Add OpenSMTPD

PR: products/PackageHub!425

.gitmodules

@@ -258,6 +258,10 @@
 	path = OpenShadingLanguage
 	url = ../../pool/OpenShadingLanguage
 	branch = leap-16.0
+[submodule "OpenSMTPD"]
+	path = OpenSMTPD
+	url = ../../pool/OpenSMTPD
+	branch = leap-16.0
 [submodule "OpenSubdiv"]
 	path = OpenSubdiv
 	url = ../../pool/opensubdiv
@@ -3070,6 +3074,10 @@
 	path = dom2-core-tests
 	url = ../../pool/dom2-core-tests
 	branch = leap-16.0
+[submodule "doomsday"]
+	path = doomsday
+	url = ../../pool/doomsday
+	branch = leap-16.0
 [submodule "dosbox"]
 	path = dosbox
 	url = ../../pool/dosbox
@@ -7174,6 +7182,10 @@
 	path = gnu_ddrescue
 	url = ../../pool/gnu_ddrescue
 	branch = leap-16.0
+[submodule "gnucobol"]
+	path = gnucobol
+	url = ../../pool/gnucobol
+	branch = leap-16.0
 [submodule "gnuastro"]
 	path = gnuastro
 	url = ../../pool/gnuastro
@@ -13754,6 +13766,10 @@
 	path = perl-Mojolicious-Plugin-OAuth2
 	url = ../../pool/perl-Mojolicious-Plugin-OAuth2
 	branch = leap-16.0
+[submodule "perl-Mojolicious-Plugin-OpenAPI"]
+	path = perl-Mojolicious-Plugin-OpenAPI
+	url = ../../pool/perl-Mojolicious-Plugin-OpenAPI
+	branch = leap-16.0
 [submodule "perl-Mojolicious-Plugin-Webpack"]
 	path = perl-Mojolicious-Plugin-Webpack
 	url = ../../pool/perl-Mojolicious-Plugin-Webpack

patchinfo.20260204115012215375.93181000773252/_patchinfo

@@ -0,0 +1,30 @@
+<patchinfo incident="packagehub-113">
+  <issue tracker="bnc" id="1257403">VUL-0: CVE-2025-14550: python-Django,python3-Django,python-Django6: Potential denial-of-service vulnerability via repeated headers when using ASGI</issue>
+  <issue tracker="bnc" id="1257406">VUL-0: CVE-2026-1285: python-Django,python3-Django,python-Django6: Potential denial-of-service vulnerability in django.utils.text.Truncator HTML methods</issue>
+  <issue tracker="bnc" id="1257405">VUL-0: CVE-2026-1207: python-Django,python3-Django,python-Django6: Potential SQL injection via raster lookups on PostGIS</issue>
+  <issue tracker="cve" id="2026-1207"/>
+  <issue tracker="cve" id="2026-1312"/>
+  <issue tracker="cve" id="2026-1287"/>
+  <issue tracker="bnc" id="1257407">VUL-0: CVE-2026-1287: python-Django,python3-Django,python-Django6: Potential SQL injection in column aliases via control characters</issue>
+  <issue tracker="cve" id="2025-13473"/>
+  <issue tracker="bnc" id="1257401">VUL-0: CVE-2025-13473: python-Django,python3-Django,python-Django6: Username enumeration through timing difference in mod_wsgi authentication handler</issue>
+  <issue tracker="bnc" id="1257408">VUL-0: CVE-2026-1312: python-Django,python3-Django,python-Django6: Potential SQL injection via QuerySet.order_by and FilteredRelation</issue>
+  <issue tracker="cve" id="2025-14550"/>
+  <issue tracker="cve" id="2026-1285"/>
+  <packager>mcalabkova</packager>
+  <rating>important</rating>
+  <category>security</category>
+  <summary>Security update for python-Django</summary>
+  <description>This update for python-Django fixes the following issues:
+
+Changes in python-Django:
+
+- CVE-2026-1312: Fixed potential SQL injection via QuerySet.order_by and FilteredRelation (bsc#1257408).
+- CVE-2026-1287: Fixed potential SQL injection in column aliases via control characters (bsc#1257407).
+- CVE-2026-1207: Fixed potential SQL injection via raster lookups on PostGIS (bsc#1257405).
+- CVE-2026-1285: Fixed potential denial-of-service in django.utils.text.Truncator HTML methods (bsc#1257406).
+- CVE-2025-13473: Fixed username enumeration through timing difference in mod_wsgi authentication handler (bsc#1257401).
+- CVE-2025-14550: Fixed potential denial-of-service via repeated headers when using ASGI (bsc#1257403).
+</description>
+  <package>python-Django</package>
+</patchinfo>

