Packages changed:
  gsettings-desktop-schemas
  installation-images-MicroOS (16.2 -> 16.3)
  libcontainers-common
  libjcat (0.1.2+3 -> 0.1.3)
  microos-tools (2.1 -> 2.2)
  podman (1.9.3 -> 2.0.4)
  ppp (2.4.7 -> 2.4.8)
  python-jsonpatch (1.25 -> 1.26)
  python-urllib3 (1.25.9 -> 1.25.10)
  setools
  systemd
  webkit2gtk3 (2.28.3 -> 2.28.4)
  xen (4.13.1_04 -> 4.14.0_02)

=== Details ===

==== gsettings-desktop-schemas ====

- Call %meson_build in %build section, not %meson_install.

==== installation-images-MicroOS ====
Version update (16.2 -> 16.3)

- merge gh#openSUSE/installation-images#398
- Update the environment variable reference (doc/configoptions.md)
- Removed obsolete bin/mk_boot
- Remove unused liveeval option
- 16.3

==== libcontainers-common ====

- Fixes for %_libexecdir changing to /usr/libexec (bsc#1174075)

==== libjcat ====
Version update (0.1.2+3 -> 0.1.3)

- Update to version 0.1.3:
  * Export the JcatBlobKind and JcatBlobMethod on the result
  * trivial: source the version header when including <jcat.h>

==== microos-tools ====
Version update (2.1 -> 2.2)

