Update patchinfo.20251118110024655567.187004354831441/_patchinfo

PR: products/PackageHub!211

.gitmodules

@@ -26110,3 +26110,27 @@
 	path = fprintd
 	url = ../../pool/fprintd
 	branch = leap-16.0
+[submodule "python-acme"]
+	path = python-acme
+	url = ../../pool/python-acme
+	branch = leap-16.0
+[submodule "python-certbot"]
+	path = python-certbot
+	url = ../../pool/python-certbot
+	branch = leap-16.0
+[submodule "python-certbot-nginx"]
+	path = python-certbot-nginx
+	url = ../../pool/python-certbot-nginx
+	branch = leap-16.0
+[submodule "python-ConfigArgParse"]
+	path = python-ConfigArgParse
+	url = ../../pool/python-ConfigArgParse
+	branch = leap-16.0
+[submodule "python-josepy"]
+	path = python-josepy
+	url = ../../pool/python-josepy
+	branch = leap-16.0
+[submodule "python-pyRFC3339"]
+	path = python-pyRFC3339
+	url = ../../pool/python-pyRFC3339
+	branch = leap-16.0

0Backports/Backports.productcompose

@@ -147,8 +147,6 @@ packagesets:
   - kernel-livepatch-6_12_0-160000_4-rt
   - kernel-livepatch-6_12_0-160000_5-default
   - kernel-livepatch-6_12_0-160000_5-rt
-  - kernel-livepatch-6_12_0-160000_6-default
-  - kernel-livepatch-6_12_0-160000_6-rt
   - kernel-rt-livepatch
   - kernel-rt-livepatch-devel
   - krb5-mini

patchinfo.20251112154630847363.187004354831441/_patchinfo

@@ -0,0 +1,16 @@
+<patchinfo incident="packagehub-21">
+  <issue tracker="bnc" id="1253267">VUL-0: chromium: release 142.0.7444.162</issue>
+  <issue tracker="cve" id="2025-13042">VUL-0: chromium: release 142.0.7444.162</issue>
+  <packager>AndreasStieger</packager>
+  <rating>important</rating>
+  <category>security</category>
+  <summary>Security update for chromium</summary>
+  <description>This update for chromium fixes the following issues:
+
+Chromium 142.0.7444.162 (boo#1253267):
+
+  * CVE-2025-13042: Inappropriate implementation in V8
+</description>
+  <package>chromium</package>
+  <seperate_build_arch/>
+</patchinfo>

patchinfo.20251118110024655567.187004354831441/_patchinfo

@@ -0,0 +1,67 @@
+<patchinfo>
+  <issue tracker="cve" id="2025-13016">firefox: Incorrect boundary conditions in the JavaScript: WebAssembly component</issue>
+  <issue tracker="cve" id="2025-13019">firefox: Same-origin policy bypass in the DOM: Workers component</issue>
+  <issue tracker="cve" id="2025-13020">firefox: Use-after-free in the WebRTC: Audio/Video component</issue>
+  <issue tracker="cve" id="2025-13017">firefox: Same-origin policy bypass in the DOM: Notifications component</issue>
+  <issue tracker="cve" id="2025-13015">firefox: Spoofing issue in Firefox</issue>
+  <issue tracker="cve" id="2025-13012">VUL-0: MozillaFirefox / MozillaThunderbird: update to 145.0 and 140.5esr</issue>
+  <issue tracker="cve" id="2025-13018">firefox: Mitigation bypass in the DOM: Security component</issue>
+  <issue tracker="cve" id="2025-13014">firefox: Use-after-free in the Audio/Video component</issue>
+  <issue tracker="cve" id="2025-13013">firefox: Mitigation bypass in the DOM: Core &amp; HTML component</issue>
+  <issue tracker="bnc" id="1253188">VUL-0: MozillaFirefox / MozillaThunderbird: update to 145.0 and 140.5esr</issue>
+  <packager>Yoshio_Sato</packager>
+  <rating>important</rating>
+  <category>security</category>
+  <summary>Security update for MozillaThunderbird</summary>
+  <description>This update for MozillaThunderbird fixes the following issues:
+
+Changes in MozillaThunderbird:
+
+Mozilla Thunderbird 140.5.0 ESR
+
+MFSA 2025-91 (bsc#1253188):
+
+  * CVE-2025-13012
+    Race condition in the Graphics component
+  * CVE-2025-13016
+    Incorrect boundary conditions in the JavaScript: WebAssembly
+    component
+  * CVE-2025-13017
+    Same-origin policy bypass in the DOM: Notifications component
+  * CVE-2025-13018
+    Mitigation bypass in the DOM: Security component
+  * CVE-2025-13019
+    Same-origin policy bypass in the DOM: Workers component
+  * CVE-2025-13013
+    Mitigation bypass in the DOM: Core &amp; HTML component
+  * CVE-2025-13020
+    Use-after-free in the WebRTC: Audio/Video component
+  * CVE-2025-13014
+    Use-after-free in the Audio/Video component
+  * CVE-2025-13015
+    Spoofing issue in Thunderbird
+  * fixed: Could not drag and drop ICS file to Today Pane
+  * fixed: With Thunderbird closed, clicking a 'mailto:' link to
+    send signed message failed
+  * fixed: Upgrade from 128.x-&gt;140.x broke authentication for
+    @att.net using Yahoo backend
+
+Mozilla Thunderbird 140.4.0 ESR
+
+  * Account Hub is now disabled by default for second email account
+  * Users could not read mail signed with OpenPGP v6 and PQC keys
+  * Image preview in Insert Image dialog failed with CSP error for web resources
+  * Emptying trash on exit did not work with some providers
+  * Thunderbird could crash when applying filters
+  * Users were unable to override expired mail server certificate
+  * Opening Website header link in RSS feed incorrectly re-encoded
+    URL parameters
+
+Mozilla Thunderbird 140.3.1 ESR:
+
+  * several bugfixes listed here
+    https://www.thunderbird.net/en-US/thunderbird/140.3.1esr/releasenotes
+-------------------------------------------------------------------
+</description>
+  <package>MozillaThunderbird</package>
+</patchinfo>