SUSE Image Update Advisory: SUSE
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2000:29-1
Image Tags        : SUSE:SLE-15-SP5:0
Image Release     : 
Severity          : critical
Type              : security
References        : 1001161 1002895 1006584 1006739 1008644 1010047 1010783 1010979
                        1010980 1014440 1014478 1015141 1017693 1018823 1020320 1020320
                        1020320 1020320 1020320 1020320 1020320 1020320 1020320 1020320
                        1020320 1020320 1020320 1020320 1020320 1020320 1020320 1020320
                        1020320 1020320 1020320 1020320 1020320 1020320 1020320 1020320
                        1020320 1020320 1020320 1020320 1020451 1020456 1020458 1020460
                        1021387 1022052 1022528 1024288 1024291 1024309 1027353 1029162
                        1029162 1029162 1029162 1029162 1029961 1029961 1029961 1029961
                        1029961 1029961 1036968 1036969 1038083 1040109 1040113 1040115
                        1040589 1040589 1041090 1041090 1044232 1045450 1047178 1047218
                        1047218 1047218 1047218 1047218 1047218 1047218 1047218 1048046
                        1049056 1049382 1050305 1051429 1052837 1052900 1054027 1054413
                        1054594 1055857 1057152 1059627 1059893 1061210 1061305 1062267
                        1062631 1065609 1067478 1068709 1068711 1068871 1068942 1069217
                        1069296 1070943 1071031 1071481 1071767 1071777 1071995 1073299
                        1073877 1074317 1074711 1074856 1074971 1075263 1076314 1076421
                        1076467 1076640 1076817 1076963 1076967 1078466 1079603 1079845
                        1080040 1080074 1080439 1080978 1080985 1081164 1081286 1081495
                        1081495 1082007 1082008 1082009 1082010 1082011 1082014 1082023
                        1082058 1082318 1082318 1082318 1082332 1082821 1082825 1082877
                        1082974 1083424 1084533 1084812 1084842 1084842 1084925 1085318
                        1085343 1085449 1085515 1085670 1085785 1086185 1086408 1086777
                        1087066 1087072 1087426 1087426 1087433 1087434 1087436 1087437
                        1087440 1087441 1087550 1088263 1088278 1088358 1088358 1088358
                        1089039 1089080 1089114 1089340 1089524 1089709 1089802 1089802
                        1089811 1089883 1090023 1090024 1090025 1090026 1090027 1090028
                        1090029 1090030 1090032 1090033 1090099 1090562 1090638 1090657
                        1090667 1091045 1091070 1091074 1091109 1091340 1091341 1091342
                        1091343 1091344 1091606 1091619 1091942 1091988 1092100 1092108
                        1092115 1092122 1092125 1092163 1092206 1092331 1092480 1092737
                        1092949 1093311 1093392 1093420 1093436 1093663 1093733 1093843
                        1093844 1093910 1094222 1094301 1094301 1094657 1094680 1094694
                        1094717 1094761 1094779 1094781 1094823 1094832 1094836 1095141
                        1095397 1095485 1095601 1095639 1095644 1095769 1095817 1096008
                        1096064 1096180 1096360 1096363 1096405 1096406 1096407 1096408
                        1096498 1096542 1096677 1096726 1096726 1096738 1096745 1096917
                        1096974 1096984 1097134 1097158 1097158 1097339 1097378 1097410
                        1097442 1097455 1097505 1097525 1097624 1097938 1097975 1098017
                        1098017 1098217 1098360 1098369 1098411 1098521 1098531 1098592
                        1098637 1098681 1098697 1098891 1098946 1098979 1098986 1099101
                        1099119 1099192 1099257 1099277 1099358 1099358 1099497 1099508
                        1099698 1100077 1100078 1100167 1100167 1100206 1100331 1100504
                        1100523 1100687 1100727 1101023 1101107 1101373 1101410 1101412
                        1101428 1101470 1101475 1101560 1101566 1101567 1101568 1101569
                        1101570 1101571 1101573 1101576 1101577 1101578 1101581 1101582
                        1101583 1101588 1101589 1101600 1101644 1101645 1101645 1101651
                        1101651 1101654 1101655 1101656 1101656 1101776 1101776 1101777
                        1101777 1101786 1101786 1101788 1101788 1101791 1101791 1101794
                        1101794 1101797 1101800 1101800 1101802 1101802 1101804 1101804
                        1101810 1101810 1101906 1101985 1102016 1102016 1102062 1102068
                        1102073 1102294 1102408 1102408 1102408 1102408 1102522 1102564
                        1102775 1102836 1103032 1103040 1103040 1103200 1103206 1103320
                        1103320 1103388 1103542 1103552 1103676 1103684 1103893 1104036
                        1104110 1104120 1104457 1104457 1104668 1104700 1104770 1104789
                        1104803 1104821 1104876 1104898 1105000 1105157 1105170 1105173
                        1105331 1105435 1106014 1106171 1106172 1106173 1106195 1106197
                        1106514 1106514 1106523 1106528 1106531 1106812 1106850 1106853
                        1106873 1106881 1106881 1106882 1107069 1107105 1107410 1107411
                        1107412 1107413 1107420 1107421 1107422 1107423 1107424 1107426
                        1107581 1108027 1108037 1108038 1108134 1108265 1108468 1108471
                        1108606 1108618 1108627 1108630 1108631 1108631 1108632 1108632
                        1108637 1108752 1108756 1108757 1108761 1108762 1108981 1109105
                        1109105 1109367 1109412 1109413 1109414 1109694 1109938 1110085
                        1110194 1110348 1110358 1110687 1110700 1110723 1110868 1111122
                        1111151 1111162 1111190 1111243 1111254 1111267 1111479 1111480
                        1111493 1111572 1111586 1111598 1111647 1111647 1111657 1111791
                        1111853 1111996 1112009 1112033 1112112 1112113 1112114 1112142
                        1112142 1112143 1112143 1112144 1112144 1112145 1112146 1112146
                        1112147 1112147 1112148 1112148 1112149 1112152 1112153 1112183
                        1112209 1112229 1112310 1112357 1112530 1112532 1112534 1112535
                        1112548 1112780 1112822 1112980 1113013 1113038 1113039 1113040
                        1113048 1113094 1113247 1113252 1113255 1113313 1113455 1113534
                        1113554 1113652 1113672 1113734 1113742 1113889 1113969 1113978
                        1114209 1114209 1114407 1114483 1114498 1114592 1114592 1114640
                        1114695 1114828 1114832 1114832 1114985 1115001 1115165 1115375
                        1115375 1115464 1115550 1115555 1115637 1115640 1115713 1115717
                        1115717 1115750 1115929 1116021 1116182 1116182 1116204 1116432
                        1116451 1116451 1116560 1116574 1116600 1116658 1116675 1116686
                        1116686 1116758 1116767 1116799 1116807 1116827 1116957 1116987
                        1116993 1117001 1117022 1117074 1117110 1117195 1117260 1117274
                        1117300 1117313 1117327 1117328 1117331 1117505 1117507 1117508
                        1117511 1117597 1117632 1117665 1117740 1117740 1117951 1117954
                        1117969 1118118 1118459 1118644 1118783 1118830 1118831 1118897
                        1118897 1118897 1118897 1118897 1118898 1118898 1118898 1118898
                        1118898 1118899 1118899 1118899 1118899 1118899 1118935 1118987
                        1118990 1119029 1119069 1119105 1119110 1119137 1119213 1119353
                        1119397 1119496 1119634 1119687 1119702 1119706 1119851 1119963
                        1119975 1120004 1120360 1120382 1120402 1120431 1120493 1120498
                        1120499 1120500 1120515 1120516 1120517 1120519 1120610 1120610
                        1120640 1120762 1120805 1120807 1120862 1120929 1120930 1120943
                        1120943 1120980 1121034 1121035 1121056 1121114 1121150 1121151
                        1121231 1121232 1121232 1121233 1121233 1121234 1121234 1121235
                        1121235 1121397 1121410 1121412 1121466 1121578 1121610 1121624
                        1121626 1121717 1121753 1121858 1121874 1121874 1121878 1121967
                        1121967 1121967 1121967 1122013 1122172 1122292 1122292 1122293
                        1122293 1122293 1122299 1122299 1122299 1122299 1122319 1122469
                        1122491 1122623 1122668 1122669 1122675 1122741 1122853 1123008
                        1123013 1123043 1123046 1123131 1123131 1123156 1123387 1123455
                        1123455 1123522 1123557 1123661 1123671 1123672 1123694 1123784
                        1123808 1124062 1124062 1124211 1124223 1124308 1124453 1124453
                        1124485 1124486 1124487 1124488 1124489 1124644 1124658 1124781
                        1124781 1124799 1124800 1124802 1124803 1124805 1124806 1124824
                        1124825 1124826 1124827 1124869 1124869 1124885 1125099 1125113
                        1125281 1125306 1125372 1125373 1125401 1125410 1125671 1125815
                        1125882 1125950 1125992 1126088 1126088 1126101 1126117 1126118
                        1126119 1126220 1126377 1126443 1126826 1126829 1126831 1127080
                        1127173 1127367 1127367 1127369 1127369 1127370 1127370 1127544
                        1127760 1127760 1127838 1127840 1127857 1127857 1127923 1127924
                        1128140 1128140 1128158 1128322 1128325 1128355 1128376 1128392
                        1128471 1128472 1128474 1128476 1128480 1128481 1128490 1128492
                        1128493 1128525 1128746 1128794 1128845 1128845 1129112 1129124
                        1129180 1129186 1129186 1129271 1129272 1129389 1129403 1129452
                        1129566 1129586 1129586 1129696 1129706 1129714 1129889 1129925
                        1130028 1130041 1130085 1130097 1130103 1130103 1130165 1130325
                        1130326 1130489 1130496 1130496 1130557 1130588 1130611 1130617
                        1130620 1130622 1130623 1130627 1130721 1130721 1130843 1130981
                        1131060 1131264 1131291 1131314 1131314 1131378 1131493 1131513
                        1131553 1131553 1131670 1131686 1131808 1131916 1131941 1131945
                        1131945 1131960 1132174 1132323 1132350 1132455 1132458 1132530
                        1132666 1132676 1132692 1132728 1132728 1132728 1132729 1132729
                        1132732 1132732 1132732 1132734 1132869 1132903 1132919 1133024
                        1133097 1133107 1133131 1133133 1133135 1133162 1133232 1133306
                        1133384 1133528 1133581 1133790 1133817 1133866 1133988 1133997
                        1134001 1134068 1134078 1134106 1134134 1134156 1134179 1134213
                        1134510 1134524 1134659 1134670 1134718 1135189 1135189 1135228
                        1135228 1135254 1135257 1135263 1135460 1135487 1135592 1135667
                        1135709 1135727 1135729 1135855 1136021 1136021 1136035 1136112
                        1136113 1136132 1136136 1136184 1136234 1136266 1136267 1136440
                        1136440 1136444 1136515 1136538 1136542 1136572 1136584 1136857
                        1136882 1136933 1136936 1136974 1137264 1137373 1137384 1137385
                        1137477 1137860 1137891 1137891 1138034 1138165 1138177 1138201
                        1138254 1138457 1138529 1138666 1138715 1138731 1138731 1138746
                        1138767 1138797 1138920 1138920 1138977 1139073 1139176 1139176
                        1139268 1139584 1139649 1139667 1139715 1139727 1139915 1140016
                        1140126 1140130 1140205 1140205 1140255 1140341 1140359 1140461
                        1140548 1140565 1140565 1140565 1140697 1140709 1140754 1140844
                        1141025 1141089 1141168 1141190 1141322 1141322 1141334 1141680
                        1141780 1141780 1141780 1141781 1141782 1141782 1141782 1141783
                        1141783 1141783 1141784 1141784 1141785 1141785 1141785 1141786
                        1141787 1141787 1141787 1141788 1141789 1141789 1141789 1141844
                        1141883 1141897 1141897 1141913 1141969 1141980 1141980 1142041
                        1142155 1142160 1142343 1142413 1142467 1142470 1142518 1142526
                        1142579 1142582 1142649 1142649 1142649 1142654 1142662 1142675
                        1142679 1142770 1142772 1142825 1142832 1142835 1142847 1142899
                        1142988 1143033 1143080 1143349 1143386 1143409 1143436 1143454
                        1143578 1143581 1143582 1143584 1143609 1143650 1143650 1143913
                        1144051 1144065 1144092 1144100 1144102 1144170 1144211 1144265
                        1144282 1144312 1144363 1144363 1144441 1144442 1144442 1144504
                        1144504 1144506 1144522 1144621 1144729 1144754 1144881 1144881
                        1144923 1145085 1145622 1145693 1145864 1146172 1146188 1146257
                        1146299 1146321 1146358 1146359 1146462 1146463 1146467 1146468
                        1146475 1146608 1146610 1146648 1146705 1146853 1146853 1146854
                        1146882 1146884 1146907 1147021 1148163 1148184 1148244 1148517
                        1148517 1148643 1148644 1148645 1148768 1149002 1149110 1149145
                        1149145 1149205 1149316 1149322 1149414 1149458 1149458 1149528
                        1149686 1149789 1149789 1149792 1149792 1149792 1149792 1149792
                        1149792 1149792 1149792 1149829 1149840 1149887 1149954 1149995
                        1150003 1150058 1150114 1150130 1150133 1150137 1150164 1150190
                        1150250 1150397 1150451 1150690 1150868 1150868 1150870 1150870
                        1151059 1151178 1151317 1151398 1151418 1151481 1151488 1151557
                        1151558 1151591 1151630 1151839 1151867 1152308 1152308 1152308
                        1152567 1152590 1152590 1152598 1152684 1152692 1152806 1152856
                        1152856 1152928 1152964 1152968 1152990 1152992 1152994 1152995
                        1153102 1153165 1153168 1153244 1153311 1153337 1153367 1153625
                        1153666 1153768 1153770 1153774 1153839 1154016 1154025 1154036
                        1154037 1154092 1154167 1154212 1154212 1154212 1154217 1154247
                        1154357 1154365 1154393 1154533 1154661 1154751 1154862 1154877
                        1154884 1154887 1154972 1155141 1155217 1155271 1155305 1155327
                        1155346 1155376 1155423 1155815 1155951 1155953 1156067 1156067
                        1156139 1156150 1156150 1156194 1156194 1156275 1156288 1156421
                        1156501 1156646 1156669 1156677 1156694 1156721 1156908 1156913
                        1157040 1157041 1157098 1157104 1157117 1157190 1157268 1157354
                        1157453 1157473 1157663 1157685 1157711 1157754 1157755 1157763
                        1157763 1157805 1157818 1157894 1157901 1157902 1157960 1158194
                        1158271 1158377 1158442 1158505 1158527 1158590 1158664 1158681
                        1158681 1158691 1158698 1158707 1158785 1158787 1158788 1158789
                        1158790 1158791 1158792 1158793 1158795 1158809 1158812 1158830
                        1158830 1158918 1158955 1158958 1158959 1158960 1159006 1159018
                        1159086 1159104 1159130 1159131 1159133 1159235 1159293 1159460
                        1159478 1159479 1159482 1159486 1159488 1159491 1159530 1159538
                        1159548 1159671 1159715 1159819 1159819 1159847 1159850 1159973
                        1160086 1160171 1160254 1160260 1160270 1160309 1160398 1160414
                        1160438 1160439 1160446 1160452 1160452 1160460 1160462 1160551
                        1160564 1160590 1160590 1160611 1160612 1160613 1160614 1160615
                        1160770 1160770 1160782 1160790 1160873 1160876 1160924 1160933
                        1160933 1160933 1160968 1160968 1160968 1160968 1160978 1161007
                        1161007 1161052 1161088 1161089 1161132 1161133 1161264 1161557
                        1161670 1161698 1161791 1161816 1161850 1161898 1161913 1162090
                        1162090 1162152 1162197 1162200 1162221 1162388 1162395 1162396
                        1162418 1162432 1162433 1162585 1162610 1162705 1162707 1162868
                        1162882 1162936 1162937 1162972 1163178 1163178 1163252 1163333
                        1163381 1163513 1163744 1163882 1163933 1163978 1163985 1164084
                        1164090 1164310 1164390 1164434 1164440 1164459 1164550 1164562
                        1164569 1164719 1164720 1164736 1164804 1164818 1164819 1164903
                        1165050 1165121 1165161 1165198 1165241 1165296 1165572 1165578
                        1165587 1165710 1165715 1165730 1165738 1165780 1165823 1165960
                        1166049 1166066 1166334 1166467 1166510 1166510 1166537 1166619
                        1166637 1166647 1166758 1166821 1166821 1166844 1166881 1166924
                        1166925 1166943 1166968 1166968 1167213 1167223 1167240 1167244
                        1167400 1167416 1167462 1167541 1167601 1167602 1167603 1167618
                        1167644 1167732 1167746 1167810 1167896 1167898 1167907 1167919
                        1167939 1167939 1167976 1168067 1168170 1168326 1168345 1168352
                        1168416 1168422 1168480 1168481 1168481 1168481 1168806 1168840
                        1168862 1168865 1168921 1168930 1168934 1168938 1168943 1168973
                        1169042 1169063 1169365 1169420 1169444 1169489 1169494 1169511
                        1169511 1169511 1169512 1169549 1169553 1169573 1169574 1169575
                        1169576 1169578 1169580 1169582 1169599 1169614 1169664 1169668
                        1169732 1169732 1169740 1169746 1169766 1169780 1169921 1169978
                        1170085 1170154 1170160 1170160 1170160 1170244 1170247 1170264
                        1170347 1170347 1170411 1170420 1170420 1170446 1170446 1170452
                        1170461 1170468 1170475 1170476 1170527 1170598 1170599 1170603
                        1170605 1170606 1170609 1170654 1170671 1170672 1170719 1170720
                        1170726 1170756 1170757 1170792 1170838 1170856 1170863 1170863
                        1170935 1170956 1171033 1171213 1171232 1171232 1171233 1171233
                        1171257 1171281 1171344 1171344 1171352 1171352 1171355 1171415
                        1171433 1171465 1171467 1171469 1171475 1171479 1171479 1171512
                        1171546 1171549 1171550 1171555 1171566 1171566 1171578 1171586
                        1171656 1171696 1171696 1171704 1171705 1171769 1171819 1171847
                        1171862 1171889 1171899 1171924 1171978 1171995 1171998 1172022
                        1172037 1172055 1172091 1172105 1172115 1172116 1172121 1172156
                        1172161 1172175 1172176 1172177 1172184 1172186 1172234 1172236
                        1172240 1172277 1172279 1172301 1172303 1172377 1172389 1172396
                        1172442 1172445 1172466 1172504 1172526 1172562 1172563 1172581
                        1172608 1172640 1172645 1172651 1172674 1172681 1172709 1172768
                        1172798 1172798 1172802 1172807 1172831 1172834 1172838 1172839
                        1172846 1172856 1172861 1172863 1172863 1172898 1172906 1172908
                        1172928 1172929 1172935 1172961 1172973 1172974 1173034 1173103
                        1173136 1173169 1173197 1173202 1173202 1173226 1173238 1173240
                        1173258 1173334 1173351 1173356 1173357 1173389 1173391 1173404
                        1173407 1173407 1173407 1173407 1173407 1173407 1173409 1173410
                        1173419 1173441 1173465 1173466 1173467 1173469 1173471 1173474
                        1173475 1173522 1173535 1173554 1173557 1173566 1173578 1173578
                        1173580 1173581 1173581 1173584 1173592 1173594 1173594 1173600
                        1173606 1173641 1173674 1173678 1173703 1173866 1173893 1173910
                        1173926 1173932 1173972 1173982 1173986 1173991 1173997 1174009
                        1174025 1174075 1174075 1174075 1174075 1174117 1174121 1174147
                        1174157 1174157 1174157 1174162 1174163 1174167 1174201 1174227
                        1174229 1174230 1174284 1174297 1174304 1174304 1174306 1174306
                        1174315 1174325 1174405 1174414 1174415 1174420 1174429 1174439
                        1174443 1174443 1174444 1174444 1174459 1174465 1174470 1174491
                        1174514 1174538 1174541 1174543 1174544 1174557 1174571 1174593
                        1174610 1174618 1174628 1174628 1174633 1174635 1174638 1174673
                        1174697 1174712 1174731 1174732 1174743 1174743 1174745 1174753
                        1174791 1174791 1174791 1174791 1174817 1174837 1174837 1174847
                        1174854 1174894 1174895 1174908 1174910 1174913 1174920 1174922
                        1174923 1174937 1174937 1174937 1174937 1174961 1174965 1174994
                        1175006 1175081 1175132 1175168 1175173 1175174 1175193 1175194
                        1175198 1175204 1175219 1175230 1175239 1175250 1175251 1175259
                        1175289 1175295 1175297 1175429 1175448 1175449 1175485 1175519
                        1175555 1175558 1175596 1175609 1175609 1175610 1175610 1175616
                        1175617 1175622 1175631 1175660 1175686 1175709 1175724 1175729
                        1175729 1175740 1175740 1175741 1175741 1175752 1175753 1175791
                        1175821 1175821 1175825 1175828 1175886 1175957 1175960 1175989
                        1176005 1176007 1176015 1176029 1176052 1176061 1176102 1176103
                        1176112 1176116 1176123 1176129 1176129 1176132 1176134 1176134
                        1176206 1176243 1176256 1176257 1176258 1176259 1176262 1176285
                        1176293 1176325 1176330 1176368 1176369 1176384 1176389 1176409
                        1176412 1176421 1176427 1176492 1176547 1176676 1176708 1176716
                        1176756 1176756 1176756 1176759 1176764 1176784 1176785 1176785
                        1176858 1176859 1176899 1176908 1176909 1176910 1176932 1176934
                        1176964 1176977 1176977 1177039 1177047 1177083 1177120 1177125
                        1177127 1177161 1177179 1177180 1177222 1177229 1177233 1177233
                        1177257 1177315 1177315 1177315 1177406 1177421 1177460 1177460
                        1177460 1177460 1177460 1177460 1177460 1177460 1177472 1177479
                        1177488 1177507 1177508 1177523 1177526 1177526 1177542 1177568
                        1177575 1177580 1177580 1177582 1177596 1177616 1177616 1177648
                        1177673 1177684 1177691 1177747 1177789 1177793 1177858 1177860
                        1177860 1177862 1177864 1177872 1177884 1177902 1177914 1177928
                        1177943 1177943 1177943 1177955 1177977 1178021 1178072 1178083
                        1178168 1178169 1178171 1178207 1178228 1178233 1178249 1178291
                        1178331 1178332 1178339 1178341 1178346 1178350 1178351 1178353
                        1178396 1178407 1178415 1178428 1178479 1178481 1178486 1178490
                        1178533 1178577 1178577 1178588 1178593 1178614 1178624 1178624
                        1178666 1178666 1178667 1178667 1178668 1178668 1178670 1178675
                        1178675 1178676 1178692 1178727 1178775 1178801 1178801 1178807
                        1178824 1178829 1178829 1178848 1178874 1178882 1178882 1178903
                        1178927 1178943 1178944 1178961 1178961 1178969 1178971 1178978
                        1179009 1179020 1179025 1179031 1179031 1179032 1179032 1179035
                        1179036 1179113 1179144 1179150 1179151 1179155 1179191 1179203
                        1179224 1179224 1179275 1179316 1179341 1179382 1179416 1179441
                        1179461 1179461 1179465 1179491 1179505 1179524 1179529 1179530
                        1179562 1179562 1179579 1179584 1179594 1179602 1179699 1179727
                        1179729 1179748 1179765 1179805 1179817 1179821 1179821 1179831
                        1179833 1179836 1179837 1179839 1179879 1179893 1179898 1179899
                        1179900 1179901 1179902 1179903 1179921 1179926 1179930 1179931
                        1179932 1179933 1179945 1179945 1179994 1179998 1179998 1179999
                        1180020 1180039 1180039 1180042 1180043 1180043 1180044 1180044
                        1180046 1180046 1180063 1180083 1180099 1180102 1180112 1180125
                        1180125 1180128 1180138 1180145 1180145 1180146 1180146 1180165
                        1180176 1180215 1180224 1180232 1180243 1180304 1180355 1180391
                        1180401 1180401 1180405 1180406 1180414 1180422 1180439 1180451
                        1180454 1180457 1180457 1180461 1180479 1180482 1180492 1180515
                        1180520 1180539 1180547 1180558 1180583 1180584 1180585 1180596
                        1180603 1180603 1180623 1180623 1180713 1180719 1180753 1180757
                        1180781 1180781 1180947 1180994 1180994 1180995 1180995 1181011
                        1181048 1181050 1181058 1181118 1181122 1181124 1181131 1181131
                        1181165 1181173 1181201 1181201 1181202 1181202 1181221 1181223
                        1181228 1181239 1181239 1181239 1181256 1181283 1181283 1181290
                        1181334 1181358 1181368 1181400 1181400 1181400 1181411 1181414
                        1181414 1181416 1181419 1181423 1181436 1181443 1181452 1181453
                        1181474 1181475 1181475 1181483 1181541 1181551 1181551 1181571
                        1181571 1181571 1181586 1181591 1181594 1181598 1181599 1181600
                        1181601 1181618 1181635 1181641 1181644 1181646 1181658 1181677
                        1181715 1181730 1181730 1181731 1181732 1181732 1181749 1181765
                        1181805 1181807 1181814 1181831 1181848 1181848 1181872 1181915
                        1181936 1181944 1181963 1181967 1181976 1181994 1181995 1181995
                        1182001 1182006 1182008 1182009 1182016 1182026 1182026 1182039
                        1182040 1182053 1182057 1182057 1182071 1182091 1182092 1182104
                        1182105 1182115 1182115 1182147 1182163 1182165 1182166 1182168
                        1182169 1182181 1182186 1182200 1182201 1182211 1182244 1182252
                        1182252 1182264 1182281 1182284 1182287 1182289 1182293 1182314
                        1182331 1182333 1182339 1182343 1182344 1182345 1182347 1182357
                        1182357 1182376 1182382 1182421 1182422 1182451 1182476 1182481
                        1182482 1182482 1182492 1182506 1182510 1182529 1182529 1182545
                        1182545 1182545 1182603 1182604 1182614 1182614 1182645 1182653
                        1182661 1182685 1182708 1182731 1182739 1182748 1182754 1182774
                        1182774 1182779 1182790 1182793 1182804 1182807 1182808 1182809
                        1182811 1182812 1182830 1182863 1182882 1182884 1182893 1182898
                        1182906 1182909 1182912 1182947 1182955 1182959 1182963 1183012
                        1183024 1183026 1183051 1183059 1183094 1183118 1183118 1183137
                        1183154 1183168 1183247 1183291 1183308 1183353 1183360 1183374
                        1183414 1183415 1183425 1183453 1183511 1183543 1183545 1183572
                        1183574 1183580 1183655 1183659 1183777 1183818 1183855 1183858
                        1183878 1183904 1183909 1183939 1183942 1183942 1183942 1183959
                        1183969 1184008 1184022 1184072 1184085 1184110 1184122 1184122
                        1184122 1184122 1184123 1184123 1184123 1184123 1184123 1184124
                        1184124 1184124 1184124 1184124 1184128 1184147 1184147 1184153
                        1184161 1184172 1184173 1184174 1184184 1184221 1184222 1184253
                        1184274 1184309 1184353 1184354 1184355 1184356 1184357 1184358
                        1184366 1184367 1184368 1184372 1184373 1184374 1184375 1184376
                        1184377 1184378 1184379 1184380 1184399 1184422 1184435 1184454
                        1184505 1184507 1184519 1184527 1184532 1184533 1184534 1184536
                        1184543 1184555 1184555 1184606 1184620 1184644 1184648 1184677
                        1184689 1184699 1184720 1184745 1184751 1184752 1184755 1184755
                        1184757 1184758 1184768 1184774 1184774 1184786 1184794 1184796
                        1184797 1184798 1184807 1184812 1184823 1184882 1184897 1184906
                        1184920 1184960 1184960 1184961 1184962 1184988 1185002 1185033
                        1185055 1185055 1185055 1185056 1185056 1185066 1185067 1185069
                        1185070 1185073 1185074 1185075 1185086 1185090 1185090 1185092
                        1185093 1185103 1185128 1185152 1185155 1185157 1185161 1185171
                        1185175 1185178 1185183 1185184 1185198 1185208 1185216 1185217
                        1185218 1185232 1185232 1185232 1185234 1185261 1185261 1185261
                        1185281 1185287 1185299 1185348 1185382 1185383 1185384 1185385
                        1185386 1185387 1185388 1185389 1185390 1185391 1185392 1185393
                        1185405 1185405 1185417 1185424 1185441 1185441 1185441 1185447
                        1185464 1185464 1185476 1185505 1185534 1185540 1185562 1185588
                        1185597 1185605 1185621 1185621 1185627 1185633 1185633 1185643
                        1185652 1185654 1185662 1185673 1185674 1185685 1185686 1185688
                        1185690 1185691 1185697 1185702 1185702 1185712 1185715 1185748
                        1185768 1185780 1185797 1185848 1185849 1185868 1185870 1185872
                        1185882 1185895 1185900 1185904 1185905 1185910 1185913 1185924
                        1185925 1185926 1185937 1185952 1185961 1185961 1185991 1185993
                        1186004 1186049 1186053 1186088 1186092 1186110 1186119 1186192
                        1186198 1186199 1186203 1186226 1186236 1186239 1186240 1186247
                        1186253 1186262 1186282 1186328 1186328 1186329 1186347 1186382
                        1186397 1186398 1186406 1186431 1186489 1186495 1186503 1186506
                        1186511 1186583 1186586 1186587 1186596 1186597 1186598 1186600
                        1186602 1186603 1186604 1186605 1186613 1186614 1186615 1186616
                        1186642 1186642 1186642 1186642 1186642 1186642 1186642 1186642
                        1186642 1186642 1186642 1186642 1186642 1186642 1186642 1186642
                        1186643 1186651 1186658 1186660 1186663 1186674 1186687 1186696
                        1186696 1186706 1186706 1186749 1186756 1186757 1186758 1186761
                        1186762 1186763 1186790 1186791 1186819 1186827 1186827 1186849
                        1186859 1186861 1186863 1186870 1186870 1186945 1187045 1187071
                        1187071 1187080 1187091 1187117 1187153 1187224 1187258 1187260
                        1187260 1187260 1187273 1187310 1187332 1187338 1187372 1187373
                        1187386 1187395 1187418 1187418 1187419 1187419 1187420 1187425
                        1187433 1187446 1187446 1187450 1187459 1187460 1187461 1187464
                        1187464 1187466 1187509 1187515 1187567 1187587 1187618 1187654
                        1187662 1187668 1187670 1187678 1187686 1187696 1187696 1187704
                        1187738 1187748 1187751 1187751 1187760 1187767 1187818 1187819
                        1187852 1187869 1187871 1187880 1187911 1187921 1187939 1187941
                        1187948 1187982 1188004 1188006 1188034 1188086 1188118 1188127
                        1188156 1188159 1188160 1188160 1188161 1188161 1188178 1188179
                        1188232 1188275 1188275 1188278 1188279 1188282 1188282 1188284
                        1188348 1188348 1188374 1188375 1188401 1188435 1188437 1188438
                        1188456 1188457 1188458 1188459 1188460 1188461 1188462 1188463
                        1188464 1188465 1188466 1188468 1188468 1188469 1188469 1188514
                        1188524 1188527 1188529 1188539 1188540 1188548 1188564 1188564
                        1188564 1188565 1188565 1188565 1188566 1188566 1188569 1188572
                        1188576 1188607 1188619 1188623 1188638 1188639 1188645 1188652
                        1188680 1188727 1188733 1188743 1188843 1188848 1188849 1188867
                        1188868 1188875 1188875 1188881 1188882 1188891 1188891 1188891
                        1188891 1188904 1188911 1188926 1188941 1188967 1188967 1188970
                        1188992 1189017 1189028 1189031 1189041 1189097 1189106 1189124
                        1189142 1189166 1189201 1189241 1189247 1189282 1189287 1189325
                        1189332 1189333 1189334 1189335 1189338 1189343 1189345 1189346
                        1189348 1189350 1189362 1189375 1189467 1189477 1189481 1189496
                        1189517 1189521 1189521 1189528 1189529 1189530 1189531 1189532
                        1189533 1189537 1189540 1189547 1189547 1189591 1189602 1189602
                        1189649 1189649 1189659 1189680 1189683 1189720 1189724 1189743
                        1189748 1189749 1189792 1189798 1189802 1189813 1189875 1189935
                        1189996 1190052 1190059 1190069 1190069 1190091 1190107 1190141
                        1190190 1190199 1190223 1190225 1190244 1190250 1190252 1190269
                        1190269 1190274 1190312 1190315 1190375 1190375 1190381 1190400
                        1190420 1190447 1190462 1190465 1190487 1190488 1190489 1190493
                        1190509 1190535 1190538 1190558 1190566 1190591 1190606 1190607
                        1190611 1190612 1190615 1190616 1190617 1190618 1190649 1190660
                        1190663 1190670 1190693 1190695 1190698 1190698 1190698 1190710
                        1190712 1190718 1190719 1190722 1190723 1190726 1190729 1190733
                        1190734 1190735 1190736 1190740 1190741 1190787 1190790 1190793
                        1190815 1190824 1190826 1190858 1190885 1190886 1190896 1190917
                        1190940 1190943 1190975 1190987 1191011 1191015 1191015 1191021
                        1191021 1191036 1191055 1191057 1191096 1191121 1191121 1191122
                        1191157 1191205 1191224 1191242 1191332 1191332 1191334 1191334
                        1191355 1191375 1191381 1191418 1191422 1191431 1191432 1191434
                        1191434 1191467 1191468 1191468 1191473 1191473 1191525 1191546
                        1191546 1191546 1191546 1191592 1191619 1191668 1191668 1191681
                        1191717 1191736 1191743 1191782 1191788 1191794 1191815 1191821
                        1191833 1191837 1191880 1191895 1191901 1191901 1191902 1191903
                        1191903 1191904 1191904 1191904 1191905 1191905 1191906 1191906
                        1191908 1191909 1191909 1191909 1191910 1191910 1191910 1191911
                        1191911 1191911 1191912 1191912 1191912 1191913 1191913 1191913
                        1191914 1191914 1191914 1191942 1191944 1191987 1192017 1192019
                        1192023 1192029 1192050 1192051 1192052 1192053 1192062 1192079
                        1192079 1192080 1192080 1192086 1192086 1192087 1192087 1192104
                        1192119 1192146 1192146 1192214 1192215 1192228 1192228 1192246
                        1192247 1192249 1192250 1192250 1192252 1192267 1192272 1192283
                        1192284 1192298 1192343 1192346 1192425 1192426 1192427 1192439
                        1192449 1192460 1192467 1192498 1192505 1192516 1192523 1192556
                        1192580 1192589 1192601 1192615 1192616 1192648 1192652 1192653
                        1192697 1192717 1192830 1192838 1192840 1192841 1192849 1192862
                        1192872 1192916 1192951 1192963 1192963 1192963 1192975 1193030
                        1193035 1193041 1193041 1193081 1193179 1193184 1193184 1193204
                        1193236 1193241 1193257 1193258 1193273 1193282 1193282 1193314
                        1193314 1193314 1193321 1193364 1193429 1193430 1193435 1193436
                        1193437 1193444 1193485 1193485 1193489 1193491 1193531 1193534
                        1193562 1193568 1193569 1193576 1193580 1193600 1193611 1193611
                        1193617 1193623 1193627 1193659 1193662 1193672 1193711 1193718
                        1193719 1193722 1193732 1193733 1193742 1193743 1193743 1193795
                        1193795 1193868 1193887 1193888 1193894 1193911 1193921 1193921
                        1193929 1193930 1193951 1193951 1193981 1194006 1194020 1194041
                        1194045 1194047 1194127 1194131 1194165 1194166 1194167 1194168
                        1194169 1194170 1194171 1194172 1194172 1194179 1194181 1194198
                        1194203 1194215 1194232 1194261 1194299 1194303 1194304 1194319
                        1194333 1194334 1194338 1194351 1194366 1194375 1194522 1194530
                        1194537 1194539 1194547 1194547 1194550 1194557 1194601 1194633
                        1194640 1194648 1194663 1194679 1194708 1194715 1194731 1194735
                        1194768 1194770 1194780 1194783 1194785 1194799 1194842 1194843
                        1194844 1194845 1194907 1194925 1194925 1194926 1194926 1194926
                        1194927 1194927 1194928 1194928 1194928 1194929 1194929 1194929
                        1194930 1194930 1194931 1194931 1194931 1194931 1194932 1194932
                        1194932 1194933 1194933 1194933 1194934 1194934 1194934 1194935
                        1194935 1194935 1194937 1194937 1194937 1194939 1194939 1194939
                        1194940 1194940 1194940 1194941 1194941 1194941 1194968 1194992
                        1195057 1195058 1195059 1195076 1195085 1195095 1195096 1195108
                        1195108 1195115 1195146 1195149 1195157 1195163 1195163 1195212
                        1195215 1195229 1195230 1195255 1195257 1195258 1195283 1195325
                        1195328 1195334 1195339 1195359 1195387 1195389 1195389 1195391
                        1195391 1195391 1195391 1195414 1195414 1195437 1195437 1195438
                        1195438 1195458 1195468 1195491 1195548 1195557 1195564 1195564
                        1195628 1195654 1195662 1195680 1195682 1195682 1195697 1195771
                        1195773 1195773 1195779 1195780 1195781 1195784 1195785 1195792
                        1195797 1195805 1195838 1195838 1195856 1195866 1195867 1195868
                        1195869 1195870 1195881 1195895 1195916 1195924 1195925 1195964
                        1195965 1196016 1196017 1196025 1196026 1196044 1196046 1196072
                        1196093 1196107 1196122 1196125 1196137 1196147 1196148 1196149
                        1196150 1196168 1196169 1196171 1196177 1196180 1196182 1196205
                        1196212 1196219 1196222 1196275 1196305 1196328 1196332 1196332
                        1196336 1196338 1196338 1196406 1196408 1196435 1196441 1196441
                        1196485 1196494 1196495 1196499 1196500 1196556 1196577 1196621
                        1196625 1196644 1196647 1196652 1196660 1196673 1196681 1196696
                        1196704 1196739 1196784 1196785 1196803 1196804 1196809 1196809
                        1196861 1196877 1196900 1196900 1196918 1196955 1196972 1197004
                        1197017 1197020 1197024 1197028 1197045 1197045 1197046 1197046
                        1197065 1197066 1197068 1197072 1197073 1197074 1197084 1197085
                        1197113 1197126 1197132 1197135 1197135 1197136 1197143 1197216
                        1197239 1197255 1197269 1197272 1197279 1197284 1197284 1197284
                        1197288 1197293 1197298 1197298 1197341 1197356 1197428 1197443
                        1197480 1197507 1197517 1197570 1197590 1197592 1197599 1197606
                        1197616 1197631 1197634 1197636 1197642 1197644 1197644 1197684
                        1197689 1197697 1197698 1197699 1197699 1197703 1197708 1197711
                        1197713 1197714 1197716 1197718 1197726 1197728 1197729 1197738
                        1197742 1197743 1197745 1197767 1197768 1197771 1197773 1197775
                        1197776 1197781 1197783 1197787 1197790 1197792 1197793 1197794
                        1197796 1197797 1197798 1197799 1197818 1197830 1197831 1197841
                        1197848 1197852 1197853 1197854 1197861 1197862 1197864 1197903
                        1197903 1198001 1198001 1198062 1198062 1198068 1198106 1198127
                        1198127 1198136 1198165 1198166 1198176 1198197 1198202 1198234
                        1198234 1198237 1198237 1198258 1198279 1198312 1198331 1198341
                        1198389 1198404 1198405 1198408 1198422 1198441 1198446 1198458
                        1198458 1198458 1198486 1198486 1198489 1198494 1198504 1198511
                        1198518 1198521 1198576 1198581 1198581 1198581 1198603 1198604
                        1198605 1198606 1198607 1198609 1198610 1198611 1198612 1198613
                        1198627 1198628 1198629 1198630 1198631 1198632 1198633 1198634
                        1198635 1198636 1198637 1198638 1198639 1198640 1198647 1198657
                        1198668 1198670 1198671 1198671 1198671 1198672 1198672 1198672
                        1198673 1198673 1198673 1198674 1198674 1198674 1198675 1198675
                        1198675 1198693 1198717 1198718 1198720 1198732 1198739 1198740
                        1198740 1198744 1198751 1198752 1198780 1198780 1198792 1198794
                        1198801 1198814 1198823 1198828 1198830 1198832 1198833 1198897
                        1198897 1198900 1198913 1198919 1198921 1198922 1198925 1198925
                        1198932 1198939 1198952 1198953 1198970 1198970 1198970 1198976
                        1198979 1198980 1198980 1198980 1199006 1199025 1199042 1199044
                        1199060 1199060 1199064 1199079 1199093 1199140 1199140 1199166
                        1199170 1199183 1199209 1199232 1199232 1199235 1199240 1199242
                        1199244 1199245 1199246 1199248 1199253 1199258 1199274 1199282
                        1199282 1199282 1199283 1199287 1199308 1199338 1199350 1199372
                        1199377 1199423 1199431 1199460 1199463 1199467 1199474 1199475
                        1199492 1199558 1199565 1199623 1199652 1199653 1199668 1199668
                        1199668 1199668 1199716 1199718 1199722 1199742 1199756 1199756
                        1199768 1199768 1199782 1199818 1199853 1199868 1199895 1199895
                        1199895 1199905 1199928 1199944 1199978 1199987 1200022 1200027
                        1200027 1200027 1200027 1200064 1200088 1200105 1200106 1200110
                        1200120 1200122 1200129 1200129 1200145 1200148 1200149 1200163
                        1200170 1200262 1200278 1200286 1200295 1200303 1200316 1200316
                        1200317 1200321 1200323 1200330 1200334 1200338 1200340 1200341
                        1200345 1200348 1200350 1200352 1200363 1200364 1200369 1200387
                        1200388 1200389 1200407 1200426 1200437 1200441 1200441 1200441
                        1200441 1200441 1200441 1200441 1200441 1200441 1200441 1200441
                        1200441 1200441 1200441 1200441 1200499 1200501 1200505 1200528
                        1200550 1200553 1200581 1200603 1200614 1200614 1200624 1200628
                        1200628 1200645 1200645 1200649 1200657 1200657 1200685 1200699
                        1200723 1200734 1200735 1200736 1200737 1200747 1200748 1200750
                        1200771 1200772 1200791 1200793 1200793 1200793 1200793 1200800
                        1200802 1200833 1200843 1200855 1200855 1200885 1200900 1200901
                        1200907 1200965 1200969 1200978 1200993 1201011 1201041 1201055
                        1201059 1201064 1201066 1201081 1201082 1201092 1201103 1201129
                        1201157 1201161 1201162 1201163 1201164 1201165 1201166 1201167
                        1201168 1201169 1201170 1201174 1201175 1201176 1201183 1201192
                        1201207 1201207 1201209 1201213 1201214 1201221 1201225 1201234
                        1201247 1201254 1201255 1201267 1201276 1201298 1201298 1201298
                        1201298 1201316 1201317 1201325 1201326 1201327 1201328 1201385
                        1201395 1201431 1201431 1201466 1201511 1201519 1201560 1201576
                        1201590 1201604 1201612 1201617 1201627 1201634 1201634 1201638
                        1201640 1201643 1201680 1201684 1201684 1201684 1201684 1201684
                        1201685 1201685 1201685 1201689 1201689 1201692 1201692 1201692
                        1201692 1201692 1201694 1201694 1201694 1201694 1201694 1201716
                        1201723 1201727 1201745 1201758 1201758 1201758 1201758 1201783
                        1201788 1201795 1201797 1201826 1201831 1201835 1201837 1201840
                        1201866 1201870 1201933 1201942 1201945 1201971 1201972 1201976
                        1201980 1202020 1202021 1202026 1202062 1202077 1202100 1202101
                        1202105 1202120 1202146 1202146 1202157 1202169 1202170 1202232
                        1202250 1202269 1202292 1202310 1202324 1202337 1202364 1202368
                        1202417 1202427 1202427 1202436 1202436 1202436 1202466 1202467
                        1202468 1202498 1202498 1202585 1202593 1202608 1202624 1202642
                        1202645 1202645 1202645 1202645 1202647 1202657 1202684 1202692
                        1202692 1202706 1202733 1202750 1202760 1202792 1202802 1202807
                        1202816 1202821 1202821 1202826 1202850 1202850 1202853 1202863
                        1202868 1202870 1202870 1202870 1202932 1202933 1202937 1202966
                        1202967 1202968 1202969 1202970 1202971 1202973 1202986 1203007
                        1203018 1203024 1203054 1203079 1203106 1203125 1203147 1203149
                        1203153 1203154 1203154 1203158 1203164 1203170 1203181 1203185
                        1203185 1203186 1203202 1203215 1203220 1203246 1203248 1203249
                        1203250 1203262 1203273 1203274 1203299 1203307 1203316 1203324
                        1203344 1203355 1203367 1203375 1203378 1203379 1203382 1203388
                        1203408 1203430 1203438 1203446 1203450 1203453 1203459 1203476
                        1203476 1203477 1203477 1203515 1203516 1203520 1203530 1203537
                        1203600 1203602 1203614 1203614 1203618 1203619 1203619 1203620
                        1203620 1203649 1203651 1203672 1203673 1203674 1203677 1203680
                        1203681 1203715 1203741 1203742 1203743 1203743 1203743 1203743
                        1203759 1203779 1203818 1203831 1203832 1203867 1203867 1203868
                        1203870 1203870 1203896 1203911 1203957 1203966 1203973 1203973
                        1203988 1203989 1204023 1204024 1204025 1204066 1204068 1204091
                        1204111 1204112 1204113 1204145 1204173 1204179 1204244 1204256
                        1204257 1204258 1204272 1204276 1204284 1204357 1204364 1204369
                        1204370 1204383 1204386 1204391 1204397 1204411 1204412 1204416
                        1204421 1204421 1204421 1204422 1204425 1204425 1204430 1204451
                        1204455 1204456 1204468 1204468 1204468 1204471 1204471 1204471
                        1204472 1204472 1204472 1204472 1204473 1204473 1204473 1204473
                        1204475 1204475 1204475 1204475 1204480 1204480 1204480 1204502
                        1204523 1204526 1204527 1204537 1204538 1204548 1204549 1204549
                        1204556 1204577 1204577 1204577 1204633 1204641 1204642 1204643
                        1204644 1204645 1204649 1204690 1204696 1204703 1204706 1204708
                        1204720 1204729 1204729 1204734 1204781 1204782 1204788 1204822
                        1204835 1204844 1204867 1204917 1204918 1204941 1204944 1204956
                        1204968 1204979 1204979 1205000 1205000 1205025 1205033 1205042
                        1205089 1205116 1205119 1205120 1205121 1205122 1205123 1205124
                        1205125 1205132 1205138 1205142 1205148 1205150 1205156 1205162
                        1205162 1205236 1205244 1205253 1205266 1205267 1205270 1205270
                        1205272 1205275 1205281 1205284 1205300 1205302 1205302 1205305
                        1205318 1205323 1205340 1205375 1205377 1205388 1205392 1205418
                        1205422 1205436 1205446 1205502 1205512 1205518 1205529 1205535
                        1205563 1205564 1205570 1205588 1205599 1205628 1205629 1205636
                        1205647 1205664 1205759 1205782 1205822 1205874 1205874 1205875
                        1205876 1205877 1205878 1205879 1205916 1205916 1205917 1205941
                        1205962 1205968 1205990 1206017 1206018 1206022 1206023 1206040
                        1206044 1206065 1206065 1206067 1206082 1206134 1206134 1206135
                        1206158 1206189 1206189 1206190 1206204 1206205 1206206 1206212
                        1206212 1206235 1206235 1206242 1206242 1206300 1206301 1206302
                        1206303 1206306 1206307 1206308 1206309 1206310 1206311 1206312
                        1206313 1206337 1206346 1206346 1206346 1206360 1206379 1206400
                        1206401 1206412 1206414 1206414 1206414 1206415 1206416 1206417
                        1206428 1206441 1206442 1206442 1206467 1206469 1206471 1206474
                        1206543 1206549 1206549 1206563 1206579 1206622 1206623 1206639
                        1206653 1206667 1206670 1206673 1206716 1206727 1206729 1206737
                        1206750 1206751 1206754 1206778 1206778 1206828 1206840 1206921
                        1206928 1206949 1206958 1206958 1207014 1207029 1207030 1207031
                        1207032 1207033 1207038 1207053 1207112 1207119 1207119 1207133
                        1207181 1207183 1207183 1207183 1207202 1207203 1207209 1207238
                        1207246 1207246 1207246 1207247 1207248 1207248 1207248 1207248
                        1207249 1207249 1207250 1207251 1207264 1207294 1207323 1207325
                        1207327 1207346 1207352 1207358 1207364 1207378 1207379 1207413
                        1207447 1207448 1207450 1207451 1207454 1207455 1207464 1207466
                        1207471 1207471 1207473 1207475 1207520 1207533 1207533 1207534
                        1207536 1207563 1207571 1207587 1207596 1207597 1207599 1207663
                        1207664 1207665 1207667 1207668 1207669 1207674 1207676 1207705
                        1207706 1207712 1207749 1207750 1207753 1207783 1207784 1207789
                        1207815 1207866 1207899 1207922 1207928 1207957 1207973 1207975
                        1207982 1207983 1207989 1207990 1207991 1207992 1207993 1207997
                        1208027 1208028 1208036 1208046 1208047 1208051 1208064 1208065
                        1208067 1208079 1208084 1208086 1208097 1208099 1208102 1208102
                        1208132 1208138 1208138 1208143 1208144 1208144 1208144 1208145
                        1208146 1208199 1208199 1208235 1208237 1208242 1208269 1208269
                        1208270 1208270 1208270 1208271 1208271 1208271 1208272 1208272
                        1208272 1208275 1208276 1208277 1208283 1208288 1208293 1208328
                        1208358 1208363 1208365 1208366 1208366 1208367 1208367 1208388
                        1208413 1208423 1208425 1208426 1208432 1208443 1208470 1208470
                        1208471 1208480 1208481 1208483 1208485 1208487 1208512 1208513
                        1208514 1208515 1208533 1208555 1208574 1208575 1208708 1208723
                        1208723 1208745 1208751 1208790 1208790 1208793 1208793 1208817
                        1208880 1208881 1208905 1208914 1208922 1208962 1208999 1209001
                        1209026 1209030 1209030 1209030 1209047 1209049 1209095 1209122
                        1209128 1209141 1209173 1209188 1209188 1209209 1209210 1209211
                        1209212 1209214 1209255 1209260 1209333 1209353 1209378 1209378
                        1209408 1209429 1209431 1209432 1209461 1209473 1209503 1209531
                        1209533 1209537 1209543 1209548 1209622 1209624 1209646 1209653
                        1209658 1209670 1209713 1209714 1209718 1209839 1209855 1209873
                        1209878 1209881 1209884 1209888 1209934 1209934 1209953 1210062
                        1210073 1210081 1210127 1210127 1210127 1210127 1210128 1210128
                        1210128 1210128 1210129 1210129 1210129 1210129 1210130 1210130
                        1210130 1210130 1210135 1210150 1210151 1210212 1210212 1210227
                        1210295 1210303 1210303 1210308 1210323 1210328 1210382 1210386
                        1210387 1210388 1210389 1210403 1210404 1210405 1210418 1210434
                        1210507 1210548 1210628 1210628 1210631 1210631 1210632 1210632
                        1210634 1210634 1210635 1210635 1210636 1210636 1210637 1210637
                        1210686 1210720 1210720 1210731 1210869 1210938 1210938 1210963
                        1210963 1210981 1211029 1211029 1211030 1211030 1211031 1211031
                        1211073 1211174 1211175 1211175 1211210 1211228 1211228 1211229
                        1211229 1211230 1211231 1211232 1211233 1211955 1215298 14571
                        202339 235071 401964 439805 457699 461372 477603 479659 544958
                        621140 622430 655747 678126 714373 735865 765443 786024 808830
                        862963 882383 903017 910683 914442 917818 928700 928701 944832
                        945190 951902 953659 957624 958150 967251 969953 971074 974847
                        982804 985802 990460 992038 994378 994381 994382 994383 996917
                        997317 999200 CVE-2006-20001 CVE-2008-0171 CVE-2012-6708 CVE-2013-1841
                        CVE-2013-7488 CVE-2014-10401 CVE-2014-10402 CVE-2014-3577 CVE-2014-9116
                        CVE-2014-9636 CVE-2015-20107 CVE-2015-3414 CVE-2015-3415 CVE-2015-5262
                        CVE-2015-9251 CVE-2015-9542 CVE-2016-0705 CVE-2016-10092 CVE-2016-10093
                        CVE-2016-10094 CVE-2016-10745 CVE-2016-2124 CVE-2016-3977 CVE-2016-6223
                        CVE-2016-6328 CVE-2016-9011 CVE-2016-9180 CVE-2016-9396 CVE-2016-9398
                        CVE-2016-9399 CVE-2017-1000128 CVE-2017-1000231 CVE-2017-1000232
                        CVE-2017-11613 CVE-2017-12944 CVE-2017-14132 CVE-2017-14988 CVE-2017-17095
                        CVE-2017-17456 CVE-2017-17457 CVE-2017-17742 CVE-2017-17833 CVE-2017-18013
                        CVE-2017-18199 CVE-2017-18201 CVE-2017-18640 CVE-2017-18926 CVE-2017-2579
                        CVE-2017-2580 CVE-2017-3732 CVE-2017-3736 CVE-2017-5499 CVE-2017-5503
                        CVE-2017-5504 CVE-2017-5505 CVE-2017-5601 CVE-2017-5753 CVE-2017-6512
                        CVE-2017-6888 CVE-2017-7544 CVE-2017-8372 CVE-2017-8373 CVE-2017-9111
                        CVE-2017-9113 CVE-2017-9115 CVE-2017-9782 CVE-2018-0360 CVE-2018-0361
                        CVE-2018-0495 CVE-2018-0732 CVE-2018-0732 CVE-2018-0734 CVE-2018-0737
                        CVE-2018-1000035 CVE-2018-1000073 CVE-2018-1000074 CVE-2018-1000075
                        CVE-2018-1000076 CVE-2018-1000077 CVE-2018-1000078 CVE-2018-1000079
                        CVE-2018-1000223 CVE-2018-1000654 CVE-2018-1000805 CVE-2018-1000876
                        CVE-2018-10017 CVE-2018-10194 CVE-2018-10360 CVE-2018-10392 CVE-2018-10536
                        CVE-2018-10537 CVE-2018-10538 CVE-2018-10539 CVE-2018-10540 CVE-2018-10583
                        CVE-2018-10689 CVE-2018-10733 CVE-2018-10779 CVE-2018-10860 CVE-2018-10892
                        CVE-2018-10906 CVE-2018-10963 CVE-2018-11205 CVE-2018-11212 CVE-2018-11212
                        CVE-2018-11212 CVE-2018-11212 CVE-2018-1122 CVE-2018-1123 CVE-2018-1124
                        CVE-2018-1125 CVE-2018-1126 CVE-2018-11354 CVE-2018-11355 CVE-2018-11356
                        CVE-2018-11356 CVE-2018-11357 CVE-2018-11357 CVE-2018-11358 CVE-2018-11358
                        CVE-2018-11359 CVE-2018-11359 CVE-2018-11360 CVE-2018-11360 CVE-2018-11361
                        CVE-2018-11362 CVE-2018-11362 CVE-2018-11439 CVE-2018-11490 CVE-2018-11710
                        CVE-2018-11805 CVE-2018-12019 CVE-2018-12020 CVE-2018-12086 CVE-2018-12086
                        CVE-2018-12207 CVE-2018-12327 CVE-2018-12384 CVE-2018-12404 CVE-2018-12405
                        CVE-2018-12539 CVE-2018-12648 CVE-2018-12900 CVE-2018-13139 CVE-2018-13139
                        CVE-2018-13440 CVE-2018-13785 CVE-2018-13785 CVE-2018-13785 CVE-2018-13867
                        CVE-2018-14031 CVE-2018-1417 CVE-2018-14339 CVE-2018-14339 CVE-2018-14340
                        CVE-2018-14340 CVE-2018-14341 CVE-2018-14341 CVE-2018-14342 CVE-2018-14342
                        CVE-2018-14343 CVE-2018-14343 CVE-2018-14344 CVE-2018-14344 CVE-2018-14349
                        CVE-2018-14350 CVE-2018-14351 CVE-2018-14352 CVE-2018-14353 CVE-2018-14354
                        CVE-2018-14355 CVE-2018-14356 CVE-2018-14357 CVE-2018-14358 CVE-2018-14359
                        CVE-2018-14360 CVE-2018-14361 CVE-2018-14362 CVE-2018-14363 CVE-2018-14367
                        CVE-2018-14367 CVE-2018-14368 CVE-2018-14368 CVE-2018-14369 CVE-2018-14369
                        CVE-2018-14370 CVE-2018-14370 CVE-2018-14423 CVE-2018-14423 CVE-2018-14598
                        CVE-2018-14599 CVE-2018-14600 CVE-2018-14679 CVE-2018-14680 CVE-2018-14681
                        CVE-2018-14681 CVE-2018-14682 CVE-2018-14682 CVE-2018-1517 CVE-2018-15378
                        CVE-2018-15664 CVE-2018-15664 CVE-2018-15750 CVE-2018-15751 CVE-2018-15908
                        CVE-2018-15909 CVE-2018-15910 CVE-2018-15911 CVE-2018-16056 CVE-2018-16056
                        CVE-2018-16057 CVE-2018-16057 CVE-2018-16058 CVE-2018-16058 CVE-2018-16140
                        CVE-2018-16335 CVE-2018-16375 CVE-2018-16376 CVE-2018-16376 CVE-2018-16395
                        CVE-2018-16396 CVE-2018-16435 CVE-2018-16438 CVE-2018-16468 CVE-2018-16471
                        CVE-2018-16476 CVE-2018-16509 CVE-2018-16510 CVE-2018-16511 CVE-2018-16513
                        CVE-2018-16539 CVE-2018-16540 CVE-2018-16541 CVE-2018-16542 CVE-2018-16543
                        CVE-2018-16548 CVE-2018-1656 CVE-2018-16585 CVE-2018-16741 CVE-2018-16742
                        CVE-2018-16743 CVE-2018-16744 CVE-2018-16745 CVE-2018-16802 CVE-2018-16858
                        CVE-2018-16858 CVE-2018-16873 CVE-2018-16873 CVE-2018-16873 CVE-2018-16873
                        CVE-2018-16873 CVE-2018-16874 CVE-2018-16874 CVE-2018-16874 CVE-2018-16874
                        CVE-2018-16874 CVE-2018-16875 CVE-2018-16875 CVE-2018-16875 CVE-2018-16875
                        CVE-2018-16875 CVE-2018-17000 CVE-2018-17095 CVE-2018-17096 CVE-2018-17097
                        CVE-2018-17097 CVE-2018-17098 CVE-2018-17098 CVE-2018-17100 CVE-2018-17101
                        CVE-2018-17183 CVE-2018-17183 CVE-2018-17358 CVE-2018-17359 CVE-2018-17360
                        CVE-2018-17439 CVE-2018-17466 CVE-2018-17795 CVE-2018-17828 CVE-2018-17953
                        CVE-2018-17956 CVE-2018-17961 CVE-2018-17985 CVE-2018-18065 CVE-2018-18073
                        CVE-2018-18225 CVE-2018-18226 CVE-2018-18227 CVE-2018-18227 CVE-2018-18284
                        CVE-2018-18309 CVE-2018-18384 CVE-2018-18444 CVE-2018-18483 CVE-2018-18484
                        CVE-2018-18492 CVE-2018-18493 CVE-2018-18494 CVE-2018-18498 CVE-2018-18508
                        CVE-2018-18557 CVE-2018-18584 CVE-2018-18585 CVE-2018-18586 CVE-2018-18605
                        CVE-2018-18606 CVE-2018-18607 CVE-2018-18661 CVE-2018-18873 CVE-2018-1890
                        CVE-2018-19139 CVE-2018-19208 CVE-2018-19210 CVE-2018-19210 CVE-2018-19211
                        CVE-2018-19409 CVE-2018-19416 CVE-2018-19432 CVE-2018-19475 CVE-2018-19476
                        CVE-2018-19477 CVE-2018-19517 CVE-2018-19539 CVE-2018-19540 CVE-2018-19541
                        CVE-2018-19542 CVE-2018-19543 CVE-2018-19622 CVE-2018-19622 CVE-2018-19623
                        CVE-2018-19623 CVE-2018-19624 CVE-2018-19624 CVE-2018-19625 CVE-2018-19625
                        CVE-2018-19626 CVE-2018-19626 CVE-2018-19627 CVE-2018-19627 CVE-2018-19628
                        CVE-2018-19758 CVE-2018-19840 CVE-2018-19840 CVE-2018-19841 CVE-2018-19841
                        CVE-2018-19931 CVE-2018-19932 CVE-2018-20030 CVE-2018-20030 CVE-2018-20337
                        CVE-2018-20340 CVE-2018-20340 CVE-2018-20346 CVE-2018-20363 CVE-2018-20364
                        CVE-2018-20365 CVE-2018-20482 CVE-2018-20482 CVE-2018-20483 CVE-2018-20570
                        CVE-2018-20622 CVE-2018-20623 CVE-2018-20651 CVE-2018-20671 CVE-2018-20845
                        CVE-2018-20846 CVE-2018-20846 CVE-2018-20860 CVE-2018-20861 CVE-2018-21010
                        CVE-2018-21010 CVE-2018-25009 CVE-2018-25010 CVE-2018-25011 CVE-2018-25012
                        CVE-2018-25013 CVE-2018-2783 CVE-2018-2790 CVE-2018-2790 CVE-2018-2794
                        CVE-2018-2794 CVE-2018-2795 CVE-2018-2795 CVE-2018-2796 CVE-2018-2796
                        CVE-2018-2797 CVE-2018-2797 CVE-2018-2798 CVE-2018-2798 CVE-2018-2799
                        CVE-2018-2799 CVE-2018-2800 CVE-2018-2800 CVE-2018-2814 CVE-2018-2814
                        CVE-2018-2815 CVE-2018-2825 CVE-2018-2826 CVE-2018-2938 CVE-2018-2940
                        CVE-2018-2940 CVE-2018-2940 CVE-2018-2952 CVE-2018-2952 CVE-2018-2952
                        CVE-2018-2964 CVE-2018-2972 CVE-2018-2973 CVE-2018-2973 CVE-2018-2973
                        CVE-2018-3136 CVE-2018-3136 CVE-2018-3136 CVE-2018-3139 CVE-2018-3139
                        CVE-2018-3139 CVE-2018-3149 CVE-2018-3149 CVE-2018-3149 CVE-2018-3150
                        CVE-2018-3157 CVE-2018-3169 CVE-2018-3169 CVE-2018-3169 CVE-2018-3180
                        CVE-2018-3180 CVE-2018-3180 CVE-2018-3183 CVE-2018-3183 CVE-2018-3183
                        CVE-2018-3214 CVE-2018-3214 CVE-2018-3639 CVE-2018-3760 CVE-2018-4180
                        CVE-2018-4181 CVE-2018-4182 CVE-2018-4183 CVE-2018-4700 CVE-2018-5407
                        CVE-2018-5727 CVE-2018-5785 CVE-2018-5804 CVE-2018-5813 CVE-2018-5815
                        CVE-2018-5816 CVE-2018-5817 CVE-2018-5818 CVE-2018-5819 CVE-2018-6323
                        CVE-2018-6543 CVE-2018-6616 CVE-2018-6759 CVE-2018-6767 CVE-2018-6872
                        CVE-2018-6914 CVE-2018-6942 CVE-2018-6952 CVE-2018-7170 CVE-2018-7187
                        CVE-2018-7187 CVE-2018-7208 CVE-2018-7253 CVE-2018-7254 CVE-2018-7456
                        CVE-2018-7568 CVE-2018-7569 CVE-2018-7570 CVE-2018-7642 CVE-2018-7643
                        CVE-2018-8777 CVE-2018-8778 CVE-2018-8779 CVE-2018-8780 CVE-2018-8905
                        CVE-2018-8945 CVE-2018-8956 CVE-2018-8975 CVE-2018-9154 CVE-2018-9252
                        CVE-2019-0804 CVE-2019-0816 CVE-2019-1010180 CVE-2019-1010190
                        CVE-2019-1010204 CVE-2019-1010305 CVE-2019-1010319 CVE-2019-1010319
                        CVE-2019-10152 CVE-2019-10164 CVE-2019-10181 CVE-2019-10182 CVE-2019-10185
                        CVE-2019-10214 CVE-2019-10214 CVE-2019-10216 CVE-2019-10245 CVE-2019-10894
                        CVE-2019-10894 CVE-2019-10895 CVE-2019-10895 CVE-2019-10896 CVE-2019-10896
                        CVE-2019-10897 CVE-2019-10898 CVE-2019-10899 CVE-2019-10899 CVE-2019-10900
                        CVE-2019-10901 CVE-2019-10901 CVE-2019-10902 CVE-2019-10903 CVE-2019-10903
                        CVE-2019-10906 CVE-2019-11135 CVE-2019-11498 CVE-2019-11498 CVE-2019-11596
                        CVE-2019-11745 CVE-2019-11771 CVE-2019-11772 CVE-2019-11775 CVE-2019-12209
                        CVE-2019-12210 CVE-2019-12269 CVE-2019-12290 CVE-2019-12420 CVE-2019-12625
                        CVE-2019-12625 CVE-2019-12838 CVE-2019-12900 CVE-2019-12900 CVE-2019-12972
                        CVE-2019-12973 CVE-2019-13108 CVE-2019-13111 CVE-2019-13132 CVE-2019-13224
                        CVE-2019-13390 CVE-2019-1348 CVE-2019-1349 CVE-2019-1350 CVE-2019-13509
                        CVE-2019-1351 CVE-2019-1352 CVE-2019-1353 CVE-2019-1354 CVE-2019-13616
                        CVE-2019-13619 CVE-2019-13619 CVE-2019-13636 CVE-2019-1387 CVE-2019-14250
                        CVE-2019-14250 CVE-2019-14250 CVE-2019-14271 CVE-2019-14275 CVE-2019-14275
                        CVE-2019-14382 CVE-2019-14383 CVE-2019-14444 CVE-2019-14811 CVE-2019-14812
                        CVE-2019-14813 CVE-2019-14817 CVE-2019-14853 CVE-2019-14857 CVE-2019-14859
                        CVE-2019-14869 CVE-2019-14973 CVE-2019-15026 CVE-2019-15133 CVE-2019-1547
                        CVE-2019-1551 CVE-2019-15587 CVE-2019-1559 CVE-2019-1563 CVE-2019-15845
                        CVE-2019-15847 CVE-2019-15847 CVE-2019-15961 CVE-2019-15961 CVE-2019-16163
                        CVE-2019-16167 CVE-2019-16168 CVE-2019-16201 CVE-2019-16239 CVE-2019-16254
                        CVE-2019-16255 CVE-2019-16319 CVE-2019-16707 CVE-2019-16782 CVE-2019-16785
                        CVE-2019-16786 CVE-2019-16789 CVE-2019-16792 CVE-2019-16884 CVE-2019-16884
                        CVE-2019-16884 CVE-2019-17006 CVE-2019-17006 CVE-2019-17113 CVE-2019-17450
                        CVE-2019-17451 CVE-2019-17498 CVE-2019-17498 CVE-2019-17539 CVE-2019-17546
                        CVE-2019-17566 CVE-2019-17594 CVE-2019-17595 CVE-2019-17631 CVE-2019-17639
                        CVE-2019-1785 CVE-2019-1786 CVE-2019-1787 CVE-2019-1787 CVE-2019-1788
                        CVE-2019-1788 CVE-2019-1789 CVE-2019-1789 CVE-2019-1798 CVE-2019-18218
                        CVE-2019-18224 CVE-2019-18348 CVE-2019-18388 CVE-2019-18389 CVE-2019-18390
                        CVE-2019-18391 CVE-2019-18466 CVE-2019-18658 CVE-2019-18906 CVE-2019-18934
                        CVE-2019-19203 CVE-2019-19204 CVE-2019-19244 CVE-2019-19246 CVE-2019-19317
                        CVE-2019-19451 CVE-2019-19553 CVE-2019-19555 CVE-2019-19603 CVE-2019-19604
                        CVE-2019-19645 CVE-2019-19646 CVE-2019-19725 CVE-2019-19746 CVE-2019-19797
                        CVE-2019-19880 CVE-2019-19921 CVE-2019-19921 CVE-2019-19923 CVE-2019-19924
                        CVE-2019-19925 CVE-2019-19926 CVE-2019-19959 CVE-2019-19977 CVE-2019-20044
                        CVE-2019-20218 CVE-2019-20367 CVE-2019-20479 CVE-2019-20838 CVE-2019-20916
                        CVE-2019-20919 CVE-2019-2126 CVE-2019-2422 CVE-2019-2422 CVE-2019-2422
                        CVE-2019-2426 CVE-2019-2449 CVE-2019-2449 CVE-2019-25031 CVE-2019-25032
                        CVE-2019-25033 CVE-2019-25034 CVE-2019-25035 CVE-2019-25036 CVE-2019-25037
                        CVE-2019-25038 CVE-2019-25039 CVE-2019-25040 CVE-2019-25041 CVE-2019-25042
                        CVE-2019-25051 CVE-2019-2602 CVE-2019-2602 CVE-2019-2602 CVE-2019-2614
                        CVE-2019-2627 CVE-2019-2628 CVE-2019-2684 CVE-2019-2684 CVE-2019-2684
                        CVE-2019-2697 CVE-2019-2698 CVE-2019-2698 CVE-2019-2708 CVE-2019-2745
                        CVE-2019-2745 CVE-2019-2762 CVE-2019-2762 CVE-2019-2762 CVE-2019-2766
                        CVE-2019-2766 CVE-2019-2766 CVE-2019-2769 CVE-2019-2769 CVE-2019-2769
                        CVE-2019-2786 CVE-2019-2786 CVE-2019-2786 CVE-2019-2816 CVE-2019-2816
                        CVE-2019-2816 CVE-2019-2818 CVE-2019-2821 CVE-2019-2842 CVE-2019-2894
                        CVE-2019-2894 CVE-2019-2933 CVE-2019-2933 CVE-2019-2933 CVE-2019-2945
                        CVE-2019-2945 CVE-2019-2945 CVE-2019-2949 CVE-2019-2949 CVE-2019-2949
                        CVE-2019-2958 CVE-2019-2958 CVE-2019-2958 CVE-2019-2962 CVE-2019-2962
                        CVE-2019-2962 CVE-2019-2964 CVE-2019-2964 CVE-2019-2964 CVE-2019-2973
                        CVE-2019-2973 CVE-2019-2973 CVE-2019-2975 CVE-2019-2975 CVE-2019-2975
                        CVE-2019-2977 CVE-2019-2978 CVE-2019-2978 CVE-2019-2978 CVE-2019-2981
                        CVE-2019-2981 CVE-2019-2981 CVE-2019-2983 CVE-2019-2983 CVE-2019-2983
                        CVE-2019-2987 CVE-2019-2987 CVE-2019-2988 CVE-2019-2988 CVE-2019-2988
                        CVE-2019-2989 CVE-2019-2989 CVE-2019-2989 CVE-2019-2992 CVE-2019-2992
                        CVE-2019-2992 CVE-2019-2996 CVE-2019-2999 CVE-2019-2999 CVE-2019-2999
                        CVE-2019-3681 CVE-2019-3685 CVE-2019-3816 CVE-2019-3833 CVE-2019-3835
                        CVE-2019-3838 CVE-2019-3839 CVE-2019-3855 CVE-2019-3855 CVE-2019-3856
                        CVE-2019-3856 CVE-2019-3857 CVE-2019-3857 CVE-2019-3858 CVE-2019-3858
                        CVE-2019-3859 CVE-2019-3859 CVE-2019-3859 CVE-2019-3860 CVE-2019-3860
                        CVE-2019-3861 CVE-2019-3861 CVE-2019-3862 CVE-2019-3862 CVE-2019-3863
                        CVE-2019-3863 CVE-2019-3880 CVE-2019-3881 CVE-2019-4473 CVE-2019-4732
                        CVE-2019-5021 CVE-2019-5418 CVE-2019-5419 CVE-2019-5716 CVE-2019-5717
                        CVE-2019-5717 CVE-2019-5718 CVE-2019-5718 CVE-2019-5719 CVE-2019-5719
                        CVE-2019-5721 CVE-2019-5721 CVE-2019-5736 CVE-2019-5736 CVE-2019-5736
                        CVE-2019-5736 CVE-2019-5953 CVE-2019-6116 CVE-2019-6128 CVE-2019-6250
                        CVE-2019-6470 CVE-2019-6486 CVE-2019-6706 CVE-2019-6778 CVE-2019-6978
                        CVE-2019-7317 CVE-2019-7317 CVE-2019-7317 CVE-2019-7317 CVE-2019-7572
                        CVE-2019-7573 CVE-2019-7574 CVE-2019-7575 CVE-2019-7576 CVE-2019-7577
                        CVE-2019-7578 CVE-2019-7635 CVE-2019-7636 CVE-2019-7637 CVE-2019-7638
                        CVE-2019-7663 CVE-2019-8320 CVE-2019-8321 CVE-2019-8322 CVE-2019-8323
                        CVE-2019-8324 CVE-2019-8325 CVE-2019-8341 CVE-2019-8396 CVE-2019-8675
                        CVE-2019-8696 CVE-2019-8842 CVE-2019-8905 CVE-2019-8906 CVE-2019-8907
                        CVE-2019-8936 CVE-2019-9074 CVE-2019-9075 CVE-2019-9077 CVE-2019-9208
                        CVE-2019-9208 CVE-2019-9209 CVE-2019-9209 CVE-2019-9214 CVE-2019-9214
                        CVE-2019-9232 CVE-2019-9278 CVE-2019-9278 CVE-2019-9325 CVE-2019-9371
                        CVE-2019-9433 CVE-2019-9578 CVE-2019-9578 CVE-2019-9721 CVE-2019-9755
                        CVE-2019-9755 CVE-2019-9853 CVE-2019-9923 CVE-2019-9923 CVE-2019-9936
                        CVE-2019-9937 CVE-2020-0034 CVE-2020-0093 CVE-2020-0181 CVE-2020-0198
                        CVE-2020-0452 CVE-2020-0487 CVE-2020-0499 CVE-2020-10001 CVE-2020-10531
                        CVE-2020-10663 CVE-2020-10735 CVE-2020-10812 CVE-2020-10933 CVE-2020-11022
                        CVE-2020-11022 CVE-2020-11023 CVE-2020-11076 CVE-2020-11077 CVE-2020-11078
                        CVE-2020-11080 CVE-2020-11501 CVE-2020-11647 CVE-2020-11651 CVE-2020-11652
                        CVE-2020-11758 CVE-2020-11760 CVE-2020-11761 CVE-2020-11762 CVE-2020-11763
                        CVE-2020-11764 CVE-2020-11765 CVE-2020-11868 CVE-2020-11979 CVE-2020-11987
                        CVE-2020-11988 CVE-2020-11996 CVE-2020-12100 CVE-2020-12105 CVE-2020-12268
                        CVE-2020-12399 CVE-2020-12400 CVE-2020-12401 CVE-2020-12403 CVE-2020-12658
                        CVE-2020-12662 CVE-2020-12663 CVE-2020-12673 CVE-2020-12674 CVE-2020-12762
                        CVE-2020-12762 CVE-2020-12767 CVE-2020-12823 CVE-2020-13112 CVE-2020-13113
                        CVE-2020-13114 CVE-2020-13164 CVE-2020-13249 CVE-2020-13401 CVE-2020-13434
                        CVE-2020-13435 CVE-2020-13630 CVE-2020-13631 CVE-2020-13632 CVE-2020-13757
                        CVE-2020-13817 CVE-2020-13844 CVE-2020-13844 CVE-2020-13904 CVE-2020-13934
                        CVE-2020-13935 CVE-2020-13936 CVE-2020-13936 CVE-2020-13943 CVE-2020-13956
                        CVE-2020-14001 CVE-2020-14039 CVE-2020-14093 CVE-2020-14154 CVE-2020-14155
                        CVE-2020-14343 CVE-2020-14344 CVE-2020-14344 CVE-2020-14345 CVE-2020-14346
                        CVE-2020-14347 CVE-2020-14349 CVE-2020-14350 CVE-2020-14360 CVE-2020-14361
                        CVE-2020-14362 CVE-2020-14363 CVE-2020-14392 CVE-2020-14393 CVE-2020-14409
                        CVE-2020-14409 CVE-2020-14410 CVE-2020-14410 CVE-2020-14556 CVE-2020-14556
                        CVE-2020-14556 CVE-2020-14562 CVE-2020-14573 CVE-2020-14577 CVE-2020-14577
                        CVE-2020-14577 CVE-2020-14578 CVE-2020-14578 CVE-2020-14579 CVE-2020-14579
                        CVE-2020-14581 CVE-2020-14581 CVE-2020-14581 CVE-2020-14583 CVE-2020-14583
                        CVE-2020-14583 CVE-2020-14593 CVE-2020-14593 CVE-2020-14593 CVE-2020-14621
                        CVE-2020-14621 CVE-2020-14621 CVE-2020-14765 CVE-2020-14776 CVE-2020-14779
                        CVE-2020-14779 CVE-2020-14779 CVE-2020-14781 CVE-2020-14781 CVE-2020-14781
                        CVE-2020-14782 CVE-2020-14782 CVE-2020-14789 CVE-2020-14792 CVE-2020-14792
                        CVE-2020-14792 CVE-2020-14796 CVE-2020-14796 CVE-2020-14796 CVE-2020-14797
                        CVE-2020-14797 CVE-2020-14797 CVE-2020-14798 CVE-2020-14798 CVE-2020-14798
                        CVE-2020-14803 CVE-2020-14803 CVE-2020-14803 CVE-2020-14803 CVE-2020-14803
                        CVE-2020-14812 CVE-2020-14928 CVE-2020-14954 CVE-2020-15025 CVE-2020-15166
                        CVE-2020-15169 CVE-2020-15180 CVE-2020-15257 CVE-2020-15304 CVE-2020-15305
                        CVE-2020-15306 CVE-2020-15358 CVE-2020-15389 CVE-2020-15389 CVE-2020-15466
                        CVE-2020-15503 CVE-2020-15522 CVE-2020-15522 CVE-2020-15652 CVE-2020-15653
                        CVE-2020-15654 CVE-2020-15655 CVE-2020-15656 CVE-2020-15657 CVE-2020-15658
                        CVE-2020-15659 CVE-2020-15663 CVE-2020-15664 CVE-2020-15670 CVE-2020-15673
                        CVE-2020-15673 CVE-2020-15676 CVE-2020-15676 CVE-2020-15677 CVE-2020-15677
                        CVE-2020-15678 CVE-2020-15678 CVE-2020-15683 CVE-2020-15683 CVE-2020-15685
                        CVE-2020-15862 CVE-2020-15900 CVE-2020-15969 CVE-2020-15969 CVE-2020-15999
                        CVE-2020-15999 CVE-2020-16012 CVE-2020-16042 CVE-2020-16042 CVE-2020-16044
                        CVE-2020-16044 CVE-2020-16117 CVE-2020-16587 CVE-2020-16588 CVE-2020-16589
                        CVE-2020-16590 CVE-2020-16591 CVE-2020-16592 CVE-2020-16593 CVE-2020-16598
                        CVE-2020-16599 CVE-2020-1720 CVE-2020-1726 CVE-2020-17498 CVE-2020-17521
                        CVE-2020-17527 CVE-2020-19131 CVE-2020-1930 CVE-2020-1931 CVE-2020-1945
                        CVE-2020-1945 CVE-2020-1946 CVE-2020-1971 CVE-2020-19716 CVE-2020-19860
                        CVE-2020-19861 CVE-2020-20448 CVE-2020-20451 CVE-2020-20891 CVE-2020-20892
                        CVE-2020-20895 CVE-2020-20896 CVE-2020-20899 CVE-2020-20902 CVE-2020-21041
                        CVE-2020-21529 CVE-2020-21530 CVE-2020-21531 CVE-2020-21532 CVE-2020-21533
                        CVE-2020-21534 CVE-2020-21535 CVE-2020-21680 CVE-2020-21681 CVE-2020-21682
                        CVE-2020-21683 CVE-2020-21688 CVE-2020-21697 CVE-2020-21913 CVE-2020-21913
                        CVE-2020-22015 CVE-2020-22016 CVE-2020-22017 CVE-2020-22019 CVE-2020-22020
                        CVE-2020-22021 CVE-2020-22022 CVE-2020-22023 CVE-2020-22025 CVE-2020-22026
                        CVE-2020-22031 CVE-2020-22032 CVE-2020-22033 CVE-2020-22034 CVE-2020-22037
                        CVE-2020-22038 CVE-2020-22039 CVE-2020-22042 CVE-2020-22043 CVE-2020-22044
                        CVE-2020-22046 CVE-2020-22048 CVE-2020-22049 CVE-2020-22054 CVE-2020-23903
                        CVE-2020-24370 CVE-2020-24371 CVE-2020-24386 CVE-2020-24489 CVE-2020-24511
                        CVE-2020-24512 CVE-2020-24513 CVE-2020-24994 CVE-2020-25275 CVE-2020-25592
                        CVE-2020-25613 CVE-2020-25648 CVE-2020-25649 CVE-2020-25649 CVE-2020-25657
                        CVE-2020-25657 CVE-2020-25658 CVE-2020-25659 CVE-2020-25659 CVE-2020-25694
                        CVE-2020-25694 CVE-2020-25695 CVE-2020-25695 CVE-2020-25696 CVE-2020-25696
                        CVE-2020-25712 CVE-2020-25713 CVE-2020-25717 CVE-2020-25717 CVE-2020-25717
                        CVE-2020-25718 CVE-2020-25719 CVE-2020-25721 CVE-2020-25722 CVE-2020-2583
                        CVE-2020-2583 CVE-2020-2583 CVE-2020-25862 CVE-2020-25863 CVE-2020-25866
                        CVE-2020-2590 CVE-2020-2590 CVE-2020-2593 CVE-2020-2593 CVE-2020-2593
                        CVE-2020-2601 CVE-2020-2601 CVE-2020-2604 CVE-2020-2604 CVE-2020-2604
                        CVE-2020-26137 CVE-2020-26159 CVE-2020-26217 CVE-2020-26217 CVE-2020-26258
                        CVE-2020-26258 CVE-2020-26259 CVE-2020-26259 CVE-2020-26418 CVE-2020-26419
                        CVE-2020-26420 CVE-2020-26421 CVE-2020-26422 CVE-2020-2654 CVE-2020-2654
                        CVE-2020-2654 CVE-2020-2655 CVE-2020-26575 CVE-2020-2659 CVE-2020-2659
                        CVE-2020-26682 CVE-2020-26945 CVE-2020-26950 CVE-2020-26951 CVE-2020-26953
                        CVE-2020-26956 CVE-2020-26958 CVE-2020-26959 CVE-2020-26960 CVE-2020-26961
                        CVE-2020-26965 CVE-2020-26966 CVE-2020-26968 CVE-2020-26970 CVE-2020-26971
                        CVE-2020-26971 CVE-2020-26973 CVE-2020-26973 CVE-2020-26974 CVE-2020-26974
                        CVE-2020-26976 CVE-2020-26976 CVE-2020-26978 CVE-2020-26978 CVE-2020-27218
                        CVE-2020-27221 CVE-2020-27223 CVE-2020-2754 CVE-2020-2754 CVE-2020-2754
                        CVE-2020-2755 CVE-2020-2755 CVE-2020-2755 CVE-2020-2756 CVE-2020-2756
                        CVE-2020-2756 CVE-2020-2757 CVE-2020-2757 CVE-2020-2757 CVE-2020-2767
                        CVE-2020-2773 CVE-2020-2773 CVE-2020-2778 CVE-2020-2781 CVE-2020-2781
                        CVE-2020-2781 CVE-2020-27814 CVE-2020-27823 CVE-2020-27823 CVE-2020-27824
                        CVE-2020-27824 CVE-2020-27828 CVE-2020-27840 CVE-2020-27841 CVE-2020-27842
                        CVE-2020-27842 CVE-2020-27843 CVE-2020-27843 CVE-2020-27845 CVE-2020-27845
                        CVE-2020-2800 CVE-2020-2800 CVE-2020-2800 CVE-2020-2803 CVE-2020-2803
                        CVE-2020-2803 CVE-2020-28030 CVE-2020-2805 CVE-2020-2805 CVE-2020-2805
                        CVE-2020-28052 CVE-2020-2816 CVE-2020-28200 CVE-2020-2830 CVE-2020-2830
                        CVE-2020-2830 CVE-2020-28473 CVE-2020-28477 CVE-2020-28491 CVE-2020-28493
                        CVE-2020-2875 CVE-2020-28896 CVE-2020-28935 CVE-2020-29260 CVE-2020-2933
                        CVE-2020-2934 CVE-2020-29651 CVE-2020-29651 CVE-2020-3123 CVE-2020-3327
                        CVE-2020-3341 CVE-2020-3350 CVE-2020-3481 CVE-2020-35111 CVE-2020-35111
                        CVE-2020-35112 CVE-2020-35112 CVE-2020-35113 CVE-2020-35113 CVE-2020-35448
                        CVE-2020-35458 CVE-2020-35458 CVE-2020-35459 CVE-2020-35493 CVE-2020-35496
                        CVE-2020-35507 CVE-2020-35521 CVE-2020-35522 CVE-2020-35523 CVE-2020-35524
                        CVE-2020-35728 CVE-2020-35738 CVE-2020-35965 CVE-2020-36193 CVE-2020-36242
                        CVE-2020-36328 CVE-2020-36329 CVE-2020-36330 CVE-2020-36331 CVE-2020-36332
                        CVE-2020-36430 CVE-2020-36518 CVE-2020-3898 CVE-2020-4044 CVE-2020-5267
                        CVE-2020-6463 CVE-2020-6514 CVE-2020-6829 CVE-2020-6851 CVE-2020-7044
                        CVE-2020-7064 CVE-2020-7066 CVE-2020-7663 CVE-2020-8112 CVE-2020-8112
                        CVE-2020-8130 CVE-2020-8161 CVE-2020-8164 CVE-2020-8165 CVE-2020-8167
                        CVE-2020-8184 CVE-2020-8277 CVE-2020-8492 CVE-2020-8597 CVE-2020-8631
                        CVE-2020-8632 CVE-2020-8695 CVE-2020-8695 CVE-2020-8696 CVE-2020-8698
                        CVE-2020-8698 CVE-2020-8903 CVE-2020-8907 CVE-2020-8908 CVE-2020-8927
                        CVE-2020-8933 CVE-2020-9327 CVE-2020-9428 CVE-2020-9429 CVE-2020-9430
                        CVE-2020-9431 CVE-2021-0127 CVE-2021-0145 CVE-2021-0146 CVE-2021-0561
                        CVE-2021-1252 CVE-2021-1404 CVE-2021-1405 CVE-2021-20190 CVE-2021-20193
                        CVE-2021-20193 CVE-2021-20197 CVE-2021-20229 CVE-2021-20230 CVE-2021-20254
                        CVE-2021-20266 CVE-2021-20271 CVE-2021-20277 CVE-2021-20284 CVE-2021-20294
                        CVE-2021-20296 CVE-2021-20298 CVE-2021-20299 CVE-2021-20300 CVE-2021-20302
                        CVE-2021-20303 CVE-2021-20304 CVE-2021-21240 CVE-2021-21241 CVE-2021-21272
                        CVE-2021-21284 CVE-2021-21284 CVE-2021-21285 CVE-2021-21285 CVE-2021-21300
                        CVE-2021-21330 CVE-2021-21330 CVE-2021-21334 CVE-2021-21341 CVE-2021-21342
                        CVE-2021-21343 CVE-2021-21344 CVE-2021-21345 CVE-2021-21346 CVE-2021-21347
                        CVE-2021-21348 CVE-2021-21349 CVE-2021-21350 CVE-2021-21351 CVE-2021-2161
                        CVE-2021-2161 CVE-2021-2163 CVE-2021-2163 CVE-2021-2163 CVE-2021-21703
                        CVE-2021-21707 CVE-2021-21707 CVE-2021-21707 CVE-2021-21708 CVE-2021-22116
                        CVE-2021-22173 CVE-2021-22174 CVE-2021-22191 CVE-2021-22207 CVE-2021-22235
                        CVE-2021-22569 CVE-2021-22570 CVE-2021-22880 CVE-2021-22885 CVE-2021-22904
                        CVE-2021-23177 CVE-2021-23192 CVE-2021-23214 CVE-2021-23215 CVE-2021-23222
                        CVE-2021-23385 CVE-2021-2341 CVE-2021-2341 CVE-2021-2341 CVE-2021-2369
                        CVE-2021-2369 CVE-2021-2369 CVE-2021-23840 CVE-2021-23841 CVE-2021-2388
                        CVE-2021-2388 CVE-2021-23953 CVE-2021-23953 CVE-2021-23954 CVE-2021-23954
                        CVE-2021-23960 CVE-2021-23960 CVE-2021-23961 CVE-2021-23961 CVE-2021-23964
                        CVE-2021-23964 CVE-2021-23968 CVE-2021-23968 CVE-2021-23969 CVE-2021-23969
                        CVE-2021-23973 CVE-2021-23973 CVE-2021-23978 CVE-2021-23978 CVE-2021-23981
                        CVE-2021-23981 CVE-2021-23981 CVE-2021-23982 CVE-2021-23982 CVE-2021-23982
                        CVE-2021-23984 CVE-2021-23984 CVE-2021-23984 CVE-2021-23987 CVE-2021-23987
                        CVE-2021-23987 CVE-2021-23991 CVE-2021-23992 CVE-2021-23994 CVE-2021-23994
                        CVE-2021-23995 CVE-2021-23995 CVE-2021-23998 CVE-2021-23998 CVE-2021-23999
                        CVE-2021-23999 CVE-2021-24002 CVE-2021-24002 CVE-2021-24122 CVE-2021-2471
                        CVE-2021-25122 CVE-2021-25214 CVE-2021-25215 CVE-2021-25217 CVE-2021-25219
                        CVE-2021-25219 CVE-2021-25220 CVE-2021-25220 CVE-2021-25314 CVE-2021-25315
                        CVE-2021-25317 CVE-2021-25321 CVE-2021-25329 CVE-2021-26260 CVE-2021-26291
                        CVE-2021-26926 CVE-2021-26927 CVE-2021-26937 CVE-2021-27135 CVE-2021-27291
                        CVE-2021-27807 CVE-2021-27845 CVE-2021-27906 CVE-2021-28021 CVE-2021-28041
                        CVE-2021-28163 CVE-2021-28164 CVE-2021-28165 CVE-2021-28169 CVE-2021-28861
                        CVE-2021-28965 CVE-2021-29136 CVE-2021-29136 CVE-2021-29157 CVE-2021-29157
                        CVE-2021-29338 CVE-2021-29338 CVE-2021-29425 CVE-2021-29425 CVE-2021-29428
                        CVE-2021-29457 CVE-2021-29463 CVE-2021-29470 CVE-2021-29505 CVE-2021-29509
                        CVE-2021-29623 CVE-2021-29945 CVE-2021-29945 CVE-2021-29946 CVE-2021-29946
                        CVE-2021-29948 CVE-2021-29950 CVE-2021-29951 CVE-2021-29951 CVE-2021-29956
                        CVE-2021-29957 CVE-2021-29964 CVE-2021-29964 CVE-2021-29967 CVE-2021-29967
                        CVE-2021-29969 CVE-2021-29970 CVE-2021-29970 CVE-2021-29976 CVE-2021-29976
                        CVE-2021-29980 CVE-2021-29980 CVE-2021-29980 CVE-2021-29981 CVE-2021-29981
                        CVE-2021-29982 CVE-2021-29982 CVE-2021-29983 CVE-2021-29984 CVE-2021-29984
                        CVE-2021-29984 CVE-2021-29985 CVE-2021-29985 CVE-2021-29985 CVE-2021-29986
                        CVE-2021-29986 CVE-2021-29986 CVE-2021-29987 CVE-2021-29987 CVE-2021-29988
                        CVE-2021-29988 CVE-2021-29988 CVE-2021-29989 CVE-2021-29989 CVE-2021-29989
                        CVE-2021-29990 CVE-2021-29991 CVE-2021-29991 CVE-2021-30465 CVE-2021-30465
                        CVE-2021-30498 CVE-2021-30499 CVE-2021-30547 CVE-2021-30547 CVE-2021-30560
                        CVE-2021-30640 CVE-2021-31291 CVE-2021-31535 CVE-2021-31535 CVE-2021-31566
                        CVE-2021-31607 CVE-2021-31799 CVE-2021-31799 CVE-2021-3181 CVE-2021-31810
                        CVE-2021-31810 CVE-2021-32000 CVE-2021-32027 CVE-2021-32028 CVE-2021-32029
                        CVE-2021-32066 CVE-2021-32066 CVE-2021-32142 CVE-2021-32142 CVE-2021-32280
                        CVE-2021-3246 CVE-2021-32490 CVE-2021-32491 CVE-2021-32492 CVE-2021-32493
                        CVE-2021-32610 CVE-2021-32617 CVE-2021-32718 CVE-2021-32719 CVE-2021-3272
                        CVE-2021-32751 CVE-2021-32760 CVE-2021-32760 CVE-2021-32785 CVE-2021-32786
                        CVE-2021-32791 CVE-2021-32792 CVE-2021-32810 CVE-2021-32810 CVE-2021-32839
                        CVE-2021-33037 CVE-2021-33120 CVE-2021-33285 CVE-2021-33286 CVE-2021-33287
                        CVE-2021-33289 CVE-2021-33503 CVE-2021-33515 CVE-2021-33574 CVE-2021-33657
                        CVE-2021-33657 CVE-2021-33813 CVE-2021-33813 CVE-2021-3393 CVE-2021-3410
                        CVE-2021-3421 CVE-2021-3426 CVE-2021-34334 CVE-2021-34429 CVE-2021-3443
                        CVE-2021-3465 CVE-2021-3467 CVE-2021-3472 CVE-2021-3474 CVE-2021-3475
                        CVE-2021-3476 CVE-2021-3476 CVE-2021-3477 CVE-2021-3479 CVE-2021-3487
                        CVE-2021-3500 CVE-2021-35266 CVE-2021-35267 CVE-2021-35268 CVE-2021-35269
                        CVE-2021-3530 CVE-2021-35331 CVE-2021-35515 CVE-2021-35516 CVE-2021-35517
                        CVE-2021-35550 CVE-2021-35550 CVE-2021-35556 CVE-2021-35556 CVE-2021-35556
                        CVE-2021-35559 CVE-2021-35559 CVE-2021-35559 CVE-2021-35560 CVE-2021-35561
                        CVE-2021-35561 CVE-2021-35561 CVE-2021-35564 CVE-2021-35564 CVE-2021-35564
                        CVE-2021-35565 CVE-2021-35565 CVE-2021-35565 CVE-2021-35567 CVE-2021-35567
                        CVE-2021-35578 CVE-2021-35578 CVE-2021-35578 CVE-2021-35586 CVE-2021-35586
                        CVE-2021-35586 CVE-2021-35588 CVE-2021-35588 CVE-2021-35603 CVE-2021-35603
                        CVE-2021-3561 CVE-2021-3566 CVE-2021-3572 CVE-2021-35942 CVE-2021-3598
                        CVE-2021-3605 CVE-2021-36090 CVE-2021-3618 CVE-2021-3623 CVE-2021-3630
                        CVE-2021-3631 CVE-2021-36373 CVE-2021-36373 CVE-2021-36374 CVE-2021-36374
                        CVE-2021-36386 CVE-2021-36386 CVE-2021-3639 CVE-2021-3648 CVE-2021-3667
                        CVE-2021-36690 CVE-2021-3672 CVE-2021-3677 CVE-2021-36976 CVE-2021-36978
                        CVE-2021-36980 CVE-2021-3712 CVE-2021-3712 CVE-2021-3733 CVE-2021-3737
                        CVE-2021-3738 CVE-2021-3746 CVE-2021-37501 CVE-2021-37533 CVE-2021-37620
                        CVE-2021-37621 CVE-2021-37622 CVE-2021-37623 CVE-2021-37714 CVE-2021-3781
                        CVE-2021-3802 CVE-2021-38092 CVE-2021-38093 CVE-2021-38094 CVE-2021-38114
                        CVE-2021-38171 CVE-2021-3826 CVE-2021-38297 CVE-2021-38297 CVE-2021-38492
                        CVE-2021-38492 CVE-2021-38493 CVE-2021-38495 CVE-2021-38495 CVE-2021-38496
                        CVE-2021-38496 CVE-2021-38497 CVE-2021-38497 CVE-2021-38498 CVE-2021-38498
                        CVE-2021-38500 CVE-2021-38500 CVE-2021-38501 CVE-2021-38501 CVE-2021-38502
                        CVE-2021-38503 CVE-2021-38503 CVE-2021-38504 CVE-2021-38504 CVE-2021-38505
                        CVE-2021-38505 CVE-2021-38506 CVE-2021-38506 CVE-2021-38507 CVE-2021-38507
                        CVE-2021-38508 CVE-2021-38508 CVE-2021-38509 CVE-2021-38509 CVE-2021-38510
                        CVE-2021-38510 CVE-2021-39139 CVE-2021-39140 CVE-2021-39141 CVE-2021-39144
                        CVE-2021-39145 CVE-2021-39146 CVE-2021-39147 CVE-2021-39148 CVE-2021-39149
                        CVE-2021-39150 CVE-2021-39151 CVE-2021-39152 CVE-2021-39153 CVE-2021-39154
                        CVE-2021-39191 CVE-2021-39251 CVE-2021-39252 CVE-2021-39253 CVE-2021-39255
                        CVE-2021-39256 CVE-2021-39257 CVE-2021-39258 CVE-2021-39259 CVE-2021-39260
                        CVE-2021-39261 CVE-2021-39262 CVE-2021-39263 CVE-2021-39272 CVE-2021-39272
                        CVE-2021-3933 CVE-2021-3941 CVE-2021-39537 CVE-2021-3979 CVE-2021-39920
                        CVE-2021-39921 CVE-2021-39922 CVE-2021-39924 CVE-2021-39925 CVE-2021-39926
                        CVE-2021-39928 CVE-2021-39929 CVE-2021-3999 CVE-2021-4008 CVE-2021-4009
                        CVE-2021-4010 CVE-2021-4011 CVE-2021-4048 CVE-2021-40529 CVE-2021-40812
                        CVE-2021-41035 CVE-2021-4104 CVE-2021-41079 CVE-2021-41089 CVE-2021-41089
                        CVE-2021-41091 CVE-2021-41091 CVE-2021-41092 CVE-2021-41092 CVE-2021-41103
                        CVE-2021-41103 CVE-2021-41136 CVE-2021-41159 CVE-2021-41160 CVE-2021-41190
                        CVE-2021-4126 CVE-2021-4140 CVE-2021-4140 CVE-2021-4147 CVE-2021-41495
                        CVE-2021-4156 CVE-2021-41617 CVE-2021-4181 CVE-2021-41817 CVE-2021-41819
                        CVE-2021-4182 CVE-2021-4183 CVE-2021-4184 CVE-2021-4185 CVE-2021-4186
                        CVE-2021-4190 CVE-2021-42523 CVE-2021-42550 CVE-2021-42550 CVE-2021-42715
                        CVE-2021-42716 CVE-2021-42771 CVE-2021-43528 CVE-2021-43536 CVE-2021-43536
                        CVE-2021-43537 CVE-2021-43537 CVE-2021-43538 CVE-2021-43538 CVE-2021-43539
                        CVE-2021-43539 CVE-2021-43541 CVE-2021-43541 CVE-2021-43542 CVE-2021-43542
                        CVE-2021-43543 CVE-2021-43543 CVE-2021-43545 CVE-2021-43545 CVE-2021-43546
                        CVE-2021-43546 CVE-2021-43565 CVE-2021-43618 CVE-2021-43784 CVE-2021-43797
                        CVE-2021-43859 CVE-2021-43980 CVE-2021-44228 CVE-2021-44228 CVE-2021-44228
                        CVE-2021-44269 CVE-2021-44538 CVE-2021-44648 CVE-2021-44832 CVE-2021-45046
                        CVE-2021-45046 CVE-2021-45078 CVE-2021-45105 CVE-2021-45417 CVE-2021-45444
                        CVE-2021-45463 CVE-2021-45830 CVE-2021-45833 CVE-2021-45942 CVE-2021-45944
                        CVE-2021-45949 CVE-2021-45958 CVE-2021-46195 CVE-2021-46242 CVE-2021-46244
                        CVE-2021-46657 CVE-2021-46658 CVE-2021-46659 CVE-2021-46661 CVE-2021-46663
                        CVE-2021-46664 CVE-2021-46665 CVE-2021-46668 CVE-2021-46669 CVE-2021-46784
                        CVE-2021-46790 CVE-2021-46828 CVE-2021-46829 CVE-2021-46848 CVE-2022-0108
                        CVE-2022-0135 CVE-2022-0135 CVE-2022-0175 CVE-2022-0396 CVE-2022-0529
                        CVE-2022-0530 CVE-2022-0547 CVE-2022-0561 CVE-2022-0561 CVE-2022-0562
                        CVE-2022-0566 CVE-2022-0581 CVE-2022-0582 CVE-2022-0583 CVE-2022-0585
                        CVE-2022-0586 CVE-2022-0670 CVE-2022-0711 CVE-2022-0778 CVE-2022-0856
                        CVE-2022-0865 CVE-2022-0891 CVE-2022-0897 CVE-2022-0908 CVE-2022-0909
                        CVE-2022-0924 CVE-2022-0959 CVE-2022-1053 CVE-2022-1056 CVE-2022-1097
                        CVE-2022-1097 CVE-2022-1122 CVE-2022-1196 CVE-2022-1196 CVE-2022-1197
                        CVE-2022-1271 CVE-2022-1271 CVE-2022-1292 CVE-2022-1304 CVE-2022-1328
                        CVE-2022-1348 CVE-2022-1520 CVE-2022-1529 CVE-2022-1529 CVE-2022-1552
                        CVE-2022-1586 CVE-2022-1586 CVE-2022-1587 CVE-2022-1664 CVE-2022-1802
                        CVE-2022-1802 CVE-2022-1834 CVE-2022-1941 CVE-2022-1996 CVE-2022-1996
                        CVE-2022-2047 CVE-2022-2048 CVE-2022-2056 CVE-2022-2057 CVE-2022-2058
                        CVE-2022-2068 CVE-2022-20698 CVE-2022-20770 CVE-2022-20771 CVE-2022-20785
                        CVE-2022-20792 CVE-2022-20796 CVE-2022-21151 CVE-2022-21216 CVE-2022-21233
                        CVE-2022-21248 CVE-2022-21248 CVE-2022-21248 CVE-2022-21271 CVE-2022-21277
                        CVE-2022-21277 CVE-2022-21282 CVE-2022-21282 CVE-2022-21282 CVE-2022-21283
                        CVE-2022-21283 CVE-2022-21283 CVE-2022-21291 CVE-2022-21291 CVE-2022-21293
                        CVE-2022-21293 CVE-2022-21293 CVE-2022-21294 CVE-2022-21294 CVE-2022-21294
                        CVE-2022-21296 CVE-2022-21296 CVE-2022-21296 CVE-2022-21299 CVE-2022-21299
                        CVE-2022-21299 CVE-2022-21299 CVE-2022-21305 CVE-2022-21305 CVE-2022-21305
                        CVE-2022-21340 CVE-2022-21340 CVE-2022-21340 CVE-2022-21341 CVE-2022-21341
                        CVE-2022-21341 CVE-2022-21349 CVE-2022-21349 CVE-2022-21360 CVE-2022-21360
                        CVE-2022-21360 CVE-2022-21365 CVE-2022-21365 CVE-2022-21365 CVE-2022-21366
                        CVE-2022-21366 CVE-2022-21426 CVE-2022-21426 CVE-2022-21426 CVE-2022-21426
                        CVE-2022-21434 CVE-2022-21434 CVE-2022-21434 CVE-2022-21443 CVE-2022-21443
                        CVE-2022-21443 CVE-2022-21449 CVE-2022-21476 CVE-2022-21476 CVE-2022-21476
                        CVE-2022-21496 CVE-2022-21496 CVE-2022-21496 CVE-2022-21540 CVE-2022-21540
                        CVE-2022-21540 CVE-2022-21540 CVE-2022-21540 CVE-2022-21541 CVE-2022-21541
                        CVE-2022-21541 CVE-2022-21541 CVE-2022-21541 CVE-2022-21549 CVE-2022-21549
                        CVE-2022-21549 CVE-2022-21618 CVE-2022-21618 CVE-2022-21618 CVE-2022-21619
                        CVE-2022-21619 CVE-2022-21619 CVE-2022-21619 CVE-2022-21624 CVE-2022-21624
                        CVE-2022-21624 CVE-2022-21624 CVE-2022-21626 CVE-2022-21626 CVE-2022-21626
                        CVE-2022-21628 CVE-2022-21628 CVE-2022-21628 CVE-2022-21628 CVE-2022-21698
                        CVE-2022-21698 CVE-2022-21716 CVE-2022-2200 CVE-2022-2200 CVE-2022-2200
                        CVE-2022-2200 CVE-2022-2211 CVE-2022-2226 CVE-2022-2226 CVE-2022-2255
                        CVE-2022-2255 CVE-2022-22662 CVE-2022-22677 CVE-2022-22737 CVE-2022-22737
                        CVE-2022-22738 CVE-2022-22738 CVE-2022-22739 CVE-2022-22739 CVE-2022-22740
                        CVE-2022-22740 CVE-2022-22741 CVE-2022-22741 CVE-2022-22742 CVE-2022-22742
                        CVE-2022-22743 CVE-2022-22743 CVE-2022-22744 CVE-2022-22744 CVE-2022-22745
                        CVE-2022-22745 CVE-2022-22746 CVE-2022-22746 CVE-2022-22747 CVE-2022-22747
                        CVE-2022-22748 CVE-2022-22748 CVE-2022-22751 CVE-2022-22751 CVE-2022-22753
                        CVE-2022-22753 CVE-2022-22754 CVE-2022-22754 CVE-2022-22756 CVE-2022-22756
                        CVE-2022-22759 CVE-2022-22759 CVE-2022-22760 CVE-2022-22760 CVE-2022-22761
                        CVE-2022-22761 CVE-2022-22763 CVE-2022-22763 CVE-2022-22764 CVE-2022-22764
                        CVE-2022-22844 CVE-2022-23181 CVE-2022-2319 CVE-2022-2320 CVE-2022-23218
                        CVE-2022-23219 CVE-2022-23302 CVE-2022-23305 CVE-2022-23307 CVE-2022-23437
                        CVE-2022-23437 CVE-2022-23468 CVE-2022-23471 CVE-2022-23471 CVE-2022-23477
                        CVE-2022-23478 CVE-2022-23479 CVE-2022-23480 CVE-2022-23481 CVE-2022-23482
                        CVE-2022-23483 CVE-2022-23484 CVE-2022-23491 CVE-2022-23491 CVE-2022-23493
                        CVE-2022-23514 CVE-2022-23515 CVE-2022-23516 CVE-2022-23521 CVE-2022-23524
                        CVE-2022-23525 CVE-2022-23526 CVE-2022-23527 CVE-2022-23552 CVE-2022-23633
                        CVE-2022-23634 CVE-2022-23648 CVE-2022-23648 CVE-2022-23806 CVE-2022-23806
                        CVE-2022-2385 CVE-2022-24048 CVE-2022-24050 CVE-2022-24051 CVE-2022-24052
                        CVE-2022-24130 CVE-2022-24302 CVE-2022-24713 CVE-2022-24713 CVE-2022-24713
                        CVE-2022-24735 CVE-2022-24736 CVE-2022-2476 CVE-2022-24761 CVE-2022-24765
                        CVE-2022-24765 CVE-2022-24769 CVE-2022-24790 CVE-2022-24795 CVE-2022-24805
                        CVE-2022-24806 CVE-2022-24807 CVE-2022-24808 CVE-2022-24809 CVE-2022-24810
                        CVE-2022-24823 CVE-2022-24828 CVE-2022-24836 CVE-2022-24839 CVE-2022-24882
                        CVE-2022-24883 CVE-2022-2505 CVE-2022-2505 CVE-2022-2509 CVE-2022-25147
                        CVE-2022-2519 CVE-2022-2520 CVE-2022-2521 CVE-2022-25235 CVE-2022-25236
                        CVE-2022-25308 CVE-2022-25309 CVE-2022-25310 CVE-2022-25313 CVE-2022-25314
                        CVE-2022-25315 CVE-2022-25647 CVE-2022-25857 CVE-2022-2625 CVE-2022-26280
                        CVE-2022-26377 CVE-2022-26381 CVE-2022-26381 CVE-2022-26383 CVE-2022-26383
                        CVE-2022-26384 CVE-2022-26384 CVE-2022-26386 CVE-2022-26386 CVE-2022-26387
                        CVE-2022-26387 CVE-2022-26485 CVE-2022-26485 CVE-2022-26486 CVE-2022-26486
                        CVE-2022-26491 CVE-2022-26520 CVE-2022-26691 CVE-2022-26700 CVE-2022-26709
                        CVE-2022-26710 CVE-2022-26716 CVE-2022-26717 CVE-2022-26719 CVE-2022-26981
                        CVE-2022-2719 CVE-2022-27191 CVE-2022-27191 CVE-2022-27191 CVE-2022-27239
                        CVE-2022-27376 CVE-2022-27377 CVE-2022-27378 CVE-2022-27379 CVE-2022-27380
                        CVE-2022-27381 CVE-2022-27382 CVE-2022-27383 CVE-2022-27384 CVE-2022-27386
                        CVE-2022-27387 CVE-2022-27404 CVE-2022-27405 CVE-2022-27406 CVE-2022-27444
                        CVE-2022-27445 CVE-2022-27446 CVE-2022-27447 CVE-2022-27448 CVE-2022-27449
                        CVE-2022-27451 CVE-2022-27452 CVE-2022-27455 CVE-2022-27456 CVE-2022-27457
                        CVE-2022-27458 CVE-2022-27664 CVE-2022-27664 CVE-2022-27777 CVE-2022-27777
                        CVE-2022-27943 CVE-2022-2795 CVE-2022-2795 CVE-2022-28281 CVE-2022-28281
                        CVE-2022-28282 CVE-2022-28282 CVE-2022-28285 CVE-2022-28285 CVE-2022-28286
                        CVE-2022-28286 CVE-2022-28289 CVE-2022-28289 CVE-2022-28366 CVE-2022-28463
                        CVE-2022-28614 CVE-2022-28615 CVE-2022-2867 CVE-2022-2868 CVE-2022-2869
                        CVE-2022-28737 CVE-2022-28737 CVE-2022-28739 CVE-2022-2879 CVE-2022-2880
                        CVE-2022-29154 CVE-2022-29155 CVE-2022-29162 CVE-2022-29181 CVE-2022-29187
                        CVE-2022-29187 CVE-2022-29217 CVE-2022-29217 CVE-2022-2928 CVE-2022-2929
                        CVE-2022-29404 CVE-2022-29458 CVE-2022-29527 CVE-2022-29599 CVE-2022-2963
                        CVE-2022-29869 CVE-2022-29909 CVE-2022-29909 CVE-2022-29909 CVE-2022-29911
                        CVE-2022-29911 CVE-2022-29911 CVE-2022-29912 CVE-2022-29912 CVE-2022-29912
                        CVE-2022-29913 CVE-2022-29914 CVE-2022-29914 CVE-2022-29914 CVE-2022-29916
                        CVE-2022-29916 CVE-2022-29916 CVE-2022-29917 CVE-2022-29917 CVE-2022-29917
                        CVE-2022-30067 CVE-2022-30122 CVE-2022-30123 CVE-2022-30293 CVE-2022-3032
                        CVE-2022-3033 CVE-2022-3034 CVE-2022-30522 CVE-2022-30550 CVE-2022-30552
                        CVE-2022-30556 CVE-2022-30767 CVE-2022-30783 CVE-2022-30784 CVE-2022-30785
                        CVE-2022-30786 CVE-2022-30787 CVE-2022-30788 CVE-2022-30789 CVE-2022-30790
                        CVE-2022-3080 CVE-2022-3094 CVE-2022-3094 CVE-2022-31008 CVE-2022-31030
                        CVE-2022-31081 CVE-2022-3109 CVE-2022-3109 CVE-2022-31116 CVE-2022-31117
                        CVE-2022-31163 CVE-2022-31197 CVE-2022-31250 CVE-2022-31252 CVE-2022-31256
                        CVE-2022-31394 CVE-2022-3155 CVE-2022-31625 CVE-2022-31625 CVE-2022-31625
                        CVE-2022-31626 CVE-2022-31626 CVE-2022-31626 CVE-2022-31628 CVE-2022-31628
                        CVE-2022-31629 CVE-2022-31629 CVE-2022-31630 CVE-2022-31630 CVE-2022-31631
                        CVE-2022-31631 CVE-2022-31676 CVE-2022-3171 CVE-2022-31736 CVE-2022-31736
                        CVE-2022-31737 CVE-2022-31737 CVE-2022-31738 CVE-2022-31738 CVE-2022-31739
                        CVE-2022-31739 CVE-2022-31740 CVE-2022-31740 CVE-2022-31741 CVE-2022-31741
                        CVE-2022-31741 CVE-2022-31741 CVE-2022-31742 CVE-2022-31742 CVE-2022-31744
                        CVE-2022-31744 CVE-2022-31744 CVE-2022-31747 CVE-2022-31747 CVE-2022-31783
                        CVE-2022-31799 CVE-2022-31813 CVE-2022-3190 CVE-2022-32081 CVE-2022-32082
                        CVE-2022-32083 CVE-2022-32084 CVE-2022-32085 CVE-2022-32086 CVE-2022-32087
                        CVE-2022-32088 CVE-2022-32089 CVE-2022-32091 CVE-2022-3213 CVE-2022-32190
                        CVE-2022-32205 CVE-2022-32206 CVE-2022-32207 CVE-2022-32208 CVE-2022-32209
                        CVE-2022-32212 CVE-2022-32213 CVE-2022-32214 CVE-2022-32215 CVE-2022-32221
                        CVE-2022-32545 CVE-2022-32546 CVE-2022-32547 CVE-2022-3266 CVE-2022-32792
                        CVE-2022-32816 CVE-2022-32885 CVE-2022-32886 CVE-2022-32886 CVE-2022-32888
                        CVE-2022-32893 CVE-2022-32912 CVE-2022-32912 CVE-2022-32923 CVE-2022-32990
                        CVE-2022-33068 CVE-2022-33103 CVE-2022-33196 CVE-2022-3341 CVE-2022-3341
                        CVE-2022-33967 CVE-2022-34169 CVE-2022-34169 CVE-2022-34169 CVE-2022-34169
                        CVE-2022-34169 CVE-2022-34266 CVE-2022-34468 CVE-2022-34468 CVE-2022-34468
                        CVE-2022-34468 CVE-2022-34469 CVE-2022-34470 CVE-2022-34470 CVE-2022-34470
                        CVE-2022-34470 CVE-2022-34471 CVE-2022-34472 CVE-2022-34472 CVE-2022-34472
                        CVE-2022-34472 CVE-2022-34473 CVE-2022-34474 CVE-2022-34475 CVE-2022-34476
                        CVE-2022-34477 CVE-2022-34478 CVE-2022-34478 CVE-2022-34478 CVE-2022-34478
                        CVE-2022-34479 CVE-2022-34479 CVE-2022-34479 CVE-2022-34479 CVE-2022-34480
                        CVE-2022-34481 CVE-2022-34481 CVE-2022-34481 CVE-2022-34481 CVE-2022-34482
                        CVE-2022-34483 CVE-2022-34484 CVE-2022-34484 CVE-2022-34484 CVE-2022-34484
                        CVE-2022-34485 CVE-2022-34526 CVE-2022-3479 CVE-2022-34835 CVE-2022-34903
                        CVE-2022-3500 CVE-2022-3515 CVE-2022-35252 CVE-2022-35255 CVE-2022-35256
                        CVE-2022-3534 CVE-2022-3550 CVE-2022-3551 CVE-2022-3554 CVE-2022-3555
                        CVE-2022-3555 CVE-2022-3560 CVE-2022-3570 CVE-2022-35737 CVE-2022-35929
                        CVE-2022-3597 CVE-2022-35977 CVE-2022-3598 CVE-2022-3599 CVE-2022-36021
                        CVE-2022-36021 CVE-2022-36033 CVE-2022-36055 CVE-2022-36056 CVE-2022-36059
                        CVE-2022-3606 CVE-2022-36109 CVE-2022-36227 CVE-2022-3626 CVE-2022-3627
                        CVE-2022-36314 CVE-2022-36314 CVE-2022-36318 CVE-2022-36318 CVE-2022-36318
                        CVE-2022-36318 CVE-2022-36319 CVE-2022-36319 CVE-2022-36319 CVE-2022-36319
                        CVE-2022-3647 CVE-2022-3650 CVE-2022-3676 CVE-2022-36760 CVE-2022-37026
                        CVE-2022-3725 CVE-2022-37290 CVE-2022-3736 CVE-2022-37436 CVE-2022-37454
                        CVE-2022-37454 CVE-2022-37454 CVE-2022-37865 CVE-2022-37866 CVE-2022-38090
                        CVE-2022-38126 CVE-2022-38127 CVE-2022-38177 CVE-2022-38177 CVE-2022-38178
                        CVE-2022-38178 CVE-2022-3821 CVE-2022-38223 CVE-2022-38398 CVE-2022-38472
                        CVE-2022-38472 CVE-2022-38472 CVE-2022-38473 CVE-2022-38473 CVE-2022-38473
                        CVE-2022-38476 CVE-2022-38476 CVE-2022-38477 CVE-2022-38477 CVE-2022-38478
                        CVE-2022-38478 CVE-2022-38478 CVE-2022-38533 CVE-2022-3854 CVE-2022-38648
                        CVE-2022-38749 CVE-2022-38750 CVE-2022-38751 CVE-2022-38752 CVE-2022-38752
                        CVE-2022-38784 CVE-2022-38784 CVE-2022-38791 CVE-2022-39028 CVE-2022-39236
                        CVE-2022-3924 CVE-2022-39249 CVE-2022-39250 CVE-2022-39251 CVE-2022-39253
                        CVE-2022-39260 CVE-2022-39282 CVE-2022-39283 CVE-2022-39316 CVE-2022-39317
                        CVE-2022-39318 CVE-2022-39319 CVE-2022-39320 CVE-2022-39324 CVE-2022-39347
                        CVE-2022-39348 CVE-2022-39399 CVE-2022-39399 CVE-2022-39399 CVE-2022-3964
                        CVE-2022-3970 CVE-2022-40023 CVE-2022-40146 CVE-2022-40149 CVE-2022-40150
                        CVE-2022-40151 CVE-2022-40284 CVE-2022-4065 CVE-2022-40674 CVE-2022-40897
                        CVE-2022-40898 CVE-2022-40899 CVE-2022-40956 CVE-2022-40956 CVE-2022-40957
                        CVE-2022-40957 CVE-2022-40958 CVE-2022-40958 CVE-2022-40959 CVE-2022-40959
                        CVE-2022-40960 CVE-2022-40960 CVE-2022-40962 CVE-2022-40962 CVE-2022-41317
                        CVE-2022-41318 CVE-2022-41715 CVE-2022-41716 CVE-2022-41717 CVE-2022-41720
                        CVE-2022-41720 CVE-2022-41722 CVE-2022-41722 CVE-2022-41723 CVE-2022-41723
                        CVE-2022-41723 CVE-2022-41723 CVE-2022-41724 CVE-2022-41724 CVE-2022-41724
                        CVE-2022-41725 CVE-2022-41725 CVE-2022-41725 CVE-2022-41741 CVE-2022-41742
                        CVE-2022-41859 CVE-2022-41860 CVE-2022-41861 CVE-2022-41862 CVE-2022-41862
                        CVE-2022-41877 CVE-2022-41881 CVE-2022-41903 CVE-2022-41915 CVE-2022-41946
                        CVE-2022-41966 CVE-2022-42003 CVE-2022-42004 CVE-2022-42010 CVE-2022-42011
                        CVE-2022-42012 CVE-2022-42252 CVE-2022-42799 CVE-2022-42823 CVE-2022-42824
                        CVE-2022-42826 CVE-2022-4283 CVE-2022-42852 CVE-2022-42856 CVE-2022-42863
                        CVE-2022-42867 CVE-2022-42889 CVE-2022-42916 CVE-2022-42920 CVE-2022-42927
                        CVE-2022-42927 CVE-2022-42928 CVE-2022-42928 CVE-2022-42929 CVE-2022-42929
                        CVE-2022-42932 CVE-2022-42932 CVE-2022-42969 CVE-2022-4304 CVE-2022-4345
                        CVE-2022-43548 CVE-2022-43551 CVE-2022-43552 CVE-2022-43680 CVE-2022-4415
                        CVE-2022-4415 CVE-2022-44267 CVE-2022-44268 CVE-2022-44566 CVE-2022-44570
                        CVE-2022-44571 CVE-2022-44572 CVE-2022-44617 CVE-2022-44638 CVE-2022-44792
                        CVE-2022-44793 CVE-2022-45061 CVE-2022-45063 CVE-2022-45143 CVE-2022-4515
                        CVE-2022-45153 CVE-2022-45403 CVE-2022-45403 CVE-2022-45404 CVE-2022-45404
                        CVE-2022-45405 CVE-2022-45405 CVE-2022-45406 CVE-2022-45406 CVE-2022-45408
                        CVE-2022-45408 CVE-2022-45409 CVE-2022-45409 CVE-2022-45410 CVE-2022-45410
                        CVE-2022-45411 CVE-2022-45411 CVE-2022-45412 CVE-2022-45412 CVE-2022-45414
                        CVE-2022-45416 CVE-2022-45416 CVE-2022-45418 CVE-2022-45418 CVE-2022-45420
                        CVE-2022-45420 CVE-2022-45421 CVE-2022-45421 CVE-2022-45685 CVE-2022-45693
                        CVE-2022-45939 CVE-2022-46146 CVE-2022-46146 CVE-2022-46146 CVE-2022-46149
                        CVE-2022-46174 CVE-2022-46285 CVE-2022-46340 CVE-2022-46340 CVE-2022-46341
                        CVE-2022-46342 CVE-2022-46343 CVE-2022-46344 CVE-2022-46663 CVE-2022-46691
                        CVE-2022-46692 CVE-2022-46698 CVE-2022-46699 CVE-2022-46700 CVE-2022-46871
                        CVE-2022-46871 CVE-2022-46872 CVE-2022-46872 CVE-2022-46874 CVE-2022-46874
                        CVE-2022-46874 CVE-2022-46875 CVE-2022-46875 CVE-2022-46877 CVE-2022-46877
                        CVE-2022-46878 CVE-2022-46878 CVE-2022-46880 CVE-2022-46880 CVE-2022-46881
                        CVE-2022-46881 CVE-2022-46882 CVE-2022-46882 CVE-2022-46908 CVE-2022-4743
                        CVE-2022-47629 CVE-2022-48279 CVE-2022-48281 CVE-2022-48303 CVE-2022-48337
                        CVE-2022-48338 CVE-2022-48339 CVE-2022-48434 CVE-2022-48434 CVE-2022-48468
                        CVE-2022-4883 CVE-2022-4899 CVE-2022-4900 CVE-2022-4904 CVE-2023-0056
                        CVE-2023-0215 CVE-2023-0241 CVE-2023-0286 CVE-2023-0286 CVE-2023-0361
                        CVE-2023-0411 CVE-2023-0412 CVE-2023-0413 CVE-2023-0415 CVE-2023-0416
                        CVE-2023-0417 CVE-2023-0430 CVE-2023-0464 CVE-2023-0465 CVE-2023-0466
                        CVE-2023-0494 CVE-2023-0547 CVE-2023-0567 CVE-2023-0568 CVE-2023-0568
                        CVE-2023-0616 CVE-2023-0662 CVE-2023-0662 CVE-2023-0687 CVE-2023-0767
                        CVE-2023-0767 CVE-2023-0767 CVE-2023-0996 CVE-2023-1017 CVE-2023-1018
                        CVE-2023-1161 CVE-2023-1289 CVE-2023-1393 CVE-2023-1729 CVE-2023-1729
                        CVE-2023-1906 CVE-2023-1945 CVE-2023-1945 CVE-2023-1981 CVE-2023-1992
                        CVE-2023-1993 CVE-2023-1994 CVE-2023-1999 CVE-2023-20032 CVE-2023-20052
                        CVE-2023-21830 CVE-2023-21830 CVE-2023-21835 CVE-2023-21835 CVE-2023-21835
                        CVE-2023-21843 CVE-2023-21843 CVE-2023-21843 CVE-2023-21843 CVE-2023-21930
                        CVE-2023-21930 CVE-2023-21937 CVE-2023-21937 CVE-2023-21938 CVE-2023-21938
                        CVE-2023-21939 CVE-2023-21939 CVE-2023-21954 CVE-2023-21954 CVE-2023-21967
                        CVE-2023-21967 CVE-2023-21968 CVE-2023-21968 CVE-2023-22298 CVE-2023-22458
                        CVE-2023-22486 CVE-2023-22490 CVE-2023-2253 CVE-2023-22742 CVE-2023-22745
                        CVE-2023-22792 CVE-2023-22795 CVE-2023-22796 CVE-2023-22799 CVE-2023-23517
                        CVE-2023-23518 CVE-2023-23529 CVE-2023-23598 CVE-2023-23598 CVE-2023-23599
                        CVE-2023-23601 CVE-2023-23601 CVE-2023-23602 CVE-2023-23602 CVE-2023-23603
                        CVE-2023-23603 CVE-2023-23605 CVE-2023-23605 CVE-2023-23914 CVE-2023-23915
                        CVE-2023-23916 CVE-2023-23918 CVE-2023-23919 CVE-2023-23920 CVE-2023-23931
                        CVE-2023-23936 CVE-2023-23946 CVE-2023-24021 CVE-2023-24329 CVE-2023-24532
                        CVE-2023-24532 CVE-2023-24532 CVE-2023-24534 CVE-2023-24534 CVE-2023-24534
                        CVE-2023-24534 CVE-2023-24536 CVE-2023-24536 CVE-2023-24536 CVE-2023-24536
                        CVE-2023-24537 CVE-2023-24537 CVE-2023-24537 CVE-2023-24537 CVE-2023-24538
                        CVE-2023-24538 CVE-2023-24538 CVE-2023-24538 CVE-2023-24539 CVE-2023-24539
                        CVE-2023-2454 CVE-2023-2454 CVE-2023-24540 CVE-2023-24540 CVE-2023-2455
                        CVE-2023-2455 CVE-2023-24593 CVE-2023-24807 CVE-2023-24998 CVE-2023-25153
                        CVE-2023-25155 CVE-2023-25155 CVE-2023-25165 CVE-2023-25165 CVE-2023-25173
                        CVE-2023-25180 CVE-2023-25193 CVE-2023-25358 CVE-2023-25360 CVE-2023-25361
                        CVE-2023-25362 CVE-2023-25363 CVE-2023-25577 CVE-2023-25652 CVE-2023-25690
                        CVE-2023-25725 CVE-2023-25728 CVE-2023-25728 CVE-2023-25729 CVE-2023-25729
                        CVE-2023-25730 CVE-2023-25730 CVE-2023-25732 CVE-2023-25732 CVE-2023-25734
                        CVE-2023-25734 CVE-2023-25735 CVE-2023-25735 CVE-2023-25737 CVE-2023-25737
                        CVE-2023-25738 CVE-2023-25738 CVE-2023-25739 CVE-2023-25739 CVE-2023-25742
                        CVE-2023-25742 CVE-2023-25743 CVE-2023-25744 CVE-2023-25746 CVE-2023-25746
                        CVE-2023-25748 CVE-2023-25749 CVE-2023-25750 CVE-2023-25751 CVE-2023-25751
                        CVE-2023-25752 CVE-2023-25752 CVE-2023-25809 CVE-2023-25815 CVE-2023-26551
                        CVE-2023-26552 CVE-2023-26553 CVE-2023-26554 CVE-2023-26767 CVE-2023-26768
                        CVE-2023-26769 CVE-2023-27371 CVE-2023-27522 CVE-2023-27530 CVE-2023-27533
                        CVE-2023-27534 CVE-2023-27535 CVE-2023-27536 CVE-2023-27538 CVE-2023-27539
                        CVE-2023-27561 CVE-2023-27932 CVE-2023-27954 CVE-2023-28159 CVE-2023-28160
                        CVE-2023-28161 CVE-2023-28162 CVE-2023-28162 CVE-2023-28163 CVE-2023-28163
                        CVE-2023-28164 CVE-2023-28164 CVE-2023-28176 CVE-2023-28176 CVE-2023-28177
                        CVE-2023-28205 CVE-2023-28319 CVE-2023-28320 CVE-2023-28321 CVE-2023-28322
                        CVE-2023-28427 CVE-2023-28625 CVE-2023-28642 CVE-2023-28708 CVE-2023-28856
                        CVE-2023-28879 CVE-2023-29007 CVE-2023-29383 CVE-2023-29400 CVE-2023-29400
                        CVE-2023-29479 CVE-2023-29491 CVE-2023-29531 CVE-2023-29531 CVE-2023-29532
                        CVE-2023-29532 CVE-2023-29533 CVE-2023-29533 CVE-2023-29535 CVE-2023-29535
                        CVE-2023-29536 CVE-2023-29536 CVE-2023-29539 CVE-2023-29539 CVE-2023-29541
                        CVE-2023-29541 CVE-2023-29542 CVE-2023-29542 CVE-2023-29545 CVE-2023-29545
                        CVE-2023-29548 CVE-2023-29548 CVE-2023-29550 CVE-2023-29550 CVE-2023-29659
                        CVE-2023-30551 CVE-2023-30630 CVE-2023-32205 CVE-2023-32205 CVE-2023-32206
                        CVE-2023-32206 CVE-2023-32207 CVE-2023-32207 CVE-2023-32211 CVE-2023-32211
                        CVE-2023-32212 CVE-2023-32212 CVE-2023-32213 CVE-2023-32213 CVE-2023-32214
                        CVE-2023-32214 CVE-2023-32215 CVE-2023-32215 CVE-2023-4759 ECO-338
                        ECO-368 ECO-550 SLE-5734 SLE-5958 SLE-6206 SLE-6533 SLE-6536
                        SLE-6738 SLE-7765 SLE-7766 SLE-8705 
-----------------------------------------------------------------

