Changed packages:

==== FastCGI ====

- Update license tag to spdx 1.2.

==== IPython ====

- Add pandoc dependency for nbconvert notebook converter.
  This is only available for openSUSE > 13.1.
- Change some dependencies that are not required for basic
  functionality to Recommends.

==== MozillaFirefox ====
Version update (31.0 -> 31.1.0)
Subpackages: MozillaFirefox-translations-common

- update to Firefox 31.1.0esr (bnc#894370)
  * MFSA 2014-67/CVE-2014-1553/CVE-2014-1562
    Miscellaneous memory safety hazards
  * MFSA 2014-68/CVE-2014-1563 (bmo#1018524)
    Use-after-free during DOM interactions with SVG
  * MFSA 2014-69/CVE-2014-1564 (bmo#1045977)
    Uninitialized memory use during GIF rendering
  * MFSA 2014-70/CVE-2014-1565 (bmo#1047831)
    Out-of-bounds read in Web Audio audio timeline
  * MFSA 2014-72/CVE-2014-1567 (bmo#1037641)
    Use-after-free setting text directionality
- changes to support compilation on 11.4
  * explicit xz BuildRequires
  * mozilla-nullptr-gcc45.patch
  * remove unresolved makeinfo BuildRequires
- adapted _constraints, used more than 3900MB on s390x during
  last build

==== MozillaThunderbird ====
Version update (31.0 -> 31.1.0)
Subpackages: MozillaThunderbird-translations-common

- update to Thunderbird 31.1.0 (bnc#894370)
  * MFSA 2014-67/CVE-2014-1553/CVE-2014-1562
    Miscellaneous memory safety hazards
  * MFSA 2014-68/CVE-2014-1563 (bmo#1018524)
    Use-after-free during DOM interactions with SVG
  * MFSA 2014-69/CVE-2014-1564 (bmo#1045977)
    Uninitialized memory use during GIF rendering
  * MFSA 2014-70/CVE-2014-1565 (bmo#1047831)
    Out-of-bounds read in Web Audio audio timeline
  * MFSA 2014-72/CVE-2014-1567 (bmo#1037641)
    Use-after-free setting text directionality
- added mozilla-nullptr-gcc45.patch to build on gcc 4.5 dists
  (e.g. openSUSE 11.4)

==== branding-openSUSE ====
Subpackages: dynamic-wallpaper-branding-openSUSE gfxboot-branding-openSUSE grub2-branding-openSUSE plymouth-branding-openSUSE wallpaper-branding-openSUSE xfce4-splash-branding-openSUSE yast2-qt-branding-openSUSE

- fix merge conflicts
- Lower openSUSE logo in grub2 by 5px to improve spacing under OS title
- replace grub2 openSUSE logo with high resolution badge
- add openSUSE logo to gfxboot images
- new yast branding location now handled by git makefile, remove mv
  from spec file
- Initial openSUSE 13.2 branding
- yast branding needs to be installed in /usr/share/YaST2/theme/current
  now

==== bzip2 ====
Subpackages: libbz2-1 libbz2-1-32bit libbz2-devel

- revert the bzip2-handle_pipe_input_with-f_option.patch because it
  breaks other programs using the bzip2 library
- Implement %check
- handle pipe input with the -f option (bnc#884004)
  * added bzip2-handle_pipe_input_with-f_option.patch

==== cmake ====

- Add possible patch to fix random test failure
  * cmake-fix-module-loading-test.patch

==== cups ====
Subpackages: cups-client cups-devel cups-libs cups-libs-32bit

- Let fdupes only create symlinks in /usr/share/cups/templates/ to
  avoid a symlink /usr/share/cups/webcontent/images/cups-icon.png
  because the cupsd web server does no longer follow symlinks
  to avoid the security issues mentioned in the previous entry
  below (fixes bnc#892587 a regression of bnc#887240).
- str4450.CVE-2014-3537.str4455.CVE-2014-5029.CVE-2014-5030.CVE-2014-5031.CUPS-1.5.4.patch
  fixes that the web interface incorrectly served symlinked files
  and files that were not world-readable, potentially leading to
  a disclosure of information (CVE-2014-3537 STR #4450 plus the
  subsequent CVE-2014-5029 CVE-2014-5030 CVE-2014-5031 STR #4455
  all in bnc#887240).

==== digikam ====
Version update (4.1.0 -> 4.2.0)
Subpackages: digikam-doc kipi-plugins kipi-plugins-acquireimage kipi-plugins-geolocation libkface-devel libkface2 libkgeomap-devel libkgeomap1 libmediawiki-devel libmediawiki1

- Update to 4.2.0
  digikam:
  - AlbumGui : New view on left sidebar to search quickly items
    with assigned Labels.
    Details: http://mohamedanwer.wordpress.com/2014/07/17/the-great-merging-day/
  - AlbumGui : Tags view: add a new option to show items with
    no tag.
    Details: http://mohamedanwer.wordpress.com/2014/07/11/tags-left-sidebar-supports-new-action-now/
  - Geberal  : Add retina display support with preview and
    editor canvas under OSX.
  - 16 fixed bugs
    (kde#336851, kde#336650, kde#326019, kde#337231, kde#337392,
    kde#262175, kde#262167, kde#286463, kde#337417, kde#160363,
    kde#330976, kde#337507, kde#337688, kde#160363, kde#132827,
    kde#337993)
  kipi-plugins:
  - 4 fixed bugs (kde#313203, kde#334089, kde#336835, kde#256466)
- adapt remove-gplv2-only.patch
- dropped QtGstreamer-1.0.patch (added upstream)
- Added QtGstreamer-1.0.patch to support QtGstreamer 1.x API (applied
  on Factory/13.2 only)
- Build with gstreamer-plugins-qt-devel for those openSUSE versions

==== doxygen ====
Version update (1.8.7 -> 1.8.8)

- Doxygen 1.8.8
- New features:
  * Support for PlantUML
  * Add BREAD_CRUMB_TRAIL
- A selection of bug fixes and updates as listed in
  http://www.stack.nl/~dimitri/doxygen/manual/changelog.html#log_1_8_8

==== e2fsprogs ====
Version update (1.42.11 -> 1.42.12)
Subpackages: e2fsprogs-devel libcom_err-devel libcom_err2 libcom_err2-32bit libext2fs-devel libext2fs2

- Update to 1.42.12
  * fix e2fsck bugs when repairing bigalloc filesystems
  * fix rare e2fsck bugs discovered by fs fuzzing
  * resize2fs will use less memory when resizing large filesystems
  ...

==== elfutils ====
Subpackages: libasm1 libdw1 libelf1 libelf1-32bit

- Package changes file to support local rpmbuild (bnc#879011)

==== glew-devel ====
Subpackages: libGLEW1_10

- Fix baselibs.conf (bnc#894331).

==== glibc-32bit ====
Subpackages: glibc-locale-32bit

- iconv-ibm-sentinel-check.patch: Fix crashes on invalid input in IBM
  gconv modules (CVE-2014-6040, bnc#894553, BZ #17325)

==== glibc ====
Subpackages: glibc-devel glibc-extra glibc-info glibc-locale nscd

- iconv-ibm-sentinel-check.patch: Fix crashes on invalid input in IBM
  gconv modules (CVE-2014-6040, bnc#894553, BZ #17325)

==== gnutls ====
Version update (3.2.16 -> 3.2.17)
Subpackages: libgnutls-devel libgnutls-openssl27 libgnutls28 libgnutls28-32bit

- Upgrade to Version 3.2.17 (released 2014-08-24)
  * * libgnutls: initialize parameters variable on PKCS #8 decryption.
  * * libgnutls: Explicitly set the exponent in PKCS #11 key generation.
  That improves compatibility with certain PKCS #11 modules. Contributed by
  Wolfgang Meyer zu Bergsten.
  * * libgnutls: gnutls_pkcs12_verify_mac() will not fail in other than SHA1
  algorithms.
  * * libgnutls: when checking the hostname of a certificate with multiple CNs
  ensure that the "most specific" CN is being used.
  * * libgnutls: In DTLS ignore only errors that relate to unexpected packets
  and decryption failures.
  Delete files: gnutls-3.2.16.tar.xz, gnutls-3.2.16.tar.xz.sig
  Add files: gnutls-3.2.17.tar.xz, gnutls-3.2.17.tar.xz.sig

==== libibus-1_0-5 ====
Subpackages: typelib-1_0-IBus-1_0

- Do not only requires typelib-1_0-Gtk-3_0 when building with
  python3.
- Update ibus xim script to properly detect GNOME 3.12+ and to use
  ibus default configuration on first startup of GNOME (bnc#862589
  internal), with help from Takashi Iwai.

==== libicu-devel ====
Subpackages: libicu53_1

- Build both B and L-type endianess variants of icudt53.dat so that
  icu-data really is arch-independent again
- Add icu-error-reporting.diff

==== install-initrd-openSUSE ====
Version update (14.129 -> 14.134)

- really use nfs-kernel-server
- 14.134
- use 'upgrade' (lower case, as expected by latest gfxboot)
- add ftp, nfs & samba server to rescue-server
- 14.133
- fix mkbootdisk (bnc #892339)
- 14.132
- prepare for new yast2-theme
- package split: util-linux-systemd
- move libgcrypt20-hmac to initrd, as gpg and libgcrypt20 live there already
- 14.131
- ensure autoyast files in /var are writable
- add back libgcrypt20-hmac and libcryptsetup4-hmac dependency
- 14.130

==== kdelibs4-branding-openSUSE ====
Subpackages: kdm-branding-openSUSE ksplash-qml-branding-openSUSE ksplashx-branding-openSUSE susegreeter-branding-openSUSE

- fix merge conflicts
- Lower openSUSE logo in grub2 by 5px to improve spacing under OS title
- replace grub2 openSUSE logo with high resolution badge
- add openSUSE logo to gfxboot images
- new yast branding location now handled by git makefile, remove mv
  from spec file
- Initial openSUSE 13.2 branding
- yast branding needs to be installed in /usr/share/YaST2/theme/current
  now

==== kdump ====

- Write proper regex into multipath.conf to prevent syntax error there
  (bnc#883883)
  Add: 0001-multipath-Write-proper-regex-into-multipath-conf.patch

==== krb5 ====
Version update (1.12.1 -> 1.12.2)
Subpackages: krb5-32bit krb5-client krb5-devel

- krb5 5.12.2:
  * Work around a gcc optimizer bug that could cause DB2 KDC
    database operations to spin in an infinite loop
  * Fix a backward compatibility problem with the LDAP KDB schema
    that could prevent krb5-1.11 and later from decoding entries
    created by krb5-1.6.
  * Avoid an infinite loop under some circumstances when the GSS
    mechglue loads a dynamic mechanism.
  * Fix krb5kdc argument parsing so "-w" and "-r" options work
    togetherreliably.
- Vulnerability fixes previously fixed in package via patches:
  * Handle certain invalid RFC 1964 GSS tokens correctly to avoid
    invalid memory reference vulnerabilities.  [CVE-2014-4341
    CVE-2014-4342]
  * Fix memory management vulnerabilities in GSSAPI SPNEGO.
    [CVE-2014-4343 CVE-2014-4344]
  * Fix buffer overflow vulnerability in LDAP KDB back end.
    [CVE-2014-4345]
- updated patches:
  * krb5-1.7-doublelog.patch for context change
  * krb5-1.6.3-ktutil-manpage.dif, same
- removed patches, in upstream:
  * krb5-master-keyring-kdcsync.patch
  * krb5-1.12-CVE-2014-4341-CVE-2014-4342.patch
  * krb5-1.12-CVE-2014-4343-Fix-double-free-in-SPNEGO.patch
  * krb5-1.12-CVE-2014-4344-Fix-null-deref-in-SPNEGO-acceptor.patch
  * krb5-1.12-CVE-2014-4345-buffer-overrun-in-kadmind-with-LDAP-backend.patch
- Fix build with doxygen 1.8.8 - adding krb5-1.12-doxygen.patch
  from upstream

==== krename ====

- Add patch fix-freetype2-includes.patch to ensure that the right
  freetype2 includes are found

==== leafpad ====

- applied spec-cleaner

==== libXaw3d8 ====

- Add baselibs.conf as source.
- Add obsoletes to baselibs.conf.