- Update to version 2.2
  - tmpfs support got moved to systemd

==== podman ====
Version update (1.9.3 -> 2.0.4)
Subpackages: podman-cni-config

- Update to v2.0.4
  * Fixed a bug where the output of podman image search did not
    populate the Description field as it was mistakenly assigned to
    the ID field.
  * Fixed a bug where podman build - and podman build on an HTTP
    target would fail.
  * Fixed a bug where rootless Podman would improperly chown the
    copied-up contents of anonymous volumes (#7130).
  * Fixed a bug where Podman would sometimes HTML-escape special
    characters in its CLI output.
  * Fixed a bug where the podman start --attach --interactive
    command would print the container ID of the container attached
    to when exiting (#7068).
  * Fixed a bug where podman run --ipc=host --pid=host would only
    set --pid=host and not --ipc=host (#7100).
  * Fixed a bug where the --publish argument to podman run, podman
    create and podman pod create would not allow binding the same
    container port to more than one host port (#7062).
  * Fixed a bug where incorrect arguments to podman images --format
    could cause Podman to segfault.
  * Fixed a bug where podman rmi --force on an image ID with more
    than one name and at least one container using the image would
    not completely remove containers using the image (#7153).
  * Fixed a bug where memory usage in bytes and memory use
    percentage were swapped in the output of podman stats
  - -format=json.
  * Fixed a bug where the libpod and compat events endpoints would
    fail if no filters were specified (#7078).
  * Fixed a bug where the CgroupVersion field in responses from the
    compat Info endpoint was prefixed by "v" (instead of just being
    "1" or "2", as is documented).
- Remove obsolete libpod.conf from Package sources
- libpod got renamed to podman on GitHub. Point _service file to
  the new name.
- Remove obsolete old Requires on libcontainers-image and -storage
  all of that is inside libcontainers-common
- Require a new enough libcontainers-common version to have the
  default containers.conf installed.
- Remove deprecated libpod.conf and create an update notice pointing
  to containers.conf for user that made changes to libpod.conf
- Suggest katacontainers instead of recommending it. It's not
  enabled by default, so it's just bloat
- Update to v2.0.3
  * Fix handling of entrypoint
  * log API: add context to allow for cancelling
  * fix API: Create container with an invalid configuration
  * Remove all instances of named return "err" from Libpod
  * Fix: Correct connection counters for hijacked connections
  * Fix: Hijacking v2 endpoints to follow rfc 7230 semantics
  * Remove hijacked connections from active connections list
  * version/info: format: allow more json variants
  * Correctly print STDOUT on non-terminal remote exec
  * Fix container and pod create commands for remote create
  * Mask out /sys/dev to prevent information leak from the host
  * Ensure sig-proxy default is propagated in start
  * Add SystemdMode to inspect for containers
  * When determining systemd mode, use full command
  * Fix lint
  * Populate remaining unused fields in `pod inspect`
  * Include infra container information in `pod inspect`
  * play-kube: add suport for "IfNotPresent" pull type
  * docs: user namespace can't be shared in pods
  * Fix "Error: unrecognized protocol \"TCP\" in port mapping"
  * Error on rootless mac and ip addresses
  * Fix & add notes regarding problematic language in codebase
  * abi: set default umask and rlimits
  * Used reference package with errors for parsing tag
  * fix: system df error when an image has no name
  * Fix Generate API title/description
  * Add noop function disable-content-trust
  * fix play kube doesn't override dockerfile ENTRYPOINT
  * Support default profile for apparmor
  * Bump github.com/containers/common to v0.14.6
  * events endpoint: backwards compat to old type
  * events endpoint: fix panic and race condition
  * Switch references from libpod.conf to containers.conf
  * podman.service: set type to simple
  * podman.service: set doc to podman-system-service
  * podman.service: use default registries.conf
  * podman.service: use default killmode
  * podman.service: remove stop timeout
  * systemd: symlink user->system
  * vendor golang.org/x/text@v0.3.3
  * Fix a bug where --pids-limit was parsed incorrectly
  * search: allow wildcards
  * [CI:DOCS]Do not copy policy.json into gating image
  * Fix systemd pid 1 test
  * Cirrus: Rotate keys post repo. rename
- The libpod.conf(5) man page got removed and all references are
  now pointing towards containers.conf(5), which will be part
  of the libcontainers-common package.
- Update to podman v2.0.2
  * fix race condition in `libpod.GetEvents(...)`
  * Fix bug where `podman mount` didn't error as rootless
  * remove podman system connection
  * Fix imports to ensure v2 is used with libpod
  * Update release notes for v2.0.2
  * specgen: fix order for setting rlimits
  * Ensure umask is set appropriately for 'system service'
  * generate systemd: improve pod-flags filter
  * Fix a bug with APIv2 compat network remove to log an ErrNetworkNotFound instead of nil
  * Fixes --remote flag issues
  * Pids-limit should only be set if the user set it
  * Set console mode for windows
  * Allow empty host port in --publish flag
  * Add a note on the APIs supported by `system service`
  * fix: Don't override entrypoint if it's `nil`
  * Set TMPDIR to /var/tmp by default if not set
  * test: add tests for --user and volumes
  * container: move volume chown after spec generation
  * libpod: volume copyup honors namespace mappings
  * Fix `system service` panic from early hangup in events
  * stop podman service in e2e tests
  * Print errors from individual containers in pods
  * auto-update: clarify systemd-unit requirements
  * podman ps truncate the command
  * move go module to v2
  * Vendor containers/common v0.14.4
  * Bump to imagebuilder v1.1.6 on v2 branch
  * Account for non-default port number in image name
- Changes since v2.0.1
  * Update release notes with further v2.0.1 changes
  * Fix inspect to display multiple label: changes
  * Set syslog for exit commands on log-level=debug
  * Friendly amendment for pr 6751
  * podman run/create: support all transports
  * systemd generate: allow manual restart of container units in pods
  * Revert sending --remote flag to containers
  * Print port mappings in `ps` for ctrs sharing network
  * vendor github.com/containers/common@v0.14.3
  * Update release notes for v2.0.1
  * utils: drop default mapping when running uid!=0
  * Set stop signal to 15 when not explicitly set
  * podman untag: error if tag doesn't exist
  * Reformat inspect network settings
  * APIv2: Return `StatusCreated` from volume creation
  * APIv2:fix: Remove `/json` from compat network EPs
  * Fix ssh-agent support
  * libpod: specify mappings to the storage
  * APIv2:doc: Fix swagger doc to refer to volumes
  * Add podman network to bash command completions
  * Fix typo in manpage for `podman auto update`.
  * Add JSON output field for ps
  * V2 podman system connection
  * image load: no args required
  * Re-add PODMAN_USERNS environment variable
  * Fix conflicts between privileged and other flags
  * Bump required go version to 1.13
  * Add explicit command to alpine container in test case.
  * Use POLL_DURATION for timer
  * Stop following logs using timers
  * "pod" was being truncated to "po" in the names of the generated systemd unit files.
  * rootless_linux: improve error message
  * Fix podman build handling of --http-proxy flag
  * correct the absolute path of `rm` executable
  * Makefile: allow customizable GO_BUILD
  * Cirrus: Change DEST_BRANCH to v2.0
- Update to podman v2.0.0
  * The `podman generate systemd` command now supports the `--new`
    flag when used with pods, allowing portable services for pods
    to be created.
  * The `podman play kube` command now supports running Kubernetes
    Deployment YAML.
  * The `podman exec` command now supports the `--detach` flag to
    run commands in the container in the background.
  * The `-p` flag to `podman run` and `podman create` now supports
    forwarding ports to IPv6 addresses.
  * The `podman run`, `podman create` and `podman pod create`
    command now support a `--replace` flag to remove and replace any
    existing container (or, for `pod create`, pod) with the same name
  * The `--restart-policy` flag to `podman run` and `podman create`
    now supports the `unless-stopped` restart policy.
  * The `--log-driver` flag to `podman run` and `podman create`
    now supports the `none` driver, which does not log the
    container's output.
  * The `--mount` flag to `podman run` and `podman create` now
    accepts `readonly` option as an alias to `ro`.
  * The `podman generate systemd` command now supports the `--container-prefix`,
    `--pod-prefix`, and `--separator` arguments to control the
    name of generated unit files.
  * The `podman network ls` command now supports the `--filter`
    flag to filter results.
  * The `podman auto-update` command now supports specifying an
    authfile to use when pulling new images on a per-container
    basis using the `io.containers.autoupdate.authfile` label.
  * Fixed a bug where the `podman exec` command would log to journald
    when run in containers loggined to journald
    ([#6555](https://github.com/containers/libpod/issues/6555)).
  * Fixed a bug where the `podman auto-update` command would not
    preserve the OS and architecture of the original image when
    pulling a replacement
    ([#6613](https://github.com/containers/libpod/issues/6613)).
  * Fixed a bug where the `podman cp` command could create an extra
    `merged` directory when copying into an existing directory
    ([#6596](https://github.com/containers/libpod/issues/6596)).
  * Fixed a bug where the `podman pod stats` command would crash
    on pods run with `--network=host`
    ([#5652](https://github.com/containers/libpod/issues/5652)).
  * Fixed a bug where containers logs written to journald did not
    include the name of the container.
  * Fixed a bug where the `podman network inspect` and
    `podman network rm` commands did not properly handle non-default
    CNI configuration paths ([#6212](https://github.com/containers/libpod/issues/6212)).
  * Fixed a bug where Podman did not properly remove containers
    when using the Kata containers OCI runtime.
  * Fixed a bug where `podman inspect` would sometimes incorrectly
    report the network mode of containers started with `--net=none`.
  * Podman is now better able to deal with cases where `conmon`
    is killed before the container it is monitoring.
- Requires go 1.13 now

