Packages changed:
  apache2
  bogofilter
  brltty
  chrome-gnome-shell (8 -> 8.1)
  circuslinux
  claws-mail
  dhcp
  dmraid
  docbook-xsl-stylesheets
  doxygen (1.8.12 -> 1.8.13)
  dvd+rw-tools
  ekiga
  ffmpeg (3.2.2 -> 3.2.4)
  file-roller
  gcin (2.8.4 -> 2.8.5)
  gegl-unstable
  gimp
  git (2.11.0 -> 2.11.1)
  gnome-online-accounts
  gnome-shell (3.22.2 -> 3.22.3)
  gnutls (3.5.8 -> 3.5.9)
  goffice (0.10.32 -> 0.10.33)
  gparted (0.28.0 -> 0.28.1)
  grilo-plugins (0.3.3 -> 0.3.4)
  grub2
  gtk4 (3.89.2 -> 3.89.4)
  guile (2.0.13 -> 2.0.14)
  hplip (3.16.10 -> 3.16.11)
  i4l-base
  icedtea-web
  installation-images (14.299 -> 14.302)
  irssi (1.0.0 -> 1.0.1)
  java-1_8_0-openjdk-plugin
  kernel-firmware (20170113 -> 20170217)
  kernel-source (4.9.10 -> 4.9.11)
  kiwi (7.04.26 -> 7.04.27)
  libbluray
  libgudev (230 -> 231)
  libnettle
  libpst (0.6.69 -> 0.6.70)
  libqb (1.0.0+git20160407.6f2b3e8 -> 1.0.1+git20170131.afdff97)
  libquicktime
  libvirt
  libzip (1.1.3 -> 1.2.0)
  mariadb (10.1.20 -> 10.1.21)
  mjpegtools
  mozilla-nss (3.28.2 -> 3.28.3)
  mtd-utils (1.5.2 -> 2.0.0)
  multipath-tools
  mutter (3.22.2 -> 3.22.3)
  open-vm-tools
  openldap2
  os-prober (1.70 -> 1.74)
  p7zip
  pcre2 (10.22 -> 10.23)
  perl-Net-HTTP (6.12 -> 6.13)
  perl-YAML (1.22 -> 1.23)
  pidgin-sipe (1.21.1 -> 1.22.0)
  plasma5-desktop
  poppler (0.51.0 -> 0.52.0)
  poppler-qt5 (0.51.0 -> 0.52.0)
  postfix
  postgresql-init
  python-qt4
  python-rpm-macros (1.0git.1483874658.ead0b0b -> 1.0.git.1486997542.e9fcc29)
  python-sip (4.19 -> 4.19.1)
  python-wxWidgets-3_0
  sg3_utils
  shim-leap
  spamassassin
  sssd
  strace (4.15 -> 4.16)
  systemd
  tigervnc
  virglrenderer
  wget (1.19 -> 1.19.1)
  wwwoffle (2.9i -> 2.9j)
  xorg-x11-server
  yast2-country (3.2.8 -> 3.2.9)
  ypbind

=== Details ===

==== apache2 ====
Subpackages: apache2-devel apache2-doc apache2-example-pages apache2-prefork apache2-utils

- fix caching of forward proxy
  + httpd-cache-forward-http-proxy.patch
- Don't require insserv if we don't need it.

==== bogofilter ====
Subpackages: bogofilter-common bogofilter-db

- Explicitly package _docdir, fix build with rpm 4.13.

==== brltty ====
Subpackages: brltty-driver-at-spi2 brltty-driver-brlapi brltty-driver-espeak brltty-driver-speech-dispatcher brltty-driver-xwindow libbrlapi0_6 python3-brlapi xbrlapi

- Disable udev rule for generic FTDI devices to avoid taking
  USB-to-serial converters (boo#1007652). Add an update
  message if one of these devices is detected.
- Add a README.SUSE.
- Add brltty-polkit-fixes.patch:  don't delay brltty if waiting
  for polkit initialization, and fix polkit+key authentication
  (bsc#930242).
- Add brltty-braillenote-usb.patch: autodetect BrailleNote via
  USB.
- Always enable polkit (intention of the conditional was to
  disable on 13.2 and 42.1, but it was being disabled under 42.2
  as well).

==== chrome-gnome-shell ====
Version update (8 -> 8.1)

- Update to version 8.1:
  + Added check to make sure that "enabled-extensions" GNOME Shell
    setting does not contains duplicated values (bgo#777650).
  + Fixed error that breaks update check if there was extension
    installed without "version" key in manifest.
  + Fixed error that prevents error message to be shown when update
    check is failed.
  + Fixed connector segfault on browser close.
  + Fixed possible error in synchronization process that may delete
    some extensions.
  + Updated translations.
- Drop chrome-gnome-shell-commit-dca4a35.patch: Fixed upstream.
- Use conditional to allow packaging for older versions of
  openSUSE.

==== circuslinux ====

- Move /usr/games to /usr/bin as done with the rest 4 years ago.

==== claws-mail ====
Subpackages: claws-mail-lang

- Use xdg-open (instead of gedit) as default mime_open_command
  use-xdg-open-as-default-mime_open_command.patch

==== dhcp ====
Subpackages: dhcp-client dhcp-doc dhcp-relay dhcp-server

- Require insserv only if needed
- Fix requires of client subpackage

==== dmraid ====

- Remove obsolete insserv call

==== docbook-xsl-stylesheets ====

- Explicitly package %{_docdir}/%{name} to fix build with RPM 4.13.

==== doxygen ====
Version update (1.8.12 -> 1.8.13)

- Add doxygen-guard-null-variable.patch: Protected against NULL
  pointer of variable al, upstream commit 0f02761.
- Update to 1.8.13
  See changelog at http://www.stack.nl/~dimitri/doxygen/manual/changelog.html#log_1_8_13
- dropped doxygen-fix-QCH-files.patch, it is part of the release

==== dvd+rw-tools ====

- Explicitly BuildRequire m4.

==== ekiga ====
Subpackages: ekiga-lang ekiga-plugins-evolution

- add ekiga-audiooutput-fallback-to-primary-device-if-secondary.patch
  * fixes problem that ekiga uses SILENT as default for secondary
  (ring) output unless explicitly configured by user
  * Upstream bug report: bgo#777717

==== ffmpeg ====
Version update (3.2.2 -> 3.2.4)
Subpackages: libavcodec57 libavformat57 libavutil55 libswresample2 libswscale4

- Have libavcodec57 additionally provide libavcodec57(unrestricted)
  when building unrestricted: allow third party packages to require
  the unrestricted codec. The existing -full provides is not
  suitable as it can be provided by multiple libavcodec* packages,
  whereas we require a specific ABI version.
- Update to new upstream release 3.2.4
  * lavf/mov.c: Avoid heap allocation wrap in mov_read_hdlr
  * lavf/mov.c: Avoid OOB in mov_read_udta_string()
  * lavf/mov.c: Avoid heap allocation wraps in mov_read_{senc,saiz}()
- Update to new upstream release 3.2.3
  * Maintenance release with bugfixes
  * ffplay: fix sws_scale possible out of bounds array access
- Drop version number from patch: ffmpeg-2.4.5-arm6l.patch ->
  ffmpeg-arm6l.diff

==== file-roller ====

- Add file-roller-open-dest-dialog-only-when-using-notify.patch:
  Show the 'open destination' dialog only when using --notify and
  only for the last extracted archive.
- Add file-roller-libarchive-dont-convert-null-strings.patch: Don't
  convert null strings to utf8.
- Add file-roller-fix-crash-after-extracting.patch: Fix a crash
  after extracting a file (bgo#778846, boo#1022082).

==== gcin ====
Version update (2.8.4 -> 2.8.5)
Subpackages: gcin-gtk2 gcin-gtk3 gcin-qt4 gcin-qt5 libgcin-im-client1

- Update to 2.8.5
  + Fix a typing bug with Hsu layout
  + Fix the missing pre-select phrases when using Array input
    method
- Refresh patches:
  + gcin-improve-build-with-pkgconfig.patch
  + gcin-parallel-compiling.patch

==== gegl-unstable ====
Subpackages: gegl-0_3 libgegl-0_3-0

- Replace -devel for their pkgconfig() replacements aligning with
  what configure checks for, and also version several of them:
  + Replaced -devel packages: OpenEXR-devel, babl-devel,
    glib2-devel, libexiv2-devel, libjasper-devel, libpng-devel,
    librsvg-devel, lua-devel.
  + Replacements: pkgconfig(OpenEXR), pkgconfig(babl),
    pkgconfig(exiv2), pkgconfig(gdk-pixbuf-2.0),
    pkgconfig(gio-2.0), pkgconfig(gio-unix-2.0),
    pkgconfig(gmodule-2.0), pkgconfig(gobject-2.0),
    pkgconfig(gthread-2.0), pkgconfig(jasper),
    pkgconfig(json-glib-1.0), pkgconfig(pango),
    pkgconfig(pangocairo), pkgconfig(libpng),
    pkgconfig(librsvg-2.0),  pkgconfig(lua).
- Run spec-cleaner, modernize spec.
- Add gobject-introspection-devel, pkgconfig, pkgconfig(lcms2):
  Build support for introspection and lcms, pkgconfig comes from
  spec-cleaner.
- Add new subpackage typelib-1_0-Gegl-0_3: Package the new
  introspection support.
- Remove asciidoc, gd, gtk-doc, gtk2-devel, liberation-fonts: No
  longer build gegl website support, gd and liberation-fonts makes
  no sense, gtk-doc is currently broken.
- Following removal of gtk-doc and passing --disable-doc to
  configure, temporary disable gegl-0.3-docs subpackage.
- Correct Group for devel subpackage.
- Stop passing --disable-silent-rules to configure, we do debugging
  locally.

==== gimp ====
Subpackages: gimp-plugin-aa gimp-plugins-python libgimp-2_0-0 libgimpui-2_0-0

- Add gimp-bgo773233-CVE-2007-3126.patch: Gimp 2.3.14 allows
  context-dependent attackers to cause a denial of service (crash)
  via an ICO file with an InfoHeader containing a Height of zero
  (bgo#773233, CVE-2007-3126).
- Add gimp-fix-PDF-Import-filter-crash.patch: Fix a crash in PDF
  Import filter when importing large image PDF or specifying high
  resolution (bgo#593576).

==== git ====
Version update (2.11.0 -> 2.11.1)
Subpackages: git-core git-cvs git-daemon git-email git-gui git-svn git-web gitk

- Explicitly package %{_docdir}/%{name} to fix build with RPM 4.13.
- git 2.11.1:
  * The default Travis-CI configuration specifies newer P4 and GitLFS.
  * The character width table has been updated to match Unicode 9.0
  * various fixes affecting multiple subcommands for correctness,
    bugs, and unexpected behavior.
  * documentation updates
  * git-svn updates

==== gnome-online-accounts ====
Subpackages: libgoa-1_0-0 libgoa-backend-1_0-1 typelib-1_0-Goa-1_0

- Add pkgconfig(vapigen) BuildRequires: Build vala support.

==== gnome-shell ====
Version update (3.22.2 -> 3.22.3)
Subpackages: gnome-shell-browser-plugin gnome-shell-calendar

- Update to version 3.22.3:
  + Work around portal failures by using a URL without HTPPS
    redirect (bgo#769940).
  + Fix replacing of GNotifications (bgo#775149).
  + Reload apps on .desktop file content changes (bgo#773636).
  + Fix subsurfaces not showing up in previews (bgo#756715).
  + Fix theme node transitions (bgo#778145).
  + Don't allow type ahead at the login screen (bgo#766139).
  + Misc. bug fixes: bgo#774643, bgo#774805, bgo#775507,
    bgo#776130, bgo#759793, bgo#745626.
  + Updated translations.
- Drop gnome-shell-bgo774805-guard-against-animations-that-dont-load.patch:
  Fixed upstream.

==== gnutls ====
Version update (3.5.8 -> 3.5.9)
Subpackages: libgnutls-dane0 libgnutls-devel libgnutls-openssl27 libgnutls30 libgnutls30-32bit

- GnuTLS 3.5.9:
  * libgnutls: OpenPGP references removed, functionality deprecated
  * libgnutls: Improve detection of AVX support
  * libgnutls: Add support for IDNA2008 with libidn2 FATE#321897
  * p11tool: re-use ID from corresponding objects when writing
    certificates.
  * API and ABI modifications:
    gnutls_idna_map: Added
    gnutls_idna_reverse_map: Added
- prevent pkgconfig issues due to libidn2 when building with GnuTLS
  add gnutls-3.5.9-pkgconfig.patch

==== goffice ====
Version update (0.10.32 -> 0.10.33)
Subpackages: goffice-lang libgoffice-0_10-10

- Update to version 0.10.33:
  + Make box plots look like bar plots in legends (bgo#773825).
  + Fix conditional compilation for long double (bgo#774439).
  + Reimplement major grids for discrete axes (bgo#775624).
  + Fix add child menu in graph guru (bgo#777336).
  + Fix evaluation of regression curves for area plots
    (bgo#777334).
  + Introspection fixes.

==== gparted ====
Version update (0.28.0 -> 0.28.1)

- Update to version 0.28.1:
  + Restore ability to resize/move primary if extended exists.
  + Make the Label File System and Name Partition dialogs larger.
  + Some minor bug fixes.

==== grilo-plugins ====
Version update (0.3.3 -> 0.3.4)
Subpackages: grilo-plugin-tracker grilo-plugin-youtube

- Update to version 0.3.4:
  + General: Add support for Meson build.
  + Bugs fixed: bgo#775957, bgo#770959, bgo#777210, bgo#771446,
    bgo#771445, bgo#773702, bgo#775957, bgo#778596, bgo#775561,
    bgo#773310, bgo#776482, bgo#770806, bgo#774748.
  + Updated translations.
- Add gperf BuildRequires: New "optional" dependency.

==== grub2 ====
Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-systemd-sleep-plugin grub2-x86_64-efi grub2-x86_64-xen

- Temporary fix for openQA UEFI USB Boot failure (bsc#1026344)
  * 0001-Revert-efi-properly-terminate-filepath-with-NULL-in-.patch
- grub2.spec: fix s390x file list.
- Merge changes from SLE12
- add grub2-emu-4-all.patch
  * Build 'grub2-emu' wherever possible, to allow a better
    implementation of that feature.
- add grub2-s390x-06-loadparm.patch,
- add grub2-commands-introduce-read_file-subcommand.patch:
  * allow s390x to telecontrol grub2.  (bsc#891946, bsc#892852)
- add grub2-s390x-06-loadparm.patch:
  * ignore case and fix transliteration of parameter.  (bsc#891946)
- add grub2-s390x-07-add-image-param-for-zipl-setup.patch
  * Add --image switch to force zipl update to specific kernel
    (bsc#928131)
- add grub2-s390x-08-workaround-part-to-disk.patch
  * Ignore partition tables on s390x. (bsc#935127)
- add grub2-efi-chainload-harder.patch:
  * allow XEN to be chain-loaded despite firmware flaws.  (bnc#887793)
  * Do not use shim lock protocol for reading pe header, it won't be
  available when secure boot disabled (bsc#943380)
  * Make firmware flaw condition be more precisely detected and add
  debug message for the case
  * Check msdos header to find PE file header (bsc#954126)
- grub2-s390x-04-grub2-install.patch:
  * streamline boot to grub menu.  (bsc#898198)
  * Force '/usr' to read-only before calling kexec. (bsc#932951)
- grub2-once:
  * add '--enum' option to enumerate boot-entries in a way
    actually understood by 'grub2'.  (bsc#892852, bsc#892811)
  * Examine variables from grub environment in 'grub2-once'. (fate#319632)

==== gtk4 ====
Version update (3.89.2 -> 3.89.4)
Subpackages: gtk4-branding-upstream gtk4-data gtk4-immodule-amharic gtk4-immodule-inuktitut gtk4-immodule-thai gtk4-immodule-vietnamese gtk4-lang gtk4-schema gtk4-tools libgtk-4-0 typelib-1_0-Gtk-4_0

- Update to version 3.89.4:
  + API changes:
  - gtk_init and other init functions no longer take commandline
    arguments.
  - Functions that are only useful with commandline arguments
    have been dropped.
  - Widgets, except for toplevels, are now visible by default.
  - Style properties are no longer supported.
  + Vulkan rendrerer: Implement more clipping.
  + CSS: Specifying px for pixels is now required.
  + Bugs fixed: bgo#358970, bgo#770112, bgo#773299, bgo#773686,
    bgo#775864, bgo#776225, bgo#777363, bgo#777547, bgo#778009.
  + Updated translations.
- Changes from version 3.89.3:
  + GtkWidget now has API to navigate child widgets:
  - gtk_widget_get_{first,last}_child and
    gtk_widget_get_{prev,next}_sibling.
  - A number of non-container widgets have been converted to use
    child widgets internally: GtkSwitch, GtkSpinButton,
    GtkActionBar.
  + GtkAboutDialog can show a 'System' tab.
  + GTK+ CSS now supports the filter: property and a
  - gtk-icon-filter function that replaces and generalizes
  - gtk-icon-effect.
  + GtkInspector can now save render nodes for testing and
    debugging.
  + More tests for render nodes have been added.
  + GtkTreeView and cell renderers have been more completely
    converted to the snapshot() api.
  + More widgets have been converted to snapshot(): GtkCalendar,
    GtkColorPlane.
  + Vulkan renderer:
  - Combine draw calls when possible.
  - Handle (some) clipping on the GPU.
  - Handle linear gradients.
  - Handle opacity.
  - Support color transformations.
  - Handle borders.
  + Wayland: Support the Vulkan renderer.
  + X11: Call XInitThreads(), since this is needed with Mesa Vulkan
    drivers.
  + Mir:
  - Implement window properties.
  - Track the focus window.
  - Connect to content-hub and use it for copy/paste.
  - Support modal windows.
  + Bugs fixed: bgo#775732, bgo#775846, bgo#776524, bgo#776560,
    bgo#776604, bgo#776627, bgo#776807, bgo#776868, bgo#777176.
  + Updated translations.

