Update patchinfo incident numbers [skip actions]

PR: products/PackageHub!389

.gitmodules

@@ -258,6 +258,10 @@
 	path = OpenShadingLanguage
 	url = ../../pool/OpenShadingLanguage
 	branch = leap-16.0
+[submodule "OpenSMTPD"]
+	path = OpenSMTPD
+	url = ../../pool/OpenSMTPD
+	branch = leap-16.0
 [submodule "OpenSubdiv"]
 	path = OpenSubdiv
 	url = ../../pool/opensubdiv
@@ -10602,6 +10606,10 @@
 	path = most
 	url = ../../pool/most
 	branch = leap-16.0
+[submodule "motif"]
+	path = motif
+	url = ../../pool/motif
+	branch = leap-16.0
 [submodule "motion"]
 	path = motion
 	url = ../../pool/motion

patchinfo.20260131182523692426.93181000773252/_patchinfo

@@ -0,0 +1,29 @@
+<patchinfo incident="packagehub-127">
+  <packager>eroca</packager>
+  <rating>moderate</rating>
+  <category>recommended</category>
+  <summary>Recommended update for kbuild</summary>
+  <description>This update for kbuild fixes the following issues:
+
+Changes in kbuild:
+
+- Update to snapshot 0.1.9998+svn3686
+  * header.kmk,footer-pass2-compiling-targets.kmk: Added EARLY_LIBS
+    and LATE_LIBS properties to better control the library order
+    when using templates. The libraries are collected from
+    EARLY_LIBS first, then LIBS, and LATE_LIBS last.
+  * header.kmk: Added KB_FN_LOAD_TOOL and KB_FN_LOAD_SDK for
+    explictly loading a tool or an sdk implementation.
+  * kmk: Automatically ascend if no makefile found and a goal was
+    given on the command line. This is to eliminating the need for
+    Makefile.kup-files as far as compiling individual source files
+    from an editor is concerned.
+  * header.kmk: Always zap the IFS variable so it won't confuse
+    kmk_ash.
+  * kmk/job.c: Deal with escape sequences inside double quotes when
+    we're using kmk_ash.
+  * kBuild/header.kmk: drop the .noarch suffix for
+    KBUILD_DEVTOOLS_TRG_NOARCH and KBUILD_DEVTOOLS_HST_NOARCH.
+</description>
+  <package>kbuild</package>
+</patchinfo>

patchinfo.20260203172101250739.93181000773252/_patchinfo

@@ -0,0 +1,56 @@
+<patchinfo incident="packagehub-128">
+  <issue tracker="cve" id="2024-46478"/>
+  <issue tracker="bnc" id="1232380">VUL-0: CVE-2024-46478: htmldoc: buffer overflow when handling tabs through the parse_pre function (ps-pdf.cxx)</issue>
+  <issue tracker="cve" id="2024-45508"/>
+  <packager>pgajdos</packager>
+  <rating>critical</rating>
+  <category>security</category>
+  <summary>Security update for htmldoc</summary>
+  <description>This update for htmldoc fixes the following issues:
+
+Changes in htmldoc:
+
+- CVE-2024-46478: Fixed buffer overflow when handling tabs through the parse_pre function (bsc#1232380).
+
+- version update to 1.9.23:
+  * Fixed a regression in list handling that caused a crash for empty list items
+    (Issue #553)
+  * Fixed a regression in the number of rendered table of contents levels in PDF
+    and PostScript output (Issue #554)
+
+- version update to 1.9.22:
+  * Added a "--without-http" configure option to build without CUPS HTTP/HTTPS
+    support (Issue #547)
+  * Updated HTTP/HTTPS support to work with both CUPS 2.x and 3.x.
+  * Updated the maximum image dimension to prevent integer overflow on 32-bit
+    platforms (Issue #550)
+  * Updated the HTML parser to correctly report the line number of errors in files
+    with more than 2^32-1 lines (Issue #551)
+  * Fixed a crash bug with certain markdown files (Issue #548)
+  * Fixed an unrestricted recursion bug when reading and formatting HTML (Issue #552)
+
+- version update to 1.9.21
+  * Updated HTTP/HTTPS connection error reporting to include the reason.
+  * Updated markdown parser.
+  * Updated the HTTP/HTTPS connection timeout to 5 minutes (Issue #541)
+  * Fixed a bug in the new PDF link code (Issue #536)
+  * Fixed a bug in the number-up code (Issue #539)
+  * Fixed a regression in leading whitespace handling (Issue #540)
+  * Fixed a bug in numbered heading support (Issue #543)
+  * Fixed a bug with setting the header on the first page (Issue #544)
+  * Fixed paths in the HTMLDOC snap (Issue #545)
+
+- update to 1.9.20:
+  * Fix a regression that caused spaces to disappear between some words
+  * Fix resolution of relative links within a document
+
+- includes changes from 1.9.19:
+  * Add support for ‘file’ method in links
+  * Update markdown support code to mmd
+  * Fix hyperlinks to subfolders
+  * Fix export of UTF-8 HTML
+  * Fix handling of whitespace-only nodes
+  * Fix case sensitivity of link targets
+</description>
+  <package>htmldoc</package>
+</patchinfo>

