Packages changed:
  SuSEfirewall2 (3.6.357 -> 3.6.359)
  cairo
  desktop-translations (84.87.20170202.0c8d823 -> 84.87.20170618.be69114)
  evolution (3.24.2 -> 3.24.3)
  evolution-data-server (3.24.2 -> 3.24.3)
  evolution-ews (3.24.2 -> 3.24.3)
  gdb (7.12.1 -> 8.0)
  gnome-shell
  gnome-vfs2
  graphite2 (1.3.9 -> 1.3.10)
  gsl (2.3 -> 2.4)
  gstreamer (1.12.0 -> 1.12.1)
  gstreamer-plugins-bad (1.12.0 -> 1.12.1)
  gstreamer-plugins-base (1.12.0 -> 1.12.1)
  gstreamer-plugins-good (1.12.0 -> 1.12.1)
  gstreamer-plugins-ugly (1.12.0 -> 1.12.1)
  gtk3 (3.22.15 -> 3.22.16)
  installation-images-Kubic
  installation-images-openSUSE
  kernel-source (4.11.6 -> 4.11.7)
  libcares2 (1.12.0 -> 1.13.0)
  libglvnd (0.1.2~20170427~6bcecd8 -> 0.1.2~20170620~d850cdd)
  libreoffice (5.4.0.0.beta2 -> 5.4.0.1)
  multipath-tools (0.7.1+53+suse.07c2f6ac -> 0.7.1+62+suse.62a2c36e)
  obs-service-tar_scm (0.7.0.1496831936.d960322 -> 0.7.0.1497870887.fa1750b)
  openssl (1.0.2k -> 1.0.2l)
  openssl-1_0_0 (1.0.2k -> 1.0.2l)
  opus (1.1.5 -> 1.2.1)
  patterns-gnome
  perl-File-Path (2.120000 -> 2.140000)
  perl-GD (2.56 -> 2.66)
  perl-HTTP-Message (6.11 -> 6.13)
  perl-Scalar-List-Utils (1.47 -> 1.48)
  python-kiwi (9.7.2 -> 9.7.4)
  python-ldap (2.4.39 -> 2.4.40)
  python-pyserial
  qemu
  qemu-linux-user
  shotwell (0.26.2 -> 0.27.0)
  terminus-bitmap-fonts (4.40 -> 4.46)
  tiff (4.0.7 -> 4.0.8)
  yast2-pkg-bindings (3.2.3 -> 3.2.4)

=== Details ===

==== SuSEfirewall2 ====
Version update (3.6.357 -> 3.6.359)

- Also check /etc/sysctl.d for custom sysctl overrides (bnc#1044523)
- improved documentation of FW_SERVICES_DROP_... to mention "all" protocols

==== cairo ====
Subpackages: cairo-devel libcairo-gobject2 libcairo-script-interpreter2 libcairo2 libcairo2-32bit

- Add 0001-image-prevent-invalid-ptr-access-for-4GB-images.patch to
  fix a segfault when using >4GB images since int values were used
  for pointer operations (bsc#1007255, fdo#98165, CVE-2016-9082).

==== desktop-translations ====
Version update (84.87.20170202.0c8d823 -> 84.87.20170618.be69114)

- Update to version 84.87.20170618.be69114:
  * Translated using Weblate (Arabic)
  * Translated using Weblate (Danish)
  * Translated using Weblate (German)
  * Translated using Weblate (Greek)
  * Translated using Weblate (Portuguese (Brazil))
  * Translated using Weblate (Russian)
  * Translated using Weblate (Spanish)
- Update to version 84.87.20170613.caa39e6:
  * Translated using Weblate (Swedish)
  * Translated using Weblate (Swedish)
- Update to version 84.87.20170613.847c686:
  * Translated using Weblate (Catalan)
  * Translated using Weblate (Catalan)
  * Translated using Weblate (French)
  * Translated using Weblate (Catalan)
  * Translated using Weblate (Italian)
  * Translated using Weblate (Catalan)
  * Translated using Weblate (French)
  * Translated using Weblate (Lithuanian)
  * Translated using Weblate (Ukrainian)
  * Translated using Weblate (Russian)
  * Translated using Weblate (Russian)
  * Translated using Weblate (Ukrainian)
  * Translated using Weblate (Ukrainian)
  * Translated using Weblate (Ukrainian)
  * Translated using Weblate (Ukrainian)
  * Translated using Weblate (Ukrainian)
  * Translated using Weblate (Ukrainian)
  * Translated using Weblate (German)
  * Translated using Weblate (German)
  * Translated using Weblate (German)
  * Translated using Weblate (German)
  * Translated using Weblate (German)
  * Translated using Weblate (German)
  * Translated using Weblate (Lithuanian)
  * Translated using Weblate (Lithuanian)
  * Translated using Weblate (Lithuanian)
  * Translated using Weblate (Spanish)
  * Translated using Weblate (German)
  * Translated using Weblate (German)
  * Translated using Weblate (German)
  * Translated using Weblate (Spanish)
  * Translated using Weblate (Lithuanian)
  * Translated using Weblate (German)
  * Translated using Weblate (German)
  * Translated using Weblate (Spanish)
  * Translated using Weblate (Spanish)
  * Translated using Weblate (Spanish)
  * Translated using Weblate (German)
  * Translated using Weblate (German)
  * Translated using Weblate (Spanish)
  * Translated using Weblate (Kabyle)
  * Translated using Weblate (Kabyle)
  * Translated using Weblate (Kabyle)
  * Translated using Weblate (Portuguese (Brazil))
  * Translated using Weblate (Chinese (China))
  * Translated using Weblate (Spanish)
  * Translated using Weblate (Spanish)
  * Translated using Weblate (Danish)
  * Translated using Weblate (Danish)
  * Translated using Weblate (Lithuanian)
  * Translated using Weblate (Lithuanian)
  * Translated using Weblate (German)
  * Translated using Weblate (German)
  * Revert swedish translation to SVN state
  * Regenerate translations from .desktop files
- Update to version 84.87.20170531.7e7f57d:
  * Translated using Weblate (Arabic)
  * Translated using Weblate (Arabic)
  * Translated using Weblate (Catalan)
  * Translated using Weblate (Catalan)
  * Translated using Weblate (Catalan)
  * Translated using Weblate (Catalan)
  * Translated using Weblate (Catalan)
  * Translated using Weblate (Catalan)
  * Translated using Weblate (Catalan)
  * Translated using Weblate (Catalan)
  * Translated using Weblate (Slovak)
  * Translated using Weblate (Slovak)
  * Translated using Weblate (Slovak)
  * Translated using Weblate (Slovak)
  * Translated using Weblate (Slovak)
  * Translated using Weblate (Slovak)
  * Translated using Weblate (Slovak)
  * Translated using Weblate (Slovak)
  * Translated using Weblate (Slovak)
  * Translated using Weblate (Japanese)
  * Translated using Weblate (Japanese)
  * Translated using Weblate (Japanese)
  * Translated using Weblate (Catalan)
  * Translated using Weblate (Arabic)
  * Translated using Weblate (Catalan)
  * Translated using Weblate (Italian)
  * Translated using Weblate (Slovak)
  * Translated using Weblate (Arabic)
  * Translated using Weblate (Catalan)
  * Translated using Weblate (Italian)
  * Translated using Weblate (Slovak)
  * Translated using Weblate (Italian)
  * Translated using Weblate (Slovak)
  * Translated using Weblate (Japanese)
  * Translated using Weblate (Arabic)
  * Translated using Weblate (Catalan)
  * Translated using Weblate (Arabic)
  * Translated using Weblate (Catalan)
  * Translated using Weblate (Japanese)
  * Translated using Weblate (Slovak)
  * Translated using Weblate (Italian)
  * Translated using Weblate (Japanese)
  * Translated using Weblate (Catalan)
  * Translated using Weblate (Italian)
  * Translated using Weblate (Italian)
  * Translated using Weblate (Catalan)
  * Rename appstream.po to appstreamdata.po to avoid conflict
  * Rename appstream -> appstreamdata in tar2po
  * Translated using Weblate (Catalan)
  * Translated using Weblate (Portuguese (Brazil))
  * Translated using Weblate (Catalan)
  * Translated using Weblate (Italian)
  * Translated using Weblate (Spanish)
  * Translated using Weblate (French)
  * Translated using Weblate (Portuguese (Brazil))
  * Translated using Weblate (Catalan)
  * Translated using Weblate (Italian)
  * Translated using Weblate (Portuguese (Brazil))
- Change License: to MIT
- Also generate other mo files
- Update to version 84.87.20170518.2205c8c:
  * tar2po: Escape newline in gettext strings correctly
  * Merge POT files into PO files to not lose translations
  * Update translations with latest changes
- Add gettext-runtime and xz BuildRequires
- Update to version 84.87.20170517.b889563:
  * Translated using Weblate (Japanese)
  * Translated using Weblate (Japanese)
  * Translated using Weblate (Arabic)
  * Translated using Weblate (Arabic)
  * Translated using Weblate (Arabic)
  * Translated using Weblate (Catalan)
  * Translated using Weblate (Japanese)
  * Translated using Weblate (Arabic)
  * Translated using Weblate (Italian)
  * Translated using Weblate (Catalan)

