Packages changed:
  aaa_base (84.87+git20190718.ce933cb -> 84.87+git20190822.82a17f1)
  bash
  dmidecode
  filesystem
  gzip
  ldb (1.5.4 -> 1.5.5)
  libdb-4_8
  libgcrypt (1.8.4 -> 1.8.5)
  shadow
  snapper
  zstd (1.4.2 -> 1.4.3)

=== Details ===

==== aaa_base ====
Version update (84.87+git20190718.ce933cb -> 84.87+git20190822.82a17f1)

- Update to version 84.87+git20190822.82a17f1:
  * add sysctl.d/51-network.conf to tighten network security a bit
    see also (boo#1146866) (jira#SLE-9132)

==== bash ====

- Add official patch bash50-008
  When HISTSIZE is set to 0, history expansion can leave the history length
  set to an incorrect value, leading to subsequent attempts to access invalid
  memory.
- Add official patch bash50-009
  The history file reading code doesn't close the file descriptor open to
  the history file when it encounters a zero-length file.

==== dmidecode ====

2 recommended fixes from upstream:
- dmidecode-only-scan-dev-mem-for-entry-point-on-x86.patch: Only
  scan /dev/mem for entry point on x86 (fixes reboot on ARM64).
- dmidecode-fix-formatting-of-tpm-table-output.patch: Fix
  formatting of TPM table output (missing newlines).

==== filesystem ====

- Move /etc.cron.* directories to cron package
- Add /usr/etc

==== gzip ====

- refresh gzip-1.10-ibm_dfltcc_support.patch to fix three data
  corruption issues [bsc#1145276] [jsc#SLE-5818] [jsc#SLE-8914]

==== ldb ====
Version update (1.5.4 -> 1.5.5)

- Update to 1.5.5
  + LDAP_REFERRAL_SCHEME_OPAQUE was added to ldb_module.h; (bso#12478);
  + Skip @ records early in a search full scan; (bso#13893);

==== libdb-4_8 ====

- Add opd deadlock patch as found and documented by Red Hat.
  (bsc#1148244)
  * 0001-OPD-deadlock-RH-BZ-1349779.patch
- Remove the getpatches as it does not work at all, oracle
  removed the pages
- Use spec-cleaner
- Fix stripped debuginfo to make sure we can debug with libdb

==== libgcrypt ====
Version update (1.8.4 -> 1.8.5)

- libgcrypt 1.8.5:
  * CVE-2019-13627: mitigation against an ECDSA timing attack (boo#1148987)
  * Improve ECDSA unblinding
  * Provide a pkg-config file

==== shadow ====

- bsc#1144060: Add pam_keyinit.so to /etc/pam.d configuration files
  to support kernel keyring feature
- Update pamd.tar.bz2 with pam configuration files accordingly
- encryption_method_nis.patch: drop, DES should really not be used
  anymore anywhere, even with NIS
- shadow-login_defs-suse.patch: remove encryption NIS entry

==== snapper ====
Subpackages: libsnapper4

- reusing existing subvolumes on mksubvolume run
  (bsc#1138725, bsc#1126900, gh#openSUSE/snapper#236)

==== zstd ====
Version update (1.4.2 -> 1.4.3)

- Update to version 1.4.3
  * bug: Fix Dictionary Compression Ratio Regression (#1709)
  * bug: Fix Buffer Overflow in v0.3 Decompression (#1722)
  * build: Add support for IAR C/C++ Compiler for Arm (#1705)
  * misc: Add NULL pointer check in util.c (#1706)