Packages changed:
  aaa_base (13.2+git20160807.7f4c8c4 -> 13.2+git20160817.5c25c9c)
  bundle-lang-common
  bundle-lang-gnome
  bundle-lang-kde
  ccache (3.2.5 -> 3.2.7)
  cracklib
  ffmpeg2 (2.8.6 -> 2.8.7)
  file
  gd
  graphviz-plugins
  grub2
  libgweather
  libnetfilter_conntrack (1.0.5 -> 1.0.6)
  libspectre
  libyui (3.2.5 -> 3.2.6)
  libyui-qt (2.46.23 -> 2.46.24)
  libzypp (16.2.1 -> 16.2.2)
  mozilla-nss
  netpbm (10.72.4 -> 10.75.1)
  notmuch (0.22 -> 0.22.1)
  ovmf (2015+git1462940744.321151f -> 2015+git1471575292.00bcb5c)
  poppler (0.46.0 -> 0.47.0)
  poppler-qt (0.46.0 -> 0.47.0)
  poppler-qt5 (0.46.0 -> 0.47.0)
  wayland-protocols (1.5 -> 1.6)
  webkit2gtk3 (2.12.3 -> 2.12.4)
  xen
  yast2-schema (3.1.7 -> 3.1.8)
  zypper (1.13.7 -> 1.13.9)

=== Details ===

==== aaa_base ====
Version update (13.2+git20160807.7f4c8c4 -> 13.2+git20160817.5c25c9c)
Subpackages: aaa_base-extras

- Correct logic error in usage of variable restricted (boo#994111)
- enhance comment for NO_PROXY variable (bsc#990254)

==== bundle-lang-common ====
Subpackages: bundle-lang-common-cs bundle-lang-common-da bundle-lang-common-de bundle-lang-common-el bundle-lang-common-en bundle-lang-common-es bundle-lang-common-fr bundle-lang-common-hu bundle-lang-common-it bundle-lang-common-ja bundle-lang-common-pl bundle-lang-common-pt bundle-lang-common-ru bundle-lang-common-zh

- Updated package list.

==== bundle-lang-gnome ====
Subpackages: bundle-lang-gnome-cs bundle-lang-gnome-da bundle-lang-gnome-de bundle-lang-gnome-el bundle-lang-gnome-en bundle-lang-gnome-es bundle-lang-gnome-fr bundle-lang-gnome-hu bundle-lang-gnome-it bundle-lang-gnome-ja bundle-lang-gnome-pl bundle-lang-gnome-pt bundle-lang-gnome-ru bundle-lang-gnome-zh

- Updated package list.

==== bundle-lang-kde ====
Subpackages: bundle-lang-kde-cs bundle-lang-kde-da bundle-lang-kde-de bundle-lang-kde-el bundle-lang-kde-en bundle-lang-kde-es bundle-lang-kde-fr bundle-lang-kde-hu bundle-lang-kde-it bundle-lang-kde-ja bundle-lang-kde-pl bundle-lang-kde-pt bundle-lang-kde-ru bundle-lang-kde-zh

- Updated package list.

==== ccache ====
Version update (3.2.5 -> 3.2.7)

- Version update to 3.2.7:
  - Fixed build problem on QNX, which lacks ``SA_RESTART''.
  - Bail out on compiler option `-fstack-usage` since it creates a `.su` file
    which ccache currently doesn't handle.
  - Fixed a bug where (due to ccache rewriting paths) the compiler could choose
    incorrect include files if `CCACHE_BASEDIR` is used and the source file path
    is absolute and is a symlink.
  - Fixed a bug which could lead to false cache hits for compiler command lines
    with a missing argument to an option that takes an argument.
  - ccache now knows how to work around a glitch in the output of GCC 6's
    preprocessor.
- Create basic symlinks for clang and regular cc calls for ccache
  * this makes it easier to use ccache with osc build

==== cracklib ====
Subpackages: cracklib-dict-small libcrack2 libcrack2-32bit

- Add patch 0004-overflow-processing-long-words.patch
  to fix a new buffer overflow identified together with bsc#992966.
- Relabel patches:
  cracklib-magic.diff -> 0001-cracklib-magic.diff
  cracklib-2.9.2-visibility.patch -> 0002-cracklib-2.9.2-visibility.patch
- Add patch 0003-overflow-processing-gecos.patch
  to fix a buffer overflow in GECOS parser (bsc#992966 CVE-2016-6318)

