Update patchinfo incident numbers [skip actions]

PR: products/PackageHub!432

patchinfo.20260209151441438275.93181000773252/_patchinfo

@@ -0,0 +1,26 @@
+<patchinfo incident="packagehub-122">
+  <issue tracker="cve" id="2026-1998"/>
+  <issue tracker="bnc" id="1257803">VUL-0: CVE-2026-1998: micropython: segmentation fault in `mp_map_lookup` via `mp_import_all`</issue>
+  <packager>dheidler</packager>
+  <rating>low</rating>
+  <category>security</category>
+  <summary>Security update for micropython</summary>
+  <description>This update for micropython fixes the following issues:
+
+Changes in micropython:
+
+- CVE-2026-1998: Fixed segmentation fault in `mp_map_lookup` via `mp_import_all` (bsc#1257803).
+
+- Version 1.26.1
+  * esp32: update esp_tinyusb component to v1.7.6
+  * tools: add an environment variable MICROPY_MAINTAINER_BUILD
+  * esp32: add IDF Component Lockfiles to git repo
+  * shared/tinyusb: fix hang from new tx_overwritabe_if_not_connected flag
+  * shared/tinyusb/mp_usbd_cdc: rewrite USB CDC TX loop
+  * tools/mpremote: don't apply Espressif DTR/RTS quirk to TinyUSB CDC dev
+
+- Fix building on single core systems
+  * Skip tests/thread/stress_schedule.py when single core system detected
+</description>
+  <package>micropython</package>
+</patchinfo>

patchinfo.20260211094020694841.220258959514430/_patchinfo

@@ -0,0 +1,104 @@
+<patchinfo incident="packagehub-123">
+  <packager>os-autoinst-obs-workflow</packager>
+  <rating>moderate</rating>
+  <category>recommended</category>
+  <summary>Recommended update for openQA, os-autoinst-distri-opensuse-deps</summary>
+  <description>This update for openQA, os-autoinst-distri-opensuse-deps fixes the following issues:
+
+Changes in openQA:
+
+- Update to version 5.1770274061.387b318c:
+  * Remove dependencies not available in 16
+  * Remove all explicit versions from ci-packages.txt
+  * Explicitly use new cache key for fullstack_cache
+  * Use devel:openQA 16.0 repositories
+  * fix: Create user directory without sudo
+  * refactor(ui): use native DOM APIs for bulk action logic
+  * Update devel:openQA:ci/base container to Leap 16
+  * Mark some one line catch statements uncoverable
+  * Move t/07-api_jobtokens.t to t/api/
+  * refactor: Avoid mapping of actions in df-based cleanup
+  * refactor: Use loop to invoke `_delete_jobs` repeatedly
+  * refactor: Simplify code for df-based cleanup further
+  * refactor: Extract repeated lookup and loop into separate function
+  * Dependency cron 2026-02-03
+  * feat(ui): add bulk action checkboxes to test overview filters
+  * feat(openqa-clone-custom-git-refspec): add "BADGE" mode
+  * fix(openqa-clone-custom-git-refspec): fix "MARKDOWN" mode
+  * feat(UI): add delete button for job groups and parent groups
+  * refactor(javascripts): harden by using const in admin_groups.js
+  * feat(api): prevent deletion of non-empty parent job groups
+  * docs: Fix typo in MCP documentation
+  * docs: Improve note about enabling modern Perl features
+  * test: Remove unused parameters in `OpenQA::Test::Case::login`
+  * navbar: add new item in menu to link MCP documentation
+  * Refactor t/lib/OpenQA/Test/Case.pm with signatures
+  * test: Consider all API controller code covered
+  * test: Cover remaining error cases of worker API
+  * fix: Improve error handling when updating records in admin tables
+  * test: Ensure consistent coverage of job cancellation function
+  * Prepare documentation generation for Leap 16.0
+  * test: Cover remaining lines of `Search.pm`
+  * test: Cover remaining lines of `Locks.pm`
+  * refactor: Simplify `JobTemplate::destroy`
+  * refactor: Remove unused code from `JobTemplate.pm`
+  * git subrepo pull (merge) external/os-autoinst-common
+  * style: Add quotes in openqa-bootstrap
+  * feat: default API key expiration to 1 year, aligning with UI
+  * feat: wrap array in an object in api_key API responses
+  * feat: add API endpoint for deleting API keys
+  * feat: add API endpoint for listing API keys
+  * feat: add API endpoint for creating API keys
+  * fix(openqa-bootstrap): prevent shellcheck warning SC2086
+  * Add dependency on 'file'
+  * refactor: Write code in `JobGroup.pm` in a more compact way
+  * test: Consider `Job.pm` fully covered
+  * test: Add tests for error handling of artefact upload
+  * refactor: Format artefact upload test in a more compact way
+  * test: Add tests for using assigned worker on job status updates
+  * test: Add tests for re-scheduling invalid scheduled product
+  * test: Add tests for querying non-existent scheduled product
+  * refactor: Use more compact coding style in `show_scheduled_product`
+  * refactor: Improve `Mm.pm`
+  * test: Improve tests of multi-machine API
+  * Remove unused module Config::Tiny from dependencies
+
+- Update to version 5.1769603414.6c0fa72e:
+  * Handle links on test_log on missing git repo extension
+  * test: Consider `Test.pm` fully covered
+  * test: Extend tests for showing dependency graph
+  * fix: Merge parallel clusters correctly for displaying dependency tree
+
+Changes in os-autoinst-distri-opensuse-deps:
+
+- Added dependency perl(constant)
+- Added dependency perl(Inline::Python)
+- Removed dependency perl(Inline::Python)
+- Removed dependency perl(LWP::Simple)
+- Added dependency perl(LWP::Simple)
+- Removed dependency perl(POSIX)
+- Added dependency perl(parent)
+- Added dependency perl(POSIX)
+- Added dependency perl(strict)
+- Added dependency perl(utf8)
+- Added dependency perl(version)
+- Added dependency perl(warnings)
+- Removed dependency perl(constant)
+- Removed dependency perl(parent)
+- Removed dependency perl(strict)
+- Removed dependency perl(utf8)
+- Removed dependency perl(version)
+- Removed dependency perl(warnings)
+- Removed dependency /usr/bin/gzip
+- Added dependency /usr/bin/gzip
+
+- Removed dependency gzip
+- Added dependency /usr/bin/gzip
+</description>
+  <package>openQA</package>
+  <package>openQA:openQA-devel-test</package>
+  <package>openQA:openQA-test</package>
+  <package>openQA:openQA-worker-test</package>
+  <package>openQA:openQA-client-test</package>
+  <package>os-autoinst-distri-opensuse-deps</package>
+</patchinfo>

