Packages changed:
  ca-certificates-mozilla (2.40 -> 2.42)
  conmon (2.0.17 -> 2.0.20)
  installation-images-MicroOS (16.0 -> 16.2)
  libcontainers-common (20200603 -> 20200727)
  libfido2
  logrotate (3.16.0 -> 3.17.0)
  mozilla-nss (3.53.1 -> 3.54)
  permissions (1550_20200710 -> 1550_20200727)
  snapper (0.8.11 -> 0.8.12)
  yast2 (4.3.17 -> 4.3.19)
  yomi-formula (0.0.1+git.1587986719.9a9097a -> 0.0.1+git.1595952633.b300be2)

=== Details ===

==== ca-certificates-mozilla ====
Version update (2.40 -> 2.42)

- update to 2.42 state of the Mozilla NSS Certificate store (bsc#1174673)
  Removed CAs:
  - AddTrust External CA Root
  - AddTrust Class 1 CA Root
  - LuxTrust Global Root 2
  - Staat der Nederlanden Root CA - G2
  - Symantec Class 1 Public Primary Certification Authority - G4
  - Symantec Class 2 Public Primary Certification Authority - G4
  - VeriSign Class 3 Public Primary Certification Authority - G3
  Added CAs:
  - certSIGN Root CA G2
  - e-Szigno Root CA 2017
  - Microsoft ECC Root Certificate Authority 2017
  - Microsoft RSA Root Certificate Authority 2017

==== conmon ====
Version update (2.0.17 -> 2.0.20)

- Update to v2.0.20
  - journald: fix logging container name
  - container logging: Implement none driver - "off", "null" or
    "none" all work.
  - ctrl: warn if we fail to unlink
  - Drop fsync calls
  - Reap PIDs before running exit command
  - Fix log path parsing
  - Add --sync option to prevent conmon from double forking
  - Add --no-sync-log option to instruct conmon to not sync the
    logs of the containers upon shutting down. This feature fixes a
    regression where we unconditionally dropped the log sync. It is
    possible the container logs could be corrupted on a sudden
    power-off. If you need container logs to remain in consistent
    state after a sudden shutdown, please update from v2.0.19 to
    v2.0.20

==== installation-images-MicroOS ====
Version update (16.0 -> 16.2)

- merge gh#openSUSE/installation-images#399
- Remove pycache to save space (20 MB uncompressed)
- Remove pycache to save space (20:4 MiB pre:post squashfs-ing)
- 16.2
- merge gh#openSUSE/installation-images#400
- check_libs internals: use xargs, enable perl warnings
- check_libs internals: document data structures, use xargs, enable
  perl warnings
- 16.1

==== libcontainers-common ====
Version update (20200603 -> 20200727)

- Added containers/common tarball for containers.conf(5) man page
- Install containers.conf default configuration in
  /usr/share/containers
- libpod repository on github got renamed to podman
- Update to image 5.5.1
  - Add documentation for credHelpera
  - Add defaults for using the rootless policy path
- Update libpod/podman to 2.0.3
  - docs: user namespace can't be shared in pods
  - Switch references from libpod.conf to containers.conf
  - Allow empty host port in --publish flag
  - update document login see config.json as valid
- Update storage to 1.20.2
  - Add back skip_mount_home

==== libfido2 ====
Subpackages: libfido2-1 libfido2-udev

- Cleanup udev rules, trying to use the Debian specific plugdev
  group fills up the journal.
- Make the udev rules package noarch, correct Summary

==== logrotate ====
Version update (3.16.0 -> 3.17.0)

- Update to 3.17.0:
  * lock state file to prevent parallel execution of logrotate
  * add '.bak' extension to default taboo list
  * allow to pass a home-relative path to 'include'
  * 'switch_user_permanently': skip switchback check if switched to root
  * logrotate.service: enable 'ProtectClock' to restrict setting of clock
  * delete old logs hit by 'maxage' regardless of 'dateext'

==== mozilla-nss ====
Version update (3.53.1 -> 3.54)