patchinfo.20260204115510991084.93181000773252/_patchinfo

@@ -0,0 +1,22 @@
+<patchinfo incident="packagehub-112">
+  <issue tracker="cve" id="2026-1862"/>
+  <issue tracker="cve" id="2026-1861"/>
+  <issue tracker="bnc" id="1257650">VUL-0: chromium: release 144.0.7559.132</issue>
+  <packager>oertel</packager>
+  <rating>important</rating>
+  <category>security</category>
+  <summary>Security update for chromium</summary>
+  <description>This update for chromium fixes the following issues:
+
+Changes in chromium:
+
+- Chromium 144.0.7559.132 (boo#1257650)
+  * CVE-2026-1861: Heap buffer overflow in libvpx in Google Chrome
+    prior to 144.0.7559.132 allowed a remote attacker to potentially
+    exploit heap corruption via a crafted HTML page.
+  * CVE-2026-1862: Type Confusion in V8 in Google Chrome prior to
+    144.0.7559.132 allowed a remote attacker to potentially exploit
+    heap corruption via a crafted HTML page.
+</description>
+  <package>chromium</package>
+</patchinfo>

patchinfo.20260204115645891071.93181000773252/_patchinfo

@@ -0,0 +1,14 @@
+<patchinfo incident="packagehub-109">
+  <packager>letsfindaway</packager>
+  <rating>moderate</rating>
+  <category>recommended</category>
+  <summary>Recommended update for OpenBoard</summary>
+  <description>This update for OpenBoard fixes the following issues:
+
+Changes in OpenBoard:
+
+- add AppData in metainfo.xml
+- update to release version 1.7.5
+</description>
+  <package>OpenBoard</package>
+</patchinfo>

patchinfo.20260204120853139168.93181000773252/_patchinfo

@@ -0,0 +1,11 @@
+<patchinfo incident="packagehub-111">
+  <packager>eroca</packager>
+  <rating>moderate</rating>
+  <category>recommended</category>
+  <summary>Recommended update for perl-Mojolicious-Plugin-OpenAPI</summary>
+  <description>This update for perl-Mojolicious-Plugin-OpenAPI fixes the following issues:
+
+Introduce perl-Mojolicious-Plugin-OpenAPI.
+</description>
+  <package>perl-Mojolicious-Plugin-OpenAPI</package>
+</patchinfo>

