Update submodules from pool/trivy#32 and create patchinfo.20260203171624727972.93181000773252/_patchinfo

.gitmodules

@@ -3070,10 +3070,6 @@
 	path = dom2-core-tests
 	url = ../../pool/dom2-core-tests
 	branch = leap-16.0
-[submodule "doomsday"]
-	path = doomsday
-	url = ../../pool/doomsday
-	branch = leap-16.0
 [submodule "dosbox"]
 	path = dosbox
 	url = ../../pool/dosbox
@@ -7178,10 +7174,6 @@
 	path = gnu_ddrescue
 	url = ../../pool/gnu_ddrescue
 	branch = leap-16.0
-[submodule "gnucobol"]
-	path = gnucobol
-	url = ../../pool/gnucobol
-	branch = leap-16.0
 [submodule "gnuastro"]
 	path = gnuastro
 	url = ../../pool/gnuastro
@@ -12974,10 +12966,6 @@
 	path = perl-Data-Visitor
 	url = ../../pool/perl-Data-Visitor
 	branch = leap-16.0
-[submodule "perl-Date-Manip"]
-	path = perl-Date-Manip
-	url = ../../pool/perl-Date-Manip
-	branch = leap-16.0
 [submodule "perl-DateTime-Calendar-Mayan"]
 	path = perl-DateTime-Calendar-Mayan
 	url = ../../pool/perl-DateTime-Calendar-Mayan
@@ -13762,10 +13750,6 @@
 	path = perl-Mojolicious-Plugin-OAuth2
 	url = ../../pool/perl-Mojolicious-Plugin-OAuth2
 	branch = leap-16.0
-[submodule "perl-Mojolicious-Plugin-OpenAPI"]
-	path = perl-Mojolicious-Plugin-OpenAPI
-	url = ../../pool/perl-Mojolicious-Plugin-OpenAPI
-	branch = leap-16.0
 [submodule "perl-Mojolicious-Plugin-Webpack"]
 	path = perl-Mojolicious-Plugin-Webpack
 	url = ../../pool/perl-Mojolicious-Plugin-Webpack
@@ -14362,10 +14346,6 @@
 	path = perl-TAP-Formatter-GitHubActions
 	url = ../../pool/perl-TAP-Formatter-GitHubActions
 	branch = leap-16.0
-[submodule "perl-TAP-Harness-JUnit"]
-	path = perl-TAP-Harness-JUnit
-	url = ../../pool/perl-TAP-Harness-JUnit
-	branch = leap-16.0
 [submodule "perl-Task-Weaken"]
 	path = perl-Task-Weaken
 	url = ../../pool/perl-Task-Weaken

patchinfo.20260127094025704164.93181000773252/_patchinfo

@@ -1,11 +0,0 @@
-<patchinfo incident="packagehub-108">
-  <packager>eroca</packager>
-  <rating>moderate</rating>
-  <category>recommended</category>
-  <summary>Recommended update for perl-Date-Manip</summary>
-  <description>This update for perl-Date-Manip fixes the following issues:
-
-Introduce perl-Date-Manip.
-</description>
-  <package>perl-Date-Manip</package>
-</patchinfo>

patchinfo.20260128085041420529.93181000773252/_patchinfo

@@ -1,11 +0,0 @@
-<patchinfo incident="packagehub-107">
-  <packager>eroca</packager>
-  <rating>moderate</rating>
-  <category>recommended</category>
-  <summary>Recommended update for perl-TAP-Harness-JUnit</summary>
-  <description>This update for perl-TAP-Harness-JUnit fixes the following issues:
-
-Introduce perl-TAP-Harness-JUnit.
-</description>
-  <package>perl-TAP-Harness-JUnit</package>
-</patchinfo>

