Packages changed:
  Mesa
  Mesa-drivers
  libarchive
  libidn2 (2.0.5 -> 2.1.0)
  ltrace
  man-pages
  nodejs10 (10.13.0 -> 10.15.0)
  openssh
  osinfo-db
  publicsuffix (20181030 -> 20181227)
  qemu
  qemu-linux-user
  re2 (20181001 -> 20190101)
  vim (8.1.0565 -> 8.1.0687)
  xf86-video-neomagic (1.2.9 -> 1.3.0)
  yast2-schema (4.0.6 -> 4.1.0)
  zstd (1.3.7 -> 1.3.8)

=== Details ===

==== Mesa ====
Subpackages: Mesa-dri-devel Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1

- redisabled support for tegra, since it just got disabled upstream
  in git master ...
- Enable the surfaceless platform, which is needed by KDE CI
  environment for testing (https://phabricator.kde.org/T10245)
- Add etnaviv, imx and tegra supports for %arm and arch64

==== Mesa-drivers ====
Subpackages: Mesa-dri Mesa-dri-nouveau Mesa-gallium Mesa-libva libvdpau_nouveau libvdpau_r300 libvdpau_r600 libvdpau_radeonsi libvulkan_intel libvulkan_radeon libxatracker2

- redisabled support for tegra, since it just got disabled upstream
  in git master ...
- Enable the surfaceless platform, which is needed by KDE CI
  environment for testing (https://phabricator.kde.org/T10245)
- Add etnaviv, imx and tegra supports for %arm and arch64

==== libarchive ====
Subpackages: bsdtar libarchive13

- Added patches:
  * CVE-2018-1000877.patch, which fixes a double free vulnerability in RAR
    decoder (CVE-2018-1000877 bsc#1120653)
  * CVE-2018-1000878.patch, which fixes a Use-After-Free vulnerability in RAR
    decoder (CVE-2018-1000878 bsc#1120654)
  * CVE-2018-1000879.patch, which fixes a NULL Pointer Dereference
    vulnerability in ACL parser (CVE-2018-1000879 bsc#1120656)
  * CVE-2018-1000880.patch, which fixes an improper input validation
    vulnerability in WARC parser (CVE-2018-1000880 bsc#1120659)
- Make use of %license macro
- Applied spec-cleaner

==== libidn2 ====
Version update (2.0.5 -> 2.1.0)

- update to 2.1.0:
  * Two internal functions are no longer exposed, soname bump
  * Fix label length check for idn2_register_u8()
  * Add missing error messages to idn2_strerror_name()

==== ltrace ====

- Add gcc9-printf-s-null-argument.patch: boo#1120789.

==== man-pages ====

- supplements man [bsc#1116987]

==== nodejs10 ====
Version update (10.13.0 -> 10.15.0)
Subpackages: nodejs10-devel npm10

- New upstream LTS version 10.15.0 (still bsc#1112438, FATE#326776):
  * cli: add --max-http-header-size flag
  * http: add maxHeaderSize property
- Changes in version 10.14.2
  * deps: upgrade to c-ares v1.15.0
  * child_process: handle undefined/null for fork() args
  * http2: make Http2Settings constructors delegate
  * os: fix memory leak in userInfo()
- fix_ci_tests.patch: refreshed
- New upstream LTS version 10.14.1 (still bsc#1112438, FATE#326776):
  * deps: Upgrade to OpenSSL 1.1.0j, fixing
    + Timing vulnerability in DSA signature generation
    (bsc#1113652, CVE-2018-0734)
    + Timing vulnerability in ECDSA signature generation
    (bsc#1113651, CVE-2018-0735)
  * http:
    + Headers received by HTTP servers must not exceed 8192 bytes
    in total to prevent possible Denial of Service attacks.
    (bsc#1117626, CVE-2018-12121)
    + A timeout of 40 seconds now applies to servers receiving
    HTTP headers. This value can be adjusted with
    server.headersTimeout. Where headers are not completely
    received within this period, the socket is destroyed on
    the next received chunk. In conjunction
    with server.setTimeout(), this aids in protecting against
    excessive resource retention and possible Denial of Service.
    (bsc#1117627, CVE-2018-12122)
  * url: Fix a bug that would allow a hostname being spoofed when
    parsing URLs with url.parse() with the 'javascript:' protocol.
    (bsc#1117629, CVE-2018-12123)