==== libevdev-tools ====
Subpackages: libevdev2

- Add git repository metadata

==== libfm ====
Version update (1.2.1 -> 1.2.2.1)
Subpackages: libfm-gtk4 libfm-lang libfm4 lxshortcut

- new upstream version 1.2.2.1
  * Fix installation of libfm-extra.pc file for development with
    it.
- changes on 1.2.2 since 1.2.1:
  * Fixed display name of created shortcut after dropping from
    another application.
  * Fixed the screen for context in fm_launch_command_simple().
  * Added KDE archiver "Ark" into archivers list.
  * Fixed parsing order of directories in XDG_DATA_DIRS and
    XDG_CONFIG_DIRS.
  * Added a possibility for application that was started (by
    PCManFM or any other application that uses LibFM) to never
    die after our application (i.e. its parent) was closed.
  * Fixed possible memory leak in fm_config_load_from_file().
  * Corrected g_content_type_guess() call with file sample. This
    may help with correct file type detection.
  * When calculate total file sizes in directory, filesize of
    directory now is skipped.
  * Fixed problem with memory consumption in case image has big
    dimension but not so big filesize - in that case loading may
    consume all the available memory to create bitmap. The file
    dimensions should also be checked against thumbnail_max
    configuration variable.
  * Fixed problem with starting custom command from application
    selection dialog. This stopped to work with new GLib versions.

==== libgcrypt-devel ====
Subpackages: libgcrypt20 libgcrypt20-32bit

- fix an issue in DRBG patchset
  * size_t type is 32-bit on 32-bit systems
- fix a potential NULL pointer deference in DRBG patchset
  * patches from https://bugs.g10code.com/gnupg/issue1701
- added v9-0001-SP800-90A-Deterministic-Random-Bit-Generator.patch
- added v9-0007-User-interface-to-DRBG.patch
- removed v7-0001-SP800-90A-Deterministic-Random-Bit-Generator.patch
- removed v7-0007-User-interface-to-DRBG.patch
- add a subpackage for CAVS testing
  * add cavs_driver.pl and cavs-test.sh from the kernel cavs package
  * added drbg_test.patch

==== libkolab0 ====
Version update (0.5.2 -> 0.5.3)

- New upstream release 0.5.3

==== libkolabxml1 ====
Version update (1.0.1 -> 1.0.2)

- New upstream release 1.0.2
- Dropped the following patches, as they're now included upstream:
  - libkolabxml-1.0.1_xsd_type.patch
  - libkolabxml-1.0.1_csharp_bindings.patch

==== libQt5Core5 ====
Subpackages: libQt5DBus5 libQt5Gui5 libQt5Widgets5

- Added upstream patches for bnc#890168
  * libqt5-fix-leak-with-touch-devices-in-xcb.patch, QTBUG-39596
  * * fixed a leak what did not free m_touchDevices.
  * libqt5-listen-to-touch-events-on-the-master-device.patch, QTBUG-38625
  * * listen to touch events on the master device instead of slave, was also
    affects by fdo#78345
  * libqt5-avoid-crash-during-querying-device.patch, QTBUG-40820
  * * avoid crashes if querying device that has gone away

==== libvirt ====
Version update (1.2.7 -> 1.2.8)
Subpackages: libvirt-client libvirt-daemon libvirt-daemon-config-network libvirt-daemon-config-nwfilter libvirt-daemon-driver-interface libvirt-daemon-driver-libxl libvirt-daemon-driver-lxc libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-uml libvirt-daemon-driver-vbox libvirt-daemon-driver-xen libvirt-daemon-qemu libvirt-daemon-xen