==== ppp ====
Version update (2.4.7 -> 2.4.8)

- New version 2.4.8.
  * New pppd options have been added:
  * ifname, to set the name for the PPP interface device
  * defaultroute-metric, to set the metric for the default route
  * defaultroute6, to add an IPv6 default route (with
    nodefaultroute6 to prevent adding an IPv6 default route).
  * up_sdnotify, to have pppd notify systemd when the link is up.
  * The rp-pppoe plugin has new options:
  * host-uniq, to set the Host-Uniq value to send
  * pppoe-padi-timeout, to set the timeout for discovery packets
  * pppoe-padi-attempts, to set the number of discovery attempts.
  * Added the CLASS attribute in radius packets.
  * Fixed warnings and issues found by static analysis.
- Obsoleted patches:
  * ppp-2.4.3-pppoatm.diff
  * ppp-2.4.4-strncatfix.patch
  * ppp-2.4.6-ifname.diff
  * ppp-2.4.7-DES-openssl.patch
  * ppp-2.4.7.tar.gz.asc
  * ppp-send-padt.patch
- Patches that got renamed, because they needed rediffing:
  * ppp-2.4.1-higher-speeds.diff -> ppp-higher-speeds.patch
  * ppp-2.4.1-higher-speeds.diff -> ppp-higher-speeds.patch
  * ppp-2.4.2-__P.diff -> ppp-__P.patch
  * ppp-2.4.2-cifdefroute.diff -> ppp-cifdefroute.patch
  * ppp-2.4.2-pie.patch -> ppp-pie.patch
  * ppp-2.4.2-smpppd.diff -> ppp-smpppd.patch
  * ppp-2.4.3-filter.diff -> ppp-filter.patch
  * ppp-2.4.3-fork-fix.diff -> ppp-fork-fix.patch
  * ppp-2.4.4-var_run_resolv_conf.patch -> ppp-var_run_resolv_conf.patch
  * ppp-2.4.6-lib64.patch -> ppp-lib64.patch
  * ppp-2.4.6-make.diff -> ppp-make.patch
  * ppp-2.4.6-misc.diff -> ppp-misc.patch
  * ppp-2.4.7-fix-bashisms.patch -> ppp-fix-bashisms.patch
- bsc#1172916: Fix an outdated comment for lcp-echo-interval.

