Packages changed:
  MozillaFirefox (70.0.1 -> 71.0)
  MozillaThunderbird (68.3.0 -> 68.3.1)
  clamav
  exim (4.92.2 -> 4.93)
  gnome-menus-branding-openSUSE
  gvfs
  perl-Mojolicious (8.27 -> 8.29)
  perl-Template-Toolkit (2.29 -> 3.003)
  xdg-desktop-portal (1.4.2 -> 1.6.0)
  xdg-desktop-portal-gtk (1.4.0 -> 1.6.0)
  yast2-control-center (4.2.2 -> 4.2.3)

=== Details ===

==== MozillaFirefox ====
Version update (70.0.1 -> 71.0)
Subpackages: MozillaFirefox-translations-common

- Mozilla Firefox 71.0
  * Improvements to Lockwise, our integrated password manager
  * More information about Enhanced Tracking Protection in action
  * Native MP3 decoding on Windows, Linux, and macOS
  * Configuration page (about:config) reimplemented in HTML
  * New kiosk mode functionality, which allows maximum screen space
    for customer-facing displays
  MFSA 2019-36
  * CVE-2019-11756 (bmo#1508776)
    Use-after-free of SFTKSession object
  * CVE-2019-17008 (bmo#1546331)
    Use-after-free in worker destruction
  * CVE-2019-13722 (bmo#1580156) (Windows only)
    Stack corruption due to incorrect number of arguments in WebRTC code
  * CVE-2019-17014 (bmo#1322864)
    Dragging and dropping a cross-origin resource, incorrectly loaded
    as an image, could result in information disclosure
  * CVE-2019-17010 (bmo#1581084)
    Use-after-free when performing device orientation checks
  * CVE-2019-17005 (bmo#1584170)
    Buffer overflow in plain text serializer
  * CVE-2019-17011 (bmo#1591334)
    Use-after-free when retrieving a document in antitracking
  * CVE-2019-17012 (bmo#1449736, bmo#1533957, bmo#1560667, bmo#1567209
    bmo#1580288, bmo#1585760, bmo#1592502)
    Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3
  * CVE-2019-17013 (bmo#1298509, bmo#1472328, bmo#1577439, bmo#1577937
    bmo#1580320, bmo#1584195, bmo#1585106, bmo#1586293, bmo#1593865
    bmo#1594181)
    Memory safety bugs fixed in Firefox 71
- requires
  NSPR >= 4.23
  NSS >= 3.47.1
  rust/cargo >= 1.37
- reactivate webrtc for platforms where it was disabled
- updated create-tar.sh to cover buildid and origin repo information
  - > removed obsolete source-stamp.txt
- removed obsolete patches
  mozilla-bmo1511604.patch
  mozilla-openaes-decl.patch
- changed locale building procedure
  * removed obsolete compare-locales.tar.xz
- added mozilla-bmo1601707.patch to fix gcc/LTO builds
  (bmo#1601707, boo#1158466)
- added mozilla-bmo849632.patch to fix big endian issues in skia
  used for WebGL

==== MozillaThunderbird ====
Version update (68.3.0 -> 68.3.1)
Subpackages: MozillaThunderbird-translations-common

- add mozilla-bmo1583471.patch to allow building with rust 1.39
- Mozilla Thunderbird 68.3.1
  * In dark theme unread messages no longer shown in blue to
    distinguish from tagged messages
  * Account setup is now using client side DNS MX lookup instead of
    relying on a server
  Bugfixes
  * Searching LDAP address book crashed in some circumstances
  * Message navigation with backward and forward buttons did not work
    in some circumstances
  * WebExtension toolbar icons were displayed too small
  * Calendar: Tasks due today were not listed in bold
  * Calendar: Last day of long-running events was not shown

==== clamav ====
Subpackages: libclamav9 libfreshclam2

- The freshclam.service should not be started before the network is
  online (it checks for updates immediately upon service start)

==== exim ====
Version update (4.92.2 -> 4.93)

- update to exim 4.93
  * SUPPORT_DMARC replaces EXPERIMENTAL_DMARC
  * DISABLE_TLS replaces SUPPORT_TLS
  * Bump the version for the local_scan API.
  * smtp transport option hosts_try_fastopen defaults to "*".
  * DNSSec is requested (not required) for all queries. (This seemes to
    ask for trouble if your resolver is a systemd-resolved.)
  * Generic router option retry_use_local_part defaults to "true" under specific
    pre-conditions.
  * Introduce a tainting mechanism for values read from untrusted sources.
  * Use longer file names for temporary spool files (this avoids
    name conflicts with spool on a shared file system).
  * Use dsn_from main config option (was ignored previously).
- update to exim 4.92.3
  * CVE-2019-16928: fix against Heap-based buffer overflow in string_vformat,
    remote code execution seems to be possible

==== gnome-menus-branding-openSUSE ====

- Convert package to _multibuild.