- Update to libvirt 1.2.8
  - virDomainBlockCopy with XML destination, typed params
  - Introduce API for retrieving bulk domain stats
  - Introduce virDomainOpenGraphicsFD API
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
- bnc#893999: remove mount rules from libvirt-lxc apparmor
  abstraction file as those aren't handled by our kernel.
  apparmor-no-mount.patch
- bnc#894232 - Update apparmor profile to allow raw packets
  install-apparmor-profiles.patch
- remove not necessary hunks from libvirt-ppc64le-support.patch
- move new patches to section for to be upstreamed
- add patch: libvirt-power8-models.patch
  add current power8 cpu models to map
- add patch: libvirt-ppc64le-support.patch
  add preliminary ppc64le support to libvirt
- bnc#820399 - virsh blockcopy should refuse identical device
  blockcopy-check-dst-identical-device.patch
- Update to libvirt 1.2.7
  - Introduce virConnectGetDomainCapabilities
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Drop upstream patches: dba3432b-virt-lxc-convert-fix.patch,
    9b1e4cd5-skip-useless-apparmor-files.patch,
    9265f8ab-apparmor-lxc-rework.patch,
    add-nocow-to-vol-xml.patch,
    lxc-keep-caps-feature.patch,
    lxc-keep-caps-feature-conversion.patch,
    lxc-keep-caps-feature-doc.patch,
    lxc-net-target-name.patch,
    lxc-net-target-name-conversion.patch,
    lxc-net-target-name-doc.patch
- lxc AppArmor profile now only restricting potentially dangerous
  accesses. fdo#886460
- Add virt-lxc-convert to libvirt-daemon-driver-lxc package
- added patches:
  * 9265f8ab-apparmor-lxc-rework.patch
  * 9b1e4cd5-skip-useless-apparmor-files.patch
- virt-lxc-convert: force free to output values in bytes
- added patches:
  * dba3432b-virt-lxc-convert-fix.patch
- lxc: allow setting a custom name for container NICs as LXC is
  is able to do it.
  lxc-net-target-name.patch,
  lxc-net-target-name-conversion.patch,
  lxc-net-target-name-doc.patch
- Move 'Requires' of qemu from libvirt-daemon-qemu subpackage to
  libvirt-daemon-driver-qemu
  bnc#885267
- Temporarily disable virt-aa-helper-test, which fails in Factory
- Update to libvirt 1.2.6
  - libxl: add migration support and fixes
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Drop upstream patch libxl-migration-support.patch
  - Drop ia64-clone.patch since libvirt is not built for IA64
- lxc-keep-caps-feature.patch: allow to keep/drop additional
  capabilities for LXC containers. bnc#881465
- lxc-keep-caps-feature-conversion.patch: convert lxc.cap.drop to
  the new domain configuration.
- lxc-keep-caps-feature-doc.patch: documentation for the new feature.
- Disable failing virportallocatortest on aarch64
- Update to libvirt 1.2.5
  - Introduce virDomain{Get,Set}Time APIs
  - Introduce virDomainFSFreeze() and virDomainFSThaw() public API
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Drop upstream patches:
    b98bf811-add-paravirt-shutdown-flag.patch,
    c4fe29f8-use-shutdown-flag.patch,
    da744120-use-reboot-flag.patch,
    d6b27d3e-CVE-2014-0179.patch,
    fd43d1f8-libxl-iface-hostdev.patch,
    99f50208-managed-hostdev-iface.patch,
    292d3f2d-libselinux-build-fix1.patch,
    b109c097-libselinux-build-fix2.patch
- Add upstream patches that fix build with libselinux 2.3
  Added: 292d3f2d-libselinux-build-fix1.patch,
    b109c097-libselinux-build-fix2.patch
  Dropped: libselinux-build-fix.patch
- Fix the build breakers brought by libselinux 2.3.
  libselinux-build-fix.patch
- spec: libvirt-daemon package owns /etc/libvirt, not libvirt-client
  bnc#878056
- libxl: Fix <interface type='hostdev'> syntax for SR-IOV devices
  fd43d1f8-libxl-iface-hostdev.patch,
  99f50208-managed-hostdev-iface.patch
- Update to libvirt 1.2.4
  - Primarily a bug-fix release.  See http://libvirt.org/news.html
    for a detailed list of bug fixes and improvements
  - Drop upstream patches:
    0e0c1a74-domid-fix.patch, 7a1452f5-libxl-empty-cdrom.patch
- libxl: Support ACPI shutdown event
  b98bf811-add-paravirt-shutdown-flag.patch,
  c4fe29f8-use-shutdown-flag.patch, da744120-use-reboot-flag.patch
  bnc#872777
- libx: Support migration
  libxl-migration-support.patch
  bnc#875193
- CVE-2014-0179: Don't expand entities when parsing XML
  d6b27d3e-CVE-2014-0179.patch
  bnc#873705
- blacklist one more unit test for qemu_linux_user builds
- libxl: Set disk format for empty cdrom device
  0e0c1a74-domid-fix.patch, 7a1452f5-libxl-empty-cdrom.patch
  bnc#872517
- Fate#315125: add NOCOW flag
  add-nocow-to-vol-xml.patch
- Removed libxl-hvm-vnc.patch: went upstream in another form
- Update to libvirt 1.2.3
  - add new virDomainCoreDumpWithFormat API
  - conf: Introduce virDomainDeviceGetInfo API
  - more features and fixes on bhyve driver
  - lot of cleanups and improvement on the Xen driver
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
- Add /usr/sbin/rc{libvirtd,virtlockd,libvirt-guests} symlinks
  to preserve backwards compatibility
  bnc#868190
- Improve lock manager comments in qemu.conf
  Updated suse-qemu-conf.patch
- Create /etc/libvirt/hooks to allow using hook scripts
- Update to libvirt 1.2.2
  - add LXC from native conversion tool
  - vbox: add support for v4.2.20+ and v4.3.4+
  - CVE-2013-6456 (bnc#857490)
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Drop upstream patches: 37564b47-xend-parse-response.patch,
    4f20084-fix-apparmor-install-patch.patch
  - Add local disable-virCgroupGetPercpuStats-test.patch to disable
    failing virCgroupGetPercpuStats test in 'make check'
- daemon-qemu: Require qemu instead of kvm to align with
  recent changes to the qemu package structure
- spec: fix dependencies of daemon-config-network and
  daemon-config-nwfilter subpackages.  Influenced by upstream
  commits cf76c4b3 and dca5ce4c
- Remove libvirtd, virtlockd, and libvirt-guests init scripts when
  using systemd
  bnc#863540
- Fix the path to libvirtd AppArmor template profile
- Fix parsing xend http response
  37564b47-xend-parse-response.patch
  rhb#1055165
- Add CAP_SYS_PACCT capability to libvirtd AppArmor profile
  Modified install-apparmor-profiles.patch
  bnc#817407
- Fix build on code 11
- Fix rpmlint warning
- Following the upstream pattern, introduce the
  daemon-config-network subpackage to handle defining the default
  network
  bnc#859041
- Update to libvirt 1.2.1
  - CVE-2014-0028, CVE-2014-1447, CVE-2013-6458, CVE-2013-6457,
    CVE-2013-6436
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Dropped upstream patches: 5e397d9c-test-fix-dbus-crash.patch,
    78af457e-fix-virnettlscontexttest.patch,
    9faf3f29-LXC-memtune.patch, f8c1cb90-CVE-2013-6436.patch,
    libxl-hvm-nic.patch
- Ignore 'make check' on older, code 11 base
- Fixed and reenabled unit tests. bnc#854694
- Remove dependency on pm-utils from libvirt-client
  bnc#856381
- CVE-2013-6436: Fix crashes in lxc memtune code, one of which
  results in DoS
  f8c1cb90-CVE-2013-6436.patch, 9faf3f29-LXC-memtune.patch
  bnc#854486
- More adjustments to the spec file to fix package dependency
  issues
  bnc#848918
- Update to libvirt 1.2.0
  - Add support for gluster pool
  - Separation of python binding
  - vbox: add support for 4.3 APIs
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Updated and renamed clone.patch to ia64-clone.patch
- Enabled numad support for openSUSE >= 13.1
- Link with same versions of libnl used by netcontrol to prevent
  crashing libvirtd on start
- Add '/etc/sasl2' to libvirt-client file list to fix Factory build
- Fix starting of libvirtd when NetworkManager is enabled
  Modified libvirt-suse-netcontrol.patch
- Allow execution of libvirt hook scripts in /etc/libvirt/hooks/
  in libvirtd AppArmor profile
- Update to libvirt 1.1.4
  - Add support for AArch64 architecture
  - Various improvements on test code and test driver
  - Don't link virt-login-shell against libvirt.so
  - Close all non-stdio FDs in virt-login-shell
  - Only allow 'stderr' log output when running setuid
  - Fix perms for virConnectDomainXML{To,From}Native
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Drop upstream patches: e7f400a1-CVE-2013-4296.patch,
    2dba0323-CVE-2013-4297.patch, db7a5688-CVE-2013-4311.patch,
    e65667c0-CVE-2013-4311.patch, 922b7fda-CVE-2013-4311.patch,
    e4697b92-CVE-2013-4311.patch, 8294aa0c-CVE-2013-4399.patch,
    484cc321-fix-spice-migration.patch,
    79552754-libvirtd-chardev-crash.patch,
    57687fd6-CVE-2013-4401.patch, ae53e5d1-CVE-2013-4400.patch,
    8c3586ea-CVE-2013-4400.patch, b7fcc799a-CVE-2013-4400.patch,
    3e2f27e1-CVE-2013-4400.patch, 5a0ea4b7-CVE-2013-4400.patch,
    843bdb2f-CVE-2013-4400.patch,
    bd773e74-lxc-terminate-machine.patch,
    e350826c-python-fix-fd-passing.patch
- Allow execution of Xen binaries in /usr/lib{,64}/xen/bin in
  libvirtd AppArmor profile
  bnc#849524
- Require libvirt-daemon-<hypervisor> in the main libvirt package
  for each supported hypervisor
  bnc#850882
- Fix initialization of libxl NIC devices
  libxl-hvm-nic.patch
  bnc#848918
- Fix typo in libvirtd apparmor profile which prevented the profile
  from loading
  bnc#848216
- libxl driver: fix initialization of VNC and SDL info for
  HVM domains
  libxl-hvm-vnc.patch
  bnc#847566
- Allow libvirtd apparmor profile to access /etc/xen/scripts/*
- Fix file descriptor passing in python bindings
  e350826c-python-fix-fd-passing.patch
  rhb#1021434
- Have systemd terminate the machine as a workaround of fdo#68370
  bd773e74-lxc-terminate-machine.patch
  bnc#842834
- Spec file fixes to only package libvirt-login-shell when
  building the LXC driver
- CVE-2013-4400: Unsantized use of env variables allows privilege
  escalation via virt-login-shell
  ae53e5d1-CVE-2013-4400.patch, 8c3586ea-CVE-2013-4400.patch,
  b7fcc799a-CVE-2013-4400.patch, 3e2f27e1-CVE-2013-4400.patch,
  5a0ea4b7-CVE-2013-4400.patch, 843bdb2f-CVE-2013-4400.patch
  bnc#837609
- CVE-2013-4401: Fix perms for virConnectDomainXML{To,From}Native
  57687fd6-CVE-2013-4401.patch
  bnc#845704
- Move hypervisor-specific files out of libvirt-daemon package
  and into libvirt-daemon-<hypervisor> subpackage
  bnc#845851
- conf: Don't crash on invalid chardev source definition
  79552754-libvirtd-chardev-crash.patch
  bnc#845704, rhb#1012196
- Use newer libnl3 instead of libnl-1_1
  bnc#845540
- Move virt-login-shell to new subpackage libvirt-login-shell,
  requiring users to opt-in for this setuid binary.  Note: For now,
  virt-login-shell will not have setuid permissions, pending
  resolution of bnc#837609
- qemu: Fix seamless SPICE migration
  484cc321-fix-spice-migration.patch
  bnc#842301
- CVE-2013-4399: Fix crash in libvirtd when events are registered
  and ACLs active
  8294aa0c-CVE-2013-4399.patch
  bnc#844052, bnc#842300
- Update the stale gettext BuildRequires and Requires dependencies
  in the spec file
  bnc#841325
- virt-aa-helper apparmor profile was denying read access to
  /proc/$PID/*.  Give read accesss to these files.
  Updated install-apparmor-profiles.patch
  bnc#841720
- libvirtd apparmor profile was denying access to
  /usr/lib/xen/bin/qemu-system-i386, which is now the default
  emulator used with Xen guests
  Updated install-apparmor-profiles.patch
  bnc#845648
- Fix condrestart|try-restart invocation of virtlockd init script
  Modifed virtlockd-init-script.patch
- CVE-2013-4311: Add support for using 3-arg pkcheck syntax for
  process
  db7a5688-CVE-2013-4311.patch, e65667c0-CVE-2013-4311.patch,
  922b7fda-CVE-2013-4311.patch, e4697b92-CVE-2013-4311.patch
  bnc#836931
- CVE-2013-4296: Fix crash in remoteDispatchDomainMemoryStats
  e7f400a1-CVE-2013-4296.patch
  bnc#838638
- CVE-2013-4297: Fix crash in virFileNBDDeviceAssociate
  2dba0323-CVE-2013-4297.patch
  bnc#838642
- Update to libvirt 1.1.2
  - various improvements to libxl driver
  - systemd integration improvements
  - Add flag to BaselineCPU API to return detailed CPU features
  - Introduce a virt-login-shell binary
  - conf: add startupPolicy attribute for harddisk
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Drop upstream patches: bcef0f01-libxl-console.patch,
    9d0557b9-legacy-xen-double-free.patch,
    d7a45bf2-legacy-xen-dumpxml.patch, 0e671a16-CVE-2013-4239.patch
  - Includes fixes for bnc#837530, bnc#837531, bnc#837999
- Fix memory corruption in legacy Xen driver
  0e671a16-CVE-2013-4239.patch
  bnc#834598
- Upstream patches to fix dumpxml in legacy Xen driver
  9d0557b9-legacy-xen-double-free.patch,
  d7a45bf2-legacy-xen-dumpxml.patch
- Backport upstream patch implementing domainOpenConsole in the
  libxl driver.  Allows 'virsh console dom-name' to work with
  Xen libxl toolstack.
  bcef0f01-libxl-console.patch
- Update to libvirt 1.1.1
  - Adding device removal or deletion events
  - Introduce new domain create APIs to pass pre-opened FDs to LXC
  - Add interface versions for Xen 4.3
  - Add new public API virDomainSetMemoryStatsPeriod
  - Various LXC improvements
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Drop upstream patches: f38c8185-CVE-2013-2230.patch,
    fd2e3c4c-xen-sysctl-domctl.patch, dfc69235-CVE-2013-4153.patch,
    96518d43-CVE-2013-4154.patch, fe89fd3b-storage-pool-deadlock.patch
  - Drop relax-qemu-usergroup-check.patch - no longer needed
    after hypervisor-specific daemon package split
- Unlock the storage volume object after looking it up
  fe89fd3b-storage-pool-deadlock.patch
  rhb#980676
- CVE-2013-4153: Fix double free of returned JSON array in
  qemuAgentGetVCPUs()
  dfc69235-CVE-2013-4153.patch
- CVE-2013-4154: Prevent crash of libvirtd without guest agent
  configuration
  96518d43-CVE-2013-4154.patch
  bnc#830498
- Fix legacy xen driver with Xen 4.3
  fd2e3c4c-xen-sysctl-domctl.patch
- CVE-2013-2230: Fix crash when multiple event callbacks were
  registered
  f38c8185-CVE-2013-2230.patch
  bnc#827801
- Update to libvirt 1.1.0
  - Extensible migration APIs
  - Add a policy kit access control driver
  - various improvements in the Xen and libxl drivers
  - improve networking support on BSD
  - agent based vCPU hotplug support
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Drop upstream patches: 244e0b8c-CVE-2013-2218.patch
- Only require lzop if suse_version > 1210
- Fix typo in spec file
- Enable support for netcontrol by default
- Only require libvirt-daemon-driver-interface when building the
  interface driver
- CVE-2013-2218: Fix crash listing network interfaces with filters
  244e0b8c-CVE-2013-2218.patch
- Add xencommons as 'Wanted' in the systemd libvirtd service file
  systemd-service-xen.patch
  bnc#820888
- Fix build for SLE11 SP2
- Add a README to the empty packages.  Provides some info about
  their purpose and satisfies suse-filelist-empty check.
  Drop rpmlintrc
- Fix typo in spec file: devel package requires doc package, not
  docs
- Add rpmlintrc to get around suse-filelist-empty error on
  older distros.
- Refactor libvirt spec file to create subpackages for the various
  libvirtd components.  This allows installing a libvirtd tailored
  for the underlying virtualizer.  E.g. on a KVM/QEMU virtualizer
  only the libvirt-daemon-qemu package needs installed.
  Similarly, only libvirt-daemon-xen on a Xen virtualizer and
  libvirt-daemon-lxc on LXC.
- Update to libvirt 1.0.6
  - Move VirtualBox driver into libvirtd
  - Support for static routes on a virtual bridge
  - Various improvement for hostdev SCSI support
  - Switch to VIR_STRDUP and VIR_STRNDUP
  - Various cleanups and improvement in Xen and LXC drivers
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Drop upstream patches: f493d83f-cgroup-swap-control.patch,
    486a86eb-cgroups-docs.patch, 0ced83dc-cgroup-escape-dot.patch,
    bbe97ae9-no-cgroups.patch, c2cf5f1c-no-cgroups-fix.patch,
    95c6cc34-selinux.patch
- Update to libvirt 1.0.5.1 stable release
  - qemu: Fix cgroup handling when setting VCPU BW
  - daemon: fix leak after listing all volumes
  - Fix iohelper usage with streams opened for read
  - util: fix virFileOpenAs return value and resulting error logs
  - iscsi: don't leak portal string when starting a pool
  - don't mention disk controllers in generic controller errors
  - conf: don't crash on a tpm device with no backends
  - qemu: allocate network connections sooner during domain startup
  - Make detect_scsi_host_caps a function on all architectures
  - Fix release of resources with lockd plugin
  - Fix potential use of undefined variable in remote dispatch code
  - Fix F_DUPFD_CLOEXEC operation args
  - qemu: fix stupid typos in VFIO cgroup setup/teardown
  - network: fix network driver startup for qemu:///session
- Remove patches that are included in the 1.0.5.1 release
  0471637d-cgroups-vcpu-bw.patch, a2214c52-iohelper.patch,
  ca697e90-CVE-2013-1962.patch
- Don't mount selinux fs in LXC if selinux is disabled
  95c6cc34-selinux.patch
  bnc#814680
- fix leak after listing all volumes - CVE-2013-1962
  ca697e90-CVE-2013-1962.patch
  bnc#820397
- Fix iohelper usage with streams opened for read
  a2214c52-iohelper.patch
- Cope with missing swap cgroup controls
  f493d83f-cgroup-swap-control.patch
  bnc#819976
- Fix cgroup handling when setting VCPU BW
  0471637d-cgroups-vcpu-bw.patch
  rhb#963592
- Escape a leading '.' with '_' in the cgroup names
  0ced83dc-cgroup-escape-dot.patch
- Add missing documentation on new cgroup layout
  486a86eb-cgroups-docs.patch
- Another fix related to systems with no cgroups
  c2cf5f1c-no-cgroups-fix.patch
  bnc#819963
- Fix botched backport of commit bbe97ae9
- Fix starting domains when kernel has no cgroups support
  bbe97ae9-no-cgroups.patch
- Update to libvirt 1.0.5
  - PPC64: Add NVRAM device
  - Add XML config for resource partitions
  - Add support for TPM
  - NPIV storage migration support
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
- Update to libvirt 1.0.4
  - qemu: support passthrough for iscsi disks
  - various S390 improvements
  - various LXC bugs fixes and improvements
  - add API for thread cancellation
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Drop upstream patches: ce4557c3-apparmor-tapfd-label.patch
    libvirt-iptables-1.4.18.diff
- add libvirt-iptables-1.4.18.diff, fix masquerading with iptables
  v1.4.18 (--state match is deprectated, use conntrack instead)
- Fix PCI device attach for xen HVM domains
  fix-pci-attach-xen-driver.patch
  FATE#313570
- Apparmor security driver: Ensure tapfd's are labled when
  generating the guest profile.
  Modified install-apparmor-profiles.patch, added upstream patch
  ce4557c3-apparmor-tapfd-label.patch
  bnc#807940
- Grant permission to use datagram packets in libvirtd apparmor
  profile.
  Remove AF_PACKET.patch, modify install-apparmor-profiles.patch
  bnc#801145
- Add 'managed' PCI passthrough support to legacy xen driver
  support-managed-pci-xen-driver.patch
  FATE#313570
- Update to libvirt 1.0.3
  - Introduce virDomainMigrate*CompressionCache APIs
  - Introduce virDomainGetJobStats API
  - Add basic support for VDI images
  - Introduce API virNodeDeviceLookupSCSIHostByWWN
  - Various locking improvements
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Drop upstream patches: a6b8bae5-python-generator-fix1.patch,
    25ea8e47-python-generator-fix2.patch,
    567779e5-libxl-default-disk-backend.patch
- Fix path to qemu-bridge-helper in libvirt-qemu apparmor profile
  Modified install-apparmor-profiles.patch
- Fix detach of managed PCI devices from inactive domains.
  Detected while running test cases for FATE #313570.
  Modified xen-name-for-devid.patch
- spec: Fix installation of default network
- Fix default setting of backend field of libxl_device_disk
  567779e5-libxl-default-disk-backend.patch
  rhb#912488
- Fix build on IA64
  Modified clone.patch
- Fix error handling in python bindings
  a6b8bae5-python-generator-fix1.patch
  25ea8e47-python-generator-fix2.patch
  bnc#802619
- Require modutils instead of module-init-tools.
- Update to libvirt 1.0.2
  - LXC improvements
  - S390 architecture improvements
  - Power architecture improvements
  - large Coverity report cleanups and associated bug fixes
  - virTypedParams* APIs to help with those data structures
  - libxenlight driver improvements
  - Fixes CVE-2013-0170, bnc#800976
  - Drop upstream patches: 68e7bc45-libxl-link-fix.patch,
    462a6962-script-fixes1.patch, cb854b8f-script-fixes2.patch,
    5ec4b22b-script-fixes3.patch, a1fd56cb-script-fixes4.patch,
    66ff2ddc-virtlockd-systemd-file-perms.patch
- Unconditionally build sanlock support
  bnc#799262
- Fix interface management functions that were broken when
  rebasing libvirt-suse-netcontrol.patch
  bnc#799444 (SLES bug that affect Factory too)
- Update to libvirt 1.0.1
  - Introduce virtlockd daemon
  - parallels: add disk and network device support
  - Add virDomainSendProcessSignal API
  - Introduce virDomainFSTrim() public API
  - add fuse support for libvirt lxc
  - Add Gluster protocol as supported network disk backend
  - various snapshot improvements
- Add upstream patches to fix bugs in 1.0.1
  66ff2ddc-virtlockd-systemd-file-perms.patch,
  462a6962-script-fixes1.patch, cb854b8f-script-fixes2.patch,
  5ec4b22b-script-fixes3.patch, a1fd56cb-script-fixes4.patch,
  68e7bc45-libxl-link-fix.patch
- Rework SUSE patches for the various init scripts
  Dropped use-init-script-redhat.patch and added
  libvirtd-init-script.patch, libvirt-guests-init-script.patch,
  and virtlockd-init-script.patch
- Update to libvirt 1.0.0
  - virNodeGetCPUMap: Define public API
  - Add systemd journal support
  - Add a qemu capabilities cache manager
  - USB migration support
  - various improvement and fixes when using QMP QEmu interface
  - Support for Xen 4.2 in legacy xen driver
  - Lot of localization enhancements
  - Drop upstream patches: 371ddc98-xen-sysctl-9.patch,
    416eca18-xenstore-header-fix.patch,
    f644361b-virCommand-env.patch, 2b32735a-virCommand-env.patch,
    9785f2b6-fix-xen-sysctl9.patch
- Fix Xen sysctl version 9 support
  9785f2b6-fix-xen-sysctl9.patch
- Add upstream patches to support latest libguestfs
  f644361b-virCommand-env.patch
  2b32735a-virCommand-env.patch
- Fix build when using -werror
  416eca18-xenstore-header-fix.patch
- Support Xen sysctl version 9
  371ddc98-xen-sysctl-9.patch
  bnc#781425
- Temporarily disable building libxl driver.  The current
  implementation does not support libxl in Xen 4.2.
- Update to libvirt 0.10.2
  - network: define new API virNetworkUpdate
  - add support for QEmu sandbox support