==== evolution ====
Version update (3.24.2 -> 3.24.3)
Subpackages: evolution-plugin-bogofilter evolution-plugin-pst-import evolution-plugin-spamassassin

- Update to version 3.24.3:
  + [ECompEditor]:
  - Ensure local store directory exists before saving
    attachments.
  - Use ICAL_FILENAME_PARAMETER for attachments, if available.
  + Use SIGTERM instead of SIGQUIT in killev
    (evolution --force-shutdown).
  + Allow select the same source and destination calendar in Copy
    To Calendar.
  + Crash under e_dom_resize_document_content_to_preview_width().
  + Allow overwrite of CMAKE_SKIP_RPATH variable.
  + e_mail_folder_to_full_display_name: Special-case virtual
    Trash/Junk folders.
  + Bugs fixed: bgo#720197, bgo#782529, bgo#773420, bgo#782803,
    bgo#783106, bgo#537048, bgo#783191, bgo#782052, bgo#783317,
    bgo#782210, bgo#783353, bgo#782470, bgo#783682.
  + Updated translations.
- Pass -DCMAKE_SKIP_RPATH=OFF to configure, needed after upstream
  changes.

==== evolution-data-server ====
Version update (3.24.2 -> 3.24.3)
Subpackages: libcamel-1_2-60 libebackend-1_2-10 libebook-1_2-19 libebook-contacts-1_2-2 libecal-1_2-19 libedata-book-1_2-25 libedata-cal-1_2-28 libedataserver-1_2-22 libedataserverui-1_2-1

- Update to version 3.24.3:
  + Remove forgotten debug print.
  + Add CamelWeakRefGroup to camel-docs.sgml.
  + Mis-filters emails with Mailing List rule in certain
    situations.
  + Prevent busy-loop opening Google calendar configured in GOA.
  + Prevent GError override in e_cal_backend_sync_get_timezone().
  + Allow overwrite of CMAKE_SKIP_RPATH variable.
  + Bugs fixed: bgo#782360, bgo#782362, bgo#782377, bgo#782096,
    bgo#770476, bgo#783385.
- Pass -DCMAKE_SKIP_RPATH=OFF to configure, needed after upstream
  changes.

==== evolution-ews ====
Version update (3.24.2 -> 3.24.3)
Subpackages: evolution-ews-lang

- Update to version 3.24.3:
  + e_ews_connection_try_credentials_sync() asks for password when
    not needed.
  + Allow overwrite of CMAKE_SKIP_RPATH variable.
- Pass -DCMAKE_SKIP_RPATH=OFF to configure, needed after upstream
  changes.

==== gdb ====
Version update (7.12.1 -> 8.0)

- Rebase to gdb 8.0 release: [fate #319573]
  * support for DWARF5 (except its .debug_names)
  * support C++11 rvalue references
  * support PKU register (memory protection keys on future Intel CPUs)
  * python scripting:
  - start, stop and access running btrace
  - rvalue references in gdb.Type
  * record/replay x86_64 rdrand and rdseed
  * removed support for GCJ compiled java programs
  * user commands accept more than 10 arguments
  * "eval" expands user-defined command arguments
  * new options:
    set/show disassembler-options (on arm, ppc s390)
- Removed obsoleted patches:
  gdb-release-werror.patch
- Rebase to gdb 7.99.90 (prerelease of gdb 8) [fate #319573]
- Updated libstdc++ pretty printers to
  gdb-libstdc++-v3-python-6.3.1-20170212.tar.bz2.
- Added patches from fedora:
  gdb-release-werror.patch
  gdb-rhbz1398387-tab-crash-test.patch
- Removed obsoleted patches:
  gdb-6.7-bz426600-DW_TAG_interface_type-test.patch
  gdb-bison-old.patch
  gdb-testsuite-casts.patch
  gdb-testsuite-m-static.patch
  gdb-upstream.patch
  gdb-testsuite-morestack-gold.patch
  gdb-fix-bnc-994537.diff
  gdb-libiberty-demangler-fuzz.diff
- Fix rpm condition to allow build on SLE10.
- Do not require glibc-devel-static-32bit on SLE12 which is not available
  there.

==== gnome-shell ====
Subpackages: gnome-shell-browser-plugin gnome-shell-calendar

- Drop gnome-shell-970480-authprompt-wrapping-message.patch:
  Fixed upstream.

==== gnome-vfs2 ====
Subpackages: gnome-vfs2-devel gnome-vfs2-lang

- Replace openssl-devel with libopenssl-1_0_0-devel BuildRequires:
  Build fails with openssl-1.1 (bgo#1042650).

==== graphite2 ====
Version update (1.3.9 -> 1.3.10)
Subpackages: graphite2-devel libgraphite2-3 libgraphite2-3-32bit

- Use %ctest macro
- Update license string to lgpl2.1+ and mpl2.0+
- Remove patch graphite2-CVE-2017-5436.patch
- Update to 1.3.10:
  * Upstream marks this as contianing various bugfixes without
    any specific mentions

==== gsl ====
Version update (2.3 -> 2.4)
Subpackages: gsl-devel libgslcblas0

- rstat_test.patch - Fix rstat test on PPC platform
- re-enable multi-job support in unit tests (check make target)
- Update to new upstream version 2.4:
  * add const to declaration of appropriate gsl_rstat routines
  * added routines for Hermite polynomials, gsl_sf_hermite_*
  * added routines to compute integrals with fixed-point
    quadrature, based on IQPACK
  * added new nonlinear least squares example for fitting
    a Gaussian to data
  * deprecated routines:
    gsl_sf_coupling_6j_INCORRECT
    gsl_sf_coupling_6j_INCORRECT_e
  * deprecated routine 'gsl_linalg_hessenberg' (replaced
    by gsl_linalg_hessenberg_decomp)
  * removed routines which were deprecated in v2.1:
    gsl_bspline_deriv_alloc
    gsl_bspline_deriv_free
  * changed COD expression to Q R Z^T instead of Q R Z to
    be consistent with standard texts
  * added check for nz == 0 in gsl_spmatrix_get
  * permit zero-dimension blocks, vectors, matrics, subvectors,
    submatrices, and views of the above
  * added routine gsl_linalg_COD_lssolve2 for regularized
    least squares problems
- obsoletes patches:
  * ppc_test_tolerence.patch
  * fix_legendre_test.patch
- unit tests re-enabled
- Update to test version 2.3.90.