patchinfo.20260204155545137018.93181000773252/_patchinfo

@@ -1,195 +0,0 @@
-<patchinfo>
-  <issue tracker="cve" id="2025-22869"/>
-  <issue tracker="bnc" id="1248920">VUL-0: CVE-2025-58058: tailscale: github.com/ulikunitz/xz: github.com/ulikunitz/xz leaks memory</issue>
-  <issue tracker="cve" id="2025-58058"/>
-  <packager>rrahl0</packager>
-  <rating>important</rating>
-  <category>security</category>
-  <summary>Security update for tailscale</summary>
-  <description>This update for tailscale fixes the following issues:
-
-Changes in tailscale:
-
-- Update to version 1.94.0:
-  * IS SET and NOT SET have been added as device posture operators
-  * India DERP Region City Name updated
-  * Custom DERP servers support GCP Certificate Manager
-  * Tailscale SSH authentication, when successful, results in LOGIN audit
-    messages being sent to the kernel audit subsystem
-  * Tailscale Peer Relay throughput is improved when the SO_REUSEPORT socket
-    option is supported on multi-core systems
-  * Tailscale Peer Relay server handshake transmission is guarded against
-    routing loops over Tailscale
-  * MagicDNS always resolves when using resolv.conf without a DNS manager
-  * tailscaled_peer_relay_forwarded_packets_total and
-    tailscaled_peer_relay_forwarded_bytes_total client metrics are available for
-    Tailscale Peer Relays
-  * Identity tokens are automatically generated for workload identities
-  * --audience flag added to tailscale up command to support auto generation of
-    ID tokens for workload identity
-  * tsnet nodes can host Tailscale Services
-  * The tailscale lock status -json command returns tailnet key authority (TKA)
-    data in a stable format
-  * Tailscale Peer Relays deliver improved throughput through monotonic time
-    comparison optimizations and reduced lock contention
-  * Tailscale Services virtual IPs are now automatically accepted by clients
-    across all platforms regardless of the status of the --accept-routes
-    feature
-
-- Update to version 1.94.0:
-  * derp/derpserver: add a unique sender cardinality estimate
-  * syncs: add means of declare locking assumptions for debug mode
-  * cmd/k8s-operator: add support for taiscale.com/http-redirect
-  * cmd/k8s-operator fix populateTLSSecret on tests
-  * feature/posture: log method and full URL for posture identity requests
-  * k8s-operator: Fix typos in egress-pod-readiness.go
-  * cmd/tailscale,ipn: add Unix socket support for serve
-  * client/systray: change systray to start after graphical.target
-  * cmd/k8s-operator: warn if users attempt to expose a headless Service
-  * cmd/tailscale/cli, util/qrcodes: format QR codes on Linux consoles
-  * tsnet: ensure funnel listener cleans up after itself when closed
-  * ipn/store/kubestore: don't load write replica certs in memory
-  * tsnet: allow for automatic ID token generation
-
-- Update to version 1.92.5:
-  * types/persist: omit Persist.AttestationKey based on IsZero
-  * disable hardware attestation for kubernetes
-  * allow opting out of ACME order replace extension
-- Update to version 1.92.4:
-  * nothing of importance
-
-- Update to version 1.92.3:
-  * WireGuard configuration that occurs automatically in the client, no longer
-    results in a panic
-
-- Update to version 1.92.2:
-  * cmd/derper: add GCP Certificate Manager support
-
-- Update to version 1.92.1:
-  * fix LocalBackend deadlock when packet arrives during profile switch
-  * wgengine: fix TSMP/ICMP callback leak
-- Update to version 1.92.0:
-  * no changelog provided
-- Update to version 1.90.9:
-  * tailscaled no longer deadlocks during event bursts
-  * The client no longer hangs after wake up
-
-- Update to version 1.90.8:
-  * tka: move RemoveAll() to CompactableChonk
-- Update to version 1.90.7:
-  * wgengine/magicsock: validate endpoint.derpAddr
-  * wgengine/magicsock: fix UDPRelayAllocReq/Resp deadlock
-  * net/udprelay: replace VNI pool with selection algorithm
-  * feature/relayserver,ipn/ipnlocal,net/udprelay: plumb DERPMap
-  * feature/relayserver: fix Shutdown() deadlock
-  * net/netmon: do not abandon a subscriber when exiting early
-  * tka: don't try to read AUMs which are partway through being written
-  * tka: rename a mutex to mu instead of single-letter l
-  * ipn/ipnlocal: use an in-memory TKA store if FS is unavailable
-
-- Update to version 1.90.6:
-  * Routes no longer stall and fail to apply when updated repeatedly in a short
-    period of time
-  * Tailscale SSH no longer hangs for 10s when connecting to tsrecorder. This
-    affected tailnets that use Tailscale SSH recording
-
-- Update to version 1.90.4:
-  * deadlock issue no longer occurs in the client when checking
-    for the network to be available
-  * tailscaled no longer sporadically panics when a
-    Trusted Platform Module (TPM) device is present
-
-- Update to version 1.90.3:
-  * tailscaled shuts down as expected and without panic
-  * tailscaled starts up as expected in a no router configuration environment
-
-- Update to version 1.90.2:
-  * util/linuxfw: fix 32-bit arm regression with iptables
-  * health: compare warnable codes to avoid errors on release branch
-  * feature/tpm: check TPM family data for compatibility
-
-- Upate to version 1.90.1:
-  * Clients can use configured DNS resolvers for all domains
-  * Node keys will be renewed seamlessly
-  * Unnecessary path discovery packets over DERP servers are suppressed
-  * Node key sealing is GA (generally available) and enabled by default
-
-- update to version 1.88.3:
-  * cmd/tailscale/cli: add ts2021 debug flag to set a dial plan
-  * control/controlhttp: simplify, fix race dialing, remove priority concept
-- update to version 1.88.2:
-  * k8s-operator: reset service status before append
-- require the minimum go version directly, in comparison to using the golang(API)
-  symbol
-
-- update to version 1.88.1:
-  * Tailscale CLI prompts users to confirm impactful actions
-  * Tailscale SSH works as expected when using an IP address instead of a
-    hostname and MagicDNS is disabled
-  * fixed: Taildrive sharing when su not present
-  * Taildrive files remain consistently accessible
-  * new: Tailscale tray GUI
-  * DERP IPs changed for Singapore and Tokyo
-- Fixing CVE-2025-58058, bsc#1248920
-
-- update to version 1.86.5:
-  * cmd/k8s-proxy,k8s-operator: fix serve config for userspace mode
-- update to version 1.86.4:
-  * nothing of relevance
-- update to version 1.86.3:
-  * nothing of relevance
-
-- update to version 1.86.2:
-  * A deadlock issue that may have occurred in the client
-  * An occasional crash when establishing a new port mapping with a gateway or
-    firewall
-
-- update to version 1.86.0:
-  * tsStateEncrypted device posture attribute for checking whether the
-    Tailscale client state is encrypted at rest
-  * Cross-site request forgery (CSRF) issue that may have resulted in a log in
-    error when accessing the web interface
-  * Recommended exit node when the previously recommended exit node is offline
-  * tailscale up --exit-node=auto:any and tailscale set --exit-node=auto:any
-    CLI commands track the recommended exit node and automatically switches to
-    it when available exit nodes or network conditions change
-  * tailscaled CLI command flag --encrypt-state encrypts the node state file on
-    the disk using trusted platform module (TPM)
-
-- update to 1.84.3:
-  * ipn/ipnlocal: Update hostinfo to control on service config change
-
-- update to 1.84.2:
-  * Re-enable setting —accept-dns by using TS_EXTRA_ARGS. This issue resulted
-    from stricter CLI arguments parsing introduced in Tailscale v1.84.0
-
-- update to 1.84.1:
-  * net/dns: cache dns.Config for reuse when compileConfig fails
-
-- update to 1.84.0:
-  * The --reason flag is added to the tailscale down command
-  * ReconnectAfter policy setting, which configures the maximum period of time
-    between a user disconnecting Tailscale and the client automatically
-    reconnecting
-  * Tailscale CLI commands throw an error if multiple of the same flag are detected
-  * Network connectivity issues when creating a new profile or switching
-    profiles while using an exit node
-  * DNS-over-TCP fallback works correctly with upstream servers reachable only
-    via the tailnet
-
-- update to 1.82.5:
-  * A panic issue related to CUBIC congestion control in userspace mode is resolved.
-
-- update to 1.82.0:
-  * DERP functionality within the client supports certificate pinning for
-    self-signed IP address certificates for those unable to use Let's Encrypt
-    or WebPKI certificates.
-  * Go is updated to version 1.24.1
-  * NAT traversal code uses the DERP connection that a packet arrived on as an
-    ultimate fallback route if no other information is available
-  * Captive portal detection reliability is improved on some in-flight Wi-Fi networks
-  * Port mapping success rate is improved
-  * Helsinki is added as a DERP region.
-</description>
-  <package>tailscale</package>
-</patchinfo>

