Looked through missing submissions (compared to Factory). These are the findings: MozillaFirefox -> Nevermind, will be updated regularly anyway LibVNCServer -> missing: LibVNCServer-CVE-2018-7225.patch in Factory (Factory First violated) dpdk -> missing fix for CVE-2018-1059 (version bump necessary/possible?) dpdk-thunderx -> missing fix for CVE-2018-1059 gpg2 -> gnupg-CVE-2018-9234.patch (missing) openvpn -> version in SLE-15 is outdated, new version contains a fix for CVE-2018-9336 pam_yubico -> https://build.opensuse.org/request/show/605739 zsh -> https://build.suse.de/request/show/164695