a/cpio-2.12-x86_64-1.txz

a/dbus-1.10.6-x86_64-1.txz

a/lvm2-2.02.136-x86_64-1.txz

a/openssl-solibs-1.0.2d-x86_64-1.txz

a/tar-1.28-x86_64-1.txz

ap/cups-2.1.0-x86_64-1.txz

l/freetype-2.6.2-x86_64-1.txz

l/gmp-6.1.0-x86_64-1.txz

l/harfbuzz-1.1.2-x86_64-1.txz

l/libpng-1.6.19-x86_64-1.txz
Fixed buffer overflows in the png_set_PLTE(), png_get_PLTE(),
png_set_tIME(), and png_convert_to_rfc1123() functions that allow
attackers to cause a denial of service (application crash) or
possibly have unspecified other impact via a small bit-depth value
in an IHDR (aka image header) chunk in a PNG image.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7981
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8126.
(* Security fix *)

l/librsvg-2.40.12-x86_64-1.txz

n/openssl-1.0.2d-x86_64-1.txz

xap/mozilla-thunderbird-38.4.0-x86_64-1.txz
This update contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
(* Security fix *)

a/eudev-3.1.5-x86_64-7.txz
In rc.udev, create static nodes with better initial permissions.

a/pkgtools-14.2-noarch-5.txz
Set LANG=C in pkgtool.

kde/kio-mtp-2063e75_20131020git-x86_64-3.txz
Fix invalid UTF-8 sequence in slack-desc. Thanks to turtleli.

l/eigen3-3.2.7-x86_64-2.txz
Fixed eigen3.pc include directory. Thanks to chris.willing.

l/glib2-2.46.2-x86_64-2.txz
Applied upstream patch to fix a memory leak.

l/libmtp-1.1.10-x86_64-2.txz
Put the udev stuff in the right directory. Thanks to yars.