==== gstreamer ====
Version update (1.12.0 -> 1.12.1)
Subpackages: gstreamer-devel gstreamer-utils libgstreamer-1_0-0 libgstreamer-1_0-0-32bit typelib-1_0-Gst-1_0

- Update to version 1.12.1:
  + Various fixes for crashes, assertions, deadlocks and memory
    leaks.
  + Fix for regression when seeking to the end of ASF files.
  + Fix for regression in (raw)videoparse that caused it to omit
    video metadata.
  + Fix for regression in discoverer that made it show more streams
    than actually available.
  + Numerous bugfixes to the adaptive demuxer base class and the
    DASH demuxer.
  + Various playbin3/urisourcebin related bugfixes.
  + Vivante DirectVIV (imx6) texture uploader works with
    single-plane (e.g. RGB) video formats now.
  + Intel Media SDK encoder now outputs valid PTS and keyframe
    flags.
  + OpenJPEG2000 plugin can be loaded again on MacOS and correctly
    displays 8 bit RGB images now.
  + Fixes to DirectSound source/sink for high CPU usage and wrong
    latency/buffer size calculations.
  + gst-libav was updated to ffmpeg n3.3.2.

==== gstreamer-plugins-bad ====
Version update (1.12.0 -> 1.12.1)
Subpackages: libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbadbase-1_0-0 libgstbadvideo-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstgl-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgsturidownloader-1_0-0 libgstwayland-1_0-0

- Update to version 1.12.1:
  + Bugs fixed: bgo#783028, bgo#773681, bgo#776609, bgo#779202,
    bgo#781249, bgo#781561, bgo#782221, bgo#782352, bgo#782376,
    bgo#782693, bgo#782697, bgo#782736, bgo#782771, bgo#782801,
    bgo#782921, bgo#783066, bgo#783075, bgo#783255, bgo#783256,
    bgo#783401, bgo#783626, bgo#781204.

==== gstreamer-plugins-base ====
Version update (1.12.0 -> 1.12.1)
Subpackages: libgstallocators-1_0-0 libgstapp-1_0-0 libgstaudio-1_0-0 libgstaudio-1_0-0-32bit libgstfft-1_0-0 libgstpbutils-1_0-0 libgstriff-1_0-0 libgstrtp-1_0-0 libgstrtsp-1_0-0 libgstsdp-1_0-0 libgsttag-1_0-0 libgsttag-1_0-0-32bit libgstvideo-1_0-0 libgstvideo-1_0-0-32bit typelib-1_0-GstAudio-1_0 typelib-1_0-GstPbutils-1_0 typelib-1_0-GstTag-1_0 typelib-1_0-GstVideo-1_0

- Update to version 1.12.1:
  + Various fixes for crashes, assertions, deadlocks and memory
    leaks.
  + Fix for regression when seeking to the end of ASF files.
  + Fix for regression in (raw)videoparse that caused it to omit
    video metadata.
  + Fix for regression in discoverer that made it show more streams
    than actually available.
  + Numerous bugfixes to the adaptive demuxer base class and the
    DASH demuxer.
  + Various playbin3/urisourcebin related bugfixes.
  + Vivante DirectVIV (imx6) texture uploader works with
    single-plane (e.g. RGB) video formats now.
  + Intel Media SDK encoder now outputs valid PTS and keyframe
    flags.
  + OpenJPEG2000 plugin can be loaded again on MacOS and correctly
    displays 8 bit RGB images now.
  + Fixes to DirectSound source/sink for high CPU usage and wrong
    latency/buffer size calculations.
  + gst-libav was updated to ffmpeg n3.3.2.

==== gstreamer-plugins-good ====
Version update (1.12.0 -> 1.12.1)
Subpackages: gstreamer-plugins-good-extra

- Update to version 1.12.1:
  + Various fixes for crashes, assertions, deadlocks and memory
    leaks.
  + Fix for regression when seeking to the end of ASF files.
  + Fix for regression in (raw)videoparse that caused it to omit
    video metadata.
  + Fix for regression in discoverer that made it show more streams
    than actually available.
  + Numerous bugfixes to the adaptive demuxer base class and the
    DASH demuxer.
  + Various playbin3/urisourcebin related bugfixes.
  + Vivante DirectVIV (imx6) texture uploader works with
    single-plane (e.g. RGB) video formats now.
  + Intel Media SDK encoder now outputs valid PTS and keyframe
    flags.
  + OpenJPEG2000 plugin can be loaded again on MacOS and correctly
    displays 8 bit RGB images now.
  + Fixes to DirectSound source/sink for high CPU usage and wrong
    latency/buffer size calculations.
  + gst-libav was updated to ffmpeg n3.3.2.

==== gstreamer-plugins-ugly ====
Version update (1.12.0 -> 1.12.1)

- Update to version 1.12.1:
  + Bugs fixed: bgo#783100.

==== gtk3 ====
Version update (3.22.15 -> 3.22.16)
Subpackages: gtk3-data gtk3-immodule-amharic gtk3-immodule-inuktitut gtk3-immodule-thai gtk3-immodule-vietnamese gtk3-immodule-xim gtk3-tools libgtk-3-0 typelib-1_0-Gtk-3_0

- Update to version 3.22.16:
  + GtkEntryBuffer no longer emits changed events when input is
    truncated.
  + gtk3-icon-browser now offers to copy the icon name to the
    clipboard.
  + Bugs fixed: bgo#745289, bgo#759308, bgo#770513, bgo#778853,
    bgo#779078, bgo#781285, bgo#781945, bgo#782117, bgo#782283,
    bgo#782325, bgo#783047, bgo#783347, bgo#783397, bgo#783587.
  + Updated translations.

==== installation-images-Kubic ====

- remove obsolete dependency on links (bsc#1044791)

==== installation-images-openSUSE ====

- remove obsolete dependency on links (bsc#1044791)

==== kernel-source ====
Version update (4.11.6 -> 4.11.7)
Subpackages: kernel-default kernel-default-devel kernel-devel kernel-docs kernel-macros kernel-syms

- Linux 4.11.7 (bnc#1012628).
- commit ddd09a5
- drm/nouveau/gpio: enable interrupts on cards with 32 gpio lines
  (bnc#1045105).
- commit d61c66b
- reiserfs: don't preallocate blocks for extended attributes
  (bsc#990682).
- commit a4e55c0
- reiserfs: Protect dquot_writeback_dquots() by s_umount semaphore
  (bsc#1037795).
- reiserfs: Make cancel_old_flush() reliable (bsc#1037795).
- commit 5e3bb37
- Update config files.
- config.conf: Added s390x zfcpdump kernel
- commit 9bfc6ab
- btrfs: add cond_resched to btrfs_qgroup_trace_leaf_items
  (bsc#1028286 bsc#1017461 bsc#1036171).
- commit 7d41685
- Only set CONFIG_GCC_PLUGINS=y in kernel-syzkaller (boo#1043591)
- commit fe00c55
- rpm/kernel-binary.spec.in: Only kernel-syzkaller needs gcc-devel
  (boo#1043591).
- commit d7ff041

==== libcares2 ====
Version update (1.12.0 -> 1.13.0)

- Version update to 1.13.0:
  * Fixes bsc#1044946 CVE-2017-1000381
  * Bunch of bugfixes
- Drop cares-1.9.1-ocloexec.patch as it broke again and it is
  not really worth all the fwdporting
- Drop check phase there is only return 0

==== libglvnd ====
Version update (0.1.2~20170427~6bcecd8 -> 0.1.2~20170620~d850cdd)
Subpackages: libglvnd-32bit libglvnd-devel

- Update to version 0.1.2~20170620~d850cdd:
  * EGL: detect platform gbm vendor capability.
  * EGL: add platform gbm detection in eglGetDisplay.
  * EGL: alias "drm" to gbm when using EGL_PLATFORM.
  * EGL: honour eglGetPlatformDisplay's attrib_list.
  * PPC64LE: Fix the cache clear instructions (boo#1045185).
  * configure: Remove AC_PROG_CXX.
  * EGL: Allow vendor libraries to identify platforms for
    eglGetDisplay.
  * GL: Use a table to look up core GLX functions.