==== guile ====
Version update (2.0.13 -> 2.0.14)
Subpackages: guile-modules-2_0 libguile-2_0-22

- Update to version 2.0.14:
  * Bug fixes
    + Builds of .go files and of Guile itself are now
    bit-reproducible
    + 'number->locale-string' and 'monetary-amount->locale-string'
    fixes
    + (system base target) now recognizes "sh3" as a
    cross-compilation target
    + Fix race condition in '00-repl-server.test'
    + 'scandir' from (ice-9 ftw) no longer calls 'stat' for each
    entry
  * Several documentation improvements
- Drop no longer needed patches:
  * guile-fake-buildstamp.patch
  * repl-server-test.patch
- Small packaging cleanup with help of spec-cleaner

==== hplip ====
Version update (3.16.10 -> 3.16.11)
Subpackages: hplip-hpijs hplip-sane

- Version upgrade to 3.16.11:
  * Added Support for the Following New Printers:
  - HP LaserJet M101-M106 Printer
  - HP LaserJet Pro M203-M206 Printer
  - HP LaserJet Pro MFP M227-M231 Printer
  - HP LaserJet Pro MFP M129-M134
  * Added support for the following new Distro's:
  - OpenSuse 42.2
  - Fedora 25

==== i4l-base ====
Subpackages: i4l-isdnlog libcapi20-3 libcapi20-3-32bit

- Remove insserv_cleanup macro since we require and use systemd

==== icedtea-web ====

- Removed patch:
  * icedtea-web-1.6.1-fix-2746.patch
    + Part of 1.6.2

==== installation-images ====
Version update (14.299 -> 14.302)

- fix install script to move the correct files (fate#322275)
- enhance tftpboot-installation package to include all files needed to build our installation iso
- 14.302
- adjust 'boot from harddisk' to also work on caasp systems (bsc#1025851)
- 14.301
- make yast selfupdate feature configurable via YAST_SELFUPDATE env variable
- 14.300
- turn off YaST selfupdates for SLE12

==== irssi ====
Version update (1.0.0 -> 1.0.1)

- irssi 1.0.1:
  * Fix Perl compilation in object dir
  * Fix incorrect HELP SERVER example
  * Correct memory leak in /OP and /VOICE
  * Fix regression that broke second level completion
  * Correct missing NULL termination in perl_parse boo#1023638
  * Sync broken mail.pl script
  * Prevent a memory leak during the processing of the SASL
    response boo#1023637

==== java-1_8_0-openjdk-plugin ====

- Removed patch:
  * icedtea-web-1.6.1-fix-2746.patch
    + Part of 1.6.2

==== kernel-firmware ====
Version update (20170113 -> 20170217)
Subpackages: ucode-amd

- Update to version 20170217:
  * linux-firmware: liquidio: update firmware to v1.4.2
  * iwlwifi: update -17 firmware for 3260, 7260 and 7265
  * iwlwifi: update -22 firmware for 7265D and up
  * iwlwifi: add -27 firmware for 3168, 7265D, 8000C and 8265
  * linux-firmware/i915: Add HuC 1.07.1398 for SKL
  * linux-firmware/i915: Add HuC 1.07.1398 for broxton
  * linux-firmware/i915: HuC on 2.0.1810 for Kabylake
  * linux-firmware/i915: GuC firmware for Broxton v8.7
  * linux-firmware/i915: GuC firmware for Kabylake v9.14
  * radeon/amdgpu: update license copyright dates
  * radeon: add new firmware for SI chips
  * rtlwifi: rtl8723bs: Add firmware for new driver
  * qla2xxx: Update firmware version to 8.06.00
  * amdgpu: add firmware for polaris12 asics
  * amdgpu: update VI gfx/sdma firmware
  * amdgpu: update VI smc/mc firmware
  * update WHENCE for new amdgpu/polaris12_*.bin firmware
  * linux-firmware: add firmware for mt76x2

==== kernel-source ====
Version update (4.9.10 -> 4.9.11)
Subpackages: kernel-default kernel-default-devel kernel-devel kernel-docs kernel-macros kernel-syms

- Linux 4.9.11 (CVE-2017-5897 CVE-2017-5970 CVE-2017-5986
  bnc#1012628 bsc#1023762 bsc#1024938 bsc#1025235).
- Delete patches.fixes/ip6_gre-fix-ip6gre_err-invalid-reads.patch.
- Delete
  patches.fixes/ipv4-keep-skb-dst-around-in-presence-of-IP-options.patch.
- Delete
  patches.fixes/sctp-avoid-BUG_ON-on-sctp_wait_for_sndbuf.patch.
- commit cf9c670

==== kiwi ====
Version update (7.04.26 -> 7.04.27)
Subpackages: kiwi-desc-isoboot kiwi-desc-netboot kiwi-desc-oemboot kiwi-desc-vmxboot kiwi-doc kiwi-media-requires kiwi-templates

- v7.04.27 released
- Prevent quoted domain name
  We're getting domain name by parsion a lease file. Unfortunately in
  lease file domain name is quoted, which breaks linux resolver.
  This commit gets domainname unquoted
  Signed-off-by: Dinar Valeev <k0da@opensuse.org>

==== libbluray ====

- Rename %soname to %sover to better reflect its use.
  Fix RPM groups.

==== libgudev ====
Version update (230 -> 231)
Subpackages: libgudev-1_0-0 libgudev-1_0-devel typelib-1_0-GUdev-1_0

- Update to version 231:
  + Fix a bug in the enumerator to ensure that client subsystems
    are implicitly matched.
  + Require a newer GLib to simplify some code.
- Add disabled pkgconfig(umockdev-1.0) BuildRequires, new
  optional dependency, that is enabled by default upstream, but
  unfortunatly not yet available in openSUSE.
- Following the above: pass --disable-umockdev to configure.

==== libnettle ====
Subpackages: libhogweed4 libhogweed4-32bit libnettle-devel libnettle6 libnettle6-32bit

- Explicitly BuildRequire m4

==== libpst ====
Version update (0.6.69 -> 0.6.70)

- Update to version 0.6.70:
  + pst_getID2 must not recurse into children.

==== libqb ====
Version update (1.0.0+git20160407.6f2b3e8 -> 1.0.1+git20170131.afdff97)

- [ringbuffer] Return error from peek if RB is corrupted. (bsc#1026176)
- build: drop allegedly no longer intrusive syslog-tests opt-in switch
- Upstream version cs: afdff97f1af8e1be916816ad8b6d5530fa7c6637
- version: Update version for 1.0.1 release
- rb: use new qb_rb_close_helper able to resort to file truncating (bsc#1026176)
- rb: make it more robust against trivial IPC API misuses (bsc#1026176)
- log_thread: logt_wthread_lock is vital for logging thread (bsc#1026176)
- log: Don't overwrite valid tags (bsc#1026176)
- ipc_shm: fix superfluous NULL check
- log: Add missing z,j, & t types to the logger (bsc#1026176)
- log: check for appropriate space when serializing a char (bsc#1026176)
- Upstream version cs: 0a329683a76bc6aeb36f20f2bf6b43ba0440c4dc (v1.0.1)

==== libquicktime ====

- Rename %soname to %sover to better reflect its use.
  Correct RPM group.

==== libvirt ====
Subpackages: libvirt-client libvirt-daemon libvirt-daemon-config-network libvirt-daemon-config-nwfilter libvirt-daemon-driver-interface libvirt-daemon-driver-libxl libvirt-daemon-driver-lxc libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-uml libvirt-daemon-driver-vbox libvirt-daemon-lxc libvirt-daemon-qemu libvirt-daemon-xen libvirt-libs

