-free in PR_GetIdentitiesLayer
  * CVE-2023-6866 (bmo#1849037)
    TypedArrays lack sufficient exception handling
  * CVE-2023-6860 (bmo#1854669)
    Potential sandbox escape due to VideoBridge lack of texture
    validation
  * CVE-2023-6867 (bmo#1863863)
    Clickjacking permission prompts using the popup transition
  * CVE-2023-6861 (bmo#1864118)
    Heap buffer overflow affected nsWindow::PickerOpen(void) in
    headless mode
  * CVE-2023-6868 (bmo#1865488)
    WebPush requests on Firefox for Android did not require VAPID key
  * CVE-2023-6869 (bmo#1799036)
    Content can paint outside of sandboxed iframe
  * CVE-2023-6870 (bmo#1823316)
    Android Toast notifications may obscure fullscreen event
    notifications
  * CVE-2023-6871 (bmo#1828334)
    Lack of protocol handler warning in some instances
  * CVE-2023-6872 (bmo#1849186)
    Browsing history leaked to syslogs via GNOME
  * CVE-2023-6863 (bmo#1868901)
    Undefined behavior in ShutdownObserver()
  * CVE-2023-6864 (bmo#1736385, bmo#1810805, bmo#1846328, bmo#1856090,
    bmo#1858033, bmo#1858509, bmo#1862777, bmo#1864015)
    Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6,
    and Thunderbird 115.6
  * CVE-2023-6873 (bmo#1855327, bmo#1862089, bmo#1862723)
    Memory safety bugs fixed in Firefox 121
- requires NSS 3.95

==== cronie ====
Subpackages: cron

- Update to 1.7.0:
  * anacron: Add support for NO_MAIL_OUTPUT environment variable
  * anacron: Support enabling anacron jobs on battery power
  * crond: Support -n crontab entry option to disable mailing the output
  * crontab: Make a backup of the crontab file on edition and deletion
- Add patch cronie-pam_config-nonlogin.diff
- Refreshed patches:
  * cronie-crond_pid.diff
  * cronie-pam_config.diff
  * cronie-nheader_lines.diff
  * fix-manpage-replace-anacrontab-with-crontab.patch
- PAM: Use common-session-nonlogin for >15 codestreams
  More info in https://github.com/SUSE/pam-config/pull/16

==== libzypp ====
Version update (17.31.25 -> 17.31.27)

- CheckAccessDeleted: fix 'running in container' filter
  (bsc#1218291)
- version 17.31.27 (22)
- Call zypp commit plugins during transactional update (fixes #506)
- Add support for loongarch64 (fixes #504)
- Teach MediaMultiCurl to download HTTP Multibyte ranges.
- Teach zsync downloads to MultiCurl.
- Expand RepoVars in URLs downloading a .repo file (bsc#1212160)
  Convenient and helps documentation as it may refer to a single
  command for a bunch of distributions. Like e.g. "zypper ar
  'https://server.my/$releasever/my.repo'".
- version 17.31.26 (22)

==== lsof ====
Version update (4.99.0 -> 4.99.3)

- lsof 4.99.3:
  * Fix compilation error when HASIPv6 is not defined
  * Add configure option --disable-liblsof to disable installation
    of liblsof
- add lsof-4.99.3-fix-version-in-configure-ac.patch

==== protobuf ====
Subpackages: libprotobuf-lite23_4_0 libprotobuf23_4_0

- build against modern python on sle15

==== rubygem-agama ====
Version update (6 -> 7)

- Version 7
- Update software issues after calling to solver
  (gh#openSUSE/agama#945).
- Set snapshots as not configurable by default
  (gh#openSUSE/agama#926).
- Explicitly add dependencies instead of relying on the live ISO
  to provide the required packages (gh#openSUSE/agama/911).
- Redefine the InstFunctions module to avoid calling code that
  causes unwanted side effects, like resetting the timezone
  (gh#openSUSE/agama#903).
- Version 6

==== traceroute ====
Version update (2.1.3 -> 2.1.5)

- update to 2.1.5:
  * Parse interface information (rfc5837) for ICMP extensions
  * Add `fastopen' tcp module option (cookie negotiation only)
  * Complete tcp module option `mss' to discover possible mss
    clamping along the path being traced.
  * Complete tcp module option `info' to print returned tcp header
    options too (all those that can be set or altered by `-O' for
    tcp module).

==== xmlsec1 ====
Version update (1.2.37 -> 1.2.38)
Subpackages: libxmlsec1-1 libxmlsec1-nss1 libxmlsec1-openssl1

- Update to 1.2.38
  * Have a look at the changelog for the list of changes

==== yast2-firstboot ====
Version update (5.0.0 -> 5.0.1)

- Allow selecting WSL systemd pattern (jsc#PED-5644, jsc#PED-5099)
- 5.0.1

==== yast2-installation ====
Version update (5.0.2 -> 5.0.3)

- Enclose IPv6 addresses within square brackets when calling
  the mount command (bsc#1217637).
- 5.0.3