Packages changed:
  Mesa (17.3.2 -> 17.3.3)
  Mesa-drivers (17.3.2 -> 17.3.3)
  SDL2
  SuSEfirewall2 (3.6.376 -> 3.6.378)
  btrfsmaintenance (0.3.1 -> 0.4)
  busybox
  e2fsprogs (1.43.7 -> 1.43.8)
  gcc7 (7.2.1+r253932 -> 7.2.1+r256737)
  gegl
  gnome-session
  graphite2
  gvfs
  jack (1.9.10 -> 1.9.12)
  kernel-source (4.14.13 -> 4.14.14)
  kmozillahelper (5.0.1 -> 5.0.2)
  lapack
  libqxp
  libreoffice (6.0.0.1 -> 6.0.0.2)
  libvpx
  libxcb
  ncurses
  pam-config (0.93 -> 0.94)
  poppler-qt5
  python-Pillow
  python-cffi
  python-cryptography
  rsync
  snapper (0.5.2 -> 0.5.3)
  spamassassin
  syslinux
  systemd-presets-branding-openSUSE
  transmission
  update-alternatives (1.18.23 -> 1.19.0.4)
  xorg-x11-server
  yast2-nis-client (4.0.0 -> 4.0.1)

=== Details ===

==== Mesa ====
Version update (17.3.2 -> 17.3.3)
Subpackages: Mesa-dri-devel Mesa-libEGL-devel Mesa-libEGL1 Mesa-libGL-devel Mesa-libGL1 Mesa-libglapi0 libgbm1 libwayland-egl1

- Update to 17.3.3
  * Fixes to radv, anv, etnaviv, swrast and radeonsi drivers.
  * Fixes for DRI3.
- Make Mesa require Mesa-dri and Mesa-gallium. This makes Mesa
  usable again for users who do not install recommended packages.
  It breaks the Mesa and Mesa-drivers split, which has to be fixed
  by ignoring it in obs.
- Add _constraints to select 6G disk for PowerPC
  to avoid cpio: write error on obs-power8-05 workers boo#1076325

==== Mesa-drivers ====
Version update (17.3.2 -> 17.3.3)
Subpackages: Mesa-dri Mesa-gallium Mesa-libva libvdpau_r300 libvdpau_r600 libvdpau_radeonsi libvulkan_radeon libxatracker2

- Update to 17.3.3
  * Fixes to radv, anv, etnaviv, swrast and radeonsi drivers.
  * Fixes for DRI3.
- Make Mesa require Mesa-dri and Mesa-gallium. This makes Mesa
  usable again for users who do not install recommended packages.
  It breaks the Mesa and Mesa-drivers split, which has to be fixed
  by ignoring it in obs.
- Add _constraints to select 6G disk for PowerPC
  to avoid cpio: write error on obs-power8-05 workers boo#1076325

==== SDL2 ====

- Add sdl2-symvers.patch.

==== SuSEfirewall2 ====
Version update (3.6.376 -> 3.6.378)

- Fixed a regression in setting up the final LOG/DROP/REJECT rules for IPv6 (bnc#1075251)
- Set RPC related rules also for IPv6 (bnc#1074933)

==== btrfsmaintenance ====
Version update (0.3.1 -> 0.4)

- update to version 0.4
  - add support for systemd timers and use them by default; the alternative
    cron scripts are still present (#29, #36)
  - add automatic monitoring (via systemd.path) of the config file,
    no manual updates by btrfsmaintenance-refresh.service needed (#38)
  - fix RPM database path detection
  - spec file cleanups
  - documentation updates
- removed patches:
  - btrfsmaintenance-0.3.1-fix-rpm-db-path.patch (upstream)
  - btrfsmaintenance-switch-to-timer.patch (upstream)
  - pull-request-36.patch (upstream)
- Fix systemd timers enabled even if period is set to none:
  * Micro change in pull-request-36.patch (bsc#1075884)
- Clean spec file:
  * Removed support for suse_version <= 1210.
  * Removed call to btrfsmaintenance-refresh-cron.sh upon deletion
    (not needed anymore since we use systemd timers which are
    handled by macros).
  * Ran spec-cleaner.

