Packages changed:
  MozillaFirefox (91.0.2 -> 92.0)
  amarok (2.9.75git.20210626T134054~59b22189f6 -> 2.9.75git.20210830T182443~10309f00af)
  argyllcms (2.1.2 -> 2.2.0)
  c-ares
  emacs
  ghostscript
  irqbalance
  libetonyek (0.1.9 -> 0.1.10)
  libqt5-qtwebengine (5.15.5 -> 5.15.6)
  libsrtp2 (2.4.0 -> 2.4.1)
  libtpms
  libxfce4ui (4.16.0 -> 4.16.1)
  linux-glibc-devel (5.13 -> 5.14)
  nfs-utils
  patterns-base
  postgresql13 (13.3 -> 13.4)
  python-kiwi (9.23.49 -> 9.23.54)
  python-mysqlclient
  tuned (2.15.0+git.1625694366.bc3f737 -> 2.16.0)
  util-linux
  util-linux-systemd
  virtualbox
  virtualbox-kmp

=== Details ===

==== MozillaFirefox ====
Version update (91.0.2 -> 92.0)
Subpackages: MozillaFirefox-translations-common

- Mozilla Firefox 92.0
  * More secure connections: Firefox can now automatically upgrade to
    HTTPS using HTTPS RR as Alt-Svc headers
  * Full-range color levels are now supported for video playback on
    many systems
  MFSA 2021-38 (bsc#1190269)
  * CVE-2021-29993 (bmo#1708544, bmo#1708767, bmo#1712240,
    bmo#1712242, bmo#1729259)
    Handling custom intents could lead to crashes and UI spoofs
  * CVE-2021-38491 (bmo#1551886)
    Mixed-Content-Blocking was unable to check opaque origins
  * CVE-2021-38492 (bmo#1721107)
    Navigating to `mk:` URL scheme could load Internet Explorer
  * CVE-2021-38493 (bmo#1723391, bmo#1724101, bmo#1724107)
    Memory safety bugs fixed in Firefox 92, Firefox ESR 78.14 and
    Firefox ESR 91.1
  * CVE-2021-38494 (bmo#1723920, bmo#1725638)
    Memory safety bugs fixed in Firefox 92
- updated appdata
- remove mozilla-disable-wasm-emulate-arm-unaligned-fp-access.patch
  (does not apply anymore; unclear if obsolete)
- bring back mozilla-silence-no-return-type.patch and
  run post-build-checks everywhere again
- requires NSS 3.69.1
- Add mozilla-bmo1708709.patch: On [wayland] popup can be wrongly
  repositioned due to rounding errors when font scaling != 1
  (bmo#1708709); patch taken from upstream bug report and rebased
  to apply cleanly against current version.
- Bump using with GCC (tested locally).

==== amarok ====
Version update (2.9.75git.20210626T134054~59b22189f6 -> 2.9.75git.20210830T182443~10309f00af)

- Update to version 2.9.75git.20210830T182443~10309f00af:
  * Set Attributes before constructing the Application
  * Port away from KRandom, bump Qt req. ver. to 5.10
- Rebase amarok-2.9.75git.20210830T182443~10309f00af.tar.xz
- Update translations

==== argyllcms ====
Version update (2.1.2 -> 2.2.0)

- Update to version 2.2.0:
  * Added native i1Pro3 and i1Pro3 Plus driver.
  * Fix bug in applycal.c where it gets an "Error - Write file: 1,
    icmTextDescription_write: ascii string is shorter" error on
    replacing one calibration with another.
  * Improved i1pro & Munki patch recognition to work much more
    reliably with a slow swipe speed.
  * Fixed oeminst to work with spyder V5.5. setup.exe
  * Fixed bug in oemdld that prevented HTML encoded characters in
    download file decoding properly, which prevented certain
    filenames from working.
  * Fixed bug in ccxxmake -S -f where save error wasn't being fully
    reported, and display technology presence check was faulty.
  * Fixed typo in display technology, VPA -> PVA.
  * Made Klein K10A "Lights Off" command timeout a soft error. For
    some reason this command doesn't seem to be implemented on some
    K10A's.
  * Added CIE dE2000 to spotread output.
  * Fixed accidental global "wrl" in gamut/gamut.h that cases
    compile warnings.
  * For more see http://www.argyllcms.com/doc/ChangesSummary.html
- Drop argyllcms--gcc--fno-common.patch (upstreamed with exception
  of static declaration of struct huft, which is not required).

