Packages changed:
  MozillaFirefox (43.0.3 -> 43.0.4)
  aqbanking (5.6.1beta -> 5.6.4beta)
  clamav
  grub2
  gwenhywfar (4.14.0 -> 4.15.2beta)
  libvirt-python
  lxdm
  man-pages (4.03 -> 4.04)
  mbedtls (1.3.15 -> 1.3.16)
  perl-Bootloader (0.901 -> 0.903)
  perl-Pango
  pidgin-sipe (1.19.1 -> 1.20.1)
  pinpoint (0.1.6 -> 0.1.8)
  python-cffi (1.2.1 -> 1.4.2)
  python-cryptography (1.1.2 -> 1.2.1)
  tei-xsl-stylesheets (7.32.0 -> 7.40.1)
  tiff
  uget (2.0.2 -> 2.0.4)
  vim (7.4.1004 -> 7.4.1087)

=== Details ===

==== MozillaFirefox ====
Version update (43.0.3 -> 43.0.4)
Subpackages: MozillaFirefox-translations-common

- Mozilla Firefox 43.0.4:
  * Re-enable SHA-1 certificates to prevent outdated
    man-in-the-middle security devices from interfering with
    properly secured SSL/TLS connections (bmo#1236975)
  * Fix for startup crash for users of a third party antivirus tool
    (bmo#1235537)
- The following change was previously in the package as a patch:
  * Multi-user GNU/Linux download folders can be created
  (bmo#1233434), removed mozilla-bmo1233434.patch

==== aqbanking ====
Version update (5.6.1beta -> 5.6.4beta)
Subpackages: aqbanking-devel aqbanking-lang

- Update to 5.6.4beta
  + Fix error in SWIFT importer (missing import of :NS: fields)
  + Fix transmission of Flicker codes (HHD 1.4)

==== clamav ====

- now can handle regexp using signatures using pcre bsc#960237

==== grub2 ====
Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-systemd-sleep-plugin grub2-x86_64-efi grub2-x86_64-xen

- Add 0001-menu-fix-line-count-calculation-for-long-lines.patch (bsc#943585)

==== gwenhywfar ====
Version update (4.14.0 -> 4.15.2beta)
Subpackages: gwenhywfar-devel gwenhywfar-lang libgwengui-cpp0 libgwengui-fox16-0 libgwengui-gtk2-0 libgwengui-qt4-0 libgwenhywfar60 libgwenhywfar60-plugins

- Update to 4.15.2beta
  + Use new code for SSL connections to enable build with current
    GnuTLS versions. This obsoletes patch gwenhywfar-gnutls30.patch

==== libvirt-python ====

- Require libvirt-client version >= libvirt-python version

==== lxdm ====

- Run intltoolize in order to get valid Makefiles for translation
  installations.

==== man-pages ====
Version update (4.03 -> 4.04)

- update to 4.04:
  * new and rewritten pages
    + futex.2
    Rewrite and massively expand page
    + membarrier.2
    New page documenting membarrier() system call
  * newly documented interfaces in existing pages
    + mlock.2
    Document mlock2(2) and MCL_ONFAULT

==== mbedtls ====
Version update (1.3.15 -> 1.3.16)

- Update to 1.3.16
  * Fixes a potential double free when
    mbedtls_asn1_store_named_data() fails to allocate memory. This
    was only used for certificate generation and was not
    triggerable remotely in SSL/TLS. boo#961290
  * Disables by default MD5 handshake signatures in TLS 1.2 to
    prevent the  SLOTH (CVE-2015-7575) attack on TLS 1.2 server
    authentication (other attacks from the SLOTH paper do not apply
    to any version of mbed TLS or PolarSSL). boo#961284
  * Fixes an over-restrictive length limit in GCM.
  * Fixes a bug in certificate validation that caused valid chains
    to be rejected when the first intermediate certificate has a
    pathLenConstraint equal to zero.
  * Removed potential leak in mbedtls_rsa_rsassa_pkcs1_v15_sign()
  * Added config.h option POLARSSL_SSL_ENABLE_MD5_SIGNATURES to
    control use of MD5-based signatures for TLS 1.2 handshake
    (disabled by default).

