Packages changed:
  gpgme (1.13.0 -> 1.13.1)
  libarchive (3.3.3 -> 3.4.0)

=== Details ===

==== gpgme ====
Version update (1.13.0 -> 1.13.1)

- gpgme 1.13.1:
  * core: At debug levels up to 9 print only an ascii dump.
  * core: Add commented debug helper to posix-io.c.
  * core: Fix error return value of _gpgme_run_io_cb.
  * core: Prettify _gpgme_io_select debug output again and fix TRACE_SYSRES.
  * core: Improve the debug messages even more.
  * core: Avoid explicit locks in the debug code.
  * json: Print "nan", "-inf", "inf" if needed.
  * json: Improve handling of large exponents in the JSON parsor.
  * core: Implement recpstring option parsing for gpgsm.
  * core: Make gpgme_op_encrypt_ext work for CMS.
  * python: Fix typo in DecryptionError exception.
  * python: Make EXTRA_DIST files explicit.
  * Python, doc: Minor style improvement.
  * Always use maintainer mode -Wno cflags.
  * cpp: Fix initialization warning.
  * python: stop raising BadSignatures from decrypt(verify=True)
  * cpp: Add wrapper for gpgme_set_global_flag.
  * core: Fix duplication of close_notify_handler for gpgsm.

==== libarchive ====
Version update (3.3.3 -> 3.4.0)

- Update to version 3.4.0
  * Support for file and directory symlinks on Windows
  * Read support for RAR 5.0 archives
  * Read support for ZIPX archives with xz, lzma, ppmd8 and
    bzip2 compression
  * Support for non-recursive list and extract
  * New tar option: --exclude-vcs
  * Improved file attribute support on Linux and file flags support
    on FreeBSD
  * Fix reading Android APK archives (#1055 )
  * Fix problems related to unreadable directories (#1167)
  * A two-digit number of OSS-Fuzz issues was resolved in this release
- Add libarchive.keyring and validate the tarball signature
- Drop all security patches, fixed upstream:
  * CVE-2018-1000877.patch
  * CVE-2018-1000878.patch
  * CVE-2018-1000879.patch
  * CVE-2018-1000880.patch
  * CVE-2019-1000019.patch
  * CVE-2019-1000020.patch