Packages changed:
  Mesa (17.0.0 -> 17.0.1)
  apache2
  dtc (1.4.1 -> 1.4.3)
  geany (1.29 -> 1.30)
  geany-plugins (1.29 -> 1.30)
  git
  irqbalance
  ispell
  jasper
  kernel-firmware (20170223 -> 20170303)
  kernel-source
  kiwi (7.04.27 -> 7.04.28)
  libepoxy (1.3.1 -> 1.4.1)
  libgpg-error (1.25 -> 1.27)
  libinput (1.6.2 -> 1.6.3)
  libjansson (2.7 -> 2.9)
  libmbim
  libvpx (1.6.0 -> 1.6.1)
  libxml2
  netcfg
  postfix (3.1.4 -> 3.2.0)
  python-enum34
  python3-kiwi (9.1.0 -> 9.3.2)
  python3-urllib3
  sox
  sudo
  texlive-specs-m (2016.113.svn40218 -> 2016.115.svn40218)
  tigervnc
  wget
  xf86-input-libinput (0.24.0 -> 0.25.0)
  xorg-x11-server (1.19.1 -> 1.19.2)
  yast2-country (3.2.9 -> 3.2.10)
  yast2-network (3.2.19 -> 3.2.20)
  zsh (5.3 -> 5.3.1)
  zypper-lifecycle-plugin (0.6.1488461980.7e06288 -> 0.6.1488980214.576f7fb)

=== Details ===

==== Mesa ====
Version update (17.0.0 -> 17.0.1)
Subpackages: Mesa-32bit Mesa-dri-devel Mesa-dri-nouveau Mesa-libEGL-devel Mesa-libEGL1 Mesa-libEGL1-32bit Mesa-libGL-devel Mesa-libGL1 Mesa-libGL1-32bit Mesa-libGLESv2-2 Mesa-libglapi0 Mesa-libglapi0-32bit Mesa-libva libOSMesa8 libOSMesa8-32bit libgbm1 libgbm1-32bit libvdpau_nouveau libvdpau_r300 libvdpau_r600 libvdpau_radeonsi libvulkan_intel libvulkan_radeon libwayland-egl1 libxatracker2

- update to 17.0.1
  * radv: Never try to create more than max_sets descriptor sets.
  * radv: Reset emitted compute pipeline when calling secondary cmd buffer.
  * radv: Only use PKT3_OCCLUSION_QUERY when it doesn't hang.
  * radv: Use correct size for availability flag.
  * gallivm: Reenable PPC VSX (v3)
  * gallivm: Improve debug output (V2)
  * gallivm: Override getHostCPUName() "generic" w/ "pwr8" (v4)
  * egl/dri3: implement query surface hook
  * etnaviv: move pctx initialisation to avoid a null dereference
  * etnaviv: remove number of pixel pipes validation
  * anv: fix Get*MemoryRequirements for !LLC
  * egl/wayland: Don't use DRM format codes for SHM
  * tgsi: fix memory leak in tgsi sanity check
  * radv: change base aligmment for allocated memory.
  * radv: fix cik macroModeIndex.
  * radv: adopt some init config workarounds from radeonsi.
  * radv: fix depth format in blit2d.
  * radv: fix txs for sampler buffers
  * bin/get-extra-pick-list: use git merge-base to get the branchpoint
  * bin/get-extra-pick-list: rework to use already_picked list
  * bin/get-typod-pick-list.sh: limit `git grep ...' to only as needed
  * bin/get-pick-list.sh: limit `git grep ...' only as needed
  * bin/get-pick-list.sh: remove ancient way of nominating patches
  * bin/get-fixes-pick-list.sh: add new script
  * vc4: Avoid emitting small immediates for UBO indirect load address guards.
  * r300g: only allow byteswapped formats on big endian
  * gallium/u_queue: fix a crash with atexit handlers
  * gallium/u_queue: set num_threads correctly if not all threads start
  * glx/glvnd: Fix GLXdispatchIndex sorting
  * gm107/ir: fix address offset bitfield for ATOMS
  * nvc0: set the render condition in the compute object
  * st/mesa: don't pass compare mode for stencil-sampled textures
  * nvc0: disable linked tsc mode in compute launch descriptor
  * i965/sampler_state: Clamp min/max LOD to 14 on gen7+
  * i965/sampler_state: Pass texObj into update_sampler_state
  * i965/sampler_state: Set the "Base Mip Level" field on Sandy Bridge
  * intel/blorp: Swizzle clear colors on the CPU
  * i965/fs: Fix the inline nir_op_pack_double optimization
  * anv: Add an invalidate_range helper
  * anv/query: clflush the bo map on non-LLC platforms
  * genxml: Make MI_STORE_DATA_IMM more consistent
  * anv/query: Perform CmdResetQueryPool on the GPU
  * intel/blorp: Explicitly flush all allocated state
  * glsl: non-last member unsized array on SSBO must fail
  * mesa: Do (TCS && !TES) draw time validation in ES as well.
  * configure.ac: check require_basic_egl only if egl enabled
  * anv: wsi: report presentation error per image request
  * i965/fs: fix uninitialized memory access
  * radeonsi: fix UNSIGNED_BYTE index buffer fallback with non-zero start (v2)
  * gallium/util: remove unused u_index_modify helpers
  * gallium/u_index_modify: don't add PIPE_TRANSFER_UNSYNCHRONIZED
  * unconditionally
  * gallium/u_queue: fix random crashes when the app calls exit()
  * radeonsi: fix broken tessellation on Carrizo and Stoney
  * amd/common: fix ASICREV_IS_POLARIS11_M for Polaris12
  * android: radeonsi: fix sid_table.h generated header include path
  * android: glsl: build shader cache sources
  * configure.ac: Drop LLVM compiler flags more radically
  * winsys/amdgpu: reduce max_alloc_size based on GTT limits
  * radeonsi: handle MultiDrawIndirect in si_get_draw_start_count
  * radeonsi: fix UINT/SINT clamping for 10-bit formats on <= CIK
  * glsl: fix heap-use-after-free in ast_declarator_list::hir()
  * android: fix droid_create_image_from_prime_fd_yuv for YV12