  - blockjob: add virDomainBlockCommit
  - node_memory: Define the APIs to get/set memory parameters
  - list: Define new API virConnectListAllSecrets
  - list: Define new API virConnectListAllNWFilter
  - list: Define new API virConnectListAllNodeDevices
  - list: Define new API virConnectListAllInterfaces
  - list: Define new API virConnectListAllNetworks
  - list: Define new API virStoragePoolListAllVolumes
  - list: Define new API virStorageListAllStoragePools
  - parallels: add support of containers to the driver
  - Add PMSUSPENDED life cycle event
  - Add per-guest S3/S4 state configuration
  - qemu: Support for Block Device IO Limits
- Update to libvirt 0.10.1
  - Bug fix release for critical bugs in 0.10.0
  - Drop upstream patch f781e276-xen-driver-fix.patch
- Update to libvirt 0.10.0
  - agent: add qemuAgentArbitraryCommand()
  - Introduce virDomainPinEmulator and virDomainGetEmulatorPinInfo
  - network: use firewalld instead of iptables, when available
  - network: make network driver vlan-aware
  - esx: Implement network driver
  - driver for parallels hypervisor
  - Various LXC improvements
  - Add virDomainGetHostname
  - Drop upstream patches
    4036aa91-systemd.patch
    6039a2cb-CVE-2012-3445.patch
- Fix xen driver following changes to make it stateful
  f781e276-xen-driver-fix.patch
  bnc#778006
- Update to libvirt 0.9.13
  - S390: support for s390(x)
  - snapshot: implement new APIs for esx and vbox
  - snapshot: new query APIs and many improvements
  - virsh: Allow users to reedit rejected XML
  - nwfilter: add DHCP snooping
  - storage backend: Add RBD (RADOS Block Device) support
  - sVirt support for LXC domains inprovement
  - Drop upstream patches
    0dda594d-libvirtd-shutdown-deadlock.patch
    9c77bf04-fix-virnetserver-refcnt.patch
    57349ffc-lxc-ctrl.patch
    revert-d8978c90.patch
_ Update to libvirt 0.9.12
  - qemu: allow snapshotting of sheepdog and rbd disks
  - blockjob: add new AP
  - many bug fixes and improvements
- daemon: Fix crash in virTypedParameterArrayClear
  CVE-2012-3445
  6039a2cb-CVE-2012-3445.patch
  bnc#773955
- libvirtd.service: ensure libvirtd starts after network
  4036aa91-systemd.patch
  bnc#767932
- Add upstream patch to fix ref count of virNetServer object
  9c77bf04-fix-virnetserver-refcnt.patch
- Fix libvirtd deadlock on shutdown
  0dda594d-libvirtd-shutdown-deadlock.patch
  bnc#767797
- Fix segfault in libvirt_lxc
  57349ffc-lxc-ctrl.patch
  bnc#767448
- Fix build on i586
  revert-d8978c90.patch
- Update to libvirt 0.9.11.4 stable release
- VUL-1: Fix hotplug support for usb devices with same vendorID,
  productID
  9914477e-usb-search-funcs.patch
  05abd150-usb-improve-hotplug.patch
  bnc#766559
- Add capability 'audit_write' to libvirtd apparmor profile
  update install-apparmor-profiles.patch
  bnc#764388
- Update to libvirt 0.9.11.3 stable release
- Copy user in virURIParse
  4eb1c256-viruri-user.patch
  bnc#757766
- yajl is availabile in all supported SUSE products, so always
  use it when building libvirtd
- Update to libvirt 0.9.11
  - Add support for the suspend event
  - Add support for event tray moved of removable disks
  - qemu: Support numad
  - cpustats: API, improvements and qemu support
  - qemu: support type='hostdev' network devices at domain start
  - Introduce virDomainPMWakeup API
  - network: support Open vSwitch
  - snapshot improvements
- Remove unconditional define of 'with_netcontrol'
- Add a note in /etc/libvirt/qemu.conf describing administrator
  vigilance required when enabling a lock manager such as sanlock
- Recommend dmidecode if suse_version > 1110.  dmidecode is used
  by virConnectGetSysinfo.
- Add upstream patches to fix issues with older PolicyKit
  c05ec920-polkit0-build.patch
  fcdfa31f-polkit0-auth.patch
- Update to libvirt 0.9.10
  - Add support for sVirt in the LXC driver
  - Add new API virDomainBlockRebase
  - Add api to set and get domain metadata
  - virDomainGetDiskErrors public API
  - Add rawio attribute to disk element of domain XML
  - Introduce virDomainPMSuspendForDuration API
  - Add virStorageVolResize() API
  - Add a virt-host-validate command to sanity check HV config
  - Add new virDomainShutdownFlags API
  - QEMU guest agent support
- Fix libvirtd apparmor profile to work with libxenlight toolstack
  Updated install-apparmor-profiles.patch
  bnc#745890
- Fix init script packaging after enabling systemd support
- Fix %files after enabling sanlock support
- Enable libvirt integration with sanlock
- During configure, libvirt checks for availability of iptables
  binary and doesn't actually use anything from iptables-devel
  package, hence only need 'BuildRequires: iptables'.
- Update to libvirt 0.9.9
  - Add new API virDomain{S,G}etInterfaceParameters
  - Add new API virDomain{G,S}etNumaParameters
  - Add support for ppc64 qemu
  - Support Xen domctl v8
- Fixup systemd support as per openSUSE systemd packaging
  guidelines.
- Use %fdupes for duplicate file checking instead of hand-rolled
  function
- CVE-2011-4600: unintended firewall port exposure after restarting
  libvirtd when defining a bridged forward-mode network
  ae1232b2-CVE-2011-4600.patch
  bnc#736082
- Post-0.9.8 upstream systemd patches
  10404671-systemd-build-fix.patch 478a4d07-systemd-build-fix.patch
- Update to libvirt 0.9.8
  - Add support for QEMU 1.0
  - Add first parts of PPC cpu driver
  - Add new API virDomain{Set, Get}BlockIoTune
  - block_resize: Define the new API
  - Add a public API to invoke suspend/resume on the host
  - Various improvements for LXC containers
  - Define keepalive protocol and add virConnectIsAlive API
  - Add support for STP and VLANfiltering
  - Numerous bug fixes and improvements
- Add support for QEMU 1.0
  dd8e8956-qemu-1.0.patch
  bnc#736569
- Allow qemu driver (and hence libvirtd) to load when qemu
  user:group does not exist.  The kvm or qemu package, which may
  not exist on a xen host, creates qemu user:group.
  relax-qemu-usergroup-check.patch
- Handle empty strings in s-expression returned by xend
  a495365d-sexpr-empty-str.patch
  bnc#731344
- Allow libvirtd to access libvirt_{io,part}helper when confined
  by apparmor
  Update install-apparmor-profiles.patch
  bnc#730435
- Accommodate Xen domctl version 8
  xen-domctl-ver8.patch
- add libtool as buildrequire to avoid implicit dependency
- Fix build when using older PolicyKit
  d47ab3fe-polkit0.patch
- Update to libvirt 0.9.7
  - esx: support vSphere 5.x
  - vbox: support for VirtualBox 4.1
  - Introduce the virDomainOpenGraphics API
  - Add AHCI support to qemu driver
  - snapshot: many improvements and 2 new APIs
  - api: Add public api for 'reset'
- Add AHCI controller support to qemu driver
  c1bc3d89-qemu-add-ahci.patch
- Set security driver to 'none' in /etc/libvirt/qemu.conf.  Users
  must opt-in for Apparmor confinement of qemu instances.
  suse-qemu-conf.patch
- Revert upstream commit f84aedad, which is not needed since
  affected SUSE kvm packages have the necessary qemu fix
  f84aedad-revert.patch
- Update to libvirt 0.9.6
  - Fix shutdown regression with buggy qemu
- Fixed typos in libvirt.spec
- Update to libvirt 0.9.5
  - many snapshot improvements
  - latency: Define new public API and structure
  - USB2 and various USB improvements
  - storage: Add fs pool formatting
  - Add public API for getting migration speed
  - Add basic driver for Microsoft Hyper-V
  - Many bug fixes and improvements
- Enable building with libnetcontrol
- Select libnl-1_1-devel
- Set qemu migration speed unlimited when migrating to file
  7e5f6a51-rpc-generator.patch b12354be-mig-speed-1.patch
  1282bd80-mig-speed-2.patch 6f84e110-mig-speed-3.patch
  829bce17-mig-speed-4.patch 8fc40c51-mig-speed-5.patch
  ef1065cf-mig-speed-6.patch 0257ba8f-mig-speed-7.patch
  bnc#706436
- Increase max size of buffer used to receive xend response
  57c95175-xend-buff-size.patch
- Don't overwrite useful error messages in legacy xen driver
  32620dab-fix-xen-err-msg.patch
  bnc#711096
- Add upstream patches to stop excessive logging
  7f2498ef-no-log-invalid.patch 6ff9fc26-quiet-libxl-logging.patch
- Add 'Conflicts: kvm < 0.14.1' to ensure libvirt is using a
  kvm package that creates qemu user:group.  Remove user:group
  creation from libvirt
  bnc#694883
- Add libvirt group at package installation
  bnc#694885
- Explicitly add 'BuildRequires: libgcrypt-devel' since it is no
  longer required by libgnutls-devel
- netcf is buggy and not well maintained in SUSE.  Disable it in
  libvirt
- polkit support was mistakenly disabled, re-enable
- Add cgconfig to Should-{Start,Stop} in libvirtd init script
  bnc#712245
- Fix apparmor profile location and content
  update install-apparmor-profiles.patch
  bnc#705668
- Fix libvirtd SIGHUP handler
  9e093f0b-libvirtd-sighup.patch
- add baselibs.conf to sources
- Enable apparmor security dirver, SLES bnc#705668
  install-apparmor-profiles.patch
- Update to libvirt 0.9.4
  - bandwidth QoS control
  - Add new API virDomainBlockPull*
  - save: new API to manipulate save file images
  - CPU bandwidth limits support
  - allow to send NMI and key event to guests
  - new API virDomainUndefineFlags
  - Implement code to attach to external QEMU instances
  - various missing python binding
  - bios: Add support for SGA
  - Numerous improvements and documentation / bug fixes
- Add some upstream patches to fix memory leaks and some bugs
  in new rpc code
  c2ddd536-cert-key-order.patch 3e5d48ef-rpc-1.patch
  927dfcf6-rpc-2.patch 2c85644b-rpc-3.patch afe8839f-rpc-4.patch
  3cfdc57b-rpc-5.patch 7518ad75-remote-mem-leak.patch
  a34e193f-statstest.patch 41828514-skip-xen-tests.patch
  eb314315-pv-kernel-cmdline.patch 00d3c5a6-remove-dead-code.patch
  b8adfcc6-fix-polkit0-build.patch b2534529-unused-param.patch
- Update to libvirt 0.9.3
  - vcpupin: introduce the new libvirt API (virDomainGetVcpupinInfo)
  - Add TXT record support for virtual DNS service
  - Support reboots with the QEMU driver
  - Introduce virDomainGetControlInfo API
  - virNodeGetMemoryStats: Expose new API
  - virNodeGetCPUTime: Implement public API
  - send-key: Defining the public API
  - vcpupin: introduce a new libvirt API (virDomainPinVcpuFlags)
  - support multifunction PCI device
  - lxc: various improvements
- Create qemu user:group if necessary at package installation.
  More fallout from bnc#694883
- VUL-0: libvirt: integer overflow in VirDomainGetVcpus
  774b21c1-CVE-2011-2511.patch
  bnc#703084
- Enable building libvirt with audit support
  bnc#694891
- fate#311371 Enhance yast to configure live migration for
  Xen and KVM
  add firewall service file for libvirt
- Invoke qemu instances as user:group qemu:qemu by default
  bnc#694883
- Update to libvirt 0.9.2
  - Framework for lock manager plugins
  - API for network config change transactions (netcf required)
  - flags for setting memory parameters
  - virDomainGetState public API
  - qemu: allow blkstat/blkinfo calls during migration
  - Introduce migration v3 API
  - Defining the Screenshot public API
  - public API for NMI injection
- spec file: Adjust some directory attributes to support running
  non-privileged qemu instances
- Remove vi_VN locale if suse_version < 11.3
- Enable cap_ng when building lxc support.
- Update to libvirt 0.9.1
  - support various persistent domain updates
  - improvements on memory APIs
  - Add virDomainEventRebootNew
  - various improvements to libxl drive
  - Spice: support audio, images and stream compression
- Move libvirt-iohelper from client to base package
- fix baselibs.conf not to requires source 32bit
- Install log dir for libxl
  f7e9b448-libxl-build.patch
- Update to libvirt 0.9.0 final
  - Support cpu usage tuning
  - Add public APIs for storage volume upload/download
  - Add public API for setting migration speed on the fly
  - Add libxenlight driver
  - qemu: support migration to fd
  - add virDomain{Get,Set}BlkioParameters
  - introduce a new libvirt API (virDomainSetMemoryFlags)
  - Expose event loop implementation as a public API
  - Dump the debug buffer to libvirtd.log on fatal signal
  - Audit support
  - Numerous enhancements and bug fixes
- Update to libvirt 0.9.0 RC3
- use %first_lang before changing symlinks, find_lang removes
  unsupported languages
- VUL-0: libvirt: several API calls do not honour read-only
  connection
  71753cb7-CVE-2011-1146.patch
  bnc#678406
- Add baselibs.conf file to build xxbit packages
  for multilib support
  bnc#676921
- Minor fixes for libvirt-guests
  bnc#653398
- Do not add drive 'boot=on' param when a kernel is specified
  efc2594b-boot-param.patch
- Update to libvirt 0.8.8 final
  - sysinfo: expose new API
  - cgroup blkio weight support
  - smartcard device support
  - qemu: Support per-device boot ordering
- Update to libvirt 0.8.8 RC3
- Update to libvirt 0.8.8 RC1
- Remove explicit dependency on libyajl
  libvirt.spec
  bnc#668225
- Retry JSON monitor 'cont' cmd on MigrationExpected error
  4301b95a-json-cont-cmd.patch
- Add support for specifying Hardware Assisted Paging (HAP) in
  libvirt domain XML.
  48a5dccd-hap1.patch
  04197350-hap2.patch
  af521a01-hap3.patch
  79f56c66-hap4.patch
  094c6f4a-hap-fix.patch
  bnc#659665
- Enabled yajl for suse_version >= 1140
- Fix generation of dnsmasq's --dhcp-hostsfile option
  a43c7338-dnsmasq-hostfile-fix.patch
- Disable yajl support as the library does not yet exist in
  SuSE distros.
- Support libvirt-guests on SuSE distros
  use-libvirt-guests-on-suse.patch
  bnc#653398
- Update to libvirt 0.8.7
  - Preliminary support for VirtualBox 4.0
  - IPv6 support
  - Add VMware Workstation and Player driver
  - Add network disk support
- Fix VNC port reservation race in qemu driver
  c58b1056-init-bitmap-size.patch
  bnc#659431
- Do not limit insserv_cleanup to SLES
- disable building openvz driver
- Update to libvirt 0.8.6
  - new API virDomainIsUpdated
  - Add support for iSCSI target auto-discovery
  - QED: Basic support for QED images
  - Introduce a virDomainOpenConsole API
  - Support for SPICE graphics
  - Add a sysinfo and SMBIOS support
  - Implement virsh qemu-monitor-command
- Enabled yajl, macvtap, and virtualport for suse_version >= 1140
- Fix build when using "policy kit 0"
  polkit0.patch
- Update to libvirt 0.8.5
  - Enable JSON and netdev features in QEMU > 0.13
  - framework for auditing integration
  - framework for DTrace/SystemTap integration
  - Setting the number of vcpu at boot
  - Enable support for nested SVM
  - Virtio plan9fs filesystem QEMU
  - Memory parameter controls
  - portability to OS-X
  - lot of bug fixes and other improvements
- cannot restart dead libvirtd without manually removing pidfile
  modified libvirtd.init
  bnc#645755
- Fix package dependencies so can be installed without
  pulling excess of optional components
- Support dropping capabilities with cap-ng library in
  openSUSE >= 11.3
- Fix build when virtualport support is available but macvtap is
  disabled.
  vport-configure.patch
- Fix CDROM media change for Xen PV domains
  modified xen-pv-cdrom.patch
  bnc#636231
- Update to libvirt 0.8.4
  - various improvements to UML driver
  - documentation improvements
  - lot of bug fixes and other improvements
  - enable ESX driver for openSUSE
- Update to libvirt 0.8.3
  - Support vSphere 4.1
  - Qemu arbitrary monitor commands
  - Qemu Monitor API entry point
  - lots of improvements and bug fixes
- VUL-0: multiple issues in libvirt
  CVE-2010-223x-000[1-0].patch, CVE-2010-223x-0010.patch,
  CVE-2010-2242-nat.patch
  bnc#618155
- Use netcat-openbsd, which contains a proper 'nc' program
  supporting the '-U' option.  Drop socat.patch.
  bnc#611023
- Re-enable numa support now that bnc#598488 is resolved.
- Allocate buffer to hold xend content
  bnc#609738
  xend-buff-size.patch
- Add upstream fixes to bitmap code that was introduced to fix
  bnc#594024
  bitmap-alloc.patch
  bitmap-fixes.patch
- Fix race in VNC port reservation with qemu/KVM domains
  bnc#594024
  vnc-race-{1,2,3}.patch
- Don't package directories/files under /var/run
- Add upstream commit 34a7f3f6 to fix unintentional breakage of
  RPC protocol.
- Disable numa support in openSUSE11.3/Factory pending resolution
  of bnc#598488
- Update to libvirt 0.8.1
  - Add virDomainGetBlockInfo API to query disk sizing
  - Start dnsmasq from libvirtd with --dhcp-hostsfile option
  - lots of improvements and bug fixes
- Update to libvirt 0.8.0
  - Snapshot API framework
  - Add managed save API entry points
  - Timer subselection for domain clock
  - Add hook utilities
  - Network filtering API
  - Introduce a new virDomainUpdateDeviceFlags public API
  - Introduce a new public API for domain events
  - Public virDomainMigrateSetMaxDowntime API
  - Add public API for volume wiping
  - xenapi: Initial commit of the new driver
  - lots of improvements and bug fixes
- Fix 'virsh dominfo' crash when no security driver is configured
  fix-no-secdriver.patch
- Updated to version 0.7.7
  - Introduce public API for domain async job handling
  - macvtap support
  - Add QEMU support for virtio channel
  - Add persistence of PCI addresses to QEMU
  - Functions for computing baseline CPU from a set of host CPUs
  - Public API for virDomain{Attach,Detach}DeviceFlags
  - lots of improvements and bug fixes
- Ensure yast-created bridges are not manipulated by libvirt
  bnc#584757
  Modified suse-network.patch
- Fix ordering of xen disks to preserve 'bootable' flag
  bnc#474738
  xend-disk-order.patch
- Add support for blktap2 disks
  xen-tap2-support.patch
- Fix listing of yast-created bridges
  bnc#583754
  Modified suse-network.patch
- Add support for new XEN_DOMCTL_INTERFACE_VERSION version 7.
  xen-domctl-ver7.patch
- Unconditionally add /var/log/libvirt/{qemu,lxc,uml} directories.
  bnc#579522
- Updated to version 0.7.6
  - Implement support for multi IQN
  - Implement CPU topology support for QEMU driver
  - Use QEmu new device adressing when possible
  - Implement SCSI controller hotplug/unplug for QEMU
  - lots of improvements and bug fixes
- Support new XEN_SYSCTL_INTERFACE_VERSION 7 in libvirt
  bnc#574124
  xen-sysctl-v7.patch
- Add upstream patches as prelude to fixing various device
  attach/detach issues
  devflag-0[1-9].patch
- Fix attaching/detaching disk device from inactive Xen guest
  bnc#500586 and bnc#573748
- Fix migration with Xen4.0
  bnc#569598
  Add xen-migration-params.patch
  Remove migrate-params.patch
- Fix freeing of uninitialized pointer when using HAL in
  node device driver
  node-dev-free.patch
- Require virt-utils package for common tools such as qemu-img
- Updated to version 0.7.5
  - Add new API virDomainMemoryStats to header and drivers
  - Public API and domain extension for CPU flags
  - expose SR IOV physical/virtual function relationships
  - Support for JSON mode monitor [deactivated]
  - Support for interface model='netfront'
  - vbox: Add support for version 3.1
  - Support QEMU's virtual FAT block device driver
  - lots of improvements and bug fixes
- Fix libvirt xen hypervisor driver to work with domctl interface
  version 6
  xen-shr-pages.patch
- Plumb domain description in xend backend
  xend-description-tag.patch
- Fix listing of defined but inactive Xen domains
  xen-list-defined.patch
- Updated to version 0.7.4
  - Implement a node device backend using libudev
  - New APIs for checking some object properties
  - Fully asynchronous monitor I/O processing
  - add MAC address based port filtering to qemu
  - support for IPv6 / multiple addresses per interfaces
  - lots of improvements and bug fixes
- Fix compilation against xen-unstable
  xen-max-vcpus.patch
- Modify detach-disk.patch as per upstream suggestions
- spec file: Fix polkit vs PolicyKit Requires
- Fix compilation when selinux is enabled
  selinux-ldflags.patch
- Fix compilation warnings
  updated snapshots.patch
  virsh-warning.patch
- Updated to version 0.7.2
  - sVirt AppArmor security driver
  - Add public API definition for data stream handling
  - ESX add esxDomainDefineXML()
  - LXC: suspend/resume support
  - Big code tree cleanup
  - Lots of bug fixes and improvements
- Add ocfs2 to list of supported fs pool types
  fate#307387
- Build phyp driver ifarch ppc64
  fate#307096
- Fix memory leaks in libvirtd's message processing
  msg-proc-memleak.patch
- Fix connection ref counting in xen drivers
  xen-refcnt.patch
- Fix abort in virsh when specifying a connection URI
  vshdeinit-recurse.patch
- Workaround for missing pkgconfig file in device-mapper-devel
  devmap-no-pkgconfig.patch
  bnc#540942
- Updated to version 0.7.1
  - Add support for encrypted (qcow) volume creation
  - Secret manipulation public API
  - Multipath storage support module
  - VBox add Storage Volume support
  - Support configuration of huge pages in guests
  - Support new PolicyKit 1.0 API
  - Compressed save image format for Qemu
  - Qemu add host PCI device hotplug support
- Updated to version 0.7.0
  - Interface implementation based on netcf (disabled on SuSE)
  - Add new net filesystem glusterfs
  - Initial VMWare ESX driver
  - Add support for VBox 3 and event callbacks on vbox
  - First version of the Power Hypervisor driver
  - Run QEMU guests as an unprivileged user (still root on SuSE)
  - Support cgroups in QEMU driver
  - QEmu hotplug NIC support
  - Storage cloning for LVM and Disk backends
- Updated to version 0.6.5
  - create storage volumes on disk backend
  - drop of capabilities based on libcap-ng when possible
  - forbid autostart on transcient networks
  - re-detection of transient VMs after libvirtd restart
  - create and destroy NPIV support
  - other bug fixes and cleanups
- Removed unnecessary call to fillup_and_insserv macro in
  %post scriptlet
- Updated to version 0.6.2
  - support SASL auth for VNC server
  - memory ballooning in QEMU
  - SCSI HBA storage pool support
  - PCI passthrough in Xen driver
  - new APIs for Node device detach reattach and reset
  - sVirt mandatory access control support
  - thread safety of the API and event handling
  - allow QEmu domains to survive daemon restart
  - extended logging capabilities
  - support copy-on-write storage volumes
  - support of storage cache control options for QEMU/KVM
- Improvements from lnussel@suse.de
  - add %jobs macro again
  - package default qemu network and augeas config files again
  - don't start libvirtd by default (bnc#496838)
- use --disable-static instead of just removing static libraries