patchinfo.20260209151441438275.93181000773252/_patchinfo

@@ -0,0 +1,26 @@
+<patchinfo incident="packagehub-122">
+  <issue tracker="cve" id="2026-1998"/>
+  <issue tracker="bnc" id="1257803">VUL-0: CVE-2026-1998: micropython: segmentation fault in `mp_map_lookup` via `mp_import_all`</issue>
+  <packager>dheidler</packager>
+  <rating>low</rating>
+  <category>security</category>
+  <summary>Security update for micropython</summary>
+  <description>This update for micropython fixes the following issues:
+
+Changes in micropython:
+
+- CVE-2026-1998: Fixed segmentation fault in `mp_map_lookup` via `mp_import_all` (bsc#1257803).
+
+- Version 1.26.1
+  * esp32: update esp_tinyusb component to v1.7.6
+  * tools: add an environment variable MICROPY_MAINTAINER_BUILD
+  * esp32: add IDF Component Lockfiles to git repo
+  * shared/tinyusb: fix hang from new tx_overwritabe_if_not_connected flag
+  * shared/tinyusb/mp_usbd_cdc: rewrite USB CDC TX loop
+  * tools/mpremote: don't apply Espressif DTR/RTS quirk to TinyUSB CDC dev
+
+- Fix building on single core systems
+  * Skip tests/thread/stress_schedule.py when single core system detected
+</description>
+  <package>micropython</package>
+</patchinfo>