==== apache2 ====
Subpackages: apache2-devel apache2-doc apache2-example-pages apache2-prefork apache2-utils

- start_apache2: include individual sysconfig.d files instead of
  sysconfig.d dir, include sysconfig.d/include.conf after httpd.conf
  is processed [bsc#1023616]

==== dtc ====
Version update (1.4.1 -> 1.4.3)

- version update to 1.4.3
  * Add printf format attributes
  * Correct some broken printf() like format mismatches
  * libfdt: Add fdt_setprop_empty()
  * libfdt: Remove undefined behaviour setting empty properties
  * Print output filename as part of warning messages
  * dtc: Use streq() in preference to strcmp()
  * checks: Add Warning for stricter node name character checking
  * checks: Add Warning for stricter property name character checking
  * dtc: pos parameter to srcpos_string() can't be NULL
  * livetree.c: Fix memory leak
- version update to 1.4.2
  * including patches up to git commit 3b9c9709
  * Fix NULL pointer use in dtlabel + dtref case
  * fdtdump: check fdt if not in scanning mode
  * Fix memory leak in character literal parsing
  * Don't always generate __symbols__ for plugins
  * Plugin and fixup support
  * fix fdt_stringlist_search()
  * fix fdt_stringlist_count()
  * improve tests
  * minor bugfixes/typos
  * including symbols in version.lds
  * no changelog available
- modified patches:
  * use-tx-as-the-type-specifier-instead-of-zx.patch

==== geany ====
Version update (1.29 -> 1.30)
Subpackages: geany-lang libgeany0

- Update to version 1.30:
  + General:
  - Initial accessibility support in the editor (SF#328).
  - Fix scrolling on Wayland (gh#geany/geany#1320).
  + Interface:
  - Fix the current scope shown in the statusbar
    (gh#geany/geany#1279).
  + Editor:
  - Update Scintilla to version 3.7.3.
  - Fix triggering default keybindings together with snippets
    keybindings (gh#geany/geany#1354, gh#geany/geany#1356).
  + Filetypes:
  - Update JavaScript keywords (gh#geany/geany#1361).
  - Partial highlighting of JavaScript ES6 template strings
    (gh#geany/geany#934).
  - Add Arduino custom filetype (gh#geany/geany#1339).
  + API:
  - Remove unprefixed Scintilla structure aliases. Plugins must
    use the `Sci_`-prefixed version from now on.
  - Add `geany_api_version()` to detect the API version of Geany
    at runtime (gh#geany/geany#1406).
  + Bug fixes:
  - Fix Ctrl+X and Ctrl+C in non-Latin keyboard layouts
    (gh#geany/geany#1386).
  - Fix search history filling on GTK >= 3.20
    (gh#geany/geany#1404).
  - Simplify setting build menu items labels, fixing a Commander
    plugin issue (gh#geany/geany#1396).
  + Updated translations.

