pasture/php-5.6.39-x86_64-1.txz
Several security bugs have been fixed in this release:
Segfault when using convert.quoted-printable-encode filter.
Null pointer dereference in imap_mail.
imap_open allows to run arbitrary shell commands via mailbox parameter.
PharData always creates new files with mode 0666.
Heap Buffer Overflow (READ: 4) in phar_parse_pharfile.
For more information, see:
https://php.net/ChangeLog-5.php#5.6.39
(* Security fix *)

a/btrfs-progs-v4.19.1-x86_64-1.txz

a/dbus-1.12.12-x86_64-1.txz

ap/cups-2.2.10-x86_64-1.txz

ap/cups-filters-1.21.5-x86_64-1.txz

ap/hplip-3.18.12-x86_64-1.txz

d/mercurial-4.8.1-x86_64-1.txz

d/rust-1.31.0-x86_64-1.txz

l/libpng-1.6.36-x86_64-1.txz

l/python-idna-2.8-x86_64-1.txz

n/php-7.2.13-x86_64-1.txz
This is a security release which also contains several minor bug fixes.
For more information, see:
https://php.net/ChangeLog-7.php#7.2.13
(* Security fix *)

n/wpa_supplicant-2.7-x86_64-1.txz

x/mesa-18.3.0-x86_64-1.txz

x/xf86-video-i740-1.4.0-x86_64-1.txz

xap/mozilla-thunderbird-60.3.3-x86_64-1.txz
This is a bugfix release. For more information, see:
https://www.mozilla.org/en-US/thunderbird/60.3.3/releasenotes/

xfce/thunar-volman-0.9.1-x86_64-1.txz

n/ntp-4.2.8p12-x86_64-5.txz
Fixed logrotate file. Thanks to allend and rworkman.