==== busybox ====

- Build against libtirpc in preparation of deprecating sunrpc from
  glibc

==== e2fsprogs ====
Version update (1.43.7 -> 1.43.8)
Subpackages: e2fsprogs-devel libcom_err-devel libcom_err2 libcom_err2-32bit libext2fs-devel libext2fs2

- Update to 1.43.8
  * add forgotten byteswap of some new superblock fields
  * fix use-after-free in e2fsck for corrupted root inode
  * fix floating point exception due to corrupted superblock in e2fsck
  * fix resize2fs's free block sanity checks
  * updated translations

==== gcc7 ====
Version update (7.2.1+r253932 -> 7.2.1+r256737)
Subpackages: cpp7 gcc7-c++ gcc7-fortran gcc7-info gcc7-locale gcc7-objc libasan4 libatomic1 libcilkrts5 libgcc_s1 libgcc_s1-32bit libgfortran4 libgomp1 libitm1 liblsan0 libmpx2 libmpxwrappers2 libobjc4 libquadmath0 libstdc++6 libstdc++6-32bit libstdc++6-devel-gcc7 libstdc++6-locale libtsan0 libubsan0

- Update to gcc-7-branch head (r256737)
  * Includes gcc7-pr81481.diff
  * Adds backport of retpoline support via -mindirect-branch=,
  - mfunction-return= and friends.  [bnc#1074621]
- Handle new debug sources filelist variant debugsourcefiles.list.
- Prune libstdc++ includes for crosses.
- Do not install target parts of cross compilers into the sysroot
  but instead fixup manually (once required).
- Update to gcc-7-branch head (r256067).
- Deal with C++ being disabled for crosses.
- For crosses that have a target triplet not matching that of binutils
  create symlinks to as and ld in the GCC private directory.
- Split cross-avr into -bootstrap and non-bootstrap variant for avr-libc
  integration.
- Add gcc7-avoid-fixinc-error.diff to avoid install-host aborting
  on non-existing target include directory.  Remove --with-build-sysroot=/
  hack from icecream cross configs, no longer prune include-fixed for
  them to retain a GCC provided limits.h.  Remove installed install-tools.

==== gegl ====
Subpackages: gegl-0_2 gegl-0_2-lang libgegl-0_2-0

- Replace liberation-fonts BuildRequires with liberation2-fonts:
  the new set works as well.

==== gnome-session ====
Subpackages: gnome-session-core gnome-session-default-session gnome-session-lang

- Add gnome-session-nb-translation.patch: Update Norwegian bokmål
  translations.

==== graphite2 ====
Subpackages: graphite2-devel libgraphite2-3 libgraphite2-3-32bit

- Do not BR asciidoc as we do not install the generated html page

==== gvfs ====
Subpackages: gvfs-backend-afc gvfs-backend-samba gvfs-backends gvfs-fuse gvfs-lang

- Enable libnfs support also on SLE: BuildRequire pkgconfig(libnfs)
  unconditionally (bsc#1074978).

==== jack ====
Version update (1.9.10 -> 1.9.12)
Subpackages: libjack-devel libjack0

- Build with _smp_mflags
- Split off libjacknet0 and libjackserver0 into subpackages.
- Update to version 1.9.12 and use python3 instead of python2 for
  the build.
- Removed jack-sparcv9.diff and jack-ppc64-long.patch, the file
  that is patched - linux/cycles.h no longer exists.
- Removed reproducible.patch, gcc6-fixes.diff and jack-fixgcc7.patch
  they are all now upstream.
- Upstream changes:
  * Various corrections in NetJack2 code.
  * Partial buffers can now be transmitted with libjacknet API.
  * Including S24_LE/BE formats to linux ALSA driver.
  * More robust shared memory allocator.
  * Correct CoreAudio devices aggregation code.
  * Waf and wscripts improvement and update.
  * New JackProxyDriver.
  * Various fixes in JACK MIDI code.
  * Fix return value of SetTimebaseCallback().
  * Correct netmanager latency reporting.
  * Implement new jack_port_rename and JackPortRenameCallback API.
  * Fix CPU hogging of the midi_thread().
  * Release audio devices when alsa_driver_new fails.
  * String management fix.
  * Correct JackDriver::Open : call to fGraphManager->SetBufferSize
  has to use current fEngineControl->fBufferSize value.
  * Use ARM neon intrinsics for AudioBufferMixdown.
  * Fix Netjack alignment.
  * Various wscript improvements and cleanup.
  * Fix initialization of several class variables.
  * Heap-allocate client matrix in topo sort.
  * Add a toggle command to transport utility, to allow toggling
  between play and stop state.
  * Avoid side effects from parsing of "version" option in jackd.
  * Allow firewire device be selected via -d.
  * Add ARM-NEON acceleration for all non-dithering sample
  conversion functions.
  * Add jack_simdtest utility.
  * Use Linux futex as JackSynchro.
  * Add autoclose option to jack_load.
  * Fix build with gcc-7.
  * Show hint when DBus device reservation fails.
  * Add support for internal session files.

