Packages changed:
  Mesa (20.1.6 -> 20.1.7)
  Mesa-drivers (20.1.6 -> 20.1.7)
  brotli (1.0.7 -> 1.0.9)
  gpg2 (2.2.21 -> 2.2.23)
  patterns-microos
  pipewire (0.3.9 -> 0.3.10)
  podman (2.0.5 -> 2.0.6)
  read-only-root-fs
  vulkan-loader (1.2.148 -> 1.2.151)
  xen

=== Details ===

==== Mesa ====
Version update (20.1.6 -> 20.1.7)
Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1

- update to 20.1.7
  * seventh bugfix release for the 20.1 branch
- switched to llvm9 usage for Leap/SLE15 since llvm10 is not (yet)
  in Leap/SLE15
- version 20.1.6 needed for jira#SLE/SLE-12880, jira#SLE/SLE-12882
- use again /etc/OpenCL/vendors for openSUSE Leap, i.e. use
  /usr/etc/OpenCL/vendors only for Tumbleweed

==== Mesa-drivers ====
Version update (20.1.6 -> 20.1.7)
Subpackages: Mesa-dri Mesa-gallium

- update to 20.1.7
  * seventh bugfix release for the 20.1 branch
- switched to llvm9 usage for Leap/SLE15 since llvm10 is not (yet)
  in Leap/SLE15
- version 20.1.6 needed for jira#SLE/SLE-12880, jira#SLE/SLE-12882
- use again /etc/OpenCL/vendors for openSUSE Leap, i.e. use
  /usr/etc/OpenCL/vendors only for Tumbleweed

==== brotli ====
Version update (1.0.7 -> 1.0.9)
Subpackages: libbrotlicommon1 libbrotlidec1

- Add 0001-Revert-Add-runtime-linker-path-to-pkg-config-files-7.patch
- Update to 1.0.9
  * Fix integer overflow when input chunk is longer than
    2GiB [boo#1175825]
  * `brotli -v` now reports raw / compressed size
  * decoder: minor speed / memory usage improvements
  * encoder: fix rare access to uninitialized data in ring-buffer
- Drop brotli_Ensure-decompression-consumes-all-input.patch,
  brotli_Verbose-CLI+Shared-Brotli.patch (merged)

==== gpg2 ====
Version update (2.2.21 -> 2.2.23)

- GnuPG 2.2.23:
  * gpg: fix AHEAD preference list overflow boo#1176034 /  CVE-2020-25125
  * gpg: fix possible segv in the key cleaning code
  * gpgsm: fix a minor RFC2253 parser gub
  * scdaemon: Fix a PIN verify failure on certain OpenPGP card
    implementations
- GnuPG 2.2.22:
  * gpg: Change the default key algorithm to rsa3072
  * gpg: Add regular expression support for Trust Signatures on
    all platforms
  * gpg: Ignore --personal-digest-prefs for ECDSA keys
  * gpgsm: Make rsaPSS a de-vs compliant scheme
  * gpgsm: Show also the SHA256 fingerprint in key listings
  * gpgsm: Do not require a default keyring for --gpgconf-list
  * gpg-agent: Default to extended key format and record the
    creation time of keys
    Add new option --disable-extended-key-format
  * gpg-agent: Support the WAYLAND_DISPLAY envvar
  * gpg-agent: Allow using --gpgconf-list even if HOME does not
    exist
  * gpg-agent: Make the Pinentry work even if the envvar TERM is
    set to the empty string
  * scdaemon: Add a workaround for Gnuk tokens <= 2.15 which
    wrongly incremented the error counter when using the
    "verify" command of "gpg --edit-key" with only the signature
    key being present
  * dirmngr: Better handle systems with disabled IPv6
  * gpgpslit: Install tool.  It was not installed in the past to
    avoid conflicts with the version installed by GnuPG 1.4
  * gpgtar: Make --files-from and --null work as documented
- drop gnupg-gpgme-t-encrypt-sym.patch, upstream