==== ltrace ====
Version update (0.7.2 -> 0.7.91)

- Update to git rev 6c6bcc3
  * * Prototype libraries
  - Each DSO can now ship an ltrace config file (called prototype
    library) that ltrace will open when that DSO is loaded to process
    image.  See ltrace(1) for details.
  - ltrace.conf is no longer part of installation tarball.  Instead,
    we now ship libc.so.conf, libm.so.conf, libacl.so.conf, and
    syscalls.conf.  Those are now istalled to /usr/share/ltrace by
    default.  /etc/ltrace.conf and $HOME/.ltrace.conf are still
    loaded if present, and can contain arbitrary user configuration.
  - The option -F was retrofitted to be a colon-separated list of
    prototype libraries, and directories to look for prototype
    libraries in.  On Linux, ltrace looks into XDG_CONFIG_HOME,
    XDG_CONFIG_DIRS, and /usr/share/ltrace as well.
  - Wide character strings are supported in prototypes.  Use "string"
    lens as usual, but use array of integers as underlying type.
    libc.so.conf now contains prototypes of wide character functions.
  - Sole void function parameter such as in the following example, is
    now considered obsolete:
    | int fork(void); |
    This use is still accepted, taken to mean "hide(int)", but
    produces a warning, and will be removed in future.
  - Prototypes are now read from DWARF debug info, if available. This
    complements the data available in config files
  * * Architectural support
  - MIPS and MIPSel are now handled by the same backend.
  - ARMv6, ARMv7 and ARMv8 (AArch64) are supported, including full
    fetch backend.  ARMv8 backend doesn't support tracing of 32-bit
    binaries, as currently there's no 32-bit userspace available for
    ARM64 processors.
  - Imagination Technologies Meta is now supported.
  - PowerPC64 ELFv2 little-endian ABI is now supported including full
    fetch backend.
  - On Linux, tracing of IFUNC symbols is supported.  On i386,
    x86_64, ppc32 with secure PLT and ppc64, IRELATIVE PLT slots are
    traced as well.
  * * -w output now shows full library path
    The output format is similar to glibc's backtrace_symbols, e.g.:
    > /bin/ls(_init+0x19be) [0x40398e]
    > /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed) [0x7f50cbc3676d]
    > /bin/ls(_init+0x25fd) [0x4045cd]
- Enable for ppc64le and aarch64