==== ffmpeg2 ====
Version update (2.8.6 -> 2.8.7)
Subpackages: libavcodec56 libavformat56 libavutil54 libswresample1 libswscale3

- Make a copy of existing ffmpeg 3.x package (specfiles, patches)
  and add the most recent ffmpeg 2.x series tarball.
  This is for VLC?
- Update to new upstream release 2.8.7
  * swscale/x86/output: Fix yuv2planeX_16* with unaligned destination
  * libwebpenc_animencoder: zero initialize the
  WebPAnimEncoderOptions struct
  * avcodec/avpacket: Fix off by 5 error
- Guard usage of opencore using bcond_with, boo#980542
- Dropped dcadec (libdca was merged upstream)
- Add ffmpeg-codec-choice.diff
- Remove ffmpeg-devel subpackage.
  All users have been converted to pkgconfig
  Add Provides/Obsoletes to libavdevice-devel
- Add ffmpeg-new-coder-errors.diff
- Another try at organizing the codec-enable list.
  Enable video: AYUV, Dirac, MJPEG, rawvideo, Theora, VP8, VP9, WebP,
  zlib
  Enable audio: Celt, GSM, Opus, Speex, Vorbis
  Enable subtitle: ASS/SSA text, SRT text, UTF-8 plaintext
- Update included pkgconfig files to require the exact version
  of ffmpeg pc files, instead of any later version
  ffmpeg-pkgconfig-version.patch
- Remove the optional vo-aacenc dependency, upstream removed it.

==== file ====
Subpackages: file-devel file-magic libmagic1

- Fix boo#995089:
  * Do not attempt to produce a file-magic-32bit package: there is
    nothing arch-dependant in this package (for completeness, this
    was already fixed just before by Marcus)
  * Fix baselibs.conf for libmagic1-32bit to require file-magic
    instead of file-magic-32bit.
  * Build file-magic as noarch on openSUSE >= 1200 (where rpm is
    new enough to support this).
- file-magic is architecture independend, no need for a baselibs
  package.

==== gd ====
Subpackages: libgd3

- security update:
  * CVE-2016-6132 [bsc#987577]
    + gd-CVE-2016-6132.patch
  * CVE-2016-6214 [bsc#991436]
    + gd-CVE-2016-6214.patch
  * CVE-2016-6905 [bsc#995034]
    + gd-CVE-2016-6905.patch

==== graphviz-plugins ====
Subpackages: graphviz-gd graphviz-gnome

- "Lower" xorg-x11-fonts Requires to Recommends.

==== grub2 ====
Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-systemd-sleep-plugin grub2-x86_64-efi grub2-x86_64-xen

- since version 1.7 cryptsetup defaults to SHA256 for LUKS - include
  gcry_sha256 in signed EFI image

==== libgweather ====
Subpackages: libgweather-3-6 libgweather-data libgweather-devel typelib-1_0-GWeather-3_0

- Spellfix in find_lang macro.
- Drop obsolete clean section.

==== libnetfilter_conntrack ====
Version update (1.0.5 -> 1.0.6)

- Update to new upstream release 1.0.6
  * add support for IPv6 NAT
  * conntrack: add zone attribute to tuple

==== libspectre ====
Subpackages: libspectre-devel libspectre1

- Add fix-bsc975503.diff to fix handling of PostScript files with
  embedded EPS files. The PS file then contains two "%%EOF" DSC
  comments and the first one stopped the parsing of the file as if
  the real EOF was reached (bsc#975503, fdo#97091).

==== libyui ====
Version update (3.2.5 -> 3.2.6)

- prevent double rendering of content causing segfault in qt and
  slow down elsewhere (bnc#989155)
- 3.2.6

==== libyui-qt ====
Version update (2.46.23 -> 2.46.24)

- Do not append new line when content of log view do not change
  (bnc#989155)
- 2.46.24

==== libzypp ====
Version update (16.2.1 -> 16.2.2)

- Report numeric curl error if code is unrecognized (bsc#992302)
- multicurl: propagate proxy settings stored in repo url (bsc#933839)
- version 16.2.2 (0)

==== mozilla-nss ====
Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs mozilla-nss-devel mozilla-nss-tools

- fix build on certain toolchains (nss-uninitialized.patch)
  jarfile.c:805:13: error: 'it' may be used uninitialized in this
  function [-Werror=maybe-uninitialized]