patchinfo.20260203102131310899.93181000773252/_patchinfo

@@ -1,117 +0,0 @@
-<patchinfo incident="packagehub-106">
-  <issue tracker="cve" id="2025-15059"/>
-  <issue tracker="cve" id="2025-14422"/>
-  <issue tracker="cve" id="2025-14424"/>
-  <issue tracker="bnc" id="1255766">VUL-0: CVE-2025-15059: gimp: GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability</issue>
-  <issue tracker="bnc" id="1255294">VUL-0: CVE-2025-14423: gimp: LBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability</issue>
-  <issue tracker="cve" id="2025-14425"/>
-  <issue tracker="cve" id="2025-14423"/>
-  <issue tracker="bnc" id="1255293">VUL-0: CVE-2025-14422: gimp: PNM File Parsing Integer Overflow Remote Code Execution Vulnerability</issue>
-  <issue tracker="bnc" id="1255295">VUL-0: CVE-2025-14424: gimp: XCF File Parsing Use-After-Free Remote Code Execution Vulnerability</issue>
-  <issue tracker="bnc" id="1255296">VUL-0: CVE-2025-14425: gimp: JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability</issue>
-  <packager>mgorse</packager>
-  <rating>moderate</rating>
-  <category>recommended</category>
-  <summary>Recommended update for gimp</summary>
-  <description>This update for gimp fixes the following issues:
-
-Changes in gimp:
-
-- Update to 3.0.8
-  - Font Loading Performance
-    - Improvements in start-up time for users with a large number
-      of fonts was backported from our 3.2 RC2 release. As a
-      result, we now wait to load images until fonts are
-      initialized - this prevents some occasional odd displays and
-      other issues when an XCF file tried to access a partially
-      loaded font.
-  - Assorted updates and fixes
-    - Daniel Plakhotich helped us identify an issue when exporting
-      a lossless WEBP image could be affected by lossy settings
-      (such as Quality being less than 100%). We’ve updated our
-      WEBP plug-in to prevent this from happening.
-    - Thanks to Jehan‘s efforts, the standard gimp-3.0 executable
-      can now be run with a --no-interface flag instead of
-      requiring users to call gimp-console-3.0 even on devices with
-      no display. The --show-debug-menu flag is now visible as
-      well.
-    - programmer_ceds improved our flatpak by adding safe guards to
-      show the correct configuration directory regardless of
-      whether XDG_CONFIG_HOME is defined on the user’s system. This
-      should make it much easier for flatpak users to install and
-      use third party plug-ins.
-    - We fixed a rare but possible crash when using the Equalize
-      filter on images with NaN values. Images that contain these
-      are usually created from scientific or mapping data, so
-      you’re unlikely to come across them in standard editing.
-    - Jeremy Bicha fixed an internal issue where the wrong version
-      number could be used when installing minor releases (such as
-      the 3.2 release candidates and upcoming 3.2 stable release).
-    - As noted in our 3.2RC2 news post, we have updated our SVG
-      import code to improve the rendered path.
-    - Further improvements have been made to our non-destructive
-      filter code to improve stability, especially when copying and
-      pasting layers and images with filters attached to them. Some
-      issues related to applying NDE filters on Quick Masks have
-      also been corrected.
-    - An unintended Search pop-up that appeared when typing while
-      the Channels dockable was selected has been turned off.
-    - When saving XCFs for GIMP 2.10 compatibility, we
-      unintentionally saved Grid color using the new color format.
-      This caused errors when reopening the XCF in 2.10. This
-      problem has now been fixed! If you encounter any other XCF
-      incompatibility, please let us know.
-  - Themes and UX
-    - The Navigation and Selection Editor dockables no longer show
-      a large bright texture when no image is actively selected.
-      This was especially noticeable on dark themes.
-    - When a layer has no active filters, the Fx column had the
-      same “checkbox” outline when hovered over as the lock column.
-      This led to confusion about clicking it to add filters. We
-      have removed the outline on hover as a small step to help
-      address this.
-    - Ondřej Míchal fixed alignment and cut-off issues with the
-      buttons on our Transform tool overlays. All buttons should
-      now be properly centered and visible.
-    - The options for filling layers with colors when resizing the
-      canvas will be turned off when not relevant (such as when you
-      set layers to not be resized).
-    - More GUI elements such as dialog header icons will now
-      respond to your icon size preferences.
-    - Ondřej Míchal has continued his work to update our UI with
-      the more usable Spin Scale widget. He has also updated the
-      widget itself to improve how it works for users and
-      developers alike.
-  - Security fixes
-    - Jacob Boerema and Gabriele Barbero continued to patch
-      potential security issues related to some of our file format
-      plug-ins. In addition to existing fixes mentioned in the
-      release candidate news posts, the following exploits are now
-      prevented: ZDI-CAN-28232 ZDI-CAN-28265 ZDI-CAN-28530
-      ZDI-CAN-28591 ZDI-CAN-28599
-    - Another potential issue related to ICO files with incorrect
-      metadata was reported by Dhiraj. It does not have a CVE
-      number yet, but it has been fixed for GIMP 3.0.8. Jacob
-      Boerema also fixed a potential issue with loading Creator
-      blocks in Paintshop Pro PSP images.
-  - API
-    - For plug-in and script developers, a few new public APIs were
-      backported to GIMP 3.0.8. gimp_cairo_surface_get_buffer ()
-      allows you to retrieve a GEGL buffer from a Cairo surface
-      (such as a text layer). Note that this deprecates
-      gimp_cairo_surface_create_buffer ().
-    - gimp_config_set_xcf_version () and
-      gimp_config_get_xcf_version () can be used to specify a
-      particular XCF version for a configuration. This will allow
-      you to have that data serialized/deserialized for certain
-      versions of GIMP if there were differences (such as the Grid
-      colors mentioned above).
-    - Fixes were made for retrieving image metadata via scripting.
-      GimpMetadata is now a visible child of GExiv2Metadata, so you
-      can use standard gexiv2 functions to retrieve information
-      from it.
-    - Original thumbnail metadata is also now removed on export to
-      prevent potential issues when exporting into a new format.
-</description>
-  <package>gimp</package>
-</patchinfo>

