Packages changed:
  MozillaThunderbird (68.5.0 -> 68.6.0)
  chromium (80.0.3987.132 -> 80.0.3987.149)
  libkcddb
  libqt5-qtbase
  libvirt
  python-python-stdnum (1.11 -> 1.13)
  python-pyxdg (0.25 -> 0.26)
  qqc2-desktop-style (5.67.0 -> 5.68.0)
  ruby2.5 (2.5.5 -> 2.5.7)
  samba (4.11.5+git.123.a7233352c28 -> 4.11.5+git.137.297c522339b)
  xfce4-screensaver (0.1.8 -> 0.1.9)
  zimg

=== Details ===

==== MozillaThunderbird ====
Version update (68.5.0 -> 68.6.0)
Subpackages: MozillaThunderbird-translations-common MozillaThunderbird-translations-other

- Mozilla Thunderbird 68.6
  * new: Thunderbird now displays a popup window when starting up
    on a new profile (bmo#1590036)
  * changed: Thunderbird now provides partial updates resulting
    in smaller downloads (bmo#1410512)
  * fixed: Searching in message bodies led to false negatives
    under some circumstances in quoted-printable encoded HTML
    bodies (bmo#1614796)
  * fixed: "Get New Messages for All Accounts" not working for
    OAuth2-authenticated IMAP accounts (bmo#1593611)
  * fixed: Various security fixes
  MFSA 2020-10 (bsc#1166238)
  * CVE-2020-6805 (bmo#1610880)
    Use-after-free when removing data about origins
  * CVE-2020-6806 (bmo#1612308)
    BodyStream::OnInputStreamReady was missing protections
    against state confusion
  * CVE-2020-6807 (bmo#1614971)
    Use-after-free in cubeb during stream destruction
  * CVE-2020-6811 (bmo#1607742)
    Devtools' 'Copy as cURL' feature did not fully escape
    website-controlled data, potentially leading to command
    injection
  * CVE-2019-20503 (bmo#1613765)
    Out of bounds reads in sctp_load_addresses_from_init
  * CVE-2020-6812 (bmo#1616661)
    The names of AirPods with personally identifiable information
    were exposed to websites with camera or microphone permission
  * CVE-2020-6814 (bmo#1592078, bmo#1604847, bmo#1608256,
    bmo#1612636, bmo#1614339)
    Memory safety bugs fixed in Thunderbird 68.6

==== chromium ====
Version update (80.0.3987.132 -> 80.0.3987.149)

- Update to 80.0.3987.149 (bsc#1167090):
  * High CVE-2020-6422: Use after free in WebGL.
  * High CVE-2020-6424: Use after free in media.
  * High CVE-2020-6425: Insufficient policy enforcement in extensions.
  * High CVE-2020-6426: Inappropriate implementation in V8.
  * High CVE-2020-6427: Use after free in audio.
  * High CVE-2020-6428: Use after free in audio.
  * High CVE-2020-6429: Use after free in audio.
  * High CVE-2019-20503: Out of bounds read in usersctplib.
  * High CVE-2020-6449: Use after free in audio.
  * Various fixes from internal audits, fuzzing and other initiatives
- Do not pull in python deps except interpreter, the bundles
  are patched anwyays

==== libkcddb ====
Subpackages: libKF5Cddb5 libkcddb-lang

- Add Switch-from-freedb.org-to-gnudb.org.patch to use gnudb.org by
  default, freedb.org will be shutdown at the end of March
  (kde#418421)

==== libqt5-qtbase ====
Subpackages: libQt5Concurrent5 libQt5Core5 libQt5DBus5 libQt5Gui5 libQt5Network5 libQt5OpenGL5 libQt5PrintSupport5 libQt5Sql5 libQt5Sql5-mysql libQt5Sql5-sqlite libQt5Test5 libQt5Widgets5 libQt5Xml5 libqt5-qtbase-platformtheme-gtk3

- Fix builds of packages using qt5_make_output_file, e.g. FreeCAD.
  * Fix-qt5_make_output_file-macro-for-paths-containing-dots.patch

==== libvirt ====
Subpackages: libvirt-bash-completion libvirt-client libvirt-daemon libvirt-daemon-config-network libvirt-daemon-driver-interface libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-gluster libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-qemu libvirt-libs

- qemu: Create multipath targets for PRs
  a30078cb-qemu-create-mp-target.patch,
  aeb909bf-qemu-multipath-fix.patch
  bsc#1161883

==== python-python-stdnum ====
Version update (1.11 -> 1.13)