==== netpbm ====
Version update (10.72.4 -> 10.75.1)
Subpackages: libnetpbm-devel libnetpbm11

- updated to 10.75.1
  * see HISTORY for upstream changelog
  * refreshed, reduced, extended patches:
    netpbm-security-code.patch
    netpbm-security-scripts.patch
    netpbm-gcc-warnings.patch

==== notmuch ====
Version update (0.22 -> 0.22.1)

- version 0.22.1
  - Correct the definition of LIBNOTMUCH_CHECK_VERSION.
  - Document the (lack of) operations permitted on a closed database.
  - Fix race condition in dump / restore tests.
  - Notmuch-mutt: Use env to locate perl.
  - Emacs: Tell message-mode mode that outgoing messages are mail
  - Emacs: This makes message-mode configuration behave more predictably.
  - Respect charset of MIME parts when reading them
  - Fix previous assumption that everyone uses UTF-8.

==== ovmf ====
Version update (2015+git1462940744.321151f -> 2015+git1471575292.00bcb5c)

- Update to 2015+git1471575292.00bcb5c
  + NetworkPkg/IpSecDxe: Fix UEFI IKE Initial Exchange failure
  + MdeModulePkg: Fix potential failure if UseDefaultAddress
    configured
  + OvmfPkg: Add MpInitLib reference in DSC files
  + SecurityPkg: AuthVariableLib: Fix inconsistent CertDB case
  + OvmfPkg: use StatusCode Router and Handler from MdeModulePkg
  + ArmVirtPkg/ArmVirtPrePiUniCoreRelocatable: deal with relaxed
    XIP alignment
  + BaseTools GCC: introduce GCC5 toolchain to support GCC v5.x in
    LTO mode
  + BaseTools GCC: use 'gcc' as the linker command for GCC44 and
    later
  + ArmVirtPkg/ArmVirtPrePiUniCoreRelocatable: ignore .hash and
    .note sections
  + OvmfPkg/Sec: Support SECTION2 DXEFV types
  + Preserve hii section in GCC binaries
  + Fix IPv6 HTTPClient vendor class data
  + CryptoPkg/OpensslLib: Upgrade OpenSSL version to 1.0.2h
  + NetworkPkg: Fix bug in TCP which not sending out ACK in
    certain circumstance
  + OvmfPkg: include UefiCpuPkg/CpuMpPei
  + OvmfPkg/PlatformPei: rebase and resize the permanent PEI memory
    for S3
  + SecurityPkg SecureBootConfigDxe: Add check for the external
    PE/COFF image
  + ArmVirtPkg/PlatformBootManagerLib: remove stale FvFile boot
    options
  + OvmfPkg/PlatformPei: add missing auto variable initialization
  + OvmfPkg: add PciHotPlugInitDxe
  + MdeModulePkg/PciBusDxe: recognize hotplug-capable PCIe ports
  + OvmfPkg/PlatformBootManagerLib: remove stale FvFile boot
    options
  + OvmfPkg: add a Name GUID to each Firmware Volume
  + CryptoPkg BaseCryptLib: Init the content of struct 'CertCtx'
    before use
  + CryptoPkg BaseCryptLib: Avoid passing NULL ptr to function
    BN_bn2bin()
  + MdeModulePkg/Bds: MemoryTypeInformation excludes boot option
    mem use
  + MdeModulePkg: Fix IPv4 stack potential disappeared issue
  + NetworkPkg: Stop the HTTP Boot service after the boot image
    download complete
  + ArmVirtPkg: Re-add the Driver Health Manager
  + OvmfPkg: Re-add the Driver Health Manager
  + ArmVirtPkg/ArmVirtXen: Add ACPI support for Virt Xen ARM
  + Massive conversion of assembly code to NASM
  + MdeModulePkg/UefiBootManagerLib: Fix data in
    MemoryTypeInformation
  + ArmVirtPkg: add FDF definition for empty varstore
  + ArmVirtPkg/ArmVirtQemu: switch secure boot build to NorFlashDxe
  + NetworkPkg: Handling timeout case in httpboot driver
  + NetworkPkg: HttpDxe response/cancel issue fix
  + NetworkPkg: Support TCP Cancel function
  + MdeModulePkg/RamDiskDxe: Add Memory Type selection support in
    Ramdisk HII
  + MdeModulePkg RamDiskDxe: Do not save 'Size' numeric value by
    varstore
  + MdeModulePkg: Fix IPv4 UseDefaultAddress failure case
  + MdeModulePkg/AtaBusDxe: Fix some ATA hard drives cannot be
