[Backport release-23.11] mysql80: 8.0.36 -> 8.0.37

[23.11] doxygen: apply patch removing the usage of polyfill.io

If you output HTML with MathJax content Pandoc might uses a JS library
provided by cdn.polyfill.io which is now considered to be a bad actor.

https://sansec.io/research/polyfill-supply-chain-attack

`haskellPackages.pandoc` is not impacted, the concerned domain is not used

To reproduce the issue:
1. Create a file `math.tex` with the following content `$a^2 + b^2 = c^2$`
2. Call `pandoc` with `pandoc math.tex -s --mathjax -o ex.html`
3. Look at the injected scripts in `ex.html`

[Backport release-23.11] apptainer: 1.2.5 -> 1.3.2

[23.11] freeipa: 4.11.1 -> 4.11.2

[23.11] grafana: 10.2.7 -> 10.2.8

Changes:
https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-37.html

Fixes:
* CVE-2024-21047
* CVE-2024-21069
* CVE-2024-21060
* CVE-2024-21087
* CVE-2024-20998
* CVE-2024-21009
* CVE-2024-21054
* CVE-2024-21062
* CVE-2024-21102
* CVE-2024-21096
* CVE-2024-21008
* CVE-2024-21013
* CVE-2024-21000

https://www.oracle.com/security-alerts/cpuapr2024.html#AppendixMSQL
(cherry picked from commit 9b648599eaff67fd4d7045e22fa85f7656777eff)

[Backport release-23.11] netbird: 0.27.10 -> 0.28.3

(cherry picked from commit 7dfa379b930f604e6c5da312124f6ec12e3a943c)

[Backport staging-23.11] libndp: apply patch for CVE-2024-5564

ChangeLog: https://github.com/grafana/grafana/releases/tag/v10.2.8

(cherry picked from commit e546e8ff516328a6500b68a7ebb72882f8ff4df7)

[23.11] nixos/limesurvey: drop default encryption key and nonce

(cherry picked from commit daa81ecb2e752df8fb88d6b6ce9dd4f37a172ef7)

The template used by doxygen when MathJax is needed uses a
JS script provided by polyfill.io which is now considered
to be a bad actor.

https://sansec.io/research/polyfill-supply-chain-attack

(23.11) openssl_3: 3.0.13 -> 3.0.14; openssl_3_1: 3.1.5 -> 3.1.6

[Backport release-23.11] Discord updates

discord: 0.0.56 -> 0.0.58

discord-ptb: 0.0.90 -> 0.0.92

discord-canary: 0.0.431 -> 0.0.438

discord-development: 0.0.19 -> 0.0.21

pkgsCross.aarch64-darwin.discord: 0.0.307 -> 0.0.309

pkgsCross.aarch64-darwin.discord-ptb: 0.0.119 -> 0.0.121

pkgsCross.aarch64-darwin.discord-canary: 0.0.531 -> 0.0.547

pkgsCross.aarch64-darwin.discord-development: 0.0.41 -> 0.0.43

(cherry picked from commit 76551701c130bd08fb6722cdd9b95d75bd021634)

[Backport release-23.11] discord-canary: 0.0.422 -> 0.0.431

(cherry picked from commit b8877d07e8a2068b2f8718550b39ba2cc41eef1c)

(cherry picked from commit 27fdb4ca2cacfddff59147701295168193e1b862)

nixVersions: bump patch releases

(cherry picked from commit 144ac0d7fc16609847d957d53a715d393caaeef2)

[Backport release-23.11] knot-dns: 3.3.6 -> 3.3.7

https://gitlab.com/gitlab-org/gitlab/-/blob/v16.11.5-ee/CHANGELOG.md

Fixes CVE-2024-1493
Fixes CVE-2024-1816
Fixes CVE-2024-2177
Fixes CVE-2024-2191
Fixes CVE-2024-3115
Fixes CVE-2024-3959
Fixes CVE-2024-4011
Fixes CVE-2024-4025
Fixes CVE-2024-4557
Fixes CVE-2024-4901
Fixes CVE-2024-4994
Fixes CVE-2024-5430
Fixes CVE-2024-5655
Fixes CVE-2024-6323

(cherry picked from commit aff7eed4e7a1eddce866312da4f131b4b8af4066)

nixVersions.nix_2_18: 2.18.1 -> 2.18.3

[Backport release-23.11] Kernel updates for 2024-06-27

(cherry picked from commit f6c43dab739c8bcce80577c80cefeaea031c7a4f)

(cherry picked from commit 660b0f4554497f7fc79b3a25a694327cd8800a8b)

(cherry picked from commit afcbbf9e95f9b91f77a6dd5eb999e68bdea4f089)

(cherry picked from commit 5f53abdb3f1f043371786891d0d54c1577cce07f)

(cherry picked from commit acca00bf2c0eccf9a7153cf9140eb972a3bc9054)

(cherry picked from commit 07f6b665d1be6192f776fd878fce758544a77976)

[Backport release-23.11] Linux kernels 2024-06-18

(cherry picked from commit a36965d8f041679216a0b188c7418e3e78797c74)

(cherry picked from commit cf524d2185bdbb71fa99730092455ff7423caaa8)

[Backport release-23.11] linux_testing: 6.10-rc2 -> 6.10-rc3

(cherry picked from commit c0079b0d8a3362e175515253a4aae05a9a66f9b2)

[Backport release-23.11] linux_testing: 6.10-rc1 -> 6.10-rc2

(cherry picked from commit 3655cb233f8982001c8bf0f78960a60321e7636b)

[23.11] nextcloud: 27.1.10 -> 27.1.11, 28.0.6 -> 28.0.7, 29.0.2 -> 29.0.3

[Backport release-23.11] ungoogled-chromium: 126.0.6478.114-1 -> 126.0.6478.126-1

https://gitlab.nic.cz/knot/knot-dns/-/releases/v3.3.7
(cherry picked from commit 1622a46318041a0cce995a1eea6976396af0556c)

https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop_24.html

This update includes 5 security fixes.

CVEs:
CVE-2024-6290 CVE-2024-6291 CVE-2024-6292 CVE-2024-6293

(cherry picked from commit f424ca5c4fa297ba784f41ec8bd3ba63c3e61076)

[Backport release-23.11] chromedriver: 126.0.6478.61 -> 126.0.6478.126, chromium: 126.0.6478.61 -> 126.0.6478.126

[Backport release-23.11] Firefox: 127.0.1 -> 127.0.2