==== openssh ====
Subpackages: openssh-helpers

- Added compatibility with SuSEfirewall2 [bsc#1118044]

==== osinfo-db ====

- Fix volume ID for SLE15-SP1 (bsc#1086715)
  add-sle15sp1-support.patch
  add-opensuse-leap-15.1-support.patch

==== publicsuffix ====
Version update (20181030 -> 20181227)

- Update to version 20181227:
  * Add run.app and a.run.app to the psl (#681)
  * Add telebit.io .app .xyz (#726)
  * Add Leadpages domains (#731)
  * Add public suffix entries for dapps.earth (#708)
  * Add Bytemark Hosting domains (#620)
  * Remove .STATOIL
  * linter: Expect rules to be in NFKC (#725)
  * Convert list data from NFKD to NFKC (#720)
  * Update LS (#718)

==== qemu ====
Subpackages: qemu-arm qemu-block-curl qemu-block-dmg qemu-block-gluster qemu-block-iscsi qemu-block-nfs qemu-block-rbd qemu-block-ssh qemu-extra qemu-guest-agent qemu-ipxe qemu-ksm qemu-kvm qemu-lang qemu-ppc qemu-s390 qemu-seabios qemu-sgabios qemu-tools qemu-ui-curses qemu-ui-gtk qemu-ui-sdl qemu-vgabios qemu-x86

- include post v3.1.0 patches marked for next stable release:
  0041-vfio-ap-flag-as-compatible-with-bal.patch
  0042-hw-s390x-Fix-bad-mask-in-time2tod.patch
  0043-pcie-set-link-state-inactive-active.patch
  0044-pc-piix4-Update-smbus-I-O-space-aft.patch
  0045-hw-usb-fix-mistaken-de-initializati.patch
- Address various security/stability issues
  * Fix host access vulnerability in usb-mtp infrastructure
  (CVE-2018-16872 bsc#1119493)
  0046-usb-mtp-use-O_NOFOLLOW-and-O_CLOEXE.patch
  * Fix DoS in pvrdma interface (CVE-2018-20123 bsc#1119437)
  0047-pvrdma-release-device-resources-in-.patch
  * Fix OOB access issue in rdma backend (CVE-2018-20124 bsc#1119840)
  0048-rdma-check-num_sge-does-not-exceed-.patch
  * Fix NULL pointer reference in pvrdma emulation (CVE-2018-20191
  bsc#1119979)
  0049-pvrdma-add-uar_read-routine.patch
  * Fix DoS in pvrdma interface (CVE-2018-20125 bsc#1119989)
  0050-pvrdma-check-number-of-pages-when-c.patch
  * Fix DoS in pvrdma interface (CVE-2018-20216 bsc#1119984)
  0051-pvrdma-check-return-value-from-pvrd.patch
  * Fix DoS in pvrdma interface (CVE-2018-20126 bsc#1119991)
  0052-pvrdma-release-ring-object-in-case-.patch
- one more post v3.1.0 patches marked for next stable release:
  0053-block-Fix-hangs-in-synchronous-APIs.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-3.1
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-3.1
  * Patches added:
  0040-xen-ignore-live-parameter-from-xen-.patch
  (bsc#1079730, bsc#1101982, bsc#1063993)
- Follow up on ideas prompted by last change: clean up the patches
  generated by git workflow. There is no value to the first line
  (mbox From line), or [PATCH] on subject line. Get rid of those
- Other minor fixes and improvements to update_git.sh
- Modify update_git.sh script:
  pass --zero-commit to format-patch
  This removes needless noise in the buildservice when the same set
  of patches is imported/exported at different times by different users.
  pass --no-signature to format-patch
  Remove sed call which used to remove the signature, use mv instead