The container SUSE was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1189-1
Released:    Wed Jun 20 16:20:01 2018
Summary:     Security update for go, go1.9
Type:        security
Severity:    moderate
References:  1081495,1085785,CVE-2018-7187
This update for go and go1.9 fixes the following issues:
  
The following security issues have been addressed for both packages:
  
- CVE-2018-7187: Fixed the validation of the import path in the go get command,
  which allowed for arbitrary command execution via VCS path when the -insecure
  flag is used (bsc#1081495)

The following other changes have been made for go1.9:

- Fixes to the go command and the crypto/x509 and strings packages, which add
  minimal support to the go command for the vgo transition.
- Several fixes to the compiler and go command
- Fixed various issues in go trace (bsc#1085785):
- Ensure go binaries are not stripped (eg: go tools trace), this caused some of
  them to misbehave
- Ensure go trace html template is shipped as part of the installation,
  otherwise the web UI won't work

For details on any other changes see the Go milestones on the official
issue tracker.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1277-1
Released:    Thu Jul  5 08:38:06 2018
Summary:     Security update for unzip
Type:        security
Severity:    moderate
References:  1080074,910683,914442,CVE-2014-9636,CVE-2018-1000035
This update for unzip fixes the following issues:

- CVE-2014-9636: Prevent denial of service (out-of-bounds read or write and
  crash) via an extra field with an uncompressed size smaller than the compressed
  field size in a zip archive that advertises STORED method compression
  (bsc#914442)
- CVE-2018-1000035: Prevent heap-based buffer overflow in the processing of
  password-protected archives that allowed an attacker to perform a denial of
  service or to possibly achieve code execution (bsc#1080074)

This non-security issue was fixed:

+- Allow processing of Windows zip64 archives (Windows archivers set
  total_disks field to 0 but per standard, valid values are 1 and higher)
  (bnc#910683)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1279-1
Released:    Thu Jul  5 08:41:25 2018
Summary:     Security update for tiff
Type:        security
Severity:    moderate
References:  1074317,1082332,1082825,1086408,1092949,CVE-2017-11613,CVE-2017-18013,CVE-2018-10963,CVE-2018-7456,CVE-2018-8905
This update for tiff fixes the following security issues:

These security issues were fixed:

- CVE-2017-18013: Fixed a NULL pointer dereference in the
  tif_print.cTIFFPrintDirectory function that could have lead to denial of
  service (bsc#1074317).
- CVE-2018-10963: Fixed an assertion failure in the TIFFWriteDirectorySec()
  function in tif_dirwrite.c, which allowed remote attackers to cause a denial
  of service via a crafted file (bsc#1092949).
- CVE-2018-7456: Prevent a NULL Pointer dereference in the function
  TIFFPrintDirectory when using the tiffinfo tool to print crafted TIFF
  information, a different vulnerability than CVE-2017-18013 (bsc#1082825).
- CVE-2017-11613: Prevent denial of service in the TIFFOpen function. During
  the TIFFOpen process, td_imagelength is not checked. The value of
  td_imagelength can be directly controlled by an input file. In the
  ChopUpSingleUncompressedStrip function, the _TIFFCheckMalloc function is called
  based on td_imagelength. If the value of td_imagelength is set close to the
  amount of system memory, it will hang the system or trigger the OOM killer
  (bsc#1082332).
- CVE-2018-8905: Prevent heap-based buffer overflow in the function
  LZWDecodeCompat via a crafted TIFF file (bsc#1086408).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1281-1
Released:    Thu Jul  5 08:44:42 2018
Summary:     Security update for ghostscript
Type:        security
Severity:    moderate
References:  1090099,CVE-2018-10194
This update for ghostscript fixes the following issues:

- CVE-2018-10194: The set_text_distance function did not prevent overflows in
  text-positioning calculation, which allowed remote attackers to cause a denial
  of service (application crash) or possibly have unspecified other impact via a
  crafted PDF document (bsc#1090099).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1282-1
Released:    Thu Jul  5 08:46:19 2018
Summary:     Security update for libvorbis
Type:        security
Severity:    moderate
References:  1091070,CVE-2018-10392
This update for libvorbis fixes the following issues:

The following security issue was fixed:

  - Fixed the validation of channels in mapping0_forward(), which previously
    allowed remote attackers to cause a denial of service via specially crafted
    files (CVE-2018-10392, bsc#1091070)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1292-1
Released:    Mon Jul  9 11:57:14 2018
Summary:     Security update for openslp
Type:        security
Severity:    important
References:  1090638,CVE-2017-17833
This update for openslp fixes the following issues:

- CVE-2017-17833: Prevent heap-related memory corruption issue which may have
  manifested itself as a denial-of-service or a remote code-execution
  vulnerability (bsc#1090638)
- Prevent out of bounds reads in message parsing

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:1307-1
Released:    Wed Jul 11 17:25:54 2018
Summary:     Recommended update for google-compute-engine
Type:        recommended
Severity:    moderate
References:  1097378
This update for google-compute-engine fixes the following issues:

- Ensure that google-ip-forwarding-daemon service and google-network-setup are stopped and disabled during upgrade.
- Ensure that google-network-daemon service is enabled and started during upgrade.
- Set run_dir to /var/run. (bsc#1097378, #1097616)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1319-1
Released:    Thu Jul 12 11:04:25 2018
Summary:     Security update for java-1_8_0-openjdk
Type:        security
Severity:    important
References:  1087066,1090023,1090024,1090025,1090026,1090027,1090028,1090029,1090030,1090032,1090033,CVE-2018-2790,CVE-2018-2794,CVE-2018-2795,CVE-2018-2796,CVE-2018-2797,CVE-2018-2798,CVE-2018-2799,CVE-2018-2800,CVE-2018-2814,CVE-2018-2815
This update for java-1_8_0-openjdk to version 8u171 fixes the following issues:

These security issues were fixed:

- S8180881: Better packaging of deserialization
- S8182362: Update CipherOutputStream Usage
- S8183032: Upgrade to LittleCMS 2.9
- S8189123: More consistent classloading
- S8189969, CVE-2018-2790, bsc#1090023: Manifest better manifest entries
- S8189977, CVE-2018-2795, bsc#1090025: Improve permission portability
- S8189981, CVE-2018-2796, bsc#1090026: Improve queuing portability
- S8189985, CVE-2018-2797, bsc#1090027: Improve tabular data portability
- S8189989, CVE-2018-2798, bsc#1090028: Improve container portability
- S8189993, CVE-2018-2799, bsc#1090029: Improve document portability
- S8189997, CVE-2018-2794, bsc#1090024: Enhance keystore mechanisms
- S8190478: Improved interface method selection
- S8190877: Better handling of abstract classes
- S8191696: Better mouse positioning
- S8192025, CVE-2018-2814, bsc#1090032: Less referential references
- S8192030: Better MTSchema support
- S8192757, CVE-2018-2815, bsc#1090033: Improve stub classes implementation
- S8193409: Improve AES supporting classes
- S8193414: Improvements in MethodType lookups
- S8193833, CVE-2018-2800, bsc#1090030: Better RMI connection support

For other changes please consult the changelog.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1323-1
Released:    Fri Jul 13 09:26:19 2018
Summary:     Security update for libopenmpt
Type:        security
Severity:    moderate
References:  1089080,1095644,CVE-2018-10017,CVE-2018-11710
This update for libopenmpt to version 0.3.9 fixes the following issues:

These security issues were fixed:

- CVE-2018-11710: Prevent write near address 0 in out-of-memory situations when
  reading AMS files (bsc#1095644)
- CVE-2018-10017: Preven out-of-bounds memory read with IT/ITP/MO3 files
  containing pattern loops (bsc#1089080)

These non-security issues were fixed:

- [Bug] openmpt123: Fixed build failure in C++17 due to use of
  removed feature std::random_shuffle.
- STM: Having both Bxx and Cxx commands in a pattern imported
  the Bxx command incorrectly.
- STM: Last character of sample name was missing.
- Speed up reading of truncated ULT files.
- ULT: Portamento import was sometimes broken.
- The resonant filter was sometimes unstable when combining
  low-volume samples, low cutoff and high mixing rates.
- Keep track of active SFx macro during seeking.
- The 'note cut' duplicate note action did not volume-ramp the
  previously playing sample.
- A song starting with non-existing patterns could not be played.
- DSM: Support restart position and 16-bit samples.
- DTM: Import global volume.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:1332-1
Released:    Tue Jul 17 09:01:19 2018
Summary:     Recommended update for timezone
Type:        recommended
Severity:    moderate
References:  1073299,1093392
This update for timezone provides the following fixes:

- North Korea switches back from +0830 to +09 on 2018-05-05.
- Ireland's standard time is in the summer, with negative DST offset to standard time used
  in Winter. (bsc#1073299)
- yast2-country is no longer setting TIMEZONE in /etc/sysconfig/clock and is calling systemd
  timedatectl instead. Do not set /etc/localtime on timezone package updates to avoid
  setting an incorrect timezone. (bsc#1093392)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:1335-1
Released:    Tue Jul 17 10:13:39 2018
Summary:     Recommended update for cloud-netconfig
Type:        recommended
Severity:    moderate
References:  1095485
This update for cloud-netconfig fixes the following issues:

- Make interface names in Azure persistent. (bsc#1095485)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1348-1
Released:    Thu Jul 19 09:32:11 2018
Summary:     Security update for wireshark
Type:        security
Severity:    moderate
References:  1094301,CVE-2018-11356,CVE-2018-11357,CVE-2018-11358,CVE-2018-11359,CVE-2018-11360,CVE-2018-11362
This update for wireshark fixes vulnerabilities that could be
used to trigger dissector crashes or cause dissectors to go into large infinite
loops by making Wireshark read specially crafted packages from the network or
capture files (bsc#1094301).

This includes:

- CVE-2018-11356: DNS dissector crash 
- CVE-2018-11357: Multiple dissectors could consume excessive memory 
- CVE-2018-11358: Q.931 dissector crash
- CVE-2018-11359: The RRC dissector and other dissectors could crash
- CVE-2018-11360: GSM A DTAP dissector crash 
- CVE-2018-11362: LDSS dissector crash 

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1349-1
Released:    Thu Jul 19 09:35:42 2018
Summary:     Security update for rubygem-sprockets
Type:        security
Severity:    moderate
References:  1098369,CVE-2018-3760
This update for rubygem-sprockets fixes the following issues:

The following security vulnerability was addressed:

- CVE-2018-3760: Fixed a path traversal issue in sprockets/server.rb:forbidden_request?(), which allowed remote attackers to read arbitrary files (bsc#1098369)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1371-1
Released:    Mon Jul 23 10:37:01 2018
Summary:     Security update for openssl-1_1
Type:        security
Severity:    moderate
References:  1097158,1097624,1098592,CVE-2018-0732
This update for openssl-1_1 fixes the following issues:

- CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based
  ciphersuite a malicious server could have sent a very large prime value to the
  client. This caused the client to spend an unreasonably long period of time
  generating a key for this prime resulting in a hang until the client has
  finished. This could be exploited in a Denial Of Service attack (bsc#1097158).
- Blinding enhancements for ECDSA and DSA (bsc#1097624, bsc#1098592)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1398-1
Released:    Thu Jul 26 16:27:58 2018
Summary:     Security update for java-1_8_0-ibm
Type:        security
Severity:    important
References:  1085449,1093311,CVE-2018-1417,CVE-2018-2783,CVE-2018-2790,CVE-2018-2794,CVE-2018-2795,CVE-2018-2796,CVE-2018-2797,CVE-2018-2798,CVE-2018-2799,CVE-2018-2800,CVE-2018-2814,CVE-2018-2825,CVE-2018-2826

IBM Java was updated to version 8.0.5.15 [bsc#1093311, bsc#1085449]

Security fixes:

- CVE-2018-2826 CVE-2018-2825 CVE-2018-2814 CVE-2018-2794
  CVE-2018-2783 CVE-2018-2799 CVE-2018-2798 CVE-2018-2797
  CVE-2018-2796 CVE-2018-2795 CVE-2018-2800 CVE-2018-2790
  CVE-2018-1417

- Removed translations in the java-1_8_0-ibm-devel-32bit package
  as they conflict with those in java-1_8_0-ibm-devel.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1404-1
Released:    Thu Jul 26 16:41:42 2018
Summary:     Security update for libsndfile
Type:        security
Severity:    moderate
References:  1071767,1071777,1100167,CVE-2017-17456,CVE-2017-17457,CVE-2018-13139
This update for libsndfile fixes the following issues:

Security issues fixed:

- CVE-2018-13139: Fix a stack-based buffer overflow in psf_memset in common.c that allows remote attackers to cause a denial of service (bsc#1100167).
- CVE-2017-17456: Prevent segmentation fault in the function d2alaw_array() that may have lead to a remote DoS (bsc#1071777)
- CVE-2017-17457: Prevent segmentation fault in the function d2ulaw_array() that may have lead to a remote DoS, a different vulnerability than CVE-2017-14246 (bsc#1071767)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:1411-1
Released:    Fri Jul 27 06:48:11 2018
Summary:     Recommended update for SAPHanaSR-ScaleOut
Type:        recommended
Severity:    moderate
References:  1091988,1092331
This update for SAPHanaSR-ScaleOut provides the following fixes:

- Fix a problem that was causing SAPHanaSR-showAttr to fail opening an archived cib file.
  (bsc#1092331)
- Make sure SAPHanaSR-monitor depends only on packages available in SLES. (bsc#1091988)
- Move SAPHanaSR-showAttr, SAPHanaSR-monitor to /usr/sbin to match the file layout in
  SAPHanaSR-ScaleUp.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1416-1
Released:    Fri Jul 27 12:47:55 2018
Summary:     Security update for mutt
Type:        security
Severity:    important
References:  1094717,1101428,1101566,1101567,1101568,1101569,1101570,1101571,1101573,1101576,1101577,1101578,1101581,1101582,1101583,1101588,1101589,CVE-2014-9116,CVE-2018-14349,CVE-2018-14350,CVE-2018-14351,CVE-2018-14352,CVE-2018-14353,CVE-2018-14354,CVE-2018-14355,CVE-2018-14356,CVE-2018-14357,CVE-2018-14358,CVE-2018-14359,CVE-2018-14360,CVE-2018-14361,CVE-2018-14362,CVE-2018-14363
This update for mutt fixes the following issues:

Security issues fixed:

- bsc#1101428: Mutt 1.10.1 security release update.
- CVE-2018-14351: Fix imap/command.c that mishandles long IMAP status mailbox literal count size (bsc#1101583).
- CVE-2018-14353: Fix imap_quote_string in imap/util.c that has an integer underflow (bsc#1101581).
- CVE-2018-14362: Fix pop.c that does not forbid characters that may have unsafe interaction with message-cache pathnames (bsc#1101567).
- CVE-2018-14354: Fix arbitrary command execution from remote IMAP servers via backquote characters (bsc#1101578).
- CVE-2018-14352: Fix imap_quote_string in imap/util.c that does not leave room for quote characters (bsc#1101582).
- CVE-2018-14356: Fix pop.c that mishandles a zero-length UID (bsc#1101576).
- CVE-2018-14355: Fix imap/util.c that mishandles '..' directory traversal in a mailbox name (bsc#1101577).
- CVE-2018-14349: Fix imap/command.c that mishandles a NO response without a message (bsc#1101589).
- CVE-2018-14350: Fix imap/message.c that has a stack-based buffer overflow for a FETCH response with along INTERNALDATE field (bsc#1101588).
- CVE-2018-14363: Fix newsrc.c that does not properlyrestrict '/' characters that may have unsafe interaction with cache pathnames (bsc#1101566).
- CVE-2018-14359: Fix buffer overflow via base64 data (bsc#1101570).
- CVE-2018-14358: Fix imap/message.c that has a stack-based buffer overflow for a FETCH response with along RFC822.SIZE field (bsc#1101571).
- CVE-2018-14360: Fix nntp_add_group in newsrc.c that has a stack-based buffer overflow because of incorrect sscanf usage (bsc#1101569).
- CVE-2018-14357: Fix that remote IMAP servers are allowed to execute arbitrary commands via backquote characters (bsc#1101573).
- CVE-2018-14361: Fix that nntp.c proceeds even if memory allocation fails for messages data (bsc#1101568).

Bug fixes:

- mutt reports as neomutt and incorrect version (bsc#1094717)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:1458-1
Released:    Tue Jul 31 12:48:18 2018
Summary:     Recommended update for lapack
Type:        recommended
Severity:    moderate
References:  1087426
This update for lapack fixes the following issues:

- Build tmglib and fold contents into existing liblapack{.a,.so.3}. (bsc#1087426)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1462-1
Released:    Tue Jul 31 14:04:41 2018
Summary:     Security update for java-11-openjdk
Type:        security
Severity:    moderate
References:  1101645,1101651,1101655,1101656,CVE-2018-2940,CVE-2018-2952,CVE-2018-2972,CVE-2018-2973
This java-11-openjdk update to version jdk-11+24 fixes the following issues:

Security issues fixed:

- CVE-2018-2940: Fix unspecified vulnerability in subcomponent Libraries (bsc#1101645).
- CVE-2018-2952: Fix unspecified vulnerability in subcomponent Concurrency (bsc#1101651).
- CVE-2018-2972: Fix unspecified vulnerability in subcomponent Security (bsc#1101655).
- CVE-2018-2973: Fix unspecified vulnerability in subcomponent JSSE (bsc#1101656).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1476-1
Released:    Thu Aug  2 14:20:03 2018
Summary:     Security update for cups
Type:        security
Severity:    moderate
References:  1096405,1096406,1096407,1096408,CVE-2018-4180,CVE-2018-4181,CVE-2018-4182,CVE-2018-4183
This update for cups fixes the following issues:

The following security vulnerabilities were fixed:

- Fixed a local privilege escalation to root and sandbox bypasses in the
  scheduler
- CVE-2018-4180: Fixed a local privilege escalation to root in dnssd backend
  (bsc#1096405)
- CVE-2018-4181: Limited local file reads as root via cupsd.conf include
  directive (bsc#1096406)
- CVE-2018-4182: Fixed a sandbox bypass due to insecure error handling
  (bsc#1096407)
- CVE-2018-4183: Fixed a sandbox bypass due to profile misconfiguration
  (bsc#1096408)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1509-1
Released:    Tue Aug  7 09:39:07 2018
Summary:     Security update for clamav
Type:        security
Severity:    moderate
References:  1101410,1101412,1101654,1103040,CVE-2018-0360,CVE-2018-0361
This update for clamav to version 0.100.1 fixes the following issues:
  
The following security vulnerabilities were addressed:
  
- CVE-2018-0360: HWP integer overflow, infinite loop vulnerability
  (bsc#1101410)
- CVE-2018-0361: PDF object length check, unreasonably long time to parse
  relatively small file (bsc#1101412)
- Buffer over-read in unRAR code due to missing max value checks in table
  initialization
- Libmspack heap buffer over-read in CHM parser (bsc#1103040)
- PDF parser bugs

The following other changes were made:

- Disable YARA support for licensing reasons (bsc#1101654).
- Add HTTPS support for clamsubmit
- Fix for DNS resolution for users on IPv4-only machines where IPv6 is not
  available or is link-local only

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1512-1
Released:    Tue Aug  7 12:48:02 2018
Summary:     Security update for libcdio
Type:        security
Severity:    low
References:  1082821,1082877,CVE-2017-18199,CVE-2017-18201
This update for libcdio fixes the following issues:

The following security vulnerabilities were addressed:

- CVE-2017-18199: Fixed a NULL pointer dereference in realloc_symlink in rock.c
  (bsc#1082821)
- CVE-2017-18201: Fixed a double free vulnerability in get_cdtext_generic() in
  _cdio_generic.c (bsc#1082877)
- Fixed several memory leaks (bsc#1082821)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1514-1
Released:    Tue Aug  7 18:05:04 2018
Summary:     Security update for enigmail
Type:        security
Severity:    moderate
References:  1094781,1096745,1097525,CVE-2018-12019,CVE-2018-12020
This update for enigmail to 2.0.7 fixes the following issues:

These security issues were fixed:

- CVE-2018-12020: Mitigation against GnuPG signature spoofing:
  Email signatures could be spoofed via an embedded '--filename'
  parameter in OpenPGP literal data packets. This update prevents
  this issue from being exploited if GnuPG was not updated
  (boo#1096745)
- CVE-2018-12019: The signature verification routine interpreted
  User IDs as status/control messages and did not correctly keep
  track of the status of multiple signatures. This allowed remote
  attackers to spoof arbitrary email signatures via public keys
  containing crafted primary user ids (boo#1097525)
- Disallow plaintext (literal packets) outside of encrpyted packets
- Replies to a partially encrypted message may have revealed
  protected information - no longer display PGP/MIME message
  part followed by unencrypted data (bsc#1094781)
- Fix signature Spoofing via Inline-PGP in HTML Mails

These non-security issues were fixed:

- Fix filter actions forgetting selected mail folder names
- Fix compatibility issue with Thunderbird 60b7

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1539-1
Released:    Fri Aug 10 11:39:36 2018
Summary:     Security update for wireshark
Type:        security
Severity:    moderate
References:  1101776,1101777,1101786,1101788,1101791,1101794,1101800,1101802,1101804,1101810,CVE-2018-14339,CVE-2018-14340,CVE-2018-14341,CVE-2018-14342,CVE-2018-14343,CVE-2018-14344,CVE-2018-14367,CVE-2018-14368,CVE-2018-14369,CVE-2018-14370
This update for wireshark fixes the following issues:

Security issues fixed:

- CVE-2018-14342: BGP dissector large loop (wnpa-sec-2018-34, bsc#1101777)
- CVE-2018-14344: ISMP dissector crash (wnpa-sec-2018-35, bsc#1101788)
- CVE-2018-14340: Multiple dissectors could crash (wnpa-sec-2018-36, bsc#1101804)
- CVE-2018-14343: ASN.1 BER dissector crash (wnpa-sec-2018-37, bsc#1101786)
- CVE-2018-14339: MMSE dissector infinite loop (wnpa-sec-2018-38, bsc#1101810)
- CVE-2018-14341: DICOM dissector crash (wnpa-sec-2018-39, bsc#1101776)
- CVE-2018-14368: Bazaar dissector infinite loop (wnpa-sec-2018-40, bsc#1101794)
- CVE-2018-14369: HTTP2 dissector crash (wnpa-sec-2018-41, bsc#1101800)
- CVE-2018-14367: CoAP dissector crash (wnpa-sec-2018-42, bsc#1101791)
- CVE-2018-14370: IEEE 802.11 dissector crash (wnpa-sec-2018-43, bsc#1101802)

Bug fixes:

- Further bug fixes and updated protocol support as listed in:
  https://www.wireshark.org/docs/relnotes/wireshark-2.4.8.html

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1642-1
Released:    Thu Aug 16 16:55:54 2018
Summary:     Security update for perl-Archive-Zip
Type:        security
Severity:    moderate
References:  1099497,CVE-2018-10860
This update for perl-Archive-Zip fixes the following security issue:

- CVE-2018-10860: Prevent directory traversal caused by not properly sanitizing
  paths while extracting zip files. An attacker able to provide a specially
  crafted archive for processing could have used this flaw to write or overwrite
  arbitrary files in the context of the perl interpreter (bsc#1099497)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:1705-1
Released:    Mon Aug 20 16:31:22 2018
Summary:     Recommended update for quota
Type:        recommended
Severity:    important
References:  1104898
This update for quota fixes the following issues:

- Fix issue with high cpu load if RQUOTAD_PORT is set in /etc/sysconfig/nfs. (bsc#1104898)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:1756-1
Released:    Fri Aug 24 17:12:55 2018
Summary:     Recommended update for growpart
Type:        recommended
Severity:    moderate
References:  1097455,1098681
This update for growpart provides the following fix:

- Support btrfs resize and handle ro setup in rootgrow. (bsc#1097455, bsc#1098681)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:1782-1
Released:    Tue Aug 28 18:20:02 2018
Summary:     Recommended update for SAPHanaSR
Type:        recommended
Severity:    moderate
References:  1062267,1091074
This update for SAPHanaSR provides the following fixes:

- Remove show_SAPHanaSR_attributes. The user is advised to use SAPHanaSR-showAttr instead.
  (bsc#1091074)
- Adjust HAWK2 Wizards to run on both Python 2 and 3. (fate#323526)
- SAPHanaSR wizard sets IPAddr2 agent's NIC to eth0. (bsc#1062267)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:1804-1
Released:    Fri Aug 31 13:02:24 2018
Summary:     Recommended update for docker
Type:        recommended
Severity:    moderate
References:  1065609,1073877,1099277,1100727
This update for docker fixes the following issues:

- Build the client binary with -buildmode=pie to fix issues on POWER. (bsc#1100727)
- Fix an issue where changed AppArmor profiles don't actually get applied on Docker daemon reboot. (bsc#1099277)
- Update to AppArmor patch so that signal mediation also works for signals between in-container processes. (bsc#1073877)
- Do not log incorrect warnings when attempting to inject non-existent host files. (bsc#1065609)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:1853-1
Released:    Thu Sep  6 19:41:23 2018
Summary:     Security update for enigmail
Type:        security
Severity:    moderate
References:  1104036
This update for enigmail to 2.0.8 fixes the following issues:

The enigmail 2.0.8 release addresses a security issue and solves a few regression bugs.

* A security issue has been fixed that allows an attacker to prepare
  a plain, unauthenticated HTML message in a way that it looks like
  it's signed and/or encrypted (boo#1104036)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:1861-1
Released:    Mon Sep 10 11:38:53 2018
Summary:     Recommended update for firewalld and susefirewall2-to-firewalld
Type:        recommended
Severity:    moderate
References:  1096542,1098986,1099698,1105157,1105170
This update for firewalld and susefirewall2-to-firewalld fixes the following issues:

firewalld:

- Drop global read permissions from the log file (bsc#1098986)
- Add missing ipv6-icmp protocol to UI drop-down list (bsc#1099698)
- Fix some untranslated strings in the creation of rich rules and firewall-config. (bsc#1096542)
- fw: If failure occurs during startup set state to FAILED.
- fw_direct: Avoid log for untracked passthrough queries.
- Rich Rule Masquerade inverted source-destination in Forward Chain.
- Don't forward interface to zone requests to NM for generated interfaces.
- firewall-cmd, firewall-offline-cmd: Add --check-config option.
- ipset: Check type when parsing ipset definition.
- firewall-config: Add ipv6-icmp to the protocol dropdown box.
- core/logger: Remove world-readable bit from logfile.
- IPv6 rpfilter: Explicitly allow neighbor solicitation.

susefirewall2-to-firewalld:

- Do not try to handle unknown iptables chains.
- Handle source whitelisting. (bsc#1105157)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:1897-1
Released:    Thu Sep 13 15:18:20 2018
Summary:     Recommended update for python3-gcemetadata
Type:        recommended
Severity:    moderate
References:  1097505
This update for python3-gcemetadata fixes the following issues:

- Support instances with multiple Nics. (bsc#1097505)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:1901-1
Released:    Fri Sep 14 12:38:11 2018
Summary:     Recommended update for vncmanager
Type:        recommended
Severity:    moderate
References:  1103552
This update for vncmanager fixes the following issues:

- Declare the service as part of xvnc.target so it can be used as dependency 
  for xvnc-novnc.service. (bsc#1103552)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:1911-1
Released:    Mon Sep 17 14:36:44 2018
Summary:     Recommended update for python3-susepubliccloudinfo
Type:        recommended
Severity:    moderate
References:  1103684
This update for python3-susepubliccloudinfo fixes the following issues:

- Avoid traceback on improper query options. (bsc#1103684)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:1962-1
Released:    Fri Sep 21 13:48:37 2018
Summary:     Recommended update for icewm
Type:        recommended
Severity:    important
References:  1096917
This update for icewm fixes the following issues:

- Renamed icewm-session.desktop to icewm.desktop to fix a upgrade issue (bsc#1096917).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:1978-1
Released:    Mon Sep 24 10:37:23 2018
Summary:     Recommended update for myspell-dictionaries
Type:        recommended
Severity:    low
References:  1099508,1102294

This update brings myspell-dictionaries to version 20180704, providing the following fixes:

- Indonesian spelling dictionary, thesaurus and hyphenation added.
- English updates.
- Croatian updates.
- Bulgarian files converted to UTF8 in order to avoid bugs. (bsc#1102294, bsc#1099508)
- Other smaller updates.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:1998-1
Released:    Tue Sep 25 08:19:41 2018
Summary:     Recommended update for wireless-regdb
Type:        recommended
Severity:    moderate
References:  1095397,1106528
This update for wireless-regdb fixes the following issues:

- Fix power limit in 5725-5785 GHz rule for France.
- Updated regulatory database for France and Panama.
- Fixes in python3 scripts.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2022-1
Released:    Wed Sep 26 09:48:09 2018
Summary:     Recommended update for SUSE Manager Client Tools
Type:        recommended
Severity:    moderate
References:  1103388,1104120,1106523
This update fixes the following issues:

hwdata:

- Update to version 0.314:
  + Updated pci, usb and vendor ids.

spacewalk-backend:

- Channels to be actually un-subscribed from the assigned systems when being removed
  using spacewalk-remove-channel tool. (bsc#1104120)
- Take only text files from /srv/salt to make spacewalk-debug smaller. (bsc#1103388)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2044-1
Released:    Wed Sep 26 15:12:18 2018
Summary:     Recommended update for firewalld-rpcbind-helper
Type:        recommended
Severity:    moderate
References:  1096064
This update for firewalld-rpcbind-helper fixes the following issues:

- Fix error when running in python3 context, because of a missing decode() call. (bsc#1096064)
- Don't raise Exceptions when one of the target sysconfig files isn't installed. (bsc#1096064)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2052-1
Released:    Thu Sep 27 12:03:08 2018
Summary:     Security update for wireshark
Type:        security
Severity:    moderate
References:  1106514,CVE-2018-16056,CVE-2018-16057,CVE-2018-16058
This update for wireshark to version 2.4.9 fixes the following issues:

Security issues fixed (bsc#1106514):

- CVE-2018-16058: Bluetooth AVDTP dissector crash (wnpa-sec-2018-44)
- CVE-2018-16056: Bluetooth Attribute Protocol dissector crash (wnpa-sec-2018-45)
- CVE-2018-16057: Radiotap dissector crash (wnpa-sec-2018-46)

Further bug fixes and updated protocol support as listed in:
  https://www.wireshark.org/docs/relnotes/wireshark-2.4.9.html

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2054-1
Released:    Thu Sep 27 12:04:23 2018
Summary:     Security update for mgetty
Type:        security
Severity:    important
References:  1108752,1108756,1108757,1108761,1108762,CVE-2018-16741,CVE-2018-16742,CVE-2018-16743,CVE-2018-16744,CVE-2018-16745
This update for mgetty fixes the following issues:

- CVE-2018-16741: The function do_activate() did not properly sanitize shell
  metacharacters to prevent command injection (bsc#1108752).
- CVE-2018-16745: The mail_to parameter was not sanitized, leading to a buffer
  overflow if long untrusted input reached it (bsc#1108756).
- CVE-2018-16744: The mail_to parameter was not sanitized, leading to command
  injection if untrusted input reached reach it (bsc#1108757).
- CVE-2018-16742: Prevent stack-based buffer overflow that could have been
  triggered via a command-line parameter (bsc#1108762).
- CVE-2018-16743: The command-line parameter username wsa passed unsanitized to
  strcpy(), which could have caused a stack-based buffer overflow (bsc#1108761).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2060-1
Released:    Thu Sep 27 15:06:52 2018
Summary:     Recommended update for SAPHanaSR-ScaleOut
Type:        recommended
Severity:    moderate
References:  1098979
This update for SAPHanaSR-ScaleOut provides the following fix:

- Allow virtual host names in SAPHanaTopology and SAPHanaController to prevent a wrong
  promotion scoring. (bsc#1098979)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2077-1
Released:    Fri Sep 28 14:52:24 2018
Summary:     Recommended update for pidentd
Type:        recommended
Severity:    important
References:  1101107,1101600
This update for pidentd fixes the following issues:

- IPv6 support was accidentally dropped when upgrading to 3.0.19. This update reenables IPv6 support. (bsc#1101600)
- Drop uname -r of buildhost from binary for reproducible builds (bsc#1101107)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2078-1
Released:    Fri Sep 28 14:54:53 2018
Summary:     Recommended update for sapconf
Type:        recommended
Severity:    moderate
References:  1093843,1093844,1096498,1099101
This update for sapconf provides the following fixes:

- Sapconf should not change the system settings for kernel.sem, so remove the variables
  SEM* from it. (bsc#1099101)
- Correct the SAP Note references in the man pages and in the sysconfig file of the sapconf
  package. (bsc#1096498)
- Avoid stopping or disabling uuidd.socket in sapconf as it is mandatory for every SAP
  application running. (bsc#1093843)
- Remove hardcoded default value for VSZ_TMPFS_PERCENT. This allows an admin to exclude
  VSZ_TMPFS settings from the sysconfig file, so the current system value will remain
  untouched. This value only got used in the previous version, if the variable
  VSZ_TMPFS_PERCENT was removed from the sapconf configuration file /etc/sysconfig/sapconf.
  If the value of the variable was only changed (increased or decreased) in the sapconf
  configuration file everything works fine. (bsc#1093844)
- Remove the no longer needed sysconfig file.
- Remove the pagecache references from the sysconfig file.
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2082-1
Released:    Sun Sep 30 14:06:27 2018
Summary:     Security update for libX11
Type:        security
Severity:    moderate
References:  1102062,1102068,1102073,CVE-2018-14598,CVE-2018-14599,CVE-2018-14600
This update for libX11 fixes the following security issues:

- CVE-2018-14599: The function XListExtensions was vulnerable to an off-by-one
  error caused by malicious server responses, leading to DoS or possibly
  unspecified other impact (bsc#1102062)
- CVE-2018-14600: The function XListExtensions interpreted a variable as signed
  instead of unsigned, resulting in an out-of-bounds write (of up to 128 bytes),
  leading to DoS or remote code execution (bsc#1102068)
- CVE-2018-14598: A malicious server could have sent a reply in which the first
  string overflows, causing a variable to be set to NULL that will be freed later
  on, leading to DoS (segmentation fault) (bsc#1102073)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2095-1
Released:    Mon Oct  1 16:02:00 2018
Summary:     Security update for openssl-1_0_0
Type:        security
Severity:    moderate
References:  1089039,1097158,1101470,1104789,1106197,CVE-2018-0732,CVE-2018-0737
This update for openssl-1_0_0 to 1.0.2p fixes the following issues:

These security issues were fixed:

- Prevent One&Done side-channel attack on RSA that allowed physically near
  attackers to use EM emanations to recover information (bsc#1104789)
- CVE-2018-0737: The RSA Key generation algorithm has been shown to be
  vulnerable to a cache timing side channel attack. An attacker with sufficient
  access to mount cache timing attacks during the RSA key generation process
  could have recovered the private key (bsc#1089039)
- CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based
  ciphersuite a malicious server could have sent a very large prime value to the
  client. This caused the client to spend an unreasonably long period of time
  generating a key for this prime resulting in a hang until the client has
  finished. This could be exploited in a Denial Of Service attack (bsc#1097158)
- Make problematic ECDSA sign addition length-invariant
- Add blinding to ECDSA and DSA signatures to protect against side channel attacks

This non-security issue was fixed:

- Add openssl(cli) Provide so the packages that require the openssl
  binary can require this instead of the new openssl meta package
  (bsc#1101470)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2119-1
Released:    Tue Oct  2 16:31:25 2018
Summary:     Security update for ghostscript
Type:        security
Severity:    important
References:  1106171,1106172,1106173,1106195,1107410,1107411,1107412,1107413,1107420,1107421,1107422,1107423,1107426,1107581,1108027,1109105,CVE-2018-15908,CVE-2018-15909,CVE-2018-15910,CVE-2018-15911,CVE-2018-16509,CVE-2018-16510,CVE-2018-16511,CVE-2018-16513,CVE-2018-16539,CVE-2018-16540,CVE-2018-16541,CVE-2018-16542,CVE-2018-16543,CVE-2018-16585,CVE-2018-16802,CVE-2018-17183
This update for ghostscript to version 9.25 fixes the following issues:

These security issues were fixed:

- CVE-2018-17183: Remote attackers were be able to supply crafted PostScript to
  potentially overwrite or replace error handlers to inject code (bsc#1109105)
- CVE-2018-15909: Prevent type confusion using the .shfill operator that could
  have been used by attackers able to supply crafted PostScript files to crash
  the interpreter or potentially execute code (bsc#1106172).
- CVE-2018-15908: Prevent attackers that are able to supply malicious
  PostScript files to bypass .tempfile restrictions and write files
  (bsc#1106171).
- CVE-2018-15910: Prevent a type confusion in the LockDistillerParams parameter
  that could have been used to crash the interpreter or execute code
  (bsc#1106173).
- CVE-2018-15911: Prevent use uninitialized memory access in the aesdecode
  operator that could have been used to crash the interpreter or potentially
  execute code (bsc#1106195).
- CVE-2018-16513: Prevent a type confusion in the setcolor function that could
  have been used to crash the interpreter or possibly have unspecified other
  impact (bsc#1107412).
- CVE-2018-16509: Incorrect 'restoration of privilege' checking during handling
  of /invalidaccess exceptions could be have been used by attackers able to
  supply crafted PostScript to execute code using the 'pipe' instruction
  (bsc#1107410).
- CVE-2018-16510: Incorrect exec stack handling in the 'CS' and 'SC' PDF
  primitives could have been used by remote attackers able to supply crafted PDFs
  to crash the interpreter or possibly have unspecified other impact
  (bsc#1107411).
- CVE-2018-16542: Prevent attackers able to supply crafted PostScript files
  from using insufficient interpreter stack-size checking during error handling
  to crash the interpreter (bsc#1107413).
- CVE-2018-16541: Prevent attackers able to supply crafted PostScript files
  from using incorrect free logic in pagedevice replacement to crash the
  interpreter (bsc#1107421).
- CVE-2018-16540: Prevent use-after-free in copydevice handling that could have
  been used to crash the interpreter or possibly have unspecified other impact
  (bsc#1107420).
- CVE-2018-16539: Prevent attackers able to supply crafted PostScript files
  from using incorrect access checking in temp file handling to disclose contents
  of files on the system otherwise not readable (bsc#1107422).
- CVE-2018-16543: gssetresolution and gsgetresolution allowed attackers to have
  an unspecified impact (bsc#1107423).
- CVE-2018-16511: A type confusion in 'ztype' could have been used by remote
  attackers able to supply crafted PostScript to crash the interpreter or
  possibly have unspecified other impact (bsc#1107426).
- CVE-2018-16585: The .setdistillerkeys PostScript command was accepted even
  though it is not intended for use during document processing (e.g., after the
  startup phase). This lead to memory corruption, allowing remote attackers able
  to supply crafted PostScript to crash the interpreter or possibly have
  unspecified other impact (bsc#1107581).
- CVE-2018-16802: Incorrect 'restoration of privilege' checking when running
  out of stack during exception handling could have been used by attackers able
  to supply crafted PostScript to execute code using the 'pipe' instruction. This
  is due to an incomplete fix for CVE-2018-16509 (bsc#1108027).

These non-security issues were fixed:

* Fixes problems with argument handling, some unintended results of the
  security fixes to the SAFER file access restrictions (specifically accessing
  ICC profile files).
* Avoid that ps2epsi fails with 'Error: /undefined in --setpagedevice--'

For additional changes please check http://www.ghostscript.com/doc/9.25/News.htm

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2165-1
Released:    Fri Oct  5 15:22:38 2018
Summary:     Security update for java-1_8_0-openjdk
Type:        security
Severity:    important
References:  1101644,1101645,1101651,1101656,1106812,CVE-2018-2938,CVE-2018-2940,CVE-2018-2952,CVE-2018-2973
This update for java-1_8_0-openjdk to the jdk8u181 (icedtea 3.9.0) release fixes the following issues:

These security issues were fixed:

- CVE-2018-2938: Difficult to exploit vulnerability allowed unauthenticated
  attacker with network access via multiple protocols to compromise Java SE.
  Successful attacks of this vulnerability can result in takeover of Java SE
  (bsc#1101644).
- CVE-2018-2940: Vulnerability in subcomponent: Libraries. Easily exploitable
  vulnerability allowed unauthenticated attacker with network access via multiple
  protocols to compromise Java SE, Java SE Embedded. Successful attacks require
  human interaction from a person other than the attacker. Successful attacks of
  this vulnerability can result in unauthorized read access to a subset of Java
  SE, Java SE Embedded accessible data (bsc#1101645)
- CVE-2018-2952: Vulnerability in subcomponent: Concurrency. Difficult to
  exploit vulnerability allowed unauthenticated attacker with network access via
  multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful
  attacks of this vulnerability can result in unauthorized ability to cause a
  partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit
  (bsc#1101651)
- CVE-2018-2973: Vulnerability in subcomponent: JSSE. Difficult to exploit
  vulnerability allowed unauthenticated attacker with network access via SSL/TLS
  to compromise Java SE, Java SE Embedded. Successful attacks of this
  vulnerability can result in unauthorized creation, deletion or modification
  access to critical data or all Java SE, Java SE Embedded accessible data
  (bsc#1101656)

These non-security issues were fixed:

- Improve desktop file usage
- Better Internet address support
- speculative traps break when classes are redefined
- sun/security/pkcs11/ec/ReadCertificates.java fails intermittently
- Clean up code that saves the previous versions of redefined classes
- Prevent SIGSEGV in ReceiverTypeData::clean_weak_klass_links
- RedefineClasses() tests fail assert(((Metadata*)obj)->is_valid()) failed: obj is valid
- NMT is not enabled if NMT option is specified after class path specifiers
- EndEntityChecker should not process custom extensions after PKIX validation
- SupportedDSAParamGen.java failed with timeout
- Montgomery multiply intrinsic should use correct name
- When determining the ciphersuite lists, there is no debug output for disabled suites.
- sun/security/mscapi/SignedObjectChain.java fails on Windows
- On Windows Swing changes keyboard layout on a window activation
- IfNode::range_check_trap_proj() should handler dying subgraph with single if proj
- Even better Internet address support
- Newlines in JAXB string values of SOAP-requests are escaped to '
'
- TestFlushableGZIPOutputStream failing with IndexOutOfBoundsException
- Unable to use JDWP API in JDK 8 to debug JDK 9 VM
- Hotspot crash on Cassandra 3.11.1 startup with libnuma 2.0.3
- Performance drop with Java JDK 1.8.0_162-b32
- Upgrade time-zone data to tzdata2018d
- Fix potential crash in BufImg_SetupICM
- JDK 8u181 l10n resource file update
- Remove debug print statements from RMI fix
- (tz) Upgrade time-zone data to tzdata2018e
- ObjectInputStream filterCheck method throws NullPointerException
- adjust reflective access checks
- Fixed builds on s390 (bsc#1106812)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2171-1
Released:    Mon Oct  8 10:31:29 2018
Summary:     Security update for soundtouch
Type:        security
Severity:    moderate
References:  1103676,CVE-2018-1000223
This update for soundtouch fixes the following security issue:

- CVE-2018-1000223: Prevent buffer overflow in WavInFile::readHeaderBlock()
  that could have resulted in arbitrary code execution when opening maliocius
  file in soundstretch utility (bsc#1103676)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2183-1
Released:    Tue Oct  9 11:30:31 2018
Summary:     Security update for java-1_8_0-ibm
Type:        security
Severity:    moderate
References:  1104668,CVE-2016-0705,CVE-2017-3732,CVE-2017-3736,CVE-2018-12539,CVE-2018-1517,CVE-2018-1656,CVE-2018-2940,CVE-2018-2952,CVE-2018-2964,CVE-2018-2973
This update for java-1_8_0-ibm to 8.0.5.20 fixes the following issues:

- CVE-2018-2952: Vulnerability in subcomponent: Concurrency. Difficult to
  exploit vulnerability allowed unauthenticated attacker with network access via
  multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful
  attacks of this vulnerability can result in unauthorized ability to cause a
  partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit
  (bsc#1104668).
- CVE-2018-2940: Vulnerability in subcomponent: Libraries. Easily exploitable
  vulnerability allowed unauthenticated attacker with network access via multiple
  protocols to compromise Java SE, Java SE Embedded. Successful attacks require
  human interaction from a person other than the attacker. Successful attacks of
  this vulnerability can result in unauthorized read access to a subset of Java
  SE, Java SE Embedded accessible data (bsc#1104668).
- CVE-2018-2973: Vulnerability in subcomponent: JSSE. Difficult to exploit
  vulnerability allowed unauthenticated attacker with network access via SSL/TLS
  to compromise Java SE, Java SE Embedded. Successful attacks of this
  vulnerability can result in unauthorized creation, deletion or modification
  access to critical data or all Java SE, Java SE Embedded accessible data
  (bsc#1104668).
- CVE-2018-2964: Vulnerability in subcomponent: Deployment. Difficult to
  exploit vulnerability allowed unauthenticated attacker with network access via
  multiple protocols to compromise Java SE. Successful attacks require human
  interaction from a person other than the attacker. Successful attacks of this
  vulnerability can result in takeover of Java SE. (bsc#1104668).
- CVE-2016-0705: Prevent double free in the dsa_priv_decode function that
  allowed remote attackers to cause a denial of service (memory corruption) or
  possibly have unspecified other impact via a malformed DSA private key
  (bsc#1104668).
- CVE-2017-3732: Prevent carry propagating bug in the x86_64 Montgomery
  squaring procedure (bsc#1104668).
- CVE-2017-3736: Prevent carry propagating bug in the x86_64 Montgomery
  squaring procedure (bsc#1104668).
- CVE-2018-12539: Users other than the process owner might have been able to
  use Java Attach API to connect to an IBM JVM on the same machine and use Attach
  API operations, which includes the ability to execute untrusted native code
  (bsc#1104668) 
- CVE-2018-1517: Unspecified vulnerability (bsc#1104668).
- CVE-2018-1656: Unspecified vulnerability (bsc#1104668) 

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2193-1
Released:    Wed Oct 10 13:20:50 2018
Summary:     Recommended update for dialog
Type:        recommended
Severity:    moderate
References:  1094836
This update for dialog fixes the following issues:

- Fixes a bug where scrolling is not possible (bsc#1094836)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2298-1
Released:    Wed Oct 17 17:02:57 2018
Summary:     Recommended update for java-11-openjdk
Type:        recommended
Severity:    moderate
References:  1111162,1112142,1112143,1112144,1112145,1112146,1112147,1112148,1112149,CVE-2018-3136,CVE-2018-3139,CVE-2018-3149,CVE-2018-3150,CVE-2018-3157,CVE-2018-3169,CVE-2018-3180,CVE-2018-3183
This update for java-11-openjdk fixes the following issues:

Update to upstream tag jdk-11.0.1+13 (Oracle October 2018 CPU)

Security fixes:

- S8202936, CVE-2018-3183, bsc#1112148: Improve script engine support
- S8199226, CVE-2018-3169, bsc#1112146: Improve field accesses
- S8199177, CVE-2018-3149, bsc#1112144: Enhance JNDI lookups
- S8202613, CVE-2018-3180, bsc#1112147: Improve TLS connections stability
- S8208209, CVE-2018-3180, bsc#1112147: Improve TLS connection stability again
- S8199172, CVE-2018-3150, bsc#1112145: Improve jar attribute checks
- S8200648, CVE-2018-3157, bsc#1112149: Make midi code more sound
- S8194534, CVE-2018-3136, bsc#1112142: Manifest better support
- S8208754, CVE-2018-3136, bsc#1112142: The fix for JDK-8194534 needs updates
- S8196902, CVE-2018-3139, bsc#1112143: Better HTTP Redirection

Security-In-Depth fixes:

- S8194546: Choosier FileManagers
- S8195874: Improve jar specification adherence
- S8196897: Improve PRNG support
- S8197881: Better StringBuilder support
- S8201756: Improve cipher inputs
- S8203654: Improve cypher state updates
- S8204497: Better formatting of decimals
- S8200666: Improve LDAP support
- S8199110: Address Internet Addresses

Update to upstream tag jdk-11+28 (OpenJDK 11 rc1)

- S8207317: SSLEngine negotiation fail exception behavior
  changed from fail-fast to fail-lazy
- S8207838: AArch64: Float registers incorrectly restored in
  JNI call
- S8209637: [s390x] Interpreter doesn't call result handler
  after native calls
- S8209670: CompilerThread releasing code buffer in destructor
  is unsafe
- S8209735: Disable avx512 by default
- S8209806: API docs should be updated to refer to javase11
- Report version without the '-internal' postfix

- Don't build against gdk making the accessibility depend on a
  particular version of gtk.

Update to upstream tag jdk-11+27

- S8031761: [TESTBUG] Add a regression test for JDK-8026328
- S8151259: [TESTBUG] nsk/jvmti/RedefineClasses/redefclass030
  fails with 'unexpected values of outer fields of the class'
  when running with -Xcomp
- S8164639: Configure PKCS11 tests to use user-supplied NSS
  libraries
- S8189667: Desktop#moveToTrash expects incorrect '<<ALL
  FILES>>' FilePermission
- S8194949: [Graal] gc/TestNUMAPageSize.java fail with OOM in
  -Xcomp
- S8195156: [Graal] serviceability/jvmti/GetModulesInfo/
  /JvmtiGetAllModulesTest.java fails with Graal in Xcomp mode
- S8199081: [Testbug] compiler/linkage/LinkageErrors.java fails
  if run twice
- S8201394: Update java.se module summary to reflect removal of
  java.se.ee module
- S8204931: Colors with alpha are painted incorrectly on Linux
- S8204966: [TESTBUG] hotspot/test/compiler/whitebox/
  /IsMethodCompilableTest.java test fails with
  -XX:CompileThreshold=1
- S8205608: Fix 'frames()' in ThreadReferenceImpl.c to prevent
  quadratic runtime behavior
- S8205687: TimeoutHandler generates huge core files
- S8206176: Remove the temporary tls13VN field
- S8206258: [Test Error] sun/security/pkcs11 tests fail if NSS
  libs not found
- S8206965: java/util/TimeZone/Bug8149452.java failed on de_DE
  and ja_JP locale.
- S8207009: TLS 1.3 half-close and synchronization issues
- S8207046: arm32 vm crash: C1 arm32 platform functions
  parameters type mismatch
- S8207139: NMT is not enabled on Windows 2016/10
- S8207237: SSLSocket#setEnabledCipherSuites is accepting empty
  string
- S8207355: C1 compilation hangs in
  ComputeLinearScanOrder::compute_dominator
- S8207746: C2: Lucene crashes on AVX512 instruction
- S8207765: HeapMonitorTest.java intermittent failure
- S8207944: java.lang.ClassFormatError: Extra bytes at the end
  of class file test' possibly violation of JVMS 4.7.1
- S8207948: JDK 11 L10n resource file update msg drop 10
- S8207966: HttpClient response without content-length does not
  return body
- S8208125: Cannot input text into JOptionPane Text Input Dialog
- S8208164: (str) improve specification of String::lines
- S8208166: Still unable to use custom SSLEngine with default
  TrustManagerFactory after JDK-8207029
- S8208189: ProblemList compiler/graalunit/JttThreadsTest.java
- S8208205: ProblemList tests that fail due to 'Error attaching
  to process: Can't create thread_db agent!'
- S8208226: ProblemList com/sun/jdi/BasicJDWPConnectionTest.java
- S8208251: serviceability/jvmti/HeapMonitor/MyPackage/
  /HeapMonitorGCCMSTest.java fails intermittently on Linux-X64
- S8208305: ProblemList
  compiler/jvmci/compilerToVM/GetFlagValueTest.java
- S8208347: ProblemList
  compiler/cpuflags/TestAESIntrinsicsOnSupportedConfig.java
- S8208353: Upgrade JDK 11 to libpng 1.6.35
- S8208358: update bug ids mentioned in tests
- S8208370: fix typo in ReservedStack tests' @requires
- S8208391: Differentiate response and connect timeouts in HTTP
  Client API
- S8208466: Fix potential memory leak in harfbuzz shaping.
- S8208496: New Test to verify concurrent behavior of TLS.
- S8208521: ProblemList more tests that fail due to 'Error
  attaching to process: Can't create thread_db agent!'
- S8208640: [a11y] [macos] Unable to navigate between
  Radiobuttons in Radio group using keyboard.
- S8208663: JDK 11 L10n resource file update msg drop 20
- S8208676: Missing NULL check and resource leak in
  NetworkPerformanceInterface::NetworkPerformance::network_utilization
- S8208691: Tighten up jdk.includeInExceptions security property
- S8209011: [TESTBUG] AArch64: sun/security/pkcs11/Secmod/
  /TestNssDbSqlite.java fails in aarch64 platforms
- S8209029: ProblemList tests that fail due to 'Error attaching
  to process: Can't create thread_db agent!' in jdk-11+25
  testing
- S8209149: [TESTBUG] runtime/RedefineTests/
  /RedefineRunningMethods.java needs a longer timeout
- S8209451: Please change jdk 11 milestone to FCS
- S8209452: VerifyCACerts.java failed with 'At least one cacert
  test failed'
- S8209506: Add Google Trust Services GlobalSign root
  certificates
- S8209537: Two security tests failed after JDK-8164639 due to
  dependency was missed

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2302-1
Released:    Thu Oct 18 14:29:31 2018
Summary:     Security update for zziplib
Type:        security
Severity:    moderate
References:  1110687,CVE-2018-17828
This update for zziplib fixes the following issues:

- CVE-2018-17828: Remove any '../' components from pathnames of extracted files to avoid path traversal during unpacking. (bsc#1110687)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2307-1
Released:    Thu Oct 18 14:42:54 2018
Summary:     Recommended update for libxcb
Type:        recommended
Severity:    moderate
References:  1101560
This update for libxcb provides the following fix:

- Fix some IO errors when using KWin in combination with the NVIDIA driver. (bsc#1101560)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2335-1
Released:    Fri Oct 19 15:06:23 2018
Summary:     Security update for clamav
Type:        security
Severity:    moderate
References:  1103040,1104457,1110723,CVE-2018-14680,CVE-2018-14681,CVE-2018-14682,CVE-2018-15378
This update for clamav fixes the following issues:

clamav was updated to version 0.100.2.

Following security issues were fixed:

- CVE-2018-15378: Vulnerability in ClamAV's MEW
  unpacking feature that could allow an unauthenticated, remote
  attacker to cause a denial of service (DoS) condition on an
  affected device. (bsc#1110723)
- CVE-2018-14680, CVE-2018-14681, CVE-2018-14682:
  more fixes for embedded libmspack. (bsc#1103040)

Following non-security issues were addressed:

- Make freshclam more robust against lagging signature mirrors.
- On-Access 'Extra Scanning', an opt-in minor feature of
  OnAccess scanning on Linux systems, has been disabled due to a
  known issue with resource cleanup OnAccessExtraScanning will
  be re-enabled in a future release when the issue is
  resolved. In the mean-time, users who enabled the feature in
  clamd.conf will see a warning informing them that the feature
  is not active. For details, see:
  https://bugzilla.clamav.net/show_bug.cgi?id=12048
- Restore exit code compatibility of freshclam with versions before
  0.100.0 when the virus database is already up to date
  (bsc#1104457)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2340-1
Released:    Fri Oct 19 16:05:53 2018
Summary:     Security update for fuse
Type:        security
Severity:    moderate
References:  1101797,CVE-2018-10906
This update for fuse fixes the following issues:

- CVE-2018-10906: fusermount was vulnerable to a restriction bypass when
  SELinux is active. This allowed non-root users to mount a FUSE file system with
  the 'allow_other' mount option regardless of whether 'user_allow_other' is set
  in the fuse configuration. An attacker may use this flaw to mount a FUSE file
  system, accessible by other users, and trick them into accessing files on that
  file system, possibly causing Denial of Service or other unspecified effects
  (bsc#1101797)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2343-1
Released:    Sat Oct 20 09:51:54 2018
Summary:     Recommended update for dejagnu
Type:        recommended
Severity:    moderate
References:  1100206
This update for dejagnu fixes the following issues:

- Use separate kill command for each pid (bsc#1100206)
- Install LICENSE file in the correct directory.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2364-1
Released:    Mon Oct 22 13:13:28 2018
Summary:     Security update for wireshark
Type:        security
Severity:    important
References:  1111647,CVE-2018-12086,CVE-2018-18227
This update for wireshark fixes the following issues:

Wireshark was updated to 2.4.10 (bsc#1111647).

Following security issues were fixed:

- CVE-2018-18227: MS-WSP dissector crash (wnpa-sec-2018-47)
- CVE-2018-12086: OpcUA dissector crash (wnpa-sec-2018-50)

Further bug fixes and updated protocol support that were done are listed in:

  https://www.wireshark.org/docs/relnotes/wireshark-2.4.10.html


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2392-1
Released:    Tue Oct 23 12:45:51 2018
Summary:     Security update for tiff
Type:        security
Severity:    moderate
References:  1092480,1106853,1108627,1108637,1110358,CVE-2018-10779,CVE-2018-16335,CVE-2018-17100,CVE-2018-17101,CVE-2018-17795
This update for tiff fixes the following issues:

Security issue fixed:

- CVE-2018-10779: TIFFWriteScanline in tif_write.c had a heap-based buffer over-read, as demonstrated by bmp2tiff.(bsc#1092480)
- CVE-2018-17100: There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service (crash) or possibly have unspecified other impact via a crafted image file. (bsc#1108637)
- CVE-2018-17101: There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file. (bsc#1108627)
- CVE-2018-17795: The function t2p_write_pdf in tiff2pdf.c allowed remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, a similar issue to CVE-2017-9935. (bsc#1110358)
- CVE-2018-16335: newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c allowed remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. This is a different vulnerability than CVE-2018-15209. (bsc#1106853)


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2411-1
Released:    Tue Oct 23 17:27:40 2018
Summary:     Recommended update for libXaw
Type:        recommended
Severity:    moderate
References:  1098411
This update for libXaw provides the following fix:

- Fix a crash when the required font is not installed. (bsc#1098411)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2431-1
Released:    Wed Oct 24 13:05:29 2018
Summary:     Security update for ntp
Type:        security
Severity:    moderate
References:  1083424,1098531,1111853,CVE-2018-12327,CVE-2018-7170

NTP was updated to 4.2.8p12 (bsc#1111853):

- CVE-2018-12327: Fixed stack buffer overflow in the openhost() command-line call of NTPQ/NTPDC. (bsc#1098531)
- CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing additional protection (bsc#1083424)

Please also see https://www.nwtime.org/network-time-foundation-publishes-ntp-4-2-8p12/ for more information.


-----------------------------------------------------------------
Advisory ID: SUSE-OU-2018:2441-1
Released:    Wed Oct 24 16:38:48 2018
Summary:     Initial release of python-pyinotify
Type:        optional
Severity:    low
References:  1111493
This update provides python-pyinotify required for salt beacons
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2442-1
Released:    Wed Oct 24 16:39:09 2018
Summary:     Recommended update for python-msrestazure and it's dependencies
Type:        recommended
Severity:    moderate
References:  1109694
This update for python-adal, python-isodate, python-msrest, python-msrestazure fixes the following issues:

python-msrestazure:

- Update to version 0.5.0

  + Features
    * Implementation is now using ADAL and not request-oauthlib. This allows more AD scenarios (like federated).
    * Add additionalInfo parsing for CloudError.
    * Implement new LRO options of Autorest.
    * Improve MSI for VM token polling algorithm.
    * MSIAuthentication now uses IMDS endpoint if available.
    * MSIAuthentication can be used in any environment that defines MSI_ENDPOINT env variable.
    * CloudError now includes the 'innererror' attribute to match OData v4.
    * Introduces ARMPolling implementation of Azure Resource Management LRO.
    * Add support for WebApp/Functions in MSIAuthentication classes.
    * Add parse_resource_id(), resource_id(), validate_resource_id() to parse ARM ids.
    * Retry strategy now n reach 24 seconds (instead of 12 seconds).
    * Add Managed Service Integrated (MSI) authentication.
    * Add 'timeout' to ServicePrincipalCredentials and UserPasswordCredentials.
    * Threads created by AzureOperationPoller have now a name prefixed by 'AzureOperationPoller' to help identify them.
    * Improve MSIAuthentication to support User Assigned Identity.

  + Bugfixes
    * MSIAuthentication regression for KeyVault since IMDS support.
    * MSIAuthentication should initialize the token attribute on creation.
    * Fixes refreshToken in UserPassCredentials and AADTokenCredentials.
    * Fix US government cloud definition.
    * Reduce max MSI polling time for VM.
    * IMDS/MSI: Retry on more error codes.
    * IMDS/MSI: Fix a boundary case on timeout.
    * Fix parse_resource_id() tool to be case*insensitive to keywords when matching.
    * Add missing baseclass init call for AdalAuthentication.
    * Fix LRO result if POST uses AsyncOperation header.
    * Remove a possible infinite loop with MSIAuthentication.
    * Fix session obj for cloudmetadata endpoint.
    * Fix authentication resource node for AzureSatck.
    * Better detection of AppService with MSIAuthentication.
    * get_cloud_from_metadata_endpoint incorrect on AzureStack.
    * get_cloud_from_metadata_endpoint certificate issue.
    * Fix AttributeError if error JSON from ARM does not follow ODatav4 (as it should).
    * Fix AttributeError if input JSON is not a dict.
    * Fix AdalError handling in some scenarios.
    * Update Azure Gov login endpoint.
    * Update metadata ARM endpoint parser.

  + Incompatible changes
    * Remove unused auth_uri, state, client and token_uri attributes in ServicePrincipalCredentials,
      UserPassCredentials and AADTokenCredentials.
    * Remove token caching based on 'keyring'. Token caching should be implemented using ADAL now.
    * Remove InteractiveCredentials. This class was deprecated and unusable. Use ADAL device code instead.

python-msrest

- Update to version 0.5.0

  + Require python-enum32 and python-typing.

  + Features
    * Support additionalProperties and XML.
    * Deserialize/from_dict now accepts a content*type parameter to parse XML strings.
    * Add XML support
    * Add many type hints, and MyPY testing on CI.
    * HTTP calls are made through a HTTPDriver API. Only implementation is `requests` for now. This driver API is *not*
      considered stable and you should pin your msrest version if you want to provide a personal implementation.
    * msrest is now able to keep the 'requests.Session' alive for performance.
    * All Authentication classes now define `signed_session` and `refresh_session` with an optional `session` parameter.
    * Disable HTTP log by default (security), add `enable_http_log` to restore it.
    * Add TopicCredentials for EventGrid client.
    * Add LROPoller class. This is a customizable LRO engine.
    * Model now accept kwargs in constructor for future kwargs models.
    * Add support for additional_properties.
    * The interpretation of Swagger 2.0 'discriminator' is now lenient.
    * Add ApiKeyCredentials class. This can be used to support OpenAPI ApiKey feature.
    * Add CognitiveServicesAuthentication class. Pre*declared ApiKeyCredentials class for Cognitive Services.
    * Add Configuration.session_configuration_callback to customize the requests.Session if necessary.
    * Add a flag to Serializer to disable client*side*validation.
    * Remove 'import requests' from 'exceptions.py' for apps that require fast loading time.
    * Input is now more lenient.
    * Model have a 'validate' method to check content constraints.
    * Model have now new methods for serialize, as_dict, deserialize and from_dict.

  + Bugfixes
    * Fix a serialization issue if additional_properties is declared, and 'automatic model' syntax is used
      ('automatic model' being the ability to pass a dict to command and have the model auto*created).
    * Better parse empty node and not string types.
    * Improve 'object' XML parsing.
    * Fix some XML serialization subtle scenarios.
    * Fix some complex XML Swagger definitions.
    * Lower Accept header overwrite logging message.
    * Fix 'object' type and XML format.
    * Incorrect milliseconds serialization for some datetime object.
    * Improve `SDKClient.__exit__` to take exc_details as optional parameters and not required.
    * Refresh_session should also use the permanent HTTP session if available.
    * Fix incorrect date parsing if ms precision is over 6 digits.
    * Fix minimal dependency of isodate.
    * Fix serialisation from dict if datetime provided.
    * Date parsing is now compliant with Autorest / Swagger 2.0 specification (less lenient).
    * Accept to deserialize enum of different type if content string match.
    * Stop failing on deserialization if enum string is unkwon. Return the string instead.
    * Do not validate additional_properties.
    * Improve validation error if expected type is dict, but actual type is not.
    * Fix additional_properties if Swagger was flatten.
    * Optional formdata parameters were raising an exception.
    * 'application/x*www*form*urlencoded' form was sent using 'multipart/form*data'.
    * Fix regression: accept 'set<str>' as a valid '[str]'
    * Always log response body.
    * Improved exception message if error JSON is Odata v4.
    * Refuse 'str' as a valid '[str]' type.
    * Better exception handling if input from server is not JSON valid.
    * Fix regression introduced in msrest 0.4.12 * dict syntax with enum modeled as string and enum used.
    * Fix regression introduced in msrest 0.4.12 * dict syntax using isodate.Duration.
    * Better Enum checking.

  + Internal optimisation
    * Call that does not return a streamable object are now executed in requests stream mode False (was True
      whatever the type of the call). This should reduce the number of leaked opened session and allow urllib3
      to manage connection pooling more efficiently. Only clients generated with Autorest.Python >= 2.1.31
      (not impacted otherwise, fully backward compatible)

  + Deprecation
    * Trigger DeprecationWarning for _client.add_header and _client.send_formdata.

python-adal

- Update to version 1.0.2

python-isodate

- Update to version 0.6.0
  + Support incomplete month date.
  + Rely on duck typing when doing duration maths.
  + Support ':' as separator in fractional time zones.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2445-1
Released:    Wed Oct 24 16:41:09 2018
Summary:     Recommended update for iotop
Type:        recommended
Severity:    moderate
References:  1094694,1094823
This update for iotop provides the following fix:

- Fix a crash when /proc/*/status doesn't have the tab character or when it has invalid
  lines. (bsc#1094823, bsc#1094694)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2463-1
Released:    Thu Oct 25 14:48:34 2018
Summary:     Recommended update for timezone, timezone-java
Type:        recommended
Severity:    moderate
References:  1104700,1112310

  
This update for timezone, timezone-java fixes the following issues:

The timezone database was updated to 2018f:

- Volgograd moves from +03 to +04 on 2018-10-28.
- Fiji ends DST 2019-01-13, not 2019-01-20.
- Most of Chile changes DST dates, effective 2019-04-06 (bsc#1104700)
- Corrections to past timestamps of DST transitions
- Use 'PST' and 'PDT' for Philippine time
- minor code changes to zic handling of the TZif format
- documentation updates

Other bugfixes:

- Fixed a zic problem with the 1948-1951 DST transition in Japan (bsc#1112310)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2505-1
Released:    Fri Oct 26 16:12:37 2018
Summary:     Security update for audiofile
Type:        security
Severity:    moderate
References:  1111586,CVE-2018-17095
This update for audiofile fixes the following issues:

- CVE-2018-17095: A heap-based buffer overflow in Expand3To4Module::run could occurred when running sfconvert leading to crashes or code execution when handling untrusted soundfiles (bsc#1111586).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2507-1
Released:    Fri Oct 26 16:27:56 2018
Summary:     Recommended update for s3fs
Type:        recommended
Severity:    moderate
References:  1111267
This update for s3fs fixes the following issues:

- Add fuse package as required in runtime to allow mounting with 
  systemd, mount command or /etc/fstab (bsc#1111267)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2513-1
Released:    Mon Oct 29 11:11:23 2018
Summary:     Recommended update for sysstat
Type:        recommended
Severity:    moderate
References:  1089883

  
This update for sysstat fixes the following issues:

Sysstat was updated to 12.0.2, bringing new features and bugfixes (fate#326576, bsc#1089883)

- It contains lots of improvements in SVG output.
- New metric additions for hugepages.
- New options

Please look at http://sebastien.godard.pagesperso-orange.fr/ for a more detailed history of changes.


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2514-1
Released:    Mon Oct 29 11:11:47 2018
Summary:     Recommended update for nfs4-acl-tools
Type:        recommended
Severity:    moderate
References:  1104803,967251
This update for nfs4-acl-tools fixes the following issues:

- Allow recursive set_acl to set inheritance flags. (bsc#967251, bsc#1104803)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2529-1
Released:    Tue Oct 30 16:05:19 2018
Summary:     Recommended update for dapl
Type:        recommended
Severity:    moderate
References:  1094657
This update for dapl fixes the following issues:

- Fix a 'deadlock' that causes socket connection to timeout when net.ipv4.tcp_syncookies=0. (bsc#1094657)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2550-1
Released:    Wed Oct 31 16:16:56 2018
Summary:     Recommended update for timezone, timezone-java
Type:        recommended
Severity:    moderate
References:  1113554
This update provides the latest time zone definitions (2018g), including the following change:

- Morocco switched from +00/+01 to permanent +01 effective 2018-10-28 (bsc#1113554)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2565-1
Released:    Fri Nov  2 17:10:31 2018
Summary:     Security update for soundtouch
Type:        security
Severity:    moderate
References:  1108630,1108631,1108632,CVE-2018-17096,CVE-2018-17097,CVE-2018-17098
This update for soundtouch fixes the following issues:

- CVE-2018-17098: The WavFileBase class allowed remote attackers to cause a denial of service (heap corruption from size inconsistency) or possibly have unspecified other impact, as demonstrated by SoundStretch. (bsc#1108632) 
- CVE-2018-17097: The WavFileBase class allowed remote attackers to cause a denial of service (double free) or possibly have unspecified other impact, as demonstrated by SoundStretch. (double free) (bsc#1108631) 
- CVE-2018-17096: The BPMDetect class allowed remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch. (bsc#1108630) 

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2569-1
Released:    Fri Nov  2 19:00:18 2018
Summary:     Recommended update for pam
Type:        recommended
Severity:    moderate
References:  1110700
This update for pam fixes the following issues:

- Remove limits for nproc from /etc/security/limits.conf (bsc#1110700)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2607-1
Released:    Wed Nov  7 15:42:48 2018
Summary:     Optional update for gcc8
Type:        recommended
Severity:    low
References:  1084812,1084842,1087550,1094222,1102564

The GNU Compiler GCC 8 is being added to the Development Tools Module by this
update.

The update also supplies gcc8 compatible libstdc++, libgcc_s1 and other
gcc derived libraries for the Basesystem module of SUSE Linux Enterprise 15.

Various optimizers have been improved in GCC 8, several of bugs fixed,
quite some new warnings added and the error pin-pointing and
fix-suggestions have been greatly improved.

The GNU Compiler page for GCC 8 contains a summary of all the changes that
have happened:

   	https://gcc.gnu.org/gcc-8/changes.html

Also changes needed or common pitfalls when porting software are described on:

	https://gcc.gnu.org/gcc-8/porting_to.html


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2616-1
Released:    Thu Nov  8 17:53:23 2018
Summary:     Security update for libepubgen, liblangtag, libmwaw, libnumbertext, libreoffice, libstaroffice, libwps, myspell-dictionaries, xmlsec1
Type:        security
Severity:    moderate
References:  1050305,1088263,1091606,1094779,1095601,1095639,1096360,1098891,1104876,CVE-2018-10583


This update for LibreOffice, libepubgen, liblangtag, libmwaw, libnumbertext, libstaroffice, libwps, myspell-dictionaries, xmlsec1 fixes the following issues:

LibreOffice was updated to 6.1.3.2 (fate#326624) and contains new features and lots of bugfixes:

The full changelog can be found on:

        https://wiki.documentfoundation.org/ReleaseNotes/6.1

Bugfixes:

- bsc#1095639 Exporting to PPTX results in vertical labels being shown horizontally
- bsc#1098891 Table in PPTX misplaced and partly blue
- bsc#1088263 Labels in chart change (from white and other colors) to black when saving as PPTX
- bsc#1095601 Exporting to PPTX shifts arrow shapes quite a bit

- Add more translations:
  * Belarusian
  * Bodo
  * Dogri
  * Frisian
  * Gaelic
  * Paraguayan_Guaran
  * Upper_Sorbian
  * Konkani
  * Kashmiri
  * Luxembourgish
  * Monglolian
  * Manipuri
  * Burnese
  * Occitan
  * Kinyarwanda
  * Santali
  * Sanskrit
  * Sindhi
  * Sidamo
  * Tatar
  * Uzbek
  * Upper Sorbian
  * Venetian
  * Amharic
  * Asturian
  * Tibetian
  * Bosnian
  * English GB
  * English ZA
  * Indonesian
  * Icelandic
  * Georgian
  * Khmer
  * Lao
  * Macedonian
  * Nepali
  * Oromo
  * Albanian
  * Tajik
  * Uyghur
  * Vietnamese
  * Kurdish

- Try to build all languages see bsc#1096360
- Make sure to install the KDE5/Qt5 UI/filepicker
- Try to implement safeguarding to avoid bsc#1050305
- Disable base-drivers-mysql as it needs mysqlcppcon that is only
  for mysql and not mariadb, causes issues bsc#1094779
  * Users can still connect using jdbc/odbc
- Fix java detection on machines with too many cpus

- CVE-2018-10583: An information disclosure vulnerability occured when LibreOffice automatically processed and initiated an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt XML document. (bsc#1091606)

libepubgen was updated to 0.1.1:

- Avoid <div> inside <p> or <span>.
- Avoid writin vertical-align attribute without a value.
- Fix generation of invalid XHTML when there is a link starting at the beginning of a footnote.
- Handle relative width for images.
- Fixed layout: write chapter names to improve navigation.
- Support writing mode.
- Start a new HTML file at every page span in addition to the splits induced by the chosen split method. This is to ensure that specified writing mode works correctly, as it is HTML <body> attribute.

liblangtag was updated to 0.6.2:

- use standard function
- fix leak in test

libmwaw was updated to 0.3.14:

- Support MS Multiplan 1.1 files

libnumbertext was update to 1.0.5:

- Various fixes in numerical calculations and issues reported on libreoffice tracker

libstaroffice was updated to 0.0.6:

- retrieve some StarMath's formula,
- retrieve some charts as graphic,
- retrieve some fields in sda/sdc/sdp text-boxes,
- .sdw: retrieve more attachments.

libwps was updated to 0.4.9:

- QuattroPro: add parser to .wb3 files
- Multiplan: add parser to DOS v1-v3 files
- charts: try to retrieve charts in .wk*, .wq* files
- QuattroPro: add parser to .wb[12] files

myspell-dictionaries was updated to 20181025:

- Turkish dictionary added
- Updated French dictionary

xmlsec1 was updated to 1.2.26:

- Added xmlsec-mscng module based on Microsoft Cryptography API: Next Generation
- Added support for GOST 2012 and fixed CryptoPro CSP provider for GOST R 34.10-2001 in xmlsec-mscrypto


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2625-1
Released:    Mon Nov 12 08:58:25 2018
Summary:     Recommended update for java-11-openjdk
Type:        recommended
Severity:    moderate
References:  1113734
This update for java-11-openjdk fixes the following issues:

Merge into the JDK following modules from github.com/javaee:

* com.sum.xml.fastinfoset
* org.jvnet.staxex
* com.sun.istack.runtime
* com.sun.xml.txw2
* com.sun.xml.bind

This provides a default implementation of JAXB-API that
existed in JDK before Java 11 and that some applications
depend on.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2641-1
Released:    Mon Nov 12 20:39:30 2018
Summary:     Recommended update for nfsidmap
Type:        recommended
Severity:    moderate
References:  1098217
This update for nfsidmap fixes the following issues:

- Improve support for SAMBA with Active Directory. (bsc#1098217)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2649-1
Released:    Tue Nov 13 14:49:19 2018
Summary:     Recommended update for guile
Type:        recommended
Severity:    moderate
References:  1110085

- The patch fixes a coredump when using guile with japanese locales 
based on Shift-JIS (LC_CTYPE=ja_JP.sjis)  (bsc#1110085)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2716-1
Released:    Tue Nov 20 16:15:16 2018
Summary:     Recommended update for llvm5
Type:        recommended
Severity:    moderate
References:  1111190
This update for llvm5 fixes the following issues:

- Build TableGen component as its own shared library because it is not 
  included in the libLLVM library and is needed for ldc. (bsc#1111190)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2742-1
Released:    Thu Nov 22 13:28:36 2018
Summary:     Recommended update for rpcbind
Type:        recommended
Severity:    moderate
References:  969953
This update for rpcbind fixes the following issues:

- Fix tool stack buffer overflow aborting (bsc#969953)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2761-1
Released:    Thu Nov 22 16:26:11 2018
Summary:     Security update for libwpd
Type:        security
Severity:    important
References:  1115713,CVE-2018-19208
This update for libwpd fixes the following issues:

Security issue fixed:

- CVE-2018-19208: Fixed illegal address access inside libwpd at function WP6ContentListener:defineTable (bsc#1115713).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2763-1
Released:    Thu Nov 22 16:26:44 2018
Summary:     Security update for java-1_8_0-ibm
Type:        security
Severity:    important
References:  1116574,CVE-2018-13785,CVE-2018-3136,CVE-2018-3139,CVE-2018-3149,CVE-2018-3169,CVE-2018-3180,CVE-2018-3183,CVE-2018-3214

java-1_8_0-ibm was updated to Java 8.0 Service Refresh 5 Fix Pack 25 (bsc#1116574)

* Class Libraries:

  - IJ10934 CVE-2018-13785
  - IJ10935 CVE-2018-3136
  - IJ10895 CVE-2018-3139
  - IJ10932 CVE-2018-3149
  - IJ10894 CVE-2018-3180
  - IJ10930 CVE-2018-3183
  - IJ10933 CVE-2018-3214
  - IJ09315 FLOATING POINT EXCEPTION FROM JAVA.TEXT.DECIMALFORMAT. FORMAT
  - IJ09088 INTRODUCING A NEW PROPERTY FOR TURKEY TIMEZONE FOR PRODUCTS NOT IDENTIFYING TRT
  - IJ10800 REMOVE EXPIRING ROOT CERTIFICATES IN IBM JDK’S CACERTS.
  - IJ10566 SUPPORT EBCDIC CODE PAGE IBM-274 – BELGIUM EBCDIC

* Java Virtual Machine

  - IJ08730 APPLICATION SIGNAL HANDLER NOT INVOKED FOR SIGABRT
  - IJ10453 ASSERTION FAILURE AT CLASSPATHITEM.CPP
  - IJ09574 CLASSLOADER DEFINED THROUGH SYSTEM PROPERTY ‘JAVA.SYSTEM.CLASS.LOADE R’ IS NOT HONORED.
  - IJ10931 CVE-2018-3169
  - IJ10618 GPU SORT: UNSPECIFIED LAUNCH FAILURE
  - IJ10619 INCORRECT ILLEGALARGUMENTEXCEPTION BECAUSE OBJECT IS NOT AN INSTANCE OF DECLARING CLASS ON REFLECTIVE INVOCATION
  - IJ10135 JVM HUNG IN GARBAGECOLLECTORMXBEAN.G ETLASTGCINFO() API
  - IJ10680 RECURRENT ABORTED SCAVENGE

* ORB

  - IX90187 CLIENTREQUESTIMPL.REINVO KE FAILS WITH JAVA.LANG.INDEXOUTOFBOUN DSEXCEPTION

* Reliability and Serviceability

  - IJ09600 DTFJ AND JDMPVIEW FAIL TO PARSE WIDE REGISTER VALUES

* Security

  - IJ10492 'EC KEYSIZE < 384' IS NOT HONORED USING THE 'JDK.TLS.DISABLEDALGORIT HMS' SECURITY PROPERTY
  - IJ10310 ADD NULL CHECKING ON THE ENCRYPTION TYPES LIST TO CREDENTIALS.GETDEFAULTNA TIVECREDS() METHOD
  - IJ10491 AES/GCM CIPHER – AAD NOT RESET TO UN-INIT STATE AFTER DOFINAL( ) AND INIT( )
  - IJ08442 HTTP PUBLIC KEY PINNING FINGERPRINT,PROBLEM WITH CONVERTING TO JKS KEYSTORE
  - IJ09107 IBMPKCS11IMPL CRYPTO PROVIDER – INTERMITTENT ERROR WITH SECP521R1 SIGNATURE ON Z/OS
  - IJ10136 IBMPKCS11IMPL – INTERMITTENT ERROR WITH SECP521R1 SIG ON Z/OS AND Z/LINUX
  - IJ08530 IBMPKCS11IMPL PROVIDER USES THE WRONG RSA CIPHER MECHANISM FOR THE RSA/ECB/PKCS1PADDING CIPHER
  - IJ08723 JAAS THROWS A ‘ARRAY INDEX OUT OF RANGE’ EXCEPTION
  - IJ08704 THE SECURITY PROPERTY ‘JDK.CERTPATH.DISABLEDAL GORITHMS’ IS MISTAKENLY BEING USED TO FILTER JAR SIGNING ALGORITHMS

* z/OS Extentions

  - PH03889 ADD SUPPORT FOR TRY-WITH-RESOURCES TO COM.IBM.JZOS.ENQUEUE
  - PH03414 ROLLOVER FROM SYE TO SAE FOR ICSF REASON CODE 3059
  - PH04008 ZERTJSSE – Z SYSTEMS ENCRYPTION READINESS TOOL (ZERT) NEW SUPPORT IN THE Z/OS JAVA SDK

This includes the update to Java 8.0 Service Refresh 5 Fix Pack 22:

* Java Virtual Machine

  - IJ09139 CUDA4J NOT AVAILABLE ON ALL PLATFORMS

* JIT Compiler

  - IJ09089 CRASH DURING COMPILATION IN USEREGISTER ON X86-32
  - IJ08655 FLOATING POINT ERROR (SIGFPE) IN ZJ9SYM1 OR ANY VM/JIT MODULE ON AN INSTRUCTION FOLLOWING A VECTOR INSTRUCTION
  - IJ08850 CRASH IN ARRAYLIST$ITR.NEXT()
  - IJ09601 JVM CRASHES ON A SIGBUS SIGNAL WHEN ACCESSING A DIRECTBYTEBUFFER

* z/OS Extentions

  - PH02999 JZOS data management classes accept dataset names in code pages supported by z/OS system services
  - PH01244 OUTPUT BUFFER TOO SHORT FOR GCM MODE ENCRYPTION USING IBMJCEHYBRID

Also the update to Java 8.0 Service Refresh 5 Fix Pack 21

* Class Libraries

  - IJ08569 JAVA.IO.IOEXCEPTION OCCURS WHEN A FILECHANNEL IS BIGGER THAN 2GB ON AIX PLATFORM
  - IJ08570 JAVA.LANG.UNSATISFIEDLIN KERROR WITH JAVA OPTION -DSUN.JAVA2D.CMM=SUN.JAV A2D.CMM.KCMS.KCMSSERVICE PROVIDER ON AIX PLATFORM

* Java Virtual Machine

  - IJ08001 30% THROUGHPUT DROP FOR CERTAIN SYNCHRONIZATION WORKLOADS
  - IJ07997 TRACEASSERT IN GARBAGE COLLECTOR(MEMORYSUBSPACE)

* JIT Compiler

  - IJ08503 ASSERTION IS HIT DUE TO UNEXPECTED STACK HEIGHT IN DEBUGGING MODE
  - IJ08375 CRASH DURING HARDWARE GENERATED GUARDED STORAGE EVENT WITHIN A TRANSACTIONAL EXECUTION REGION WHEN RUNNING WITH -XGC:CONCURRENTS
  - IJ08205 CRASH WHILE COMPILING
  - IJ09575 INCORRECT RESULT WHEN USING JAVA.LANG.MATH.MIN OR MAX ON 31-BIT JVM
  - IJ07886 INCORRECT CALUCATIONS WHEN USING NUMBERFORMAT.FORMAT() AND BIGDECIMAL.{FLOAT/DOUBLE }VALUE()

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2792-1
Released:    Tue Nov 27 10:52:31 2018
Summary:     Recommended update for autofs
Type:        recommended
Severity:    moderate
References:  1093436
This update for autofs fixes the following issues:

- Fix file descriptor leak (bsc#1093436)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2793-1
Released:    Tue Nov 27 13:38:46 2018
Summary:     Security update for tiff
Type:        security
Severity:    moderate
References:  1099257,1113094,1113672,CVE-2018-12900,CVE-2018-18557,CVE-2018-18661
This update for tiff fixes the following issues:

Security issues fixed:

- CVE-2018-12900: Fixed heap-based buffer overflow in the cpSeparateBufToContigBuf (bsc#1099257).
- CVE-2018-18661: Fixed NULL pointer dereference in the function LZWDecode in the file tif_lzw.c (bsc#1113672).
- CVE-2018-18557: Fixed JBIG decode can lead to out-of-bounds write (bsc#1113094).

Non-security issues fixed:

- asan_build: build ASAN included
- debug_build: build more suitable for debugging

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2797-1
Released:    Tue Nov 27 15:54:44 2018
Summary:     Security update for rubygem-loofah
Type:        security
Severity:    moderate
References:  1113969,CVE-2018-16468
This update for rubygem-loofah fixes the following issues:

Security issue fixed:

- CVE-2018-16468: Fixed XXS by removing the svg animate attribute `from` from the allowlist (bsc#1113969).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2798-1
Released:    Wed Nov 28 07:48:35 2018
Summary:     Recommended update for make
Type:        recommended
Severity:    moderate
References:  1100504
This update for make fixes the following issues:

- Use a non-blocking read with pselect to avoid hangs (bsc#1100504)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2818-1
Released:    Fri Nov 30 14:32:24 2018
Summary:     Recommended update for skopeo
Type:        recommended
Severity:    moderate
References:  1115165

This update for skopeo to version 0.1.32 adds the following feature:

- implement `skopeo sync` command (bsc#1115165)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2825-1
Released:    Mon Dec  3 15:35:02 2018
Summary:     Security update for pam
Type:        security
Severity:    important
References:  1115640,CVE-2018-17953
This update for pam fixes the following issue:

Security issue fixed:

- CVE-2018-17953: Fixed IP address and subnet handling of pam_access.so that was not honoured correctly when a single host was specified (bsc#1115640).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2857-1
Released:    Thu Dec  6 09:40:03 2018
Summary:     Security update for rubygem-activejob-5_1
Type:        security
Severity:    low
References:  1117632,CVE-2018-16476
This update for rubygem-activejob-5_1 fixes the following issues:

Security issue fixed:

- CVE-2018-16476: Fixed broken access control vulnerability (bsc#1117632).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2861-1
Released:    Thu Dec  6 14:32:01 2018
Summary:     Security update for ncurses
Type:        security
Severity:    important
References:  1103320,1115929,CVE-2018-19211
This update for ncurses fixes the following issues:

Security issue fixed:

- CVE-2018-19211: Fixed denial of service issue that was triggered by a NULL pointer dereference at function _nc_parse_entry (bsc#1115929).

Non-security issue fixed:

- Remove scree.xterm from terminfo data base as with this screen uses fallback TERM=screen (bsc#1103320). 

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2862-1
Released:    Thu Dec  6 14:33:19 2018
Summary:     Security update for openssl-1_0_0
Type:        security
Severity:    moderate
References:  1100078,1112209,1113534,1113652,1113742,CVE-2018-0734,CVE-2018-5407
This update for openssl-1_0_0 fixes the following issues:

Security issues fixed:

- CVE-2018-0734: Fixed timing vulnerability in DSA signature generation (bsc#1113652).
- CVE-2018-5407: Added elliptic curve scalar multiplication timing attack defenses that fixes 'PortSmash' (bsc#1113534).