patchinfo.20260204160351183292.93181000773252/_patchinfo

@@ -0,0 +1,14 @@
+<patchinfo incident="packagehub-110">
+  <issue tracker="bnc" id="1256465">Week numbers are off by one in Evolution's calendar (Year view)</issue>
+  <packager>mgorse</packager>
+  <rating>moderate</rating>
+  <category>recommended</category>
+  <summary>Recommended update for evolution</summary>
+  <description>This update for evolution fixes the following issues:
+
+Changes in evolution:
+
+- Fix incorrect week numbers in calendar year view (bsc#1256465).
+</description>
+  <package>evolution</package>
+</patchinfo>

patchinfo.20260206094000823685.93181000773252/_patchinfo

@@ -0,0 +1,11 @@
+<patchinfo incident="packagehub-115">
+  <packager>eroca</packager>
+  <rating>moderate</rating>
+  <category>recommended</category>
+  <summary>Recommended update for gnucobol</summary>
+  <description>This update for gnucobol fixes the following issues:
+
+Introduce gnucobol.
+</description>
+  <package>gnucobol</package>
+</patchinfo>

patchinfo.20260209123942988001.93181000773252/_patchinfo

@@ -0,0 +1,11 @@
+<patchinfo incident="packagehub-116">
+  <packager>eroca</packager>
+  <rating>moderate</rating>
+  <category>recommended</category>
+  <summary>Recommended update for doomsday</summary>
+  <description>This update for doomsday fixes the following issues:
+
+Introduce doomsday.
+</description>
+  <package>doomsday</package>
+</patchinfo>

patchinfo.20260209155200377268.93181000773252/_patchinfo

@@ -0,0 +1,14 @@
+<patchinfo incident="packagehub-114">
+  <issue tracker="bnc" id="1257869">KMail2: Klick on link does not open Browser</issue>
+  <packager>favogt</packager>
+  <rating>moderate</rating>
+  <category>recommended</category>
+  <summary>Recommended update for messagelib</summary>
+  <description>This update for messagelib fixes the following issues:
+
+Changes in messagelib:
+
+- Fix links sometimes not opening (boo#1257869, kde#493325):
+</description>
+  <package>messagelib</package>
+</patchinfo>

patchinfo.20260211133956922544.255638743075857/_patchinfo

@@ -0,0 +1,11 @@
+<patchinfo>
+  <packager>eroca</packager>
+  <rating>moderate</rating>
+  <category>recommended</category>
+  <summary>Recommended update for OpenSMTPD</summary>
+  <description>This update for OpenSMTPD fixes the following issues:
+
+Introduce OpenSMTPD.
+</description>
+  <package>OpenSMTPD</package>
+</patchinfo>