[opensuse-factory] New Tumbleweed snapshot 20170318 released!

21 Mar 2017

      Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.

Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20170318

When you reply to report some issues, make sure to change the subject.
It is not helpful to keep the release announcement subject in a thread
while discussing a specific problem.

Packages changed:
  argyllcms (1.8.3 -> 1.9.2)
  cifs-utils
  dhcp
  dtc (1.4.3 -> 1.4.4)
  gpg2
  jasper
  kiwi (7.04.28 -> 7.04.29)
  open-iscsi
  perl-XML-LibXML (2.0128 -> 2.0129)
  pthread-stubs (0.3 -> 0.4)
  publicsuffix (20170206 -> 20170303)
  qemu (2.7.0 -> 2.8.0)
  qemu-linux-user (2.7.0 -> 2.8.0)
  sssd (1.15.1 -> 1.15.2)
  texlive
  wayland
  wxWidgets-3_0
  wxWidgets-3_0-nostl
  xf86-input-wacom

=== Details ===

==== argyllcms ====
Version update (1.8.3 -> 1.9.2)

- Update to version 1.9.2 and update patches
  * Added CMYKOGB and CMYKRGB 7 channel ink preset, and made targen
    more flexible in matching pre-conditioning profiles to targen ink
    selection.
  * Fix oeminst for OS X save location.
  * Fix oeminst for OS X Spyder 4 CD calibration file location.
  * Improved robustness of ChromeCast discovery, and added some minimal
    diagnostics.
  * Improved robustness of targen ofps patch generation when using less
    well behaved pre-conditioning profiles.
  * Fixed oeminst so that it locates cdrom's in Linuxes latest mount
    point of /run/media/$USER/.
  * Fixed bug in i1pro2 driver, in which strip calibration would fail
    if instrument had been first calibrated with ARGYLL_DISABLE_I1PRO2_DRIVER
    set, and then calibrated with ARGYLL_DISABLE_I1PRO2_DRIVER unset.
  * Added option to icclib to write Output profiles using 'chad' tag if
    the ARGYLL_CREATE_DISPLAY_PROFILE_WITH_CHAD environment variable is
    set. This is not recommended for normal use, but may assist
    compatibility with other systems.
  * Added JETI spectraval support, including Bluetooth access.
  * Added support for the Klein K10 connecting via a serial port.
  * Fixed bug in Colormunki Smile driver that causes crash on Ubuntu
    16.04.1 LTS.
  * Modified "lp" intent to greatly reduce eliminate Helmholtz-Kohlrausch
    appearance modelling.
  * Fixed problem with targen -g, in that the corresponding XYZ values
    had double the power applied, rather than none. This was causing
    problems with printtarg spacer colors.
  * Extensive re-write of colorimetric nearest clipping code in rspl/rev.c
    to restore precision that was lost in the speedups made in V1.0.0. The
    nnrev setup now takes a lot longer with   high resolution CMYK profiles
    though. This corrects a "green becoming too yellow" problem for mapping
    from ProPhoto space with some RGB devices.
  * Change dispwin to properly set X11 DirectColor and take account of
    TrueColor Colormap.  This fixes problem with NVidia linux driver 364.12
    exposing a VideoLUT depth that is different from the frame buffer depth.
  * Change icclib to automatically repair icmTextDescription strings that
    have an allocation that is longer than their size.
  * Added i1Pro Lamp Drift test and fix functions to spotread (-Y l|L options).
  * Change colprof so that -s -S will accept general compression percentage
    as an alternative to a source colorspace/image gamut.
  * Added optional conversion from native Gretag-MacBeth & X-Rite reflective
    calibration standards to/from XRGA.
  * Changed OS X GUI support code so as not to switch to "interact with the
    Dock" mode until actual GUI element is to be displayed. This prevents
    batch commands with optional GUI elements from blocking normal GUI
    interactions.
  * Re-jigged OS X UI code to use the main thread to avoid window
    creation timing issues and a warning backtrace on OS X 10.11.
  * Added CMP_Digital_Target-7.cht
  * Fix spec2cie to cope with .ti3 files that are missing device values,
    so that it can process a wider range of input CIE reference files.
  * Changed implementation of ARGYLL_NOT_INTERACTIVE on MSWin to make
    it more reliable when operated progromatically.
  * Fixed chartread so that if you are reading patch by patch, the
    location strings can be arbitrary (i.e. they don't have to conform
    to an alpha/num strip/patch pattern.)
  * Added support for Sencore ColorPro V, IV & III colorimeters
    (based on Sequel Chroma colorimeter.).
- Drop argyllcms-udev151.patch
- Drop argyllcms-1.4.0-warnings.patch

==== cifs-utils ====

- Get rid of init script on everything based off SLE12+ (bsc#1025471).

==== dhcp ====
Subpackages: dhcp-client dhcp-doc dhcp-relay dhcp-server

- Relax permission of dhclient-script for libguestfs(bsc#987170)

==== dtc ====
Version update (1.4.3 -> 1.4.4)

- Update to version 1.4.4:
  * fdtput: Remove star from value_len documentation
  * fdtget: Use @return to document the return value
  * tests: Make realloc_fdt() really allocate *fdt
  * libfdt: overlay: Check the value of the right variable
  * dtc: Simplify asm_emit_string() implementation
  * libfdt: Change names of sparse helper macros
  * Fix assorted sparse warnings
  * Clean up gcc attributes
  * dtc: Don't abuse struct fdt_reserve_entry
- Refresh patches
- Make building more verbose
- Run tests

==== gpg2 ====

- Use stronger defaults for new users, using SHA-2 digest family
  for certificates and message signatures - FATE#323084
  adding gnupg-2.1.19-stronger-defaults.patch

==== jasper ====
Subpackages: libjasper-devel libjasper1 libjasper1-32bit

- Added patches:
  * jasper-CVE-2017-5498.patch
  - Upstream changes putting braces and belts around
    CVE-2017-5498, bsc#1020353, left-shift undefined behaviour
  * jasper-CVE-2016-9600.patch
  - Upstream fix for "Null Pointer Dereference due to missing
    check for UNKNOWN color space in JP2 encoder" (CVE-2016-9600,
    bsc#1018088)
- Added patch:
  * jasper-CVE-2016-10251.patch
  - Upstream fix for bsc#1029497, CVE-2016-10251: Use of
    uninitialized value in jpc_pi_nextcprl (jpc_t2cod.c)

==== kiwi ====
Version update (7.04.28 -> 7.04.29)
Subpackages: kiwi-desc-isoboot kiwi-desc-netboot kiwi-desc-oemboot kiwi-desc-vmxboot kiwi-doc kiwi-media-requires kiwi-templates

- v7.04.29 released
- Make sure the disk symlink is removed before moving ovf folder
  This commit deletes a relative symlink of the vmx disk before
  moving ovf files from a temporary folder to the destination folder.
  Fixes #633

==== open-iscsi ====
Subpackages: iscsiuio

- Updated from latest upstream patches, including
  ability to disable auto-scans and README cleanup

==== perl-XML-LibXML ====
Version update (2.0128 -> 2.0129)

- updated to 2.0129
  see /usr/share/doc/packages/perl-XML-LibXML/Changes
  2.0129  2017-03-14
  - Add example/create-sample-html-document.pl .
  - https://rt.cpan.org/Ticket/Display.html?id=117923
  - Add support for the set_document_locator() SAX method .
  - Thanks to Alexander Batyrshin for the pull-request.
  - Make parsing of large perl strings much faster.
  - https://github.com/shlomif/perl-XML-LibXML/pull/5
  - Thanks to Cedric Cellier for the pull-request.