==== geany-plugins ====
Version update (1.29 -> 1.30)
Subpackages: geany-plugins-lang

- Update to version 1.30:
  + Automark:
  - Fix a possible crash if nothing is selected for automarking.
  - Replace internal usage of deprecated functions.
  + Commander:
  - Fix a possible crash on startup with latest GTK3.
  + Debugger: Fix a possible crash if debug-modus is enabled
    (gh#geany/geany-plugins#511).
  + Geanyctags:Show online help via help button
    (gh#geany/geany-plugins#521).
  + GeanyDoc:
  - Improve compatibility with Gtk3.
  - Allow to use current word as initial text in interactive
    mode (gh#geany/geany-plugins#457).
  + GeanyLua:
  - Remove deprecated GeanyFunctions from interface provided by
    this plugin (gh#geany/geany-plugins#439).
  - Fix build with latest Scintilla
    (gh#geany/geany-plugins#510).
  + GeanyPy: Sync with upstream GeanyPy version
    (gh#geany/geany-plugins#527).
  + Lineoperations: Add support for selections
    (gh#geany/geany-plugins#378).
  + Lipsum: Add a space before restarting Lorem Ipsum text
    (gh#geany/geany-plugins#513).
  + Markdown:
  - Allow exporting Markdown as HTML
    (gh#geany/geany-plugins#502).
  - Fix relative paths (gh#geany/geany-plugins#501).
  + PairTagHighlighter:
  - Add keybinding for jumping to matching tag
    (gh#geany/geany-plugins#466).
  - Improve compatibility with Gtk3
    (gh#geany/geany-plugins#466).
  + ProjectOrganizer:
  - Show online help via help button
    (gh#geany/geany-plugins#521).
  - Remember expanded directories in the sidebar when reloading
    (gh#geany/geany-plugins#528).
  + Spellcheck: Treat underscore as word separator
    (gh#geany/geany-plugins#512).
  + Tableconvert: Fix markup of documentation.
  + Treebrowser:
  - Fix a possible memory leak (gh#geany/geany-plugins#478).
  - Add a keybinding to follow current file
    (gh#geany/geany-plugins#524).
  - Allow to show menu also with Shift+F10
    (gh#geany/geany-plugins#523).
  - Fix a bug addding files to file list again and again when
    using refresh-function and no file is selected.
    (gh#geany/geany-plugins#525)
  - Don't change directory on project save
    (gh#geany/geany-plugins#536).
  + Updated translations.
- Bump the version of libgeany0 in BuildRequires to 1.29
  (following configure.ac changes).
- geanydoc now builds with gtk3, so restore it to the allowed
  file-list.

==== git ====
Subpackages: git-core git-cvs git-daemon git-email git-gui git-svn git-web gitk

- Submit version 2.12.0 to SLE-12 (fate#322294, bsc#977477)

==== irqbalance ====

- Remove superfluous comment out man package packing

==== ispell ====
Subpackages: ispell-american ispell-british

- Use modern regular expressions for character sets in lisp
  declarations for the dictionaries

==== jasper ====
Subpackages: libjasper-devel libjasper1 libjasper1-32bit

- Add -D_BSD_SOURCE to fix redefinition of system types in
  jas_config.h and breakage in ppc64le, s390 and s390x
  (bsc#1028070).

==== kernel-firmware ====
Version update (20170223 -> 20170303)
Subpackages: ucode-amd

- Update to version 20170303:
  * linux-firmware/i915: Fix Corrupted GuC files.
  * cxgb4: update firmware to revision 1.16.33.0
  * nvidia: add GM20B PMU firmware
  * nvidia: add GP102/GP104/GP106/GP107 signed firmware
  * linux-firmware: intel: Add Geminilake audio firmware

==== kernel-source ====
Subpackages: kernel-default kernel-default-devel kernel-devel kernel-docs kernel-macros kernel-syms

- Revert "drm/amdgpu: update tile table for oland/hainan"
  (boo#1027378).
- commit f764d42
- bonding: use ETH_MAX_MTU as max mtu (bsc#1027798).
- commit 2f8350b
- Update patches.kernel.org/patch-4.10.1 references (add CVE-2017-6347 bsc#1027179).
- commit 8c10701
- sctp: deny peeloff operation on asocs with threads sleeping
  on it (CVE-2017-6353 bsc#1027066).
- commit 8fb16bc
- crypto: algif_hash - avoid zero-sized array (bnc#1007962).
- commit 2f945d3

