Packages changed:
  MicroOS-release (20250205 -> 20250206)
  apparmor
  distribution-logos-openSUSE (20241022 -> 20250203)
  krb5
  libapparmor
  python-cryptography (43.0.3 -> 44.0.0)
  sssd (2.10.1 -> 2.10.2)
  tiff

=== Details ===

==== MicroOS-release ====
Version update (20250205 -> 20250206)
Subpackages: MicroOS-release-appliance MicroOS-release-dvd

- automatically generated by openSUSE-release-tools/pkglistgen

==== apparmor ====
Subpackages: apparmor-abstractions apparmor-parser apparmor-profiles apparmor-utils python3-apparmor

- add python313.patch to fix build with python 3.13

==== distribution-logos-openSUSE ====
Version update (20241022 -> 20250203)
Subpackages: distribution-logos-openSUSE-MicroOS distribution-logos-openSUSE-icons

- Update to version 20250203:
  * Kalpa: Add Distribution Logos

==== krb5 ====

- Prevent overflow when calculating ulog block size. An authenticated
  attacker can cause kadmind to write beyond the end of the mapped
  region for the iprop log file, likely causing a process crash;
  (CVE-2025-24528); (bsc#1236619).
- Add patch 0010-CVE-2025-24528.patch

==== libapparmor ====

- add python313.patch to fix build with python 3.13

==== python-cryptography ====
Version update (43.0.3 -> 44.0.0)

- Update to version 44.0.0:
  * BACKWARDS INCOMPATIBLE: Dropped support for LibreSSL < 3.9.
  * Deprecated Python 3.7 support. Python 3.7 is no longer supported by
    the Python core team. Support for Python 3.7 will be removed in a future
    cryptography release.
  * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.0.
  * macOS wheels are now built against the macOS 10.13 SDK. Users on older
    versions of macOS should upgrade, or they will need to build cryptography
    themselves.
  * Enforce the RFC 5280 requirement that extended key usage extensions must not be empty.
  * Added support for timestamp extraction to the :class:`~cryptography.fernet.MultiFernet` class.
  * Relax the Authority Key Identifier requirements on root CA certificates
    during X.509 verification to allow fields permitted by RFC 5280 but
    forbidden by the CA/Browser BRs.
  * Added support for
    :class:`~cryptography.hazmat.primitives.kdf.argon2.Argon2id` when using
    OpenSSL 3.2.0+.
  * Added support for the :class:`~cryptography.x509.Admissions` certificate extension.
  * Added basic support for PKCS7 decryption (including S/MIME 3.2) via
    :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_der`,
    :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_pem`,
    and :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_smime`.
- Update specfile to accommodate new project structure at version 44.0.0
- Update no-pytest_benchmark.patch

==== sssd ====
Version update (2.10.1 -> 2.10.2)
Subpackages: libsss_certmap0 libsss_idmap0 sssd-krb5-common sssd-ldap

- Update to release 2.10.2
  * If the ssh responder is not running, sss_ssh_knownhosts will
    not fail (but it will not return the keys).
  * SSSD is now capable of handling multiple services associated
    with the same port.
  * sssd_pam, being a privileged binary, now clears the
    environment and does not allow configuration of the
    PR_SET_DUMPABLE flag as a precaution.

==== tiff ====

- Update test/test_directory.c not to fail on big-endian machines.
  * Add tiff-4.7.0-test_directory.patch
    Fix memory leaks (fixes issue #652)
  * Resolves bsc#1236834
    fix build fail on s390x