patchinfo.20260211094020694841.220258959514430/_patchinfo

@@ -0,0 +1,104 @@
+<patchinfo incident="packagehub-123">
+  <packager>os-autoinst-obs-workflow</packager>
+  <rating>moderate</rating>
+  <category>recommended</category>
+  <summary>Recommended update for openQA, os-autoinst-distri-opensuse-deps</summary>
+  <description>This update for openQA, os-autoinst-distri-opensuse-deps fixes the following issues:
+
+Changes in openQA:
+
+- Update to version 5.1770274061.387b318c:
+  * Remove dependencies not available in 16
+  * Remove all explicit versions from ci-packages.txt
+  * Explicitly use new cache key for fullstack_cache
+  * Use devel:openQA 16.0 repositories
+  * fix: Create user directory without sudo
+  * refactor(ui): use native DOM APIs for bulk action logic
+  * Update devel:openQA:ci/base container to Leap 16
+  * Mark some one line catch statements uncoverable
+  * Move t/07-api_jobtokens.t to t/api/
+  * refactor: Avoid mapping of actions in df-based cleanup
+  * refactor: Use loop to invoke `_delete_jobs` repeatedly
+  * refactor: Simplify code for df-based cleanup further
+  * refactor: Extract repeated lookup and loop into separate function
+  * Dependency cron 2026-02-03
+  * feat(ui): add bulk action checkboxes to test overview filters
+  * feat(openqa-clone-custom-git-refspec): add "BADGE" mode
+  * fix(openqa-clone-custom-git-refspec): fix "MARKDOWN" mode
+  * feat(UI): add delete button for job groups and parent groups
+  * refactor(javascripts): harden by using const in admin_groups.js
+  * feat(api): prevent deletion of non-empty parent job groups
+  * docs: Fix typo in MCP documentation
+  * docs: Improve note about enabling modern Perl features
+  * test: Remove unused parameters in `OpenQA::Test::Case::login`
+  * navbar: add new item in menu to link MCP documentation
+  * Refactor t/lib/OpenQA/Test/Case.pm with signatures
+  * test: Consider all API controller code covered
+  * test: Cover remaining error cases of worker API
+  * fix: Improve error handling when updating records in admin tables
+  * test: Ensure consistent coverage of job cancellation function
+  * Prepare documentation generation for Leap 16.0
+  * test: Cover remaining lines of `Search.pm`
+  * test: Cover remaining lines of `Locks.pm`
+  * refactor: Simplify `JobTemplate::destroy`
+  * refactor: Remove unused code from `JobTemplate.pm`
+  * git subrepo pull (merge) external/os-autoinst-common
+  * style: Add quotes in openqa-bootstrap
+  * feat: default API key expiration to 1 year, aligning with UI
+  * feat: wrap array in an object in api_key API responses
+  * feat: add API endpoint for deleting API keys
+  * feat: add API endpoint for listing API keys
+  * feat: add API endpoint for creating API keys
+  * fix(openqa-bootstrap): prevent shellcheck warning SC2086
+  * Add dependency on 'file'
+  * refactor: Write code in `JobGroup.pm` in a more compact way
+  * test: Consider `Job.pm` fully covered
+  * test: Add tests for error handling of artefact upload
+  * refactor: Format artefact upload test in a more compact way
+  * test: Add tests for using assigned worker on job status updates
+  * test: Add tests for re-scheduling invalid scheduled product
+  * test: Add tests for querying non-existent scheduled product
+  * refactor: Use more compact coding style in `show_scheduled_product`
+  * refactor: Improve `Mm.pm`
+  * test: Improve tests of multi-machine API
+  * Remove unused module Config::Tiny from dependencies
+
+- Update to version 5.1769603414.6c0fa72e:
+  * Handle links on test_log on missing git repo extension
+  * test: Consider `Test.pm` fully covered
+  * test: Extend tests for showing dependency graph
+  * fix: Merge parallel clusters correctly for displaying dependency tree
+
+Changes in os-autoinst-distri-opensuse-deps:
+
+- Added dependency perl(constant)
+- Added dependency perl(Inline::Python)
+- Removed dependency perl(Inline::Python)
+- Removed dependency perl(LWP::Simple)
+- Added dependency perl(LWP::Simple)
+- Removed dependency perl(POSIX)
+- Added dependency perl(parent)
+- Added dependency perl(POSIX)
+- Added dependency perl(strict)
+- Added dependency perl(utf8)
+- Added dependency perl(version)
+- Added dependency perl(warnings)
+- Removed dependency perl(constant)
+- Removed dependency perl(parent)
+- Removed dependency perl(strict)
+- Removed dependency perl(utf8)
+- Removed dependency perl(version)
+- Removed dependency perl(warnings)
+- Removed dependency /usr/bin/gzip
+- Added dependency /usr/bin/gzip
+
+- Removed dependency gzip
+- Added dependency /usr/bin/gzip
+</description>
+  <package>openQA</package>
+  <package>openQA:openQA-devel-test</package>
+  <package>openQA:openQA-test</package>
+  <package>openQA:openQA-worker-test</package>
+  <package>openQA:openQA-client-test</package>
+  <package>os-autoinst-distri-opensuse-deps</package>
+</patchinfo>

patchinfo.20260211133956922544.255638743075857/_patchinfo

@@ -0,0 +1,11 @@
+<patchinfo incident="packagehub-126">
+  <packager>eroca</packager>
+  <rating>moderate</rating>
+  <category>recommended</category>
+  <summary>Recommended update for OpenSMTPD</summary>
+  <description>This update for OpenSMTPD fixes the following issues:
+
+Introduce OpenSMTPD.
+</description>
+  <package>OpenSMTPD</package>
+</patchinfo>