- Don't call insserv if we use systemd and don't require it.
- libxl: more fixes for dom0 maxmem setting
  4ab0c959-libxl-mem-leak.patch, 2dc1cf19-libxl-double-free.patch
  bsc#1017762
- apparmor: don't fail on non-apparmor <seclabel>
  apparmor-errormsg-fix.patch, apparmor-alt-seclabel.patch
  bsc#1023436
- libxl: fix reporting of domain maximum memory
  ff225538-libxl-autoballoon-setting.patch,
  c89a6e78-libxl-physinfo-cleanup.patch,
  d2b77608-libxl-maxmem-fix.patch,
  79692c38-libxl-dom0-maxmem.patch
  bsc#1017762
- libxl: set disk format to raw if not specified and fix disk
  detach
  321a28c6-libxl-default-disk-format.patch,
  bd116810-libxl-fix-disk-detach.patch
  bsc#1003379
- libxl: fix timer configurations
  6e4759d0-libxl-timer-fix.patch,
  87df87e0-libxl-timer-tsc-emulate.patch,
  b4386fda-xenconfig-timer-fix.patch, d3970925-timer-tests.patch
  bsc#1019969
- SLE12 SP2 bugs merged via version updates of the Factory libvirt
  package:
  bsc#986718
- SLE12 SP2 FATEs merged via version updates of the Factory libvirt
  package:
  FATE#316228, FATE#316628, FATE#319531, FATE#319810, FATE#320490
- Replaced libxl-dom0-balloon-fix.patch with upstream patch
  f86a7a83-libxl-dom0-balloon-fix.patch
- Fix dom0 ballooning with Xen >= 4.8
  libxl-dom0-balloon-fix.patch
  bsc#1020755
- SLE12 SP2 bugs merged via version updates of the Factory libvirt
  package:
  bsc#996020, bsc#987002, bsc#997278, bsc#998005, bsc#998389,
  bsc#1001446, bsc#1001698, bsc#1005288, bsc#1013991, bsc#1016253,
  bsc#1017086, bsc#1017762, bsc#1018189
- virt-create-rootfs is a temporary SLE-only hack that was never
  added to the Factory libvirt package, causing it to be dropped
  when rebasing SLE on Factory. Add it now but only apply
  associated patch when building for SLE.
  virt-create-rootfs.patch
  bsc#995981
- Update to libvirt 3.0.0
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Add b018ada3-shunloadtest-build-fix.patch to fix 'make check'
    failures
  - Add qemu-disable-namespaces.patch to temporarily disable
    qemu namespace feature until all issues are resolved
- In order to avoid issues like bsc#1017189, explicitly specify
  supported VirtualBox versions
- Update to libvirt 2.5.0
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
- Import new public signing key
- spec: explicitly set qemu-bridge-helper path to /usr/lib/
  bsc#999070
- Package org.libvirt.api.policy polkit file (bsc#959297)
- Fix postun systemd services cleanup
- Mark /etc/libvirt/nwfilter/*.xml files as config files
- Update to libvirt 2.4.0
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
- Update to libvirt 2.3.0
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Dropped patches:
    pci-use-driver-override-sysfs.patch,
    virHostdevFindUSBDevice-privsyms.patch, libxl-usb-vendor.patch,
    apparmor-qemu-bridge-helper.patch
- Update to libvirt 2.2.0
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Dropped patches:
    856965b3-qemu-secdriver.patch,
    541e9ae6-cpu-vendor-crash-fix.patch,
    d53d4650-qemu-rbd-auth.patch
- libxl: allow vendor/product addressing for USB hostdevs
  virHostdevFindUSBDevice-privsyms.patch, libxl-usb-vendor.patch
  bsc#989646
- qemu: fix auth for rbd network disks
  d53d4650-qemu-rbd-auth.patch
  bsc#988998
- Replace cpumodel-vendor-crash-fix.patch with upstream variant
  541e9ae6-cpu-vendor-crash-fix.patch
  bsc#992425
- Update to libvirt 2.1.0
  - New subpackages libvirt-libs and libvirt-admin
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Dropped patches:
    c8f08e48-systemd-notify-fix.patch
- qemu: fix qemu.conf security_driver regression in 2.1.0 release
  856965b3-qemu-secdriver.patch
- cpu_x86: fix libvirtd segfault when host cpu is 'qemu64'
  cpumodel-vendor-crash-fix.patch
  bsc#992425
- bsc#988279. Move the qemu-bridge-helper apparmor profile from the
  qemu abstraction to the usr.sbin.libvirtd profile.
  apparmor-qemu-bridge-helper.patch
- spec: minor improvements to logic enabling numactl and numad
  support and fix nested if indentation
  FATE#319979
- Update patches providing support for driver_override sysfs
  interface with latest upstream variant. Dropped
  pci-simplify-stub.patch and updated
  pci-use-driver-override-sysfs.patch
  bsc#986718
- spec: enable numactl and numad support for aarch64
  FATE#319979, bsc#991377
- BuildRequires: use librbd-devel instead of ceph-devel
- Enable rbd support for aarch64
  bsc#979473
- Use driver_override sysfs interface for binding/unbinding
  PCI stub drivers
  pci-simplify-stub.patch, pci-use-driver-override-sysfs.patch
  bsc#986718
- systemd: fix ready notification on abstract socket
  c8f08e48-systemd-notify-fix.patch
  boo#987668
- Update to libvirt 2.0.0
  - Change version scheme to match libvirt's time-driven release
    schedule. <major> will be incremented on first release of
    new calendar year, <minor> on each monthly release, and
    <micro> on stable branch maintenance release
  - Include libvirt-admin utility and API
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Dropped patches:
    apparmor-dont-scrub-environment-of-virtlogd-process.patch,
    e33cd67a-xenconfig-backendtype-fix.patch
- spec: Recent simplification allows using a common spec file for
  SLE and openSUSE
- Add SLE patches missing in openSUSE
  libxl-dom-reset.patch, libxl-set-migration-constraints.patch,
  libxl-set-cach-mode.patch
- xenconfig: fix conversion of <driver> to backendtype
  e33cd67a-xenconfig-backendtype-fix.patch
  bsc#984798
- Advertise aarch64 UEFI firmware paths
  - adjust spec file to include aarch64 paths in
    '--with-loader-nvram=' configure option
  - adjust qemu.conf 'nvram' option to include the SUSE paths
  bsc#981836, bsc#983747
- apparmor: Don't scrub environment of virtlogd process
  apparmor-dont-scrub-environment-of-virtlogd-process.patch
  boo#980441
- Update to libvirt 1.3.5
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Dropped patches:
    e4d131b8-mv-virDomainDefPostParseInternal.patch,
    3e428670-post-parse-implicit-video.patch,
    538012c8-default-vram.patch, 96b21fb0-vram-tests.patch,
    400e716d-libxl-noprope-emulator.patch,
    b90c4b5f-tests-use-qemu-xen.patch,
    fccf2725-libxl-API-4.4.patch,
    5325123d-libxl-migv2-save-restore.patch,
    f9edcfa4-libxl-migv2-migration.patch,
    a1c9a81a-libxl-rbd-fix.patch,
    ba566428-libxl-dom-iface-addrs.patch
- spec: simplify and cleanup by removing many conditionals that
  are never toogled. Also drop conditionals for suse_version <
  1310
- Avoid suppressing errors during useradd/groupadd
-  libxl: add domainInterfaceAddresses API
  ba566428-libxl-dom-iface-addrs.patch
  bsc#979425
- libxl: default to qemu driver for network disks
  a1c9a81a-libxl-rbd-fix.patch
  boo#981094
- spec: Remove %defattr usage
  Inspired by upstream commit 90f9193c
- libxl: support Xen migration stream V2
  fccf2725-libxl-API-4.4.patch,
  5325123d-libxl-migv2-save-restore.patch,
  f9edcfa4-libxl-migv2-migration.patch
  bsc#978361
- Fix default video RAM setting
  e4d131b8-mv-virDomainDefPostParseInternal.patch,
  3e428670-post-parse-implicit-video.patch,
  538012c8-default-vram.patch, 96b21fb0-vram-tests.patch,
  400e716d-libxl-noprope-emulator.patch,
  b90c4b5f-tests-use-qemu-xen.patch
  bsc#979397
- Remove unknown locales to fix build in old dists
- Update to libvirt 1.3.4
  - Add support for migration data compression in QEMU driver
  - Drop libvirtd.socket
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Dropped patches: 216650f1-libxl-build-fix.patch,
    6d8b6d28-mark-implicit-video-primary.patch,
    03e8d5fb-qemu-perf-memory-corruption.patch,
    libvirtd-systemd-socket.patch
- qemu: perf: Fix crash/memory corruption on failed VM start
  03e8d5fb-qemu-perf-memory-corruption.patch
  bsc#977131
- Fix setting implicit video devices as primary
  6d8b6d28-mark-implicit-video-primary.patch
  bsc#977150
- Update to libvirt 1.3.3
  - perf events
  - post-copy migration support
  - NSS module
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Add rpmlintrc file to filter shlib-policy-name-error for
    new libnss_libvirt plugin
- Fix build with Xen4.7
  216650f1-libxl-build-fix.patch
- spec: restart daemons in %posttrans after connection drivers
  have been processed
  bsc#854343, bsc#968483
- libxl: advertise system qemu instead of qemu-xen in caps
  libxl-qemu-emulator-caps.patch
  FATE#320638
- Update to libvirt 1.3.2
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
- libxl: Add support for block-{dmmd,drbd,npiv} scripts
  libxl-support-block-script.patch
  bsc#954872
- qemu: set /usr/share/qemu/ovmf-x86_64-ms-{code,vars}.bin as
  default UEFI firmwares for x86_64
  bsc#961853
- Update to libvirt 1.3.1
  - CVE-2015-5313
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Dropped patches: 034e47c3-CVE-2015-5313.patch,
    ace1ee22-qemuxml2argv-test.patch, add-with-login-shell.patch,
    virt-aa-helper-rw-mounts.patch
- spec: perform one-time enable and start of virtlogd.socket when
  upgrading from libvirt < 1.3.0. Inspired by upstream libvirt.git
  commit da054f35.
- CVE-2015-5313: don't allow '/' in filesystem volume names
  034e47c3-CVE-2015-5313.patch
  bsc#953110
- Fix failing qemuxml2argv test on 32-bit platforms
  ace1ee22-qemuxml2argv-test.patch
- Update to libvirt 1.3.0
  - New virtlogd log daemon
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Dropped patch: 703ec1b7-qemu-bridge-helper-fix.patch
  - Added patch: virtlogd-init-script.patch
- Run udevadm settle after removing NICs in lxc driver.
  bsc#829033. lxc-wait-after-eth-del.patch
- Don't add apparmor deny rw rule for 9P readonly mounts.
  bsc#952849. virt-aa-helper-rw-mounts.patch
- Don't package virt-login-shell anymore as shipping it as
  non-setuid doesn't make sense. bsc#837609
  add-with-login-shell.patch
- Detect path of qemu-bridge-helper during %configure
  - add qemu-tools as BuildRequires for suse_version > 1130
  - add upstream patch 703ec1b7-qemu-bridge-helper-fix.patch
- Update to libvirt 1.2.21
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Dropped patches:
    disable-virCgroupGetPercpuStats-test.patch
- spec: some minor wireshark fixups. Essentially a backport of
  commit 7c8250d7.
- spec: remove all dependencies on apparmor to keep it optional.
  bsc#949793
- xenconfig: set disk type to BLOCK when driver is not tap or file
  xen-sxpr-disk-type.patch
  bsc#938228
- spec: the libvirt apparmor profiles #include files from the
  apparmor-profiles package, thus should have a dependency on it
  bsc#949793
- Remove Wants=xencommons.service from libvirtd.service
  xencommons is already enabled by a global preset, and the
  absence of xen-tools.rpm causes a systemd warning
- Update to libvirt 1.2.20
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Dropped upstream patches:
    3468542f-virFileUnlink.patch,
    8b1d84e6-refreshVol-failure.patch,
    e0025d29-storage-mode-check.patch,
    ba25c214-libxl-log-level.patch,
    56945e13-libxl-AttachDeviceConfig-hostdev.patch
- bsc#945962: SLES12 SP1 Beta3 - Pass-through NIC device via virsh
  not available to VM.
  56945e13-libxl-AttachDeviceConfig-hostdev.patch
- libxl: set driver log level to the log_level specified in
  libvirtd.conf
  ba25c214-libxl-log-level.patch
  bsc#945796
- CVE-2015-5247 - denial of service through root-squash NFS storage
  bsc#945645
  3468542f-virFileUnlink.patch
  8b1d84e6-refreshVol-failure.patch
  e0025d29-storage-mode-check.patch
- Update to libvirt 1.2.19
  - Improved ppc64 support
  - New virDomainRename API
  - Support for PCI Express controllers in QEMU
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Dropped upstream patches:
    269d39af-storage-allocation-fix.patch,
    26c5fa3a-virt-aa-helper-missing-doc.patch,
    d25a5e08-virt-aa-helper-simplify-restriction-logic.patch,
    2f01cfdf-virt-aa-helper-allow-ovmf.patch,
    91fdcefa-virt-aa-helper-allow-nvram.patch,
    52970dec-virt-aa-helper-improve-valid-path.patch,
    44a54eb0-libxl-fix-refcnt-MigrationDstArgs.patch,
    15120b8c-libxl-no-resume-on-suspend-fail.patch,
    e80b84a7-libxl-acquire-job-on-migrate.patch,
    60acb38-revert-curmem-inactive-dom.patch
- Replace local libxl patches with upstream variants
  Dropped:
  0003-libxl-fix-ref-counting-of-libxlMigrationDstArgs.patch
  0004-libxl-don-t-attempt-to-resume-domain-when-suspend-fa.patch
  0005-libxl-acquire-a-job-when-receiving-a-migrating-domai.patch
  Added:
  44a54eb0-libxl-fix-refcnt-MigrationDstArgs.patch
  15120b8c-libxl-no-resume-on-suspend-fail.patch
  e80b84a7-libxl-acquire-job-on-migrate.patch
  bsc#936185
- Added another virt-aa-helper upstream patch
  52970dec-virt-aa-helper-improve-valid-path.patch
  lp#1483071
- Added upstream patch to fix libvirt-tck memory balloon test
  failure on Xen
  60acb38-revert-curmem-inactive-dom.patch
- Fix generated apparmor profile to allow access to ovmf and nvram.
  26c5fa3a-virt-aa-helper-missing-doc.patch
  2f01cfdf-virt-aa-helper-allow-ovmf.patch
  91fdcefa-virt-aa-helper-allow-nvram.patch
  d25a5e08-virt-aa-helper-simplify-restriction-logic.patch
  lp#1483071
- storage: only run safezero if allocation is > 0
  269d39af-storage-allocation-fix.patch
  bsc#942085
- Update to libvirt 1.2.18
  - libxl: support dom0
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Dropped upstream patches:
    e44bcae-virt-aa-helper-trailing-slash.patch,
    a55a5e7-virt-aa-helper-log.patch,
    61dab0f-virt-aa-helper-renaming.patch,
    24f3c2f-virt-aa-helper-fix-caps.patch,
    45697fe5-libxl-support-dom0.patch,
    e9c27344-libxl-fix-virDomainObj-state.patch,
    4ffb21c8-libxl-dom0-state-fix.patch,
    qemu-nbd-cleanup-fix.patch
- Fix crash in libxl driver on receiving side
  0003-libxl-fix-ref-counting-of-libxlMigrationDstArgs.patch
  0004-libxl-don-t-attempt-to-resume-domain-when-suspend-fa.patch
  0005-libxl-acquire-a-job-when-receiving-a-migrating-domai.patch
  bsc#936185
- libxl: set dom0 state to running
  4ffb21c8-libxl-dom0-state-fix.patch
  bsc#937316
- libxl: support management of dom0
  45697fe5-libxl-support-dom0.patch
  bsc#937316
- libxl: libxl: fix setting state of virDomainObj
  e9c27344-libxl-fix-virDomainObj-state.patch
  bsc#934937
- Fixed virt-aa-helper bugs preventing virt-sandbox to work.
  24f3c2f-virt-aa-helper-fix-caps.patch
  61dab0f-virt-aa-helper-renaming.patch
  a55a5e7-virt-aa-helper-log.patch
  e44bcae-virt-aa-helper-trailing-slash.patch
  bsc#936841
- Fixed crasher due to uninitialized values
  qemu-nbd-cleanup-fix.patch bsc#936841
- Update to libvirt 1.2.17
  - parallels driver renamed to vz (Virtuozzo)
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
- spec: re-enable tests that have received upstream fixes and
  are now passing
- Remove unsupported settings in libvirtd.socket unit file when
  systemd version < 214
  libvirtd-systemd-socket.patch
  bsc#933043
- spec: always apply Apparmor and netcontrol patches
- spec: Add libvirtd.socket unit file to service_add_pre and
  service_del_postun macros
- Update to libvirt 1.2.16
  - Introduce pci-serial
  - Introduce virDomainSetUserPassword API
  - Introduce protected key mgmt ops
  - Add domain vmport feature
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Drop upstream patches c0d3f608-libxl-soundhw.patch and
    8910e063-arch-caps.patch
  - Drop polkit-10-virt.rules in favor of upstream 50-libvirt.rules
- qemu: fix regression defaulting to host arch
  8910e063-arch-caps.patch
  rhb#1219191
- spec: build libxl driver for aarch64 and remove useless
  'suse_version <= 1220' conditional
- libxl: support virtual sound devices in HVM domains
  c0d3f608-libxl-soundhw.patch
  bsc#875216
- Update to libvirt 1.2.15
  - Implement virDomainAddIOThread and virDomainDelIOThread
  - libxl: Introduce configuration file for libxl driver
  - Add VIR_DOMAIN_EVENT_ID_DEVICE_ADDED event
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Drop upstream patches da33a1ac-lxc-init-statedir.patch and
    open-ns-files-readonly.patch
- spec file fixups for building --without-driver-modules
- boo#926765: add libvirt-daemon-driver-qemu dependency on
  libvirt-daemon-driver-storage.
- boo#926153: make sure /var/run/libvirt/lxc folder exists when
  starting the driver. da33a1ac-lxc-init-statedir.patch
- Fix lxc-enter-namespace for 3.19+ kernels.
  open-ns-files-readonly.patch
- Disable building wireshark dissector.  Commit 37397320
  requires wireshark pkgconfig, which SUSE wireshark packages
  do not provide.
- Disable building the legacy Xen driver since Xen no longer
  provides the xend toolstack.  Remove xend-specific patches
  while at it: fix-pci-attach-xen-driver.patch,
  xen-name-for-devid.patch
- Update to libvirt 1.2.14
  - qemu: Implement memory device hotplug
  - Implement public API for virDomainPinIOThread
  - Implement public API for virDomainGetIOThreadsInfo
  - SRIOV NIC offload feature discovery
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Drop disable-hugepage-test.patch in favor of upstream fix
- Fix build on older distros containing a polkit package that lacks
  support for /etc/polkit-1/rules.d drop directory
- Disable interface driver if libnetcontrol cannot be initialized
  Modified libvirt-suse-netcontrol.patch
  boo#920551
- Fix crash in libnetcontrol-backed interface driver
  Modified libvirt-suse-netcontrol.patch
  boo#920551
- Instruct polkit to allow memebers of the 'libvirt' group to connect
  to libvirt without providing any password (bnc#920804)
- Added polkit-10-virt.rules to fix bnc#920804
- Change default setting of security_default_confined in
  /etc/libvirt/qemu.conf instead of in code.  Making the change in
  code changes the default behavior for all users, even those that
  have a custom security setup in their /etc/libvirt/qemu.conf.
  Modified suse-qemu-conf.patch
  bsc#921586
- Fixed a number of QEMU apparmor abstraction problems. bsc#921355
  apparmor-fixes.patch
- Update to libvirt 1.2.13
  - qemu: improved support for host and guest NUMA
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
- Update to libvirt 1.2.12
  - CVE-2015-0236: qemu: Check ACLs when dumping security info
    from snapshots
  - CVE-2015-0236: qemu: Check ACLs when dumping security info
    from save image
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Drop upstream patches: 30c6aecc-apparmor-lib64.patch,
    apparmor-xen-fixup.patch, apparmor-allow-helpers.patch,
    apparmor-tck-raw-packets.patch
  - Disable a hugepage test that is failing on ppc, ppc64, and
    ppc64le architectures - disable-hugepage-test.patch
- Fixed patches to pass make syntax-check
- Apparmor profile regression breaks Xen domains. bsc#913799
  apparmor-xen-fixup.patch
  apparmor-allow-helpers.patch
  apparmor-tck-raw-packets.patch
- Replaced hard to maintain install-apparmor-profiles.patch
  by upstreamed 30c6aecc-apparmor-lib64.patch.
- Reformatted libvirt.spec and libvirtd.init to pass upstream make
  syntax-check
- fix bashisms in libvirt-guests.sh script
- update patches:
  + libvirt-guests-init-script.patch
- Update to libvirt 1.2.11
  - Implement public API for virDomainGetFSInfo
  - qemu: Add define for the new throttle options
  - CVE-2014-8131: Fix possible deadlock and segfault in qemuConnectGetAllDomainStats()
  - CVE-2014-7823: dumpxml: security hole with migratable flag
- Drop upstream patches: 2222123-virt-aa-helper-crash.patch,
  433b427-iplink-name.patch,
  52691f99-qemu-mig-crash.patch,
  72fecf1-lxc-resolve-symlinks.patch,
  b1674ad5-CVE-2014-7823.patch,
  ba9b7252-sys-net-rw.patch,
  c264eea-virt-aa-helper-sandbox.patch,
  e50457d-lxc-unmount-check.patch,
  cgroup-all-devices.patch,
  libvirt-ppc64le-support.patch
- Get /proc/sys/net/ipv[46] read-write for wicked to work in
  containers. bsc#904432. ba9b7252-sys-net-rw.patch
- Fixed allowing devices for containers.
  cgroup-all-devices.patch
- qemu: Fix crash in tunnelled migration
  52691f99-qemu-mig-crash.patch
  boo#908008
- Fix potential crasher in virt-aa-helper
  2222123-virt-aa-helper-crash.patch
- ip link add now needs the 'name' parameter.
  433b427-iplink-name.patch
- Fixes for virt-sandbox-service to work:
  - Allow adding virt-sandbox service config to apparmor rules.
    c264eea-virt-aa-helper-sandbox.patch
  - fix symlink resolving for containers to start.
    72fecf1-lxc-resolve-symlinks.patch
  - fix unmounting file system if it contains the source to mount.
    e50457d-lxc-unmount-check.patch
- Remove security_driver = "none" in qemu config. This completely
  disabled all security drivers instead of probing them.
- Changed default value of QEMU's security_default_confined to 0 to
  keep QEMU domains unconfined by default.
- CVE-2014-7823: dumpxml: security hole with migratable flag
  b1674ad5-CVE-2014-7823.patch
  bsc#904176
- Fix Qemu AppArmor abstraction.
  - qemu-block.so was denied on x86_64. install-apparmor-profiles.patch
  - Temporary fix access to screenshot temporary file. bsc#904426.
    qemu-apparmor-screenshot.patch
- Update to libvirt 1.2.10
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
- Added package wireshark-plugin-libvirt to provide the wireshark
  dissector for the libvirt RPC protocol
- spec: Remove gpg-offline build dependency and use of gpg_verify
  to verify tarball since this task can be performed by source
  services
- Update to libvirt 1.2.9
  - Introduce virNodeAllocPages
  - event: introduce new event for tunable values
  - Add support for fetching statistics of completed jobs
  - CVE-2014-3657: domain_conf: fix domain deadlock
  - CVE-2014-3633: qemu: blkiotune: Use correct definition when
    looking up disk
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Drop upstream patches: 3e745e8f-CVE-2014-3633.patch,
    libvirt-guests-wait-for-ntp.patch
- Verify tarball with associated .asc file
  Add: libvirt.keyring, libvirt-1.2.9.tar.gz.asc
  Use upstream .gz tarball instead of locally generated .bz2
- CVE-2014-3633: Use correct definition when looking up disk in
  qemu blkiotune
  3e745e8f-CVE-2014-3633.patch
  bnc#897783
- spec: do not require dmidecode on older code 11
- Wait for ntp service before running libvirt-guests
  libvirt-guests-wait-for-ntp.patch
  bnc#895194
- Canonicalize host arch name ppc64le to ppc64
  ppc64le-canonical-name.patch
  bnc#894956
- Update to libvirt 1.2.8
  - virDomainBlockCopy with XML destination, typed params
  - Introduce API for retrieving bulk domain stats