==== perl-Bootloader ====
Version update (0.901 -> 0.903)
Subpackages: perl-Bootloader-YAML

- improve add/del-option scripts
- rename uboot to u-boot
- 0.903- added support for modifying default boot options
- 0.902

==== perl-Pango ====

- Add fix-pangocairo_libs.patch to fix compilation on Tumbleweed-2016-01

==== pidgin-sipe ====
Version update (1.19.1 -> 1.20.1)
Subpackages: libpurple-plugin-sipe

- Update to version 1.20.1:
  + Add support for another type of ADFS response.
  + Improve configure check for back-ported features.
  + Updated translations.
- Changes from version 1.20.0:
  + Parse HTML from Lync conference URL (Stefan Becker)
  + SRTP Support.
  + Office365 rejects RC4 in TLS-DSK: added support for
    AES-128/256-CBC.

==== pinpoint ====
Version update (0.1.6 -> 0.1.8)

- Update to version 0.1.8:
  + Make pinpoint work on Wayland (includes depending on Gtk+ to
    have window decorations).
  + Remove more deprecation warnings (still so many left).
- Add pkgconfig(clutter-gtk-1.0) BuildRequires: new dependency.

==== python-cffi ====
Version update (1.2.1 -> 1.4.2)

- update to version 1.4.2:
  * Nothing changed from v1.4.1.
- changes from version 1.4.1:
  * Fix the compilation failure of cffi on CPython 3.5.0. (3.5.1
    works; some detail changed that makes some underscore-starting
    macros disappear from view of extension modules, and I worked
    around it, thinking it changed in all 3.5 versions?but no: it was
    only in 3.5.1.)
- changes from version 1.4.0:
  * A better way to do callbacks has been added (faster and more
    portable, and usually cleaner). It is a mechanism for the
    out-of-line API mode that replaces the dynamic creation of
    callback objects (i.e. C functions that invoke Python) with the
    static declaration in cdef() of which callbacks are needed. This
    is more C-like, in that you have to structure your code around the
    idea that you get a fixed number of function pointers, instead of
    creating them on-the-fly.
  * ffi.compile() now takes an optional verbose argument. When True,
    distutils prints the calls to the compiler.
  * ffi.compile() used to fail if given sources with a path that
    includes "..". Fixed.
  * ffi.init_once() added. See docs.
  * dir(lib) now works on libs returned by ffi.dlopen() too.
  * Cleaned up and modernized the content of the demo subdirectory in
    the sources (thanks matti!).
  * ffi.new_handle() is now guaranteed to return unique void * values,
    even if called twice on the same object. Previously, in that case,
    CPython would return two cdata objects with the same void *
    value. This change is useful to add and remove handles from a
    global dict (or set) without worrying about duplicates. It already
    used to work like that on PyPy. This change can break code that
    used to work on CPython by relying on the object to be kept alive
    by other means than keeping the result of ffi.new_handle()
    alive. (The corresponding warning in the docs of ffi.new_handle()
    has been here since v0.8!)
- changes from version 1.3.1:
  * The optional typedefs (bool, FILE and all Windows types) were not
    always available from out-of-line FFI objects.
  * Opaque enums are phased out from the cdefs: they now give a
    warning, instead of (possibly wrongly) being assumed equal to
    unsigned int. Please report if you get a reasonable use case for
    them.
  * Some parsing details, notably volatile is passed along like const
    and restrict. Also, older versions of pycparser mis-parse some
    pointer-to-pointer types like char * const *: the ?const? ends up
    at the wrong place. Added a workaround.
- changes from version 1.3.0:
  * Added ffi.memmove().
  * Pull request #64: out-of-line API mode: we can now declare
    floating-point types with typedef float... foo_t;. This only works
    if foo_t is a float or a double, not long double.
  * Issue #217: fix possible unaligned pointer manipulation, which
    crashes on some architectures (64-bit, non-x86).
  * Issues #64 and #126: when using set_source() or verify(), the
    const and restrict keywords are copied from the cdef to the
    generated C code; this fixes warnings by the C compiler. It also
    fixes corner cases like typedef const int T; T a; which would
    previously not consider a as a constant. (The cdata objects
    themselves are never const.)
  * Win32: support for __stdcall. For callbacks and function pointers;
    regular C functions still don?t need to have their calling
    convention declared.
  * Windows: CPython 2.7 distutils doesn?t work with Microsoft?s
    official Visual Studio for Python, and I?m told this is not a
    bug. For ffi.compile(), we removed a workaround that was inside
    cffi but which had unwanted side-effects. Try saying import
    setuptools first, which patches distutils...