    discovered
  + ArmVirtPkg/PlatformBootManagerLib: rebase boot logo display to
    BootLogoLib
  + OvmfPkg: set SMM stack size to 16KB
  + OvmfPkg/PlatformBootManagerLib: Connect the Xen drivers before
    loading NvVars
  + MdeModulePkg: Fix SNP.Initialize() spec conformance issue
  + OvmfPkg: raise DXEFV size to 10 MB
  + MdeModulePkg: Stop the timer before clean IP service
  + OvmfPkg/PlatformBootManagerLib: rebase boot logo display to
    BootLogoLib
  + OvmfPkg/SerializeVariablesLib: Relax check for the read-only
    variable
  + OvmfPkg: prevent 64-bit MMIO BAR degradation if there is no CSM
  + OvmfPkg, ArmVirtPkg: rename QemuNewBootOrderLib to
    QemuBootOrderLib
  + MdeModulePkg/PciBus: do not improperly degrade resource
  + NetworkPkg/HttpDxe: Don't free Wrap in HttpTcpReceiveNotifyDpc
  + NetworkPkg/TcpDxe: Remove the status check of
    SockProcessRcvToken
  + UefiCpuPkg/SmmCpuFeaturesLib: Add SMRR PhysBase/PhysMask
    fields check
  + MdeModulePkg: Skip invalid bus number scanning in PciBusDxe
    driver
  + OvmfPkg/PlatformPei: provide 10 * 4KB of PCI IO Port space on
    Q35
  + OvmfPkg: introduce ICH9_PMBASE_VALUE
  + OvmfPkg: replace PcdAcpiPmBaseAddress with PIIX4_PMBA_VALUE
  + OvmfPkg/AcpiTimerLib: don't use possibly unset PMBA register
    (PEI phase)
  + MdeModulePkg: Refine the code for DxeHttpLib
  + OvmfPkg/XenBusDxe: duplicate twice-iterated VA_LIST in
    XenStoreVSPrint()
  + SecurityPkg: Use PcdGet32() to access PcdPeiCoreMaxFvSupported
  + UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile: Fix BTS support check bug
  + NetworkPkg:HttpDxe: Code changes to support HTTP PUT/POST
    operations
  + CryptoPkg/SmmCryptLib: Enable AES support for SMM
  + MdePkg: Add NFIT definition from ACPI 6.1
  + BaseTools/GenFw: enhance to use Magic Field to identify the
    image
  + MdeModulePkg-DxeCore: rename CoreGetMemoryMapPropertiesTable
  + MdeModulePkg Variable: return error for empty str VariableName
    to GetVariable
  + PcAtChipsetPkg AcpiTimerLib: Fix a logic error
  + MdeModulePkg UiApp: change code for easy customization
  + MdePkg: Add HII definitions from UEFI 2.6
  + NetworkPkg: Make HttpBootGetBootFile return
    EFI_BUFFER_TOO_SMALL
  + MdeModulePkg:DxeHttpLib: Add checks in HttpGenRequestMessage
    API
  + ArmPkg/ArmLib: don't invalidate entire I-cache on range
    operation
  + OvmfPkg/PlatformBootManagerLib: Postpone the shell registration
  + OvmfPkg/QemuNewBootOrderLib: adapt Q35 SATA PMPN to UEFI spec
    Mantis 1353
  + MdeModulePkg Ata: Use the new (incompatible) PortMultiplierPort
    semantics
  + NetworkPkg: Bug fix of iSCSI to support MPIO
- Drop upstreamed patches
  + ovmf-dxe-10mb.patch
  + ovmf-bsc976253-postpone-shell.patch
  + ovmf-bsc980635-fix-http-crash.patch
  + ovmf-bsc982193-dont-restore-readonly-var.patch
  + ovmf-bsc982193-connect-xen-drivers.patch
  + ovmf-bsc990612-update-openssl-1.0.2h.patch
  + ovmf-bsc990773-remove-stale-boot-options.patch
- Update dbxupdate.zip since there are new hashes added into dbx

==== poppler ====
Version update (0.46.0 -> 0.47.0)
Subpackages: libpoppler-cpp0 libpoppler-devel libpoppler-glib8 libpoppler63 poppler-tools

- Update to version 0.47.0 (boo#994702):
  + core:
  - Fix abort on documents where the docinfo obj is not a dict
    (fdo#97134).
  - Check for XRefEntry existing before using it (fdo#97005).
  - Fix memory leak on PDFDoc::setDocInfoStringEntry() with empty
    string.
  - Don't presume that DocInfo is a dictionary in
    XRef::createDocInfoIfNoneExists().
  + build system: configure: Work with non gnu greps.