==== pthread-stubs ====
Version update (0.3 -> 0.4)

- release 0.4
  * This new release stops providing stubs, but instead expects
    libc to do so. On platforms where this is not the case,
    "-pthread" is injected via our pkg-config file instead. This
    was done to make loading libpthread (indirectly) via dlopen()
    work correctly in the presence of pthread-stubs.

==== publicsuffix ====
Version update (20170206 -> 20170303)

- Update to version 20170303:
  * Add new gTLDs up to 2017-02-23 (#405)
  * adding storj.farm for Storj Labs Inc. (#400)

==== qemu ====
Version update (2.7.0 -> 2.8.0)
Subpackages: qemu-arm qemu-block-curl qemu-block-dmg qemu-block-gluster qemu-block-iscsi qemu-block-rbd qemu-block-ssh qemu-extra qemu-ipxe qemu-ksm qemu-kvm qemu-lang qemu-ppc qemu-s390 qemu-seabios qemu-sgabios qemu-tools qemu-vgabios qemu-x86

-  Buildignore for the global gcc-PIE, as this package enables PIE
  on its own and has troubles if all use it. (meissner@suse.com)
- Address various security/stability issues
  * Fix OOB access in virito-gpu-3d (CVE-2016-10028 bsc#1017084
  bsc#1016503)
  0057-display-virtio-gpu-3d-check-virgl-c.patch
  * Fix DOS in Intel 6300ESB device emulation (CVE-2016-10155 bsc#1021129)
  0058-watchdog-6300esb-add-exit-function.patch
  * Fix DOS in virtio-gpu-3d (CVE-2017-5552 bsc#1021195)
  0059-virtio-gpu-3d-fix-memory-leak-in-re.patch
  * Fix DOS in virtio-gpu (CVE-2017-5578 bsc#1021481)
  0060-virtio-gpu-fix-memory-leak-in-resou.patch
  * Fix cause of infrequent migration failures from bad virtio device
  state. (bsc#1020928)
  0061-virtio-fix-vq-inuse-recalc-after-mi.patch
  * Fix DOS in es1370 emulated audio device (CVE-2017-5526 bsc#1020589)
  0062-audio-es1370-add-exit-function.patch
  * Fix DOS in ac97 emulated audio device (CVE-2017-5525 bsc#1020491)
  0063-audio-ac97-add-exit-function.patch
  * Fix DOS in megasas device emulation (CVE-2017-5856 bsc#1023053)
  0064-megasas-fix-guest-triggered-memory-.patch
  * Fix various inaccuracies in cirrus vga device emulation
  0065-cirrus-handle-negative-pitch-in-cir.patch
  0066-cirrus-fix-blit-address-mask-handli.patch
  * Fix OOB access in cirrus vga emulation (CVE-2017-2615 bsc#1023004)
  0067-cirrus-fix-oob-access-issue-CVE-201.patch
  * Fix DOS in usb CCID card device emulator (CVE-2017-5898 bsc#1023907)
  0068-usb-ccid-check-ccid-apdu-length.patch
  * Fix OOB access in SDHCI device emulation (CVE-2017-5667 bsc#1022541)
  0069-sd-sdhci-check-data-length-during-d.patch
  * Fix DOS in virtio-gpu-3d (CVE-2017-5857 bsc#1023073)
  0070-virtio-gpu-fix-resource-leak-in-vir.patch
  * Fix cirrus patterncopy checks
  0071-cirrus-fix-patterncopy-checks.patch
  * Fix OOB access in cirrus vga emulation (CVE-2017-2620 bsc#1024972)
  0072-cirrus-add-blit_is_unsafe-call-to-c.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.8
- Fix name of s390x specific sysctl configuration file to end with
  .conf (bsc#1026583)
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.8
  * Check that sysfs path exists before running test which requires
  it. This allows qemu-testsuite to succeed in local build service
  chroot based package build.
  0056-tests-check-path-to-avoid-a-failing.patch
- Factory and SLE12-SP3 got a name change in the dtc devel package:
  libfdt1-devel -> libfdt-devel. Adjust our spec file accordingly.
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.8
  * Patches added:
  0055-linux-user-exclude-cpu-model-code-w.patch
- Make sure qemu guest agent is usable as soon as qemu-guest-agent
  package is installed. The previous post script was still not
  doing the job.
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.8
  * Fix potential hang/crash rebooting s390x guest
  0053-s390x-kvm-fix-small-race-reboot-vs..patch
  * Fix s390x linux-user failure since v2.8.0 update
  0054-target-s390x-use-qemu-cpu-model-in-.patch
- Merge qemu packages from openSUSE and SUSE SLE releases together
  for the v2.8 qemu update. The qemu.changes file is the openSUSE
  version with this entry providing CVE, FATE, and bugzilla
  references from the SUSE SLE qemu package to date (see below)
- Updated to v2.8.0: See http://wiki.qemu-project.org/ChangeLog/2.8
  * For SUSE SLE-12-SP3, update relates to fate#319684, fate#321331,
  fate#321335, fate#321339, fate#321349, fate#321857
  * For best compatibility, qemu-ifup and kvm_stat scripts now owned
  by qemu package
  * Build ipxe roms with gcc6 to maintain SLE legacy migration
  compatibility requirements
  * qmp-commands.txt file removed, to resurface in future doc reorganization
  * qemu-tech.html file merged into other existing doc
  * trace-events renamed to trace-events-all
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.8
  * Patches dropped (upstream):
  0013-linux-user-lock-tcg.patch
  0014-linux-user-Run-multi-threaded-code-.patch
  0015-linux-user-lock-tb-flushing-too.patch
  0017-linux-user-implement-FS_IOC_GETFLAG.patch
  0018-linux-user-implement-FS_IOC_SETFLAG.patch
  0034-xen-SUSE-xenlinux-unplug-for-emulat.patch
  0039-Fix-tlb_vaddr_to_host-with-CONFIG_U.patch
  0041-vmsvga-correct-bitmap-and-pixmap-si.patch
  0042-scsi-mptconfig-fix-an-assert-expres.patch
  0043-scsi-mptconfig-fix-misuse-of-MPTSAS.patch
  0044-scsi-pvscsi-limit-loop-to-fetch-SG-.patch
  0045-usb-xhci-fix-memory-leak-in-usb_xhc.patch
  0046-scsi-mptsas-use-g_new0-to-allocate-.patch
  0047-scsi-pvscsi-limit-process-IO-loop-t.patch
  0048-virtio-add-check-for-descriptor-s-m.patch
  0049-net-mcf-limit-buffer-descriptor-cou.patch
  0050-usb-ehci-fix-memory-leak-in-ehci_pr.patch
  0051-xhci-limit-the-number-of-link-trbs-.patch
  0052-9pfs-allocate-space-for-guest-origi.patch
  0053-9pfs-fix-memory-leak-in-v9fs_link.patch
  0054-9pfs-fix-potential-host-memory-leak.patch
  0055-9pfs-fix-information-leak-in-xattr-.patch
  0056-9pfs-fix-memory-leak-in-v9fs_xattrc.patch
  0057-9pfs-fix-memory-leak-in-v9fs_write.patch
  0058-char-serial-check-divider-value-aga.patch
  0059-net-pcnet-check-rx-tx-descriptor-ri.patch
