Update patchinfo.20251118110024655567.187004354831441/_patchinfo

0Backports/Backports.productcompose

@@ -271,12 +271,6 @@ packagesets:
   - update-test-retracted
   - update-test-security
   - update-test-trivial
-  - xen
-  - xen-devel
-  - xen-libs
-  - xen-doc-html
-  - xen-tools
-  - xen-tools-domU
   - yum-utils
 
 # TODO: unneeded Leap package per architecture
@@ -5427,6 +5421,7 @@ packagesets:
   - postgresql-docs
   - postgresql-jdbc
   - postgresql-jdbc-javadoc
+  - postgresql-llvmjit
   - postgresql-plperl
   - postgresql-plpython
   - postgresql-pltcl
@@ -5436,6 +5431,7 @@ packagesets:
   - postgresql13-contrib
   - postgresql13-devel
   - postgresql13-docs
+  - postgresql13-llvmjit
   - postgresql13-pgaudit
   - postgresql13-pgvector
   - postgresql13-plperl
@@ -5447,6 +5443,7 @@ packagesets:
   - postgresql14-contrib
   - postgresql14-devel
   - postgresql14-docs
+  - postgresql14-llvmjit
   - postgresql14-pgaudit
   - postgresql14-pgvector
   - postgresql14-plperl
@@ -5458,6 +5455,7 @@ packagesets:
   - postgresql15-contrib
   - postgresql15-devel
   - postgresql15-docs
+  - postgresql15-llvmjit
   - postgresql15-pgaudit
   - postgresql15-pgvector
   - postgresql15-plperl
@@ -5469,6 +5467,7 @@ packagesets:
   - postgresql16-contrib
   - postgresql16-devel
   - postgresql16-docs
+  - postgresql16-llvmjit
   - postgresql16-pgaudit
   - postgresql16-pgvector
   - postgresql16-plperl
@@ -5480,6 +5479,7 @@ packagesets:
   - postgresql17-contrib
   - postgresql17-devel
   - postgresql17-docs
+  - postgresql17-llvmjit
   - postgresql17-pgaudit
   - postgresql17-pgvector
   - postgresql17-plperl

patchinfo.20251114110535882810.90520734224245/_patchinfo

@@ -1,16 +0,0 @@
-<patchinfo incident="packagehub-22">
-  <packager>AndreasStieger</packager>
-  <rating>important</rating>
-  <category>security</category>
-  <summary>Security update for certbot</summary>
-  <description>This update for certbot fixes the following issues:
-
-This update adds the certbot stack. (python modules: ConfigArgParse, acme, certbot, certbot-nginx, josepy, pyRFC3339).
-</description>
-<package>python-ConfigArgParse</package>
-<package>python-acme</package>
-<package>python-certbot</package>
-<package>python-certbot-nginx</package>
-<package>python-josepy</package>
-<package>python-pyRFC3339</package>
-</patchinfo>

patchinfo.20251118110024655567.187004354831441/_patchinfo

@@ -0,0 +1,67 @@
+<patchinfo>
+  <issue tracker="cve" id="2025-13016">firefox: Incorrect boundary conditions in the JavaScript: WebAssembly component</issue>
+  <issue tracker="cve" id="2025-13019">firefox: Same-origin policy bypass in the DOM: Workers component</issue>
+  <issue tracker="cve" id="2025-13020">firefox: Use-after-free in the WebRTC: Audio/Video component</issue>
+  <issue tracker="cve" id="2025-13017">firefox: Same-origin policy bypass in the DOM: Notifications component</issue>
+  <issue tracker="cve" id="2025-13015">firefox: Spoofing issue in Firefox</issue>
+  <issue tracker="cve" id="2025-13012">VUL-0: MozillaFirefox / MozillaThunderbird: update to 145.0 and 140.5esr</issue>
+  <issue tracker="cve" id="2025-13018">firefox: Mitigation bypass in the DOM: Security component</issue>
+  <issue tracker="cve" id="2025-13014">firefox: Use-after-free in the Audio/Video component</issue>
+  <issue tracker="cve" id="2025-13013">firefox: Mitigation bypass in the DOM: Core &amp; HTML component</issue>
+  <issue tracker="bnc" id="1253188">VUL-0: MozillaFirefox / MozillaThunderbird: update to 145.0 and 140.5esr</issue>
+  <packager>Yoshio_Sato</packager>
+  <rating>important</rating>
+  <category>security</category>
+  <summary>Security update for MozillaThunderbird</summary>
+  <description>This update for MozillaThunderbird fixes the following issues:
+
+Changes in MozillaThunderbird:
+
+Mozilla Thunderbird 140.5.0 ESR
+
+MFSA 2025-91 (bsc#1253188):
+
+  * CVE-2025-13012
+    Race condition in the Graphics component
+  * CVE-2025-13016
+    Incorrect boundary conditions in the JavaScript: WebAssembly
+    component
+  * CVE-2025-13017
+    Same-origin policy bypass in the DOM: Notifications component
+  * CVE-2025-13018
+    Mitigation bypass in the DOM: Security component
+  * CVE-2025-13019
+    Same-origin policy bypass in the DOM: Workers component
+  * CVE-2025-13013
+    Mitigation bypass in the DOM: Core &amp; HTML component
+  * CVE-2025-13020
+    Use-after-free in the WebRTC: Audio/Video component
+  * CVE-2025-13014
+    Use-after-free in the Audio/Video component
+  * CVE-2025-13015
+    Spoofing issue in Thunderbird
+  * fixed: Could not drag and drop ICS file to Today Pane
+  * fixed: With Thunderbird closed, clicking a 'mailto:' link to
+    send signed message failed
+  * fixed: Upgrade from 128.x-&gt;140.x broke authentication for
+    @att.net using Yahoo backend
+
+Mozilla Thunderbird 140.4.0 ESR
+
+  * Account Hub is now disabled by default for second email account
+  * Users could not read mail signed with OpenPGP v6 and PQC keys
+  * Image preview in Insert Image dialog failed with CSP error for web resources
+  * Emptying trash on exit did not work with some providers
+  * Thunderbird could crash when applying filters
+  * Users were unable to override expired mail server certificate
+  * Opening Website header link in RSS feed incorrectly re-encoded
+    URL parameters
+
+Mozilla Thunderbird 140.3.1 ESR:
+
+  * several bugfixes listed here
+    https://www.thunderbird.net/en-US/thunderbird/140.3.1esr/releasenotes
+-------------------------------------------------------------------
+</description>
+  <package>MozillaThunderbird</package>
+</patchinfo>