  - Introduce virDomainOpenGraphicsFD API
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
- bnc#893999: remove mount rules from libvirt-lxc apparmor
  abstraction file as those aren't handled by our kernel.
  apparmor-no-mount.patch
- bnc#894232 - Update apparmor profile to allow raw packets
  install-apparmor-profiles.patch
- remove not necessary hunks from libvirt-ppc64le-support.patch
- move new patches to section for to be upstreamed
- add patch: libvirt-power8-models.patch
  add current power8 cpu models to map
- add patch: libvirt-ppc64le-support.patch
  add preliminary ppc64le support to libvirt
- bnc#820399 - virsh blockcopy should refuse identical device
  blockcopy-check-dst-identical-device.patch
- Update to libvirt 1.2.7
  - Introduce virConnectGetDomainCapabilities
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Drop upstream patches: dba3432b-virt-lxc-convert-fix.patch,
    9b1e4cd5-skip-useless-apparmor-files.patch,
    9265f8ab-apparmor-lxc-rework.patch,
    add-nocow-to-vol-xml.patch,
    lxc-keep-caps-feature.patch,
    lxc-keep-caps-feature-conversion.patch,
    lxc-keep-caps-feature-doc.patch,
    lxc-net-target-name.patch,
    lxc-net-target-name-conversion.patch,
    lxc-net-target-name-doc.patch
- lxc AppArmor profile now only restricting potentially dangerous
  accesses. fdo#886460
- Add virt-lxc-convert to libvirt-daemon-driver-lxc package
- added patches:
  * 9265f8ab-apparmor-lxc-rework.patch
  * 9b1e4cd5-skip-useless-apparmor-files.patch
- virt-lxc-convert: force free to output values in bytes
- added patches:
  * dba3432b-virt-lxc-convert-fix.patch
- lxc: allow setting a custom name for container NICs as LXC is
  is able to do it.
  lxc-net-target-name.patch,
  lxc-net-target-name-conversion.patch,
  lxc-net-target-name-doc.patch
- Move 'Requires' of qemu from libvirt-daemon-qemu subpackage to
  libvirt-daemon-driver-qemu
  bnc#885267
- Temporarily disable virt-aa-helper-test, which fails in Factory
- Update to libvirt 1.2.6
  - libxl: add migration support and fixes
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Drop upstream patch libxl-migration-support.patch
  - Drop ia64-clone.patch since libvirt is not built for IA64
- lxc-keep-caps-feature.patch: allow to keep/drop additional
  capabilities for LXC containers. bnc#881465
- lxc-keep-caps-feature-conversion.patch: convert lxc.cap.drop to
  the new domain configuration.
- lxc-keep-caps-feature-doc.patch: documentation for the new feature.
- Disable failing virportallocatortest on aarch64
- Update to libvirt 1.2.5
  - Introduce virDomain{Get,Set}Time APIs
  - Introduce virDomainFSFreeze() and virDomainFSThaw() public API
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Drop upstream patches:
    b98bf811-add-paravirt-shutdown-flag.patch,
    c4fe29f8-use-shutdown-flag.patch,
    da744120-use-reboot-flag.patch,
    d6b27d3e-CVE-2014-0179.patch,
    fd43d1f8-libxl-iface-hostdev.patch,
    99f50208-managed-hostdev-iface.patch,
    292d3f2d-libselinux-build-fix1.patch,
    b109c097-libselinux-build-fix2.patch
- Add upstream patches that fix build with libselinux 2.3
  Added: 292d3f2d-libselinux-build-fix1.patch,
    b109c097-libselinux-build-fix2.patch
  Dropped: libselinux-build-fix.patch
- Fix the build breakers brought by libselinux 2.3.
  libselinux-build-fix.patch
- spec: libvirt-daemon package owns /etc/libvirt, not libvirt-client
  bnc#878056
- libxl: Fix <interface type='hostdev'> syntax for SR-IOV devices
  fd43d1f8-libxl-iface-hostdev.patch,
  99f50208-managed-hostdev-iface.patch
- Update to libvirt 1.2.4
  - Primarily a bug-fix release.  See http://libvirt.org/news.html
    for a detailed list of bug fixes and improvements
  - Drop upstream patches:
    0e0c1a74-domid-fix.patch, 7a1452f5-libxl-empty-cdrom.patch
- libxl: Support ACPI shutdown event
  b98bf811-add-paravirt-shutdown-flag.patch,
  c4fe29f8-use-shutdown-flag.patch, da744120-use-reboot-flag.patch
  bnc#872777
- libx: Support migration
  libxl-migration-support.patch
  bnc#875193
- CVE-2014-0179: Don't expand entities when parsing XML
  d6b27d3e-CVE-2014-0179.patch
  bnc#873705
- blacklist one more unit test for qemu_linux_user builds
- libxl: Set disk format for empty cdrom device
  0e0c1a74-domid-fix.patch, 7a1452f5-libxl-empty-cdrom.patch
  bnc#872517
- Fate#315125: add NOCOW flag
  add-nocow-to-vol-xml.patch
- Removed libxl-hvm-vnc.patch: went upstream in another form
- Update to libvirt 1.2.3
  - add new virDomainCoreDumpWithFormat API
  - conf: Introduce virDomainDeviceGetInfo API
  - more features and fixes on bhyve driver
  - lot of cleanups and improvement on the Xen driver
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
- Add /usr/sbin/rc{libvirtd,virtlockd,libvirt-guests} symlinks
  to preserve backwards compatibility
  bnc#868190
- Improve lock manager comments in qemu.conf
  Updated suse-qemu-conf.patch
- Create /etc/libvirt/hooks to allow using hook scripts
- Update to libvirt 1.2.2
  - add LXC from native conversion tool
  - vbox: add support for v4.2.20+ and v4.3.4+
  - CVE-2013-6456 (bnc#857490)
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Drop upstream patches: 37564b47-xend-parse-response.patch,
    4f20084-fix-apparmor-install-patch.patch
  - Add local disable-virCgroupGetPercpuStats-test.patch to disable
    failing virCgroupGetPercpuStats test in 'make check'
- daemon-qemu: Require qemu instead of kvm to align with
  recent changes to the qemu package structure
- spec: fix dependencies of daemon-config-network and
  daemon-config-nwfilter subpackages.  Influenced by upstream
  commits cf76c4b3 and dca5ce4c
- Remove libvirtd, virtlockd, and libvirt-guests init scripts when
  using systemd
  bnc#863540
- Fix the path to libvirtd AppArmor template profile
- Fix parsing xend http response
  37564b47-xend-parse-response.patch
  rhb#1055165
- Add CAP_SYS_PACCT capability to libvirtd AppArmor profile
  Modified install-apparmor-profiles.patch
  bnc#817407
- Fix build on code 11
- Fix rpmlint warning
- Following the upstream pattern, introduce the
  daemon-config-network subpackage to handle defining the default
  network
  bnc#859041
- Update to libvirt 1.2.1
  - CVE-2014-0028, CVE-2014-1447, CVE-2013-6458, CVE-2013-6457,
    CVE-2013-6436
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Dropped upstream patches: 5e397d9c-test-fix-dbus-crash.patch,
    78af457e-fix-virnettlscontexttest.patch,
    9faf3f29-LXC-memtune.patch, f8c1cb90-CVE-2013-6436.patch,
    libxl-hvm-nic.patch
- Ignore 'make check' on older, code 11 base
- Fixed and reenabled unit tests. bnc#854694
- Remove dependency on pm-utils from libvirt-client
  bnc#856381
- CVE-2013-6436: Fix crashes in lxc memtune code, one of which
  results in DoS
  f8c1cb90-CVE-2013-6436.patch, 9faf3f29-LXC-memtune.patch
  bnc#854486
- More adjustments to the spec file to fix package dependency
  issues
  bnc#848918
- Update to libvirt 1.2.0
  - Add support for gluster pool
  - Separation of python binding
  - vbox: add support for 4.3 APIs
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Updated and renamed clone.patch to ia64-clone.patch
- Enabled numad support for openSUSE >= 13.1
- Link with same versions of libnl used by netcontrol to prevent
  crashing libvirtd on start
- Add '/etc/sasl2' to libvirt-client file list to fix Factory build
- Fix starting of libvirtd when NetworkManager is enabled
  Modified libvirt-suse-netcontrol.patch
- Allow execution of libvirt hook scripts in /etc/libvirt/hooks/
  in libvirtd AppArmor profile
- Update to libvirt 1.1.4
  - Add support for AArch64 architecture
  - Various improvements on test code and test driver
  - Don't link virt-login-shell against libvirt.so
  - Close all non-stdio FDs in virt-login-shell
  - Only allow 'stderr' log output when running setuid
  - Fix perms for virConnectDomainXML{To,From}Native
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Drop upstream patches: e7f400a1-CVE-2013-4296.patch,
    2dba0323-CVE-2013-4297.patch, db7a5688-CVE-2013-4311.patch,
    e65667c0-CVE-2013-4311.patch, 922b7fda-CVE-2013-4311.patch,
    e4697b92-CVE-2013-4311.patch, 8294aa0c-CVE-2013-4399.patch,
    484cc321-fix-spice-migration.patch,
    79552754-libvirtd-chardev-crash.patch,
    57687fd6-CVE-2013-4401.patch, ae53e5d1-CVE-2013-4400.patch,
    8c3586ea-CVE-2013-4400.patch, b7fcc799a-CVE-2013-4400.patch,
    3e2f27e1-CVE-2013-4400.patch, 5a0ea4b7-CVE-2013-4400.patch,
    843bdb2f-CVE-2013-4400.patch,
    bd773e74-lxc-terminate-machine.patch,
    e350826c-python-fix-fd-passing.patch
- Allow execution of Xen binaries in /usr/lib{,64}/xen/bin in
  libvirtd AppArmor profile
  bnc#849524
- Require libvirt-daemon-<hypervisor> in the main libvirt package
  for each supported hypervisor
  bnc#850882
- Fix initialization of libxl NIC devices
  libxl-hvm-nic.patch
  bnc#848918
- Fix typo in libvirtd apparmor profile which prevented the profile
  from loading
  bnc#848216
- libxl driver: fix initialization of VNC and SDL info for
  HVM domains
  libxl-hvm-vnc.patch
  bnc#847566
- Allow libvirtd apparmor profile to access /etc/xen/scripts/*
- Fix file descriptor passing in python bindings
  e350826c-python-fix-fd-passing.patch
  rhb#1021434
- Have systemd terminate the machine as a workaround of fdo#68370
  bd773e74-lxc-terminate-machine.patch
  bnc#842834
- Spec file fixes to only package libvirt-login-shell when
  building the LXC driver
- CVE-2013-4400: Unsantized use of env variables allows privilege
  escalation via virt-login-shell
  ae53e5d1-CVE-2013-4400.patch, 8c3586ea-CVE-2013-4400.patch,
  b7fcc799a-CVE-2013-4400.patch, 3e2f27e1-CVE-2013-4400.patch,
  5a0ea4b7-CVE-2013-4400.patch, 843bdb2f-CVE-2013-4400.patch
  bnc#837609
- CVE-2013-4401: Fix perms for virConnectDomainXML{To,From}Native
  57687fd6-CVE-2013-4401.patch
  bnc#845704
- Move hypervisor-specific files out of libvirt-daemon package
  and into libvirt-daemon-<hypervisor> subpackage
  bnc#845851
- conf: Don't crash on invalid chardev source definition
  79552754-libvirtd-chardev-crash.patch
  bnc#845704, rhb#1012196
- Use newer libnl3 instead of libnl-1_1
  bnc#845540
- Move virt-login-shell to new subpackage libvirt-login-shell,
  requiring users to opt-in for this setuid binary.  Note: For now,
  virt-login-shell will not have setuid permissions, pending
  resolution of bnc#837609
- qemu: Fix seamless SPICE migration
  484cc321-fix-spice-migration.patch
  bnc#842301
- CVE-2013-4399: Fix crash in libvirtd when events are registered
  and ACLs active
  8294aa0c-CVE-2013-4399.patch
  bnc#844052, bnc#842300
- Update the stale gettext BuildRequires and Requires dependencies
  in the spec file
  bnc#841325
- virt-aa-helper apparmor profile was denying read access to
  /proc/$PID/*.  Give read accesss to these files.
  Updated install-apparmor-profiles.patch
  bnc#841720
- libvirtd apparmor profile was denying access to
  /usr/lib/xen/bin/qemu-system-i386, which is now the default
  emulator used with Xen guests
  Updated install-apparmor-profiles.patch
  bnc#845648
- Fix condrestart|try-restart invocation of virtlockd init script
  Modifed virtlockd-init-script.patch
- CVE-2013-4311: Add support for using 3-arg pkcheck syntax for
  process
  db7a5688-CVE-2013-4311.patch, e65667c0-CVE-2013-4311.patch,
  922b7fda-CVE-2013-4311.patch, e4697b92-CVE-2013-4311.patch
  bnc#836931
- CVE-2013-4296: Fix crash in remoteDispatchDomainMemoryStats
  e7f400a1-CVE-2013-4296.patch
  bnc#838638
- CVE-2013-4297: Fix crash in virFileNBDDeviceAssociate
  2dba0323-CVE-2013-4297.patch
  bnc#838642
- Update to libvirt 1.1.2
  - various improvements to libxl driver
  - systemd integration improvements
  - Add flag to BaselineCPU API to return detailed CPU features
  - Introduce a virt-login-shell binary
  - conf: add startupPolicy attribute for harddisk
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Drop upstream patches: bcef0f01-libxl-console.patch,
    9d0557b9-legacy-xen-double-free.patch,
    d7a45bf2-legacy-xen-dumpxml.patch, 0e671a16-CVE-2013-4239.patch
  - Includes fixes for bnc#837530, bnc#837531, bnc#837999
- Fix memory corruption in legacy Xen driver
  0e671a16-CVE-2013-4239.patch
  bnc#834598
- Upstream patches to fix dumpxml in legacy Xen driver
  9d0557b9-legacy-xen-double-free.patch,
  d7a45bf2-legacy-xen-dumpxml.patch
- Backport upstream patch implementing domainOpenConsole in the
  libxl driver.  Allows 'virsh console dom-name' to work with
  Xen libxl toolstack.
  bcef0f01-libxl-console.patch
- Update to libvirt 1.1.1
  - Adding device removal or deletion events
  - Introduce new domain create APIs to pass pre-opened FDs to LXC
  - Add interface versions for Xen 4.3
  - Add new public API virDomainSetMemoryStatsPeriod
  - Various LXC improvements
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Drop upstream patches: f38c8185-CVE-2013-2230.patch,
    fd2e3c4c-xen-sysctl-domctl.patch, dfc69235-CVE-2013-4153.patch,
    96518d43-CVE-2013-4154.patch, fe89fd3b-storage-pool-deadlock.patch
  - Drop relax-qemu-usergroup-check.patch - no longer needed
    after hypervisor-specific daemon package split
- Unlock the storage volume object after looking it up
  fe89fd3b-storage-pool-deadlock.patch
  rhb#980676
- CVE-2013-4153: Fix double free of returned JSON array in
  qemuAgentGetVCPUs()
  dfc69235-CVE-2013-4153.patch
- CVE-2013-4154: Prevent crash of libvirtd without guest agent
  configuration
  96518d43-CVE-2013-4154.patch
  bnc#830498
- Fix legacy xen driver with Xen 4.3
  fd2e3c4c-xen-sysctl-domctl.patch
- CVE-2013-2230: Fix crash when multiple event callbacks were
  registered
  f38c8185-CVE-2013-2230.patch
  bnc#827801
- Update to libvirt 1.1.0
  - Extensible migration APIs
  - Add a policy kit access control driver
  - various improvements in the Xen and libxl drivers
  - improve networking support on BSD
  - agent based vCPU hotplug support
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Drop upstream patches: 244e0b8c-CVE-2013-2218.patch
- Only require lzop if suse_version > 1210
- Fix typo in spec file
- Enable support for netcontrol by default
- Only require libvirt-daemon-driver-interface when building the
  interface driver
- CVE-2013-2218: Fix crash listing network interfaces with filters
  244e0b8c-CVE-2013-2218.patch
- Add xencommons as 'Wanted' in the systemd libvirtd service file
  systemd-service-xen.patch
  bnc#820888
- Fix build for SLE11 SP2
- Add a README to the empty packages.  Provides some info about
  their purpose and satisfies suse-filelist-empty check.
  Drop rpmlintrc
- Fix typo in spec file: devel package requires doc package, not
  docs
- Add rpmlintrc to get around suse-filelist-empty error on
  older distros.
- Refactor libvirt spec file to create subpackages for the various
  libvirtd components.  This allows installing a libvirtd tailored
  for the underlying virtualizer.  E.g. on a KVM/QEMU virtualizer
  only the libvirt-daemon-qemu package needs installed.
  Similarly, only libvirt-daemon-xen on a Xen virtualizer and
  libvirt-daemon-lxc on LXC.
- Update to libvirt 1.0.6
  - Move VirtualBox driver into libvirtd
  - Support for static routes on a virtual bridge
  - Various improvement for hostdev SCSI support
  - Switch to VIR_STRDUP and VIR_STRNDUP
  - Various cleanups and improvement in Xen and LXC drivers
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Drop upstream patches: f493d83f-cgroup-swap-control.patch,
    486a86eb-cgroups-docs.patch, 0ced83dc-cgroup-escape-dot.patch,
    bbe97ae9-no-cgroups.patch, c2cf5f1c-no-cgroups-fix.patch,
    95c6cc34-selinux.patch
- Update to libvirt 1.0.5.1 stable release
  - qemu: Fix cgroup handling when setting VCPU BW
  - daemon: fix leak after listing all volumes
  - Fix iohelper usage with streams opened for read
  - util: fix virFileOpenAs return value and resulting error logs
  - iscsi: don't leak portal string when starting a pool
  - don't mention disk controllers in generic controller errors
  - conf: don't crash on a tpm device with no backends
  - qemu: allocate network connections sooner during domain startup
  - Make detect_scsi_host_caps a function on all architectures
  - Fix release of resources with lockd plugin
  - Fix potential use of undefined variable in remote dispatch code
  - Fix F_DUPFD_CLOEXEC operation args
  - qemu: fix stupid typos in VFIO cgroup setup/teardown
  - network: fix network driver startup for qemu:///session
- Remove patches that are included in the 1.0.5.1 release
  0471637d-cgroups-vcpu-bw.patch, a2214c52-iohelper.patch,
  ca697e90-CVE-2013-1962.patch
- Don't mount selinux fs in LXC if selinux is disabled
  95c6cc34-selinux.patch
  bnc#814680
- fix leak after listing all volumes - CVE-2013-1962
  ca697e90-CVE-2013-1962.patch
  bnc#820397
- Fix iohelper usage with streams opened for read
  a2214c52-iohelper.patch
- Cope with missing swap cgroup controls
  f493d83f-cgroup-swap-control.patch
  bnc#819976
- Fix cgroup handling when setting VCPU BW
  0471637d-cgroups-vcpu-bw.patch
  rhb#963592
- Escape a leading '.' with '_' in the cgroup names
  0ced83dc-cgroup-escape-dot.patch
- Add missing documentation on new cgroup layout
  486a86eb-cgroups-docs.patch
- Another fix related to systems with no cgroups
  c2cf5f1c-no-cgroups-fix.patch
  bnc#819963
- Fix botched backport of commit bbe97ae9
- Fix starting domains when kernel has no cgroups support
  bbe97ae9-no-cgroups.patch
- Update to libvirt 1.0.5
  - PPC64: Add NVRAM device
  - Add XML config for resource partitions
  - Add support for TPM
  - NPIV storage migration support
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
- Update to libvirt 1.0.4
  - qemu: support passthrough for iscsi disks
  - various S390 improvements
  - various LXC bugs fixes and improvements
  - add API for thread cancellation
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Drop upstream patches: ce4557c3-apparmor-tapfd-label.patch
    libvirt-iptables-1.4.18.diff
- add libvirt-iptables-1.4.18.diff, fix masquerading with iptables
  v1.4.18 (--state match is deprectated, use conntrack instead)
- Fix PCI device attach for xen HVM domains
  fix-pci-attach-xen-driver.patch
  FATE#313570
- Apparmor security driver: Ensure tapfd's are labled when
  generating the guest profile.
  Modified install-apparmor-profiles.patch, added upstream patch
  ce4557c3-apparmor-tapfd-label.patch
  bnc#807940
- Grant permission to use datagram packets in libvirtd apparmor
  profile.
  Remove AF_PACKET.patch, modify install-apparmor-profiles.patch
  bnc#801145
- Add 'managed' PCI passthrough support to legacy xen driver
  support-managed-pci-xen-driver.patch
  FATE#313570
- Update to libvirt 1.0.3
  - Introduce virDomainMigrate*CompressionCache APIs
  - Introduce virDomainGetJobStats API
  - Add basic support for VDI images
  - Introduce API virNodeDeviceLookupSCSIHostByWWN
  - Various locking improvements
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Drop upstream patches: a6b8bae5-python-generator-fix1.patch,
    25ea8e47-python-generator-fix2.patch,
    567779e5-libxl-default-disk-backend.patch
- Fix path to qemu-bridge-helper in libvirt-qemu apparmor profile
  Modified install-apparmor-profiles.patch
- Fix detach of managed PCI devices from inactive domains.
  Detected while running test cases for FATE #313570.
  Modified xen-name-for-devid.patch
- spec: Fix installation of default network
- Fix default setting of backend field of libxl_device_disk
  567779e5-libxl-default-disk-backend.patch
  rhb#912488
- Fix build on IA64
  Modified clone.patch
- Fix error handling in python bindings
  a6b8bae5-python-generator-fix1.patch
  25ea8e47-python-generator-fix2.patch
  bnc#802619
- Require modutils instead of module-init-tools.
- Update to libvirt 1.0.2
  - LXC improvements
  - S390 architecture improvements
  - Power architecture improvements
  - large Coverity report cleanups and associated bug fixes
  - virTypedParams* APIs to help with those data structures
  - libxenlight driver improvements
  - Fixes CVE-2013-0170, bnc#800976
  - Drop upstream patches: 68e7bc45-libxl-link-fix.patch,
    462a6962-script-fixes1.patch, cb854b8f-script-fixes2.patch,
    5ec4b22b-script-fixes3.patch, a1fd56cb-script-fixes4.patch,
    66ff2ddc-virtlockd-systemd-file-perms.patch
- Unconditionally build sanlock support
  bnc#799262
- Fix interface management functions that were broken when
  rebasing libvirt-suse-netcontrol.patch
  bnc#799444 (SLES bug that affect Factory too)
- Update to libvirt 1.0.1
  - Introduce virtlockd daemon
  - parallels: add disk and network device support
  - Add virDomainSendProcessSignal API
  - Introduce virDomainFSTrim() public API
  - add fuse support for libvirt lxc
  - Add Gluster protocol as supported network disk backend
  - various snapshot improvements
- Add upstream patches to fix bugs in 1.0.1
  66ff2ddc-virtlockd-systemd-file-perms.patch,
  462a6962-script-fixes1.patch, cb854b8f-script-fixes2.patch,
  5ec4b22b-script-fixes3.patch, a1fd56cb-script-fixes4.patch,
  68e7bc45-libxl-link-fix.patch
- Rework SUSE patches for the various init scripts
  Dropped use-init-script-redhat.patch and added
  libvirtd-init-script.patch, libvirt-guests-init-script.patch,
  and virtlockd-init-script.patch
- Update to libvirt 1.0.0
  - virNodeGetCPUMap: Define public API
  - Add systemd journal support
  - Add a qemu capabilities cache manager
  - USB migration support
  - various improvement and fixes when using QMP QEmu interface
  - Support for Xen 4.2 in legacy xen driver
  - Lot of localization enhancements
  - Drop upstream patches: 371ddc98-xen-sysctl-9.patch,
    416eca18-xenstore-header-fix.patch,
    f644361b-virCommand-env.patch, 2b32735a-virCommand-env.patch,
    9785f2b6-fix-xen-sysctl9.patch
- Fix Xen sysctl version 9 support
  9785f2b6-fix-xen-sysctl9.patch
- Add upstream patches to support latest libguestfs
  f644361b-virCommand-env.patch
  2b32735a-virCommand-env.patch
- Fix build when using -werror
  416eca18-xenstore-header-fix.patch
- Support Xen sysctl version 9
  371ddc98-xen-sysctl-9.patch
  bnc#781425
- Temporarily disable building libxl driver.  The current
  implementation does not support libxl in Xen 4.2.
- Update to libvirt 0.10.2
  - network: define new API virNetworkUpdate
  - add support for QEmu sandbox support
  - blockjob: add virDomainBlockCommit
