Packages changed:
  Mesa
  Mesa-drivers
  bash
  ca-certificates-mozilla (2.50 -> 2.52)
  cogl
  e2fsprogs
  elfutils
  filesystem
  gawk
  gtk4
  ldb (2.3.0 -> 2.4.0)
  libsolv (0.7.19 -> 0.7.20)
  libsoup2
  lz4
  mozilla-nss (3.69.1 -> 3.70)
  samba (4.14.6+git.182.2205d5224e3 -> 4.15.0+git.185.378416e547c)
  tar
  timezone (2021a -> 2021c)
  transactional-update (3.5.5 -> 3.5.6)
  u-boot-rpiarm64 (2021.07 -> 2021.10)

=== Details ===

==== Mesa ====
Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1

- Fix build with LLVM 13:
  * U_gallivm-add-new-wrapper-around-Module.patch
  * U_gallivm-fix-FTBFS-on-i386-with-LLVM-13.patch

==== Mesa-drivers ====
Subpackages: Mesa-dri Mesa-gallium

- Fix build with LLVM 13:
  * U_gallivm-add-new-wrapper-around-Module.patch
  * U_gallivm-fix-FTBFS-on-i386-with-LLVM-13.patch

==== bash ====

- Install bash_builtins manpage under the correct name

==== ca-certificates-mozilla ====
Version update (2.50 -> 2.52)

- updated to 2.50 state of the Mozilla NSS Certificate store (bsc#1188006)
- Added CAs:
  + HARICA Client ECC Root CA 2021
  + HARICA Client RSA Root CA 2021
  + HARICA TLS ECC Root CA 2021
  + HARICA TLS RSA Root CA 2021
  + TunTrust Root CA
- remove the DST_Root_CA_X3.pem trust, as it expires september 30th 2021.
  (bsc#1190858)

==== cogl ====
Subpackages: libcogl-pango20 libcogl20

- Add 2bd3cbed45d633fb15625d58e6b7cb8721b0ba98.patch: cogl-gles2:
  Fix undefined references. Following this, add libtool
  BuildRequires and pass autoreconf call before configure as the
  patch touches the buildsystem.
- Add patches from fedora that should have gone upstream:
  + 0001-egl-Use-eglGetPlatformDisplay-not-eglGetDisplay.patch:
    egl: Use eglGetPlatformDisplay not eglGetDisplay.
  + 0002-add-GL_ARB_shader_texture_lod-support.patch: Add
    GL_ARB_shader_texture_lod support.
  + 0003-texture-support-copy_sub_image.patch: texture: Support
    copy_sub_image.

==== e2fsprogs ====
Subpackages: libcom_err2 libext2fs2

- quota-Add-support-to-version-0-quota-format.patch: quota: Add support to
    version 0 quota format (jsc#SLE-17360)
  quota-Fold-quota_read_all_dquots-into-quota_update_l.patch: quota: Fold
    quota_read_all_dquots() into quota_update_limits() (jsc#SLE-17360)
  quota-Rename-quota_update_limits-to-quota_read_all_d.patch: quota: Rename
    quota_update_limits() to quota_read_all_dquots() (jsc#SLE-17360)
  tune2fs-Fix-conversion-of-quota-files.patch: tune2fs: Fix conversion of quota
    files (jsc#SLE-17360)
  e2fsck-Do-not-trash-user-limits-when-processing-orph.patch: e2fsck: Do not
    trash user limits when processing orphan list (jsc#SLE-17360)
  debugfs-Fix-headers-for-quota-commands.patch: debugfs: Fix headers for quota
    commands (jsc#SLE-17360)
  quota-Drop-dead-code.patch: quota: Drop dead code (jsc#SLE-17360)
- add these not yet released fixes to e2fsprogs package so that SLE15-SP4 ships
  with them

==== elfutils ====
Subpackages: libasm1 libdw1 libelf1

- Enhance license fields: all the libraries actually have a different
  license to the tools. While the tools are GPL-3.0-or-later, the
  libraries are (LGPL-3.0-or-later OR GPL-2.0-or-later)
  SLE bug (for tracking the above) bsc#1191310

==== filesystem ====

- don't perform UsrMerge if ZYPP_SINGLE_RPMTRANS is set. Rely on
  file trigger compat mode in that case and do it posttrans
  (boo#1189788).
- generic %ghost handling instead of hardcoding