==== libreoffice ====
Version update (5.4.0.0.beta2 -> 5.4.0.1)
Subpackages: libreoffice-base libreoffice-base-drivers-mysql libreoffice-branding-upstream libreoffice-calc libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-gtk3 libreoffice-icon-theme-breeze libreoffice-icon-theme-galaxy libreoffice-icon-theme-hicontrast libreoffice-icon-theme-sifr libreoffice-icon-theme-tango libreoffice-impress libreoffice-kde4 libreoffice-l10n-cs libreoffice-l10n-da libreoffice-l10n-de libreoffice-l10n-el libreoffice-l10n-en libreoffice-l10n-es libreoffice-l10n-fr libreoffice-l10n-hu libreoffice-l10n-it libreoffice-l10n-ja libreoffice-l10n-pl libreoffice-l10n-pt_BR libreoffice-l10n-ru libreoffice-l10n-zh_CN libreoffice-l10n-zh_TW libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-writer libreofficekit

- Update to 5.4.0.1:
  * First rc of the series, now only serious bugs will be fixed
- Drop upstreamed patch 0001-undo-clone.patch
- Drop upstreamed patch 0001-watermark.patch
- Add suse color palette bsc#1045339

==== multipath-tools ====
Version update (0.7.1+53+suse.07c2f6ac -> 0.7.1+62+suse.62a2c36e)
Subpackages: kpartx

- Update to version 0.7.1+62+suse.62a2c36e:
  * kpartx: only check for 'no_partitions' feature on dm devices
    (bsc#1037533)
  * Revert "kpartx: use mapname if no uuid is present"
    (bsc#1037533, bsc#1033541)
- "no_path_retry" patch series (bsc#1043027)
  * libmultipath: load_config: skip setting unnecessary defaults
  * libmultipath: add/remove_feature: use const char* for feature
  * libmultipath: clarify option conflicts for "features"
  * libmultipath: merge_hwe: fix queue_if_no_path logic
  * libmultipath: assemble_map: fix queue_if_no_path logic
  * multipath.conf.5: document no_path_retry vs. queue_if_no_path
  * multipath.conf.5: Remove ??? and other minor fixes
  * libmultipath: add deprecated warning for some features settings
- _service: Use "sles12-sp3" branch as revision, as factory
  and SLE12-SP3 submissions are in sync. Will be changed when
  factory forks off (latest at SLE12-SP3 GA).
- set KBUILD_BUILD_TIMESTAMP to generate reproducible man-pages
  to fix build-compare (bsc#1045111)

==== obs-service-tar_scm ====
Version update (0.7.0.1496831936.d960322 -> 0.7.0.1497870887.fa1750b)
Subpackages: obs-service-obs_scm-common

- Update to version 0.7.0.1497261741.b1aa4cb:
  * Move spec file to git

==== openssl ====
Version update (1.0.2k -> 1.0.2l)
Subpackages: libopenssl-devel

- Revert back to 1.0.2l for now so we get new fixes of 1.0 openssl
  to tumbleweed
- Update to 1.1.0f release
- Switch default to openssl-1.1.0

==== openssl-1_0_0 ====
Version update (1.0.2k -> 1.0.2l)
Subpackages: libopenssl-1_0_0-devel libopenssl1_0_0 libopenssl1_0_0-32bit

- Update engines location for the engines to match up 1.1 to ease
  later on migration bsc#1045803
  * openssl-engines-path.patch
- update to 1.0.2l
  * bugfix release only
  * fixes problem with a lower-than-before version number (bsc#1040863)
- drop openssl-print_notice-NULL_crash.patch (upstream)
- refresh patches openssl-fipslocking.patch and
  0001-Axe-builtin-printf-implementation-use-glibc-instead.patch

==== opus ====
Version update (1.1.5 -> 1.2.1)

- Update to version 1.2.1:
  + This fixes an issue where the encoder can misdetect that the
    signal is SWB instead of FB, lowpassing the signal. This patch
    makes the encoder much more careful about doing that.
- Cleanup with spec-cleaner
- Update to version 1.2
  + Speech quality improvements especially in the 12-20 kbit/s
    range
  + Improved VBR encoding for hybrid mode
  + More aggressive use of wider speech bandwidth, including
    fullband speech starting at 14 kbit/s
  + Music quality improvements in the 32-48 kb/s range
  + Generic and SSE CELT optimizations
  + Support for directly encoding packets up to 120 ms
  + DTX support for CELT mode
  + SILK CBR improvements
  + Support for all of the fixes in
    draft-ietf-codec-opus-update-06 (the mono downmix and the
    folding fixes need --enable-update-draft)
  + Many bug fixes, including integer wrap-arounds discovered
    through fuzzing (no security implications)
- Removed static package

==== patterns-gnome ====
Subpackages: patterns-gnome-gnome patterns-gnome-gnome_admin patterns-gnome-gnome_basis patterns-gnome-gnome_basis_opt patterns-gnome-gnome_games patterns-gnome-gnome_ide patterns-gnome-gnome_imaging patterns-gnome-gnome_imaging_opt patterns-gnome-gnome_internet patterns-gnome-gnome_laptop patterns-gnome-gnome_multimedia patterns-gnome-gnome_multimedia_opt patterns-gnome-gnome_office patterns-gnome-gnome_office_opt patterns-gnome-gnome_utilities patterns-gnome-gnome_yast patterns-gnome-sw_management_gnome

- gnome_ide pattern:
  + Add the gnome-builder recommendation.
  + Add the gedit, gedit-plugins and jhbuild suggestions.
  + Move anjuta and monodevelop from recommendations to
    suggestions.
  + Move gitg from suggestions to recommendations.
- Remove liferea as it is not a GNOME application and is a niche
  tool that shouldn't be installed by default.
- Replace gucharmap by gnome-characters.
- Do not require a base system: GNOME builds on top of X11 (for
  now) and what is below X11 is not our concern.

