Packages changed:
  MozillaThunderbird (68.10.0 -> 68.11.0)
  libX11
  sssd (2.3.0 -> 2.3.1)
  transactional-update (2.22 -> 2.23)
  xfwm4 (4.14.3 -> 4.14.4)
  xorg-x11-server

=== Details ===

==== MozillaThunderbird ====
Version update (68.10.0 -> 68.11.0)
Subpackages: MozillaThunderbird-translations-common

- Mozilla Thunderbird 68.11.0
  * fixed: FileLink attachments included as a link and file when
    added from a network drive via drag & drop (bmo#793118)
  MFSA 2020-35 (bsc#1174538)
  * CVE-2020-15652 (bmo#1634872)
    Potential leak of redirect targets when loading scripts in a
    worker
  * CVE-2020-6514 (bmo#1642792)
    WebRTC data channel leaks internal address to peer
  * CVE-2020-6463 (bmo#1635293)
    Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture
  * CVE-2020-15659 (bmo#1550133, bmo#1633880, bmo#1646787,
    bmo#1650811)
    Memory safety bugs fixed in Thunderbird 68.11

==== libX11 ====
Subpackages: libX11-6 libX11-6-32bit libX11-data libX11-devel libX11-xcb1

- U_006-Fix-size-calculation-in-_XimAttributeToValue.patch:
  * Regression fix in previous XIM client head overflow fixes
    (CVE-2020-14344, bsc#1174628)
- U_001-ChangeTheData_lenParameterOf_XimAttributeToValueToCARD16.patch,
  U_002-FixIntegerOverflowsIn_XimAttributeToValue.patch,
  U_003-FixMoreUncheckedLengths.patch,
  U_004-FixSignedLengthValuesIn_XimGetAttributeID.patch,
  U_005-ZeroOutBuffersInFunctions.patch,
  * XIM client heap overflows (CVE-2020-14344, bsc#1174628)

==== sssd ====
Version update (2.3.0 -> 2.3.1)
Subpackages: libsss_certmap0 libsss_idmap0 libsss_nss_idmap0 sssd-32bit sssd-krb5-common sssd-ldap

- Update to release 2.3.1
  * Domains can be now explicitly enabled or disabled using
    enable option in domain section. This can be especially used
    in configuration snippets.
  * New configuration options memcache_size_passwd,
    memcache_size_group, memcache_size_initgroups that can be
    used to control memory cache size.
  * Fixed several regressions in GPO processing introduced in
    sssd-2.3.0
  * Fixed regression in PAM responder: failures in cache only
    lookups are no longer considered fatal.
  * Fixed regression in proxy provider: pwfield=x is now default
    value only for sssd-shadowutils target.
- sssd-wbclient is obsolete and no longer shipped

==== transactional-update ====
Version update (2.22 -> 2.23)
Subpackages: transactional-update-zypp-config

- Version 2.23
  - Add "run" command to be able to execute a single command in a new snapshot
  - Add "--drop-if-no-change" option to discard snapshots if no changes were
    perfomed (BETA, required for Salt integration)
  - Removed previous CaaSP Salt support (gh#openSUSE/transactional-update#33)
  - Avoid "file not found" message on systems without /var subvol

==== xfwm4 ====
Version update (4.14.3 -> 4.14.4)
Subpackages: xfwm4-lang

- Update to version 4.14.4
  * Fix a crash on FreeBSD (gxo#xfce/xfwm4#411)
  * Fix compilation warning due to g_type_class_add_private deprecation

==== xorg-x11-server ====
Subpackages: xorg-x11-server-Xvfb xorg-x11-server-extra xorg-x11-server-sdk xorg-x11-server-wayland

- U_FixForZDI-11426.patch
  * Leak of uninitialized heap memory form the X server to clients
    on pixmap allocation (ZDI-CAN-11426, CVE-2020-14347, bsc#1174633)