Packages changed:
  checkpolicy (3.5 -> 3.6)
  glibc
  libselinux (3.5 -> 3.6)
  libselinux-bindings (3.5 -> 3.6)
  libsemanage (3.5 -> 3.6)
  libsepol (3.5 -> 3.6)
  netcfg
  policycoreutils (3.5 -> 3.6)
  python-referencing (0.32.0 -> 0.32.1)
  python-semanage (3.5 -> 3.6)
  python311 (3.11.6 -> 3.11.7)
  python311-core (3.11.6 -> 3.11.7)
  update-alternatives (1.22.1 -> 1.22.2)

=== Details ===

==== checkpolicy ====
Version update (3.5 -> 3.6)

- Update to version 3.6
  https://github.com/SELinuxProject/selinux/releases/tag/3.6
  * checkpolicy: Add the command line argument -N, --disable-neverallow
  * dispol: add option to display users, drop duplicate option to display booleans,
  show number of entries before listing them
  * dispol: Add the ability to show booleans, classes, roles, types and type attributes of policies
  * dispol: add options: --actions ACTIONS, --help
  * dismod: add options: --actions ACTIONS, --help
  * Add notself support for neverallow rules
  * Improve man pages
  * man pages: Remove the Russian translations
  * Add notself and other support to CIL
  * Add support for deny rules
  * Translations updated from
    https://translate.fedoraproject.org/projects/selinux/
  * Bug fixes
- Remove keys from keyring since they expired:
  - E853C1848B0185CF42864DF363A8AD4B982C4373
    Petr Lautrbach <plautrba@redhat.com>
  - 63191CE94183098689CAB8DB7EF137EC935B0EAF
    Jason Zaman <jasonzaman@gmail.com>
- Add key to keyring:
  - B8682847764DF60DF52D992CBC3905F235179CF1
    Petr Lautrbach <lautrbach@redhat.com>

==== glibc ====
Subpackages: glibc-extra glibc-lang glibc-locale glibc-locale-base

- sem-open-o-creat.patch: sem_open: Clear O_CREAT when semaphore file is
  expected to exist (BZ #30789)
- ldconfig-process-elf-file.patch: elf: Fix wrong break removal from
  8ee878592c
- tls-modid-reuse.patch: elf: Fix TLS modid reuse generation assignment
  (BZ #29039)
- getaddrinfo-eai-memory.patch: getaddrinfo: translate ENOMEM to
  EAI_MEMORY (bsc#1217589, BZ #31163)
- libio-wdo-write.patch: libio: Check remaining buffer size in
  _IO_wdo_write (BZ #31183)

==== libselinux ====
Version update (3.5 -> 3.6)
Subpackages: libselinux1 selinux-tools

- Update to version 3.6
  https://github.com/SELinuxProject/selinux/releases/tag/3.6
  * libselinux: performance optimization for duplicate detection
  * Introduce getpolicyload - a helper binary to print the number of policy reloads on the running system
  * Add notself support for neverallow rules
  * Improve man pages
  * man pages: Remove the Russian translations
  * Add notself and other support to CIL
  * Add support for deny rules
  * Translations updated from
    https://translate.fedoraproject.org/projects/selinux/
  * Bug fixes
- Remove keys from keyring since they expired:
  - E853C1848B0185CF42864DF363A8AD4B982C4373
    Petr Lautrbach <plautrba@redhat.com>
  - 63191CE94183098689CAB8DB7EF137EC935B0EAF
    Jason Zaman <jasonzaman@gmail.com>
- Add key to keyring:
  - B8682847764DF60DF52D992CBC3905F235179CF1
    Petr Lautrbach <lautrbach@redhat.com>

==== libselinux-bindings ====
Version update (3.5 -> 3.6)

