Packages changed:
  audacity
  bind
  cscope
  efivar
  elfutils (0.167 -> 0.168)
  git (2.12.0 -> 2.12.2)
  goffice (0.10.33 -> 0.10.34)
  indent
  jasper
  kbd
  ksystemlog (16.12.3 -> 17.03.80)
  libQtWebKit4
  libgphoto2 (2.5.12 -> 2.5.12.1)
  nghttp2 (1.18.0 -> 1.20.0)
  okteta (16.12.3 -> 17.03.80)
  perl-Config-Crontab (1.43 -> 1.44)
  poppler (0.52.0 -> 0.53.0)
  poppler-qt5 (0.52.0 -> 0.53.0)
  python3 (3.6.0 -> 3.6.1)
  python3-base (3.6.0 -> 3.6.1)
  ruby2.2
  rubygem-fast_gettext (1.3.0 -> 1.4.0)
  snapper (0.4.3 -> 0.4.4)
  vigra
  vm-install (0.8.61 -> 0.8.63)

=== Details ===

==== audacity ====
Subpackages: audacity-lang

- Added requires for flac > 1.3.0.

==== bind ====
Subpackages: bind-chrootenv bind-doc bind-utils idnkit libbind9-140 libdns165 libidnkit1 libirs141 libisc160 libisccc140 libisccfg140 liblwres141

- Add with_systemd define with default off, since we still use init
  scripts and no systemd units.

==== cscope ====

- cleanup with spec-cleaner
- get rid of %{name} macros in the patch names

==== efivar ====

- RPM group fix

==== elfutils ====
Version update (0.167 -> 0.168)
Subpackages: libasm1 libdw1 libelf1 libelf1-32bit

- Update to version 0.168:
  libelf: gelf_newehdr and gelf_newehdr now return void *.
  libdw: dwarf.h corrected the DW_LANG_PLI constant name (was DW_LANG_PL1).
  readelf: Add optional --symbols[=SECTION] argument to select section name.
- Includes changes from 0001-Add-GCC7-Wimplicit-fallthrough-support-fixes.patch
  and 0001-ar-Fix-GCC7-Wformat-length-issues.patch.
- Remove elfutils-0.137-dwarf-header-check-fix.diff which is no longer
  required after a debugedit fix.

==== git ====
Version update (2.12.0 -> 2.12.2)
Subpackages: git-core git-cvs git-daemon git-email git-gui git-svn git-web gitk

- git 2.12.2:
  * CLI output fixes
  * "Dump http" transport fixes
  * various fixes for internal code paths
  * Trailer "Cc:" RFC fix
- git 2.12.1:
  * Reduce authentication round-trip over HTTP when the server
    supports just a single authentication method.
  * "git add -i" patch subcommand fixed to have a path selection
  * various path verification fixes
  * fix "git log -L..." buffer overrun

==== goffice ====
Version update (0.10.33 -> 0.10.34)
Subpackages: goffice-lang libgoffice-0_10-10

- Update to version 0.10.34:
  + Fix rich-text format problem.

==== indent ====

- cleanup with spec-cleaner
- get rid of %{name} and %{version} macros in the patch names

==== jasper ====
Subpackages: libjasper-devel libjasper1 libjasper1-32bit

- Modified patch:
  * jasper-CVE-2016-9583.patch
    + integrate upstream change
    99a50593254d1b53002719bbecfc946c84b23d27, which fixed a null
    pointer dereferencing crash.
- Added patches:
  * jasper-CVE-2016-9583.patch
  - Out of bounds heap read in jpc_pi_nextpcrl() (bsc#1015400,
    CVE-2016-9583)
  * jasper-CVE-2017-6850.patch
  - NULL pointer dereference in jp2_cdef_destroy (jp2_cod.c)
    (bsc#1021868, CVE-2017-6850)

==== kbd ====

- Revert dropping of kdb-legacy Requires: There are still packages
  and installation flows that needs this to be present
  (boo#1027379).