==== qemu-linux-user ====

- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-3.1
  * Patches added:
  0041-vfio-ap-flag-as-compatible-with-bal.patch
  0042-hw-s390x-Fix-bad-mask-in-time2tod.patch
  0043-pcie-set-link-state-inactive-active.patch
  0044-pc-piix4-Update-smbus-I-O-space-aft.patch
  0045-hw-usb-fix-mistaken-de-initializati.patch
  0046-usb-mtp-use-O_NOFOLLOW-and-O_CLOEXE.patch
  0047-pvrdma-release-device-resources-in-.patch
  0048-rdma-check-num_sge-does-not-exceed-.patch
  0049-pvrdma-add-uar_read-routine.patch
  0050-pvrdma-check-number-of-pages-when-c.patch
  0051-pvrdma-check-return-value-from-pvrd.patch
  0052-pvrdma-release-ring-object-in-case-.patch
  0053-block-Fix-hangs-in-synchronous-APIs.patch
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-3.1
  * Patches added:
  0040-xen-ignore-live-parameter-from-xen-.patch
  (bsc#1079730, bsc#1101982, bsc#1063993)
- Follow up on ideas prompted by last change: clean up the patches
  generated by git workflow. There is no value to the first line
  (mbox From line), or [PATCH] on subject line. Get rid of those
- Other minor fixes and improvements to update_git.sh
- Modify update_git.sh script:
  pass --zero-commit to format-patch
  This removes needless noise in the buildservice when the same set
  of patches is imported/exported at different times by different users.
  pass --no-signature to format-patch
  Remove sed call which used to remove the signature, use mv instead

==== re2 ====
Version update (20181001 -> 20190101)

- update to 2019-01-01:
  * developer visible changes, performance tweaks and bug fixes

==== vim ====
Version update (8.1.0565 -> 8.1.0687)
Subpackages: gvim vim-data vim-data-common