- The PEP517 python build requires setuptools
- Update to version 3.6
  https://github.com/SELinuxProject/selinux/releases/tag/3.6
  * libselinux: performance optimization for duplicate detection
  * Introduce getpolicyload - a helper binary to print the number of policy reloads on the running system
  * Add notself support for neverallow rules
  * Improve man pages
  * man pages: Remove the Russian translations
  * Add notself and other support to CIL
  * Add support for deny rules
  * Translations updated from
    https://translate.fedoraproject.org/projects/selinux/
  * Bug fixes
- Remove keys from keyring since they expired:
  - E853C1848B0185CF42864DF363A8AD4B982C4373
    Petr Lautrbach <plautrba@redhat.com>
  - 63191CE94183098689CAB8DB7EF137EC935B0EAF
    Jason Zaman <jasonzaman@gmail.com>
- Add key to keyring:
  - B8682847764DF60DF52D992CBC3905F235179CF1
    Petr Lautrbach <lautrbach@redhat.com>

==== libsemanage ====
Version update (3.5 -> 3.6)
Subpackages: libsemanage-conf libsemanage2

- Update to version 3.6
  https://github.com/SELinuxProject/selinux/releases/tag/3.6
  * Add notself support for neverallow rules
  * Improve man pages
  * man pages: Remove the Russian translations
  * Add notself and other support to CIL
  * Add support for deny rules
  * Translations updated from
    https://translate.fedoraproject.org/projects/selinux/
  * Bug fixes
- Remove keys from keyring since they expired:
  - E853C1848B0185CF42864DF363A8AD4B982C4373
    Petr Lautrbach <plautrba@redhat.com>
  - 63191CE94183098689CAB8DB7EF137EC935B0EAF
    Jason Zaman <jasonzaman@gmail.com>
- Add key to keyring:
  - B8682847764DF60DF52D992CBC3905F235179CF1
    Petr Lautrbach <lautrbach@redhat.com>

==== libsepol ====
Version update (3.5 -> 3.6)

- Update to version 3.6
  https://github.com/SELinuxProject/selinux/releases/tag/3.6
  * struct cond_expr_t bool renamed to boolean
    The change is indicated by COND_EXPR_T_RENAME_BOOL_BOOLEAN macro
  * Add notself support for neverallow rules
  * Improve man pages
  * man pages: Remove the Russian translations
  * Add notself and other support to CIL
  * Add support for deny rules
  * Translations updated from
    https://translate.fedoraproject.org/projects/selinux/
  * Bug fixes
- Remove keys from keyring since they expired:
  - E853C1848B0185CF42864DF363A8AD4B982C4373
    Petr Lautrbach <plautrba@redhat.com>
  - 63191CE94183098689CAB8DB7EF137EC935B0EAF
    Jason Zaman <jasonzaman@gmail.com>
- Add key to keyring:
  - B8682847764DF60DF52D992CBC3905F235179CF1
    Petr Lautrbach <lautrbach@redhat.com>

==== netcfg ====

- Add krb-prop entry, fix for bsc#1211886.

==== policycoreutils ====
Version update (3.5 -> 3.6)
Subpackages: policycoreutils-lang policycoreutils-python-utils python3-policycoreutils

- Update to version 3.6
  https://github.com/SELinuxProject/selinux/releases/tag/3.6
  * Add notself support for neverallow rules
  * Improve man pages
  * man pages: Remove the Russian translations
  * Add notself and other support to CIL
  * Add support for deny rules
  * Translations updated from
    https://translate.fedoraproject.org/projects/selinux/
  * Bug fixes
- Remove keys from keyring since they expired:
  - E853C1848B0185CF42864DF363A8AD4B982C4373
    Petr Lautrbach <plautrba@redhat.com>
  - 63191CE94183098689CAB8DB7EF137EC935B0EAF
    Jason Zaman <jasonzaman@gmail.com>
- Add key to keyring:
  - B8682847764DF60DF52D992CBC3905F235179CF1
    Petr Lautrbach <lautrbach@redhat.com>
- Remove reproducible-build.patch since it is upstream now
- Fix issues in get_os_version.patch

==== python-referencing ====
Version update (0.32.0 -> 0.32.1)

- Update to version 0.32.1:
  * We CannotDetermineSpecification for $schema kyes that aren't
    strs
  * [pre-commit.ci] pre-commit autoupdate
  * Update requirements.
  * Enable more ruff rulesets.
  * Remove an unneeded doc ext, we have no CLI.
  * [pre-commit.ci] pre-commit autoupdate
  * Bump actions/setup-python from 4 to 5
  * Update pre-commit hooks.