==== perl-File-Path ====
Version update (2.120000 -> 2.140000)

- updated to 2.14
  see /usr/share/doc/packages/perl-File-Path/Changes
  2.14 2017-06-07
  - When creating subdirectories for testing underneath
    File::Spec::Functions::tmpdir(), use randomly generated strings.
  - No change in functionality from 2.13.
- updated to 2.13
  see /usr/share/doc/packages/perl-File-Path/Changes
  2.13 2017-05-31
  - Document security vulnerability reported as CVE-2017-6512.
  2.12_008 2017-05-07
  - Patch from John Lightsey.
  2.12_007 2017-04-22
  - Skip tests where filesystem doesn't support permissions (RT 121248).
  - Add AppVeyor configuration; thanks to Charlie Gonzalez and Hayo Baan.
  2.12_006 2017-04-21
  - Modernize README, Makefile.PL, updating of version number
    and release date in documentation.
  2.12_005 2017-04-21
  - Recommend use of 'safe => 1' in remove_tree() and rmtree().
  - Warn if mkpath() or make_path() is passed implausible options on
    Windows.
  - Corrections to errors in previous release.
  2.12_004 2017-04-18
  - Certain functions used in tests are not available on Windows;
    skip them.
  - Move certain functions used in testing to t/FilePathTest.pm.
  2.12_003 2017-04-07
  - Add tests to improve coverage ratios as measured by Devel::Cover
  - No functional changes.
  2.12_002 2017-03-12
  - GH#41 RT 117019 Fixed File::Path::remove_tree option hash is auto
    populated and cannot be reused
  - GH#40 Unskip in path root t
  - GH#39 Remove superfluous assignment to $arg{perm}
  - GH#38 Minor grammatical doc fixes.
  - GH#37 Minor grammatical doc fixes.
  2.12_001 2016-09-18
  - RT 94209  document that the thread safety issue will not change and
    communicate alternative.
  - RT 85878  be more generous with error check regex given we could be
    dealing with a pre-1.25 Carp.
  - GH #33    Be more precise in documentation example for make_path
    error checking.
  - GH #34 Skip Windows 2000 and earlier unit tests (test change).
  - GH #36 Do not hardcode ENOENT (test change).

==== perl-GD ====
Version update (2.56 -> 2.66)

- updated to 2.66
  see /usr/share/doc/packages/perl-GD/ChangeLog
  2.66    * throw proper error on newFrom* with not-existing file
  * add t/transp.t from RT #40525
  * Improve RT #54366 multiple gd.h warning
  * better doc for GD::Simple->arc
  * fix ANIMGIF with libgd 2.3.0-dev
  2.65    * fix --gdlib_config_path to accept an argument (fperrad)
  2.64    * Update doc for LIBGD_VERSION()
  * Fix 5.6.2, which does not have float in its typemap
  2.63    * renamed VERSION() to LIBGD_VERSION(), RT #121307.
    It was treated magically by "use GD 2.18"
  2.62    * fixed wrong <5.14 code generated with ExtUtils::Constants
    RT #121297. Don't generate const-xs.inc, only when missing.
  * add -liconv on hpux also (our pkgconfig parser cannot handle it)
  2.61    * add CONFIGURE_REQUIRES META
  * add --gdlib_config_path
  * add Image Filters: scatter, pixelate, negate, grayscale, brightness,
    contrast, color, selectiveBlur, edgeDetectQuick, gaussianBlur, emboss,
    meanRemoval, smooth, copyGaussianBlurred
  * add palette methods: createPaletteFromTrueColor,
    neuQuant (but discouraged), colorMatch.
  * add interpolation methods: copyScale, copyRotateInterpolated,
    interpolationMethod.
  * add double GD::VERSION
  * add all gd.h constants
  2.60    * add missing methods newFromWBMP, newFromXbm,
    (RT #68784) and some missing docs
  * Add --lib_fontconfig_path, --fcgi options
  * rewrote most of the XS code
  * cleanup Makefile.PL #20
  2.59    * error on failing libgd calls
  * fix colorClosestAlpha, colorAllocateAlpha
  * add missing documentation
  2.58    * fix VERSION_STRING for 2.0.x
  * honor --lib_gd_path specific gdlib-config
  * Loosen the comparison tests with GDIMAGETYPE ne gd2
  * Improve gdlib-config parsing (PR #17), esp. with 2.0.34
  2.57    * fix Jpeg magic number detection RT #26146
  * fix RGB - HSV roundtrips: RT #120572 by J2N-FORGET
  * fix -print-search-dirs errors RT #106265
  * co-maint to rurban
  * add hv_fetchs, CI smokers
  * add GD::VERSION_STRING api
  2.56_03 * add alpha method
  * improve option handling
  * fix meta data
  2.56_02 * fix feature extraction >= 2.2 [RT #119459]
  2.56_01 * rm Build.PL, fix permissions, fix for missing gdlib-config

==== perl-HTTP-Message ====
Version update (6.11 -> 6.13)

- updated to 6.13
  see /usr/share/doc/packages/perl-HTTP-Message/Changes

==== perl-Scalar-List-Utils ====
Version update (1.47 -> 1.48)

- updated to 1.48
  see /usr/share/doc/packages/perl-Scalar-List-Utils/Changes
  1.48 -- 2017/06/23 17:29:42
  [CHANGES]
  * Note in documentation that outer function's @_ can be accessed in
  some blocks, but ought not be (thanks wchristian)
  [BUGFIXES]
  * Ensure pairmap extends its stack correctly (thanks davem)
  * Fix name of List::Util::unpairs in its error messages

==== python-kiwi ====
Version update (9.7.2 -> 9.7.4)
Subpackages: kiwi-pxeboot kiwi-tools

- Bump version: 9.7.3 ? 9.7.4
- Fixed setup_plymouth_splash
  The schema generated get_bootsplash_theme() method returns a list
  because it's section content. The return value of the method was
  used as a string which caused a runtime error
- Add package manager in image info task solving process
  This commit includes the package manager package in the packages
  list to be solved in image info task.
- Bump version: 9.7.2 ? 9.7.3
- Fixed gce disk format
  The order of the files in the tarball is important. The first
  entry must be the manifest.json followed by disk.raw
- Make sure CliTask instance reads the config file
  Any instance of a CliTask has to read the runtime config file
  if present
- Add generic access for attributes
  The layout of the yaml runtime config is based on an element
  topic containing a list of attributes. For now only the xz
  topic with its options attribute is in use but for the future
  more elements might be supported which can use the same access
  method
- Setup plymouth splash in the image prepare process
  In case the plymouth-set-default-theme tool can be found in the
  image root system and a bootsplash theme is configured in the
  XML description, the tool is used to setup the theme configuration
  This Fixes #366
- Include patternType information to resolv packages in image info task
  This commit includes ingore_recommended flag in the Sat.solve method.
  This way if the description file states to include only required
  packages (without recommendations) it is respected and taken into
  account to resolv the packages list.
  Fixes #381
- Added custom xz option handling for ArchiveTar
  Allow to pass custom xz options for create_xz_compressed
  method. Issue #373
- Make sure options are returned as list
- Added custom xz option handling for Compress
  Allow to pass custom options for xz method. Issue #373
- Activate reading of runtime config in tasks
  Implement reading of runtime configuration file in base
  commandline class. Issue #373
- Cleanup doc string of base task class
- Add runtime config man page section
  Describe the contents of the KIWI runtime config file
- Added RuntimeConfig class
  An instance of RuntimeConfig reads in ~/.config/kiwi/config.yml
  if present and provides access methods to the expected
  information of the config file
- Added PyYAML requirement to package and venv
  The KIWI config file is yaml based and thus we need
  support for reading the file in KIWI
- Implement custom argument handling for xz_options
  Evaluate and hand over custom_args processing for the
  xz_options argument to all classes which performs
  xz compression tasks. This Fixes #373
- Read xz options from runtime config
  Read xz options from the kiwi runtime configuration file
  and pass along the information to the commands which
  performs compression tasks
- Fixed alpha order of options in build command
- Update custom_args doc for DiskBuilder class
- Fixup class docstrings
  The attribute list should provide information about the
  construction of an object of this class. Some fields
  were missing or superfluous
- Consider only repositories used for build in image info
  This commit makes sure that the repositories marked with imageonly
  flag are not included in the packages solve procedure.
  This is related to #362
- Removing has_repositories_marked_as_imageinclude method
  With the current repository management this method is not required
  anymore, since the setup repositories method does not modify the image
  if no repositories are present.
  It is related to #305 and #191
- Fixed typo in isoboot/fedora-25.0
  It does not really matter because the package manager setup
  is inherited from the system image XML configuration to the
  boot image, but for consistency it should be correct in the
  isoboot description too
- Added isoboot/fedora-25.0 boot description
- Change to more explicit method names
- Cleanup use of suseGFXBoot regarding grub
  The shell method suseGFXBoot from the config/functions contains
  code which should be better moved to the python code base dealing
  with the bootloader configuration. In this commit all grub
  parts of it has been moved to the BootLoaderConfigGrub2 class
- Cleanup isoboot descriptions
  There is no need to install bootloader packages to the initrd,
  all information regarding the bootloader setup is taken from
  the system root directory
- Fixup iso image builder(s) lookup path
  Don't lookup bootloader required files in the boot image root
  directory. Those needs to be looked up in the system image
  root directory
- Refactor boot image factory
  Make sure the root directory of the base image is always
  accessible by any boot image type for consistency. In
  addition introduce a post_init method which explicitly
  setup the boot image root directory as needed for the
  selected boot image type and document it as such
- Include imageonly attribute for repositories
  This commit adds imageonly attribute support for the repository
  element. imageonly is a boolean attribute that if true indicates
  that the repository is no used for the build but needs to be
  configured for the resulting image.
  Fixes #362