==== python-jsonpatch ====
Version update (1.25 -> 1.26)

- update to 1.26:
  * bugfixes (reject invalid json patches)

==== python-urllib3 ====
Version update (1.25.9 -> 1.25.10)

- update to 1.25.10:
  * Added support for ``SSLKEYLOGFILE`` environment variable for
    logging TLS session keys with use with programs like
    Wireshark for decrypting captured web traffic (Pull #1867)
  * Fixed loading of SecureTransport libraries on macOS Big Sur
    due to the new dynamic linker cache (Pull #1905)
  * Collapse chunked request bodies data and framing into one
  call to ``send()`` to reduce the number of TCP packets by 2-4x (Pull #1906)
  * Don't insert ``None`` into ``ConnectionPool`` if the pool
    was empty when requesting a connection (Pull #1866)
  * Avoid ``hasattr`` call in ``BrotliDecoder.decompress()`` (Pull #1858)

==== setools ====

- python3-setools needs python3-networkx

==== systemd ====
Subpackages: libsystemd0 libudev1 systemd-logger systemd-sysvinit udev

- Restore default upstream tmp.mount (/tmp as tmpfs) behaviour (boo#1173461)

==== webkit2gtk3 ====
Version update (2.28.3 -> 2.28.4)
Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 webkit2gtk-4_0-injected-bundles

- Update to version 2.28.4 (boo#1174662):
  + Fix several crashes and rendering issues.
  + Security fixes: CVE-2020-9862, CVE-2020-9893, CVE-2020-9894,
    CVE-2020-9895, CVE-2020-9915, CVE-2020-9925.

==== xen ====
Version update (4.13.1_04 -> 4.14.0_02)

- Correct license name
  * GPL-3.0+ is now GPL-3.0-or-later
- Upstream bug fixes (bsc#1027519)
  5f1a9916-x86-S3-put-data-sregs-into-known-state.patch
  5f21b9fd-x86-cpuid-APIC-bit-clearing.patch
- Update to Xen 4.14.0 FCS release
  xen-4.14.0-testing-src.tar.bz2
  * Linux stubdomains (contributed by QUBES OS)
  * Control-flow Enforcement Technology (CET) Shadow Stack support (contributed by Citrix)
  * Lightweight VM fork for fuzzing / introspection. (contributed by Intel)
  * Livepatch: buildid and hotpatch stack requirements
  * CONFIG_PV32
  * Hypervisor FS support
  * Running Xen as a Hyper-V Guest
  * Domain ID randomization, persistence across save / restore
  * Golang binding autogeneration
  * KDD support for Windows 7, 8.x and 10
- Dropped patches contained in new tarball
  5eb51be6-cpupool-fix-removing-cpu-from-pool.patch
  5eb51caa-sched-vcpu-pause-flags-atomic.patch
  5ec2a760-x86-determine-MXCSR-mask-always.patch
  5ec50b05-x86-idle-rework-C6-EOI-workaround.patch
  5ec7dcaa-x86-dont-enter-C6-with-in-service-intr.patch
  5ec7dcf6-x86-dont-enter-C3-C6-with-errata.patch
  5ec82237-x86-extend-ISR-C6-workaround-to-Haswell.patch
  5ece1b91-x86-clear-RDRAND-CPUID-bit-on-AMD-fam-15-16.patch
  5ece8ac4-x86-load_system_tables-NMI-MC-safe.patch
  5ed69804-x86-ucode-fix-start-end-update.patch
  5eda60cb-SVM-split-recalc-NPT-fault-handling.patch
  5edf6ad8-ioreq-pending-emulation-server-destruction-race.patch
  5edfbbea-x86-spec-ctrl-CPUID-MSR-defs-for-SRBDS.patch
  5edfbbea-x86-spec-ctrl-mitigate-SRBDS.patch
  5ee24d0e-x86-spec-ctrl-document-SRBDS-workaround.patch
  xsa317.patch
  xsa319.patch
  xsa321-1.patch
  xsa321-2.patch
  xsa321-3.patch
  xsa321-4.patch
  xsa321-5.patch
  xsa321-6.patch
  xsa321-7.patch
  xsa328-1.patch
  xsa328-2.patch
- bsc#1172356 - Not able to hot-plug NIC via virt-manager, asks to
  attach on next reboot while it should be live attached
  ignore-ip-command-script-errors.patch
- Enhance libxc.migrate_tracking.patch
  After transfer of domU memory, the target host has to assemble
  the backend devices. Track the time prior xc_domain_unpause.