  0060-net-eepro100-fix-memory-leak-in-dev.patch
  0061-net-rocker-set-limit-to-DMA-buffer-.patch
  0062-net-vmxnet-initialise-local-tx-desc.patch
  0063-net-rtl8139-limit-processing-of-rin.patch
  0064-audio-intel-hda-check-stream-entry-.patch
  0065-virtio-gpu-fix-memory-leak-in-virti.patch
  0066-9pfs-fix-integer-overflow-issue-in-.patch
  slof_xhci.patch
  * Patches renamed:
  0016-linux-user-Fake-proc-cpuinfo.patch -> 0013-linux-user-Fake-proc-cpuinfo.patch
  0019-linux-user-XXX-disable-fiemap.patch -> 0014-linux-user-XXX-disable-fiemap.patch
  0020-slirp-nooutgoing.patch -> 0015-slirp-nooutgoing.patch
  0021-vnc-password-file-and-incoming-conn.patch -> 0016-vnc-password-file-and-incoming-conn.patch
  0022-linux-user-use-target_ulong.patch -> 0017-linux-user-use-target_ulong.patch
  0023-block-Add-support-for-DictZip-enabl.patch -> 0018-block-Add-support-for-DictZip-enabl.patch
  0024-block-Add-tar-container-format.patch -> 0019-block-Add-tar-container-format.patch
  0025-Legacy-Patch-kvm-qemu-preXX-dictzip.patch -> 0020-Legacy-Patch-kvm-qemu-preXX-dictzip.patch
  0026-console-add-question-mark-escape-op.patch -> 0021-console-add-question-mark-escape-op.patch
  0027-Make-char-muxer-more-robust-wrt-sma.patch -> 0022-Make-char-muxer-more-robust-wrt-sma.patch
  0028-linux-user-lseek-explicitly-cast-no.patch -> 0023-linux-user-lseek-explicitly-cast-no.patch
  0029-virtfs-proxy-helper-Provide-__u64-f.patch -> 0024-virtfs-proxy-helper-Provide-__u64-f.patch
  0030-configure-Enable-PIE-for-ppc-and-pp.patch -> 0025-configure-Enable-PIE-for-ppc-and-pp.patch
  0031-AIO-Reduce-number-of-threads-for-32.patch -> 0026-AIO-Reduce-number-of-threads-for-32.patch
  0032-dictzip-Fix-on-big-endian-systems.patch -> 0027-dictzip-Fix-on-big-endian-systems.patch
  0033-xen_disk-Add-suse-specific-flush-di.patch -> 0028-xen_disk-Add-suse-specific-flush-di.patch
  0035-qemu-bridge-helper-reduce-security-.patch -> 0029-qemu-bridge-helper-reduce-security-.patch
  0036-qemu-binfmt-conf-use-qemu-ARCH-binf.patch -> 0030-qemu-binfmt-conf-use-qemu-ARCH-binf.patch
  0037-configure-Fix-detection-of-seccomp-.patch -> 0031-configure-Fix-detection-of-seccomp-.patch
  0038-linux-user-properly-test-for-infini.patch -> 0032-linux-user-properly-test-for-infini.patch
  0040-linux-user-remove-all-traces-of-qem.patch -> 0033-linux-user-remove-all-traces-of-qem.patch
  0067-dma-rc4030-limit-interval-timer-rel.patch -> 0034-dma-rc4030-limit-interval-timer-rel.patch
  0068-net-imx-limit-buffer-descriptor-cou.patch -> 0035-net-imx-limit-buffer-descriptor-cou.patch
  0069-roms-Makefile-pass-a-packaging-time.patch -> 0036-roms-Makefile-pass-a-packaging-time.patch
  * Patches added:
  0037-Raise-soft-address-space-limit-to-h.patch
  0038-increase-x86_64-physical-bits-to-42.patch
  0039-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
  0040-i8254-Fix-migration-from-SLE11-SP2.patch
  0041-acpi_piix4-Fix-migration-from-SLE11.patch
  0042-Fix-tigervnc-long-press-issue.patch
  0043-fix-xen-hvm-direct-kernel-boot.patch
  0044-ARM-KVM-Enable-in-kernel-timers-wit.patch
  0045-virtio-gpu-call-cleanup-mapping-fun.patch
  0046-string-input-visitor-Fix-uint64-par.patch
  0047-test-string-input-visitor-Add-int-t.patch
  0048-test-string-input-visitor-Add-uint6.patch
  0049-tests-Add-QOM-property-unit-tests.patch
  0050-tests-Add-scsi-disk-test.patch
  0051-virtio-gpu-fix-information-leak-in-.patch
  0052-display-cirrus-ignore-source-pitch-.patch
  ipxe-use-gcc6-for-more-compact-code.patch
  * SLE patches dropped (accounted for in above listed changes):
  0002-qemu-0.9.0.cvs-binfmt.patch
  0009-block-vmdk-Support-creation-of-SCSI.patch
  0010-linux-user-add-binfmt-wrapper-for-a.patch
  0011-PPC-KVM-Disable-mmu-notifier-check.patch
  0012-linux-user-fix-segfault-deadlock.patch
  0013-linux-user-binfmt-support-host-bina.patch
  0014-linux-user-Ignore-broken-loop-ioctl.patch
  0015-linux-user-lock-tcg.patch
  0016-linux-user-Run-multi-threaded-code-.patch
  0017-linux-user-lock-tb-flushing-too.patch
  0018-linux-user-Fake-proc-cpuinfo.patch
  0019-linux-user-implement-FS_IOC_GETFLAG.patch
  0020-linux-user-implement-FS_IOC_SETFLAG.patch
  0021-linux-user-XXX-disable-fiemap.patch
  0022-slirp-nooutgoing.patch
  0023-vnc-password-file-and-incoming-conn.patch
  0024-linux-user-add-more-blk-ioctls.patch
  0025-linux-user-use-target_ulong.patch
  0026-block-Add-support-for-DictZip-enabl.patch
  0027-block-Add-tar-container-format.patch
  0028-Legacy-Patch-kvm-qemu-preXX-dictzip.patch
  0029-console-add-question-mark-escape-op.patch
  0030-Make-char-muxer-more-robust-wrt-sma.patch
  0031-linux-user-lseek-explicitly-cast-no.patch
  0032-virtfs-proxy-helper-Provide-_u64-f.patch
  0033-configure-Enable-PIE-for-ppc-and-pp.patch
  0034-Raise-soft-address-space-limit-to-h.patch
  0035-increase-x86_64-physical-bits-to-42.patch
  0036-vnc-provide-fake-color-map.patch
  0037-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
  0038-i8254-Fix-migration-from-SLE11-SP2.patch
  0039-acpi_piix4-Fix-migration-from-SLE11.patch
  0040-qtest-Increase-socket-timeout-to-ac.patch
  0041-dictzip-Fix-on-big-endian-systems.patch
  0043-xen_disk-Add-suse-specific-flush-di.patch
  0044-Split-large-discard-requests-from-b.patch
  0045-fix-xen-hvm-direct-kernel-boot.patch
  0046-xen-introduce-dummy-system-device.patch
  0047-xen-write-information-about-support.patch
  0048-xen-add-pvUSB-backend.patch
  0049-xen-move-xen_sysdev-to-xen_backend..patch
  0050-vnc-add-configurable-keyboard-delay.patch
  0051-xen-SUSE-xenlinux-unplug-for-emulat.patch
  0052-configure-add-echo_version-helper.patch
  0053-configure-support-vte-2.91.patch
  0054-scsi-esp-fix-migration.patch
  0055-hw-arm-virt-mark-the-PCIe-host-cont.patch
  0056-xen-when-removing-a-backend-don-t-r.patch
  0057-xen-drain-submit-queue-in-xen-usb-b.patch
  0058-qcow2-avoid-extra-flushes-in-qcow2.patch
  0059-qemu-bridge-helper-reduce-security-.patch
  0060-xen-use-a-common-function-for-pv-an.patch
  0061-xen_platform-unplug-also-SCSI-disks.patch