==== python-ldap ====
Version update (2.4.39 -> 2.4.40)

- update to upstream release 2.4.40 (small memleak fix)

==== python-pyserial ====

- Do not include unneccessary undeterministic environment.pickle in package to fix build-compare

==== qemu ====
Subpackages: qemu-arm qemu-block-curl qemu-block-dmg qemu-block-gluster qemu-block-iscsi qemu-block-rbd qemu-block-ssh qemu-extra qemu-ipxe qemu-ksm qemu-kvm qemu-lang qemu-ppc qemu-s390 qemu-seabios qemu-sgabios qemu-tools qemu-vgabios qemu-x86

- Use most recent compiler to build size-critical firmware, instead
  of hard-coding gcc6 for all target versions (bsc#1043390)
  * A few upstream ipxe patches were needed for gcc7 compatibility:
  ipxe-ath-Add-missing-break-statements.patch
  ipxe-mucurses-Fix-erroneous-__nonnull-attribute.patch
- Add --no-renames to the git format-patch command in the git
  workflow script for better patch compatibility
- Address various security/stability issues
  * Fix potential privilege escalation in virtfs (CVE-2016-9602
  bsc#1020427)
  0060-9pfs-local-fix-unlink-of-alien-file.patch
  * Fix DOS in megasas device emulation (CVE-2017-9503 bsc#1043296)
  0061-megasas-do-not-read-DCMD-opcode-mor.patch
  0062-megasas-always-store-SCSIRequest-in.patch
  * Fix DOS in qemu-nbd server (CVE-2017-9524 bsc#1043808)
  0063-nbd-Fully-initialize-client-in-case.patch
  * Fix regression introduced by recent virtfs security fixes (bsc#1045035)
  0064-9pfs-local-remove-use-correct-path-.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
- Backport ipxe to support FirstBurstLength (bsc#1040476)
  ipxe-iscsi-Always-send-FirstBurstLength-parameter.patch

==== qemu-linux-user ====

- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
  * Patches added:
  0060-9pfs-local-fix-unlink-of-alien-file.patch
  0061-megasas-do-not-read-DCMD-opcode-mor.patch
  0062-megasas-always-store-SCSIRequest-in.patch
  0063-nbd-Fully-initialize-client-in-case.patch
  0064-9pfs-local-remove-use-correct-path-.patch
- Add --no-renames to the git format-patch command in the git
  workflow script for better patch compatibility

==== shotwell ====
Version update (0.26.2 -> 0.27.0)
Subpackages: shotwell-lang

- Update to version 0.27.0:
  + Remove F-Spot import support.
  + Create a commandline utility to test image transformations.
  + Speed up color transformations a bit.
  + Bump GTK+ requirement to 3.18 and remove deprecated functions.
  + Clean-up histogram drawing code.
  + Run thumbnailer with nice 19.
  + Update VAAPI blacklisting for video thumbnailer and new plugin
    structure.
  + Add configurable image background.
  + Split several dialogs from shotwell.ui file.
  + Move Tumblr to default plugin set.
  + Remove some unnecessary memcpys on import.
  + Add Meson build support.
  + Some more ngettext for plurals.
  + Add --fullscreen/-f option for viewer.
  + Add option to install Ubuntu apport hook.
  + Fix issue when importing to NTFS-backed vboxfs.
  + Fix GSettings schema search path for running out-of-tree.
  + Work around "Camera locked: -53" error on GNOME.
  + Fix issue with missing highlight on dnd actions.
  + Bugs fixed: bgo#716448, bgo#716499, bgo#716547, bgo#716599,
    bgo#716708, bgo#716830, bgo#717767, bgo#718809, bgo#718846,
    bgo#719020, bgo#719031, bgo#719240, bgo#733652, bgo#742563,
    bgo#752008, bgo#760868, bgo#768938, bgo#773267, bgo#774650,
    bgo#780811, bgo#781567, bgo#781897, bgo#783250.
  + Updated translations.

==== terminus-bitmap-fonts ====
Version update (4.40 -> 4.46)

- Update to version 4.46
  * The X11 8-bit code pages are not installed by default.
  * Added IBM-437 8-bit code page for X11.
  * The CRT VGA weight for Linux console is not installed by default.
  * Removed the Linux console mapping files.
  * These should be provided by the console packages.
  * Removed the BSD console installation.
  * The recent BSD-s have a new console subsystem.
  * Added 50 new characters. Mostly math, but also Buglarian yat and yus.
  * Rewritten the font conversion tools in python/javascript.
  * The full unicode range (17x64K) is now supported.
  * The Windows installer can be built from sources.
  * Small fixes and improvements (7 characters in various sizes).
  * Renamed install-ref to install-psf-ref (uninstall too).

==== tiff ====
Version update (4.0.7 -> 4.0.8)
Subpackages: libtiff-devel libtiff5 libtiff5-32bit