==== ksystemlog ====
Version update (16.12.3 -> 17.03.80)

- Update to 17.03.80
  * New feature release
  * For more details please see:
  * https://www.kde.org/announcements/announce-applications-17.03.80.php
- Changes since 16.12.3:
  * Fix wording (2): "by KDE", not "for KDE"
  * Fix wording: Plasma is the desktop environment
- Add BuildRequires: pkgconfig(libsystemd)

==== libQtWebKit4 ====

- Disable -Wextra due to noisy -Wexpansion_to_defined which is enabled
  with -Wextra starting with GCC 7.  Otherwise we run into
  "Logfile got too big, killed job.".

==== libgphoto2 ====
Version update (2.5.12 -> 2.5.12.1)
Subpackages: libgphoto2-6 libgphoto2-6-32bit libgphoto2-devel

- updated to 2.5.12.1 temporary snapshot
  ptp2:
  * iPhone iOS 10.2 storage handling fixed, added dynamic storage handling
  * Sony Alpha Live View support.
  * Canon EOS M series capture enabled. (might not fully work yet)
  * Various crashes and endless loops fixed that were found by the AFL fuzzer.
  * Various bugfixes in Nikon, Canon capture
  * New USB Ids:
  * Sony: SLT A37, DSC-RX100M5
  * Nikon KeyMission 360
  * Canon PowerShot G16
  * Canon EOS M5
  * Fuji Fujifilm XT-2
  * GoPro Hero 5 Black

==== nghttp2 ====
Version update (1.18.0 -> 1.20.0)

- Update to version 1.20.0:
  * lib: nghttp2_session: fix The 'then' statement is equivalent to the subsequent code fragment found by PVS Studio (V523) (Patch from Alexis La Goutte) (GH-814)
  * lib: Add nghttp2_option_set_no_closed_streams (GH-810)
  * build: Disable spdylay detection by default
  * build: Add --with-systemd option to configure
  * fuzz: Add fuzzer for oss-fuzz (GH-799)
  * src: Enable TLSv1.3 if it is supported by OpenSSL (or BoringSSL) (GH-816)
  * src: h2 requires >= TLSv1.2
  * asio: More graceful stop of nghttp2::asio_http2::server::http2 (Patch from Amir Pakdel) (GH-805)
  * asio: Holding more shared_ptrs instead of raw ptrs to make sure called objects don't get deleted. (Patch from clemahieu)
  * asio: Fix infinite loop in acceptor handler (Patch from clemahieu) (GH-794)
  * asio: close_stream erases from streams_ while it's being iterated over. (Patch from clemahieu) (GH-795)
  * nghttpx: Strip version number from server header field
  * nghttpx: Add --single-worker option
  * nghttpx: Fix bug that send_reply does not participate graceful shutdown
  * nghttpx: Add --frontend-max-requests option
  * nghttpx: Enable stream-write-timeout by default
  * nghttpx: Fix stream write timer handling
  * nghttpx: Add configrevision API endpoint (GH-820)
  * nghttpx: Redirect to HTTPS URI with redirect-if-not-tls parameter (GH-819)
  * nghttpx: Update log time stamp in millisecond interval
  * nghttpx: Better error message when private key and certificate are missing
  * nghttpx: Fix bug that old config is used during reloading configuration
  * nghttpx: Specify TLS protocol by version range (GH-809)
  * nghttpx: Send SIGQUIT to the original master process (GH-807)
  * nghttpx: Restrict HTTP major and minor in 0 or 1
  * nghttpx: Drop privilege of neverbleed daemon first
  * nghttpx: add systemd support (Patch from Tomasz Torcz) (GH-802)
  * nghttpx: Fix crash on SIGHUP with multi thread configuration (GH-801)
  * nghttpx: Send 1xx non-final response using mruby script (GH-800)
  * nghttpx: Select certificate by client's supported signature algorithm (GH-792)
  * nghttpx: Recommend POST for backendconfig API request
  * nghttpx: Don't build PSK features with LibreSSL (Patch from Bernard Spil) (GH-789)
  * nghttp: add support for link rel="preload" for --get-assets (Patch from Benedikt Christoph Wolters) (GH-791)
  * h2load: Fix wrong req_stat updates
  * h2load: Explicitly count the number of requests left and inflight
  * integration: Fix deprecation warnings
  * integration: Redirect nghttpx stdout/stderr to test driver's stdout/stderr
- Changes for version 1.19.0:
  * lib: Fix memory leak of nghttp2_stream object in server side nghttp2_session object
  * Fix issues found by PVS Studio (Patch from Alexis La Goutte) (GH-769)
  * doc: Update README file to write about the issue of Alpine Linux's inability to replace malloc (Patch from makovich) (GH-768)
  * build: Compile with Android NDK r13b using clang
  * src: Fix assertion error with boringssl
  * nghttp: Take into account scheme and port when parsing HTML links
  * nghttp: Fix authority for --get-assets if IP address is used in conjunction with user-defined :authority header (Patch from Benedikt Christoph Wolters) (GH-783)
  * nghttpx: Add --accesslog-write-early option (GH-777)
  * nghttpx: Fix access.log timestamp (GH-778)
  * nghttpx: Show default cipher list in -h
  * nghttpx: Add client-ciphers option
  * nghttpx: Add client-no-http2-cipher-black-list option
  * nghttpx: Fix the bug that no-http2-cipher-black-list does not work on backend HTTP/2 connections.
  * nghttpx: Add --client-psk-secret option to enable PSK in backend (GH-612)
  * nghttpx: Add --psk-secret option to enable PSK in frontend connection (GH-612)
  * nghttpx: Enable SCT with OpenSSL 1.1.0
  * nghttpx: Add proxyproto to frontend option to accept PROXY protocol (GH-765)
  * h2load: Show default cipher list in -h
  * h2load: Show custom server temp key such as X25519
  * h2load: Fix incorrect return value from spdylay_send_callback
- Changes for version 1.18.1:
  * nghttpx: Fix assertion error in libev ev_io_start (GH-759)
  * nghttpx: Handle c-ares success without result
  * nghttpx: Fix bug that DNS timeout was erroneously disabled (GH-763)
  * nghttpx: Fix bug that DNS timeout was ignored (GH-763)