Non-security issues fixed:

- Added missing timing side channel patch for DSA signature generation (bsc#1113742).
- Set TLS version to 0 in msg_callback for record messages to avoid confusing applications (bsc#1100078).
- Fixed infinite loop in DSA generation with incorrect parameters (bsc#1112209)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2864-1
Released:    Fri Dec  7 10:21:20 2018
Summary:     Security update for tiff
Type:        security
Severity:    moderate
References:  1017693,1054594,1115717,990460,CVE-2016-10092,CVE-2016-10093,CVE-2016-10094,CVE-2016-6223,CVE-2017-12944,CVE-2018-19210
This update for tiff fixes the following issues:

Security issues fixed:

- CVE-2018-19210: Fixed NULL pointer dereference in the TIFFWriteDirectorySec function (bsc#1115717).
- CVE-2017-12944: Fixed denial of service issue in the TIFFReadDirEntryArray function (bsc#1054594).
- CVE-2016-10094: Fixed heap-based buffer overflow in the _tiffWriteProc function (bsc#1017693).
- CVE-2016-10093: Fixed heap-based buffer overflow in the _TIFFmemcpy function (bsc#1017693).
- CVE-2016-10092: Fixed heap-based buffer overflow in the TIFFReverseBits function (bsc#1017693).
- CVE-2016-6223: Fixed out-of-bounds read on memory-mapped files in TIFFReadRawStrip1() and TIFFReadRawTile1() (bsc#990460).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2866-1
Released:    Fri Dec  7 12:04:49 2018
Summary:     Recommended update for helm-mirror
Type:        recommended
Severity:    low
References:  1116182

This update provides helm-mirror to the Containers module.

This utility mirrors Helm repositories to a local directory and it
can extract used container images.
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2882-1
Released:    Mon Dec 10 08:07:44 2018
Summary:     Security update for cups
Type:        security
Severity:    important
References:  1115750,CVE-2018-4700
This update for cups fixes the following issues:

Security issue fixed:

- CVE-2018-4700: Fixed extremely predictable cookie generation that is effectively breaking the CSRF protection of the CUPS web interface (bsc#1115750).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2908-1
Released:    Tue Dec 11 21:48:30 2018
Summary:     Recommended update for susefirewall2-to-firewalld
Type:        recommended
Severity:    moderate
References:  1115001
This update for susefirewall2-to-firewalld fixes the following issues:

- Add input and forward zone to the known ones (bsc#1115001)
- Stop guessing firewall service from port/proto

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:2914-1
Released:    Wed Dec 12 13:37:46 2018
Summary:     Security update for ghostscript
Type:        security
Severity:    important
References:  1109105,1111479,1111480,1112229,1117022,1117274,1117313,1117327,1117331,CVE-2018-17183,CVE-2018-17961,CVE-2018-18073,CVE-2018-18284,CVE-2018-19409,CVE-2018-19475,CVE-2018-19476,CVE-2018-19477
This update for ghostscript to version 9.26 fixes the following issues:

Security issues fixed:

- CVE-2018-19475: Fixed bypass of an intended access restriction in psi/zdevice2.c (bsc#1117327)
- CVE-2018-19476: Fixed bypass of an intended access restriction in psi/zicc.c (bsc#1117313)
- CVE-2018-19477: Fixed bypass of an intended access restriction in psi/zfjbig2.c (bsc#1117274)
- CVE-2018-19409: Check if another device is used correctly in LockSafetyParams (bsc#1117022)
- CVE-2018-18284: Fixed potential sandbox escape through 1Policy operator (bsc#1112229)
- CVE-2018-18073: Fixed leaks through operator in saved execution stacks (bsc#1111480)
- CVE-2018-17961: Fixed a -dSAFER sandbox escape by bypassing executeonly (bsc#1111479)
- CVE-2018-17183: Fixed a potential code injection by specially crafted PostScript files (bsc#1109105)

Version update to 9.26 (bsc#1117331):

- Security issues have been the primary focus
- Minor bug fixes and improvements
- For release summary see: http://www.ghostscript.com/doc/9.26/News.htm

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2926-1
Released:    Thu Dec 13 11:24:58 2018
Summary:     Recommended update for java-1_8_0-ibm
Type:        recommended
Severity:    important
References:  1119213
This update for java-1_8_0-ibm fixes the following issues:

- Update to Java 8.0 Service Refresh 5 Fix Pack 26 [bsc#1119213]
  * Fixes several crashes that could have caused problems with
    SUSE Manager installations

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2939-1
Released:    Fri Dec 14 13:59:54 2018
Summary:     Recommended update for libcdio
Type:        recommended
Severity:    moderate
References:  1108134
This update for libcdio fixes the following issues:

- Remove API/ABI breaking changes from libcdio patch (bsc#1108134).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2961-1
Released:    Mon Dec 17 19:51:40 2018
Summary:     Recommended update for psmisc
Type:        recommended
Severity:    moderate
References:  1098697,1112780
This update for psmisc provides the following fix:

- Make the fuser option -m <block_device> work even with mountinfo. (bsc#1098697)
- Support also btrFS entries in mountinfo, that is use stat(2) to determine the device
  of the mounted subvolume (bsc#1098697, bsc#1112780)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2970-1
Released:    Mon Dec 17 19:53:42 2018
Summary:     Recommended update for libmtp
Type:        recommended
Severity:    moderate
References:  1110868
This update for libmtp fixes the following issues:

- Adjusted udev rules for new kernel versions (bsc#1110868)
- Added lots of new USB ids
- Some more small bug fixes

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:3024-1
Released:    Fri Dec 21 11:23:50 2018
Summary:     Security update for enigmail
Type:        security
Severity:    moderate
References:  1118935
This update for enigmail to version 2.0.9 fixes the following issues:

Security issue fixed:

- When using Web Key Discovery, a HTTP authentication may be triggered.
  This may trick users into possibly sending e-mail credentials (bsc#1118935).

Non-security issues fixed:

- pEp - PGP/MIME signed-only messages are ignored
- Autocrypt overrules manually created Per-Recipient Rules
- 'Re:' prefix on subject line disappears when editing encrypted, saved draft

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:3044-1
Released:    Fri Dec 21 18:47:21 2018
Summary:     Security update for MozillaFirefox, mozilla-nspr and mozilla-nss
Type:        security
Severity:    important
References:  1097410,1106873,1119069,1119105,CVE-2018-0495,CVE-2018-12384,CVE-2018-12404,CVE-2018-12405,CVE-2018-17466,CVE-2018-18492,CVE-2018-18493,CVE-2018-18494,CVE-2018-18498
This update for MozillaFirefox, mozilla-nss and mozilla-nspr fixes the following issues:

Issues fixed in MozillaFirefox:

- Update to Firefox ESR 60.4 (bsc#1119105)
- CVE-2018-17466: Fixed a buffer overflow and out-of-bounds read in ANGLE library with TextureStorage11
- CVE-2018-18492: Fixed a use-after-free with select element
- CVE-2018-18493: Fixed a buffer overflow in accelerated 2D canvas with Skia
- CVE-2018-18494: Fixed a Same-origin policy violation using location attribute and performance.getEntries
  to steal cross-origin URLs
- CVE-2018-18498: Fixed a integer overflow when calculating buffer sizes for images
- CVE-2018-12405: Fixed a few memory safety bugs

Issues fixed in mozilla-nss:

- Update to NSS 3.40.1 (bsc#1119105)
- CVE-2018-12404: Fixed a cache side-channel variant of the Bleichenbacher attack (bsc#1119069)
- CVE-2018-12384: Fixed an issue in the SSL handshake. NSS responded to an
  SSLv2-compatible ClientHello with a ServerHello that had an all-zero random. (bsc#1106873)
- CVE-2018-0495: Fixed a memory-cache side-channel attack with ECDSA signatures (bsc#1097410)
- Fixed a decryption failure during FFDHE key exchange
- Various security fixes in the ASN.1 code

Issues fixed in mozilla-nspr:

- Update mozilla-nspr to 4.20 (bsc#1119105)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:3064-1
Released:    Fri Dec 28 18:39:08 2018
Summary:     Security update for containerd, docker and go
Type:        security
Severity:    important
References:  1047218,1074971,1080978,1081495,1084533,1086185,1094680,1095817,1098017,1102522,1104821,1105000,1108038,1113313,1113978,1114209,1118897,1118898,1118899,1119634,1119706,CVE-2018-16873,CVE-2018-16874,CVE-2018-16875,CVE-2018-7187

This update for containerd, docker and go fixes the following issues:

containerd and docker:

- Add backport for building containerd (bsc#1102522, bsc#1113313)
- Upgrade to containerd v1.1.2, which is required for Docker v18.06.1-ce.
  (bsc#1102522)
- Enable seccomp support on SLE12 (fate#325877)
- Update to containerd v1.1.1, which is the required version for the Docker
  v18.06.0-ce upgrade. (bsc#1102522)
- Put containerd under the podruntime slice (bsc#1086185) 
- 3rd party registries used the default Docker certificate (bsc#1084533)
- Handle build breakage due to missing 'export GOPATH' (caused by resolution of
  boo#1119634). I believe Docker is one of the only packages with this problem.

go:
  
- golang: arbitrary command execution via VCS path (bsc#1081495, CVE-2018-7187)
- Make profile.d/go.sh no longer set GOROOT=, in order to make switching
  between versions no longer break. This ends up removing the need for go.sh
  entirely (because GOPATH is also set automatically) (boo#1119634)
- Fix a regression that broke go get for import path patterns containing '...'
  (bsc#1119706)

Additionally, the package go1.10 has been added.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2018:3066-1
Released:    Fri Dec 28 18:39:32 2018
Summary:     Security update for wireshark
Type:        security
Severity:    moderate
References:  1117740,CVE-2018-19622,CVE-2018-19623,CVE-2018-19624,CVE-2018-19625,CVE-2018-19626,CVE-2018-19627
This update for wireshark fixes the following issues:

Update to Wireshark 2.4.11 (bsc#1117740).

Security issues fixed:

- CVE-2018-19625: The Wireshark dissection engine could crash (wnpa-sec-2018-51)
- CVE-2018-19626: The DCOM dissector could crash (wnpa-sec-2018-52)
- CVE-2018-19623: The LBMPDM dissector could crash (wnpa-sec-2018-53) 
- CVE-2018-19622: The MMSE dissector could go into an infinite loop (wnpa-sec-2018-54)
- CVE-2018-19627: The IxVeriWave file parser could crash (wnpa-sec-2018-55) 
- CVE-2018-19624: The PVFS dissector could crash (wnpa-sec-2018-56)

Further bug fixes and updated protocol support as listed in:

- https://www.wireshark.org/docs/relnotes/wireshark-2.4.11.html

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:5-1
Released:    Wed Jan  2 13:54:39 2019
Summary:     Security update for libraw
Type:        security
Severity:    moderate
References:  1097975,1103200,1103206,CVE-2018-5804,CVE-2018-5813,CVE-2018-5815,CVE-2018-5816
This update for libraw fixes the following issues:

Security issues fixed:

The following security vulnerabilities were addressed:

- CVE-2018-5813: Fixed an error within the 'parse_minolta()' function
  (dcraw/dcraw.c) that could be exploited to trigger an infinite loop via a
  specially crafted file. This could be exploited to cause a DoS.(boo#1103200).
- CVE-2018-5815: Fixed an integer overflow in the
  internal/dcraw_common.cpp:parse_qt() function, that could be exploited to
  cause an infinite loop via a specially crafted Apple QuickTime file.
  (boo#1103206)
- CVE-2018-5804,CVE-2018-5816: Fixed a type confusion error in the identify function (bsc#1097975)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:6-1
Released:    Wed Jan  2 20:25:25 2019
Summary:     Recommended update for gcc7
Type:        recommended
Severity:    moderate
References:  1099119,1099192


GCC 7 was updated to the GCC 7.4 release.

- Fix AVR configuration to not use __cxa_atexit or libstdc++ headers.
  Point to /usr/avr/sys-root/include as system header include directory.
- Includes fix for build with ISL 0.20.
- Pulls fix for libcpp lexing bug on ppc64le manifesting during
  build with gcc8.  [bsc#1099119]
- Pulls fix for forcing compile-time tuning even when building
  with -march=z13 on s390x.  [bsc#1099192]
- Fixes support for 32bit ASAN with glibc 2.27+


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:9-1
Released:    Wed Jan  2 20:26:17 2019
Summary:     Recommended update for mirror
Type:        recommended
Severity:    moderate
References:  1117110
This update for mirror provides the following fix:

- Check if a directory must be removed. In case all the previous content of a directory is
  removed, but new content for the directory was downloaded, do not remove it.
  (bsc#1117110)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:32-1
Released:    Tue Jan  8 13:03:20 2019
Summary:     Recommended update for librdkafka
Type:        recommended
Severity:    moderate
References:  1119963

This update ships librdkafka 0.11.6 to SUSE Linux Enterprise Server 15.

librdkafka is a C library implementation of the Apache Kafka protocol,
containing both Producer and Consumer support.


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:44-1
Released:    Tue Jan  8 13:07:32 2019
Summary:     Recommended update for acl
Type:        recommended
Severity:    low
References:  953659
This update for acl fixes the following issues:

- test: Add helper library to fake passwd/group files.
- quote: Escape literal backslashes. (bsc#953659)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:48-1
Released:    Wed Jan  9 17:24:55 2019
Summary:     Security update for helm-mirror
Type:        security
Severity:    moderate
References:  1116182,1118897,1118898,1118899,1120762,CVE-2018-16873,CVE-2018-16874,CVE-2018-16875
This update for helm-mirror to version 0.2.1 fixes the following issues:


Security issues fixed:

- CVE-2018-16873: Fixed a remote command execution (bsc#1118897)
- CVE-2018-16874: Fixed a directory traversal in 'go get' via curly braces in import path (bsc#1118898)
- CVE-2018-16875: Fixed a CPU denial of service (bsc#1118899)

Non-security issue fixed:

- Update to v0.2.1 (bsc#1120762)
- Include helm-mirror into the containers module (bsc#1116182)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:58-1
Released:    Thu Jan 10 16:03:31 2019
Summary:     Security update for java-1_8_0-openjdk
Type:        security
Severity:    important
References:  1112142,1112143,1112144,1112146,1112147,1112148,1112152,1112153,CVE-2018-13785,CVE-2018-16435,CVE-2018-3136,CVE-2018-3139,CVE-2018-3149,CVE-2018-3169,CVE-2018-3180,CVE-2018-3183,CVE-2018-3214
This update for java-1_8_0-openjdk to version 8u191 fixes the following issues:

Security issues fixed:

- CVE-2018-3136: Manifest better support (bsc#1112142)
- CVE-2018-3139: Better HTTP Redirection (bsc#1112143)
- CVE-2018-3149: Enhance JNDI lookups (bsc#1112144)
- CVE-2018-3169: Improve field accesses (bsc#1112146)
- CVE-2018-3180: Improve TLS connections stability (bsc#1112147)
- CVE-2018-3214: Better RIFF reading support (bsc#1112152)
- CVE-2018-13785: Upgrade JDK 8u to libpng 1.6.35 (bsc#1112153)
- CVE-2018-3183: Improve script engine support (bsc#1112148)
- CVE-2018-16435: heap-based buffer overflow in SetData function in cmsIT8LoadFromFile

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:75-1
Released:    Fri Jan 11 13:29:22 2019
Summary:     Recommended update for azure-li-services, python-Cerberus
Type:        recommended
Severity:    moderate
References:  1103542,1119702

This update for azure-li-services, python-Cerberus fixes the following issues:

azure-li-services and its dependency python-Cerberus were added to the Public Cloud Module. (fate#326575 bsc#1103542)

'azure-li-services' is a package providing services to setup a system suitable to run SAP workloads on it.

  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:76-1
Released:    Fri Jan 11 13:46:45 2019
Summary:     Recommended update for lifecycle-data-sle-module-live-patching
Type:        recommended
Severity:    moderate
References:  1020320

This update for lifecycle-data-sle-module-live-patching adds lifecycle data for following live patches:
  
- 4_12_14-23, 4_12_14-25_13, 4_12_14-25_16, 4_12_14-25_19,
  4_12_14-25_22, 4_12_14-25_25, 4_12_14-25_3,
  4_12_14-25_6. (bsc#1020320)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:82-1
Released:    Fri Jan 11 17:16:48 2019
Summary:     Recommended update for suse-build-key
Type:        recommended
Severity:    moderate
References:  1044232
This update for suse-build-key fixes the following issues:

- Include the SUSE PTF GPG key in the key directory to avoid it being
  stripped via %doc stripping in CAASP. (bsc#1044232)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:89-1
Released:    Tue Jan 15 13:15:33 2019
Summary:     Recommended update for python3-susepubliccloudinfo
Type:        recommended
Severity:    moderate
References:  1121150,1121151
This update for python3-susepubliccloudinfo fixes the following issues:

Update to version 1.1.0 (bsc#1121151, bsc#1121150)

  + Support new inactive state
  + Remove awscvsgen and associated subpackage

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:90-1
Released:    Tue Jan 15 13:15:42 2019
Summary:     Recommended update for regionServiceClientConfigEC2
Type:        recommended
Severity:    moderate
References:  1121114
This update for regionServiceClientConfigEC2 2.1.0 fixes the following issues:

Add the SUSE server IP 34.197.223.242 to the configuration. (bsc#1121114)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:93-1
Released:    Tue Jan 15 14:48:33 2019
Summary:     Security update for wget
Type:        security
Severity:    important
References:  1120382,CVE-2018-20483
This update for wget fixes the following issues:

Security issue fixed:

- CVE-2018-20483: Fixed an information disclosure through file metadata (bsc#1120382)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:97-1
Released:    Tue Jan 15 18:01:38 2019
Summary:     Recommended update for rpmlint
Type:        recommended
Severity:    moderate
References:  1015141,1076467,1089114,1089340,1095769,1097339,1102836,1104110,1108037,1109938,1111254,1116686,1116758,1119975
This update for rpmlint fixes the following issues:

- Update rpmlint-checks to version master (bsc#1116686)
- whitelist boltd dbus service (bsc#1119975)
- whitelist pam_slurm_adopt (bsc#1116758)
- Add user/group 'slurm' for package slurm (FATE#316379)
- whitelist keepalived dbus service (bsc#1015141)
- remove openswan whitelisting (bsc#1089340)
- whitelist systemd-timesyncd (bsc#1111254) 
- whitelist NetworkManager-fortisslvpn (bsc#1109938)
- whitelist iwd D-Bus service (bsc#1108037)
- whitelist xpra D-Bus service (bsc#1102836)
- adjust maximum valid suse_version to 1550 (bsc#1104110)
- whitelist ratbagd D-Bus service (bsc#1076467)
- whitelist pam_oath PAM module after audit (bsc#1089114)
- Update rpmlint-checks to version master (bsc#1097339)
- whitelisting NetworkManager-libreswan plugin (bsc#1089340)
- add Lua/NodeJS related groups to list of valid groups (bsc#1095769)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:102-1
Released:    Tue Jan 15 18:02:58 2019
Summary:     Recommended update for timezone
Type:        recommended
Severity:    moderate
References:  1120402
This update for timezone fixes the following issues:

- Update 2018i:
  São Tomé and Príncipe switches from +01 to +00 on 2019-01-01. (bsc#1120402)
- Update 2018h:
  Qyzylorda, Kazakhstan moved from +06 to +05 on 2018-12-21
  New zone Asia/Qostanay because Qostanay, Kazakhstan didn't move
  Metlakatla, Alaska observes PST this winter only
  Guess Morocco will continue to adjust clocks around Ramadan
  Add predictions for Iran from 2038 through 2090
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:110-1
Released:    Thu Jan 17 14:17:05 2019
Summary:     Security update for zeromq
Type:        security
Severity:    important
References:  1121717,CVE-2019-6250
This update for zeromq fixes the following issues:

Security issue fixed:

- CVE-2019-6250: fix a remote execution vulnerability due to
  pointer arithmetic overflow (bsc#1121717)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:112-1
Released:    Thu Jan 17 14:19:30 2019
Summary:     Security update for soundtouch
Type:        security
Severity:    moderate
References:  1108631,1108632,CVE-2018-17097,CVE-2018-17098
This update for soundtouch fixes the following issues:

Security issues fixed:

- CVE-2018-17098: Fixed a heap corruption from size inconsistency, which
  allowed remote attackers to cause a denial of service or possibly have
  other unspecified impact (bsc#1108632)
- CVE-2018-17097: Fixed a double free, which allowed remote attackers to cause
  a denial of service or possibly have other unspecified impact  (bsc#1108631)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:130-1
Released:    Fri Jan 18 16:30:56 2019
Summary:     Security update for wireshark
Type:        security
Severity:    moderate
References:  1121232,1121233,1121234,1121235,CVE-2019-5717,CVE-2019-5718,CVE-2019-5719,CVE-2019-5721
This update for wireshark to version 2.4.12 fixes the following issues:

Security issues fixed:

- CVE-2019-5717: Fixed a denial of service in the P_MUL dissector (bsc#1121232)
- CVE-2019-5718: Fixed a denial of service in the RTSE dissector and other dissectors (bsc#1121233)
- CVE-2019-5719: Fixed a denial of service in the ISAKMP dissector (bsc#1121234)
- CVE-2019-5721: Fixed a denial of service in the ISAKMP dissector (bsc#1121235)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:133-1
Released:    Mon Jan 21 09:35:52 2019
Summary:     Security update for libraw
Type:        security
Severity:    moderate
References:  1120498,1120499,1120500,1120515,1120516,1120517,1120519,CVE-2018-20337,CVE-2018-20363,CVE-2018-20364,CVE-2018-20365,CVE-2018-5817,CVE-2018-5818,CVE-2018-5819
This update for libraw fixes the following issues:

Security issues fixed:                                                                     
                                                                                                            
- CVE-2018-20337: Fixed a stack-based buffer overflow in the parse_makernote function of dcraw_common.cpp (bsc#1120519)
- CVE-2018-20365: Fixed a heap-based buffer overflow in the raw2image function of libraw_cxx.cpp (bsc#1120500)
- CVE-2018-20364: Fixed a NULL pointer dereference in the copy_bayer function of libraw_cxx.cpp (bsc#1120499)
- CVE-2018-20363: Fixed a NULL pointer dereference in the raw2image function of libraw_cxx.cpp (bsc#1120498)          
- CVE-2018-5817: Fixed an infinite loop in the unpacked_load_raw function of dcraw_common.cpp (bsc#1120515)
- CVE-2018-5818: Fixed an infinite loop in the parse_rollei function of dcraw_common.cpp (bsc#1120516)    
- CVE-2018-5819: Fixed a denial of service in the parse_sinar_ia function of dcraw_common.cpp (bsc#1120517)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:145-1
Released:    Wed Jan 23 15:55:42 2019
Summary:     Security update for ghostscript
Type:        security
Severity:    important
References:  1122319,CVE-2019-6116
This update for ghostscript version 9.26a fixes the following issues:

Security issue fixed:

- CVE-2019-6116: subroutines within pseudo-operators must themselves be pseudo-operators (bsc#1122319)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:155-1
Released:    Thu Jan 24 13:50:25 2019
Summary:     Recommended update for csync
Type:        recommended
Severity:    moderate
References:  1113889
This update for csync fixes the following issues:

- Fix a compile error on Leap 15.1 (bsc#1113889)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:201-1
Released:    Tue Jan 29 20:19:32 2019
Summary:     Recommended update for google-compute-engine
Type:        recommended
Severity:    moderate
References:  1119029,1119110,1122172
This update for google-compute-engine provides the following fixes:

- Fixes from version 20181206 (bsc#1119029, bsc#1119110):
  + Google Compute Engine
    * Support enabling OS Login two factor authentication.
    * Improve accounts support for FreeBSD.
  + Google Compute Engine OS Login
    * Support OS Login two factor authentication (Alpha).
    * Improve SELinux support.
- Fixes from version 20181023:
  + Google Compute Engine
    * Fix: Update sudoer group membership without overriding local groups.
- Fixes from version 20181018:
  + Google Compute Engine
    * Fix: Remove users from sudoers group on account removal.
- Fixes from version 20181011:
  + Google Compute Engine
    * Revert: Remove users from sudoers group on account removal.
- Fixes from version 20181008:
  + Google Compute Engine
    * Remove users from sudoers group on account removal.
    * Remove gsutil dependency for metadata scripts.
- Fixes from version 20180905:
  + Google Compute Engine
    * Remove ntp package dependency.
    * Support Debian 10 Buster.
    * Restart the network daemon if networking is restarted.
    * Prevent setup of the default ethernet interface.
    * Accounts daemon verifies username is 32 characters or less.
  + Google Compute Engine OS Login
    * Add user name validation to pam modules.
    * Return false on failed final load.
    * Support FreeBSD.
    * Support Debian 10 Buster.
- Fixes from version 20180611:
  + Google Compute Engine
    * Prevent IP forwarding daemon log spam.
    * Make default shell configurable when executing metadata scripts.
    * Rename distro directory to distro_lib.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:207-1
Released:    Tue Jan 29 20:20:24 2019
Summary:     Recommended update for container-suseconnect
Type:        recommended
Severity:    moderate
References:  1119496
This update for container-suseconnect fixes the following issues:

container-suseconnect was updated to 2.0.0 (bsc#1119496):

- Added command line interface
- Added `ADDITIONAL_MODULES` capability to enable further extension modules during image build and run
- Added documentation about how to build docker images on non SLE distributions
- Improve documentation to clarify how container-suseconnect works in a Dockerfile
- Improve error handling on non SLE hosts
- Fix bug which makes container-suseconnect work on SLE15 based distributions

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:221-1
Released:    Fri Feb  1 15:20:56 2019
Summary:     Security update for java-11-openjdk
Type:        security
Severity:    important
References:  1120431,1122293,1122299,CVE-2018-11212,CVE-2019-2422,CVE-2019-2426
This update for java-11-openjdk to version 11.0.2+7 fixes the following issues:

Security issues fixed:

- CVE-2019-2422: Better FileChannel transfer performance (bsc#1122293)
- CVE-2019-2426: Improve web server connections
- CVE-2018-11212: Improve JPEG processing (bsc#1122299)
- Better route routing
- Better interface enumeration
- Better interface lists
- Improve BigDecimal support
- Improve robot support
- Better icon support
- Choose printer defaults
- Proper allocation handling
- Initial class initialization
- More reliable p11 transactions
- Improve NIO stability
- Better loading of classloader classes
- Strengthen Windows Access Bridge Support
- Improved data set handling
- Improved LSA authentication
- Libsunmscapi improved interactions

Non-security issues fix:

- Do not resolve by default the added JavaEE modules (bsc#1120431)
- ~2.5% regression on compression benchmark starting with 12-b11
- java.net.http.HttpClient hangs on 204 reply without Content-length 0
- Add additional TeliaSonera root certificate
- Add more ld preloading related info to hs_error file on Linux
- Add test to exercise server-side client hello processing
- AES encrypt performance regression in jdk11b11
- AIX: ProcessBuilder: Piping between created processes does not work.
- AIX: Some class library files are missing the Classpath exception
- AppCDS crashes for some uses with JRuby
- Automate vtable/itable stub size calculation
- BarrierSetC1::generate_referent_check() confuses register allocator
- Better HTTP Redirection
- Catastrophic size_t underflow in BitMap::*_large methods
- Clip.isRunning() may return true after Clip.stop() was called
- Compiler thread creation should be bounded by available space in memory and Code Cache
- com.sun.net.httpserver.HttpServer returns Content-length header for 204 response code
- Default mask register for avx512 instructions
- Delayed starting of debugging via jcmd
- Disable all DES cipher suites
- Disable anon and NULL cipher suites
- Disable unsupported GCs for Zero
- Epsilon alignment adjustments can overflow max TLAB size
- Epsilon elastic TLAB sizing may cause misalignment
- HotSpot update for vm_version.cpp to recognise updated VS2017
- HttpClient does not retrieve files with large sizes over HTTP/1.1
- IIOException 'tEXt chunk length is not proper' on opening png file
- Improve TLS connection stability again
- InitialDirContext ctor sometimes throws NPE if the server has sent a disconnection
- Inspect stack during error reporting
- Instead of circle rendered in appl window, but ellipse is produced JEditor Pane
- Introduce diagnostic flag to abort VM on failed JIT compilation
- Invalid assert(HeapBaseMinAddress > 0) in ReservedHeapSpace::initialize_compressed_heap
- jar has issues with UNC-path arguments for the jar -C parameter [windows]
- java.net.http HTTP client should allow specifying Origin and Referer headers
- java.nio.file.Files.writeString writes garbled UTF-16 instead of UTF-8
- JDK 11.0.1 l10n resource file update
- JDWP Transport Listener: dt_socket thread crash
- JVMTI ResourceExhausted should not be posted in CompilerThread
- LDAPS communication failure with jdk 1.8.0_181
- linux: Poor StrictMath performance due to non-optimized compilation
- Missing synchronization when reading counters for live threads and peak thread count
- NPE in SupportedGroupsExtension
- OpenDataException thrown when constructing CompositeData for StackTraceElement
- Parent class loader may not have a referred ClassLoaderData instance when obtained in Klass::class_in_module_of_loader
- Populate handlers while holding streamHandlerLock
- ppc64: Enable POWER9 CPU detection
- print_location is not reliable enough (printing register info)
- Reconsider default option for ClassPathURLCheck change done in JDK-8195874
- Register to register spill may use AVX 512 move instruction on unsupported platform.
- s390: Use of shift operators not covered by cpp standard
- serviceability/sa/TestUniverse.java#id0 intermittently fails with assert(get_instanceKlass()->is_loaded()) failed: must be at least loaded
- SIGBUS in CodeHeapState::print_names()
- SIGSEGV in MethodArityHistogram() with -XX:+CountCompiledCalls
- Soft reference reclamation race in com.sun.xml.internal.stream.util.ThreadLocalBufferAllocator
- Swing apps are slow if displaying from a remote source to many local displays
- switch jtreg to 4.2b13
- Test library OSInfo.getSolarisVersion cannot determine Solaris version
- TestOptionsWithRanges.java is very slow
- TestOptionsWithRanges.java of '-XX:TLABSize=2147483648' fails intermittently
- The Japanese message of FileNotFoundException garbled
- The 'supported_groups' extension in ServerHellos
- ThreadInfoCompositeData.toCompositeData fails to map ThreadInfo to CompositeData
- TimeZone.getDisplayName given Locale.US doesn't always honor the Locale.
- TLS 1.2 Support algorithm in SunPKCS11 provider
- TLS 1.3 handshake server name indication is missing on a session resume
- TLS 1.3 server fails if ClientHello doesn't have pre_shared_key and psk_key_exchange_modes
- TLS 1.3 interop problems with OpenSSL 1.1.1 when used on the client side with mutual auth
- tz: Upgrade time-zone data to tzdata2018g
- Undefined behaviour in ADLC
- Update avx512 implementation
- URLStreamHandler initialization race
- UseCompressedOops requirement check fails fails on 32-bit system
- windows: Update OS detection code to recognize Windows Server 2019
- x86: assert on unbound assembler Labels used as branch targets
- x86: jck tests for ldc2_w bytecode fail
- x86: sharedRuntimeTrig/sharedRuntimeTrans compiled without optimization
- '-XX:OnOutOfMemoryError' uses fork instead of vfork

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:225-1
Released:    Mon Feb  4 13:36:52 2019
Summary:     Recommended update for hmaccalc
Type:        recommended
Severity:    moderate
References:  1122491
This update for hmaccalc fixes the following issues:

- require libfreebl3-hmac and libsoftokn3-hmac during building (bsc#1122491)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:247-1
Released:    Wed Feb  6 07:18:45 2019
Summary:     Security update for lua53
Type:        security
Severity:    moderate
References:  1123043,CVE-2019-6706
This update for lua53 fixes the following issues:

Security issue fixed:

- CVE-2019-6706: Fixed a use-after-free bug in the lua_upvaluejoin function of lapi.c (bsc#1123043)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:259-1
Released:    Wed Feb  6 11:26:09 2019
Summary:     Recommended update for man-pages-posix
Type:        recommended
Severity:    low
References:  1116987
This update for man-pages-posix fixes the following issues:

    - Supplements the package 'man' in order to install some missing man pages. (bnc#1116987)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:270-1
Released:    Wed Feb  6 15:43:23 2019
Summary:     Recommended update for mariadb-connector-c
Type:        recommended
Severity:    important
References:  1097938,1116686
This update for mariadb-connector-c fixes the following issues:

- Update to version 3.0.7 (bsc#1116686)
- Fixed installation issue where libmysqlclient.so.18 link was missing (bsc#1097938).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:276-1
Released:    Wed Feb  6 19:12:35 2019
Summary:     Recommended update for rollback-helper
Type:        recommended
Severity:    moderate
References:  1108618,1113048,1115555
This update for rollback-helper fixes the following issues:

- Added handling for separate /var subvolumes (bsc#1115555)
- Run before any other services calling zypper (bsc#1113048)
- Retry network connection if it doesn't work yet (bsc#1108618)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:286-1
Released:    Thu Feb  7 13:45:27 2019
Summary:     Security update for docker
Type:        security
Severity:    moderate
References:  1001161,1112980,1115464,1118897,1118898,1118899,1118990,1121412,CVE-2018-16873,CVE-2018-16874,CVE-2018-16875
This update for containerd, docker, docker-runc and golang-github-docker-libnetwork fixes the following issues:

Security issues fixed for containerd, docker, docker-runc and golang-github-docker-libnetwork:

- CVE-2018-16873: cmd/go: remote command execution during 'go get -u' (bsc#1118897)
- CVE-2018-16874: cmd/go: directory traversal in 'go get' via curly braces in import paths (bsc#1118898)
- CVE-2018-16875: crypto/x509: CPU denial of service (bsc#1118899)

Non-security issues fixed for docker:

- Disable leap based builds for kubic flavor (bsc#1121412)
- Allow users to explicitly specify the NIS domainname of a container (bsc#1001161)
- Update docker.service to match upstream and avoid rlimit problems (bsc#1112980)
- Allow docker images larger then 23GB (bsc#1118990)
- Docker version update to version 18.09.0-ce (bsc#1115464)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:317-1
Released:    Mon Feb 11 16:08:23 2019
Summary:     Recommended update for sendmail
Type:        recommended
Severity:    moderate
References:  1116675
This update for sendmail addresses the following issues:

- Fixes an issue with symlink creation on package installation. In order for the wrong
  symlink to be removed, the service needs to be disabled and re-enabled. (bsc#1116675)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:362-1
Released:    Wed Feb 13 13:31:56 2019
Summary:     Security update for docker-runc
Type:        security
Severity:    important
References:  1121967,CVE-2019-5736
This update for docker-runc fixes the following issues:
	  
Security issue fixed:

- CVE-2019-5736: Effectively copying /proc/self/exe during re-exec to avoid
  write attacks to the host runc binary, which could lead to a container
  breakout (bsc#1121967)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:366-1
Released:    Wed Feb 13 14:00:29 2019
Summary:     Recommended update for wireless-regdb
Type:        recommended
Severity:    moderate
References:  1121466
This update for wireless-regdb provides the following fixes:

- Changes in version 2018.10.24 (bsc#1121466):
  * Remove dependency to python attr.
  * Sync DE with ETSI EN 301 893 V2.1.1.
  * Sync FR with ETSI EN 301 893 V2.1.1.

- Changes in version 2018.09.07:
  * Update source of info for CU and ES.
  * Update regulatory rules for Switzerland (CH), and Liechtenstein.
  * Update regulatory rules for Finland (FI) on 5GHz (SRD devices).
  * Update rules for Hungary (HU) on 2.4/5/60G, 5725-5875MHz.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:371-1
Released:    Wed Feb 13 14:02:17 2019
Summary:     Recommended update for ypbind
Type:        recommended
Severity:    moderate
References:  1114640
This update for ypbind fixes the following issues:

- Fixes crash on reload. (bsc#1114640)
- Enhanced yp.conf manual page

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:374-1
Released:    Wed Feb 13 14:03:02 2019
Summary:     Recommended update for xrdb
Type:        recommended
Severity:    moderate
References:  1120004
This update for xrdb fixes the following issues:

- Now no warnings will be shown when parsing valid comments. (bsc#1120004)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:443-1
Released:    Tue Feb 19 18:53:19 2019
Summary:     Recommended update for google-compute-engine
Type:        recommended
Severity:    moderate
References:  1123671,1123672
This update for google-compute-engine fixes the following issues:

Google Compute Engine was updated to version 20190124 (bsc#1123671, bsc#1123672)

* Fix metadata script retrieval to support Python 3.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:464-1
Released:    Fri Feb 22 09:43:52 2019
Summary:     Recommended update for xkeyboard-config
Type:        recommended
Severity:    moderate
References:  1123784
This update for xkeyboard-config fixes the following issues:

- Fixes missing mappings for evdev keys KEY_RFKILL and KEY_WWAN. (bsc#1123784)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:487-1
Released:    Mon Feb 25 17:42:01 2019
Summary:     Recommended update for cloud-regionsrv-client
Type:        recommended
Severity:    moderate
References:  1029162,1114985,1120980
This update for cloud-regionsrv-client fixes the following issues:

Updated to version 8.1.3

+ Fix file permissions for generated credentials rw root only
+ Generate instance data as string as expected by zypper plugin
  handling
+ Write the proper credentials file when switching back to RIS service
+ Support registration against RMT
+ Implement URL resolver to facilitate instance verification for
  zypper access
+ Fixes related to bsc#1120980 also need server side support
+ IPv6 support
+ Fix handling of older cached SMT objects loaded from cached file

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:495-1
Released:    Tue Feb 26 16:42:35 2019
Summary:     Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork, runc
Type:        security
Severity:    important
References:  1048046,1051429,1114832,1118897,1118898,1118899,1121967,1124308,CVE-2018-16873,CVE-2018-16874,CVE-2018-16875,CVE-2019-5736
This update for containerd, docker, docker-runc, golang-github-docker-libnetwork, runc fixes the following issues:

Security issues fixed: 

- CVE-2018-16875: Fixed a CPU Denial of Service (bsc#1118899).
- CVE-2018-16874: Fixed a vulnerabity in go get command which could allow directory traversal in GOPATH mode (bsc#1118898).
- CVE-2018-16873: Fixed a vulnerability in go get command which could allow remote code execution when executed with -u in GOPATH mode (bsc#1118897).
- CVE-2019-5736: Effectively copying /proc/self/exe during re-exec to avoid write attacks to the host runc binary, which could lead to a container
  breakout (bsc#1121967).

Other changes and fixes: 

- Update shell completion to use Group: System/Shells.
- Add daemon.json file with rotation logs configuration (bsc#1114832)
- Update to Docker 18.09.1-ce (bsc#1124308) and to to runc 96ec2177ae84.
  See upstream changelog in the packaged /usr/share/doc/packages/docker/CHANGELOG.md.
- Update go requirements to >= go1.10 
- Use -buildmode=pie for tests and binary build (bsc#1048046 and bsc#1051429).
- Remove the usage of 'cp -r' to reduce noise in the build logs.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:500-1
Released:    Tue Feb 26 19:11:26 2019
Summary:     Recommended update for lifecycle-data-sle-module-live-patching
Type:        recommended
Severity:    moderate
References:  1020320,1126443
This update for lifecycle-data-sle-module-live-patching fixes the following issues:

- Fixed package names in the data file. (bsc#1126443)
- Added data for 4_12_14-25_28. (bsc#1020320)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:529-1
Released:    Fri Mar  1 13:46:51 2019
Summary:     Recommended update for cloud-netconfig
Type:        recommended
Severity:    moderate
References:  1112822,1118783,1122013,1123008
This update for cloud-netconfig provides the following fixes:

- Run cloud-netconfig periodically. (bsc#1118783, bsc#1122013)
- Do not treat eth0 special with regard to routing policies. (bsc#1123008)
- Reduce the timeout on metadata read. (bsc#1112822)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:533-1
Released:    Fri Mar  1 13:47:40 2019
Summary:     Recommended update for mirror
Type:        recommended
Severity:    low
References:  1123661
This update for mirror provides the following fix:

- Remove a warning that dump() will no longer be available in Perl 5.30. (bsc#1123661)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:550-1
Released:    Tue Mar  5 14:46:46 2019
Summary:     Recommended update for sapconf
Type:        recommended
Severity:    moderate
References:  1111243,1122741
This update for sapconf fixes the following issues:

- Source /etc/sysconfig/sapconf entries correctly, even if the
  /etc filesystem is read-only. (bsc#1122741)
- log skipping of existing /etc/systemd/logind.conf.d/sap.conf file
  during package installation. (bsc#1111243)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:567-1
Released:    Thu Mar  7 17:49:00 2019
Summary:     Recommended update for arpwatch
Type:        recommended
Severity:    moderate
References:  1119851
This update for arpwatch provides the following fix:

- Prevent a memory leak in gethname. (bsc#1119851)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:571-1
Released:    Thu Mar  7 18:13:46 2019
Summary:     Security update for file
Type:        security
Severity:    moderate
References:  1096974,1096984,1126117,1126118,1126119,CVE-2018-10360,CVE-2019-8905,CVE-2019-8906,CVE-2019-8907
This update for file fixes the following issues:

The following security vulnerabilities were addressed:

- CVE-2018-10360: Fixed an out-of-bounds read in the function do_core_note in
  readelf.c, which allowed remote attackers to cause a denial of service
  (application crash) via a crafted ELF file (bsc#1096974)
- CVE-2019-8905: Fixed a stack-based buffer over-read in do_core_note in readelf.c
  (bsc#1126118)
- CVE-2019-8906: Fixed an out-of-bounds read in do_core_note in readelf. c
  (bsc#1126119)
- CVE-2019-8907: Fixed a stack corruption in do_core_note in readelf.c
  (bsc#1126117)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:574-1
Released:    Fri Mar  8 15:22:51 2019
Summary:     Security update for java-1_8_0-openjdk
Type:        security
Severity:    important
References:  1122293,1122299,CVE-2018-11212,CVE-2019-2422
This update for java-1_8_0-openjdk to version jdk8u201 (icedtea 3.11.0) fixes the following issues:
	  
Security issues fixed: 

- CVE-2019-2422: Fixed a memory disclosure in FileChannelImpl (bsc#1122293).
- CVE-2018-11212: Fixed an issue in alloc_sarray function in jmemmgr.c (bsc#1122299).	

Complete list of changes: https://mail.openjdk.java.net/pipermail/distro-pkg-dev/2019-March/041223.html 

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:585-1
Released:    Tue Mar 12 12:59:09 2019
Summary:     Security update for java-1_8_0-ibm
Type:        security
Severity:    important
References:  1122292,1122293,1122299,1128158,CVE-2018-11212,CVE-2018-1890,CVE-2019-2422,CVE-2019-2449
This update for java-1_8_0-ibm to version 8.0.5.30 fixes the following issues:

Security issues fixed: 	  

- CVE-2019-2422: Fixed a memory disclosure in FileChannelImpl (bsc#1122293).
- CVE-2018-11212: Fixed an issue in alloc_sarray function in jmemmgr.c (bsc#1122299).
- CVE-2018-1890: Fixed a local privilege escalation via RPATHs (bsc#1128158).
- CVE-2019-2449: Fixed a vulnerabilit which could allow remote atackers to delete arbitrary files (bsc#1122292). 

More information: https://www-01.ibm.com/support/docview.wss?uid=ibm10873332

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:600-1
Released:    Tue Mar 12 18:40:17 2019
Summary:     Security update for openssl-1_0_0
Type:        security
Severity:    moderate
References:  1117951,1127080,CVE-2019-1559
This update for openssl-1_0_0 fixes the following issues:

Security issues fixed: 

- The 9 Lives of Bleichenbacher's CAT: Cache Attacks on TLS Implementations (bsc#1117951)
- CVE-2019-1559: Fixed OpenSSL 0-byte Record Padding Oracle which under certain circumstances
  a TLS server can be forced to respond differently to a client and lead to the decryption of the data (bsc#1127080).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:605-1
Released:    Wed Mar 13 12:40:48 2019
Summary:     Recommended update for azure-li-services
Type:        recommended
Severity:    moderate
References:  1127923,1127924

This update for azure-li-services to version 1.1.27 provides the following:

- Azure Large instances password reset and MAC based ifnames support (bsc#1127924)
- Azure Very Large instances support for bonding  (bsc#1127924)
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:608-1
Released:    Wed Mar 13 15:21:02 2019
Summary:     Recommended update for cups
Type:        recommended
Severity:    moderate
References:  1118118
This update for cups fixes the following issues:

- Fixed validation of UTF-8 filenames to avoid crashes (bsc#1118118)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:619-1
Released:    Fri Mar 15 15:38:37 2019
Summary:     Security update for wireshark
Type:        security
Severity:    moderate
References:  1127367,1127369,1127370,CVE-2019-9208,CVE-2019-9209,CVE-2019-9214
This update for wireshark to version 2.4.13 fixes the following issues:

Security issues fixed:

- CVE-2019-9214: Avoided a dereference of a null coversation which could make RPCAP 
  dissector crash (bsc#1127367).
- CVE-2019-9209: Fixed a buffer overflow in time values which could make ASN.1 BER 
  and related dissectors crash (bsc#1127369).
- CVE-2019-9208: Fixed a null pointer dereference which could make TCAP dissector 
  crash (bsc#1127370).

Release notes: https://www.wireshark.org/docs/relnotes/wireshark-2.4.13.html

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:637-1
Released:    Tue Mar 19 09:26:52 2019
Summary:     Security update for libssh2_org
Type:        security
Severity:    moderate
References:  1128471,1128472,1128474,1128476,1128480,1128481,1128490,1128492,1128493,CVE-2019-3855,CVE-2019-3856,CVE-2019-3857,CVE-2019-3858,CVE-2019-3859,CVE-2019-3860,CVE-2019-3861,CVE-2019-3862,CVE-2019-3863
This update for libssh2_org fixes the following issues:

Security issues fixed:	  

- CVE-2019-3861: Fixed Out-of-bounds reads with specially crafted SSH packets (bsc#1128490).
- CVE-2019-3862: Fixed Out-of-bounds memory comparison with specially crafted message channel request packet (bsc#1128492).
- CVE-2019-3860: Fixed Out-of-bounds reads with specially crafted SFTP packets (bsc#1128481).
- CVE-2019-3863: Fixed an Integer overflow in user authenicate keyboard interactive which could allow out-of-bounds writes 
  with specially crafted keyboard responses (bsc#1128493).
- CVE-2019-3856: Fixed a potential Integer overflow in keyboard interactive handling which could allow out-of-bounds write 
  with specially crafted payload (bsc#1128472).
- CVE-2019-3859: Fixed Out-of-bounds reads with specially crafted payloads due to unchecked use of _libssh2_packet_require 
  and _libssh2_packet_requirev (bsc#1128480).
- CVE-2019-3855: Fixed a potential Integer overflow in transport read which could allow out-of-bounds write with specially 
  crafted payload (bsc#1128471).
- CVE-2019-3858: Fixed a potential zero-byte allocation which could lead to an out-of-bounds read with a specially crafted 
  SFTP packet (bsc#1128476).
- CVE-2019-3857: Fixed a potential Integer overflow which could lead to zero-byte allocation and out-of-bounds with specially 
  crafted message channel request SSH packet (bsc#1128474).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:654-1
Released:    Wed Mar 20 10:29:13 2019
Summary:     Security update for openwsman
Type:        security
Severity:    important
References:  1092206,1122623,CVE-2019-3816,CVE-2019-3833
This update for openwsman fixes the following issues:

Security issues fixed:

- CVE-2019-3816: Fixed a vulnerability in openwsmand deamon which could lead to arbitary file disclosure (bsc#1122623).
- CVE-2019-3833: Fixed a vulnerability in process_connection() which could allow an attacker to trigger an infinite
  loop which leads to Denial of Service (bsc#1122623).

Other issues addressed:
  
- Added OpenSSL 1.1 compatibility
- Compilation in debug mode fixed
- Directory listing without authentication fixed (bsc#1092206).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:707-1
Released:    Fri Mar 22 13:32:07 2019
Summary:     Security update for unzip
Type:        security
Severity:    moderate
References:  1110194,CVE-2018-18384
This update for unzip fixes the following issues:

- CVE-2018-18384: Fixed a buffer overflow when listing archives (bsc#1110194)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:718-1
Released:    Fri Mar 22 16:50:25 2019
Summary:     Security update for ghostscript
Type:        security
Severity:    important
References:  1129186,CVE-2019-3838
This update for ghostscript fixes the following issue:

Security issue fixed:

- CVE-2019-3838: Fixed a vulnerability which made forceput operator in DefineResource to be still accessible
  which could allow access to file system outside of the constraints of -dSAFER (bsc#1129186).


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:720-1
Released:    Fri Mar 22 16:53:55 2019
Summary:     Security update for libgxps
Type:        security
Severity:    moderate
References:  1092125,CVE-2018-10733
This update for libgxps fixes the following issues:

- CVE-2018-10733: Fixed a heap-based buffer over-read issue in ft_font_face_hash (bsc#1092125).


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:748-1
Released:    Tue Mar 26 14:35:56 2019
Summary:     Security update for libmspack
Type:        security
Severity:    moderate
References:  1113038,1113039,CVE-2018-18584,CVE-2018-18585
This update for libmspack fixes the following issues:

Security issues fixed:

- CVE-2018-18584: The CAB block input buffer was one byte too small for the maximal Quantum block, leading to an out-of-bounds write. (bsc#1113038)
- CVE-2018-18585: chmd_read_headers accepted a filename that has '\0' as its first or second character (such as the '/\0' name). (bsc#1113039)
- Fix off-by-one bounds check on CHM PMGI/PMGL chunk numbers and reject empty filenames.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:772-1
Released:    Wed Mar 27 10:37:12 2019
Summary:     Security update for wavpack
Type:        security
Severity:    moderate
References:  1120929,1120930,CVE-2018-19840,CVE-2018-19841
This update for wavpack fixes the following issues:

Security issues fixed:

- CVE-2018-19840: Fixed a denial-of-service in the WavpackPackInit function from pack_utils.c (bsc#1120930)
- CVE-2018-19841: Fixed a denial-of-service in the WavpackVerifySingleBlock function from open_utils.c (bsc#1120929)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:777-1
Released:    Wed Mar 27 12:23:34 2019
Summary:     Security update for ntp
Type:        security
Severity:    moderate
References:  1128525,CVE-2019-8936
This update for ntp fixes the following issues:

Security issue fixed: 	  

- CVE-2019-8936: Fixed a null pointer exception which could allow an authenticated attcker to cause 
  segmentation fault to ntpd (bsc#1128525).

Other issues addressed:

- Fixed several bugs in the BANCOMM reclock driver.
- Fixed ntp_loopfilter.c snprintf compilation warnings.
- Fixed spurious initgroups() error message.
- Fixed STA_NANO struct timex units.
- Fixed GPS week rollover in libparse.
- Fixed incorrect poll interval in packet.
- Added a missing check for ENABLE_CMAC.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:786-1
Released:    Thu Mar 28 11:21:38 2019
Summary:     Security update for tiff
Type:        security
Severity:    moderate
References:  1108606,1115717,1121626,1125113,CVE-2018-17000,CVE-2018-19210,CVE-2019-6128,CVE-2019-7663
This update for tiff fixes the following issues:

Security issues fixed:

- CVE-2018-19210: Fixed a NULL pointer dereference in TIFFWriteDirectorySec function (bsc#1115717).     
- CVE-2018-17000: Fixed a NULL pointer dereference in the _TIFFmemcmp function (bsc#1108606).
- CVE-2019-6128: Fixed a memory leak in the TIFFFdOpen function in tif_unix.c (bsc#1121626).
- CVE-2019-7663: Fixed an invalid address dereference in the
  TIFFWriteDirectoryTagTransfer function in libtiff/tif_dirwrite.c (bsc#1125113)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:788-1
Released:    Thu Mar 28 11:55:06 2019
Summary:     Security update for sqlite3
Type:        security
Severity:    moderate
References:  1119687,CVE-2018-20346
This update for sqlite3 to version 3.27.2 fixes the following issue:

Security issue fixed: 

- CVE-2018-20346: Fixed a remote code execution vulnerability in FTS3 (Magellan) (bsc#1119687).

Release notes: https://www.sqlite.org/releaselog/3_27_2.html

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:790-1
Released:    Thu Mar 28 12:06:17 2019
Summary:     Recommended update for timezone
Type:        recommended
Severity:    moderate
References:  1130557
This update for timezone fixes the following issues:

timezone was updated 2019a:

* Palestine 'springs forward' on 2019-03-30 instead of 2019-03-23
* Metlakatla 'fell back' to rejoin Alaska Time on 2019-01-20 at 02:00
* Israel observed DST in 1980 (08-02/09-13) and 1984 (05-05/08-25)
* zic now has an -r option to limit the time range of output data


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:806-1
Released:    Fri Mar 29 13:16:51 2019
Summary:     Security update for sysstat
Type:        security
Severity:    low
References:  1117001,1117260,CVE-2018-19416,CVE-2018-19517
This update for sysstat fixes the following issues:

Security issues fixed:

- CVE-2018-19416: Fixed out-of-bounds read during a memmove call inside the remap_struct function (bsc#1117001).
- CVE-2018-19517: Fixed out-of-bounds read during a memset call inside the remap_struct function (bsc#1117260).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:855-1
Released:    Wed Apr  3 11:49:58 2019
Summary:     Security update for netpbm
Type:        security
Severity:    moderate
References:  1086777,CVE-2018-8975
This update for netpbm fixes the following issues:

- CVE-2018-8975: The pm_mallocarray2 function allowed remote attackers to cause
  a denial of service (heap-based buffer over-read) via a crafted image file
  (bsc#1086777).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:861-1
Released:    Wed Apr  3 16:09:41 2019
Summary:     Security update for clamav
Type:        security
Severity:    important
References:  1130721,CVE-2019-1787,CVE-2019-1788,CVE-2019-1789
This update for clamav to version 0.100.3 fixes the following issues:

Security issues fixed (bsc#1130721): 	  

- CVE-2019-1787: Fixed an out-of-bounds heap read condition which may occur
  when scanning PDF documents.   
- CVE-2019-1789: Fixed an out-of-bounds heap read condition which may occur
  when scanning PE files (i.e. Windows EXE and DLL files).
- CVE-2019-1788: Fixed an out-of-bounds heap write condition which may occur
  when scanning OLE2 files such as Microsoft Office 97-2003 documents. 

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:869-1
Released:    Thu Apr  4 11:46:13 2019
Summary:     Recommended update for mariadb-connector-c
Type:        recommended
Severity:    moderate
References:  1126088
This update for mariadb-connector-c fixes the following issues:

- Bugfix: libmariadb.pc installed in seemingly wrong location (bsc#1126088)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:887-1
Released:    Fri Apr  5 07:55:32 2019
Summary:     Recommended update for zypper-docker
Type:        recommended
Severity:    moderate
References:  1018823,1022052,1097442,1098017

This update for zypper-docker to version 2.0.0 contains the following changes:

Features:

  * Allow inspection of stopped containers
    Using zypper-docker luc,lpc or pchkc on a stopped container is now possible.
  * Analyze container instead of base image by default
    Note: This is a backwards incompatible change. If the base image of a
    container needs to be analyzed, which was the former default a new --base
    flag can be used. 
    e.g. zypper-docker pchkc --base <Container-ID>

Minor Improvements / Fixes:

  * Add short forms of commands to help section (bsc#1022052)
  * Fix bug that caused images not to be removed properly in some cases
  * Fix bug that caused lpc command to log to stdout
  * Fix bug that caused force flag not to work with zypper-docker images
  * Fix zypper-docker ps command
  * Fix bug with zypper-docker up/patch --no-recommends
  * Fix update behavior when getting a zypper update

Other:

  * Update and use zypper exit codes (bsc#1018823)
  * Support recent version of the docker API

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:895-1
Released:    Mon Apr  8 10:58:32 2019
Summary:     Recommended update for speech-dispatcher
Type:        recommended
Severity:    moderate
References:  1129586
This update for speech-dispatcher fixes the following issues:

- set includedir to fix the entries in the pkg-config file
  (bsc#1129586) 

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:905-1
Released:    Mon Apr  8 16:48:02 2019
Summary:     Recommended update for gcc
Type:        recommended
Severity:    moderate
References:  1096008
This update for gcc fixes the following issues:

- Fix gcc-PIE spec to properly honor -no-pie at link time. (bsc#1096008)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:917-1
Released:    Tue Apr  9 13:08:12 2019
Summary:     Security update for SDL
Type:        security
Severity:    moderate
References:  1124799,1124800,1124802,1124803,1124805,1124806,1124824,1124825,1124826,1124827,1125099,CVE-2019-7572,CVE-2019-7573,CVE-2019-7574,CVE-2019-7575,CVE-2019-7576,CVE-2019-7577,CVE-2019-7578,CVE-2019-7635,CVE-2019-7636,CVE-2019-7637,CVE-2019-7638
This update for SDL fixes the following issues:

Security issues fixed:	  

- CVE-2019-7572: Fixed a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c.(bsc#1124806).
- CVE-2019-7578: Fixed a heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c (bsc#1125099).
- CVE-2019-7576: Fixed heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (bsc#1124799).
- CVE-2019-7573: Fixed a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (bsc#1124805).
- CVE-2019-7635: Fixed a heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c. (bsc#1124827).
- CVE-2019-7636: Fixed a heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c (bsc#1124826).
- CVE-2019-7638: Fixed a heap-based buffer over-read in Map1toN in video/SDL_pixels.c (bsc#1124824).
- CVE-2019-7574: Fixed a heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c (bsc#1124803).
- CVE-2019-7575: Fixed a heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c (bsc#1124802).
- CVE-2019-7637: Fixed a heap-based buffer overflow in SDL_FillRect function in SDL_surface.c (bsc#1124825).
- CVE-2019-7577: Fixed a buffer over read in SDL_LoadWAV_RW in audio/SDL_wave.c (bsc#1124800).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:919-1
Released:    Tue Apr  9 15:47:42 2019
Summary:     Security update for blktrace
Type:        security
Severity:    low
References:  1091942,CVE-2018-10689
This update for blktrace fixes the following issues:

- CVE-2018-10689: Prevent buffer overflow in the dev_map_read function because
  the device and devno arrays were too small (bsc#1091942)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:920-1
Released:    Tue Apr  9 16:52:38 2019
Summary:     Security update for flac
Type:        security
Severity:    low
References:  1091045,CVE-2017-6888
This update for flac fixes the following issues:

- CVE-2017-6888: An error in the 'read_metadata_vorbiscomment_()' function could be exploited to cause a memory leak via a specially crafted FLAC file (bsc#1091045).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:925-1
Released:    Wed Apr 10 16:32:50 2019
Summary:     Security update for wget
Type:        security
Severity:    important
References:  1131493,CVE-2019-5953
This update for wget fixes the following issues:

Security issue fixed:

- CVE-2019-5953: Fixed a buffer overflow vulnerability which might cause code execution (bsc#1131493).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:926-1
Released:    Wed Apr 10 16:33:12 2019
Summary:     Security update for tar
Type:        security
Severity:    moderate
References:  1120610,1130496,CVE-2018-20482,CVE-2019-9923
This update for tar fixes the following issues:

Security issues fixed:

- CVE-2019-9923: Fixed a denial of service while parsing certain archives with malformed extended headers in pax_decode_header() (bsc#1130496).
- CVE-2018-20482: Fixed a denial of service when the '--sparse' option mishandles file shrinkage during read access (bsc#1120610).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:940-1
Released:    Fri Apr 12 13:20:03 2019
Summary:     Security update for audiofile
Type:        security
Severity:    low
References:  1100523,CVE-2018-13440
This update for audiofile fixes the following issues:

Security issue fixed:

- CVE-2018-13440: Return AF_FAIL instead of causing NULL pointer dereferences later (bsc#1100523).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:954-1
Released:    Tue Apr 16 13:05:59 2019
Summary:     Security update for openexr
Type:        security
Severity:    low
References:  1113455,CVE-2018-18444
This update for openexr fixes the following issues:

Security issue fixed:

- CVE-2018-18444: Fixed Out-of-bounds write in makeMultiView.cpp (bsc#1113455).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:1001-1
Released:    Wed Apr 24 09:41:15 2019
Summary:     Security update for ntfs-3g_ntfsprogs
Type:        security
Severity:    moderate
References:  1130165,CVE-2019-9755
This update for ntfs-3g_ntfsprogs fixes the following issues:

Security issues fixed:

- CVE-2019-9755: Fixed a heap-based buffer overflow which could lead to local privilege escalation (bsc#1130165).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:1018-1
Released:    Wed Apr 24 13:02:28 2019
Summary:     Security update for jasper
Type:        security
Severity:    moderate
References:  1010783,1117505,1117511,CVE-2016-9396,CVE-2018-19539,CVE-2018-19542
This update for jasper fixes the following issues:

Security issues fixed:

- CVE-2018-19542: Fixed a denial of service in jp2_decode (bsc#1117505).
- CVE-2018-19539: Fixed a denial of service in jas_image_readcmpt (bsc#1117511).
- CVE-2016-9396: Fixed a denial of service in jpc_cox_getcompparms (bsc#1010783).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1022-1
Released:    Wed Apr 24 13:46:51 2019
Summary:     Recommended update for hwdata
Type:        recommended
Severity:    moderate
References:  1121410
This update for hwdata fixes the following issues:

Update to version 0.320 (bsc#1121410):

- Updated the pci, usb and vendor ids vendor and product databases.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1034-1
Released:    Thu Apr 25 13:39:50 2019
Summary:     Recommended update for docker-runc
Type:        recommended
Severity:    important
References:  1131314,1131553
This update for docker-runc fixes the following issues:

- Backport various upstream patches to fix some kernel regression related to
  O_TMPFILE. bsc#1131314 bsc#1131553


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:1036-1
Released:    Thu Apr 25 14:53:44 2019
Summary:     Security update for wireshark
Type:        security
Severity:    moderate
References:  1131945,CVE-2019-10894,CVE-2019-10895,CVE-2019-10896,CVE-2019-10899,CVE-2019-10901,CVE-2019-10903
This update for wireshark to version 2.4.14 fixes the following issues:

Security issues fixed:

- CVE-2019-10895: NetScaler file parser crash.
- CVE-2019-10899: SRVLOC dissector crash.
- CVE-2019-10894: GSS-API dissector crash.
- CVE-2019-10896: DOF dissector crash.
- CVE-2019-10901: LDSS dissector crash.
- CVE-2019-10903: DCERPC SPOOLSS dissector crash.

Non-security issue fixed:

- Update to version 2.4.14 (bsc#1131945).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:1040-1
Released:    Thu Apr 25 17:09:21 2019
Summary:     Security update for samba
Type:        security
Severity:    important
References:  1114407,1124223,1125410,1126377,1131060,1131686,CVE-2019-3880
This update for samba fixes the following issues:

Security issue fixed:

- CVE-2019-3880: Fixed a path/symlink traversal vulnerability, which allowed an unprivileged user to save registry files outside a share (bsc#1131060).


ldb was updated to version 1.2.4 (bsc#1125410 bsc#1131686):

- Out of bound read in ldb_wildcard_compare
- Hold at most 10 outstanding paged result cookies
- Put 'results_store' into a doubly linked list
- Refuse to build Samba against a newer minor version of ldb


Non-security issues fixed:

- Fixed update-apparmor-samba-profile script after apparmor switched to using named profiles (bsc#1126377).
- Abide to the load_printers parameter in smb.conf (bsc#1124223).
- Provide the 32bit samba winbind PAM module and its dependend 32bit libraries.
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:1052-1
Released:    Fri Apr 26 14:33:42 2019
Summary:     Security update for java-11-openjdk
Type:        security
Severity:    moderate
References:  1132728,1132732,CVE-2019-2602,CVE-2019-2684
This update for java-11-openjdk to version 11.0.3+7 fixes the following issues:

Security issues fixed:

- CVE-2019-2602: Fixed excessive use of CPU time in the BigDecimal implementation (bsc#1132728).
- CVE-2019-2684: Fixed a flaw in the RMI registry implementation which could lead to selection of an incorrect skeleton class (bsc#1132732).

Non-security issues fixed:

- Multiple bug fixes and improvements.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:1059-1
Released:    Sat Apr 27 09:44:01 2019
Summary:     Security update for libssh2_org
Type:        security
Severity:    important
References:  1130103,1133528,CVE-2019-3859
This update for libssh2_org fixes the following issues:

  - Incorrect upstream fix for CVE-2019-3859 broke public key authentication [bsc#1133528, bsc#1130103]


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:1090-1
Released:    Mon Apr 29 14:32:33 2019
Summary:     Security update for rubygem-actionpack-5_1
Type:        security
Severity:    moderate
References:  1129271,1129272,CVE-2019-5418,CVE-2019-5419
This update for rubygem-actionpack-5_1 fixes the following issues:

Security issues fixed: 

- CVE-2019-5418: Fixed a file content disclosure vulnerability in Action View which
  could be exploited via specially crafted accept headers in combination with calls
  to render file (bsc#1129272).
- CVE-2019-5419: Fixed a resource exhaustion issue in Action View which could make
  the server unable to process requests (bsc#1129271).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1105-1
Released:    Tue Apr 30 12:10:58 2019
Summary:     Recommended update for gcc7
Type:        recommended
Severity:    moderate
References:  1084842,1114592,1124644,1128794,1129389,1131264,SLE-6738
This update for gcc7 fixes the following issues:

Update to gcc-7-branch head (r270528).

- Disables switch jump-tables when retpolines are used. This restores
  some lost performance for kernel builds with retpolines.  (bsc#1131264,
  jsc#SLE-6738)
- Fix ICE compiling tensorflow on aarch64. (bsc#1129389)
- Fix for aarch64 FMA steering pass use-after-free. (bsc#1128794)
- Fix for s390x FP load-and-test issue. (bsc#1124644)
- Improve build reproducability by disabling address-space randomization
  during build.
- Adjust gnat manual entries in the info directory. (bsc#1114592)
- Includes fix to no longer try linking -lieee with -mieee-fp. (bsc#1084842)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1113-1
Released:    Tue Apr 30 14:08:42 2019
Summary:     Recommended update for python-pycurl
Type:        recommended
Severity:    moderate
References:  1128355
This update for python-pycurl fixes the following issues:

- bsc#1128355: update to the Factory package to get multibuild and
  better working tests.

- Update to 7.43.0.2:
        * Added perform_rb and perform_rs methods to Curl objects to
          return response body as byte string and string, respectively.
        * Added OPT_COOKIELIST constant for consistency with other
          option constants.
        * PycURL is now able to report errors triggered by libcurl
          via CURLOPT_FAILONERROR mechanism when the error messages are
          not decodable in Python's default encoding (GitHub issue #259).
        * Added getinfo_raw method to Curl objects to return byte strings
          as is from libcurl without attempting to decode them
          (GitHub issue #493).
        * When adding a Curl easy object to CurlMulti via add_handle,
          the easy objects now have their reference counts increased so that
          the application is no longer required to keep references to them
          to keep them from being garbage collected (GitHub issue #171).
        * PycURL easy, multi and share objects can now be weak referenced.
        * set_ca_certs now accepts byte strings as it should have been
          all along.
        * Use OpenSSL 1.1 and 1.0 specific APIs for controlling thread locks
          depending on OpenSSL version (patch by Vitaly Murashev).
        * Fixed a crash when closesocket callback failed (patch by
          Gisle Vanem and toddrme2178).
        * Added CURLOPT_PROXY_SSLCERT, CURLOPT_PROXY_SSLCERTTYPE,
          CURLOPT_PROXY_SSLKEY, CURLOPT_PROXY_SSLKEYTYPE,
          CURLOPT_PROXY_SSL_VERIFYPEER (libcurl 7.52.0+,
          patch by Casey Miller).
        * Added CURLOPT_PRE_PROXY (libcurl 7.52.0+, patch by ziggy).
        * Added SOCKET_BAD constant and it is now recognized as a valid
          return value from OPENSOCKET callback.


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:1127-1
Released:    Thu May  2 09:39:24 2019
Summary:     Security update for sqlite3
Type:        security
Severity:    moderate
References:  1130325,1130326,CVE-2019-9936,CVE-2019-9937
This update for sqlite3 to version 3.28.0 fixes the following issues:

Security issues fixed:

- CVE-2019-9936: Fixed a heap-based buffer over-read, when running fts5 prefix
  queries inside transaction (bsc#1130326).
- CVE-2019-9937: Fixed a denial of service related to interleaving reads and writes in
  a single transaction with an fts5 virtual table (bsc#1130325).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1130-1
Released:    Thu May  2 13:07:59 2019
Summary:     Recommended update for azure-li-services
Type:        recommended
Severity:    moderate
References:  1125372,1125373

This update for azure-li-services fixes the following issues:

- Create /etc/sysconfig/sbd configuration

  Write /etc/sysconfig/sbd which contains the disk device
  name used to initialize the SBD device

- Add support for iSCSI SBD device setup

  In a new an optional stonith section the configuration for
  the iSCSI initiator and ip address can be setup. Once present
  the process to setup the iSCSI initiator as well as the
  device discovery is started. (bsc#1125373 and bsc#1125372)
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1134-1
Released:    Thu May  2 17:57:27 2019
Summary:     Recommended update for quota
Type:        recommended
Severity:    moderate
References:  1131513,SLE-5734
This update for quota fixes the following issues:

Quota was updated to 4.05 release jsc#SLE-5734 bsc#1131513:

* This release includes mostly various smaller cleanups and fixes in various areas.
* Most visible changes are addition of f2fs and exfs among recognized filesystems.

* Remove quot binary functionality could be achieved by using
  repquota instead

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1152-1
Released:    Fri May  3 18:06:09 2019
Summary:     Recommended update for java-11-openjdk
Type:        recommended
Severity:    moderate
References:  1131378
This update for java-11-openjdk fixes the following issues:

- Require update-ca-certificates by the headless subpackage
  (bsc#1131378)
- Removed a font rendering patch with broke related to other font changes.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:1156-1
Released:    Mon May  6 13:46:07 2019
Summary:     Security update for python-Jinja2
Type:        security
Severity:    important
References:  1125815,1132174,1132323,CVE-2016-10745,CVE-2019-10906,CVE-2019-8341
This update for python-Jinja2 to version 2.10.1 fixes the following issues:

Security issues fixed:

- CVE-2019-8341: Fixed a command injection in from_string() (bsc#1125815).
- CVE-2019-10906: Fixed a sandbox escape due to information disclosure via str.format (bsc#1132323).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1176-1
Released:    Tue May  7 16:19:23 2019
Summary:     Recommended update for rpmlint
Type:        recommended
Severity:    moderate
References:  1132530
This update for rpmlint fixes the following issues:

- fix rpmlint-tests build by reverting changes to reference output that do not
  apply on SLE15 (bsc#1132530)
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1199-1
Released:    Fri May 10 07:44:05 2019
Summary:     Recommended update for nvmetcli
Type:        recommended
Severity:    moderate
References:  1130981
This update for nvmetcli fixes the following issues:

- Add ANA support to nvmetcli (bsc#1130981)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:1211-1
Released:    Fri May 10 14:09:09 2019
Summary:     Security update for java-1_8_0-openjdk
Type:        security
Severity:    important
References:  1132728,1132729,1132732,1133135,CVE-2018-3639,CVE-2019-2602,CVE-2019-2684,CVE-2019-2698
This update for java-1_8_0-openjdk to version 8u212 fixes the following issues:

Security issues fixed:

- CVE-2019-2602: Better String parsing (bsc#1132728).
- CVE-2019-2684: More dynamic RMI interactions (bsc#1132732).
- CVE-2019-2698: Fuzzing TrueType fonts - setCurrGlyphID() (bsc#1132729).
- CVE-2018-3639: fix revision to prefer PR_SPEC_DISABLE_NOEXEC to PR_SPEC_DISABLE

Non-Security issue fixed:

- Disable LTO (bsc#1133135).
- Added Japanese new era name.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1229-1
Released:    Tue May 14 11:05:55 2019
Summary:     Recommended update for sensors
Type:        recommended
Severity:    moderate
References:  1108468,1116021
This update for sensors fixes the following issues:

sensors was updated to version 3.5.0:

The following changes were done:

+ soname was bumped due to commit dcf2367 which introduced an ABI change.
  (This was reverted for the SUSE packages, as it was not necessary)

+ Fixed disappearance of certain hwmon chips with 4.19+ kernels (bsc#1116021).
+ Add the find-driver script for debugging.
+ Various documentation and man page improvements.
+ Fix various issues found by Coverity Scan.
+ Updated links in documentation to reflect the new home of lm_sensors.
+ sensors.1: Add reference to sensors-detect and document -j option (json output).
+ sensors: Add support for json output, add support for power
  min, lcrit, min_alarm, lcrit_alarm.
+ sensors-detect changes:

  * Fix systemd paths.
  * Add detection of Fintek F81768.
  * Only probe I/O ports on x86.
  * Add detection of Nuvoton NCT6793D.
  * Add detection of Microchip MCP9808.
  * Mark F71868A as supported by the f71882fg driver.
  * Mark F81768D as supported by the f71882fg driver.
  * Mark F81866D as supported by the f71882fg driver.
  * Add detection of various ITE chips.
  * Add detection of Nuvoton NCT6795D.
  * Add detection of DDR4 SPD.
  * Add detection of ITE IT8987D.
  * Add detection of AMD Family 17h temperature sensors.
  * Add detection of AMD KERNCZ SMBus controller.
  * Add detection of various Intel SMBus controllers.
  * Add detection of Giantec GT30TS00.
  * Add detection of ONS CAT34TS02C and CAT34TS04.
  * Add detection of AMD Family 15h Model 60+ temperature
    sensors.
  * Add detection of Nuvoton NCT6796D.
  * Add detection of AMD Family 15h Model 70+ temperature
    sensors.

+ configs: Add sample configuration files.
+ sensors.conf.default:

  * Add hardwired inputs of NCT6795D
  * Add hardwired inputs of F71868A
  * Add hardwired NCT6796D inputs

+ vt1211_pwm: replaced deprecated sub shell syntax, run with
  bash instead of sh.
+ pwmconfig: replaced deprecated sub shell syntax.
+ fancontrol: replaced deprecated sub shell syntax, save
  original pwm values.
+ fancontrol.8: replaced deprecated sub shell syntax.
+ libsensors:

  * Add support for SENSORS_BUS_TYPE_SCSI, add support
    for power min, lcrit, min_alarm, lcrit_alarm.
  * Handle hwmon device with thermal device parent (bsc#1108468).

- Undo unnecessary libsensors version bump.
- Undo the SENSORS_API_VERSION change, to stay source-compatible with
  upstream.


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:1234-1
Released:    Tue May 14 18:31:52 2019
Summary:     Security update for containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork
Type:        security
Severity:    important
References:  1114209,1114832,1118897,1118898,1118899,1121397,1121967,1123013,1128376,1128746,1134068,CVE-2018-16873,CVE-2018-16874,CVE-2018-16875,CVE-2019-5736,CVE-2019-6486
This update for containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork fixes the following issues:

Security issues fixed:

- CVE-2019-5736: containerd: Fixing container breakout vulnerability (bsc#1121967).
- CVE-2019-6486: go security release, fixing crypto/elliptic CPU DoS vulnerability affecting P-521 and P-384 (bsc#1123013).
- CVE-2018-16873: go secuirty release, fixing cmd/go remote command execution (bsc#1118897).
- CVE-2018-16874: go security release, fixing cmd/go directory traversal (bsc#1118898).
- CVE-2018-16875: go security release, fixing crypto/x509 CPU denial of service (bsc#1118899).

Other changes and bug fixes:

- Update to containerd v1.2.5, which is required for v18.09.5-ce (bsc#1128376, bsc#1134068).
- Update to runc 2b18fe1d885e, which is required for Docker v18.09.5-ce (bsc#1128376, bsc#1134068).
- Update to Docker 18.09.5-ce see upstream changelog in the packaged (bsc#1128376, bsc#1134068).
- docker-test: Improvements to test packaging (bsc#1128746).
- Move daemon.json file to /etc/docker directory (bsc#1114832).
- Revert golang(API) removal since it turns out this breaks >= requires in certain cases (bsc#1114209).
- Fix go build failures (bsc#1121397).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1282-1
Released:    Fri May 17 13:14:19 2019
Summary:     Recommended update for azure-li-services
Type:        recommended
Severity:    moderate
References:  1133162

This update for azure-li-services to 1.1.31 fixes the following issues:


- Umount LUN only on cleanup

  If one service(A) needs the LUN and another service(B) that needs
  the LUN too runs in parallel a potential race condition exists
  in a way the service A could have umounted the LUN exactly at
  a time service B accesses it. Thus this patch changes the
  services such that only the last service, the cleanup service
  umounts the LUN.

- Load softdog module when STONITH is set up

  It loads the module and make the load boot persistant

- Fixup system-setup service dependencies

  The setup of the stonith SBD device requires the network
  to be up beforehand because the target is an iSCSI endpoint.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:1291-1
Released:    Mon May 20 09:57:16 2019
Summary:     Security update for transfig
Type:        security
Severity:    low
References:  1106531,CVE-2018-16140
This update for transfig fixes the following issues:

Security issue fixed:

- CVE-2018-16140: Fixed a buffer underwrite vulnerability in get_line() in
  read.c, which allowed an attacker to write prior to the beginning of the
  buffer via specially crafted .fig file (bsc#1106531)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1302-1
Released:    Tue May 21 13:05:02 2019
Summary:     Recommended update for monitoring-plugins
Type:        recommended
Severity:    moderate
References:  1132350,1132903,1133107
This update for monitoring-plugins fixes the following issues:

- update AppArmor profiles for usrMerge (related to bsc#1132350)
  - grep in check_cups
  - ps in check_procs and check_procs.sle15

- update usr.lib.nagios.plugins.check_procs to bash in /usr

- support IPv4 ping for dual stacked host again (bsc#1132903)

- update usr.lib.nagios.plugins.check_procs again for sle15
  and above so that ptrace is allowed (bsc#1133107)

- add /etc/nrpe.d/*.cfg snipplets

- copy usr.lib.nagios.plugins.check_procs as
  usr.lib.nagios.plugins.check_procs.sle15 and use that for sle15
  and above. 'ptrace' to enable ptrace globally is needed here.


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:1308-1
Released:    Tue May 21 18:35:23 2019
Summary:     Security update for java-1_8_0-ibm
Type:        security
Severity:    important
References:  1132728,1132729,1132732,1132734,1134718,CVE-2019-10245,CVE-2019-2602,CVE-2019-2684,CVE-2019-2697,CVE-2019-2698
This update for java-1_8_0-ibm fixes the following issues:

Update to Java 8.0 Service Refresh 5 Fix Pack 35.

Security issues fixed:

- CVE-2019-10245: Fixed Java bytecode verifier issue causing crashes (bsc#1134718).
- CVE-2019-2698: Fixed out of bounds access flaw in the 2D component (bsc#1132729).
- CVE-2019-2697: Fixed flaw inside the 2D component (bsc#1132734).
- CVE-2019-2602: Fixed flaw inside BigDecimal implementation (Component: Libraries) (bsc#1132728).
- CVE-2019-2684: Fixed flaw was found in the RMI registry implementation (bsc#1132732).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1318-1
Released:    Thu May 23 12:45:16 2019
Summary:     Recommended update for orc
Type:        recommended
Severity:    moderate
References:  1130085
This update for orc does not fix any customer visible issues and does only
address an issue with its test suite (bsc#1130085)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1327-1
Released:    Thu May 23 18:09:53 2019
Summary:     Recommended update for speech-dispatcher
Type:        recommended
Severity:    moderate
References:  1129586
This update for speech-dispatcher fixes the following issues:

- Remove a work-around that was necessary in previous versions but since
  speech-dispatcher 0.8.4 no longer is. (bsc#1129586)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1328-1
Released:    Thu May 23 18:10:08 2019
Summary:     Recommended update for lifecycle-data-sle-module-live-patching
Type:        recommended
Severity:    moderate
References:  1020320
This update for lifecycle-data-sle-module-live-patching fixes the following issues:

- Added data for 4_12_14-150_14. (bsc#1020320)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:1340-1
Released:    Fri May 24 12:57:31 2019
Summary:     Security update for libu2f-host
Type:        security
Severity:    low
References:  1124781,CVE-2018-20340
This update for libu2f-host fixes the following issues:
	  
Security issue fixed: 

- CVE-2018-20340: Fixed an unchecked buffer, which could allow a buffer overflow 
  with a custom made malicious USB device (bsc#1124781).
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1343-1
Released:    Fri May 24 13:58:40 2019
Summary:     Recommended update for google-compute-engine
Type:        recommended
Severity:    moderate
References:  1128392,1134179
This update for google-compute-engine fixes the following issues:

google-compute-engine was updated to version 20190416 (bsc#1128392, bsc#1134179):

- Google Compute Engine OS Login

  * Fix pam_group ordering detection.
  * Restart cron from the OS Login control file.
  * Add PAM entry to su:account stack.

Update to version 20190315:

- Google Compute Engine OS Login

  * Fix alternate challenge section for two factor authentication.

Update to version 20190304:

- Google Compute Engine

  * Set oom_score_adjust for google_accounts_daemon.

- Google Compute Engine OS Login

  * Use pam_group to provide users with default groups.
  * Add compat.h to support FreeBSD.
  * Exit immediately after a two factor authentication failure.
  * Add support for Google phone prompt challenges.

- Include systemd service file to run google_optimize_local_ssd command
- Include systemd service file to run google_set_multiqueue command
- Install journald configuration files into /usr/lib/systemd/journald.conf.d

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1367-1
Released:    Tue May 28 12:41:43 2019
Summary:     Recommended update for tcsh
Type:        recommended
Severity:    moderate
References:  1129112
This update for tcsh fixes the following issues:

- Incorrect postcmd handling could have caused miscalculation of a while loop start
  resulting in an infinite loop (bsc#1129112)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:1368-1
Released:    Tue May 28 13:15:38 2019
Summary:     Recommended update for sles12sp3-docker-image, sles12sp4-image, system-user-root
Type:        security
Severity:    important
References:  1134524,CVE-2019-5021
This update for sles12sp3-docker-image, sles12sp4-image, system-user-root fixes the following issues:

- CVE-2019-5021: Include an invalidated root password by default, not an empty one (bsc#1134524)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:1372-1
Released:    Tue May 28 16:53:28 2019
Summary:     Security update for libtasn1
Type:        security
Severity:    moderate
References:  1105435,CVE-2018-1000654
This update for libtasn1 fixes the following issues:

Security issue fixed:

- CVE-2018-1000654: Fixed a denial of service in the asn1 parser (bsc#1105435).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:1374-1
Released:    Wed May 29 10:15:39 2019
Summary:     Security update for taglib
Type:        security
Severity:    low
References:  1096180,CVE-2018-11439
This update for taglib fixes the following issues:

- CVE-2018-11439: The TagLib::Ogg::FLAC::File::scan function allowed remote
  attackers to cause information disclosure (heap-based buffer over-read) via a
  crafted audio file (bsc#1096180)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1376-1
Released:    Wed May 29 13:31:29 2019
Summary:     Recommended update for openal-soft
Type:        recommended
Severity:    low
References:  1131808
This update for openal-soft provides the following fixes:

- Remove an unused file licensed under Apache-2.0 (and thus incompatible with the rest of
  the stack). (bsc#1131808)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1380-1
Released:    Wed May 29 15:10:22 2019
Summary:     Recommended update for ipa-ex-fonts
Type:        recommended
Severity:    moderate
References:  1112183
This update for ipa-ex-fonts fixes the following issues:

- Update to version 004.01
  * new glyph U+32FF 'SQUARE ERA NAME REIWA' (boo#1112183)
  * add standardized variation sequences of 93 characters
  * update spaces of the two glyphs (U+26FF8, U+663B)
- remove old Obsoletes and Provides for the past naming rule change

  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1393-1
Released:    Fri May 31 10:18:34 2019
Summary:     Recommended update for pesign
Type:        recommended
Severity:    moderate
References:  1130588,1134670
This update for pesign fixes the following issues:

- Enable build on %arm as we can sign kernel on %arm (bsc#1134670)

- Require shadow instead of old pwdutils (bsc#192328)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:1398-1
Released:    Fri May 31 12:54:22 2019
Summary:     Security update for libpng16
Type:        security
Severity:    low
References:  1100687,1121624,1124211,CVE-2018-13785,CVE-2019-7317
This update for libpng16 fixes the following issues:

Security issues fixed:

- CVE-2019-7317: Fixed a use-after-free vulnerability, triggered when 
  png_image_free() was called under png_safe_execute (bsc#1124211).
- CVE-2018-13785: Fixed a wrong calculation of row_factor in the
  png_check_chunk_length function in pngrutil.c, which could haved triggered
  and integer overflow and result in an divide-by-zero while processing a
  crafted PNG file, leading to a denial of service (bsc#1100687)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1403-1
Released:    Mon Jun  3 10:45:52 2019
Summary:     Recommended update for fio
Type:        recommended
Severity:    moderate
References:  1129706

This update ships the performance measurement tool 'fio' to the SUSE Linux Enterprise 15 Module for Basesystem. (bsc#1129706)
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1409-1
Released:    Mon Jun  3 16:28:25 2019
Summary:     Recommended update for lifecycle-data-sle-module-live-patching
Type:        recommended
Severity:    moderate
References:  1020320
This update for lifecycle-data-sle-module-live-patching fixes the following issues:

- Added data 4_12_14_-150_17 for lifecycle-data-sle-live-patching. (bsc#1020320)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1412-1
Released:    Tue Jun  4 07:58:12 2019
Summary:     Recommended update for wireless-regdb
Type:        recommended
Severity:    moderate
References:  1134213
This update for wireless-regdb provides the following fixes:

- Update to version 2019.03.01: (bsc#1134213)
  * Sync IN with G.S.R. 1048(E).
  * Update regulatory rules for Sweden (SE) on 2.4/5/60 GHz.
  * Update 60ghz band rules for US.
  * Add 5725-5875 MHz rule for Portugal (PT).
  * Add URLs in README.
  * Delete outdated comment for DE.
  * Update source of info for CU and ES.

  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1415-1
Released:    Tue Jun  4 13:18:42 2019
Summary:     Recommended update for fping
Type:        recommended
Severity:    moderate
References:  1133988
This update for fping fixes the following issues:

- Fix fping on servers with disabled IPv6 [bsc#1133988]

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1417-1
Released:    Tue Jun  4 15:40:25 2019
Summary:     Recommended update for libselinux, policycoreutils, setools
Type:        recommended
Severity:    moderate
References:  1130097,1136515

  
This update for libselinux, policycoreutils, setools fixes the following issues:

This update provides policycoreutils-python that contains binaries necessary for SELinux administration. (bsc#1130097)

Also necessary dependencies for this package have been included in the update.

python2-setools and python3-setools are shipped instead of python-setools.


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1447-1
Released:    Fri Jun  7 12:28:24 2019
Summary:     Recommended update for sap-suse-cluster-connector
Type:        recommended
Severity:    moderate
References:  1119137,1135487
This update for sap-suse-cluster-connector fixes the following issues:

- Support groups and primitives names containing dashes. (bsc#1135487)

- Adjust detection of cluster resources, if multiple SAPInstance
  resource are found.
- Fix smm function, add set_maintenance_mode function and split function list_sap_resources into a frontend (list_sap_resources) and a backend (get_resource_and_status) to get a proper smm handling in sap_suse_cluster_connector. (bsc#1119137)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1492-1
Released:    Thu Jun 13 14:51:01 2019
Summary:     Recommended update for libidn
Type:        recommended
Severity:    low
References:  1132869

This update for libidn fixes the following issue:

- The missing libidn11-32bit compat library package was provided. (bsc#1132869)
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:1525-1
Released:    Mon Jun 17 17:31:04 2019
Summary:     Security update for netpbm
Type:        security
Severity:    moderate
References:  1024288,1024291,1136936,CVE-2017-2579,CVE-2017-2580
This update for netpbm fixes the following issues:

Security issues fixed:

- CVE-2017-2579: Fixed out-of-bounds read in expandCodeOntoStack() (bsc#1024288).
- CVE-2017-2580: Fixed out-of-bounds write of heap data in addPixelToRaster() function (bsc#1024291).
- create netpbm-vulnerable subpackage and move pstopnm there, as ghostscript is used to convert (bsc#1136936)


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1560-1
Released:    Wed Jun 19 08:57:17 2019
Summary:     Recommended update for cloud-netconfig
Type:        recommended
Severity:    moderate
References:  1135257,1135263
This update for cloud-netconfig fixes the following issues:

- cloud-netconfig will now pause and retry if API call throttling is detected
  in Azure (bsc#1135257, bsc#1135263)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:1562-1
Released:    Wed Jun 19 09:16:07 2019
Summary:     Security update for docker
Type:        security
Severity:    moderate
References:  1096726,CVE-2018-15664
This update for docker fixes the following issues:

Security issue fixed: 	  

- CVE-2018-15664: Fixed an issue which could make docker cp vulnerable to symlink-exchange race attacks (bsc#1096726).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1565-1
Released:    Wed Jun 19 11:55:42 2019
Summary:     Recommended update for google-compute-engine
Type:        recommended
Severity:    moderate
References:  1136266,1136267
This update for google-compute-engine fixes the following issues:

Update to version 20190522 (bsc#1136266, bsc#1136267)

+ Google Compute Engine

  * Fix guest attributes flow in Python 3.

+ Google Compute Engine OS Login

  * Update OS Login control file for FreeBSD support.

Update to version 20190521:

+ Google Compute Engine

  * Retry download for metadata scripts.
  * Fix script retrieval in Python 3.
  * Disable boto config in Python 3.
  * Update SSH host keys in guest attributes.
  * Fix XPS settings with more than 64 vCPUs.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:1576-1
Released:    Thu Jun 20 12:49:40 2019
Summary:     Security update for enigmail
Type:        security
Severity:    important
References:  1135855,CVE-2019-12269
This update for enigmail to version 2.0.11 fixes the following issues:

Security issue fixed:

- CVE-2019-12269: Fixed an issue where a specially crafted inline PGP messages could spoof a 'correctly signed' message (bsc#1135855).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:1603-1
Released:    Fri Jun 21 10:23:33 2019
Summary:     Security update for exempi
Type:        security
Severity:    moderate
References:  1098946,CVE-2018-12648
This update for exempi fixes the following issues:

- CVE-2018-12648: Fixed a NULL pointer dereference (crash) issue when processing webp files (bsc#1098946).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:1607-1
Released:    Fri Jun 21 10:26:45 2019
Summary:     Security update for wireshark
Type:        security
Severity:    moderate
References:  1136021
This update for wireshark to version 2.4.15 fixes the following issues:

Security issue fixed:

- Fixed a denial of service in the dissection engine (bsc#1136021). 

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1616-1
Released:    Fri Jun 21 11:04:39 2019
Summary:     Recommended update for rpcbind
Type:        recommended
Severity:    moderate
References:  1134659
This update for rpcbind fixes the following issues:

- Change rpcbind locking path from /var/run/rpcbind.lock to /run/rpcbind.lock. (bsc#1134659)
- Change the order of socket/service in the %postun scriptlet to avoid an error from rpcbind.socket when rpcbind is running during package update.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1631-1
Released:    Fri Jun 21 11:17:21 2019
Summary:     Recommended update for xz
Type:        recommended
Severity:    low
References:  1135709
This update for xz fixes the following issues:

  Add SUSE-Public-Domain licence as some parts of xz utils (liblzma,
  xz, xzdec, lzmadec, documentation, translated messages, tests,
  debug, extra directory) are in public domain licence [bsc#1135709]
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1728-1
Released:    Tue Jul  2 17:35:39 2019
Summary:     Recommended update for openssl-1_0_0
Type:        recommended
Severity:    moderate
References:  1130041
This update for openssl-1_0_0 fixes the following issues:

- Add back the steam subpackage on openSUSE Leap 15 whose openssl-1_0_0 package is inherited from
  this package (bsc#1130041)

This update also ships openssl-1_0_0 to the SUSE Manager Client Tools 15 repository,
to be used for phantomjs / grafana.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1741-1
Released:    Wed Jul  3 21:13:18 2019
Summary:     Recommended update for perl-Tk
Type:        recommended
Severity:    moderate
References:  1134134
This update for perl-Tk fixes the following issues:

- Tk::Photo importer fails on some XPM files. (bsc#1134134)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:1750-1
Released:    Thu Jul  4 16:07:32 2019
Summary:     Security update for libu2f-host, pam_u2f
Type:        security
Severity:    moderate
References:  1128140,1135727,1135729,CVE-2019-12209,CVE-2019-12210,CVE-2019-9578
This update for libu2f-host and pam_u2f to version 1.0.8 fixes the following issues:

Security issues fixed for libu2f-host: 

- CVE-2019-9578: Fixed a memory leak due to a wrong parse of init's response (bsc#1128140).

Security issues fixed for pam_u2f:

- CVE-2019-12209: Fixed an issue where symlinks in the user's directory were followed (bsc#1135729).
- CVE-2019-12210: Fixed file descriptor leaks (bsc#1135727).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:1776-1
Released:    Mon Jul  8 18:18:37 2019
Summary:     Security update for zeromq
Type:        security
Severity:    important
References:  1082318,1140255,CVE-2019-13132
This update for zeromq fixes the following issues:

- CVE-2019-13132: An unauthenticated remote attacker could have exploited
  a stack overflow vulnerability on a server that is supposed to be protected
  by encryption and authentication to potentially gain a remote code execution.
  (bsc#1140255)

- Correctly mark license files as licence instead of documentation (bsc#1082318)

  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1780-1
Released:    Mon Jul  8 20:24:24 2019
Summary:     Recommended update for icewm
Type:        recommended
Severity:    moderate
References:  1076817
This update for icewm fixes the following issues:

- Disabled icewm's suspend function in order to allow systemd the handling of
  power key events (bsc#1076817)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1795-1
Released:    Tue Jul  9 23:39:25 2019
Summary:     Recommended update for saptune
Type:        recommended
Severity:    moderate
References:  1116799,1123808,1124485,1124486,1124487,1124488,1124489,1126220,1128322,1128325
This update for saptune fixes the following issues:

- Resetting all values to clean the system during package removal

- Fix saptune issues with /etc/security/limits.conf. (bsc#1124485)

- Add deprecated message to the description of some notes set scheduler for note SUSE-GUIDE-01 correctly.(bsc#1123808)

- Ship both versions of saptune in one package to support a smooth migration controlled by the customer. See man saptune-migrate(5) for more information.

- Support note name changes and note deletion during update of saptune v2 from SLE12 to SLE15.

- Support different SAP Note definitions and solution definitions related to the used operation system version (distinguish between SLE12 and SLE15 at the moment)

- Remove calculation of optimized values, only set the values from the configuration file irrespective of the current system value. Current system value can be increase or decrease.
  ATTENTION: saptune no longer respects higher system values. Use the override option to change the values of the Note definition files, if needed. (bsc#1124488)
  
- Mark the Notes SUSE-GUIDE-01 and SUSE-GUIDE-02 as deprecated in saptune v1 and remove these Note definitions from saptune v2. (bsc#1116799)

- Add bash-completion for saptune.

- Add action 'show' to the 'note' operation to print content of the note definition file to stdout.

- Add new action 'create' to support the customer/vendor while creating a vendor or customer specific file in /etc/saptune/extra using the template file /usr/share/saptune/NoteTemplate.conf

- Simplify file name syntax for the vendor files available in /etc/saptune/extra. Old file names still valid and supported.

- Add header support (version, date, description) for the vendor files available in /etc/saptune/extra as already available for the note definition files in /usr/share/saptune/notes

- No longer write or remove entries from /etc/security/limits.conf. Instead add or remove drop-in files in /etc/security/limits.d
 The filename syntax for the drop-in files /etc/security/limits.d is saptune-<domain>-<item>-<type>.conf. The limits entry syntax inside the Note definition files changed to support more than one limits settings in the definition file. (bsc#1128322)
 
- Preserve comment sections of the security limits file /etc/security/limits.conf. Especially, if this is the only content of the file. (bsc#1124485)

- Work with the current Note definition file to define the pagecache settings. (bsc#1126220)

- Setting of UserTaskMax by applying the related SAP Notes in the postinstall of the package. (bsc#1124489)

- Starting to support severities INFO, WARNING, ERROR and DEBUG for the logging and add a defined format for the log messages.

- Remove saptune as active tuned profile during action 'saptune daemon stop' - start/stop services, if requested by SAP Notes, but do not enable/disable these services. (bsc#1128325)

- Adapt the parameter oriented save state file handling (store and revert) to the special needs of the security limits parameter. (bsc#1124485)

- Disable parameter settings using an override file. (bsc#1124486)

- Store the order of the note as they are applied to get the same system tuning result after a system reboot as before.

- Correct the revert of the vm.dirty parameters by handling their counterpart parameters in addition. (bsc#1124487)

- Adjust operation customize to the new configuration files and override location and enable customize option for vendor and customer specific files in /etc/saptune/extra. (bsc#1124487)

- Change output format of the operations list, verify and simulate. (bsc#1124487)

- Display footnotes during 'verify' and 'simulate'. (bsc#1124487)

- Remove Netweaver formula for page cache calculation. Use the HANA approach '2% system memory' for both.

- Display a warning message, if a [block] section is found in the Note definition file because on systems with a huge number of block devices this operation may take some time.

- Add force_latency handling to 'cpu' section. Use the files in /sys/devices/system/cpu/cpu* instead of /dev/cpu_dma_latency.
Remove the parameter from the tuned.conf file and add it to the SAP note files '1984787' and '2205917'

- Add action 'saptune revert all' and add parameter based saved state files to support proper revert functionality. (bsc#1124487)

- Add override file handling for the solution definition using /etc/saptune/override/solution. (bsc#1124486)

- Read solution definition from file /usr/share/saptune/solution instead of static coding inside of saptune. (bsc#1124486)

- Make sure a note, which is part of an applied solution definition, but was reverted manually later, will NOT applied again after a system reboot.

- One configuration file per SAP Note. (bsc#1124486)

- Add new SAP Notes and adapt content of SAP Notes.

- Handle different locations of the new configuration files (/usr/share/saptune/note, /etc/saptune/extra). (bsc#1124486)


- Allow parameter override by the customer. (bsc#1124486)

- Expand section handling of the 'ini file' handler to handle the new configuration file entries. Supported sections:
  version, reminder, login, mem, vm, block, limits, sysctl, pagecache, cpu, service, rpm, grub. (bsc#1124486)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:1804-1
Released:    Wed Jul 10 10:40:44 2019
Summary:     Security update for ruby-bundled-gems-rpmhelper, ruby2.5
Type:        security
Severity:    important
References:  1082007,1082008,1082009,1082010,1082011,1082014,1082058,1087433,1087434,1087436,1087437,1087440,1087441,1112530,1112532,1130028,1130611,1130617,1130620,1130622,1130623,1130627,1133790,CVE-2017-17742,CVE-2018-1000073,CVE-2018-1000074,CVE-2018-1000075,CVE-2018-1000076,CVE-2018-1000077,CVE-2018-1000078,CVE-2018-1000079,CVE-2018-16395,CVE-2018-16396,CVE-2018-6914,CVE-2018-8777,CVE-2018-8778,CVE-2018-8779,CVE-2018-8780,CVE-2019-8320,CVE-2019-8321,CVE-2019-8322,CVE-2019-8323,CVE-2019-8324,CVE-2019-8325
This update for ruby2.5 and ruby-bundled-gems-rpmhelper fixes the following issues:

Changes in ruby2.5:

Update to 2.5.5 and 2.5.4:

https://www.ruby-lang.org/en/news/2019/03/15/ruby-2-5-5-released/
https://www.ruby-lang.org/en/news/2019/03/13/ruby-2-5-4-released/

Security issues fixed:

- CVE-2019-8320: Delete directory using symlink when
  decompressing tar (bsc#1130627)
- CVE-2019-8321: Escape sequence injection vulnerability in
  verbose  (bsc#1130623)
- CVE-2019-8322: Escape sequence injection vulnerability in gem
  owner  (bsc#1130622)
- CVE-2019-8323: Escape sequence injection vulnerability in API
  response handling  (bsc#1130620)
- CVE-2019-8324: Installing a malicious gem may lead to arbitrary
  code execution  (bsc#1130617)
- CVE-2019-8325: Escape sequence injection vulnerability in
  errors  (bsc#1130611)


Ruby 2.5 was updated to 2.5.3:

This release includes some bug fixes and some security fixes.

Security issues fixed:

- CVE-2018-16396: Tainted flags are not propagated in Array#pack
  and String#unpack with some directives (bsc#1112532)
- CVE-2018-16395: OpenSSL::X509::Name equality check does not
  work correctly (bsc#1112530)

Ruby 2.5 was updated to 2.5.1:

This release includes some bug fixes and some security fixes.

Security issues fixed:

- CVE-2017-17742: HTTP response splitting in WEBrick (bsc#1087434)
- CVE-2018-6914: Unintentional file and directory creation with
  directory traversal in tempfile and tmpdir (bsc#1087441)
- CVE-2018-8777: DoS by large request in WEBrick (bsc#1087436)
- CVE-2018-8778: Buffer under-read in String#unpack (bsc#1087433)
- CVE-2018-8779: Unintentional socket creation by poisoned NUL
  byte in UNIXServer and UNIXSocket (bsc#1087440)
- CVE-2018-8780: Unintentional directory traversal by poisoned
  NUL byte in Dir (bsc#1087437)

- Multiple vulnerabilities in RubyGems were fixed:

  - CVE-2018-1000079: Fixed path traversal issue during gem installation allows to write to arbitrary filesystem locations (bsc#1082058)
  - CVE-2018-1000075: Fixed infinite loop vulnerability due to negative size in tar header causes Denial of Service (bsc#1082014)
  - CVE-2018-1000078: Fixed XSS vulnerability in homepage attribute when displayed via gem server (bsc#1082011)
  - CVE-2018-1000077: Fixed that missing URL validation on spec home attribute allows malicious gem to set an invalid homepage URL (bsc#1082010)
  - CVE-2018-1000076: Fixed improper verification of signatures in tarball allows to install mis-signed gem (bsc#1082009)
  - CVE-2018-1000074: Fixed unsafe Object Deserialization Vulnerability in gem owner allowing arbitrary code execution on specially crafted YAML (bsc#1082008)
  - CVE-2018-1000073: Fixed path traversal when writing to a symlinked basedir outside of the root (bsc#1082007)

Other changes:

- Fixed Net::POPMail methods modify frozen literal when using default arg
- ruby: change over of the Japanese Era to the new emperor May 1st 2019 (bsc#1133790)
- build with PIE support (bsc#1130028)


Changes in ruby-bundled-gems-rpmhelper:

- Add a new helper for bundled ruby gems.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1807-1
Released:    Wed Jul 10 13:13:21 2019
Summary:     Recommended update for java-11-openjdk
Type:        recommended
Severity:    moderate
References:  1137264

This update ships the OpenJDK LTS version 11 in the java-11-openjdk packages. (FATE#326347 bsc#1137264)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1815-1
Released:    Thu Jul 11 07:47:55 2019
Summary:     Recommended update for timezone
Type:        recommended
Severity:    moderate
References:  1140016
This update for timezone fixes the following issues:

- Timezone update 2019b. (bsc#1140016):
  - Brazil no longer observes DST.
  - 'zic -b slim' outputs smaller TZif files.
  - Palestine's 2019 spring-forward transition was on 03-29, not 03-30.
  - Add info about the Crimea situation.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1864-1
Released:    Wed Jul 17 12:22:37 2019
Summary:     Recommended update for osc
Type:        recommended
Severity:    moderate
References:  1138165
This update for osc fixes the following issues:

- Version update to version 0.165.1 (bsc#1138165)

  * fix oscssl 'urldefrag is not defined error'
  * osc release command now python3 compatible
  * add more decode logic in get_commitlog
  * osc add 'dir' in compressed mode now works with python3
  * osc getbinaries now prints the output instead of using the quiet mode as a default
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1892-1
Released:    Thu Jul 18 15:54:35 2019
Summary:     Recommended update for openslp
Type:        recommended
Severity:    moderate
References:  1117969,1136136
This update for openslp fixes the following issues:

- Use tcp connects to talk with other directory agents (DAs) (bsc#1117969)
- Fix segfault in predicate match if a registered service has
  a malformed attribute list (bsc#1136136)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:1894-1
Released:    Thu Jul 18 16:18:10 2019
Summary:     Security update for LibreOffice
Type:        security
Severity:    moderate
References:  1089811,1116451,1121874,1123131,1123455,1124062,1124869,1127760,1127857,1128845,1135189,1135228,CVE-2018-16858

This update for libreoffice and libraries fixes the following issues:

LibreOffice was updated to 6.2.5.2 (fate#327121 bsc#1128845 bsc#1123455),
bringing lots of bug and stability fixes.

Additional bugfixes:

- If there is no firebird engine we still need java to run hsqldb (bsc#1135189)
- PPTX: Rectangle turns from green to blue and loses transparency when transparency is set (bsc#1135228)
- Slide deck compression doesn't, hmm, compress too much (bsc#1127760)
- Psychedelic graphics in LibreOffice (but not PowerPoint) (bsc#1124869)
- Image from PPTX shown in a square, not a circle (bsc#1121874)

libixion was updated to 0.14.1:

* Updated for new orcus

liborcus was updated to 0.14.1:

* Boost 1.67 support
* Various cell handling issues fixed



libwps was updated to 0.4.10:

* QuattroPro: add parser of .qwp files
* all: support complex encoding

mdds was updated to 1.4.3:

* Api change to 1.4
* More multivector operations and tweaks
* Various multi vector fixes
* flat_segment_tree: add segment iterator and functions
* fix to handle out-of-range insertions on flat_segment_tree
* Another api version -> rename to mdds-1_2

myspell-dictionaries was updated to 20190423:

* Serbian dictionary updated
* Update af_ZA hunspell
* Update Spanish dictionary
* Update Slovenian dictionary
* Update Breton dictionary
* Update Galician dictionary

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:1963-1
Released:    Wed Jul 24 11:41:43 2019
Summary:     Security update for openexr
Type:        security
Severity:    moderate
References:  1040109,1040113,1040115,CVE-2017-9111,CVE-2017-9113,CVE-2017-9115
This update for openexr fixes the following issues:

Security issues fixed: 	  

- CVE-2017-9111: Fixed an invalid write of size 8 in the storeSSE function in ImfOptimizedPixelReading.h (bsc#1040109).
- CVE-2017-9113: Fixed an invalid write of size 1 in the bufferedReadPixels function in ImfInputFile.cpp (bsc#1040113).
- CVE-2017-9115: Fixed an invalid write of size 2 in the = operator function inhalf.h (bsc#1040115).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1998-1
Released:    Fri Jul 26 16:13:22 2019
Summary:     Recommended update for sysstat
Type:        recommended
Severity:    moderate
References:  1138767
This update for sysstat fixes the following issues:

- Fix scaling issue with mtab symlinks and automounter. (bsc#1138767)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2001-1
Released:    Fri Jul 26 18:09:41 2019
Summary:     Recommended update for docker
Type:        recommended
Severity:    important
References:  1138920
This update for docker fixes the following issues:

- Mark daemon.json as %config(noreplace) to not overwrite it during
  installation (bsc#1138920)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:2002-1
Released:    Mon Jul 29 13:00:27 2019
Summary:     Security update for java-11-openjdk
Type:        security
Severity:    important
References:  1115375,1140461,1141780,1141781,1141782,1141783,1141784,1141785,1141787,1141788,1141789,CVE-2019-2745,CVE-2019-2762,CVE-2019-2766,CVE-2019-2769,CVE-2019-2786,CVE-2019-2816,CVE-2019-2818,CVE-2019-2821,CVE-2019-7317
This update for java-11-openjdk to version jdk-11.0.4+11 fixes the following issues:

Security issues fixed:

- CVE-2019-2745: Improved ECC Implementation (bsc#1141784).
- CVE-2019-2762: Exceptional throw cases (bsc#1141782).
- CVE-2019-2766: Improve file protocol handling (bsc#1141789).
- CVE-2019-2769: Better copies of CopiesList (bsc#1141783).
- CVE-2019-2786: More limited privilege usage (bsc#1141787).
- CVE-2019-7317: Improve PNG support options (bsc#1141780).
- CVE-2019-2818: Better Poly1305 support (bsc#1141788).
- CVE-2019-2816: Normalize normalization (bsc#1141785).
- CVE-2019-2821: Improve TLS negotiation (bsc#1141781).
- Certificate validation improvements

Non-security issues fixed:

- Do not fail installation when the manpages are not present (bsc#1115375)
- Backport upstream fix for JDK-8208602: Cannot read PEM X.509 cert if
  there is whitespace after the header or footer (bsc#1140461)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:2003-1
Released:    Mon Jul 29 13:01:22 2019
Summary:     Security update for libreoffice
Type:        security
Severity:    important
References:  1110348,1112112,1112113,1112114,1116451,1117195,1117300,1121874,1123131,1123455,1124062,1124658,1124869,1127760,1127857,1128845,1135189,1135228,882383,CVE-2018-16858
This update for libreoffice fixes the following issues:

LibreOffice was updated to 6.2.5.2 (fate#327121).

