Packages changed:
  cni (0.8.0 -> 0.8.1)
  grub2
  installation-images-MicroOS (17.5 -> 17.6)
  libxml2 (2.9.10 -> 2.9.12)
  libxslt
  libzypp (17.25.10 -> 17.26.0)
  patterns-base
  systemd-presets-common-SUSE
  zypper (1.14.44 -> 1.14.45)

=== Details ===

==== cni ====
Version update (0.8.0 -> 0.8.1)

- Update to version 0.8.1:
  * This is a security release that fixes a single bug:
  - Tighten up plugin-finding logic (#811).

==== grub2 ====
Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-x86_64-efi

- Fix crash in launching gfxmenu without theme file (bsc#1186481)
  * grub2-gfxmenu-support-scrolling-menu-entry-s-text.patch

==== installation-images-MicroOS ====
Version update (17.5 -> 17.6)

- merge gh#openSUSE/installation-images#513
- Keep /usr/lib/ld-* also if lib64 exists
- Use ld*so* as glob for the runtime linker
- Keep /usr/lib/ld*so* also if lib64 exists
- 17.6

==== libxml2 ====
Version update (2.9.10 -> 2.9.12)
Subpackages: libxml2-2 libxml2-tools

- Fix python-lxml regression with libxml2 2.9.12:
  * Work around lxml API abuse:
    gitlab.gnome.org/GNOME/libxml2/issues/255
- Add upstream patches:
  * libxml2-fix-lxml-corrupted-subtree-structures.patch
  * libxml2-fix-regression-in-xmlNodeDumpOutputInternal.patch
- Update to version 2.9.12
  * Fix CVE-2021-3541, CVE-2021-3537, CVE-2021-3518, CVE-2021-3517,
    CVE-2021-3516, CVE-2020-7595, CVE-2019-20388, CVE-2020-24977,
    and CVE-2019-19956
  * Fix null deref in legacy SAX1 parser
  * Fix handling of unexpected EOF in xmlParseContent
  * Fix user-after-free
  * Validate UTF8 in xmlEncodeEntities
  * Fix memory leak in xmlParseElementMixedContentDecl
  * Fix integer overflow in xmlSchemaGetParticleTotalRangeMin
  * Fix SEGV in xmlSAXParseFileWithData
  * Don't process siblings of root in xmlXIncludeProcess
  * Full changes: http://xmlsoft.org/news.html
- Drop upstream fixed
  * libxml2-CVE-2021-3541.patch
  * libxml2-CVE-2021-3537.patch
  * libxml2-CVE-2021-3518.patch
  * libxml2-CVE-2021-3517.patch
  * libxml2-CVE-2021-3516.patch
  * libxml2-CVE-2020-7595.patch
  * libxml2-CVE-2019-20388.patch
  * libxml2-CVE-2020-24977.patch
  * libxml2-CVE-2019-19956.patch
  * libxml2-python39.patch
  * libxml2-Avoid-quadratic-checking-of-identity-constraints.patch
- Drop since 2.9.10 merged libxml2-xmlFreeNodeList-recursive.patch
- Drop since 2.8.0 merged fix-perl.diff
- Refresh libxml2-make-XPATH_MAX_NODESET_LENGTH-configurable.patch
- Security fix: [bsc#1186015, CVE-2021-3541]
  * Exponential entity expansion attack bypasses all existing
    protection mechanisms.
- Add libxml2-CVE-2021-3541.patch

==== libxslt ====

- Fix build with libxml2 2.9.12 that removes maxParserDepth XPath limit
- Add upstream patches:
  * libxslt-Stop-using-maxParserDepth-XPath-limit.patch
  * libxslt-Do-not-set-maxDepth-in-XPath-contexts.patch

==== libzypp ====
Version update (17.25.10 -> 17.26.0)

- Work around download.o.o broken https redirects.
- Allow trusted repos to add additional signing keys (bsc#1184326)
  Repositories signed with a trusted gpg key may import additional
  package signing keys. This is needed if different keys were used
  to sign the the packages shipped by the repository.
- MediaCurl: Fix logging of redirects.
- Use 15.3 resolver problem and solution texts on all distros.
- $ZYPP_LOCK_TIMEOUT: Let negative values wait forever for the
  zypp lock (bsc#1184399)
  Helps boot time services like 'zypper purge-kernels' to wait for
  the zypp lock until other services using zypper have completed.
- Fix purge-kernels is broken in Leap 15.3 (bsc#1185325)
  Leap 15.3 introduces a new kernel package called
  kernel-flavour-extra, which contain kmp's. Currently kmp's are
  detected by name ".*-kmp(-.*)?" but this does not work which
  those new packages. This patch fixes the problem by checking
  packages for kmod(*) and ksym(*) provides and only falls back to
  name checking if the package in question does not provide one of
  those.
- Introduce zypp-runpurge, a tool to run purge-kernels on
  testcases.
- version 17.26.0 (22)

==== patterns-base ====
Subpackages: patterns-base-apparmor patterns-base-bootloader patterns-base-minimal_base

- Suggest kernel-default from patterns-base-base

==== systemd-presets-common-SUSE ====

- When installing the systemd-presets-common-SUSE package for the
  first time in a new system, it might happen that some services
  are installed before systemd so the %systemd_pre/post macros
  would not work. This is handled by enabling all preset services
  in this package's %posttrans section but it wasn't enabling
  user services, just system services. Now it enables also the
  user services installed before this package, thus fixing
  boo#1186561

==== zypper ====
Version update (1.14.44 -> 1.14.45)
Subpackages: zypper-needs-restarting

- Add hints to 'trust GPG key' prompt.
- Add report when receiving new package signing keys from a
  trusted repo (bsc#1184326)
- Added translation using Weblate (Kabyle)
- version 1.14.45