==== kernel-source ====
Version update (4.14.13 -> 4.14.14)
Subpackages: kernel-default kernel-default-devel kernel-devel kernel-docs kernel-macros kernel-syms

- Linux 4.14.14 (bnc#1012628).
- Delete
  patches.kernel.org/4.14.14-053-Revert-Revert-xfrm-Fix-stack-out-of-bounds-re.patch.
- commit eef6178
- ALSA: seq: Make ioctls race-free (CVE-2018-1000004,bsc#1076017).
- commit 2134862
- ORC: fix retpolines segfaults (bnc#1068032 CVE-2017-5715).
- commit 470cac2
- dm bufio: fix shrinker scans when (nr_to_scan < retain_target)
  (bnc#1012628).
- KVM: Fix stack-out-of-bounds read in write_mmio (bnc#1012628).
- can: vxcan: improve handling of missing peer name attribute
  (bnc#1012628).
- can: gs_usb: fix return value of the "set_bittiming" callback
  (bnc#1012628).
- IB/srpt: Disable RDMA access by the initiator (bnc#1012628).
- IB/srpt: Fix ACL lookup during login (bnc#1012628).
- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the
  ABI of the task (bnc#1012628).
- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012628).
- MIPS: Guard against any partial write attempt with
  PTRACE_SETREGSET (bnc#1012628).
- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET
  (bnc#1012628).
- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA
  (bnc#1012628).
- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET
  (bnc#1012628).
- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset
  accesses (bnc#1012628).
- cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC
  (bnc#1012628).
- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012628
  bnc#1068032 CVE-2017-5715).
- platform/x86: wmi: Call acpi_wmi_init() later (bnc#1012628).
- iw_cxgb4: only call the cq comp_handler when the cq is armed
  (bnc#1012628).
- iw_cxgb4: atomically flush the qp (bnc#1012628).
- iw_cxgb4: only clear the ARMED bit if a notification is needed
  (bnc#1012628).
- iw_cxgb4: reflect the original WR opcode in drain cqes
  (bnc#1012628).
- iw_cxgb4: when flushing, complete all wrs in a chain
  (bnc#1012628).
- x86/acpi: Handle SCI interrupts above legacy space gracefully
  (bnc#1012628).
- ALSA: pcm: Remove incorrect snd_BUG_ON() usages (bnc#1012628).
- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind
  error (bnc#1012628).
- ALSA: pcm: Add missing error checks in OSS emulation plugin
  builder (bnc#1012628).
- ALSA: pcm: Abort properly at pending signal in OSS read/write
  loops (bnc#1012628).
- ALSA: pcm: Allow aborting mutex lock at OSS read/write loops
  (bnc#1012628).
- ALSA: aloop: Release cable upon open error path (bnc#1012628).
- ALSA: aloop: Fix inconsistent format due to incomplete rule
  (bnc#1012628).
- ALSA: aloop: Fix racy hw constraints adjustment (bnc#1012628).
- x86/acpi: Reduce code duplication in mp_override_legacy_irq()
  (bnc#1012628).
- 8021q: fix a memory leak for VLAN 0 device (bnc#1012628).
- ip6_tunnel: disable dst caching if tunnel is dual-stack
  (bnc#1012628).
- net: core: fix module type in sock_diag_bind (bnc#1012628).
- phylink: ensure we report link down when LOS asserted
  (bnc#1012628).
- RDS: Heap OOB write in rds_message_alloc_sgs() (bnc#1012628).
- RDS: null pointer dereference in rds_atomic_free_op
  (bnc#1012628).
- net: fec: restore dev_id in the cases of probe error
  (bnc#1012628).
- net: fec: defer probe if regulator is not ready (bnc#1012628).
- net: fec: free/restore resource in related probe error pathes
  (bnc#1012628).
- sctp: do not retransmit upon FragNeeded if PMTU discovery is
  disabled (bnc#1012628).
- sctp: fix the handling of ICMP Frag Needed for too small MTUs
  (bnc#1012628).
- sh_eth: fix TSU resource handling (bnc#1012628).
- net: stmmac: enable EEE in MII, GMII or RGMII only
  (bnc#1012628).
- sh_eth: fix SH7757 GEther initialization (bnc#1012628).
- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012628).
- ethtool: do not print warning for applications using legacy API
  (bnc#1012628).