Security issue fixed:

- CVE-2018-16858: LibreOffice was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python method from a script in any arbitrary file system location, specified relative to the LibreOffice install location. (bsc#1124062)

Other bugfixes:

- If there is no firebird engine we still need java to run hsqldb (bsc#1135189)
- Require firebird as default driver for base if enabled
- PPTX: Rectangle turns from green to blue and loses transparency when transparency is set (bsc1135228)
- Slide deck compression doesn't, hmm, compress too much (bsc#1127760)
- Psychedelic graphics in LibreOffice (but not PowerPoint) (bsc#1124869)
- Image from PPTX shown in a square, not a circle (bsc#1121874)
- Switch to the new web based help system bsc#1116451
- Enable new approach for mariadb connector again
- PPTX: SmartArt: Basic rendering of the Organizational Chart (bsc#1112114)
- PPTX: SmartArt: Basic rendering of Accent Process and Continuous Block Process (bsc#1112113)
- Saving a new document can silently overwrite an existing document (bsc#1117300)
- Install also C++ libreofficekit headers bsc#1117195
- Chart in PPTX lacks color and is too large (bsc#882383)
- PPTX: SmartArt: Basic rendering of several list types (bsc#1112112)
- PPTX: Charts having weird/darker/ugly background versus Office 365 and strange artefacts where overlapping (bsc#1110348)


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2005-1
Released:    Mon Jul 29 13:02:15 2019
Summary:     Recommended update for cloud-init
Type:        recommended
Severity:    moderate
References:  1116767,1119397,1121878,1123694,1125950,1125992,1126101,1132692,1136440
This update for cloud-init fixes the following issues:

- Fixes a bug where only the last defined route was written to the routes configuration
  file (bsc#1132692)
- Fixes a bug where a new network rules file for network devices didn't apply immediately (bsc#1125950)
- Improved the writing of route config files to avoid issues (bsc#1125992)
- Fixes a bug where OpenStack instances where not detected on VIO (bsc#1136440)
- Fixes a bug where IPv4 and IPv6 were not set up as default routes (bsc#1121878)
- Added a fix to prevent the resolv.conf to be empty (bsc#1119397)
- Uses now the proper name to designate IPv6 addresses in ifcfg-* files (bsc#1126101)
- Fixes an issue where the ifroute-eth0 file got corrupted when cloning an
  existing instance (bsc#1123694)

Some more fixes were included within the 19.1 update of cloud-init. Please refer to the package
changelog for more details.
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:2020-1
Released:    Tue Jul 30 13:18:31 2019
Summary:     Security update for mariadb, mariadb-connector-c
Type:        security
Severity:    important
References:  1126088,1132666,1136035,CVE-2019-2614,CVE-2019-2627,CVE-2019-2628
This update for mariadb and mariadb-connector-c fixes the following issues:

mariadb:

- Update to version 10.2.25 (bsc#1136035)
- CVE-2019-2628: Fixed a remote denial of service by an privileged attacker (bsc#1136035).
- CVE-2019-2627: Fixed another remote denial of service by an privileged attacker (bsc#1136035).
- CVE-2019-2614: Fixed a potential remote denial of service by an privileged attacker (bsc#1136035).
- Fixed reading options for multiple instances if my${INSTANCE}.cnf is used (bsc#1132666)

mariadb-connector-c:

- Update to version 3.1.2 (bsc#1136035)
- Moved libmariadb.pc from /usr/lib/pkgconfig to /usr/lib64/pkgconfig for x86_64 (bsc#1126088) 

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:2021-1
Released:    Tue Jul 30 16:38:55 2019
Summary:     Security update for java-1_8_0-openjdk
Type:        security
Severity:    important
References:  1115375,1141780,1141782,1141783,1141784,1141785,1141786,1141787,1141789,CVE-2019-2745,CVE-2019-2762,CVE-2019-2766,CVE-2019-2769,CVE-2019-2786,CVE-2019-2816,CVE-2019-2842,CVE-2019-7317
This update for java-1_8_0-openjdk to version 8u222 fixes the following issues:

Security issues fixed:

- CVE-2019-2745: Improved ECC Implementation (bsc#1141784).
- CVE-2019-2762: Exceptional throw cases (bsc#1141782).
- CVE-2019-2766: Improve file protocol handling (bsc#1141789).
- CVE-2019-2769: Better copies of CopiesList (bsc#1141783).
- CVE-2019-2786: More limited privilege usage (bsc#1141787).
- CVE-2019-2816: Normalize normalization (bsc#1141785).
- CVE-2019-2842: Extended AES support (bsc#1141786).
- CVE-2019-7317: Improve PNG support (bsc#1141780).
- Certificate validation improvements

Non-security issue fixed:

- Fixed an issue where the installation failed when the manpages are not present (bsc#1115375)


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2039-1
Released:    Fri Aug  2 08:34:40 2019
Summary:     Recommended update for transfig
Type:        recommended
Severity:    moderate
References:  1136882
This update for transfig fixes the following issues:

- Fix export to PDF, PNG from. (bsc#1136882)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:2043-1
Released:    Fri Aug  2 15:18:37 2019
Summary:     Security update for openexr
Type:        security
Severity:    moderate
References:  1061305,CVE-2017-14988
This update for openexr fixes the following issues:

- CVE-2017-14988: Fixed a denial of service in Header::readfrom() (bsc#1061305).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2060-1
Released:    Tue Aug  6 14:27:41 2019
Summary:     Recommended update for libreoffice-share-linker
Type:        recommended
Severity:    moderate
References:  1139727
This update for libreoffice-share-linker fixes the following issues:

- Work with paranoid umask settings. (bsc#1139727)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2061-1
Released:    Tue Aug  6 14:28:33 2019
Summary:     Recommended update for several bugs for Hawk2
Type:        recommended
Severity:    moderate
References:  1089802,1137891

    Update for Hawk2 for the following issues:
    - Fix display in case of nameless cluster (bsc#1137891)
    - Fix utility method for checking ACL version in Hawk (bsc#1089802)
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:2067-1
Released:    Tue Aug  6 17:22:07 2019
Summary:     Security update for osc
Type:        security
Severity:    important
References:  1129889,1138977,1140697,1142518,1142662,1144211,CVE-2019-3685
This update for osc to version 0.165.4 fixes the following issues:

Security issue fixed:

- CVE-2019-3685: Fixed broken TLS certificate handling allowing for a Man-in-the-middle attack (bsc#1142518).

Non-security issues fixed:

- support different token operations (runservice, release and rebuild) (requires OBS 2.10)
- fix osc token decode error
- offline build mode is now really offline and does not try to download the buildconfig
- osc build -define now works with python3
- fixes an issue where the error message on osc meta -e was not parsed correctly
- osc maintainer -s now works with python3
- simplified and fixed osc meta -e (bsc#1138977) 
- osc lbl now works with non utf8 encoding (bsc#1129889)
- add simpleimage as local build type 
- allow optional fork when creating a maintenance request
- fix RPMError fallback
- fix local caching for all package formats
- fix appname for trusted cert store
- osc -h does not break anymore when using plugins 
- switch to difflib.diff_bytes and sys.stdout.buffer.write for diffing.
  This will fix all decoding issues with osc diff, osc ci and osc rq -d
- fix osc ls -lb handling empty size and mtime
- removed decoding on osc api command.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2077-1
Released:    Wed Aug  7 10:54:05 2019
Summary:     Recommended update for wireless-regdb
Type:        recommended
Severity:    moderate
References:  1138177
This update for wireless-regdb fixes the following issues:

- Update to version 2019.06.03 (bsc#1138177):
  * Expand 60 GHz band for Japan to 57-66 GHz
  * update source of information for CU
  * Update regulatory rules for South Korea
  * Update regulatory rules for Japan (JP) on 5GHz
  * update source of information for ES	

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2094-1
Released:    Fri Aug  9 06:56:18 2019
Summary:     Recommended update for glm
Type:        recommended
Severity:    moderate
References:  1135667
This update for glm fixes the following issues:

- Create a glm.pc file (fixes bsc#1135667)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2095-1
Released:    Fri Aug  9 06:56:48 2019
Summary:     Recommended update for container-suseconnect
Type:        recommended
Severity:    moderate
References:  1138731
This update for container-suseconnect fixes the following issues:

container-suseconnect was updated to 2.1.0 (bsc#1138731), fixing interacting with SCC behind proxy and SMT.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2096-1
Released:    Fri Aug  9 06:57:23 2019
Summary:     Recommended update for docker-img-store-setup
Type:        recommended
Severity:    moderate
References:  1138201
This update for docker-img-store-setup fixes the following issues:

- Support creation of the container storage filesystem with XFS to use the overlay fs driver. (bsc#1138201)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:2103-1
Released:    Fri Aug  9 13:16:36 2019
Summary:     Security update for wireshark
Type:        security
Severity:    moderate
References:  1141980,CVE-2019-13619
This update for wireshark to version 2.4.16 fixes the following issues:

Security issue fixed:

- CVE-2019-13619: ASN.1 BER and related dissectors crash (bsc#1141980).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2116-1
Released:    Tue Aug 13 07:43:01 2019
Summary:     Recommended update for aide
Type:        recommended
Severity:    moderate
References:  1098360
This update for aide fixes the following issues:

- Remove not available gcrypt algorithm 7 DB_HAVAL (bsc#1098360). 

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:2117-1
Released:    Tue Aug 13 14:56:55 2019
Summary:     Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork
Type:        security
Severity:    important
References:  1100331,1121967,1138920,1139649,1142160,1142413,1143409,CVE-2018-10892,CVE-2019-13509,CVE-2019-14271,CVE-2019-5736
This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues:

Docker:

- CVE-2019-14271: Fixed a code injection if the nsswitch facility dynamically loaded a library inside a chroot (bsc#1143409).
- CVE-2019-13509: Fixed an information leak in the debug log (bsc#1142160).
- Update to version 19.03.1-ce, see changelog at /usr/share/doc/packages/docker/CHANGELOG.md (bsc#1142413, bsc#1139649).

runc:

- Use %config(noreplace) for /etc/docker/daemon.json (bsc#1138920).
- Update to runc 425e105d5a03, which is required by Docker (bsc#1139649).

containerd:

- CVE-2019-5736: Fixed a container breakout vulnerability (bsc#1121967).
- Update to containerd v1.2.6, which is required by docker (bsc#1139649).

golang-github-docker-libnetwork:

- Update to version git.fc5a7d91d54cc98f64fc28f9e288b46a0bee756c, which is required by docker (bsc#1142413, bsc#1139649).

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2019:2121-1
Released:    Wed Aug 14 11:17:51 2019
Summary:     Optional update for susemanager-cloud-setup
Type:        optional
Severity:    moderate
References:  1138254

This is the initial release of the susemanager-cloud-setup packages (bsc#1138254, fate#327820)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2122-1
Released:    Wed Aug 14 11:17:59 2019
Summary:     Recommended update for lifecycle-data-sle-module-live-patching
Type:        recommended
Severity:    moderate
References:  1020320
This update for lifecycle-data-sle-module-live-patching fixes the following issues:

- Added data for 4_12_14-150_14, 4_12_14-150_17, 4_12_14-150_22,
  4_12_14-195, 4_12_14-197_4, 4_12_14-197_7,
  4_12_14-25_28. (bsc#1020320)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2139-1
Released:    Wed Aug 14 12:53:22 2019
Summary:     Recommended update for google-compute-engine
Type:        recommended
Severity:    moderate
References:  1144092,1144170
This update for google-compute-engine fixes the following issues:

- updated to version 20190801 (bsc#1144092, bsc#1144170)
  * Fix for 2FA on RHEL 8
  * Support for Debian 10
  * Support for Google Private Access over IPv6
  * Support root disk expansion in RHEL 8 and Debian 10

Some more minor bug fixes were included in this maintenance update. The full list can be
retrieved from this rpm's changelog file.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2141-1
Released:    Wed Aug 14 14:45:18 2019
Summary:     Recommended update for cloud-regionsrv-client
Type:        recommended
Severity:    moderate
References:  1136112,1136113,1137384,1137385
This update for cloud-regionsrv-client fixes the following issues:

- If the credentials are not valid, an error is issued and the user is
  instructed to re-register the system
- Fixes a bug where the registration client aborted with a traceback when the instance
  data cannot be retrieved (bsc#1137384, bsc#1137385)

This maintenance update for cloud-regionsrv-client includes some more smaller bug fixes as well. Please
refer to this rpm's changelog file to receive a full list of all changes.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2142-1
Released:    Wed Aug 14 18:14:04 2019
Summary:     Recommended update for mozilla-nspr, mozilla-nss
Type:        recommended
Severity:    moderate
References:  1141322

  
This update for mozilla-nspr, mozilla-nss fixes the following issues:

mozilla-nss was updated to NSS 3.45 (bsc#1141322) :

* New function in pk11pub.h: PK11_FindRawCertsWithSubject
* The following CA certificates were Removed:
  CN = Certinomis - Root CA (bmo#1552374)
* Implement Delegated Credentials (draft-ietf-tls-subcerts) (bmo#1540403)
  This adds a new experimental function SSL_DelegateCredential
  Note: In 3.45, selfserv does not yet support delegated credentials (See bmo#1548360).
  Note: In 3.45 the SSLChannelInfo is left unmodified, while an upcoming change in 3.46 will set SSLChannelInfo.authKeyBits to that of the delegated credential for better policy enforcement (See bmo#1563078).
* Replace ARM32 Curve25519 implementation with one from fiat-crypto (bmo#1550579)
* Expose a function PK11_FindRawCertsWithSubject for finding certificates with a given subject on a given slot (bmo#1552262)
* Add IPSEC IKE support to softoken (bmo#1546229)
* Add support for the Elbrus lcc compiler (<=1.23) (bmo#1554616)
* Expose an external clock for SSL (bmo#1543874)
  This adds new experimental functions: SSL_SetTimeFunc, 
  SSL_CreateAntiReplayContext, SSL_SetAntiReplayContext, and 
  SSL_ReleaseAntiReplayContext.
  The experimental function SSL_InitAntiReplay is removed.
* Various changes in response to the ongoing FIPS review (bmo#1546477)
  Note: The source package size has increased substantially due to the new FIPS test vectors. This will likely prompt follow-on work, but please accept our apologies in the meantime.

mozilla-nspr was updated to version 4.21

* Changed prbit.h to use builtin function on aarch64.
* Removed Gonk/B2G references.  


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2145-1
Released:    Thu Aug 15 07:33:19 2019
Summary:     Recommended update for python3-susepubliccloudinfo
Type:        recommended
Severity:    moderate
References:  1144100,1144102
This update for python3-susepubliccloudinfo fixes the following issues:

- Added support for 'oracle' framework for images only (bsc#1144100, bsc#1144102)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2189-1
Released:    Wed Aug 21 10:12:23 2019
Summary:     Recommended update for sysstat
Type:        recommended
Severity:    moderate
References:  1142470
This update for sysstat fixes the following issues:

- Remove deprecated gettext and require gettext-runtime during build only. (bsc#1142470)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:2191-1
Released:    Wed Aug 21 17:59:24 2019
Summary:     Security update for wavpack
Type:        security
Severity:    low
References:  1133384,1141334,CVE-2019-1010319,CVE-2019-11498
This update for wavpack fixes the following issues:

Security issues fixed:

- CVE-2019-1010319: Fixed use of uninitialized variable in ParseWave64HeaderConfig that can result in unexpected control flow, crashes, and segfaults (bsc#1141334).
- CVE-2019-11498: Fixed possible denial of service (application crash) in WavpackSetConfiguration64 via a DFF file that lacks valid sample-rate data (bsc#1133384).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2198-1
Released:    Thu Aug 22 14:35:15 2019
Summary:     Recommended update for cloud-regionsrv-client
Type:        recommended
Severity:    important
References:  1144754,1146321,1146462,1146463,1146467,1146468,1146610
This update for cloud-regionsrv-client fixes the following issues:

- Adds a dependency to python3-urllib3 (bsc#1146610, bsc#1146321, bsc#1144754)
- Fixes an issue where the registration client exited with a traceback since the
  last update (bsc#1146462, bsc#1146463)
- Clear the new-registration marker if the instance has a cache of update
  servers (bsc#1146467, bsc#1146468) 

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2200-1
Released:    Thu Aug 22 14:36:04 2019
Summary:     Recommended update for quota
Type:        recommended
Severity:    low
References:  1144265
This update for quota fixes the following issues:

- quota will stop processing the config file in case of errors (bsc#1144265)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2218-1
Released:    Mon Aug 26 11:29:57 2019
Summary:     Recommended update for pinentry
Type:        recommended
Severity:    moderate
References:  1141883
This update for pinentry fixes the following issues:

- Fix a dangling pointer in qt/main.cpp that caused crashes. (bsc#1141883)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:2223-1
Released:    Tue Aug 27 15:42:56 2019
Summary:     Security update for podman, slirp4netns and libcontainers-common
Type:        security
Severity:    moderate
References:  1096726,1123156,1123387,1135460,1136974,1137860,1143386,CVE-2018-15664,CVE-2019-10152,CVE-2019-6778

  
This is a version update for podman to version 1.4.4 (bsc#1143386).

Additional changes by SUSE on top:

- Remove fuse-overlayfs because it's (currently) an unsatisfied dependency on
  SLE (bsc#1143386)
- Update libpod.conf to use correct infra_command
- Update libpod.conf to use better versioned pause container
- Update libpod.conf to use official kubic pause container
- Update libpod.conf to match latest features set:
  detach_keys, lock_type, runtime_supports_json
- Add podman-remote varlink client

Version update podman to v1.4.4:

- Features

  - Podman now has greatly improved support for containers using multiple OCI
    runtimes. Containers now remember if they were created with a different
    runtime using --runtime and will always use that runtime
  - The cached and delegated options for volume mounts are now allowed for
    Docker compatability (#3340)
  - The podman diff command now supports the --latest flag

- Bugfixes

  - Fixed a bug where rootless Podman would attempt to use the entire root
    configuration if no rootless configuration was present for the user,
    breaking rootless Podman for new installations
  - Fixed a bug where rootless Podman's pause process would block SIGTERM,
    preventing graceful system shutdown and hanging until the system's init
    send SIGKILL
  - Fixed a bug where running Podman as root with sudo -E would not work after
    running rootless Podman at least once
  - Fixed a bug where options for tmpfs volumes added with the --tmpfs flag
    were being ignored
  - Fixed a bug where images with no layers could not properly be displayed
    and removed by Podman
  - Fixed a bug where locks were not properly freed on failure to create a
    container or pod
  - Fixed a bug where podman cp on a single file would create a directory at
    the target and place the file in it (#3384)
  - Fixed a bug where podman inspect --format '{{.Mounts}}' would print a
    hexadecimal address instead of a container's mounts
  - Fixed a bug where rootless Podman would not add an entry to container's
    /etc/hosts files for their own hostname (#3405)
  - Fixed a bug where podman ps --sync would segfault (#3411)
  - Fixed a bug where podman generate kube would produce an invalid ports
    configuration (#3408)

- Misc

  - Updated containers/storage to v1.12.13
  - Podman now performs much better on systems with heavy I/O load
  - The --cgroup-manager flag to podman now shows the correct default setting
    in help if the default was overridden by libpod.conf
  - For backwards compatability, setting --log-driver=json-file in podman run
    is now supported as an alias for --log-driver=k8s-file. This is considered
    deprecated, and json-file will be moved to a new implementation in the
    future ([#3363](https://github.com/containers/libpo\
    d/issues/3363))
  - Podman's default libpod.conf file now allows the crun OCI runtime to be
    used if it is installed

Update podman to v1.4.2:

- Fixed a bug where Podman could not run containers using an older version of
  Systemd as init
- Updated vendored Buildah to v1.9.0 to resolve a critical bug with
  Dockerfile RUN instructions
- The error message for running podman kill on containers that are not
  running has been improved
- Podman remote client can now log to a file if syslog is not available
- The podman exec command now sets its error code differently based on
  whether the container does not exist, and the command in the container does
  not exist
- The podman inspect command on containers now outputs Mounts JSON that matches
  that of docker inspect, only including user-specified volumes and
  differentiating bind mounts and named volumes
- The podman inspect command now reports the path to a container's OCI spec
  with the OCIConfigPath key (only included when the container is initialized
  or running)
- The podman run --mount command now supports the bind-nonrecursive option for
  bind mounts
- Fixed a bug where podman play kube would fail to create containers due to an
  unspecified log driver
- Fixed a bug where Podman would fail to build with musl libc
- Fixed a bug where rootless Podman using slirp4netns networking in an
  environment with no nameservers on the host other than localhost would
  result in nonfunctional networking
- Fixed a bug where podman import would not properly set environment
  variables, discarding their values and retaining only keys
- Fixed a bug where Podman would fail to run when built with Apparmor support
  but run on systems without the Apparmor kernel module loaded
- Remote Podman will now default the username it uses to log in to remote
  systems to the username of the current user
- Podman now uses JSON logging with OCI runtimes that support it, allowing for
  better error reporting
- Updated vendored containers/image to v2.0
- Update conmon to v0.3.0
- Support OOM Monitor under cgroup V2
- Add config binary and make target for configuring conmon with a go library
  for importing values

Updated podman to version 1.4.0 (bsc#1137860) and (bsc#1135460) 

- Podman checkpoint and podman restore commands can now be
  used to migrate containers between Podman installations on
  different systems.
- The podman cp now supports pause flag.
- The remote client now supports a configuration file for
  pre-configuring connections to remote Podman installations
- CVE-2019-10152: Fixed an iproper dereference of symlinks of the
  the podman cp command which introduced in version 1.1.0 (bsc#1136974).
- Fixed a bug where podman commit could improperly set environment variables 
  that contained = characters
- Fixed a bug where rootless podman would sometimes fail to start
  containers with forwarded ports
- Fixed a bug where podman version on the remote client could
  segfault
- Fixed a bug where podman container runlabel would use /proc/self/exe instead of 
  the path of the Podman command when printing the command being executed
- Fixed a bug where filtering images by label did not work
- Fixed a bug where specifying a bing mount or tmpfs mount over
  an image volume would cause a container to be unable to start
- Fixed a bug where podman generate kube did not work with
  containers with named volumes
- Fixed a bug where rootless podman would receive permission
  denied errors accessing conmon.pid
- Fixed a bug where podman cp with a folder specified as target
  would replace the folder, as opposed to copying into it
- Fixed a bug where rootless Podman commands could double-unlock
  a lock, causing a crash
- Fixed a bug where podman incorrectly set tmpcopyup on /dev/
  mounts, causing errors when using the Kata containers runtime
- Fixed a bug where podman exec would fail on older kernels
- Podman commit command is now usable with the Podman remote client
- Signature-policy flag has been deprecated
- Updated vendored containers/storage and containers/image libraries 
  with numerous bugfixes
- Updated vendored Buildah to v1.8.3
- Podman now requires Conmon v0.2.0
- The podman cp command is now aliased as podman container cp
- Rootless podman will now default init_path using root Podman's
  configuration files (/etc/containers/libpod.conf and
  /usr/share/containers/libpod.conf) if not overridden in the
  rootless configuration
- Added fuse-overlayfs dependency to support overlay based rootless image
  manipulations
- The podman cp command can now read input redirected to STDIN, and output to
  STDOUT instead of a file, using - instead of an argument.
- The podman remote client now displays version information from both the
  client and server in podman version
- The podman unshare command has been added, allowing easy entry into the
  user namespace set up by rootless Podman (allowing the removal of files
  created by rootless podman, among other things)
- Fixed a bug where Podman containers with the --rm flag were removing
  created volumes when they were automatically removed
- Fixed a bug where container and pod locks were incorrectly marked as
  released after a system reboot, causing errors on container and pod removal
- Fixed a bug where Podman pods could not be removed if any container in the
  pod encountered an error during removal
- Fixed a bug where Podman pods run with the cgroupfs CGroup driver would encounter 
  a race condition during removal, potentially failing to remove the pod CGroup
- Fixed a bug where the podman container checkpoint and podman container
  restore commands were not visible in the remote client
- Fixed a bug where podman remote ps --ns would not print the container's namespaces
- Fixed a bug where removing stopped containers with healthchecks could cause an error
- Fixed a bug where the default libpod.conf file was causing parsing errors
- Fixed a bug where pod locks were not being freed when pods were removed,
  potentially leading to lock exhaustion
- Fixed a bug where 'podman run' with SD_NOTIFY set could, on short-running
  containers, create an inconsistent state rendering the container unusable
- The remote Podman client now uses the Varlink bridge to establish remote
  connections by default
- Fixed an issue with apparmor_parser (bsc#1123387)

- Update to libpod v1.4.0 (bsc#1137860):
- The podman checkpoint and podman restore commands can now be
  used to migrate containers between Podman installations on
  different systems
- The podman cp command now supports a pause flag to pause
  containers while copying into them
- The remote client now supports a configuration file for
  pre-configuring connections to remote Podman installations
- Fixed CVE-2019-10152 - The podman cp command improperly
  dereferenced symlinks in host context
- Fixed a bug where podman commit could improperly set
  environment variables that contained = characters
- Fixed a bug where rootless Podman would sometimes fail to start
  containers with forwarded ports
- Fixed a bug where podman version on the remote client could
  segfault
- Fixed a bug where podman container runlabel would use
  /proc/self/exe instead of the path of the Podman command when
  printing the command being executed
- Fixed a bug where filtering images by label did not work
- Fixed a bug where specifying a bing mount or tmpfs mount over
  an image volume would cause a container to be unable to start
- Fixed a bug where podman generate kube did not work with
  containers with named volumes
- Fixed a bug where rootless Podman would receive permission
  denied errors accessing conmon.pid
- Fixed a bug where podman cp with a folder specified as target
  would replace the folder, as opposed to copying into it
- Fixed a bug where rootless Podman commands could double-unlock
  a lock, causing a crash
- Fixed a bug where Podman incorrectly set tmpcopyup on /dev/
  mounts, causing errors when using the Kata containers runtime
- Fixed a bug where podman exec would fail on older kernels
- The podman commit command is now usable with the Podman remote
  client
- The --signature-policy flag (used with several image-related
  commands) has been deprecated
- The podman unshare command now defines two environment
  variables in the spawned shell: CONTAINERS_RUNROOT and
  CONTAINERS_GRAPHROOT, pointing to temporary and permanent
  storage for rootless containers
- Updated vendored containers/storage and containers/image
  libraries with numerous bugfixes
- Updated vendored Buildah to v1.8.3
- Podman now requires Conmon v0.2.0
- The podman cp command is now aliased as podman container cp
- Rootless Podman will now default init_path using root Podman's
  configuration files (/etc/containers/libpod.conf and
  /usr/share/containers/libpod.conf) if not overridden in the
  rootless configuration

- Update to image v1.5.1
- Vendor in latest containers/storage
- docker/docker_client: Drop redundant Domain(ref.ref) call
- pkg/blobinfocache: Split implementations into subpackages
- copy: progress bar: show messages on completion
- docs: rename manpages to *.5.command
- add container-certs.d.md manpage
- pkg/docker/config: Bring auth tests from
  docker/docker_client_test
- Don't allocate a sync.Mutex separately

Update to storage v1.12.10:

- Add function to parse out mount options from graphdriver
- Merge the disparate parts of all of the Unix-like lockfiles
- Fix unix-but-not-Linux compilation
- Return XDG_RUNTIME_DIR as RootlessRuntimeDir if set
- Cherry-pick moby/moby #39292 for CVE-2018-15664 fixes
- lockfile: add RecursiveLock() API
- Update generated files
- Fix crash on tesing of aufs code
- Let consumers know when Layers and Images came from read-only stores
- chown: do not change owner for the mountpoint
- locks: correctly mark updates to the layers list
- CreateContainer: don't worry about mapping layers unless necessary
- docs: fix manpage for containers-storage.conf
- docs: sort configuration options alphabetically
- docs: document OSTree file deduplication
- Add missing options to man page for containers-storage
- overlay: use the layer idmapping if present
- vfs: prefer layer custom idmappings
- layers: propagate down the idmapping settings
- Recreate symlink when not found
- docs: fix manpage for configuration file
- docs: add special handling for manpages in sect 5
- overlay: fix single-lower test
- Recreate symlink when not found
- overlay: propagate errors from mountProgram
- utils: root in a userns uses global conf file
- Fix handling of additional stores
- Correctly check permissions on rootless directory
- Fix possible integer overflow on 32bit builds
- Evaluate device path for lvm
- lockfile test: make concurrent RW test determinisitc
- lockfile test: make concurrent read tests deterministic
- drivers.DirCopy: fix filemode detection
- storage: move the logic to detect rootless into utils.go
- Don't set (struct flock).l_pid
- Improve documentation of getLockfile
- Rename getLockFile to createLockerForPath, and document it
- Add FILES section to containers-storage.5 man page
- add digest locks
- drivers/copy: add a non-cgo fallback

slirp4netns was updated to 0.3.0:

- CVE-2019-6778: Fixed a heap buffer overflow in tcp_emu() (bsc#1123156)

This update also includes:

- fuse3 and fuse-overlayfs to support rootless containers.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:2229-1
Released:    Wed Aug 28 07:58:29 2019
Summary:     Security update for slurm
Type:        security
Severity:    important
References:  1140709,CVE-2019-12838
This update for slurm to version 18.08.8 fixes the following issues:

Security issue fixed:

- CVE-2019-12838: Fixed a SQL injection in slurmdbd (bsc#1140709).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2249-1
Released:    Thu Aug 29 08:18:30 2019
Summary:     Recommended update for python-kiwi
Type:        recommended
Severity:    moderate
References:  1141168
This update for python-kiwi fixes the following issues:

- kiwi will no longer create an empty machine-id file in case it is not provided
  during the system installation (bsc#1141168)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2283-1
Released:    Wed Sep  4 13:41:47 2019
Summary:     Recommended update for google-compute-engine
Type:        recommended
Severity:    moderate
References:  1146172
This update for google-compute-engine fixes the following issues:

- Fix install location of NSS and PAM shared libraries (bsc#1146172)
- Switch RPM group for oslogin package from Hardware to System/Daemons

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:2291-1
Released:    Wed Sep  4 16:48:52 2019
Summary:     Security update for java-1_8_0-ibm
Type:        security
Severity:    important
References:  1122292,1122299,1141780,1141782,1141783,1141785,1141787,1141789,1147021,CVE-2018-11212,CVE-2019-11771,CVE-2019-11772,CVE-2019-11775,CVE-2019-2449,CVE-2019-2762,CVE-2019-2766,CVE-2019-2769,CVE-2019-2786,CVE-2019-2816,CVE-2019-4473,CVE-2019-7317
This update for java-1_8_0-ibm fixes the following issues:

Update to Java 8.0 Service Refresh 5 Fix Pack 40.

Security issues fixed:

- CVE-2019-11771: IBM Security Update July 2019 (bsc#1147021)
- CVE-2019-11772: IBM Security Update July 2019 (bsc#1147021)
- CVE-2019-11775: IBM Security Update July 2019 (bsc#1147021)
- CVE-2019-4473: IBM Security Update July 2019 (bsc#1147021)
- CVE-2019-7317: Fixed issue inside Component AWT (libpng)(bsc#1141780).
- CVE-2019-2769: Fixed issue inside Component Utilities (bsc#1141783).
- CVE-2019-2762: Fixed issue inside Component Utilities (bsc#1141782).
- CVE-2019-2816: Fixed issue inside Component Networking (bsc#1141785).
- CVE-2019-2766: Fixed issue inside Component Networking (bsc#1141789).
- CVE-2019-2786: Fixed issue inside Component Security (bsc#1141787).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2323-1
Released:    Fri Sep  6 09:19:52 2019
Summary:     Recommended update for pesign
Type:        recommended
Severity:    moderate
References:  1144441
This update for pesign contains the following fixes:

- Fix the build failure with NSS 3.44. (bsc#1144441)


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:2340-1
Released:    Tue Sep 10 09:31:35 2019
Summary:     Security update for skopeo
Type:        security
Severity:    important
References:  1144065,CVE-2019-10214
This update for skopeo fixes the following issues:

Security issues fixed:

- CVE-2019-10214: Fixed missing enforcement of TLS connections (bsc#1144065).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2344-1
Released:    Tue Sep 10 12:47:25 2019
Summary:     Recommended update for cloud-regionsrv-client
Type:        recommended
Severity:    important
References:  1148644,1149840
This update for cloud-regionsrv-client fixes the following issues:

- Fixes an issue where repositories where missing on a system (bsc#1148644, bsc#1149840)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:2348-1
Released:    Tue Sep 10 14:51:43 2019
Summary:     Security update for ghostscript
Type:        security
Severity:    moderate
References:  1144621,CVE-2019-10216
This update for ghostscript fixes the following issues:

Security issue fixed:

- CVE-2019-10216: Fix privilege escalation via specially crafted PostScript file (bsc#1144621).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2357-1
Released:    Wed Sep 11 13:26:14 2019
Summary:     Recommended update for lmdb
Type:        recommended
Severity:    moderate
References:  1136132
This update for lmdb fixes the following issues:

- Fix occasional crash when freed pages landed on the dirty list twice
  (bsc#1136132).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2362-1
Released:    Thu Sep 12 07:55:13 2019
Summary:     Recommended update for python-cairo
Type:        recommended
Severity:    moderate
References:  1142582
This update for python-cairo does not fix any visible issues to users.
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2378-1
Released:    Fri Sep 13 13:21:51 2019
Summary:     Recommended update for apache2-mod_nss
Type:        recommended
Severity:    moderate
References:  1150133
This update for apache2-mod_nss fixes the following issues:

- Use a stronger password in gencert to pass the stricter tests in
  FIPS mode (bsc#1150133)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:2435-1
Released:    Mon Sep 23 13:57:12 2019
Summary:     Security update for libopenmpt
Type:        security
Severity:    moderate
References:  1143578,1143581,1143582,1143584,CVE-2018-20860,CVE-2018-20861,CVE-2019-14382,CVE-2019-14383
This update for libopenmpt fixes the following issues:

Security issues fixed:

- CVE-2018-20861: Fixed crash with certain malformed custom tunings in MPTM files (bsc#1143578).
- CVE-2018-20860: Fixed crash with malformed MED files (bsc#1143581).
- CVE-2019-14383: Fixed J2B that allows an assertion failure during file parsing with debug STLs (bsc#1143584).
- CVE-2019-14382: Fixed DSM that allows an assertion failure during file parsing with debug STLs (bsc#1143582).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2443-1
Released:    Tue Sep 24 09:17:39 2019
Summary:     Recommended update for libcdio
Type:        recommended
Severity:    moderate
References:  1094761
This update for libcdio fixes the following issues:

- Fix warning when BigEndian and LittleEndian sizes do not match. (bsc#1094761)
- Fix that libcdio doesn't bail out when processing non-compliant ISO files.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:2460-1
Released:    Wed Sep 25 09:25:34 2019
Summary:     Security update for ghostscript
Type:        security
Severity:    important
References:  1129180,1129186,1134156,1140359,1146882,1146884,CVE-2019-12973,CVE-2019-14811,CVE-2019-14812,CVE-2019-14813,CVE-2019-14817,CVE-2019-3835,CVE-2019-3839
This update for ghostscript fixes the following issues:

Security issues fixed:

- CVE-2019-3835: Fixed an unauthorized file system access caused by an available superexec operator. (bsc#1129180)
- CVE-2019-3839: Fixed an unauthorized file system access caused by available privileged operators. (bsc#1134156)
- CVE-2019-12973: Fixed a denial-of-service vulnerability in the OpenJPEG function opj_t1_encode_cblks. (bsc#1140359)
- CVE-2019-14811: Fixed a safer mode bypass by .forceput exposure in .pdf_hook_DSC_Creator. (bsc#1146882)
- CVE-2019-14812: Fixed a safer mode bypass by .forceput exposure in setuserparams. (bsc#1146882)
- CVE-2019-14813: Fixed a safer mode bypass by .forceput exposure in setsystemparams. (bsc#1146882)
- CVE-2019-14817: Fixed a safer mode bypass by .forceput exposure in .pdfexectoken and other procedures. (bsc#1146884)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2466-1
Released:    Wed Sep 25 23:24:08 2019
Summary:     Recommended update for SAPHanaSR
Type:        recommended
Severity:    important
References:  1082974,1101373,1133024,1133866,1134106,1139715,1149829
This update for SAPHanaSR fixes the following issues:

- Fixes a bug where an attribute was not correctly set for remoteNode (bsc#1082974)
- Does no longer set attributes to prevent unlogged failovers because of empty or
  unknown attributes (bsc#1134106, bsc#1133024, bsc#1101373)
- Will now return $OCF_RUNNING_MASTER (8) instead of $OCF_SUCCESS (0) when probing
  a promoted node (bsc#1133866)
- Using crm-attributes written by a SAP HANA SR provider hook does improve the data
  integrity in special error conditions with multiple errors coming in a short
  time frame (bsc#1139715)
- Fix a typo in a condition statement that was breaking SAPHanaSR-monitor output. (bnc#1149829)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2477-1
Released:    Thu Sep 26 12:09:46 2019
Summary:     Recommended update for openwsman
Type:        recommended
Severity:    moderate
References:  1105331
This update for openwsman fixes the following issues:

- Adds CIM_NAMESPACE if it's not already present (bsc#1105331)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2482-1
Released:    Fri Sep 27 13:40:42 2019
Summary:     Recommended update for google-compute-engine
Type:        recommended
Severity:    important
References:  1150058
This update for google-compute-engine fixes the following issues:

- Fixes an issue where the implementation of Google Private Access over IPv6 was not
  complete and thus crashed the application (bsc#1150058)

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2019:2483-1
Released:    Fri Sep 27 14:16:23 2019
Summary:     Optional update for python3-google-api-python-client, python3-httplib2, python3-oauth2client, and python3-uritemplate.
Type:        optional
Severity:    low
References:  1088358
This update ships python3-google-api-python-client, python3-httplib2, python3-oauth2client, and python3-uritemplate
for the SUSE Linux Enterprise Public Cloud 15 module.
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2494-1
Released:    Mon Sep 30 16:22:20 2019
Summary:     Recommended update for cloud-init
Type:        recommended
Severity:    important
References:  1141969,1144363,1144881
This update for cloud-init provides the following fixes:

- Properly handle static routes. The EphemeralDHCP context manager did not parse or handle
  rfc3442 classless static routes which prevented reading datasource metadata in some
  clouds. (bsc#1141969)
- The __str__ implementation no longer delivers the name of the interface, use the 'name'
  attribute instead to form a proper path in the sysfs tree. (bsc#1144363)
- If no routes are set for a subnet but the subnet has a gateway specified, set the
  gateway as the default route for the interface. (bsc#1144881)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2495-1
Released:    Mon Sep 30 16:22:27 2019
Summary:     Recommended update for firewalld-rpcbind-helper
Type:        recommended
Severity:    moderate
References:  1146188
This update for firewalld-rpcbind-helper fixes the following issues:

- Fixes an error when running in python3 context and a port in `rpcinfo -p` is running
  neither as tcp nor in udp protocol (bsc#1146188)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:2512-1
Released:    Wed Oct  2 10:47:58 2019
Summary:     Security update for jasper
Type:        security
Severity:    moderate
References:  1117507,1117508,CVE-2018-19540,CVE-2018-19541
This update for jasper fixes the following issues:

Security issues fixed: 

- CVE-2018-19540: Fixed  a heap based overflow in jas_icctxtdesc_input (bsc#1117508).
- CVE-2018-19541: Fix heap based overread in jas_image_depalettize (bsc#1117507).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:2533-1
Released:    Thu Oct  3 15:02:50 2019
Summary:     Security update for sqlite3
Type:        security
Severity:    moderate
References:  1150137,CVE-2019-16168
This update for sqlite3 fixes the following issues:

Security issue fixed:

- CVE-2019-16168: Fixed improper validation of sqlite_stat1 field that could lead to denial of service (bsc#1150137).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:2561-1
Released:    Fri Oct  4 14:09:56 2019
Summary:     Security update for openssl-1_0_0
Type:        security
Severity:    moderate
References:  1131291,1150003,1150250,CVE-2019-1547,CVE-2019-1563
This update for openssl-1_0_0 fixes the following issues:

OpenSSL Security Advisory [10 September 2019]

* CVE-2019-1547: Added EC_GROUP_set_generator side channel attack avoidance. (bsc#1150003)
* CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key (bsc#1150250)

In addition fixed invalid curve attacks by validating that an EC point lies on the curve (bsc#1131291).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:2622-1
Released:    Wed Oct  9 15:23:35 2019
Summary:     Security update for libopenmpt
Type:        security
Severity:    important
References:  1153102,CVE-2019-17113
This update for libopenmpt to version 0.3.19 fixes the following issues:

- CVE-2019-17113: Fixed a buffer overflow in ModPlug_InstrumentName and ModPlug_SampleName (bsc#1153102).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2642-1
Released:    Fri Oct 11 17:10:51 2019
Summary:     Recommended update for python-kiwi
Type:        recommended
Severity:    important
References:  1112357,1124885,1127173,1129566,1132455,1136444,1142899,1143033,1149686
This update for python-kiwi fixes the following issues:

- Added --add-bootstrap-packages option (bsc#1149686)
- Avoids now the default installation of dracut kiwi modules (bsc#1142899, bsc#1136444)
- Add support for custom fstab script extension (bsc#1129566)
- Fixes an issue where python-kiwi crashed when the HOME directory is missing (bsc#1149686)
- New spare partition types have been added: (bsc#1129566)
  * spare_part_fs='fsname'
  * spare_part_mountpoint='/location'
  * spare_part_is_last='true|false'
- Preserve licenses/other txt files by baseStripFirmware (bsc#1132455
- Added support for fstab.patch file (bsc#1129566)
- Makes the bundler shasum file compatible with 'sha256sum --check' command (bsc#1127173)
- Fixes an issue when importing signing keys (bsc#1112357)
- Fixes an issue where grub2 didn't display UTF-8 characters properly (bsc#1124885)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:2657-1
Released:    Mon Oct 14 17:04:07 2019
Summary:     Security update for dhcp
Type:        security
Severity:    moderate
References:  1089524,1134078,1136572,CVE-2019-6470
This update for dhcp fixes the following issues:

Secuirty issue fixed:

- CVE-2019-6470: Fixed DHCPv6 server crashes (bsc#1134078).

Bug fixes:

- Add compile option --enable-secs-byteorder to avoid duplicate lease warnings (bsc#1089524).
- Use IPv6 when called as dhclient6, dhcpd6, and dhcrelay6 (bsc#1136572).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2675-1
Released:    Tue Oct 15 21:06:30 2019
Summary:     Recommended update for clone-master-clean-up
Type:        recommended
Severity:    moderate
References:  1139667,1149322
This update for clone-master-clean-up fixes the following issues:

- Bugfixes:

  * Deleted /var/lib/wicked/* files for cloning. If machines with identical
    settings exist in the same network multiple times, IP addresses may change with
    each renewal (bsc#1139667)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2681-1
Released:    Tue Oct 15 22:01:40 2019
Summary:     Recommended update for libdb-4_8
Type:        recommended
Severity:    moderate
References:  1148244
This update for libdb-4_8 fixes the following issues:

- Add off-page deadlock patch as found and documented by Red Hat.
  (bsc#1148244)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2693-1
Released:    Wed Oct 16 16:43:30 2019
Summary:     Recommended update for rpcbind
Type:        recommended
Severity:    moderate
References:  1142343
This update for rpcbind fixes the following issues:

- Return correct IP address with multiple ip addresses in the same
  subnet. (bsc#1142343)
  

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:2702-1
Released:    Wed Oct 16 18:41:30 2019
Summary:     Security update for gcc7
Type:        security
Severity:    moderate
References:  1071995,1141897,1142649,1148517,1149145,CVE-2019-14250,CVE-2019-15847
This update for gcc7 to r275405 fixes the following issues:

Security issues fixed:

- CVE-2019-14250: Fixed an integer overflow in binutils (bsc#1142649).
- CVE-2019-15847: Fixed an optimization in the POWER9 backend of gcc that could reduce the entropy of the random number generator (bsc#1149145).

Non-security issue fixed:

- Move Live Patching technology stack from kGraft to upstream klp (bsc#1071995, fate#323487).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2722-1
Released:    Mon Oct 21 11:14:20 2019
Summary:     Recommended update for pciutils-ids
Type:        recommended
Severity:    moderate
References:  1127840,1133581
This is a version update for pciutils-ids to version 20190830 (bsc#1133581, bsc#1127840)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:2730-1
Released:    Mon Oct 21 16:04:57 2019
Summary:     Security update for procps
Type:        security
Severity:    important
References:  1092100,1121753,CVE-2018-1122,CVE-2018-1123,CVE-2018-1124,CVE-2018-1125,CVE-2018-1126
This update for procps fixes the following issues:

procps was updated to 3.3.15. (bsc#1092100)

Following security issues were fixed:

- CVE-2018-1122: Prevent local privilege escalation in top. If a user ran top
  with HOME unset in an attacker-controlled directory, the attacker could have
  achieved privilege escalation by exploiting one of several vulnerabilities in
  the config_file() function (bsc#1092100).
- CVE-2018-1123: Prevent denial of service in ps via mmap buffer overflow.
  Inbuilt protection in ps maped a guard page at the end of the overflowed
  buffer, ensuring that the impact of this flaw is limited to a crash (temporary
  denial of service) (bsc#1092100).
- CVE-2018-1124: Prevent multiple integer overflows leading to a heap
  corruption in file2strvec function. This allowed a privilege escalation for a
  local attacker who can create entries in procfs by starting processes, which
  could result in crashes or arbitrary code execution in proc utilities run by
  other users (bsc#1092100).
- CVE-2018-1125: Prevent stack buffer overflow in pgrep. This vulnerability was
  mitigated by FORTIFY limiting the impact to a crash (bsc#1092100).
- CVE-2018-1126: Ensure correct integer size in proc/alloc.* to prevent
  truncation/integer overflow issues (bsc#1092100).


Also this non-security issue was fixed:

- Fix CPU summary showing old data. (bsc#1121753)

The update to 3.3.15 contains the following fixes:

* library: Increment to 8:0:1
  No removals, no new functions
  Changes: slab and pid structures
* library: Just check for SIGLOST and don't delete it
* library: Fix integer overflow and LPE in file2strvec   CVE-2018-1124
* library: Use size_t for alloc functions                CVE-2018-1126
* library: Increase comm size to 64
* pgrep: Fix stack-based buffer overflow                 CVE-2018-1125
* pgrep: Remove >15 warning as comm can be longer
* ps: Fix buffer overflow in output buffer, causing DOS  CVE-2018-1123
* ps: Increase command name selection field to 64
* top: Don't use cwd for location of config              CVE-2018-1122
* update translations
* library: build on non-glibc systems
* free: fix scaling on 32-bit systems
* Revert 'Support running with child namespaces'
* library: Increment to 7:0:1
  No changes, no removals
  New fuctions: numa_init, numa_max_node, numa_node_of_cpu, numa_uninit, xalloc_err_handler
* doc: Document I idle state in ps.1 and top.1
* free: fix some of the SI multiples
* kill: -l space between name parses correctly
* library: dont use vm_min_free on non Linux
* library: don't strip off wchan prefixes (ps & top)
* pgrep: warn about 15+ char name only if -f not used
* pgrep/pkill: only match in same namespace by default
* pidof: specify separator between pids
* pkill: Return 0 only if we can kill process
* pmap: fix duplicate output line under '-x' option
* ps: avoid eip/esp address truncations
* ps: recognizes SCHED_DEADLINE as valid CPU scheduler
* ps: display NUMA node under which a thread ran
* ps: Add seconds display for cputime and time
* ps: Add LUID field
* sysctl: Permit empty string for value
* sysctl: Don't segv when file not available
* sysctl: Read and write large buffers
* top: add config file support for XDG specification
* top: eliminated minor libnuma memory leak
* top: show fewer memory decimal places (configurable)
* top: provide command line switch for memory scaling
* top: provide command line switch for CPU States
* top: provides more accurate cpu usage at startup
* top: display NUMA node under which a thread ran
* top: fix argument parsing quirk resulting in SEGV
* top: delay interval accepts non-locale radix point
* top: address a wishlist man page NLS suggestion
* top: fix potential distortion in 'Mem' graph display
* top: provide proper multi-byte string handling
* top: startup defaults are fully customizable
* watch: define HOST_NAME_MAX where not defined
* vmstat: Fix alignment for disk partition format
* watch: Support ANSI 39,49 reset sequences

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2734-1
Released:    Tue Oct 22 11:00:58 2019
Summary:     Recommended update for tcsh
Type:        recommended
Severity:    moderate
References:  1151630
This update for tcsh fixes the following issues:

- Restore cleanup routines in case of an error (bsc#1151630)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:2737-1
Released:    Tue Oct 22 12:02:36 2019
Summary:     Security update for openconnect
Type:        security
Severity:    moderate
References:  1151178,CVE-2019-16239
This update for openconnect fixes the following issues:

- CVE-2019-16239: Fixed a buffer overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes. (bsc#1151178)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:2749-1
Released:    Wed Oct 23 09:08:41 2019
Summary:     Security update for sysstat
Type:        security
Severity:    moderate
References:  1150114,CVE-2019-16167
This update for sysstat fixes the following issue:

- CVE-2019-16167: Fixed a memory corruption due to an integer overflow. (bsc#1150114)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:2750-1
Released:    Wed Oct 23 09:22:42 2019
Summary:     Security update for zziplib
Type:        security
Severity:    moderate
References:  1107424,1129403,CVE-2018-16548
This update for zziplib fixes the following issues:

Security issue fixed:    
- CVE-2018-16548: Prevented memory leak from __zzip_parse_root_directory().  Free allocated structure if its address is not passed back. (bsc#1107424)

Other issue addressed:
    
- Prevented a division by zero (bsc#1129403).
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2762-1
Released:    Thu Oct 24 07:08:44 2019
Summary:     Recommended update for timezone
Type:        recommended
Severity:    moderate
References:  1150451
This update for timezone fixes the following issues:

- Fiji observes DST from 2019-11-10 to 2020-01-12.
- Norfolk Island starts observing Australian-style DST.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2763-1
Released:    Thu Oct 24 07:08:52 2019
Summary:     Recommended update for mysql-connector-cpp
Type:        recommended
Severity:    moderate
References:  1149792
This update for mysql-connector-cpp fixes the following issues:

- Add missing zlib build dependency, which used to be pulled in
  by libopenssl-devel. (bsc#1149792)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2766-1
Released:    Thu Oct 24 07:09:49 2019
Summary:     Recommended update for migrate-sles-to-sles4sap
Type:        recommended
Severity:    moderate
References:  1112548
This update for migrate-sles-to-sles4sap fixes the following issues:



- Fixed /etc/os-release issue after using migration script from SLES to SLES4SAP: (bsc#1112548)
  * Removed several hacks that aren't necessary anymore, due to changes in SUSEConnect
  * Bootloader change isn't necessary anymore as SLES will always be shown in GRUB2 
 regardless if SLES or SLES for SAP
  * removed hardcoded version dependencies to make the script version independent
  * added rollback in case of failed migration
  * added additional runtime warnings and infos for user
  * restructured code for cleaner readability
  * fixed ShellCheck issues
  * changed parsing for variables like VERSION and CPE from /etc/os-release to
 /etc/products.d/baseproduct, as /etc/os-release doesn't differ on SLES and SLES for SAP
  * Checks the SSL certificate of SMT and RMT servers.
  * Added user input to allow self-signed SSL certificates on SMT and RMT servers.
  * Fixed RMT registration issue.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2772-1
Released:    Thu Oct 24 13:55:37 2019
Summary:     Recommended update for lifecycle-data-sle-module-live-patching
Type:        recommended
Severity:    moderate
References:  1020320
This update for lifecycle-data-sle-module-live-patching fixes the following issues:

- Added data for 4_12_14-150_27, 4_12_14-150_32, 4_12_14-150_35,
  4_12_14-197_10, 4_12_14-197_15. (bsc#1020320)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2777-1
Released:    Thu Oct 24 16:13:20 2019
Summary:     Recommended update for fipscheck
Type:        recommended
Severity:    moderate
References:  1149792
This update for fipscheck fixes the following issues:

- Remove #include of unused fips.h to fix build with OpenSSL 1.1.1
  (bsc#1149792)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:2779-1
Released:    Thu Oct 24 16:57:42 2019
Summary:     Security update for binutils
Type:        security
Severity:    moderate
References:  1109412,1109413,1109414,1111996,1112534,1112535,1113247,1113252,1113255,1116827,1118644,1118830,1118831,1120640,1121034,1121035,1121056,1133131,1133232,1141913,1142772,1152590,1154016,1154025,CVE-2018-1000876,CVE-2018-17358,CVE-2018-17359,CVE-2018-17360,CVE-2018-17985,CVE-2018-18309,CVE-2018-18483,CVE-2018-18484,CVE-2018-18605,CVE-2018-18606,CVE-2018-18607,CVE-2018-19931,CVE-2018-19932,CVE-2018-20623,CVE-2018-20651,CVE-2018-20671,CVE-2018-6323,CVE-2018-6543,CVE-2018-6759,CVE-2018-6872,CVE-2018-7208,CVE-2018-7568,CVE-2018-7569,CVE-2018-7570,CVE-2018-7642,CVE-2018-7643,CVE-2018-8945,CVE-2019-1010180,ECO-368,SLE-6206
This update for binutils fixes the following issues:

binutils was updated to current 2.32 branch [jsc#ECO-368].

Includes following security fixes:

- CVE-2018-17358: Fixed invalid memory access in _bfd_stab_section_find_nearest_line in syms.c (bsc#1109412)
- CVE-2018-17359: Fixed invalid memory access exists in bfd_zalloc in opncls.c (bsc#1109413)
- CVE-2018-17360: Fixed heap-based buffer over-read in bfd_getl32 in libbfd.c (bsc#1109414)
- CVE-2018-17985: Fixed a stack consumption problem caused by the cplus_demangle_type (bsc#1116827)
- CVE-2018-18309: Fixed an invalid memory address dereference was discovered in read_reloc in reloc.c (bsc#1111996)
- CVE-2018-18483: Fixed get_count function provided by libiberty that allowed attackers to cause a denial of service or other unspecified impact (bsc#1112535)
- CVE-2018-18484: Fixed stack exhaustion in the C++ demangling functions provided by libiberty, caused by recursive stack frames (bsc#1112534)
- CVE-2018-18605: Fixed a heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup causing a denial of service (bsc#1113255)
- CVE-2018-18606: Fixed a NULL pointer dereference in _bfd_add_merge_section when attempting to merge sections with large alignments, causing denial of service (bsc#1113252)
- CVE-2018-18607: Fixed a NULL pointer dereference in elf_link_input_bfd when used for finding STT_TLS symbols without any TLS section, causing denial of service (bsc#1113247)
- CVE-2018-19931: Fixed a heap-based buffer overflow in bfd_elf32_swap_phdr_in in elfcode.h (bsc#1118831)
- CVE-2018-19932: Fixed an integer overflow and infinite loop caused by the IS_CONTAINED_BY_LMA (bsc#1118830)
- CVE-2018-20623: Fixed a use-after-free in the error function in elfcomm.c (bsc#1121035)
- CVE-2018-20651: Fixed a denial of service via a NULL pointer dereference in elf_link_add_object_symbols in elflink.c (bsc#1121034)
- CVE-2018-20671: Fixed an integer overflow that can trigger a heap-based buffer overflow in  load_specific_debug_section in objdump.c (bsc#1121056)
- CVE-2018-1000876: Fixed integer overflow in bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc in objdump (bsc#1120640)
- CVE-2019-1010180: Fixed an out of bound memory access that could lead to crashes (bsc#1142772)

- enable xtensa architecture (Tensilica lc6 and related)
- Use -ffat-lto-objects in order to provide assembly for static libs
  (bsc#1141913).
- Fixed some LTO build issues (bsc#1133131 bsc#1133232).
- riscv: Don't check ABI flags if no code section
- Fixed a segfault in ld when building some versions of pacemaker (bsc#1154025, bsc#1154016).
- Add avr, epiphany and rx to target_list so that the common binutils can handle all objects we can create with crosses (bsc#1152590).

Update to binutils 2.32:

* The binutils now support for the C-SKY processor series.
* The x86 assembler now supports a -mvexwig=[0|1] option to control
  encoding of VEX.W-ignored (WIG) VEX instructions.
  It also has a new -mx86-used-note=[yes|no] option to generate (or
  not) x86 GNU property notes.  
* The MIPS assembler now supports the Loongson EXTensions R2 (EXT2),
  the Loongson EXTensions (EXT) instructions, the Loongson Content
  Address Memory (CAM) ASE and the Loongson MultiMedia extensions
  Instructions (MMI) ASE.
* The addr2line, c++filt, nm and objdump tools now have a default
  limit on the maximum amount of recursion that is allowed whilst
  demangling strings.  This limit can be disabled if necessary.
* Objdump's --disassemble option can now take a parameter,
  specifying the starting symbol for disassembly.  Disassembly will
  continue from this symbol up to the next symbol or the end of the
  function.
* The BFD linker will now report property change in linker map file
  when merging GNU properties.
* The BFD linker's -t option now doesn't report members within
  archives, unless -t is given twice.  This makes it more useful
  when generating a list of files that should be packaged for a
  linker bug report.
* The GOLD linker has improved warning messages for relocations that
  refer to discarded sections.

- Improve relro support on s390 [fate#326356]
- Fix broken debug symbols (bsc#1118644)
- Handle ELF compressed header alignment correctly.


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:2786-1
Released:    Fri Oct 25 15:56:35 2019
Summary:     Security update for docker-runc
Type:        security
Severity:    moderate
References:  1152308,CVE-2019-16884
This update for docker-runc fixes the following issues:

- CVE-2019-16884: Fixed an LSM bypass via malicious Docker images that mount over a /proc directory. (bsc#1152308)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2790-1
Released:    Mon Oct 28 14:54:13 2019
Summary:     Recommended update for java-1_8_0-ibm
Type:        recommended
Severity:    moderate
References:  1143080
This update for java-1_8_0-ibm fixes the following issues:

Update to Java 8.0 Service Refresh 5 Fix Pack 41 [bsc#1143080]:

  * JIT compiler crash: Remove implicit sign extension assumptions
    from iRegStore evaluator (https://github.com/eclipse/omr/pull/4103)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2799-1
Released:    Mon Oct 28 17:11:16 2019
Summary:     Recommended update for tcsh
Type:        recommended
Severity:    important
References:  1153839,1154877
This update for tcsh fixes the following issues:

- Avoid breakage in sourcing standard system files (bsc#1153839)
- A regression has been fixed where glob expansion would not work properly. (bsc#1154877)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2806-1
Released:    Tue Oct 29 11:47:15 2019
Summary:     Recommended update for libspectre
Type:        recommended
Severity:    moderate
References:  1153337

This update for libspectre aligns the libspectre build with
the current ghostscript 9.27 release. (bsc#1153337)
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:2810-1
Released:    Tue Oct 29 14:56:44 2019
Summary:     Security update for runc
Type:        security
Severity:    moderate
References:  1131314,1131553,1152308,CVE-2019-16884
This update for runc fixes the following issues:

Security issue fixed:

- CVE-2019-16884: Fixed an LSM bypass via malicious Docker images that mount over a /proc directory. (bsc#1152308)

Non-security issues fixed:

- Includes upstreamed patches for regressions (bsc#1131314 bsc#1131553).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2811-1
Released:    Tue Oct 29 14:57:18 2019
Summary:     Recommended update for llvm7
Type:        recommended
Severity:    moderate
References:  1138457
This update for llvm7 doesn't address any user visible issues.
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2888-1
Released:    Mon Nov  4 17:33:58 2019
Summary:     Recommended update for neon
Type:        recommended
Severity:    low
References:  1149792
This update for neon provides the following fixes:

- Fix build with openssl 1.1.1. (bsc#1149792)
- Make sure the license gets installed properly.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:2891-1
Released:    Mon Nov  4 17:47:10 2019
Summary:     Security update for python-ecdsa
Type:        security
Severity:    moderate
References:  1153165,1154217,CVE-2019-14853,CVE-2019-14859
This update for python-ecdsa to version 0.13.3 fixes the following issues:

Security issues fixed:

- CVE-2019-14853: Fixed unexpected exceptions during signature decoding (bsc#1153165).
- CVE-2019-14859: Fixed a signature malleability caused by insufficient checks of DER encoding (bsc#1154217).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2908-1
Released:    Wed Nov  6 13:49:01 2019
Summary:     Recommended update for perl-Mail-SPF
Type:        recommended
Severity:    low
References:  1141089
This update for perl-Mail-SPF fixes the following issues:

- Sets the executable bit for the /usr/sbin/spfd binary (bsc#1141089)
- The license file is now located in the /usr/share/licenses directory of perl-Mail-SPF

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2929-1
Released:    Thu Nov  7 16:45:13 2019
Summary:     Recommended update for python-kubernetes
Type:        recommended
Severity:    moderate
References:  1151481
This update for python-kubernetes fixes the following issues:

- python-ipaddress is only required for building on Python2
  (on Python3 is part of the standard library)
- Backport fix for base64 padding in kubeconfig (bsc#1151481)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2933-1
Released:    Fri Nov  8 11:46:01 2019
Summary:     Recommended update for llvm7
Type:        recommended
Severity:    moderate
References:  1139584
This update for llvm7 fixes the following issues:

- Enable RTTI (run time type information) by built for LLVM. (bsc#1139584)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:2934-1
Released:    Fri Nov  8 13:17:50 2019
Summary:     Security update for apache2-mod_auth_openidc
Type:        security
Severity:    important
References:  1153666,CVE-2019-14857
This update for apache2-mod_auth_openidc fixes the following issues:

- CVE-2019-14857: Fixed an open redirect issue that exists in URLs with trailing slashes (bsc#1153666).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2978-1
Released:    Thu Nov 14 22:42:51 2019
Summary:     Recommended update for helm-mirror
Type:        recommended
Severity:    moderate
References:  1153244
This update for helm-mirror fixes the following issues:

- Getting charts now only downloads the altest versions of the charts. (bsc#1153244)
- The --all-versions flags allows to download all versions of the charts. (bsc#1153244)
- The flags --chart-name and --chart-version allow the user to only get the desired chart. (bsc#1153244)
- Fixes issue with go module when installing with `helm plugin install`. (bsc#1153244)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:2981-1
Released:    Fri Nov 15 10:46:06 2019
Summary:     Security update for ghostscript
Type:        security
Severity:    important
References:  1156275,CVE-2019-14869
This update for ghostscript fixes the following issues:

- CVE-2019-14869: Fixed a possible  dSAFER escape which could have allowed 
  an attacker to gain high privileges by a specially crafted Postscript 
  code (bsc#1156275).
 
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:2982-1
Released:    Fri Nov 15 10:46:21 2019
Summary:     Security update for enigmail
Type:        security
Severity:    moderate
References:  1141025,1151317
This update for enigmail fixes the following issues:

- SeaMonkey is no longer supported. Update description
  and no longer put in SeaMonkey addons path (bsc#1151317)

enigmail was updated 2.1.2:

* compatibility with Mozilla Thunderbird 68
* New simplified setup wizard
* Full support for keys.openpgp.org
* Default to ECC keys on GnuPG 2.1 or later
* Autocrypt: implemented key-gossip and updates to known keys

enimail was updated to 2.0.12:

* set the default keyserver to keys.openpgp.org in order to
  mitigate the SKS Keyserver Network Attack (bsc#1141025)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2993-1
Released:    Mon Nov 18 11:52:23 2019
Summary:     Recommended update for tftp
Type:        recommended
Severity:    moderate
References:  1153625
This update for tftp fixes the following issues:

- Add tftp.socket requirement to the service unit section. (bsc#1153625)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:2997-1
Released:    Mon Nov 18 15:16:38 2019
Summary:     Security update for ncurses
Type:        security
Severity:    moderate
References:  1103320,1154036,1154037,CVE-2019-17594,CVE-2019-17595
This update for ncurses fixes the following issues:

Security issues fixed:

- CVE-2019-17594: Fixed a heap-based buffer over-read in the _nc_find_entry function (bsc#1154036).
- CVE-2019-17595: Fixed a heap-based buffer over-read in the fmt_entry function (bsc#1154037).

Non-security issue fixed:

- Removed screen.xterm from terminfo database (bsc#1103320).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:2998-1
Released:    Mon Nov 18 15:17:23 2019
Summary:     Security update for java-11-openjdk
Type:        security
Severity:    important
References:  1152856,1154212,CVE-2019-2894,CVE-2019-2933,CVE-2019-2945,CVE-2019-2949,CVE-2019-2958,CVE-2019-2962,CVE-2019-2964,CVE-2019-2973,CVE-2019-2975,CVE-2019-2977,CVE-2019-2978,CVE-2019-2981,CVE-2019-2983,CVE-2019-2987,CVE-2019-2988,CVE-2019-2989,CVE-2019-2992,CVE-2019-2999
This update for java-11-openjdk to version jdk-11.0.5-10 fixes the following issues:

Security issues fixed (October 2019 CPU  bsc#1154212):	  

- CVE-2019-2933: Windows file handling redux
- CVE-2019-2945: Better socket support
- CVE-2019-2949: Better Kerberos ccache handling
- CVE-2019-2958: Build Better Processes
- CVE-2019-2964: Better support for patterns
- CVE-2019-2962: Better Glyph Images
- CVE-2019-2973: Better pattern compilation
- CVE-2019-2975: Unexpected exception in jjs
- CVE-2019-2978: Improved handling of jar files
- CVE-2019-2977: Improve String index handling
- CVE-2019-2981: Better Path supports
- CVE-2019-2983: Better serial attributes
- CVE-2019-2987: Better rendering of native glyphs
- CVE-2019-2988: Better Graphics2D drawing
- CVE-2019-2989: Improve TLS connection support
- CVE-2019-2992: Enhance font glyph mapping
- CVE-2019-2999: Commentary on Javadoc comments
- CVE-2019-2894: Enhance ECDSA operations (bsc#1152856).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:3008-1
Released:    Tue Nov 19 11:38:27 2019
Summary:     Recommended update for fwupdate
Type:        recommended
Severity:    moderate
References:  1152928
This update for fwupdate fixes the following issues:

- Add update to the linker script for AArch64 to match the one in
  gnu-efi. (bsc#1152928)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:3009-1
Released:    Tue Nov 19 18:10:39 2019
Summary:     Recommended update for cloud-regionsrv-client
Type:        recommended
Severity:    moderate
References:  1149528,1152567,1154533
This update for cloud-regionsrv-client fixes the following issues:

- Ignore exception if the new registration flag file does not exist but there is an attempt to remove it. (bsc#1149528)
- Include requirement for python3-six in specfile. (bsc#1152567)
- Adds support for repositories with different credentials files (bsc#1154533)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:3012-1
Released:    Tue Nov 19 18:11:26 2019
Summary:     Recommended update for brp-check-suse
Type:        recommended
Severity:    moderate
References:  1114695
This update for brp-check-suse fixes the following issues:

- Deal with libs where file outputs more text after 'not stripped'. (bsc#1114695)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:3018-1
Released:    Wed Nov 20 12:48:21 2019
Summary:     Recommended update for xkeyboard-config
Type:        recommended
Severity:    moderate
References:  1153774
This update for xkeyboard-config fixes the following issues:

- Fix capslock in Old Hungarian layout (bsc#1153774)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:3030-1
Released:    Thu Nov 21 19:11:25 2019
Summary:     Security update for cups
Type:        security
Severity:    important
References:  1146358,1146359,CVE-2019-8675,CVE-2019-8696
This update for cups fixes the following issues:
	  
- CVE-2019-8675: Fixed a stack buffer overflow in libcups's asn1_get_type function(bsc#1146358). 
- CVE-2019-8696: Fixed a stack buffer overflow in libcups's asn1_get_packed function (bsc#1146359).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:3053-1
Released:    Mon Nov 25 17:28:17 2019
Summary:     Security update for clamav
Type:        security
Severity:    moderate
References:  1144504,1149458,1151839,CVE-2019-12625,CVE-2019-12900
This update for clamav fixes the following issues:

Security issue fixed:

- CVE-2019-12625: Fixed a ZIP bomb issue by adding detection and heuristics for zips with overlapping files (bsc#1144504).
- CVE-2019-12900: Fixed an out-of-bounds write in decompress.c with many selectors (bsc#1149458).

Non-security issues fixed:

- Added the --max-scantime clamscan option and MaxScanTime clamd configuration option (bsc#1144504).
- Increased the startup timeout of clamd to 5 minutes to cater for the grown virus database as a workaround until clamd has learned to talk to systemd to extend the timeout as long as needed (bsc#1151839).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:3061-1
Released:    Mon Nov 25 17:34:22 2019
Summary:     Security update for gcc9
Type:        security
Severity:    moderate
References:  1114592,1135254,1141897,1142649,1142654,1148517,1149145,CVE-2019-14250,CVE-2019-15847,SLE-6533,SLE-6536


This update includes the GNU Compiler Collection 9.

A full changelog is provided by the GCC team on:

   https://www.gnu.org/software/gcc/gcc-9/changes.html


The base system compiler libraries libgcc_s1, libstdc++6 and others are
now built by the gcc 9 packages.

To use it, install 'gcc9' or 'gcc9-c++' or other compiler brands and use CC=gcc-9 /
CXX=g++-9 during configuration for using it.


Security issues fixed:

- CVE-2019-15847: Fixed a miscompilation in the POWER9 back end, that optimized multiple calls of the __builtin_darn intrinsic into a single call. (bsc#1149145)
- CVE-2019-14250: Fixed a heap overflow in the LTO linker. (bsc#1142649)

Non-security issues fixed:

- Split out libstdc++ pretty-printers into a separate package supplementing gdb and the installed runtime. (bsc#1135254)
- Fixed miscompilation for vector shift on s390. (bsc#1141897)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:3086-1
Released:    Thu Nov 28 10:02:24 2019
Summary:     Security update for libidn2
Type:        security
Severity:    moderate
References:  1154884,1154887,CVE-2019-12290,CVE-2019-18224
This update for libidn2 to version 2.2.0 fixes the following issues:

- CVE-2019-12290: Fixed an improper round-trip check when converting A-labels to U-labels (bsc#1154884).
- CVE-2019-18224: Fixed a heap-based buffer overflow that was caused by long domain strings (bsc#1154887).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:3096-1
Released:    Thu Nov 28 16:48:21 2019
Summary:     Security update for cloud-init
Type:        security
Severity:    moderate
References:  1099358,1129124,1136440,1142988,1144363,1151488,1154092,CVE-2019-0816
This update for cloud-init to version 19.2 fixes the following issues:

Security issue fixed:

- CVE-2019-0816: Fixed the unnecessary extra ssh keys that were added to authorized_keys (bsc#1129124).

Non-security issues fixed:

- Short circuit the conditional for identifying the sysconfig renderer (bsc#1154092, bsc#1142988).
- If /etc/resolv.conf is a symlink, break it. This will avoid netconfig from clobbering the changes cloud-init applied (bsc#1151488).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:3104-1
Released:    Fri Nov 29 06:47:08 2019
Summary:     Recommended update for sysstat
Type:        recommended
Severity:    moderate
References:  1144923,SLE-5958
This update for sysstat fixes the following issues:

- Enable log information of starting/stoping services. (bsc#1144923, jsc#SLE-5958)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:3170-1
Released:    Wed Dec  4 11:45:48 2019
Summary:     Recommended update for cjose
Type:        recommended
Severity:    moderate
References:  1149887
This update for cjose provides the following fix:

- Fix concatkdf failures on big endian architectures. (bsc#1149887)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:3173-1
Released:    Wed Dec  4 20:22:45 2019
Summary:     Recommended update for growpart, growpart-rootgrow
Type:        recommended
Severity:    moderate
References:  1154357,ECO-550
This update for growpart, growpart-rootgrow contains the following fixes:

growpart:

- Removed rootgrow sub-package as it is a standalone package now. (bsc#1154357, jsc#ECO-550)

growpart-rootgrow:

- Added growpart-rootgrow as a standalone package. (bsc#1154357, jsc#ECO-550)
- Bump from version 1.0.0 to 1.0.1:
 - Fixed binary location in service unit file.

  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:3176-1
Released:    Thu Dec  5 11:41:01 2019
Summary:     Security update for clamav
Type:        security
Severity:    important
References:  1157763,CVE-2019-15961
This update for clamav fixes the following issues:

- CVE-2019-15961: Fixed a denial of service which might occur when 
  scanning a specially crafted email file as (bsc#1157763).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:3195-1
Released:    Thu Dec  5 21:32:12 2019
Summary:     Recommended update for perl-DBD-mysql
Type:        recommended
Severity:    low
References:  1149792
This update for perl-DBD-mysql fixes the following issues:

- Fix the package build by adding the missing zlib-devel build dependency. It used to be
  pulled in by libopenssl-devel but has changed. (bsc#1149792)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:3205-1
Released:    Mon Dec  9 13:48:28 2019
Summary:     Recommended update for insserv-compat
Type:        recommended
Severity:    moderate
References:  1052837,1133306
This update for insserv-compat fixes the following issues:

- Fix handling of start parameters. (bsc#1133306)
- Remove unnecessary entry from configuration file. (bsc#1052837)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:3210-1
Released:    Tue Dec 10 08:54:15 2019
Summary:     Recommended update for rubygem-mail
Type:        recommended
Severity:    moderate
References:  1156721
This update for rubygem-mail fixes the following issues:

Compatibility fixes:
- Restore conversions for properly encoded non-binary emails.
- Gracefully parse certain invalid Content-Type headers. (rafbm)

Bug fixes:
- Fix transfer encoding when message encoding is blank. (bsc#1156721)
- Fix 7bit/base64 content transfer encoding mismatch. (bsc#1156721)
- Fix UTF-8 attachment filename quoting. (bsc#1156721)
- Fix 'delete_all' using a readonly IMAP connection. (bsc#1156721)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:3238-1
Released:    Tue Dec 10 10:21:59 2019
Summary:     Security update for java-1_8_0-openjdk
Type:        security
Severity:    important
References:  1138529,1152856,1154212,CVE-2019-2894,CVE-2019-2933,CVE-2019-2945,CVE-2019-2949,CVE-2019-2958,CVE-2019-2962,CVE-2019-2964,CVE-2019-2973,CVE-2019-2975,CVE-2019-2978,CVE-2019-2981,CVE-2019-2983,CVE-2019-2987,CVE-2019-2988,CVE-2019-2989,CVE-2019-2992,CVE-2019-2999
This update for java-1_8_0-openjdk (jdk8u232/icedtea 3.14.0) fixes the following issues:

Security issues fixed (bsc#1154212):

- CVE-2019-2933: Windows file handling redux
- CVE-2019-2945: Better socket support
- CVE-2019-2949: Better Kerberos ccache handling
- CVE-2019-2958: Build Better Processes
- CVE-2019-2964: Better support for patterns
- CVE-2019-2962: Better Glyph Images
- CVE-2019-2973: Better pattern compilation
- CVE-2019-2975: Unexpected exception in jjs
- CVE-2019-2978: Improved handling of jar files
- CVE-2019-2981: Better Path supports
- CVE-2019-2983: Better serial attributes
- CVE-2019-2987: Better rendering of native glyphs
- CVE-2019-2988: Better Graphics2D drawing
- CVE-2019-2989: Improve TLS connection support
- CVE-2019-2992: Enhance font glyph mapping
- CVE-2019-2999: Commentary on Javadoc comments
- CVE-2019-2894: Enhance ECDSA operations (bsc#1152856)

Bug fixes:

- Fixed build failuers on ARM (bsc#1138529).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:3245-1
Released:    Wed Dec 11 10:12:19 2019
Summary:     Recommended update for azure-li-services
Type:        recommended
Severity:    moderate
References:  1157040,1157041
This update for azure-li-services fixes the following issues:

- Bump version: 1.2.3 to 1.2.4

- Reference commit for SUSE maintenance
  This submission creates a reference to bsc#1157041

- Reference commit for SUSE maintenance
  This submission creates a reference to bsc#1157040

- Bump version: 1.2.2 to 1.2.3

- Right name for vli sp2 folder

- Add folder for SLES15 SP2 VLI images

- Fixed VLI package list for sle15
  cpp48 does not exist on sle15, instead the cpp package
  by its name provides is used. On sle15 this resolved to
  cpp7. This is related to Issue #186

- Bump version: 1.2.1 to 1.2.2

- Added Microsoft requested packages to VLI images
  This Fixes #186

- Add retry loop to setup sbd device
  There is no deterministic way to know when the iSCSI device
  is ready to be processed by sbd. Thus the calls to setup the
  sbd device has been placed into a retry loop that runs max
  3 times with a 2sec wait period in between. This Fixes #188

- Add directory for SLES15-SP2

- Saptune setup
  As pointed before, saptune supersedes sapconf.
  This is the right path to setup saptune.
  Update image descriptions not to install sapconf.
  This Fixes #185

- Update LI image versions
  For the refresh of the images in the SUSE namespace the version
  number has been increased

- Bump version: 1.2.0 to 1.2.1

- Right sequence saptune

  One of the issues is that `saptune` is a different tool that supersedes
  `sapconf`. Then the `saptune daemon restart` command will always
  overwrite the profile with `saptune`. Two different tools that can't be
  mixed. Only one should be used.
  In case of SLES (not SLES for SAP), the sequence should be
  For SLES 12
  ```
  tuned-adm profile sap-hana
  systemctl enable --now sapconf.service
  ```
  and for SLES15
  ```
  tuned-adm profile sapconf
  systemctl enable --now sapconf.service
  ```
  For SLES for SAP, the sequence is the same for 12 and 15:
  ```
  saptune daemon start
  saptune solution apply HANA
  ```
  This Fixes #172

- Bump version: 1.1.39 to 1.2.0

- Change the setup of the login shell
  The login shell was setup based on assumption regarding other
  user attributes set. This way caused some negative side effects
  which lets us change the behavior. This patch does the following
  * Adds a new attribute named: loginshell
  * If loginshell is present the value for loginshell will be used,
    if not the default /sbin/nologin applies
  * All implicit assumptions for setting up the login shell
    got deleted

    This Fixes #178

- sbd device to wait for udev to finish
  This Fixes #179

- Bump version: 1.1.38 to 1.1.39

- Consolidate all image descriptions in git
  Instead of maintaining image descriptions in obs we want to
  maintain them in git. With this change only a service and
  multibuild configuration applies in obs but the data to
  build the image will live in git. This allows for real
  development and review regarding changes to the kiwi image
  descriptions.

- Restart iscsi subsystem after device discovery
  Only after restart of the iscsi subsystem the device nodes
  from a previous device discovery gets created properly.
  This Fixes #170

- Bump version: 1.1.37 to 1.1.38

- Added more logging to the process
  Add a log file /var/log/azure-li-services.log which adds
  logging information from the service process. Usually error
  log information is present on the systemd level but for
  checking the process, it's calls and potential further information
  it's also useful to have a processing log file. The log file
  will be created on the host and gets also copied to the config
  lun in the same way as the systemd workload log

- Bump version: 1.1.36 to 1.1.37

- Delete ineffective startup.nsh code
  startup.nsh is read by the firmware in an early boot phase.
  It doesn't make sense to write that file as part of the boot
  services because it's too late in the process. startup.nsh
  if required needs to be provided by the image itself

- Extend storage service dependencies
  The storage service can be used for remote storage like NFS
  storage to be attached to the machine. This requires the network
  to be online. Having the network only configured is not enough
  it must also be online. Thus the storage service unit is extended
  to wait for the network-online.target

- Bump version: 1.1.35 to 1.1.36

- Fixed network setup for bonding on vlan
  vlan network definitions that uses bonding etherdevices
  were missing a switch to correctly assign the ip configuration
  This Fixes #164

- Bump version: 1.1.34 to 1.1.35

- Apply saptune startup sequence suggested by $MS
  Implementing startup sequence as suggested in SAP Note 1275776.
  This Fixes #149

- Log command calls on the console
  Implements a simple logging facility for the Command classes
  and write the commands called to the console. This will lead
  to more detailed information about the command calls in the
  systemd status information

- Load yaml in safe mode
  The default yaml loader is unsafe, thus we should switch
  to the safe_load method. For details see: https://msg.pyyaml.org/load

- Bump version: 1.1.33 to 1.1.34

- Start saptune daemon after applying profile
  For some reason the saptune daemon needs to restart if a
  profile has been set through the tuned-adm profile command.
  This Fixes #149

- Revert fix for service order of saptune daemon
  It has turned out that the simple change in order did
  not solve the problem. In fact the daemon needs to be
  restarted on profile setup

- Allow ssh access with shell
  Allow access through ssh without shadow hash and
  with shell.
  Fixes #151

- Bump version: 1.1.32 to 1.1.33

- Fix service order on startup of saptune daemon
  The tuned profile must be applied prior to the start of
  the saptune daemon. This Fixes #149

- Bump version: 1.1.31 to 1.1.32

- Fixed travis badge link

- Mount LUN in sync mode
  Per request from Microsoft the location that holds the
  config file and is also used for the status flag and
  log should be mounted with the sync option.
  This Fixes #144

- Activate SAP Hana profile via tuned-adm
  Check for the presence of the sap-hana profile and switch
  to sapconf if not found. Activate the selected profile via
  the tuned-adm control command. This Fixes #142
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:3298-1
Released:    Sat Dec 14 00:59:01 2019
Summary:     Recommended update for gnu-compilers-hpc
Type:        recommended
Severity:    moderate
References:  1149414,SLE-7765,SLE-7766
This update for gnu-compilers-hpc fixes the following issues:

- Add support for gcc7 and gcc8 variants of gnu-compilers-hpc (jsc#SLE-7766)
- For the base compiler add a 'Provides' for the versioned form.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:3301-1
Released:    Mon Dec 16 10:47:20 2019
Summary:     Recommended update for mariadb-connector-c
Type:        recommended
Severity:    moderate
References:  1156669
This update for mariadb-connector-c fixes the following issues:

New upstream version 3.1.5 (bsc#1156669)
  - Plugin dialog could not be loaded (wrong path)
  - Fix for unknown/not handled schannel error codes
  - Use windows crypto libraries on Windows platforms
  - Fix crash in GnuTLS when key and certificate are in the same file
  - Fix location of PLUGINDIR if Connector/C is a subproject


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:3327-1
Released:    Tue Dec 17 15:45:47 2019
Summary:     Recommended update for libtcnative-1-0
Type:        recommended
Severity:    moderate
References:  1130843,202339,622430
This update for libtcnative-1-0 fixes the following issues:

- Fix incompatibility with Tomcat. (bsc#1130843)
- Include 'libtcnative-1.so' in the main package. (bsc#622430)
- Enable 'jsvc' and 'apr/epoll' in Tomcat packages. (bsc#202339)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:3329-1
Released:    Tue Dec 17 15:46:18 2019
Summary:     Recommended update to python-tornado
Type:        recommended
Severity:    low
References:  1149792
- Add patch to skip tests failing with OpenSSL 1.1.1 (bsc#1149792)
  * it happens only when using TLS 1.3, so if user wants to use
    tornado, they can hand disable the TLS 1.3 and continue

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2019:3345-1
Released:    Thu Dec 19 15:02:29 2019
Summary:     Optional update for container-diff
Type:        optional
Severity:    low
References:  1148768,ECO-338
Added container-diff package to SUSE Linux Enterprise 15 Containers Module and SUSE Linux
Enterprise 15 SP1 Containers Module.
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:3348-1
Released:    Thu Dec 19 16:13:04 2019
Summary:     Security update for spectre-meltdown-checker
Type:        security
Severity:    moderate
References:  1117665,1139073,CVE-2018-12207,CVE-2019-11135
This update for spectre-meltdown-checker fixes the following issues:

  - feat: implement TAA detection (CVE-2019-11135 bsc#1139073)
  - feat: implement MCEPSC / iTLB Multihit detection (CVE-2018-12207 bsc#1117665)
  - feat: taa: add TSX_CTRL MSR detection in hardware info
  - feat: fwdb: use both Intel GitHub repo and MCEdb to build our firmware version database
  - feat: use --live with --kernel/--config/--map to override file detection in live mode
  - enh: rework the vuln logic of MDS with --paranoid (fixes #307)
  - enh: explain that Enhanced IBRS is better for performance than classic IBRS
  - enh: kernel: autodetect customized arch kernels from cmdline
  - enh: kernel decompression: better tolerance against missing tools
  - enh: mock: implement reading from /proc/cmdline
  - fix: variant3a: Silvermont CPUs are not vulnerable to variant 3a
  - fix: lockdown: detect Red Hat locked down kernels (impacts MSR writes)
  - fix: lockdown: detect locked down mode in vanilla 5.4+ kernels
  - fix: sgx: on locked down kernels, fallback to CPUID bit for detection
  - fix: fwdb: builtin version takes precedence if the local cached version is older
  - fix: pteinv: don't check kernel image if not available
  - fix: silence useless error from grep (fixes #322)
  - fix: msr: fix msr module detection under Ubuntu 19.10 (fixes #316)
  - fix: mocking value for read_msr
  - chore: rename mcedb cmdline parameters to fwdb, and change db version scheme
  - chore: fwdb: update to v130.20191104+i20191027
  - chore: add GitHub check workflow

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:3383-1
Released:    Mon Dec 23 16:55:01 2019
Summary:     Recommended update for google-compute-engine
Type:        recommended
Severity:    moderate
References:  1151398
This update for google-compute-engine the following fix:

- Add a wait limit to retrying DNS resolution to avoid a forever loop. (bsc#1151398)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:3391-1
Released:    Fri Dec 27 13:33:16 2019
Summary:     Security update for dia
Type:        security
Severity:    moderate
References:  1158194,CVE-2019-19451
This update for dia fixes the following issue:

- CVE-2019-19451: Fixed an endless loop on filenames with invalid encoding (bsc#1158194).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:3395-1
Released:    Mon Dec 30 14:05:06 2019
Summary:     Security update for mozilla-nspr, mozilla-nss
Type:        security
Severity:    moderate
References:  1141322,1158527,1159819,CVE-2018-18508,CVE-2019-11745,CVE-2019-17006
This update for mozilla-nspr, mozilla-nss fixes the following issues:

mozilla-nss was updated to NSS 3.47.1:

Security issues fixed:

- CVE-2019-17006: Added length checks for cryptographic primitives (bsc#1159819).
- CVE-2019-11745: EncryptUpdate should use maxout, not block size (bsc#1158527).
- CVE-2019-11727: Fixed vulnerability sign CertificateVerify with PKCS#1 v1.5 signatures issue (bsc#1141322).

mozilla-nspr was updated to version 4.23:

- Whitespace in C files was cleaned up and no longer uses tab characters for indenting.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:3400-1
Released:    Tue Dec 31 08:18:40 2019
Summary:     Recommended update for libsodium
Type:        recommended
Severity:    moderate
References:  1146257
This update for libsodium fixes the following issues:

- build libsodium23-32bit, which is required by zeromq's -32bit packages. (bsc#1146257)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1-1
Released:    Thu Jan  2 09:47:04 2020
Summary:     Security update for java-1_8_0-ibm
Type:        security
Severity:    moderate
References:  1154212,1158442,CVE-2019-17631,CVE-2019-2933,CVE-2019-2945,CVE-2019-2958,CVE-2019-2962,CVE-2019-2964,CVE-2019-2973,CVE-2019-2975,CVE-2019-2978,CVE-2019-2981,CVE-2019-2983,CVE-2019-2988,CVE-2019-2989,CVE-2019-2992,CVE-2019-2996,CVE-2019-2999
This update for java-1_8_0-ibm fixes the following issues:

- Update to Java 8.0 Service Refresh 6 [bsc#1158442, bsc#1154212]
  * Security fixes:
    CVE-2019-2933 CVE-2019-2945 CVE-2019-2958
    CVE-2019-2962 CVE-2019-2964 CVE-2019-2975
    CVE-2019-2978 CVE-2019-2983 CVE-2019-2988
    CVE-2019-2989 CVE-2019-2992 CVE-2019-2996
    CVE-2019-2999 CVE-2019-2973 CVE-2019-2981
    CVE-2019-17631

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:10-1
Released:    Thu Jan  2 12:35:06 2020
Summary:     Recommended update for gcc7
Type:        recommended
Severity:    moderate
References:  1146475
This update for gcc7 fixes the following issues:

- Fix miscompilation with thread-safe localstatic initialization (gcc#85887).
- Fix debug info created for array definitions that complete an earlier declaration (bsc#1146475).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:17-1
Released:    Tue Jan  7 11:19:17 2020
Summary:     Security update for virglrenderer
Type:        security
Severity:    important
References:  1159478,1159479,1159482,1159486,CVE-2019-18388,CVE-2019-18389,CVE-2019-18390,CVE-2019-18391
This update for virglrenderer fixes the following issues:

- CVE-2019-18388: Fixed a null pointer dereference which could have led 
   to denial of service (bsc#1159479).
- CVE-2019-18390: Fixed an out of bound read which could have led to 
  denial of service (bsc#1159478).
- CVE-2019-18389: Fixed a heap buffer overflow which could have led to 
  guest escape or denial of service (bsc#1159482).
- CVE-2019-18391: Fixed a heap based buffer overflow which could have led to 
  guest escape or denial of service (bsc#1159486).  

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:19-1
Released:    Tue Jan  7 11:28:10 2020
Summary:     Recommended update for lifecycle-data-sle-module-live-patching
Type:        recommended
Severity:    moderate
References:  1020320
This update for lifecycle-data-sle-module-live-patching fixes the following issues:

- Added data for 4_12_14-150_38, 4_12_14-150_41, 4_12_14-197_18,
  4_12_14-197_21, 4_12_14-197_26. (bsc#1020320)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:32-1
Released:    Tue Jan  7 16:09:04 2020
Summary:     Recommended update for rpmlint
Type:        recommended
Severity:    moderate
References:  1151418,1157663
This update for rpmlint contains the following fixes:

- Whitelist sssd infopipe. (bsc#1157663)
- Whitelist sysprof3 D-Bus services. (bsc#1151418)
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:35-1
Released:    Wed Jan  8 09:06:32 2020
Summary:     Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork
Type:        security
Severity:    moderate
References:  1122469,1143349,1150397,1152308,1153367,1158590,CVE-2019-16884
This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues:

Security issue fixed:

- CVE-2019-16884: Fixed incomplete patch for LSM bypass via malicious Docker image that mount over a /proc directory (bsc#1152308). 

Bug fixes:

- Update to Docker 19.03.5-ce (bsc#1158590).
- Update to Docker 19.03.3-ce (bsc#1153367).
- Update to Docker 19.03.2-ce (bsc#1150397).
- Fixed default installation such that --userns-remap=default works properly (bsc#1143349).
- Fixed nginx blocked by apparmor (bsc#1122469).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:37-1
Released:    Wed Jan  8 10:42:00 2020
Summary:     - Fix test getdate [bsc#1159990]
Type:        recommended
Severity:    low
References:  
- Fix test getdate [bsc#1159990]
- Add perl-TimeDate-getdate.patch
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:45-1
Released:    Wed Jan  8 14:56:48 2020
Summary:     Security update for git
Type:        security
Severity:    important
References:  1082023,1149792,1158785,1158787,1158788,1158789,1158790,1158791,1158792,1158793,1158795,CVE-2019-1348,CVE-2019-1349,CVE-2019-1350,CVE-2019-1351,CVE-2019-1352,CVE-2019-1353,CVE-2019-1354,CVE-2019-1387,CVE-2019-19604
This update for git fixes the following issues:

Security issues fixed:

- CVE-2019-1349: Fixed issue on Windows, when submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git directory twice (bsc#1158787).
- CVE-2019-19604: Fixed a recursive clone followed by a submodule update could execute code contained within the repository without the user explicitly having asked for that (bsc#1158795).
- CVE-2019-1387: Fixed recursive clones that are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones (bsc#1158793).
- CVE-2019-1354: Fixed issue on Windows that refuses to write tracked files with filenames that contain backslashes (bsc#1158792).
- CVE-2019-1353: Fixed issue when run in the Windows Subsystem for Linux while accessing a working directory on a regular Windows drive, none of the NTFS protections were active (bsc#1158791).
- CVE-2019-1352: Fixed issue on Windows was unaware of NTFS Alternate Data Streams (bsc#1158790).
- CVE-2019-1351: Fixed issue on Windows mistakes drive letters outside of the US-English alphabet as relative paths (bsc#1158789).
- CVE-2019-1350: Fixed incorrect quoting of command-line arguments allowed remote code execution during a recursive clone in conjunction with SSH URLs (bsc#1158788).
- CVE-2019-1348: Fixed the --export-marks option of fast-import is exposed also via  the in-stream command feature export-marks=... and it allows overwriting arbitrary paths (bsc#1158785).
- Fixes an issue where git send-email failed to authenticate with SMTP server (bsc#1082023)

Bug fixes:

- Add zlib dependency, which used to be provided by openssl-devel, so that package can compile successfully after openssl upgrade to 1.1.1. (bsc#1149792).

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2020:52-1
Released:    Thu Jan  9 10:09:11 2020
Summary:     Optional update for openslp
Type:        optional
Severity:    low
References:  1149792
This update for openslp doesn't fix any user visible bugs.
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:58-1
Released:    Thu Jan  9 13:29:49 2020
Summary:     Security update for LibreOffice
Type:        security
Severity:    moderate
References:  1061210,1105173,1144522,1152684,CVE-2019-9853,SLE-8705
This update libreoffice and libraries fixes the following issues:

LibreOffice was updated to 6.3.3 (jsc#SLE-8705), bringing many bug and stability fixes.

More information for the 6.3 release at: https://wiki.documentfoundation.org/ReleaseNotes/6.3

Security issue fixed: 

- CVE-2019-9853: Fixed an issue where by executing macros, the security settings 
  could have been bypassed (bsc#1152684).

Other issues addressed: 

- Dropped disable-kde4 switch, since it is no longer known by configure
- Disabled gtk2 because it will be removed in future releases 
- librelogo is now a standalone sub-package (bsc#1144522).
- Partial fixes for an issue where Table(s) from  DOCX showed wrong 
  position or color (bsc#1061210).


cmis-client was updated to 0.5.2:

 * Removed header for Uuid's sha1 header(bsc#1105173).
 * Fixed Google Drive login
 * Added support for Google Drive two-factor authentication
 * Fixed access to SharePoint root folder 
 * Limited the maximal number of redirections to 20 
 * Switched library implementation to C++11 (the API remains C++98-compatible)
 * Fixed encoding of OAuth2 credentials
 * Dropped cppcheck run from 'make check'. A new 'make cppcheck' target was created for it
 * Added proper API symbol exporting
 * Speeded up building of tests a bit
 * Fixed a few issues found by coverity and cppcheck


libixion was updated to 0.15.0:

 * Updated for new liborcus
 * Switched to spdlog for compile-time debug log outputs
 * Fixed various issues

libmwaw was updated 0.3.15:
 
 * Fixed fuzzing issues 

liborcus was updated to 0.15.3:

 * Fixed various xml related bugs
 * Improved performance
 * Fixed multiple parser issues 
 * Added map and structure mode to orcus-json
 * Other improvements and fixes

mdds was updated to 1.5.0:

 * API changed to 1.5
 * Moved the API incompatibility notes from README to the rst doc.
 * Added the overview section for flat_segment_tree.

myspell-dictionaries was updated to 20191016:

 * Updated Slovenian thesaurus
 * Updated the da_DK dictionary
 * Removed the abbreviations from Thai hunspell dictionary
 * Updated the English dictionaries
 * Fixed the logo management for 'ca'

spdlog was updated to 0.16.3: 

 * Fixed sleep issue under MSVC that happens when changing
   the clock backwards 
 * Ensured that macros always expand to expressions 
 * Added global flush_on function
 
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:64-1
Released:    Fri Jan 10 11:02:19 2020
Summary:     Security update for openssl-1_0_0
Type:        security
Severity:    moderate
References:  1158809,CVE-2019-1551
This update for openssl-1_0_0 fixes the following issues:

Security issue fixed:

- CVE-2019-1551: Fixed an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli (bsc#1158809).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:94-1
Released:    Tue Jan 14 12:28:26 2020
Summary:     Recommended update for icu
Type:        recommended
Severity:    important
References:  1103893,1146907
This update for icu fixes the following issues:

- Porting upstream's Japanese new era name support. (bsc#1103893, fate#325570, fate#325419)
- Remove old obsoletes/provides for migration from very old products, as they break our shared library policy. (bsc#1146907)
- IMPORTANT: Please force this update to install with 'zypper -f' to override the major version if you already installed the version 64.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:108-1
Released:    Wed Jan 15 14:19:08 2020
Summary:     Recommended update for ClusterTools2
Type:        recommended
Severity:    moderate
References:  1084925,1097134
This update for ClusterTools2 fixes the following issues:

- Replace cron jobs with systemd timers. (bsc#1097134, jsc#SLE-9199)
- Script refinement and first steps for an adaption to SLE15 codestream using 'shellcheck' to find and correct syntax problems, spelling errors and other problems.
- Added /etc/ClusterTools2/cs_make_sbd_devices avoiding stuck and exit in case of doing a dump. (bsc#1084925)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:109-1
Released:    Wed Jan 15 14:19:28 2020
Summary:     Recommended update for hawk2
Type:        recommended
Severity:    moderate
References:  1158681
This update for hawk2 fixes the following issues:

- Fix the 'acl_version' method when parsing the cib.xml avoid hanging of HAWK2 (bsc#1158681)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:119-1
Released:    Thu Jan 16 15:42:39 2020
Summary:     Recommended update for python-jsonpatch
Type:        recommended
Severity:    moderate
References:  1160978
This update for python-jsonpatch fixes the following issues:

- Drop jsondiff binary to avoid conflict with python-jsondiff package.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:122-1
Released:    Fri Jan 17 10:56:07 2020
Summary:     Recommended update for container-suseconnect
Type:        recommended
Severity:    moderate
References:  1138731,1154247,1157960
This update for container-suseconnect fixes the following issues:

- Fix usage with RMT and SMT. (bsc#1157960)
- Parse the /etc/products.d/*.prod files.
- Fix function comments based on best practices from Effective Go. (bsc#1138731)
- Implement interacting with SCC behind proxy and SMT. (bsc#1154247)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:125-1
Released:    Fri Jan 17 12:27:07 2020
Summary:     Recommended update for icu
Type:        recommended
Severity:    important
References:  1161007
This update for icu provides the following fix:

- Re-add the libicu provides to the spec file to fix installation of SAP HANA on SLE-15
  and SLE-15-SP1. (bsc#1161007)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:143-1
Released:    Mon Jan 20 16:10:38 2020
Summary:     Security update for libvpx
Type:        security
Severity:    important
References:  1160611,1160612,1160613,1160614,1160615,CVE-2019-2126,CVE-2019-9232,CVE-2019-9325,CVE-2019-9371,CVE-2019-9433
This update for libvpx fixes the following issues:

- CVE-2019-2126: Fixed a double free in ParseContentEncodingEntry() (bsc#1160611).
- CVE-2019-9325: Fixed an out-of-bounds read (bsc#1160612).
- CVE-2019-9232: Fixed an out-of-bounds memory access on fuzzed data (bsc#1160613).
- CVE-2019-9433: Fixed a use-after-free in vp8_deblock() (bsc#1160614).
- CVE-2019-9371: Fixed a resource exhaustion after memory leak (bsc#1160615).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:213-1
Released:    Wed Jan 22 15:38:15 2020
Summary:     Security update for java-11-openjdk
Type:        security
Severity:    important
References:  1160968,CVE-2020-2583,CVE-2020-2590,CVE-2020-2593,CVE-2020-2601,CVE-2020-2604,CVE-2020-2654,CVE-2020-2655
This update for java-11-openjdk fixes the following issues:

Update to version jdk-11.0.6-10 (January 2020 CPU, bsc#1160968)

Fixing these security related issues:

- CVE-2020-2583: Unlink Set of LinkedHashSets
- CVE-2020-2590: Improve Kerberos interop capabilities
- CVE-2020-2593: Normalize normalization for all
- CVE-2020-2601: Better Ticket Granting Services
- CVE-2020-2604: Better serial filter handling
- CVE-2020-2655: Better TLS messaging support
- CVE-2020-2654: Improve Object Identifier Processing

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:217-1
Released:    Thu Jan 23 07:50:32 2020
Summary:     Recommended update for perl-Crypt-SSLeay
Type:        recommended
Severity:    moderate
References:  1149792
This update for perl-Crypt-SSLeay fixes the following issues:

- Fix build not testing content of returned version strings
- Add missing zlib build dependency, which used to be pulled in by libopenssl-devel. (bsc#1149792)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:225-1
Released:    Fri Jan 24 06:49:07 2020
Summary:     Recommended update for procps
Type:        recommended
Severity:    moderate
References:  1158830
This update for procps fixes the following issues:

- Fix for 'ps -C' allowing to accept any arguments longer than 15 characters anymore. (bsc#1158830)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:231-1
Released:    Fri Jan 24 13:34:17 2020
Summary:     Security update for java-1_8_0-openjdk
Type:        security
Severity:    important
References:  1160968,CVE-2020-2583,CVE-2020-2590,CVE-2020-2593,CVE-2020-2601,CVE-2020-2604,CVE-2020-2654,CVE-2020-2659
This update for java-1_8_0-openjdk fixes the following issues:

Update java-1_8_0-openjdk to version jdk8u242 (icedtea 3.15.0) (January 2020 CPU, bsc#1160968):

- CVE-2020-2583: Unlink Set of LinkedHashSets
- CVE-2020-2590: Improve Kerberos interop capabilities
- CVE-2020-2593: Normalize normalization for all
- CVE-2020-2601: Better Ticket Granting Services
- CVE-2020-2604: Better serial filter handling
- CVE-2020-2659: Enhance datagram socket support
- CVE-2020-2654: Improve Object Identifier Processing

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:237-1
Released:    Mon Jan 27 10:15:16 2020
Summary:     Recommended update for saptune
Type:        recommended
Severity:    moderate
References:  1142467,1142526,1149002,1152598,1159671
This update for saptune fixes the following issues:

- Add function 'delete' and 'rename' to the 'note' operation to manipulate a customer or vendor specific note, with confirmation. (jsc#SLE-9283)
- Inform the customer that the command  'saptune note customise [NoteID]' does not apply changes immediately but writes the changes into a configuration file that can be applied in a second step. (bsc#1142467)
- Add warning to man page, not to rename/remove/modify active configurations. (bsc#1149002)
- Implement support of multi-queue I/O scheduler for block devices. (bsc#1152598)
- Add missing search pattern to the update helper script to find all old and superfluous notes during upgrade from SLE12 to SLE15. (bsc#1142526)  
- If a parameter is not supported by the system, the note action 'verify' will no longer report this as an error even if the value is not compliant. (bsc#1159671)
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:245-1
Released:    Tue Jan 28 09:42:30 2020
Summary:     Recommended update for cloud-init
Type:        recommended
Severity:    moderate
References:  1155376,1156139,1157894,1161132,1161133
This update for cloud-init fixes the following issues:

- Fixed an issue where it was not possible to add SSH keys and thus it was not possible to
  log into the system (bsc#1161132, bsc#1161133)
- Fixes an issue where the IPv6 interface variable was not correctly set in an ifcfg file (bsc#1156139)
- The route's destination network will now be written in CIDR notation. This provides support
  for correctly recording IPv6 routes (bsc#1155376)
- Many smaller fixes came with this package as well. For a full list of all changes, refer to the 
  rpm's changes file.
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:303-1
Released:    Mon Feb  3 15:11:40 2020
Summary:     Recommended update for perl-ldap
Type:        recommended
Severity:    moderate
References:  1158918
This update for perl-ldap fixes the following issues:

The package is added to the Basesystem module, as it is required by the YAST modules 'dhcp-server' and 'dns-server'. (bsc#1158918)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:314-1
Released:    Tue Feb  4 14:13:27 2020
Summary:     Recommended update for gssproxy
Type:        recommended
Severity:    moderate
References:  1024309
This update for gssproxy fixes the following issues:

- Fix paths in tests and replace python's f-string usage
- Initial check-in of gssproxy is needed on the NFS server if krb5 is used for NFS authentication using an AD directory server. (bsc#1024309)(FATE#322526)
- 'krb5' may need 'auth_to_local = RULE:[1:$1@$0]' on the 'realms' section when 'winbind' is used for nsswitch.conf. (bsc#1024309)(FATE#322526)

Also ding-libs was updated from 0.6.0 to 0.6.1 (jsc#ECO-248):

- libini now supports validators that check for well-formed INI files.


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:322-1
Released:    Wed Feb  5 09:02:56 2020
Summary:     Recommended update for terraform-provider-aws, terraform-provider-susepubliccloud
Type:        recommended
Severity:    moderate
References:  1162585
This update for terraform-provider-aws, terraform-provider-susepubliccloud fixes the following issues:

- terraform-provider-susepubliccloud was released in version 0.0.1 (bsc#1162585 jsc#ECO-134)
- terraform-provider-aws was released in v2.29.0 (bsc#1162585 jsc#ECO-134)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:336-1
Released:    Thu Feb  6 12:45:08 2020
Summary:     Recommended update for opus
Type:        recommended
Severity:    moderate
References:  1162395
This update for opus fixes the following issues:

- Fixes an issue with the analysis on files with digital silence (all zeros), especially
  on x87 builds (mostly affects 32-bit builds)
- Improved speech/music detection based on a neural network
- Low-bitrate speech improvements
- Added support for immersive audio using ambisonics
- Improved tone quality

This update also improves the security of this software.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:338-1
Released:    Thu Feb  6 13:00:23 2020
Summary:     Recommended update for apr
Type:        recommended
Severity:    moderate
References:  1151059
This update for apr fixes the following issues:


-  Increase timeout to fix random failure of testsuite [bsc#1151059].
 

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:343-1
Released:    Thu Feb  6 13:08:13 2020
Summary:     Recommended update for SAPHanaSR
Type:        recommended
Severity:    moderate
References:  1155423,1156067,1156150,1157453
This update for SAPHanaSR fixes the following issues:

- Restart sapstartsrv service on master nameserver node during monitor action, if needed. But NOT during probes. (bsc#1157453, bsc#1156150)
- The SAPHana resource agent must not down-score a SAP HANA Database site, but keep high scoring during recovery of the master name server. (bsc#1156067)
- Change HAWK2 templates to python3. (bsc#1155423)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:344-1
Released:    Thu Feb  6 13:08:33 2020
Summary:     Recommended update for python-kiwi
Type:        recommended
Severity:    moderate
References:  1139915,1150190,1155815,1156694,1156908,1157104,1157354,1159235,1159538
This update for python-kiwi fixes the following issues:

- Update libyui-ncurses-pkg10 to libyui-ncurses-pkg11 Tumbleweed there is no longer the libyui-ncurses-pkg10 its been superseded by libyui-ncurses-pkg11. (bsc#1159538)
- Fix grub2 configuration for shim fallback setup if shim fallback setup is enabled the grub.cfg is copied to the EFI partition. (bsc#1159235, bsc#1155815)
- No swap volume is added on btrfs as the volume manager is not LVM, so swap has its own volume. (bsc#1156908)
- Fixed setup of default grub config preventing grub2-mkconfig to place the root device information twice. (bsc#1156908)
- Include 'grub.cfg' inside the efi partition the vfat. (bsc#1157354)
- Fix for kiwi relative path in repository element. (bsc#1157104)
- Fixed 'zipl' bootloader setup for 's390' images. (bsc#1156694)
- Fix the sha256 generated file content in a 'kiwi result bundle' call includes the filename with the correct extension. (bsc#1139915)
- Fixed rpmdb compat link setup removing the hardcoded path '/var/lib/rpm' and use the rpm macro definition instead. (bsc#1150190)
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:359-1
Released:    Fri Feb  7 10:39:59 2020
Summary:     Security update for rubygem-rack
Type:        security
Severity:    moderate
References:  1114828,1116600,1159548,CVE-2018-16471,CVE-2019-16782
This update for rubygem-rack to version 2.0.8 fixes the following issues:

- CVE-2018-16471: Fixed a cross-site scripting (XSS) flaw via the scheme method on Rack::Request (bsc#1116600).
- CVE-2019-16782: Fixed a possible information leak and session hijack vulnerability (bsc#1159548).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:362-1
Released:    Fri Feb  7 11:14:20 2020
Summary:     Recommended update for libXi
Type:        recommended
Severity:    moderate
References:  1153311

This update for libXi fixes the following issue:

- The libXi6-32bit library on x86_64 are now shipped in the Basesystem module. (bsc#1153311)
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:365-1
Released:    Fri Feb  7 13:48:54 2020
Summary:     Recommended update for lmdb
Type:        recommended
Severity:    moderate
References:  1159086
This update for lmdb fixes the following issues:

- Fix assert in LMBD during 'mdb_page_search_root'. (bsc#1159086).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:375-1
Released:    Fri Feb  7 17:30:25 2020
Summary:     Security update for docker-runc
Type:        security
Severity:    moderate
References:  1160452,CVE-2019-19921
This update for docker-runc fixes the following issues:

- CVE-2019-19921: Fixed a volume mount race condition with shared mounts (bsc#1160452).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:392-1
Released:    Tue Feb 18 11:23:50 2020
Summary:     Recommended update for lifecycle-data-sle-module-live-patching
Type:        recommended
Severity:    moderate
References:  1020320
This update for lifecycle-data-sle-module-live-patching fixes the following issues:

- Removed duplicate records and added data for 4_12_14-150_47,
  4_12_14-197_29. (bsc#1020320)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:395-1
Released:    Tue Feb 18 14:16:48 2020
Summary:     Recommended update for gcc7
Type:        recommended
Severity:    moderate
References:  1160086

This update for gcc7 fixes the following issue:

- Fixed a miscompilation in zSeries code (bsc#1160086)

  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:398-1
Released:    Tue Feb 18 16:59:27 2020
Summary:     Recommended update for gnu-compilers-hpc
Type:        recommended
Severity:    moderate
References:  1160924
This update for gnu-compilers-hpc fixes the following issues:

- Added gcc9 flavors (jsc#SLE-8604 bsc#1160924)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:413-1
Released:    Wed Feb 19 10:21:41 2020
Summary:     Security update for enigmail
Type:        security
Severity:    moderate
References:  1159973
This update for enigmail fixes the following issues:

enigmail was updated to 2.1.5:

* Security issue: unsigned MIME parts displayed as signed (bsc#1159973)
* Ensure that upgrading GnuPG 2.0.x to 2.2.x upgrade converts keyring format
* Make Enigmail Compatible with Protected-Headers spec, draft 2

enigmail 2.1.4:

* Fixes for UI glitches
* Option to 'Attach public key to messages' was not restored properly

enigmail 2.1.3:

* fix a bug in the setup wizard that could lead the wizard to
  never complete scanning the inbox

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:31-1
Released:    Mon Feb 24 10:36:36 2020
Summary:     Recommended update for cloud-netconfig
Type:        recommended
Severity:    moderate
References:  1135592,1144282,1157117,1157190
This update for cloud-netconfig contains the following fixes:

- Removed obsolete Group tag from spec file.