patchinfo.20260203171624727972.93181000773252/_patchinfo

@@ -0,0 +1,92 @@
+<patchinfo>
+  <issue tracker="bnc" id="1255366">VUL-0: CVE-2025-64702: trivy: github.com/quic-go/quic-go/http3: quic-go HTTP/3 QPACK Header Expansion DoS</issue>
+  <issue tracker="cve" id="2025-66564">CVE-2025-66564 github.com/sigstore/timestamp-authority: Sigstore Timestamp Authority: Denial of Service via excessive OID or Content-Type header parsing</issue>
+  <issue tracker="cve" id="2025-64702">VUL-0: CVE-2025-64702: TRACKERBUG: github.com/quic-go/quic-go/http3: quic-go HTTP/3 QPACK Header Expansion DoS</issue>
+  <packager>dirkmueller</packager>
+  <rating>important</rating>
+  <category>security</category>
+  <summary>Security update for trivy</summary>
+  <description>This update for trivy fixes the following issues:
+
+Changes in trivy:
+
+- Update to version 0.69.0 (bsc#1255366, CVE-2025-64702):
+  * release: v0.69.0 [main] (#9886)
+  * chore: bump trivy-checks to v2 (#9875)
+  * chore(deps): bump github.com/theupdateframework/go-tuf/v2 from 2.3.1 to 2.4.1 (#10091)
+  * fix(repo): return a nil interface for gitAuth if missing (#10097)
+  * fix(java): correctly inherit properties from parent fields for pom.xml files (#9111)
+  * fix(rust): implement version inheritance for Cargo mono repos (#10011)
+  * feat(activestate): add support ActiveState images (#10081)
+  * feat(vex): support per-repo tls configuration (#10030)
+  * refactor: allow per-request transport options override (#10083)
+  * chore(deps): bump github.com/sigstore/rekor from 1.4.3 to 1.5.0 (#10084)
+  * chore(deps): bump github.com/sigstore/sigstore from 1.10.3 to 1.10.4 (#10085)
+  * fix(java): correctly propagate repositories from upper POMs to dependencies (#10077)
+  * feat(rocky): enable modular package vulnerability detection (#10069)
+  * chore(deps): bump github.com/theupdateframework/go-tuf/v2 from 2.3.0 to 2.3.1 (#10079)
+  * docs: fix mistake in config file example for skip-dirs/skip-files flag (#10070)
+  * feat(report): add Trivy version to JSON output (#10065)
+  * fix(rust): add cargo workspace members glob support (#10032)
+  * feat: add AnalyzedBy field to track which analyzer detected packages (#10059)
+  * fix: use canonical SPDX license IDs from embeded licenses.json (#10053)
+  * docs: fix link to Docker Image Specification (#10057)
+  * feat(secret): add detection for Symfony default secret key (#9892)
+  * refactor(misconf): move common logic to base value and simplify typed values (#9986)
+  * fix(java): add hash of GAV+root pom file path for pkgID for packages from pom.xml files (#9880)
+  * feat(misconf): use Terraform plan configuration to partially restore schema (#9623)
+  * feat(misconf): add action block to Terraform schema (#10035)
+  * fix(misconf): correct typos in block and attribute names (#9993)
+  * test(misconf): simplify test values using *Test helpers (#9985)
+  * fix(misconf): safely parse rotation_period in google_kms_crypto_key (#9980)
+  * feat(misconf): support for ARM resources defined as an object (#9959)
+  * feat(misconf): support for azurerm_*_web_app (#9944)
+  * test: migrate private test helpers to `export_test.go` convention (#10043)
+  * chore(deps): bump github.com/sigstore/cosign/v2 from 2.2.4 to 2.6.2 (#10048)