  - node_memory: Define the APIs to get/set memory parameters
  - list: Define new API virConnectListAllSecrets
  - list: Define new API virConnectListAllNWFilter
  - list: Define new API virConnectListAllNodeDevices
  - list: Define new API virConnectListAllInterfaces
  - list: Define new API virConnectListAllNetworks
  - list: Define new API virStoragePoolListAllVolumes
  - list: Define new API virStorageListAllStoragePools
  - parallels: add support of containers to the driver
  - Add PMSUSPENDED life cycle event
  - Add per-guest S3/S4 state configuration
  - qemu: Support for Block Device IO Limits
- Update to libvirt 0.10.1
  - Bug fix release for critical bugs in 0.10.0
  - Drop upstream patch f781e276-xen-driver-fix.patch
- Update to libvirt 0.10.0
  - agent: add qemuAgentArbitraryCommand()
  - Introduce virDomainPinEmulator and virDomainGetEmulatorPinInfo
  - network: use firewalld instead of iptables, when available
  - network: make network driver vlan-aware
  - esx: Implement network driver
  - driver for parallels hypervisor
  - Various LXC improvements
  - Add virDomainGetHostname
  - Drop upstream patches
    4036aa91-systemd.patch
    6039a2cb-CVE-2012-3445.patch
- Fix xen driver following changes to make it stateful
  f781e276-xen-driver-fix.patch
  bnc#778006
- Update to libvirt 0.9.13
  - S390: support for s390(x)
  - snapshot: implement new APIs for esx and vbox
  - snapshot: new query APIs and many improvements
  - virsh: Allow users to reedit rejected XML
  - nwfilter: add DHCP snooping
  - storage backend: Add RBD (RADOS Block Device) support
  - sVirt support for LXC domains inprovement
  - Drop upstream patches
    0dda594d-libvirtd-shutdown-deadlock.patch
    9c77bf04-fix-virnetserver-refcnt.patch
    57349ffc-lxc-ctrl.patch
    revert-d8978c90.patch
_ Update to libvirt 0.9.12
  - qemu: allow snapshotting of sheepdog and rbd disks
  - blockjob: add new AP
  - many bug fixes and improvements
- daemon: Fix crash in virTypedParameterArrayClear
  CVE-2012-3445
  6039a2cb-CVE-2012-3445.patch
  bnc#773955
- libvirtd.service: ensure libvirtd starts after network
  4036aa91-systemd.patch
  bnc#767932
- Add upstream patch to fix ref count of virNetServer object
  9c77bf04-fix-virnetserver-refcnt.patch
- Fix libvirtd deadlock on shutdown
  0dda594d-libvirtd-shutdown-deadlock.patch
  bnc#767797
- Fix segfault in libvirt_lxc
  57349ffc-lxc-ctrl.patch
  bnc#767448
- Fix build on i586
  revert-d8978c90.patch
- Update to libvirt 0.9.11.4 stable release
- VUL-1: Fix hotplug support for usb devices with same vendorID,
  productID
  9914477e-usb-search-funcs.patch
  05abd150-usb-improve-hotplug.patch
  bnc#766559
- Add capability 'audit_write' to libvirtd apparmor profile
  update install-apparmor-profiles.patch
  bnc#764388
- Update to libvirt 0.9.11.3 stable release
- Copy user in virURIParse
  4eb1c256-viruri-user.patch
  bnc#757766
- yajl is availabile in all supported SUSE products, so always
  use it when building libvirtd
- Update to libvirt 0.9.11
  - Add support for the suspend event
  - Add support for event tray moved of removable disks
  - qemu: Support numad
  - cpustats: API, improvements and qemu support
  - qemu: support type='hostdev' network devices at domain start
  - Introduce virDomainPMWakeup API
  - network: support Open vSwitch
  - snapshot improvements
- Remove unconditional define of 'with_netcontrol'
- Add a note in /etc/libvirt/qemu.conf describing administrator
  vigilance required when enabling a lock manager such as sanlock
- Recommend dmidecode if suse_version > 1110.  dmidecode is used
  by virConnectGetSysinfo.
- Add upstream patches to fix issues with older PolicyKit
  c05ec920-polkit0-build.patch
  fcdfa31f-polkit0-auth.patch
- Update to libvirt 0.9.10
  - Add support for sVirt in the LXC driver
  - Add new API virDomainBlockRebase
  - Add api to set and get domain metadata
  - virDomainGetDiskErrors public API
  - Add rawio attribute to disk element of domain XML
  - Introduce virDomainPMSuspendForDuration API
  - Add virStorageVolResize() API
  - Add a virt-host-validate command to sanity check HV config
  - Add new virDomainShutdownFlags API
  - QEMU guest agent support
- Fix libvirtd apparmor profile to work with libxenlight toolstack
  Updated install-apparmor-profiles.patch
  bnc#745890
- Fix init script packaging after enabling systemd support
- Fix %files after enabling sanlock support
- Enable libvirt integration with sanlock
- During configure, libvirt checks for availability of iptables
  binary and doesn't actually use anything from iptables-devel
  package, hence only need 'BuildRequires: iptables'.
- Update to libvirt 0.9.9
  - Add new API virDomain{S,G}etInterfaceParameters
  - Add new API virDomain{G,S}etNumaParameters
  - Add support for ppc64 qemu
  - Support Xen domctl v8
- Fixup systemd support as per openSUSE systemd packaging
  guidelines.
- Use %fdupes for duplicate file checking instead of hand-rolled
  function
- CVE-2011-4600: unintended firewall port exposure after restarting
  libvirtd when defining a bridged forward-mode network
  ae1232b2-CVE-2011-4600.patch
  bnc#736082
- Post-0.9.8 upstream systemd patches
  10404671-systemd-build-fix.patch 478a4d07-systemd-build-fix.patch
- Update to libvirt 0.9.8
  - Add support for QEMU 1.0
  - Add first parts of PPC cpu driver
  - Add new API virDomain{Set, Get}BlockIoTune
  - block_resize: Define the new API
  - Add a public API to invoke suspend/resume on the host
  - Various improvements for LXC containers
  - Define keepalive protocol and add virConnectIsAlive API
  - Add support for STP and VLANfiltering
  - Numerous bug fixes and improvements
- Add support for QEMU 1.0
  dd8e8956-qemu-1.0.patch
  bnc#736569
- Allow qemu driver (and hence libvirtd) to load when qemu
  user:group does not exist.  The kvm or qemu package, which may
  not exist on a xen host, creates qemu user:group.
  relax-qemu-usergroup-check.patch
- Handle empty strings in s-expression returned by xend
  a495365d-sexpr-empty-str.patch
  bnc#731344
- Allow libvirtd to access libvirt_{io,part}helper when confined
  by apparmor
  Update install-apparmor-profiles.patch
  bnc#730435
- Accommodate Xen domctl version 8
  xen-domctl-ver8.patch
- add libtool as buildrequire to avoid implicit dependency
- Fix build when using older PolicyKit
  d47ab3fe-polkit0.patch
- Update to libvirt 0.9.7
  - esx: support vSphere 5.x
  - vbox: support for VirtualBox 4.1
  - Introduce the virDomainOpenGraphics API
  - Add AHCI support to qemu driver
  - snapshot: many improvements and 2 new APIs
  - api: Add public api for 'reset'
- Add AHCI controller support to qemu driver
  c1bc3d89-qemu-add-ahci.patch
- Set security driver to 'none' in /etc/libvirt/qemu.conf.  Users
  must opt-in for Apparmor confinement of qemu instances.
  suse-qemu-conf.patch
- Revert upstream commit f84aedad, which is not needed since
  affected SUSE kvm packages have the necessary qemu fix
  f84aedad-revert.patch
- Update to libvirt 0.9.6
  - Fix shutdown regression with buggy qemu
- Fixed typos in libvirt.spec
- Update to libvirt 0.9.5
  - many snapshot improvements
  - latency: Define new public API and structure
  - USB2 and various USB improvements
  - storage: Add fs pool formatting
  - Add public API for getting migration speed
  - Add basic driver for Microsoft Hyper-V
  - Many bug fixes and improvements
- Enable building with libnetcontrol
- Select libnl-1_1-devel
- Set qemu migration speed unlimited when migrating to file
  7e5f6a51-rpc-generator.patch b12354be-mig-speed-1.patch
  1282bd80-mig-speed-2.patch 6f84e110-mig-speed-3.patch
  829bce17-mig-speed-4.patch 8fc40c51-mig-speed-5.patch
  ef1065cf-mig-speed-6.patch 0257ba8f-mig-speed-7.patch
  bnc#706436
- Increase max size of buffer used to receive xend response
  57c95175-xend-buff-size.patch
- Don't overwrite useful error messages in legacy xen driver
  32620dab-fix-xen-err-msg.patch
  bnc#711096
- Add upstream patches to stop excessive logging
  7f2498ef-no-log-invalid.patch 6ff9fc26-quiet-libxl-logging.patch
- Add 'Conflicts: kvm < 0.14.1' to ensure libvirt is using a
  kvm package that creates qemu user:group.  Remove user:group
  creation from libvirt
  bnc#694883
- Add libvirt group at package installation
  bnc#694885
- Explicitly add 'BuildRequires: libgcrypt-devel' since it is no
  longer required by libgnutls-devel
- netcf is buggy and not well maintained in SUSE.  Disable it in
  libvirt
- polkit support was mistakenly disabled, re-enable
- Add cgconfig to Should-{Start,Stop} in libvirtd init script
  bnc#712245
- Fix apparmor profile location and content
  update install-apparmor-profiles.patch
  bnc#705668
- Fix libvirtd SIGHUP handler
  9e093f0b-libvirtd-sighup.patch
- add baselibs.conf to sources
- Enable apparmor security dirver, SLES bnc#705668
  install-apparmor-profiles.patch
- Update to libvirt 0.9.4
  - bandwidth QoS control
  - Add new API virDomainBlockPull*
  - save: new API to manipulate save file images
  - CPU bandwidth limits support
  - allow to send NMI and key event to guests
  - new API virDomainUndefineFlags
  - Implement code to attach to external QEMU instances
  - various missing python binding
  - bios: Add support for SGA
  - Numerous improvements and documentation / bug fixes
- Add some upstream patches to fix memory leaks and some bugs
  in new rpc code
  c2ddd536-cert-key-order.patch 3e5d48ef-rpc-1.patch
  927dfcf6-rpc-2.patch 2c85644b-rpc-3.patch afe8839f-rpc-4.patch
  3cfdc57b-rpc-5.patch 7518ad75-remote-mem-leak.patch
  a34e193f-statstest.patch 41828514-skip-xen-tests.patch
  eb314315-pv-kernel-cmdline.patch 00d3c5a6-remove-dead-code.patch
  b8adfcc6-fix-polkit0-build.patch b2534529-unused-param.patch
- Update to libvirt 0.9.3
  - vcpupin: introduce the new libvirt API (virDomainGetVcpupinInfo)
  - Add TXT record support for virtual DNS service
  - Support reboots with the QEMU driver
  - Introduce virDomainGetControlInfo API
  - virNodeGetMemoryStats: Expose new API
  - virNodeGetCPUTime: Implement public API
  - send-key: Defining the public API
  - vcpupin: introduce a new libvirt API (virDomainPinVcpuFlags)
  - support multifunction PCI device
  - lxc: various improvements
- Create qemu user:group if necessary at package installation.
  More fallout from bnc#694883
- VUL-0: libvirt: integer overflow in VirDomainGetVcpus
  774b21c1-CVE-2011-2511.patch
  bnc#703084
- Enable building libvirt with audit support
  bnc#694891
- fate#311371 Enhance yast to configure live migration for
  Xen and KVM
  add firewall service file for libvirt
- Invoke qemu instances as user:group qemu:qemu by default
  bnc#694883
- Update to libvirt 0.9.2
  - Framework for lock manager plugins
  - API for network config change transactions (netcf required)
  - flags for setting memory parameters
  - virDomainGetState public API
  - qemu: allow blkstat/blkinfo calls during migration
  - Introduce migration v3 API
  - Defining the Screenshot public API
  - public API for NMI injection
- spec file: Adjust some directory attributes to support running
  non-privileged qemu instances
- Remove vi_VN locale if suse_version < 11.3
- Enable cap_ng when building lxc support.
- Update to libvirt 0.9.1
  - support various persistent domain updates
  - improvements on memory APIs
  - Add virDomainEventRebootNew
  - various improvements to libxl drive
  - Spice: support audio, images and stream compression
- Move libvirt-iohelper from client to base package
- fix baselibs.conf not to requires source 32bit
- Install log dir for libxl
  f7e9b448-libxl-build.patch
- Update to libvirt 0.9.0 final
  - Support cpu usage tuning
  - Add public APIs for storage volume upload/download
  - Add public API for setting migration speed on the fly
  - Add libxenlight driver
  - qemu: support migration to fd
  - add virDomain{Get,Set}BlkioParameters
  - introduce a new libvirt API (virDomainSetMemoryFlags)
  - Expose event loop implementation as a public API
  - Dump the debug buffer to libvirtd.log on fatal signal
  - Audit support
  - Numerous enhancements and bug fixes
- Update to libvirt 0.9.0 RC3
- use %first_lang before changing symlinks, find_lang removes
  unsupported languages
- VUL-0: libvirt: several API calls do not honour read-only
  connection
  71753cb7-CVE-2011-1146.patch
  bnc#678406
- Add baselibs.conf file to build xxbit packages
  for multilib support
  bnc#676921
- Minor fixes for libvirt-guests
  bnc#653398
- Do not add drive 'boot=on' param when a kernel is specified
  efc2594b-boot-param.patch
- Update to libvirt 0.8.8 final
  - sysinfo: expose new API
  - cgroup blkio weight support
  - smartcard device support
  - qemu: Support per-device boot ordering
- Update to libvirt 0.8.8 RC3
- Update to libvirt 0.8.8 RC1
- Remove explicit dependency on libyajl
  libvirt.spec
  bnc#668225
- Retry JSON monitor 'cont' cmd on MigrationExpected error
  4301b95a-json-cont-cmd.patch
- Add support for specifying Hardware Assisted Paging (HAP) in
  libvirt domain XML.
  48a5dccd-hap1.patch
  04197350-hap2.patch
  af521a01-hap3.patch
  79f56c66-hap4.patch
  094c6f4a-hap-fix.patch
  bnc#659665
- Enabled yajl for suse_version >= 1140
- Fix generation of dnsmasq's --dhcp-hostsfile option
  a43c7338-dnsmasq-hostfile-fix.patch
- Disable yajl support as the library does not yet exist in
  SuSE distros.
- Support libvirt-guests on SuSE distros
  use-libvirt-guests-on-suse.patch
  bnc#653398
- Update to libvirt 0.8.7
  - Preliminary support for VirtualBox 4.0
  - IPv6 support
  - Add VMware Workstation and Player driver
  - Add network disk support
- Fix VNC port reservation race in qemu driver
  c58b1056-init-bitmap-size.patch
  bnc#659431
- Do not limit insserv_cleanup to SLES
- disable building openvz driver
- Update to libvirt 0.8.6
  - new API virDomainIsUpdated
  - Add support for iSCSI target auto-discovery
  - QED: Basic support for QED images
  - Introduce a virDomainOpenConsole API
  - Support for SPICE graphics
  - Add a sysinfo and SMBIOS support
  - Implement virsh qemu-monitor-command
- Enabled yajl, macvtap, and virtualport for suse_version >= 1140
- Fix build when using "policy kit 0"
  polkit0.patch
- Update to libvirt 0.8.5
  - Enable JSON and netdev features in QEMU > 0.13
  - framework for auditing integration
  - framework for DTrace/SystemTap integration
  - Setting the number of vcpu at boot
  - Enable support for nested SVM
  - Virtio plan9fs filesystem QEMU
  - Memory parameter controls
  - portability to OS-X
  - lot of bug fixes and other improvements
- cannot restart dead libvirtd without manually removing pidfile
  modified libvirtd.init
  bnc#645755
- Fix package dependencies so can be installed without
  pulling excess of optional components
- Support dropping capabilities with cap-ng library in
  openSUSE >= 11.3
- Fix build when virtualport support is available but macvtap is
  disabled.
  vport-configure.patch
- Fix CDROM media change for Xen PV domains
  modified xen-pv-cdrom.patch
  bnc#636231
- Update to libvirt 0.8.4
  - various improvements to UML driver
  - documentation improvements
  - lot of bug fixes and other improvements
  - enable ESX driver for openSUSE
- Update to libvirt 0.8.3
  - Support vSphere 4.1
  - Qemu arbitrary monitor commands
  - Qemu Monitor API entry point
  - lots of improvements and bug fixes
- VUL-0: multiple issues in libvirt
  CVE-2010-223x-000[1-0].patch, CVE-2010-223x-0010.patch,
  CVE-2010-2242-nat.patch
  bnc#618155
- Use netcat-openbsd, which contains a proper 'nc' program
  supporting the '-U' option.  Drop socat.patch.
  bnc#611023
- Re-enable numa support now that bnc#598488 is resolved.
- Allocate buffer to hold xend content
  bnc#609738
  xend-buff-size.patch
- Add upstream fixes to bitmap code that was introduced to fix
  bnc#594024
  bitmap-alloc.patch
  bitmap-fixes.patch
- Fix race in VNC port reservation with qemu/KVM domains
  bnc#594024
  vnc-race-{1,2,3}.patch
- Don't package directories/files under /var/run
- Add upstream commit 34a7f3f6 to fix unintentional breakage of
  RPC protocol.
- Disable numa support in openSUSE11.3/Factory pending resolution
  of bnc#598488
- Update to libvirt 0.8.1
  - Add virDomainGetBlockInfo API to query disk sizing
  - Start dnsmasq from libvirtd with --dhcp-hostsfile option
  - lots of improvements and bug fixes
- Update to libvirt 0.8.0
  - Snapshot API framework
  - Add managed save API entry points
  - Timer subselection for domain clock
  - Add hook utilities
  - Network filtering API
  - Introduce a new virDomainUpdateDeviceFlags public API
  - Introduce a new public API for domain events
  - Public virDomainMigrateSetMaxDowntime API
  - Add public API for volume wiping
  - xenapi: Initial commit of the new driver
  - lots of improvements and bug fixes
- Fix 'virsh dominfo' crash when no security driver is configured
  fix-no-secdriver.patch
- Updated to version 0.7.7
  - Introduce public API for domain async job handling
  - macvtap support
  - Add QEMU support for virtio channel
  - Add persistence of PCI addresses to QEMU
  - Functions for computing baseline CPU from a set of host CPUs
  - Public API for virDomain{Attach,Detach}DeviceFlags
  - lots of improvements and bug fixes
- Ensure yast-created bridges are not manipulated by libvirt
  bnc#584757
  Modified suse-network.patch
- Fix ordering of xen disks to preserve 'bootable' flag
  bnc#474738
  xend-disk-order.patch
- Add support for blktap2 disks
  xen-tap2-support.patch
- Fix listing of yast-created bridges
  bnc#583754
  Modified suse-network.patch
- Add support for new XEN_DOMCTL_INTERFACE_VERSION version 7.
  xen-domctl-ver7.patch
- Unconditionally add /var/log/libvirt/{qemu,lxc,uml} directories.
  bnc#579522
- Updated to version 0.7.6
  - Implement support for multi IQN
  - Implement CPU topology support for QEMU driver
  - Use QEmu new device adressing when possible
  - Implement SCSI controller hotplug/unplug for QEMU
  - lots of improvements and bug fixes
- Support new XEN_SYSCTL_INTERFACE_VERSION 7 in libvirt
  bnc#574124
  xen-sysctl-v7.patch
- Add upstream patches as prelude to fixing various device
  attach/detach issues
  devflag-0[1-9].patch
- Fix attaching/detaching disk device from inactive Xen guest
  bnc#500586 and bnc#573748
- Fix migration with Xen4.0
  bnc#569598
  Add xen-migration-params.patch
  Remove migrate-params.patch
- Fix freeing of uninitialized pointer when using HAL in
  node device driver
  node-dev-free.patch
- Require virt-utils package for common tools such as qemu-img
- Updated to version 0.7.5
  - Add new API virDomainMemoryStats to header and drivers
  - Public API and domain extension for CPU flags
  - expose SR IOV physical/virtual function relationships
  - Support for JSON mode monitor [deactivated]
  - Support for interface model='netfront'
  - vbox: Add support for version 3.1
  - Support QEMU's virtual FAT block device driver
  - lots of improvements and bug fixes
- Fix libvirt xen hypervisor driver to work with domctl interface
  version 6
  xen-shr-pages.patch
- Plumb domain description in xend backend
  xend-description-tag.patch
- Fix listing of defined but inactive Xen domains
  xen-list-defined.patch
- Updated to version 0.7.4
  - Implement a node device backend using libudev
  - New APIs for checking some object properties
  - Fully asynchronous monitor I/O processing
  - add MAC address based port filtering to qemu
  - support for IPv6 / multiple addresses per interfaces
  - lots of improvements and bug fixes
- Fix compilation against xen-unstable
  xen-max-vcpus.patch
- Modify detach-disk.patch as per upstream suggestions
- spec file: Fix polkit vs PolicyKit Requires
- Fix compilation when selinux is enabled
  selinux-ldflags.patch
- Fix compilation warnings
  updated snapshots.patch
  virsh-warning.patch
- Updated to version 0.7.2
  - sVirt AppArmor security driver
  - Add public API definition for data stream handling
  - ESX add esxDomainDefineXML()
  - LXC: suspend/resume support
  - Big code tree cleanup
  - Lots of bug fixes and improvements
- Add ocfs2 to list of supported fs pool types
  fate#307387
- Build phyp driver ifarch ppc64
  fate#307096
- Fix memory leaks in libvirtd's message processing
  msg-proc-memleak.patch
- Fix connection ref counting in xen drivers
  xen-refcnt.patch
- Fix abort in virsh when specifying a connection URI
  vshdeinit-recurse.patch
- Workaround for missing pkgconfig file in device-mapper-devel
  devmap-no-pkgconfig.patch
  bnc#540942
- Updated to version 0.7.1
  - Add support for encrypted (qcow) volume creation
  - Secret manipulation public API
  - Multipath storage support module
  - VBox add Storage Volume support
  - Support configuration of huge pages in guests
  - Support new PolicyKit 1.0 API
  - Compressed save image format for Qemu
  - Qemu add host PCI device hotplug support
- Updated to version 0.7.0
  - Interface implementation based on netcf (disabled on SuSE)
  - Add new net filesystem glusterfs
  - Initial VMWare ESX driver
  - Add support for VBox 3 and event callbacks on vbox
  - First version of the Power Hypervisor driver
  - Run QEMU guests as an unprivileged user (still root on SuSE)
  - Support cgroups in QEMU driver
  - QEmu hotplug NIC support
  - Storage cloning for LVM and Disk backends
- Updated to version 0.6.5
  - create storage volumes on disk backend
  - drop of capabilities based on libcap-ng when possible
  - forbid autostart on transcient networks
  - re-detection of transient VMs after libvirtd restart
  - create and destroy NPIV support
  - other bug fixes and cleanups
- Removed unnecessary call to fillup_and_insserv macro in
  %post scriptlet
- Updated to version 0.6.2
  - support SASL auth for VNC server
  - memory ballooning in QEMU
  - SCSI HBA storage pool support
  - PCI passthrough in Xen driver
  - new APIs for Node device detach reattach and reset
  - sVirt mandatory access control support
  - thread safety of the API and event handling
  - allow QEmu domains to survive daemon restart
  - extended logging capabilities
  - support copy-on-write storage volumes
  - support of storage cache control options for QEMU/KVM
- Improvements from lnussel@suse.de
  - add %jobs macro again
  - package default qemu network and augeas config files again
  - don't start libvirtd by default (bnc#496838)
- use --disable-static instead of just removing static libraries