- Update to version 1.3:
  + Fix IPv4 address handling on secondary NICs in Azure.

- Update to version 1.2:
  + support AWS IMDSv2 token.

- Update to version 1.1:
  + fix use of GATEWAY variable. (bsc#1157117, bsc#1157190)
  + remove secondary IPv4 address only when added by cloud-netconfig. (bsc#1144282)
  + simplify routing setup for single NIC systems (partly fixes bsc#1135592)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:440-1
Released:    Mon Feb 24 15:31:42 2020
Summary:     Security update for python-azure-agent
Type:        security
Severity:    moderate
References:  1127838,CVE-2019-0804
This update for python-azure-agent fixes the following issues:

python-azure-agent was updated to version 2.2.45 (jsc#ECO-80)

+ Add support for Gen2 VM resource disks
+ Use alternate systemd detection
+ Fix /proc/net/route requirement that causes errors on FreeBSD
+ Add cloud-init auto-detect to prevent multiple provisioning mechanisms
  from relying on configuration for coordination
+ Disable cgroups when daemon is setup incorrectly
+ Remove upgrade extension loop for the same goal state
+ Add container id for extension telemetry events
+ Be more exact when detecting IMDS service health
+ Changing add_event to start sending missing fields

From 2.2.44 update:

+ Remove outdated extension ZIP packages
+ Improved error handling when starting extensions using systemd
+ Reduce provisioning time of some custom images
+ Improve the handling of extension download errors
+ New API for extension authors to handle errors during extension update
+ Fix handling of errors in calls to openssl
+ Improve logic to determine current distro
+ Reduce verbosity of several logging statements

From 2.2.42 update:

+ Poll for artifact blob, addresses goal state procesing issue

From 2.2.41 update:

+ Rewriting the mechanism to start the extension using systemd-run for
  systems using systemd for managing
+ Refactoring of resource monitoring framework using cgroup for both
  systemd and non-systemd approaches [#1530, #1534]
+ Telemetry pipeline for resource monitoring data

From 2.2.40 update:

+ Fixed tracking of memory/cpu usage
+ Do not prevent extensions from running if setting up cgroups fails
+ Enable systemd-aware deprovisioning on all versions >= 18.04
+ Add systemd support for Debian Jessie, Stretch, and Buster
+ Support for Linux Openwrt

From 2.2.38 update:

Security issue fixed:
+ CVE-2019-0804: An issue with swapfile handling in the agent creates
  a data leak situation that exposes system memory data.  (bsc#1127838)
+ Add fixes for handling swap file and other nit fixes

From 2.2.37 update:
+ Improves re-try logic to handle errors while downloading extensions


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:453-1
Released:    Tue Feb 25 10:51:53 2020
Summary:     Recommended update for binutils
Type:        recommended
Severity:    moderate
References:  1160590
This update for binutils fixes the following issues:

- Recognize the official name of s390 arch13: 'z15'. (bsc#1160590, jsc#SLE-7903 aka jsc#SLE-7464)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:458-1
Released:    Tue Feb 25 11:01:37 2020
Summary:     Security update for libexif
Type:        security
Severity:    moderate
References:  1120943,1160770,CVE-2018-20030,CVE-2019-9278
This update for libexif fixes the following issues:

- CVE-2019-9278: Fixed an integer overflow (bsc#1160770).
- CVE-2018-20030: Fixed a denial of service by endless recursion (bsc#1120943).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:466-1
Released:    Tue Feb 25 11:59:19 2020
Summary:     Security update for java-1_8_0-ibm
Type:        security
Severity:    important
References:  1160968,1162972,CVE-2019-4732,CVE-2020-2583,CVE-2020-2593,CVE-2020-2604,CVE-2020-2659
This update for java-1_8_0-ibm fixes the following issues:

Java 8.0 was updated to Service Refresh 6 Fix Pack 5 (bsc#1162972, bsc#1160968)

- CVE-2020-2583: Unlink Set of LinkedHashSets
- CVE-2019-4732: Untrusted DLL search path vulnerability 
- CVE-2020-2593: Normalize normalization for all
- CVE-2020-2604: Better serial filter handling
- CVE-2020-2659: Enhance datagram socket support

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:481-1
Released:    Tue Feb 25 17:39:22 2020
Summary:     Recommended update for perl-TimeDate
Type:        recommended
Severity:    moderate
References:  1162433
This update for perl-TimeDate fixes the following issues:

- Fix for issues parsing date strings into time values correctly. (bsc#1162433)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:489-1
Released:    Wed Feb 26 11:44:03 2020
Summary:     Security update for ppp
Type:        security
Severity:    important
References:  1162610,CVE-2020-8597
This update for ppp fixes the following security issue:

- CVE-2020-8597: Fixed a buffer overflow in the eap_request and eap_response functions (bsc#1162610).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:498-1
Released:    Wed Feb 26 17:59:44 2020
Summary:     Recommended update for aws-cli, python-boto3, python-botocore, python-s3transfer, python-aws-sam-translator, python-cfn-lint, python-nose2, python-parameterized
Type:        recommended
Severity:    moderate
References:  1122669,1136184,1146853,1146854,1159018


This update for aws-cli, python-aws-sam-translator, python-cfn-lint, python-nose2, python-parameterized, python-boto3, python-botocore, python-s3transfer fixes the following issues:

python-aws-sam-translator was updated to 1.11.0 (bsc#1159018, jsc#PM-1507):

Upgrade to 1.11.0:

  * Add ReservedConcurrentExecutions to globals
  * Fix ElasticsearchHttpPostPolicy resource reference
  * Support using AWS::Region in Ref and Sub
  * Documentation and examples updates
  * Add VersionDescription property to Serverless::Function
  * Update ServerlessRepoReadWriteAccessPolicy
  * Add additional template validation

Upgrade to 1.10.0:

  * Add GSIs to DynamoDBReadPolicy and DynamoDBCrudPolicy
  * Add DynamoDBReconfigurePolicy
  * Add CostExplorerReadOnlyPolicy and OrganizationsListAccountsPolicy
  * Add EKSDescribePolicy
  * Add SESBulkTemplatedCrudPolicy
  * Add FilterLogEventsPolicy
  * Add SSMParameterReadPolicy
  * Add SESEmailTemplateCrudPolicy
  * Add s3:PutObjectAcl to S3CrudPolicy
  * Add allow_credentials CORS option
  * Add support for AccessLogSetting and CanarySetting Serverless::Api properties
  * Add support for X-Ray in Serverless::Api
  * Add support for MinimumCompressionSize in Serverless::Api
  * Add Auth to Serverless::Api globals
  * Remove trailing slashes from APIGW permissions
  * Add SNS FilterPolicy and an example application
  * Add Enabled property to Serverless::Function event sources
  * Add support for PermissionsBoundary in Serverless::Function
  * Fix boto3 client initialization
  * Add PublicAccessBlockConfiguration property to S3 bucket resource
  * Make PAY_PER_REQUEST default mode for Serverless::SimpleTable
  * Add limited support for resolving intrinsics in Serverless::LayerVersion
  * SAM now uses Flake8
  * Add example application for S3 Events written in Go
  * Updated several example applications

python-cfn-lint was added in version 0.21.4:

- Add upstream patch to fix EOL dates for lambda runtimes
- Add upstream patch to fix test_config_expand_paths test

- Rename to python-cfn-lint.  This package has a python API, which
  is required by python-moto.

Update to version 0.21.4:

  + Features
    * Include more resource types in W3037
  + CloudFormation Specifications
    * Add Resource Type `AWS::CDK::Metadata`
  + Fixes
    * Uncap requests dependency in setup.py
    * Check Join functions have lists in the correct sections
    * Pass a parameter value for AutoPublishAlias when doing a Transform
    * Show usage examples when displaying the help

Update to version 0.21.3

  + Fixes
    * Support dumping strings for datetime objects when doing a Transform

Update to version 0.21.2

  + CloudFormation Specifications
    * Update CloudFormation specs to 3.3.0
    * Update instance types from pricing API as of 2019.05.23

Update to version 0.21.1

  + Features
    * Add `Info` logging capability and set the default logging to `NotSet`
  + Fixes
    * Only do rule logging (start/stop/time) when the rule is going to be called
    * Update rule E1019 to allow `Fn::Transform` inside a `Fn::Sub`
    * Update rule W2001 to not break when `Fn::Transform` inside a `Fn::Sub`
    * Update rule E2503 to allow conditions to be used and to not default to `network` load balancer when an object is used for the Load Balancer type

Update to version 0.21.0

  + Features
    * New rule E3038 to check if a Serverless resource includes the appropriate Transform
    * New rule E2531 to validate a Lambda's runtime against the deprecated dates
    * New rule W2531 to validate a Lambda's runtime against the EOL dates
    * Update rule E2541 to include updates to Code Pipeline capabilities
    * Update rule E2503 to include checking of values for load balancer attributes
  + CloudFormation Specifications
    * Update CloudFormation specs to 3.2.0
    * Update instance types from pricing API as of 2019.05.20
  + Fixes
    * Include setuptools in setup.py requires

Update to version 0.20.3

  + CloudFormation Specifications
    * Update instance types from pricing API as of 2019.05.16
  + Fixes
    * Update E7001 to allow float/doubles for mapping values
    * Update W1020 to check pre-transformed Fn::Sub(s) to determine if a Sub is needed
    * Pin requests to be below or equal to 2.21.0 to prevent issues with botocore

Update to version 0.20.2

  + Features
    * Add support for List<String> Parameter types
  + CloudFormation Specifications
    * Add allowed values for AWS::EC2 EIP, FlowLog, CustomerGateway, DHCPOptions, EC2Fleet
    * Create new property type for Security Group IDs or Names
    * Add new Lambda runtime environment for NodeJs 10.x
    * Move AWS::ServiceDiscovery::Service Health checks from Only One to Exclusive
    * Update Glue Crawler Role to take an ARN or a name
    * Remove PrimitiveType from MaintenanceWindowTarget Targets
    * Add Min/Max values for Load Balancer Ports to be between 1-65535
  + Fixes
    * Include License file in the pypi package to help with downstream projects
    * Filter out dynamic references from rule E3031 and E3030
    * Convert Python linting and Code Coverage from Python 3.6 to 3.7

Update to version 0.20.1

  + Fixes
    * Update rule E8003 to support more functions inside a Fn::Equals

Update to version 0.20.0

  + Features
    * Allow a rule's exception to be defined in a resource's metadata
    * Add rule configuration capabilities
    * Update rule E3012 to allow for non strict property checking
    * Add rule E8003 to test Fn::Equals structure and syntax
    * Add rule E8004 to test Fn::And structure and syntax
    * Add rule E8005 to test Fn::Not structure and syntax
    * Add rule E8006 to test Fn::Or structure and syntax
    * Include Path to error in the JSON output
    * Update documentation to describe how to install cfn-lint from brew
  + CloudFormation Specifications
    * Update CloudFormation specs to version 3.0.0
    * Add new region ap-east-1
    * Add list min/max and string min/max for CloudWatch Alarm Actions
    * Add allowed values for EC2::LaunchTemplate
    * Add allowed values for EC2::Host
    * Update allowed values for Amazon MQ to include 5.15.9
    * Add AWS::Greengrass::ResourceDefinition to GreenGrass supported regions
    * Add AWS::EC2::VPCEndpointService to all regions
    * Update AWS::ECS::TaskDefinition ExecutionRoleArn to be a IAM Role ARN
    * Patch spec files for SSM MaintenanceWindow to look for Target and not Targets
    * Update ManagedPolicyArns list size to be 20 which is the hard limit.  10 is the soft limit.
  + Fixes
    * Fix rule E3033 to check the string size when the string is inside a list
    * Fix an issue in which AWS::NotificationARNs was not a list
    * Add AWS::EC2::Volume to rule W3010
    * Fix an issue with W2001 where SAM translate would remove the Ref to a parameter causing this error to falsely trigger
    * Fix rule W3010 to not error when the availability zone is 'all'

Update to version 0.19.1

  + Fixes
    * Fix core Condition processing to support direct Condition in another Condition
    * Fix the W2030 to check numbers against string allowed values

Update to version 0.19.0

  + Features
    * Add NS and PTR Route53 record checking to rule E3020
    * New rule E3050 to check if a Ref to IAM Role has a Role path of '/'
    * New rule E3037 to look for duplicates in a list that doesn't support duplicates
    * New rule I3037 to look for duplicates in a list when duplicates are allowed
  + CloudFormation Specifications
    * Add Min/Max values to AWS::ElasticLoadBalancingV2::TargetGroup HealthCheckTimeoutSeconds
    * Add Max JSON size to AWS::IAM::ManagedPolicy PolicyDocument
    * Add allowed values for AWS::EC2 SpotFleet, TransitGateway, NetworkAcl
      NetworkInterface, PlacementGroup, and Volume
    * Add Min/max values to AWS::Budgets::Budget.Notification Threshold
    * Update RDS Instance types by database engine and license definitions using the pricing API
    * Update AWS::CodeBuild::Project ServiceRole to support Role Name or ARN
    * Update AWS::ECS::Service Role to support Role Name or ARN
  + Fixes
    * Update E3025 to support the new structure of data in the RDS instance type json
    * Update E2540 to remove all nested conditions from the object
    * Update E3030 to not do strict type checking
    * Update E3020 to support conditions nested in the record sets
    * Update E3008 to better handle CloudFormation sub stacks with different GetAtt formats

Update to version 0.18.1

  + CloudFormation Specifications
    * Update CloudFormation Specs to 2.30.0
    * Fix IAM Regex Path to support more character types
    * Update AWS::Batch::ComputeEnvironment.ComputeResources InstanceRole to reference an
      InstanceProfile or GetAtt the InstanceProfile Arn
    * Allow VPC IDs to Ref a Parameter of type String
  + Fixes
    * Fix E3502 to check the size of the property instead of the parent object

Update to version 0.18.0

  + Features
    * New rule E3032 to check the size of lists
    * New rule E3502 to check JSON Object Size using definitions in the spec file
    * New rule E3033 to test the minimum and maximum length of a string
    * New rule E3034 to validate the min and max of a number
    * Remove Ebs Iops check from E2504 and use rule E3034 instead
    * Remove rule E2509 and use rule E3033 instead
    * Remove rule E2508 as it replaced by E3032 and E3502
    * Update rule E2503 to check that there are at least two 2 Subnets or SubnetMappings for ALBs
    * SAM requirement upped to minimal version of 1.10.0
  + CloudFormation Specifications
    * Extend specs to include:
      > `ListMin` and `ListMax` for the minimum and maximum size of a list
      > `JsonMax` to check the max size of a JSON Object
      > `StringMin` and `StringMax` to check the minimum and maximum length of a String
      > `NumberMin` and `NumberMax` to check the minimum and maximum value of a Number, Float, Long
    * Update State and ExecutionRoleArn to be required on AWS::DLM::LifecyclePolicy
    * Add AllowedValues for PerformanceInsightsRetentionPeriod for AWS::RDS::Instance
    * Add AllowedValues for the AWS::GuardDuty Resources
    * Add AllowedValues for AWS::EC2 VPC and VPN Resources
    * Switch IAM Instance Profiles for certain resources to the type that only takes the name
    * Add regex pattern for IAM Instance Profile when a name (not Arn) is used
    * Add regex pattern for IAM Paths
    * Add Regex pattern for IAM Role Arn
    * Update OnlyOne spec to require require at least one of Subnets or SubnetMappings with ELB v2
  + Fixes
    * Fix serverless transform to use DefinitionBody when Auth is in the API definition
    * Fix rule W2030 to not error when checking SSM or List Parameters

Update to version 0.17.1

  + Features
    * Update rule E2503 to make sure NLBs don't have a Security Group configured
  + CloudFormation Specifications
    * Add all the allowed values of the `AWS::Glue` Resources
    * Update OnlyOne check for `AWS::CloudWatch::Alarm` to only `MetricName` or `Metrics`
    * Update Exclusive check for `AWS::CloudWatch::Alarm` for properties mixed with `Metrics` and `Statistic`
    * Update CloudFormation specs to 2.29.0
    * Fix type with MariaDB in the AllowedValues
    * Update pricing information for data available on 2018.3.29
  + Fixes
    * Fix rule E1029 to not look for a sub is needed when looking for iot strings in policies
    * Fix rule E2541 to allow for ActionId Versions of length 1-9 and meets regex `[0-9A-Za-z_-]+`
    * Fix rule E2532 to allow for `Parameters` inside a `Pass` action
    * Fix an issue when getting the location of an error in which numbers are causing an attribute error

Update to version 0.17.0

  + Features
    * Add new rule E3026 to validate Redis cluster settings including AutomaticFailoverEnabled and NumCacheClusters.  Status: Released
    * Add new rule W3037 to validate IAM resource policies.  Status: Experimental
    * Add new parameter `-e/--include-experimental` to allow for new rules in that aren't ready to be fully released
  + CloudFormation Specifications
    * Update Spec files to 2.28.0
    * Add all the allowed values of the AWS::Redshift::* Resources
    * Add all the allowed values of the AWS::Neptune::* Resources
    * Patch spec to make AWS::CloudFront::Distribution.LambdaFunctionAssociation.LambdaFunctionARN required
    * Patch spec to make AWS::DynamoDB::Table AttributeDefinitions required
  + Fixes
    * Remove extra blank lines when there is no errors in the output
    * Add exception to rule E1029 to have exceptions for EMR CloudWatchAlarmDefinition
    * Update rule E1029 to allow for literals in a Sub
    * Remove sub checks from rule E3031 as it won't match in all cases of an allowed pattern regex check
    * Correct typos for errors in rule W1001
    * Switch from parsing a template as Yaml to Json when finding an escape character
    * Fix an issue with SAM related to transforming templates with Serverless Application and Lambda Layers
    * Fix an issue with rule E2541 when non strings were used for Stage Names

Update to version 0.16.0

  + Features
    * Add rule E3031 to look for regex patterns based on the patched spec file
    * Remove regex checks from rule E2509
    * Add parameter `ignore-templates` to allow the ignoring of templates when doing bulk linting
  + CloudFormation Specifications
    * Update Spec files to 2.26.0
    * Add all the allowed values of the AWS::DirectoryService::* Resources
    * Add all the allowed values of the AWS::DynamoDB::* Resources
    * Added AWS::Route53Resolver resources to the Spec Patches of ap-southeast-2
    * Patch the spec file with regex patterns
    * Add all the allowed values of the AWS::DocDb::* Resources
  + Fixes
    * Update rule E2504 to have '20000' as the max value
    * Update rule E1016 to not allow ImportValue inside of Conditions
    * Update rule E2508 to check conditions when providing limit checks on managed policies
    * Convert unicode to strings when in Py 3.4/3.5 and updating specs
    * Convert from `awslabs` to `aws-cloudformation` organization
    * Remove suppression of logging that was removed from samtranslator >1.7.0 and incompatibility with
      samtranslator 1.10.0

Update to version 0.15.0

  + Features
    * Add scaffolding for arbitrary Match attributes, adding attributes for Type checks
    * Add rule E3024 to validate that ProvisionedThroughput is not specified with BillingMode PAY_PER_REQUEST
  + CloudFormation Specifications
    * Update Spec files to 2.24.0
    * Update OnlyOne spec to have BlockDeviceMapping to include NoDevice with Ebs and VirtualName
    * Add all the allowed values of the AWS::CloudFront::* Resources
    * Add all the allowed values of the AWS::DAX::* Resources
  + Fixes
    * Update config parsing to use the builtin Yaml decoder
    * Add condition support for Inclusive E2521, Exclusive E2520, and AtLeastOne E2522 rules
    * Update rule E1029 to better check Resource strings inside IAM Policies
    * Improve the line/column information of a Match with array support

Update to version 0.14.1

  + CloudFormation Specifications
    * Update CloudFormation Specs to version 2.23.0
    * Add allowed values for AWS::Config::* resources
    * Add allowed values for AWS::ServiceDiscovery::* resources
    * Fix allowed values for Apache MQ
  + Fixes
    * Update rule E3008 to not error when using a list from a custom resource
    * Support simple types in the CloudFormation spec
    * Add tests for the formatters

Update to version 0.14.0

  + Features
    * Add rule E3035 to check the values of DeletionPolicy
    * Add rule E3036 to check the values of UpdateReplacePolicy
    * Add rule E2014 to check that there are no REFs in the Parameter section
    * Update rule E2503 to support TLS on NLBs
  + CloudFormation Specifications
    * Update CloudFormation spec to version 2.22.0
    * Add allowed values for AWS::Cognito::* resources
  + Fixes
    * Update rule E3002 to allow GetAtts to Custom Resources under a Condition

Update to version 0.13.2

  + Features
    * Introducing the cfn-lint logo!
    * Update SAM dependency version
  + Fixes
    * Fix CloudWatchAlarmComparisonOperator allowed values.
    * Fix typo resoruce_type_spec in several files
    * Better support for nested And, Or, and Not when processing Conditions

Update to version 0.13.1

  + CloudFormation Specifications
    * Add allowed values for AWS::CloudTrail::Trail resources
    * Patch spec to have AWS::CodePipeline::CustomActionType Version included
  + Fixes
    * Fix conditions logic to use AllowedValues when REFing a Parameter that has AllowedValues specified

Update to version 0.13.0

  + Features
    * New rule W1011 to check if a FindInMap is using the correct map name and keys
    * New rule W1001 to check if a Ref/GetAtt to a resource that exists when Conditions are used
    * Removed logic in E1011 and moved it to W1011 for validating keys
    * Add property relationships for AWS::ApplicationAutoScaling::ScalingPolicy into Inclusive, Exclusive, and AtLeastOne
    * Update rule E2505 to check the netmask bit
    * Include the ability to update the CloudFormation Specs using the Pricing API
  + CloudFormation Specifications
    * Update to version 2.21.0
    * Add allowed values for AWS::Budgets::Budget
    * Add allowed values for AWS::CertificateManager resources
    * Add allowed values for AWS::CodePipeline resources
    * Add allowed values for AWS::CodeCommit resources
    * Add allowed values for EC2 InstanceTypes from pricing API
    * Add allowed values for RedShift InstanceTypes from pricing API
    * Add allowed values for MQ InstanceTypes from pricing API
    * Add allowed values for RDS InstanceTypes from pricing API
  + Fixes
    * Fixed README indentation issue with .pre-commit-config.yaml
    * Fixed rule E2541 to allow for multiple inputs/outputs in a CodeBuild task
    * Fixed rule E3020 to allow for a period or no period at the end of a ACM registration record
    * Update rule E3001 to support UpdateReplacePolicy
    * Fix a cli issue where `--template` wouldn't be used when a .cfnlintrc was in the same folder
    * Update rule E3002 and E1024 to support packaging of AWS::Lambda::LayerVersion content

- Initial build
  + Version 0.12.1

Update to 0.9.1

 * the prof plugin now uses cProfile instead of hotshot for profiling
 * skipped tests now include the user's reason in junit XML's message field
 * the prettyassert plugin mishandled multi-line function definitions
 * Using a plugin's CLI flag when the plugin is already enabled via config
   no longer errors
 * nose2.plugins.prettyassert, enabled with --pretty-assert
 * Cleanup code for EOLed python versions
 * Dropped support for distutils.
 * Result reporter respects failure status set by other plugins
 * JUnit XML plugin now includes the skip reason in its output

Upgrade to 0.8.0:

- List of changes is too long to show here, see
  https://github.com/nose-devs/nose2/blob/master/docs/changelog.rst
  changes between 0.6.5 and 0.8.0

Update to 0.7.0:

* Added parameterized_class feature, for parameterizing entire test
  classes (many thanks to @TobyLL for their suggestions and help testing!)
* Fix DeprecationWarning on `inspect.getargs` (thanks @brettdh;
  https://github.com/wolever/parameterized/issues/67)
* Make sure that `setUp` and `tearDown` methods work correctly (#40)
* Raise a ValueError when input is empty (thanks @danielbradburn;
  https://github.com/wolever/parameterized/pull/48)
* Fix the order when number of cases exceeds 10 (thanks @ntflc;
  https://github.com/wolever/parameterized/pull/49)



aws-cli was updated to version 1.16.223:

For detailed changes see the changes entries:

  https://github.com/aws/aws-cli/blob/1.16.223/CHANGELOG.rst
  https://github.com/aws/aws-cli/blob/1.16.189/CHANGELOG.rst
  https://github.com/aws/aws-cli/blob/1.16.182/CHANGELOG.rst
  https://github.com/aws/aws-cli/blob/1.16.176/CHANGELOG.rst
  https://github.com/aws/aws-cli/blob/1.16.103/CHANGELOG.rst
  https://github.com/aws/aws-cli/blob/1.16.94/CHANGELOG.rst
  https://github.com/aws/aws-cli/blob/1.16.84/CHANGELOG.rst

python-boto3 was updated to 1.9.213, python-botocore was updated to 1.9.188, and python-s3transfer was updated to 1.12.74, fixing
lots of bugs and adding features (bsc#1146853, bsc#1146854)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:521-1
Released:    Thu Feb 27 18:08:56 2020
Summary:     Recommended update for c-ares
Type:        recommended
Severity:    moderate
References:  1125306,1159006
This update for c-ares fixes the following issues:

c-ares version update to 1.15.0:

* Add ares_init_options() configurability for path to resolv.conf file
* Ability to exclude building of tools (adig, ahost, acountry) in CMake
* Report ARES_ENOTFOUND for .onion domain names as per RFC7686
  (bsc#1125306)
* Apply the IPv6 server blacklist to all nameserver sources
* Prevent changing name servers while queries are outstanding
* ares_set_servers_csv() on failure should not leave channel in a
  bad state
* getaddrinfo - avoid infinite loop in case of NXDOMAIN
* ares_getenv - return NULL in all cases
* implement ares_getaddrinfo

- Fixed a regression in DNS results that contain both A and AAAA answers.
- Add netcfg as the build requirement and runtime requirement.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:525-1
Released:    Fri Feb 28 11:49:36 2020
Summary:     Recommended update for pam
Type:        recommended
Severity:    moderate
References:  1164562
This update for pam fixes the following issues:

- Add libdb as build-time dependency to enable pam_userdb module.
  Enable pam_userdb.so (jsc#sle-7258, bsc#1164562)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:556-1
Released:    Mon Mar  2 13:32:14 2020
Summary:     Recommended update for 389-ds
Type:        recommended
Severity:    moderate
References:  1155951
This update for 389-ds to version 1.4.2.2 fixes the following issues:

389-ds was updated to 1.4.2.6 (fate#326677, bsc#1155951), bringing many bug and stability fixes.

Issue addressed:

- Enabled python lib389 installer tooling to match upstream and
  suse documentation.
  
More information for this release at: https://directory.fedoraproject.org/docs/389ds/releases/release-1-4-2-1.html

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:562-1
Released:    Mon Mar  2 17:37:15 2020
Summary:     Recommended update for mariadb-connector-c
Type:        recommended
Severity:    moderate
References:  1162388
This update for mariadb-connector-c fixes the following issues:

New upstream version 3.1.7 (bsc#1162388)
- TLS/SSL: when the client doesn't provide a CA file and the option
  ssl_verify_server_cert was set, the peer certificate will be 
  validated against the system CA.
- ERROR 2026 (HY000): SSL connection error due to Certificate 
  signature check failed
- Provide error code and message for SChannel errors
- SEC_E_INVALID_TOKEN when server sends large message during 
  SSL handshake

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:567-1
Released:    Tue Mar  3 10:46:37 2020
Summary:     Recommended update for sendmail
Type:        recommended
Severity:    moderate
References:  1164084
This update for sendmail fixes the following issues:

- If sendmail tried to reuse an SMTP session which had already been closed by the server, then the connection cache could have invalid information about the session, possibly STARTTLS was not used even if it was offered. (bsc#1164084)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:575-1
Released:    Tue Mar  3 14:51:50 2020
Summary:     Recommended update for hfst-ospell
Type:        recommended
Severity:    moderate
References:  1164440
This update for hfst-ospell fixes the following issue:

- Fix the build with new ICU 65 (bsc#1164440)
  The fix is required for building the package on SLE-15-SP2 after
  upgrading to the new International Components for Unicode (ICU) 65

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:591-1
Released:    Thu Mar  5 12:33:06 2020
Summary:     Recommended update for libfreehand
Type:        recommended
Severity:    moderate
References:  1164434
This update for libfreehand fixes the following issue:

- Solve build errors with International Components for Unicode (ICU) 65.1: (bsc#1164434)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:593-1
Released:    Thu Mar  5 13:25:06 2020
Summary:     Recommended update for umoci
Type:        recommended
Severity:    moderate
References:  1165161
This update for umoci fixes the following issues:

Update to umoci v0.4.4:

* Added full-stack verification of blob hashes and descriptors for all
  operations (improving our hardening against bad images).
* For details, see CHANGELOG.md in the package.

Update to umoci v0.4.3:

* Added --no-history to all commands with --history.* flags.
  Should only be used for umoci-config(1).
* Added `umoci insert --tag` to allow non-destructive modifications.
* For details, see packaged /usr/share/doc/packages/umoci/CHANGELOG.md.

Update to umoci v0.4.2:

* umoci now has an exposed Go API
* Added `umoci unpack --keep-dirlinks`
* `umoci insert` now supports whiteouts two ways.
* For details, see CHANGELOG.md in the package.

Update to umoci v0.4.1.

* Support more tags (the valid set of characters in tags has expanded).
* Add 'umoci insert' and 'umoci raw unpack'.
* 'umoci unpack' correctly handles out-of-order whiteouts now.
* 'umoci unpack' and 'umoci repack' make sure of a more optimised gzip
  implementation now -- in some benchmarks 'umoci repack' can have a speedup
  of up to 3x.
* For details, see CHANGELOG.md in the package.

Update to umoci v0.4.0:

+ `umoci repack` now supports `--refresh-bundle` which will update the
  OCI bundle's metadata (mtree and umoci-specific manifests) after packing
  the image tag. This means that the bundle can be used as a base layer for
  future diffs without needing to unpack the image again.
  openSUSE/umoci#196
+ Added a website, and reworked the documentation to be better structured.
  You can visit the website at [`umo.ci`][umo.ci]. openSUSE/umoci#188
+ Added support for the `user.rootlesscontainers` specification, which
  allows for persistent on-disk emulation of `chown(2)` inside rootless
  containers. This implementation is interoperable with [@AkihiroSuda's
  `PRoot` fork][as-proot-fork] (though we do not test its interoperability
  at the moment) as both tools use [the same protobuf
  specification][rootlesscontainers-proto]. openSUSE/umoci#227
+ `umoci unpack` now has support for opaque whiteouts (whiteouts which
  remove all children of a directory in the lower layer), though `umoci
  repack` does not currently have support for generating them. While this
  is technically a spec requirement, through testing we've never
  encountered an actual user of these whiteouts. openSUSE/umoci#224
  openSUSE/umoci#229
+ `umoci unpack` will now use some rootless tricks inside user namespaces
  for operations that are known to fail (such as `mknod(2)`) while other
  operations will be carried out as normal (such as `lchown(2)`). It should
  be noted that the `/proc/self/uid_map` checking we do can be tricked into
  not detecting user namespaces, but you would need to be trying to break
  it on purpose. openSUSE/umoci#171 openSUSE/umoci#230
* Fix a bug in our 'parent directory restore' code, which is responsible
  for ensuring that the mtime and other similar properties of a directory
  are not modified by extraction inside said directory. The bug would
  manifest as xattrs not being restored properly in certain edge-cases
  (which we incidentally hit in a test-case). openSUSE/umoci#161
  openSUSE/umoci#162
* `umoci unpack` will now 'clean up' the bundle generated if an error
  occurs during unpacking. Previously this didn't happen, which made
  cleaning up the responsibility of the caller (which was quite difficult
  if you were unprivileged). This is a breaking change, but is in the error
  path so it's not critical. openSUSE/umoci#174 openSUSE/umoci#187
* `umoci gc` now will no longer remove unknown files and directories that
  aren't `flock(2)`ed, thus ensuring that any possible OCI image-spec
  extensions or other users of an image being operated on will no longer
  break. openSUSE/umoci#198
* `umoci unpack --rootless` will now correctly handle regular file
  unpacking when overwriting a file that `umoci` doesn't have write access
  to. In addition, the semantics of pre-existing hardlinks to a clobbered
  file are clarified (the hard-links will not refer to the new layer's
  inode). openSUSE/umoci#222 openSUSE/umoci#223
  [as-proot-fork]: https://github.com/AkihiroSuda/runrootless
  [rootlesscontainers-proto]: https://rootlesscontaine.rs/proto/rootlesscontainers.proto
  [umo.ci]: https://umo.ci/

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:624-1
Released:    Tue Mar 10 10:39:09 2020
Summary:     Recommended update for python-PyNaCl
Type:        recommended
Severity:    important
References:  1161557
This update for python-PyNaCl fixes the following issues:

- Add python-dkimpy as the python-PyNaCl requires that. (SLE-7686, bsc#1161557)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:627-1
Released:    Tue Mar 10 12:27:48 2020
Summary:     Recommended update for osc
Type:        recommended
Severity:    important
References:  1136584,1137477,1154972,1155953,1156501
This update for osc fixes the following issues:

- Fix for 'vc' option '--file=foo bar.changes' now writes the content from foo into bar.changes instead of creating a new file. (bsc#1155953)
- Fix local build outside of the working copy of a package. (bsc#1136584)
- Enable not to enforce password reuse. (bsc#1156501)
- New password handling backend supporting password stores like 'plaintext', 'obfuscated', 'python-keyring' (kwallet, secret store), 'gnome-keyring' or not storing at all. (bsc#1154972)
- Fix for using non-UTF8 characters in labels. (bsc#1137477)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:637-1
Released:    Wed Mar 11 11:29:56 2020
Summary:     Recommended update for cloud-netconfig
Type:        recommended
Severity:    moderate
References:  1162705,1162707
This update for cloud-netconfig fixes the following issues:

- Copy routes from the default routing table. (bsc#1162705, bsc#1162707)
  On multi-NIC systems, cloud-netconfig creates separate routing tables with
  different default routes, so packets get routed via the network interfaces
  associated with the source IP address. Systems may have additional routing
  in place and in that case cloud-netconfig's NIC specific routing may
  bypass those routes.

- Make the key CLOUD_NETCONFIG_MANAGE enable by default.
  Any network interface that has been configured automatically via
  cloud-netconfig has a configuration file associated. If the value is set
  to 'NO' (or the pair is removed altogether), cloud-netconfig will not
  handle secondary IPv4 addresses and routing policies for the associated
  network interface.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:655-1
Released:    Thu Mar 12 13:17:03 2020
Summary:     Recommended update for growpart
Type:        recommended
Severity:    moderate
References:  1164736
This update for growpart fixes the following issues:

- Operation system disk is not automatically resized beyond 2TB on Azure hosts. (bsc#1164736)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:657-1
Released:    Thu Mar 12 15:06:48 2020
Summary:     Recommended update for cloud-regionsrv-client
Type:        recommended
Severity:    moderate
References:  1158664
This update for cloud-regionsrv-client contains the following fixes:

- Update to version 9.0.8:
  + Properly handle IPv6 addresses in URLs

- Update to version 9.0.7:
  + Fix crash with a stack trace if no current_smt is present. (bsc#1158664)
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:689-1
Released:    Fri Mar 13 17:09:01 2020
Summary:     Recommended update for pam
Type:        recommended
Severity:    moderate
References:  1166510

This update for PAM fixes the following issue:

- The license of libdb linked against pam_userdb is not always wanted,
  so we temporary disabled pam_userdb again. It will be published
  in a different package at a later time. (bsc#1166510)
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:690-1
Released:    Fri Mar 13 17:09:28 2020
Summary:     Recommended update for suse-build-key
Type:        recommended
Severity:    moderate
References:  1166334
This update for suse-build-key fixes the following issues:

- created a new security@suse.de communication key (bsc#1166334)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:697-1
Released:    Mon Mar 16 13:17:10 2020
Summary:     Security update for cni, cni-plugins, conmon, fuse-overlayfs, podman
Type:        security
Severity:    moderate
References:  1155217,1160460,1164390,CVE-2019-18466
This update for cni, cni-plugins, conmon, fuse-overlayfs, podman fixes the following issues:

podman was updated to 1.8.0:

- CVE-2019-18466: Fixed a bug where podman cp would improperly copy files on the
  host when copying a symlink in the container that included a
  glob operator (#3829 bsc#1155217)

- The name of the cni-bridge in the default config changed from
  'cni0' to 'podman-cni0' with podman-1.6.0. Add a %trigger to
  rename the bridge in the system to the new default if it exists.
  The trigger is only excuted when updating podman-cni-config 
  from something older than 1.6.0. This is mainly needed for SLE
  where we're updating from 1.4.4 to 1.8.0 (bsc#1160460).

Update podman to v1.8.0 (bsc#1160460):

* Features

  - The podman system service command has been added, providing a
    preview of Podman's new Docker-compatible API. This API is
    still very new, and not yet ready for production use, but is
    available for early testing
  - Rootless Podman now uses Rootlesskit for port forwarding,
    which should greatly improve performance and capabilities
  - The podman untag command has been added to remove tags from
    images without deleting them
  - The podman inspect command on images now displays previous
    names they used
  - The podman generate systemd command now supports a --new
    option to generate service files that create and run new
    containers instead of managing existing containers
  - Support for --log-opt tag= to set logging tags has been added
    to the journald log driver
  - Added support for using Seccomp profiles embedded in images
    for podman run and podman create via the new --seccomp-policy
      CLI flag
  - The podman play kube command now honors pull policy

* Bugfixes

  - Fixed a bug where the podman cp command would not copy the
    contents of directories when paths ending in /. were given
  - Fixed a bug where the podman play kube command did not
    properly locate Seccomp profiles specified relative to
    localhost
  - Fixed a bug where the podman info command for remote Podman
    did not show registry information
  - Fixed a bug where the podman exec command did not support
    having input piped into it
  - Fixed a bug where the podman cp command with rootless Podman
    on CGroups v2 systems did not properly determine if the
    container could be paused while copying
  - Fixed a bug where the podman container prune --force command
    could possible remove running containers if they were started
    while the command was running 
  - Fixed a bug where Podman, when run as root, would not
    properly configure slirp4netns networking when requested
  - Fixed a bug where podman run --userns=keep-id did not work
    when the user had a UID over 65535
  - Fixed a bug where rootless podman run and podman create with
    the --userns=keep-id option could change permissions on
    /run/user/$UID and break KDE
  - Fixed a bug where rootless Podman could not be run in a
    systemd service on systems using CGroups v2
  - Fixed a bug where podman inspect would show CPUShares as 0,
    instead of the default (1024), when it was not explicitly set
  - Fixed a bug where podman-remote push would segfault
  - Fixed a bug where image healthchecks were not shown in the
    output of podman inspect
  - Fixed a bug where named volumes created with containers from
    pre-1.6.3 releases of Podman would be autoremoved with their
    containers if the --rm flag was given, even if they were
    given names
  - Fixed a bug where podman history was not computing image
    sizes correctly
  - Fixed a bug where Podman would not error on invalid values to
    the --sort flag to podman images
  - Fixed a bug where providing a name for the image made by
    podman commit was mandatory, not optional as it should be
  - Fixed a bug where the remote Podman client would append an
    extra ' to %PATH
  - Fixed a bug where the podman build command would sometimes
    ignore the -f option and build the wrong Containerfile
  - Fixed a bug where the podman ps --filter command would only
    filter running containers, instead of all containers, if
    --all was not passed
  - Fixed a bug where the podman load command on compressed
    images would leave an extra copy on disk
  - Fixed a bug where the podman restart command would not
    properly clean up the network, causing it to function
    differently from podman stop; podman start
  - Fixed a bug where setting the --memory-swap flag to podman
    create and podman run to -1 (to indicate unlimited) was not
    supported

* Misc

  - Initial work on version 2 of the Podman remote API has been
    merged, but is still in an alpha state and not ready for use.
    Read more here
  - Many formatting corrections have been made to the manpages
  - The changes to address (#5009) may cause anonymous volumes
    created by Podman versions 1.6.3 to 1.7.0 to not be removed
    when their container is removed
  - Updated vendored Buildah to v1.13.1
  - Updated vendored containers/storage to v1.15.8
  - Updated vendored containers/image to v5.2.0

- Add apparmor-abstractions as required runtime dependency to
  have `tunables/global` available.

- fixed the --force flag for the 'container prune' command.
  (https://github.com/containers/libpod/issues/4844)

Update podman to v1.7.0

* Features

  - Added support for setting a static MAC address for containers
  - Added support for creating macvlan networks with podman
    network create, allowing Podman containers to be attached
    directly to networks the host is connected to
  - The podman image prune and podman container prune commands
    now support the --filter flag to filter what will be pruned,
    and now prompts for confirmation when run without --force
    (#4410 and #4411)
  - Podman now creates CGroup namespaces by default on systems
    using CGroups v2 (#4363)
  - Added the podman system reset command to remove all Podman
    files and perform a factory reset of the Podman installation
  - Added the --history flag to podman images to display previous
    names used by images (#4566)
  - Added the --ignore flag to podman rm and podman stop to not
    error when requested containers no longer exist
  - Added the --cidfile flag to podman rm and podman stop to read
    the IDs of containers to be removed or stopped from a file
  - The podman play kube command now honors Seccomp annotations
    (#3111)
  - The podman play kube command now honors RunAsUser,
    RunAsGroup, and selinuxOptions
  - The output format of the podman version command has been
    changed to better match docker version when using the
    --format flag
  - Rootless Podman will no longer initialize containers/storage
    twice, removing a potential deadlock preventing Podman
    commands from running while an image was being pulled (#4591)
  - Added tmpcopyup and notmpcopyup options to the --tmpfs and
    --mount type=tmpfs flags to podman create and podman run to
    control whether the content of directories are copied into
    tmpfs filesystems mounted over them
  - Added support for disabling detaching from containers by
    setting empty detach keys via --detach-keys=''
  - The podman build command now supports the --pull and
    --pull-never flags to control when images are pulled during a
    build
  - The podman ps -p command now shows the name of the pod as
    well as its ID (#4703)
  - The podman inspect command on containers will now display the
    command used to create the container
  - The podman info command now displays information on registry
    mirrors (#4553)

* Bugfixes

  - Fixed a bug where Podman would use an incorrect runtime
    directory as root, causing state to be deleted after root
    logged out and making Podman in systemd services not function
    properly
  - Fixed a bug where the --change flag to podman import and
    podman commit was not being parsed properly in many cases
  - Fixed a bug where detach keys specified in libpod.conf were
    not used by the podman attach and podman exec commands, which
    always used the global default ctrl-p,ctrl-q key combination
    (#4556)
  - Fixed a bug where rootless Podman was not able to run podman
    pod stats even on CGroups v2 enabled systems (#4634)
  - Fixed a bug where rootless Podman would fail on kernels
    without the renameat2 syscall (#4570)
  - Fixed a bug where containers with chained network namespace
    dependencies (IE, container A using --net container=B and
    container B using --net container=C) would not properly mount
    /etc/hosts and /etc/resolv.conf into the container (#4626)
  - Fixed a bug where podman run with the --rm flag and without
    -d could, when run in the background, throw a 'container does
    not exist' error when attempting to remove the container
    after it exited
  - Fixed a bug where named volume locks were not properly
    reacquired after a reboot, potentially leading to deadlocks
    when trying to start containers using the volume (#4605 and
    #4621)
  - Fixed a bug where Podman could not completely remove
    containers if sent SIGKILL during removal, leaving the
    container name unusable without the podman rm --storage
    command to complete removal (#3906)
  - Fixed a bug where checkpointing containers started with --rm
    was allowed when --export was not specified (the container,
    and checkpoint, would be removed after checkpointing was
    complete by --rm) (#3774)
  - Fixed a bug where the podman pod prune command would fail if
    containers were present in the pods and the --force flag was
    not passed (#4346)
  - Fixed a bug where containers could not set a static IP or
    static MAC address if they joined a non-default CNI network
    (#4500)
  - Fixed a bug where podman system renumber would always throw
    an error if a container was mounted when it was run
  - Fixed a bug where podman container restore would fail with
    containers using a user namespace
  - Fixed a bug where rootless Podman would attempt to use the
    journald events backend even on systems without systemd
    installed
  - Fixed a bug where podman history would sometimes not properly
    identify the IDs of layers in an image (#3359)
  - Fixed a bug where containers could not be restarted when
    Conmon v2.0.3 or later was used
  - Fixed a bug where Podman did not check image OS and
    Architecture against the host when starting a container
  - Fixed a bug where containers in pods did not function
    properly with the Kata OCI runtime (#4353)
  - Fixed a bug where `podman info --format '{{ json . }}' would
    not produce JSON output (#4391)
  - Fixed a bug where Podman would not verify if files passed to
    --authfile existed (#4328)
  - Fixed a bug where podman images --digest would not always
    print digests when they were available
  - Fixed a bug where rootless podman run could hang due to a
    race with reading and writing events
  - Fixed a bug where rootless Podman would print warning-level
    logs despite not be instructed to do so (#4456)
  - Fixed a bug where podman pull would attempt to fetch from
    remote registries when pulling an unqualified image using the
    docker-daemon transport (#4434)
  - Fixed a bug where podman cp would not work if STDIN was a
    pipe
  - Fixed a bug where podman exec could stop accepting input if
    anything was typed between the command being run and the exec
    session starting (#4397)
  - Fixed a bug where podman logs --tail 0 would print all lines
    of a container's logs, instead of no lines (#4396)
  - Fixed a bug where the timeout for slirp4netns was incorrectly
    set, resulting in an extremely long timeout (#4344)
  - Fixed a bug where the podman stats command would print CPU
    utilizations figures incorrectly (#4409)
  - Fixed a bug where the podman inspect --size command would not
    print the size of the container's read/write layer if the
    size was 0 (#4744)
  - Fixed a bug where the podman kill command was not properly
    validating signals before use (#4746)
  - Fixed a bug where the --quiet and --format flags to podman ps
    could not be used at the same time
  - Fixed a bug where the podman stop command was not stopping
    exec sessions when a container was created without a PID
    namespace (--pid=host)
  - Fixed a bug where the podman pod rm --force command was not
    removing anonymous volumes for containers that were removed
  - Fixed a bug where the podman checkpoint command would not
    export all changes to the root filesystem of the container if
    performed more than once on the same container (#4606)
  - Fixed a bug where containers started with --rm would not be
    automatically removed on being stopped if an exec session was
    running inside the container (#4666)

* Misc

  - The fixes to runtime directory path as root can cause strange
    behavior if an upgrade is performed while containers are
    running
  - Updated vendored Buildah to v1.12.0
  - Updated vendored containers/storage library to v1.15.4
  - Updated vendored containers/image library to v5.1.0
  - Kata Containers runtimes (kata-runtime, kata-qemu, and
    kata-fc) are now present in the default libpod.conf, but will
    not be available unless Kata containers is installed on the
    system
  - Podman previously did not allow the creation of containers
    with a memory limit lower than 4MB. This restriction has been
    removed, as the crun runtime can create containers with
    significantly less memory

Update podman to v1.6.4
- Remove winsz FIFO on container restart to allow use with Conmon 2.03 and higher
- Ensure volumes reacquire locks on system restart, preventing deadlocks when starting containers
- Suppress spurious log messages when running rootless Podman
- Update vendored containers/storage to v1.13.6
- Fix a deadlock related to writing events
- Do not use the journald event logger when it is not available

Update podman to v1.6.2

* Features

  - Added a --runtime flag to podman system migrate to allow the
    OCI runtime for all containers to be reset, to ease transition
    to the crun runtime on CGroups V2 systems until runc gains full
    support
  - The podman rm command can now remove containers in broken
    states which previously could not be removed
  - The podman info command, when run without root, now shows
    information on UID and GID mappings in the rootless user
    namespace
  - Added podman build --squash-all flag, which squashes all layers
    (including those of the base image) into one layer
  - The --systemd flag to podman run and podman create now accepts
    a string argument and allows a new value, always, which forces
    systemd support without checking if the the container
    entrypoint is systemd

* Bugfixes

  - Fixed a bug where the podman top command did not work on
    systems using CGroups V2 (#4192)
  - Fixed a bug where rootless Podman could double-close a file,
    leading to a panic
  - Fixed a bug where rootless Podman could fail to retrieve some
    containers while refreshing the state
  - Fixed a bug where podman start --attach --sig-proxy=false would
    still proxy signals into the container
  - Fixed a bug where Podman would unconditionally use a
    non-default path for authentication credentials (auth.json),
    breaking podman login integration with skopeo and other tools
    using the containers/image library
  - Fixed a bug where podman ps --format=json and podman images
    --format=json would display null when no results were returned,
    instead of valid JSON
  - Fixed a bug where podman build --squash was incorrectly
    squashing all layers into one, instead of only new layers
  - Fixed a bug where rootless Podman would allow volumes with
    options to be mounted (mounting volumes requires root),
    creating an inconsistent state where volumes reported as
    mounted but were not (#4248)
  - Fixed a bug where volumes which failed to unmount could not be
    removed (#4247)
  - Fixed a bug where Podman incorrectly handled some errors
    relating to unmounted or missing containers in
    containers/storage
  - Fixed a bug where podman stats was broken on systems running
    CGroups V2 when run rootless (#4268)
  - Fixed a bug where the podman start command would print the
    short container ID, instead of the full ID
  - Fixed a bug where containers created with an OCI runtime that
    is no longer available (uninstalled or removed from the config
    file) would not appear in podman ps and could not be removed
    via podman rm
  - Fixed a bug where containers restored via podman container
    restore --import would retain the CGroup path of the original
    container, even if their container ID changed; thus, multiple
    containers created from the same checkpoint would all share the
    same CGroup

* Misc

  - The default PID limit for containers is now set to 4096. It can
    be adjusted back to the old default (unlimited) by passing
    --pids-limit 0 to podman create and podman run
  - The podman start --attach command now automatically attaches
    STDIN if the container was created with -i
  - The podman network create command now validates network names
    using the same regular expression as container and pod names
  - The --systemd flag to podman run and podman create will now
    only enable systemd mode when the binary being run inside the
    container is /sbin/init, /usr/sbin/init, or ends in systemd
    (previously detected any path ending in init or systemd)
  - Updated vendored Buildah to 1.11.3
  - Updated vendored containers/storage to 1.13.5
  - Updated vendored containers/image to 4.0.1

Update podman to v1.6.1

* Features

  - The podman network create, podman network rm, podman network
    inspect, and podman network ls commands have been added to
    manage CNI networks used by Podman
  - The podman volume create command can now create and mount
    volumes with options, allowing volumes backed by NFS, tmpfs,
    and many other filesystems
  - Podman can now run containers without CGroups for better
    integration with systemd by using the --cgroups=disabled flag
    with podman create and podman run. This is presently only
    supported with the crun OCI runtime
  - The podman volume rm and podman volume inspect commands can now
    refer to volumes by an unambiguous partial name, in addition to
    full name (e.g. podman volume rm myvol to remove a volume named
    myvolume) (#3891)
  - The podman run and podman create commands now support the
    --pull flag to allow forced re-pulling of images (#3734)
  - Mounting volumes into a container using --volume, --mount, and
    --tmpfs now allows the suid, dev, and exec mount options (the
    inverse of nosuid, nodev, noexec) (#3819)
  - Mounting volumes into a container using --mount now allows the
    relabel=Z and relabel=z options to relabel mounts.
  - The podman push command now supports the --digestfile option to
    save a file containing the pushed digest
  - Pods can now have their hostname set via podman pod create
    --hostname or providing Pod YAML with a hostname set to podman
    play kube (#3732)
  - The podman image sign command now supports the --cert-dir flag
  - The podman run and podman create commands now support the
    --security-opt label=filetype:$LABEL flag to set the SELinux
    label for container files
  - The remote Podman client now supports healthchecks

* Bugfixes

  - Fixed a bug where remote podman pull would panic if a Varlink
    connection was not available (#4013)
  - Fixed a bug where podman exec would not properly set terminal
    size when creating a new exec session (#3903)
  - Fixed a bug where podman exec would not clean up socket
    symlinks on the host (#3962)
  - Fixed a bug where Podman could not run systemd in containers
    that created a CGroup namespace
  - Fixed a bug where podman prune -a would attempt to prune images
    used by Buildah and CRI-O, causing errors (#3983)
  - Fixed a bug where improper permissions on the ~/.config
    directory could cause rootless Podman to use an incorrect
    directory for storing some files
  - Fixed a bug where the bash completions for podman import threw
    errors
  - Fixed a bug where Podman volumes created with podman volume
    create would not copy the contents of their mountpoint the
    first time they were mounted into a container (#3945)
  - Fixed a bug where rootless Podman could not run podman exec
    when the container was not run inside a CGroup owned by the
    user (#3937)
  - Fixed a bug where podman play kube would panic when given Pod
    YAML without a securityContext (#3956)
  - Fixed a bug where Podman would place files incorrectly when
    storage.conf configuration items were set to the empty string
    (#3952)
  - Fixed a bug where podman build did not correctly inherit
    Podman's CGroup configuration, causing crashed on CGroups V2
    systems (#3938)
  - Fixed a bug where remote podman run --rm would exit before the
    container was completely removed, allowing race conditions when
    removing container resources (#3870)
  - Fixed a bug where rootless Podman would not properly handle
    changes to /etc/subuid and /etc/subgid after a container was
    launched
  - Fixed a bug where rootless Podman could not include some
    devices in a container using the --device flag (#3905)
  - Fixed a bug where the commit Varlink API would segfault if
    provided incorrect arguments (#3897)
  - Fixed a bug where temporary files were not properly cleaned up
    after a build using remote Podman (#3869)
  - Fixed a bug where podman remote cp crashed instead of reporting
    it was not yet supported (#3861)
  - Fixed a bug where podman exec would run as the wrong user when
    execing into a container was started from an image with
    Dockerfile USER (or a user specified via podman run --user)
    (#3838)
  - Fixed a bug where images pulled using the oci: transport would
    be improperly named
  - Fixed a bug where podman varlink would hang when managed by
    systemd due to SD_NOTIFY support conflicting with Varlink
    (#3572)
  - Fixed a bug where mounts to the same destination would
    sometimes not trigger a conflict, causing a race as to which
    was actually mounted
  - Fixed a bug where podman exec --preserve-fds caused Podman to
    hang (#4020)
  - Fixed a bug where removing an unmounted container that was
    unmounted might sometimes not properly clean up the container
    (#4033)
  - Fixed a bug where the Varlink server would freeze when run in a
    systemd unit file (#4005)
  - Fixed a bug where Podman would not properly set the $HOME
    environment variable when the OCI runtime did not set it
  - Fixed a bug where rootless Podman would incorrectly print
    warning messages when an OCI runtime was not found (#4012)
  - Fixed a bug where named volumes would conflict with, instead of
    overriding, tmpfs filesystems added by the --read-only-tmpfs
    flag to podman create and podman run
  - Fixed a bug where podman cp would incorrectly make the target
    directory when copying to a symlink which pointed to a
    nonexistent directory (#3894)
  - Fixed a bug where remote Podman would incorrectly read STDIN
    when the -i flag was not set (#4095)
  - Fixed a bug where podman play kube would create an empty pod
    when given an unsupported YAML type (#4093)
  - Fixed a bug where podman import --change improperly parsed CMD
    (#4000)
  - Fixed a bug where rootless Podman on systems using CGroups V2
    would not function with the cgroupfs CGroups manager
  - Fixed a bug where rootless Podman could not correctly identify
    the DBus session address, causing containers to fail to start
    (#4162)
  - Fixed a bug where rootless Podman with slirp4netns networking
    would fail to start containers due to mount leaks

* Misc

  - Significant changes were made to Podman volumes in this
    release. If you have pre-existing volumes, it is strongly
    recommended to run podman system renumber after upgrading.
  - Version 0.8.1 or greater of the CNI Plugins is now required for
    Podman
  - Version 2.0.1 or greater of Conmon is strongly recommended
  - Updated vendored Buildah to v1.11.2
  - Updated vendored containers/storage library to v1.13.4
  - Improved error messages when trying to create a pod with no
    name via podman play kube
  - Improved error messages when trying to run podman pause or
    podman stats on a rootless container on a system without
    CGroups V2 enabled
  - TMPDIR has been set to /var/tmp by default to better handle
    large temporary files
  - podman wait has been optimized to detect stopped containers
    more rapidly
  - Podman containers now include a ContainerManager annotation
    indicating they were created by libpod
  - The podman info command now includes information about
    slirp4netns and fuse-overlayfs if they are available
  - Podman no longer sets a default size of 65kb for tmpfs
    filesystems
  - The default Podman CNI network has been renamed in an attempt
    to prevent conflicts with CRI-O when both are run on the same
    system. This should only take effect on system restart
  - The output of podman volume inspect has been more closely
    matched to docker volume inspect

- Add katacontainers as a recommended package, and include it as an
  additional OCI runtime in the configuration.

Update podman to v1.5.1

* Features

 - The hostname of pods is now set to the pod's name

* Bugfixes

 - Fixed a bug where podman run and podman create did not honor the --authfile
   option (#3730)
 - Fixed a bug where containers restored with podman container restore
   --import would incorrectly duplicate the Conmon PID file of the original container
 - Fixed a bug where podman build ignored the default OCI runtime configured
   in libpod.conf
 - Fixed a bug where podman run --rm (or force-removing any running container
   with podman rm --force) were not retrieving the correct exit code (#3795)
 - Fixed a bug where Podman would exit with an error if any configured hooks
   directory was not present
 - Fixed a bug where podman inspect and podman commit would not use the
   correct CMD for containers run with podman play kube
 - Fixed a bug created pods when using rootless Podman and CGroups V2 (#3801)
 - Fixed a bug where the podman events command with the --since or --until
   options could take a very long time to complete
* Misc

 - Rootless Podman will now inherit OCI runtime configuration from the root
   configuration (#3781)
 - Podman now properly sets a user agent while contacting registries (#3788)

- Add zsh completion for podman commands

Update podman to v1.5.0

* Features

  - Podman containers can now join the user namespaces of other
    containers with --userns=container:$ID, or a user namespace at
    an arbitary path with --userns=ns:$PATH
  - Rootless Podman can experimentally squash all UIDs and GIDs in
    an image to a single UID and GID (which does not require use of
    the newuidmap and newgidmap executables) by passing
    --storage-opt ignore_chown_errors
  - The podman generate kube command now produces YAML for any bind
    mounts the container has created (#2303)
  - The podman container restore command now features a new flag,
    --ignore-static-ip, that can be used with --import to import a
    single container with a static IP multiple times on the same
    host
  - Added the ability for podman events to output JSON by
    specifying --format=json
  - If the OCI runtime or conmon binary cannot be found at the
    paths specified in libpod.conf, Podman will now also search for
    them in the calling user's path
  - Added the ability to use podman import with URLs (#3609)
  - The podman ps command now supports filtering names using
    regular expressions (#3394)
  - Rootless Podman containers with --privileged set will now mount
    in all host devices that the user can access
  - The podman create and podman run commands now support the
    --env-host flag to forward all environment variables from the
    host into the container
  - Rootless Podman now supports healthchecks (#3523)
  - The format of the HostConfig portion of the output of podman
    inspect on containers has been improved and synced with Docker
  - Podman containers now support CGroup namespaces, and can create
    them by passing --cgroupns=private to podman run or podman
    create
  - The podman create and podman run commands now support the
    --ulimit=host flag, which uses any ulimits currently set on the
    host for the container
  - The podman rm and podman rmi commands now use different exit
    codes to indicate 'no such container' and 'container is
    running' errors
  - Support for CGroups V2 through the crun OCI runtime has been
    greatly improved, allowing resource limits to be set for
    rootless containers when the CGroups V2 hierarchy is in use

* Bugfixes

  - Fixed a bug where a race condition could cause podman restart
    to fail to start containers with ports
  - Fixed a bug where containers restored from a checkpoint would
    not properly report the time they were started at
  - Fixed a bug where podman search would return at most 25
    results, even when the maximum number of results was set higher
  - Fixed a bug where podman play kube would not honor capabilities
    set in imported YAML (#3689)
  - Fixed a bug where podman run --env, when passed a single key
    (to use the value from the host), would set the environment
    variable in the container even if it was not set on the host
    (#3648)
  - Fixed a bug where podman commit --changes would not properly
    set environment variables
  - Fixed a bug where Podman could segfault while working with
    images with no history
  - Fixed a bug where podman volume rm could remove arbitrary
    volumes if given an ambiguous name (#3635)
  - Fixed a bug where podman exec invocations leaked memory by not
    cleaning up files in tmpfs
  - Fixed a bug where the --dns and --net=container flags to podman
    run and podman create were not mutually exclusive (#3553)
  - Fixed a bug where rootless Podman would be unable to run
    containers when less than 5 UIDs were available
  - Fixed a bug where containers in pods could not be removed
    without removing the entire pod (#3556)
  - Fixed a bug where Podman would not properly clean up all CGroup
    controllers for created cgroups when using the cgroupfs CGroup
    driver
  - Fixed a bug where Podman containers did not properly clean up
    files in tmpfs, resulting in a memory leak as containers
    stopped
  - Fixed a bug where healthchecks from images would not use
    default settings for interval, retries, timeout, and start
    period when they were not provided by the image (#3525)
  - Fixed a bug where healthchecks using the HEALTHCHECK CMD format
    where not properly supported (#3507)
  - Fixed a bug where volume mounts using relative source paths
    would not be properly resolved (#3504)
  - Fixed a bug where podman run did not use authorization
    credentials when a custom path was specified (#3524)
  - Fixed a bug where containers checkpointed with podman container
    checkpoint did not properly set their finished time
  - Fixed a bug where running podman inspect on any container not
    created with podman run or podman create (for example, pod
    infra containers) would result in a segfault (#3500)
  - Fixed a bug where healthcheck flags for podman create and
    podman run were incorrectly named (#3455)
  - Fixed a bug where Podman commands would fail to find targets if
    a partial ID was specified that was ambiguous between a
    container and pod (#3487)
  - Fixed a bug where restored containers would not have the
    correct SELinux label
  - Fixed a bug where Varlink endpoints were not working properly
    if more was not correctly specified
  - Fixed a bug where the Varlink PullImage endpoint would crash if
    an error occurred (#3715)
  - Fixed a bug where the --mount flag to podman create and podman
    run did not allow boolean arguments for its ro and rw options
    (#2980)
  - Fixed a bug where pods did not properly share the UTS
    namespace, resulting in incorrect behavior from some utilities
    which rely on hostname (#3547)
  - Fixed a bug where Podman would unconditionally append
    ENTRYPOINT to CMD during podman commit (and when reporting CMD
    in podman inspect) (#3708)
  - Fixed a bug where podman events with the journald events
    backend would incorrectly print 6 previous events when only new
    events were requested (#3616)
  - Fixed a bug where podman port would exit prematurely when a
    port number was specified (#3747)
  - Fixed a bug where passing . as an argument to the --dns-search
    flag to podman create and podman run was not properly clearing
    DNS search domains in the container

* Misc

  - Updated vendored Buildah to v1.10.1
  - Updated vendored containers/image to v3.0.2
  - Updated vendored containers/storage to v1.13.1
  - Podman now requires conmon v2.0.0 or higher
  - The podman info command now displays the events logger being in
    use
  - The podman inspect command on containers now includes the ID of
    the pod a container has joined and the PID of the container's
    conmon process
  - The -v short flag for podman --version has been re-added
  - Error messages from podman pull should be significantly clearer
  - The podman exec command is now available in the remote client
  - The podman-v1.5.0.tar.gz file attached is podman packaged for
    MacOS. It can be installed using Homebrew.
- Update libpod.conf to support latest path discovery feature for
  `runc` and `conmon` binaries.

conmon was included in version 2.0.10. (bsc#1160460, bsc#1164390, jsc#ECO-1048, jsc#SLE-11485, jsc#SLE-11331):

fuse-overlayfs was updated to v0.7.6 (bsc#1160460)

- do not look in lower layers for the ino if there is no origin
  xattr set
- attempt to use the file path if the operation on the fd fails
  with ENXIO
- do not expose internal xattrs through listxattr and getxattr
- fix fallocate for deleted files.
- ignore O_DIRECT.  It causes issues with libfuse not using an
  aligned buffer, causing write(2) to fail with EINVAL.
- on copyup, do not copy the opaque xattr.
- fix a wrong lookup for whiteout files, that could happen on a
  double unlink.
- fix possible segmentation fault in direct_fsync()
- use the data store to create missing whiteouts
- after a rename, force a directory reload
- introduce inodes cache
- correctly read inode for unix sockets
- avoid hash map lookup when possible
- use st_dev for the ino key
- check whether writeback is supported
- set_attrs: don't require write to S_IFREG
- ioctl: do not reuse fi->fh for directories
- fix skip whiteout deletion optimization
- store the new mode after chmod
- support fuse writeback cache and enable it by default
- add option to disable fsync
- add option to disable xattrs
- add option to skip ino number check in lower layers
- fix fd validity check
- fix memory leak
- fix read after free
- fix type for flistxattr return
- fix warnings reported by lgtm.com
- enable parallel dirops

cni was updated to 0.7.1:

- Set correct CNI version for 99-loopback.conf

Update to version 0.7.1 (bsc#1160460):

* Library changes:

  + invoke : ensure custom envs of CNIArgs are prepended to process envs
  + add GetNetworkListCachedResult to CNI interface
  + delegate : allow delegation funcs override CNI_COMMAND env automatically in heritance

* Documentation & Convention changes:

  + Update cnitool documentation for spec v0.4.0
  + Add cni-route-override to CNI plugin list

Update to version 0.7.0:

* Spec changes:

  + Use more RFC2119 style language in specification (must, should...)
  + add notes about ADD/DEL ordering
  + Make the container ID required and unique.
  + remove the version parameter from ADD and DEL commands.
  + Network interface name matters
  + be explicit about optional and required structure members
  + add CHECK method
  + Add a well-known error for 'try again'
  + SPEC.md: clarify meaning of 'routes'

* Library changes:

  + pkg/types: Makes IPAM concrete type
  + libcni: return error if Type is empty
  + skel: VERSION shouldn't block on stdin
  + non-pointer instances of types.Route now correctly marshal to JSON
  + libcni: add ValidateNetwork and ValidateNetworkList functions
  + pkg/skel: return error if JSON config has no network name
  + skel: add support for plugin version string
  + libcni: make exec handling an interface for better downstream testing
  + libcni: api now takes a Context to allow operations to be timed out or cancelled
  + types/version: add helper to parse PrevResult
  + skel: only print about message, not errors
  + skel,invoke,libcni: implementation of CHECK method
  + cnitool: Honor interface name supplied via CNI_IFNAME environment variable.
  + cnitool: validate correct number of args
  + Don't copy gw from IP4.Gateway to Route.GW When converting from 0.2.0
  + add PrintTo method to Result interface
  + Return a better error when the plugin returns none
- Install sleep binary into CNI plugin directory

cni-plugins was updated to 0.8.4:

Update to version 0.8.4 (bsc#1160460):

* add support for mips64le
* Add missing cniVersion in README example
* bump go-iptables module to v0.4.5
* iptables: add idempotent functions
* portmap doesn't fail if chain doesn't exist
* fix portmap port forward flakiness
* Add Bruce Ma and Piotr Skarmuk as owners

Update to version 0.8.3:

* Enhancements:
  * static: prioritize the input sources for IPs (#400).
  * tuning: send gratuitous ARP in case of MAC address update (#403).
  * bandwidth: use uint64 for Bandwidth value (#389).
  * ptp: only override DNS conf if DNS settings provided (#388).
  * loopback: When prevResults are not supplied to loopback plugin, create results to return (#383).
  * loopback support CNI CHECK and result cache (#374).

* Better input validation:
  * vlan: add MTU validation to loadNetConf (#405).
  * macvlan: add MTU validation to loadNetConf (#404).
  * bridge: check vlan id when loading net conf (#394).

* Bugfixes:

  * bugfix: defer after err check, or it may panic (#391).
  * portmap: Fix dual-stack support (#379).
  * firewall: don't return error in DEL if prevResult is not found (#390).
  * bump up libcni back to v0.7.1 (#377).

* Docs:

  * contributing doc: revise test script name to run (#396).
  * contributing doc: describe cnitool installation (#397).

Update plugins to v0.8.2

+ New features:

  * Support 'args' in static and tuning
  * Add Loopback DSR support, allow l2tunnel networks
    to be used with the l2bridge plugin
  * host-local: return error if same ADD request is seen twice
  * bandwidth: fix collisions
  * Support ips capability in static and mac capability in tuning
  * pkg/veth: Make host-side veth name configurable

+ Bug fixes:
  * Fix: failed to set bridge addr: could not add IP address to 'cni0': file exists
  * host-device: revert name setting to make retries idempotent (#357).
  * Vendor update go-iptables. Vendor update go-iptables to
    obtain commit f1d0510cabcb710d5c5dd284096f81444b9d8d10
  * Update go.mod & go.sub
  * Remove link Down/Up in MAC address change to prevent route flush (#364).
  * pkg/ip unit test: be agnostic of Linux version, on Linux 4.4 the syscall
    error message is 'invalid argument' not 'file exists'
  * bump containernetworking/cni to v0.7.1

Updated plugins to v0.8.1:

+ Bugs:

  * bridge: fix ipMasq setup to use correct source address
  * fix compilation error on 386
  * bandwidth: get bandwidth interface in host ns through
    container interface

+ Improvements:
  * host-device: add pciBusID property

Updated plugins to v0.8.0:

+ New plugins:

  * bandwidth - limit incoming and outgoing bandwidth
  * firewall - add containers to firewall rules
  * sbr - convert container routes to source-based routes
  * static - assign a fixed IP address
  * win-bridge, win-overlay: Windows plugins

+ Plugin features / changelog:

  * CHECK Support
  * macvlan:
    - Allow to configure empty ipam for macvlan
    - Make master config optional
  * bridge:
    - Add vlan tag to the bridge cni plugin
    - Allow the user to assign VLAN tag
    - L2 bridge Implementation.
  * dhcp:
    - Include Subnet Mask option parameter in DHCPREQUEST
    - Add systemd unit file to activate socket with systemd
    - Add container ifName to the dhcp clientID, making the
      clientID value
  * flannel:
    - Pass through runtimeConfig to delegate
  * host-local:
    - host-local: add ifname to file tracking IP address used
  * host-device:
    - Support the IPAM in the host-device
    - Handle empty netns in DEL for loopback and host-device
  * tuning:
    - adds 'ip link' command related feature into tuning
+ Bug fixes & minor changes
  * Correctly DEL on ipam failure for all plugins
  * Fix bug on ip revert if cmdAdd fails on macvlan and host-device
  * host-device: Ensure device is down before rename
  * Fix -hostprefix option
  * some DHCP servers expect to request for explicit router options
  * bridge: release IP in case of error
  * change source of ipmasq rule from ipn to ip

from version v0.7.5:

+ This release takes a minor change to the portmap plugin:
  * Portmap: append, rather than prepend, entry rules

+ This fixes a potential issue where firewall rules may
  be bypassed by port mapping


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:705-1
Released:    Tue Mar 17 15:04:10 2020
Summary:     Security update for apache2-mod_auth_openidc
Type:        security
Severity:    moderate
References:  1164459,CVE-2019-20479
This update for apache2-mod_auth_openidc fixes the following issues:

- CVE-2019-20479: Fixed an open redirect issue in URLs with slash and backslash (bsc#1164459).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:712-1
Released:    Wed Mar 18 10:26:53 2020
Summary:     Security update for skopeo
Type:        security
Severity:    moderate
References:  1159530,1165715,CVE-2019-10214
This update for skopeo fixes the following issues:

Update to skopeo v0.1.41 (bsc#1165715):

- Bump github.com/containers/image/v5 from 5.2.0 to 5.2.1
- Bump gopkg.in/yaml.v2 from 2.2.7 to 2.2.8
- Bump github.com/containers/common from 0.0.7 to 0.1.4
- Remove the reference to openshift/api
- vendor github.com/containers/image/v5@v5.2.0
- Manually update buildah to v1.13.1
- add specific authfile options to copy (and sync) command.
- Bump github.com/containers/buildah from 1.11.6 to 1.12.0
- Add context to --encryption-key / --decryption-key processing
  failures
- Bump github.com/containers/storage from 1.15.2 to 1.15.3
- Bump github.com/containers/buildah from 1.11.5 to 1.11.6
- remove direct reference on c/image/storage
- Makefile: set GOBIN
- Bump gopkg.in/yaml.v2 from 2.2.2 to 2.2.7
- Bump github.com/containers/storage from 1.15.1 to 1.15.2
- Introduce the sync command
- openshift cluster: remove .docker directory on teardown
- Bump github.com/containers/storage from 1.14.0 to 1.15.1
- document installation via apk on alpine
- Fix typos in doc for image encryption
- Image encryption/decryption support in skopeo
- make vendor-in-container
- Bump github.com/containers/buildah from 1.11.4 to 1.11.5
- Travis: use go v1.13
- Use a Windows Nano Server image instead of Server Core for
  multi-arch testing
- Increase test timeout to 15 minutes
- Run the test-system container without --net=host
- Mount /run/systemd/journal/socket into test-system containers
- Don't unnecessarily filter out vendor from (go list ./...)
  output
- Use -mod=vendor in (go {list,test,vet})
- Bump github.com/containers/buildah from 1.8.4 to 1.11.4
- Bump github.com/urfave/cli from 1.20.0 to 1.22.1
- skopeo: drop support for ostree
- Don't critically fail on a 403 when listing tags
- Revert 'Temporarily work around auth.json location confusion'
- Remove references to atomic
- Remove references to storage.conf
- Dockerfile: use golang-github-cpuguy83-go-md2man
- bump version to v0.1.41-dev
- systemtest: inspect container image different from current
  platform arch

Changes in v0.1.40:

- vendor containers/image v5.0.0
- copy: add a --all/-a flag
- System tests: various fixes
- Temporarily work around auth.json location confusion
- systemtest: copy: docker->storage->oci-archive
- systemtest/010-inspect.bats: require only PATH
- systemtest: add simple env test in inspect.bats
- bash completion: add comments to keep scattered options in sync
- bash completion: use read -r instead of disabling SC2207
- bash completion: support --opt arg completion
- bash-completion: use replacement instead of sed
- bash completion: disable shellcheck SC2207
- bash completion: double-quote to avoid re-splitting
- bash completions: use bash replacement instead of sed
- bash completion: remove unused variable
- bash-completions: split decl and assignment to avoid masking
  retvals
- bash completion: double-quote fixes
- bash completion: hard-set PROG=skopeo
- bash completion: remove unused variable
- bash completion: use `||` instead of `-o`
- bash completion: rm eval on assigned variable
- copy: add --dest-compress-format and --dest-compress-level
- flag: add optionalIntValue
- Makefile: use go proxy
- inspect --raw: skip the NewImage() step
- update OCI image-spec to
  775207bd45b6cb8153ce218cc59351799217451f
- inspect.go: inspect env variables
- ostree: use both image and & storage buildtags


Update to skopeo v0.1.39 (bsc#1159530):

- inspect: add a --config flag
- Add --no-creds flag to skopeo inspect
- Add --quiet option to skopeo copy
- New progress bars
- Parallel Pulls and Pushes for major speed improvements
- containers/image moved to a new progress-bar library to fix various
  issues related to overlapping bars and redundant entries.
- enforce blocking of registries
- Allow storage-multiple-manifests
- When copying images and the output is not a tty (e.g., when piping to a
  file) print single lines instead of using progress bars. This avoids
  long and hard to parse output
- man pages: add --dest-oci-accept-uncompressed-layers
- completions: 
  - Introduce transports completions
  - Fix bash completions when a option requires a argument
  - Use only spaces in indent
   - Fix completions with a global option
  - add --dest-oci-accept-uncompressed-layers

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:737-1
Released:    Fri Mar 20 13:47:16 2020
Summary:     Recommended update for ruby2.5
Type:        security
Severity:    important
References:  1140844,1152990,1152992,1152994,1152995,1162396,1164804,CVE-2012-6708,CVE-2015-9251,CVE-2019-15845,CVE-2019-16201,CVE-2019-16254,CVE-2019-16255,CVE-2020-8130
This update for ruby2.5 toversion 2.5.7  fixes the following issues:
	  
ruby 2.5 was updated to version 2.5.7 

- CVE-2020-8130: Fixed a command injection in intree copy of rake (bsc#1164804).
- CVE-2019-16255: Fixed a code injection vulnerability of Shell#[] and 
  Shell#test (bsc#1152990).
- CVE-2019-16254: Fixed am HTTP response splitting in WEBrick (bsc#1152992).
- CVE-2019-15845: Fixed a null injection vulnerability of File.fnmatch and 
  File.fnmatch? (bsc#1152994).
- CVE-2019-16201: Fixed a regular expression denial of service of WEBrick 
  Digest access authentication (bsc#1152995).
- CVE-2012-6708: Fixed an XSS in JQuery
- CVE-2015-9251: Fixed an XSS in JQuery
- Fixed unit tests (bsc#1140844)
- Removed some unneeded test files (bsc#1162396).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:751-1
Released:    Mon Mar 23 16:32:44 2020
Summary:     Security update for cloud-init
Type:        security
Severity:    moderate
References:  1162936,1162937,1163178,CVE-2020-8631,CVE-2020-8632
This update for cloud-init fixes the following security issues:

- CVE-2020-8631: Replaced the theoretically predictable deterministic RNG with the system RNG (bsc#1162937).
- CVE-2020-8632: Increased the default random password length from 9 to 20 (bsc#1162936).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:753-1
Released:    Mon Mar 23 18:31:11 2020
Summary:     Recommended update for metis
Type:        recommended
Severity:    moderate
References:  
This update for metis fixes the following issues:

- Add support for gcc8/9 building (jsc#SLE-8604).

- Build HPC master package for 'examples'.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:755-1
Released:    Tue Mar 24 09:20:53 2020
Summary:     Recommended update for taglib
Type:        recommended
Severity:    moderate
References:  1166467
This update for taglib fixes the following issue:

- Disable rpath explicitly to solve a build issue on Leap 15.2 (bsc#1166467)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:758-1
Released:    Tue Mar 24 11:36:02 2020
Summary:     Recommended update for saptune
Type:        recommended
Severity:    moderate
References:  1160564,1161791
This update for saptune fixes the following issues:

- Fix for the issue when the display manager does not start after upgrade. (bsc#1161791)
- Implement commands for listing enabled Notes/Solutions to saptune. (bsc#1160564)  
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:774-1
Released:    Tue Mar 24 17:37:55 2020
Summary:     Recommended update for libcgroup
Type:        recommended
Severity:    moderate
References:  1166968

This update for libcgroup fixes the following issue:

libcgroup is provided to SUSE Linux Enterprise 15 SP1 in the Legacy Module. (jsc#SLE-10792 jsc#ECO-1225 bsc#1166968)

Usage of cgroups via libcgroup conflicts with cgroups used by systemd,
so please make sure their usages do not conflict.
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:787-1
Released:    Wed Mar 25 10:16:38 2020
Summary:     Recommended update for lifecycle-data-sle-module-live-patching
Type:        recommended
Severity:    moderate
References:  1020320
This update for lifecycle-data-sle-module-live-patching fixes the following issue:

- Live kernel patching update data for for 4_12_14-197_34. (bsc#1020320)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:801-1
Released:    Thu Mar 26 17:29:16 2020
Summary:     Security update for ldns
Type:        security
Severity:    moderate
References:  1068709,1068711,CVE-2017-1000231,CVE-2017-1000232
This update for ldns fixes the following issues:

- CVE-2017-1000231: Fixed a buffer overflow during token parsing (bsc#1068711).
- CVE-2017-1000232: Fixed a double-free vulnerability in str2host.c (bsc#1068709).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:811-1
Released:    Mon Mar 30 10:33:19 2020
Summary:     Security update for spamassassin
Type:        security
Severity:    important
References:  1118987,1162197,1162200,862963,CVE-2018-11805,CVE-2020-1930,CVE-2020-1931
This update for spamassassin fixes the following issues:

Security issues fixed:

- CVE-2018-11805: Fixed an issue with delimiter handling in rule files 
  related to is_regexp_valid() (bsc#1118987).
- CVE-2020-1930: Fixed an issue with rule configuration (.cf) files which 
  can be configured to run system commands (bsc#1162197).
- CVE-2020-1931: Fixed an issue with rule configuration (.cf) files which 
  can be configured to run system commands with warnings (bsc#1162200).
  
Non-security issue fixed:

- Altering hash requires restarting loop (bsc#862963).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:814-1
Released:    Mon Mar 30 16:23:40 2020
Summary:     Recommended update for QR-Code-generator, boost, libreoffice, myspell-dictionaries, xmlsec1
Type:        recommended
Severity:    moderate
References:  1161816,1162152,1167223
This update for QR-Code-generator, boost, libreoffice, myspell-dictionaries, xmlsec1 fixes the following issues:

libreoffice was updated to 6.4.2.2 (jsc#SLE-11174 jsc#SLE-11175 jsc#SLE-11176 bsc#1167223):

Full Release Notes can be found on:

	https://wiki.documentfoundation.org/ReleaseNotes/6.4

- Fixed broken handling of non-ASCII characters in the KDE filedialog
  (bsc#1161816)
- Move the animation library to core package bsc#1162152

xmlsec1 was updated to 1.2.28:

* Added BoringSSL support (chenbd).
* Added gnutls-3.6.x support (alonbl).
* Added DSA and ECDSA key size getter for MSCNG (vmiklos).
* Added --enable-mans configuration option (alonbl).
* Added coninuous build integration for MacOSX (vmiklos).
* Several other small fixes (more details).

- Make sure to recommend at least one backend when you install
  just xmlsec1

- Drop the gnutls backend as based on the tests it is quite borked:
  * We still have nss and openssl backend for people to use

Version update to 1.2.27:

* Added AES-GCM support for OpenSSL and MSCNG (snargit).
* Added DSA-SHA256 and ECDSA-SHA384 support for NSS (vmiklos).
* Added RSA-OAEP support for MSCNG (vmiklos).
* Continuous build integration in Travis and Appveyor.
* Several other small fixes (more details).

myspell-dictionaries was updated to 20191219:

* Updated the English dictionaries: GB+US+CA+AU
* Bring shipped Spanish dictionary up to version 2.5


boost was updated to fix:
- add a backport of Boost.Optional::has_value() for LibreOffice

The QR-Code-generator is shipped:

- Initial commit, needed by libreoffice 6.4


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:819-1
Released:    Tue Mar 31 13:01:34 2020
Summary:     Security update for icu
Type:        security
Severity:    important
References:  1166844,CVE-2020-10531
This update for icu fixes the following issues:

- CVE-2020-10531: Fixed a potential integer overflow in UnicodeString:doAppend (bsc#1166844).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:824-1
Released:    Tue Mar 31 13:28:28 2020
Summary:     Recommended update for python-paramiko
Type:        recommended
Severity:    moderate
References:  1166758
This update for python-paramiko fixes the following issues:

- Added support for the new OpenSSH >= 7.8p1 private key format  (bsc#1166758)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:825-1
Released:    Tue Mar 31 13:30:37 2020
Summary:     Recommended update for openslp
Type:        recommended
Severity:    moderate
References:  1165050,1165121
This update for openslp fixes the following issues:

- Add missing group prerequisites to the openslp-server package. (bsc#1165050)
- Add missing openslp prerequisites to the openslp-server package. (bsc#1165121)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:827-1
Released:    Tue Mar 31 13:33:09 2020
Summary:     Recommended update for susemanager-cloud-setup
Type:        recommended
Severity:    moderate
References:  1158691
This update for susemanager-cloud-setup fixes the following issues:

- Improve handling of storage volumes. (bsc#1158691)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:829-1
Released:    Tue Mar 31 13:46:43 2020
Summary:     Recommended update for geolite2legacy
Type:        recommended
Severity:    moderate
References:  1156194
This update for geolite2legacy fixes the following issues:

- Create the initial package of GeoIP 2 Legacy, as the GeoIP is discontinued. (bsc#1156194)
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:840-1
Released:    Wed Apr  1 11:25:34 2020
Summary:     Recommended update for python-kiwi
Type:        recommended
Severity:    moderate
References:  1143454,1163978,1164310,1165578,1167746
This update for python-kiwi fixes the following issues:

- Upgrade from version 9.19.8 to 9.20.5
  
  * Fixed result map for OEM pxe install. (bsc#1165578)
    
  * Add SECURE_BOOT parameter for grub2 in efi mode. (bsc#1167746)
    
    This commit adds the SECURE_BOOT parameter on bootloader sysconfig
    for grub2.
    
  * Fix order in fstab. (bsc#1164310) 
    
    Any mount point directly under / should be just right after the root
    mountpoint and before the custom mountpoints based on user's subvolume
    configuration.
    
  * Fixed handling of fillup templates. (bsc#1163978)
    
    Systems using a template tool to generate config files
    might not be effective when they see the intermediate
    config files we need from the host to let certain package
    managers work correctly. Therefore the cleanup code in
    kiwi takes care to restore from an optionally existing
    template file if no other custom variant is present.
    
  * Start using tftp system user package (bsc#1143454)
    
    This update starts requiring the tftp system user package. This
    user was created and managed by multiple packages before, with the
    risk of having inconsistent criteria on its defaults. With the system
    user package every package that requires this user should just
    require this package and do not create or modify the tftp user.
    
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:848-1
Released:    Thu Apr  2 11:24:38 2020
Summary:     Recommended update for GeoIP
Type:        recommended
Severity:    moderate
References:  1156194
This update for GeoIP fixes the following issues:

- Update README.SUSE with a description how to get the latest Geo IP data after the distribution changes. (jsc#SLE-11184, bsc#1156194, jsc#ECO-1405)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:917-1
Released:    Fri Apr  3 15:02:25 2020
Summary:     Recommended update for pam
Type:        recommended
Severity:    moderate
References:  1166510
This update for pam fixes the following issues:

- Moved pam_userdb into a separate package pam-extra. (bsc#1166510)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:925-1
Released:    Mon Apr  6 10:08:27 2020
Summary:     Recommended update for python3-azuremetadata, regionServiceClientConfigAzure, regionServiceClientConfigSAPAzure
Type:        recommended
Severity:    moderate
References:  1158698,1158707,1164818,1164819
This update for python3-azuremetadata, regionServiceClientConfigAzure, regionServiceClientConfigSAPAzure fixes the following issues:

regionServiceClientConfigAzure was updated to version 0.0.5:

+ Don't specify root device name explicitly (bsc#1158698, bsc#1158707)

regionServiceClientConfigSAPAzure was updated to version 1.0.2:

+ Don't specify root device name explicitly (bsc#1158698, bsc#1158707)

Changes in python3-azuremetadata:

- Version 5.0.0
- Support new Azure metadata API (bsc#1164818, bsc#1164819)
- Automatically detect root device (bsc#1158698, bsc#1158707)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:934-1
Released:    Tue Apr  7 03:46:20 2020
Summary:     Recommended update for wget
Type:        recommended
Severity:    moderate
References:  1167919
This update for wget fixes the following issues:

wget was updated to 1.20.3, fixing various bugs, including:

- Fix for wget ignoring domains with leading '.' in environment variable 'no_proxy'. (bsc#1167919)	  

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:943-1
Released:    Tue Apr  7 15:24:19 2020
Summary:     Recommended update for nvmetcli
Type:        recommended
Severity:    moderate
References:  1167644
This update for nvmetcli fixes the following issues:

- Update from version 0.6 to version 0.7:
  * nvmetcli: ANA configuration support
  * nvmetcli: simplify the enabled logic
  * nvmetcli: pep8 fixes
  * nvmetcli: support inline_data_size port parameter
  * Revert 'nvmetcli: expose nvmet port status and state'
  * Support python3 dictionary access.
  * nvmetcli: expose nvmet port status and state
- 'clear' command doesn't handle ANA groups correctly. (bsc#1167644)
  The first ANA group is maintained by the kernel so it cannot be deleted.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:944-1
Released:    Tue Apr  7 15:49:33 2020
Summary:     Security update for runc
Type:        security
Severity:    moderate
References:  1149954,1160452,CVE-2019-19921
This update for runc fixes the following issues:

runc was updated to v1.0.0~rc10

- CVE-2019-19921: Fixed a mount race condition with shared mounts (bsc#1160452).
- Fixed an issue where podman run hangs when spawned by salt-minion process (bsc#1149954).	  

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:948-1
Released:    Wed Apr  8 07:44:21 2020
Summary:     Security update for gmp, gnutls, libnettle
Type:        security
Severity:    moderate
References:  1152692,1155327,1166881,1168345,CVE-2020-11501
This update for gmp, gnutls, libnettle fixes the following issues:

Security issue fixed:

- CVE-2020-11501: Fixed zero random value in DTLS client hello (bsc#1168345)

FIPS related bugfixes:

- FIPS: Install checksums for binary integrity verification which are
  required when running in FIPS mode (bsc#1152692, jsc#SLE-9518)
- FIPS: Fixed a cfb8 decryption issue, no longer truncate output IV if
  input is shorter than block size. (bsc#1166881)
- FIPS: Added Diffie Hellman public key verification test. (bsc#1155327)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:957-1
Released:    Wed Apr  8 12:28:03 2020
Summary:     Security update for mgetty
Type:        security
Severity:    moderate
References:  1142770,1168170,CVE-2019-1010190
This update for mgetty fixes the following issues:

- CVE-2019-1010190: Fixed a denial of service which could be caused by a local attacker in putwhitespan() (bsc#1142770).
- Fixed a permission issue which have resulted in build failures (bsc#1168170).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:958-1
Released:    Wed Apr  8 12:38:15 2020
Summary:     Recommended update for python3-ec2metadata
Type:        recommended
Severity:    moderate
References:  1157901,1157902
This update for python3-ec2metadata contains the following fixes:

- Update to version 3.0.2: (bsc#1157901, bsc#1157902)
  + Add man page.
  + Support accessing IMDS with a token (API change) to support disabling unauthenticated
    access of IMDS;

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:693-1
Released:    Wed Apr  8 14:11:14 2020
Summary:     Security update for wireshark
Type:        security
Severity:    moderate
References:  1093733,1094301,1101776,1101777,1101786,1101788,1101791,1101794,1101800,1101802,1101804,1101810,1106514,1111647,1117740,1121231,1121232,1121233,1121234,1121235,1127367,1127369,1127370,1131941,1131945,1136021,1141980,1150690,1156288,1158505,1161052,1165241,1165710,957624,CVE-2018-11354,CVE-2018-11355,CVE-2018-11356,CVE-2018-11357,CVE-2018-11358,CVE-2018-11359,CVE-2018-11360,CVE-2018-11361,CVE-2018-11362,CVE-2018-12086,CVE-2018-14339,CVE-2018-14340,CVE-2018-14341,CVE-2018-14342,CVE-2018-14343,CVE-2018-14344,CVE-2018-14367,CVE-2018-14368,CVE-2018-14369,CVE-2018-14370,CVE-2018-16056,CVE-2018-16057,CVE-2018-16058,CVE-2018-18225,CVE-2018-18226,CVE-2018-18227,CVE-2018-19622,CVE-2018-19623,CVE-2018-19624,CVE-2018-19625,CVE-2018-19626,CVE-2018-19627,CVE-2018-19628,CVE-2019-10894,CVE-2019-10895,CVE-2019-10896,CVE-2019-10897,CVE-2019-10898,CVE-2019-10899,CVE-2019-10900,CVE-2019-10901,CVE-2019-10902,CVE-2019-10903,CVE-2019-13619,CVE-2019-16319,CVE-2019-19553,CVE-2019-5716,CVE-2019-5717,CVE-2019-5718,CVE-2019-5719,CVE-2019-5721,CVE-2019-9208,CVE-2019-9209,CVE-2019-9214,CVE-2020-7044,CVE-2020-9428,CVE-2020-9429,CVE-2020-9430,CVE-2020-9431
This update for wireshark and libmaxminddb fixes the following issues:

Update wireshark to new major version 3.2.2 and introduce libmaxminddb for GeoIP support (bsc#1156288).

New features include:

- Added support for 111 new protocols, including WireGuard, LoRaWAN, TPM 2.0, 802.11ax and QUIC
- Improved support for existing protocols, like HTTP/2
- Improved analytics and usability functionalities

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:966-1
Released:    Thu Apr  9 09:44:18 2020
Summary:     Recommended update for libcgroup
Type:        recommended
Severity:    moderate
References:  1166968
This update for libcgroup fixes the following issues:

- rename sysconfig.libcgroup back to sysconfig.cgred to keep SUSE Linux Enterprise 12 compatibility (bsc#1166968)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:987-1
Released:    Tue Apr 14 13:21:07 2020
Summary:     Recommended update for python-azure-mgmt-compute
Type:        recommended
Severity:    moderate
References:  1140565
This update for python-azure-mgmt-compute fixes the following issues:


New upstream release 4.6.2 (bsc#1140565, jsc#ECO-1257, jsc#PM-1598):

+ For detailed information about changes see the
  HISTORY.txt file provided with this package


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:994-1
Released:    Wed Apr 15 07:57:24 2020
Summary:     Recommended update for clamav
Type:        recommended
Severity:    moderate
References:  1119353
This update for clamav fixes the following issues:

- Fix freshclam usage in FIPS mode (bsc#1119353).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:995-1
Released:    Wed Apr 15 08:30:39 2020
Summary:     Security update for ruby2.5
Type:        security
Severity:    moderate
References:  1167244,1168938,CVE-2020-10663,CVE-2020-10933
This update for ruby2.5 to version 2.5.8 fixes the following issues:

- CVE-2020-10663: Unsafe Object Creation Vulnerability in JSON (bsc#1167244).
- CVE-2020-10933: Heap exposure vulnerability in the socket library (bsc#1168938).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:919-1
Released:    Wed Apr 15 10:43:21 2020
Summary:     Recommended update for python-pyroute2
Type:        recommended
Severity:    moderate
References:  1160933,1161898

This update provides python-pyroute2 for use by the gcp-vpc-move-route agent in resource-agents.
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:998-1
Released:    Wed Apr 15 13:00:05 2020
Summary:     Recommended update for python-pycups
Type:        recommended
Severity:    moderate
References:  735865
This update for python-pycups fixes the following issues:

- add BuildRequires: python-cups to printer driver packages. (bsc#735865) 
  Package /usr/lib/rpm/postscriptdriver.prov again, in the new 'cups-rpm-helper' 
  subpackage. The file hasn't been packaged any more after the switch from
  python-cups to python-pycups.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1000-1
Released:    Wed Apr 15 14:18:56 2020
Summary:     Recommended update for azure-cli tools, python-adal, python-applicationinsights, python-azure modules, python-msrest, python-msrestazure, python-pydocumentdb, python-uamqp, python-vsts-cd-manager
Type:        recommended
Severity:    moderate
References:  1014478,1054413,1140565,982804,999200
This update for azure-cli tools, python-adal, python-applicationinsights, python-azure modules, python-msrest, python-msrestazure, python-pydocumentdb, python-uamqp, python-vsts-cd-manager fixes the following issues:

The Azure python modules and client tool stack was updated to the 2020 state.

Various other python modules were added and updated.

- python-PyYAML was updated to 5.1.2.
- python-humanfriendly was updated 4.16.1.


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1005-1
Released:    Thu Apr 16 06:22:32 2020
Summary:     Recommended update for ypbind
Type:        recommended
Severity:    moderate
References:  1163252
This update for ypbind fixes the following issues:

- Fix for setting domain name by waiting that network becomes online, so it can be properly configured in sysconfig. (bsc#1163252)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1016-1
Released:    Thu Apr 16 16:15:45 2020
Summary:     Recommended update for python-cachetools, python-google-api-python-client, python-google-auth, python-google-auth-httplib2
Type:        recommended
Severity:    moderate
References:  1088358,1160933
This update for python-cachetools, python-google-api-python-client, python-google-auth, python-google-auth-httplib2 fixes the following issues:

python-cachetools was updated to version 2.0.1:

* Officially support Python 3.6.
* Move documentation to RTD.
* Documentation: Update import paths for key functions (courtesy of slavkoja).

update to 2.0.0:

- Drop support for deprecated features (breaking change).
- Move key functions to separate package (breaking change).
- Accept non-integer ``maxsize`` in ``Cache.__repr__()``.

update to 1.1.6:

- Reimplement ``LRUCache`` and ``TTLCache`` using
  ``collections.OrderedDict``.  Note that this will break pickle
  compatibility with previous versions.
- Fix ``TTLCache`` not calling ``__missing__()`` of derived classes.
- Handle ``ValueError`` in ``Cache.__missing__()`` for consistency
  with caching decorators.
- Improve how ``TTLCache`` handles expired items.
- Use ``Counter.most_common()`` for ``LFUCache.popitem()``.
- Refactor ``Cache`` base class.  Note that this will break pickle
  compatibility with previous versions.
- Clean up ``LRUCache`` and ``TTLCache`` implementations.
- Refactor ``LRUCache`` and ``TTLCache`` implementations.  Note that
  this will break pickle compatibility with previous versions.
- Document pending removal of deprecated features.
- Minor documentation improvements.
- Fix pickle tests.
- Fix pickling of large ``LRUCache`` and ``TTLCache`` instances.
- Improve key functions.
- Improve documentation.
- Improve unit test coverage.
- Add ``@cached`` function decorator.
- Add ``hashkey`` and ``typedkey`` fuctions.
- Add `key` and `lock` arguments to ``@cachedmethod``.
- Set ``__wrapped__`` attributes for Python versions < 3.2.
- Move ``functools`` compatible decorators to ``cachetools.func``.
- Deprecate ``@cachedmethod`` `typed` argument.
- Deprecate `cache` attribute for ``@cachedmethod`` wrappers.
- Deprecate `getsizeof` and `lock` arguments for `cachetools.func`
  decorator.

python-google-api-python-client was updated to:

- Upgrade to 1.7.4: just series of minor bugfixes

Changes in python-google-auth was updated to 1.5.1:

- Fix check for error text on Python 3.7. (#278)
- Use new Auth URIs. (#281)
- Add code-of-conduct document. (#270)
- Fix some typos in test_urllib3.py (#268)
- Warn when using user credentials from the Cloud SDK (#266)
- Add compute engine-based IDTokenCredentials (#236)
- Corrected some typos (#265)

Update to 1.4.2:

- Raise a helpful exception when trying to refresh credentials without
  a refresh token. (#262)
- Fix links to README and CONTRIBUTING in docs/index.rst. (#260)
- Fix a typo in credentials.py. (#256)
- Use pytest instead of py.test per upstream recommendation,
  #dropthedot. (#255)
- Fix typo on exemple of jwt usage (#245)

New upstream release 1.4.1 (bsc#1088358)

- Added a check for the cryptography version before attempting to use it.

+ From version 1.4.0
  - Added `cryptography`-based RSA signer and verifier.
  - Added `google.oauth2.service_account.IDTokenCredentials`.
  - Improved documentation around ID Tokens
+ From version 1.3.0
  - Added ``google.oauth2.credentials.Credentials.from_authorized_user_file``.
  - Dropped direct pyasn1 dependency in favor of letting ``pyasn1-modules``
    specify the right version.
  - ``default()`` now checks for the project ID environment var before
    warning about missing project ID.
  - Fixed the docstrings for ``has_scopes()`` and ``with_scopes()``.
  - Fixed example in docstring for ``ReadOnlyScoped``.
  - Made ``transport.requests`` use timeouts and retries
    to improve reliability.

python-google-auth-httplib2 initially shipped:

python-pytest-localserver was updated to 0.4.1:

Update to version 0.3.6:

+ Add trove classifiers to make sure that package shows up on PyPI's Python 3 list.
+ Remove test method which rely on thread to be finished first.
+ OpenSSL is no longer necessary with werkzeug 0.10.
+ Tests now work under Python 3.3 \o/
+ Fix for Python 3.5 (fixes #13).
+ Add new Python version to classifiers.
+ Update repository url
+ Use @pytest.fixture to declare fixtures
+ Remove old-style test fixtures from tests and README, too.


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1033-1
Released:    Mon Apr 20 09:12:45 2020
Summary:     Recommended update for perl-CGI
Type:        recommended
Severity:    moderate
References:  1162868
This update for perl-CGI fixes the following issues:

Update from version 4.38 to 4.46 (bsc#1162868)

* Add support for SameSite=None cookies and update the documentation
* Replace only use of 'base' with 'parent' given that CGI already depends on 'parent'
* Support unquoted multipart/form-data name values
* Update the package license from 'Artistic-1.0 or GPL-1.0+' to 'Artistic-2.0'
* Support perls < 5.10.1 and specify CONFIGURE_REQUIRES in Makefile.PL for being more dynamic

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1034-1
Released:    Mon Apr 20 09:15:18 2020
Summary:     Recommended update for psqlODBC
Type:        recommended
Severity:    moderate
References:  1166821
This update for psqlODBC fixes the following issue:

-  Fix build with PostgreSQL 11 and newer. (bsc#1166821)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1037-1
Released:    Mon Apr 20 10:49:39 2020
Summary:     Recommended update for python-pytest
Type:        recommended
Severity:    low
References:  1002895,1107105,1138666,1167732

This update fixes the following issues:

New python-pytest versions are provided.

In Basesystem:

- python3-pexpect: updated to 4.8.0
- python3-py: updated to 1.8.1
- python3-zipp: shipped as dependency in version 0.6.0

In Python2:

- python2-pexpect: updated to 4.8.0
- python2-py: updated to 1.8.1

  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1038-1
Released:    Mon Apr 20 10:50:20 2020
Summary:     Recommended update for seccheck
Type:        recommended
Severity:    moderate
References:  1132919,985802
This update for seccheck fixes the following issues:

- adapt WantedBy so the timers are actually started at boot time when enabled (#1132919)
- correct indentation of SECCHK_FROM (#985802) for the
  weekly and monthly mails so that the mail header lines 
  are recognised by the receiving mail client


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1039-1
Released:    Mon Apr 20 11:33:39 2020
Summary:     Recommended update for python-kiwi
Type:        recommended
Severity:    important
References:  1165960,1168480
This update for python-kiwi fixes the following issues:
	  
- Fix for systems that use efi with grub2 version less than 2.04 there is no support for dynamic EFI environment checking. (bsc#1165960, bsc#1168480)
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1048-1
Released:    Tue Apr 21 10:33:46 2020
Summary:     Recommended update for python-kiwi
Type:        recommended
Severity:    moderate
References:  1165823
This update for python-kiwi fixes the following issues:

- Fixed _get_grub2_mkconfig_tool
  
  Last patch on this method breaks the search for alternative
  mkconfig names. It returns always on the first lookup which
  could be none. This breaks on systems that uses a different
  name than grub2-mkconfig, like on Ubuntu.
  
- Increase spare space on disk repart (bsc#1165823)
  
  The sizing of the virtual cylinders in parted seems to be unfavorable,
  as with some disks and SD cards here the device size is not a multiple
  of the cylinder size, so the last incomplete cylinder is wasted.
  If this wasted space is more than 5MiB, kiwi tries to resize indefinitely.
  Therefore min_additional_mbytes gets increased to prevent running
  into this situation.
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1055-1
Released:    Tue Apr 21 15:53:44 2020
Summary:     Recommended update for patterns-server-enterprise
Type:        recommended
Severity:    moderate
References:  1168416,1169042
This update for patterns-server-enterprise fixes the following issues:

- added libgnutls30-hmac to the FIPS pattern. (bsc#1169042 bsc#1168416)
- remove strongswan-hmac-32bit (not used currently)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1056-1
Released:    Tue Apr 21 16:26:22 2020
Summary:     Recommended update for cloud-init
Type:        recommended
Severity:    important
References:  1099358,1144881,1145622,1148645,1163178,1165296
This update for cloud-init contains the following fixes:

- Update previous patches with the following additions:
  + In cases where the config contains 2 or more default gateway specifications for
    an interface only write the first default route, log warning message about skipped
    routes
  + Avoid writing invalid route specification if neither the network nor destination
    is specified in the route configuration
  + Still need to consider the 'network' configuration uption for the v1 config
    implementation. Fixes regression introduced with update from Wed Feb 12 19:30:42.
  + Add the default gateway to the ifroute config file when specified as part of
    the subnet configuration. (bsc#1165296)
  + Fix typo to properly extrakt provided netmask data (bsc#1163178, bsc#1165296)
  + Fix for default gateway and IPv6. (bsc#1144881)
  + Routes will be written if there is only a default gateway. (bsc#1148645)

- BuildRequire pkgconfig(udev) instead of udev, which allow OS to shortcut through
  the -mini flavor.

- Update to cloud-init 19.2. (bsc#1099358, bsc#1145622)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1060-1
Released:    Wed Apr 22 09:55:41 2020
Summary:     Recommended update for sapconf
Type:        recommended
Severity:    moderate
References:  1124453,1139176,1148163,1150868,1150870
This update for sapconf fixes the following issues:

- Removing SAP configuration from logind during the package update, as it is not needed any longer. (bsc#1148163, jsc#SLE-10123)
- Fix for sapconf detecting an improper tuned profile during start, it will write an information to the log file and the start of the sapconf service will fail to guide the administrator to the problem. (bsc#1139176)
- Use absolute path to 'script.sh' in 'tuned.conf' file. (bsc#1124453)
- Fix for rpm macros in postinstall script replacing invalid commands. (bsc#1150868, bsc#1150870)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1083-1
Released:    Thu Apr 23 11:31:23 2020
Summary:     Security update for cups
Type:        security
Severity:    important
References:  1168422,CVE-2020-3898
This update for cups fixes the following issues:

- CVE-2020-3898: Fixed a heap buffer overflow in ppdFindOption() (bsc#1168422).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1094-1
Released:    Thu Apr 23 16:34:21 2020
Summary:     Recommended update for python-google-api-python-client
Type:        recommended
Severity:    moderate
References:  1088358,1160933
This update for python-google-api-python-client fixes the following issues:

- Fix dependencies to use google-auth instead of deprecated
  oauth2client (bsc#1160933, jsc#ECO-1148) 

python-cachetools 2.0.1 is shipped to the Public Cloud Module.
python-google-auth 1.5.1 is shipped to the Public Cloud Module.


python-google-api-python-client was updated to:

- Upgrade to 1.7.4: just series of minor bugfixes

- Fix check for error text on Python 3.7. (#278)
- Use new Auth URIs. (#281)
- Add code-of-conduct document. (#270)
- Fix some typos in test_urllib3.py (#268)
- Warn when using user credentials from the Cloud SDK (#266)
- Add compute engine-based IDTokenCredentials (#236)
- Corrected some typos (#265)

Update to 1.4.2:

- Raise a helpful exception when trying to refresh credentials without
  a refresh token. (#262)
- Fix links to README and CONTRIBUTING in docs/index.rst. (#260)
- Fix a typo in credentials.py. (#256)
- Use pytest instead of py.test per upstream recommendation,
  #dropthedot. (#255)
- Fix typo on exemple of jwt usage (#245)

New upstream release 1.4.1 (bsc#1088358)

- Added a check for the cryptography version before attempting to use it.

+ From version 1.4.0
  - Added `cryptography`-based RSA signer and verifier.
  - Added `google.oauth2.service_account.IDTokenCredentials`.
  - Improved documentation around ID Tokens
+ From version 1.3.0
  - Added ``google.oauth2.credentials.Credentials.from_authorized_user_file``.
  - Dropped direct pyasn1 dependency in favor of letting ``pyasn1-modules``
    specify the right version.
  - ``default()`` now checks for the project ID environment var before
    warning about missing project ID.
  - Fixed the docstrings for ``has_scopes()`` and ``with_scopes()``.
  - Fixed example in docstring for ``ReadOnlyScoped``.
  - Made ``transport.requests`` use timeouts and retries
    to improve reliability.


