Packages changed:
  bluez
  dpdk
  eekboard
  icewm-theme-branding (1.2.4 -> 1.2.5)
  kcm5-fcitx (0.5.5 -> 0.5.6)
  libfprint (1.90.1 -> 1.90.3)
  libzypp (17.25.0 -> 17.25.1)
  nodejs14 (14.9.0 -> 14.12.0)
  perl-Mojolicious (8.59 -> 8.60)
  procps
  python-attrs (19.3.0 -> 20.2.0)
  python-pyzmq
  tigervnc
  virt-manager
  wireshark (3.2.6 -> 3.2.7)
  zypper (1.14.39 -> 1.14.40)
  zypper-lifecycle-plugin (0.6.1596796104.87bdab7 -> 0.6.1601367426.843fe7a)

=== Details ===

==== bluez ====
Subpackages: libbluetooth3

- Packaging: remove _service and accompanying README.md,
  maintenance in git did not work out as well as intended.

==== dpdk ====

- Add patches to fix vulnerability where malicious guest can harm the host
  using vhost crypto, this includes executing code in host (VM Escape),
  reading host application memory space to guest and causing partially
  denial of service in the host (bsc#1176590).
  * 0001-vhost-crypto-fix-pool-allocation.patch
  * 0002-vhost-crypto-fix-incorrect-descriptor-deduction.patch
  * 0003-vhost-crypto-fix-missed-request-check-for-copy-mode.patch
  * 0004-vhost-crypto-fix-incorrect-write-back-source.patch
  * 0005-vhost-crypto-fix-data-length-check.patch
  * 0006-vhost-crypto-fix-possible-TOCTOU-attack.patch

==== eekboard ====

- fix libexecdir

==== icewm-theme-branding ====
Version update (1.2.4 -> 1.2.5)

- Improve spec:
  * Conditionally define icewm_version to the version number used
    in Leap/SLE 15 code stream and Tumbleweed.
- Version update to 1.2.5
  * Update the format of SLE backgound image to png (bsc#1176835).
  * Drop upstreamed add-adwaita-legacy-iconpath-to-preference.patch.
- Update spec
  * Keep the format of Leap background image to jpg.
- fixed obsoletion of icemwm-upstream-config (bsc#1173441 bsc#1170420)
- Improve spec:
  * Make a more explict summary since this package is not used by
    openSUSE Tumbleweed.
  * Introduce %{icewm_version} to make the provided capability had a
    consistent version number with icewm-config-upstream.
  * Explicitly obsoletes icewm-config-upstream to fix the "zypper
    dup" issue on Leap (bsc#1170420).

==== kcm5-fcitx ====
Version update (0.5.5 -> 0.5.6)
Subpackages: kf5-kcm-fcitx kf5-kcm-fcitx-icons

- update version 0.5.6
  * [kcm] try qt5 wrapper before qt4
  * [kcm] use non neg value as role
- drop kcm5-fcitx-po.patch, no more kcm-fcitx

==== libfprint ====
Version update (1.90.1 -> 1.90.3)

- update to 1.90.3:
  * New goodixmoc driver supporting Goodix USB devices: 27C6:5840 27C6:6496 27C6:60A2
  * Newly added support for Synaptics device: 06CB:00E9 06CB:00DF
  * Fixed an issue with Synaptics devices sometimes not working at boot
  * Fix issue with aes3k driver (#306)
  * A patch for nbis required for some sensors was accidentally dropped in an earlier release
  Users of these sensors/drivers need to re-enroll

==== libzypp ====
Version update (17.25.0 -> 17.25.1)

- Fix bsc#1176902: When kernel-rt has been installed, the
  purge-kernels service fails during boot.
- Use package name provides as group key in purge-kernel
  (bsc#1176740 bsc#1176192)
  kernel-default-base has new packaging, where the kernel uname -r
  does not reflect the full package version anymore. This patch
  adds additional logic to use the most generic/shortest edition
  each package provides with %{packagename}=<version> to group the
  kernel packages instead of the rpm versions.
  This also changes how the keep-spec for specific versions is
  applied, instead of matching the package versions, each of the
  package name provides will be matched.
- version 17.25.1 (22)