==== lxappearance ====
Subpackages: lxappearance-lang

- applied spec-cleaner

==== fcitx-mozc ====
Version update (1.15.1785.102 -> 1.15.1868.102)
Subpackages: mozc mozc-gui-tools

- Upstream update to 1.15.1868.102
  * Fix 'Set input mode to X' commands do not work
    during "Direct Input" mode
- Upstream update to 1.15.1856.102
  * Several internal changes and changes for other platforms
- Upstream update to 1.15.1834.102
  * Use Ninja for building
- Upstream update to 1.15.1814.102
  * Fix wring key mapping for Numpad-End in mozc.el
  * Fix dropping candidats unexpectedly
  * Fix preceding text is not correctly extracted by ibus-mozc
  * Fix undo-commit (MS IME keybind) is not functional in ibus-mozc
- Update fcitx-mozc
- Update gyp to r1957

==== mtr ====
Version update (0.85 -> 0.85_p20140126)

- cleaned up by spec-cleaner
- xmtr moved from bin to sbin and use capabilities. Fixes bnc#878729
- version bump to 0.85_p20140126:
  * snapshot taken from Gentoo
  * this works with gtk properly
- refreshed patches:
  * mtr-0.75-manxmtr.patch
  * mtr-0.82-capabilities.patch

==== kpartx ====
Subpackages: multipath-tools

- Fixup segfault during uev_path_add() (bnc#892214)

==== libncurses5 ====
Subpackages: libncurses5-32bit libncurses6 libncurses6-32bit ncurses-devel ncurses-utils tack terminfo terminfo-base

- Add ncurses patch 20140831
  + modify test/demo_termcap.c and test/demo_terminfo.c to make their
    options more directly comparable, and add "-i" option to specify
    a terminal description filename to parse for names to lookup.

==== libp11-kit0 ====
Version update (0.20.2 -> 0.20.3)
Subpackages: libp11-kit0-32bit p11-kit p11-kit-32bit p11-kit-devel p11-kit-tools

- new version 0.20.3
  * Fix problems reinitializing managed modules after fork
  * Fix bad bookeeping when fail initializing one of the modules
  * Fix case where module would be unloaded while in use [#74919]
  * Remove assertions when module used before initialized [#74919]
  * Fix handling of mmap failure and mapping empty files [#74773]
  * Stable p11_kit_be_quiet() and p11_kit_be_loud() functions
  * Require automake 1.12 or later
  * Build fixes for Windows [#76594 #74149]
- apply patches to avoid errors from certificates with invalid public key
  (fdo#82328, bnc#890908,
  trust-Dont-use-invalid-public-keys-for-looking-up-.patch,
  trust-Print-label-of-certificate-when-complaining-.patch)

==== patchutils ====
Version update (0.3.2 -> 0.3.3)

- Update to 0.3.3:
  * Context output format for "no newline" lines has been fixed.
  * The splitdiff utility now has an option to disable ".patch"
    filename extensions.
  * Some fixes for bugs spotted by Coverity.
  * Interdiff can now use "-" (stdin) for one of the inputs.
- Run "make check" in %check section.