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1096-1
Released:    Thu Apr 23 16:35:05 2020
Summary:     Recommended update for google-compute-engine
Type:        recommended
Severity:    moderate
References:  1167810
This update for google-compute-engine fixes the following issues:

- Rename the sysctl file that applies the GCE network settings, so it
  is run after the default config and adjusts net.ipv4.conf.all.rp_filter
  correctly.  (bsc#1167810)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1097-1
Released:    Thu Apr 23 21:12:03 2020
Summary:     Recommended update for python3-azuremetadata
Type:        recommended
Severity:    moderate
References:  1169921
This update for python3-azuremetadata fixes the following issues:

- Use lsblk for root device detection (bsc#1169921)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1112-1
Released:    Fri Apr 24 16:44:20 2020
Summary:     Recommended update for suse-build-key
Type:        recommended
Severity:    moderate
References:  1170347
This update for suse-build-key fixes the following issues:

- add a /usr/share/container-keys/ directory for GPG based Container
  verification.
- Add the SUSE build key as 'suse-container-key.asc'. (PM-1845 bsc#1170347)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1160-1
Released:    Thu Apr 30 17:40:19 2020
Summary:     Recommended update for cloud-regionsrv-client
Type:        recommended
Severity:    moderate
References:  1169599
This update for cloud-regionsrv-client contains the following fix:

- Update to version 9.0.9: (bsc#1169599)
  + Handle the /etc/hosts file with Python 3.4 if there are non ascii characters 
    in the file.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1170-1
Released:    Mon May  4 15:17:47 2020
Summary:     Recommended update for aws-cli, python-boto, python-boto3, python-botocore, python-s3transfer
Type:        recommended
Severity:    moderate
References:  1116204,1117074,1122668,1129696,1166924,1168943
This update for aws-cli, python-boto, python-boto3, python-botocore, python-s3transfer fixes the following issues:

aws-cli was updated to version 1.18.38 (bsc#1166924, bsc#1168943):

+ For detailed changes see
  https://github.com/aws/aws-cli/blob/1.18.38/CHANGELOG.rst
+ Forward port hide_py_pckgmgmt.patch
+ Update Requires in spec file from setup.py

Update to version 1.18.35

+ For detailed changes see
  https://github.com/aws/aws-cli/blob/1.18.35/CHANGELOG.rst
+ Forward port hide_py_pckgmgmt.patch
+ Update Requires in spec file from setup.py

Update to version 1.18.27

+ For detailed changes see
  https://github.com/aws/aws-cli/blob/1.18.27/CHANGELOG.rst
+ Forward port hide_py_pckgmgmt.patch
+ Update Requires in spec file from setup.py

Update to version 1.18.0

+ For detailed changes see
  https://github.com/aws/aws-cli/blob/1.18.0/CHANGELOG.rst
+ Forward port hide_py_pckgmgmt.patch
+ Install aws bash completetion script into system path
+ Install aws zsh completion script into /etc/zsh_completion.d
+ Update Requires in spec file from setup.py

- make it possible to find the package under the name 'awscli'

- Add bash command completion capability (bsc#1117074)

Update to version 1.17.9

+ For detailed changes see
  https://github.com/aws/aws-cli/blob/1.17.9/CHANGELOG.rst
+ Forward port hide_py_pckgmgmt.patch
+ Update Requires in spec file from setup.py

Update to version 1.16.297

+ For detailed changes see
  https://github.com/aws/aws-cli/blob/1.16.297/CHANGELOG.rst
+ Forward port hide_py_pckgmgmt.patch
+ Update Requires in spec file from setup.py

Update to version 1.16.281

+ For detailed changes see
  https://github.com/aws/aws-cli/blob/1.16.281/CHANGELOG.rst
+ Forward port hide_py_pckgmgmt.patch
+ Update Requires in spec file from setup.py

Update to version 1.16.258

+ For detailed changes see
  https://github.com/aws/aws-cli/blob/1.16.258/CHANGELOG.rst


python-boto3 was updated to 1.12.38 (bsc#1166924, bsc#1168943)

  * api-change:``apigateway``: [``botocore``] Update apigateway client to latest version
  * api-change:``codeguru-reviewer``: [``botocore``] Update codeguru-reviewer client to latest version
  * api-change:``mediaconnect``: [``botocore``] Update mediaconnect client to latest version

- from version 1.12.37

  * api-change:``transcribe``: [``botocore``] Update transcribe client to latest version
  * api-change:``chime``: [``botocore``] Update chime client to latest version
  * api-change:``iam``: [``botocore``] Update iam client to latest version
  * api-change:``elasticbeanstalk``: [``botocore``] Update elasticbeanstalk client to latest version

- from version 1.12.36
  * api-change:``personalize-runtime``: [``botocore``] Update personalize-runtime client to latest version
  * api-change:``robomaker``: [``botocore``] Update robomaker client to latest version

- Version update 1.12.35
  * api-change:``medialive``: [``botocore``] Update medialive client to latest version
  * api-change:``redshift``: [``botocore``] Update redshift client to latest version
  * api-change:``gamelift``: [``botocore``] Update gamelift client to latest version
  * api-change:``cloudwatch``: [``botocore``] Update cloudwatch client to latest version
  * api-change:``rds``: [``botocore``] Update rds client to latest version
- from version 1.12.34
  * api-change:``iot``: [``botocore``] Update iot client to latest version
  * api-change:``mediaconnect``: [``botocore``] Update mediaconnect client to latest version
- from version 1.12.33
  * api-change:``opsworkscm``: [``botocore``] Update opsworkscm client to latest version
  * api-change:``wafv2``: [``botocore``] Update wafv2 client to latest version
  * api-change:``glue``: [``botocore``] Update glue client to latest version
  * api-change:``elastic-inference``: [``botocore``] Update elastic-inference client to latest version
  * api-change:``lambda``: [``botocore``] Update lambda client to latest version
  * api-change:``mediastore``: [``botocore``] Update mediastore client to latest version
  * api-change:``pinpoint``: [``botocore``] Update pinpoint client to latest version
  * api-change:``storagegateway``: [``botocore``] Update storagegateway client to latest version
  * api-change:``rekognition``: [``botocore``] Update rekognition client to latest version
  * api-change:``fms``: [``botocore``] Update fms client to latest version
  * api-change:``organizations``: [``botocore``] Update organizations client to latest version
  * api-change:``detective``: [``botocore``] Update detective client to latest version
  * api-change:``appconfig``: [``botocore``] Update appconfig client to latest version
- from version 1.12.32
  * api-change:``accessanalyzer``: [``botocore``] Update accessanalyzer client to latest version
- from version 1.12.31
  * api-change:``globalaccelerator``: [``botocore``] Update globalaccelerator client to latest version
  * api-change:``kendra``: [``botocore``] Update kendra client to latest version
  * api-change:``servicecatalog``: [``botocore``] Update servicecatalog client to latest version
- from version 1.12.30
  * api-change:``sagemaker``: [``botocore``] Update sagemaker client to latest version
  * api-change:``fsx``: [``botocore``] Update fsx client to latest version
  * api-change:``securityhub``: [``botocore``] Update securityhub client to latest version
- from version 1.12.29
  * api-change:``managedblockchain``: [``botocore``] Update managedblockchain client to latest version
  * api-change:``ce``: [``botocore``] Update ce client to latest version
  * api-change:``application-insights``: [``botocore``] Update application-insights client to latest version
  * api-change:``detective``: [``botocore``] Update detective client to latest version
  * api-change:``es``: [``botocore``] Update es client to latest version
  * api-change:``xray``: [``botocore``] Update xray client to latest version
- from version 1.12.28
  * api-change:``athena``: [``botocore``] Update athena client to latest version
  * api-change:``rds-data``: [``botocore``] Update rds-data client to latest version
  * api-change:``eks``: [``botocore``] Update eks client to latest version
  * api-change:``organizations``: [``botocore``] Update organizations client to latest version
- Update BuildRequires and Requires from setup.py

- Version update to 1.12.27
  * api-change:``apigatewayv2``: [``botocore``] Update apigatewayv2 client to latest version
  * api-change:``eks``: [``botocore``] Update eks client to latest version
  * api-change:``route53``: [``botocore``] Update route53 client to latest version
- from version 1.12.26
  * api-change:``servicecatalog``: [``botocore``] Update servicecatalog client to latest version
- from version 1.12.25
  * api-change:``outposts``: [``botocore``] Update outposts client to latest version
  * api-change:``acm``: [``botocore``] Update acm client to latest version
- from version 1.12.24
  * api-change:``rds``: [``botocore``] Update rds client to latest version
  * api-change:``mediaconnect``: [``botocore``] Update mediaconnect client to latest version
  * api-change:``personalize``: [``botocore``] Update personalize client to latest version
- from version 1.12.23
  * api-change:``mediaconvert``: [``botocore``] Update mediaconvert client to latest version
- from version 1.12.22
  * api-change:``s3control``: [``botocore``] Update s3control client to latest version
  * bugfix:Stubber: [``botocore``] fixes `#1884 <https://github.com/boto/botocore/issues/1884>`__
  * api-change:``cognito-idp``: [``botocore``] Update cognito-idp client to latest version
  * api-change:``ssm``: [``botocore``] Update ssm client to latest version
  * api-change:``ecs``: [``botocore``] Update ecs client to latest version
  * api-change:``elasticache``: [``botocore``] Update elasticache client to latest version
- from version 1.12.21
  * api-change:``appconfig``: [``botocore``] Update appconfig client to latest version
- from version 1.12.20
  * api-change:``lex-models``: [``botocore``] Update lex-models client to latest version
  * api-change:``securityhub``: [``botocore``] Update securityhub client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``apigatewayv2``: [``botocore``] Update apigatewayv2 client to latest version
  * api-change:``iot``: [``botocore``] Update iot client to latest version
- from version 1.12.19
  * api-change:``efs``: [``botocore``] Update efs client to latest version
  * api-change:``redshift``: [``botocore``] Update redshift client to latest version
- from version 1.12.18
  * api-change:``serverlessrepo``: [``botocore``] Update serverlessrepo client to latest version
  * api-change:``iotevents``: [``botocore``] Update iotevents client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * enhancement:timezones: [``botocore``] Improved timezone parsing for
    Windows with new fallback method (#1939)
  * api-change:``marketplacecommerceanalytics``: [``botocore``] Update
    marketplacecommerceanalytics client to latest version
- from version 1.12.17
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``medialive``: [``botocore``] Update medialive client to latest version
  * api-change:``dms``: [``botocore``] Update dms client to latest version
- from version 1.12.16
  * api-change:``signer``: [``botocore``] Update signer client to latest version
  * api-change:``guardduty``: [``botocore``] Update guardduty client to latest version
  * api-change:``appmesh``: [``botocore``] Update appmesh client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``robomaker``: [``botocore``] Update robomaker client to latest version
- from version 1.12.15
  * api-change:``eks``: [``botocore``] Update eks client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``opsworkscm``: [``botocore``] Update opsworkscm client to latest version
  * api-change:``guardduty``: [``botocore``] Update guardduty client to latest version
- from version 1.12.14
  * api-change:``pinpoint``: [``botocore``] Update pinpoint client to latest version
- from version 1.12.13
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
- from version 1.12.12
  * api-change:``cloudwatch``: [``botocore``] Update cloudwatch client to latest version
  * api-change:``comprehendmedical``: [``botocore``] Update comprehendmedical client to latest version
- from version 1.12.11
  * api-change:``config``: [``botocore``] Update config client to latest version
- from version 1.12.10
  * api-change:``config``: [``botocore``] Update config client to latest version
  * api-change:``glue``: [``botocore``] Update glue client to latest version
  * api-change:``sagemaker-a2i-runtime``: [``botocore``] Update sagemaker-a2i-runtime client to latest version
  * api-change:``appmesh``: [``botocore``] Update appmesh client to latest version
  * api-change:``elbv2``: [``botocore``] Update elbv2 client to latest version
  * api-change:``workdocs``: [``botocore``] Update workdocs client to latest version
  * api-change:``quicksight``: [``botocore``] Update quicksight client to latest version
  * api-change:``accessanalyzer``: [``botocore``] Update accessanalyzer client to latest version
  * api-change:``codeguruprofiler``: [``botocore``] Update codeguruprofiler client to latest version
- from version 1.12.9
  * api-change:``lightsail``: [``botocore``] Update lightsail client to latest version
  * api-change:``globalaccelerator``: [``botocore``] Update globalaccelerator client to latest version
- from version 1.12.8
  * api-change:``transcribe``: [``botocore``] Update transcribe client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``sagemaker``: [``botocore``] Update sagemaker client to latest version
  * api-change:``securityhub``: [``botocore``] Update securityhub client to latest version
- from version 1.12.7
  * api-change:``stepfunctions``: [``botocore``] Update stepfunctions client to latest version
  * api-change:``kafka``: [``botocore``] Update kafka client to latest version
  * api-change:``secretsmanager``: [``botocore``] Update secretsmanager client to latest version
  * api-change:``outposts``: [``botocore``] Update outposts client to latest version
- from version 1.12.6
  * api-change:``iotevents``: [``botocore``] Update iotevents client to latest version
  * api-change:``docdb``: [``botocore``] Update docdb client to latest version
  * api-change:``snowball``: [``botocore``] Update snowball client to latest version
  * api-change:``fsx``: [``botocore``] Update fsx client to latest version
  * api-change:``events``: [``botocore``] Update events client to latest version
- from version 1.12.5
  * api-change:``imagebuilder``: [``botocore``] Update imagebuilder client to latest version
  * api-change:``wafv2``: [``botocore``] Update wafv2 client to latest version
  * api-change:``redshift``: [``botocore``] Update redshift client to latest version
- from version 1.12.4
  * api-change:``savingsplans``: [``botocore``] Update savingsplans client to latest version
  * api-change:``appconfig``: [``botocore``] Update appconfig client to latest version
  * api-change:``pinpoint``: [``botocore``] Update pinpoint client to latest version
- from version 1.12.3
  * api-change:``autoscaling``: [``botocore``] Update autoscaling client to latest version
  * api-change:``servicecatalog``: [``botocore``] Update servicecatalog client to latest version
  * api-change:``lambda``: [``botocore``] Update lambda client to latest version
- from version 1.12.2
  * api-change:``autoscaling``: [``botocore``] Update autoscaling client to latest version
  * api-change:``chime``: [``botocore``] Update chime client to latest version
  * api-change:``rds``: [``botocore``] Update rds client to latest version
- from version 1.12.1
  * api-change:``cloud9``: [``botocore``] Update cloud9 client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``dynamodb``: [``botocore``] Update dynamodb client to latest version
  * api-change:``rekognition``: [``botocore``] Update rekognition client to latest version
- Version update to 1.12.0
  * feature:retries: [``botocore``] Add support for retry modes, including ``standard``
    and ``adaptive`` modes (`#1972 <https://github.com/boto/botocore/issues/1972>`__)
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``mediatailor``: [``botocore``] Update mediatailor client to latest version
  * api-change:``securityhub``: [``botocore``] Update securityhub client to latest version
  * api-change:``shield``: [``botocore``] Update shield client to latest version
- from version 1.11.17
  * api-change:``mediapackage-vod``: [``botocore``] Update mediapackage-vod client to latest version
- from version 1.11.16
  * api-change:``glue``: [``botocore``] Update glue client to latest version
  * api-change:``chime``: [``botocore``] Update chime client to latest version
  * api-change:``workmail``: [``botocore``] Update workmail client to latest version
  * api-change:``ds``: [``botocore``] Update ds client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``es``: [``botocore``] Update es client to latest version
  * api-change:``neptune``: [``botocore``] Update neptune client to latest version
- from version 1.11.15
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``cognito-idp``: [``botocore``] Update cognito-idp client to latest version
  * api-change:``cloudformation``: [``botocore``] Update cloudformation client to latest version
- from version 1.11.14
  * api-change:``docdb``: [``botocore``] Update docdb client to latest version
  * api-change:``kms``: [``botocore``] Update kms client to latest version
- from version 1.11.13
  * api-change:``robomaker``: [``botocore``] Update robomaker client to latest version
  * api-change:``imagebuilder``: [``botocore``] Update imagebuilder client to latest version
  * api-change:``rds``: [``botocore``] Update rds client to latest version
- from version 1.11.12
  * api-change:``ebs``: [``botocore``] Update ebs client to latest version
  * api-change:``appsync``: [``botocore``] Update appsync client to latest version
  * api-change:``lex-models``: [``botocore``] Update lex-models client to latest version
  * api-change:``ecr``: [``botocore``] Update ecr client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``codebuild``: [``botocore``] Update codebuild client to latest version
- from version 1.11.11
  * api-change:``groundstation``: [``botocore``] Update groundstation client to latest version
  * api-change:``mediaconvert``: [``botocore``] Update mediaconvert client to latest version
  * api-change:``dlm``: [``botocore``] Update dlm client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``forecastquery``: [``botocore``] Update forecastquery client to latest version
  * api-change:``securityhub``: [``botocore``] Update securityhub client to latest version
  * api-change:``resourcegroupstaggingapi``: [``botocore``] Update
    resourcegroupstaggingapi client to latest version
- from version 1.11.10
  * api-change:``workmail``: [``botocore``] Update workmail client to latest version
  * api-change:``iot``: [``botocore``] Update iot client to latest version
  * api-change:``cloudfront``: [``botocore``] Update cloudfront client to latest version
  * api-change:``storagegateway``: [``botocore``] Update storagegateway client to latest version
  * api-change:``ssm``: [``botocore``] Update ssm client to latest version
  * api-change:``kafka``: [``botocore``] Update kafka client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
- Version update to 1.11.9
  * api-change:``ecs``: [``botocore``] Update ecs client to latest version
  * api-change:``opsworkscm``: [``botocore``] Update opsworkscm client to latest version
  * api-change:``workspaces``: [``botocore``] Update workspaces client to latest version
  * api-change:``datasync``: [``botocore``] Update datasync client to latest version
  * api-change:``eks``: [``botocore``] Update eks client to latest version
- from version 1.11.8
  * api-change:``rds``: [``botocore``] Update rds client to latest version
  * api-change:``iam``: [``botocore``] Update iam client to latest version
- from version 1.11.7
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``codepipeline``: [``botocore``] Update codepipeline client to latest version
  * api-change:``discovery``: [``botocore``] Update discovery client to latest version
  * api-change:``iotevents``: [``botocore``] Update iotevents client to latest version
  * api-change:``marketplacecommerceanalytics``: [``botocore``] Update marketplacecommerceanalytics client to latest version
- from version 1.11.6
  * api-change:``lambda``: [``botocore``] Update lambda client to latest version
  * api-change:``application-insights``: [``botocore``] Update application-insights client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``cloudwatch``: [``botocore``] Update cloudwatch client to latest version
  * api-change:``kms``: [``botocore``] Update kms client to latest version
  * api-change:``alexaforbusiness``: [``botocore``] Update alexaforbusiness client to latest version
- from version 1.11.5
  * api-change:``mediaconvert``: [``botocore``] Update mediaconvert client to latest version
  * api-change:``neptune``: [``botocore``] Update neptune client to latest version
  * api-change:``cloudhsmv2``: [``botocore``] Update cloudhsmv2 client to latest version
  * api-change:``redshift``: [``botocore``] Update redshift client to latest version
  * api-change:``batch``: [``botocore``] Update batch client to latest version
  * api-change:``ecs``: [``botocore``] Update ecs client to latest version
- from version 1.11.4
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``sagemaker``: [``botocore``] Update sagemaker client to latest version
  * api-change:``ds``: [``botocore``] Update ds client to latest version
- from version 1.11.3
  * api-change:``securityhub``: [``botocore``] Update securityhub client to latest version
  * api-change:``ssm``: [``botocore``] Update ssm client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``organizations``: [``botocore``] Update organizations client to latest version
- from version 1.11.2
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
- from version 1.11.1
  * api-change:``efs``: [``botocore``] Update efs client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``backup``: [``botocore``] Update backup client to latest version
- from version 1.11.0
  * api-change:``sagemaker``: [``botocore``] Update sagemaker client to latest version
  * feature:Python: Dropped support for Python 2.6 and 3.3.
  * api-change:``chime``: [``botocore``] Update chime client to latest version
  * api-change:``transfer``: [``botocore``] Update transfer client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * feature:Python: [``botocore``] Dropped support for Python 2.6 and 3.3.
  * api-change:``workspaces``: [``botocore``] Update workspaces client to latest version
  * api-change:``rds``: [``botocore``] Update rds client to latest version
- from version 1.10.50
  * api-change:``logs``: [``botocore``] Update logs client to latest version
- from version 1.10.49
  * api-change:``fms``: [``botocore``] Update fms client to latest version
  * api-change:``translate``: [``botocore``] Update translate client to latest version
  * api-change:``ce``: [``botocore``] Update ce client to latest version
- from version 1.10.48
  * api-change:``codebuild``: [``botocore``] Update codebuild client to latest version
  * api-change:``mgh``: [``botocore``] Update mgh client to latest version
  * api-change:``xray``: [``botocore``] Update xray client to latest version
- from version 1.10.47
  * api-change:``comprehend``: [``botocore``] Update comprehend client to latest version
  * api-change:``mediapackage``: [``botocore``] Update mediapackage client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
- from version 1.10.46
  * api-change:``lex-models``: [``botocore``] Update lex-models client to latest version
  * api-change:``ecr``: [``botocore``] Update ecr client to latest version
  * api-change:``lightsail``: [``botocore``] Update lightsail client to latest version
  * api-change:``ce``: [``botocore``] Update ce client to latest version
- from version 1.10.45
  * api-change:``fsx``: [``botocore``] Update fsx client to latest version
  * api-change:``health``: [``botocore``] Update health client to latest version
  * api-change:``detective``: [``botocore``] Update detective client to latest version
- from version 1.10.44
  * api-change:``transcribe``: [``botocore``] Update transcribe client to latest version
  * api-change:``eks``: [``botocore``] Update eks client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``rds``: [``botocore``] Update rds client to latest version
  * api-change:``ssm``: [``botocore``] Update ssm client to latest version
  * api-change:``redshift``: [``botocore``] Update redshift client to latest version
  * api-change:``pinpoint``: [``botocore``] Update pinpoint client to latest version
  * api-change:``securityhub``: [``botocore``] Update securityhub client to latest version
  * api-change:``devicefarm``: [``botocore``] Update devicefarm client to latest version
- from version 1.10.43
  * api-change:``transcribe``: [``botocore``] Update transcribe client to latest version
  * api-change:``dlm``: [``botocore``] Update dlm client to latest version
  * api-change:``lex-models``: [``botocore``] Update lex-models client to latest version
  * api-change:``personalize-runtime``: [``botocore``] Update personalize-runtime client to latest version
  * api-change:``ssm``: [``botocore``] Update ssm client to latest version
  * api-change:``codestar-connections``: [``botocore``] Update codestar-connections client to latest version
  * api-change:``gamelift``: [``botocore``] Update gamelift client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
- from version 1.10.42
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``s3``: [``botocore``] Update s3 client to latest version
  * api-change:``resourcegroupstaggingapi``: [``botocore``] Update resourcegroupstaggingapi client to latest version
  * api-change:``cloudfront``: [``botocore``] Update cloudfront client to latest version
  * api-change:``opsworkscm``: [``botocore``] Update opsworkscm client to latest version
- from version 1.10.41
  * api-change:``kinesisanalyticsv2``: [``botocore``] Update kinesisanalyticsv2 client to latest version
  * api-change:``ssm``: [``botocore``] Update ssm client to latest version
  * api-change:``medialive``: [``botocore``] Update medialive client to latest version
  * api-change:``iot``: [``botocore``] Update iot client to latest version
  * api-change:``ecs``: [``botocore``] Update ecs client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
- from version 1.10.40
  * api-change:``mq``: [``botocore``] Update mq client to latest version
  * api-change:``comprehendmedical``: [``botocore``] Update comprehendmedical client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
- from version 1.10.39
  * api-change:``codebuild``: [``botocore``] Update codebuild client to latest version
  * api-change:``detective``: [``botocore``] Update detective client to latest version
  * api-change:``sesv2``: [``botocore``] Update sesv2 client to latest version
- from version 1.10.38
  * api-change:``accessanalyzer``: [``botocore``] Update accessanalyzer client to latest version
- from version 1.10.37
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
- from version 1.10.36
  * api-change:``kendra``: [``botocore``] Update kendra client to latest version
- from version 1.10.35
  * bugfix:s3: [``botocore``] Add stricter validation to s3 control account id parameter.
  * api-change:``quicksight``: [``botocore``] Update quicksight client to latest version
  * api-change:``kms``: [``botocore``] Update kms client to latest version
  * api-change:``ssm``: [``botocore``] Update ssm client to latest version
  * api-change:``kafka``: [``botocore``] Update kafka client to latest version
- from version 1.10.34
  * bugfix:s3: [``botocore``] Fixed an issue where the request path was set
    incorrectly if access point name was present in key path.

- Version update to 1.10.33
  * api-change:``kinesisvideo``: [``botocore``] Update kinesisvideo client to latest version
  * api-change:``kinesis-video-signaling``: [``botocore``] Update kinesis-video-signaling client to latest version
  * api-change:``apigatewayv2``: [``botocore``] Update apigatewayv2 client to latest version
- from version 1.10.32
  * api-change:``ebs``: [``botocore``] Update ebs client to latest version
  * api-change:``stepfunctions``: [``botocore``] Update stepfunctions client to latest version
  * api-change:``application-autoscaling``: [``botocore``] Update application-autoscaling client to latest version
  * api-change:``lambda``: [``botocore``] Update lambda client to latest version
  * api-change:``rekognition``: [``botocore``] Update rekognition client to latest version
  * api-change:``rds``: [``botocore``] Update rds client to latest version
  * api-change:``sagemaker``: [``botocore``] Update sagemaker client to latest version
- from version 1.10.31
  * api-change:``textract``: [``botocore``] Update textract client to latest version
  * api-change:``s3control``: [``botocore``] Update s3control client to latest version
  * api-change:``ecs``: [``botocore``] Update ecs client to latest version
  * api-change:``s3``: [``botocore``] Update s3 client to latest version
  * api-change:``outposts``: [``botocore``] Update outposts client to latest version
  * api-change:``kendra``: [``botocore``] Update kendra client to latest version
  * api-change:``eks``: [``botocore``] Update eks client to latest version
  * api-change:``networkmanager``: [``botocore``] Update networkmanager client to latest version
  * api-change:``compute-optimizer``: [``botocore``] Update compute-optimizer client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``frauddetector``: [``botocore``] Update frauddetector client to latest version
  * api-change:``sagemaker-a2i-runtime``: [``botocore``] Update sagemaker-a2i-runtime client to latest version
  * api-change:``codeguru-reviewer``: [``botocore``] Update codeguru-reviewer client to latest version
  * api-change:``codeguruprofiler``: [``botocore``] Update codeguruprofiler client to latest version
  * api-change:``es``: [``botocore``] Update es client to latest version
- from version 1.10.30
  * api-change:``accessanalyzer``: [``botocore``] Update accessanalyzer client to latest version
- from version 1.10.29
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``license-manager``: [``botocore``] Update license-manager client to latest version
  * api-change:``imagebuilder``: [``botocore``] Update imagebuilder client to latest version
  * api-change:``schemas``: [``botocore``] Update schemas client to latest version
- from version 1.10.28
  * api-change:``rds-data``: [``botocore``] Update rds-data client to latest version
  * api-change:``ds``: [``botocore``] Update ds client to latest version
  * api-change:``workspaces``: [``botocore``] Update workspaces client to latest version
  * api-change:``resourcegroupstaggingapi``: [``botocore``] Update resourcegroupstaggingapi client to latest version
  * api-change:``cognito-idp``: [``botocore``] Update cognito-idp client to latest version
  * api-change:``dynamodb``: [``botocore``] Update dynamodb client to latest version
  * api-change:``elastic-inference``: [``botocore``] Update elastic-inference client to latest version
  * api-change:``organizations``: [``botocore``] Update organizations client to latest version
  * api-change:``mediatailor``: [``botocore``] Update mediatailor client to latest version
  * api-change:``quicksight``: [``botocore``] Update quicksight client to latest version
  * api-change:``serverlessrepo``: [``botocore``] Update serverlessrepo client to latest version
- from version 1.10.27
  * api-change:``cognito-idp``: [``botocore``] Update cognito-idp client to latest version
  * api-change:``redshift``: [``botocore``] Update redshift client to latest version
  * api-change:``elbv2``: [``botocore``] Update elbv2 client to latest version
  * api-change:``wafv2``: [``botocore``] Update wafv2 client to latest version
  * api-change:``dlm``: [``botocore``] Update dlm client to latest version
  * api-change:``iot``: [``botocore``] Update iot client to latest version
  * api-change:``lex-runtime``: [``botocore``] Update lex-runtime client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``athena``: [``botocore``] Update athena client to latest version
  * api-change:``iotsecuretunneling``: [``botocore``] Update iotsecuretunneling client to latest version
  * api-change:``ssm``: [``botocore``] Update ssm client to latest version
  * api-change:``application-insights``: [``botocore``] Update application-insights client to latest version
  * api-change:``mediapackage-vod``: [``botocore``] Update mediapackage-vod client to latest version
  * api-change:``appconfig``: [``botocore``] Update appconfig client to latest version
  * api-change:``mediaconvert``: [``botocore``] Update mediaconvert client to latest version
  * api-change:``kinesisanalyticsv2``: [``botocore``] Update kinesisanalyticsv2 client to latest version
  * api-change:``medialive``: [``botocore``] Update medialive client to latest version
  * api-change:``lambda``: [``botocore``] Update lambda client to latest version
  * api-change:``cloudwatch``: [``botocore``] Update cloudwatch client to latest version
  * api-change:``sesv2``: [``botocore``] Update sesv2 client to latest version
  * api-change:``application-autoscaling``: [``botocore``] Update application-autoscaling client to latest version
  * api-change:``greengrass``: [``botocore``] Update greengrass client to latest version
  * api-change:``alexaforbusiness``: [``botocore``] Update alexaforbusiness client to latest version
  * api-change:``rds``: [``botocore``] Update rds client to latest version
  * api-change:``ce``: [``botocore``] Update ce client to latest version
  * api-change:``ram``: [``botocore``] Update ram client to latest version
  * api-change:``codebuild``: [``botocore``] Update codebuild client to latest version
  * api-change:``comprehend``: [``botocore``] Update comprehend client to latest version
  * api-change:``kms``: [``botocore``] Update kms client to latest version
- from version 1.10.26
  * api-change:``acm``: [``botocore``] Update acm client to latest version
  * api-change:``autoscaling-plans``: [``botocore``] Update autoscaling-plans client to latest version
  * api-change:``codebuild``: [``botocore``] Update codebuild client to latest version
  * api-change:``mediapackage-vod``: [``botocore``] Update mediapackage-vod client to latest version
  * api-change:``emr``: [``botocore``] Update emr client to latest version
  * api-change:``sns``: [``botocore``] Update sns client to latest version
  * api-change:``ssm``: [``botocore``] Update ssm client to latest version
  * api-change:``application-autoscaling``: [``botocore``] Update application-autoscaling client to latest version
  * api-change:``sts``: [``botocore``] Update sts client to latest version
  * api-change:``forecast``: [``botocore``] Update forecast client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``rekognition``: [``botocore``] Update rekognition client to latest version
- from version 1.10.25
  * bugfix:IMDS metadata: [``botocore``] Add 405 case to metadata fetching logic.
- from version 1.10.24
  * api-change:``glue``: [``botocore``] Update glue client to latest version
  * api-change:``transcribe``: [``botocore``] Update transcribe client to latest version
  * api-change:``connectparticipant``: [``botocore``] Update connectparticipant client to latest version
  * api-change:``dynamodb``: [``botocore``] Update dynamodb client to latest version
  * api-change:``lex-runtime``: [``botocore``] Update lex-runtime client to latest version
  * api-change:``connect``: [``botocore``] Update connect client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``meteringmarketplace``: [``botocore``] Update meteringmarketplace client to latest version
  * api-change:``config``: [``botocore``] Update config client to latest version
  * api-change:``lex-models``: [``botocore``] Update lex-models client to latest version
  * api-change:``ssm``: [``botocore``] Update ssm client to latest version
  * api-change:``amplify``: [``botocore``] Update amplify client to latest version
  * api-change:``appsync``: [``botocore``] Update appsync client to latest version
- from version 1.10.23
  * api-change:``datasync``: [``botocore``] Update datasync client to latest version
  * api-change:``dlm``: [``botocore``] Update dlm client to latest version
  * api-change:``mediastore``: [``botocore``] Update mediastore client to latest version
  * api-change:``cloudtrail``: [``botocore``] Update cloudtrail client to latest version
  * api-change:``mgh``: [``botocore``] Update mgh client to latest version
  * api-change:``storagegateway``: [``botocore``] Update storagegateway client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``codecommit``: [``botocore``] Update codecommit client to latest version
  * api-change:``s3``: [``botocore``] Update s3 client to latest version
  * api-change:``fsx``: [``botocore``] Update fsx client to latest version
  * api-change:``migrationhub-config``: [``botocore``] Update migrationhub-config client to latest version
  * api-change:``firehose``: [``botocore``] Update firehose client to latest version
  * api-change:``transcribe``: [``botocore``] Update transcribe client to latest version
  * api-change:``ecs``: [``botocore``] Update ecs client to latest version
  * api-change:``discovery``: [``botocore``] Update discovery client to latest version
  * api-change:``chime``: [``botocore``] Update chime client to latest version
  * api-change:``quicksight``: [``botocore``] Update quicksight client to latest version
- from version 1.10.22
  * bugfix:IMDS: [``botocore``] Fix regression in IMDS credential resolution.
    Fixes `#1892 <https://github.com/boto/botocore/issues/1892>`__.
- from version 1.10.21
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``cloudformation``: [``botocore``] Update cloudformation client to latest version
  * api-change:``elbv2``: [``botocore``] Update elbv2 client to latest version
  * api-change:``lambda``: [``botocore``] Update lambda client to latest version
  * api-change:``config``: [``botocore``] Update config client to latest version
  * api-change:``iam``: [``botocore``] Update iam client to latest version
  * api-change:``codebuild``: [``botocore``] Update codebuild client to latest version
  * api-change:``iot``: [``botocore``] Update iot client to latest version
  * api-change:``autoscaling``: [``botocore``] Update autoscaling client to latest version
- from version 1.10.20
  * api-change:``cloudformation``: [``botocore``] Update cloudformation client to latest version
  * api-change:``s3``: [``botocore``] Update s3 client to latest version
  * api-change:``rds``: [``botocore``] Update rds client to latest version
  * api-change:``pinpoint``: [``botocore``] Update pinpoint client to latest version
  * api-change:``sagemaker``: [``botocore``] Update sagemaker client to latest version
  * api-change:``sagemaker-runtime``: [``botocore``] Update sagemaker-runtime client to latest version
  * api-change:``ce``: [``botocore``] Update ce client to latest version
  * api-change:``ssm``: [``botocore``] Update ssm client to latest version
- from version 1.10.19
  * api-change:``cognito-idp``: [``botocore``] Update cognito-idp client to latest version
  * api-change:``elbv2``: [``botocore``] Update elbv2 client to latest version
  * api-change:``workspaces``: [``botocore``] Update workspaces client to latest version
  * api-change:``ssm``: [``botocore``] Update ssm client to latest version
  * api-change:``logs``: [``botocore``] Update logs client to latest version
  * api-change:``guardduty``: [``botocore``] Update guardduty client to latest version
  * api-change:``emr``: [``botocore``] Update emr client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``mediaconvert``: [``botocore``] Update mediaconvert client to latest version
  * api-change:``eks``: [``botocore``] Update eks client to latest version
  * api-change:``chime``: [``botocore``] Update chime client to latest version
- from version 1.10.18
  * api-change:``meteringmarketplace``: [``botocore``] Update meteringmarketplace client to latest version
  * api-change:``cognito-idp``: [``botocore``] Update cognito-idp client to latest version
  * api-change:``connect``: [``botocore``] Update connect client to latest version
  * api-change:``ssm``: [``botocore``] Update ssm client to latest version
  * api-change:``personalize``: [``botocore``] Update personalize client to latest version
- Update BuildRequires and Requires in spec file from setup.py

- Version update to 1.10.17
  * api-change:``sesv2``: [``botocore``] Update sesv2 client to latest version
  * api-change:``dataexchange``: [``botocore``] Update dataexchange client to latest version
  * api-change:``iot``: [``botocore``] Update iot client to latest version
  * api-change:``cloudsearch``: [``botocore``] Update cloudsearch client to latest version
  * api-change:``dlm``: [``botocore``] Update dlm client to latest version
- from version 1.10.16
  * api-change:``transcribe``: [``botocore``] Update transcribe client to latest version
  * api-change:``marketplace-catalog``: [``botocore``] Update marketplace-catalog client to latest version
  * api-change:``dynamodb``: [``botocore``] Update dynamodb client to latest version
  * api-change:``codepipeline``: [``botocore``] Update codepipeline client to latest version
  * api-change:``elbv2``: [``botocore``] Update elbv2 client to latest version
- from version 1.10.15
  * api-change:``ce``: [``botocore``] Update ce client to latest version
  * api-change:``cloudformation``: [``botocore``] Update cloudformation client to latest version
- from version 1.10.14
  * api-change:``cognito-identity``: [``botocore``] Update cognito-identity client to latest version
  * api-change:``ecr``: [``botocore``] Update ecr client to latest version
- from version 1.10.13
  * api-change:``ssm``: [``botocore``] Update ssm client to latest version
  * api-change:``sso``: [``botocore``] Update sso client to latest version
  * api-change:``sso-oidc``: [``botocore``] Update sso-oidc client to latest version
  * api-change:``comprehend``: [``botocore``] Update comprehend client to latest version
- from version 1.10.12
  * api-change:``savingsplans``: [``botocore``] Update savingsplans client to latest version
- from version 1.10.11
  * api-change:``codebuild``: [``botocore``] Update codebuild client to latest version
  * api-change:``budgets``: [``botocore``] Update budgets client to latest version
  * api-change:``efs``: [``botocore``] Update efs client to latest version
  * api-change:``ce``: [``botocore``] Update ce client to latest version
  * api-change:``savingsplans``: [``botocore``] Update savingsplans client to latest version
  * api-change:``signer``: [``botocore``] Update signer client to latest version
- from version 1.10.10
  * api-change:``rds``: [``botocore``] Update rds client to latest version
  * api-change:``codestar-notifications``: [``botocore``] Update codestar-notifications client to latest version
- from version 1.10.9
  * api-change:``dax``: [``botocore``] Update dax client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``robomaker``: [``botocore``] Update robomaker client to latest version
- from version 1.10.8
  * api-change:``pinpoint``: [``botocore``] Update pinpoint client to latest version
  * api-change:``cloudtrail``: [``botocore``] Update cloudtrail client to latest version
  * api-change:``dms``: [``botocore``] Update dms client to latest version
- from version 1.10.7
  * api-change:``support``: [``botocore``] Update support client to latest version
  * api-change:``amplify``: [``botocore``] Update amplify client to latest version
  * api-change:``s3``: [``botocore``] Update s3 client to latest version
- from version 1.10.6
  * api-change:``elasticache``: [``botocore``] Update elasticache client to latest version
- from version 1.10.5
  * api-change:``cloud9``: [``botocore``] Update cloud9 client to latest version
  * api-change:``appstream``: [``botocore``] Update appstream client to latest version
- from version 1.10.4
  * api-change:``s3``: [``botocore``] Update s3 client to latest version
- from version 1.10.3
  * api-change:``elasticache``: [``botocore``] Update elasticache client to latest version
  * api-change:``transfer``: [``botocore``] Update transfer client to latest version
  * api-change:``ecr``: [``botocore``] Update ecr client to latest version
- from version 1.10.2
  * api-change:``sagemaker``: [``botocore``] Update sagemaker client to latest version
  * api-change:``gamelift``: [``botocore``] Update gamelift client to latest version
  * enhancement:``sts``: [``botocore``] Add support for configuring the use of regional STS endpoints.
  * api-change:``chime``: [``botocore``] Update chime client to latest version
  * api-change:``appmesh``: [``botocore``] Update appmesh client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
- from version 1.10.1
  * api-change:``polly``: [``botocore``] Update polly client to latest version
  * api-change:``connect``: [``botocore``] Update connect client to latest version
- from version 1.10.0
  * api-change:``opsworkscm``: [``botocore``] Update opsworkscm client to latest version
  * api-change:``iotevents``: [``botocore``] Update iotevents client to latest version
  * feature:``botocore.vendored.requests``: [``botocore``] Removed vendored version of ``requests`` (`#1829 <https://github.com/boto/botocore/issues/1829>`__)
- from version 1.9.253
  * api-change:``cloudwatch``: [``botocore``] Update cloudwatch client to latest version
- from version 1.9.252
  * api-change:``batch``: [``botocore``] Update batch client to latest version
  * api-change:``rds``: [``botocore``] Update rds client to latest version
- from version 1.9.251
  * api-change:``kafka``: [``botocore``] Update kafka client to latest version
  * api-change:``marketplacecommerceanalytics``: [``botocore``] Update marketplacecommerceanalytics client to latest version
  * api-change:``robomaker``: [``botocore``] Update robomaker client to latest version
- from version 1.9.250
  * api-change:``kinesis-video-archived-media``: [``botocore``] Update kinesis-video-archived-media client to latest version
- from version 1.9.249
  * api-change:``personalize``: [``botocore``] Update personalize client to latest version
  * api-change:``workspaces``: [``botocore``] Update workspaces client to latest version
- Update BuildRequires and Requires in spec file from setup.py

- Version update to 1.9.248
  * api-change:``greengrass``: [``botocore``] Update greengrass client to latest version
- from version 1.9.247
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``lex-runtime``: [``botocore``] Update lex-runtime client to latest version
  * api-change:``fms``: [``botocore``] Update fms client to latest version
  * api-change:``iotanalytics``: [``botocore``] Update iotanalytics client to latest version
- from version 1.9.246
  * api-change:``kafka``: [``botocore``] Update kafka client to latest version
  * api-change:``elasticache``: [``botocore``] Update elasticache client to latest version
  * api-change:``mediaconvert``: [``botocore``] Update mediaconvert client to latest version
- from version 1.9.245
  * api-change:``organizations``: [``botocore``] Update organizations client to latest version
  * api-change:``events``: [``botocore``] Update events client to latest version
  * api-change:``firehose``: [``botocore``] Update firehose client to latest version
  * api-change:``datasync``: [``botocore``] Update datasync client to latest version
- from version 1.9.244
  * api-change:``snowball``: [``botocore``] Update snowball client to latest version
  * api-change:``directconnect``: [``botocore``] Update directconnect client to latest version
  * api-change:``firehose``: [``botocore``] Update firehose client to latest version
  * api-change:``pinpoint``: [``botocore``] Update pinpoint client to latest version
  * api-change:``glue``: [``botocore``] Update glue client to latest version
  * api-change:``pinpoint-email``: [``botocore``] Update pinpoint-email client to latest version
- from version 1.9.243
  * api-change:``cognito-idp``: [``botocore``] Update cognito-idp client to latest version
  * api-change:``mediapackage``: [``botocore``] Update mediapackage client to latest version
  * api-change:``ssm``: [``botocore``] Update ssm client to latest version
- from version 1.9.242
  * api-change:``es``: [``botocore``] Update es client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``application-autoscaling``: [``botocore``] Update
    application-autoscaling client to latest version
  * api-change:``devicefarm``: [``botocore``] Update devicefarm client to latest version
- from version 1.9.241
  * api-change:``lightsail``: [``botocore``] Update lightsail client to latest version
- from version 1.9.240
  * api-change:``docdb``: [``botocore``] Update docdb client to latest version
- from version 1.9.239
  * api-change:``waf``: [``botocore``] Update waf client to latest version
  * api-change:``rds``: [``botocore``] Update rds client to latest version
  * api-change:``mq``: [``botocore``] Update mq client to latest version
- from version 1.9.238
   * api-change:``amplify``: [``botocore``] Update amplify client to latest version
   * api-change:``ecs``: [``botocore``] Update ecs client to latest version
- from version 1.9.237
  * api-change:``ssm``: [``botocore``] Update ssm client to latest version
  * api-change:``codepipeline``: [``botocore``] Update codepipeline client to latest version
- from version 1.9.236
  * api-change:``globalaccelerator``: [``botocore``] Update globalaccelerator client to latest version
  * api-change:``dms``: [``botocore``] Update dms client to latest version
  * api-change:``sagemaker``: [``botocore``] Update sagemaker client to latest version
- from version 1.9.235
  * api-change:``transcribe``: [``botocore``] Update transcribe client to latest version
  * api-change:``comprehendmedical``: [``botocore``] Update comprehendmedical client to latest version
  * api-change:``datasync``: [``botocore``] Update datasync client to latest version
- from version 1.9.234
  * api-change:``rds-data``: [``botocore``] Update rds-data client to latest version
  * api-change:``redshift``: [``botocore``] Update redshift client to latest version
- from version 1.9.233
  * api-change:``workspaces``: [``botocore``] Update workspaces client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``greengrass``: [``botocore``] Update greengrass client to latest version
  * api-change:``rds``: [``botocore``] Update rds client to latest version
- from version 1.9.232
  * api-change:``mediaconnect``: [``botocore``] Update mediaconnect client to latest version
  * api-change:``glue``: [``botocore``] Update glue client to latest version
  * api-change:``ecs``: [``botocore``] Update ecs client to latest version
- from version 1.9.231
  * api-change:``ram``: [``botocore``] Update ram client to latest version
  * api-change:``waf-regional``: [``botocore``] Update waf-regional client to latest version
  * api-change:``apigateway``: [``botocore``] Update apigateway client to latest version
- from version 1.9.230
  * api-change:``iam``: [``botocore``] Update iam client to latest version
  * api-change:``athena``: [``botocore``] Update athena client to latest version
  * api-change:``personalize``: [``botocore``] Update personalize client to latest version
- from version 1.9.229
  * api-change:``eks``: [``botocore``] Update eks client to latest version
  * api-change:``mediaconvert``: [``botocore``] Update mediaconvert client to latest version
- from version 1.9.228
  * api-change:``elbv2``: [``botocore``] Update elbv2 client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``workmailmessageflow``: [``botocore``] Update workmailmessageflow client to latest version
  * api-change:``medialive``: [``botocore``] Update medialive client to latest version
- from version 1.9.227
  * api-change:``stepfunctions``: [``botocore``] Update stepfunctions client to latest version
  * api-change:``rds``: [``botocore``] Update rds client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``mediaconnect``: [``botocore``] Update mediaconnect client to latest version
  * api-change:``ses``: [``botocore``] Update ses client to latest version
  * api-change:``config``: [``botocore``] Update config client to latest version
- from version 1.9.226
  * api-change:``storagegateway``: [``botocore``] Update storagegateway client to latest version
- from version 1.9.225
  * api-change:``qldb``: [``botocore``] Update qldb client to latest version
  * api-change:``marketplacecommerceanalytics``: [``botocore``] Update
    marketplacecommerceanalytics client to latest version
  * api-change:``appstream``: [``botocore``] Update appstream client to latest version
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``robomaker``: [``botocore``] Update robomaker client to latest version
  * api-change:``appmesh``: [``botocore``] Update appmesh client to latest version
  * api-change:``qldb-session``: [``botocore``] Update qldb-session client to latest version
- from version 1.9.224
  * api-change:``kinesisanalytics``: [``botocore``] Update kinesisanalytics client to latest version
- from version 1.9.223
  * api-change:``config``: [``botocore``] Update config client to latest version
- from version 1.9.222
  * api-change:``stepfunctions``: [``botocore``] Update stepfunctions client to latest version
  * api-change:``transcribe``: [``botocore``] Update transcribe client to latest version
  * api-change:``eks``: [``botocore``] Update eks client to latest version
- from version 1.9.221
  * api-change:``ecs``: [``botocore``] Update ecs client to latest version
  * api-change:``resourcegroupstaggingapi``: [``botocore``] Update
    resourcegroupstaggingapi client to latest version
  * api-change:``gamelift``: [``botocore``] Update gamelift client to latest version
- from version 1.9.220
  * api-change:``mq``: [``botocore``] Update mq client to latest version
  * api-change:``apigatewaymanagementapi``: [``botocore``] Update
    apigatewaymanagementapi client to latest version
  * api-change:``ecs``: [``botocore``] Update ecs client to latest version
- from version 1.9.219
  * api-change:``codepipeline``: [``botocore``] Update codepipeline client to latest version
  * api-change:``application-autoscaling``: [``botocore``] Update
    application-autoscaling client to latest version
  * api-change:``elasticache``: [``botocore``] Update elasticache client to latest version
  * api-change:``lambda``: [``botocore``] Update lambda client to latest version
  * api-change:``ecs``: [``botocore``] Update ecs client to latest version
- from version 1.9.218
  * api-change:``sqs``: [``botocore``] Update sqs client to latest version
  * api-change:``globalaccelerator``: [``botocore``] Update globalaccelerator client to latest version
  * api-change:``mediaconvert``: [``botocore``] Update mediaconvert client to latest version
- from version 1.9.217
  * api-change:``organizations``: [``botocore``] Update organizations client to latest version
- from version 1.9.216
  * api-change:``ssm``: [``botocore``] Update ssm client to latest version
  * api-change:``securityhub``: [``botocore``] Update securityhub client to latest version
- from version 1.9.215
  * api-change:``ec2``: [``botocore``] Update ec2 client to latest version
  * api-change:``mediapackage-vod``: [``botocore``] Update mediapackage-vod client to latest version
  * api-change:``transcribe``: [``botocore``] Update transcribe client to latest version
- from version 1.9.214
  * api-change:``datasync``: [``botocore``] Update datasync client to latest version
  * api-change:``rds``: [``botocore``] Update rds client to latest version

python-botocore was updated to 1.15.38 (bsc#1166924, bsc#1168943)

  * api-change:``apigateway``: Update apigateway client to latest version
  * api-change:``codeguru-reviewer``: Update codeguru-reviewer client to latest version
  * api-change:``mediaconnect``: Update mediaconnect client to latest version
- from version 1.15.37
  * api-change:``transcribe``: Update transcribe client to latest version
  * api-change:``chime``: Update chime client to latest version
  * api-change:``iam``: Update iam client to latest version
  * api-change:``elasticbeanstalk``: Update elasticbeanstalk client to latest version
- from version 1.15.36
  * api-change:``personalize-runtime``: Update personalize-runtime client to latest version
  * api-change:``robomaker``: Update robomaker client to latest version

- Version update to 1.15.35
  * api-change:``medialive``: Update medialive client to latest version
  * api-change:``redshift``: Update redshift client to latest version
  * api-change:``gamelift``: Update gamelift client to latest version
  * api-change:``cloudwatch``: Update cloudwatch client to latest version
  * api-change:``rds``: Update rds client to latest version
- from version 1.15.34
  * api-change:``iot``: Update iot client to latest version
  * api-change:``mediaconnect``: Update mediaconnect client to latest version
- from version 1.15.33
  * api-change:``opsworkscm``: Update opsworkscm client to latest version
  * api-change:``wafv2``: Update wafv2 client to latest version
  * api-change:``glue``: Update glue client to latest version
  * api-change:``elastic-inference``: Update elastic-inference client to latest version
  * api-change:``lambda``: Update lambda client to latest version
  * api-change:``mediastore``: Update mediastore client to latest version
  * api-change:``pinpoint``: Update pinpoint client to latest version
  * api-change:``storagegateway``: Update storagegateway client to latest version
  * api-change:``rekognition``: Update rekognition client to latest version
  * api-change:``fms``: Update fms client to latest version
  * api-change:``organizations``: Update organizations client to latest version
  * api-change:``detective``: Update detective client to latest version
  * api-change:``appconfig``: Update appconfig client to latest version
- from version 1.15.32
  * api-change:``accessanalyzer``: Update accessanalyzer client to latest version
- from version 1.15.31
  * api-change:``globalaccelerator``: Update globalaccelerator client to latest version
  * api-change:``kendra``: Update kendra client to latest version
  * api-change:``servicecatalog``: Update servicecatalog client to latest version
- from version 1.15.30
  * api-change:``sagemaker``: Update sagemaker client to latest version
  * api-change:``fsx``: Update fsx client to latest version
  * api-change:``securityhub``: Update securityhub client to latest version
- from version 1.15.29
  * api-change:``managedblockchain``: Update managedblockchain client to latest version
  * api-change:``ce``: Update ce client to latest version
  * api-change:``application-insights``: Update application-insights client to latest version
  * api-change:``detective``: Update detective client to latest version
  * api-change:``es``: Update es client to latest version
  * api-change:``xray``: Update xray client to latest version
- from version 1.15.28
  * api-change:``athena``: Update athena client to latest version
  * api-change:``rds-data``: Update rds-data client to latest version
  * api-change:``eks``: Update eks client to latest version
  * api-change:``organizations``: Update organizations client to latest version

- Version update to 1.15.27
  * api-change:``apigatewayv2``: Update apigatewayv2 client to latest version
  * api-change:``eks``: Update eks client to latest version
  * api-change:``route53``: Update route53 client to latest version
- from version 1.15.26
  * api-change:``servicecatalog``: Update servicecatalog client to latest version
- from version 1.15.25
  * api-change:``outposts``: Update outposts client to latest version
  * api-change:``acm``: Update acm client to latest version
- from version 1.15.24
  * api-change:``rds``: Update rds client to latest version
  * api-change:``mediaconnect``: Update mediaconnect client to latest version
  * api-change:``personalize``: Update personalize client to latest version
- from version 1.15.23
  * api-change:``mediaconvert``: Update mediaconvert client to latest version
- from version 1.15.22
  * api-change:``s3control``: Update s3control client to latest version
  * bugfix:Stubber: fixes `#1884 <https://github.com/boto/botocore/issues/1884>`__
  * api-change:``cognito-idp``: Update cognito-idp client to latest version
  * api-change:``ssm``: Update ssm client to latest version
  * api-change:``ecs``: Update ecs client to latest version
  * api-change:``elasticache``: Update elasticache client to latest version
- from version 1.15.21
  * api-change:``appconfig``: Update appconfig client to latest version
- from version 1.15.20
  * api-change:``lex-models``: Update lex-models client to latest version
  * api-change:``securityhub``: Update securityhub client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``apigatewayv2``: Update apigatewayv2 client to latest version
  * api-change:``iot``: Update iot client to latest version
- from version 1.15.19
  * api-change:``efs``: Update efs client to latest version
  * api-change:``redshift``: Update redshift client to latest version
- from version 1.15.18
  * api-change:``serverlessrepo``: Update serverlessrepo client to latest version
  * api-change:``iotevents``: Update iotevents client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * enhancement:timezones: Improved timezone parsing for Windows
    with new fallback method (#1939)
  * api-change:``marketplacecommerceanalytics``: Update
    marketplacecommerceanalytics client to latest version
- from version 1.15.17
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``medialive``: Update medialive client to latest version
  * api-change:``dms``: Update dms client to latest version
- from version 1.15.16
  * api-change:``signer``: Update signer client to latest version
  * api-change:``guardduty``: Update guardduty client to latest version
  * api-change:``appmesh``: Update appmesh client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``robomaker``: Update robomaker client to latest version
- from version 1.15.15
  * api-change:``eks``: Update eks client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``opsworkscm``: Update opsworkscm client to latest version
  * api-change:``guardduty``: Update guardduty client to latest version
- from version 1.15.14
  * api-change:``pinpoint``: Update pinpoint client to latest version
- from version 1.15.13
  * api-change:``ec2``: Update ec2 client to latest version
- from version 1.15.12
  * api-change:``cloudwatch``: Update cloudwatch client to latest version
  * api-change:``comprehendmedical``: Update comprehendmedical client to latest version
- from version 1.15.11
  * api-change:``config``: Update config client to latest version
- from version 1.15.10
  * api-change:``config``: Update config client to latest version
  * api-change:``glue``: Update glue client to latest version
  * api-change:``sagemaker-a2i-runtime``: Update sagemaker-a2i-runtime client to latest version
  * api-change:``appmesh``: Update appmesh client to latest version
  * api-change:``elbv2``: Update elbv2 client to latest version
  * api-change:``workdocs``: Update workdocs client to latest version
  * api-change:``quicksight``: Update quicksight client to latest version
  * api-change:``accessanalyzer``: Update accessanalyzer client to latest version
  * api-change:``codeguruprofiler``: Update codeguruprofiler client to latest version
- from version 1.15.9
  * api-change:``lightsail``: Update lightsail client to latest version
  * api-change:``globalaccelerator``: Update globalaccelerator client to latest version
- from version 1.15.8
  * api-change:``transcribe``: Update transcribe client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``sagemaker``: Update sagemaker client to latest version
  * api-change:``securityhub``: Update securityhub client to latest version
- from version 1.15.7
  * api-change:``stepfunctions``: Update stepfunctions client to latest version
  * api-change:``kafka``: Update kafka client to latest version
  * api-change:``secretsmanager``: Update secretsmanager client to latest version
  * api-change:``outposts``: Update outposts client to latest version
- from version 1.15.6
  * api-change:``iotevents``: Update iotevents client to latest version
  * api-change:``docdb``: Update docdb client to latest version
  * api-change:``snowball``: Update snowball client to latest version
  * api-change:``fsx``: Update fsx client to latest version
  * api-change:``events``: Update events client to latest version
- from version 1.15.5
  * api-change:``imagebuilder``: Update imagebuilder client to latest version
  * api-change:``wafv2``: Update wafv2 client to latest version
  * api-change:``redshift``: Update redshift client to latest version
- from version 1.15.4
  * api-change:``savingsplans``: Update savingsplans client to latest version
  * api-change:``appconfig``: Update appconfig client to latest version
  * api-change:``pinpoint``: Update pinpoint client to latest version
- from version 1.15.3
  * api-change:``autoscaling``: Update autoscaling client to latest version
  * api-change:``servicecatalog``: Update servicecatalog client to latest version
  * api-change:``lambda``: Update lambda client to latest version
- from version 1.15.2
  * api-change:``autoscaling``: Update autoscaling client to latest version
  * api-change:``chime``: Update chime client to latest version
  * api-change:``rds``: Update rds client to latest version
- from version 1.15.1
  * api-change:``cloud9``: Update cloud9 client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``dynamodb``: Update dynamodb client to latest version
  * api-change:``rekognition``: Update rekognition client to latest version

- Version update to 1.15.0
  * feature:retries: Add support for retry modes, including ``standard`` and ``adaptive`` modes (`#1972 <https://github.com/boto/botocore/issues/1972>`__)
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``mediatailor``: Update mediatailor client to latest version
  * api-change:``securityhub``: Update securityhub client to latest version
  * api-change:``shield``: Update shield client to latest version
- from version 1.14.17
  * api-change:``mediapackage-vod``: Update mediapackage-vod client to latest version
- from version 1.14.16
  * api-change:``glue``: Update glue client to latest version
  * api-change:``chime``: Update chime client to latest version
  * api-change:``workmail``: Update workmail client to latest version
  * api-change:``ds``: Update ds client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``es``: Update es client to latest version
  * api-change:``neptune``: Update neptune client to latest version
- from version 1.14.15
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``cognito-idp``: Update cognito-idp client to latest version
  * api-change:``cloudformation``: Update cloudformation client to latest version
- from version 1.14.14
  * api-change:``docdb``: Update docdb client to latest version
  * api-change:``kms``: Update kms client to latest version
- from version 1.14.13
  * api-change:``robomaker``: Update robomaker client to latest version
  * api-change:``imagebuilder``: Update imagebuilder client to latest version
  * api-change:``rds``: Update rds client to latest version
- from version 1.14.12
  * api-change:``ebs``: Update ebs client to latest version
  * api-change:``appsync``: Update appsync client to latest version
  * api-change:``lex-models``: Update lex-models client to latest version
  * api-change:``ecr``: Update ecr client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``codebuild``: Update codebuild client to latest version
- from version 1.14.11
  * api-change:``groundstation``: Update groundstation client to latest version
  * api-change:``mediaconvert``: Update mediaconvert client to latest version
  * api-change:``dlm``: Update dlm client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``forecastquery``: Update forecastquery client to latest version
  * api-change:``securityhub``: Update securityhub client to latest version
  * api-change:``resourcegroupstaggingapi``: Update resourcegroupstaggingapi client to latest version
- from version 1.14.10
  * api-change:``workmail``: Update workmail client to latest version
  * api-change:``iot``: Update iot client to latest version
  * api-change:``cloudfront``: Update cloudfront client to latest version
  * api-change:``storagegateway``: Update storagegateway client to latest version
  * api-change:``ssm``: Update ssm client to latest version
  * api-change:``kafka``: Update kafka client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
- Refresh patches for new version
  + hide_py_pckgmgmt.patch

- Version update to 1.14.9
  * api-change:``ecs``: Update ecs client to latest version
  * api-change:``opsworkscm``: Update opsworkscm client to latest version
  * api-change:``workspaces``: Update workspaces client to latest version
  * api-change:``datasync``: Update datasync client to latest version
  * api-change:``eks``: Update eks client to latest version
- from version 1.14.8
  * api-change:``rds``: Update rds client to latest version
  * api-change:``iam``: Update iam client to latest version
- from version 1.14.7
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``codepipeline``: Update codepipeline client to latest version
  * api-change:``discovery``: Update discovery client to latest version
  * api-change:``iotevents``: Update iotevents client to latest version
  * api-change:``marketplacecommerceanalytics``: Update marketplacecommerceanalytics client to latest version
- from version 1.14.6
  * api-change:``lambda``: Update lambda client to latest version
  * api-change:``application-insights``: Update application-insights client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``cloudwatch``: Update cloudwatch client to latest version
  * api-change:``kms``: Update kms client to latest version
  * api-change:``alexaforbusiness``: Update alexaforbusiness client to latest version
- from version 1.14.5
  * api-change:``mediaconvert``: Update mediaconvert client to latest version
  * api-change:``neptune``: Update neptune client to latest version
  * api-change:``cloudhsmv2``: Update cloudhsmv2 client to latest version
  * api-change:``redshift``: Update redshift client to latest version
  * api-change:``batch``: Update batch client to latest version
  * api-change:``ecs``: Update ecs client to latest version
- from version 1.14.4
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``sagemaker``: Update sagemaker client to latest version
  * api-change:``ds``: Update ds client to latest version
- from version 1.14.3
  * api-change:``securityhub``: Update securityhub client to latest version
  * api-change:``ssm``: Update ssm client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``organizations``: Update organizations client to latest version
- from version 1.14.2
  * api-change:``ec2``: Update ec2 client to latest version
- from version 1.14.1
  * api-change:``efs``: Update efs client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``backup``: Update backup client to latest version
- from version 1.14.0
  * api-change:``sagemaker``: Update sagemaker client to latest version
  * api-change:``chime``: Update chime client to latest version
  * api-change:``transfer``: Update transfer client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * feature:Python: Dropped support for Python 2.6 and 3.3.
  * api-change:``workspaces``: Update workspaces client to latest version
  * api-change:``rds``: Update rds client to latest version
- from version 1.13.50
  * api-change:``logs``: Update logs client to latest version
- from version 1.13.49
  * api-change:``fms``: Update fms client to latest version
  * api-change:``translate``: Update translate client to latest version
  * api-change:``ce``: Update ce client to latest version
- from version 1.13.48
  * api-change:``codebuild``: Update codebuild client to latest version
  * api-change:``mgh``: Update mgh client to latest version
  * api-change:``xray``: Update xray client to latest version
- from version 1.13.47
  * api-change:``comprehend``: Update comprehend client to latest version
  * api-change:``mediapackage``: Update mediapackage client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
- from version 1.13.46
  * api-change:``lex-models``: Update lex-models client to latest version
  * api-change:``ecr``: Update ecr client to latest version
  * api-change:``lightsail``: Update lightsail client to latest version
  * api-change:``ce``: Update ce client to latest version
- from version 1.13.45
  * api-change:``fsx``: Update fsx client to latest version
  * api-change:``health``: Update health client to latest version
  * api-change:``detective``: Update detective client to latest version
- from version 1.13.44
  * api-change:``transcribe``: Update transcribe client to latest version
  * api-change:``eks``: Update eks client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``rds``: Update rds client to latest version
  * api-change:``ssm``: Update ssm client to latest version
  * api-change:``redshift``: Update redshift client to latest version
  * api-change:``pinpoint``: Update pinpoint client to latest version
  * api-change:``securityhub``: Update securityhub client to latest version
  * api-change:``devicefarm``: Update devicefarm client to latest version
- from version 1.13.43
  * api-change:``transcribe``: Update transcribe client to latest version
  * api-change:``dlm``: Update dlm client to latest version
  * api-change:``lex-models``: Update lex-models client to latest version
  * api-change:``personalize-runtime``: Update personalize-runtime client to latest version
  * api-change:``ssm``: Update ssm client to latest version
  * api-change:``codestar-connections``: Update codestar-connections client to latest version
  * api-change:``gamelift``: Update gamelift client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
- from version 1.13.42
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``s3``: Update s3 client to latest version
  * api-change:``resourcegroupstaggingapi``: Update resourcegroupstaggingapi client to latest version
  * api-change:``cloudfront``: Update cloudfront client to latest version
  * enhancement:``s3``: Add support for opting into using the us-east-1 regional endpoint.
  * api-change:``opsworkscm``: Update opsworkscm client to latest version
- from version 1.13.41
  * api-change:``kinesisanalyticsv2``: Update kinesisanalyticsv2 client to latest version
  * api-change:``ssm``: Update ssm client to latest version
  * api-change:``medialive``: Update medialive client to latest version
  * api-change:``iot``: Update iot client to latest version
  * api-change:``ecs``: Update ecs client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
- from version 1.13.40
  * api-change:``mq``: Update mq client to latest version
  * api-change:``comprehendmedical``: Update comprehendmedical client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
- from version 1.13.39
  * api-change:``codebuild``: Update codebuild client to latest version
  * api-change:``detective``: Update detective client to latest version
  * api-change:``sesv2``: Update sesv2 client to latest version
- from version 1.13.38
  * api-change:``accessanalyzer``: Update accessanalyzer client to latest version
- from version 1.13.37
  * api-change:``ec2``: Update ec2 client to latest version
- from version 1.13.36
  * api-change:``kendra``: Update kendra client to latest version
- from version 1.13.35
  * bugfix:s3: Add stricter validation to s3 control account id parameter.
  * api-change:``quicksight``: Update quicksight client to latest version
  * api-change:``kms``: Update kms client to latest version
  * api-change:``ssm``: Update ssm client to latest version
  * api-change:``kafka``: Update kafka client to latest version
- from version 1.13.34
  * bugfix:s3: Fixed an issue where the request path was set incorrectly
    if access point name was present in key path.

- Version update to 1.13.33
  * api-change:``kinesisvideo``: Update kinesisvideo client to latest version
  * api-change:``kinesis-video-signaling``: Update kinesis-video-signaling client to latest version
  * api-change:``apigatewayv2``: Update apigatewayv2 client to latest version
- from version  1.13.32
  * api-change:``ebs``: Update ebs client to latest version
  * api-change:``stepfunctions``: Update stepfunctions client to latest version
  * api-change:``application-autoscaling``: Update application-autoscaling client to latest version
  * api-change:``lambda``: Update lambda client to latest version
  * api-change:``rekognition``: Update rekognition client to latest version
  * api-change:``rds``: Update rds client to latest version
  * api-change:``sagemaker``: Update sagemaker client to latest version
- from version 1.13.31
  * api-change:``textract``: Update textract client to latest version
  * api-change:``s3control``: Update s3control client to latest version
  * api-change:``ecs``: Update ecs client to latest version
  * api-change:``s3``: Update s3 client to latest version
  * api-change:``outposts``: Update outposts client to latest version
  * api-change:``kendra``: Update kendra client to latest version
  * api-change:``eks``: Update eks client to latest version
  * api-change:``networkmanager``: Update networkmanager client to latest version
  * api-change:``compute-optimizer``: Update compute-optimizer client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``frauddetector``: Update frauddetector client to latest version
  * api-change:``sagemaker-a2i-runtime``: Update sagemaker-a2i-runtime client to latest version
  * api-change:``codeguru-reviewer``: Update codeguru-reviewer client to latest version
  * api-change:``codeguruprofiler``: Update codeguruprofiler client to latest version
  * api-change:``es``: Update es client to latest version
- from version 1.13.30
  * api-change:``accessanalyzer``: Update accessanalyzer client to latest version
- from version 1.13.29
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``license-manager``: Update license-manager client to latest version
  * api-change:``imagebuilder``: Update imagebuilder client to latest version
  * api-change:``schemas``: Update schemas client to latest version
- from version 1.13.28
  * api-change:``rds-data``: Update rds-data client to latest version
  * api-change:``ds``: Update ds client to latest version
  * api-change:``workspaces``: Update workspaces client to latest version
  * api-change:``resourcegroupstaggingapi``: Update resourcegroupstaggingapi client to latest version
  * api-change:``cognito-idp``: Update cognito-idp client to latest version
  * api-change:``dynamodb``: Update dynamodb client to latest version
  * api-change:``elastic-inference``: Update elastic-inference client to latest version
  * api-change:``organizations``: Update organizations client to latest version
  * api-change:``mediatailor``: Update mediatailor client to latest version
  * api-change:``quicksight``: Update quicksight client to latest version
  * api-change:``serverlessrepo``: Update serverlessrepo client to latest version
- from version 1.13.27
  * api-change:``cognito-idp``: Update cognito-idp client to latest version
  * api-change:``redshift``: Update redshift client to latest version
  * api-change:``elbv2``: Update elbv2 client to latest version
  * api-change:``wafv2``: Update wafv2 client to latest version
  * api-change:``dlm``: Update dlm client to latest version
  * api-change:``iot``: Update iot client to latest version
  * api-change:``lex-runtime``: Update lex-runtime client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``athena``: Update athena client to latest version
  * api-change:``iotsecuretunneling``: Update iotsecuretunneling client to latest version
  * api-change:``ssm``: Update ssm client to latest version
  * api-change:``application-insights``: Update application-insights client to latest version
  * api-change:``mediapackage-vod``: Update mediapackage-vod client to latest version
  * api-change:``appconfig``: Update appconfig client to latest version
  * api-change:``mediaconvert``: Update mediaconvert client to latest version
  * api-change:``kinesisanalyticsv2``: Update kinesisanalyticsv2 client to latest version
  * api-change:``medialive``: Update medialive client to latest version
  * api-change:``lambda``: Update lambda client to latest version
  * api-change:``cloudwatch``: Update cloudwatch client to latest version
  * api-change:``sesv2``: Update sesv2 client to latest version
  * api-change:``application-autoscaling``: Update application-autoscaling client to latest version
  * api-change:``greengrass``: Update greengrass client to latest version
  * api-change:``alexaforbusiness``: Update alexaforbusiness client to latest version
  * api-change:``rds``: Update rds client to latest version
  * api-change:``ce``: Update ce client to latest version
  * api-change:``ram``: Update ram client to latest version
  * api-change:``codebuild``: Update codebuild client to latest version
  * api-change:``comprehend``: Update comprehend client to latest version
  * api-change:``kms``: Update kms client to latest version
- from version 1.13.26
  * api-change:``acm``: Update acm client to latest version
  * api-change:``autoscaling-plans``: Update autoscaling-plans client to latest version
  * api-change:``codebuild``: Update codebuild client to latest version
  * api-change:``mediapackage-vod``: Update mediapackage-vod client to latest version
  * api-change:``emr``: Update emr client to latest version
  * api-change:``sns``: Update sns client to latest version
  * api-change:``ssm``: Update ssm client to latest version
  * api-change:``application-autoscaling``: Update application-autoscaling client to latest version
  * api-change:``sts``: Update sts client to latest version
  * api-change:``forecast``: Update forecast client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``rekognition``: Update rekognition client to latest version
- from version 1.13.25
  * bugfix:IMDS metadata: Add 405 case to metadata fetching logic.
- from version 1.13.24
  * api-change:``glue``: Update glue client to latest version
  * api-change:``transcribe``: Update transcribe client to latest version
  * api-change:``connectparticipant``: Update connectparticipant client to latest version
  * api-change:``dynamodb``: Update dynamodb client to latest version
  * api-change:``lex-runtime``: Update lex-runtime client to latest version
  * api-change:``connect``: Update connect client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``meteringmarketplace``: Update meteringmarketplace client to latest version
  * api-change:``config``: Update config client to latest version
  * api-change:``lex-models``: Update lex-models client to latest version
  * api-change:``ssm``: Update ssm client to latest version
  * api-change:``amplify``: Update amplify client to latest version
  * api-change:``appsync``: Update appsync client to latest version
- from version 1.13.23
  * api-change:``datasync``: Update datasync client to latest version
  * api-change:``dlm``: Update dlm client to latest version
  * api-change:``mediastore``: Update mediastore client to latest version
  * api-change:``cloudtrail``: Update cloudtrail client to latest version
  * api-change:``mgh``: Update mgh client to latest version
  * api-change:``storagegateway``: Update storagegateway client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``codecommit``: Update codecommit client to latest version
  * api-change:``s3``: Update s3 client to latest version
  * api-change:``fsx``: Update fsx client to latest version
  * api-change:``migrationhub-config``: Update migrationhub-config client to latest version
  * api-change:``firehose``: Update firehose client to latest version
  * api-change:``transcribe``: Update transcribe client to latest version
  * api-change:``ecs``: Update ecs client to latest version
  * api-change:``discovery``: Update discovery client to latest version
  * api-change:``chime``: Update chime client to latest version
  * api-change:``quicksight``: Update quicksight client to latest version
- from version 1.13.22
  * bugfix:IMDS: Fix regression in IMDS credential resolution.
    Fixes `#1892 <https://github.com/boto/botocore/issues/1892>`__.
- from version 1.13.21
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``cloudformation``: Update cloudformation client to latest version
  * api-change:``elbv2``: Update elbv2 client to latest version
  * api-change:``lambda``: Update lambda client to latest version
  * api-change:``config``: Update config client to latest version
  * api-change:``iam``: Update iam client to latest version
  * api-change:``codebuild``: Update codebuild client to latest version
  * api-change:``iot``: Update iot client to latest version
  * api-change:``autoscaling``: Update autoscaling client to latest version
- from version 1.13.20
  * api-change:``cloudformation``: Update cloudformation client to latest version
  * api-change:``s3``: Update s3 client to latest version
  * api-change:``rds``: Update rds client to latest version
  * api-change:``pinpoint``: Update pinpoint client to latest version
  * api-change:``sagemaker``: Update sagemaker client to latest version
  * api-change:``sagemaker-runtime``: Update sagemaker-runtime client to latest version
  * api-change:``ce``: Update ce client to latest version
  * api-change:``ssm``: Update ssm client to latest version
- from version 1.13.19
  * api-change:``cognito-idp``: Update cognito-idp client to latest version
  * api-change:``elbv2``: Update elbv2 client to latest version
  * api-change:``workspaces``: Update workspaces client to latest version
  * api-change:``ssm``: Update ssm client to latest version
  * api-change:``logs``: Update logs client to latest version
  * api-change:``guardduty``: Update guardduty client to latest version
  * api-change:``emr``: Update emr client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``mediaconvert``: Update mediaconvert client to latest version
  * api-change:``eks``: Update eks client to latest version
  * api-change:``chime``: Update chime client to latest version
- from version 1.13.18
  * api-change:``meteringmarketplace``: Update meteringmarketplace client to latest version
  * api-change:``cognito-idp``: Update cognito-idp client to latest version
  * api-change:``connect``: Update connect client to latest version
  * api-change:``ssm``: Update ssm client to latest version
  * api-change:``personalize``: Update personalize client to latest version

- Version update to 1.13.17 (bsc#1129696)
  * api-change:``sesv2``: Update sesv2 client to latest version
  * api-change:``dataexchange``: Update dataexchange client to latest version
  * api-change:``iot``: Update iot client to latest version
  * api-change:``cloudsearch``: Update cloudsearch client to latest version
  * api-change:``dlm``: Update dlm client to latest version
- from version 1.13.16
  * api-change:``transcribe``: Update transcribe client to latest version
  * api-change:``marketplace-catalog``: Update marketplace-catalog client to latest version
  * api-change:``dynamodb``: Update dynamodb client to latest version
  * api-change:``codepipeline``: Update codepipeline client to latest version
  * api-change:``elbv2``: Update elbv2 client to latest version
- from version 1.13.15
  * api-change:``ce``: Update ce client to latest version
  * api-change:``cloudformation``: Update cloudformation client to latest version
- from version 1.13.14
  * api-change:``cognito-identity``: Update cognito-identity client to latest version
  * api-change:``ecr``: Update ecr client to latest version
- from version 1.13.13
  * api-change:``ssm``: Update ssm client to latest version
  * api-change:``sso``: Update sso client to latest version
  * api-change:``sso-oidc``: Update sso-oidc client to latest version
  * api-change:``comprehend``: Update comprehend client to latest version
- from version 1.13.12
  * api-change:``savingsplans``: Update savingsplans client to latest version
- from version 1.13.11
  * api-change:``codebuild``: Update codebuild client to latest version
  * api-change:``budgets``: Update budgets client to latest version
  * api-change:``efs``: Update efs client to latest version
  * api-change:``ce``: Update ce client to latest version
  * api-change:``savingsplans``: Update savingsplans client to latest version
  * api-change:``signer``: Update signer client to latest version
- from version 1.13.10
  * api-change:``rds``: Update rds client to latest version
  * api-change:``codestar-notifications``: Update codestar-notifications client to latest version
- from version 1.13.9
  * api-change:``dax``: Update dax client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``robomaker``: Update robomaker client to latest version
- from version 1.13.8
  * api-change:``pinpoint``: Update pinpoint client to latest version
  * api-change:``cloudtrail``: Update cloudtrail client to latest version
  * api-change:``dms``: Update dms client to latest version
- from version 1.13.7
  * api-change:``support``: Update support client to latest version
  * api-change:``amplify``: Update amplify client to latest version
  * api-change:``s3``: Update s3 client to latest version
- from version 1.13.6
  * api-change:``elasticache``: Update elasticache client to latest version
- from version 1.13.5
  * api-change:``cloud9``: Update cloud9 client to latest version
  * api-change:``appstream``: Update appstream client to latest version
- from version 1.13.4
  * api-change:``s3``: Update s3 client to latest version
- from version 1.13.3
  * api-change:``elasticache``: Update elasticache client to latest version
  * api-change:``transfer``: Update transfer client to latest version
  * api-change:``ecr``: Update ecr client to latest version
- from version 1.13.2
  * api-change:``sagemaker``: Update sagemaker client to latest version
  * api-change:``gamelift``: Update gamelift client to latest version
  * enhancement:``sts``: Add support for configuring the use of regional STS endpoints.
  * api-change:``chime``: Update chime client to latest version
  * api-change:``appmesh``: Update appmesh client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
- from version 1.13.1
  * api-change:``polly``: Update polly client to latest version
  * api-change:``connect``: Update connect client to latest version
- from version 1.13.0
  * api-change:``opsworkscm``: Update opsworkscm client to latest version
  * api-change:``iotevents``: Update iotevents client to latest version
  * feature:``botocore.vendored.requests``: Removed vendored version of ``requests`` (`#1829 <https://github.com/boto/botocore/issues/1829>`__)
- from version 1.12.253
  * api-change:``cloudwatch``: Update cloudwatch client to latest version
- from version 1.12.252
  * api-change:``batch``: Update batch client to latest version
  * api-change:``rds``: Update rds client to latest version
- from version 1.12.251
  * api-change:``kafka``: Update kafka client to latest version
  * api-change:``marketplacecommerceanalytics``: Update marketplacecommerceanalytics client to latest version
  * api-change:``robomaker``: Update robomaker client to latest version
- from version 1.12.250
  * api-change:``kinesis-video-archived-media``: Update kinesis-video-archived-media client to latest version
- from version 1.12.249
  * api-change:``personalize``: Update personalize client to latest version
  * api-change:``workspaces``: Update workspaces client to latest version
- Refresh patches for new version
  + hide_py_pckgmgmt.patch

- Version update to 1.12.248
  * api-change:``greengrass``: Update greengrass client to latest version
- from version 1.12.247
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``lex-runtime``: Update lex-runtime client to latest version
  * api-change:``fms``: Update fms client to latest version
  * api-change:``iotanalytics``: Update iotanalytics client to latest version
- from version 1.12.246
  * api-change:``kafka``: Update kafka client to latest version
  * api-change:``elasticache``: Update elasticache client to latest version
  * api-change:``mediaconvert``: Update mediaconvert client to latest version
- from version 1.12.245
  * api-change:``organizations``: Update organizations client to latest version
  * api-change:``events``: Update events client to latest version
  * api-change:``firehose``: Update firehose client to latest version
  * api-change:``datasync``: Update datasync client to latest version
- from version 1.12.244
  * api-change:``snowball``: Update snowball client to latest version
  * api-change:``directconnect``: Update directconnect client to latest version
  * api-change:``firehose``: Update firehose client to latest version
  * api-change:``pinpoint``: Update pinpoint client to latest version
  * api-change:``glue``: Update glue client to latest version
  * api-change:``pinpoint-email``: Update pinpoint-email client to latest version
- from version 1.12.243
  * api-change:``cognito-idp``: Update cognito-idp client to latest version
  * api-change:``mediapackage``: Update mediapackage client to latest version
  * api-change:``ssm``: Update ssm client to latest version
- from version 1.12.242
  * api-change:``es``: Update es client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``application-autoscaling``: Update
    application-autoscaling client to latest version
  * api-change:``devicefarm``: Update devicefarm client to latest version
- from version 1.12.241
  * api-change:``lightsail``: Update lightsail client to latest version
- from version 1.12.240
  * api-change:``docdb``: Update docdb client to latest version
- from version 1.12.239
  * api-change:``waf``: Update waf client to latest version
  * api-change:``rds``: Update rds client to latest version
  * api-change:``mq``: Update mq client to latest version
- from version 1.12.238
  * api-change:``amplify``: Update amplify client to latest version
  * api-change:``ecs``: Update ecs client to latest version
- from version 1.12.237
  * api-change:``ssm``: Update ssm client to latest version
  * api-change:``codepipeline``: Update codepipeline client to latest version
- from version 1.12.236
  * api-change:``globalaccelerator``: Update globalaccelerator client to latest version
  * api-change:``dms``: Update dms client to latest version
  * api-change:``sagemaker``: Update sagemaker client to latest version
- from version 1.12.235
  * api-change:``transcribe``: Update transcribe client to latest version
  * api-change:``comprehendmedical``: Update comprehendmedical client to latest version
  * api-change:``datasync``: Update datasync client to latest version
- from version 1.12.234
  * api-change:``rds-data``: Update rds-data client to latest version
  * api-change:``redshift``: Update redshift client to latest version
- from version 1.12.233
  * api-change:``workspaces``: Update workspaces client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``greengrass``: Update greengrass client to latest version
  * api-change:``rds``: Update rds client to latest version
- from version 1.12.232
  * api-change:``mediaconnect``: Update mediaconnect client to latest version
  * api-change:``glue``: Update glue client to latest version
  * api-change:``ecs``: Update ecs client to latest version
- from version 1.12.231
  * api-change:``ram``: Update ram client to latest version
  * api-change:``waf-regional``: Update waf-regional client to latest version
  * api-change:``apigateway``: Update apigateway client to latest version
- from version 1.12.230
  * api-change:``iam``: Update iam client to latest version
  * api-change:``athena``: Update athena client to latest version
  * api-change:``personalize``: Update personalize client to latest version
- from version 1.12.229
  * api-change:``eks``: Update eks client to latest version
  * api-change:``mediaconvert``: Update mediaconvert client to latest version
- from version 1.12.228
  * api-change:``elbv2``: Update elbv2 client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``workmailmessageflow``: Update workmailmessageflow client to latest version
  * api-change:``medialive``: Update medialive client to latest version
- from version 1.12.227
  * api-change:``stepfunctions``: Update stepfunctions client to latest version
  * api-change:``rds``: Update rds client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``mediaconnect``: Update mediaconnect client to latest version
  * api-change:``ses``: Update ses client to latest version
  * api-change:``config``: Update config client to latest version
- from version 1.12.226
  * api-change:``storagegateway``: Update storagegateway client to latest version
- from version 1.12.225
  * api-change:``qldb``: Update qldb client to latest version
  * api-change:``marketplacecommerceanalytics``: Update
    marketplacecommerceanalytics client to latest version
  * api-change:``appstream``: Update appstream client to latest version
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``robomaker``: Update robomaker client to latest version
  * api-change:``appmesh``: Update appmesh client to latest version
  * api-change:``qldb-session``: Update qldb-session client to latest version
- from version 1.12.224
  * api-change:``kinesisanalytics``: Update kinesisanalytics client to latest version
- from version 1.12.223
  * api-change:``config``: Update config client to latest version
- from version 1.12.222
  * api-change:``stepfunctions``: Update stepfunctions client to latest version
  * api-change:``transcribe``: Update transcribe client to latest version
  * api-change:``eks``: Update eks client to latest version
- from version 1.12.221
  * api-change:``ecs``: Update ecs client to latest version
  * api-change:``resourcegroupstaggingapi``: Update
    resourcegroupstaggingapi client to latest version
  * api-change:``gamelift``: Update gamelift client to latest version
- from version 1.12.220
  * api-change:``mq``: Update mq client to latest version
  * api-change:``apigatewaymanagementapi``: Update
    apigatewaymanagementapi client to latest version
  * api-change:``ecs``: Update ecs client to latest version
- from version 1.12.219
  * api-change:``codepipeline``: Update codepipeline client to latest version
  * api-change:``application-autoscaling``: Update
    application-autoscaling client to latest version
  * api-change:``elasticache``: Update elasticache client to latest version
  * api-change:``lambda``: Update lambda client to latest version
  * api-change:``ecs``: Update ecs client to latest version
- from version 1.12.218
  * api-change:``sqs``: Update sqs client to latest version
  * api-change:``globalaccelerator``: Update globalaccelerator client to latest version
  * api-change:``mediaconvert``: Update mediaconvert client to latest version
- from version 1.12.217
  * api-change:``organizations``: Update organizations client to latest version
- from version 1.12.216
  * api-change:``ssm``: Update ssm client to latest version
  * api-change:``securityhub``: Update securityhub client to latest version
- from version 1.12.215
  * api-change:``ec2``: Update ec2 client to latest version
  * api-change:``mediapackage-vod``: Update mediapackage-vod client to latest version
  * api-change:``transcribe``: Update transcribe client to latest version
- from version 1.12.214
  * api-change:``datasync``: Update datasync client to latest version
  * api-change:``rds``: Update rds client to latest version


python-s3transfer was updated to 0.3.3:

* bugfix:dependency: Updated botocore version range

Update to version 0.3.2

* bugfix:s3: Fixes boto/botocore`#1916 <https://github.com/boto/botocore/issues/1916>`__

from version 0.3.1

* enhancement:TransferManager: Expose client and config properties
* enhancement:Tags: Add support for Tagging and TaggingDirective

from version 0.3.0

* feature:Python: Dropped support for Python 2.6 and 3.3.

python-boto was updated to fix:

* Removed the upstream builtin root certificate data for trusted CAs,
  as SUSE ships them seperately. (bsc#1116204)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1172-1
Released:    Mon May  4 18:15:17 2020
Summary:     Recommended update for osc
Type:        recommended
Severity:    moderate
References:  1160446,1166537,1168862
This update for osc fixes the following issues:

Update from version 0.167.2 to 0.168.2 (bsc#1168862)
- Use helper method _html_escape to enable python3.8 and python2.* compatibility. (bsc#1166537)
- Fix support for python3.8
- Spec: temporary disable tests as they explode under python 3.8
- Spec: fix destination of fish completion file to /usr/share/fish/vendor_completions.d 
- MR creation honors orev now (bsc#1160446)
- Allow 'osc r --vertical' for projects
- Cleanup old functions and remove python2.6 compatibility code
- Support zstd arch linux files in local build
- Fix deleterequest for repositories
- Append --norootforbuild as default to build command
- Fix decoding in interactive request mode
- Use signdummy for product builds
- Print release project when creating MR
- Improve SSLError message for TLSv1 validation
- osc maintained --version prints the version of each maintained package
- Print web url links after creating requests (New general bool option 'print_web_links' must be set in oscrc)
- Fix checkout_no_colon on project level
- Handle empty release number of rpm packages in build.py
- Handle bytes vs. str error when parsing meta
- Custom exception if importing m2crypto fails
- Fix missing oscerr import in util.helper
- Several fixes for keyring handling
- Fix arch zst magic in util.packagequery
- Ship fish completion file.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1177-1
Released:    Tue May  5 09:50:10 2020
Summary:     Security update for rpmlint
Type:        security
Severity:    moderate
References:  1129452,1169365
This update for rpmlint fixes the following issues:

- whitelist certmonger (bsc#1169365, bsc#1129452)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1178-1
Released:    Tue May  5 10:27:30 2020
Summary:     Security update for rubygem-actionview-5_1
Type:        security
Severity:    moderate
References:  1167240,CVE-2020-5267
This update for rubygem-actionview-5_1 fixes the following issues:

- CVE-2020-5267: Fixed an XSS vulnerability in ActionView's JavaScript literal escape helpers (bsc#1167240).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1181-1
Released:    Tue May  5 12:02:39 2020
Summary:     Recommended update for pciutils-ids
Type:        recommended
Severity:    moderate
References:  1170160
This update for pciutils-ids fixes the following issues:

- Update the PCI utilities database to 20200324. (bsc#1170160)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1183-1
Released:    Tue May  5 12:09:56 2020
Summary:     Recommended update for geoipupdate
Type:        recommended
Severity:    moderate
References:  1169766
This update for geoipupdate fixes the following issue:

- Fix license, it's actually Apache-2.0 or MIT. (bsc#1169766)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1187-1
Released:    Tue May  5 12:51:09 2020
Summary:     Recommended update for python-paramiko
Type:        recommended
Severity:    moderate
References:  1169489
This update for python-paramiko fixes the following issues:

- Fixed a problem from the last fix that caused Vorta to fail (bsc#1169489)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1159-1
Released:    Tue May  5 16:24:36 2020
Summary:     Recommended update for python3-azuremetadata
Type:        recommended
Severity:    moderate
References:  1170598,1170599,1170605,1170606
This update for python3-azuremetadata fixes the following issues:

python3-azuremetadata was updated to version 5.1.0:

- Produce well-formed JSON and XML output when multiple filters
  are specified (bsc#1170598, bsc#1170599) 


regionServiceClientConfigSAPAzure was updated to 1.0.3 and
regionServiceClientConfigAzure was updated to  0.0.6:

- Report subscriptionId during registration (bsc#1170605, bsc#1170606)


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1199-1
Released:    Wed May  6 13:53:40 2020
Summary:     Security update for php7
Type:        security
Severity:    moderate
References:  1168326,1168352,CVE-2020-7064,CVE-2020-7066
This update for php7 fixes the following issues:

- CVE-2020-7064: Fixed a one byte read of uninitialized memory in exif_read_data() (bsc#1168326).
- CVE-2020-7066: Fixed URL truncation get_headers() if the URL contains zero (\0) character (bsc#1168352).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1202-1
Released:    Wed May  6 15:51:16 2020
Summary:     Recommended update for supportutils-plugin-ha-sap
Type:        recommended
Severity:    moderate
References:  1170085
This update for supportutils-plugin-ha-sap fixes the following issues:

- Implement SAP plugin for supportutils. (jsc#ECO-862, bsc#1170085)
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1220-1
Released:    Thu May  7 17:11:57 2020
Summary:     Security update for ghostscript
Type:        security
Severity:    important
References:  1170603,CVE-2020-12268
This update for ghostscript to version 9.52 fixes the following issues:

- CVE-2020-12268: Fixed a heap-based buffer overflow in jbig2_image_compose (bsc#1170603).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1222-1
Released:    Fri May  8 08:23:57 2020
Summary:     Recommended update for python-azure-agent
Type:        recommended
Severity:    moderate
References:  1167601,1167602
This update for python-azure-agent fixes the following issues:

- Set the hostname using hostnamectl to ensure setting is properly applied (bsc#1167601, bsc#1167602)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1226-1
Released:    Fri May  8 10:51:05 2020
Summary:     Recommended update for gcc9
Type:        recommended
Severity:    moderate
References:  1149995,1152590,1167898
This update for gcc9 fixes the following issues:

This update ships the GCC 9.3 release.

- Includes a fix for Internal compiler error when building HepMC (bsc#1167898)
- Includes fix for binutils version parsing
- Add libstdc++6-pp provides and conflicts to avoid file conflicts
  with same minor version of libstdc++6-pp from gcc10.
- Add gcc9 autodetect -g at lto link (bsc#1149995)
- Install go tool buildid for bootstrapping go

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1230-1
Released:    Mon May 11 07:29:21 2020
Summary:     Recommended update for md_monitor
Type:        recommended
Severity:    moderate
References:  1081286,1091619,1095141,1096363,1104770,1116560,1123046,1125281,1136542,1139268,1149316,1157098,1157754
This update for md_monitor fixes the following issues:

- Fix for preventing too long I/O after maintenance of a 'Direct Access Storage Device'. (bsc#1116560)
- Fix for a potential memory leak can be triggered by database I/O. (bsc#1157754)
- Fix for an issue when 'md_monitor' thread remains in system shutdown and blocks 'Direct Access Storage Device' offline action by grabbing the device. (bsc#1125281, bsc#1157098)
- Fix for 'ArrayResync' and 'MonitorStatus' by md_monitor not working properly. (bsc#1149316)
- Fix 'md_monitor' to use correct blocksize and prevent disk failure. (bsc#1139268)
- Add newly (re-)discovered devices to the device list. (bsc#1136542)
- Fix for an issue when md_monitor is stopped with process fault during system start and the host has only RAID0 array. (bsc#1123046)
- Fix for an issue when 'md_monitor' does not get 'MirrorStatus' and 'MonitorStatus' properly. (bsc#1104770, bsc#1095141)
- Fix crash on 'MonitorStatus' calling update request for 'md_monitor'. (bsc#1096363, bsc#1081286)
- Ignore NewArray message if does not exists yet (bsc#1091619)

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2020:1260-1
Released:    Tue May 12 18:00:45 2020
Summary:     Optional update for terraform-provider-susepubliccloud
Type:        optional
Severity:    low
References:  1166049
This update for terraform-provider-susepubliccloud doesn't fix any issues and just adjusts some
packaging meta information.
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1261-1
Released:    Tue May 12 18:40:18 2020
Summary:     Recommended update for hwdata
Type:        recommended
Severity:    moderate
References:  1168806
This update for hwdata fixes the following issues:

Update from version 0.320 to version 0.324 (bsc#1168806)

- Updated pci, usb and vendor ids.
- Replace pciutils-ids package providing compatibility symbolic link

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1263-1
Released:    Wed May 13 08:24:14 2020
Summary:     Recommended update for hawk2
Type:        recommended
Severity:    moderate
References:  1054027,1068942,1069217,1069296,1071481,1074856,1076421,1080439,1085318,1085343,1085515,1089709,1089802,1090562,1090657,1090667,1092108,1092122,1093420,1098637,1137891,1158681,1162221,1165587
This update for hawk2 fixes the following issues:

WIP	  
  * Implement mechanism to switch binaries in case (bsc#1165587)
  * Work around the removal of Dir::Tmpname#make_tmpname (bsc#1162221)
  * Fix cib.xml parsing for acl_version (bsc#1158681)
  * Fix mime type issue in MS windows (bsc#1098637)
  * Fix nameless cluster display (bsc#1137891)
  * High: Set secure flag to enforce https (bsc#1090657)
  * Medium: Improve hawk-server side cookie handling (bsc#1090667)
  * Medium: Set Symmetrical to False when score is Serialize (bsc#1085515)
  * Medium: Make resource stop/start icon dependent on target-role (bsc#1076421)
  * Api: Add advance resource type(group|clone|master|bundle) in resource route(fate#323437)
  * Api: return nil if elem is nil(fate#323437)      in some case, param in determine_online_status_fencing is nil,      this will cause NoMethodError
  * Medium: Fix acl_version check (bsc#1089802)
  * High: Fetch correct meta data (bsc#1092122)
  * Medium: Fix history explorer views (bsc#1093420)
  * High: Update links to release notes and documentation (bsc#1089709)
  * High: Return after redirect in reports (bsc#1090562)
  * Medium: Comply routes' id with resources' ID (bsc#1092108)
  * Api: Add registration route (fate#323437)
  * High: Calculate guest node state correctly (bsc#1074856)
  * Use Promotable etc. (bsc#1085318) (bsc#1085343)
  * High: Fix remote nodes iteration (bsc#1080439)
  * High: Support guest nodes (bsc#1074856)
  * Ensure certificate/key is group readable (bsc#1071481)
  * Test: Add test suit for (bsc#1069296)
  * Dev: Fix acl_enabled? (bsc#1069296)
  * Dev: Dev: Handle redirection correctly after renaming resources (bsc#1068942)
  * Dev: Handle redirection correctly after renaming constraints (bsc#1068942)
  * Dev: Dev: split rename action for constraints to edit/update (bsc#1068942)
  * Dev: Refactor resouces.js (bsc#1068942)
  * Dev: Change the rename path for resources (#bsc#1068942)
  * Dev: split rename action to edit/update (bsc#1068942)
  * Fix node/resource event injection in simulator (bsc#1069217)
  * Show descriptions in cluster config (bsc#1054027)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1266-1
Released:    Wed May 13 10:20:54 2020
Summary:     Recommended update for jq
Type:        recommended
Severity:    moderate
References:  1170838
This update for jq fixes the following issues:

jq was updated to version 1.6:

* Destructuring Alternation
* many new builtins (see docs)
* Add support for ASAN and UBSAN
* Make it easier to use jq with shebangs
* Add $ENV builtin variable to access environment
* Add JQ_COLORS env var for configuring the output colors
* change: Calling jq without a program argument now always assumes
'.' for the program, regardless of stdin/stdout
* fix: Make sorting stable regardless of qsort.

- Make jq depend on libjq1, so upgrading jq upgrades both

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1252-1
Released:    Wed May 13 13:51:29 2020
Summary:     Recommended update for regionServiceClientConfigEC2
Type:        recommended
Severity:    moderate
References:  1171232,1171233
This update for regionServiceClientConfigEC2 fixes the following issues:

- Improved the way how regions are resolved by IP addresses.
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1280-1
Released:    Thu May 14 14:27:51 2020
Summary:     Recommended update for postgresql, postgresql10, postgresql12
Type:        recommended
Severity:    moderate
References:  1138034,1151591,1153168,1163985,1167541,CVE-2019-10164,CVE-2020-1720
This update for postgresql, postgresql10, postgresql12 fixes the following issues:

Changes in the postgresql wrapper package:

- Sync ownership of /run/postgresql in the file list with tmpfiles.
- Use the correct content for .bash_profile (bsc#1153168).
- Stop shipping SUSEfirewall2 config files (bsc#1151591).
- Use /run/postgresql instead of /var/run/postgresql in %ghost and
  postgresql-tmpfiles.conf to avoid rpmlint warnings and errors.
- add /var/run/postgresql to the filelist. as %ghost for systemd
  systems and directly for non systemd systems

Changes in postgresql10:

- packaging changed to no longer build the libraries,
  these now come from postgresql12.

Changes in postgresql12:

Initial package for the postgresql 12 branch

https://www.postgresql.org/about/news/1976/

- Update to 12.2 (CVE-2020-1720)
  https://www.postgresql.org/about/news/2011/
  https://www.postgresql.org/docs/12/release-12-2.html

- Avoid the dependency from the devel package to the main package.
  devel packages are exclusive, thus ecpg does not require
  update-alternatives.

- Remove unused build dependencies from the client libs package:
  LVM, icu, selinux, systemd.

- Update to 12.1

  https://www.postgresql.org/docs/12/release-12-1.html
  https://www.postgresql.org/about/news/1994/

- add requires to the server-devel package for the libs that are
  returned by pg_config --libs

python-psycopg2 was updated to 2.8.4 to allow working with postgresql12.


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1286-1
Released:    Fri May 15 11:05:14 2020
Summary:     Recommended update for cdrtools
Type:        recommended
Severity:    moderate
References:  1169420
This update for cdrtools fixes the following issues:

- Fix for an issue when 'mediacheck' fails if ISO sizes are larger than 4GB. (bsc#1169420)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1288-1
Released:    Fri May 15 11:27:01 2020
Summary:     Recommended update for regionServiceClientConfigAzure
Type:        recommended
Severity:    critical
References:  1171465
This update for regionServiceClientConfigAzure fixes the following issues:

- Unify region server setup for SLES and SLES4SAP that provides configuring traffic routing through the datacenter. (bsc#1171465)  
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1291-1
Released:    Fri May 15 16:40:53 2020
Summary:     Recommended update for shared-python-startup
Type:        recommended
Severity:    moderate
References:  1170411
This update for shared-python-startup fixes the following issues:

This package contains common python startup files. (bsc#1170411)


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1293-1
Released:    Mon May 18 07:38:06 2020
Summary:     Security update for openexr
Type:        security
Severity:    moderate
References:  1146648,1169549,1169573,1169574,1169575,1169576,1169578,1169580,CVE-2020-11758,CVE-2020-11760,CVE-2020-11761,CVE-2020-11762,CVE-2020-11763,CVE-2020-11764,CVE-2020-11765
This update for openexr provides the following fix:

Security issues fixed:

- CVE-2020-11765: Fixed an off-by-one error in use of the ImfXdr.h read function by DwaCompressor:Classifier:Classifier (bsc#1169575).
- CVE-2020-11764: Fixed an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp (bsc#1169574).
- CVE-2020-11763: Fixed an out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp (bsc#1169576).
- CVE-2020-11762: Fixed an out-of-bounds read and write in DwaCompressor:uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case (bsc#1169549).
- CVE-2020-11761: Fixed an out-of-bounds read during Huffman uncompression, as demonstrated by FastHufDecoder:refill in ImfFastHuf.cpp (bsc#1169578).
- CVE-2020-11760: Fixed an out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp (bsc#1169580).
- CVE-2020-11758: Fixed an out-of-bounds read in ImfOptimizedPixelReading.h (bsc#1169573).

Non-security issue fixed:

- Enable tests when building the package on x86_64. (bsc#1146648)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1294-1
Released:    Mon May 18 07:38:36 2020
Summary:     Security update for file
Type:        security
Severity:    moderate
References:  1154661,1169512,CVE-2019-18218
This update for file fixes the following issues:

Security issues fixed:

- CVE-2019-18218: Fixed a heap-based buffer overflow in cdf_read_property_info() (bsc#1154661).

Non-security issue fixed:

- Fixed broken '--help' output (bsc#1169512).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1297-1
Released:    Mon May 18 07:42:18 2020
Summary:     Security update for libvpx
Type:        security
Severity:    moderate
References:  1166066,CVE-2020-0034
This update for libvpx fixes the following issues:

- CVE-2020-0034: Fixed an out-of-bounds read on truncated key frames (bsc#1166066).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1298-1
Released:    Mon May 18 07:42:49 2020
Summary:     Security update for libbsd
Type:        security
Severity:    moderate
References:  1160551,CVE-2019-20367
This update for libbsd fixes the following issues:

- CVE-2019-20367: Fixed an out-of-bounds read during a comparison for a symbol names from the string table (bsc#1160551).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1303-1
Released:    Mon May 18 09:40:36 2020
Summary:     Recommended update for timezone
Type:        recommended
Severity:    moderate
References:  1169582
This update for timezone fixes the following issues:

- timezone update 2020a. (bsc#1169582)
  * Morocco springs forward on 2020-05-31, not 2020-05-24.
  * Canada's Yukon advanced to -07 year-round on 2020-03-08.
  * America/Nuuk renamed from America/Godthab.
  * zic now supports expiration dates for leap second lists.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1308-1
Released:    Mon May 18 10:05:46 2020
Summary:     Recommended update for psmisc
Type:        recommended
Severity:    moderate
References:  1170247
This update for psmisc fixes the following issues:

-  Allow not unique mounts as well as not unique mountpoint. (bsc#1170247)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1309-1
Released:    Mon May 18 10:08:16 2020
Summary:     Recommended update for gnome-themes-standard
Type:        recommended
Severity:    moderate
References:  1170757
This update for gnome-themes-standard fixes the following issue:

- Remove the is_opensuse tag to close the gap between Leap and SLE (bsc#1170757, jsc#SLE-11890).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1310-1
Released:    Mon May 18 10:09:22 2020
Summary:     Recommended update for icewm, icewm-theme-branding
Type:        recommended
Severity:    moderate
References:  1170420
This update for icewm, icewm-theme-branding fixes the following issues:

Changes in icewm:
- Explicitly require icewm-theme-branding on SLE and Leap. (jsc#SLE-11888, bsc#1170420).
- Add Conflicts between icewm-config-upstream and icewm-theme-branding.
- Improve build tag consistency between SLE and Leap. (jsc#SLE-11888, bsc#1170420).
  * Recommend polkit-gnome to both Leap and SLE.

Changes in icewm-theme-branding:
- Improve build tag consistency between SLE and Leap. (jsc#SLE-11888, bsc#1170420).
  * Build the branding package separately for openSUSE and SLE,
    like most of other branding packages did.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1315-1
Released:    Mon May 18 10:38:42 2020
Summary:     Recommended update for eiciel
Type:        recommended
Severity:    moderate
References:  1170756
This update for eiciel fixes the following issue:

- Enable translation-update-upstream for both SLE and openSUSE. (bsc#1170756, jsc#SLE-11889)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1319-1
Released:    Mon May 18 11:43:44 2020
Summary:     Recommended update for tcsh
Type:        recommended
Severity:    moderate
References:  1170527
This update for tcsh fixes the following issues:

- Fix for an issue when Midnight Commander freezes changing directory using tcsh shell. (bsc#1170527) 

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1321-1
Released:    Mon May 18 11:45:10 2020
Summary:     Recommended update for regionServiceClientConfigGCE
Type:        recommended
Severity:    important
References:  1171467,1171469
This update for regionServiceClientConfigGCE fixes the following issues:

- Unify region server setup for SLES and SLES4SAP that provides configuring traffic routing through the datacenter. (bsc#1171467, bsc#1171469)	  

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1323-1
Released:    Mon May 18 11:49:02 2020
Summary:     Recommended update for python3-gcemetadata
Type:        recommended
Severity:    important
References:  1134510
This update for python3-gcemetadata fixes the following issues:

- Fix for the identity data of the instance may not be accessible from the metadata server in Google Cloud client. (bsc#1134510)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1327-1
Released:    Mon May 18 17:15:48 2020
Summary:     Recommended update for ntfs-3g_ntfsprogs
Type:        recommended
Severity:    moderate
References:  1170609

This update for ntfs-3g_ntfsprogs fixes the following issue:

- the libntfs-3g-devel package is shipped into the Workstation Extension (bsc#1170609)
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1328-1
Released:    Mon May 18 17:16:04 2020
Summary:     Recommended update for grep
Type:        recommended
Severity:    moderate
References:  1155271
This update for grep fixes the following issues:

- Update testsuite expectations, no functional changes (bsc#1155271)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1337-1
Released:    Tue May 19 13:20:44 2020
Summary:     Security update for openconnect
Type:        security
Severity:    moderate
References:  1170452,CVE-2020-12105
This update for openconnect fixes the following issues:

Security issue fixed:

- CVE-2020-12105: Fixed the improper handling of negative return values from X509_check_ function calls that might have allowed MITM attacks (bsc#1170452).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1353-1
Released:    Wed May 20 13:02:32 2020
Summary:     Security update for freetype2
Type:        security
Severity:    moderate
References:  1079603,1091109,CVE-2018-6942
This update for freetype2 to version 2.10.1 fixes the following issues:

Security issue fixed:

- CVE-2018-6942: Fixed a NULL pointer dereference within ttinerp.c (bsc#1079603).

Non-security issues fixed:

- Update to version 2.10.1
  * The bytecode hinting of OpenType variation fonts was flawed, since
    the data in the `CVAR' table wasn't correctly applied.
  * Auto-hinter support for Mongolian.
  * The handling of  the default character in PCF fonts as  introduced
    in version 2.10.0 was partially broken, causing premature abortion
    of charmap iteration for many fonts.
  * If  `FT_Set_Named_Instance' was  called  with  the same  arguments
    twice in a row, the function  returned an incorrect error code the
    second time.
  * Direct   rendering   using  FT_RASTER_FLAG_DIRECT   crashed   (bug
    introduced in version 2.10.0).
  * Increased  precision  while  computing  OpenType  font   variation
    instances.
  * The  flattening  algorithm of  cubic  Bezier  curves was  slightly
    changed to make  it faster.  This can cause  very subtle rendering
    changes, which aren't noticeable by the eye, however.
  * The  auto-hinter  now  disables hinting  if there  are blue  zones
    defined for a `style' (i.e., a certain combination of a script and
    its related typographic features) but the font doesn't contain any
    characters needed to set up at least one blue zone.
- Add tarball signatures and freetype2.keyring

- Update to version 2.10.0
  * A bunch of new functions has been added to access and process
    COLR/CPAL data of OpenType fonts with color-layered glyphs.
  * As a GSoC 2018 project, Nikhil Ramakrishnan completely
    overhauled and modernized the API reference.
  * The logic for computing the global ascender, descender, and
    height of OpenType fonts has been slightly adjusted for
    consistency.
  * `TT_Set_MM_Blend' could fail if called repeatedly with the same
    arguments.
  * The precision of handling deltas in Variation Fonts has been
    increased.The problem did only show up with multidimensional
    designspaces.
  * New function `FT_Library_SetLcdGeometry' to set up the geometry
    of LCD subpixels.
  * FreeType now uses the `defaultChar' property of PCF fonts to set
    the  glyph for  the undefined  character  at glyph  index 0  (as
    FreeType already does for all other supported font formats).  As
    a consequence, the order of glyphs of a PCF font if accessed
    with  FreeType can be different now compared to previous
    versions.
    This change doesn't affect PCF font access with cmaps.
  * `FT_Select_Charmap' has been changed to allow  parameter value
    `FT_ENCODING_NONE', which is valid for BDF, PCF, and Windows FNT
    formats to access built-in cmaps that don't have a predefined
    `FT_Encoding' value.
  * A previously reserved field in the `FT_GlyphSlotRec' structure
    now holds the glyph index.
  * The usual round of fuzzer bug fixes to better reject malformed
    fonts.
  * `FT_Outline_New_Internal' and `FT_Outline_Done_Internal' have
    been removed.These two functions were public by oversight only
    and were never documented.
  * A new function `FT_Error_String' returns descriptions of error
    codes if configuration macro FT_CONFIG_OPTION_ERROR_STRINGS is
    defined.
  * `FT_Set_MM_WeightVector' and `FT_Get_MM_WeightVector' are new
    functions limited to Adobe MultiMaster fonts to directly set and
    get the weight vector.

