Packages changed:
  acpid
  gnome-autoar
  gnome-settings-daemon
  gnome-shell
  gupnp
  libgweather
  mariadb-connector-c (3.2.3 -> 3.1.13)
  python-gevent
  webkit2gtk3

=== Details ===

==== acpid ====

- Added hardening to systemd service(s). Modified:
  * acpid.service

==== gnome-autoar ====
Subpackages: libgnome-autoar-0-0 libgnome-autoar-gtk-0-0

- Drop gnome-autoar-CVE-2020-36241.patch on SLE and Leap 15.4:
  fixed upstream.

==== gnome-settings-daemon ====
Subpackages: gnome-settings-daemon-lang

- Drop patches fixed upstream on SLE and Leap 15.4:
  + gnome-settings-daemon-jscSLE16518-update-subprojects-libgvc.patch
  + gnome-settings-daemon-media-keys-warnings-cleanup-for-gvc-update.patch
  + gnome-settings-daemon-not-warn-about-starting-stopping-services.patch

==== gnome-shell ====
Subpackages: gnome-extensions gnome-shell-calendar gnome-shell-lang

- Drop patches fixed upstream:
  + gnome-shell-network-agent-not-pop-up.patch
  + gnome-shell-jscSLE16518-update-subprojects-libgvc.patch
  + gnome-shell-CVE-2020-17489.patch

==== gupnp ====

- Drop patches fixed upstream on SLE and Leap 15.4
  gupnp-validate-host-header.patch.
- Add gupnp-validate-host-header.patch: validate host header
  (boo#1186590 glgo#GNOME/gupnp#24 CVE-2021-33516).

==== libgweather ====
Subpackages: gweather-data libgweather-3-16 libgweather-lang typelib-1_0-GWeather-3_0

- Drop patches merged upstream on SLE and Leap 15.4:
  + libgweather-use-after-free-libsoup.patch
  + libgweather-yrno-xml-parser-leak.patch
  + libgweather-forecast-attribution-leak.patch
  + libgweather-metno-api.patch
- Add libgweather-use-after-free-libsoup.patch: fix a possible use
  after free (glgo#GNOME/libgweather#34).
- Add libgweather-yrno-xml-parser-leak.patch and
  libgweather-forecast-attribution-leak.patch: fix memory leaks,
  taken from upstream gnome-3-34 branch.
- Add libgweather-metno-api.patch: use new metno API (bsc#1185651
  glgo#GNOME/libgweather#82).

==== mariadb-connector-c ====
Version update (3.2.3 -> 3.1.13)