==== okteta ====
Version update (16.12.3 -> 17.03.80)
Subpackages: okteta-devel

- Update to 17.03.80
  * New feature release
  * For more details please see:
  * https://www.kde.org/announcements/announce-applications-17.03.80.php
- Changes since 16.12.3:
  * For compared or concatenated strings use QLatin1String, not QStringLiteral
  * Do not use static QString objects
  * Add missing emit keyword on signal call
  * Compose string manually
  * Remove unused variables/instances
  * Avoid calling methods on a temporary object
  * Add missing Q_OBJECT macro to QObject subclasses
  * Do not exit application if KDBusService fails to initialize.
  * Fix typo in docs
  * fix wrong structures directory
  * replace kf5-config from kdelibs4support with qtpaths
  * Point to category page on store.kde.org in docs
  * Replace kde-files.org with store.kde.org in docs
  * Bump version to 0.21.60
- Add BuildRequires: cmake(Qca-qt5)

==== perl-Config-Crontab ====
Version update (1.43 -> 1.44)

- updated to 1.44
  see /usr/share/doc/packages/perl-Config-Crontab/Changes
  Release 1.44
  - ---------------------------
  commit a81b708e1b5b023b6fc70ec7b68ce4cfcd1d5628
  Author: Scott Wiersdorf <scott@perlcode.org>
  Date:   Mon Mar 20 14:24:08 2017 -0600
    skip crontab writes unless explicitly asked for

==== poppler ====
Version update (0.52.0 -> 0.53.0)
Subpackages: libpoppler-cpp0 libpoppler-devel libpoppler-glib8 poppler-tools