==== libzip ====
Version update (1.1.3 -> 1.2.0)

- Update to version 1.2.0:
  * Support for AES encryption (Winzip version), both encryption
    and decryption.
  * Support legacy zip files with >64k entries.
  * Fix seeking in zip_source_file if start > 0.
  * Add zip_fseek() for seeking in uncompressed data.
  * Add zip_ftell() for telling position in uncompressed data.
  * Add zip_register_progress_callback() for UI updates during
    zip_close()

==== mariadb ====
Version update (10.1.20 -> 10.1.21)
Subpackages: libmysqlclient-devel libmysqlclient18 libmysqlclient_r18 libmysqld18 mariadb-client mariadb-errormessages

- update to MariaDB 10.1.21
  * notable changes:
  * Innodb updated to 5.6.35
  * Performance Schema updated to 5.6.35
  * release notes and changelog:
  * https://mariadb.com/kb/en/mariadb/mariadb-10121-release-notes/
  * https://mariadb.com/kb/en/mariadb/mariadb-10121-changelog/
  * fixes the following CVEs:
    CVE-2017-3318 [bsc#1020896], CVE-2017-3317 [bsc#1020894],
    CVE-2017-3312 [bsc#1020873], CVE-2017-3291 [bsc#1020884],
    CVE-2017-3265 [bsc#1020885], CVE-2017-3258 [bsc#1020875],
    CVE-2017-3257 [bsc#1020878], CVE-2017-3244 [bsc#1020877],
    CVE-2017-3243 [bsc#1020891], CVE-2017-3238 [bsc#1020882],
    CVE-2016-6664 [bsc#1008253]
- add mariadb.te file to the filelist
- add mysqld_safe_helper to the filelist
- refresh mariadb-10.1.4-group.patch
- add mariadb-10.1.20-incorrect_list_handling.patch to fix incorrect
  linked list handling in mysql_prune_stmt_list() function that can
  cause use-after-free error [bsc#1022428]

==== mjpegtools ====
Subpackages: libmjpegutils-2_0-0

- Split the package in smaller pieces, allowing as user to keep the
  main/free parts from the distribution and 'enhancing' the
  capability with simple addon-packages: libmpeg2encpp-2_0-0 (as a
  library it is required by other code depending on it) and
  mjpegtools-orig-addon, which is auto-recommended when the user
  has mjpegtools installed AND has a repo enabled, containing this
  package AND has recommends enabled.