- Upgrade to upstream relaase 4.0.8
  * libtiff/tif_getimage.c, libtiff/tif_open.c
    + add parenthesis to fix cppcheck clarifyCalculation warnings
  * libtiff/tif_predict.c, libtiff/tif_print.c
    + fix printf unsigned vs signed formatting (cppcheck
    invalidPrintfArgType_uint warnings)
  * libtiff/tif_read.c, libtiff/tiffiop.h
    + fix uint32 overflow in TIFFReadEncodedStrip() that caused an
    integer division by zero. Reported by Agostino Sarubbo.
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2596
  * libtiff/tif_pixarlog.c, libtiff/tif_luv.c
    + fix heap-based buffer overflow on generation of PixarLog / LUV
    compressed files, with ColorMap, TransferFunction attached and
    nasty plays with bitspersample. The fix for LUV has not been
    tested, but suffers from the same kind of issue of PixarLog.
    Reported by Agostino Sarubbo.
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2604
  * libtiff/tif_strip.c
    + revert the change in TIFFNumberOfStrips() done for
    http://bugzilla.maptools.org/show_bug.cgi?id=2587 /
    CVE-2016-9273 since the above change is a better fix that
    makes it unnecessary.
  * libtiff/tif_dirread.c
    + modify ChopUpSingleUncompressedStrip() to instanciate compute
    ntrips as TIFFhowmany_32(td->td_imagelength, rowsperstrip),
    instead of a logic based on the total size of data. Which is
    faulty is the total size of data is not sufficient to fill the
    whole image, and thus results in reading outside of the
    StripByCounts/StripOffsets arrays when using
    TIFFReadScanline(). Reported by Agostino Sarubbo.
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2608.
  * libtiff/tif_ojpeg.c
    + make OJPEGDecode() early exit in case of failure in
    OJPEGPreDecode(). This will avoid a divide by zero, and
    potential other issues. Reported by Agostino Sarubbo.
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2611
  * libtiff/tif_write.c
    + fix misleading indentation as warned by GCC.
  * libtiff/tif_fax3.h
    + revert change done on 2016-01-09 that made Param member of
    TIFFFaxTabEnt structure a uint16 to reduce size of the
    binary. It happens that the Hylafax software uses the tables
    that follow this typedef (TIFFFaxMainTable, TIFFFaxWhiteTable,
    TIFFFaxBlackTable), although they are not in a public libtiff
    header. Raised by Lee Howard.
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2636
  * libtiff/tiffio.h, libtiff/tif_getimage.c
    + add TIFFReadRGBAStripExt() and TIFFReadRGBATileExt() variants
    of the functions without ext, with an extra argument to control
    the stop_on_error behaviour.
  * libtiff/tif_getimage.c
    + fix potential memory leaks in error code path of
    TIFFRGBAImageBegin().
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2627
  * libtiff/tif_jpeg.c
    + increase libjpeg max memory usable to 10 MB instead of libjpeg
    1MB default. This helps when creating files with "big" tile,
    without using libjpeg temporary files.
    Related to https://trac.osgeo.org/gdal/ticket/6757
  * libtiff/tif_jpeg.c
    + avoid integer division by zero in JPEGSetupEncode() when
    horizontal or vertical sampling is set to 0.
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2653,
    bsc#1033127, CVE-2017-7595
  * libtiff/tif_dirwrite.c
    + in TIFFWriteDirectoryTagCheckedRational, replace assertion by
    runtime check to error out if passed value is strictly
    negative.
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2535,
    bsc#1038438, CVE-2016-10371
  * libtiff/tif_dirread.c
    + avoid division by floating point 0 in
    TIFFReadDirEntryCheckedRational() and
    TIFFReadDirEntryCheckedSrational(), and return 0 in that case
    (instead of infinity as before presumably) Apparently some
    sanitizers do not like those divisions by zero.
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2644,
    bsc#1033118, CVE-2017-7598
  * libtiff/tif_dir.c, tif_dirread.c, tif_dirwrite.c
    + implement various clampings of double to other data types to
    avoid undefined behaviour if the output range isn't big enough
    to hold the input value.
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2643
    http://bugzilla.maptools.org/show_bug.cgi?id=2642
    http://bugzilla.maptools.org/show_bug.cgi?id=2646
    http://bugzilla.maptools.org/show_bug.cgi?id=2647,
    bsc#1033126, CVE-2017-7596, bsc#1033120, CVE-2017-7597,
    bsc#1033113, CVE-2017-7599, bsc#1033112, CVE-2017-7600,
  * libtiff/tif_jpeg.c
    + validate BitsPerSample in JPEGSetupEncode() to avoid undefined
    behaviour caused by invalid shift exponent.
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2648,
    bsc#1033111, CVE-2017-7601
  * libtiff/tif_read.c
    + avoid potential undefined behaviour on signed integer addition
    in TIFFReadRawStrip1() in isMapped() case.
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2650,
    bsc#1033109, CVE-2017-7602
  * libtiff/tif_getimage.c
    + add explicit uint32 cast in putagreytile to avoid
    UndefinedBehaviorSanitizer warning. Patch by Nicolas Pena.
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2658,
    bsc#1033131, CVE-2017-7592
  * libtiff/tif_read.c
    + TIFFReadBufferSetup(): use _TIFFcalloc() to zero initialize
    tif_rawdata.
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2651,
    bsc#1033129, CVE-2017-7593
  * libtiff/tiffio.h, tif_unix.c, tif_win32.c, tif_vms.c
    + add _TIFFcalloc()
  * libtiff/tif_luv.c, tif_lzw.c, tif_packbits.c
    + return 0 in Encode functions instead of -1 when
    TIFFFlushData1() fails.
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2130
  * libtiff/tif_ojpeg.c
    + fix leak in OJPEGReadHeaderInfoSecTablesQTable,
    OJPEGReadHeaderInfoSecTablesDcTable and
    OJPEGReadHeaderInfoSecTablesAcTable when read fails. Patch by
    Nicolas Pena.
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2659,
    bsc#1033128, CVE-2017-7594
  * libtiff/tif_jpeg.c
    + only run JPEGFixupTagsSubsampling() if the YCbCrSubsampling
    tag is not explicitly present. This helps a bit to reduce the
    I/O amount when the tag is present (especially on cloud hosted
    files).
  * libtiff/tif_lzw.c
    + in LZWPostEncode(), increase, if necessary, the code bit-width
    after flushing the remaining code and before emitting the EOI
    code. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=1982
  * libtiff/tif_pixarlog.c
    + fix memory leak in error code path of PixarLogSetupDecode().
    Patch by Nicolas Pena.
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2665
  * libtiff/tif_fax3.c, tif_predict.c, tif_getimage.c
    + fix GCC 7 -Wimplicit-fallthrough warnings.
  * libtiff/tif_dirread.c
    + fix memory leak in non DEFER_STRILE_LOAD mode (ie default)
    when there is both a StripOffsets and TileOffsets tag, or a
    StripByteCounts and TileByteCounts
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2689,
    bsc#1042805, CVE-2017-9403)
  * libtiff/tif_ojpeg.c
    + fix potential memory leak in
    OJPEGReadHeaderInfoSecTablesQTable,
    OJPEGReadHeaderInfoSecTablesDcTable and
    OJPEGReadHeaderInfoSecTablesAcTable
    Patch by Nicolas Pena.
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2670
  * libtiff/tif_fax3.c
    + avoid crash in Fax3Close() on empty file. Patch by Alan
    Coopersmith + complement by myself.
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2673
  * libtiff/tif_read.c
    + TIFFFillStrip(): add limitation to the number of bytes read
    in case td_stripbytecount[strip] is bigger than reasonable,
    so as to avoid excessive memory allocation.
  * libtiff/tif_zip.c, tif_pixarlog.c, tif_predict.c
    + fix memory leak when the underlying codec (ZIP, PixarLog)
    succeeds its setupdecode() method, but PredictorSetup fails.
    Credit to OSS-Fuzz (locally run, on GDAL)
  * libtiff/tif_read.c
    + TIFFFillStrip() and TIFFFillTile(): avoid excessive memory
    allocation in case of shorten files. Only effective on 64 bit
    builds and non-mapped cases.
    Credit to OSS-Fuzz (locally run, on GDAL)