- Update to version 0.53.0:
  + core:
  - Form support improvements.
  - SplashOutputDev: Fix memory leak when rendering images with
    colormap and matte color.
  - Minor fix in GlobalParams documentation.
  + qt5:
  - Expose form calculate order.
  - Expose Form additional actions.
  + utils:
  - pdfimages: support 16bpc png and tiff images (fdo#99988).
  - pdftohtml: fix small memory leak when constructing some
    filenames.
  - pdfinfo: fix leak when printing JS.
  + build system: Compile in C++11 mode.
- Bump soversion following upstream changes.
- Stop exporting  -std=gnu++11 for older versions of gcc, upstream
  now ensures this happens.

==== poppler-qt5 ====
Version update (0.52.0 -> 0.53.0)
Subpackages: libpoppler-qt5-1 libpoppler-qt5-devel

- Update to version 0.53.0:
  + core:
  - Form support improvements.
  - SplashOutputDev: Fix memory leak when rendering images with
    colormap and matte color.
  - Minor fix in GlobalParams documentation.
  + qt5:
  - Expose form calculate order.
  - Expose Form additional actions.
  + utils:
  - pdfimages: support 16bpc png and tiff images (fdo#99988).
  - pdftohtml: fix small memory leak when constructing some
    filenames.
  - pdfinfo: fix leak when printing JS.
  + build system: Compile in C++11 mode.
- Bump soversion following upstream changes.
- Stop exporting  -std=gnu++11 for older versions of gcc, upstream
  now ensures this happens.

==== python3 ====
Version update (3.6.0 -> 3.6.1)
Subpackages: python3-curses python3-dbm python3-tk

- update to 3.6.1
  * see python3-base for details

==== python3-base ====
Version update (3.6.0 -> 3.6.1)
Subpackages: libpython3_6m1_0 python3-idle

- update to 3.6.1
  * bugfix release, over a hundred bugs fixed
  * never add import location's parent directory to sys.path
  * switch to git for version control, build changes related to that
  * fix "failed to get random numbers" on old kernels (bsc#1029902)
  * several crashes and memory leaks corrected
  * f-string are no longer accepted as docstrings

==== ruby2.2 ====
Subpackages: libruby2_2-2_2 ruby2.2-devel ruby2.2-stdlib

- added patch by rguenther@ to fix building with GCC7:
  0005-RB_GC_GUARD-stronger-than-gcc7.patch
- switched to git branch based patching. we replace all patches in
  this round:
  removed:
  - 0001-GC-Use-__builtin_ppc_get_timebase-for-POWER-arch.patch
  - make-gem-build-reproducible.patch
  - ruby-1.9.2p290_tcl_no_stupid_rpaths.patch
  - ruby2.2.x_rbinstall_gem_buildroot.patch (unused)
  - rubygems-1.5.0_buildroot.patch  (unused)
  added:
  - 0001-tcl-no-stupid-rpaths.patch
  - 0002-make-gem-build-reproducible.patch
  - 0003-gc.c-tick-for-POWER-arch.patch
- added 0004-manual-backport-for-CVE-2016-2339.patch
  CVE-2016-2339 (boo#1018808)

==== rubygem-fast_gettext ====
Version update (1.3.0 -> 1.4.0)

- updated to version 1.4.0
  see installed CHANGELOG

==== snapper ====
Version update (0.4.3 -> 0.4.4)
Subpackages: libsnapper4 snapper-zypp-plugin

- remove read-only mount option for new fstab entry in mksubvolume
  (bsc#1030257)
- version 0.4.4

==== vigra ====

- Add patch gcc7-Fix-parameter-of-ImagePyramid-swap.patch in order
  to fix using the library with a GCC 7.

==== vm-install ====
Version update (0.8.61 -> 0.8.63)

- bsc#1027106 - ISO based installations of Xen PV guests do not
  automatically find the installation sources
- Version 0.8.63
- Fix initializing the host installation source location
- Version 0.8.62