-------------------------------------------------------------------
+Fri Aug 17 14:52:14 CEST 2018 - ma@suse.de
+
+- Adapt to changes in libgpgme11-11.1.0 breaking the signature
+ verification (bsc#1100427)
+- Use %license (bsc#1082318)
+- BuildRequires: libsolv-devel >= 0.6.35 (for bsc#1100095)
+- changes: add CVE numbers
+- version 17.6.1 (2)
+
+-------------------------------------------------------------------
+Fri Aug 3 11:11:25 CEST 2018 - ma@suse.de
+
+- RepoInfo::provideKey: add report telling where we look for missing
+ keys.
+- Support listing gpgkey URLs in repo files (bsc#1088037)
+- Add new report to request user approval for importing a package key
+- Handle http error 502 Bad Gateway in curl backend (bsc #1070851)
+ (fixes openSUSE/zypper#177)
+- Add filesize check for downloads with known size (bsc#408814)
+- Removed superfluous space in translation (bsc#1102019)
+- version 17.6.0 (2)
+
+-------------------------------------------------------------------
+Thu Jul 19 12:57:21 CEST 2018 - ma@suse.de
+
+- Prevent the system from sleeping during a commit
+ (fixes openSUSE/zypper#135)
+- RepoManager: Explicitly request repo2solv to generate application
+ pseudo packages.
+- version 17.5.2 (2)
+
+-------------------------------------------------------------------
Wed Jul 18 10:55:49 CEST 2018 - ma@suse.de
- libzypp-devel should not require cmake (bsc#1101349)
- HardLocksFile: Prevent against empty commit without Target having
been been loaded (bsc#1096803)
- lsof: use '-K i' if lsof supports it (bsc#1099847)
-- PackageProvider: Validate deta rpms before caching (bsc#1091624)
+- PackageProvider: Validate deta rpms before caching (bsc#1091624,
+ bsc#1088705, CVE-2018-7685)
- PackageProvider: Validate downloaded rpm package signatures
- before caching (bsc#1091624)
+ before caching (bsc#1091624, bsc#1088705, CVE-2018-7685)
- version 17.5.0 (2)
-------------------------------------------------------------------