==== libpcre1 ====
Subpackages: libpcre1-32bit libpcre16-0 libpcrecpp0 libpcreposix0 pcre-devel pcre-doc pcre-tools

- Harden build with full RELRO as this libraries end linked
  to at least one setuid root executable.

==== python-matplotlib ====
Version update (1.3.1 -> 1.4.0)
Subpackages: python-matplotlib-tk

- adjust python-tz buildrequires to match runtime requires (python-pytz)
- Add new python-cairocffi dependency.  This is the recommended
  dependency for the cairo backend upstream.
- Split out the cairo backend into its own subpackage.  It is no
  longer tied to gtk, so people can use it on its own without
  pulling in any gtk dependencies.
- Fixed issues with qt.  The qt5 backend is actually a generic
  qt backend, which the qt4 backend depends on.  So it needs to be
  available for the qt4 backend to work at all.  However, we need
  to pull in the python-qt5 package to make it work, and that
  package is only available for openSUSE > 13.1.  So we need to
  split the generic qt stuff, including the qt5 stuff, into a
  package both the qt4 and qt5 backends can depend on, and then
  create a stub qt5 package that just pulls in python-qt5
- Reorganized some other backend packages based on backend changes
- Update to 1.4.0
  * New colormap for red-green color blind users
  * Documentation changes
  - Phil Elson rewrote of the documentation and userguide for both
    Legend and PathEffects.
  * New plotting features
  - Power-law normalization
  - Fully customizable boxplots
  - Support for datetime axes in 2d plots
  - Support for additional spectrum types
  - Support for detrending and windowing 2D arrays in mlab
  - Support for strides in mlab
  - Formatter for new-style formatting strings
  - Consistent grid sizes in streamplots
  - Get a list of all tick labels (major and minor)
  - Separate horizontal/vertical axes padding support in ImageGrid
  - Support for skewed transformations
  - Support for specifying properties of wedge and text in pie
    charts.
  - Fixed the direction of errorbar upper/lower limits
  - More consistent add-object API for Axes
  - Violin Plots
  - More `markevery` options to show only a subset of markers
  - Added size related functions to specialized `Collections`
  - Fixed the mouse coordinates giving the wrong theta value in
    Polar graph
  - Simple quiver plot for mplot3d toolkit
  - polar-plot r-tick locations
  * Date handling
  - n-d array support for date conversion
  * Configuration (rcParams)
  - 'savefig.transparent' added
  - 'axes.titleweight'
  - 'axes.formatter.useoffset' added
  * XDG compliance
  - Matplotlib now looks for configuration files (both rcparams and
    style) in XDG compliant locations.
  * 'style' package added
  - You can now easily switch between different styles using the
    new 'style' package
  * Backends
  - Qt5 backend added
  - Qt4 backend
    + Rudolf Höfler changed the appearance of the subplottool.
    + In the figure options dialog one can now choose to
    (re-)generate a simple automatic legend.
    + Interactive performance of the Qt4 backend has been
    dramatically improved under windows.
    + The mapping of key-signals from Qt to values matplotlib
    understands was greatly improved (For both Qt4 and Qt5).
  - Cairo backends
    +  The Cairo backends are now able to use the cairocffi
    bindings, which are more actively maintained than the pycairo
    bindings.
  - Gtk3Agg backend
    +  The Gtk3Agg backend now works on Python 3.x, if the cairocffi
    bindings are installed.
  - PDF backend
    +  Added context manager for saving to multi-page PDFs.
  * Text
  - Text URLs supported by SVG backend
  - Anchored sizebar font
  * Sphinx extensions
  - The context directive in the plot_directive Sphinx extension
    can now accept an optional reset setting, which will cause the
    context  to be reset.
  * Widgets
  - Span Selector
  * Added an option span_stays to SpanSelector which makes the
    selector rectangle stay on the axes after you release the
    mouse.
  * GAE integration
  - Matplotlib will now run on google app engine.
- Added python-qt5 backend on openSUSE > 13.1
- Spec file cleanups

==== libqhull6-6_3_1_1494 ====
Subpackages: qhull qhull-devel

- Change license to Qhull - it is now recognized by spdx.org

==== shim ====

- updated shim to new version (OpenSSL 0.9.8za) and requested a new
  certificate from Microsoft. Removed
  * shim-allow-fallback-use-system-loadimage.patch
  * shim-bnc872503-check-key-encoding.patch
  * shim-bnc877003-fetch-from-the-same-device.patch
  * shim-correct-user_insecure-usage.patch
  * shim-fallback-avoid-duplicate-bootorder.patch
  * shim-fallback-improve-entries-creation.patch
  * shim-fix-dhcpv4-path-generation.patch
  * shim-fix-uninitialized-variable.patch
  * shim-fix-verify-mok.patch
  * shim-get-variable-check.patch
  * shim-improve-error-messages.patch
  * shim-mokmanager-delete-bs-var-right.patch
  * shim-mokmanager-handle-keystroke-error.patch
  * shim-remove-unused-variables.patch
  since they're included in upstream and rebased the remaining onces.
  Added shim-signed-unsigned-compares.patch to fix some compiler
  warnings
- Keep shim-devel.efi for the devel project
- don't fail the build if the UEFI signing service signature can't
  be attached anymore. This way shim can still pass through staging
  projects. We will verify the correct signature for release builds
  using openQA instead.
- shim-install: fix GRUB shows broken letters at boot by calling
  grub2-install to initialize /boot/grub2 directory with files
  needed by grub.cfg (bnc#889765)
- Add shim-remove-unused-variables.patch to remove the unused
  variables
- Add shim-bnc872503-check-key-encoding.patch to check the encoding
  of the keys (bnc#872503)
- Add shim-bnc877003-fetch-from-the-same-device.patch to fetch the
  netboot image from the same device (bnc#877003)
- Refresh shim-opensuse-cert-prompt.patch
- Use --reinit instead of --refresh in %post to update the files
  in /boot
- shim-install: fix boot partition and rollback support kluge
  (bnc#875385)
- Replace shim-mokmanager-support-sha1.patch with
  shim-mokmanager-support-sha-family.patch to support the SHA
  family
- Add shim-mokmanager-support-sha1.patch to support SHA1 hashes in
  MOK
- snapper rollback support (fate#317062)
  - refresh shim-install
- Insert the right signature (bnc#867974)
- Add shim-fix-uninitialized-variable.patch to fix the use of
  uninitialzed variables in lib
- Add shim-mokmanager-delete-bs-var-right.patch to delete the BS+NV
  variables the right way
- Update shim-opensuse-cert-prompt.patch to delete openSUSE_Verify
  correctly
- Add shim-fallback-avoid-duplicate-bootorder.patch to fix the
  duplicate entries in BootOrder
- Add shim-allow-fallback-use-system-loadimage.patch to handle the
  shim protocol properly to keep only one protocol entity
- Refresh shim-opensuse-cert-prompt.patch
- shim-install: fix the $prefix to use grub2-mkrelpath for paths
  on btrfs subvolume (bnc#866690).
- FATE#315002: Update shim-install to install shim.efi as the EFI
  default bootloader when none exists in \EFI\boot.
- Update signature-sles.asc: shim signed by UEFI signing service,
  based on code from "Thu Feb 20 11:57:01 UTC 2014"
- Add shim-opensuse-cert-prompt.patch to show the prompt to ask
  whether the user trusts the openSUSE certificate or not
- allow package to carry multiple signatures
- check correct certificate is embedded
- always clean up generated files that embed certificates
  (shim_cert.h shim.cer shim.crt) to make sure next build loop
  rebuilds them properly
- Add shim-bnc863205-mokmanager-fix-hash-delete.patch to fix the
  hash deletion operation to avoid ruining the whole list
  (bnc#863205)
- Update shim-mokx-support.patch to support the resetting of MOK
  blacklist
- Add shim-get-variable-check.patch to fix the variable checking
  in get_variable_attr
- Add shim-fallback-improve-entries-creation.patch to improve the
  boot entry pathes and avoid generating the boot entries that
  are already there
- Update SUSE certificate
- Update attach_signature.sh, show_hash.sh, strip_signature.sh,
  extract_signature.sh and show_signatures.sh to remove the
  creation of the temporary nss database
- Add shim-only-os-name.patch: remove the kernel version of the
  build server
- Match the the prefix of the project name properly by escaping the
  percent sign.
- enable signature assertion also in SUSE: hierarchy
- Add shim-mokmanager-handle-keystroke-error.patch to handle the
  error status from ReadKeyStroke to avoid unexpected keys
- Update to 0.7
- Add upstream patches:
  + shim-fix-verify-mok.patch
  + shim-improve-error-messages.patch
  + shim-correct-user_insecure-usage.patch
  + shim-fix-dhcpv4-path-generation.patch
- Add shim-mokx-support.patch to support the MOK blacklist
  (Fate#316531)
- Drop upstreamed patches
  + shim-fix-pointer-casting.patch
  + shim-merge-lf-loader-code.patch
  + shim-fix-simple-file-selector.patch
  + shim-mokmanager-support-crypt-hash-method.patch
  + shim-bnc804631-fix-broken-bootpath.patch
  + shim-bnc798043-no-doulbe-separators.patch
  + shim-bnc807760-change-pxe-2nd-loader-name.patch
  + shim-bnc808106-correct-certcount.patch
  + shim-mokmanager-ui-revamp.patch
  + shim-netboot-fixes.patch
  + shim-mokmanager-disable-gfx-console.patch
- Drop shim-suse-build.patch: it's not necessary anymore
- Drop shim-bnc841426-silence-shim-protocols.patch: shim is not
  verbose by default
- Update microsoft.asc: shim signed by UEFI signing service, based
  on code from "Tue Oct  1 04:29:29 UTC 2013".
- Add shim-netboot-fixes.patch to include upstream netboot fixes
- Add shim-mokmanager-disable-gfx-console.patch to disable the
  graphics console to avoid system hang on some machines
- Add shim-bnc841426-silence-shim-protocols.patch to silence the
  shim protocols (bnc#841426)
- Create boot.csv in ESP for fallback.efi to restore the boot entry
- Update microsoft.asc: shim signed by UEFI signing service, based
  on code from "Fri Sep  6 13:57:36 UTC 2013".
- Improve extract_signature.sh to work on current path.
- set timestamp of PE file to time of the binary the signature was
  made for.
- make sure cert.o get's rebuilt for each target
- Update microsoft.asc: shim signed by UEFI signing service, based
  on code from "Wed Aug 28 15:54:38 UTC 2013"
- always build a shim that embeds the distro's certificate (e.g.
  shim-opensuse.efi). If the package is built in the devel project
  additionally shim-devel.efi is created. That allows us to either
  load grub2/kernel signed by the distro or signed by the devel
  project, depending on use case. Also shim-$distro.efi from the
  devel project can be used to request additional signatures.
- also include old openSUSE 4096 bit certificate to be able to still
  boot kernels signed with that key.
- add show_signatures script
- replace the 4096 bit openSUSE UEFI CA certificate with new a
  standard compliant 2048 bit one.
- fix shell syntax error
- don't include binary in the sources. Instead package the raw
  signature and attach it during build (bnc#813448).
- Update shim-mokmanager-ui-revamp.patch to include fixes for
  MokManager
  + reboot the system after clearing MOK password
  + fetch more info from X509 name
  + check the suffix of the key file
- Update to 0.4
- Rebase patches
  + shim-suse-build.patch
  + shim-mokmanager-support-crypt-hash-method.patch
  + shim-bnc804631-fix-broken-bootpath.patch
  + shim-bnc798043-no-doulbe-separators.patch
  + shim-bnc807760-change-pxe-2nd-loader-name.patch
  + shim-bnc808106-correct-certcount.patch
  + shim-mokmanager-ui-revamp.patch
- Add patches
  + shim-merge-lf-loader-code.patch: merge the Linux Foundation
    loader UI code
  + shim-fix-pointer-casting.patch: fix a casting issue and the
    size of an empty vendor cert
  + shim-fix-simple-file-selector.patch: fix the buffer allocation
    in the simple file selector
- Remove upstreamed patches
  + shim-support-mok-delete.patch
  + shim-reboot-after-changes.patch
  + shim-clear-queued-key.patch
  + shim-local-key-sign-mokmanager.patch
  + shim-get-2nd-stage-loader.patch
  + shim-fix-loadoptions.patch
- Remove unused patch: shim-mokmanager-new-pw-hash.patch and
  shim-keep-unsigned-mokmanager.patch
- Install the vendor certificate to /etc/uefi/certs
- Add shim-mokmanager-ui-revamp.patch to update the MokManager UI
- Call update-bootloader in %post to update *.efi in \efi\opensuse
  (bnc#813079)
- Add shim-bnc807760-change-pxe-2nd-loader-name.patch to change the
  PXE 2nd stage loader name (bnc#807760)
- Add shim-bnc808106-correct-certcount.patch to correct the
  certificate count of the signature list (bnc#808106)
- Add shim-bnc798043-no-doulbe-separators.patch to remove double
  seperators from the bootpath (bnc#798043#c4)
- sign shim also with openSUSE certificate
- identify project, export certificate as DER file
- don't create an unused extra keypair
- Add shim-bnc804631-fix-broken-bootpath.patch to fix the broken
  bootpath generated in generate_path(). (bnc#804631)
- Update with shim signed by UEFI signing service, based on code
  from "Thu Feb  7 06:56:19 UTC 2013".
- prepare for having a signed shim from the UEFI signing service
- Sign shim-opensuse.efi and MokManager.efi with the openSUSE cert
- Add shim-keep-unsigned-mokmanager.patch to keep the unsigned
  MokManager and sign it later.
- Add shim-install utility
- Add Recommends to grub2-efi
- Add shim-mokmanager-support-crypt-hash-method.patch to support
  password hash from /etc/shadow (FATE#314506)
- Embed openSUSE-UEFI-CA-Certificate.crt in shim
- Rename shim-unsigned.efi to shim-opensuse.efi.
- Update shim-mokmanager-new-pw-hash.patch to extend the password
  hash format
- Rename shim.efi as shim-unsigned.efi
- Merge patches for FATE#314506
  + Add shim-support-mok-delete.patch to add support for deleting
    specific keys
  + Add shim-mokmanager-new-pw-hash.patch to support the new
    password hash.
- Drop shim-correct-mok-size.patch which is included in
  shim-support-mok-delete.patch
- Merge shim-remove-debug-code.patch and
  shim-local-sign-mokmanager.patch into
  shim-local-key-sign-mokmanager.patch
- Install COPYRIGHT
- Add shim-fix-loadoptions.patch to adopt the UEFI shell style
  LoadOptions (bnc#798043)
- Drop shim-check-pk-kek.patch since upstream rejected the patch
  due to violation of SPEC.
- Install EFI binaries to /usr/lib64/efi
- Update shim-reboot-after-changes.patch to avoid rebooting the
  system after enrolling keys/hashes from the file system
- Add shim-correct-mok-size.patch to correct the size of MOK
- Add shim-clear-queued-key.patch to clear the queued key and show
  the menu properly
- Remove shim-rpmlintrc, it wasn't fixing the error, hide error
  stdout to prevent post build check to get triggered by cast
  warnings in openSSL code
- Add shim-remove-debug-code.patch: remove debug code
- Add shim-rpmlintrc to filter 64bit portability errors
- Add shim-local-sign-mokmanager.patch to create a local certicate
  to sign MokManager
- Add shim-get-2nd-stage-loader.patch to get the second stage
  loader path from the load options
- Add shim-check-pk-kek.patch to verify EFI images with PK and KEK
- Add shim-reboot-after-changes.patch to reboot the system after
  enrolling or erasing keys
- Install the EFI images to /usr/lib64/shim instead of the EFI
  partition
- Update the mail address of the author
- Add new package shim 0.2 (FATE#314484)
  + It's in fact git 2fd180a92 since there is no tag for 0.2