==== c-ares ====

- new upstream website
- drop multibuild - tests do not require static library anymore
- spec file cleanup
- drop sources that were re-added to upstream distibution
  (c-ares-config.cmake.in ares_dns.h libcares.pc.cmake)
- 5c995d5.patch: augment input validation on hostnames to allow _
  as part of DNS response (bsc#1190225)

==== emacs ====
Subpackages: emacs-info emacs-nox emacs-x11 etags

- Work for boo#1183497: make sure that if ibus is the input method
  that there exists a working gtk immodule for ibus as well as the
  ibus daemon is up and running

==== ghostscript ====
Subpackages: ghostscript-x11

- CVE-2021-3781.patch fixes CVE-2021-3781
  Trivial -dSAFER bypass
  cf. https://bugs.ghostscript.com/show_bug.cgi?id=704342
  (bsc#1190381)

==== irqbalance ====
Subpackages: irqbalance-ui

- Update to version 1.8.0.18.git+2435e8d:
  * fix unsigned integer subtraction sign overflow
  * fix opendir fails in check_platform_device
  * irqbalance: Check validity of numa_node
  * configure.ac: use pkg-config to find numa
  * Disable the communication socket when UI is disabled
  * Fix comma typo in ui.c
  * drop NoNewPrivs from irqbalance service
  * remove no existing irq in banned_irqs
  * Fix compile issue with none AARCH64 builds
- Fixes integrated mainline:
  * bsc#1119461
  * bsc#1138190
  * bsc#1154905
  * bsc#1178477 bsc#1183405 (removed patches due to mainline integration):
    procinterrupts-check-xen-dyn-event-more-flexible.patch
  * bsc#1182254 bsc#1156315 (removed patches due to mainline integration):
    fix-ambiguous-parsing-of-node-entries-in-sys.patch
  * bsc#1183157
    also-fetch-node-info-for-non-PCI-devices.patch

==== libetonyek ====
Version update (0.1.9 -> 0.1.10)

- Added patch:
  * resolve-ambiguities.patch
    + fix some ambiguities in type resolutions on older compilers
    + enables building on sle12-sp5
- Update to 0.1.10:
  * Parse shadow.
  * Improve detection of the "new" formats.
  * Fix handling of text baseline shift.
  * Improve various formats.
- Remove upstreamed patch 0001-add-missing-include-for-std-for_each.patch

==== libqt5-qtwebengine ====
Version update (5.15.5 -> 5.15.6)

- Update to version 5.15.6:
  * Update Chromium:
    + [Backport] CVE-2021-30560: Use after free in Blink XSLT
    + [Backport] CVE-2021-30566: Stack buffer overflow in Printing
    + [Backport] CVE-2021-30585: Use after free in sensor handling
    + Bump V8_PATCH_LEVEL
    + [Backport] Security bug 1228036
    + [Backport] CVE-2021-30604: Use after free in ANGLE
    + [Backport] CVE-2021-30603: Race in WebAudio
    + [Backport] CVE-2021-30602: Use after free in WebRTC
    + [Backport] CVE-2021-30599: Type Confusion in V8
    + [Backport] CVE-2021-30598: Type Confusion in V8
    + [Backport] Security bug 1227933
    + [Backport] Security bug 1205059
    + [Backport] Security bug 1184294
    + [Backport] Security bug 1198385
    + [Backport] CVE-2021-30588: Type Confusion in V8
    + [Backport] CVE-2021-30587: Inappropriate implementation in Compositing on Windows
    + [Backport] CVE-2021-30573: Use after free in GPU
    + [Backport] CVE-2021-30569, security bugs 1198216 and 1204814
    + [Backport] CVE-2021-30568: Heap buffer overflow in WebGL
    + [Backport] CVE-2021-30541: Use after free in V8
    + [Backport] Security bugs 1197786 and 1194330
    + [Backport] Security bug 1194689
    + [Backport] CVE-2021-30563: Type Confusion in V8
    + [Backport] Security bug 1211215
    + [Backport] Security bug 1209558
    + [Backport] CVE-2021-30553: Use after free in Network service
    + [Backport] CVE-2021-30548: Use after free in Loader
    + [Backport] CVE-2021-30547: Out of bounds write in ANGLE
    + [Backport] CVE-2021-30556: Use after free in WebAudio
    + [Backport] CVE-2021-30559: Out of bounds write in ANGLE
    + [Backport] CVE-2021-30533: Insufficient policy enforcement in PopupBlocker
    + [Backport] Security bug 1202534
    + [Backport] CVE-2021-30536: Out of bounds read in V8
    + [Backport] CVE-2021-30522: Use after free in WebAudio
    + [Backport] CVE-2021-30554 Use after free in WebGL
    + [Backport] CVE-2021-30551: Type Confusion in V8
    + [Backport] CVE-2021-30544: Use after free in BFCache
    + [Backport] CVE-2021-30535: Double free in ICU
    + [Backport] CVE-2021-30534: Insufficient policy enforcement in iFrameSandbox
    + [Backport] CVE-2021-30530: Out of bounds memory access in WebAudio
    + [Backport] CVE-2021-30523: Use after free in WebRTC
    + Generate mojo bindings before compiling extension API registration
  * Bump version from 5.15.5 to 5.15.6
  * Always send phased wheel events beginning with Began
- Import patch from the chromium package:
  * 0001-return-ENOSYS-for-clone3.patch
- Add changes from the chromium package to
  0001-Fix-build-with-glibc-2.34.patch