- mlxsw: spectrum_router: Fix NULL pointer deref (bnc#1012628).
- net/sched: Fix update of lastuse in act modules implementing
  stats_update (bnc#1012628).
- ipv6: sr: fix TLVs not being copied using setsockopt
  (bnc#1012628).
- mlxsw: spectrum: Relax sanity checks during enslavement
  (bnc#1012628).
- sfp: fix sfp-bus oops when removing socket/upstream
  (bnc#1012628).
- Revert "Revert "xfrm: Fix stack-out-of-bounds read in
  xfrm_state_find."" (bnc#1012628).
- membarrier: Disable preemption when calling
  smp_call_function_many() (bnc#1012628).
- crypto: algapi - fix NULL dereference in crypto_remove_spawns()
  (bnc#1012628).
- mmc: renesas_sdhi: Add MODULE_LICENSE (bnc#1012628).
- rbd: reacquire lock should update lock owner client id
  (bnc#1012628).
- rbd: set max_segments to USHRT_MAX (bnc#1012628).
- iwlwifi: pcie: fix DMA memory mapping / unmapping (bnc#1012628).
- x86/microcode/intel: Extend BDW late-loading with a revision
  check (bnc#1012628).
- KVM: x86: Add memory barrier on vmcs field lookup (bnc#1012628).
- KVM: PPC: Book3S PR: Fix WIMG handling under pHyp (bnc#1012628).
- KVM: PPC: Book3S HV: Drop prepare_done from struct
  kvm_resize_hpt (bnc#1012628).
- KVM: PPC: Book3S HV: Fix use after free in case of multiple
  resize requests (bnc#1012628).
- KVM: PPC: Book3S HV: Always flush TLB in
  kvmppc_alloc_reset_hpt() (bnc#1012628).
- drm/vmwgfx: Don't cache framebuffer maps (bnc#1012628).
- drm/vmwgfx: Potential off by one in vmw_view_add()
  (bnc#1012628).
- drm/i915/gvt: Clear the shadow page table entry after post-sync
  (bnc#1012628).
- drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake
  (bnc#1012628).
- drm/i915: Move init_clock_gating() back to where it was
  (bnc#1012628).
- drm/i915: Fix init_clock_gating for resume (bnc#1012628).
- bpf: arsh is not supported in 32 bit alu thus reject it
  (bnc#1012628).
- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ
  (bnc#1012628).
- USB: serial: cp210x: add new device ID ELV ALC 8xxx
  (bnc#1012628).
- usb: misc: usb3503: make sure reset is low for at least 100us
  (bnc#1012628).
- USB: fix usbmon BUG trigger (bnc#1012628).
- USB: UDC core: fix double-free in usb_add_gadget_udc_release
  (bnc#1012628).
- usbip: remove kernel addresses from usb device and urb debug
  msgs (bnc#1012628).
- usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious
  input (bnc#1012628).
- usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null
  xfer buffer (bnc#1012628).
- staging: android: ashmem: fix a race condition in
  ASHMEM_SET_SIZE ioctl (bnc#1012628).
- Bluetooth: Prevent stack info leak from the EFS element
  (bnc#1012628).
- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012628).
- mux: core: fix double get_device() (bnc#1012628).
- kdump: write correct address of mem_section into vmcoreinfo
  (bnc#1012628).
- apparmor: fix ptrace label match when matching stacked labels
  (bnc#1012628).
- e1000e: Fix e1000_check_for_copper_link_ich8lan return value
  (bnc#1012628).
- x86/pti: Unbreak EFI old_memmap (bnc#1012628).
- x86/Documentation: Add PTI description (bnc#1012628).
- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012628).
- sysfs/cpu: Add vulnerability folder (bnc#1012628).
- x86/cpu: Implement CPU vulnerabilites sysfs functions
  (bnc#1012628).
- x86/tboot: Unbreak tboot with PTI enabled (bnc#1012628).
- x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*()
  (bnc#1012628).
- sysfs/cpu: Fix typos in vulnerability documentation
  (bnc#1012628).
- x86/alternatives: Fix optimize_nops() checking (bnc#1012628).
- x86/pti: Make unpoison of pgd for trusted boot work for real
  (bnc#1012628).
- objtool: Detect jumps to retpoline thunks (bnc#1012628).
- objtool: Allow alternatives to be ignored (bnc#1012628).
- x86/retpoline: Add initial retpoline support (bnc#1012628
  bnc#1068032 CVE-2017-5715).
- x86/spectre: Add boot time option to select Spectre v2
  mitigation (bnc#1012628).
