Packages changed:
  MozillaFirefox (48.0.1 -> 48.0.2)
  MozillaThunderbird (45.2 -> 45.3.0)
  binutils (2.26.1 -> 2.27)
  elfutils (0.166 -> 0.167)
  gcc6 (6.1.1+r239476 -> 6.2.1+r239849)
  grub2
  libgcj-gcc6 (6.1.1+r239476 -> 6.2.1+r239849)
  lsof
  mailman (2.1.22 -> 2.1.23)
  python-setuptools (23.1.0 -> 26.1.1)
  systemd

=== Details ===

==== MozillaFirefox ====
Version update (48.0.1 -> 48.0.2)
Subpackages: MozillaFirefox-translations-common

- Mozilla Firefox 48.0.2:
  * Mitigate a startup crash issue caused on Windows (bmo#1291738)

==== MozillaThunderbird ====
Version update (45.2 -> 45.3.0)
Subpackages: MozillaThunderbird-translations-common

- update to Thunderbird 45.3.0 (boo#991809)
  * Disposition-Notification-To could not be used in
    mail.compose.other.header
  * "edit as new message" on a received message pre-filled the sender
    as the composing identity.
  * Certain messages caused corruption of the drafts summary database.
  security fixes:
  * MFSA 2016-62/CVE-2016-2836
    Miscellaneous memory safety hazards
  * MFSA 2016-63/CVE-2016-2830 (bmo#1255270)
    Favicon network connection can persist when page is closed
  * MFSA 2016-64/CVE-2016-2838 (bmo#1279814)
    Buffer overflow rendering SVG with bidirectional content
  * MFSA 2016-65/CVE-2016-2839 (bmo#1275339)
    Cairo rendering crash due to memory allocation issue with FFmpeg 0.10
  * MFSA 2016-67/CVE-2016-5252 (bmo#1268854)
    Stack underflow during 2D graphics rendering
  * MFSA 2016-70/CVE-2016-5254 (bmo#1266963)
    Use-after-free when using alt key and toplevel menus
  * MFSA 2016-72/CVE-2016-5258 (bmo#1279146)
    Use-after-free in DTLS during WebRTC session shutdown
  * MFSA 2016-73/CVE-2016-5259 (bmo#1282992)
    Use-after-free in service workers with nested sync events
  * MFSA 2016-76/CVE-2016-5262 (bmo#1277475)
    Scripts on marquee tag can execute in sandboxed iframes
  * MFSA 2016-77/CVE-2016-2837 (bmo#1274637)
    Buffer overflow in ClearKey Content Decryption Module (CDM)
    during video playback
  * MFSA 2016-78/CVE-2016-5263 (bmo#1276897)
    Type confusion in display transformation
  * MFSA 2016-79/CVE-2016-5264 (bmo#1286183)
    Use-after-free when applying SVG effects
  * MFSA 2016-80/CVE-2016-5265 (bmo#1278013)
    Same-origin policy violation using local HTML file and saved shortcut file

==== binutils ====
Version update (2.26.1 -> 2.27)
Subpackages: binutils-devel

- Update to binutils 2.27.
  * Add a configure option, --enable-64-bit-archive, to force use of a
    64-bit format when creating an archive symbol index.
  * Add --elf-stt-common= option to objcopy for ELF targets to control
    whether to convert common symbols to the STT_COMMON type.
  GAS:
  * Default to --enable-compressed-debug-sections=gas for Linux/x86 targets.
  * Add --no-pad-sections to stop the assembler from padding the end of output
    sections up to their alignment boundary.
  * Support for the ARMv8-M architecture has been added to the ARM port.
    Support for the ARMv8-M Security and DSP Extensions has also been added
    to the ARM port.
  * ARC backend accepts .extInstruction, .extCondCode, .extAuxRegister, and
    .extCoreRegister pseudo-ops that allow an user to define custom
    instructions, conditional codes, auxiliary and core registers.
  * Add a configure option --enable-elf-stt-common to decide whether ELF
    assembler should generate common symbols with the STT_COMMON type by
    default.  Default to no.
  * New command line option --elf-stt-common= for ELF targets to control
    whether to generate common symbols with the STT_COMMON type.
  * Add ability to set section flags and types via numeric values for ELF
    based targets.
  * Add a configure option --enable-x86-relax-relocations to decide whether
    x86 assembler should generate relax relocations by default.  Default to
    yes, except for x86 Solaris targets older than Solaris 12.
  * New command line option -mrelax-relocations= for x86 target to control
    whether to generate relax relocations.
  * New command line option -mfence-as-lock-add=yes for x86 target to encode
    lfence, mfence and sfence as "lock addl $0x0, (%[re]sp)".
  * Add assembly-time relaxation option for ARC cpus.
  * Add --with-cpu=TYPE configure option for ARC gas.  This allows the default
    cpu type to be adjusted at configure time.
  GOLD:
  * Add a configure option --enable-relro to decide whether -z relro should
    be enabled by default.  Default to yes.
  * Add support for s390, MIPS, AArch64, and TILE-Gx architectures.
  * Add support for STT_GNU_IFUNC symbols.
  * Add support for incremental linking (--incremental).
  GNU ld:
  * Add a configure option --enable-relro to decide whether -z relro should
    be enabled in ELF linker by default.  Default to yes for all Linux
    targets except FRV, HPPA, IA64 and MIPS.
  * Support for -z noreloc-overflow in the x86-64 ELF linker to disable
    relocation overflow check.
  * Add -z common/-z nocommon options for ELF targets to control whether to
    convert common symbols to the STT_COMMON type during a relocatable link.
  * Support for -z nodynamic-undefined-weak in the x86 ELF linker, which
    avoids dynamic relocations against undefined weak symbols in executable.
  * The NOCROSSREFSTO command was added to the linker script language.
  * Add --no-apply-dynamic-relocs to the AArch64 linker to do not apply
    link-time values for dynamic relocations.
- Add binutils-2.27-branch.diff with fixes on the branch sofar.
- Remove gold-relocate-tls.patch, included in binutils 2.27.