==== python-semanage ====
Version update (3.5 -> 3.6)

- Update to version 3.6
  https://github.com/SELinuxProject/selinux/releases/tag/3.6
  * Add notself support for neverallow rules
  * Improve man pages
  * man pages: Remove the Russian translations
  * Add notself and other support to CIL
  * Add support for deny rules
  * Translations updated from
    https://translate.fedoraproject.org/projects/selinux/
  * Bug fixes
- Remove keys from keyring since they expired:
  - E853C1848B0185CF42864DF363A8AD4B982C4373
    Petr Lautrbach <plautrba@redhat.com>
  - 63191CE94183098689CAB8DB7EF137EC935B0EAF
    Jason Zaman <jasonzaman@gmail.com>
- Add key to keyring:
  - B8682847764DF60DF52D992CBC3905F235179CF1
    Petr Lautrbach <lautrbach@redhat.com>

==== python311 ====
Version update (3.11.6 -> 3.11.7)
Subpackages: python311-curses python311-dbm

- Update patch fix_configure_rst.patch
- Update to 3.11.7:
  - Core and Builtins
  - gh-112625: Fixes a bug where a bytearray object could be cleared
    while iterating over an argument in the bytearray.join() method
    that could result in reading memory after it was freed.
  - gh-112388: Fix an error that was causing the parser to try to
    overwrite tokenizer errors. Patch by pablo Galindo
  - gh-112387: Fix error positions for decoded strings with
    backwards tokenize errors. Patch by Pablo Galindo
  - gh-112266: Change docstrings of __dict__ and __weakref__.
  - gh-109181: Speed up Traceback object creation by lazily compute
    the line number. Patch by Pablo Galindo
  - gh-102388: Fix a bug where iso2022_jp_3 and iso2022_jp_2004
    codecs read out of bounds
  - gh-111366: Fix an issue in the codeop that was causing
    SyntaxError exceptions raised in the presence of invalid syntax
    to not contain precise error messages. Patch by Pablo Galindo
  - gh-111380: Fix a bug that was causing SyntaxWarning to appear
    twice when parsing if invalid syntax is encountered later. Patch
    by Pablo galindo
  - gh-88116: Traceback location ranges involving wide unicode
    characters (like emoji and asian characters) now are properly
    highlighted. Patch by Batuhan Taskaya and Pablo Galindo.
  - gh-94438: Fix a regression that prevented jumping across is None
    and is not None when debugging. Patch by Savannah Ostrowski.
  - gh-110696: Fix incorrect error message for invalid argument
    unpacking. Patch by Pablo Galindo
  - gh-110237: Fix missing error checks for calls to PyList_Append
    in _PyEval_MatchClass.
  - gh-109216: Fix possible memory leak in BUILD_MAP.
  - Library
  - gh-112618: Fix a caching bug relating to typing.Annotated.
    Annotated[str, True] is no longer identical to Annotated[str,
    1].
  - gh-112509: Fix edge cases that could cause a key to be present
    in both the __required_keys__ and __optional_keys__ attributes
    of a typing.TypedDict. Patch by Jelle Zijlstra.
  - gh-94722: Fix bug where comparison between instances of DocTest
    fails if one of them has None as its lineno.
  - gh-112105: Make readline.set_completer_delims() work with
    libedit
  - gh-111942: Fix SystemError in the TextIOWrapper constructor with