patchinfo.20260211134802096631.255638743075857/_patchinfo

@@ -0,0 +1,71 @@
+<patchinfo incident="packagehub-124">
+  <packager>oertel</packager>
+  <rating>moderate</rating>
+  <category>recommended</category>
+  <summary>Recommended update for gn</summary>
+  <description>This update for gn fixes the following issues:
+
+Changes in gn:
+
+- Update to version 0.20251217:
+  * Fix sha2 on big endian
+  * [Windows] Reduce the number of worker threads on many-core machines
+  * Add a sha256 hash implementation and use it for string_hash
+  * Opt-in to the Windows SegmentHeap
+  * Add a `module_name` flag to source_set.
+  * Refactor module name to be dynamic.
+  * Optimize vector creation in compile_commands_writer.cc.
+  * Run 'tools/run_formatter.sh'
+  * Implement `string_hash` function.
+  * Support weak_libraries
+  * Do not add .inputdeps paths to --ninja-outputs-file
+  * Make clang modules output -fmodule-file=foo=&lt;pcm&gt;.
+  * infra: Revert CIPD autoconf
+  * infra: Include autoconf bin directory to PATH
+  * infra: Fix autoconf executable path
+  * infra: Use CIPD autoconf
+  * Allow led access in GN via http://go/ciba
+  * Revert "Build non-linkable deps async with Ninja's validaitons"
+  * Upgrade linux bots from ubuntu 22.04 to ubuntu 24.04
+  * Use unordered_map instead of map in HeaderChecker
+  * Add --file_relation to gn refs command
+  * Optimize vector initialization and preallocation in desc_builder.cc.
+  * Add `reserve` statement when vector size is known beforehand.
+  * Refactor container update by preferring the range insert.
+  * Handle symlinked directories correctly during gn clean on Windows.
+  * Fix relative imports from args.gn.
+
+- Update to version 0.20250918:
+  * update reference.md
+  * Include -fmodule-file flags in compile_commands.json
+  * Refactor C++ module dependency logic into a new utility
+  * Gitiles navigation bar
+  * Adds a len() function
+  * Avoid clashes of include_dir in rust-project.json.
+  * Check all targets to find duplicated outputs.
+  * infra/config: Remove luci.recipes.use_python3 experiment
+  * Handle empty outputs in WriteInputDepsStampOrPhonyAndGetDep
+  * build: Propagate module dependencies through group targets
+  * Deduplicate item in 'deps', 'sources' and related lists
+  * infra: Update comment for macOS version used in CQ/CI
+  * [Apple] Allow passing a manifest to the post-processing script
+  * Update link to buganizer in README.md
+  * [Apple] Fix `gn gen` when using swift and no_stamp_files
+  * [Apple] Remove deprecated aliases for `post_processing_$var`
+  * Revert "Allow newline in string literal"
+  * Use std::ranges::all_of in parse_tree_unittest
+  * infra: Correctly use macOS 13 instead of 11
+  * Update Xcode and macOS version in bots
+  * infra: Add shadow buckets to trigger led job
+  * Allow newline in string literal
+  * Revert "Update macOS version to 13 used in CQ/CI"
+  * Update macOS version to 13 used in CQ/CI
+  * Refactor command_format.cc
+  * Shorten targets from //path/to/foo:foo to //path/to/foo
+  * Modernize and improve parse_tree.cc
+  * Auto-format the codebase
+  * Remove hardcoded -fmodules-embed-all-files flag
+  * Reland "Use JSON escaping for JSON string output"
+</description>
+  <package>gn</package>
+</patchinfo>

patchinfo.20260212125825503328.255638743075857/_patchinfo

@@ -0,0 +1,11 @@
+<patchinfo incident="packagehub-125">
+  <packager>eroca</packager>
+  <rating>moderate</rating>
+  <category>recommended</category>
+  <summary>Recommended update for motif</summary>
+  <description>This update for motif fixes the following issues:
+
+Introduce motif.
+</description>
+  <package>motif</package>
+</patchinfo>