==== elfutils ====
Version update (0.166 -> 0.167)
Subpackages: libasm1 libdw1 libelf1 libelf1-32bit

- Update to version 0.167:
  libasm: Add eBPF disassembler for EM_BPF files.
  backends: Add m68k and BPF backends.
  ld: Removed.
  dwelf: Add ELF/DWARF string table creation functions. dwelf_strtab_init,
    dwelf_strtab_add, dwelf_strtab_add_len, dwelf_strtab_finalize,
    dwelf_strent_off, dwelf_strent_str and dwelf_strtab_free.
  Support compressed sections from binutils 2.27.
- Remove patch elfutils-0.166-elfcmp-comp-gcc6.patch: included upstream.

==== gcc6 ====
Version update (6.1.1+r239476 -> 6.2.1+r239849)
Subpackages: cpp6 gcc6-c++ gcc6-fortran gcc6-info gcc6-locale gcc6-objc libasan3 libatomic1 libcilkrts5 libgcc_s1 libgcc_s1-32bit libgfortran3 libgomp1 libitm1 liblsan0 libmpx2 libmpxwrappers2 libobjc4 libquadmath0 libstdc++6 libstdc++6-32bit libstdc++6-devel-gcc6 libtsan0 libubsan0

- Update to gcc-6-branch head (r239849).
  * Includes GCC 6.2 release.
  * Includes fix for OVMF compilation.
- Refresh gcc-dir-version.patch.
- gcc6-devel: require gmp-devel and mpc-devel
- Update HSA_RUNTINE_LIB in gcc6-hsa-enablement.patch

==== grub2 ====
Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-systemd-sleep-plugin grub2-x86_64-efi grub2-x86_64-xen

- binutils 2.27 creates empty modules without a symtab.
  Add patch grub2-accept-empty-module.patch to not reject them.

==== libgcj-gcc6 ====
Version update (6.1.1+r239476 -> 6.2.1+r239849)
Subpackages: gcc6-gij gcc6-java libgcj-devel-gcc6 libgcj-jar-gcc6 libgcj_bc1

- Update to gcc-6-branch head (r239849).
  * Includes GCC 6.2 release.
  * Includes fix for OVMF compilation.
- Refresh gcc-dir-version.patch.
- gcc6-devel: require gmp-devel and mpc-devel
- Update HSA_RUNTINE_LIB in gcc6-hsa-enablement.patch

==== lsof ====

- modify lsof_4.89-nfs_hanging.patch and add a check for HasNFS
  variable as HasNFS may already have been set to 2 in the
  readmnt() function [bsc#995061]

==== mailman ====
Version update (2.1.22 -> 2.1.23)

- update to 2.1.23
  * CSRF protection in user options page (CVE-2016-6893)
  * header_filter_rules matching: headers and patterns are all
    decoded to unicode
  * another possible REMOVE_DKIM_HEADERS setting
  * SMTPDirect.py can now do SASL authentication and STARTTLS
  * bug fixes, i18n updates
  * for further details see NEWS

==== python-setuptools ====
Version update (23.1.0 -> 26.1.1)