+  * fix(secret): improve word boundary detection for Hugging Face tokens (#10046)
+  * fix(go): use ldflags version for all pseudo-versions    (#10037)
+  * chore: switch to ID from AVDID in internal and user-facing fields (#9655)
+  * refactor(misconf)!: use ID instead of AVDID for providers mapping (#9752)
+  * fix: move enum into items for array-type fields in JSON Schema (#10039)
+  * docs: fix incorrect documentation URLs (#10038)
+  * feat(sbom): exclude PEP 770 SBOMs in .dist-info/sboms/ (#10033)
+  * fix(docker): fix non-det scan results for images with embedded SBOM (#9866)
+  * chore(deps): bump the github-actions group with 11 updates (#10001)
+  * test: fix assertion after 2026 roll over (#10002)
+  * fix(vuln): skip vulns detection for CentOS Stream family without scan failure (#9964)
+  * fix(license): normalize licenses for PostAnalyzers (#9941)
+  * feat(nodejs): parse licenses from `package-lock.json` file (#9983)
+  * chore: update reference links to Go Wiki (#9987)
+  * refactor: add xslices.Map and replace lo.Map usages (#9984)
+  * fix(image): race condition in image artifact inspection (#9966)
+  * feat(flag): add JSON Schema for trivy.yaml configuration file (#9971)
+  * refactor(debian): use txtar format for test data (#9957)
+  * chore(deps): bump `golang.org/x/tools` to `v0.40.0` + `gopls` to `v0.21.0` (#9973)
+  * feat(rootio): Update trivy db to support usage of Severity from root.io feed (#9930)
+  * feat(vuln): skip vulnerability scanning for third-party packages in Debian/Ubuntu (#9932)
+  * docs: add info that `--file-pattern` flag doesn't disable default behaviuor (#9961)
+  * perf(misconf): optimize string concatenation in azure scanner (#9969)
+  * chore: add client option to install script (#9962)
+  * ci(helm): bump Trivy version to 0.68.2 for Trivy Helm Chart 0.20.1 (#9956)
+  * chore(deps): bump github.com/quic-go/quic-go from 0.54.1 to 0.57.0 (#9952)
+  * docs: update binary signature verification for sigstore bundles (#9929)
+  * chore(deps): bump alpine from `3.22.1` to `3.23.0` (#9935)
+  * chore(alpine): add EOL date for alpine 3.23 (#9934)
+  * feat(cloudformation): add support for Fn::ForEach (#9508)
+  * ci: enable `check-latest` for `setup-go` (#9931)
+  * feat(debian): detect third-party packages using maintainer list (#9917)
+  * fix(vex): add CVE-2025-66564 as not_affected into Trivy VEX file (#9924)
+  * feat(helm): add sslCertDir parameter (#9697)
+  * fix(misconf): respect .yml files when Helm charts are detected (#9912)
+  * feat(php): add support for dev dependencies in Composer (#9910)
+  * chore(deps): bump the common group across 1 directory with 9 updates (#9903)
+  * chore(deps): bump github.com/docker/cli from 29.0.3+incompatible to 29.1.1+incompatible in the docker group (#9859)
+  * fix: remove trailing tab in statefulset template (#9889)
+  * feat(julia): enable vulnerability scanning for the Julia language ecosystem (#9800)
+  * feat(misconf): initial ansible scanning support (#9332)
+  * feat(misconf): Update Azure Database schema (#9811)
+  * ci(helm): bump Trivy version to 0.68.1 for Trivy Helm Chart 0.20.0 (#9869)
+  * chore: update the install script (#9874)
+</description>
+  <package>trivy</package>
+</patchinfo>