    non-encodable “errors” argument in non-debug mode.
  - gh-109538: Issue warning message instead of having RuntimeError
    be displayed when event loop has already been closed at
    StreamWriter.__del__().
  - gh-111942: Fix crashes in io.TextIOWrapper.reconfigure() when
    pass invalid arguments, e.g. non-string encoding.
  - gh-111804: Remove posix.fallocate() under WASI as the underlying
    posix_fallocate() is not available in WASI preview2.
  - gh-111841: Fix truncating arguments on an embedded null
    character in os.putenv() and os.unsetenv() on Windows.
  - gh-111541: Fix doctest for SyntaxError not-builtin subclasses.
  - gh-110894: Call loop exception handler for exceptions in
    client_connected_cb of asyncio.start_server() so that
    applications can handle it. Patch by Kumar Aditya.
  - gh-111531: Fix reference leaks in bind_class() and bind_all()
    methods of tkinter widgets.
  - gh-111356: Added io.text_encoding(), io.DEFAULT_BUFFER_SIZE, and
    io.IncrementalNewlineDecoder to io.__all__.
  - gh-68166: Remove mention of not supported “vsapi” element type
    in tkinter.ttk.Style.element_create(). Add tests for
    element_create() and other ttk.Style methods. Add examples for
    element_create() in the documentation.
  - gh-111251: Fix _blake2 not checking for errors when
    initializing.
  - gh-111174: Fix crash in io.BytesIO.getbuffer() called repeatedly
    for empty BytesIO.
  - gh-111187: Postpone removal version for
    locale.getdefaultlocale() to Python 3.15.
  - gh-111159: Fix doctest output comparison for exceptions with
    notes.
  - gh-110910: Fix invalid state handling in asyncio.TaskGroup and
    asyncio.Timeout. They now raise proper RuntimeError if they are
    improperly used and are left in consistent state after this.
  - gh-111092: Make turtledemo run without default root enabled.
  - gh-110590: Fix a bug in _sre.compile() where TypeError would be
    overwritten by OverflowError when the code argument was a list
    of non-ints.
  - gh-65052: Prevent pdb from crashing when trying to display
    undisplayable objects
  - gh-110519: Deprecation warning about non-integer number in
    gettext now alwais refers to the line in the user code where
    gettext function or method is used. Previously it could refer to
    a line in gettext code.
  - gh-110378: contextmanager() and asynccontextmanager() context
    managers now close an invalid underlying generator object that
    yields more then one value.
  - gh-110365: Fix termios.tcsetattr() bug that was overwritting
    existing errors during parsing integers from term list.
  - gh-110196: Add __reduce__ method to IPv6Address in order to keep
    scope_id
  - gh-109747: Improve errors for unsupported look-behind patterns.
    Now re.error is raised instead of OverflowError or RuntimeError
    for too large width of look-behind pattern.
  - gh-109786: Fix possible reference leaks and crash when re-enter
    the __next__() method of itertools.pairwise.
  - gh-108791: Improved error handling in pdb command line
    ... changelog too long, skipping 87 lines ...
    raise SystemError if these attributes have wrong type.