- Enable subpixel rendering with infinality config:

- Re-enable freetype-config, there is just too many fallouts. 

- Update to version 2.9.1
  * Type 1 fonts containing flex features were not rendered
    correctly (bug introduced in version 2.9).
  * CVE-2018-6942: Older FreeType versions can crash with certain
    malformed variation fonts.
  * Bug fix: Multiple calls to `FT_Get_MM_Var' returned garbage.
  * Emboldening of bitmaps didn't work correctly sometimes, showing
    various artifacts (bug introduced in version 2.8.1).
  * The auto-hinter script ranges have  been updated for Unicode 11.
    No support for new scripts have been added, however,  with the
    exception of Georgian Mtavruli.
- freetype-config is now deprecated by upstream and not enabled
  by default.

- Update to version 2.10.1
  * The `ftmulti' demo program now  supports multiple hidden axes with
    the same name tag.
  * `ftview', `ftstring', and `ftgrid' got  a `-k' command line option
    to emulate a sequence of keystrokes at start-up.
  * `ftview', `ftstring', and `ftgrid' now support screen dumping to a
    PNG file.
  * The bytecode debugger, `ttdebug',  now supports variation TrueType
    fonts; a variation font instance can be selected with the new `-d'
    command line option.
- Add tarball signatures and freetype2.keyring

- Update to version 2.10.0
  * The  `ftdump' demo  program has new options `-c'  and `-C'  to
    display charmaps in compact and detailed format, respectively.
    Option `-V' has been removed.
  * The `ftview', `ftstring', and `ftgrid' demo programs use a new
    command line option `-d' to specify the program window's width,
    height, and color depth.
  * The `ftview' demo program now displays red boxes for zero-width
    glyphs.
  * `ftglyph' has limited support to display fonts with
    color-layered glyphs.This will be improved later on.
  * `ftgrid' can now display bitmap fonts also.
  * The `ttdebug' demo program has a new option `-f' to select a
    member of a TrueType collection (TTC).
  * Other various improvements to the demo programs.

- Remove 'Supplements: fonts-config' to avoid accidentally pulling
  in Qt dependencies on some non-Qt based desktops.(bsc#1091109)
  fonts-config is fundamental but ft2demos seldom installs by end users.
  only fonts-config maintainers/debuggers may use ft2demos along to
  debug some issues. 

- Update to version 2.9.1
  * No changelog upstream.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1370-1
Released:    Thu May 21 19:06:00 2020
Summary:     Recommended update for systemd-presets-branding-SLE
Type:        recommended
Severity:    moderate
References:  1171656
This update for systemd-presets-branding-SLE fixes the following issues:

Cleanup of outdated autostart services (bsc#1171656):
- Remove acpid.service. acpid is only available on SLE via openSUSE
  backports.  In openSUSE acpid.service is *not* autostarted. I see no
  reason why it should be on SLE.
- Remove spamassassin.timer. This timer never seems to have existed.
  Instead spamassassin ships a 'sa-update.timer'. But it is not
  default-enabled and nobody ever complained about this.
- Remove snapd.apparmor.service: This service was proactively added a year
  ago, but snapd didn't even make it into openSUSE yet. There's no reason
  to keep this entry unless snapd actually enters SLE which is not
  foreseeable.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1378-1
Released:    Thu May 21 19:08:52 2020
Summary:     Recommended update for google-compute-engine
Type:        recommended
Severity:    moderate
References:  1170719,1170720
This update for google-compute-engine contain the following fix:

- Do not add the created user to the adm, docker, or lxd groups if they exist. (bsc#1170719, bsc#1170720)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1381-1
Released:    Fri May 22 08:01:14 2020
Summary:     Security update for memcached
Type:        security
Severity:    moderate
References:  1133817,1149110,CVE-2019-11596,CVE-2019-15026
This update for memcached fixes the following issues:

Security issue fixed:

- CVE-2019-11596: Fixed a NULL pointer dereference in process_lru_command (bsc#1133817).
- CVE-2019-15026: Fixed a stack-based buffer over-read (bsc#1149110).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1388-1
Released:    Fri May 22 10:58:17 2020
Summary:     Recommended update for lifecycle-data-sle-module-live-patching
Type:        recommended
Severity:    moderate
References:  1020320
This update for lifecycle-data-sle-module-live-patching fixes the following issues:

- Live kernel patching update data for 4_12_14-197_37, 4_12_14-197_40. (bsc#1020320)
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1402-1
Released:    Mon May 25 14:17:17 2020
Summary:     Recommended update for mrsh
Type:        recommended
Severity:    moderate
References:  1144051
This update for mrsh fixes the following issues:

- Use systemd_ordering instead of systemd_requires: systemd is
  never a strict requirement; but in case the system is scheduled
  for installation together with systemd, we want systemd to be
  installed prior to mrsh.

- Add pam_keyinit.so to /etc/pam.d/mrsh|mrlogind. (bsc#1144051)
  To fully support the use of kernel keyrings by systemd the mrsh package must 
  include the pam_keyinit.so module in its mrsh and mrlogin configuration files.

- Add README.SUSE:
  Describe the steps required to set up and run mrshd/mrlogind.

- Add missing services in pre/post/preun/postun scripts.
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1407-1
Released:    Mon May 25 15:55:08 2020
Summary:     Recommended update for amazon-ssm-agent
Type:        recommended
Severity:    moderate
References:  1085670,1108265,1170935
This update for amazon-ssm-agent fixes the following issues:

- Update to 2.3.978.0 (2020-04-08) (bsc#1170935)
  + Stop pty on receiving TerminateSession request
  + Add support for Debian arm64 architecture
  + Refactoring session log generation logic
- Update to 2.3.930.0  (2020-03-17)
  + Bug fix for CloudWatch agent version showing twice in Inventory console
  + Bug fix for retrieving minor version for CentOS7
  + Add snap appData collection for inventory in ubuntu 18
  + Add validation for contents of os release files
  + Add retry for fingerprint generation
- Update to 2.3.871.0 (2020-02-20)
  + Various bug fix for SSM Agent
- Update to 2.3.842.0 (2020-01-29)
  + Bug fix for updating document state file prior agent reboot
  + Add support to restart agent after SIGPIPE exit status
- Update to 2.3.814.0 (2020-01-16)
  + Bug fix for metadata service V2
  + Update Golang version 1.12 for travis
  + Optimize session manager retry logic 
- Update to 2.3.786.0 (2019-12-19)
  + Add support for Oracle Linux v7.5 and v7.7
  + Bug fix for Inventory data provider to support special characters
  + Bug fix for SSM MDS service name
- Update to 2.3.772.0 (2019-12-13)
  + Upgrade AWS SDK
  + Add logging for fingerprint generation
- Update to 2.3.760.0 (2019-11-15)
  + Session manager supports handling of Task metadata
- Update to 2.3.758.0 (2019-11-11)
  + Add support to update SSM Distributor packages in place
- Update to 2.3.756.0 (2019-11-05)
  + Terminate port forwarding session on receiving TerminateSession flag
  + Bug fix to reload SSM client if region has not been initialize correctly
  + Bug fix for retrieval of user groups on Linux 
- Update to 2.3.722.0 (2019-10-11)
  + Bug fix for the delay when registering non-EC2 on-prem instances
  + Bug fix for missing ACL when uploading logs to S3 buckets
  + Upgrade GoLang version from 1.9 to 1.12
- Update to 2.3.714.0 (2019-09-26)
  + For port forwarding session, close server connection when client drops it's connection
  + Bug fix for missing condition of rules from inventory registry
  + Update service domain information fetch logic from EC2 Metadata
- Update to 2.3.707.0 (2019-09-11)
  + Bug fix for characters dropping from session manager shell output 
  + Bug fix for session manager freezing caused by non utf8 character
  + Switch the request protocol order for getting S3 Header
  + Keep port forwarding session open until session is terminated
- Update to 2.3.701.0 (2019-08-21)
  + Send platform type information in controlChannel input 
- Update to 2.3.687.0 (2019-08-05)
  + Bug fix for runPowershellScript plugin on linux platform
  + Add support for document 2.x version to ssm-cli 
- Update to 2.3.680.0 (2019-07-24)
  + Added a new Inventory gatherer AWS:BillingInfo which will gather the billing product ids for LicenseIncluded and Marketplace instance
- Update to 2.3.672.0 (2019-07-09)
  + Add Port plugin for SSH/SCP
  + Add support for Session Manager RunAs functionality on Linux platform
- Update to 2.3.668.0 (2019-07-01)
  + Add Session Manager InteractiveCommands plugin	
  + Bug fix for log formatting issue for session manager
- Update to 2.3.662.0 (2019-06-19)
  + Bug fix for Session Manager when handling line endings on Windows platform
  + Bug fix for token validation for aws:downloadContent plugin
  + Check if log group exists before uploading Session Manager logs to CloudWatch
  + Bug fix for broken S3 urls when using custom documents
- Update to 2.3.634.0 (2019-05-28)
  + Disable appconfig to load credential from specific profile path, add EC2 credentials as the default fallback
  + Remove sudoers file creation logic if ssm-user already exists
  + Enable supplementary groups for ssm-user on Linux
- Update to 2.3.612.0 (2019-05-08)
  + Bug fix for UTF-8 encoded issue caused by locale activation on Ubuntu 16.04 instance
  + Refactor ssm-user creation logic
  + Bug fix for reporting IP address with wrong network interface
  + Update configure package document arn pattern
- Update to 2.3.542.0 (2019-04-18)
  + Bug fix for on-premises instance registration in CN region
- Update to 2.3.539.0 (2019-04-04)
  + Add support for further encryption of session data using AWS KMS
  + Bug fix for excessive instance-id fetching by document workers
- Update to 2.3.479.0 (2019-03-06)
  + Bug fix for downloading content failure caused by wrong S3 endpoint
  + Bug fix for reboot failure caused by session manager panic
  + Bug fix for session manager shell output dropping character
  + Bug fix for mgs endpoint configuration consistency
- Update to 2.3.444.0 (2019-02-10)
  + Updates to UpdateInstanceInformation call, Windows initialization
- Update to 2.3.415.0 (2019-01-25)
  + Bug fix addressing issues in Distributor package upgrade
- Update to 2.3.372.0 (2019-01-08)
  + Bug fix to allow installation of Distributor packages that do
    not have a version name.
  + Bug fix for agent crash with message 'WaitGroup is reused
    before previous Wait has returned'.
- Update to 2.3.344.0 (2018-12-14)
  + Add frequent collector to detect changed inventory types and
    upload it to SSM service between two scheduled collections.
  + Change AWS Systems Manager Distributor to reduce calls to
    GetDocument by calling DescribeDocument.
  + Add exit code when ssm-cli execution fails.
  + Create ssm-user only after the control channel has been
    successfully created.
- Update to 2.3.274.0 (2018-11-26)
  + Enabled AWS Systems Manager Distributor that lets you securely
    distribute and install software packages.
  + Add support for the arm64 architecture on Amazon Linux 2,
    Ubuntu 16.04/18.04, and RHEL 7.6 to support EC2 A1 instances.
- Update to 2.3.235.0 (2018-10-23)
  + Bug fix for session manager logging on Windows
  + Bug fix for ConfigureCloudWatch plugin
  + Bug fix for update SSM agent occasionally failing due to SSM
    agent service stuck in starting state
- Update to 2.3.193.0 (2018-10-23)
  + Bug fix for past sessions occasionally stuck in terminating
    state
  + Darwin masquerades as Linux to bypass OS validation on the
    backend until official support can be added
- Update to 2.3.169.0 (2018-10-23)
  + Update managed instance role token more frequently
- Update to 2.3.136.0 (2018-10-09)
  + Bug fix for issue that GatherInventory throw out error when
    there is no Windows Update in instance
  + Add more filters when getting the Windows event logs at
    startup to improve performance
  + Add random jitter before call PutInventory in inventory
    datauploader
- Update to 2.3.117.0 (2018-10-02)
  + Bug fix for issues during process termination on instances
    where IAM policy does not grant ssmmessages permissions.
- Update to 2.3.101.0 (2018-10-02)
  + Bug fix to prevent defunct processes when creating the local
    user ssm-user.
  + Bug fix for sudoersFile permission to avoid 'sudo' command
    warnings in Session Manager.
  + Disable hibernation on Windows platform if Cloudwatch
    configuration is present.
- Update to 2.3.68.0 (2018-09-17)
  + Enables the Session Manager capability that lets you manage
    your Amazon EC2 instance through an interactive one-click
    browser-based shell or through the AWS CLI.
  + Beginning this agent version, SSM Agent will create a local
    user 'ssm-user' and either add it to /etc/sudoers (Linux) or
    to the Administrators group (Windows) every time the agent
    starts. The ssm-user is the default OS user when a Session
    Manager session is started, and the password for this user is
    reset on every session. You can change the permissions by
    moving the ssm-user to a less-privileged group or by changing
    the sudoers file. The ssm-user is not removed from the system
    when SSM Agent is uninstalled.
- Add patch to remove unused import
  + remove-unused-import.patch
- Build-Depend on pkgconfig(systemd) instead of systemd
  + Allows OBS to depend on the -mini flavors
- Refresh patches for new version
  + fix-version.patch

- Update to 2.3.50.0 2018-09-12 (bsc#1108265)
  + Enables the Session Manager capability that lets you manage
    your Amazon EC2 instance through an interactive one-click
    browser-based shell or through the AWS CLI.
  + Beginning this agent version, SSM Agent will create a local
    user 'ssm-user' and either add it to /etc/sudoers (Linux) or
    to the Administrators group (Windows) every time the agent
    starts. The ssm-user is the default OS user when a Session
    Manager session is started, and the password for this user
    is reset on every session. You can change the permissions
    by moving the ssm-user to a less-privileged group or by
    changing the sudoers file. The ssm-user is not removed
    from the system when SSM Agent is uninstalled.
- Update to 2.3.13.0 2018-08-16
  + Bug fix for the SSM Agent service remaining in 'Starting'
    state on Windows when unable to authenticate to the Systems
    Manager service.
- Update to 2.2.916.0 2018-08-02
  + NOTE: This build should not be installed for Windows since
    the SSM Agent service may remain in starting status if unable
    to authenticate to the Systems Manager service, which is
    fixed in the latest release.
  + Bug fix for missing cloudwatch.exe seen in SSM Agent version
    2.2.902.0
- Update to 2.2.902.0 2018-07-31
  + NOTE: This build should not be installed for Windows since
    you might see the error - 'Encountered error while starting
    the plugin: Unable to locate cloudwatch.exe' for Cloudwatch
    plugin. This bug has been fixed in SSM Agent version 2.2.916.0.
    Also SSM Agent service may remain in starting status if unable
    to authenticate to the Systems Manager service, which is
    fixed in the latest release.
  + Initial support for developer builds on macOS
  + Retry sending Run Command execution results for up to 2 hours
  + More detailed error messages are returned for inventory plugin
    failures during State Manager association executions
- Update to 2.2.800.0 2018-06-26
  + Bug fix to clean the orchestration directory
  + Streaming AWS Systems Manager Run Command output
    to CloudWatch Logs
  + Reducing number of retries for serial port opening 
  + Add retry logic to installation verification
- Update to 2.2.619.0 2018-05-29
  + Various bug fixes
- Update to 2.2.607.0 2018-05-23
  + Various bug fixes
- Update to 2.2.546.0 2018-05-07
  + Bug fix to retry sending document results if they
    couldn't reach the service
- Update to 2.2.493.0 2018-04-25
  + NOTE: Downgrade to this version using AWS-UpdateSSMAgent
    is not permitted for agent installed using snap
  + Added support for Ubuntu Snap packaging
  + Bug fix so that aws:downloadContent does not change
    permissions of directories
  + Bug fix to Cloudwatch plugin where StartType has
    duplicated Enabled value
- Update to 2.2.392.0 2018-03-27
  + Added support for agent hibernation so that Agent backs
    off or enters hibernation mode if it does not have access
    to the service
  + Various bug fixes
- Update to 2.2.355.0 2018-03-16
  + Fix S3Download to download from cross regions.
  + Various bug fixes
- Refresh patches for new version
  + fix-config.patch
  + fix-version.patch

- Update to 2.2.325.0 2018-03-07 (bsc#1085670)
  + Bug fix to change sourceHashType to be default sha256 on
    psmodule.
- Update to 2.2.257.0 2018-02-23
  + Bug fix to address an issue that can prevent the agent from
    processing associations after a restart.
- Update to 2.2.160.0 2018-01-15
  + Execute 'pwsh' on linux when using runPowershellScript plugin.
- Update to 2.2.93.0 2017-11-14
  + Update to latest AWS SDK.
- Update to 2.2.58.0 2017-10-23
  + Switching to use Birdwatcher distribution service for AWS
    packages.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1413-1
Released:    Tue May 26 09:45:41 2020
Summary:     Recommended update for vncmanager
Type:        recommended
Severity:    moderate
References:  1169732,1171344
This update for vncmanager fixes the following issues:

- Fix tight compression decoder on big-endian systems. (bsc#1171344)
- Fix tight decoder with 888 pixel encodings. (bsc#1169732)
- Fix PixelFormat::ntoh() and PixelFormat::hton(). (bsc#1169732)
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1419-1
Released:    Tue May 26 12:23:30 2020
Summary:     Security update for sysstat
Type:        security
Severity:    low
References:  1159104,CVE-2019-19725
This update for sysstat fixes the following issues:

- CVE-2019-19725: Fixed double free in check_file_actlst in sa_common.c (bsc#1159104).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1420-1
Released:    Tue May 26 12:23:54 2020
Summary:     Security update for jasper
Type:        security
Severity:    low
References:  1092115,CVE-2018-9154
This update for jasper fixes the following issues:

- CVE-2018-9154: Fixed a potential denial of service in jpc_dec_process_sot() (bsc#1092115).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1423-1
Released:    Tue May 26 14:33:06 2020
Summary:     Security update for mariadb-connector-c
Type:        security
Severity:    important
References:  1171550,CVE-2020-13249
This update for mariadb-connector-c fixes the following issues:

Security issue fixed:

- CVE-2020-13249: Fixed an improper validation of OK packets received from clients (bsc#1171550).

Non-security issues fixed:

- Update to release 3.1.8 (bsc#1171550)
  * CONC-304: Rename the static library to libmariadb.a and other libmariadb files in a consistent manner
  * CONC-441: Default user name for C/C is wrong if login user is different from effective user
  * CONC-449: Check $MARIADB_HOME/my.cnf in addition to $MYSQL_HOME/my.cnf
  * CONC-457: mysql_list_processes crashes in unpack_fields
  * CONC-458: mysql_get_timeout_value crashes when used improper
  * CONC-464: Fix static build for auth_gssapi_client plugin

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1426-1
Released:    Tue May 26 14:54:32 2020
Summary:     Recommended update for python-boto
Type:        recommended
Severity:    moderate
References:  1171769
This update for python-boto fixes the following issues:

- Update in SLE-15: (bsc#1171769)
- Fix build under python3.8 by skipping more tests that break with previous release.
- Skip the tests for the flavors not being built
- Remove old comment
- Fix breakages caused by removing boto.cacerts module which is imported elsewhere in
  the package. The file boto/cacerts/cacerts.txt is removed instead, and
  boto-no-builtin-certs.patch is trimmed.
- Activate the test suite, adding many build dependencies with versions. 11 failing Cloudfront
  signings tests are skipped only on Python 3.
- Add versions to runtime dependencies.
- python-rsa is added as a Recommends as it is needed for Cloudfront.
- python-requests is added as a Recommends as it is needed for Cloudsearch.
- python-requests is added as a Suggests as it is used for contrib ymlmessage.
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1427-1
Released:    Tue May 26 14:55:16 2020
Summary:     Recommended update for docker-runc
Type:        recommended
Severity:    moderate
References:  1168481
This update for docker-runc contains the following fixes:

- Backport upstream fix that enable access to /dev/null in containers. Resolves many
  issues with the implementation of the runc devices cgroup code. Removes some of
  the disruptive aspects of 'runc update'. (bsc#1168481)

  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1487-1
Released:    Wed May 27 15:24:08 2020
Summary:     Recommended update for cloud-regionsrv-client
Type:        recommended
Severity:    important
References:  1171704,1171705
This update for cloud-regionsrv-client contains the following fixes:

- Improve error message for failed update server access to determine product status.

- Update to version 9.0.10. (bsc#1171704, bsc#1171705)
  + While the service starts After=network-online.target this is no guarantee that the
    cloud framework has configured the outgoing routing for the instance. This
    configuration on the framework side may take longer. Introduce a wait look that
    retries connections to the update infrastructure 3 times before giving up.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1493-1
Released:    Wed May 27 18:55:51 2020
Summary:     Security update for libmspack
Type:        security
Severity:    low
References:  1130489,1141680,CVE-2019-1010305
This update for libmspack fixes the following issues:

Security issue fixed:

- CVE-2019-1010305: Fixed a buffer overflow triggered by a crafted chm file
  which could have led to information disclosure (bsc#1141680).
  
Other issue addressed: 

- Enable build-time tests (bsc#1130489)


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1494-1
Released:    Wed May 27 20:29:48 2020
Summary:     Recommended update for python-psycopg2
Type:        recommended
Severity:    moderate
References:  1171213
This update for python-psycopg2 fixes the following issues:

- Sort out the syntax of the dependencies to fix possible build failures. (bsc#1171213)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1507-1
Released:    Fri May 29 17:23:52 2020
Summary:     Recommended update for publicsuffix
Type:        recommended
Severity:    moderate
References:  1171819
This update for publicsuffix fixes the following issues:

- Update from version 20180312 to version 20200506. (bsc#1171819).

- New in version 20200506:
  * gTLD autopull: 2020-05-06 (#1030)
  * Update public_suffix_list.dat (#993)
  * Add shopware.store domain (#958)
  * Add clic2000.net to Private Section (#1010)
  * Add Fabrica apps domain: onfabrica.com (#999)
  * Add dyndns.dappnode.io (#912)
  * Added curv.dev to public_suffix_list.dat (#968)
  * Add panel.gg and daemon.panel.gg (#978)
  * adding sth.ac.at (#997)
  * Add netlify.app (#1012)
  * Added Wiki Link as info resource (#1011)
  * Add schulserver.de, update IServ GmbH contact information (#996)
  * Add conn.uk, copro.uk, couk.me and ukco.me domains (#963)
  * Remove flynnhub.com (#971)
  * Added graphox.us domain (#960)
  * Add domains for FASTVPS EESTI OU (#941)
  * Add platter.dev user app domains (#935)
  * Add playstation-cloud.com (#1006)
  * gTLD autopull: 2020-04-02 (#1005)
  * ACI prefix (#930)
  * Update public_suffix_list.dat (#923)
  * Add toolforge.org and wmcloud.org (#970)
  * gTLD autopull: 2020-03-29 (#1003)

- New in version 20200326:
  * aero registry removal
  * Add Mineduc subregistry for public schools: aprendemas.cl
  * Update public_suffix_list.dat - Existing Section
  * gTLD autopull: 2020-03-15
  * Add 'urown.cloud' and 'dnsupdate.info'
  * Remove site.builder.nu
  * Remove unnecessary trailing whitespace for name.fj
  * Update .eu IDNs to add Greek and URL for Cyrillic
  * Update fj entry

- New in version 20200201:
  * gTLD autopull: 2020-02-01 (#952)
  * gTLD autopull: 2020-01-31 (#951)
  * Add WoltLab Cloud domains (#947)
  * Add qbuser.com domain (#943)
  * Added senseering domain (#946)
  * Add u.channelsdvr.net to PSL (#950)
  * Add discourse.team (#949)
  * gTLD autopull: 2020-01-06 (#942)
  * gTLD autopull: 2019-12-25 (#939)
  * Urgent removal of eq.edu.au (#924)
  * gTLD autopull: 2019-12-20 (#938)
  * gTLD autopull: 2019-12-11 (#932)
  * Added adobeaemcloud domains (#931)
  * Add Observable domain: observableusercontent.com. (#914)
  * Correct v.ua sorting
  * add v.ua (#919)
  * Add en-root.fr domain (#910)
  * add Datawire private domain (#925)
  * Add amsw.nl private domain to PSL (#929)
  * Add *.on-k3s.io (#922)
  * Add *.r.appspot.com to public suffix list (#920)
  * Added gentapps.com (#916)
  * Add oya.to (#908)
  * Add Group 53, LLC Domains (#900)
  * Add perspecta.cloud (#898)
  * Add 0e.vc to PSL (#896)
  * Add skygearapp.com (#892)
  * Update Hostbip Section (#871)
  * Add qcx.io and *.sys.qcx.io (#868)
  * Add builtwithdark.com to the public suffix list (#857)
  * Add_customer-oci.com (#811)
  * Move out old .ru reserved domains
  * gTLD autopull: 2019-12-02 (#928)
  * gTLD autopull: 2019-11-20 (#926)

- New in version 20191115:
  * Add gov.scot for Scottish Government
  * update gTLD list to 2019-11-15 state
  * remove go-vip.co, go-vip.net, wpcomstaging.com

- New in version 20191025:
  * gTLD list updated to 2019-10-24 state
  * Update .so suffix list
  * Add the new TLD .ss
  * Add xn--mgbah1a3hjkrd (موريتانيا)
  * Add lolipop.io
  * Add altervista.org
  * Remove zone.id from list
  * Add new domain to Synology dynamic dns service

- New in version 20190808:
  * tools: update newgtlds.go to filter removed gTLDs (#860)
  * gTLD autopull: 2019-08-08 (#862)
  * Remove non-public nuernberg.museum nuremberg.museum domains (#859)
  * gTLD autopull: 2019-08-02 (#858)
  * Update public_suffix_list.dat (#825)
  * Update reference as per #855
  * add nic.za
  * Update contact for SymfonyCloud (#854)
  * Add lelux.site (#849)
  * Add *.webhare.dev (#847)
  * Update Hostbip Section (#846)
  * Add Yandex Cloud domains (#850)
  * Add ASEINet domains (#844)
  * Update nymnom section (#771)
  * Add Handshake zones (#796)
  * Add iserv.dev for IServ GmbH (#826)
  * Add trycloudflare.com to Cloudflare's domains (#835)
  * Add shopitsite.com (#838)
  * Add pubtls.org (#839)
  * Add qualifio.com domains (#840)
  * Update newgtlds tooling & associated gTLD data. (#834)
  * Add web.app for Google (#830)
  * Add iobb.net (#828)
  * Add cloudera.site (#829)

- New in version 20190529:
  * Add Balena domains (#814)
  * Add KingHost domains (#827)
  * Add dyn53.io (#820)
  * Add azimuth.network and arvo.network (#812)
  * Update .rw domains per ccTLD (#821)
  * Add b-data.io (#759)
  * Add co.bn (#789)
  * Add Zitcom domains (#817)
  * Add Carrd suffixes (#816)
  * Add Linode Suffixes (#810)
  * Add lab.ms (#807)
  * Add wafflecell.com (#805)
  * Add häkkinen.fi (#804)
  * Add prvcy.page (#803)
  * Add SRCF user domains: soc.srcf.net, user.srcf.net (#802)
  * Add KaasHosting (#801)
  * Adding cloud66.zone (#797)
  * Add gehirn.ne.jp and usercontent.jp for Gehirn Inc. (#795)
  * Add Clerk user domains (#791)
  * Add loginline (.app, .dev, .io, .services, .site) (#790)
  * Add wnext.app (#785)
  * Add Hostbip Registry Domains (#770)
  * Add glitch.me (#769)
  * added thingdustdata.com (#767)
  * Add dweb.link (#766)
  * Add onred.one (#764)
  * Add mo-siemens.io (#762)
  * Add Render domains (#761)
  * Add *.moonscale.io (#757)
  * Add Stackhero domain (#755)
  * Add voorloper.cloud (#750)
  * Add repl.co and repl.run (#748)
  * Add edugit.org (#736)
  * Add Hakaran domains (#733)
  * Add barsy.ca (#732)
  * Add Names.of.London Domains (#543)
  * Add nctu.me (#746)
  * Br 201904 update (#809)
  * Delete DOHA
  * Add app.banzaicloud.io (#730)
  * Update .TR (#741)
  * Add Nabu Casa (#781)
  * Added uk0.bigv.io under Bytemark Hosting (#745)
  * Add GOV.UK PaaS client domains (#765)
  * Add discourse.group for Civilized Discourse Construction Kit, Inc. (#768)
  * Add on-rancher.cloud and on-rio.io (#779)
  * Syncloud dynamic dns service (#727)
  * Add git-pages.rit.edu (#690)
  * Add workers.dev (#772)
  * Update .AM (#756)
  * Add go-vip.net. (#793)
  * Add site.builder.nu (#723)
  * Update .FR sectorial domains (#527)
  * Remove ACTIVE
  * Remove SPIEGEL
  * Remove EPOST
  * Remove ZIPPO
  * Remove BLANCO

- New in version 20190205:
  * Add domains of Individual Network Berlin e.V. (#711)
  * Added bss.design to PSL (#685)
  * Add fastly-terrarium.com (#729)
  * Add Swisscom Application Cloud domains (#698)
  * Update public_suffix_list.dat with api.stdlib.com (#751)
  * Add regional domain for filegear.me (#713)
  * Remove bv.nl (#758)
  * Update public_suffix_list.dat

- Link public_suffix_list.dat to effective_tld_names.dat for the
  purpose of httpcomponents-client

- Do not pull in full python3, psl-make-dafsa already pulls in
  what it needs to generate the things

- New in version 20181227:
  * Add run.app and a.run.app to the psl (#681)
  * Add telebit.io .app .xyz (#726)
  * Add Leadpages domains (#731)
  * Add public suffix entries for dapps.earth (#708)
  * Add Bytemark Hosting domains (#620)
  * Remove .STATOIL
  * linter: Expect rules to be in NFKC (#725)
  * Convert list data from NFKD to NFKC (#720)
  * Update LS (#718)

- New in version 20181030:
  * Add readthedocs.io (#722)
  * Remove trailing whitespace from L11948 (#721)
  * Add krasnik.pl, leczna.pl, lubartow.pl, lublin.pl, poniatowa.pl
    and swidnik.pl domains to the Public Suffix List (#670)
  * Add instantcloud.cn by Redstar Consultants (#696)
  * Add Fermax and mydobiss.com domain (#706)
  * Add shop.th & online.th (#716)
  * Add siteleaf.net (#655)
  * Add wpcomstaging.com and go-vip.co to the PSL (#719)

- Update to version 20181003:
  * Remove deleted TLDs (#710)
  * Added apigee.io (#712)
  * Add AWS ElasticBeanstalk Ningxia, CN region (#597)
  * Add Github PULL REQUEST TEMPLATE (#699)
  * Add ong.br 2nd level domain (#707)

- Update to version 20180813:
  * Update .ID list (#703)
  * Updated .bn ccTLD. Removed wildcard. (#702)
  * Remove stackspace.space from PSL (#691)
  * Remove XPERIA (#697)

- Update to version 20180719:
  * Remove .IWC
  * Update Kuwait's ccTLD (.kw)
  * Use https for www.transip.nl
  * Remove MEO and SAPO

- New in version 20180523:
  * Remove 1password domains (#632)
  * Add cleverapps.io (Clever Cloud) (#634)
  * Remove .BOOTS
  * Add azurecontainer.io to Microsoft domains (#637)
  * Change the patchnewgtlds tool for the updated .zw domain
  * Add new gTLDs up to 2018-04-17 and new ccTLDs up to 2018-04-17
  * cloud.muni.cz cloud subdomains (#622)
  * Add YunoHost DynDns domains: nohost.me & noho.st (#615)
  * Use a custom token for the newGTLD list (#645)
  * lug.org.uk (#514)
  * Adding xnbay.com,u2.xnbay.com,u2-local.xnbay.com to public_suffix_list.dat. (#506)
  * Adding customer.speedpartner.de (#585)
  * Adding ravendb.net subdomains (#535)
  * Adding own.pm (#544)
  * pcloud.host (#531)
  * Add additional Lukanet Ltd domains (#652)
  * Add zone.id (#575)
  * Add half.host (#571)
  * Update 香港 TLD (#568)
  * Add Now-DNS domains (#560)
  * Added blackbaudcdn.net private domain to PSL (#558)
  * Adding IServ GmbH domains (#552)
  * Add FASTVPS EESTI OU domains (#541)
  * nic.it - update regions and provinces (#524)
  * Update Futureweb OG Private Domains (#520)
  * add United Gameserver virtualuser domains (#600)
  * Add Lightmaker Property Manager, Inc domains (#604)
  * Update Uberspace domains (#616)
  * Add Datto, Inc domains
  * Add memset hosting domains (#625)
  * Add utwente.io (#626)
  * Add bci.dnstrace.pro (#630)
  * Add May First domains (#635)
  * Add Linki Tools domains (#636)
  * Update NymNom domains
  * Add Co & Co domains (#650)
  * Add new gTLDs up to 2018-05-08 (#653)
  * Correct linter issues (#654)
  * Add cnpy.gdn as private domain (#633)
  * Add freedesktop.org (#619)
  * Add Omnibond Systems (#656)
  * Add hasura.app to the list (#668)
  * Update gu ccTLD suffixes (#669)

- New in version 20180328:
  * Add gwiddle.co.uk (#521)
  * Add ox.rs (#522)
  * Add myjino.ru (#512)
  * Add ras.ru domains (#511)
  * Add AWS ElasticBeanstalk Osaka, JP region (#628)
  * Remove trailing whitespace (#621)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1508-1
Released:    Fri May 29 17:32:31 2020
Summary:     Recommended update for apache2-mod_jk
Type:        recommended
Severity:    moderate
References:  1167896
This update for apache2-mod_jk fixes the following issues:

- Update jk.conf. (bsc#1167896)
  * Specify the location of JkShmFile.
  * Update tomcat-webapps paths.
- Fix Aliases to be compatible with the tomcat example URLs. (bsc#1167896)
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1511-1
Released:    Fri May 29 18:03:39 2020
Summary:     Security update for java-11-openjdk
Type:        security
Severity:    important
References:  1167462,1169511,CVE-2020-2754,CVE-2020-2755,CVE-2020-2756,CVE-2020-2757,CVE-2020-2767,CVE-2020-2773,CVE-2020-2778,CVE-2020-2781,CVE-2020-2800,CVE-2020-2803,CVE-2020-2805,CVE-2020-2816,CVE-2020-2830
This update for java-11-openjdk fixes the following issues:

Java was updated to jdk-11.0.7+10 (April 2020 CPU, bsc#1169511).

Security issues fixed:

- CVE-2020-2754: Fixed an incorrect handling of regular expressions that could have resulted in denial of service (bsc#1169511).
- CVE-2020-2755: Fixed an incorrect handling of regular expressions that could have resulted in denial of service (bsc#1169511).
- CVE-2020-2756: Fixed an incorrect handling of regular expressions that could have resulted in denial of service (bsc#1169511).
- CVE-2020-2757: Fixed an object deserialization issue that could have resulted in denial of service via crafted serialized input (bsc#1169511).
- CVE-2020-2767: Fixed an incorrect handling of certificate messages during TLS handshakes (bsc#1169511).
- CVE-2020-2773: Fixed the incorrect handling of exceptions thrown by unmarshalKeyInfo() and unmarshalXMLSignature() (bsc#1169511).
- CVE-2020-2778: Fixed the incorrect handling of SSLParameters in setAlgorithmConstraints(), which could have been abused to override the defined systems security policy and lead to the use of weak crypto algorithms (bsc#1169511).
- CVE-2020-2781: Fixed the incorrect re-use of single null TLS sessions (bsc#1169511).
- CVE-2020-2800: Fixed an HTTP header injection issue caused by mishandling of CR/LF in header values (bsc#1169511).
- CVE-2020-2803: Fixed a boundary check and type check issue that could have led to a sandbox bypass (bsc#1169511).
- CVE-2020-2805: Fixed a boundary check and type check issue that could have led to a sandbox bypass (bsc#1169511).
- CVE-2020-2816: Fixed an incorrect handling of application data packets during TLS handshakes  (bsc#1169511).
- CVE-2020-2830: Fixed an incorrect handling of regular expressions that could have resulted in denial of service (bsc#1169511).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1512-1
Released:    Fri May 29 18:11:37 2020
Summary:     Recommended update for unrar_wrapper
Type:        recommended
Severity:    important
References:  1170792
This update for unrar_wrapper fixes the following issues:

- Add missing requirement 'python3-setuptools'. (bsc#1170792)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1520-1
Released:    Tue Jun  2 19:53:03 2020
Summary:     Recommended update for psqlODBC
Type:        recommended
Severity:    moderate
References:  1166821
This update for psqlODBC provides the following fixes:

- Update to 12.01.0000:
  * Fix the bug that causes 'Error : A parameter cannot be found that matches parameter
    name'.
    + Enclose the command part * Find_VSDir $vc_ver * with parentheses so that the
      subsequent * -ne '' * isn't considered to be a parameter.
  * Cope with the removal of pg_class.relhasoids in PG12 correctly when retrieving
    updatable cursors.
- Changes in 12.00.0000:
  * Fix the bug that SQLGetDescField() for Field SQL_DESC_COUNT returns SQLINTEGER value
    which should be of type SQLSMALLINT.
  * SQLGetTypeInfo() filters SQL_TYPE_DATE, SQL_TYPE_TIME and SQL_TYPE_TIMESTAMP for
    ODBC 2.x applications.
  * Added support for scalar functions TIMESTAMPADD(), TIMESTAMPDIFF() and EXTRACT().
  * The macro IS_NOT_SPACE() is used for not pointers but integers.
  * Fix a crash bug when SQLProcedureColumns() handles satisfies_hash_partition(). The
    proargmodes column of satisfies_hash_partition()'s pg_proc entry is not null but the
    proallargtypes column is null.

- Changes in 11.01.0000:
  * Correct the rgbInfoValue returned by SQLGetInfo(SQL_TIMEDATE_FUNCTIONS, ..).
  * Because the field 'relhasoids' was dropped in PG12, psqlodbc drivers would have some
    problems with PG12 servers.
  * Register drivers {PostgreSQL ANSI} and {PostgreSQL Unicode} during installation on
    64bit Windows so that users could use the same connection strings in both x86 and x64
    environments.
  * Correct the rgbInfoValue returned by SQLGetInfo(SQL_LIKE_ESCAPE_CLAUSE, ..).
  * Fix a typo in SQLForeignKeys-ResultSet-Column. 'deferrablity' should be 'DEFERRABILITY'.
  * Correct the rgbInfoValue returned by SQLGetInfo(.., SQL_NUMERIC_FUNCTIONS(SQL_SYSTEM_FUNCTIONS
    or SQL_STRING_FUNCTIONS, ..).
  * Bug fix: do not forget to set parameter numbers while handling escaped ODBC functions.
  * Fix test_connection() in setup.c so that settings of conn_settings and pqopt option
    are reflected properly.

- Changes in 11.00.0000:
  * Remove obsolete maps pointed out.
  * Remove connSettings option and/or pqopt option from the OutConnectionString parameter of
    SQLDriverConnect() when each option doesn't exist in InConnectionString parameter.
  * The parameters should be cast because parameters of concat() function are variadic 'any'.
  * Add an alias DX of *Database* keyword for connection strings to aviod the use of
    'database' keyword which has a special meaning in some apps or middlewares.
  * Numeric items without precision are unlimited and there's no natural map between SQL
    data types. Add an option *Numeric(without precision) as*
  * Fix a bug that SQLSpecialColumns() returns oid/xmin incorrectly when a table does not
    exist.
- Fix build with PostgreSQL 11 that does not have pg_config in the regular devel package
  anymore. (bsc#1166821)

- Changes in 10.03.0000:
  * Put back the handling of lock_CC_for_rb variable. The variable lock_CC_for_rb should
    be held per connection.
  * Fix SQLGetTypeInfo() so that it filters SQL_TYPE_DATE, SQL_TYPE_TIME or SQL_TYPE_TIMESTAMP
    for ODBC 2.x applications.
  * Revise ConfigDSN() so that it handles the 4th parameter(lpszAttribues) correctly.
  * Fix a crash bug when handling error messages. Also modified some error messages.
  * Let SQLTables() or SQLTablePrivileges() show partition tables.
  * Fix build on Solaris defined(__SUNPRO_C) using Solaris Studio.
  * Reduce DB access to pg_class or pg_index by caching relhasoids, relhassubclass etc.
    It would improve the performance of SQLSetPos() or SQLBulkOperations() very much in
    some cases.

- Changes in 10.02.0000:
  * It's safer to call setlocale(LC_CTYPE, '') than calling setlocale(LC_ALL, '')
  * Avoid replacing effective notice messages.
  * Handle MALLOC/REALLOC errors while fetching tuples more effectively.
  * Make SQLSetPos(SQL_DELETE/SQL_REFRESH) more effective. Because queries calling currtid(2)
    like select .. from .. where ctid=currtid2(.., ..) cause Seq Scan, their execution may
    be very slow. It is better to execute queries using subqueries like select .. from ..
    where ctid=(select currtid2(.., ..)) because they cause Tid Scan.
  * Fix a crash bug in AddDeleted().

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2020:1527-1
Released:    Wed Jun  3 13:34:59 2020
Summary:     Optional update for alsa-plugins
Type:        optional
Severity:    low
References:  1171586
This update for alsa-plugins doesn't fix any user visible issues, but changes
the way the package is being built. An installation is optional and not required.
(bsc#1171586, jsc#SLE-11987)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1542-1
Released:    Thu Jun  4 13:24:37 2020
Summary:     Recommended update for timezone
Type:        recommended
Severity:    moderate
References:  1172055
This update for timezone fixes the following issue:

- zdump --version reported 'unknown' (bsc#1172055)
 
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1553-1
Released:    Mon Jun  8 09:32:53 2020
Summary:     Security update for libexif
Type:        security
Severity:    moderate
References:  1055857,1059893,1120943,1160770,1171475,1171847,1172105,1172116,1172121,CVE-2016-6328,CVE-2017-7544,CVE-2018-20030,CVE-2019-9278,CVE-2020-0093,CVE-2020-12767,CVE-2020-13112,CVE-2020-13113,CVE-2020-13114
This update for libexif to 0.6.22 fixes the following issues:

Security issues fixed:

- CVE-2016-6328: Fixed an integer overflow in parsing MNOTE entry data of the input file (bsc#1055857).
- CVE-2017-7544: Fixed an out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c (bsc#1059893).
- CVE-2018-20030: Fixed a denial of service by endless recursion (bsc#1120943).
- CVE-2019-9278: Fixed an integer overflow (bsc#1160770).
- CVE-2020-0093: Fixed an out-of-bounds read in exif_data_save_data_entry (bsc#1171847).
- CVE-2020-12767: Fixed a divide-by-zero error in exif_entry_get_value (bsc#1171475).
- CVE-2020-13112: Fixed a time consumption DoS when parsing canon array markers (bsc#1172121).
- CVE-2020-13113: Fixed a potential use of uninitialized memory (bsc#1172105).
- CVE-2020-13114: Fixed various buffer overread fixes due to integer overflows in maker notes (bsc#1172116).

Non-security issues fixed:

- libexif was updated to version 0.6.22:
  * New translations: ms
  * Updated translations for most languages
  * Some useful EXIF 2.3 tag added:
    * EXIF_TAG_GAMMA
    * EXIF_TAG_COMPOSITE_IMAGE
    * EXIF_TAG_SOURCE_IMAGE_NUMBER_OF_COMPOSITE_IMAGE
    * EXIF_TAG_SOURCE_EXPOSURE_TIMES_OF_COMPOSITE_IMAGE
    * EXIF_TAG_GPS_H_POSITIONING_ERROR
    * EXIF_TAG_CAMERA_OWNER_NAME
    * EXIF_TAG_BODY_SERIAL_NUMBER
    * EXIF_TAG_LENS_SPECIFICATION
    * EXIF_TAG_LENS_MAKE
    * EXIF_TAG_LENS_MODEL
    * EXIF_TAG_LENS_SERIAL_NUMBER

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1560-1
Released:    Mon Jun  8 12:08:28 2020
Summary:     Recommended update for llvm7
Type:        recommended
Severity:    low
References:  1171512
This update for llvm7 fixes the following issues:

-Fix for build failures when using 'llvm7' on i586. (bsc#1171512)  
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1569-1
Released:    Tue Jun  9 11:13:16 2020
Summary:     Security update for java-1_8_0-openjdk
Type:        security
Severity:    important
References:  1160398,1169511,1171352,CVE-2020-2754,CVE-2020-2755,CVE-2020-2756,CVE-2020-2757,CVE-2020-2773,CVE-2020-2781,CVE-2020-2800,CVE-2020-2803,CVE-2020-2805,CVE-2020-2830
This update for java-1_8_0-openjdk to version jdk8u252 fixes the following issues:

- CVE-2020-2754: Forward references to Nashorn (bsc#1169511)
- CVE-2020-2755: Improve Nashorn matching (bsc#1169511)
- CVE-2020-2756: Better mapping of serial ENUMs (bsc#1169511)
- CVE-2020-2757: Less Blocking Array Queues (bsc#1169511)
- CVE-2020-2773: Better signatures in XML (bsc#1169511)
- CVE-2020-2781: Improve TLS session handling (bsc#1169511)
- CVE-2020-2800: Better Headings for HTTP Servers (bsc#1169511)
- CVE-2020-2803: Enhance buffering of byte buffers (bsc#1169511)
- CVE-2020-2805: Enhance typing of methods (bsc#1169511)
- CVE-2020-2830: Better Scanner conversions (bsc#1169511)
- Ignore whitespaces after the header or footer in PEM X.509 cert (bsc#1171352)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1582-1
Released:    Tue Jun  9 18:20:10 2020
Summary:     Security update for rubygem-bundler
Type:        security
Severity:    moderate
References:  1143436,CVE-2019-3881
This update for rubygem-bundler fixes the following issue:

- CVE-2019-3881: Fixed insecure permissions on a directory in /tmp/ that allowed malicious code execution (bsc#1143436).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1616-1
Released:    Fri Jun 12 10:51:28 2020
Summary:     Recommended update for SAPHanaSR-ScaleOut
Type:        recommended
Severity:    moderate
References:  1156067,1156150,1157685
This update for SAPHanaSR-ScaleOut fixes the following issues:

- Restart 'sapstartsrv' service on master nameserver node. (bsc#1156150)
- Use a fall-back scoring for the master nameserver nodes, if the current roles of the node(s) got lost. (bsc#1156067)
- SAPHanaSR-ScaleOut-doc will no longer be installable when SAPHanaSR-doc is installed (bsc#1157685)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1631-1
Released:    Wed Jun 17 09:53:58 2020
Summary:     Recommended update for fonts-config
Type:        recommended
Severity:    important
References:  1049056,1092737,1101985,1106850,1111791,1172022
This update for fonts-config fixes the following issues:

- Update version from 20160921 to version 20200609+git0.42e2b1b
  * Check if it's required to use some default settings in /etc/sysconfig/fonts-config. (bsc#1172022) 
  * Add variable to allow fonts-config to update default settings
  * Fix en-US, en-GB font matching.
  * Allow non-ASCII letters in font names. (bsc#1049056, bsc#1101985).
  * Update subpixel rendering config
  * Fix misspelling in configuration file. (bsc#1111791)
  * Fix wrong visualization for special characters and numbers. (bsc#1092737)
  * Support color emoji
  * Modern fonts for symbol
  * Add configurations for Noto Sans/Serif CJK
  * No longer create encodings.dir in /usr/share/fonts/encodings/ (bsc#1106850)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1635-1
Released:    Wed Jun 17 14:20:56 2020
Summary:     Recommended update for susemanager-cloud-setup
Type:        recommended
Severity:    important
References:  1172645
This update for susemanager-cloud-setup contains the following fix:

- Update to version 1.5:
  * adapt to new azuremetadata output (bsc#1172645)

  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1657-1
Released:    Thu Jun 18 10:49:53 2020
Summary:     Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork
Type:        security
Severity:    moderate
References:  1172377,CVE-2020-13401
This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues:

Docker was updated to 19.03.11-ce
runc was updated to version 1.0.0-rc10
containerd was updated to version 1.2.13

- CVE-2020-13401: Fixed an issue where an attacker with CAP_NET_RAW capability, could have crafted IPv6 router 
  advertisements, and spoof external IPv6 hosts, resulting in obtaining  sensitive information or causing  denial 
  of service (bsc#1172377).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1677-1
Released:    Thu Jun 18 18:16:39 2020
Summary:     Security update for mozilla-nspr, mozilla-nss
Type:        security
Severity:    important
References:  1159819,1169746,1171978,CVE-2019-17006,CVE-2020-12399
This update for mozilla-nspr, mozilla-nss fixes the following issues:

mozilla-nss was updated to version 3.53

- CVE-2020-12399: Fixed a timing attack on DSA signature generation (bsc#1171978).
- CVE-2019-17006: Added length checks for cryptographic primitives (bsc#1159819).
Release notes: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.53_release_notes

mozilla-nspr to version 4.25

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1684-1
Released:    Fri Jun 19 09:48:36 2020
Summary:     Security update for java-1_8_0-ibm
Type:        security
Severity:    important
References:  1160968,1169511,1171352,1172277,CVE-2019-2949,CVE-2020-2654,CVE-2020-2754,CVE-2020-2755,CVE-2020-2756,CVE-2020-2757,CVE-2020-2781,CVE-2020-2800,CVE-2020-2803,CVE-2020-2805,CVE-2020-2830
This update for java-1_8_0-ibm fixes the following issues:

java-1_8_0-ibm was updated to Java 8.0 Service Refresh 6 Fix Pack 10 (bsc#1172277,bsc#1169511,bsc#1160968)

- CVE-2020-2654: Fixed an issue which could have resulted in unauthorized ability to cause a partial denial of service    
- CVE-2020-2754: Forwarded references to Nashorn 
- CVE-2020-2755: Improved Nashorn matching 
- CVE-2020-2756: Improved mapping of serial ENUMs 
- CVE-2020-2757: Less Blocking Array Queues 
- CVE-2020-2781: Improved TLS session handling 
- CVE-2020-2800: Improved Headings for HTTP Servers 
- CVE-2020-2803: Enhanced buffering of byte buffers 
- CVE-2020-2805: Enhanced typing of methods 
- CVE-2020-2830: Improved Scanner conversions 
- CVE-2019-2949: Fixed an issue which could have resulted in unauthorized access to critical data 
- Added RSA PSS SUPPORT TO IBMPKCS11IMPL
- The pack200 and unpack200 alternatives should be slaves of java (bsc#1171352).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1695-1
Released:    Fri Jun 19 14:54:47 2020
Summary:     Security update for osc
Type:        security
Severity:    moderate
References:  1122675,CVE-2019-3681
This update for osc to 0.169.1 fixes the following issues:

Security issue fixed:

- CVE-2019-3681: Fixed an insufficient validation of network-controlled filesystem paths (bsc#1122675).

Non-security issues fixed:

- Improved the speed and usability of osc bash completion.
- improved some error messages.
- osc add: support git@ (private github) or git:// URLs correctly.
- Split dependson and whatdependson commands.
- Added support for osc build --shell-cmd.
- Added pkg-ccache support for osc build.
- Added --ccache option to osc getbinaries 

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1704-1
Released:    Mon Jun 22 11:21:12 2020
Summary:     Recommended update for susefirewall2-to-firewalld
Type:        recommended
Severity:    moderate
References:  1170461
This update for susefirewall2-to-firewalld fixes the following issues:

- Fixed 'INVALID_PORT' error message with certain SuSEfirewall2 configurations (bsc#1170461).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1706-1
Released:    Mon Jun 22 14:34:34 2020
Summary:     Recommended update for susemanager-cloud-setup
Type:        recommended
Severity:    important
References:  1172838
This update for susemanager-cloud-setup contains the following fix:

- Update to version 1.6
  * suma-storage: handle /var/spacewalk correctly. (bsc#1172838)

  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1707-1
Released:    Tue Jun 23 10:02:48 2020
Summary:     Recommended update for gnu-free-fonts
Type:        recommended
Severity:    moderate
References:  1170856
This update for gnu-free-fonts fixes the following issue:

- Fix building with fontforge 20190801. (bsc#1170856)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1727-1
Released:    Tue Jun 23 15:33:07 2020
Summary:     Recommended update for python3-gcemetadata
Type:        recommended
Severity:    moderate
References:  1173136
This update for python3-gcemetadata fixes the following issues:

Update to version 1.0.4 (bsc#1173136)

- Fixed typo, missing '=' for 'identity' option in processed command
  line options causes mis-identification of instance as missing identity
  data access

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1730-1
Released:    Wed Jun 24 09:41:15 2020
Summary:     Security update for libssh2_org
Type:        security
Severity:    moderate
References:  1154862,CVE-2019-17498
This update for libssh2_org fixes the following issue:

- CVE-2019-17498: Fixed an integer overflow in a bounds check that might have led to the disclosure of sensitive information or a denial of service (bsc#1154862).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1771-1
Released:    Fri Jun 26 08:04:23 2020
Summary:     Security update for mutt
Type:        security
Severity:    important
References:  1172906,1172935,1173197,CVE-2020-14093,CVE-2020-14154,CVE-2020-14954
This update for mutt fixes the following issues:

- CVE-2020-14954: Fixed a response injection due to a STARTTLS buffering issue which was 
  affecting IMAP, SMTP, and POP3 (bsc#1173197).
- CVE-2020-14093: Fixed a potential IMAP Man-in-the-Middle attack via a PREAUTH response (bsc#1172906, bsc#1172935).
- CVE-2020-14154: Fixed an issue where Mutt was ignoring an expired certificate and was 
  proceeding with a connection (bsc#1172906, bsc#1172935). 

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1772-1
Released:    Fri Jun 26 08:05:06 2020
Summary:     Security update for unbound
Type:        security
Severity:    important
References:  1157268,1171889,CVE-2019-18934,CVE-2020-12662,CVE-2020-12663
This update for unbound fixes the following issues:

- CVE-2020-12662: Fixed an issue where unbound could have been tricked into amplifying 
  an incoming query into a large number of queries directed to a target (bsc#1171889).
- CVE-2020-12663: Fixed an issue where malformed answers from upstream name servers 
  could have been used to make unbound unresponsive (bsc#1171889).	  
- CVE-2019-18934: Fixed a vulnerability in the IPSec module which could have allowed 
  code execution after receiving a special crafted answer (bsc#1157268).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1785-1
Released:    Fri Jun 26 09:26:09 2020
Summary:     Recommended update for perl-TimeDate
Type:        recommended
Severity:    moderate
References:  1172834
This update for perl-TimeDate fixes the following issue:

- Parse out the century if specified (strptime). (bsc#1172834)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1801-1
Released:    Tue Jun 30 13:07:01 2020
Summary:     Recommended update for zeromq
Type:        recommended
Severity:    low
References:  1171566

This update of zeromq fixes the following issue.

- the libzmq5-32bit package is shipped on x86_64 platforms. (bsc#1171566)
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1802-1
Released:    Tue Jun 30 13:15:44 2020
Summary:     Recommended update for ucode-intel
Type:        recommended
Severity:    moderate
References:  1172466,1172856
This update for ucode-intel fixes the following issues:

Updated Intel CPU Microcode to 20200616 official release (bsc#1172856)

- revert 06-4e-03 Skylake U/Y, U23e ucode back to 000000d6 release
- revert 06-5e-03 Skylake H/S ucode back to 000000d6 release,
  as both cause stability issues.  (bsc#1172856)

Updated Intel CPU Microcode to 20200609 official release (bsc#1172466)

- no changes to 20200602 prerelease

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1823-1
Released:    Thu Jul  2 11:32:22 2020
Summary:     Security update for ntp
Type:        security
Severity:    moderate
References:  1125401,1169740,1171355,1172651,1173334,992038,CVE-2018-8956,CVE-2020-11868,CVE-2020-13817,CVE-2020-15025
This update for ntp fixes the following issues:

ntp was updated to 4.2.8p15

- CVE-2020-11868: Fixed an issue which a server mode packet with spoofed source address 
  frequently send to the client ntpd could have caused denial of service (bsc#1169740).
- CVE-2018-8956: Fixed an issue which could have allowed remote attackers to prevent 
  a broadcast client from synchronizing its clock with a broadcast NTP server via spoofed 
  mode 3 and mode 5 packets (bsc#1171355).
- CVE-2020-13817: Fixed an issue which an off-path attacker with the ability to query time 
  from victim's ntpd instance could have modified the victim's clock by a limited amount (bsc#1172651).
- CVE-2020-15025: Fixed an issue which remote attacker could have caused denial of service by consuming 
  the memory when a CMAC key was used andassociated with a CMAC algorithm in the ntp.keys (bsc#1173334).
- Removed an OpenSSL version warning (bsc#992038 and bsc#1125401).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1852-1
Released:    Mon Jul  6 16:50:23 2020
Summary:     Recommended update for fontforge, ghostscript-fonts, ttf-converter, xorg-x11-fonts
Type:        recommended
Severity:    moderate
References:  1169444
This update for fontforge, ghostscript-fonts, ttf-converter, xorg-x11-fonts fixes the following issues:

Changes in fontforge:

- Support transforming bitmap glyphs from python. (bsc#1169444)
- Allow python-Sphinx >= 3

Changes in ttf-converter:

- Update from version 1.0 to version 1.0.6:
  * ftdump is now shipped additionally as new dependency for ttf-converter
  * Standardize output when converting vector and bitmap fonts
  * Add more subfamilies fixes (bsc#1169444)
  * Add --family and --subfamily arguments to force values on those fields
  * Add parameters to fix glyph unicode values
    --fix-glyph-unicode : Try to fix unicode points and glyph names
      based on glyph names containing hexadecimal codes (like
      '$0C00', 'char12345' or 'uni004F')
    
    --replace-unicode-values: When passed 2 comma separated numbers
      a,b the glyph with an unicode value of a is replaced with the
      unicode value b. Can be used more than once.

    --shift-unicode-values: When passed 3 comma separated numbers
      a,b,c this shifts the unicode values of glyphs between a and b
      (both included) by adding c. Can be used more than once.
  * Add --bitmapTransform parameter to transform bitmap glyphs. (bsc#1169444)
    When used, all glyphs are modified with the transformation function and
    values passed as parameters. The parameter has three values separated by 
    commas: fliph|flipv|rotate90cw|rotate90ccw|rotate180|skew|transmove,xoff,yoff
  * Add support to convert bitmap fonts (bsc#1169444)
  * Rename MediumItalic subfamily to Medium Italic
  * Show some more information when removing duplicated glyphs
  * Add a --force-monospaced argument instead of hardcoding font names
  * Convert `BoldCond` subfamily to `Bold Condensed`
  * Fixes for Monospaced fonts and force the Nimbus Mono L font to be Monospaced. (bsc#1169444 #c41)
  * Add a --version argument
  * Fix subfamily names so the converted font's subfamily match the original ones. (bsc#1169444 #c41)

Changes in xorg-x11-fonts:

- Use ttf-converter 1.0.6 to build an Italic version of cu12.pcf.gz in the converted subpackage
- Include the subfamily in the filename of converted fonts
- Use ttf-converter's new bitmap font support to convert Schumacher Clean and Schumacher Clean Wide (bsc#1169444 #c41)
- Replace some unicode values in cu-pua12.pcf.gz to fix them
- Shift some unicode values in arabic24.pcf.gz and cuarabic12.pcf.gz so glyphs 
  don't pretend to be latin characters when they're not.
- Don't distribute converted fonts with wrong unicode values in their glyphs. (bsc#1169444)
  Bitstream-Charter-*.otb, Cursor.ttf,Sun-OPEN-LOOK-*.otb, MUTT-ClearlyU-Devangari-Extra-Regular, 
  MUTT-ClearlyU-Ligature-Wide-Regular, and MUTT-ClearlyU-Devanagari-Regular

Changes in ghostscript-fonts:

- Force the converted Nimbus Mono font to be monospaced. (bsc#1169444 #c41) 
  Use the --force-monospaced argument of ttf-converter 1.0.3

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1870-1
Released:    Tue Jul  7 15:13:13 2020
Summary:     Recommended update for llvm9
Type:        recommended
Severity:    moderate
References:  1173202
This update for llvm9 fixes the following issues:

- Fix miscompilations with rustc 1.43 that lead to LTO failures (bsc#1173202)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1871-1
Released:    Tue Jul  7 15:14:11 2020
Summary:     Recommended update for llvm7
Type:        recommended
Severity:    moderate
References:  1173202
This update for llvm7 fixes the following issues:

- Fix miscompilations with rustc 1.43 that lead to LTO failures (bsc#1173202)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1885-1
Released:    Fri Jul 10 14:54:22 2020
Summary:     Recommended update for cloud-init
Type:        recommended
Severity:    moderate
References:  1170154,1171546,1171995
This update for cloud-init contains the following fixes:

- rsyslog warning, '~' is deprecated: (bsc#1170154)
  + replace deprecated syntax '& ~' by '& stop' for more information please
    see https://www.rsyslog.com/rsyslog-error-2307/.

  + Explicitly test for netconfig version 1 as well as 2.

  + Handle netconfig v2 device configurations (bsc#1171546, bsc#1171995)

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2020:1894-1
Released:    Mon Jul 13 10:40:16 2020
Summary:     Optional update for python-Cerberus
Type:        optional
Severity:    moderate
References:  1121858,1173465
This update for python-Cerberus fixes the following issues:

- Update to version 1.3.2
  * includes various features and improvements - please refer to the changelog for a detailed
    technical list of changes
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1903-1
Released:    Tue Jul 14 15:46:28 2020
Summary:     Recommended update for lifecycle-data-sle-module-desktop-productivity
Type:        recommended
Severity:    moderate
References:  1173407
This update for lifecycle-data-sle-module-desktop-productivity fixes the following issues:

- Update lifecycle data, most of python2 is now in its own module. (bsc#1173407)
- Ensure package is installed with its corresponding module when lifecycle package is installed. (bsc#1173407)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1905-1
Released:    Tue Jul 14 15:56:17 2020
Summary:     Recommended update for lifecycle-data-sle-module-basesystem
Type:        recommended
Severity:    moderate
References:  1173407
This update for lifecycle-data-sle-module-basesystem fixes the following issues:

- Update lifecycle data, most of python2 is now in its own module. (bsc#1173407)
- Ensure package is installed with its corresponding module when lifecycle package is installed. (bsc#1173407)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1906-1
Released:    Tue Jul 14 15:58:16 2020
Summary:     Recommended update for lifecycle-data-sle-module-development-tools
Type:        recommended
Severity:    moderate
References:  1173407
This update for lifecycle-data-sle-module-development-tools fixes the following issue:

- Ensure package is installed with its corresponding module when lifecycle package is installed. (bsc#1173407)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1907-1
Released:    Tue Jul 14 16:01:25 2020
Summary:     Recommended update for lifecycle-data-sle-module-hpc
Type:        recommended
Severity:    moderate
References:  1173407
This update for lifecycle-data-sle-module-hpc fixes the following issues:

- Update lifecycle data, most of python2 is now in its own module. (bsc#1173407)
- Ensure package is installed with its corresponding module when lifecycle package is installed. (bsc#1173407)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1908-1
Released:    Tue Jul 14 16:03:22 2020
Summary:     Recommended update for lifecycle-data-sle-module-server-applications
Type:        recommended
Severity:    moderate
References:  1173407
This update for lifecycle-data-sle-module-server-applications fixes the following issues:

- Update lifecycle data, no python2 module are shipped in this module. (bsc#1173407)
- Ensure package is installed with its corresponding module when lifecycle package is installed. (bsc#1173407)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1909-1
Released:    Tue Jul 14 16:05:26 2020
Summary:     Recommended update for lifecycle-data-sle-module-desktop-applications
Type:        recommended
Severity:    moderate
References:  1173407
This update for lifecycle-data-sle-module-desktop-applications fixes the following issues:

- Update lifecycle data, all python2 packages in desktop applications module are in python2 module. (bsc#1173407)
- Ensure package is installed with its corresponding module when lifecycle package is installed. (bsc#1173407)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1919-1
Released:    Wed Jul 15 10:56:06 2020
Summary:     Security update for rubygem-puma
Type:        security
Severity:    moderate
References:  1172175,1172176,CVE-2020-11076,CVE-2020-11077
This update for rubygem-puma to version 4.3.5 fixes the following issues:

- CVE-2020-11077: Fixed a HTTP smuggling issue related to proxy usage (bsc#1172175).
- CVE-2020-11076: Fixed a HTTP smuggling issue when using an invalid transfer-encoding header (bsc#1172176).
- Disabled TLSv1.0 and TLSv1.1 (jsc#SLE-6965).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1930-1
Released:    Wed Jul 15 15:05:07 2020
Summary:     Security update for openconnect
Type:        security
Severity:    moderate
References:  1171862,CVE-2020-12823
This update for openconnect fixes the following issues:
	  
- CVE-2020-12823: Fixed a buffer overflow via crafted certificate data which could have led to denial of service (bsc#1171862).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1931-1
Released:    Wed Jul 15 15:05:43 2020
Summary:     Security update for openexr
Type:        security
Severity:    moderate
References:  1173466,1173467,1173469,CVE-2020-15304,CVE-2020-15305,CVE-2020-15306
This update for openexr fixes the following issues:

- CVE-2020-15304: Fixed a NULL pointer dereference in TiledInputFile:TiledInputFile() (bsc#1173466).
- CVE-2020-15305: Fixed a use-after-free in DeepScanLineInputFile:DeepScanLineInputFile() (bsc#1173467).
- CVE-2020-15306: Fixed a heap buffer overflow in getChunkOffsetTableSize() (bsc#1173469).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1934-1
Released:    Wed Jul 15 15:07:30 2020
Summary:     Security update for google-compute-engine
Type:        security
Severity:    important
References:  1169978,1173258,CVE-2020-8903,CVE-2020-8907,CVE-2020-8933
This update for google-compute-engine fixes the following issues:

- Don't enable and start google-network-daemon.service when it's
  already installed (bsc#1169978)

  + Do not add the created user to the adm (CVE-2020-8903),
    docker (CVE-2020-8907), or lxd (CVE-2020-8933) groups
    if they exist (bsc#1173258)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1935-1
Released:    Wed Jul 15 16:25:57 2020
Summary:     Recommended update for azure-li-services
Type:        recommended
Severity:    moderate
References:  
This update for azure-li-services fixes the following issues:

- Update the motd to reflect the new link for the SUSE forums.
- Add prometheus monitoring modules. (jsc#SLE-10545, jsc#SLE-10902, jsc#SLE-10903, jsc#ECO-817, jsc#ECO-818.
- Added devel package auto submission
- Deployment of HANA Scale-up Performance Optimized Scenario from Salt. (jsc#SLE-11453)
- Automate setup of DRBD NFS-Share in SALT and Terraform. (jsc#SLE-11454)
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1944-1
Released:    Fri Jul 17 13:50:40 2020
Summary:     Security update for ant
Type:        security
Severity:    moderate
References:  1171696,CVE-2020-1945
This update for ant fixes the following issues:

- CVE-2020-1945: Fixed an inseure temorary file vulnerability which could have potentially leaked sensitive information (bsc#1171696).	  

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1954-1
Released:    Sat Jul 18 03:07:15 2020
Summary:     Recommended update for cracklib
Type:        recommended
Severity:    moderate
References:  1172396
This update for cracklib fixes the following issues:

- Fixed a buffer overflow when processing long words.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1979-1
Released:    Tue Jul 21 02:41:47 2020
Summary:     Recommended update for golang-github-prometheus-node_exporter
Type:        recommended
Severity:    moderate
References:  1143913
This update for golang-github-prometheus-node_exporter fixes the following issues:

- Update from version 0.17.0 to version 0.18.1 (jsc#ECO-2110)
0.18.1 / 2019-06-04
  * [BUGFIX] Fix incorrect sysctl call in BSD meminfo collector, resulting in broken swap metrics on FreeBSD
  * [BUGFIX] Fix rollover bug in mountstats collector
0.18.0 / 2019-05-09
  * Renamed interface label to device in netclass collector for consistency with other network metrics
  * The cpufreq metrics now separate the cpufreq and scaling data based on what the driver provides.
  * The labels for the network_up metric have changed
  * Bonding collector now uses mii_status instead of operstatus
  * Several systemd metrics have been turned off by default to improve performance
  * These include unit_tasks_current, unit_tasks_max, service_restart_total, and unit_start_time_seconds
  * The systemd collector blacklist now includes automount, device, mount, and slice units by default.
  * [CHANGE] Bonding state uses mii_status
  * [CHANGE] Add a limit to the number of in-flight requests
  * [CHANGE] Renamed interface label to device in netclass collector
  * [CHANGE] Add separate cpufreq and scaling metrics
  * [CHANGE] Several systemd metrics have been turned off by default to improve performance
  * [CHANGE] Expand systemd collector blacklist
  * [CHANGE] Split cpufreq metrics into a separate collector
  * [FEATURE] Add a flag to disable exporter metrics
  * [FEATURE] Add kstat-based Solaris metrics for boottime, cpu and zfs collectors
  * [FEATURE] Add uname collector for FreeBSD
  * [FEATURE] Add diskstats collector for OpenBSD
  * [FEATURE] Add pressure collector exposing pressure stall information for Linux
  * [FEATURE] Add perf exporter for Linux
  * [ENHANCEMENT] Add Infiniband counters
  * [ENHANCEMENT] Add TCPSynRetrans to netstat default filter
  * [ENHANCEMENT] Move network_up labels into new metric network_info
  * [ENHANCEMENT] Use 64-bit counters for Darwin netstat
  * [BUGFIX] Add fallback for missing /proc/1/mounts
  * [BUGFIX] Fix node_textfile_mtime_seconds to work properly on symlinks
- Add network-online (Wants and After) dependency to systemd unit. (bsc#1143913)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1983-1
Released:    Tue Jul 21 08:31:44 2020
Summary:     Security update for tomcat
Type:        security
Severity:    important
References:  1173389,CVE-2020-11996
This update for tomcat fixes the following issues:
	  
Tomcat was updated to 9.0.36 See changelog at

- CVE-2020-11996: Fixed an issue which by sending a specially crafted sequence of HTTP/2 requests could have triggered high CPU
  usage for several seconds making potentially the server unresponsive (bsc#1173389).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1986-1
Released:    Tue Jul 21 16:06:29 2020
Summary:     Recommended update for openvswitch
Type:        recommended
Severity:    moderate
References:  1172861,1172929
This update for openvswitch fixes the following issues:

- Preserve the old default OVS_USER_ID for users that removed the override at /etc/sysconfig/openvswitch. (bsc#1172861)
- Fix possible changes of openvswitch configuration during upgrades. (bsc#1172929)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2000-1
Released:    Wed Jul 22 09:04:41 2020
Summary:     Recommended update for efivar
Type:        recommended
Severity:    important
References:  1100077,1101023,1120862,1127544
This update for efivar fixes the following issues:

- fix logic that checks for UCS-2 string termination (bsc#1127544)
- fix casting of IPv4 addresses
- Don't require an EUI for NVMe (bsc#1100077)
- Add support for ACPI Generic Container and Embedded Controller root nodes (bsc#1101023)
- fix for compilation failures bsc#1120862

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2002-1
Released:    Wed Jul 22 09:43:24 2020
Summary:     Recommended update for lifecycle-data-sle-module-live-patching
Type:        recommended
Severity:    moderate
References:  1020320
This update for lifecycle-data-sle-module-live-patching fixes the following issues:

- Live kernel patching update data for 4_12_14-150_52, 4_12_14-197_45. (bsc#1020320)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2006-1
Released:    Wed Jul 22 16:00:52 2020
Summary:     Recommended update for postgresql, postgresql12
Type:        recommended
Severity:    moderate
References:  1148643,1171924
This update for postgresql, postgresql12 fixes the following issues:

Postgresql12 was updated to 12.3 (bsc#1171924).

- https://www.postgresql.org/about/news/2038/
- https://www.postgresql.org/docs/12/release-12-3.html

- Let postgresqlXX conflict with postgresql-noarch < 12.0.1 to get
  a clean and complete cutover to the new packaging schema.

Also changed in the postgresql wrapper package:

- Bump version to 12.0.1, so that the binary packages also have
  a cut-point to conflict with.

- Conflict with versions of the binary packages prior to the
  May 2020 update, because we changed the package layout at that
  point and need a clean cutover.

- Bump package version to 12, but leave default at 10 for
  SLE-15 and SLE-15-SP1.



-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:2025-1
Released:    Thu Jul 23 13:32:32 2020
Summary:     Security update for perl-YAML-LibYAML
Type:        security
Severity:    moderate
References:  1173703
This update for perl-YAML-LibYAML fixes the following issues:

perl-YAML-LibYAML was updated to 0.69: [bsc#1173703]

* Security fix: Add $LoadBlessed option to turn on/off loading objects:
  Default is set to true. Note that, the behavior is unchanged.
* Clarify documentation about exported functions
* Dump() was modifying original data, adding a PV to numbers
* Support standard tags !!str, !!map and !!seq instead of dying.
* Support JSON::PP::Boolean and boolean.pm via $YAML::XS::Boolean.
* Fix regex roundtrip. Fix loading of many regexes.


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:2029-1
Released:    Thu Jul 23 13:50:04 2020
Summary:     Security update for libraw
Type:        security
Severity:    moderate
References:  1173674,CVE-2020-15503
This update for libraw fixes the following issues:

- security update
- added patches
  fix CVE-2020-15503 [bsc#1173674], lack of thumbnail size range check can lead to buffer overflow
  + libraw-CVE-2020-15503.patch

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2042-1
Released:    Fri Jul 24 13:59:31 2020
Summary:     Recommended update for SAPHanaSR
Type:        recommended
Severity:    moderate
References:  1173581
This update for SAPHanaSR fixes the following issues:

- Fix for log empty site names, but do not generate bad formatted cluster attribute name. (bsc#1173581)
- Fix for documentation of some parameter defaults.
- Adjust start/stop/promote/monitor action timeouts to match official recommendations.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:2047-1
Released:    Fri Jul 24 14:09:14 2020
Summary:     Security update for tomcat
Type:        security
Severity:    important
References:  1174117,1174121,CVE-2020-13934,CVE-2020-13935
This update for tomcat fixes the following issues:

- Fixed CVEs:
  * CVE-2020-13934 (bsc#1174121)
  * CVE-2020-13935 (bsc#1174117)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2071-1
Released:    Wed Jul 29 12:47:19 2020
Summary:     Recommended update for sapconf
Type:        recommended
Severity:    moderate
References:  1124453,1139176,1150868,1150870,1166925,1168067,1168840
This update for sapconf fixes the following issues:

- Check the values of the 'vm.dirty_*' settings to be in a valid range before activating or restoring these system values. (bsc#1168067)
- Add a logrotate drop-in file for sapconf to control the size of the logfile. (bsc#1166925)
- Implement and use the system wide security limits. (bsc#1168840)
- Add support multi-queued scheduler for block devices. (jsc#SLE-11141, jsc#SLE-11144)
- Remove usage of tuned from sapconf (jsc#SLE-10986, jsc#SLE-10989):
  - Only ONE configuration file for sapconf
  - All parameters of the tuned profile defined in tuned.conf sapconf
  - Implement Switching a sapconf profile.
  - Prevent sapconf related tuned error messages by turning off tuned in the preinstall phase and  removing the 'active' sapconf profile.
- If sapconf detects an improper tuned profile during start notes that the log, fails the start deliberatly and guides the administrator to the problem. (bsc#1139176)
- Use absolute path in the configuration file. (bsc#1124453)
- Replace the delimiter for a sed command in postinstall script, because of conflicts with rpm macros. (bsc#1150868, bsc#1150870)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2080-1
Released:    Wed Jul 29 20:09:09 2020
Summary:     Recommended update for libtool
Type:        recommended
Severity:    moderate
References:  1171566

This update for libtool provides missing the libltdl 32bit library. (bsc#1171566)
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2082-1
Released:    Thu Jul 30 09:49:35 2020
Summary:     Recommended update for google-guest-agent, google-guest-configs, and google-guest-oslogin
Type:        recommended
Severity:    moderate
References:  1174304,1174306
The python based packages google-compute-engine-init and google-compute-engine-oslogin were deprecated
and are now replaced by the new Go based packages google-guest-agent, google-guest-configs, and google-guest-oslogin (jsc#ECO-2099)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2083-1
Released:    Thu Jul 30 10:27:59 2020
Summary:     Recommended update for diffutils
Type:        recommended
Severity:    moderate
References:  1156913
This update for diffutils fixes the following issue:

- Disable a sporadically failing test for ppc64 and ppc64le builds. (bsc#1156913)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2091-1
Released:    Thu Jul 30 14:55:00 2020
Summary:     Recommended update for python-kiwi
Type:        recommended
Severity:    moderate
References:  1156677,1168973,1172928
This update for python-kiwi fixes the following issues:

- Fixed checking for root device in grub config. (bsc#1172928)
- Fix for conflicting files of man-pages between different versions. (bsc#1168973, bsc#1156677)
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2093-1
Released:    Thu Jul 30 14:57:24 2020
Summary:     Recommended update for tftpboot-installation-common
Type:        recommended
Severity:    low
References:  1172161
This update for tftpboot-installation-common fixes the following issues:

- Fix typo in service file. (bsc#1172161)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:2095-1
Released:    Thu Jul 30 17:10:15 2020
Summary:     Security update for ghostscript
Type:        security
Severity:    important
References:  1174415,CVE-2020-15900
This update for ghostscript fixes the following issues:

- fixed CVE-2020-15900 Memory Corruption (SAFER Sandbox Breakout)
  cf. https://bugs.ghostscript.com/show_bug.cgi?id=702582
  (bsc#1174415)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2115-1
Released:    Tue Aug  4 12:12:10 2020
Summary:     Recommended update for opus
Type:        recommended
Severity:    moderate
References:  1172526
This update for opus fixes the following issues:

- Fix for an issue when the 'CELTDecoder' can be larger than 21 and cauese crash by builds with custom modes or hardening. (bsc#1172526)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:2116-1
Released:    Tue Aug  4 15:12:41 2020
Summary:     Security update for libX11
Type:        security
Severity:    important
References:  1174628,CVE-2020-14344
This update for libX11 fixes the following issues:

- Fixed XIM client heap overflows (CVE-2020-14344, bsc#1174628)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2126-1
Released:    Wed Aug  5 09:26:46 2020
Summary:     Recommended update for cloud-regionsrv-client
Type:        recommended
Severity:    moderate
References:  1173474,1173475
This update for cloud-regionsrv-client fixes the following issues:

- Introduce containerbuild-regionsrv service to allow container building tools to access
  required data for accessing Public Cloud RMTs (bsc#1173474, bsc#1173475)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2127-1
Released:    Wed Aug  5 10:28:23 2020
Summary:     Recommended update for python-azure-agent
Type:        recommended
Severity:    important
References:  1173866
This update for python-azure-agent fixes the following issues:

- Properly set the DHCP configuration to push the hostname to the DHCP server. (bsc#1173866)
- Do not bring the interface down to push the hostname, just use 'ifup'. (bsc#1173866)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2128-1
Released:    Wed Aug  5 10:28:47 2020
Summary:     Recommended update for cryptctl
Type:        recommended
Severity:    moderate
References:  

cryptctl was updated to fix the following issue

- crypto is shipped into the Basesystem module. (ECO-2067)
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2130-1
Released:    Wed Aug  5 13:01:43 2020
Summary:     Recommended update for aws-iam-authenticator, cni, cni-plugins
Type:        recommended
Severity:    moderate
References:  1098521


This update ships initial versions of the aws-iam-authenticator, cni, cni-plugins packages to the Public Cloud module. (jsc#PM-1449, jsc#SLE-10777, bsc#1098521)

This provides support for Amazon EKS.


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:2142-1
Released:    Thu Aug  6 11:05:34 2020
Summary:     Security update for xrdp
Type:        security
Severity:    important
References:  1173580,CVE-2020-4044
This update for xrdp fixes the following issues:

- Update to version 0.9.13.1
  + This is a security fix release that includes fixes for the
    following local buffer overflow vulnerability (bsc#1173580): CVE-2020-4044

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:2143-1
Released:    Thu Aug  6 11:06:49 2020
Summary:     Security update for java-11-openjdk
Type:        security
Severity:    important
References:  1174157,CVE-2020-14556,CVE-2020-14562,CVE-2020-14573,CVE-2020-14577,CVE-2020-14581,CVE-2020-14583,CVE-2020-14593,CVE-2020-14621
This update for java-11-openjdk fixes the following issues:

- Update to upstream tag jdk-11.0.8+10 (July 2020 CPU, bsc#1174157)
  * Security fixes:
    + JDK-8230613: Better ASCII conversions
    + JDK-8231800: Better listing of arrays
    + JDK-8232014: Expand DTD support
    + JDK-8233234: Better Zip Naming
    + JDK-8233239, CVE-2020-14562: Enhance TIFF support
    + JDK-8233255: Better Swing Buttons
    + JDK-8234032: Improve basic calendar services
    + JDK-8234042: Better factory production of certificates
    + JDK-8234418: Better parsing with CertificateFactory
    + JDK-8234836: Improve serialization handling
    + JDK-8236191: Enhance OID processing
    + JDK-8236867, CVE-2020-14573: Enhance Graal interface handling
    + JDK-8237117, CVE-2020-14556: Better ForkJoinPool behavior
    + JDK-8237592, CVE-2020-14577: Enhance certificate verification
    + JDK-8238002, CVE-2020-14581: Better matrix operations
    + JDK-8238013: Enhance String writing
    + JDK-8238804: Enhance key handling process
    + JDK-8238842: AIOOBE in GIFImageReader.initializeStringTable
    + JDK-8238843: Enhanced font handing
    + JDK-8238920, CVE-2020-14583: Better Buffer support
    + JDK-8238925: Enhance WAV file playback
    + JDK-8240119, CVE-2020-14593: Less Affine Transformations
    + JDK-8240482: Improved WAV file playback
    + JDK-8241379: Update JCEKS support
    + JDK-8241522: Manifest improved jar headers redux
    + JDK-8242136, CVE-2020-14621: Better XML namespace handling
  * Other changes:
    + JDK-6933331: (d3d/ogl) java.lang.IllegalStateException:
      Buffers have not been created
    + JDK-7124307: JSpinner and changing value by mouse
    + JDK-8022574: remove HaltNode code after uncommon trap calls
    + JDK-8039082: [TEST_BUG] Test
      java/awt/dnd/BadSerializationTest/BadSerializationTest.java
      fails
    + JDK-8040630: Popup menus and tooltips flicker with previous
       popup contents when first shown
    + JDK-8044365: (dc) MulticastSendReceiveTests.java failing with
      ENOMEM when joining group (OS X 10.9)
    + JDK-8048215: [TESTBUG]
      java/lang/management/ManagementFactory/ThreadMXBeanProxy.java
       Expected non-null LockInfo
    + JDK-8051349: nsk/jvmti/scenarios/sampling/SP06/sp06t003 fails
      in nightly
    + JDK-8080353: JShell: Better error message on attempting to
       add default method
    + JDK-8139876: Exclude hanging nsk/stress/stack from execution
      with deoptimization enabled
    + JDK-8146090: java/lang/ref/ReachabilityFenceTest.java fails
       with -XX:+DeoptimizeALot
    + JDK-8153430: jdk regression test MletParserLocaleTest,
       ParserInfiniteLoopTest reduce default timeout
    + JDK-8156207: Resource allocated BitMaps are often cleared
      unnecessarily
    + JDK-8159740: JShell: corralled declarations do not have
      correct source to wrapper mapping
    + JDK-8175984: ICC_Profile has un-needed, not-empty finalize
      method
    + JDK-8176359: Frame#setMaximizedbounds not working properly in
       multi screen environments
    + JDK-8183369: RFC unconformity of HttpURLConnection with proxy
    + JDK-8187078: -XX:+VerifyOops finds numerous problems when
       running JPRT
    + JDK-8189861: Refactor CacheFind
    + JDK-8191169: java/net/Authenticator/B4769350.java failed
      intermittently
    + JDK-8191930: [Graal] emits unparseable XML into compile log
    + JDK-8193879: Java debugger hangs on method invocation
    + JDK-8196019: java/awt/Window/Grab/GrabTest.java fails on
      Windows
    + JDK-8196181: sun/java2d/GdiRendering/InsetClipping.java fails
    + JDK-8198000:
      java/awt/List/EmptyListEventTest/EmptyListEventTest.java
      debug assert on Windows
    + JDK-8198001: java/awt/Menu/WrongParentAfterRemoveMenu/
      /WrongParentAfterRemoveMenu.java debug assert on Windows
    + JDK-8198339: Test javax/swing/border/Test6981576.java is
      unstable
    + JDK-8200701: jdk/jshell/ExceptionsTest.java fails on Windows,
      after JDK-8198801
    + JDK-8203264: JNI exception pending in
      PlainDatagramSocketImpl.c:740
    + JDK-8203672: JNI exception pending in PlainSocketImpl.c
    + JDK-8203673: JNI exception pending in
      DualStackPlainDatagramSocketImpl.c:398
    + JDK-8204834: Fix confusing 'allocate' naming in OopStorage
    + JDK-8205399: Set node color on pinned HashMap.TreeNode
      deletion
    + JDK-8205653: test/jdk/sun/management/jmxremote/bootstrap/
      /RmiRegistrySslTest.java and RmiSslBootstrapTest.sh fail with
      handshake_failure
    + JDK-8206179: com/sun/management/OperatingSystemMXBean/
      /GetCommittedVirtualMemorySize.java fails with Committed
      virtual memory size illegal value
    + JDK-8207334: VM times out in VM_HandshakeAllThreads::doit()
      with RunThese30M
    + JDK-8208277: Code cache heap (-XX:ReservedCodeCacheSize)
      doesn't work with 1GB LargePages

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:2144-1
Released:    Thu Aug  6 11:07:58 2020
Summary:     Security update for wireshark
Type:        security
Severity:    moderate
References:  1169063,1171899,1173606,CVE-2020-11647,CVE-2020-13164,CVE-2020-15466
This update for wireshark fixes the following issues:

- Wireshark to 3.2.5:
  * CVE-2020-15466: GVCP dissector infinite loop (bsc#1173606)
  * CVE-2020-13164: NFS dissector crash (bsc#1171899)
  * CVE-2020-11647: The BACapp dissector could crash (bsc#1169063)
- Further features, bug fixes and updated protocol support as listed in:
  https://www.wireshark.org/docs/relnotes/wireshark-3.2.5.html

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:2147-1
Released:    Thu Aug  6 13:36:01 2020
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    important
References:  1171433,1174538,CVE-2020-15652,CVE-2020-15653,CVE-2020-15654,CVE-2020-15655,CVE-2020-15656,CVE-2020-15657,CVE-2020-15658,CVE-2020-15659,CVE-2020-6463,CVE-2020-6514
This update for MozillaFirefox fixes the following issues:

This update for MozillaFirefox and pipewire fixes the following issues:

MozillaFirefox Extended Support Release 78.1.0 ESR

* Fixed: Various stability, functionality, and security fixes (bsc#1174538)
* CVE-2020-15652: Potential leak of redirect targets when loading scripts in a worker
* CVE-2020-6514: WebRTC data channel leaks internal address to peer
* CVE-2020-15655: Extension APIs could be used to bypass Same-Origin Policy
* CVE-2020-15653: Bypassing iframe sandbox when allowing popups
* CVE-2020-6463: Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture
* CVE-2020-15656: Type confusion for special arguments in IonMonkey
* CVE-2020-15658: Overriding file type when saving to disk
* CVE-2020-15657: DLL hijacking due to incorrect loading path
* CVE-2020-15654: Custom cursor can overlay user interface
* CVE-2020-15659: Memory safety bugs fixed in Firefox 79 and Firefox ESR 78.1

pipewire was updated to version 0.3.6 (bsc#1171433, jsc#ECO-2308):

* Extensive memory leak fixing and stress testing was done.
  A big leak in screen sharing with DMA-BUF was fixed.
* Compile fixes
* Stability improvements in jack and pulseaudio layers.
* Added the old portal module to make the Camera portal
  work again. This will be moved to the session manager in
  future versions.
* Improvements to the GStreamer source and sink shutdown.
* Fix compatibility with v2 clients again when negotiating
  buffers.


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2148-1
Released:    Thu Aug  6 13:36:17 2020
Summary:     Recommended update for ca-certificates-mozilla
Type:        recommended
Severity:    important
References:  1174673
This update for ca-certificates-mozilla fixes the following issues:

Update to 2.42 state of the Mozilla NSS Certificate store (bsc#1174673)

Removed CAs:

  * AddTrust External CA Root
  * AddTrust Class 1 CA Root
  * LuxTrust Global Root 2
  * Staat der Nederlanden Root CA - G2
  * Symantec Class 1 Public Primary Certification Authority - G4
  * Symantec Class 2 Public Primary Certification Authority - G4
  * VeriSign Class 3 Public Primary Certification Authority - G3

Added CAs:

  * certSIGN Root CA G2
  * e-Szigno Root CA 2017
  * Microsoft ECC Root Certificate Authority 2017
  * Microsoft RSA Root Certificate Authority 2017

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:2172-1
Released:    Fri Aug  7 16:11:00 2020
Summary:     Security update for perl-XML-Twig
Type:        security
Severity:    moderate
References:  1008644,CVE-2016-9180
This update for perl-XML-Twig fixes the following issues:

- Security fix [bsc#1008644, CVE-2016-9180]
  * Setting expand_external_ents to 0 or -1 currently doesn't work
    as expected; To completely turn off expanding external entities
    use no_xxe.
  * Update documentation for XML::Twig to mention problems with
    expand_external_ents and add information about new no_xxe argument

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:2197-1
Released:    Tue Aug 11 13:32:49 2020
Summary:     Security update for libX11
Type:        security
Severity:    important
References:  1174628,CVE-2020-14344
This update for libX11 fixes the following issues:

- Fixed XIM client heap overflows (CVE-2020-14344, bsc#1174628).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2210-1
Released:    Wed Aug 12 06:24:02 2020
Summary:     Recommended update for osc
Type:        recommended
Severity:    moderate
References:  1173926
This update for osc fixes the following issues:

- Fix for performance issues by assuming utf-8 or latin-1 as default, and speed up decoding. (bsc#1173926)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2219-1
Released:    Wed Aug 12 15:47:42 2020
Summary:     Recommended update for supportutils-plugin-suse-public-cloud and python3-azuremetadata
Type:        recommended
Severity:    moderate
References:  1170475,1170476,1173238,1173240,1173357,1174618,1174847
This update for supportutils-plugin-suse-public-cloud and python3-azuremetadata fixes the following issues:

supportutils-plugin-suse-public-cloud:

- Fixes an error when supportutils-plugin-suse-public-cloud and supportutils-plugin-salt
  are installed at the same time (bsc#1174618)
- Sensitive information like credentials (such as access keys) will be removed when the
  metadata is being collected (bsc#1170475, bsc#1170476)

python3-azuremetadata:

- Added latest support for `--listapis` and `--api` (bsc#1173238, bsc#1173240)
- Detects when the VM is running in ASM (Azure Classic) and does now handle the condition
  to generate the data without requiring access to the full IMDS available, only in ARM
  instances (bsc#1173357, bsc#1174847)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2220-1
Released:    Wed Aug 12 16:23:08 2020
Summary:     Recommended update for hawk2
Type:        recommended
Severity:    moderate
References:  
This update for hawk2 fixes the following issue:

Update to version 2.1.2+git.1594886920.d00b94aa:

- Update puma rubygem requirement to version 4.3.5 for disabling TLSv1.0 and TLSv1.1 (jsc#SLE-6965)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2236-1
Released:    Thu Aug 13 13:06:27 2020
Summary:     Recommended update for wireguard-tools
Type:        recommended
Severity:    moderate
References:  
This update for wireguard-tools fixes the following issues:

Update to version 1.0.20200513

* Makefile: remember to install all systemd units
* ipc: openbsd: switch to array ioctl interface

Update to version 1.0.20200510

* ipc: add support for openbsd kernel implementation
* ipc: cleanup openbsd support
* wg-quick: add support for openbsd kernel implementation
* wg-quick: cleanup openbsd support
* wg-quick: support dns search domains
* Makefile: simplify silent cleaning
* git: add gitattributes so tarball doesn't have gitignore files
* terminal: specialize color_mode to stdout only
* highlighter: insist on 256-bit keys, not 257-bit or 258-bit
* wg-quick: android: support application whitelist
* systemd: add wg-quick.target

Update to version 1.0.20200319

* netlink: initialize mostly unused field
* curve25519: squelch warnings on clang
* man: fix grammar in wg(8) and wg-quick(8)
* man: backlink wg-quick(8) in wg(8)
* man: add a warning to the SaveConfig description
* wincompat: use string_list instead of inflatable_buffer

Update to version 1.0.20200206

* man: document dynamic debug trick for Linux
* extract-{handshakes,keys}: rework for upstream kernel
* netlink: remove libmnl requirement
* embeddable-wg-library: use newer string_list
* netlink: don't pretend that sysconf isn't a function
* Small cleanups.

Update to version 1.0.20200121

* Makefile: add standard 'all' target
* ipc: simplify inflatable buffer and add fuzzer
* fuzz: add generic command argument fuzzer
* fuzz: add set and setconf fuzzers
* netlink: make sure to clear return value when trying again
* Makefile: sort inputs to linker so that build is reproducible

- Initial package, version 1.0.20200102
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2252-1
Released:    Mon Aug 17 14:16:31 2020
Summary:     Recommended update for python-parallax
Type:        recommended
Severity:    moderate
References:  1174894
This update for python-parallax fixes the following issue:

- Change format of scp command for ipv6 compatibility. (bsc#1174894)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2254-1
Released:    Mon Aug 17 15:07:18 2020
Summary:     Recommended update for prometheus-sap_host_exporter and prometheus-ha_cluster_exporter
Type:        recommended
Severity:    moderate
References:  1174429
This update for prometheus-sap_host_exporter and prometheus-ha_cluster_exporter fixes the following issues:

prometheus-sap_host_exporter:

- Added
  * --version command line parameter

- Fixed
  * Some usage details are now further clarified

prometheus-ha_cluster_exporter:

- Features
  * Added support for corosync v3

- Changed
  * The CLI flag --enable-timestamps and its config option have been marked as deprecated

- Fixes
  * Fixed an issue with `corosync-quorumtool` parsing in Corosync v2.3.6

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2256-1
Released:    Mon Aug 17 15:08:46 2020
Summary:     Recommended update for sysfsutils
Type:        recommended
Severity:    moderate
References:  1155305
This update for sysfsutils fixes the following issue:

- Fix cdev name comparison. (bsc#1155305)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:2265-1
Released:    Tue Aug 18 12:08:55 2020
Summary:     Security update for postgresql12
Type:        security
Severity:    important
References:  1175193,1175194,CVE-2020-14349,CVE-2020-14350
This update for postgresql12 fixes the following issues:

- update to 12.4:
  * CVE-2020-14349, bsc#1175193: Set a secure search_path in
    logical replication walsenders and apply workers
  * CVE-2020-14350, bsc#1175194: Make contrib modules' installation
    scripts more secure.
  * https://www.postgresql.org/docs/12/release-12-4.html

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2280-1
Released:    Wed Aug 19 21:27:31 2020
Summary:     Recommended update for devscripts
Type:        recommended
Severity:    moderate
References:  1174163
This update for devscripts fixes the following issue:

Update from version 2.15.1 to version 2.19.5 (bsc#1174163)

- Add conflicts on packages with the same binaries.
- Fixed license tag as suggested by licensedigger.
- Changed download location for source tarball from Debian package pool to salsa.debian.org to 
  avoid download errors.
- Remove support for ancient openSUSE and non-SUSE distributions.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2281-1
Released:    Wed Aug 19 21:28:12 2020
Summary:     Recommended update for openssl-1_0_0
Type:        recommended
Severity:    moderate
References:  1174459
This update for openssl-1_0_0 fixes the following issue:

- Versioning the exported symbols and avoid failures due to the lack of versioning. (bsc#1174459)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2282-1
Released:    Wed Aug 19 21:28:40 2020
Summary:     Recommended update for libgit2
Type:        recommended
Severity:    moderate
References:  1157473
This update for libgit2 provides the following fix:

- Include the libgit2 package in SUSE Manager Server 4.0, no source changes made.
  (bsc#1157473)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2289-1
Released:    Fri Aug 21 10:58:57 2020
Summary:     Recommended update for davfs2
Type:        recommended
Severity:    moderate
References:  1173419
This update for davfs2 fixes the following issue:

- Respect nofail option and avoid to fail upon boot if the remote resource is not available. (bsc#1173419)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2314-1
Released:    Tue Aug 25 15:31:17 2020
Summary:     Recommended update for cloud-regionsrv-client
Type:        recommended
Severity:    moderate
References:  1174731,1174732,1174743,1174791,1174837,1174937
This update for cloud-regionsrv-client contains the following fixes:

- Update to version 9.1.2: (bsc#1174791, bsc#1174937)
  + Implement changes to configure the client to use https only for
    outbound traffic
- plugin-ec2 to version 1.0.1 (bsc#1174743, bsc#1174837)
  + Prefer IMDSv2 and switch all IMDS access requests to support v2 token
    based access method.

- Update to version 9.1.1: (bsc#1174731, bsc#1174732)
  + Do not immediately failover to a sibling system. Upon contact failure
    to the target system give the server/route time to recover. We have
    seen network instability trigger a pre-mature failover during initial
    registration causing problems later during updates.
  + When we do failover make sure the access credentials are known to the
    new target

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2316-1
Released:    Tue Aug 25 15:38:19 2020
Summary:     Recommended update for regionServiceClientConfigEC2
Type:        recommended
Severity:    moderate
References:  1174791,1174937
This update for regionServiceClientConfigEC2 contains the following fixes:

- Update to version 2.2.1 (bsc#1174791, bsc#1174937)
  + New configuration to switch to https only outgoing traffic.
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2318-1
Released:    Tue Aug 25 15:39:22 2020
Summary:     Recommended update for python3-ec2metadata
Type:        recommended
Severity:    moderate
References:  1174743,1174837
This update for python3-ec2metadata contains the following fixes:

- Update to version 3.0.3 (bsc#1174743, bsc#1174837)
  + Prefer IMDSv2 and switch all IMDS access requests to support v2 token
    based access method.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:2240-1
Released:    Tue Aug 25 19:03:12 2020
Summary:     Security update for xorg-x11-server
Type:        security
Severity:    important
References:  1174633,1174635,1174638,CVE-2020-14345,CVE-2020-14346,CVE-2020-14347
This update for xorg-x11-server fixes the following issues:

- CVE-2020-14347: Leak of uninitialized heap memory from the X server to clients on pixmap allocation (bsc#1174633, ZDI-CAN-11426).
- CVE-2020-14346: XIChangeHierarchy Integer Underflow Privilege Escalation Vulnerability (bsc#1174638, ZDI-CAN-11429).
- CVE-2020-14345: XKB out-of-bounds access privilege escalation vulnerability (bsc#1174635, ZDI-CAN-11428).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2330-1
Released:    Wed Aug 26 07:27:43 2020
Summary:     Recommended update for ibmrtpkgs
Type:        recommended
Severity:    moderate
References:  1173678
This update for ibmrtpkgs fixes the following issues:

- Fixes an issues when numa balancing causes significant performance problems on real time SLE. (bsc#1173678)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2338-1
Released:    Wed Aug 26 13:45:01 2020
Summary:     Recommended update for cloud-regionsrv-client
Type:        recommended
Severity:    important
References:  1175752,1175753
This update for cloud-regionsrv-client fixes the following issues:

- Fixed an issue where the cache object for the update server was incomplete (bsc#1175752, bsc#1175753)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2341-1
Released:    Wed Aug 26 15:57:46 2020
Summary:     Recommended update for regionServiceClientConfigGCE
Type:        recommended
Severity:    moderate
References:  1174791,1174937
This update for regionServiceClientConfigGCE contains the following fixes:

- Update to version 3.0.1. (bsc#1174791, bsc#1174937)
  + New configuration to switch to https only outgoing traffic.
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2349-1
Released:    Wed Aug 26 17:15:21 2020
Summary:     Recommended update for hyper-v
Type:        recommended
Severity:    moderate
References:  1093910,1174443,1174444
This update for hyper-v fixes the following issues:

- Remove dependency to network-online.target now that gethostname is used in kvp_daemon. (bsc#1174443, bsc#1174444)
- Reopen the devices if read() or write() returns errors.
- Use either python2 or python3 for lsvmbus. (bsc#1093910)
- Remove sysv init scripts.
- Enable build on aarch64.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:2373-1
Released:    Fri Aug 28 12:58:51 2020
Summary:     Security update for SUSE Manager 4.1.1
Type:        security
Severity:    moderate
References:  1136857,1165572,1169553,1169780,1170244,1170468,1170654,1171281,1172279,1172504,1172709,1172807,1172831,1172839,1173169,1173522,1173535,1173554,1173566,1173584,1173932,1173982,1173997,1174025,1174167,1174201,1174229,1174325,1174405,1174470,1174965,1175485,1175555,1175558,1175724,1175791,678126,CVE-2020-11022
This consolidated update includes multiple patchinfos for SUSE Manager Server and Proxy. This patchinfo is used for the
codestream release only.
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2378-1
Released:    Fri Aug 28 14:52:31 2020
Summary:     Recommended update for python-azure-agent
Type:        recommended
Severity:    moderate
References:  1175198
This update for python-azure-agent contains the following fix:

- Drop paa_sudo_sle15_nopwd.patch (bsc#1175198)
  + sudoers file is managed by cloud-init we no longer need this hack

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2380-1
Released:    Fri Aug 28 14:54:08 2020
Summary:     Recommended update for supportutils-plugin-suse-public-cloud
Type:        recommended
Severity:    moderate
References:  1175250,1175251
This update for supportutils-plugin-suse-public-cloud contains the following fix:

- Update to version 1.0.5: (bsc#1175250, bsc#1175251)
  + Query for new GCE initialization code packages

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2394-1
Released:    Mon Aug 31 17:16:14 2020
Summary:     Recommended update for lifecycle-data-sle-module-live-patching
Type:        recommended
Severity:    moderate
References:  1020320
This update for lifecycle-data-sle-module-live-patching fixes the following issue:

Live kernel patching update data. (bsc#1020320)

- New data for 4_12_14-150_55, 4_12_14-197_48, 5_3_18-22, 5_3_18-24_9.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2415-1
Released:    Tue Sep  1 13:45:00 2020
Summary:     Recommended update for python-kiwi
Type:        recommended
Severity:    moderate
References:  1096738,1165730,1172908,1173226,1173356,1174009
This update for python-kiwi contains the following fixes:

- Bump version up to 9.21.7:
  This version upgrade includes several fixes:

  * Skip filesystem check for XFS prior xfs_grow
    running xfs_repair check isn't strictly necessary before resizing,
    and in some cases it may even prevent resizing by giving an error
    that would be cleared through mounting the fs (e.g. when the fs
    wasn't cleanly umounted, and thus letting xfs recover and replay
    its journal). Given that xfs can only grow online (while being mounted),
    this is sufficient to ensure that the fs is in a state where it
    can be resized. This is related to bsc#1174009. (bsc#1174009)

  * Fixed grub setup in EFI/BOOT directory

    kiwi copied the same grub.cfg file as it exists in boot/grub2
    to the efi path. This is wrong as the setup in the efi boot
    directory is used to enable normal grub loading and not providing
    the user grub configuration. In addition the changes here makes
    sure that the early grub boot code is placed into the system
    in any EFI case except for secure boot when shim-install is
    present. If shim-install is present it also creates the early
    grub boot setup such that kiwi doesn't have to do it.
    This Fixes #1491 and Fixes bsc#1172908. (bsc#1172908)

  * Use rsync in inplace transfer mode

    Using the --inplace option in rsync helps to save space on
    syncing the rootfs data and prevents e.g OBS workers from
    running out of VM space when transfering root filesystem
    data. Also using --inplace allows to keep hardlinks intact.
    This is related to bsc#1096738. (bsc#1096738)

  * Don't keep copy of grub2-install in the system

    To prevent shim-install from calling grub2-install in uefi mode
    kiwi temporary replaces the tool by a noop. This acts as a
    workaround for an issue in shim-install. However the workaround
    left a file copy of grub2-install in the system which should
    not happen. This commit Fixes bsc#1173226 and Fixes #1490. (bsc#1173226)

  * Fixes live ISOs

    This commit fixes iso images. Due to a change introduced in c7ed1cf
    live ISOs were no longer booting as the rootfs.img filesystem was
    copied to the squashfs container while being still mounted. Because of
    that, at boot time, it refused to mount.
    This commit adds umount method for the filesystem base class, so it
    can be umounted before deleting the instance.
    Fixes #1489 and bsc#1173356. (bsc#1173356)

  * Support grub timeout_style parameter

    Grub supports a style setting that influences the display of
    the menu depending on the configured timeout value. With this
    patch kiwi allows to specify the style via a new bootloader
    parameter named timeout_style='hidden|countdown'. If not set
    the grub default applies which shows the menu in any case.
    This Fixes bsc#1165730 and Fixes #1404. (bsc#1165730)

  * Use auto video mode as default for grub

    An explicit video mode 800x600 was used for grub if no
    video mode setup exists in the XML description. For grub
    this should better result in the auto mode. Related to
    bsc#1165730. (bsc#1165730)
    
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2424-1
Released:    Tue Sep  1 13:53:52 2020
Summary:     Recommended update for yast2-rmt
Type:        recommended
Severity:    moderate
References:  1171555,1172674
This update for yast2-rmt fixes the following issues:

- Handle Common Name length. (bsc#1172674)
- Changed placeholders in translatable strings to support better the 'gettext' language format tags. (bsc#1171555)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2440-1
Released:    Tue Sep  1 22:14:33 2020
Summary:     Recommended update for libmaxminddb
Type:        recommended
Severity:    moderate
References:  1175006
This update for libmaxminddb fixes the following issues:

- update to 1.4.3:
  * Use of uninitialized memory in dump_entry_data_list() could have
    cause a heap buffer flow in mmdblookup [bsc#1175006]

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:2452-1
Released:    Wed Sep  2 13:58:24 2020
Summary:     Security update for xorg-x11-server
Type:        security
Severity:    important
References:  1174910,1174913,CVE-2020-14361,CVE-2020-14362
This update for xorg-x11-server fixes the following issues:

- CVE-2020-14361: Fix XkbSelectEvents() integer underflow (bsc#1174910 ZDI-CAN-11573).
- CVE-2020-14362: Fix XRecordRegisterClients() Integer underflow (bsc#1174913 ZDI-CAN-11574).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:2453-1
Released:    Wed Sep  2 13:59:21 2020
Summary:     Security update for java-1_8_0-ibm
Type:        security
Severity:    moderate
References:  1174157,1175259,CVE-2019-17639,CVE-2020-14556,CVE-2020-14577,CVE-2020-14578,CVE-2020-14579,CVE-2020-14581,CVE-2020-14583,CVE-2020-14593,CVE-2020-14621
This update for java-1_8_0-ibm fixes the following issues:

- Update to Java 8.0 Service Refresh 6 Fix Pack 15 [bsc#1175259, bsc#1174157]
  CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581
  CVE-2020-14556 CVE-2020-14621 CVE-2020-14593 CVE-2020-14583
  CVE-2019-17639
  * Class Libraries:
    - JAVA.UTIL.ZIP.DEFLATER OPERATIONS THROW JAVA.LANG.INTERNALERROR
    - JAVA 8 DECODER OBJECTS CONSUME A LARGE AMOUNT OF JAVA HEAP
    - TRANSLATION MESSAGES UPDATE FOR JCL
    - UPDATE TIMEZONE INFORMATION TO TZDATA2020A
  * Java Virtual Machine:
    - IBM JAVA REGISTERS A HANDLER BY DEFAULT FOR SIGABRT
    - LARGE MEMORY FOOTPRINT HELD BY TRACECONTEXT OBJECT
  * JIT Compiler:
    - CRASH IN THE INTERPRETER AFTER OSR FROM INLINED SYNCHRONIZED METHOD
      IN DEBUGGING MODE
    - INTERMITTENT ASSERTION FAILURE REPORTED
    - CRASH IN RESOLVECLASSREF() DURING AOT LOAD
    - JIT CRASH DURING CLASS UNLOADING IN J9METHOD_HT::ONCLASSUNLOADING()
    - SEGMENTATION FAULT WHILE COMPILING A METHOD
    - UNEXPECTED CLASSCASTEXCEPTION THROWN IN HIGH LEVEL PARALLEL
      APPLICATION ON IBM Z PLATFORM
  * Security:
    - CERTIFICATEEXCEPTION OCCURS WHEN FILE.ENCODING PROPERTY SET TO
      NON DEFAULT VALUE
    - CHANGES TO IBMJCE AND IBMJCEPLUS PROVIDERS
    - IBMJCEPLUS FAILS, WHEN THE SECURITY MANAGER IS ENABLED, WITH
      DEFAULT PERMISSIONS, SPECIFIED IN JAVA.POLICY FILE
    - IN CERTAIN INSTANCES, IBMJCEPLUS PROVIDER THROWS EXCEPTION FROM
      KEYFACTORY CLASS

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2464-1
Released:    Wed Sep  2 23:25:41 2020
Summary:     Recommended update for icewm
Type:        recommended
Severity:    moderate
References:  1170420,1173441
This update for icewm fixes the following issues:

- Fixes an issue where icewm updates could no longer be installed (bsc#1173441, bsc#1170420)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2470-1
Released:    Wed Sep  2 23:29:43 2020
Summary:     Recommended update for lshw
Type:        recommended
Severity:    moderate
References:  1168865,1169668,1172156
This update for lshw fixes the following issues:

- Fixes the detection of powerpc products (bsc#1172156)
- Fixed an issue where lshw crashed on powerpc and aarch64 (bsc#1168865, bsc#1169668)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:2474-1
Released:    Thu Sep  3 12:10:29 2020
Summary:     Security update for libX11
Type:        security
Severity:    moderate
References:  1175239,CVE-2020-14363
This update for libX11 fixes the following issues:

- CVE-2020-14363: Fix an integer overflow in init_om() (bsc#1175239).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2489-1
Released:    Fri Sep  4 11:39:19 2020
Summary:     Recommended update for fwupdate
Type:        recommended
Severity:    moderate
References:  1174543

This update of fwupdate fixes the following issue:

- rebuilt with new signing key. (bsc#1174543)
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2549-1
Released:    Fri Sep  4 18:25:50 2020
Summary:     Recommended update for OpenStack clients
Type:        recommended
Severity:    moderate
References:  1121610,1174571,917818
Updated OpenStack clients to the latest OpenStack release named Ussuri.
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2556-1
Released:    Mon Sep  7 14:31:43 2020
Summary:     Recommended update for python3-azuremetadata
Type:        recommended
Severity:    moderate
References:  1175609,1175610
This update for python3-azuremetadata contains the following fix:

- Fix provides directive (bsc#1175609, bsc#1175610)
  + The provides directive must set a version or update does not work
    as expected

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2558-1
Released:    Mon Sep  7 14:32:59 2020
Summary:     Recommended update for tomcat
Type:        recommended
Severity:    moderate
References:  1092163,1172562,1173103
This update for tomcat fixes the following issues:

- Fixed the package alternatives for tomcat-servlet-4_0-api to use /usr/share/java/servlet.jar
  instead of /usr/share/java/tomcat-servlet.jar - We kept /usr/share/java/tomcat-servlet.jar as
  a symlink for compatibility reasons (bsc#1092163)
- Removed write permissions on several files and directories for the tomcat group (bsc#1172562)
- Changed the tomcat.pid location from /var/run to /run (bsc#1173103)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2559-1
Released:    Mon Sep  7 14:33:27 2020
Summary:     Recommended update for xrdp
Type:        recommended
Severity:    moderate
References:  1171415
This update for xrdp fixes the following issue:

- Fallback session to icewm when a selected desktop environment is not found (bsc#1171415)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2567-1
Released:    Tue Sep  8 12:03:33 2020
Summary:     Recommended update for azure-li-services
Type:        recommended
Severity:    important
References:  
This update for azure-li-services fixes the following issues:
	  
- Update prometheus monitoring modules for the LI and VLI images for SLE15-SP1/SP2 and GA. (jsc#SLE-10545, jsc#SLE-10902, jsc#SLE-10903, jsc#ECO-817, jsc#ECO-818)

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2020:2568-1
Released:    Tue Sep  8 13:55:56 2020
Summary:     Optional update for iscsi-formula
Type:        optional
Severity:    important
References:  

This update adds iscsi-formula to the SLES for SAP products. (jsc#ECO-2443, jsc#ECO-1965, jsc#SLE-4047)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2594-1
Released:    Thu Sep 10 14:02:49 2020
Summary:     Recommended update for clone-master-clean-up
Type:        recommended
Severity:    moderate
References:  1174147
This update for clone-master-clean-up fixes the following issues:

- Cleanup salt client ID and 'osad' authentication configuration file and the system ID. (bsc#1174147)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2616-1
Released:    Mon Sep 14 10:34:31 2020
Summary:     Recommended update for python-argparse-manpage
Type:        recommended
Severity:    low
References:  
This update for python-argparse-manpage fixes the following issues:

- Made the multiline text look better

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2630-1
Released:    Mon Sep 14 18:26:03 2020
Summary:     Recommended update for biosdevname
Type:        recommended
Severity:    moderate
References:  1174491
This update for biosdevname fixes the following issues:


- Read DMI info rom sysfs. (bsc#1174491)
  
  A kernel with Secure Boot lockdown may prohibit reading the contents of /dev/mem, hence biosdevname fails. 
  The recent kernel provides the DMI byte contents in /sys/firmware/dmi/tables/*.
  