==== nodejs14 ====
Version update (14.9.0 -> 14.12.0)
Subpackages: npm14

- Update to version 14.12.0:
  * n-api:
    + create N-API version 7
    + add more property defaults
- Changes since version 14.9.0
  * deps:
    + update llhttp to 2.1.2 (bsc#1176605, CVE-2020-8201)
    + http: add requestTimeout. Fixes Denial of Service by
    resource exhaustion due to unfinished HTTP/1.1 requests
    (bsc#1176604, CVE-2020-8251)
    + buffer: also alias BigUInt methods
    + crypto: add randomInt function
    + perf_hooks: add idleTime and event loop util
    + stream: simpler and faster Readable async iterator
    + stream: save error in state

==== perl-Mojolicious ====
Version update (8.59 -> 8.60)

- updated to 8.60
  see /usr/share/doc/packages/perl-Mojolicious/Changes
  8.60  2020-09-27
  - Improved reset method in Mojo::IOLoop to prevent close event to be emitted in affected streams. (kiwiroy)
  - Improved cookbook with Envoy deployment recipe. (zakame)

==== procps ====
Subpackages: libprocps8

- Replace patch procps-ng-3.3.16-comm_len.patch with upstream
  commitment patch procps-ng-3e1c00d0.patch (bsc#1158830)

==== python-attrs ====
Version update (19.3.0 -> 20.2.0)

- update to 20.2.0:
  - Python 3.4 is not supported anymore.
  - ``attr.define()``, ``attr.frozen()``, ``attr.mutable()``, and ``attr.field()`` remain **provisional**.
  This release fixes a bunch of bugs and ergonomics but they remain mostly unchanged.
  Further changes see included CHANGELOG.rst

==== python-pyzmq ====

- raise test timeout limit to 5m and define an console encoding

==== tigervnc ====
Subpackages: libXvnc1 xorg-x11-Xvnc xorg-x11-Xvnc-module

- U_0001-Properly-store-certificate-exceptions.patch,
  U_0002-Properly-store-certificate-exceptions-in-Java-viewer.patch
  * Properly store certificate exceptions (boo#1176733)
- adjusted u_tigervnc-add-autoaccept-parameter.patch

==== virt-manager ====
Subpackages: virt-install virt-manager-common

- Upstream bug fixes (bsc#1027942)
  ba08f84b-addstorage-Return-to-using-qcow2-sparse-by-default.patch
  a010c49b-cli-Fix-os-variant-help-introspection.patch
  79ebcbcb-viewers-Fix-spice-audio.patch
  e5a51f63-details-Change-Close-accelerator-to-ctrl+shift+w.patch
  9c13d2f8-Remove-use-of-problematic-terminology.patch

==== wireshark ====
Version update (3.2.6 -> 3.2.7)
Subpackages: libwireshark13 libwiretap10 libwsutil11 wireshark-ui-qt

- wireshark 3.2.7:
  * CVE-2020-25863: MIME Multipart dissector crash (boo#1176908)
  * CVE-2020-25862: TCP dissector crash (boo#1176909)
  * CVE-2020-25866: BLIP dissector crash (boo#1176910)
- Further features, bug fixes and updated protocol support as listed in:
  https://www.wireshark.org/docs/relnotes/wireshark-3.2.7.html

==== zypper ====
Version update (1.14.39 -> 1.14.40)
Subpackages: zypper-log zypper-needs-restarting

- info: Assume descriptions starting with '<p>' are richtext
  (bsc#935885)
- version 1.14.40

==== zypper-lifecycle-plugin ====
Version update (0.6.1596796104.87bdab7 -> 0.6.1601367426.843fe7a)

- Version 0.6.1601367426.843fe7a
- Allow wildcard matching (jsc#SLE-14168)
- Implement successor handling (jsc#SLE-16251)