  0062-virtio-check-vring-descriptor-buffe.patch
  0063-net-vmxnet3-check-for-device_active.patch
  0064-net-vmxnet-initialise-local-tx-desc.patch
  0065-scsi-pvscsi-avoid-infinite-loop-whi.patch
  0066-ARM-KVM-Enable-in-kernel-timers-wit.patch
  0067-hw-net-Fix-a-heap-overflow-in-xlnx..patch
  0068-vmsvga-correct-bitmap-and-pixmap-si.patch
  0069-usb-xhci-fix-memory-leak-in-usb_xhc.patch
  0070-virtio-add-check-for-descriptor-s-m.patch
  0071-net-mcf-limit-buffer-descriptor-cou.patch
  0072-usb-ehci-fix-memory-leak-in-ehci_pr.patch
  0073-xhci-limit-the-number-of-link-trbs-.patch
  0074-9pfs-allocate-space-for-guest-origi.patch
  0075-9pfs-fix-memory-leak-in-v9fs_link.patch
  0076-9pfs-fix-potential-host-memory-leak.patch
  0077-9pfs-fix-memory-leak-in-v9fs_write.patch
  0078-char-serial-check-divider-value-aga.patch
  0079-net-pcnet-check-rx-tx-descriptor-ri.patch
  0080-net-eepro100-fix-memory-leak-in-dev.patch
  0081-net-rocker-set-limit-to-DMA-buffer-.patch
  0082-net-rtl8139-limit-processing-of-rin.patch
  0083-audio-intel-hda-check-stream-entry-.patch
  0084-virtio-gpu-fix-memory-leak-in-virti.patch
  0085-9pfs-fix-integer-overflow-issue-in-.patch
  0086-dma-rc4030-limit-interval-timer-rel.patch
  0087-net-imx-limit-buffer-descriptor-cou.patch
  0088-target-i386-Implement-CPUID-0xB-Ext.patch
  0089-target-i386-present-virtual-L3-cach.patch
  0090-migration-fix-inability-to-save-VM-.patch
  0091-ui-gtk-Fix-a-runtime-warning-on-vte.patch
  0092-gtk-don-t-leak-the-GtkBorder-with-V.patch
  0093-xen-fix-ioreq-handling.patch
  0094-macio-Use-blk_drain-instead-of-blk_.patch
  0095-rbd-Switch-rbd_start_aio-to-byte-ba.patch
  0096-virtio-blk-Release-s-rq-queue-at-sy.patch
  0097-virtio-blk-Remove-stale-comment-abo.patch
  0098-block-reintroduce-bdrv_flush_all.patch
  0099-qemu-use-bdrv_flush_all-for-vm_stop.patch
  0100-block-backend-remove-blkflush_all.patch
  0101-char-fix-missing-return-in-error-pa.patch
  0102-rbd-shift-byte-count-as-a-64-bit-va.patch
  0103-mirror-use-bdrv_drained_begin-bdrv_.patch
  0104-block-curl-Use-BDRV_SECTOR_SIZE.patch
  0105-block-curl-Fix-return-value-from-cu.patch
  0106-block-curl-Remember-all-sockets.patch
  0107-block-curl-Do-not-wait-for-data-bey.patch
  0108-virtio-allow-per-device-class-legac.patch
  0109-virtio-net-mark-VIRTIO_NET_F_GSO-as.patch
  0110-vhost-adapt-vhost_verify_ring_mappi.patch
  0111-ivshmem-Fix-64-bit-memory-bar-confi.patch
  0112-intel_iommu-fix-incorrect-device-in.patch
  0113-9pfs-fix-information-leak-in-xattr-.patch
  0114-9pfs-fix-memory-leak-in-v9fs_xattrc.patch
  0115-net-mcf-check-receive-buffer-size-r.patch
  0116-virtio-gpu-fix-memory-leak-in-updat.patch
  0117-virtio-gpu-fix-information-leak-in-.patch
  0118-9pfs-adjust-the-order-of-resource-c.patch
  0119-9pfs-add-cleanup-operation-in-FileO.patch
  0120-9pfs-add-cleanup-operation-for-hand.patch
  0121-9pfs-add-cleanup-operation-for-prox.patch
  0122-virtio-gpu-call-cleanup-mapping-fun.patch
  0123-string-input-visitor-Fix-uint64-par.patch
  0124-test-string-input-visitor-Add-int-t.patch
  0125-test-string-input-visitor-Add-uint6.patch
  0126-tests-Add-QOM-property-unit-tests.patch
  0127-tests-Add-scsi-disk-test.patch
  0128-usb-ehci-fix-memory-leak-in-ehci_in.patch
  0129-usbredir-free-vm_change_state_handl.patch
  0130-virtio-gpu-fix-information-leak-in-.patch
  ipxe-ath9k-Fix-buffer-overrun-for-ar9287.patch
  ipxe-ath-Fix-building-with-GCC-6.patch
  ipxe-efi-fix-garbage-bytes-in-device-path.patch
  ipxe-efi-fix-uninitialised-data-in-HII.patch
  ipxe-legacy-Fix-building-with-GCC-6.patch
  ipxe-mucurses-Fix-GCC-6-nonnull-compare-errors.patch
  ipxe-sis190-Fix-building-with-GCC-6.patch
  ipxe-skge-Fix-building-with-GCC-6.patch
  ipxe-util-v5.24-perl-errors-on-redeclare.patch
- SLE CVE, FATE, and bugzilla references not otherwise listed in
  this changelog file. The intent of this list is to indicate that
  the fix or feature continues the line of inheritance in the
  development stream of this package. The list is intended to
  satisfy searches only - refer to the SLE-12-SP2 changelog file
  for additional details.
  * fate#314468 fate#314497 fate#315125 fate#315467 fate#317015
  fate#317741 fate#317763 fate#318349 fate#319660 fate#319979
  fate#321010
  * bnc#812983 bnc#869026 bnc#869746 bnc#874413 bnc#875582 bnc#875870
  bnc#877642 bnc#877645 bnc#878541 bsc#882405 bsc#886378 bnc#893339
  bnc#893892 bnc#895369 bnc#896726 bnc#897654 bnc#905097 bnc#907805
  bnc#908380 bnc#914521 bsc#924018 bsc#929339 bsc#932267 bsc#932770
  bsc#933981 bsc#936537 bsc#937125 bsc#938344 bsc#940929 bsc#942845
  bsc#943446 bsc#944697 bsc#945404 bsc#945987 bsc#945989 bsc#946020
  bsc#947159 bnc#953518 bsc#954864 bsc#956829 bsc#957162 bsc#958491
  bsc#958917 bsc#959005 bsc#959386 bsc#960334 bsc#960708 bsc#960725
  bsc#960835 bsc#961333 bsc#961556 bsc#961691 bsc#962320 bsc#963782
  bsc#964413 bsc#970791 bsc#974141 bsc#978158 bsc#979473 bsc#982365
  bsc#989655 bsc#991466 bsc#994771 bsc#994774 bsc#996441 bsc#997858
  bsc#999212
  bsc#1001151 bsc#1002116 bsc#1005353 boo#1007263 bsc#1007769
  bsc#1008519 bsc#1009109 bsc#1013285 bsc#1013341 bsc#1013764
  bsc#1013767 bsc#1014109 bsc#1014110 bsc#1014111 bsc#1014112
  bsc#1014256 bsc#1014514 bsc#1014702 bsc#1015169 bsc#1016779
  * CVE-2014-0222 CVE-2014-0223 CVE-2014-3461 CVE-2014-3640 CVE-2014-7840
  CVE-2014-8106 CVE-2015-1779 CVE-2015-3209 CVE-2015-4037 CVE-2015-5154
  CVE-2015-5225 CVE-2015-5278 CVE-2015-5279 CVE-2015-5745 CVE-2015-6815
  CVE-2015-6855 CVE-2015-7295 CVE-2015-7512 CVE-2015-7549 CVE-2015-8345
  CVE-2015-8504 CVE-2015-8558 CVE-2015-8567 CVE-2015-8568 CVE-2015-8613
  CVE-2015-8619 CVE-2015-8743 CVE-2015-8744 CVE-2015-8745 CVE-2016-1568
  CVE-2016-1714 CVE-2016-1922 CVE-2016-1981 CVE-2016-2198 CVE-2016-3710
  CVE-2016-6490 CVE-2016-6833 CVE-2016-6888 CVE-2016-7116 CVE-2016-7155
  CVE-2016-7161 CVE-2016-9381 CVE-2016-9776 CVE-2016-9845 CVE-2016-9846
  CVE-2016-9907 CVE-2016-9908 CVE-2016-9911 CVE-2016-9912 CVE-2016-9913
  CVE-2016-9921 CVE-2016-9922