==== poppler-qt ====
Version update (0.46.0 -> 0.47.0)

- Update to version 0.47.0 (boo#994702):
  + core:
  - Fix abort on documents where the docinfo obj is not a dict
    (fdo#97134).
  - Check for XRefEntry existing before using it (fdo#97005).
  - Fix memory leak on PDFDoc::setDocInfoStringEntry() with empty
    string.
  - Don't presume that DocInfo is a dictionary in
    XRef::createDocInfoIfNoneExists().
  + build system: configure: Work with non gnu greps.

==== poppler-qt5 ====
Version update (0.46.0 -> 0.47.0)
Subpackages: libpoppler-qt5-1 libpoppler-qt5-devel

- Update to version 0.47.0 (boo#994702):
  + core:
  - Fix abort on documents where the docinfo obj is not a dict
    (fdo#97134).
  - Check for XRefEntry existing before using it (fdo#97005).
  - Fix memory leak on PDFDoc::setDocInfoStringEntry() with empty
    string.
  - Don't presume that DocInfo is a dictionary in
    XRef::createDocInfoIfNoneExists().
  + build system: configure: Work with non gnu greps.

==== wayland-protocols ====
Version update (1.5 -> 1.6)

- Update to version 1.6:
  * This release include two new unstable protocols:
  - xdg-foreign: reference a toplevel surface from another client
    and affect window manager relationship.
  - idle-inhibit: inhibit idle behaviour (screen blanking,
    screensaver, etc)

==== webkit2gtk3 ====
Version update (2.12.3 -> 2.12.4)
Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 typelib-1_0-JavaScriptCore-4_0 typelib-1_0-WebKit2-4_0 webkit2gtk-4_0-injected-bundles

- Rebase webkitgtk-disable-gcc-version-checks.patch for 2.12.4
- Update to version 2.12.4:
  + Security fixes: CVE-2016-4622, CVE-2016-4624, CVE-2016-4591,
    CVE-2016-4590.
  + Fix performance in accelerated compositing mode with the
    modesetting intel driver and DRI3 enabled.
  + Reduce the amount of file descriptors that the Web Process
    keeps open.
  + Fix Web Process deadlocks when loading HLS videos.
  + Make CSS and SVG animations run at 60fps.
  + Make meter elements accessible.
  + Improve accessibility name and description of elements to make
    it more compatible with W3C specs and fix several bugs in which
    the accessible name of objects was missing or broken.
  + Fix a crash when running windowed plugins under Wayland.
  + Fix a crash at process exit under Wayland.
  + Fix several crashes and rendering issues.
  + Updated translations.
- Update _constraints memory requirements.

==== xen ====
Subpackages: xen-doc-html xen-libs xen-tools xen-tools-domU

- bsc#992224 - [HPS Bug] During boot of Xen Hypervisor, Failed to
  get contiguous memory for DMA from Xen
  57ac6316-don-t-restrict-DMA-heap-to-node-0.patch
- bsc#978755 - xen uefi systems fail to boot
- bsc#983697 - SLES12 SP2 Xen UEFI mode cannot boot
  57b71fc5-x86-EFI-don-t-apply-relocations-to-l-2-3-_bootmap.patch
- Upstream patch from Jan
  57b7447b-dont-permit-guest-to-populate-PoD-pages-for-itself.patch
- spec: to stay compatible with the in-tree qemu-xen binary, use
  /usr/bin/qemu-system-i386 instead of /usr/bin/qemu-system-x86_64
  bsc#986164

==== yast2-schema ====
Version update (3.1.7 -> 3.1.8)

- Exclude i586 and s390 architectures as SLE 12 does not build
  a runnable kernel for such architectures (bsc#933411).
- 3.1.8

==== zypper ====
Version update (1.13.7 -> 1.13.9)
Subpackages: zypper-aptitude zypper-log

- --no-recommends: don't make an attempt to show recommends/suggests
  as we know there are none (bsc#958161)
- remove dead code
- version 1.13.9
- locks: add parsable XML output (bsc#985390)
- version 1.13.8