==== kiwi ====
Version update (7.04.27 -> 7.04.28)
Subpackages: kiwi-desc-isoboot kiwi-desc-netboot kiwi-desc-oemboot kiwi-desc-vmxboot kiwi-doc kiwi-media-requires kiwi-templates

- v7.04.28 released
- Wait for network drivers to pass init
  Each network interface will be switched off for a short
  moment when the kernel network driver is loaded. During
  that time the link status information would be misleading.
  Thus we wait a short time before the link status check
  is started
- Translated using Weblate (Bulgarian)
  Currently translated at 100.0% (28 of 28 strings)
- Fixed waitForLinkUp and setIPLinkUp
  The setIPLinkUp method did not handle the return value of the
  waitForLinkUp call and always returned success even if
  waitForLinkUp ran into a timeout
  The waitForLinkUp method was improved in a way that it does
  not wait if the link detection discovered the interface is
  unplugged. The detection if a cable is connected or not only
  works if the ifplugstatus tool was found in the initrd
- Fixed typo (bsc #984158)

==== libepoxy ====
Version update (1.3.1 -> 1.4.1)

- Update to version 1.4.1:
  * Find the appropriate version of the Python interpreter when
    building.
  * Ensure that the dispatch generation script works with Python
    2.x and 3.x.
  * Ensure that Epoxy builds correctly under Windows.
  * Fix location of the m4 macros in the autotools build.
- Changes from version 1.4.0:
  * Epoxy can now build with MSVC versions prior to 2013; we still
    recommend using a recent, C99-compatible compiler, like MSVC
    2015.
  * When used under X11, Epoxy now attempts to handle the cases
    where the GLX extension is not built or not available.
  * GLX can now be enabled and disabled at configuration time; this
    allows building Epoxy with GLX on macOS, and allows building
    Epoxy without GLX on embedded platforms.
  * Epoxy now exposes API that lets dependent projects safely check
    if platform API like GLX and EGL is available at run time.
  * EGL support has been improved on Windows, and made more
    resilient on other platforms.
  * Epoxy supports building with the Meson build system, which has
    Ninja, Visual Studio, and XCode backends.
  * Epoxy can generate its API reference using Doxygen (currently
    only available on Meson builds).
  * The GL registry has been updated with the latest version of the
    API references provided by Khronos; Epoxy now supports the API
    introduced by OpenGL 4.5.

==== libgpg-error ====
Version update (1.25 -> 1.27)
Subpackages: libgpg-error-devel libgpg-error0 libgpg-error0-32bit

- update to 1.27:
  * Added a Base64 decoder.
  * Added support for the sh3 architecture.
  * Added header gpgrt.h as an alias for gpg-error.h.
  * Fixed macro GPGRT_GCC_VERSION.
  * Interface changes relative to the 1.26 release:
  gpgrt_b64state_t                 NEW type.
  gpgrt_b64dec_start               NEW.
  gpgrt_b64dec_proc                NEW.
  gpgrt_b64dec_finish              NEW.
  GPG_ERR_WRONG_NAME               NEW.
  gpgrt.h                          NEW header.
- update to 1.26:
  * New option --desc for gpg-error.
  * Interface changes relative to the 1.25 release:
  GPG_ERR_UNKNOWN_FLAG         NEW.
  GPG_ERR_INV_ORDER            NEW.
  GPG_ERR_ALREADY_FETCHED      NEW.
  GPG_ERR_TRY_LATER            NEW.
  GPG_ERR_SYSTEM_BUG           NEW.
  GPG_ERR_DNS_UNKNOWN          NEW.
  GPG_ERR_DNS_SECTION          NEW.
  GPG_ERR_DNS_ADDRESS          NEW.
  GPG_ERR_DNS_NO_QUERY         NEW.
  GPG_ERR_DNS_NO_ANSWER        NEW.
  GPG_ERR_DNS_CLOSED           NEW.
  GPG_ERR_DNS_VERIFY           NEW.
  GPG_ERR_DNS_TIMEOUT          NEW.