patchinfo.20260211134802096631.255638743075857/_patchinfo

@@ -1,71 +0,0 @@
-<patchinfo>
-  <packager>oertel</packager>
-  <rating>moderate</rating>
-  <category>recommended</category>
-  <summary>Recommended update for gn</summary>
-  <description>This update for gn fixes the following issues:
-
-Changes in gn:
-
-- Update to version 0.20251217:
-  * Fix sha2 on big endian
-  * [Windows] Reduce the number of worker threads on many-core machines
-  * Add a sha256 hash implementation and use it for string_hash
-  * Opt-in to the Windows SegmentHeap
-  * Add a `module_name` flag to source_set.
-  * Refactor module name to be dynamic.
-  * Optimize vector creation in compile_commands_writer.cc.
-  * Run 'tools/run_formatter.sh'
-  * Implement `string_hash` function.
-  * Support weak_libraries
-  * Do not add .inputdeps paths to --ninja-outputs-file
-  * Make clang modules output -fmodule-file=foo=&lt;pcm&gt;.
-  * infra: Revert CIPD autoconf
-  * infra: Include autoconf bin directory to PATH
-  * infra: Fix autoconf executable path
-  * infra: Use CIPD autoconf
-  * Allow led access in GN via http://go/ciba
-  * Revert "Build non-linkable deps async with Ninja's validaitons"
-  * Upgrade linux bots from ubuntu 22.04 to ubuntu 24.04
-  * Use unordered_map instead of map in HeaderChecker
-  * Add --file_relation to gn refs command
-  * Optimize vector initialization and preallocation in desc_builder.cc.
-  * Add `reserve` statement when vector size is known beforehand.
-  * Refactor container update by preferring the range insert.
-  * Handle symlinked directories correctly during gn clean on Windows.
-  * Fix relative imports from args.gn.
-
-- Update to version 0.20250918:
-  * update reference.md
-  * Include -fmodule-file flags in compile_commands.json
-  * Refactor C++ module dependency logic into a new utility
-  * Gitiles navigation bar
-  * Adds a len() function
-  * Avoid clashes of include_dir in rust-project.json.
-  * Check all targets to find duplicated outputs.
-  * infra/config: Remove luci.recipes.use_python3 experiment
-  * Handle empty outputs in WriteInputDepsStampOrPhonyAndGetDep
-  * build: Propagate module dependencies through group targets
-  * Deduplicate item in 'deps', 'sources' and related lists
-  * infra: Update comment for macOS version used in CQ/CI
-  * [Apple] Allow passing a manifest to the post-processing script
-  * Update link to buganizer in README.md
-  * [Apple] Fix `gn gen` when using swift and no_stamp_files
-  * [Apple] Remove deprecated aliases for `post_processing_$var`
-  * Revert "Allow newline in string literal"
-  * Use std::ranges::all_of in parse_tree_unittest
-  * infra: Correctly use macOS 13 instead of 11
-  * Update Xcode and macOS version in bots
-  * infra: Add shadow buckets to trigger led job
-  * Allow newline in string literal
-  * Revert "Update macOS version to 13 used in CQ/CI"
-  * Update macOS version to 13 used in CQ/CI
-  * Refactor command_format.cc
-  * Shorten targets from //path/to/foo:foo to //path/to/foo
-  * Modernize and improve parse_tree.cc
-  * Auto-format the codebase
-  * Remove hardcoded -fmodules-embed-all-files flag
-  * Reland "Use JSON escaping for JSON string output"
-</description>
-  <package>gn</package>
-</patchinfo>