- Drop not really needed nose dependency
- version update to 1.13
  * Add modules for the following number formats:
  - ESR, ISR, QR-reference (reference number on Swiss payment slips)
    (thanks Kurt Keller)
  - ID number (South African Identity Document number)
  * Add format function for ISO 11649 numbers (thanks Kurt Keller)
  * Add support for Python 3.8 (thanks Sergi Almacellas Abellana)
  * Clarify that the Italian Codice Fiscale can also be the IVA for companies
    (thanks Nicholas Fiorentini)
  * Support the new Dutch btw-identificatienummer (thanks Cas Vissers,
    Jeroen van Heiningen, Jerome Hanke, Nicolas Martinelli, Ronald Portier and
    Tim Muller)
  * Extend test for Argentinian CUIT to check first two digits
  * Add more country codes to ISIN (thanks nocluebutalotofit, Anwar Baroudi and
    alexbond73)
  * Add modules for the following number formats:
  - NRT (Número de Registre Tributari, Andorra tax number)
    (thanks Leandro Regueiro)
  - CPF (Cédula de Persona Física, Costa Rica physical person ID number)
    (thanks Leandro Regueiro)
  - CPJ (Cédula de Persona Jurídica, Costa Rica tax number)
    (thanks Leandro Regueiro)
  - CR (Cédula de Residencia, Costa Rica foreigners ID number)
    (thanks Leandro Regueiro)
  - NIT (Número de Identificación Tributaria, Guatemala tax number)
    (thanks Leandro Regueiro)
  - Identity Number (Mispar Zehut, ???? ????, Israeli identity number)
  - CN (????, h?jin bang?, Japanese Corporate Number)
    (thanks Alan Hettinger)
  - RRN (South Korean resident registration number)
    (thanks Dimitri Papadopoulos)
  - IRD number (New Zealand Inland Revenue Department (Te Tari T?ke) number)
    (thanks Leandro Regueiro)
  - CUI (Cédula Única de Identidad, Peruvian identity number)
  - RUC (Registro Único de Contribuyentes, Peruvian company tax number)
  - RUC number (Registro Único de Contribuyentes, Paraguay tax number)
    (thanks Leandro Regueiro)
  - VKN (Vergi Kimlik Numaras?, Turkish tax identification number)
    (thanks Leandro Regueiro)
  - RUT (Registro Único Tributario, Uruguay tax number)
    (Leandro Regueiro)
  - RIF (Registro de Identificación Fiscal, Venezuelan VAT number)
    (thanks Kevin Kaiser)
  - TIN (South African Tax Identification Number) (thanks Leandro Regueiro)
  * Support GTIN (EAN-14) validation as part of EAN
    (thanks Sergi Almacellas Abellana)
  * Support Dominican Republic e-CF within NCF (thanks Jeffry Jesus De La Rosa)
  * Fix Dominican Republic DGII lookups of NCF (thanks Jeffry Jesus De La Rosa)
  * Fix German Handelsregisternummer to not confuse Hamburg with Homburg and to
    accept shorter numbers (thanks Kevin Kaiser)
  * Support lookups of German Handelsregisternummer in OffeneRegister.de web
    service
  * Handle - and + sign correctly in Swedish Personnummer
    (thanks Amin Solhizadeh)
  * Provide various personalid and vat aliases for existing numbers
    (thanks Andreas Häber)
  * Improve descriptions of Spanish codes (thanks Gerard Dalmau)
  * Fix handling and normalisation of various Unicode digit representations
    (thanks Helge Munk Jacobsen)

==== python-pyxdg ====
Version update (0.25 -> 0.26)

- Add setuptools dependency
- Use pytest to run tests rather than nose that will break with
  python 3.10
- Fix Menu.py using attributes that no longer exist
  Patch from https://gitlab.freedesktop.org/xdg/pyxdg/-/merge_requests/2
  * new-api.patch
- Fix test data to use sys.executable
- add resource_leak.patch - Fix several ResourceWarnings: unclosed file
- Remove superfluous devel dependency for noarch package
- Update to 0.26.0:
  * IconTheme: Add support for Scale and ScaledDirectories keys.
  * DesktopEntry: New method findTryExec()
  * Menu: More efficient processing of filter rules by building a Python AST
  * Mime: Prefer the first mimetype found for a file extension, instead of the last
  * Mime: Allow unknown magic-matching rule formats
  * Mime: GlobDB has new methods first_match and all_matches for matching paths
  * Mime: New function get_extensions to get extensions for a given mime type
  * Mime: Fix MagicDB.match_data crashing with an unknown 'possible' mimetype
  * Mime: Correctly handle __NOMAGIC__ rule removing previous magic matches
  * Menu: XML parsing reworked
  * BaseDirectory: More secure creation of a fallback runtime directory with get_runtime_dir(strict=False)
  * Various miscellaneous improvements to testing.
- Fix provides/obsoletes to actually provide python2-xdg too