==== libinput ====
Version update (1.6.2 -> 1.6.3)
Subpackages: libinput-udev libinput10

- Update to version 1.6.3:
  * A few small fixes that likely affect few users only: the
    minimum size for horizontal edge scrolling has been reduced to
    40mm and hovering touches inside a software button area are
    handled better now. Since we don't use pressure-based touches
    in 1.6.x, this is unlikely to be noticed.
  * Requesting an invalid mode group index doesn't crash anymore,
    that's pretty much UX improvement 101.
- Drop libinput-fix-crasher.patch: Fixed upstream.
- Add libinput-fix-crasher.patch: Fix a crash when requesting
  invalid mode group indices.

==== libjansson ====
Version update (2.7 -> 2.9)

- update to new upstream release 2.9
  * New features:
    Add json_auto_t to automatically decref a value that goes out of scope.
    Available only on GCC and Clang. (#301)
  * Small documentation fixes.
- changelog from 2.8
  * New features:
  - Always preserve insertion order of object items. json_object_iter()
    and friends, json_object_foreach() and json_dumps() and friends now
    always work in the insertion order of object items (#293).
  - Add json_object_foreach_safe() macro that allows json_object_del()
    calls during iteration (#230).
  - Add json_get_alloc_funcs() to allow reading the allocation functions
    set by json_set_alloc_funcs() (#262, #264).
  - Add json_pack() format specifiers s?, o? and O? for values that can
    be null (#261, #270).
  * Bug fixes:
  - Fix a crash when parsing inputs consisting of very deeply nested
    arrays or objects (#282, #284).
  - Never convert numbers to integers in the parser when
    JSON_DECODE_INT_AS_REAL is set.
  - Fix a use-after-free in json_pack() error handling.
  - Fix subnormal number parsing on mingw32.
  - Handle out-of-memory situations gracefully in the hashtable
    implementation

==== libmbim ====
Subpackages: libmbim-glib4 mbimcli-bash-completion

- Add libmbim-plug-mem-leak.patch: libmbim-glib: device: Plug
  memory leak in open timeout, patch from upstream stable git.

==== libvpx ====
Version update (1.6.0 -> 1.6.1)

- Version update to 1.6.1:
  * Improvements on the VP9 speed of encoding and decoding
  * Various fixes found by fuzzing

==== libxml2 ====
Subpackages: libxml2-2 libxml2-2-32bit libxml2-devel libxml2-tools

- Added libxml2-CVE-2016-4658.patch: Disallow namespace nodes in
  XPointer ranges. Namespace nodes must be copied to avoid
  use-after-free errors. But they don't necessarily have a physical
  representation in a document, so simply disallow them in XPointer
  ranges [bsc#1005544] [CVE-2016-4658]

==== netcfg ====

- Update script to generage services to use UTF8 by default
- Update the services list with latest content