==== patterns-microos ====
Subpackages: patterns-microos-alt_onlyDVD patterns-microos-apparmor patterns-microos-base patterns-microos-basesystem patterns-microos-cloud patterns-microos-defaults patterns-microos-desktop-gnome patterns-microos-desktop-kde patterns-microos-hardware patterns-microos-ima_evm patterns-microos-onlyDVD patterns-microos-selinux patterns-microos-sssd_ldap

- Remove vim as we use now vim-small
- Add lvm2 and nvme-cli to the medium as YaST may need them
  [bsc#1175841]

==== pipewire ====
Version update (0.3.9 -> 0.3.10)
Subpackages: libpipewire-0_3-0 pipewire-modules pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools

- Update to version 0.3.10:
  * Many improvements to the pulse layer.
    + GStreamer pulsesink element now works.
    + Fixes some segfaults.
    + Enable rtkit for client threads.
    + fixes capture of monitor stream by name
    + implement some more extensions, this makes paman
    work and removes some warnings.
  * Many improvements to the GStreamer elements
    + negotiation rework, avoid calling GStreamer methods from
    the PipeWire callbacks because they might block and cause
    deadlocks.
    + Add support for non-string property values.
    + improve stability after buffer and format
    renegotiation.
    + Rework the device provider.
    + pipewiresink can now provide a stream that can
    be consumed by apps like cheese.
  * Many improvements to the JACK layer:
    + Rework the buffer_size callbacks. Make sure we call
    the callback from a 'safe' thread and that we don't
    call the process callback while the application is
    handling the callback. This improves stability in
    apps like Carla when PipeWire dynamically changes
    the buffer size.
    + Improve compatibility with apps that call
    get_buffer_frames() with a 0 size (calfjackrack)
    + JACK can now create nodes that can be set as a
    sink/source in PulseAudio/ALSA apps (you can make an
    effects rack and set that as default sink for
    apps).
  * Added a group id property for nodes. This makes it
    possible to schedule nodes with the same driver even
    when they are otherwise not linked together. To make
    this work well a new flag needed to be added to nodes
    to signal when they are ready for processing.
    Together with the GStreamer fixes, this makes things
    like:
    gst-launch-1.0 -v pipewiresrc path=51 stream-properties="props,node.group=1" !
    audio/x-raw ! pipewiresink stream-properties="props,node.group=1"
    work as expected with PipeWire managing the resampling
    to keep the clocks of the devices in sync.
    This can later also be used to force devices to be grouped
    together to create a JACK-like scheduling group.
  * Streams and filter now use PIPEWIRE_NODE and
    PIPEWIRE_LATENCY env variables as fallback.
  * ACP add per device port list. This makes UCM devices
    expose the right ports.
  * Fix some segfaults in ACP and UCM.
  * make pw-cat use the metadata to find default devices.
  * The media session can now save and load audio device
    Profiles and Routes (volumes), stream volumes and
    the default sink and sources.

==== podman ====
Version update (2.0.5 -> 2.0.6)
Subpackages: podman-cni-config

- Update to v2.0.6
  * Fixed a bug where running systemd in a container on a cgroups v1 system would fail.
  * Fixed a bug where /etc/passwd could be re-created every time a container
    is restarted if the container's /etc/passwd did not contain an entry
    for the user the container was started as.
  * Fixed a bug where containers without an /etc/passwd file specifying
    a non-root user would not start.
  * Fixed a bug where the --remote flag would sometimes not make
    remote connections and would instead attempt to run Podman locally.

==== read-only-root-fs ====

- Adjust btrfsmaintenance sysconfig to not use the read-only
  root filesystem [bsc#1176052]

==== vulkan-loader ====
Version update (1.2.148 -> 1.2.151)

- Update to release 1.2.151
  * Fixed crash in device enumeration

==== xen ====

- Fix build on aarch64 with gcc10
- Package xenhypfs for aarch64