- update to NSS 3.54
  Notable changes
  * Support for TLS 1.3 external pre-shared keys (bmo#1603042).
  * Use ARM Cryptography Extension for SHA256, when available
    (bmo#1528113)
  * The following CA certificates were Added:
    bmo#1645186 - certSIGN Root CA G2.
    bmo#1645174 - e-Szigno Root CA 2017.
    bmo#1641716 - Microsoft ECC Root Certificate Authority 2017.
    bmo#1641716 - Microsoft RSA Root Certificate Authority 2017.
  * The following CA certificates were Removed:
    bmo#1645199 - AddTrust Class 1 CA Root.
    bmo#1645199 - AddTrust External CA Root.
    bmo#1641718 - LuxTrust Global Root 2.
    bmo#1639987 - Staat der Nederlanden Root CA - G2.
    bmo#1618402 - Symantec Class 2 Public Primary Certification Authority - G4.
    bmo#1618402 - Symantec Class 1 Public Primary Certification Authority - G4.
    bmo#1618402 - VeriSign Class 3 Public Primary Certification Authority - G3.
  * A number of certificates had their Email trust bit disabled.
    See bmo#1618402 for a complete list.
  Bugs fixed
  * bmo#1528113 - Use ARM Cryptography Extension for SHA256.
  * bmo#1603042 - Add TLS 1.3 external PSK support.
  * bmo#1642802 - Add uint128 support for HACL* curve25519 on Windows.
  * bmo#1645186 - Add "certSIGN Root CA G2" root certificate.
  * bmo#1645174 - Add Microsec's "e-Szigno Root CA 2017" root certificate.
  * bmo#1641716 - Add Microsoft's non-EV root certificates.
  * bmo1621151 - Disable email trust bit for "O=Government
    Root Certification Authority; C=TW" root.
  * bmo#1645199 - Remove AddTrust root certificates.
  * bmo#1641718 - Remove "LuxTrust Global Root 2" root certificate.
  * bmo#1639987 - Remove "Staat der Nederlanden Root CA - G2" root
    certificate.
  * bmo#1618402 - Remove Symantec root certificates and disable email trust
    bit.
  * bmo#1640516 - NSS 3.54 should depend on NSPR 4.26.
  * bmo#1642146 - Fix undefined reference to `PORT_ZAlloc_stub' in seed.c.
  * bmo#1642153 - Fix infinite recursion building NSS.
  * bmo#1642638 - Fix fuzzing assertion crash.
  * bmo#1642871 - Enable SSL_SendSessionTicket after resumption.
  * bmo#1643123 - Support SSL_ExportEarlyKeyingMaterial with External PSKs.
  * bmo#1643557 - Fix numerous compile warnings in NSS.
  * bmo#1644774 - SSL gtests to use ClearServerCache when resetting
    self-encrypt keys.
  * bmo#1645479 - Don't use SECITEM_MakeItem in secutil.c.
  * bmo#1646520 - Stricter enforcement of ASN.1 INTEGER encoding.

==== permissions ====
Version update (1550_20200710 -> 1550_20200727)
Subpackages: chkstat permissions-config

- Update to version 20200727:
  * etc/permissions: remove static /var/spool/* dirs
  * etc/permissions: remove outdated entries
  * etc/permissions: remove unnecessary static dirs and devices
  * screen: remove now unused /var/run/uscreens

==== snapper ====
Version update (0.8.11 -> 0.8.12)
Subpackages: libsnapper5

- fixed error when using mksubvolume to create /tmp (bsc#1174401)
- version 0.8.12

==== yast2 ====
Version update (4.3.17 -> 4.3.19)

- XML: do not export the system ID if it is not defined
  (boo#1174424).
- 4.3.19
- Handle exceptions when parsing xml file (related to bsc#1170886)
- 4.3.18

==== yomi-formula ====
Version update (0.0.1+git.1587986719.9a9097a -> 0.0.1+git.1595952633.b300be2)

- Update to version 0.0.1+git.1595952633.b300be2:
  * pillar: install always kernel-default
  * chroot: python3-base is now a capability
  * Move systemctl calls inside chroot
  * Network: initial work for network declaration
  * MicroOS: Remove tmp subvolume
  * Update format following the new standard
  * Fix __mount_device wrapper