==== postfix ====
Version update (3.1.4 -> 3.2.0)
Subpackages: postfix-doc

- update to 3.2.0
  - [Feature 20170128] Postfix 3.2 fixes the handling of address
    extensions with email addresses that contain spaces. For
    example, the virtual_alias_maps, canonical_maps, and
    smtp_generic_maps features now correctly propagate an address
    extension from "aa bb+ext"@example.com to "cc
    dd+ext"@other.example, instead of producing broken output.
  - [Feature 20161008] "PASS" and "STRIP" actions in
    header/body_checks.  "STRIP" is similar to "IGNORE" but also
    logs the action, and "PASS" disables header, body, and Milter
    inspection for the remainder of the message content.
    Contributed by Hobbit.
  - [Feature 20160330] The collate.pl script by Viktor Dukhovni for
    grouping Postfix logfile records into "sessions" based on queue
    ID and process ID information. It's in the auxiliary/collate
    directory of the Postfix source tree.
  - [Feature 20160527] Postfix 3.2 cidr tables support if/endif and
    negation (by prepending ! to a pattern), just like regexp and
    pcre tables.  The primarily purpose is to improve readability
    of complex tables. See the cidr_table(5) manpage for syntax
    details.
  - [Incompat 20160925] In the Postfix MySQL database client, the
    default option_group value has changed to "client", to enable
    reading of "client" option group settings in the MySQL options
    file. This fixes a "not found" problem with Postfix queries
    that contain UTF8-encoded non-ASCII text.  Specify an empty
    option_group value (option_group =) to get backwards-compatible
    behavior.
  - [Feature 20161217] Stored-procedure support for MySQL
    databases.  Contributed by John Fawcett. See mysql_table(5) for
    instructions.
  - [Feature 20170128] The postmap command, and the inline: and
    texthash: maps now support spaces in left-hand field of the
    lookup table "source text". Use double quotes (") around a
    left-hand field that contains spaces, and use backslash (\) to
    protect embedded quotes in a left-hand field. There is no
    change in the processing of the right-hand field.
  - [Feature 20160611] The Postfix SMTP server local IP address and
    port are available in the policy delegation protocol (attribute
    names: server_address, server_port), in the Milter protocol
    (macro names: {daemon_addr}, {daemon_port}), and in the XCLIENT
    protocol (attribute names: DESTADDR, DESTPORT).
  - [Feature 20161024] smtpd_milter_maps support for per-client
    Milter configuration that overrides smtpd_milters, and that has
    the same syntax. A lookup result of "DISABLE" turns off Milter
    support. See MILTER_README.html for details.
  - [Feature 20160611] The Postfix SMTP server local IP address and
    port are available in the policy delegation protocol (attribute
    names: server_address, server_port), in the Milter protocol
    (macro names: {daemon_addr}, {daemon_port}), and in the XCLIENT
    protocol (attribute names: DESTADDR, DESTPORT).
  - [Incompat 20170129] The postqueue command no longer forces all
    message arrival times to be reported in UTC. To get the old
    behavior, set TZ=UTC in main.cf:import_environment (this
    override is not recommended, as it affects all Postfix utities
    and daemons).
  - [Incompat 20161227] For safety reasons, the sendmail -C option
    must specify an authorized directory: the default configuration
    directory, a directory that is listed in the default main.cf
    file with alternate_config_directories or
    multi_instance_directories, or the command must be invoked with
    root privileges (UID 0 and EUID 0).  This mitigates a recurring
    problem with the PHP mail() function.
  - [Feature 20160625] The Postfix SMTP server now passes remote
    client and local server network address and port information to
    the Cyrus SASL library. Build with ``make makefiles
    "CCARGS=$CCARGS -DNO_IP_CYRUS_SASL_AUTH"'' for backwards
    compatibility.
  - [Feature 20161103] Postfix 3.2 disables the 'transitional'
    compatibility between the IDNA2003 and IDNA2008 standards for
    internationalized domain names (domain names beyond the limits
    of US-ASCII).
    This change makes Postfix behavior consistent with contemporary
    web browsers. It affects the handling of some corner cases such
    as German sz and Greek zeta. See
    http://unicode.org/cldr/utility/idna.jsp for more examples.
    Specify "enable_idna2003_compatibility = yes" to restore
    historical behavior (but keep in mind that the rest of the
    world may not make that same choice).
  - [Feature 20160828] Fixes for deprecated OpenSSL 1.1.0 API
    features, so that Postfix will build without depending on
    backwards-compatibility support.
    [Incompat 20161204] Postfix 3.2 removes tentative features that
    were implemented before the DANE spec was finalized:
  - Support for certificate usage PKIX-EE(1),
  - The ability to disable digest agility (Postfix now behaves as
    if "tls_dane_digest_agility = on"), and
  - The ability to disable support for "TLSA 2 [01] [12]" records
    that specify the digest of a trust anchor (Postfix now
    behaves as if "tls_dane_trust_anchor_digest_enable = yes).
  - [Feature 20161217] Postfix 3.2 enables elliptic curve
    negotiation with OpenSSL >= 1.0.2.  This changes the default
    smtpd_tls_eecdh_grade setting to "auto", and introduces a new
    parameter tls_eecdh_auto_curves with the names of curves that
    may be negotiated.
    The default tls_eecdh_auto_curves setting is determined at
    compile time, and depends on the Postfix and OpenSSL versions.
    At runtime, Postfix will skip curve names that aren't supported
    by the OpenSSL library.
  - [Feature 20160611] The Postfix SMTP server local IP address and
    port are available in the policy delegation protocol (attribute
    names: server_address, server_port), in the Milter protocol
    (macro names: {daemon_addr}, {daemon_port}), and in the XCLIENT
    protocol (attribute names: DESTADDR, DESTPORT).
- refresh postfix-master.cf.patch
- make sure that system users can be created in %pre

==== python-enum34 ====

- provide python2-enum34 to support singlespec transparently

==== python3-kiwi ====
Version update (9.1.0 -> 9.3.2)
Subpackages: kiwi-pxeboot kiwi-tools