- x86/retpoline/crypto: Convert crypto assembler indirect jumps
  (bnc#1012628).
- x86/retpoline/entry: Convert entry assembler indirect jumps
  (bnc#1012628).
- x86/retpoline/ftrace: Convert ftrace assembler indirect jumps
  (bnc#1012628).
- x86/retpoline/hyperv: Convert assembler indirect jumps
  (bnc#1012628).
- x86/retpoline/xen: Convert Xen hypercall indirect jumps
  (bnc#1012628).
- x86/retpoline/checksum32: Convert assembler indirect jumps
  (bnc#1012628).
- x86/retpoline/irq32: Convert assembler indirect jumps
  (bnc#1012628).
- x86/retpoline: Fill return stack buffer on vmexit (bnc#1012628
  bnc#1068032 CVE-2017-5715).
- selftests/x86: Add test_vsyscall (bnc#1012628).
- x86/pti: Fix !PCID and sanitize defines (bnc#1012628).
- security/Kconfig: Correct the Documentation reference for PTI
  (bnc#1012628).
- x86,perf: Disable intel_bts when PTI (bnc#1012628).
- x86/retpoline: Remove compile time warning (bnc#1012628).
- Update config files.
- Refresh
  patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch.
- Refresh
  patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
- Refresh
  patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
- Refresh
  patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch.
- Refresh
  patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
- Delete patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch.
- Delete
  patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch.
- Delete
  patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch.
- Delete patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch.
- Delete
  patches.suse/0036-Clear-the-host-registers-after-setbe.patch.
- commit edd3e75
- bpf, array: fix overflow in max_entries and undefined behavior
  in index_mask (bsc#1068032 CVE-2017-5753).
- commit 3283516
- Refresh
  patches.suse/bpf-prevent-out-of-bounds-speculation.patch.
- Delete
  patches.suse/0004-bpf-prevent-speculative-execution-in-eBPF-interprete.patch.
  Update the upstream status of the former.
  And removed the latter as it has been just replaced by the proper
  upstream solution.
- commit 20ac09f
- bpf: prevent out-of-bounds speculation (bsc#1068032
  CVE-2017-5753).
- commit 77de35d
- drm/nouveau/disp/gf119: add missing drive vfunc ptr
  (bsc#1075613).
- commit 80f2eaf
- Update
  patches.kernel.org/4.14.9-161-bpf-fix-branch-pruning-logic.patch
  references (add CVE-2017-17862 CVE-2017-17864 bsc#1073928).
- Update
  patches.kernel.org/4.14.9-166-bpf-verifier-fix-bounds-calculation-on-BPF_RSH.patch
  references (add CVE-2017-17853 bsc#1073928).
- Update
  patches.kernel.org/4.14.9-167-bpf-fix-incorrect-sign-extension-in-check_alu_.patch
  references (add CVE-2017-16995 bsc#1073928).
- Update
  patches.kernel.org/4.14.9-168-bpf-fix-incorrect-tracking-of-register-size-tr.patch
  references (add CVE-2017-16996 bsc#1073928).
- Update
  patches.kernel.org/4.14.9-169-bpf-fix-32-bit-ALU-op-verification.patch
  references (add CVE-2017-17852 bsc#1073928).
- Update
  patches.kernel.org/4.14.9-170-bpf-fix-missing-error-return-in-check_stack_bo.patch
  references (add CVE-2017-17857 bsc#1073928).
- Update
  patches.kernel.org/4.14.9-171-bpf-force-strict-alignment-checks-for-stack-po.patch
  references (add CVE-2017-17856 bsc#1073928).
- Update
  patches.kernel.org/4.14.9-172-bpf-don-t-prune-branches-when-a-scalar-is-repl.patch
  references (add CVE-2017-17855 bsc#1073928).
- Update
  patches.kernel.org/4.14.9-173-bpf-fix-integer-overflows.patch
  references (add CVE-2017-17854 bsc#1073928).
- Update
  patches.kernel.org/4.14.9-174-selftests-bpf-add-tests-for-recent-bugfixes.patch
  references (add bsc#1073928).
- commit 4a4cd97
- Fix mainline reference:
  patches.kernel.org/4.14.9-170-bpf-fix-missing-error-return-in-check_stack_bo.patch.
- commit 98662d2
- Update
  patches.kernel.org/4.14.11-084-net-Fix-double-free-and-memory-corruption-in-.patch
  references (add CVE-2017-15129 bsc#1074839).
- commit 7acebb3