- drop absolute_path_fix.patch: obsolete after previous change
  (properly setting INSTALL_LAYOUT and libdir) [bsc#1187459]
- set INSTALL_LAYOUT=RPM and adjust libdir, includedir, plugindir
  and pcdir values to fix mariadb_config output. Also fix the
  missing "%s" in private_library.patch so it shows the correct
  path for plugindir [bsc#1179921] [bsc#1183878]
- Update to release 3.1.13 [bsc#1185870], [bsc#1185872], [bsc#1185868]
  * CONC-537: Only read from MYSQL_HOME if MARIADB_HOME was not set
  * CONC-548: Symbol conflict with libsodium
  * CONC-490: Handshake error when CLIENT_CONNECT_WITH_DB flag was
    set without specifying database
  * CONC-543: Hash functions conflict with GnuTLS
  * CONC-539: Added cipher suites ECDHE-RSA-AES128-SHA256 (0xC027)
    and ECDHE-RSA-AES256-SHA384 (0xC028) to the cipher map which
    maps cipher suite names to the corresponding algorithm ids
    (Windows Schannel)
  * CONC-535: Disabled checksum ignored in events (replication/
    binlog API)
- Remove mariadb-connector-c-cmake-3.20.patch (upstreamed)
- Add mariadb-connector-c-cmake-3.20.patch: Fix build with cmake
  3.20.
- Update to release 3.1.12 [bsc#1182739]:
  * MDEV-24577: Fix warnings generated during compilation of
    plugin/auth_pam/testing/pam_mariadb_mtr.c on FreeBSD
  * CONC-521: Fixed warning on MacOS when including ucontext.h
  * CONC-518: Check if mysql->options.extension was allocated before
    checking async_context
  * CONC-517: C/C looks for plugins in wrong location on Windows
- Update to release 3.1.11:
  * CONC-513: MSAN use-of-uninitialized-value in strstr()
  * CONC-512: truncation check for float values fails on i386 due
  * to Intel FPU optimization bug in gcc
  * CONC-510: Fix crash when loading plugins in mysql_server_init()
  * CONC-508: Added support for passwords > 255 characters
  * CONC-507: Fixed race condition in ma_net_init
  * CONC-501: Added support for TLS v1.3 cipher suites
  * MDEV-21612: Removed unused command COM_MULTI
- changes in release 3.1.10:
  * CONC-500: Fixed error when loading intermediate chained certificates
  * MDEV-18818: Fixed wrong zlib in mariadb_config when building
    inside server package
  * CONC-498: MYSQL_UNIX_ADDR and MYSQL_PORT are now defined
  * Added new build option WIITH_ICONV=ON/OFF. When set to OFF (default)
    API function mariadb_convert_string will always return -1 and
    sets errorcode to ENOTSUP.
  * mariadb_config now tries to determine the path of execution or
    uses MARIADB_CONFIG environment variable before falling back and
    using CMAKE_INSTALL_PREFIX for location of libraries and include files
  * added --variables option for mariadb_config.
    Supported values are pkgincludedir, pkglibdir and pkgplugindir.
- absolute_path_fix.patch, private_library.patch: refreshed
- Update to release 3.1.9
  * CONC-469: Use servers preferred authentication method unless
    another plugin was specified.
  * Added support for kFreeBSD builds
  * Fixed memory leak in GnuTLS if connection couldn't be established.
- refresh private_library.patch
- Update to release 3.1.8 [bsc#1171550]
  * CONC-304: Rename the static library to libmariadb.a and other
    libmariadb files in a consistent manner
  * CONC-441: Default user name for C/C is wrong if login user
    is different from effective user
  * CONC-449: Check $MARIADB_HOME/my.cnf in addition to
    $MYSQL_HOME/my.cnf
  * CONC-457: mysql_list_processes crashes in unpack_fields
  * CONC-458: mysql_get_timeout_value crashes when used improperly
  * CONC-464: Fix static build for auth_gssapi_client plugin
  * Fixes for the following security vulnerabilities:
    CVE-2020-13249
- refresh absolute_path_fix.patch and private_library.patch
- Update to release 3.1.7
  * TLS/SSL: when the client doesn't procide a CA file and the
    option ssl_verify_server_cert was set, the peer cerificate
    will be validated against the system CA.
- Update to release 3.1.6
  * Fixed: ERROR 2026 (HY000): SSL connection error: Certificate
    signature check failed
  * Fixed: Provide error code and message for Schannel errors
  * Fixed SEC_E_INVALID_TOKEN when server sends large message