==== libsrtp2 ====
Version update (2.4.0 -> 2.4.1)

- Update to release 2.4.1
  * Use a full-length key even with null ciphers

==== libtpms ====

- security update
- added patches
  fix CVE-2021-3746 [bsc#1189935], out-of-bounds access via specially crafted TPM 2 command packets
  + libtpms-CVE-2021-3746.patch

==== libxfce4ui ====
Version update (4.16.0 -> 4.16.1)
Subpackages: libxfce4ui-2-0 libxfce4ui-lang libxfce4ui-tools typelib-1_0-Libxfce4ui-2_0

- Update to version 4.16.1
  * Add 4.16 section to docs
  * about: Replace stock with regular button
  * about: Make Close button translatable (bxo#xfce/libxfce4ui#41)
  * Fix cast alignment warning
  * Remove Gtk2 leftovers
  * Don't reserve vertical space for subtitles in headerbars
  * Translation Updates
- Remove headerbar_subtitle.patch - fixed upstream

==== linux-glibc-devel ====
Version update (5.13 -> 5.14)

- Update to kernel headers 5.14

==== nfs-utils ====
Subpackages: libnfsidmap1 nfs-client nfs-kernel-server

- Add 0001-gssd-fix-crash-in-debug-message.patch
  Fix crash when rpc-gssd run with -v.
  (boo#1190144)

==== patterns-base ====
Subpackages: patterns-base-apparmor patterns-base-base patterns-base-basesystem patterns-base-basic_desktop patterns-base-console patterns-base-documentation patterns-base-enhanced_base patterns-base-minimal_base patterns-base-selinux patterns-base-sw_management patterns-base-transactional_base patterns-base-x11 patterns-base-x11_enhanced

- Fix typo in the icon name for the fips pattern (bsc#1189550)

==== postgresql13 ====
Version update (13.3 -> 13.4)
Subpackages: libpq5 postgresql13-contrib postgresql13-docs postgresql13-llvmjit postgresql13-server

- bsc#1185952: fix build with llvm12 on s390x.
  0001-jit-Workaround-potential-datalayout-mismatch-on-s390.patch
- bsc#1179945: Re-enable icu for PostgreSQL 10.
- Upgrade to version 13.4:
  https://www.postgresql.org/docs/13/release-13-4.html
  * CVE-2021-3677 (boo#1189748)
    The planner could create an incorrect plan in cases where two
    ProjectionPaths were stacked on top of each other. The only
    known way to trigger that situation involves parallel sort
    operations, but there may be other instances. The result would
    be crashes or incorrect query results. Disclosure of server
    memory contents is also possible.
- bsc#1187751: Make the dependency of postgresqlXX-server-devel on
  llvm and clang optional (postgresql-llvm-optional.patch).