==== kmozillahelper ====
Version update (5.0.1 -> 5.0.2)

- Update to 5.0.2:
  * Workaround for file dialogs failing to deliver the result
    under some circumstances

==== lapack ====
Subpackages: libblas3 liblapack3

- Package lapack_testing.py from lapack 3.8.0 with adjusted interpreter
  and adjust BuildRequires to python3.  [bnc#1075766]

==== libqxp ====

- Cure linguistic problem in descriptions.

==== libreoffice ====
Version update (6.0.0.1 -> 6.0.0.2)
Subpackages: libreoffice-base libreoffice-base-drivers-mysql libreoffice-branding-upstream libreoffice-calc libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-gtk3 libreoffice-icon-themes libreoffice-impress libreoffice-kde4 libreoffice-l10n-cs libreoffice-l10n-da libreoffice-l10n-de libreoffice-l10n-el libreoffice-l10n-en libreoffice-l10n-es libreoffice-l10n-fr libreoffice-l10n-hu libreoffice-l10n-it libreoffice-l10n-ja libreoffice-l10n-pl libreoffice-l10n-pt_BR libreoffice-l10n-ru libreoffice-l10n-zh_CN libreoffice-l10n-zh_TW libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-writer libreofficekit

- Disable 2 db tests that are really flaky in OBS
- Fix the lo-provides filtering to allow proper provides to be generated
- Version update to 6.0.0.2:
  * More fixes in RC2 of 6.0.0 release
- Add requires on kdelibs4 to avoid crashes

==== libvpx ====

- Fix OOB caused by odd frame width with patch from android
  Adding patch CVE-2017-13194.patch (CVE-2017-13194)
- this changelog entry also contains the new scheme with full name
  and "umlaut" to test which tools may break with it in our distro.
  Please track problems here: https://github.com/openSUSE/obs-build/pull/214

==== libxcb ====
Subpackages: libxcb-composite0 libxcb-damage0 libxcb-devel libxcb-dpms0 libxcb-dri2-0 libxcb-dri3-0 libxcb-glx0 libxcb-present0 libxcb-randr0 libxcb-record0 libxcb-render0 libxcb-render0-32bit libxcb-res0 libxcb-screensaver0 libxcb-shape0 libxcb-shm0 libxcb-shm0-32bit libxcb-sync1 libxcb-xf86dri0 libxcb-xfixes0 libxcb-xinerama0 libxcb-xinput0 libxcb-xkb1 libxcb-xtest0 libxcb-xv0 libxcb-xvmc0 libxcb1 libxcb1-32bit

- Really conditionalize the python3 option to allow us building
  without any python2 present
  * u_build_python3.patch
- Convert to pkgconfig style deps
- Format bit with spec-cleaner

==== ncurses ====
Subpackages: libncurses6 ncurses-devel ncurses-utils tack terminfo terminfo-base