    during SSL handshake
- New upstream version 3.1.5 [bsc#1156669]
  * MDEV-20469: Plugin dialog could not be loaded (wrong path)
  * ODBC-440: Fixed typo in sha256_password cmake configuration
  * CONC-418: For unknown/not handled schannel error codes
    FormatMessage function will be used instead of returning
    "Unknown error" message.
- New upstream version 3.1.4
  * CONC-431: Use windows crypto libraries on Windows platforms
  * Included in MariaDB 10.4.8, MariaDB 10.3.18, and MariaDB 10.2.27
- refresh mariadb-connector-c-2.3.1_unresolved_symbols.patch and
  private_library.patch
- New upstream version 3.1.3
  * CONC-380: Fix CMake warnings
  * CONC-345: heap-use-after-free in client_mpvio_read_packet
  * CONC-423: Fix GnuTLS error with TLSv1.3
  * CONC-424: Ignore SERVER_STATUS_CURSOR_EXISTS if client didn't
    open a cursor before
  * CONC-421: Fixed crash in GnuTLS when key and certificate are
    in the same file
  * CONC-429: Don't allow invalid characters in plugin names
  * MDEV-19807: Fixed Location of PLUGINDIR if Connector/C is a
    subproject
- refresh absolute_path_fix.patch and private_library.patch
- New upstream version 3.1.2 [bsc#1136035]
  * CONC-383: client plugins can't be loaded due to missing prefix
  * Fixed version setting in GnuTLS by moving "NORMAL" at the end
    of priority string
  * CONC-386: Added support for pem files which contain certificate
    and private key.
  * Replication/Binlog API: The main mechanism used in replication
    is the binary log.
  * CONC-395: Dashes and underscores are not interchangeable in
    options in my.cnf
- refresh mariadb-connector-c-2.3.1_unresolved_symbols.patch and
  private_library.patch
- pack client_ed25519.so
- Add pkgconfig(zlib) Requires to the -devel package: the .pc file
  lists -lz in the Libs, but does not mention any requires
  explicitly. So let's do our consumers a favor and pull in what we
  require.
- move libmariadb.pc from /usr/lib/pkgconfig to
  /usr/lib64/pkgconfig [bsc#1126088]
- New upstream version 3.0.9
  * CONC-384: Incorrect packet when a connection attribute name or
    value is equal to or greater than 251
  * CONC-388: field->def_length is always set to 0 (only used by
    deprecated function mysql_list_fields)
  * Getter should get and the setter should set
    CLIENT_CAN_HANDLE_EXPIRED_PASSWORDS
  * CONC-385: Removed some cmake system checks
  * CONC-387: Fix case sensitive include file names for cross
    compiling
  * Fixed cnake policy CMP007
  * Support static linking auth plugins
  * Fix build with deprecated OpenSSL API: replaced ERR_remove_state
    by ERR_remove_thread_state
  * Disable LOAD DATA LOCAL INFILE suport by default and auto-enable
    it for the duration of one query, if the query string starts with
    the word "load". In all other cases the application should enable
    LOAD DATA LOCAL INFILE support explicitly
  * Changed return code for mysql_optionv/mysql_get_optionv to 1
    (was -1) and added CR_NOT_IMPLEMENTED error message if a option
    is unknown or not supported. This will fix possible error when
    setting connection attribute failed
- New upstream version 3.0.8
  * mingw fix: use lowercase names for include files
  * CONC-375: Fixed handshake errors when mixing TLSv1.3 cipher
    suites with cipher suites from other TLS protocols
  * CONC-312: Added new caching_sha2_password authentication plugin
    for authentication with MySQL 8.0
- refresh mariadb-connector-c-2.3.1_unresolved_symbols.patch
- pack caching_sha2_password.so plugin
- New upstream version 3.0.7 [bsc#1116686]
  * Build fixes when building with ASAN/TSAN
  * CONC-370: Fixed memory leak in configuration file parsing.
  * CONC-371: Incorrect fractional part conversion when converting
    datetime string to MYSQL_TIME
  * CONC-283: Fixed pkg-config configuration
  * CONC-364: Not all sockets created in pvio_socket_connect
    function are closed
  * multiple fixes in named pipe implementation
  * CONC-349: Added new parameter STMT_ATTR_STATE to retrieve
    statement status via api function mysql_stmt_attr_get