- Bump version: 9.3.1 ? 9.3.2
- Fixed MANIFEST.in
  kiwi.solver code was not included into source archive
- Bump version: 9.3.0 ? 9.3.1
- Fixed doc api build for renamed source file
- Bump version: 9.2.4 ? 9.3.0
- Flake8 fixes for unit tests
- Apply code quality checks for unit tests too
- Fixed import of solv module
- Import root system from a given image
  This commit includes the root import feature. A `derived_from`
  attribute has been included with the <type> section to make
  reference to the image file to import. The image format to import
  is assumed to be the same as the build type to import.
  The current format supported is docker
- Flake cleanup for unit tests
- Prevent use of project relative import statements
  For details on the motivation of this change please visit:
  https://wiki.python.org/moin/FutureProofPython
- Allow activation/deactivation of sysV services
  systemd is still legacy sysV init compatible, thus the kiwi
  helper scripts to activate/deactivate services should not
  only be limited to systemd services. Fixes #256
- Support package capabilities in sat solver
  A solver operation can receive a package or pattern name but
  a capability name was considered a package name and failed
  to resolve. This commit fixes the solver operation with
  regards to package capabilities
- Add runtime check for kernel match
  If a kiwi initrd is used, the kernel used to build the kiwi
  initrd and the kernel used in the system image must be the
  same in order to avoid an inconsistent boot setup. This is
  related to (bsc#1027610)
- Added runtime check for boot image reference
  If an initrd_system different from kiwi is selected for a
  vmx (simple disk) image, it does not make sense to setup a reference
  to a kiwi boot image description, because no kiwi boot image will be
  built. Despite that it does not hurt it's still an inconsistent
  setup. This is related to (bsc#1027610)
- Bump version: 9.2.3 ? 9.2.4
- Update documentation
  the docker build container is now build with the correct
  namespace. Thus no image tagging is required anymore
- Bump version: 9.2.2 ? 9.2.3
- Support container names with slashes (#254)
  Umoci tool doesn't require any other parameter than a tag to
  identify the container. So container_name value is not used in
  umoci.
  This Fixes#253
- Use default command only if no entrypoit and subcommand aren't set
  Fixes #251
- Fix tagging for OCI images
  This commit fixes the tagging schema for umoci. An OCI image
  name is path[:tag], this commit rearranges some variable names to
  avoid confusions between names and tags.
  Fixes #249
- Add support for repository credentials
  The package and solver repository classes did not provide an
  interface to deal with repository credentials. This commit
  add support for the zypper package manager and the generic
  urlopen based download method of the solver class. This
  Fixes #246
- Bump version: 9.2.1 ? 9.2.2
- Update documentation
  Add detailed information how to update the docker Build Container
  on the official dockerhub registry. This is needed to use custom
  or newer versions of the currently published Build Container
- Bump version: 9.2.0 ? 9.2.1
- Update documentation
  The changes in building docker images now allows for using
  the docker load command to import the dice container
- Fix default reposdir path for DNF
- Bump version: 9.1.0 ? 9.2.0
- Added support for exclude docs for dnf
- Fixup default cache and plugin dir for dnf
- Update distribution support status
  Add information that Fedora systems are now supported as well
- Make sure bootenv can be initialized
  An existing grub bootenv file should be deleted prior to calling
  grub2-install in order to allow grub2 to create a new correct
  bootenv file
- Added DNF package management implementation
  DNF is the package manager used on Fedora systems and will also most
  likely replace yum for the next generation of RHEL. Along with the
  implementation here an example JeOS image description for Fedora can
  be found on: https://github.com/SUSE/kiwi-descriptions.
  This Fixes #36
- Follow up fix for network driver delay
  Each network interface will be switched off for a short
  moment when the kernel network driver is loaded. During
  that time the link status information would be misleading.
  Thus we wait a short time before the link status check
  is started
- Include compression optimization flags for mksquashfs command
  This commit includes some flags for mksquashfs command in other to
  achieve higher compression rates. Also note that those flags were
  already present in KIWI former versions, thus they have been
  included again for compatibility reasons.
  This commit fixes #242
- Allow to convert GPT into MBR
  The type attribute force_mbr allows to convert a system selected
  for use with a GPT to use an MBR (msdos table). The attribute
  only takes effect on image configurations which would select the
  GPT partitioner. This Fixes #236
- Wait for network drivers to pass init
  Before we check for the link status a waid period of 3 seconds
  should guarantee that the network drivers have passed the init
  routines
- Refactor waitForLinkUp
  Put code which does not belong into the loop outside of
  the loop. Also maintain sleep timeout and retry count
  in variables
- Fixed waitForLinkUp and setIPLinkUp
  The setIPLinkUp method did not handle the return value of the
  waitForLinkUp call and always returned success even if
  waitForLinkUp ran into a timeout
  The waitForLinkUp method was improved in a way that it does
  not wait if the link detection discovered the interface is
  unplugged. The detection if a cable is connected or not only
  works if the ifplugstatus tool was found in the initrd

==== python3-urllib3 ====

- Add increase_timeout_value.patch to increase the value
  of timeout values in tests so the package doesn't fail
  to build when OBS is overloaded.