==== gawk ====

- remove update-alternatives support, as on linux systems GNU software
    (i.e. gawk in this case) is usually considered the default implementation.
- use %make macros

==== gtk4 ====
Subpackages: gtk4-schema libgtk-4-1 typelib-1_0-Gtk-4_0

- Fix a syntax error in the gtk4_immodule_postun RPM macro

==== ldb ====
Version update (2.3.0 -> 2.4.0)

- Update to version 2.4.0
  + Improve calculate_popt_array_length()
  + Use C99 initializers for builtin_popt_options[]
  + pyldb: Fix Message.items() for a message containing elements
  + pyldb: Add test for Message.items()
  + tests: Use ldbsearch '--scope instead of '-s'
  + pyldb: fix a typo
  + Change page size of guidindexpackv1.ldb
  + Use a 1MiB lmdb so the test also passes on aarch64 CentOS stream
  + attrib_handler casefold: simplify space dropping
  + fix ldb_comparison_fold off-by-one overrun
  + CVE-2020-27840: pytests: move Dn.validate test to ldb
  + CVE-2020-27840 ldb_dn: avoid head corruption in ldb_dn_explode
  + CVE-2021-20277 ldb/attrib_handlers casefold: stay in bounds
  + CVE-2021-20277 ldb tests: ldb_match tests with extra spaces
  + improve comments for ldb_module_connect_backend()
  + test/ldb_tdb: correct introductory comments
  + ldb.h: remove undefined async_ctx function signatures
  + correct comments in attrib_handers val_to_int64
  + dn tests use cmocka print functions
  + ldb_match: remove redundant check
  + add tests for ldb_wildcard_compare
  + ldb_match: trailing chunk must match end of string
  + pyldb: catch potential overflow error in py_timestring
  + ldb: remove some 'if PY3's in tests
  + Add missing break in switch statement

==== libsolv ====
Version update (0.7.19 -> 0.7.20)

- fix misparsing of '&' in attributes with libxml2
- choice rules: treat orphaned packages as newest [bsc#1190465]
- fix compatibility with Python 3.10
- new SOLVER_EXCLUDEFROMWEAK job type
- support for environments in comps parser
- bump version to 0.7.20
- Disable python2 usage on suse_version >= 1550 by default (still
  possible to use osc build --with=python).

==== libsoup2 ====
Subpackages: libsoup-2_4-1 typelib-1_0-Soup-2_4

- Add libsoup2-extend-test-cert.patch to fix tests after 2027 (boo#1102840)

==== lz4 ====

- version 1.9.3 fixes also CVE-2021-3520 [bsc#1185438]

==== mozilla-nss ====
Version update (3.69.1 -> 3.70)
Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs

- update to NSS 3.70
  * bmo#1726022 - Update test case to verify fix.
  * bmo#1714579 - Explicitly disable downgrade check in TlsConnectStreamTls13.EchOuterWith12Max
  * bmo#1714579 - Explicitly disable downgrade check in TlsConnectTest.DisableFalseStartOnFallback
  * bmo#1681975 - Avoid using a lookup table in nssb64d.
  * bmo#1724629 - Use HW accelerated SHA2 on AArch64 Big Endian.
  * bmo#1714579 - Change default value of enableHelloDowngradeCheck to true.
  * bmo#1726022 - Cache additional PBE entries.
  * bmo#1709750 - Read HPKE vectors from official JSON.
- required for Firefox 93

==== samba ====
Version update (4.14.6+git.182.2205d5224e3 -> 4.15.0+git.185.378416e547c)
Subpackages: libdcerpc-binding0 libdcerpc0 libndr-krb5pac0 libndr-nbt0 libndr-standard0 libnetapi0 libsamba-credentials1 libsamba-errors0 libsamba-hostconfig0 libsamba-passdb0 libsamba-util0 libsamdb0 libsmbclient0 libsmbconf0 libsmbldap2 libtevent-util0 libwbclient0 samba-client samba-libs