- fix certificate handling with certifi, add support for SUSE's
  CA bundle (setuptools-certpath.patch, fixes boo#993968)
- remove shebang lines, strip executable bit from README, to silence
  the easy rpmlint warnings
- update to 26.1.1:
  * Re-release of 26.1.0 with pytest pinned to allow for automated
    deployement and thus proper packaging environment variables,
    fixing issues with missing executable launchers.
  * #763: ``pkg_resources.get_default_cache`` now defers to the
    `appdirs project <https://pypi.org/project/appdirs>`_ to
    resolve the cache directory. Adds a vendored dependency on
    appdirs to pkg_resources.
  * #748: By default, sdists are now produced in gzipped tarfile
    format by default on all platforms, adding forward compatibility
    for the same behavior in Python 3.6 (See Python #27819).
  * #459 via #736: On Windows with script launchers,
    sys.argv[0] now reflects
    the name of the entry point, consistent with the behavior in
    distlib and pip wrappers.
  * #752 via #753: When indicating ``py_limited_api`` to Extension,
    it must be passed as a keyword argument.
  * Add Extension(py_limited_api=True). When set to a truthy value,
    that extension gets a filename apropriate for code using Py_LIMITED_API.
    When used correctly this allows a single compiled extension to work on
    all future versions of CPython 3.
    The py_limited_api argument only controls the filename. To be
    compatible with multiple versions of Python 3, the C extension
    will also need to set -DPy_LIMITED_API=... and be modified to use
    only the functions in the limited API.
  * #739 Fix unquoted libpaths by fixing compatibility between
    `numpy.distutils` and `distutils._msvccompiler`
    for numpy < 1.11.2 (Fix issue #728, error also fixed in Numpy).
  * #731: Bump certifi.
  * Style updates. See #740, #741, #743, #744, #742, #747.
  * #735: include license file.
  * #612 via #730: Add a LICENSE file which needs to be provided by the terms of
  the MIT license.
  * #725: revert `library_dir_option` patch (Error is related to
    `numpy.distutils` and make errors on non Numpy users).
  * #720
  * #723: Improve patch for `library_dir_option`.
  * #717
  * #713
  * #707: Fix Python 2 compatibility for MSVC by catching errors properly.
  * #715: Fix unquoted libpaths by patching `library_dir_option`.
  * #714 and #704: Revert fix as it breaks other components
    downstream that can't handle unicode. See #709, #710,
    and #712.
  * #704: Fix errors when installing a zip sdist that contained
    files named with non-ascii characters on Windows would
    crash the install when it attempted to clean up the build.
  * #646: MSVC compatibility - catch errors properly in
    RegistryInfo.lookup.
  * #702: Prevent UnboundLocalError when initial working_set
    is empty.
  * #686: Fix issue in sys.path ordering by pkg_resources when
    rewrite technique is "raw".
  * #699: Fix typo in msvc support.
  * #609: Setuptools will now try to download a distribution from
    the next possible download location if the first download fails.
    This means you can now specify multiple links as ``dependency_links``
    and all links will be tried until a working download link is encountered.
  * #688: Fix AttributeError in setup.py when invoked not from
    the current directory.
  * Cleanup of setup.py script.
  * Fixed documentation builders by allowing setup.py
    to be imported without having bootstrapped the
    metadata.
  * More style cleanup. See #677, #678, #679, #681, #685.
  * #674: Default ``sys.path`` manipulation by easy-install.pth
    is now "raw", meaning that when writing easy-install.pth
    during any install operation, the ``sys.path`` will not be
    rewritten and will no longer give preference to easy_installed
    packages.
    To retain the old behavior when using any easy_install
    operation (including ``setup.py install`` when setuptools is
    present), set the environment variable:
    SETUPTOOLS_SYS_PATH_TECHNIQUE=rewrite
    This project hopes that that few if any environments find it
    necessary to retain the old behavior, and intends to drop
    support for it altogether in a future release. Please report
    any relevant concerns in the ticket for this change.
  * #398: Fix shebang handling on Windows in script
    headers where spaces in ``sys.executable`` would
    produce an improperly-formatted shebang header,
    introduced in 12.0 with the fix for #188.
  * #663, #670: More style updates.
  * #516: Disable ``os.link`` to avoid hard linking
    in ``sdist.make_distribution``, avoiding errors on
    systems that support hard links but not on the
    file system in which the build is occurring.
  * #667: Update Metadata-Version to 1.2 when
    ``python_requires`` is supplied.
  * #631: Add support for ``python_requires`` keyword.
  * More style updates. See #660, #661, #641.
  * #659: ``setup.py`` now will fail fast and with a helpful
    error message when the necessary metadata is missing.
  * More style updates. See #656, #635, #640,
    [#644], #650, #652, and #655.
  * Updated style in much of the codebase to match
    community expectations. See #632, #633, #634,
    [#637], #639, #638, #642, #648.
  * If MSVC++14 is needed ``setuptools.msvc`` now redirect
    user to Visual C++ Build Tools web page.
  * #625 and #626: Fixes on ``setuptools.msvc`` mainly
    for Python 2 and Linux.
  * Pull Request #174: Add more aggressive support for
    standalone Microsoft Visual C++ compilers in
    msvc9compiler patch.
    Particularly : Windows SDK 6.1 and 7.0
    (MSVC++ 9.0), Windows SDK 7.1 (MSVC++ 10.0),
    Visual C++ Build Tools 2015 (MSVC++14)
  * Renamed ``setuptools.msvc9_support`` to
    ``setuptools.msvc``.
  Re-release of v23.2.0, which was missing the intended
  commits.
  * #623: Remove used of deprecated 'U' flag when reading
    manifests.

==== systemd ====
Subpackages: libsystemd0 libsystemd0-32bit libudev-devel libudev1 libudev1-32bit systemd-32bit systemd-bash-completion systemd-logger systemd-sysvinit udev

- Add a script to fix /var/lib/machines to make it suitable for
  rollbacks (bsc#992573992573)