- Updated to version 8.1.0687 , fixes the following problems
  + refreshed disable-unreliable-tests.patch
  * Asan complains about reading before allocated block.
  * SGR not enabled for mintty because $TERM is "xterm".
  * Error for NUL byte in ScreenLines goes unnoticed.
  * Error message for NUL byte in ScreenLines breaks Travis CI.
  * Execute() always resets display column to zero. (Sha Liu)
  * 'commentstring' not used when adding fold marker. (Maxim Kim)
  * Non-silent execute() resets display column to zero.
  * Stopping a job does not work properly on OpenBSD.
  * Cannot redefine user command without ! in same script
  * 'commentstring' not used when adding fold marker in C.
  * Termdebug: clearing multi-breakpoint does not work.
  * Indent script tests pick up installed scripts.
  * Tabpage right-click menu never shows "Close tab".
  * Cannot disable arabic, rightleft and farsi in configure.
  * Cannot attach properties to text.
  * Invalid memory access when using text properties.
  * Double free without the text properties feature.
  * Text properties are not enabled.
  * Using illogical name for get_dict_number()/get_dict_string().
  * With search CTRL-L does not pick up composing characters.
  * Undo test may fail on MS-Windows.
  * :digraph output is not easy to read.
  * GvimExt: realloc() failing is not handled properly.
  * Cannot define a sign with space in the text.
  * Compilation error in gvimext.cpp.
  * When a job ends the closed channels are not handled.
  * Channel sort test is flaky.
  * The libvterm tests are not run as part of Vim tests.
  * Illegal memory access in libvterm test.
  * Libvterm tests are not run with coverage.
  * Not all parts of printf() are tested.
  * Cannot run test_libvterm from the top directory.
  * Indent tests may use the wrong Vim binary.
  * Without the +eval feature the indent tests don't work.
  * Channel test is flaky.
  * A few compiler warnings.
  * DirChanged is also triggered when the directory didn't change
  * The :stop command is not tested.
  * Running make in the top directory echoes a comment.
  * 'cryptmethod' defaults to a very old method.
  * Proto files are not in sync with the source code.
  * Coverals is not updating.
  * Crash when using terminal with long composing characters.
  * Cannot use two global runtime dirs with configure.
  * When executing an insecure function the secure flag is stuck.
  * Placing signs can be complicated.
  * Get_tv function names are not consistent.
  * term_getjob() does not return v:null as documented.
  * :echomsg and :echoerr do not handle List and Dict like :echo does.
  * Overuling CONF_ARGS from the environment no longer works.
  * Terminal debugger does not handle unexpected debugger exit.
  * Adding quickfix items marks items as valid errors. (Daniel Hahler)
  * Iterating through window frames is repeated.
  * Overuling CONF_ARGS from the environment still does not work.
  * Python cannot handle function name of script-local function.
  * Compiler warning on MS-Windows.
  * "gn" selects the wrong text with a multi-line match.
  * "wincmd p" does not work after using an autocmd window.
  * Test for :stop fails on Arch.
  * Using sign group names is inefficient.
  * Crash when out of memory while opening a terminal window.
  * Text properties cannot cross line boundaries.
  * Coverity complains about null pointer use.
  * line2byte() gives wrong values with text properties.
  * Text property highlighting is off by one column.
  * text properties test fails on MS-Windows
  * Get E14 while typing command :tab with 'incsearch' set.
  * No check for out-of-memory when converting regexp.
  * swapinfo() leaks memory.
  * Computing byte offset wrong.
  * Finding next sign ID is inefficient.
  * Coverity warns for possible use of NULL pointer.
  * Cannot build with Ruby 2.6.0.
  * Custom operators can't act upon a forced motion.
  * setjmp() variables defined globally are used in one file.
  * Command line argument -q [errorfile] is not tested.
  * :args \"foo works like :args without argument.
  * Freeing memory for balloon eval too early.
  * Arglist test fails on MS-windows.
  * When deleting a line text property flags are not adjusted.
  * When appending a line text property flags are not added.
  * Trying to reconnect to X server may cause problems.
  * Get error for using regexp recursively.
  * Deleting signs and completion for :sign is insufficient.
  * Build failure without the sign feature.
  * sign_unplace() may leak memory.
  * Clipboard regexp might be used recursively.
  * Needlessly searching for tilde in string.
  * Text property display wrong when 'number' is set.
  * Configure "fail-if-missing" does not apply to the enable-gui
  argument.
  * Text property display wrong when 'spell' is set.
  * Text property test fails.
  * Textprop test leaves file behind.
  * No test for overstrike mode in the command line.
  * The ex_sign() function is too long.
  * Macro for popup menu width is unused.
  * Cursor in the wrong column after auto-formatting.
  * The Lua interface doesn't know about v:null.
  * Functionality for signs is spread out over several files.
  * Leaking memory when updating a single line.
  * Text property column is screen columns is not practical.
  * Textprop screendump test fails.
  * Look-behind match may use the wrong line number. (Dominique Pelle)
  * Text properties as not adjusted for inserted text.
  * Sign functions do not take buffer argument as documented.
  * Not easy to see what features are unavailable.
  * Text properties as not adjusted for deleted text.
  * Text properties are not adjusted when backspacing replaced text.
  * Spell highlighting does not always end.
  * Warnings from 64-bit compiler.

==== xf86-video-neomagic ====
Version update (1.2.9 -> 1.3.0)

- Update to version 1.3.0
  * This is a maintenance release of NeoMagic DDX for X.Org X Server.
    No testing has been done due to the lack of equipment availability.

==== yast2-schema ====
Version update (4.0.6 -> 4.1.0)

- AutoYaST schema changed in yast2-firewall (4.1.4).
  - Allowed the new 'forward_ports', 'rich_rules' and
    'source_ports' elements in zone entries (bsc#1108199)
- 4.1.0
- Added new schema of yast2-tftp-server module (bsc#1108199).
- 4.0.7

==== zstd ====
Version update (1.3.7 -> 1.3.8)

- zstd 1.3.8:
  * better decompression speed on large files (+7%) and cold
    dictionaries (+15%)
  * slightly better compression ratio at high compression modes
  * new --rsyncable mode
  * support decompression of empty frames into NULL (used to be an
    error)
  * support ZSTD_CLEVEL environment variable
  * --no-progress flag, preserving final summary
  * various CLI fixes