==== mozilla-nss ====
Version update (3.28.2 -> 3.28.3)
Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs mozilla-nss-tools

- update to NSS 3.28.3
  * This is a patch release to fix binary compatibility issues.
    NSS version 3.28, 3.28.1 and 3.28.2 contained changes that were
    in violation with the NSS compatibility promise.
    ECParams, which is part of the public API of the freebl/softokn
    parts of NSS, had been changed to include an additional attribute.
    That size increase caused crashes or malfunctioning with applications
    that use that data structure directly, or indirectly through
    ECPublicKey, ECPrivateKey, NSSLOWKEYPublicKey, NSSLOWKEYPrivateKey,
    or potentially other data structures that reference ECParams.
    The change has been reverted to the original state in bug
    bmo#1334108.
    SECKEYECPublicKey had been extended with a new attribute, named
    "encoding". If an application passed type SECKEYECPublicKey to NSS
    (as part of SECKEYPublicKey), the NSS library read the uninitialized
    attribute. With this NSS release SECKEYECPublicKey.encoding is
    deprecated. NSS no longer reads the attribute, and will always
    set it to ECPoint_Undefined. See bug bmo#1340103.
- requires NSPR >= 4.13.1

==== mtd-utils ====
Version update (1.5.2 -> 2.0.0)

- Update to version 2.0.0:
  * libmissing with stubs for functions not present in libraries
    like musl
  * unittests for libmtd and libubi
  * port most kernel space mtd test modules to userspace
  * mkfs.ubifs: extended attribute support
  * ubinize: Move lengthy help text to a man page
  * nandwrite: Add skip-all-ff-pages option
  * flash_{un,}lock: support for MEMISLOCKED
  * nandtest: support hex/dec/oct for --offset and --length

==== multipath-tools ====
Subpackages: kpartx

- Remove superfluous PreReq for insserv and fillup

==== mutter ====
Version update (3.22.2 -> 3.22.3)
Subpackages: libmutter0 mutter-data

- Update to version 3.22.3:
  + Fix switching between two finger- and edge scrolling on wayland
    (bgo#771744).
  + Fix frequent freezes in multihead setups on wayland
    (bgo#774557).
  + Preserve root window mask on XSelectionRequest (bgo#776128).
  + Fix window menu placement with HiDPI (bgo#776055).
  + Fix HiDPI detection on vertical monitor layouts (bgo#777687).
  + Fix erroneous key event repeats (bgo#774989).
  + Fix "ghost" cursors in multi-monitor setups (bgo#771056).
  + Use eglGetPlatformDisplay (bgo#772422).
  + Fix erratic raise_or_lower behavior (bgo#705200).
  + Extend tablet device checks (bgo#773779).
  + Set right scale for tablet tool cursors on HiDPI (bgo#778474).
  + Allow edge-scrolling without 2fg-scroll capable devices
    (bgo#778554).
  + Misc. bug fixes: bgo#771297, bgo#774135, bgo#775986,
    bgo#777691, bgo#777470, bgo#778262, bgo#776919.
  + Updated translations.
- Drop mutter-x11-meta.patch: Fixed upstream.

==== open-vm-tools ====
Subpackages: libvmtools0 open-vm-tools-desktop

- Don't require insserv if we don't need it.

==== openldap2 ====
Subpackages: libldap-2_4-2 libldap-2_4-2-32bit libldap-data openldap2-client openldap2-devel

- Remove superfluous insserv PreReq.

==== os-prober ====
Version update (1.70 -> 1.74)

- Version bump to 1.74:
  * Add support for Mageia
  * Improve logging of mounting and setting partitions to ro/rw
  * Use a read-only device-mapper entry if possible rather than setting the
    underlying device to read-only.
    Note that this introduces a dependency on dmsetup on Linux architectures.
  * Remove the "blockdev --setro" code path entirely, since the read-only
    device-mapper arrangement supersedes it and should be safer
  * Make the yaboot parser more tolerant about the syntax of "append" options
  * Disable debugging if OS_PROBER_DISABLE_DEBUG is set
  * Replace basename/dirname with shell string processing
  * Fix typos in README
  * Add Devuan detection
  * Work harder to avoid trying to mount extended partitions
  * Drop " (loader)" suffixes on Microsoft operating systems
  * Add support for 4MLinux
  * Use HTTPS for Vcs-* URLs, and link to cgit rather than gitweb.
- Rediff
  * os-prober-1.49-grub2-mount.patch
  * os-prober-EFI-openSUSEfy.patch
  * os-prober-btrfs-always-detect-default.patch
  * os-prober-btrfsfix.patch
  * os-prober-dont-load-all-fs-module-and-dont-test-mount.patch
  * os-prober-fix-btrfs-subvol-mounted-tests.patch
  * os-prober-linux-distro-avoid-expensive-ld-file-test.patch
  * os-prober-linux-distro-parse-os-release.patch
- Remove patches; fixed on upstream release
  * os-prober-call-dmraid-once.patch
  * os-prober-1.49-skip-LVM2_member.patch

==== p7zip ====

- Explicitly package %{_docdir}/%{name} to fix build with RPM 4.13.

==== pcre2 ====
Version update (10.22 -> 10.23)

- pcre2 10.23:
  * major re-factoring of the pcre2_compile.c file
  * Back references are now permitted in lookbehind assertions when
    there are no duplicated group numbers (that is, (?| has not
    been used), and, if the reference is by name, there is only one
    group of that name. The referenced group must, of course be of
    fixed length.
  * \g{+<number>} (e.g. \g{+2} ) is now supported. It is a "forward
    back reference" and can be useful in repetitions
    (compare \g{-<number>} ). Perl does not recognize this syntax.
  * pcre2grep now automatically expands its buffer up to a maximum
    set by --max-buffer-size.
  * The -t option (grand total) has been added to pcre2grep.
  * A new function called pcre2_code_copy_with_tables() exists to
    copy a compiled pattern along with a private copy of the
    character tables that is uses.
- Explicitly package %{_docdir}/%{name} to fix build with RPM 4.13.

==== perl-Net-HTTP ====
Version update (6.12 -> 6.13)

- updated to 6.13
  see /usr/share/doc/packages/perl-Net-HTTP/Changes
  6.13      2017-02-19 21:40:54-05:00 America/Toronto
  - use EWOULDBLOCK as well on all places where EAGAIN is used (GH PR#24)

==== perl-YAML ====
Version update (1.22 -> 1.23)

- updated to 1.23
  see /usr/share/doc/packages/perl-YAML/Changes
  1.23 Sun Feb 19 22:07:57 CET 2017
  - Fix $YAML::Numify (empty values were converted to 0)

==== pidgin-sipe ====
Version update (1.21.1 -> 1.22.0)
Subpackages: libpurple-plugin-sipe libpurple-plugin-sipe-lang pidgin-plugin-sipe

- Conditionalise video/audio to fix build on SLE 12 SP1.
- update to 1.22.0
  - Feature #93: Support for Lync Autodiscover (Stefan Becker)
  - Feature #6: Application Sharing Viewer (Jakub Adam)
  * requires libpurple >= 2.12.0
  * needs an external RDP client - remmina and xfreerdp are supported
  - Fixed #315: Crash when contact list is empty (Stefan Becker)
  - Fixed #314: sipe login problems with long pw (Stefan Becker)
  - separate logging and debugging output (Stefan Becker)
  * logging is always shown, e.g. in the Pidgin debug window
  * full message debugging now requires PURPLE_UNSAFE_DEBUG=1
  - new translations: Greek (el), Lithuanian (lt)
- drop pidgin-sipe-gstreamer-1.0.patch: no longer needed
- add recommends for remmina and freerdp so the desktop sharing
  stuff would work out of the box
- add BR for gstreamer-rtp-1.0 and farstream-0.2 to keep the
  video/audio feature working

==== plasma5-desktop ====

- Add patch to fix regression in 5.9.2:
  * 0001-Don-t-pin-during-reordering-by-DND.patch
- Add BuildRequires: plasma5-workspace to fix generation of package
  metadata (needed in :LTS, apparently already pulled in by something else here)

==== poppler ====
Version update (0.51.0 -> 0.52.0)
Subpackages: libpoppler-cpp0 libpoppler-devel libpoppler-glib8 libpoppler66 poppler-tools

- Update to version 0.52.0:
  + core:
  - Fix assert on reading some OCGs (fdo#99768).
  - Properly initialize some RichMedia variables in corner cases
    (fdo#99767).
  + qt4:
  - optcontent structure was leaking the headers items
    (fdo#99449).
  - Cleanup objects in tests to fix memory leaks (fdo#99449).
  + qt5:
  - optcontent structure was leaking the headers items
    (fdo#99449).
  - Cleanup objects in tests to fix memory leaks (fdo#99449).
  + utils: pdftocairo.1: Fix typo.

==== poppler-qt5 ====
Version update (0.51.0 -> 0.52.0)
Subpackages: libpoppler-qt5-1 libpoppler-qt5-devel

- Update to version 0.52.0:
  + core:
  - Fix assert on reading some OCGs (fdo#99768).
  - Properly initialize some RichMedia variables in corner cases
    (fdo#99767).
  + qt4:
  - optcontent structure was leaking the headers items
    (fdo#99449).
  - Cleanup objects in tests to fix memory leaks (fdo#99449).
  + qt5:
  - optcontent structure was leaking the headers items
    (fdo#99449).
  - Cleanup objects in tests to fix memory leaks (fdo#99449).
  + utils: pdftocairo.1: Fix typo.

==== postfix ====
Subpackages: postfix-doc

- Fix requires:
  - shadow is needed for postfix-mysql pre-install section
  - insserv is not needed if systemd is used

==== postgresql-init ====

- Fix location of insserv cleanup call

==== python-qt4 ====

- Require sip 4.19.1 for compatibility with PyQt5

==== python-rpm-macros ====
Version update (1.0git.1483874658.ead0b0b -> 1.0.git.1486997542.e9fcc29)

- update service, use repository and tarball name "python-rpm-macros"
- introduce %python_prefix
- Set RPM group
- change service version generator to use "1.0.git" instead of "1.0git"

==== python-sip ====
Version update (4.19 -> 4.19.1)
Subpackages: python-sip-devel

- Update to 4.19.1
  * Added the %PreMethodCode directive.
  * Added sipEnableGC() to the C API.
  * Added the -D command line option so that the generated code is
    aware of Python debug builds.

==== python-wxWidgets-3_0 ====
Subpackages: python-wxWidgets-3_0-lang

- Eliminate ancient bundled headers from build procedure that
  caused ABI mismatches [boo#953017, boo#1022819, boo#1023841].

==== sg3_utils ====
Subpackages: libsgutils2-1_43-2

- Remove superfluous insserv PreReq.

