Packages changed:
  Mesa
  appstream-glib
  calligra (2.9.10 -> 2.9.11)
  http-parser
  hyphen
  jasper
  konsole
  libnettle (3.1.1 -> 3.2)
  libpsl
  libsolv (0.6.17 -> 0.6.18)
  libzypp (15.21.0 -> 15.21.1)
  obs-service-format_spec_file (20150904 -> 20160202)
  sensors
  xen (4.6.0_06 -> 4.6.0_08)
  yast2-core (3.1.19 -> 3.1.21)
  yast2-network (3.1.140 -> 3.1.142)
  yast2-update (3.1.34 -> 3.1.35)
  zypper (1.12.29 -> 1.12.31)

=== Details ===

==== Mesa ====
Subpackages: Mesa-32bit Mesa-devel Mesa-dri-devel Mesa-libEGL-devel Mesa-libEGL1 Mesa-libEGL1-32bit Mesa-libGL-devel Mesa-libGL1 Mesa-libGL1-32bit Mesa-libGLESv1_CM-devel Mesa-libGLESv1_CM1 Mesa-libGLESv2-2 Mesa-libGLESv2-devel Mesa-libglapi-devel Mesa-libglapi0 Mesa-libglapi0-32bit Mesa-libva libOSMesa-devel libOSMesa9 libOSMesa9-32bit libgbm-devel libgbm1 libgbm1-32bit libvdpau_nouveau libvdpau_r300 libvdpau_r600 libvdpau_radeonsi libwayland-egl-devel libwayland-egl1 libxatracker2

- Add U_clover-Fix-build-against-LLVM-3.8.patch to fix build
  against llvm 3.8

==== appstream-glib ====
Subpackages: libappstream-builder8 libappstream-glib8

- openSUSE-appstream-process: fix very stupid typo. 4 eyes is not
  enough.

==== calligra ====
Version update (2.9.10 -> 2.9.11)
Subpackages: calligra-extras-dolphin calligra-extras-okular calligra-stage calligra-words-common

- Update to 2.9.11
  * Bugfix release, for more details please see
    https://www.calligra.org/news/calligra-2-9-11-released/
- Don't build with kdepimlibs4 on Tumbleweed. We have switched to
  using Frameworks based PIM, which is no longer compatible

==== http-parser ====

- Add baselibs.conf as source, in order to build
  libhttp-parser-suse0 32-bit compatability lib.

==== hyphen ====

- Add baselibs.conf as source, in order to build libhyphen0 32-bit
  compatability lib.

==== jasper ====
Subpackages: libjasper-devel libjasper1 libjasper1-32bit

- Modified patch
  * jasper-CVE-2016-2089.patch
    + Use the new version of patch from
    https://bugzilla.redhat.com/show_bug.cgi?id=1302636
    with more targetted checks.
- Version the Obsoletes/Provides so that the package does not
  obsolete itself
- Add jasper-CVE-2016-2089.patch
  * CVE-2016-2089: invalid read in the JasPer's jas_matrix_clip()
    function (bsc#963983)

==== konsole ====
Subpackages: konsole-part

- Add allow-certain-variable-width-fonts.patch: resolve no characters
  are shown on Chinese and Japanese environment (boo#962239)
  * For some monospaced fonts with ligatures or the ambiguous-width
    problem, QFontInfo::fixedPitch does not return true. When such
    font is selected for "Monospace", Konsole did not print anything.
- Add fix-profile-terminal-size.patch: allow profile's terminal
  size to work again (boo#964165, kde#345403)

==== libnettle ====
Version update (3.1.1 -> 3.2)
Subpackages: libhogweed4 libhogweed4-32bit libnettle-devel libnettle6 libnettle6-32bit

- Version update to 3.2 release bnc#964849 CVE-2015-8805 bnc#964847
  CVE-2015-8804 bnc#964845 CVE-2015-8803:
  * New functions for RSA private key operations, identified by
    the "_tr" suffix, with better resistance to side channel
    attacks and to hardware or software failures which could
    break the CRT optimization
  * SHA3 implementation is updated according to the FIPS 202 standard
  * New ARM Neon implementation of the chacha stream cipher
  * Should be compatible binary with 3.1 series
- Add patch to fix build with cflags:
  * nettle-respect-cflags.patch

==== libpsl ====

- Add baselibs.conf

==== libsolv ====
Version update (0.6.17 -> 0.6.18)
Subpackages: libsolv-devel libsolv-tools perl-solv python-solv

- fix rule generation for linked packages [bnc#961738]
- add hash method in bindings for some classes
- bump version to 0.6.18

==== libzypp ====
Version update (15.21.0 -> 15.21.1)

- Don't buildrequire graphviz-gnome (bsc#964150)
- Unwanted btrfs subvolumes must be filtered by device (not fsid)
  (fixes #54)
- version 15.21.1 (19)

==== obs-service-format_spec_file ====
Version update (20150904 -> 20160202)

- update licenses

==== sensors ====
Subpackages: libsensors4 libsensors4-32bit libsensors4-devel

- lm_sensors-3.4.0-sensord-service-extra-args.patch: Allow passing
  arbitrary extra arguments to sensord.