==== python-kiwi ====
Version update (9.23.49 -> 9.23.54)

- Bump version: 9.23.53 ? 9.23.54
- Fixed condition for GRUB_DISABLE_LINUX_UUID="true"
  The grub config parameter GRUB_DISABLE_LINUX_UUID must only
  be set if the device persistence setting is not UUID. However,
  in kiwi UUID device names are the default and doesn't have to
  be expressed explicitly. Therefore the condition to check
  for different than 'by-uuid' is wrong for the default case were
  no device persistence setting exists. This results in a wrong
  grub option to be set. This commit fixes it in a way to disable
  UUID device names in grub if the only other device persistency
  setting in kiwi named: 'by-label' is explicitly configured.
  This Fixes #1842
- Added force_trailing_slash argument to sync_data
  A speciality of the rsync tool is that it behaves differently
  if the given source_dir ends with a '/' or not. If it ends
  with a slash the data structure below will be synced to the
  target_dir. If it does not end with a slash the source_dir
  and its contents are synced to the target_dir. For example:
  source
  ??? some_data
  1. $ rsync -a source target
  target
  ??? source
  ??? some_data
  2. $ rsync -a source/ target
  target
  ??? some_data
  The parameter force_trailing_slash in the DataSync::sync_data
  method can be used to make sure rsync behaves like shown in
  the second case. This Fixes #1786
- Added type hints for DataSync class
- Bump version: 9.23.52 ? 9.23.53
- Add missing bootloader tests
  Merging #1850 exposed the missing bootloader tests.
  This reminds me to move the gitlab driven unit tests
  to github actions because for forked repos the gitlab
  tests does not run but github actions tests would run
- Fix logging of ISO publisher
- Improving text formatting
- Added documentation for grub2 loopback ISO images
- Bump version: 9.23.51 ? 9.23.52
- Fixed pep E711 code smell
  comparison to None should be 'if cond is not None:'
- Bump version: 9.23.50 ? 9.23.51
- No compression with encryption
  When an image is setup to use encryption the resulting image appears
  as a random stream of bytes and cannot be compressed. Simply skip
  the compression in this case.
- Fix typo in schema documentation
  ciper -> cipher. Fix originally done by Robert Schweikert
  and moved to the right place, see Issue #1906 for details
- Allow target dir for archive
  - Add the option to specify a target directory
  to unpack the archive
  - Update doc for target dir attribute
  This Fixes #1794
- Log deprecation errors to stderr
  Make sure information about deprecated shell methods
  logs their information to stderr. This will cause the
  error message to be exposed to the user and not only
  in the log file
- Fixed TW build test
  Explicitly added packages that causes conflicts due
  to the busybox alternatives
- Bump version: 9.23.49 ? 9.23.50
- Added support for repo customization script
  repo files allows for several customization options
  which could not be set by kiwi through the current
  repository schema. As the options used do not follow
  any standard and are not compatible between package
  managers and distributions the only generic way to
  handle this is through a script which is invoked
  with the repo file as parameter for each file created
  to describe a repo for the selected package manager.
  This allows users to update/change the repo file content
  on their individual needs. In the kiwi description the
  path to the custom script can be specified as follows
  <repository ... customize="/path/to/custom_script">
  <source path="..."/>
  </repository>
  This Fixes #1896

==== python-mysqlclient ====

- Add liberally-accept-charsets.patch:
  * Support multibyte utf8 return values with new versions of MariaDB.

==== tuned ====
Version update (2.15.0+git.1625694366.bc3f737 -> 2.16.0)

- Update to version 2.16.0:
  * bootloader: make skip_grub_config consistent with initrd_remove_dir

==== util-linux ====
Subpackages: libblkid1 libblkid1-32bit libfdisk1 libmount1 libmount1-32bit libsmartcols1 libuuid-devel libuuid1 libuuid1-32bit util-linux-lang

- Remove the raw utility altogether, as it is not even built any
  more with glibc >=2.34.

==== util-linux-systemd ====

- Remove the raw utility altogether, as it is not even built any
  more with glibc >=2.34.
- login.pamd: use pam_motd to unify motd handling [bsc#1185897].
  Else motd snippets of e.g. cockpit will not be shown.

==== virtualbox ====
Subpackages: virtualbox-guest-tools virtualbox-guest-x11

- Add file "fixes-for-5.15.patch" to fix builds on kernel 5.15.

==== virtualbox-kmp ====

- Add file "fixes-for-5.15.patch" to fix builds on kernel 5.15.