==== gvfs ====
Subpackages: gvfs-backend-afc gvfs-backend-samba gvfs-backends gvfs-fuse gvfs-lang

- BuildRequire pkgconfig(systemd): meson.build tries to inspect
  systtemd.pc to find the right unit-directories.

==== perl-Mojolicious ====
Version update (8.27 -> 8.29)

- updated to 8.29
  see /usr/share/doc/packages/perl-Mojolicious/Changes
  8.29  2019-12-28
  - Improved async/await support to work in many more cases, such as WebSocket
    handlers.
  8.28  2019-12-26
  - Added EXPERIMENTAL support for async/await (with -async Mojo::Base flag).
  - Added EXPERIMENTAL all_settled and any methods to Mojo::Promise.

==== perl-Template-Toolkit ====
Version update (2.29 -> 3.003)

- updated to 3.003
  see /usr/share/doc/packages/perl-Template-Toolkit/Changes

==== xdg-desktop-portal ====
Version update (1.4.2 -> 1.6.0)
Subpackages: xdg-desktop-portal-lang

- Update to version 1.6.0:
  + tests: Adapt to libportal api changes.
- Changes from version 1.5.4:
  + background:
  - Add a signal to the impl api.
  - Rewrite the monitoring to better track when apps disappear.
  + permissions: Fix SetValue handling of GVariant wrapping. This
    is an api change.
  + openuri:
  - Add a per-type always-ask option.
  - Show the app chooser dialog less often.
  + memorymonitor: A new portal to let apps receive low memory
    warnings.
  + filetransfer: A new portal to rewrite file paths between
    sandboxes.
- Changes from version 1.5.3:
  + Add more tests.
  + location: Various fixes.
  + document portal: Monitor fuse mount.
  + openuri:
  - Only ask 3 times to use the same app.
  - Add an 'ask' option.
  + Fix build from git.
  + email: Allow multiple addresses, cc and bcc.
  + filechooser: Allow saving multiple files.
  + Update translations.
- Changes from version 1.5.2:
  + Add many more tests, using libportal.
  + gamemode: Add a pidfd-based api.
  + inhibit: Send a Response signal.
  + openuri: Add an OpenDirectory api.
  + Updated translations.
- Changes from version 1.5.1:
  + Add a portal for setting desktop backgrounds
  + Add tests.
  + Optionally use libportal (for tests).
- Changes from version 1.5.0:
  + Add a secret portal that is meant be used via libsecret inside
    the sandbox. One backend for this will live in gnome-keyring,
    others are possible.
  + Fix a file descriptor leak.
  + Reduce log spam.
  + Updated translations.
- Add pkgconfig(libportal) BuildRequires: New dependency.

==== xdg-desktop-portal-gtk ====
Version update (1.4.0 -> 1.6.0)
Subpackages: xdg-desktop-portal-gtk-lang

- Update to version 1.6.0:
  + Updated translations.
- Changes from version 1.5.2:
  + email: Work with sandboxed email clients.
  + wallpaper:
  - Support http: uris.
  - Improve preview.
  + appchooser: Modernize the appearance.
  + background: Improve application monitoring.
  + Require xdg-desktop-portal 1.5.
- Changes from version 1.5.1:
  + settings: Get animations-enabled setting from gnome-shell.
  + wallpaper: Add a portal backend for setting desktop backgrounds.
  + email: Support multiple addresses, cc and bcc.
  + filechooser: Support saving multiple files.
  + Updated translations.
- Changes from version 1.5.0:
  + screencast:
  - Support window selection.
  - Fix a crash.
  + settings:
  - Add a settings portal backend.
  - Handle enable-animations setting like gsd.
  + Updated translations.
- Add BuildRequires:  pkgconfig(gnome-desktop-3.0): New dependency.

==== yast2-control-center ====
Version update (4.2.2 -> 4.2.3)
Subpackages: yast2-control-center-qt

- Fix theming icons again (boo#1159283)
- 4.2.3