==== xen ====
Version update (4.6.0_06 -> 4.6.0_08)
Subpackages: xen-doc-html xen-libs xen-tools xen-tools-domU

- bsc#963783 - VUL-1: CVE-2016-1981: xen: net: e1000 infinite loop
  in start_xmit and e1000_receive_iov routines
  CVE-2016-1981-qemuu-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch
  CVE-2016-1981-qemut-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch
- bsc#962758 - VUL-0: CVE-2013-4539: xen: tsc210x: buffer overrun
  on invalid state load
  CVE-2013-4539-qemut-tsc210x-fix-buffer-overrun-on-invalid-state-load.patch
- bsc#962632 - VUL-0: CVE-2015-1779: xen: vnc: insufficient
  resource limiting in VNC websockets decoder
  CVE-2015-1779-qemuu-limit-size-of-HTTP-headers-from-websockets-clients.patch
  CVE-2015-1779-qemuu-incrementally-decode-websocket-frames.patch
- bsc#962642 - VUL-0: CVE-2013-4537: xen: ssi-sd: buffer overrun on
  invalid state load
  CVE-2013-4537-qemut-ssi-sd-fix-buffer-overrun-on-invalid-state-load.patch
- bsc#962627 - VUL-0: CVE-2014-7815: xen: vnc: insufficient
  bits_per_pixel from the client sanitization
  CVE-2014-7815-qemut-vnc-sanitize-bits_per_pixel-from-the-client.patch
- bsc#962335 - VUL-0: CVE-2013-4538: xen: ssd0323: fix buffer
  overun on invalid state
  CVE-2013-4538-qemut-ssd0323-fix-buffer-overun-on-invalid-state.patch
- bsc#962360 - VUL-0: CVE-2015-7512: xen: net: pcnet: buffer
  overflow in non-loopback mode
  CVE-2015-7512-qemuu-net-pcnet-buffer-overflow-in-non-loopback-mode.patch
  CVE-2015-7512-qemut-net-pcnet-buffer-overflow-in-non-loopback-mode.patch
- bsc#961692 - VUL-0: CVE-2016-1714: xen: nvram: OOB r/w access in
  processing firmware configurations
  CVE-2016-1714-qemuu-fw_cfg-add-check-to-validate-current-entry-value.patch
  CVE-2016-1714-qemut-fw_cfg-add-check-to-validate-current-entry-value.patch
- bsc#961358 - VUL-0: CVE-2015-8613: xen: qemu: scsi: stack based
  buffer overflow in megasas_ctrl_get_info
  CVE-2015-8613-qemuu-scsi-initialise-info-object-with-appropriate-size.patch
- bsc#961332 - VUL-0: CVE-2016-1568: xen: Qemu: ide: ahci
  use-after-free vulnerability in aio port commands
  CVE-2016-1568-qemuu-ide-ahci-reset-ncq-object-to-unused-on-error.patch
- bsc#959695 - missing docs for xen
  xen.spec
- bsc#960862 - VUL-0: CVE-2016-1571: xen: VMX: intercept issue with
  INVLPG on non-canonical address (XSA-168)
  xsa168.patch
- bsc#960861 - VUL-0: CVE-2016-1570: xen: PV superpage
  functionality missing sanity checks (XSA-167)
  xsa167.patch
- bsc#960836 - VUL-0: CVE-2015-8744: xen: net: vmxnet3: incorrect
  l2 header validation leads to a crash via assert(2) call
  CVE-2015-8744-qemuu-net-vmxnet3-incorrect-l2-header-validation-leads-to-crash.patch
- bsc#960707 - VUL-0: CVE-2015-8745: xen: reading IMR registers
  leads to a crash via assert(2) call
  CVE-2015-8745-qemuu-net-vmxnet3-read-IMR-registers-instead-of-assert.patch
- bsc#960726 - VUL-0: CVE-2015-8743: xen: ne2000: OOB memory access
  in ioport r/w functions
  CVE-2015-8743-qemuu-ne2000-OOB-memory-access-in-ioport-rw-functions.patch

==== yast2-core ====
Version update (3.1.19 -> 3.1.21)
Subpackages: yast2-core-devel

- Treat C/C++ warnings as errors but only via bcond_with werror.
- 3.1.21
- Treat C/C++ warnings as errors.
- 3.1.20

==== yast2-network ====
Version update (3.1.140 -> 3.1.142)

- Removed old testsuites tests and autotools, so yast2-testsuite
  is not required anymore (fate#314695).
- 3.1.142
- Fixed an Internal error when aborting the configuration of a
  WiFi interface (bsc#950902).
- 3.1.141

==== yast2-update ====
Version update (3.1.34 -> 3.1.35)

- Fixed selecting additional products during system upgrade
  (do not select previously unselected products after adding
  repositories from the registration server) (bsc#959155)
- 3.1.35

==== zypper ====
Version update (1.12.29 -> 1.12.31)
Subpackages: zypper-aptitude zypper-log

- Don't load repos when removing packages (bsc#606220)
- version 1.12.31
- Update zypper-po.tar.bz2
- Update zypper-po.tar.bz2
- Propagate repo refresh errors even if main action succeeded
  (bsc#961719)
- Fix misaligned TAB stops in colored prompts (bsc#948566)
- version 1.12.30
- Update zypper-po.tar.bz2