==== qemu-linux-user ====
Version update (2.7.0 -> 2.8.0)

-  Buildignore for the global gcc-PIE, as this package enables PIE
  on its own and has troubles if all use it. (meissner@suse.com)
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.8
  * Patches added:
  0057-display-virtio-gpu-3d-check-virgl-c.patch
  0058-watchdog-6300esb-add-exit-function.patch
  0059-virtio-gpu-3d-fix-memory-leak-in-re.patch
  0060-virtio-gpu-fix-memory-leak-in-resou.patch
  0061-virtio-fix-vq-inuse-recalc-after-mi.patch
  0062-audio-es1370-add-exit-function.patch
  0063-audio-ac97-add-exit-function.patch
  0064-megasas-fix-guest-triggered-memory-.patch
  0065-cirrus-handle-negative-pitch-in-cir.patch
  0066-cirrus-fix-blit-address-mask-handli.patch
  0067-cirrus-fix-oob-access-issue-CVE-201.patch
  0068-usb-ccid-check-ccid-apdu-length.patch
  0069-sd-sdhci-check-data-length-during-d.patch
  0070-virtio-gpu-fix-resource-leak-in-vir.patch
  0071-cirrus-fix-patterncopy-checks.patch
  0072-cirrus-add-blit_is_unsafe-call-to-c.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.8
  * Patches added:
  0056-tests-check-path-to-avoid-a-failing.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.8
  * Patches added:
  0055-linux-user-exclude-cpu-model-code-w.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.8
  * Fix s390x linux-user failure since v2.8.0 update
  * Patches added:
  0053-s390x-kvm-fix-small-race-reboot-vs..patch
  0054-target-s390x-use-qemu-cpu-model-in-.patch
- Merge qemu-linux-user packages from openSUSE and SUSE SLE releases
  together for the v2.8 qemu update. The qemu-linux-user.changes
  file is the openSUSE version with this entry providing CVE, FATE,
  and bugzilla references from the SUSE SLE qemu package to date
  (see below) - (the qemu-linux-user package derives from the same
  sources as qemu, and the vast majority of fixes are targeted only
  towards the qemu package.)
- Updated to v2.8.0: See http://wiki.qemu-project.org/ChangeLog/2.8
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.8
  * Patches dropped (upstream):
  0013-linux-user-lock-tcg.patch
  0014-linux-user-Run-multi-threaded-code-.patch
  0015-linux-user-lock-tb-flushing-too.patch
  0017-linux-user-implement-FS_IOC_GETFLAG.patch
  0018-linux-user-implement-FS_IOC_SETFLAG.patch
  0034-xen-SUSE-xenlinux-unplug-for-emulat.patch
  0039-Fix-tlb_vaddr_to_host-with-CONFIG_U.patch
  0041-vmsvga-correct-bitmap-and-pixmap-si.patch
  0042-scsi-mptconfig-fix-an-assert-expres.patch
  0043-scsi-mptconfig-fix-misuse-of-MPTSAS.patch
  0044-scsi-pvscsi-limit-loop-to-fetch-SG-.patch
  0045-usb-xhci-fix-memory-leak-in-usb_xhc.patch
  0046-scsi-mptsas-use-g_new0-to-allocate-.patch
  0047-scsi-pvscsi-limit-process-IO-loop-t.patch
  0048-virtio-add-check-for-descriptor-s-m.patch
  0049-net-mcf-limit-buffer-descriptor-cou.patch
  0050-usb-ehci-fix-memory-leak-in-ehci_pr.patch
  0051-xhci-limit-the-number-of-link-trbs-.patch
  0052-9pfs-allocate-space-for-guest-origi.patch
  0053-9pfs-fix-memory-leak-in-v9fs_link.patch
  0054-9pfs-fix-potential-host-memory-leak.patch
  0055-9pfs-fix-information-leak-in-xattr-.patch
  0056-9pfs-fix-memory-leak-in-v9fs_xattrc.patch
  0057-9pfs-fix-memory-leak-in-v9fs_write.patch
  0058-char-serial-check-divider-value-aga.patch
  0059-net-pcnet-check-rx-tx-descriptor-ri.patch
  0060-net-eepro100-fix-memory-leak-in-dev.patch
  0061-net-rocker-set-limit-to-DMA-buffer-.patch
  0062-net-vmxnet-initialise-local-tx-desc.patch
  0063-net-rtl8139-limit-processing-of-rin.patch
  0064-audio-intel-hda-check-stream-entry-.patch
  0065-virtio-gpu-fix-memory-leak-in-virti.patch
  0066-9pfs-fix-integer-overflow-issue-in-.patch
  slof_xhci.patch
  * Patches renamed:
  0016-linux-user-Fake-proc-cpuinfo.patch -> 0013-linux-user-Fake-proc-cpuinfo.patch
  0019-linux-user-XXX-disable-fiemap.patch -> 0014-linux-user-XXX-disable-fiemap.patch
  0020-slirp-nooutgoing.patch -> 0015-slirp-nooutgoing.patch
  0021-vnc-password-file-and-incoming-conn.patch -> 0016-vnc-password-file-and-incoming-conn.patch
  0022-linux-user-use-target_ulong.patch -> 0017-linux-user-use-target_ulong.patch
  0023-block-Add-support-for-DictZip-enabl.patch -> 0018-block-Add-support-for-DictZip-enabl.patch
  0024-block-Add-tar-container-format.patch -> 0019-block-Add-tar-container-format.patch
  0025-Legacy-Patch-kvm-qemu-preXX-dictzip.patch -> 0020-Legacy-Patch-kvm-qemu-preXX-dictzip.patch
  0026-console-add-question-mark-escape-op.patch -> 0021-console-add-question-mark-escape-op.patch
  0027-Make-char-muxer-more-robust-wrt-sma.patch -> 0022-Make-char-muxer-more-robust-wrt-sma.patch
  0028-linux-user-lseek-explicitly-cast-no.patch -> 0023-linux-user-lseek-explicitly-cast-no.patch
  0029-virtfs-proxy-helper-Provide-__u64-f.patch -> 0024-virtfs-proxy-helper-Provide-__u64-f.patch
  0030-configure-Enable-PIE-for-ppc-and-pp.patch -> 0025-configure-Enable-PIE-for-ppc-and-pp.patch
  0031-AIO-Reduce-number-of-threads-for-32.patch -> 0026-AIO-Reduce-number-of-threads-for-32.patch
  0032-dictzip-Fix-on-big-endian-systems.patch -> 0027-dictzip-Fix-on-big-endian-systems.patch
  0033-xen_disk-Add-suse-specific-flush-di.patch -> 0028-xen_disk-Add-suse-specific-flush-di.patch
  0035-qemu-bridge-helper-reduce-security-.patch -> 0029-qemu-bridge-helper-reduce-security-.patch
  0036-qemu-binfmt-conf-use-qemu-ARCH-binf.patch -> 0030-qemu-binfmt-conf-use-qemu-ARCH-binf.patch
  0037-configure-Fix-detection-of-seccomp-.patch -> 0031-configure-Fix-detection-of-seccomp-.patch
  0038-linux-user-properly-test-for-infini.patch -> 0032-linux-user-properly-test-for-infini.patch
  0040-linux-user-remove-all-traces-of-qem.patch -> 0033-linux-user-remove-all-traces-of-qem.patch
  0067-dma-rc4030-limit-interval-timer-rel.patch -> 0034-dma-rc4030-limit-interval-timer-rel.patch
  0068-net-imx-limit-buffer-descriptor-cou.patch -> 0035-net-imx-limit-buffer-descriptor-cou.patch
  0069-roms-Makefile-pass-a-packaging-time.patch -> 0036-roms-Makefile-pass-a-packaging-time.patch
  * Patches added:
  0037-Raise-soft-address-space-limit-to-h.patch
  0038-increase-x86_64-physical-bits-to-42.patch
  0039-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
  0040-i8254-Fix-migration-from-SLE11-SP2.patch
  0041-acpi_piix4-Fix-migration-from-SLE11.patch
  0042-Fix-tigervnc-long-press-issue.patch
  0043-fix-xen-hvm-direct-kernel-boot.patch
  0044-ARM-KVM-Enable-in-kernel-timers-wit.patch
  0045-virtio-gpu-call-cleanup-mapping-fun.patch
  0046-string-input-visitor-Fix-uint64-par.patch
  0047-test-string-input-visitor-Add-int-t.patch
  0048-test-string-input-visitor-Add-uint6.patch
  0049-tests-Add-QOM-property-unit-tests.patch
  0050-tests-Add-scsi-disk-test.patch
  0051-virtio-gpu-fix-information-leak-in-.patch
  0052-display-cirrus-ignore-source-pitch-.patch
  ipxe-use-gcc6-for-more-compact-code.patch
  * SLE patches dropped (accounted for in above listed changes):
  0002-qemu-0.9.0.cvs-binfmt.patch
  0009-block-vmdk-Support-creation-of-SCSI.patch
  0010-linux-user-add-binfmt-wrapper-for-a.patch
  0011-PPC-KVM-Disable-mmu-notifier-check.patch
  0012-linux-user-fix-segfault-deadlock.patch
  0013-linux-user-binfmt-support-host-bina.patch
  0014-linux-user-Ignore-broken-loop-ioctl.patch
  0015-linux-user-lock-tcg.patch
  0016-linux-user-Run-multi-threaded-code-.patch
  0017-linux-user-lock-tb-flushing-too.patch
  0018-linux-user-Fake-proc-cpuinfo.patch
  0019-linux-user-implement-FS_IOC_GETFLAG.patch
  0020-linux-user-implement-FS_IOC_SETFLAG.patch
  0021-linux-user-XXX-disable-fiemap.patch
  0022-slirp-nooutgoing.patch
  0023-vnc-password-file-and-incoming-conn.patch
  0024-linux-user-add-more-blk-ioctls.patch
  0025-linux-user-use-target_ulong.patch