==== sox ====
Subpackages: libsox3

- Replace libopus-devel with pkgconfig(opusfile) BuildRequires:
  this is what configure looks for, and will actually build the
  optional opus support as intended.

==== sudo ====

- update sudo in SLE12SP3 to the latest Factory version [fate#322095]
  * remove sudo-1.8.10p3-CVE-2016-7032.patch [bsc#1007766]
  * fixed in sudo 1.8.15
  * remove sudo-1.8.10p3-CVE-2016-7076.patch [bsc#1007501]
  * fixed in sudo 1.8.18p1
  * remove sudo-1.8.10p3-parse_boottime_properly.patch [bsc#899252]
  * fixed in sudo 1.8.14
  * remove sudo-1.8.10p3-user_groups.patch [bsc#988014]
  * fixed in sudo 1.8.17p1
  * remove sudo-1.8.10p3_pam_groups_upstream.patch [fate#318850]
  * fixed in sudo 1.8.17
  * remove sudo-1.8.10p3-CVE-2014-9680.patch [bsc#917806]
  * fixed in sudo 1.8.12

==== texlive-specs-m ====
Version update (2016.113.svn40218 -> 2016.115.svn40218)

- Modify patch kpathsea_cnf.dif to remove mpost from the allowed
  shell escaping commands (bsc#1028271, CVE-2016-10243)
- Add some lines to %post scriplet for kpathsea to remove mpost
  also from an already existing but not becoming replaced
  configuration file texmf.cnf

==== tigervnc ====

- Readd index.vnc. (bnc#1026833)

==== wget ====

- src/url.c (url_parse): Reject control characters in host part
  of URL
  (CVE-2017-6508, wget-CVE-2017-6508.patch, bsc#1028301)

==== xf86-input-libinput ====
Version update (0.24.0 -> 0.25.0)

- Update to version 0.25.0
  * fixing two bugs with tablet pad modes on kernel 4.9 and later.
    First, we never successfully opened the sysfs files representing
    the LEDs, so they didn't update as the kernel would change them.
    Second, had we opened them correctly we would've likely crashed
    as the property update would have been sent from within the
    input thread.  Both issues are fixed now, together with a fix
    for a test case failure for ppc64/aarch64.

==== xorg-x11-server ====
Version update (1.19.1 -> 1.19.2)
Subpackages: xorg-x11-server-extra xorg-x11-server-sdk

- Update to version 1.19.2:
  A collection of stability fixes here across glamor, Xwayland, input,
  and Prime support. Also a security fix for CVE-2017-2624, a timing
  attack which can brute-force MIT-MAGIC-COOKIE authentication.
- Remove upstream patches:
  + U_xfree86-Take-the-input-lock-for-xf86RecolorCursor.patch
  + U_xfree86-Take-the-input-lock-for-xf86ScreenCheckHWCursor.patch
  + U_xfree86-Take-the-input-lock-for-xf86TransparentCursor.patch

==== yast2-country ====
Version update (3.2.9 -> 3.2.10)
Subpackages: yast2-country-data

merge CASP changes:
- Fixed value returned by the KeyboardSelection widget, avoiding
  to trigger other widgets events (bsc#1027171).
- 3.2.10

==== yast2-network ====
Version update (3.2.19 -> 3.2.20)

- bnc#1020074
  - when incomplete udev rule is read from the AY profile, it is
    ignored instead of raising an internal error.
- 3.2.20

==== zsh ====
Version update (5.3 -> 5.3.1)

- Update to 5.3.1
  * Fix typo in chflags completion
  * Fixed invalid git commands completion
  * VCS info system: vcs_info git: Avoid a fork.
  * Fix handling of "printf -" and "printf --"
- Removed upstream merged fix-printf.patch

==== zypper-lifecycle-plugin ====
Version update (0.6.1488461980.7e06288 -> 0.6.1488980214.576f7fb)

- fixed unhandled exception on empty package list (bsc#1028247#c1)