patchinfo.20260204115012215375.93181000773252/_patchinfo

@@ -1,30 +0,0 @@
-<patchinfo incident="packagehub-113">
-  <issue tracker="bnc" id="1257403">VUL-0: CVE-2025-14550: python-Django,python3-Django,python-Django6: Potential denial-of-service vulnerability via repeated headers when using ASGI</issue>
-  <issue tracker="bnc" id="1257406">VUL-0: CVE-2026-1285: python-Django,python3-Django,python-Django6: Potential denial-of-service vulnerability in django.utils.text.Truncator HTML methods</issue>
-  <issue tracker="bnc" id="1257405">VUL-0: CVE-2026-1207: python-Django,python3-Django,python-Django6: Potential SQL injection via raster lookups on PostGIS</issue>
-  <issue tracker="cve" id="2026-1207"/>
-  <issue tracker="cve" id="2026-1312"/>
-  <issue tracker="cve" id="2026-1287"/>
-  <issue tracker="bnc" id="1257407">VUL-0: CVE-2026-1287: python-Django,python3-Django,python-Django6: Potential SQL injection in column aliases via control characters</issue>
-  <issue tracker="cve" id="2025-13473"/>
-  <issue tracker="bnc" id="1257401">VUL-0: CVE-2025-13473: python-Django,python3-Django,python-Django6: Username enumeration through timing difference in mod_wsgi authentication handler</issue>
-  <issue tracker="bnc" id="1257408">VUL-0: CVE-2026-1312: python-Django,python3-Django,python-Django6: Potential SQL injection via QuerySet.order_by and FilteredRelation</issue>
-  <issue tracker="cve" id="2025-14550"/>
-  <issue tracker="cve" id="2026-1285"/>
-  <packager>mcalabkova</packager>
-  <rating>important</rating>
-  <category>security</category>
-  <summary>Security update for python-Django</summary>
-  <description>This update for python-Django fixes the following issues:
-
-Changes in python-Django:
-
-- CVE-2026-1312: Fixed potential SQL injection via QuerySet.order_by and FilteredRelation (bsc#1257408).
-- CVE-2026-1287: Fixed potential SQL injection in column aliases via control characters (bsc#1257407).
-- CVE-2026-1207: Fixed potential SQL injection via raster lookups on PostGIS (bsc#1257405).
-- CVE-2026-1285: Fixed potential denial-of-service in django.utils.text.Truncator HTML methods (bsc#1257406).
-- CVE-2025-13473: Fixed username enumeration through timing difference in mod_wsgi authentication handler (bsc#1257401).
-- CVE-2025-14550: Fixed potential denial-of-service via repeated headers when using ASGI (bsc#1257403).
-</description>
-  <package>python-Django</package>
-</patchinfo>

patchinfo.20260204115510991084.93181000773252/_patchinfo

@@ -1,22 +0,0 @@
-<patchinfo incident="packagehub-112">
-  <issue tracker="cve" id="2026-1862"/>
-  <issue tracker="cve" id="2026-1861"/>
-  <issue tracker="bnc" id="1257650">VUL-0: chromium: release 144.0.7559.132</issue>
-  <packager>oertel</packager>
-  <rating>important</rating>
-  <category>security</category>
-  <summary>Security update for chromium</summary>
-  <description>This update for chromium fixes the following issues:
-
-Changes in chromium:
-
-- Chromium 144.0.7559.132 (boo#1257650)
-  * CVE-2026-1861: Heap buffer overflow in libvpx in Google Chrome
-    prior to 144.0.7559.132 allowed a remote attacker to potentially
-    exploit heap corruption via a crafted HTML page.
-  * CVE-2026-1862: Type Confusion in V8 in Google Chrome prior to
-    144.0.7559.132 allowed a remote attacker to potentially exploit
-    heap corruption via a crafted HTML page.
-</description>
-  <package>chromium</package>
-</patchinfo>

patchinfo.20260204115645891071.93181000773252/_patchinfo

@@ -1,14 +0,0 @@
-<patchinfo incident="packagehub-109">
-  <packager>letsfindaway</packager>
-  <rating>moderate</rating>
-  <category>recommended</category>
-  <summary>Recommended update for OpenBoard</summary>
-  <description>This update for OpenBoard fixes the following issues:
-
-Changes in OpenBoard:
-
-- add AppData in metainfo.xml
-- update to release version 1.7.5
-</description>
-  <package>OpenBoard</package>
-</patchinfo>