  0026-block-Add-support-for-DictZip-enabl.patch
  0027-block-Add-tar-container-format.patch
  0028-Legacy-Patch-kvm-qemu-preXX-dictzip.patch
  0029-console-add-question-mark-escape-op.patch
  0030-Make-char-muxer-more-robust-wrt-sma.patch
  0031-linux-user-lseek-explicitly-cast-no.patch
  0032-virtfs-proxy-helper-Provide-_u64-f.patch
  0033-configure-Enable-PIE-for-ppc-and-pp.patch
  0034-Raise-soft-address-space-limit-to-h.patch
  0035-increase-x86_64-physical-bits-to-42.patch
  0036-vnc-provide-fake-color-map.patch
  0037-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch
  0038-i8254-Fix-migration-from-SLE11-SP2.patch
  0039-acpi_piix4-Fix-migration-from-SLE11.patch
  0040-qtest-Increase-socket-timeout-to-ac.patch
  0041-dictzip-Fix-on-big-endian-systems.patch
  0043-xen_disk-Add-suse-specific-flush-di.patch
  0044-Split-large-discard-requests-from-b.patch
  0045-fix-xen-hvm-direct-kernel-boot.patch
  0046-xen-introduce-dummy-system-device.patch
  0047-xen-write-information-about-support.patch
  0048-xen-add-pvUSB-backend.patch
  0049-xen-move-xen_sysdev-to-xen_backend..patch
  0050-vnc-add-configurable-keyboard-delay.patch
  0051-xen-SUSE-xenlinux-unplug-for-emulat.patch
  0052-configure-add-echo_version-helper.patch
  0053-configure-support-vte-2.91.patch
  0054-scsi-esp-fix-migration.patch
  0055-hw-arm-virt-mark-the-PCIe-host-cont.patch
  0056-xen-when-removing-a-backend-don-t-r.patch
  0057-xen-drain-submit-queue-in-xen-usb-b.patch
  0058-qcow2-avoid-extra-flushes-in-qcow2.patch
  0059-qemu-bridge-helper-reduce-security-.patch
  0060-xen-use-a-common-function-for-pv-an.patch
  0061-xen_platform-unplug-also-SCSI-disks.patch
  0062-virtio-check-vring-descriptor-buffe.patch
  0063-net-vmxnet3-check-for-device_active.patch
  0064-net-vmxnet-initialise-local-tx-desc.patch
  0065-scsi-pvscsi-avoid-infinite-loop-whi.patch
  0066-ARM-KVM-Enable-in-kernel-timers-wit.patch
  0067-hw-net-Fix-a-heap-overflow-in-xlnx..patch
  0068-vmsvga-correct-bitmap-and-pixmap-si.patch
  0069-usb-xhci-fix-memory-leak-in-usb_xhc.patch
  0070-virtio-add-check-for-descriptor-s-m.patch
  0071-net-mcf-limit-buffer-descriptor-cou.patch
  0072-usb-ehci-fix-memory-leak-in-ehci_pr.patch
  0073-xhci-limit-the-number-of-link-trbs-.patch
  0074-9pfs-allocate-space-for-guest-origi.patch
  0075-9pfs-fix-memory-leak-in-v9fs_link.patch
  0076-9pfs-fix-potential-host-memory-leak.patch
  0077-9pfs-fix-memory-leak-in-v9fs_write.patch
  0078-char-serial-check-divider-value-aga.patch
  0079-net-pcnet-check-rx-tx-descriptor-ri.patch
  0080-net-eepro100-fix-memory-leak-in-dev.patch
  0081-net-rocker-set-limit-to-DMA-buffer-.patch
  0082-net-rtl8139-limit-processing-of-rin.patch
  0083-audio-intel-hda-check-stream-entry-.patch
  0084-virtio-gpu-fix-memory-leak-in-virti.patch
  0085-9pfs-fix-integer-overflow-issue-in-.patch
  0086-dma-rc4030-limit-interval-timer-rel.patch
  0087-net-imx-limit-buffer-descriptor-cou.patch
  0088-target-i386-Implement-CPUID-0xB-Ext.patch
  0089-target-i386-present-virtual-L3-cach.patch
  0090-migration-fix-inability-to-save-VM-.patch
  0091-ui-gtk-Fix-a-runtime-warning-on-vte.patch
  0092-gtk-don-t-leak-the-GtkBorder-with-V.patch
  0093-xen-fix-ioreq-handling.patch
  0094-macio-Use-blk_drain-instead-of-blk_.patch
  0095-rbd-Switch-rbd_start_aio-to-byte-ba.patch
  0096-virtio-blk-Release-s-rq-queue-at-sy.patch
  0097-virtio-blk-Remove-stale-comment-abo.patch
  0098-block-reintroduce-bdrv_flush_all.patch
  0099-qemu-use-bdrv_flush_all-for-vm_stop.patch
  0100-block-backend-remove-blkflush_all.patch
  0101-char-fix-missing-return-in-error-pa.patch
  0102-rbd-shift-byte-count-as-a-64-bit-va.patch
  0103-mirror-use-bdrv_drained_begin-bdrv_.patch
  0104-block-curl-Use-BDRV_SECTOR_SIZE.patch
  0105-block-curl-Fix-return-value-from-cu.patch
  0106-block-curl-Remember-all-sockets.patch
  0107-block-curl-Do-not-wait-for-data-bey.patch
  0108-virtio-allow-per-device-class-legac.patch
  0109-virtio-net-mark-VIRTIO_NET_F_GSO-as.patch
  0110-vhost-adapt-vhost_verify_ring_mappi.patch
  0111-ivshmem-Fix-64-bit-memory-bar-confi.patch
  0112-intel_iommu-fix-incorrect-device-in.patch
  0113-9pfs-fix-information-leak-in-xattr-.patch
  0114-9pfs-fix-memory-leak-in-v9fs_xattrc.patch
  0115-net-mcf-check-receive-buffer-size-r.patch
  0116-virtio-gpu-fix-memory-leak-in-updat.patch
  0117-virtio-gpu-fix-information-leak-in-.patch
  0118-9pfs-adjust-the-order-of-resource-c.patch
  0119-9pfs-add-cleanup-operation-in-FileO.patch
  0120-9pfs-add-cleanup-operation-for-hand.patch
  0121-9pfs-add-cleanup-operation-for-prox.patch
  0122-virtio-gpu-call-cleanup-mapping-fun.patch
  0123-string-input-visitor-Fix-uint64-par.patch
  0124-test-string-input-visitor-Add-int-t.patch
  0125-test-string-input-visitor-Add-uint6.patch
  0126-tests-Add-QOM-property-unit-tests.patch
  0127-tests-Add-scsi-disk-test.patch
  0128-usb-ehci-fix-memory-leak-in-ehci_in.patch
  0129-usbredir-free-vm_change_state_handl.patch
  0130-virtio-gpu-fix-information-leak-in-.patch
  ipxe-ath9k-Fix-buffer-overrun-for-ar9287.patch
  ipxe-ath-Fix-building-with-GCC-6.patch
  ipxe-efi-fix-garbage-bytes-in-device-path.patch
  ipxe-efi-fix-uninitialised-data-in-HII.patch
  ipxe-legacy-Fix-building-with-GCC-6.patch
  ipxe-mucurses-Fix-GCC-6-nonnull-compare-errors.patch
  ipxe-sis190-Fix-building-with-GCC-6.patch
  ipxe-skge-Fix-building-with-GCC-6.patch
  ipxe-util-v5.24-perl-errors-on-redeclare.patch
- SLE CVE, FATE, and bugzilla references not otherwise listed in
  this changelog file. The intent of this list is to indicate that
  the fix or feature continues the line of inheritance in the
  development stream of this package. The list is intended to
  satisfy searches only - refer to the SLE-12-SP2 changelog file
  for additional details.
  * fate#314468 fate#314497 fate#315125 fate#315467 fate#317015
  fate#317741 fate#317763 fate#318349 fate#319660 fate#319979
  fate#321010
  * bnc#812983 bnc#869026 bnc#869746 bnc#874413 bnc#875582 bnc#875870
  bnc#877642 bnc#877645 bnc#878541 bsc#882405 bsc#886378 bnc#893339
  bnc#893892 bnc#895369 bnc#896726 bnc#897654 bnc#905097 bnc#907805
  bnc#908380 bnc#914521 bsc#924018 bsc#929339 bsc#932267 bsc#932770
  bsc#933981 bsc#936537 bsc#937125 bsc#938344 bsc#940929 bsc#942845
  bsc#943446 bsc#944697 bsc#945404 bsc#945987 bsc#945989 bsc#946020
  bsc#947159 bnc#953518 bsc#954864 bsc#956829 bsc#957162 bsc#958491
  bsc#958917 bsc#959005 bsc#959386 bsc#960334 bsc#960708 bsc#960725
  bsc#960835 bsc#961333 bsc#961556 bsc#961691 bsc#962320 bsc#963782
  bsc#964413 bsc#970791 bsc#974141 bsc#978158 bsc#979473 bsc#982365
  bsc#989655 bsc#991466 bsc#994771 bsc#994774 bsc#996441 bsc#997858
  bsc#999212
  bsc#1001151 bsc#1002116 bsc#1005353 boo#1007263 bsc#1007769
  bsc#1008519 bsc#1009109 bsc#1013285 bsc#1013341 bsc#1013764
  bsc#1013767 bsc#1014109 bsc#1014110 bsc#1014111 bsc#1014112
  bsc#1014256 bsc#1014514 bsc#1014702 bsc#1015169 bsc#1016779
  * CVE-2014-0222 CVE-2014-0223 CVE-2014-3461 CVE-2014-3640 CVE-2014-7840
  CVE-2014-8106 CVE-2015-1779 CVE-2015-3209 CVE-2015-4037 CVE-2015-5154
  CVE-2015-5225 CVE-2015-5278 CVE-2015-5279 CVE-2015-5745 CVE-2015-6815
  CVE-2015-6855 CVE-2015-7295 CVE-2015-7512 CVE-2015-7549 CVE-2015-8345
  CVE-2015-8504 CVE-2015-8558 CVE-2015-8567 CVE-2015-8568 CVE-2015-8613
  CVE-2015-8619 CVE-2015-8743 CVE-2015-8744 CVE-2015-8745 CVE-2016-1568
  CVE-2016-1714 CVE-2016-1922 CVE-2016-1981 CVE-2016-2198 CVE-2016-3710
  CVE-2016-6490 CVE-2016-6833 CVE-2016-6888 CVE-2016-7116 CVE-2016-7155
  CVE-2016-7161 CVE-2016-9381 CVE-2016-9776 CVE-2016-9845 CVE-2016-9846
  CVE-2016-9907 CVE-2016-9908 CVE-2016-9911 CVE-2016-9912 CVE-2016-9913
  CVE-2016-9921 CVE-2016-9922