- refresh private_library.patch and absolute_path_fix.patch
- pack libmariadb.pc
- New upstream version 3.0.6
  * MDEV-15263: FIx IS_NUM() macro
  * CONC-297: local infile parameter must be unsigned int instead
    of my_bool
  * CONC-329: change return value of internal socket functions
    from my_bool to int
  * CONC-332: my_auth doesn't read/update server ok packet
  * CONC-344: reset internal row counter
  * CONC-345: invalid heap use after free
  * CONC-346: Remove old cmake policies
  * fixed crash in mysql_select_db if NULL parameter was provided
- refresh private_library.patch
- New upstream version 3.0.5
- 3.0.5 important changes:
  * CONC-336: Allow multiple initialization of client library
  * Fixed string to MYSQL_TIME conversion (prepared statements)
  * CONC-334: Copy all members of MYSQL_FIELD to internal
    statement structure
  * Fixed double free in dynamic column library
  * Added checks for corrupted packets in protocol
  * MDEV-15450: Added default connection attribute _server_host
  * CONC-326: fixed wrong openssl thread id callback
- 3.0.4 important changes:
  * Added option MYSQL_OPT_CAN_HANDLE_EXPIRED_PASSWORDS for
    mysql_options()/mysql_optionsv():
  * New plugin configuration interface: The default configuration
    for a specific plugin can be specified via cmake parameter
  - DCLIENT_PLUGIN_${PLUGIN}=[DYNAMIC|STATIC|OFF].
  * Added support for linux abstract socket (MDEV-15655).
  * CONC-320: Added asynchronous/non-blocking support for
    OpenSSL and GnuTLS
  * CONC-294: Access violation in mysql_close when using
    a connection plugin.
  * MDEV-14977: If built dynamically the old_password plugin
    could not be located due to wrong filename (must be
    mysql_old_password.so instead of old_password.so).
  * CONC-315: If no default client character set was specified,
    the utf8 character set will be used by default (instead of
    setting the client character set to server character set)
  * CONC-317: Parsing of configuration file fails if key/value
    pairs contain white spaces.
  * CONC-322: Correct handling of EAGAIN and EINPROGRESS in
    internal_connect (socket) for non windows platforms.
  * CONC-323: mariadb_stmt_execute_direct hangs forever if
    compression used.
  * CONC-324: Wrong codepage numbers for some collations.
  * CONC-326: ssl_thread_init() uses wrong openssl threadid
    callback
- refresh the following patches:
  * mariadb-connector-c-2.3.1_unresolved_symbols.patch
  * absolute_path_fix.patch
  * private_library.patch
- Drop libmysqlclient_r Provides from the -devel package.
  (bsc#1097938)
- New upstream version 3.0.3
  * Added support for new utf8mb4 character sets
  * MDEV-9059: Bundle first command with authentication packet
  * Build: support static OpenSSL on Windows
  * MDEV-14101: Add support for tls-version, via
    mysql_options(mysql, MARIADB_OPT_TLS_VERSION, value),
    where value must be "TLSv1.1", "TLSv1.2" or "TLSv1.3".
  * CONC-275: New indicator type STMT_INDICATOR_IGNORE_ROW for
    skipping particular parameter set in bulk operation
    (prepared statements).
  * MDEV-10361: Don't try to reconnect twice if mysql_ping failed.
  * Build fix for TSAN build with Clang
  * CONC-302: Fix output of mariadb_config
  * CONC-301: In case of a truncation the statement status was not
    updated correctly and further calls to mysql_stmt_fetch_column
    failed
  * MDEV-14647: Fixed crash when client receives extended ok packet
    with SESSION_TRACK_STATE_CHANGE information flag
  * CONC-297: setting MYSQL_OPT_LOCAL_INFILE failed on big endian
    systems.
  * MDEV-14514: mariadb_config returned wrong exit code when
    specifying an invalid option
  * MDEV-11546: Fixed timeout problem in Schannel
  * CONC-277: Allow reinitialization of the library if
    mysql_server_end() was called.
  * CONC-292: Fixed malloc result check in dynamic columns
  * MDEV-14165: The metadata length value for a column with a
    zerofill flag was calculated with a fixed length instead of using
    the reported length.
  * CONC-286: Force TLS/SSL usage if fingerprint parameters were
    specified.