-  Adjust spec to use pam macros; (bsc#1191046).
- Adjust spec for size
  * allow some Recommends instead Requires to be configured
    for cifs-utils, samba-libs-python3 & samba-gpupdate;
    (bsc#1182847).
  * remove fam, undocumented and unneeded.
- Add missing build dependency on bison when building with the
  embedded Heimdal Kerberos
- Update to 4.15.0
  * Removed SMB development dialects SMB2_22, SMB2_24 and SMB3_10
  * VFS layer modernized.
  * Add the ability to set allow/deny lists for zone transfer clients
    in Bind DLZ plugin
  * Server multi-channel support no longer experimental
  * Improved command line user experience, unifying the options in
    different commands
  * Winbindd no longer scans trusted domains on startup and will use
    enterprise principals by default.
  * The net utility is now able to support the offline domain join feature
  * New options for 'samba-tool dns zoneoptions' for aging control
    and to mark old records as static or dynamic
  * DNS tombstones are now deleted as appropriate and use a consistent
    timestamp format
  * The 'samba-tool dns update' command validates and rejects now malformed
    IPv4 and IPv6 addresses
  * The 'samba-tool domain backup' command correctly takes out locks
    against concurrent modification during backup when using the LMDB
    backend
  * TruACL support has been removed
  * NIS support has been removed
- Update to 4.14.7
  * smbd panic on force-close share during offload write; (bso#14769);
  * smbd should support copy_file_range() for FSCTL_SRV_COPYCHUNK;
    (bso#12033);
  * Fix returned attributes on fake quota file handle and avoid hitting
    the VFS; (bso#14731);
  * vfs_shadow_copy2 fix inodes not correctly updating inode numbers;
    (bso#14756);
  * Fix build on Solaris; (bso#14774);
  * Make dos attributes available for unreadable files; (bso#14654);
  * Work around special SMB2 READ response behavior of NetApp Ontap
    7.3.7; (bso#14607);
  * Start the SMB encryption as soon as possible; (bso#14793);

==== tar ====

- The following issues have already been fixed in this package but
  weren't previously mentioned in the changes file:
  * bsc#1181131
  * bsc#1120610

==== timezone ====
Version update (2021a -> 2021c)

- timezone update 2021c:
  * Revert almost all of 2021b's changes to the 'backward' file
  * Fix a bug in 'zic -b fat' that caused old timestamps to be
    mishandled in 32-bit-only readers
- timezone update 2021b:
  * Jordan now starts DST on February's last Thursday.
  * Samoa no longer observes DST.
  * Move some backward-compatibility links to 'backward'.
  * Rename Pacific/Enderbury to Pacific/Kanton.
  * Correct many pre-1993 transitions in Malawi, Portugal, etc.
  * zic now creates each output file or link atomically.
  * zic -L no longer omits the POSIX TZ string in its output.
  * zic fixes for truncation and leap second table expiration.
  * zic now follows POSIX for TZ strings using all-year DST.
  * Fix some localtime crashes and bugs in obscure cases.
  * zdump -v now outputs more-useful boundary cases.
  * tzfile.5 better matches a draft successor to RFC 8536.

==== transactional-update ====
Version update (3.5.5 -> 3.5.6)
Subpackages: dracut-transactional-update libtukit0 transactional-update-zypp-config tukit

- Version 3.5.6
  - tukit: Add S/390 bootloader support [bsc#1189807]
  - t-u: support purge-kernels with t-u patch [bsc#1190788]

==== u-boot-rpiarm64 ====
Version update (2021.07 -> 2021.10)
Subpackages: u-boot-rpiarm64-doc

- Update to 2021.10
Fix Grub loading slowdown when connecting USB keyboard (bsc#1171222).
  Enable BTRFS for Risc-V.
  Patch queue updated from https://github.com/openSUSE/u-boot.git tumbleweed-2021.10
  * Patches added:
  0013-riscv-enable-CMD_BTRFS.patch
  0014-Disable-timer-check-in-file-loading.patch
- Update to 2021.10-rc5
- Patch queue updated from https://github.com/openSUSE/u-boot.git tumbleweed-2021.10
  * Patches dropped (upstreamed):
  0013-configs-rpi-Enable-SMBIOS-sysinfo-d.patch
- Add hack to allow enabling CONFIG_CMD_BTRFS on riscv64
- Add sifiveunmatched flavor
- Update to 2021.10-rc4
- Patch queue updated from https://github.com/openSUSE/u-boot.git tumbleweed-2021.10
  * Patches dropped:
  0014-btrfs-Use-default-subvolume-as-file.patch