==== sssd ====
Version update (1.15.1 -> 1.15.2)
Subpackages: libnfsidmap-sss libsss_idmap0 libsss_nss_idmap0 libsss_simpleifp0 sssd-32bit sssd-krb5-common sssd-ldap

- Introduce mandatory runtime requirement "cyrus-sasl-gssapi" to
  krb5-common sub-package. Address bsc#1024836.
- Update to new upstream release 1.15.2
  * It is now possible to configure certain parameters of a
    trusted domain in a configuration file sub-section.
  * Several issues related to socket-activating the NSS service,
    especially if SSSD was configured to use a non-privileged
    userm were fixed. The NSS service now does not change the
    ownership of its log files to avoid triggering a name-service
    lookup while the NSS service is not running yet.
    Additionally, the NSS service is started before any other
    service to make sure username resolution works and the other
    service can resolve the SSSD user correctly.
  * A new option "cache_first" allows the administrator to change
    the way multiple domains are searched. When this option is
    enabled, SSSD will first try to "pin" the requested name or
    ID to a domain by searching the entries that are already
    cached and contact the domain that contains the cached entry
    first. Previously, SSSD would check the cache and the remote
    server for each domain. This option brings performance
    benefit for setups that use multiple domains (even
    auto-discovered trusted domains), especially for ID lookups
    that would previously iterate over all domains. Please note
    that this option must be enabled with care as the
    administrator must ensure that the ID space of domains does
    not overlap.
  * The SSSD D-Bus interface gained two new methods:
    "FindByNameAndCertificate" and "ListByCertificate". These
    methods will be used primarily by IPA and
    `mod_lookup_identity
    https://github.com/adelton/mod_lookup_identity/ to
    correctly match multple users who use the same certificate
    for Smart Card login.
  * A bug where SSSD did not properly sanitize a username with a
    newline character in it was fixed.

