Packages changed:
  bind (9.16.5 -> 9.16.6)
  festival
  libverto (0.2.6 -> 0.3.1)
  permissions (1550_20200811 -> 1550_20200826)
  suse-module-tools (15.3.3 -> 15.3.4)
  systemd
  xdm
  xfce4-screensaver
  zlib

=== Details ===

==== bind ====
Version update (9.16.5 -> 9.16.6)
Subpackages: bind-chrootenv bind-doc bind-utils libbind9-1600 libdns1605 libirs1601 libisccc1600 libisccfg1600 python3-bind

- Require /sbin/start_daemon: both init scripts, the one used in
  systemd context as well as legacy sysv, make use of start_daemon.
- Upgrade to version 9.16.6
  Fixes five vilnerabilities:
  5481.   [security]      "update-policy" rules of type "subdomain" were
    incorrectly treated as "zonesub" rules, which allowed
    keys used in "subdomain" rules to update names outside
    of the specified subdomains. The problem was fixed by
    making sure "subdomain" rules are again processed as
    described in the ARM. (CVE-2020-8624) [GL #2055]
  5480.   [security]      When BIND 9 was compiled with native PKCS#11 support, it
    was possible to trigger an assertion failure in code
    determining the number of bits in the PKCS#11 RSA public
    key with a specially crafted packet. (CVE-2020-8623)
    [GL #2037]
  5479.   [security]      named could crash in certain query resolution scenarios
    where QNAME minimization and forwarding were both
    enabled. (CVE-2020-8621) [GL #1997]
  5478.   [security]      It was possible to trigger an assertion failure by
    sending a specially crafted large TCP DNS message.
    (CVE-2020-8620) [GL #1996]
  5476.   [security]      It was possible to trigger an assertion failure when
    verifying the response to a TSIG-signed request.
    (CVE-2020-8622) [GL #2028]
  For the less severe bugs fixed, see the CHANGES file.
  [bsc#1175443, CVE-2020-8624, CVE-2020-8623, CVE-2020-8621,
  CVE-2020-8620, CVE-2020-8622]

==== festival ====

- Removed unnecessary and unexpected "_link".
- Updated .spec file according to the Tumbleweed's change
  (%{_libexecdir} was changed from /usr/lib to /usr/libexec).

==== libverto ====
Version update (0.2.6 -> 0.3.1)
Subpackages: libverto1 libverto1-32bit

- update to 0.3.1:
  * Fix rare leak of DSO in module_load
  * Turn off -Wcast-function-type
  * Work around libev not being c89-compliant
  * Minor release bumps for verto_cleanup()
  * Leak fixes
  * Enforce strict c89 compliance for portability
  * Many warning fixes
  * Fix memleak in libverto:vfree
  * Update mutex usage to improve debugging
  * Add verto_cleanup() to free loaded_modules
  * Make C99 requirement explicit

==== permissions ====
Version update (1550_20200811 -> 1550_20200826)
Subpackages: chkstat permissions-config permissions-doc

- Update to version 20200826:
  * mtr-packet: stop requiring dialout group
  * etc/permissions: fix mtr permission
  * list_permissions: improve output format
  * list_permissions: support globbing in --path argument
  * list_permissions: implement simplifications suggested in PR#92
  * list_permissions: new tool for better path configuration overview

==== suse-module-tools ====
Version update (15.3.3 -> 15.3.4)

- Update to version 15.3.4:
  * spec: rework dependencies

==== systemd ====
Subpackages: libsystemd0 libsystemd0-32bit libudev-devel libudev1 libudev1-32bit systemd-32bit systemd-container systemd-doc systemd-lang systemd-logger systemd-sysvinit udev

- Adjust %pre and %post for the restoration of upstream tmp.mount (boo#1175779)
- Import commit a4e393eecb9dbe140a6c7d57419c291d786155cf
  d8e3bd4e22 Revert "core: don't send SIGKILL to user@.service immediatly during shutdown"
- Drop requirement on 'sysvinit-tools'
  It was used to workaround bug #886599 by explicitly calling
  vhangup(8) from getty@.service so when this service was stopped a
  virtually hangup on the specified terminal when were stopped to give
  the shell a few seconds to save its history.
  But this workaround was dropped since it had no effect (SLE12-GM was
  released with it but was still suffering from the bug) and was
  replaced by commit e9db43d5910717a108, which was released from v226
  and backported to SLE12/SLE12-SP1.

==== xdm ====
Subpackages: xdm-xsession

- Require /sbin/startproc: with systemd no longer pulling in
  sysvinit-tools. we are responsible for our own deps. /sbin/pidof
  and /sbin/startproc both were presented by sysvinit-tools. but
  the sole presence of the /sbin/pidof dep is not sufficient, as
  this can be provided by various packages (e.g.
  busybox-sysvinit-tools, which then does not provide startproc).
  Spelling the deps out ensures that we get the right package set
  installed.
- Drop insserv-compat dependency when display-manager.service is used
  insserv-compat is going to be dropped soon or later on systems with
  systemd as init system.
  It was only needed by /usr/lib/X11/display-manager script that uses
  rc_status to pretty print the status of a command.
  Since this script is intended to be used by display-manager.service
  and not called directly by users and systemd has already its own
  mechanism to report status, the use of rc_status doesn't seem to be
  useful.
  The exit failure status for each command has been preserved.
- Drop commands in /usr/lib/X11/display-manager that are never used by systemd
  Assuming that this script is only called from
  display-manager.service unit, some commands of the scripts are
  either never used or redundant with systemd functionalities.
  More specifically, there's no need to redefine a "stop" command as
  this is one basic command that systemd implements already.
  Also convert "reload" to make use of $MAINPID exported by systemd
  which should be slighly more reliable and hence stop relying on
  killproc that might be removed in the future.
- Replace /var/run with /run as /var/run is obsolete since quite some
  time now.

==== xfce4-screensaver ====

- Fixes for %_libexecdir changing to /usr/libexec (bsc#1174075)

==== zlib ====
Subpackages: libminizip1 libz1 libz1-32bit zlib-devel

- Add patch to fix compression level switching
  bsc#1175811 bsc#1175830 bsc#1175831
  * zlib-compression-switching.patch
- Set -DDFLTCC_LEVEL_MASK=0x7e on s390/s390x jsc#13776