patchinfo.20260204120853139168.93181000773252/_patchinfo

@@ -1,11 +0,0 @@
-<patchinfo incident="packagehub-111">
-  <packager>eroca</packager>
-  <rating>moderate</rating>
-  <category>recommended</category>
-  <summary>Recommended update for perl-Mojolicious-Plugin-OpenAPI</summary>
-  <description>This update for perl-Mojolicious-Plugin-OpenAPI fixes the following issues:
-
-Introduce perl-Mojolicious-Plugin-OpenAPI.
-</description>
-  <package>perl-Mojolicious-Plugin-OpenAPI</package>
-</patchinfo>

patchinfo.20260204160351183292.93181000773252/_patchinfo

@@ -1,14 +0,0 @@
-<patchinfo incident="packagehub-110">
-  <issue tracker="bnc" id="1256465">Week numbers are off by one in Evolution's calendar (Year view)</issue>
-  <packager>mgorse</packager>
-  <rating>moderate</rating>
-  <category>recommended</category>
-  <summary>Recommended update for evolution</summary>
-  <description>This update for evolution fixes the following issues:
-
-Changes in evolution:
-
-- Fix incorrect week numbers in calendar year view (bsc#1256465).
-</description>
-  <package>evolution</package>
-</patchinfo>

patchinfo.20260206094000823685.93181000773252/_patchinfo

@@ -1,11 +0,0 @@
-<patchinfo incident="packagehub-115">
-  <packager>eroca</packager>
-  <rating>moderate</rating>
-  <category>recommended</category>
-  <summary>Recommended update for gnucobol</summary>
-  <description>This update for gnucobol fixes the following issues:
-
-Introduce gnucobol.
-</description>
-  <package>gnucobol</package>
-</patchinfo>

patchinfo.20260209123942988001.93181000773252/_patchinfo

@@ -1,11 +0,0 @@
-<patchinfo incident="packagehub-116">
-  <packager>eroca</packager>
-  <rating>moderate</rating>
-  <category>recommended</category>
-  <summary>Recommended update for doomsday</summary>
-  <description>This update for doomsday fixes the following issues:
-
-Introduce doomsday.
-</description>
-  <package>doomsday</package>
-</patchinfo>

patchinfo.20260209151441438275.93181000773252/_patchinfo

@@ -1,26 +0,0 @@
-<patchinfo>
-  <issue tracker="cve" id="2026-1998"/>
-  <issue tracker="bnc" id="1257803">VUL-0: CVE-2026-1998: micropython: segmentation fault in `mp_map_lookup` via `mp_import_all`</issue>
-  <packager>dheidler</packager>
-  <rating>low</rating>
-  <category>security</category>
-  <summary>Security update for micropython</summary>
-  <description>This update for micropython fixes the following issues:
-
-Changes in micropython:
-
-- CVE-2026-1998: Fixed segmentation fault in `mp_map_lookup` via `mp_import_all` (bsc#1257803).
-
-- Version 1.26.1
-  * esp32: update esp_tinyusb component to v1.7.6
-  * tools: add an environment variable MICROPY_MAINTAINER_BUILD
-  * esp32: add IDF Component Lockfiles to git repo
-  * shared/tinyusb: fix hang from new tx_overwritabe_if_not_connected flag
-  * shared/tinyusb/mp_usbd_cdc: rewrite USB CDC TX loop
-  * tools/mpremote: don't apply Espressif DTR/RTS quirk to TinyUSB CDC dev
-
-- Fix building on single core systems
-  * Skip tests/thread/stress_schedule.py when single core system detected
-</description>
-  <package>micropython</package>
-</patchinfo>

patchinfo.20260209155200377268.93181000773252/_patchinfo

@@ -1,14 +0,0 @@
-<patchinfo incident="packagehub-114">
-  <issue tracker="bnc" id="1257869">KMail2: Klick on link does not open Browser</issue>
-  <packager>favogt</packager>
-  <rating>moderate</rating>
-  <category>recommended</category>
-  <summary>Recommended update for messagelib</summary>
-  <description>This update for messagelib fixes the following issues:
-
-Changes in messagelib:
-
-- Fix links sometimes not opening (boo#1257869, kde#493325):
-</description>
-  <package>messagelib</package>
-</patchinfo>