- Add ncurses patch 20180106
  + fixes for writing extended color pairs in putwin.
  + modify test/savescreen.c to add test patterns that exercise 88-,
    256-, etc., colors.
  + modify configure option --with-build-cc, adding clang, c89 and c99
    as possible default values.
  + modify ncurses-examples configure script to use pkg-config for the
    extra form/menu/panel libraries, to be more consistent with the
    handling of the curses/ncurses library.
  + modify test-packages for mingw to supply "pc" files.
  + modify gen-pkgconfig.in to list -lpthread as a private library when
    configured to access it via weak symbols.
  + simplify gen-pkgconfig.in, adding -ltinfo without the special linker
    checks because some versions of the linker simply hard-code the
    behavior.
  + update URLs for ncurses website to use https.
  + modify CF_CURSES_LIBS to fill in $cf_nculib_root in case the
    ncurses-examples are built with a system ncurses that lacks the
    standard "curses" symbolic link, as done by SuSE.  The symbol is
    needed to make a followup check for the pthread library work, and
    would be set properly using the options "--with-screen", etc.
  + generate misc/*.pc with "all" rule, as done for "sources" rule
    (report by Jeffrey Walton).

==== pam-config ====
Version update (0.93 -> 0.94)

- Update to version 0.94: add support for keyinit [bsc#1045886]

==== poppler-qt5 ====
Subpackages: libpoppler-qt5-1 libpoppler-qt5-devel

- make introspection scanner (g-ir-scanner) work with older build envs

==== python-Pillow ====

- Fix build fails on i586 and ppc and others:
  * pillow-non-iterable.patch

==== python-cffi ====
Subpackages: python2-cffi python3-cffi

- Add patch cffi-loader.patch to fix bsc#1070737
- Sort out with spec-cleaner

==== python-cryptography ====
Subpackages: python2-cryptography python3-cryptography

- Add proper conditional for the python2, the ifpython works only
  for the requires/etc
- add missing dependency on python ssl

==== rsync ====

- Security fix: Ignore --protect-args when already sent by client
  [bsc#1076503, CVE-2018-5764]
  * Added patch rsync-3.1.2-CVE-2018-5764.patch

==== snapper ====
Version update (0.5.2 -> 0.5.3)
Subpackages: libsnapper4 snapper-zypp-plugin

- use python3 instead of python2 (bsc#1070324)
- Switched from cron to systemd timers (spec file based
  distributions) (fate#324529)
- 0.5.3

==== spamassassin ====
Subpackages: perl-Mail-SpamAssassin

- bsc#1059210 spamassassin perl dns resolver recursion desired not set
  o add DNS-resolver-recursion-desired-not-set.patch

==== syslinux ====

- syslinux-4.04-python3.diff: switch to python3 (bsc#1075769)

==== systemd-presets-branding-openSUSE ====

- Enable new kbdsettings.service (boo#1010880).

==== transmission ====
Subpackages: transmission-common transmission-gtk transmission-gtk-lang

- Add CVE-2018-5072.patch (backported from
  gh#transmission/transmission#468):  Mitigate dns rebind attacks
  against daemon (boo#1075921, CVE-2018-5072).
- Conditionalize usage of desktop_database_post/postun macros to
  suse_version < 1500: recent versions use file triggers.
- Add %check session: run make check.

==== update-alternatives ====
Version update (1.18.23 -> 1.19.0.4)

- Update to 1.19.0.4:
  * No changes in update-alternatives just match step with dpkg
- Drop patch 0001-In-case-of-equal-priority-rather-update.patch
  * Causes issues on too eagerly regenerating stuff bsc#1075971
  * Reason for this patch should no longer be needed as all python
    packages are singlespec
  * Also drop the post override

==== xorg-x11-server ====
Subpackages: xorg-x11-server-sdk

- Added u_xfree86-add-default-modes-for-16-9-and-16-10.patch (boo#1075249)
  Improve user experience for users with 16:9 or 16:10 screens

==== yast2-nis-client ====
Version update (4.0.0 -> 4.0.1)

- Link ypserv agent against libtirpc, sunrpc is deprecated and does
  not support IPv6 (bsc#1076566)
- 4.0.1