==== shim-leap ====

- Update shim to 0.9-13.1
  + Update shim-install to support "--no-nvram" and improve
    removable media and fallback mode handling (bsc#985568,
    bsc#999818) (Fix from mchang@suse.com)
- New signature from Microsoft
- shim-install : fix regression of password prompt (bsc#993764)
- Add shim-bsc991885-fix-sig-length.patch to fix the signature
  length passed to Authenticode (bsc#991885)
- Update shim-bsc973496-mokmanager-no-append-write.patch to try
  append write first
- Add shim-update-openssl-1.0.2h.patch to update openssl to 1.0.2h
- Bump the requirement of gnu-efi due to the HTTPBoot support
- Add shim-httpboot-support.patch to support HTTPBoot
- Add shim-update-openssl-1.0.2g.patch to update openssl to 1.0.2g
  and Cryptlib to 5e2318dd37a51948aaf845c7d920b11f47cdcfe6
- Drop patches since they are merged into
  shim-update-openssl-1.0.2g.patch
  + shim-update-openssl-1.0.2d.patch
  + shim-gcc5.patch
  + shim-bsc950569-fix-cryptlib-va-functions.patch
  + shim-fix-aarch64.patch
- Refresh shim-change-debug-file-path.patch
- Add shim-bsc973496-mokmanager-no-append-write.patch to work
  around the firmware that doesn't support APPEND_WRITE (bsc973496)
- shim-install : remove '\n' from the help message (bsc#991188)
- shim-install : print a message if there is no valid EFI partition
  (bsc#991187)
- shim-install : support simple MD RAID1 target devices (FATE#314829)
- Add shim-fix-aarch64.patch to fix compilation on AArch64 (bsc#978438)
- shim-install : fix typing ESC can escape to parent config which is
  in command mode and cannot return back (bsc#966701)
- shim-install : fix no which command for JeOS (bsc#968264)
- acquired updated signature from Microsoft
- Add shim-bsc950569-fix-cryptlib-va-functions.patch to fix the
  definition of va functions to avoid the potential crash
  (bsc#950569)
- Update shim-opensuse-cert-prompt.patch to avoid setting NULL to
  MokListRT (bsc#950801)
- Drop shim-fix-mokmanager-sections.patch as we are using the
  newer binutils now
- Refresh shim-change-debug-file-path.patch
- acquired updated signature from Microsoft
- shim-install : set default GRUB_DISTRIBUTOR from /etc/os-release
  if it is empty or not set by user (bsc#942519)
- Add shim-update-openssl-1.0.2d.patch to update openssl to 1.0.2d
- Refresh shim-gcc5.patch and add it back since we really need it
- Add shim-change-debug-file-path.patch to change the debug file
  path in shim.efi
  + also add the debuginfo and debugsource subpackages
- Drop shim-fix-gnu-efi-30w.patch which is not necessary anymore
- Update to 0.9
- Refresh patches
  + shim-fix-gnu-efi-30w.patch
  + shim-fix-mokmanager-sections.patch
  + shim-opensuse-cert-prompt.patch
- Drop upstreamed patches
  + shim-bsc920515-fix-fallback-buffer-length.patch
  + shim-mokx-support.patch
  + shim-update-cryptlib.patch
- Drop shim-bsc919675-uninstall-shim-protocols.patch since
  upstream fixed the bug in another way.
- Drop shim-gcc5.patch which was fixed in another way
- Fix tags in the spec file
- Add shim-update-cryptlib.patch to update Cryptlib to r16559 and
  openssl to 0.9.8zf
- Add shim-bsc919675-uninstall-shim-protocols.patch to uninstall
  the shim protocols at Exit (bsc#919675)
- Add shim-bsc920515-fix-fallback-buffer-length.patch to adjust
  the buffer size for the boot options (bsc#920515)
- Refresh shim-opensuse-cert-prompt.patch
- shim-gcc5.patch: shim needs -std=gnu89 to build with GCC5
- shim-install : fix cryptodisk installation (boo#917427)
- Add shim-fix-mokmanager-sections.patch to fix the objcopy
  parameters for the EFI files
- Update to 0.8
- Add shim-fix-gnu-efi-30w.patch to adapt the change in
  gnu-efi-3.0w
- Merge shim-signed-unsigned-compares.patch,
  shim-mokmanager-support-sha-family.patch and
  shim-bnc863205-mokmanager-fix-hash-delete.patch into
  shim-mokx-support.patch
- Refresh shim-opensuse-cert-prompt.patch
- Drop upstreamed patches: shim-update-openssl-0.9.8zb.patch,
  bug-889332_shim-overflow.patch, and bug-889332_shim-mok-oob.patch
- Enable aarch64
- Fixed buffer overflow and OOB access in shim trusted code path
  (bnc#889332, CVE-2014-3675, CVE-2014-3676, CVE-2014-3677)
  * added bug-889332_shim-mok-oob.patch, bug-889332_shim-overflow.patch
- Added new certificate by Microsoft
- re-introduce build failure if shim_enforce_ms_signature is defined. That way
  a project like openSUSE:Factory can decide whether or not shim needs a valid
  MS signature.
- Add shim-update-openssl-0.9.8zb.patch to update openssl to
  0.9.8zb
- updated shim to new version (OpenSSL 0.9.8za) and requested a new
  certificate from Microsoft. Removed
  * shim-allow-fallback-use-system-loadimage.patch
  * shim-bnc872503-check-key-encoding.patch
  * shim-bnc877003-fetch-from-the-same-device.patch
  * shim-correct-user_insecure-usage.patch
  * shim-fallback-avoid-duplicate-bootorder.patch
  * shim-fallback-improve-entries-creation.patch
  * shim-fix-dhcpv4-path-generation.patch
  * shim-fix-uninitialized-variable.patch
  * shim-fix-verify-mok.patch
  * shim-get-variable-check.patch
  * shim-improve-error-messages.patch
  * shim-mokmanager-delete-bs-var-right.patch
  * shim-mokmanager-handle-keystroke-error.patch
  * shim-remove-unused-variables.patch
  since they're included in upstream and rebased the remaining onces.
  Added shim-signed-unsigned-compares.patch to fix some compiler
  warnings
- Keep shim-devel.efi for the devel project
- don't fail the build if the UEFI signing service signature can't
  be attached anymore. This way shim can still pass through staging
  projects. We will verify the correct signature for release builds
  using openQA instead.
- shim-install: fix GRUB shows broken letters at boot by calling
  grub2-install to initialize /boot/grub2 directory with files
  needed by grub.cfg (bnc#889765)
- Add shim-remove-unused-variables.patch to remove the unused
  variables
- Add shim-bnc872503-check-key-encoding.patch to check the encoding
  of the keys (bnc#872503)
- Add shim-bnc877003-fetch-from-the-same-device.patch to fetch the
  netboot image from the same device (bnc#877003)
- Refresh shim-opensuse-cert-prompt.patch
- Use --reinit instead of --refresh in %post to update the files
  in /boot
- shim-install: fix boot partition and rollback support kluge
  (bnc#875385)
- Replace shim-mokmanager-support-sha1.patch with
  shim-mokmanager-support-sha-family.patch to support the SHA
  family
- Add shim-mokmanager-support-sha1.patch to support SHA1 hashes in
  MOK
- snapper rollback support (fate#317062)
  - refresh shim-install
- Insert the right signature (bnc#867974)
- Add shim-fix-uninitialized-variable.patch to fix the use of
  uninitialzed variables in lib
- Add shim-mokmanager-delete-bs-var-right.patch to delete the BS+NV
  variables the right way
- Update shim-opensuse-cert-prompt.patch to delete openSUSE_Verify
  correctly
- Add shim-fallback-avoid-duplicate-bootorder.patch to fix the
  duplicate entries in BootOrder
- Add shim-allow-fallback-use-system-loadimage.patch to handle the
  shim protocol properly to keep only one protocol entity
- Refresh shim-opensuse-cert-prompt.patch
- shim-install: fix the $prefix to use grub2-mkrelpath for paths
  on btrfs subvolume (bnc#866690).
- FATE#315002: Update shim-install to install shim.efi as the EFI
  default bootloader when none exists in \EFI\boot.
- Update signature-sles.asc: shim signed by UEFI signing service,
  based on code from "Thu Feb 20 11:57:01 UTC 2014"
- Add shim-opensuse-cert-prompt.patch to show the prompt to ask
  whether the user trusts the openSUSE certificate or not
- allow package to carry multiple signatures
- check correct certificate is embedded
- always clean up generated files that embed certificates
  (shim_cert.h shim.cer shim.crt) to make sure next build loop
  rebuilds them properly
- Add shim-bnc863205-mokmanager-fix-hash-delete.patch to fix the
  hash deletion operation to avoid ruining the whole list
  (bnc#863205)
- Update shim-mokx-support.patch to support the resetting of MOK
  blacklist
- Add shim-get-variable-check.patch to fix the variable checking
  in get_variable_attr
- Add shim-fallback-improve-entries-creation.patch to improve the
  boot entry pathes and avoid generating the boot entries that
  are already there
- Update SUSE certificate
- Update attach_signature.sh, show_hash.sh, strip_signature.sh,
  extract_signature.sh and show_signatures.sh to remove the
  creation of the temporary nss database
- Add shim-only-os-name.patch: remove the kernel version of the
  build server
- Match the the prefix of the project name properly by escaping the
  percent sign.
- enable signature assertion also in SUSE: hierarchy
- Add shim-mokmanager-handle-keystroke-error.patch to handle the
  error status from ReadKeyStroke to avoid unexpected keys
- Update to 0.7
- Add upstream patches:
  + shim-fix-verify-mok.patch
  + shim-improve-error-messages.patch
  + shim-correct-user_insecure-usage.patch
  + shim-fix-dhcpv4-path-generation.patch
- Add shim-mokx-support.patch to support the MOK blacklist
  (Fate#316531)
- Drop upstreamed patches
  + shim-fix-pointer-casting.patch
  + shim-merge-lf-loader-code.patch
  + shim-fix-simple-file-selector.patch
  + shim-mokmanager-support-crypt-hash-method.patch
  + shim-bnc804631-fix-broken-bootpath.patch
  + shim-bnc798043-no-doulbe-separators.patch
  + shim-bnc807760-change-pxe-2nd-loader-name.patch
  + shim-bnc808106-correct-certcount.patch
  + shim-mokmanager-ui-revamp.patch
  + shim-netboot-fixes.patch
  + shim-mokmanager-disable-gfx-console.patch
- Drop shim-suse-build.patch: it's not necessary anymore
- Drop shim-bnc841426-silence-shim-protocols.patch: shim is not
  verbose by default
- Update microsoft.asc: shim signed by UEFI signing service, based
  on code from "Tue Oct  1 04:29:29 UTC 2013".
- Add shim-netboot-fixes.patch to include upstream netboot fixes
- Add shim-mokmanager-disable-gfx-console.patch to disable the
  graphics console to avoid system hang on some machines
- Add shim-bnc841426-silence-shim-protocols.patch to silence the
  shim protocols (bnc#841426)
- Create boot.csv in ESP for fallback.efi to restore the boot entry
- Update microsoft.asc: shim signed by UEFI signing service, based
  on code from "Fri Sep  6 13:57:36 UTC 2013".
- Improve extract_signature.sh to work on current path.
- set timestamp of PE file to time of the binary the signature was
  made for.
- make sure cert.o get's rebuilt for each target
- Update microsoft.asc: shim signed by UEFI signing service, based
  on code from "Wed Aug 28 15:54:38 UTC 2013"
- always build a shim that embeds the distro's certificate (e.g.
  shim-opensuse.efi). If the package is built in the devel project
  additionally shim-devel.efi is created. That allows us to either
  load grub2/kernel signed by the distro or signed by the devel
  project, depending on use case. Also shim-$distro.efi from the
  devel project can be used to request additional signatures.
- also include old openSUSE 4096 bit certificate to be able to still
  boot kernels signed with that key.
- add show_signatures script
- replace the 4096 bit openSUSE UEFI CA certificate with new a
  standard compliant 2048 bit one.
- fix shell syntax error
- don't include binary in the sources. Instead package the raw
  signature and attach it during build (bnc#813448).
- Update shim-mokmanager-ui-revamp.patch to include fixes for
  MokManager
  + reboot the system after clearing MOK password
  + fetch more info from X509 name
  + check the suffix of the key file
- Update to 0.4
- Rebase patches
  + shim-suse-build.patch
  + shim-mokmanager-support-crypt-hash-method.patch
  + shim-bnc804631-fix-broken-bootpath.patch
  + shim-bnc798043-no-doulbe-separators.patch
  + shim-bnc807760-change-pxe-2nd-loader-name.patch
  + shim-bnc808106-correct-certcount.patch
  + shim-mokmanager-ui-revamp.patch
- Add patches
  + shim-merge-lf-loader-code.patch: merge the Linux Foundation
    loader UI code
  + shim-fix-pointer-casting.patch: fix a casting issue and the
    size of an empty vendor cert
  + shim-fix-simple-file-selector.patch: fix the buffer allocation
    in the simple file selector
- Remove upstreamed patches
  + shim-support-mok-delete.patch
  + shim-reboot-after-changes.patch
  + shim-clear-queued-key.patch
  + shim-local-key-sign-mokmanager.patch
  + shim-get-2nd-stage-loader.patch
  + shim-fix-loadoptions.patch
- Remove unused patch: shim-mokmanager-new-pw-hash.patch and
  shim-keep-unsigned-mokmanager.patch
- Install the vendor certificate to /etc/uefi/certs
- Add shim-mokmanager-ui-revamp.patch to update the MokManager UI
- Call update-bootloader in %post to update *.efi in \efi\opensuse
  (bnc#813079)
- Add shim-bnc807760-change-pxe-2nd-loader-name.patch to change the
  PXE 2nd stage loader name (bnc#807760)
- Add shim-bnc808106-correct-certcount.patch to correct the
  certificate count of the signature list (bnc#808106)
- Add shim-bnc798043-no-doulbe-separators.patch to remove double
  seperators from the bootpath (bnc#798043#c4)
- sign shim also with openSUSE certificate
- identify project, export certificate as DER file
- don't create an unused extra keypair
- Add shim-bnc804631-fix-broken-bootpath.patch to fix the broken
  bootpath generated in generate_path(). (bnc#804631)
- Update with shim signed by UEFI signing service, based on code
  from "Thu Feb  7 06:56:19 UTC 2013".
- prepare for having a signed shim from the UEFI signing service
- Sign shim-opensuse.efi and MokManager.efi with the openSUSE cert
- Add shim-keep-unsigned-mokmanager.patch to keep the unsigned
  MokManager and sign it later.
- Add shim-install utility
- Add Recommends to grub2-efi
- Add shim-mokmanager-support-crypt-hash-method.patch to support
  password hash from /etc/shadow (FATE#314506)
- Embed openSUSE-UEFI-CA-Certificate.crt in shim
- Rename shim-unsigned.efi to shim-opensuse.efi.
- Update shim-mokmanager-new-pw-hash.patch to extend the password
  hash format
- Rename shim.efi as shim-unsigned.efi
- Merge patches for FATE#314506
  + Add shim-support-mok-delete.patch to add support for deleting
    specific keys
  + Add shim-mokmanager-new-pw-hash.patch to support the new
    password hash.
- Drop shim-correct-mok-size.patch which is included in
  shim-support-mok-delete.patch
- Merge shim-remove-debug-code.patch and
  shim-local-sign-mokmanager.patch into
  shim-local-key-sign-mokmanager.patch
- Install COPYRIGHT
- Add shim-fix-loadoptions.patch to adopt the UEFI shell style
  LoadOptions (bnc#798043)
- Drop shim-check-pk-kek.patch since upstream rejected the patch
  due to violation of SPEC.
- Install EFI binaries to /usr/lib64/efi
- Update shim-reboot-after-changes.patch to avoid rebooting the
  system after enrolling keys/hashes from the file system
- Add shim-correct-mok-size.patch to correct the size of MOK
- Add shim-clear-queued-key.patch to clear the queued key and show
  the menu properly
- Remove shim-rpmlintrc, it wasn't fixing the error, hide error
  stdout to prevent post build check to get triggered by cast
  warnings in openSSL code
- Add shim-remove-debug-code.patch: remove debug code
- Add shim-rpmlintrc to filter 64bit portability errors
- Add shim-local-sign-mokmanager.patch to create a local certicate
  to sign MokManager
- Add shim-get-2nd-stage-loader.patch to get the second stage
  loader path from the load options
- Add shim-check-pk-kek.patch to verify EFI images with PK and KEK
- Add shim-reboot-after-changes.patch to reboot the system after
  enrolling or erasing keys
- Install the EFI images to /usr/lib64/shim instead of the EFI
  partition
- Update the mail address of the author
- Add new package shim 0.2 (FATE#314484)
  + It's in fact git 2fd180a92 since there is no tag for 0.2

==== spamassassin ====
Subpackages: perl-Mail-SpamAssassin

- Don't call/require insserv if we use systemd

==== sssd ====
Subpackages: libnfsidmap-sss libsss_idmap0 libsss_nss_idmap0 libsss_simpleifp0 sssd-32bit sssd-krb5-common sssd-ldap

- Remove obsolete insserv call

==== strace ====
Version update (4.15 -> 4.16)

- Update to strace 4.16
  * Improvements
  * Implemented syscall return value injection (-e inject=SET:retval= option).
  * Implemented signal injection (-e inject=SET:signal= option).
  * Implemented decoding of SUID_DUMP_* constants in PR_[GS]ET_DUMPABLE.
  * Implemented decoding of all SG_* ioctl commands.
  * Implemented decoding of ustat syscall.
  * Implemented decoding of BPF_OBJ_PIN, BPF_OBJ_GET, BPF_PROG_ATTACH,
    and BPF_PROG_DETACH commands of bpf syscall.
  * Enhanced decoding of sg_io_hdr and sg_io_v4 structures.
  * Enhanced decoding of get_robust_list, getrandom, io_submit, set_robust_list
    syscalls.
  * Enhanced decoding of entities of kernel long type on x32 and mips n32 ABIs.
  * Updated lists of IP_*, IPV6_*, and LOOP_* constants.
  * Updated lists of ioctl commands from Linux 4.10.
  * Added decoding of recently added syscalls on avr32, microblaze, ppc,
    and ppc64.
  * Bug fixes
  * Fixed pathmatch of oldselect syscall on 64-bit architectures.
  * Fixed decoding of mmap2 syscall on s390 when arguments are not available.
  * Fixed decoding of kexec_file_load, mprotect, pkey_mprotect, prctl, preadv*,
    and pwritev* syscalls on x32.
  * Fixed printing of string arguments of getxattr and setxattr syscalls
    when -s option is used to limit the printed string size.
  * Fixed decoding of ifconf, ifreq, and loop_info structures on non-native
    personalities.
  * Fixed decoding of SG_* and LOOP_* ioctl commands.
  * Fixed build on mips with musl libc.
  * Fixed cross-building of ioctlsort.
  * Applied minor formatting fixes to the manual page.

==== systemd ====
Subpackages: libsystemd0 libsystemd0-32bit libudev-devel libudev1 libudev1-32bit systemd-32bit systemd-bash-completion systemd-logger systemd-sysvinit udev

- Don't ship systemd-resolved for now (bsc#1024897)
  If resolved is enabled , systemd-tmpfiles creates a wrong symlink in
  /etc/resolv.conf which confuses the network manager actually used.
- More indentation cleanup (no functional changes)
- Remove obsolete insserv requirements for udev again [bsc#999841]
- Import commit cd97d5d5fef79ab9d957bf6504d085c0faca6bfc
  e587b6ce0 disable RestrictAddressFamilies on all architectures but x86_64 one (bsc#1023460)
  c8ae05632 journald: don't flush to /var/log/journal before we get asked to (bsc#1004094)
  7261eaf3e sd-event: fix sd_event_source_get_priority() (#4712)
- Move fix for permission set on /var/lib/systemd/linger/* (no functional changes)
  Move that part after the fix on timer timestamp files otherwise the
  comment doesn't make sense.
- Import commit 028fd9b60580976dffb09b3576a2b652ee35137c
  cc2ca55ff build-sys: do not install ctrl-alt-del.target symlink twice
  ececae77a device: Avoid calling unit_free(NULL) in device setup logic (#4748)
- Ship systemd-resolved but it's disabled by default (bsc#1018387)
  The NSS plugin will also be disabled, users need to enable it
  manually.

==== tigervnc ====

- U_tigervnc-fix-inetd-not-working-with-xserver-1-19.patch
  * Fixes inetd mode with x server 1.19 (bnc#1025759)

==== virglrenderer ====

- Address various security issues
  * Fix null pointer dereference in vrend_clear (CVE-2017-5937 bsc#1024232)
  0001-48f67f60-renderer-fix-NULL-pointer-deref-in-vrend_clear.patch
  * Fix host memory leak issue in virgl_resource_attach_backing (CVE-2016-10214 bsc#1024244)
  0002-40b0e781-renderer-fix-a-leak-in-resource-attach.patch
  * Fix memory leak in int blit context (CVE-2017-5993 bsc#1025505)
  0003-6eb13f7a-vrend-fix-memory-leak-in-int-blit-context.patch
  * Fix heap overflow in vertex elements state create (CVE-2017-5994 bsc#1025507)
  0004-114688c5-renderer-fix-heap-overflow-in-vertex-elements-state-.patch
  * Fix a stack overflow in set framebuffer state (CVE-2017-5957 bsc#1024993)
  0005-926b9b34-vrend-fix-a-stack-overflow-in-set-framebuffer-state.patch

==== wget ====
Version update (1.19 -> 1.19.1)

- Update to wget-1.19.1, mainly bug fixes
  * Add support for --retry-on-http-error
  * tests/WgetTests.pm: Add --no-config to wget invocation
  * Fix regression in .netrc auth in src/http.c
  * Fix memory leak in src/iri.c
  * Remove skipping libunistring with --disable-iri
  * bootstrap.conf: Add gnulib module wcwidth
  * Fix include/define clash with gnulib's unlink module

==== wwwoffle ====
Version update (2.9i -> 2.9j)

- Add missing dependency to enable https support
- Version update to 2.9j to fix bsc#1026023
  * Few crypto key length tweaks
  * Various small compilation warning fixes
- Refresh patch wwwoffle-2.9e-implicit.patch

==== xorg-x11-server ====
Subpackages: xorg-x11-server-extra xorg-x11-server-sdk

- U_xfree86-Take-the-input-lock-for-xf86ScreenCheckHWCursor.patch
  * Add the missing input_lock() around the call into the driver's
  UseHWCursor() callback (bnc #1023845).
- U_xfree86-Take-the-input-lock-for-xf86TransparentCursor.patch
  * The new input lock is missing for the xf86TransparentCursor() entry
  point (bnc #1023845).

==== yast2-country ====
Version update (3.2.8 -> 3.2.9)
Subpackages: yast2-country-data

- fix keyboard layout widget initialization to old value
  (bsc#1022546)
- 3.2.9

==== ypbind ====

- Some packaging cleanup:
  * Use macro for configure and make install
  * Build in parallel
  * Drop no longer needed buildroot
  * Run spec-cleaner