  * CONC-282: Connector/C now provides additional information for
    package version
  * mariadb_config --cc_version lists the package version
  * Beside MARIADB_PACKAGE_VERSION numeric representation
    MARIADB_PACKAGE_VERSION_ID can be used now within preprocessor
    directives.
  * MDEV-13959: Fixed duplicate if condition in dynamic columns
  * Added MARIADB_BASE_VERSION definition in mariadb_version.h to
    distnguish MARIADB from MySQL
  * CONC-271: installation layout fix for RPM
- refresh the following patches:
  * absolute_path_fix.patch
  * private_library.patch
- drop 0334aa48.patch that is no longer needed
- use %license instead of %doc [bsc#1082318]
- Use more cmake macros
- Run spec-cleaner
- 0334aa48.patch: Backported implementation and testcase for
  skipping particular paramset in bulk operation/. This is needed
  to get current stable MariaDB connector/ODBC actually compilable.
- Install missing header (bsc#1067904)
- mariadb-connector-c is now a provider of the libmariadb library
  for mariadb and others
- add compatibility symlinks
- change LIBDIR, INCLUDEDIR and PLUGINDIR paths to be the same as
  it was in the mariadb package (compatibility reasons)
- add baselibs.conf
- add %{mariadb_version} macro that should correspond with the
  current version of the mariadb package
- refresh absolute_path_fix.patch and private_library.patch
- move libraries to %{_libdir}/mariadb/ to avoid a conflict
- add README and COPYING.LIB to %doc
- New upstream version 3.0.2
  * Array support for prepared statements (bulk operations)
  * TLS/SSL support for GnuTLS, Windows SChannel and LibreSSL
  * Support for passphrase protected keys
  * SHA256 authentication plugin
- refreshed
  * mariadb-connector-c-2.3.1_unresolved_symbols.patch
  * absolute_path_fix.patch
  * private_library.patch
- change sover from 2 to 3
- tweak build options
  * DMYSQL_UNIX_ADDR is now DMARIADB_UNIX_ADDR
  * DPLUGIN_INSTALL_DIR is now DINSTALL_PLUGINDIR
  * add DINSTALL_LIBDIR, WITH_MYSQLCOMPAT and DWITH_SSL
- now we build also the following plugins:
  * auth_gssapi_client.so
  * remote_io.so
  * sha256_password.so
- move libmysqlclient* libraries to %{_libdir}
- Fix RPM groups once more.
- New upstream version 2.3.3:
  * Fixed build for big-endian platforms. Obsoletes
    bigendian_type_fixes.patch
  * Changed parameter type for parameter reconnect in
    mysql_optionsv from uint to my_bool
- absolute_path_fix.patch: refreshed
- Remove unused gnutls from buildrequires
- Update descriptions and RPM groups
- Set proper MySQL socket path for localhost connections
- Update to version 2.3.2
  * Plugin API interface change: Changed the interface of
    authentication plugins, allowing plugins from C/C 3.0
    (like GSSAPI/Kerberos plugin)
  * CONC-205: Any field going after a TEXT field in the selecion
    list is fetched incorrectly (prepared statements)
  * CONC-198: Can't use more than one statement per connection
  * CONC-223: Add client support for missing collations
  * MDEV-10894: big endian conversion
  * fixed packet_length in dialog plugin
  * fixed include of my_stmt.h
  * fixed wrong behavior of read_timeout
  * fixed timeout for non-blocking operations
  * fixed output for plugindir in mariadb_config
  * removed extra check for non binary result types in fetch_bin
    (prepared statements)
- mariadb.keyring: add MariaDB Enterprise signing key
- bigendian_type_fixes.patch: fix build failure on Big endien
- absolute_path_fix.patch:
  * remove ugly paths in mariadb_config
  * list correct include paths
- private_library.patch: shared library with exported private
  symbols in place of a static library
- mariadb-connector-c-2.3.1_unresolved_symbols.patch: add missing
  library to link requirements.
- initial package

==== python-gevent ====

- Skip two tests that fail in SLE/Leap:
  * skip-tests-in-leap.patch

==== webkit2gtk3 ====
Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 libwebkit2gtk3-lang typelib-1_0-JavaScriptCore-4_0 typelib-1_0-WebKit2-4_0 webkit2gtk-4_0-injected-bundles

- Drop unneeded patch on Leap and SLE by now:
  webkit2gtk3-restore-npapi.patch (bsc#1189105).