==== qqc2-desktop-style ====
Version update (5.67.0 -> 5.68.0)

- Update to 5.68.0
  * New feature release
  * For more details please see:
  * https://www.kde.org/announcements/kde-frameworks-5.68.0.php
- Changes since 5.67.0:
  * ScrollView: Use scrollbar height as bottom padding, not width
- Drop 0001-ScrollView-Use-scrollbar-height-as-bottom-padding-no.patch

==== ruby2.5 ====
Version update (2.5.5 -> 2.5.7)
Subpackages: libruby2_5-2_5 ruby2.5-stdlib

- Fix CVE-2020-8130 (boo# 1164804) for the intree copy of rake:
  - add CVE-2020-8130.patch and rake-12.3.0.gem
- remove test files which are not needed at runtime (boo#1162396)
  - adds remove-unneeded-files.patch and did_you_mean-1.2.0.gem
- update to 2.5.7
  - https://www.ruby-lang.org/en/news/2019/10/01/ruby-2-5-7-released/
  - CVE-2019-16255: A code injection vulnerability of Shell#[]
    and Shell#test (boo#1152990)
  - CVE-2019-16254: HTTP response splitting in WEBrick
    (Additional fix) (boo#1152992)
  - CVE-2019-15845: A NUL injection vulnerability of File.fnmatch
    and File.fnmatch? (boo#1152994)
  - CVE-2019-16201: Regular Expression Denial of Service
    vulnerability of WEBrick?s Digest access authentication
    (boo#1152995)
  - https://www.ruby-lang.org/en/news/2019/08/28/ruby-2-5-6-released/
  - Multiple jQuery vulnerabilities in RDoc (CVE-2012-6708
    CVE-2015-9251)
- fix running tests (boo#1140844)
  just passing the DISABLED_TESTS variable is wrong. probably a
  relict from calling the test scripts directly. use TESTOPTS now.

==== samba ====
Version update (4.11.5+git.123.a7233352c28 -> 4.11.5+git.137.297c522339b)
Subpackages: libdcerpc-binding0 libdcerpc-binding0-32bit libdcerpc0 libdcerpc0-32bit libndr-krb5pac0 libndr-krb5pac0-32bit libndr-nbt0 libndr-nbt0-32bit libndr-standard0 libndr-standard0-32bit libndr0 libndr0-32bit libnetapi0 libnetapi0-32bit libsamba-credentials0 libsamba-credentials0-32bit libsamba-errors0 libsamba-errors0-32bit libsamba-hostconfig0 libsamba-hostconfig0-32bit libsamba-passdb0 libsamba-passdb0-32bit libsamba-policy0-python3 libsamba-util0 libsamba-util0-32bit libsamdb0 libsamdb0-32bit libsmbclient0 libsmbconf0 libsmbconf0-32bit libsmbldap2 libsmbldap2-32bit libtevent-util0 libtevent-util0-32bit libwbclient0 libwbclient0-32bit samba-client samba-client-32bit samba-libs samba-libs-32bit samba-libs-python3 samba-python3 samba-winbind samba-winbind-32bit

- Starting ctdb node that was powered off hard before results
  in recovery loop; (bso#14295); (bsc#1162680).
- CTDB doesn't retry outgoing connections on bind (and some other)
  failures; (bso#14274); (bsc#1162680).

==== xfce4-screensaver ====
Version update (0.1.8 -> 0.1.9)

- Update to version 1.9.0
  * Replace deprecated GTimeVal usage
  * Rebuild windows on monitor reconfiguration
  * Draw overlays during window reconstruction to protect screen
  * Do not activate DPMS when screensaver is inactive (bxo#16327)
  * Better handling of multi-monitor and lid-close events (bxo#16102)
  * Update LINGUAS (bxo#15949)
  * Fix decimal properties when running through atof
  * Return 1 on lock command failure (bxo#15945)
  * Rename 'Pictures folder' to 'Slideshow' (bxo#15589)
  * Raise NameError and TypeError (bxo#15830)
  * Fix float parsing error (bxo#16295)
  * Fix inhibitor proxying (bxo#16356)
  * Fix inhibitor listing in xfce4-screensaver-command (bxo#16355)
  * Add systemd sleep inhibitor (bxo#15929)
  * Fix dbus inhibition (bxo#16365)
  * dbus: Prevent overzealous activation (bxo#16365)
  * Translation Updates

==== zimg ====

- Add colorspace-fix-assertion-part2.patch in order to address
  gh#sekrit-twc/zimg#123.
- Add colorspace-fix-assertion.patch in order to fix
  build with GCC10. See gh#sekrit-twc/zimg#122.