==== texlive ====

- Modify patch kpathsea_cnf.dif to remove mpost from the allowed
  shell escaping commands (bsc#1028271, CVE-2016-10243)

==== wayland ====
Subpackages: libwayland-client0 libwayland-client0-32bit libwayland-cursor0 libwayland-server0 libwayland-server0-32bit

- Add 0001-tests-Fix-new-ID-type-handling-in-argument_from_va_l.patch
  to resolve testsuite failure on s390x

==== wxWidgets-3_0 ====
Subpackages: libwx_baseu-suse3 libwx_baseu_net-suse3 libwx_baseu_xml-suse3 libwx_gtk2u_adv-suse3 libwx_gtk2u_aui-suse3 libwx_gtk2u_core-suse3 libwx_gtk2u_gl-suse3 libwx_gtk2u_html-suse3 libwx_gtk2u_media-suse3 libwx_gtk2u_propgrid-suse3 libwx_gtk2u_qa-suse3 libwx_gtk2u_richtext-suse3 libwx_gtk2u_stc-suse3 libwx_gtk2u_webview-suse3 libwx_gtk2u_xrc-suse3

- Fix devel package description.

==== wxWidgets-3_0-nostl ====
Subpackages: libwx_baseu-suse-nostl3 libwx_baseu_net-suse-nostl3 libwx_baseu_xml-suse-nostl3 libwx_gtk2u_adv-suse-nostl3 libwx_gtk2u_core-suse-nostl3 libwx_gtk2u_html-suse-nostl3 libwx_gtk2u_qa-suse-nostl3

- Actually apply relax-abi.diff and fix devel package description.

==== xf86-input-wacom ====

- switched input-tools required to linuxconsoletools (bsc#1029489)

-- 
To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org
To contact the owner, e-mail: opensuse-factory+owner@opensuse.org

[opensuse-factory] New Tumbleweed snapshot 20170318 released!

Dominique Leuenberger