==== python-cryptography ====
Version update (1.1.2 -> 1.2.1)

- update to upstream release 1.2.1
  1.2.1 - 2016-01-08
  * Reverts a change to an OpenSSL EVP_PKEY object that caused
    errors with pyOpenSSL.
  1.2 - 2016-01-08
  * BACKWARDS INCOMPATIBLE: RevokedCertificate extensions now
    uses extension classes rather than returning raw values
    inside the Extension value. The new classes are:
    o CertificateIssuer
    o CRLReason
    o InvalidityDate
  * Deprecated support for OpenSSL 0.9.8 and 1.0.0. At this time
    there is no time table for actually dropping support,
    however we strongly encourage all users to upgrade, as those
    versions no longer receive support from the OpenSSL project.
  * The Certificate class now has signature and
    tbs_certificate_bytes attributes.
  * The CertificateSigningRequest class now has signature and
    tbs_certrequest_bytes attributes.
  * The CertificateRevocationList class now has signature and
    tbs_certlist_bytes attributes.
  * NameConstraints are now supported in the CertificateBuilder
    and CertificateSigningRequestBuilder.
  * Support serialization of certificate revocation lists using
    the public_bytes() method of CertificateRevocationList.
  * Add support for parsing CertificateRevocationList extensions
    () in the OpenSSL backend. The following extensions are
    currently supported:
    o AuthorityInformationAccess
    o AuthorityKeyIdentifier
    o CRLNumber
    o IssuerAlternativeName
  * Added CertificateRevocationListBuilder and
    RevokedCertificateBuilder to allow creation of CRLs.
  * Unrecognized non-critical X.509 extensions are now parsed
    into an UnrecognizedExtension object.

==== tei-xsl-stylesheets ====
Version update (7.32.0 -> 7.40.1)

- Update to version 7.40.1
  * No short changelog available; please read the ChangeLog file
- Little specfile refactoring

==== tiff ====
Subpackages: libtiff-devel libtiff5 libtiff5-32bit

- add tiff-4.0.4-uninitialized_mem_NeXTDecode.patch to fix
  uninitialized memory in NeXTDecode (upstream bug #2508)
  [bnc#942690]

==== uget ====
Version update (2.0.2 -> 2.0.4)
Subpackages: uget-lang

- Update to version 2.0.4:
  + Save and restore width of download column.
  + Adjust schedule form for large font size.
  + In speed limit mode, program adjust speed when downloading
    start-up.
  + Use filename from RPC request to match category if URL doesn't
    contain filename.
  + curl plug-in:
  - use posix_fallocate() to preallocate space for a file on
    Linux.
  - use SetEndOfFile() to preallocate space for a file on
    Windows.
  + Fix: program crash when simultaneously download > 32 files.
  + Fix: Can't save height of summary area.
  + Add compressed 256x256 icon for Windows 7.
- Changes from version 2.0.3:
  + curl plug-in:
  - Update control file path if download file was renamed.
  - Update downloaded size after loading aria2 control file.
  - Update file size when allocating disk space.
  - Don't show border in right side of setting dialog.

==== vim ====
Version update (7.4.1004 -> 7.4.1087)
Subpackages: gvim vim-data

- Updated to revision 1087, fixes the following problems
  * Wrong way to check for unletting internal variables.
  * The Tcl interface can't be loaded dynamically on Unix.
  * Crash when using an invalid command.
  * CTRL-A does not work well in right-left mode.
  * Using "." to repeat CTRL-A in Visual mode increments the wrong numbers.
  * The CTRL-A and CTRL-X commands do not update the '[ and '] marks.
  * Crash with an extremely long buffer name.
  * CTRL-A and CTRL-X work badly with blockwise visual selection- Updated to revision 1066, fixes the following problems
  * Segfault when unletting "count".
  * Illegal memory access with weird syntax command. (Dominique Pelle)
  * Typos in the :options window.
  * Compiler warning for ignoring return value of fwrite().
  * When a spell file has single letter compounding creating
    suggestions takes an awful long time.- Updated to revision 1046, fixes the following problems
  * The fix in patch 7.3.192 is not tested.
  * When a symbolic link points to a file in the root directory,
    the swapfile is not correct.
  * Vim overwrites the value of $PYTHONHOME.
  * The local value of 'errorformat' is not used for ":lexpr" and ":cexpr".
  * The column is not restored properly when the matchparen plugin
    is used in Insert mode and the cursor is after the end of the line.
  * When there is a backslash in an option ":set -=" doesn't work.
  * An Ex range gets adjusted for folded lines even when the range
    is not using line numbers.
  * Using "q!" when there is a modified hidden buffer does not unload
    the current buffer, resulting in the need to abandon it again.
  * g-CTRL-G shows the word count, but there is no way to get the word count in a script.