==== python311-core ====
Version update (3.11.6 -> 3.11.7)
Subpackages: libpython3_11-1_0 python311-base

- Update patch fix_configure_rst.patch
- Update to 3.11.7:
  - Core and Builtins
  - gh-112625: Fixes a bug where a bytearray object could be cleared
    while iterating over an argument in the bytearray.join() method
    that could result in reading memory after it was freed.
  - gh-112388: Fix an error that was causing the parser to try to
    overwrite tokenizer errors. Patch by pablo Galindo
  - gh-112387: Fix error positions for decoded strings with
    backwards tokenize errors. Patch by Pablo Galindo
  - gh-112266: Change docstrings of __dict__ and __weakref__.
  - gh-109181: Speed up Traceback object creation by lazily compute
    the line number. Patch by Pablo Galindo
  - gh-102388: Fix a bug where iso2022_jp_3 and iso2022_jp_2004
    codecs read out of bounds
  - gh-111366: Fix an issue in the codeop that was causing
    SyntaxError exceptions raised in the presence of invalid syntax
    to not contain precise error messages. Patch by Pablo Galindo
  - gh-111380: Fix a bug that was causing SyntaxWarning to appear
    twice when parsing if invalid syntax is encountered later. Patch
    by Pablo galindo
  - gh-88116: Traceback location ranges involving wide unicode
    characters (like emoji and asian characters) now are properly
    highlighted. Patch by Batuhan Taskaya and Pablo Galindo.
  - gh-94438: Fix a regression that prevented jumping across is None
    and is not None when debugging. Patch by Savannah Ostrowski.
  - gh-110696: Fix incorrect error message for invalid argument
    unpacking. Patch by Pablo Galindo
  - gh-110237: Fix missing error checks for calls to PyList_Append
    in _PyEval_MatchClass.
  - gh-109216: Fix possible memory leak in BUILD_MAP.
  - Library
  - gh-112618: Fix a caching bug relating to typing.Annotated.
    Annotated[str, True] is no longer identical to Annotated[str,
    1].
  - gh-112509: Fix edge cases that could cause a key to be present
    in both the __required_keys__ and __optional_keys__ attributes
    of a typing.TypedDict. Patch by Jelle Zijlstra.
  - gh-94722: Fix bug where comparison between instances of DocTest
    fails if one of them has None as its lineno.
  - gh-112105: Make readline.set_completer_delims() work with
    libedit
  - gh-111942: Fix SystemError in the TextIOWrapper constructor with
    non-encodable “errors” argument in non-debug mode.
  - gh-109538: Issue warning message instead of having RuntimeError
    be displayed when event loop has already been closed at
    StreamWriter.__del__().
  - gh-111942: Fix crashes in io.TextIOWrapper.reconfigure() when
    pass invalid arguments, e.g. non-string encoding.
  - gh-111804: Remove posix.fallocate() under WASI as the underlying
    posix_fallocate() is not available in WASI preview2.
  - gh-111841: Fix truncating arguments on an embedded null
    character in os.putenv() and os.unsetenv() on Windows.
  - gh-111541: Fix doctest for SyntaxError not-builtin subclasses.
  - gh-110894: Call loop exception handler for exceptions in
    client_connected_cb of asyncio.start_server() so that
    applications can handle it. Patch by Kumar Aditya.
  - gh-111531: Fix reference leaks in bind_class() and bind_all()
    methods of tkinter widgets.
  - gh-111356: Added io.text_encoding(), io.DEFAULT_BUFFER_SIZE, and
    io.IncrementalNewlineDecoder to io.__all__.
  - gh-68166: Remove mention of not supported “vsapi” element type
    in tkinter.ttk.Style.element_create(). Add tests for
    element_create() and other ttk.Style methods. Add examples for
    element_create() in the documentation.
  - gh-111251: Fix _blake2 not checking for errors when
    initializing.
  - gh-111174: Fix crash in io.BytesIO.getbuffer() called repeatedly
    for empty BytesIO.
  - gh-111187: Postpone removal version for
    locale.getdefaultlocale() to Python 3.15.
  - gh-111159: Fix doctest output comparison for exceptions with
    notes.
  - gh-110910: Fix invalid state handling in asyncio.TaskGroup and
    asyncio.Timeout. They now raise proper RuntimeError if they are
    improperly used and are left in consistent state after this.
  - gh-111092: Make turtledemo run without default root enabled.
  - gh-110590: Fix a bug in _sre.compile() where TypeError would be
    overwritten by OverflowError when the code argument was a list
    of non-ints.
  - gh-65052: Prevent pdb from crashing when trying to display
    undisplayable objects
  - gh-110519: Deprecation warning about non-integer number in
    gettext now alwais refers to the line in the user code where
    gettext function or method is used. Previously it could refer to
    a line in gettext code.
  - gh-110378: contextmanager() and asynccontextmanager() context
    managers now close an invalid underlying generator object that
    yields more then one value.
  - gh-110365: Fix termios.tcsetattr() bug that was overwritting
    existing errors during parsing integers from term list.
  - gh-110196: Add __reduce__ method to IPv6Address in order to keep
    scope_id
  - gh-109747: Improve errors for unsupported look-behind patterns.
    Now re.error is raised instead of OverflowError or RuntimeError
    for too large width of look-behind pattern.
  - gh-109786: Fix possible reference leaks and crash when re-enter
    the __next__() method of itertools.pairwise.
  - gh-108791: Improved error handling in pdb command line
    ... changelog too long, skipping 87 lines ...
    raise SystemError if these attributes have wrong type.

==== update-alternatives ====
Version update (1.22.1 -> 1.22.2)

- Update to version 1.22.2.
  The full changelog is very large. Please check it here:
  https://git.dpkg.org/cgit/dpkg/dpkg.git/tree/debian/changelog?h=1.22.2