  * libtiff/tif_read.c
    + TIFFFillStripPartial() / TIFFSeek(), avoid potential integer
    overflows with read_ahead in CHUNKY_STRIP_READ_SUPPORT mode.
    Should especially occur on 32 bit platforms.
  * libtiff/tif_read.c
    + TIFFFillStripPartial()
    + avoid excessive memory allocation in case of shorten files.
    Only effective on 64 bit builds.
    Credit to OSS-Fuzz (locally run, on GDAL)
  * libtiff/tif_read.c
    + update tif_rawcc in CHUNKY_STRIP_READ_SUPPORT mode with
    tif_rawdataloaded when calling TIFFStartStrip() or
    TIFFFillStripPartial(). This avoids reading beyond tif_rawdata
    when bytecount > tif_rawdatasize. Fixes
    https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1545.
    Credit to OSS-Fuzz
  * libtiff/tif_color.c
    + avoid potential int32 overflow in TIFFYCbCrToRGBInit() Fixes
    https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1533
    Credit to OSS-Fuzz
  * libtiff/tif_pixarlog.c, tif_luv.c
    + avoid potential int32 overflows in multiply_ms() and add_ms().
    Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1558
    Credit to OSS-Fuzz
  * libtiff/tif_packbits.c
    + fix out-of-buffer read in PackBitsDecode() Fixes
    https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1563
    Credit to OSS-Fuzz
  * libtiff/tif_luv.c
    + LogL16InitState(): avoid excessive memory allocation when
    RowsPerStrip tag is missing.
    Credit to OSS-Fuzz (locally run, on GDAL)
  * libtiff/tif_lzw.c
    + update dec_bitsleft at beginning of LZWDecode(), and update
    tif_rawcc at end of LZWDecode(). This is needed to properly
    work with the latest chnges in tif_read.c in
    CHUNKY_STRIP_READ_SUPPORT mode.
  * libtiff/tif_pixarlog.c
    + PixarLogDecode(): resync tif_rawcp with next_in and tif_rawcc
    with avail_in at beginning and end of function, similarly to
    what is done in LZWDecode(). Likely needed so that it works
    properly with latest chnges in tif_read.c in
    CHUNKY_STRIP_READ_SUPPORT mode. But untested...
  * libtiff/tif_getimage.c
    + initYCbCrConversion(): add basic validation of luma and
    refBlackWhite coefficients (just check they are not NaN for
    now), to avoid potential float to int overflows. Fixes
    https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1663
    Credit to OSS Fuzz
  * libtiff/tif_read.c
    + _TIFFVSetField(): fix outside range cast of double to float.
    Credit to Google Autofuzz project
  * libtiff/tif_getimage.c
    + initYCbCrConversion(): check luma[1] is not zero to avoid
    division by zero. Fixes
    https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1665
    Credit to OSS Fuzz
  * libtiff/tif_read.c
    + _TIFFVSetField(): fix outside range cast of double to float.
    Credit to Google Autofuzz project
  * libtiff/tif_getimage.c
    + initYCbCrConversion(): check luma[1] is not zero to avoid
    division by zero. Fixes
    https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1665
    Credit to OSS Fuzz
  * libtiff/tif_getimage.c
    + initYCbCrConversion(): stricter validation for refBlackWhite
    coefficients values. To avoid invalid float->int32 conversion.
    Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1718
    Credit to OSS Fuzz
  * tools/fax2tiff.c (main)
    + Applied patch by Joerg Ahrens to fix passing client data for
    Win32 builds using tif_win32.c (USE_WIN32_FILEIO defined) for
    file I/O. Patch was provided via email on November 20, 2016.
  * tools/tiffcp.c
    + avoid uint32 underflow in cpDecodedStrips that can cause
    various issues, such as buffer overflows in the library.
    Reported by Agostino Sarubbo.
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2598
  * tools/tiffcrop.c
    + fix readContigStripsIntoBuffer() in -i (ignore) mode so that
    the output buffer is correctly incremented to avoid write
    outside bounds. Reported by Agostino Sarubbo.
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2620
  * tools/tiffcrop.c
    + add 3 extra bytes at end of strip buffer in
    readSeparateStripsIntoBuffer() to avoid read outside of heap
    allocated buffer. Reported by Agostino Sarubbo.
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2621
  * tools/tiffcrop.c
    + fix integer division by zero when BitsPerSample is missing.
    Reported by Agostino Sarubbo.
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2619
  * tools/tiffinfo.c
    + fix null pointer dereference in -r mode when the image has no
    StripByteCount tag. Reported by Agostino Sarubbo.
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2594
  * tools/tiffcp.c
    + avoid potential division by zero is BitsPerSamples tag is
    missing. Reported by Agostino Sarubbo.
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2597
  * tools/tif_dir.c
    + when TIFFGetField(, TIFFTAG_NUMBEROFINKS, ) is called, limit
    the return number of inks to SamplesPerPixel, so that code
    that parses ink names doesn't go past the end of the buffer.
    Reported by Agostino Sarubbo.
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2599
  * tools/tiffcp.c
    + avoid potential division by zero is BitsPerSamples tag is
    missing. Reported by Agostino Sarubbo.
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2607
  * tools/tiffcp.c
    + fix uint32 underflow/overflow that can cause heap-based buffer
    overflow. Reported by Agostino Sarubbo.
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2610
  * tools/tiffcp.c
    + replace assert( (bps % 8) == 0 ) by a non assert check.
    Reported by Agostino Sarubbo.
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2605
  * tools/tiff2ps.c
    + fix 2 heap-based buffer overflows (in PSDataBW and
    PSDataColorContig). Reported by Agostino Sarubbo.
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2633 and
    http://bugzilla.maptools.org/show_bug.cgi?id=2634.
  * tools/tiff2pdf.c
    + prevent heap-based buffer overflow in -j mode on a paletted
    image. Note: this fix errors out before the overflow happens.
    There could probably be a better fix.
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2635
  * tools/tiff2pdf.c
    + fix wrong usage of memcpy() that can trigger unspecified behaviour.
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2638
  * tools/tiff2pdf.c
    + avoid potential invalid memory read in t2p_writeproc.
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2639
  * tools/tiff2pdf.c
    + avoid potential heap-based overflow in t2p_readwrite_pdf_image_tile().
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2640
  * tools/tiffcrop.c
    + remove extraneous TIFFClose() in error code path, that caused
    double free.
    Related to http://bugzilla.maptools.org/show_bug.cgi?id=2535
  * tools/tiffcp.c
    + error out cleanly in cpContig2SeparateByRow and
    cpSeparate2ContigByRow if BitsPerSample != 8 to avoid heap
    based overflow.
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2656 and
    http://bugzilla.maptools.org/show_bug.cgi?id=2657
  * tools/raw2tiff.c
    + avoid integer division by zero.
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2631
  * tools/tiff2ps.c
    + call TIFFClose() in error code paths.
  * tools/fax2tiff.c
    + emit appropriate message if the input file is empty. Patch by
    Alan Coopersmith.
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2672
  * tools/tiff2bw.c
    + close TIFF handle in error code path.
    Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2677
  * Other issues fixed:
    + bsc#1042804, CVE-2017-9404
- Removed patches:
  * tiff-4.0.7-CVE-2015-7554.patch
  * tiff-4.0.7-CVE-2017-5225.patch
  * tiff-4.0.7-TIFFTAG_FAXRECVPARAMS.patch
  * tiff-CVE-2016-10266.patch
  * tiff-CVE-2016-10267.patch
  * tiff-CVE-2016-10268.patch
  * tiff-CVE-2016-10269.patch
  * tiff-CVE-2016-10270.patch
  * tiff-CVE-2016-10271.patch
  * tiff-CVE-2016-10272.patch
    + Fixed upstream

==== yast2-pkg-bindings ====
Version update (3.2.3 -> 3.2.4)

- Do not crash when the repository URL is not defined (bsc#1043218)
- 3.2.4