==== splix ====

- splix-add-debuginfo.patch (from lpechacek@suse.cz) lets build
  make also the missing debuginfo packages (bnc#890843).

==== klogd ====
Subpackages: syslog-service

- Klog service: Move the Alias tag from Unit section to the Install
  section bnc#893741

==== libgudev-1_0-0 ====
Subpackages: libgudev-1_0-devel libudev-devel libudev1 libudev1-32bit systemd systemd-32bit systemd-bash-completion systemd-logger systemd-sysvinit typelib-1_0-GUdev-1_0 udev

- udev: add option to generate old 'buggy' serials (bnc#886852)
  Add 1066-udev-add-compatibility-links-for-truncated-by-id-links.patch
- Add upstream patch
  0001-login-simplify-controller-handling.patch
- Add upstream patches
  0001-completion-filter-templates-from-restartable-units.patch
  0002-systemd-fix-error-message.patch
  0003-Quote-unit-names-in-suggested-systemctl-commandlines.patch
  0004-config-parser-fix-mem-leak.patch
  0005-login-fix-mem-leak.patch
  1065-udev-bump-event-timeout-to-60-seconds.patch
- Add upstream patch 0001-nspawn-fix-network-interface.patch to
  make option network-interface of systemd-nspawn work

==== traceroute ====
Version update (2.0.19 -> 2.0.20)

- version 2.0.20
  * Describe all complementary long options in the man page
  * Use correct service name for AS lookups
  * Avoid some rare case null dereference
  * Improve expiration check for simultaneous probes
- traceroute-secure_getenv.patch use secure_getenv
- traceroute-autotools.patch refresh

==== vsftpd ====

- force using fork() instead of clone() on s390 - fixes bnc#890469
  * vsftpd-3.0.2-s390.patch

==== libwicked-0-6 ====
Version update (0.6.2 -> 0.6.3)
Subpackages: wicked wicked-service

- version 0.6.3
- client/nanny: lease handling/status fixes (partial bnc#891045),
  do not fail when slave/port is missing (bnc#889666,bnc#890275)
- ifstatus: Do not check for config files (bnc#889666,bnc#890275)
- dhcp4: advance secs field for dhcpd min-secs (bnc#889314),
  retransmit DHCP4 renewals enter reboot state with valid lease.
- ifevent: increase netlink socket recv buffer size (bnc#884012)
- ipv6: wait for addresses to become usable (bnc#882259)
- fixed completed sit/gre/ipip tunnel support
- dhcp6: initial defer handling and no-addr cleanup (bnc#891045)
- dhcp: apply suse ifcfg dhcp options (bnc#866994)
- ifup/reload: use default timeout if 0 (bnc#892486)

==== xf86-video-ast ====
Version update (0.99.9 -> 1.0.1)

- Update to Version 1.0.1:
  This update essentially contains:
  * my fixes (which get obsoleted):
    u_01-Fix-compiler-warnings-get-rid-if-xf86PciInfo-h.patch
    u_02-Fix-compiler-warnings-get-rid-of-deprecated-IOADDRESS.patch
    u_03-Fix-compiler-warnings-add-DrawablePtr-argument-to-ASTPutImage.patch
    u_04-Clean-up-namespace-in-ast_vgatools.c.patch
    u_05-Clean-up-namespace-in-ast_2dtool.c.patch
    u_06-Clean-up-namespace-in-ast_cursor.c.patch
    u_07-Clean-up-namespace-in-ast_mode.c.patch
    u_08-Clean-up-namespace-in-ast_accel.c.patch
    u_09-Clean-up-namespace-in-ast_tool.c.patch
    u_10-Include-local-headers-only-when-needed.patch
    u_11-Fix-typo.patch
    u_12-Fix-ABI-version-conflict-in-xf86UnclaimPciSlot.patch
    u_13-Move-firmware-for-DP501-to-a-separate-file.patch
    u_14-Add-_AST_H_-define-to-ast.h.patch
  * Fix for bnc#892723:
    Fixed-1600x900-cannot-display-properly.patch
  * An update for DP501 support

==== xinetd ====

- Update license tag to use SPDX 1.2.

==== yast2 ====
Version update (3.1.102 -> 3.1.103)
Subpackages: yast2-devel-doc

- fix using changed root in netd agent so it can be used in
  installation (bnc#893965)
- 3.1.103

==== yast2-add-on ====
Version update (3.1.8 -> 3.1.9)

- make add-ons dialog consistent when going back (bnc#893103)
- 3.1.9

==== yast2-inetd ====
Version update (3.1.6 -> 3.1.7)

- allow tested code to know it is being tested (bnc#893965)
- 3.1.7

==== yast2-ntp-client ====
Version update (3.1.10 -> 3.1.12)

- Using Report.Error to be autoyast-proof
- Fixed variable replacement int gettext string;
- Added linebreaks in too long popup content (bnc#894573)
- 3.1.12
- Aligned "Synchronize now" button and "NTP Server Address" box (bnc#893065)
- Fixed checking of return value of "sntp -s" (bnc#893094)
- 3.1.11

==== yast2-packager ====
Version update (3.1.42 -> 3.1.44)

- Use DM device for encrypted partitions during test mount
  (bnc#889334)
- 3.1.44
- Use options from partitioner during test mount (bnc#873180)
- 3.1.43
Removed packages:
  libicu53_1-data
  yast2-theme-openSUSE


Added packages:
  ghc-array
   > ghc-base
   > ghc-binary
   > ghc-bytestring
   > ghc-containers
   > ghc-deepseq
   > ghc-directory
   > ghc-filepath
   > ghc-old-locale
   > ghc-old-time
   > ghc-pretty
   > ghc-process
   > ghc-template-haskell
   > ghc-time
   > ghc-unix
  ghc-HTTP
  ghc-aeson
  ghc-attoparsec
  ghc-base-unicode-symbols
  ghc-base64-bytestring
  ghc-blaze-builder
  ghc-blaze-html
  ghc-blaze-markup
  ghc-conduit
  ghc-data-default
  ghc-digest
  ghc-dlist
  ghc-extensible-exceptions
  ghc-hashable
  ghc-hslua
  ghc-lifted-base
  ghc-mmorph
  ghc-monad-control
  ghc-mtl
  ghc-nats
  ghc-network
  ghc-pandoc-types
  ghc-parsec
  ghc-pcre-light
  ghc-primitive
  ghc-random
  ghc-resourcet
  ghc-semigroups
  ghc-syb
  ghc-tagsoup
  ghc-temporary
  ghc-text
  ghc-transformers
  ghc-transformers-base
  ghc-unordered-containers
  ghc-vector
  ghc-void
  ghc-xml
  ghc-yaml
  ghc-zip-archive
  ghc-zlib
  gstreamer-plugins-qt
  ghc-highlighting-kate
  libicu53_1-ledata
  kdevelop4
   > kdevelop4-devel
   > kdevelop4-lang
  kdevelop4-plugins-php
  ghc-pandoc
   > pandoc
  ghc-texmath
  yast2-branding-openSUSE