- Add buffer read helper using read explicitly.
   
  mmap can't work well with a sysfs file and it's required to read the contents explicitly via read, 
  even if USE_MMAP is enabled. 

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2639-1
Released:    Tue Sep 15 16:23:43 2020
Summary:     Recommended update for realmd
Type:        recommended
Severity:    moderate
References:  1175616
This update for realmd fixes the following issue:

- Fix pam misconfiguration. (bsc#1175616)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:2646-1
Released:    Wed Sep 16 12:07:28 2020
Summary:     Security update for perl-DBI
Type:        security
Severity:    important
References:  1176409,1176412,CVE-2020-14392,CVE-2020-14393
This update for perl-DBI fixes the following issues:

Security issues fixed:

- CVE-2020-14392: Memory corruption in XS functions when Perl stack is reallocated (bsc#1176412).
- CVE-2020-14393: Fixed a buffer overflow on an overlong DBD class name (bsc#1176409).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2655-1
Released:    Wed Sep 16 14:44:27 2020
Summary:     Recommended update for google-guest-agent, google-guest-configs, google-guest-oslogin
Type:        recommended
Severity:    moderate
References:  1174745,1175173,1175740,1175741
This update for google-guest-agent, google-guest-configs, google-guest-oslogin contains the following fixes:

- Update to version 20200819.00. (bsc#1175740, bsc#1175741)
  * handle oslogin enable/disable cases (#70). (bsc#1175173)
  * add README (#69)
  * Fix metric for addIPForwardEntry (#68)
  * Correctly determine default route index (#67)
  * oslogin: dont add entry to pam.d/su (#66)
  * end group.conf with newline (#64)
  * Add source field in googet spec (#59)
  * Set route to metadata on interface with default route (#47)
  * fix typo in boto.cfg (#62)
- Properly handle enabling of systemd services when upgrading
  from the old google-compute-engine-init package (bsc#1174745)

- Update to version 20200626.00. (bsc#1175740, bsc#1175741)
  * Updates the udev rules for local SSD disks. (#9)
  * Fix tx affinity logic when number of CPUs is above 32 (#6)

- Switch udev requires to pkgconfig to allow the build service to use
  the -mini package for build optimization

- Update to version 20200819.00. (bsc#1175740, bsc#1175741)
  * deny non-2fa users (#37)
  * use asterisks instead (#39)
  * set passwords to ! (#38)
  * correct index 0 bug (#36)
  * Support security key generated OTP challenges. (#35)

- No post action for ssh

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2658-1
Released:    Wed Sep 16 14:45:24 2020
Summary:     Recommended update for build
Type:        recommended
Severity:    moderate
References:  1170956,1172563,1174854
This update for build fixes the following issues:

- fix factory version in config file (bsc#1170956)
- add missing ignores for Leap 15.2 (bsc#1174854)
- fix sysrq handling for KVM builds
- avoid double removal of obscpio files
- docker:
  * support builds using USER root statements
  * proper error handling when obs-docker-support gets called as 
    non-root
  * helm build target support
  * support milestone handling
- support repo files without types set (SLE 15 SP2 zypp)
- add default substitute for system-packages:repo-creation
- Support recursive kiwi profile usage

- fix dependencies for Fedora 33
- Set $YAML::XS::LoadBlessed = 0 for Appimage/Snapcraft
- add a new variable to track build time needed for ccache eviction
- create folder for ccache archive to be copied before rsync
- also package pkg-config files by default into baselibs. (bsc#1172563)
- Use shorter kernel flag for mitigations
- Ignore, if shutdown behavior changed by build in z/VM
- Control disk-space consumption while creating ccache archive
- cleaning ccache
- create folders before trying to copy ccache.tar
- Generate .packages and .basepackages files for docker builds

- enable sysrq operations on boot
- Set kvm_serial_device to virtio-serial in the fixup
- Split console arg setting code into kvm_add_console_args
- Update for zVM to make container builds work.
- Write to /proc/sys/kernel/hostname if the hostname command is not available
- Use --cgroup-manager=cgroupfs when calling podman
- Also squash by default in podman builds
- Support different interpreters in prein/postin scriptlets
- Use grep -E instead of egrep to check for the needsbinariesforbuild flag
- Use new Build::Intrepo module
- Add new Intrepo module to read/write build's internal repo format
- remove .gz from _ccache archive as it is no longer compressed
- Add support for Arch in build-recipe-kiwi
- Autodetect whether to use --pipe option of systemd-nspawn.
- Split parse_depfile() from readdeps()
- enable compression on ccache
- add bugzilla numbers for s390 workaround
- extend --ccache to generate _ccache.tar.gz and implement --pkg-ccache
- disable transparent_hugepage on s390x guests for now, causes hangs
- set buildflavor also for Build::parse

- Leap 15.2 config update (libzstd1 for rpm)
- handle obscpio extraction error as fatal
- Return correct exit code from systemd-nspawn build
- Spec parser: do not parse included files from end to start
- running disk full check also outside of VM
- run disk full check only for chroot

- Spec parser: add support for %elif, %elifarch, %elifos
- Support rpm's %include statement (EXPERIMENTAL, known limitations)
- Do not do vminstall expansion in expanddeps unless --vm is used

- 15.2 config: preinstall gcrypt deps again
- Recommends for Fedora based distros
- support obsgendiff functionality
- various smaller code cleanups
- additional test cases for spec file parsing
- various fixes for cornercases during spec file parsing

- fix regression in && operator handling of rpm spec file parser
- Correctly expand macros defined with %global

- 15.2 config: temporary revert gcrypt preinstall until distro has changed
- factory config: ignore libxtables for iproute2, not needed for ip tool
- Follow upstream rpm changes in regard to logical ops
- Fix macro expansion of lines containing newlines
- add missing header file to avoid compile warnings

- support OBS-Milestone comment for kiwi
- switch to preinstall expansion for factory

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2659-1
Released:    Wed Sep 16 14:46:06 2020
Summary:     Recommended update for openwsman
Type:        recommended
Severity:    moderate
References:  1174541,1175631
This update for openwsman fixes the following issues:

- Don't crash if OpenSSL SSL context fails to initialize. (bsc#1175631)
- Adapt to openssl 1.1.1. (bsc#1174541)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2667-1
Released:    Thu Sep 17 14:46:50 2020
Summary:     Recommended update for openssl-1_0_0
Type:        recommended
Severity:    moderate
References:  1175429
This update for openssl-1_0_0 fixes the following issues:

- Provide the same symbols as other distros in a compatible package. (bsc#1175429)
- Add OPENSSL_1.0.1_EC symbol. (bsc#1175429)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2676-1
Released:    Thu Sep 17 23:48:03 2020
Summary:     Recommended update for star
Type:        recommended
Severity:    moderate
References:  1170726
This update for star fixes the following issues:

- Support backreferences for spax. (bsc#1170726)
  
  The subst command for pax now supports the \1, \2, ... escapes for \(...\) selections in the from pattern, 
  like it is used by sed(1).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:2689-1
Released:    Mon Sep 21 10:56:11 2020
Summary:     Security update for jasper
Type:        security
Severity:    moderate
References:  1010979,1010980,1020451,1020456,1020458,1020460,1045450,1057152,1088278,1114498,1115637,1117328,1120805,1120807,CVE-2016-9398,CVE-2016-9399,CVE-2017-14132,CVE-2017-5499,CVE-2017-5503,CVE-2017-5504,CVE-2017-5505,CVE-2017-9782,CVE-2018-18873,CVE-2018-19139,CVE-2018-19543,CVE-2018-20570,CVE-2018-20622,CVE-2018-9252
This update for jasper fixes the following issues:

- CVE-2016-9398: Improved patch for already fixed issue (bsc#1010979).
- CVE-2016-9399: Fix assert in calcstepsizes (bsc#1010980).
- CVE-2017-5499: Validate component depth bit (bsc#1020451).
- CVE-2017-5503: Check bounds in jas_seq2d_bindsub() (bsc#1020456).
- CVE-2017-5504: Check bounds in jas_seq2d_bindsub() (bsc#1020458).
- CVE-2017-5505: Check bounds in jas_seq2d_bindsub() (bsc#1020460).
- CVE-2017-14132: Fix heap base overflow in by checking components (bsc#1057152).
- CVE-2018-9252: Fix reachable assertion in jpc_abstorelstepsize (bsc#1088278).
- CVE-2018-18873: Fix null pointer deref in ras_putdatastd (bsc#1114498).
- CVE-2018-19139: Fix mem leaks by registering jpc_unk_destroyparms (bsc#1115637).
- CVE-2018-19543, bsc#1045450 CVE-2017-9782: Fix numchans mixup (bsc#1117328).
- CVE-2018-20570: Fix heap based buffer over-read in jp2_encode (bsc#1120807).
- CVE-2018-20622: Fix memory leak in jas_malloc.c (bsc#1120805).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2706-1
Released:    Tue Sep 22 15:08:19 2020
Summary:     Recommended update for xorg-x11-server
Type:        recommended
Severity:    moderate
References:  1176015
This update for xorg-x11-server fixes the following issues:

- fix crash in XWayland when undocking laptop. (bsc#1176015)
- fix for XWayland abort in Present code. (bsc#1176015)
- Import various fixes from 1.20 branch solving XWayland crashes. (bsc#1176015) 

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2709-1
Released:    Tue Sep 22 15:35:58 2020
Summary:     Recommended update for pdate to version 1.0.5 (bsc#1174791, bsc#1174937)
Type:        recommended
Severity:    low
References:  1174791,1174937
- Update to version 1.0.5 (bsc#1174791, bsc#1174937)
  + New configuration to switch to https only outgoing traffic
  + Use latest API to query the metadata server and send additional data
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:2710-1
Released:    Tue Sep 22 17:06:19 2020
Summary:     Security update for rubygem-actionpack-5_1
Type:        security
Severity:    important
References:  1172177,CVE-2020-8164
This update for rubygem-actionpack-5_1 fixes the following issues:

- CVE-2020-8164: Possible Strong Parameters Bypass in ActionPack.
  There is a strong parameters bypass vector in ActionPack.
  (bsc#1172177)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:2731-1
Released:    Thu Sep 24 07:42:32 2020
Summary:     Security update for conmon, fuse-overlayfs, libcontainers-common, podman
Type:        security
Severity:    moderate
References:  1162432,1164090,1165738,1171578,1174075,1175821,1175957,CVE-2020-1726
This update for conmon, fuse-overlayfs, libcontainers-common, podman fixes the following issues:

podman was updated to v2.0.6 (bsc#1175821)

- install missing systemd units for the new Rest API (bsc#1175957)
  and a few man-pages that where missing before
- Drop varlink API related bits (in favor of the new API)
- fix install location for zsh completions

 * Fixed a bug where running systemd in a container on a cgroups v1 system would fail.
 * Fixed a bug where /etc/passwd could be re-created every time a container
   is restarted if the container's /etc/passwd did not contain an entry
   for the user the container was started as.
 * Fixed a bug where containers without an /etc/passwd file specifying
   a non-root user would not start.
 * Fixed a bug where the --remote flag would sometimes not make
   remote connections and would instead attempt to run Podman locally.

Update to v2.0.6:

* Features

  - Rootless Podman will now add an entry to /etc/passwd for the user who ran Podman if run with --userns=keep-id.
  - The podman system connection command has been reworked to support multiple connections, and reenabled for use!
  - Podman now has a new global flag, --connection, to specify a connection to a remote Podman API instance.

* Changes

  - Podman's automatic systemd integration (activated by the --systemd=true flag, set by default) will now activate for containers using /usr/local/sbin/init as their command, instead of just /usr/sbin/init and /sbin/init (and any path ending in systemd).
  - Seccomp profiles specified by the --security-opt seccomp=... flag to podman create and podman run will now be honored even if the container was created using --privileged.

* Bugfixes

  - Fixed a bug where the podman play kube would not honor the hostIP field for port forwarding (#5964).
  - Fixed a bug where the podman generate systemd command would panic on an invalid restart policy being specified (#7271).
  - Fixed a bug where the podman images command could take a very long time (several minutes) to complete when a large number of images were present.
  - Fixed a bug where the podman logs command with the --tail flag would not work properly when a large amount of output would be printed ((#7230)[https://github.com//issues/7230]).
  - Fixed a bug where the podman exec command with remote Podman would not return a non-zero exit code when the exec session failed to start (e.g. invoking a non-existent command) (#6893).
  - Fixed a bug where the podman load command with remote Podman would did not honor user-specified tags (#7124).
  - Fixed a bug where the podman system service command, when run as a non-root user by Systemd, did not properly handle the Podman pause process and would not restart properly as a result (#7180).
  - Fixed a bug where the --publish flag to podman create, podman run, and podman pod create did not properly handle a host IP of 0.0.0.0 (attempting to bind to literal 0.0.0.0, instead of all IPs on the system) (#7104).
  - Fixed a bug where the podman start --attach command would not print the container's exit code when the command exited due to the container exiting.
  - Fixed a bug where the podman rm command with remote Podman would not remove volumes, even if the --volumes flag was specified (#7128).
  - Fixed a bug where the podman run command with remote Podman and the --rm flag could exit before the container was fully removed.
  - Fixed a bug where the --pod new:... flag to podman run and podman create would create a pod that did not share any namespaces.
  - Fixed a bug where the --preserve-fds flag to podman run and podman exec could close the wrong file descriptors while trying to close user-provided descriptors after passing them into the container.
  - Fixed a bug where default environment variables ($PATH and $TERM) were not set in containers when not provided by the image.
  - Fixed a bug where pod infra containers were not properly unmounted after exiting.
  - Fixed a bug where networks created with podman network create with an IPv6 subnet did not properly set an IPv6 default route.
  - Fixed a bug where the podman save command would not work properly when its output was piped to another command (#7017).
  - Fixed a bug where containers using a systemd init on a cgroups v1 system could leak mounts under /sys/fs/cgroup/systemd to the host.
  - Fixed a bug where podman build would not generate an event on completion (#7022).
  - Fixed a bug where the podman history command with remote Podman printed incorrect creation times for layers (#7122).
  - Fixed a bug where Podman would not create working directories specified by the container image if they did not exist.
  - Fixed a bug where Podman did not clear CMD from the container image if the user overrode ENTRYPOINT (#7115).
  - Fixed a bug where error parsing image names were not fully reported (part of the error message containing the exact issue was dropped).
  - Fixed a bug where the podman images command with remote Podman did not support printing image tags in Go templates supplied to the --format flag (#7123).
  - Fixed a bug where the podman rmi --force command would not attempt to unmount containers it was removing, which could cause a failure to remove the image.
  - Fixed a bug where the podman generate systemd --new command could incorrectly quote arguments to Podman that contained whitespace, leading to nonfunctional unit files (#7285).
  - Fixed a bug where the podman version command did not properly include build time and Git commit.
  - Fixed a bug where running systemd in a Podman container on a system that did not use the systemd cgroup manager would fail (#6734).
  - Fixed a bug where capabilities from --cap-add were not properly added when a container was started as a non-root user via --user.
  - Fixed a bug where Pod infra containers were not properly cleaned up when they stopped, causing networking issues (#7103).

* API

  - Fixed a bug where the libpod and compat Build endpoints did not accept the application/tar content type (instead only accepting application/x-tar) (#7185).
  - Fixed a bug where the libpod Exists endpoint would attempt to write a second header in some error conditions (#7197).
  - Fixed a bug where compat and libpod Network Inspect and Network Remove endpoints would return a 500 instead of 404 when the requested network was not found.
  - Added a versioned _ping endpoint (e.g. http://localhost/v1.40/_ping).
  - Fixed a bug where containers started through a systemd-managed instance of the REST API would be shut down when podman system service shut down due to its idle timeout (#7294).
  - Added stronger parameter verification for the libpod Network Create endpoint to ensure subnet mask is a valid value.
  - The Pod URL parameter to the Libpod Container List endpoint has been deprecated; the information previously gated by the Pod boolean will now be included in the response unconditionally.

- Change hard requires for AppArmor to Recommends. They are not
  needed for runtime or with SELinux but already installed if
  AppArmor is used [jsc#SMO-15]
- Add BuildRequires for pkg-config(libselinux) to build with
  SELinux support [jsc#SMO-15] 

Update to v2.0.4

* Fixed a bug where the output of podman image search did not
  populate the Description field as it was mistakenly assigned to
  the ID field.
* Fixed a bug where podman build - and podman build on an HTTP
  target would fail.
* Fixed a bug where rootless Podman would improperly chown the
  copied-up contents of anonymous volumes (#7130).
* Fixed a bug where Podman would sometimes HTML-escape special
  characters in its CLI output.
* Fixed a bug where the podman start --attach --interactive
  command would print the container ID of the container attached
  to when exiting (#7068).
* Fixed a bug where podman run --ipc=host --pid=host would only
  set --pid=host and not --ipc=host (#7100).
* Fixed a bug where the --publish argument to podman run, podman
  create and podman pod create would not allow binding the same
  container port to more than one host port (#7062).
* Fixed a bug where incorrect arguments to podman images --format
  could cause Podman to segfault.
* Fixed a bug where podman rmi --force on an image ID with more
  than one name and at least one container using the image would
  not completely remove containers using the image (#7153).
* Fixed a bug where memory usage in bytes and memory use
  percentage were swapped in the output of podman stats
  --format=json.
* Fixed a bug where the libpod and compat events endpoints would
  fail if no filters were specified (#7078).
* Fixed a bug where the CgroupVersion field in responses from the
  compat Info endpoint was prefixed by 'v' (instead of just being
  '1' or '2', as is documented).

- Suggest katacontainers instead of recommending it. It's not
  enabled by default, so it's just bloat

Update to v2.0.3

* Fix handling of entrypoint
* log API: add context to allow for cancelling
* fix API: Create container with an invalid configuration
* Remove all instances of named return 'err' from Libpod
* Fix: Correct connection counters for hijacked connections
* Fix: Hijacking v2 endpoints to follow rfc 7230 semantics
* Remove hijacked connections from active connections list
* version/info: format: allow more json variants
* Correctly print STDOUT on non-terminal remote exec
* Fix container and pod create commands for remote create
* Mask out /sys/dev to prevent information leak from the host
* Ensure sig-proxy default is propagated in start
* Add SystemdMode to inspect for containers
* When determining systemd mode, use full command
* Fix lint
* Populate remaining unused fields in `pod inspect`
* Include infra container information in `pod inspect`
* play-kube: add suport for 'IfNotPresent' pull type
* docs: user namespace can't be shared in pods
* Fix 'Error: unrecognized protocol \'TCP\' in port mapping'
* Error on rootless mac and ip addresses
* Fix & add notes regarding problematic language in codebase
* abi: set default umask and rlimits
* Used reference package with errors for parsing tag
* fix: system df error when an image has no name
* Fix Generate API title/description
* Add noop function disable-content-trust
* fix play kube doesn't override dockerfile ENTRYPOINT
* Support default profile for apparmor
* Bump github.com/containers/common to v0.14.6
* events endpoint: backwards compat to old type
* events endpoint: fix panic and race condition
* Switch references from libpod.conf to containers.conf
* podman.service: set type to simple
* podman.service: set doc to podman-system-service
* podman.service: use default registries.conf
* podman.service: use default killmode
* podman.service: remove stop timeout
* systemd: symlink user->system
* vendor golang.org/x/text@v0.3.3
* Fix a bug where --pids-limit was parsed incorrectly
* search: allow wildcards
* [CI:DOCS]Do not copy policy.json into gating image
* Fix systemd pid 1 test
* Cirrus: Rotate keys post repo. rename
* The libpod.conf(5) man page got removed and all references are
  now pointing towards containers.conf(5), which will be part
  of the libcontainers-common package.

Update to podman v2.0.2

* fix race condition in `libpod.GetEvents(...)`
* Fix bug where `podman mount` didn't error as rootless
* remove podman system connection
* Fix imports to ensure v2 is used with libpod
* Update release notes for v2.0.2
* specgen: fix order for setting rlimits
* Ensure umask is set appropriately for 'system service'
* generate systemd: improve pod-flags filter
* Fix a bug with APIv2 compat network remove to log an ErrNetworkNotFound instead of nil
* Fixes --remote flag issues
* Pids-limit should only be set if the user set it
* Set console mode for windows
* Allow empty host port in --publish flag
* Add a note on the APIs supported by `system service`
* fix: Don't override entrypoint if it's `nil`
* Set TMPDIR to /var/tmp by default if not set
* test: add tests for --user and volumes
* container: move volume chown after spec generation
* libpod: volume copyup honors namespace mappings
* Fix `system service` panic from early hangup in events
* stop podman service in e2e tests
* Print errors from individual containers in pods
* auto-update: clarify systemd-unit requirements
* podman ps truncate the command
* move go module to v2
* Vendor containers/common v0.14.4
* Bump to imagebuilder v1.1.6 on v2 branch
* Account for non-default port number in image name
- Changes since v2.0.1
* Update release notes with further v2.0.1 changes
* Fix inspect to display multiple label: changes
* Set syslog for exit commands on log-level=debug
* Friendly amendment for pr 6751
* podman run/create: support all transports
* systemd generate: allow manual restart of container units in pods
* Revert sending --remote flag to containers
* Print port mappings in `ps` for ctrs sharing network
* vendor github.com/containers/common@v0.14.3
* Update release notes for v2.0.1
* utils: drop default mapping when running uid!=0
* Set stop signal to 15 when not explicitly set
* podman untag: error if tag doesn't exist
* Reformat inspect network settings
* APIv2: Return `StatusCreated` from volume creation
* APIv2:fix: Remove `/json` from compat network EPs
* Fix ssh-agent support
* libpod: specify mappings to the storage
* APIv2:doc: Fix swagger doc to refer to volumes
* Add podman network to bash command completions
* Fix typo in manpage for `podman auto update`.
* Add JSON output field for ps
* V2 podman system connection
* image load: no args required
* Re-add PODMAN_USERNS environment variable
* Fix conflicts between privileged and other flags
* Bump required go version to 1.13
* Add explicit command to alpine container in test case.
* Use POLL_DURATION for timer
* Stop following logs using timers
* 'pod' was being truncated to 'po' in the names of the generated systemd unit files.
* rootless_linux: improve error message
* Fix podman build handling of --http-proxy flag
* correct the absolute path of `rm` executable
* Makefile: allow customizable GO_BUILD
* Cirrus: Change DEST_BRANCH to v2.0

Update to podman v2.0.0

* The `podman generate systemd` command now supports the `--new`
  flag when used with pods, allowing portable services for pods
  to be created.
* The `podman play kube` command now supports running Kubernetes
  Deployment YAML.
* The `podman exec` command now supports the `--detach` flag to
  run commands in the container in the background.
* The `-p` flag to `podman run` and `podman create` now supports
  forwarding ports to IPv6 addresses.
* The `podman run`, `podman create` and `podman pod create`
  command now support a `--replace` flag to remove and replace any
  existing container (or, for `pod create`, pod) with the same name
* The `--restart-policy` flag to `podman run` and `podman create`
  now supports the `unless-stopped` restart policy.
* The `--log-driver` flag to `podman run` and `podman create`
  now supports the `none` driver, which does not log the
  container's output.
* The `--mount` flag to `podman run` and `podman create` now
  accepts `readonly` option as an alias to `ro`.
* The `podman generate systemd` command now supports the `--container-prefix`,
  `--pod-prefix`, and `--separator` arguments to control the
  name of generated unit files.
* The `podman network ls` command now supports the `--filter`
  flag to filter results.
* The `podman auto-update` command now supports specifying an
  authfile to use when pulling new images on a per-container
  basis using the `io.containers.autoupdate.authfile` label.
* Fixed a bug where the `podman exec` command would log to journald
  when run in containers loggined to journald
  ([#6555](https://github.com/containers/libpod/issues/6555)).
* Fixed a bug where the `podman auto-update` command would not
  preserve the OS and architecture of the original image when
  pulling a replacement
  ([#6613](https://github.com/containers/libpod/issues/6613)).
* Fixed a bug where the `podman cp` command could create an extra
  `merged` directory when copying into an existing directory
  ([#6596](https://github.com/containers/libpod/issues/6596)).
* Fixed a bug where the `podman pod stats` command would crash
  on pods run with `--network=host`
  ([#5652](https://github.com/containers/libpod/issues/5652)).
* Fixed a bug where containers logs written to journald did not
  include the name of the container.
* Fixed a bug where the `podman network inspect` and
  `podman network rm` commands did not properly handle non-default
  CNI configuration paths ([#6212](https://github.com/containers/libpod/issues/6212)).
* Fixed a bug where Podman did not properly remove containers
  when using the Kata containers OCI runtime.
* Fixed a bug where `podman inspect` would sometimes incorrectly
  report the network mode of containers started with `--net=none`.
* Podman is now better able to deal with cases where `conmon`
  is killed before the container it is monitoring.

Update to podman v1.9.3:

* Fixed a bug where, on FIPS enabled hosts, FIPS mode secrets
  were not properly mounted into containers
* Fixed a bug where builds run over Varlink would hang
* Fixed a bug where podman save would fail when the target
  image was specified by digest
* Fixed a bug where rootless containers with ports forwarded to them
  could panic and dump core due to a concurrency issue (#6018)
* Fixed a bug where rootless Podman could race when opening the
  rootless user namespace, resulting in commands failing to run
* Fixed a bug where HTTP proxy environment variables forwarded into
  the container by the --http-proxy flag could not be overridden by --env or --env-file
* Fixed a bug where rootless Podman was setting resource limits on cgroups
  v2 systems that were not using systemd-managed cgroups
  (and thus did not support resource limits), resulting in containers failing to start

Update podman to v1.9.1:

* Bugfixes

  - Fixed a bug where healthchecks could become nonfunctional if
    container log paths were manually set with --log-path and
    multiple container logs were placed in the same directory
  - Fixed a bug where rootless Podman could, when using an older
    libpod.conf, print numerous warning messages about an invalid
    CGroup manager config
  - Fixed a bug where rootless Podman would sometimes fail to
    close the rootless user namespace when joining it

Update podman to v1.9.0:

* Features

  - Experimental support has been added for podman run
    --userns=auto, which automatically allocates a unique UID and
    GID range for the new container's user namespace
  - The podman play kube command now has a --network flag to
    place the created pod in one or more CNI networks
  - The podman commit command now supports an --iidfile flag to
    write the ID of the committed image to a file
  - Initial support for the new containers.conf configuration
    file has been added. containers.conf allows for much more
    detailed configuration of some Podman functionality

* Changes

  - There has been a major cleanup of the podman info command
    resulting in breaking changes. Many fields have been renamed
    to better suit usage with APIv2
  - All uses of the --timeout flag have been switched to prefer
    the alternative --time. The --timeout flag will continue to
    work, but man pages and --help will use the --time flag
    instead

* Bugfixes

  - Fixed a bug where some volume mounts from the host would
    sometimes not properly determine the flags they should use
    when mounting
  - Fixed a bug where Podman was not propagating $PATH to Conmon
    and the OCI runtime, causing issues for some OCI runtimes
    that required it
  - Fixed a bug where rootless Podman would print error messages
    about missing support for systemd cgroups when run in a
    container with no cgroup support
  - Fixed a bug where podman play kube would not properly handle
    container-only port mappings (#5610)
  - Fixed a bug where the podman container prune command was not
    pruning containers in the created and configured states
  - Fixed a bug where Podman was not properly removing CNI IP
    address allocations after a reboot (#5433)
  - Fixed a bug where Podman was not properly applying the
    default Seccomp profile when --security-opt was not given at
    the command line

* HTTP API

  - Many Libpod API endpoints have been added, including Changes,
    Checkpoint, Init, and Restore
  - Resolved issues where the podman system service command would
    time out and exit while there were still active connections
  - Stability overall has greatly improved as we prepare the API
    for a beta release soon with Podman 2.0

* Misc

  - The default infra image for pods has been upgraded to
    k8s.gcr.io/pause:3.2 (from 3.1) to address a bug in the
    architecture metadata for non-AMD64 images
  - The slirp4netns networking utility in rootless Podman now
    uses Seccomp filtering where available for improved security
  - Updated Buildah to v1.14.8
  - Updated containers/storage to v1.18.2
  - Updated containers/image to v5.4.3
  - Updated containers/common to v0.8.1

- Add 'systemd' BUILDFLAGS to build with support for journald
  logging (bsc#1162432)

Update podman to v1.8.2:

* Features

  - Initial support for automatically updating containers managed
    via Systemd unit files has been merged. This allows
    containers to automatically upgrade if a newer version of
    their image becomes available

* Bugfixes

  - Fixed a bug where unit files generated by podman generate
    systemd --new would not force containers to detach, causing
    the unit to time out when trying to start
  - Fixed a bug where podman system reset could delete important
    system directories if run as rootless on installations
    created by older Podman (#4831)
  - Fixed a bug where image built by podman build would not
    properly set the OS and Architecture they were built with
    (#5503)
  - Fixed a bug where attached podman run with --sig-proxy
    enabled (the default), when built with Go 1.14, would
    repeatedly send signal 23 to the process in the container and
    could generate errors when the container stopped (#5483)
  - Fixed a bug where rootless podman run commands could hang
    when forwarding ports
  - Fixed a bug where rootless Podman would not work when /proc
    was mounted with the hidepid option set
  - Fixed a bug where the podman system service command would use
    large amounts of CPU when --timeout was set to 0 (#5531)

* HTTP API

  - Initial support for Libpod endpoints related to creating and
    operating on image manifest lists has been added
  - The Libpod Healthcheck and Events API endpoints are now
    supported
  - The Swagger endpoint can now handle cases where no Swagger
    documentation has been generated

Update podman to v1.8.1:

* Features

  - Many networking-related flags have been added to podman pod
    create to enable customization of pod networks, including
    --add-host, --dns, --dns-opt, --dns-search, --ip,
    --mac-address, --network, and --no-hosts
  - The podman ps --format=json command now includes the ID of
    the image containers were created with
  - The podman run and podman create commands now feature an
    --rmi flag to remove the image the container was using after
    it exits (if no other containers are using said image)
    ([#4628](https://github.com/containers/libpod/issues/4628))
  - The podman create and podman run commands now support the
    --device-cgroup-rule flag (#4876)
  - While the HTTP API remains in alpha, many fixes and additions
    have landed. These are documented in a separate subsection
    below
  - The podman create and podman run commands now feature a
    --no-healthcheck flag to disable healthchecks for a container
    (#5299)
  - Containers now recognize the io.containers.capabilities
    label, which specifies a list of capabilities required by the
    image to run. These capabilities will be used as long as they
    are more restrictive than the default capabilities used
  - YAML produced by the podman generate kube command now
    includes SELinux configuration passed into the container via
    --security-opt label=... (#4950)

* Bugfixes

  - Fixed CVE-2020-1726, a security issue where volumes manually
    populated before first being mounted into a container could
    have those contents overwritten on first being mounted into a
    container
  - Fixed a bug where Podman containers with user namespaces in
    CNI networks with the DNS plugin enabled would not have the
    DNS plugin's nameserver added to their resolv.conf
    ([#5256](https://github.com/containers/libpod/issues/5256))
  - Fixed a bug where trailing / characters in image volume
    definitions could cause them to not be overridden by a
    user-specified mount at the same location
    ([#5219](https://github.com/containers/libpod/issues/5219))
  - Fixed a bug where the label option in libpod.conf, used to
    disable SELinux by default, was not being respected (#5087)
  - Fixed a bug where the podman login and podman logout commands
    required the registry to log into be specified (#5146)
  - Fixed a bug where detached rootless Podman containers could
    not forward ports (#5167)
  - Fixed a bug where rootless Podman could fail to run if the
    pause process had died
  - Fixed a bug where Podman ignored labels that were specified
    with only a key and no value (#3854)
  - Fixed a bug where Podman would fail to create named volumes
    when the backing filesystem did not support SELinux labelling
    (#5200)
  - Fixed a bug where --detach-keys='' would not disable
    detaching from a container (#5166)
  - Fixed a bug where the podman ps command was too aggressive
    when filtering containers and would force --all on in too
    many situations
  - Fixed a bug where the podman play kube command was ignoring
    image configuration, including volumes, working directory,
    labels, and stop signal (#5174)
  - Fixed a bug where the Created and CreatedTime fields in
    podman images --format=json were misnamed, which also broke
    Go template output for those fields
    ([#5110](https://github.com/containers/libpod/issues/5110))
  - Fixed a bug where rootless Podman containers with ports
    forwarded could hang when started (#5182)
  - Fixed a bug where podman pull could fail to parse registry
    names including port numbers
  - Fixed a bug where Podman would incorrectly attempt to
    validate image OS and architecture when starting containers
  - Fixed a bug where Bash completion for podman build -f would
    not list available files that could be built (#3878)
  - Fixed a bug where podman commit --change would perform
    incorrect validation, resulting in valid changes being
    rejected (#5148)
  - Fixed a bug where podman logs --tail could take large amounts
    of memory when the log file for a container was large (#5131)
  - Fixed a bug where Podman would sometimes incorrectly generate
    firewall rules on systems using firewalld
  - Fixed a bug where the podman inspect command would not
    display network information for containers properly if a
    container joined multiple CNI networks
    ([#4907](https://github.com/containers/libpod/issues/4907))
  - Fixed a bug where the --uts flag to podman create and podman
    run would only allow specifying containers by full ID (#5289)
  - Fixed a bug where rootless Podman could segfault when passed
    a large number of file descriptors
  - Fixed a bug where the podman port command was incorrectly
    interpreting additional arguments as container names, instead
    of port numbers
  - Fixed a bug where units created by podman generate systemd
    did not depend on network targets, and so could start before
    the system network was ready (#4130)
  - Fixed a bug where exec sessions in containers which did not
    specify a user would not inherit supplemental groups added to
    the container via --group-add
  - Fixed a bug where Podman would not respect the $TMPDIR
    environment variable for placing large temporary files during
    some operations (e.g. podman pull)
    ([#5411](https://github.com/containers/libpod/issues/5411))

* HTTP API

  - Initial support for secure connections to servers via SSH
    tunneling has been added
  - Initial support for the libpod create and logs endpoints for
    containers has been added
  - Added a /swagger/ endpoint to serve API documentation
  - The json endpoint for containers has received many fixes
  - Filtering images and containers has been greatly improved,
    with many bugs fixed and documentation improved
  - Image creation endpoints (commit, pull, etc) have seen many
    fixes
  - Server timeout has been fixed so that long operations will no
    longer trigger the timeout and shut the server down
  - The stats endpoint for containers has seen major fixes and
    now provides accurate output
  - Handling the HTTP 304 status code has been fixed for all
    endpoints
  - Many fixes have been made to API documentation to ensure it
    matches the code

* Misc

  - The Created field to podman images --format=json has been
    renamed to CreatedSince as part of the fix for (#5110). Go
    templates using the old name shou ld still work
  - The CreatedTime field to podman images --format=json has been
    renamed to CreatedAt as part of the fix for (#5110). Go
    templates using the old name should still work
  - The before filter to podman images has been renamed to since
    for Docker compatibility. Using before will still work, but
      documentation has been changed to use the new since filter
  - Using the --password flag to podman login now warns that
    passwords are being passed in plaintext
  - Some common cases where Podman would deadlock have been fixed
    to warn the user that podman system renumber must be run to
    resolve the deadlock

- Configure br_netfilter for podman automatically (bsc#1165738)
  The trigger is only excuted when updating podman-cni-config while the
  command was running

conmon was update to v2.0.20 (bsc#1175821)

- journald: fix logging container name
- container logging: Implement none driver - 'off', 'null' or
  'none' all work.
- ctrl: warn if we fail to unlink
- Drop fsync calls
- Reap PIDs before running exit command
- Fix log path parsing
- Add --sync option to prevent conmon from double forking
- Add --no-sync-log option to instruct conmon to not sync the
  logs of the containers upon shutting down. This feature fixes a
  regression where we unconditionally dropped the log sync. It is
  possible the container logs could be corrupted on a sudden
  power-off. If you need container logs to remain in consistent
  state after a sudden shutdown, please update from v2.0.19 to
  v2.0.20

- Update to v2.0.17:

  - Add option to delay execution of exit command

- Update to v2.0.16:

  - tty: flush pending data when fd is ready

- Enable support for journald logging (bsc#1162432)
- Update to v2.0.15:

  - store status while waiting for pid

- Update to v2.0.14:

  - drop usage of splice(2)
  - avoid hanging on stdin
  - stdio: sometimes quit main loop after io is done
  - ignore sigpipe

- Update to v2.0.12

  - oom: fix potential race between verification steps

- Update to v2.0.11

  - log: reject --log-tag with k8s-file
  - chmod std files pipes
  - adjust score to -1000 to prevent conmon from ever being OOM
    killed
  - container OOM: verify cgroup hasn't been cleaned up before
    reporting OOM
  - journal logging: write to /dev/null instead of -1

fuse-overlayfs was updated to 1.1.2 (bsc#1175821):

- fix memory leak when creating whiteout files.
- fix lookup for overflow uid when it is different than the overflow gid.
- use openat2(2) when available.
- accept 'ro' as mount option.
- fix set mtime for a symlink.
- fix some issues reported by static analysis.
- fix potential infinite loop on a short read.
- fix creating a directory if the destination already exists
  in the upper layer.
- report correctly the number of links for a directory also for
  subsequent stat calls
- stop looking up the ino in the lower layers if the file could
  not be opened
- make sure the destination is deleted before doing a rename(2).
  It prevents a left over directory to cause delete to fail with
  EEXIST.
- honor --debug.

libcontainers-common was updated to fix:

- Fixes for %_libexecdir changing to /usr/libexec (bsc#1174075)
- Added containers/common tarball for containers.conf(5) man page
- Install containers.conf default configuration in
  /usr/share/containers
- libpod repository on github got renamed to podman
- Update to image 5.5.1
  - Add documentation for credHelpera
  - Add defaults for using the rootless policy path
- Update libpod/podman to 2.0.3
  - docs: user namespace can't be shared in pods
  - Switch references from libpod.conf to containers.conf
  - Allow empty host port in --publish flag
  - update document login see config.json as valid
- Update storage to 1.20.2
  - Add back skip_mount_home

- Remove remaining difference between SLE and openSUSE package and
  ship the some mounts.conf default configuration on both platforms.
  As the sources for the mount point do not exist on openSUSE by
  default this config will basically have no effect on openSUSE.
  (jsc#SLE-12122, bsc#1175821) 

- Update to image 5.4.4
  - Remove registries.conf VERSION 2 references from man page
  - Intial authfile man page
  - Add $HOME/.config/containers/certs.d to perHostCertDirPath
  - Add $HOME/.config/containers/registries.conf to config path
  - registries.conf.d: add stances for the registries.conf
- update to libpod 1.9.3
  - userns: support --userns=auto
  - Switch to using --time as opposed to --timeout to better match Docker
  - Add support for specifying CNI networks in podman play kube
  - man pages: fix inconsistencies
- Update to storage 1.19.1
  - userns: add support for auto
  - store: change the default user to containers
  - config: honor XDG_CONFIG_HOME
- Remove the /var/lib/ca-certificates/pem/SUSE.pem workaround again.
  It never ended up in SLES and a different way to fix the underlying
  problem is being worked on.

- Add registry.opensuse.org as default registry [bsc#1171578] 

- Add /var/lib/ca-certificates/pem/SUSE.pem to the SLES mounts.
  This for making container-suseconnect working in the public
  cloud on-demand images. It needs that file for being able to
  verify the server certificates of the RMT servers hosted
  in the public cloud.
  (https://github.com/SUSE/container-suseconnect/issues/41)
  

      
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2735-1
Released:    Thu Sep 24 13:32:25 2020
Summary:     Recommended update for systemd-rpm-macros
Type:        recommended
Severity:    moderate
References:  1173034
This update for systemd-rpm-macros fixes the following issues:

- Introduce macro '%service_del_postun_without_restart' to resolve blocking new releases based on this. (bsc#1173034)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:2744-1
Released:    Thu Sep 24 17:56:23 2020
Summary:     Security update for tiff
Type:        security
Severity:    moderate
References:  1146608,CVE-2019-14973
This update for tiff fixes the following issues:

- CVE-2019-14973: Fixed an improper check which was depended on the compiler
  which could have led to integer overflow (bsc#1146608).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:2749-1
Released:    Fri Sep 25 11:10:33 2020
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    important
References:  1167976,1173986,1173991,1174284,1174420,1175686,1176756,CVE-2020-15663,CVE-2020-15664,CVE-2020-15670,CVE-2020-15673,CVE-2020-15676,CVE-2020-15677,CVE-2020-15678
This update for MozillaFirefox fixes the following issues:

- Firefox was updated to 78.3.0 ESR (bsc#1176756, MFSA 2020-43)
   - CVE-2020-15677: Download origin spoofing via redirect
   - CVE-2020-15676: Fixed an XSS when pasting attacker-controlled data into a
     contenteditable element 
   - CVE-2020-15678: When recursing through layers while scrolling, an iterator
     may have become invalid, resulting in a potential use-after-free scenario
   - CVE-2020-15673: Fixed memory safety bugs 
- Enhance fix for wayland-detection (bsc#1174420)
- Attempt to fix langpack-parallelization by introducing separate
  obj-dirs for each lang (bsc#1173986, bsc#1167976)

- Firefox was updated to 78.2.0 ESR (bsc#1175686, MFSA 2020-38)
   - CVE-2020-15663: Downgrade attack on the Mozilla Maintenance Service could
     have resulted in escalation of privilege
   - CVE-2020-15664: Attacker-induced prompt for extension installation
   - CVE-2020-15670: Fixed  memory safety bugs fixed in Firefox 80 and Firefox ESR 78.2

- Fixed Firefox tab crash in FIPS mode (bsc#1174284).
- Fixed broken translation-loading (bsc#1173991) 
  - allow addon sideloading
  - mark signatures for langpacks non-mandatory
  - do not autodisable user profile scopes
- Google API key is not usable for geolocation service any more

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2020:2758-1
Released:    Fri Sep 25 19:46:16 2020
Summary:     Optional update for pyzy
Type:        optional
Severity:    low
References:  
This update for pyzy doesn't fix any user visible issues, but improves the building of
the package from its source.
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2773-1
Released:    Tue Sep 29 08:15:31 2020
Summary:     Recommended update for python3-susepubliccloudinfo
Type:        recommended
Severity:    moderate
References:  1176102,1176103
This update for python3-susepubliccloudinfo contains the following fixes:

- Update to version 1.2.2: (bsc#1176102, bsc#1176103)
  + Support query for providers/frameworks, regions, and image states.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2782-1
Released:    Tue Sep 29 11:40:22 2020
Summary:     Recommended update for systemd-rpm-macros
Type:        recommended
Severity:    important
References:  1176932
This update for systemd-rpm-macros fixes the following issues:

- Backport missing macros of directory paths from upstream
  + %_environmentdir
  + %_modulesloaddir
  + %_modprobedir

- Make sure %_restart_on_update_never and %_stop_on_removal_never don't expand to the
  empty string. (bsc#1176932)
  Otherwise sequences like the following code:
     if [ ... ]; then
        %_restart_on_update_never
     fi
  would result in the following incorrect shell syntax:
     if [ ... ]; then
     fi

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2613-1
Released:    Tue Sep 29 14:06:01 2020
Summary:     Recommended update for certification-sles-eal4, installation-images, patterns-certification, system-role-common-criteria
Type:        recommended
Severity:    moderate
References:  1172898,1176112
This update for certification-sles-eal4, installation-images, patterns-certification, system-role-common-criteria fixes the following issues:

This updates provided various packages required for Common Criteria certification.

certification-sles-eal4:

- This package contains setup scripts that are used after installation of a common criteria system role.

patterns-certification:

- This package contains the packages to be installed.

system-role-common-criteria:

- This system role is used in the installer to be select and enable the Common Critera installation role.


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2796-1
Released:    Tue Sep 29 14:30:55 2020
Summary:     Recommended update for hyper-v
Type:        recommended
Severity:    moderate
References:  1116957
This update for hyper-v fixes the following issues:

- Fixes an issue when hyper-v services not running after booting from SLES12SP3 ISO. (bsc#1116957)	  

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2804-1
Released:    Wed Sep 30 11:43:16 2020
Summary:     Recommended update for xiterm
Type:        recommended
Severity:    moderate
References:  1158271
This update for xiterm fixes the following issues:

- Fix for not enabled application keypad mode. (bsc#1158271)

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2020:2811-1
Released:    Thu Oct  1 09:19:57 2020
Summary:     Optional update for adding Grafana dashboards to SLES for SAP
Type:        optional
Severity:    moderate
References:  
This update adds grafana-ha-cluster-dashboards, grafana-sap-hana-dashboards,
 grafana-sap-netweaver-dashboards, grafana-sap-providers to SLES for SAP (jsc#ECO-2237)

grafana-ha-cluster-dashboards:

- Release 1.0.2
  * update title and description
  * fixed datasource variable initialization
  * minor Grafana 7 compatibility fixes
  * use recommends instead of requires on grafana (jsc#SLE-10545) 

grafana-sap-providers:

- First release

grafana-sap-hana-dashboards:

- Release 1.0.1
  * Remove 'detail' word from file names for simplicity
  * Update title and description

grafana-sap-netweaver-dashboards:

- Release 1.0.1
  * Update schema to Grafana 7
  * Update title and description

 
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2825-1
Released:    Fri Oct  2 08:44:28 2020
Summary:     Recommended update for suse-build-key
Type:        recommended
Severity:    moderate
References:  1170347,1176759
This update for suse-build-key fixes the following issues:

- The SUSE Notary Container key is different from the build signing
  key, include this key instead as suse-container-key. (PM-1845 bsc#1170347)

- The SUSE build key for SUSE Linux Enterprise 12 and 15 is extended by 4 more years. (bsc#1176759)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:2828-1
Released:    Fri Oct  2 10:33:22 2020
Summary:     Security update for perl-DBI
Type:        security
Severity:    important
References:  1176764,CVE-2019-20919
This update for perl-DBI fixes the following issues:

- CVE-2019-20919: Fixed a NULL profile dereference in dbi_profile (bsc#1176764).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2842-1
Released:    Fri Oct  2 12:17:55 2020
Summary:     Recommended update for golang-github-prometheus-node_exporter
Type:        recommended
Severity:    moderate
References:  1151557
This update for golang-github-prometheus-node_exporter fixes the following issues:

- Add missing sysconfig file in rpm  bsc#1151557

- Changes from 1.0.1
  * Changes to build specification
    + Modify spec: update golang version to 1.14
    + Remove update tarball script
    + Add _service file to allow for updates via `osc service disabledrun`
  * Bug fixes
    + [BUGFIX] filesystem_freebsd: Fix label values #1728
    + [BUGFIX] Update prometheus/procfs to fix log noise #1735
    + [BUGFIX] Fix build tags for collectors #1745
    + [BUGFIX] Handle no data from powersupplyclass #1747, #1749

- Changes from 1.0.0
  * Bug fixes
    + [BUGFIX] Read /proc/net files with a single read syscall #1380
    + [BUGFIX] Renamed label state to name on node_systemd_service_restart_total. #1393
    + [BUGFIX] Fix netdev nil reference on Darwin #1414
    + [BUGFIX] Strip path.rootfs from mountpoint labels #1421
    + [BUGFIX] Fix seconds reported by schedstat #1426
    + [BUGFIX] Fix empty string in path.rootfs #1464
    + [BUGFIX] Fix typo in cpufreq metric names #1510
    + [BUGFIX] Read /proc/stat in one syscall #1538
    + [BUGFIX] Fix OpenBSD cache memory information #1542
    + [BUGFIX] Refactor textfile collector to avoid looping defer #1549
    + [BUGFIX] Fix network speed math #1580
    + [BUGFIX] collector/systemd: use regexp to extract systemd version #1647
    + [BUGFIX] Fix initialization in perf collector when using multiple CPUs #1665
    + [BUGFIX] Fix accidentally empty lines in meminfo_linux #1671
  * Several enhancements
    + See https://github.com/prometheus/node_exporter/releases/tag/v1.0.0


- Changes from 1.0.0-rc.0
Breaking changes
  * The netdev collector CLI argument --collector.netdev.ignored-devices
    was renamed to --collector.netdev.device-blacklist in order to conform
    with the systemd collector. #1279
  * The label named state on node_systemd_service_restart_total metrics was
    changed to name to better describe the metric. #1393
  * Refactoring of the mdadm collector changes several metrics
        node_md_disks_active is removed
        node_md_disks now has a state label for 'fail', 'spare', 'active' disks.
        node_md_is_active is replaced by node_md_state with a state set of
        'active', 'inactive', 'recovering', 'resync'.
  * Additional label mountaddr added to NFS device metrics to distinguish
    mounts from the same URL, but different IP addresses. #1417
  * Metrics node_cpu_scaling_frequency_min_hrts and
    node_cpu_scaling_frequency_max_hrts of the cpufreq collector were
    renamed to node_cpu_scaling_frequency_min_hertz and
    node_cpu_scaling_frequency_max_hertz. #1510
  * Collectors that are enabled, but are unable to find data to collect,
    now return 0 for node_scrape_collector_success.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2863-1
Released:    Tue Oct  6 09:28:41 2020
Summary:     Recommended update for efivar
Type:        recommended
Severity:    moderate
References:  1175989
This update for efivar fixes the following issues:

- Fixed an issue when segmentation fault are caused on non-EFI systems. (bsc#1175989)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2885-1
Released:    Fri Oct  9 14:50:51 2020
Summary:     Recommended update for xmlsec1
Type:        recommended
Severity:    moderate
References:  1177233

This update for xmlsec1 fixes the following issue:

- xmlsec1-devel, xmlsec1-openssl-devel and xmlsec-nss-devel are added to the Basesystem module. (bsc#1177233)
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:2899-1
Released:    Tue Oct 13 14:18:03 2020
Summary:     Security update for rubygem-activesupport-5_1
Type:        security
Severity:    critical
References:  1172186,CVE-2020-8165
This update for rubygem-activesupport-5_1 fixes the following issues:

- CVE-2020-8165: Fixed deserialization of untrusted data in MemCacheStore potentially resulting in remote code execution (bsc#1172186)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2910-1
Released:    Tue Oct 13 16:02:04 2020
Summary:     Recommended update for cloud-regionsrv-client
Type:        recommended
Severity:    moderate
References:  1176858,1176859
This update for cloud-regionsrv-client contains the following fixes:

- Update to version 9.1.4 (bsc#1176858, bsc#1176859)
  + Properly handle the exit code for SUSEConnect and provide log
    message with failure details for registration failure

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2945-1
Released:    Fri Oct 16 10:06:06 2020
Summary:     Recommended update for python-azure-agent
Type:        recommended
Severity:    critical
References:  1176368,1176369,1177161,1177257
This update for python-azure-agent fixes the following issues:

- Fixes an issue when the 'python-azure-agent' fails to initialize Azure instances. (bsc#1177161, bsc#1177257)

Update to version 2.2.49.2 (bsc#1176368, bsc#1176369)

  + Do not use --unit with systemd-cgls (#1910)
  + Report processes that do not belong to the agent's cgroup (#1908)
  + Use controller mount point for extension cgroup path (#1899)
  + Improvements in setup of cgroups (#1896)
  + Remove ExtensionsMetricsData and per-process Memory data (#1884)
  + Fix return value of start_extension_command (#1927)
  + Remove import * (#1900)
  + Fix flaky ExtensionCleanupTest class (#1898)
  + Fix codecov badge (#1883)
  + Changed codecov to run on py3.8 (#1875)
  + Update documentation on /dev/random (#1909)
  + Mount options are in mount(8) (#1893)
  + Remove ssh host key thumbprint in report ready (#1913)
  + Emit AutoUpdate value at service start only (#1907)
  + Add logging for version mismatch (#1895)
  + Send telemetry event if libdir changes (#1897)
  + Add log collector utility (#1847)
  + Move AutoUpdate reporting to HeartBeat event (#1919)
  + Removing infinite download of extension manifest without a new GS (#1874)
  + Fix wrongful dir deletion (#1873)
  + Fix the cleanup-outdated-handlers to only delete handlers that are not
    present in the GS (#1889)
  + Expose periods of environment thread in waagent.conf (#1891)
  + Added user @kevinclark19a as Contributor. (#1906)
- From 2.2.48.1
  + Refactoring GoalState class out of Protocol, making Protocol thread-safe,
    removing stale dependencies of Protocol and removing the dependency on
    the file system to read the Protocol info
  + Fetch goal state when creating HostPluginProtocol (#1799)
  + Separate goal state from the protocol class (#1777)
  + Make protocol util a singleton per thread (#1743, #1756)
  + Fetch goal state before sending telemetry (#1751)
  + Remove file dependency (#1754)
  + Others (#1758, #1767, #1744, #1749, #1816, #1820)
  + New logs for goal state fetch (#1797) and refresh (#1794).
  + Thread name added to logs (#1778)
  + Populate telemetry events at creation time (#1791)
  + Periodic HeartBeat to be logged to the file (#1755)
  + Add unit test to verify call stacks on telemetry events (#1828)
  + Others (#1841, #1842, #1846)
  + Handling errors while reading extension status files
    (Limiting Size and Transient issues)(#1761)
  + Enable SWAP on Resource Disk as Application Certification Support
    suggested (#1762)
  + Update 'Provisioning' options in default configs ( #1853)
  + Drop Metadata Server Support (#1806, #1839, #1840 )
  + Improve documentation of ResourceDisk.EnableSwapEncryption (#1782)
  + Removed is_snappy function (#1774)
  + Handle exceptions in monitor thread (#1770)
  + Fix timestamp for periodic operations in the monitor thread (#1879)
  + Fix permissions on the Ubuntu systemd service file (#1814)
  + Update hostname setting for SUSE distros (#1832)
  + Python 3.8 improvements + support for Ubuntu 20.04 (#1860, #1865, #1738)
  + Testing and dev-infra improvements
    [#1771, #1768, #1800, #1826, #1827, #1833]
  + Others (#1854, #1858)

- From 2.2.46

  + [#1741] Do not update goal state when refreshing the host plugin
  + [#1731] Fix upgrade sequence when update command fails
  + [#1725] Initialize CPU usage
  + [#1716, #1737] Added UTC logging and correcting the format
  + [#1651, #1729] Start sending PerformanceCounter metrics and
    additional memory information for Cgroups

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:2947-1
Released:    Fri Oct 16 15:23:07 2020
Summary:     Security update for gcc10, nvptx-tools
Type:        security
Severity:    moderate
References:  1172798,1172846,1173972,1174753,1174817,1175168,CVE-2020-13844
This update for gcc10, nvptx-tools fixes the following issues:

This update provides the GCC10 compiler suite and runtime libraries.

The base SUSE Linux Enterprise libraries libgcc_s1, libstdc++6 are replaced by
the gcc10 variants.

The new compiler variants are available with '-10' suffix, you can specify them
via:

	CC=gcc-10
	CXX=g++-10

or similar commands.

For a detailed changelog check out https://gcc.gnu.org/gcc-10/changes.html

Changes in nvptx-tools:

- Enable build on aarch64
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2950-1
Released:    Fri Oct 16 15:49:51 2020
Summary:     Recommended update for python-aliyun-python-sdk, python-aliyun-python-sdk-aas, python-aliyun-python-sdk-acm, python-aliyun-python-sdk-acms-open, python-aliyun-python-sdk-actiontrail, python-aliyun-python-sdk-adb, python-aliyun-python-sdk-address-purification, python-aliyun-python-sdk-aegis, python-aliyun-python-sdk-afs, python-aliyun-python-sdk-airec, python-aliyun-python-sdk-alidns, python-aliyun-python-sdk-aligreen-console, python-aliyun-python-sdk-alimt, python-aliyun-python-sdk-alinlp, python-aliyun-python-sdk-aliyuncvc, python-aliyun-python-sdk-amqp-open, python-aliyun-python-sdk-appmallsservice, python-aliyun-python-sdk-arms, python-aliyun-python-sdk-arms4finance, python-aliyun-python-sdk-baas, python-aliyun-python-sdk-brinekingdom, python-aliyun-python-sdk-bss, python-aliyun-python-sdk-bssopenapi, python-aliyun-python-sdk-cams, python-aliyun-python-sdk-cas, python-aliyun-python-sdk-cassandra, python-aliyun-python-sdk-cbn, python-aliyun-python-sdk-ccc, python-aliyun-python-sdk-ccs, python-aliyun-python-sdk-cdn, python-aliyun-python-sdk-chatbot, python-aliyun-python-sdk-clickhouse, python-aliyun-python-sdk-cloudapi, python-aliyun-python-sdk-cloudauth, python-aliyun-python-sdk-cloudesl, python-aliyun-python-sdk-cloudgame, python-aliyun-python-sdk-cloudmarketing, python-aliyun-python-sdk-cloudphoto, python-aliyun-python-sdk-cloudwf, python-aliyun-python-sdk-cms, python-aliyun-python-sdk-codeup, python-aliyun-python-sdk-companyreg, python-aliyun-python-sdk-core, python-aliyun-python-sdk-cr, python-aliyun-python-sdk-crm, python-aliyun-python-sdk-cs, python-aliyun-python-sdk-csb, python-aliyun-python-sdk-cspro, python-aliyun-python-sdk-cusanalytic_sc_online, python-aliyun-python-sdk-das, python-aliyun-python-sdk-dataworks-public, python-aliyun-python-sdk-dbfs, python-aliyun-python-sdk-dbs, python-aliyun-python-sdk-dcdn, python-aliyun-python-sdk-dds, python-aliyun-python-sdk-democenter, python-aliyun-python-sdk-devops-rdc, python-aliyun-python-sdk-dms-enterprise, python-aliyun-python-sdk-domain, python-aliyun-python-sdk-domain-intl, python-aliyun-python-sdk-drds, python-aliyun-python-sdk-dts, python-aliyun-python-sdk-dybaseapi, python-aliyun-python-sdk-dyplsapi, python-aliyun-python-sdk-dypnsapi, python-aliyun-python-sdk-dysmsapi, python-aliyun-python-sdk-dyvmsapi, python-aliyun-python-sdk-eas, python-aliyun-python-sdk-eci, python-aliyun-python-sdk-ecs, python-aliyun-python-sdk-edas, python-aliyun-python-sdk-ehpc, python-aliyun-python-sdk-elasticsearch, python-aliyun-python-sdk-emr, python-aliyun-python-sdk-ens, python-aliyun-python-sdk-ess, python-aliyun-python-sdk-faas, python-aliyun-python-sdk-facebody, python-aliyun-python-sdk-fnf, python-aliyun-python-sdk-foas, python-aliyun-python-sdk-ft, python-aliyun-python-sdk-geoip, python-aliyun-python-sdk-goodstech, python-aliyun-python-sdk-gpdb, python-aliyun-python-sdk-green, python-aliyun-python-sdk-gts-phd, python-aliyun-python-sdk-hbase, python-aliyun-python-sdk-hbr, python-aliyun-python-sdk-highddos, python-aliyun-python-sdk-hiknoengine, python-aliyun-python-sdk-hivisengine, python-aliyun-python-sdk-hpc, python-aliyun-python-sdk-hsm, python-aliyun-python-sdk-httpdns, python-aliyun-python-sdk-imageaudit, python-aliyun-python-sdk-imageenhan, python-aliyun-python-sdk-imageprocess, python-aliyun-python-sdk-imagerecog, python-aliyun-python-sdk-imagesearch, python-aliyun-python-sdk-imageseg, python-aliyun-python-sdk-imgsearch, python-aliyun-python-sdk-imm, python-aliyun-python-sdk-industry-brain, python-aliyun-python-sdk-iot, python-aliyun-python-sdk-iqa, python-aliyun-python-sdk-ivision, python-aliyun-python-sdk-ivpd, python-aliyun-python-sdk-jaq, python-aliyun-python-sdk-jarvis, python-aliyun-python-sdk-jarvis-public, python-aliyun-python-sdk-kms, python-aliyun-python-sdk-ledgerdb, python-aliyun-python-sdk-linkedmall, python-aliyun-python-sdk-linkface, python-aliyun-python-sdk-linkwan, python-aliyun-python-sdk-live, python-aliyun-python-sdk-lubancloud, python-aliyun-python-sdk-market, python-aliyun-python-sdk-mopen, python-aliyun-python-sdk-mts, python-aliyun-python-sdk-multimediaai, python-aliyun-python-sdk-nas, python-aliyun-python-sdk-netana, python-aliyun-python-sdk-nlp-automl, python-aliyun-python-sdk-nls-cloud-meta, python-aliyun-python-sdk-objectdet, python-aliyun-python-sdk-ocr, python-aliyun-python-sdk-ocs, python-aliyun-python-sdk-oms, python-aliyun-python-sdk-ons, python-aliyun-python-sdk-onsmqtt, python-aliyun-python-sdk-oos, python-aliyun-python-sdk-openanalytics, python-aliyun-python-sdk-openanalytics-open, python-aliyun-python-sdk-opensearch, python-aliyun-python-sdk-ossadmin, python-aliyun-python-sdk-ots, python-aliyun-python-sdk-outboundbot, python-aliyun-python-sdk-paistudio, python-aliyun-python-sdk-petadata, python-aliyun-python-sdk-polardb, python-aliyun-python-sdk-productcatalog, python-aliyun-python-sdk-pts, python-aliyun-python-sdk-push, python-aliyun-python-sdk-pvtz, python-aliyun-python-sdk-qualitycheck, python-aliyun-python-sdk-quickbi-public, python-aliyun-python-sdk-r-kvstore, python-aliyun-python-sdk-ram, python-aliyun-python-sdk-rdc, python-aliyun-python-sdk-rds, python-aliyun-python-sdk-reid, python-aliyun-python-sdk-resourcemanager, python-aliyun-python-sdk-retailcloud, python-aliyun-python-sdk-risk, python-aliyun-python-sdk-ros, python-aliyun-python-sdk-rtc, python-aliyun-python-sdk-sae, python-aliyun-python-sdk-saf, python-aliyun-python-sdk-sas, python-aliyun-python-sdk-sas-api, python-aliyun-python-sdk-scdn, python-aliyun-python-sdk-schedulerx2, python-aliyun-python-sdk-sddp, python-aliyun-python-sdk-slb, python-aliyun-python-sdk-smartag, python-aliyun-python-sdk-smc, python-aliyun-python-sdk-snsuapi, python-aliyun-python-sdk-status, python-aliyun-python-sdk-sts, python-aliyun-python-sdk-tag, python-aliyun-python-sdk-tesladam, python-aliyun-python-sdk-teslamaxcompute, python-aliyun-python-sdk-teslastream, python-aliyun-python-sdk-trademark, python-aliyun-python-sdk-ubsms, python-aliyun-python-sdk-uis, python-aliyun-python-sdk-unimkt, python-aliyun-python-sdk-vcs, python-aliyun-python-sdk-viapiutils, python-aliyun-python-sdk-videoenhan, python-aliyun-python-sdk-videorecog, python-aliyun-python-sdk-videosearch, python-aliyun-python-sdk-videoseg, python-aliyun-python-sdk-visionai, python-aliyun-python-sdk-visionai-poc, python-aliyun-python-sdk-vod, python-aliyun-python-sdk-voicenavigator, python-aliyun-python-sdk-vpc, python-aliyun-python-sdk-vs, python-aliyun-python-sdk-waf-openapi, python-aliyun-python-sdk-webplus, python-aliyun-python-sdk-welfare-inner, python-aliyun-python-sdk-workorder, python-aliyun-python-sdk-xspace, python-aliyun-python-sdk-xtrace, python-aliyun-python-sdk-yundun, python-aliyun-python-sdk-yundun-ds, python-pycryptodome
Type:        recommended
Severity:    moderate
References:  1175230
This update for python-aliyun-python-sdk, python-aliyun-python-sdk-aas, python-aliyun-python-sdk-acm, python-aliyun-python-sdk-acms-open, python-aliyun-python-sdk-actiontrail, python-aliyun-python-sdk-adb, python-aliyun-python-sdk-address-purification, python-aliyun-python-sdk-aegis, python-aliyun-python-sdk-afs, python-aliyun-python-sdk-airec, python-aliyun-python-sdk-alidns, python-aliyun-python-sdk-aligreen-console, python-aliyun-python-sdk-alimt, python-aliyun-python-sdk-alinlp, python-aliyun-python-sdk-aliyuncvc, python-aliyun-python-sdk-amqp-open, python-aliyun-python-sdk-appmallsservice, python-aliyun-python-sdk-arms, python-aliyun-python-sdk-arms4finance, python-aliyun-python-sdk-baas, python-aliyun-python-sdk-brinekingdom, python-aliyun-python-sdk-bss, python-aliyun-python-sdk-bssopenapi, python-aliyun-python-sdk-cams, python-aliyun-python-sdk-cas, python-aliyun-python-sdk-cassandra, python-aliyun-python-sdk-cbn, python-aliyun-python-sdk-ccc, python-aliyun-python-sdk-ccs, python-aliyun-python-sdk-cdn, python-aliyun-python-sdk-chatbot, python-aliyun-python-sdk-clickhouse, python-aliyun-python-sdk-cloudapi, python-aliyun-python-sdk-cloudauth, python-aliyun-python-sdk-cloudesl, python-aliyun-python-sdk-cloudgame, python-aliyun-python-sdk-cloudmarketing, python-aliyun-python-sdk-cloudphoto, python-aliyun-python-sdk-cloudwf, python-aliyun-python-sdk-cms, python-aliyun-python-sdk-codeup, python-aliyun-python-sdk-companyreg, python-aliyun-python-sdk-core, python-aliyun-python-sdk-cr, python-aliyun-python-sdk-crm, python-aliyun-python-sdk-cs, python-aliyun-python-sdk-csb, python-aliyun-python-sdk-cspro, python-aliyun-python-sdk-cusanalytic_sc_online, python-aliyun-python-sdk-das, python-aliyun-python-sdk-dataworks-public, python-aliyun-python-sdk-dbfs, python-aliyun-python-sdk-dbs, python-aliyun-python-sdk-dcdn, python-aliyun-python-sdk-dds, python-aliyun-python-sdk-democenter, python-aliyun-python-sdk-devops-rdc, python-aliyun-python-sdk-dms-enterprise, python-aliyun-python-sdk-domain, python-aliyun-python-sdk-domain-intl, python-aliyun-python-sdk-drds, python-aliyun-python-sdk-dts, python-aliyun-python-sdk-dybaseapi, python-aliyun-python-sdk-dyplsapi, python-aliyun-python-sdk-dypnsapi, python-aliyun-python-sdk-dysmsapi, python-aliyun-python-sdk-dyvmsapi, python-aliyun-python-sdk-eas, python-aliyun-python-sdk-eci, python-aliyun-python-sdk-ecs, python-aliyun-python-sdk-edas, python-aliyun-python-sdk-ehpc, python-aliyun-python-sdk-elasticsearch, python-aliyun-python-sdk-emr, python-aliyun-python-sdk-ens, python-aliyun-python-sdk-ess, python-aliyun-python-sdk-faas, python-aliyun-python-sdk-facebody, python-aliyun-python-sdk-fnf, python-aliyun-python-sdk-foas, python-aliyun-python-sdk-ft, python-aliyun-python-sdk-geoip, python-aliyun-python-sdk-goodstech, python-aliyun-python-sdk-gpdb, python-aliyun-python-sdk-green, python-aliyun-python-sdk-gts-phd, python-aliyun-python-sdk-hbase, python-aliyun-python-sdk-hbr, python-aliyun-python-sdk-highddos, python-aliyun-python-sdk-hiknoengine, python-aliyun-python-sdk-hivisengine, python-aliyun-python-sdk-hpc, python-aliyun-python-sdk-hsm, python-aliyun-python-sdk-httpdns, python-aliyun-python-sdk-imageaudit, python-aliyun-python-sdk-imageenhan, python-aliyun-python-sdk-imageprocess, python-aliyun-python-sdk-imagerecog, python-aliyun-python-sdk-imagesearch, python-aliyun-python-sdk-imageseg, python-aliyun-python-sdk-imgsearch, python-aliyun-python-sdk-imm, python-aliyun-python-sdk-industry-brain, python-aliyun-python-sdk-iot, python-aliyun-python-sdk-iqa, python-aliyun-python-sdk-ivision, python-aliyun-python-sdk-ivpd, python-aliyun-python-sdk-jaq, python-aliyun-python-sdk-jarvis, python-aliyun-python-sdk-jarvis-public, python-aliyun-python-sdk-kms, python-aliyun-python-sdk-ledgerdb, python-aliyun-python-sdk-linkedmall, python-aliyun-python-sdk-linkface, python-aliyun-python-sdk-linkwan, python-aliyun-python-sdk-live, python-aliyun-python-sdk-lubancloud, python-aliyun-python-sdk-market, python-aliyun-python-sdk-mopen, python-aliyun-python-sdk-mts, python-aliyun-python-sdk-multimediaai, python-aliyun-python-sdk-nas, python-aliyun-python-sdk-netana, python-aliyun-python-sdk-nlp-automl, python-aliyun-python-sdk-nls-cloud-meta, python-aliyun-python-sdk-objectdet, python-aliyun-python-sdk-ocr, python-aliyun-python-sdk-ocs, python-aliyun-python-sdk-oms, python-aliyun-python-sdk-ons, python-aliyun-python-sdk-onsmqtt, python-aliyun-python-sdk-oos, python-aliyun-python-sdk-openanalytics, python-aliyun-python-sdk-openanalytics-open, python-aliyun-python-sdk-opensearch, python-aliyun-python-sdk-ossadmin, python-aliyun-python-sdk-ots, python-aliyun-python-sdk-outboundbot, python-aliyun-python-sdk-paistudio, python-aliyun-python-sdk-petadata, python-aliyun-python-sdk-polardb, python-aliyun-python-sdk-productcatalog, python-aliyun-python-sdk-pts, python-aliyun-python-sdk-push, python-aliyun-python-sdk-pvtz, python-aliyun-python-sdk-qualitycheck, python-aliyun-python-sdk-quickbi-public, python-aliyun-python-sdk-r-kvstore, python-aliyun-python-sdk-ram, python-aliyun-python-sdk-rdc, python-aliyun-python-sdk-rds, python-aliyun-python-sdk-reid, python-aliyun-python-sdk-resourcemanager, python-aliyun-python-sdk-retailcloud, python-aliyun-python-sdk-risk, python-aliyun-python-sdk-ros, python-aliyun-python-sdk-rtc, python-aliyun-python-sdk-sae, python-aliyun-python-sdk-saf, python-aliyun-python-sdk-sas, python-aliyun-python-sdk-sas-api, python-aliyun-python-sdk-scdn, python-aliyun-python-sdk-schedulerx2, python-aliyun-python-sdk-sddp, python-aliyun-python-sdk-slb, python-aliyun-python-sdk-smartag, python-aliyun-python-sdk-smc, python-aliyun-python-sdk-snsuapi, python-aliyun-python-sdk-status, python-aliyun-python-sdk-sts, python-aliyun-python-sdk-tag, python-aliyun-python-sdk-tesladam, python-aliyun-python-sdk-teslamaxcompute, python-aliyun-python-sdk-teslastream, python-aliyun-python-sdk-trademark, python-aliyun-python-sdk-ubsms, python-aliyun-python-sdk-uis, python-aliyun-python-sdk-unimkt, python-aliyun-python-sdk-vcs, python-aliyun-python-sdk-viapiutils, python-aliyun-python-sdk-videoenhan, python-aliyun-python-sdk-videorecog, python-aliyun-python-sdk-videosearch, python-aliyun-python-sdk-videoseg, python-aliyun-python-sdk-visionai, python-aliyun-python-sdk-visionai-poc, python-aliyun-python-sdk-vod, python-aliyun-python-sdk-voicenavigator, python-aliyun-python-sdk-vpc, python-aliyun-python-sdk-vs, python-aliyun-python-sdk-waf-openapi, python-aliyun-python-sdk-webplus, python-aliyun-python-sdk-welfare-inner, python-aliyun-python-sdk-workorder, python-aliyun-python-sdk-xspace, python-aliyun-python-sdk-xtrace, python-aliyun-python-sdk-yundun, python-aliyun-python-sdk-yundun-ds, python-pycryptodome contains the following changes:

Initial shipment for Alibaba Cloud SDK and dependencies. (bsc#1175230, jsc#ECO-2011, jsc#PM-1919)

The following packages are being added:
    python-aliyun-python-sdk-aas
    python-aliyun-python-sdk-acms-open
    python-aliyun-python-sdk-acm
    python-aliyun-python-sdk-actiontrail
    python-aliyun-python-sdk-adb
    python-aliyun-python-sdk-address-purification
    python-aliyun-python-sdk-aegis
    python-aliyun-python-sdk-afs
    python-aliyun-python-sdk-airec
    python-aliyun-python-sdk-alidns
    python-aliyun-python-sdk-aligreen-console
    python-aliyun-python-sdk-alimt
    python-aliyun-python-sdk-alinlp
    python-aliyun-python-sdk-aliyuncvc
    python-aliyun-python-sdk-amqp-open
    python-aliyun-python-sdk-appmallsservice
    python-aliyun-python-sdk-arms4finance
    python-aliyun-python-sdk-arms
    python-aliyun-python-sdk-baas
    python-aliyun-python-sdk-brinekingdom
    python-aliyun-python-sdk-bssopenapi
    python-aliyun-python-sdk-bss
    python-aliyun-python-sdk-cams
    python-aliyun-python-sdk-cassandra
    python-aliyun-python-sdk-cas
    python-aliyun-python-sdk-cbn
    python-aliyun-python-sdk-ccc
    python-aliyun-python-sdk-ccs
    python-aliyun-python-sdk-cdn
    python-aliyun-python-sdk-chatbot
    python-aliyun-python-sdk-clickhouse
    python-aliyun-python-sdk-cloudapi
    python-aliyun-python-sdk-cloudauth
    python-aliyun-python-sdk-cloudesl
    python-aliyun-python-sdk-cloudgame
    python-aliyun-python-sdk-cloudmarketing
    python-aliyun-python-sdk-cloudphoto
    python-aliyun-python-sdk-cloudwf
    python-aliyun-python-sdk-cms
    python-aliyun-python-sdk-codeup
    python-aliyun-python-sdk-companyreg
    python-aliyun-python-sdk-core
    python-aliyun-python-sdk-crm
    python-aliyun-python-sdk-cr
    python-aliyun-python-sdk-csb
    python-aliyun-python-sdk-cspro
    python-aliyun-python-sdk-cs
    python-aliyun-python-sdk-cusanalytic_sc_online
    python-aliyun-python-sdk-das
    python-aliyun-python-sdk-dataworks-public
    python-aliyun-python-sdk-dbfs
    python-aliyun-python-sdk-dbs
    python-aliyun-python-sdk-dcdn
    python-aliyun-python-sdk-dds
    python-aliyun-python-sdk-democenter
    python-aliyun-python-sdk-devops-rdc
    python-aliyun-python-sdk-dms-enterprise
    python-aliyun-python-sdk-domain-intl
    python-aliyun-python-sdk-domain
    python-aliyun-python-sdk-drds
    python-aliyun-python-sdk-dts
    python-aliyun-python-sdk-dybaseapi
    python-aliyun-python-sdk-dyplsapi
    python-aliyun-python-sdk-dypnsapi
    python-aliyun-python-sdk-dysmsapi
    python-aliyun-python-sdk-dyvmsapi
    python-aliyun-python-sdk-eas
    python-aliyun-python-sdk-eci
    python-aliyun-python-sdk-ecs
    python-aliyun-python-sdk-edas
    python-aliyun-python-sdk-ehpc
    python-aliyun-python-sdk-elasticsearch
    python-aliyun-python-sdk-emr
    python-aliyun-python-sdk-ens
    python-aliyun-python-sdk-ess
    python-aliyun-python-sdk-faas
    python-aliyun-python-sdk-facebody
    python-aliyun-python-sdk-fnf
    python-aliyun-python-sdk-foas
    python-aliyun-python-sdk-ft
    python-aliyun-python-sdk-geoip
    python-aliyun-python-sdk-goodstech
    python-aliyun-python-sdk-gpdb
    python-aliyun-python-sdk-green
    python-aliyun-python-sdk-gts-phd
    python-aliyun-python-sdk-hbase
    python-aliyun-python-sdk-hbr
    python-aliyun-python-sdk-highddos
    python-aliyun-python-sdk-hiknoengine
    python-aliyun-python-sdk-hivisengine
    python-aliyun-python-sdk-hpc
    python-aliyun-python-sdk-hsm
    python-aliyun-python-sdk-httpdns
    python-aliyun-python-sdk-imageaudit
    python-aliyun-python-sdk-imageenhan
    python-aliyun-python-sdk-imageprocess
    python-aliyun-python-sdk-imagerecog
    python-aliyun-python-sdk-imagesearch
    python-aliyun-python-sdk-imageseg
    python-aliyun-python-sdk-imgsearch
    python-aliyun-python-sdk-imm
    python-aliyun-python-sdk-industry-brain
    python-aliyun-python-sdk-iot
    python-aliyun-python-sdk-iqa
    python-aliyun-python-sdk-ivision
    python-aliyun-python-sdk-ivpd
    python-aliyun-python-sdk-jaq
    python-aliyun-python-sdk-jarvis-public
    python-aliyun-python-sdk-jarvis
    python-aliyun-python-sdk-kms
    python-aliyun-python-sdk-ledgerdb
    python-aliyun-python-sdk-linkedmall
    python-aliyun-python-sdk-linkface
    python-aliyun-python-sdk-linkwan
    python-aliyun-python-sdk-live
    python-aliyun-python-sdk-lubancloud
    python-aliyun-python-sdk-market
    python-aliyun-python-sdk-mopen
    python-aliyun-python-sdk-mts
    python-aliyun-python-sdk-multimediaai
    python-aliyun-python-sdk-nas
    python-aliyun-python-sdk-netana
    python-aliyun-python-sdk-nlp-automl
    python-aliyun-python-sdk-nls-cloud-meta
    python-aliyun-python-sdk-objectdet
    python-aliyun-python-sdk-ocr
    python-aliyun-python-sdk-ocs
    python-aliyun-python-sdk-oms
    python-aliyun-python-sdk-onsmqtt
    python-aliyun-python-sdk-ons
    python-aliyun-python-sdk-oos
    python-aliyun-python-sdk-openanalytics-open
    python-aliyun-python-sdk-openanalytics
    python-aliyun-python-sdk-opensearch
    python-aliyun-python-sdk-ossadmin
    python-aliyun-python-sdk-ots
    python-aliyun-python-sdk-outboundbot
    python-aliyun-python-sdk-paistudio
    python-aliyun-python-sdk-petadata
    python-aliyun-python-sdk-polardb
    python-aliyun-python-sdk-productcatalog
    python-aliyun-python-sdk-pts
    python-aliyun-python-sdk-push
    python-aliyun-python-sdk-pvtz
    python-aliyun-python-sdk-qualitycheck
    python-aliyun-python-sdk-quickbi-public
    python-aliyun-python-sdk-ram
    python-aliyun-python-sdk-rdc
    python-aliyun-python-sdk-rds
    python-aliyun-python-sdk-reid
    python-aliyun-python-sdk-resourcemanager
    python-aliyun-python-sdk-retailcloud
    python-aliyun-python-sdk-risk
    python-aliyun-python-sdk-r-kvstore
    python-aliyun-python-sdk-ros
    python-aliyun-python-sdk-rtc
    python-aliyun-python-sdk-sae
    python-aliyun-python-sdk-saf
    python-aliyun-python-sdk-sas-api
    python-aliyun-python-sdk-sas
    python-aliyun-python-sdk-scdn
    python-aliyun-python-sdk-schedulerx2
    python-aliyun-python-sdk-sddp
    python-aliyun-python-sdk-slb
    python-aliyun-python-sdk-smartag
    python-aliyun-python-sdk-smc
    python-aliyun-python-sdk-snsuapi
    python-aliyun-python-sdk-status
    python-aliyun-python-sdk-sts
    python-aliyun-python-sdk
    python-aliyun-python-sdk-tag
    python-aliyun-python-sdk-tesladam
    python-aliyun-python-sdk-teslamaxcompute
    python-aliyun-python-sdk-teslastream
    python-aliyun-python-sdk-trademark
    python-aliyun-python-sdk-ubsms
    python-aliyun-python-sdk-uis
    python-aliyun-python-sdk-unimkt
    python-aliyun-python-sdk-vcs
    python-aliyun-python-sdk-viapiutils
    python-aliyun-python-sdk-videoenhan
    python-aliyun-python-sdk-videorecog
    python-aliyun-python-sdk-videosearch
    python-aliyun-python-sdk-videoseg
    python-aliyun-python-sdk-visionai-poc
    python-aliyun-python-sdk-visionai
    python-aliyun-python-sdk-vod
    python-aliyun-python-sdk-voicenavigator
    python-aliyun-python-sdk-vpc
    python-aliyun-python-sdk-vs
    python-aliyun-python-sdk-waf-openapi
    python-aliyun-python-sdk-webplus
    python-aliyun-python-sdk-welfare-inner
    python-aliyun-python-sdk-workorder
    python-aliyun-python-sdk-xspace
    python-aliyun-python-sdk-xtrace
    python-aliyun-python-sdk-yundun-ds
    python-aliyun-python-sdk-yundun
    python-pycryptodome

  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:2951-1
Released:    Fri Oct 16 16:09:38 2020
Summary:     Security update for transfig
Type:        security
Severity:    moderate
References:  1143650,CVE-2019-14275
This update for transfig fixes the following issues:

Security issue fixed:

- CVE-2019-14275: Fixed stack-based buffer overflow in the calc_arrow function (bsc#1143650).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2958-1
Released:    Tue Oct 20 12:24:55 2020
Summary:     Recommended update for procps
Type:        recommended
Severity:    moderate
References:  1158830
This update for procps fixes the following issues:

- Fixes an issue when command 'ps -C' does not allow anymore an argument longer than 15 characters. (bsc#1158830)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:2966-1
Released:    Tue Oct 20 16:03:58 2020
Summary:     Security update for hunspell
Type:        security
Severity:    low
References:  1151867,CVE-2019-16707
This update for hunspell fixes the following issues:

- CVE-2019-16707: Fixed an invalid read in SuggestMgr:leftcommonsubstring (bsc#1151867).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2971-1
Released:    Tue Oct 20 16:41:36 2020
Summary:     Recommended update for shim-susesigned
Type:        recommended
Severity:    moderate
References:  1177315


This update contains changes needed for Common criteria certification.

shim:

* add a temporary shim loader EFI signed by SUSE that contains additional checks of Extended Key Usage for Codesigning (bsc#1177315)

The Common Criteria system role for 15-SP2 was adjusted:

* Configure alternative shim (bsc#1177315)
* Remove curve25519-sha256@libssh.org as it doesn't work in fips mode
* doc: logrotate is started via timer


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2983-1
Released:    Wed Oct 21 15:03:03 2020
Summary:     Recommended update for file
Type:        recommended
Severity:    moderate
References:  1176123
This update for file fixes the following issues:

- Fixes an issue when file displays broken 'ELF' interpreter. (bsc#1176123)  
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2985-1
Released:    Wed Oct 21 15:11:39 2020
Summary:     Recommended update for prometheus-ha_cluster_exporter
Type:        recommended
Severity:    moderate
References:  
This update for prometheus-ha_cluster_exporter fixes the following issues:

- Implement SBD watchdog and 'msgwait' timeout metrics.
- Handle correctly corosync membership parsing with 'qdevice' enabled.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2992-1
Released:    Thu Oct 22 09:10:59 2020
Summary:     Recommended update for prometheus-hanadb_exporter
Type:        recommended
Severity:    moderate
References:  
This update for prometheus-hanadb_exporter fixes the following issue:

Release 0.7.2

- Lookup for `/usr/etc` and  the fallback `/etc` directory for config files.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2994-1
Released:    Thu Oct 22 09:11:50 2020
Summary:     Recommended update for grafana-sap-netweaver-dashboards
Type:        recommended
Severity:    moderate
References:  1177229
This update for grafana-sap-netweaver-dashboards fixes the following issue:

Release 1.0.3
- Add variable for prometheus datasource. (bsc#1177229) 

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:2995-1
Released:    Thu Oct 22 10:03:09 2020
Summary:     Security update for freetype2
Type:        security
Severity:    important
References:  1177914,CVE-2020-15999
This update for freetype2 fixes the following issues:

- CVE-2020-15999: fixed a heap buffer overflow found in the handling of embedded PNG bitmaps (bsc#1177914).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3004-1
Released:    Thu Oct 22 17:44:31 2020
Summary:     Recommended update for python-shaptools, salt-shaptools, habootstrap-formula, saphanabootstrap-formula, sapnwbootstrap-formula
Type:        recommended
Severity:    moderate
References:  1174994,1175709


python-shaptools:

- Fix how HANA database is started and stopped to work in multi host environment. 
  sapcontrol commands are used instead of HDB now. (jsc#SLE-4047)
- Fix issue when secondary registration fails after a successful 'SSFS' files copy process. (bsc#1175709)
  Now the registration return code will be checked in the new call.

salt-shaptools:

- Fix how HANA database is started and stopped to work in multi host environment. 
  sapcontrol commands are used instead of HDB now. (jsc#SLE-4047)

habootstrap-formula:

- Update the prevalidation logic to check for valid sbd entries (jsc#SLE-4047)
- Improve Formula with form description (jsc#SLE-4047)
- Update the SUMA form.yml file and prevalidation state with latest changes in project
- Include the pillar example file in package. (bsc#1174994)
- Fix how HANA database is started and stopped to work in multi host environment. 
  sapcontrol commands are used instead of HDB now. (jsc#SLE-4047)

saphanabootstrap-formula:

- Update the package version after SUMA form update and extraction logic update (jsc#SLE-4047) 
- Fix the hana media extraction and installation logics when using exe archives 
- Update the SUMA hana form metadata, to show hana form under SAP deployment group 
- Update SUMA form.yml file and prevalidation state with latest changes in formula 
- Change the default 'hana_extract_dir' hana media extraction location
- Remove copy of config files for exporters since we use /usr/etc
- Include the pillar example file in package. (bsc#1174994, jsc#SLE-4047)
- Add hana active/active resources to the cluster template
- Change `route_table` by `route_name` to make the variable usage more meaningful
- Add support to extract zip,rar,exe,sar hana media
- This change in non backward compatible. The variable hdbserver_extract_dir is replaced by hana_extract_dir
- Fix provisioning of hanadb_exporter in SLE12, where python3-pip must be always installed.
- Fix how HANA database is started and stopped to work in multi host environment. 
  sapcontrol commands are used instead of HDB now. (jsc#SLE-4047)

sapnwbootstrap-formula:

- Create SUMA form based on latest pillar and formula data (jsc#SLE-4047)
- Implement the differences between ENSA1 and ENSA2 versions
- Add the keepalive configuration changes 
- Include the pillar example file in package. (bsc#1174994, jsc#SLE-4047)
- Add support to extract nw media archives. This change is non backward compatible.
- Remove default swpm installer extract directory and add nw_extract_dir variable to store all extracted NW media
- Fix how HANA database is started and stopped to work in multi host environment. 
  sapcontrol commands are used instead of HDB now. (jsc#SLE-4047)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3007-1
Released:    Thu Oct 22 17:51:48 2020
Summary:     Recommended update for lifecycle-data-sle-module-live-patching
Type:        recommended
Severity:    moderate
References:  1020320
This update for lifecycle-data-sle-module-live-patching fixes the following issues:

- Added data for 4_12_14-150_58, 4_12_14-197_51, 4_12_14-197_56,
  5_3_18-24_12, 5_3_18-24_15. (bsc#1020320)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3012-1
Released:    Thu Oct 22 22:36:57 2020
Summary:     Recommended update for sysstat
Type:        recommended
Severity:    moderate
References:  1174227
This update for sysstat fixes the following issues:

- Fix for an issue when 'iowait' output of 'sar' can also decrement as a result of inaccurate tracking. (bsc#1174227)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3021-1
Released:    Fri Oct 23 14:20:03 2020
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    important
References:  1176756,1177872,CVE-2020-15683,CVE-2020-15969
This update for MozillaFirefox fixes the following issues:

- Firefox Extended Support Release 78.4.0 ESR
  * Fixed: Various stability, functionality, and security fixes MFSA 2020-46 (bsc#1177872, bsc#1176756)
  * CVE-2020-15969 Use-after-free in usersctp
  * CVE-2020-15683 Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4
  * Fixed: Fixed legacy preferences not being properly applied when set via GPO

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3025-1
Released:    Fri Oct 23 15:33:09 2020
Summary:     Recommended update for myspell-dictionaries
Type:        recommended
Severity:    moderate
References:  1176716

This update of myspell-dictionaries provides the following fix:

- Ship the de_AT and de_CH dictionaries to the SLE Basesystem 15-SP2 module. (bsc#1176716)

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2020:3026-1
Released:    Fri Oct 23 15:35:51 2020
Summary:     Optional update for the Public Cloud Module
Type:        optional
Severity:    moderate
References:  

This update adds the Google Cloud Storage packages to the Public Cloud module (jsc#ECO-2398).
The following packages were included:

- python3-grpcio
- python3-protobuf
- python3-google-api-core
- python3-google-cloud-core
- python3-google-cloud-storage
- python3-google-resumable-media
- python3-googleapis-common-protos
- python3-grpcio-gcp
- python3-mock (updated to version 3.0.5)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3041-1
Released:    Tue Oct 27 09:25:30 2020
Summary:     Recommended update for java-1_8_0-ibm
Type:        recommended
Severity:    moderate
References:  1175295
This update for java-1_8_0-ibm fixes the following issues:

- Fix a Java ifix for z15 compression problem. (bsc#1175295)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3046-1
Released:    Tue Oct 27 14:41:21 2020
Summary:     Recommended update for shim-susesigned
Type:        recommended
Severity:    moderate
References:  1177315
This update for shim-susesigned fixes the following issues:

- Fix a buffer use-after-free at the end of the EKU verification in shim-susesigned (bsc#1177315)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3059-1
Released:    Wed Oct 28 06:11:23 2020
Summary:     Recommended update for sysconfig
Type:        recommended
Severity:    moderate
References:  1173391,1176285,1176325
This update for sysconfig fixes the following issues:

- Fix for 'netconfig' to run with a new library including fallback to the previous location. (bsc#1176285)
- Fix for changing content of such files like '/etc/resolv.conf' to avoid linked applications re-read them and unnecessarily re-initializes themselves accordingly. (bsc#1176325)
- Fix for 'chrony helper' calling in background. (bsc#1173391)
- Fix for configuration file by creating a symlink for it to prevent false ownership on the file. (bsc#1159566)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3060-1
Released:    Wed Oct 28 08:09:21 2020
Summary:     Security update for binutils
Type:        security
Severity:    moderate
References:  1126826,1126829,1126831,1140126,1142649,1143609,1153768,1153770,1157755,1160254,1160590,1163333,1163744,CVE-2019-12972,CVE-2019-14250,CVE-2019-14444,CVE-2019-17450,CVE-2019-17451,CVE-2019-9074,CVE-2019-9075,CVE-2019-9077
This update for binutils fixes the following issues:

binutils was updated to version 2.35. (jsc#ECO-2373)

Update to binutils 2.35:

* The assembler can now produce DWARF-5 format line number tables.
* Readelf now has a 'lint' mode to enable extra checks of the files it is processing.
* Readelf will now display '[...]' when it has to truncate a symbol name.  
  The old behaviour - of displaying as many characters as possible, up to
  the 80 column limit - can be restored by the use of the --silent-truncation
  option.
* The linker can now produce a dependency file listing the inputs that it
  has processed, much like the -M -MP option supported by the compiler.

- fix DT_NEEDED order with -flto [bsc#1163744]


Update to binutils 2.34:

* The disassembler (objdump --disassemble) now has an option to
  generate ascii art thats show the arcs between that start and end
  points of control flow instructions.
* The binutils tools now have support for debuginfod.  Debuginfod is a 
  HTTP service for distributing ELF/DWARF debugging information as
  well as source code.  The tools can now connect to debuginfod
  servers in order to download debug information about the files that
  they are processing.
* The assembler and linker now support the generation of ELF format
  files for the Z80 architecture.

- Add new subpackages for libctf and libctf-nobfd.
- Disable LTO due to bsc#1163333.
- Includes fixes for these CVEs:
  bsc#1153768 aka CVE-2019-17451 aka PR25070
  bsc#1153770 aka CVE-2019-17450 aka PR25078

- fix various build fails on aarch64 (PR25210, bsc#1157755).

Update to binutils 2.33.1:

* Adds support for the Arm Scalable Vector Extension version 2
  (SVE2) instructions, the Arm Transactional Memory Extension (TME)
  instructions and the Armv8.1-M Mainline and M-profile Vector
  Extension (MVE) instructions.
* Adds support for the Arm Cortex-A76AE, Cortex-A77 and Cortex-M35P
  processors and the AArch64 Cortex-A34, Cortex-A65, Cortex-A65AE,
  Cortex-A76AE, and Cortex-A77 processors.
* Adds a .float16 directive for both Arm and AArch64 to allow
  encoding of 16-bit floating point literals.
* For MIPS, Add -m[no-]fix-loongson3-llsc option to fix (or not)
  Loongson3 LLSC Errata.  Add a --enable-mips-fix-loongson3-llsc=[yes|no]
  configure time option to set the default behavior. Set the default
  if the configure option is not used to 'no'.
* The Cortex-A53 Erratum 843419 workaround now supports a choice of
  which workaround to use.  The option --fix-cortex-a53-843419 now
  takes an optional argument --fix-cortex-a53-843419[=full|adr|adrp]
  which can be used to force a particular workaround to be used.
  See --help for AArch64 for more details.
* Add support for GNU_PROPERTY_AARCH64_FEATURE_1_BTI and
  GNU_PROPERTY_AARCH64_FEATURE_1_PAC  in ELF GNU program properties
  in the AArch64 ELF linker. 
* Add -z force-bti for AArch64 to enable GNU_PROPERTY_AARCH64_FEATURE_1_BTI
  on output while warning about missing GNU_PROPERTY_AARCH64_FEATURE_1_BTI 
  on inputs and use PLTs protected with BTI.
* Add -z pac-plt for AArch64 to pick PAC enabled PLTs.
* Add --source-comment[=<txt>] option to objdump which if present,
  provides a prefix to source code lines displayed in a disassembly.
* Add --set-section-alignment <section-name>=<power-of-2-align>
  option to objcopy to allow the changing of section alignments.
* Add --verilog-data-width option to objcopy for verilog targets to
  control width of data elements in verilog hex format.
* The separate debug info file options of readelf (--debug-dump=links
  and --debug-dump=follow) and objdump (--dwarf=links and
  --dwarf=follow-links) will now display and/or follow multiple
  links if more than one are present in a file.  (This usually
  happens when gcc's -gsplit-dwarf option is used).
  In addition objdump's --dwarf=follow-links now also affects its
  other display options, so that for example, when combined with
  --syms it will cause the symbol tables in any linked debug info
  files to also be displayed.  In addition when combined with
  --disassemble the --dwarf= follow-links option will ensure that
  any symbol tables in the linked files are read and used when
  disassembling code in the main file.
* Add support for dumping types encoded in the Compact Type Format
  to objdump and readelf.
- Includes fixes for these CVEs:
  bsc#1126826 aka CVE-2019-9077 aka PR1126826
  bsc#1126829 aka CVE-2019-9075 aka PR1126829
  bsc#1126831 aka CVE-2019-9074 aka PR24235
  bsc#1140126 aka CVE-2019-12972 aka PR23405
  bsc#1143609 aka CVE-2019-14444 aka PR24829
  bsc#1142649 aka CVE-2019-14250 aka PR90924

* Add xBPF target
* Fix various problems with DWARF 5 support in gas
* fix nm -B for objects compiled with -flto and -fcommon.

  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3063-1
Released:    Wed Oct 28 08:45:07 2020
Summary:     Recommended update for rubygem-railties-5_1
Type:        recommended
Severity:    moderate
References:  1174315
This update for rubygem-railties-5_1 fixes the following issue:

- Fix rubygems dependencies for puma update and respect older version. (bnc#1174315)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3068-1
Released:    Wed Oct 28 11:46:10 2020
Summary:     Security update for tomcat
Type:        security
Severity:    moderate
References:  1177582,CVE-2020-13943
This update for tomcat fixes the following issues:

- CVE-2020-13943: Fixed HTTP/2 Request mix-up (bsc#1177582)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3074-1
Released:    Thu Oct 29 08:27:49 2020
Summary:     Recommended update for certification-sles-eal4
Type:        recommended
Severity:    moderate
References:  1178169
This update for certification-sles-eal4 fixes the following issues:

* Fixed typo in the CC system role (bsc#1178169)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3091-1
Released:    Thu Oct 29 16:35:37 2020
Summary:     Security update for MozillaThunderbird and mozilla-nspr
Type:        security
Severity:    important
References:  1174230,1176384,1176756,1176899,1177977,CVE-2020-15673,CVE-2020-15676,CVE-2020-15677,CVE-2020-15678,CVE-2020-15683,CVE-2020-15969
This update for MozillaThunderbird and mozilla-nspr fixes the following issues:

- Mozilla Thunderbird 78.4
  * new: MailExtensions: browser.tabs.sendMessage API added
  * new: MailExtensions: messageDisplayScripts API added
  * changed: Yahoo and AOL mail users using password authentication will be migrated to OAuth2
  * changed: MailExtensions: messageDisplay APIs extended to support multiple selected messages
  * changed: MailExtensions: compose.begin functions now support creating a message with attachments
  * fixed: Thunderbird could freeze when updating global search index
  * fixed: Multiple issues with handling of self-signed SSL certificates addressed
  * fixed: Recipient address fields in compose window could expand to fill all available space
  * fixed: Inserting emoji characters in message compose window caused unexpected behavior
  * fixed: Button to restore default folder icon color was not keyboard accessible
  * fixed: Various keyboard navigation fixes
  * fixed: Various color-related theme fixes
  * fixed: MailExtensions: Updating attachments with onBeforeSend.addListener() did not work
  MFSA 2020-47 (bsc#1177977)
  * CVE-2020-15969 Use-after-free in usersctp
  * CVE-2020-15683 Memory safety bugs fixed in Thunderbird 78.4
- Mozilla Thunderbird 78.3.3
  * OpenPGP: Improved support for encrypting with subkeys
  * OpenPGP message status icons were not visible in message header pane
  * Creating a new calendar event did not require an event title
- Mozilla Thunderbird 78.3.2 (bsc#1176899)
  * OpenPGP: Improved support for encrypting with subkeys
  * OpenPGP: Encrypted messages with international characters were sometimes displayed incorrectly
  * Single-click deletion of recipient pills with middle mouse button restored
  * Searching an address book list did not display results
  * Dark mode, high contrast, and Windows theming fixes
- Mozilla Thunderbird 78.3.1
  * fix crash in nsImapProtocol::CreateNewLineFromSocket
- Mozilla Thunderbird 78.3.0
  MFSA 2020-44 (bsc#1176756)
  * CVE-2020-15677 Download origin spoofing via redirect
  * CVE-2020-15676 XSS when pasting attacker-controlled data into a contenteditable element
  * CVE-2020-15678 When recursing through layers while scrolling, an iterator may have become invalid, resulting in a potential use-after- free scenario
  * CVE-2020-15673 Memory safety bugs fixed in Thunderbird 78.3

- update mozilla-nspr to version 4.25.1
  * The macOS platform code for shared library loading was
    changed to support macOS 11.
  * Dependency needed for the MozillaThunderbird udpate

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3099-1
Released:    Thu Oct 29 19:33:41 2020
Summary:     Recommended update for timezone
Type:        recommended
Severity:    moderate
References:  1177460
This update for timezone fixes the following issues:

- timezone update 2020b (bsc#1177460)
  * Revised predictions for Morocco's changes starting in 2023.
  * Canada's Yukon changes to -07 on 2020-11-01, not 2020-03-08.
  * Macquarie Island has stayed in sync with Tasmania since 2011.
  * Casey, Antarctica is at +08 in winter and +11 in summer.
  * zic no longer supports -y, nor the TYPE field of Rules.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3101-1
Released:    Thu Oct 29 19:35:22 2020
Summary:     Recommended update for p7zip
Type:        recommended
Severity:    moderate
References:  1177648
This update for p7zip provides the following fix:

- Add p7zip-full to SLE-Module-Basesystem 15-SP2 to fix building RPM packages
  that have 7z source files. (bsc#1177648)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3116-1
Released:    Mon Nov  2 13:45:14 2020
Summary:     Recommended update for dash
Type:        recommended
Severity:    moderate
References:  1160260,1177691
This update for dash fixes the following issues:

- Update to version 0.5.11.2 (bsc#1177691)
  * Add -fcommon to %optflags (bsc#1160260)
  * Fix a pathname expansion bug in dash (bsc#1177691)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3123-1
Released:    Tue Nov  3 09:48:13 2020
Summary:     Recommended update for timezone
Type:        recommended
Severity:    important
References:  1177460,1178346,1178350,1178353
This update for timezone fixes the following issues:

- Generate 'fat' timezone files (was default before 2020b). (bsc#1178346, bsc#1178350, bsc#1178353)
- Palestine ends DST earlier than predicted, on 2020-10-24. (bsc#1177460)
- Fiji starts DST later than usual, on 2020-12-20. (bsc#1177460)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3148-1
Released:    Wed Nov  4 11:04:22 2020
Summary:     Recommended update for dbxtool
Type:        recommended
Severity:    moderate
References:  
This update for dbxtool fixes the following issues:

dbxtool version 8 is included in SUSE Linux Enterprise. (jsc#ECO-2560 jsc#PM-2042 jsc#SLE-16062)

This contains the dbxtool for handling and storing the UEFI DBX database,
to deploy deny lists of UEFI binaries e.g. in regards to the BootHole security
issue.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3152-1
Released:    Wed Nov  4 11:07:07 2020
Summary:     Security update for apache-commons-httpclient
Type:        security
Severity:    important
References:  1178171,945190,CVE-2014-3577,CVE-2015-5262
This update for apache-commons-httpclient fixes the following issues:

- http/conn/ssl/SSLConnectionSocketFactory.java ignores the
    http.socket.timeout configuration setting during an SSL handshake,
    which allows remote attackers to cause a denial of service (HTTPS
    call hang) via unspecified vectors. [bsc#945190, CVE-2015-5262]
- org.apache.http.conn.ssl.AbstractVerifier does not properly
    verify that the server hostname matches a domain name in the
    subject's Common Name (CN) or subjectAltName field of the X.509
    certificate, which allows MITM attackers to spoof SSL servers
    via a 'CN=' string in a field in the distinguished name (DN)
    of a certificate. [bsc#1178171, CVE-2014-3577]

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3157-1
Released:    Wed Nov  4 15:37:05 2020
Summary:     Recommended update for ca-certificates-mozilla
Type:        recommended
Severity:    moderate
References:  1177864
This update for ca-certificates-mozilla fixes the following issues:

The SSL Root CA store was updated to the 2.44 state of the Mozilla NSS Certificate store (bsc#1177864)

- Removed CAs:

  - EE Certification Centre Root CA
  - Taiwan GRCA

- Added CAs:

  - Trustwave Global Certification Authority
  - Trustwave Global ECC P256 Certification Authority
  - Trustwave Global ECC P384 Certification Authority

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3166-1
Released:    Thu Nov  5 10:37:34 2020
Summary:     Security update for wireshark
Type:        security
Severity:    moderate
References:  1175204,1176908,1176909,1176910,CVE-2020-17498,CVE-2020-25862,CVE-2020-25863,CVE-2020-25866
This update for wireshark fixes the following issues:

- Update to wireshark 3.2.7:
  * CVE-2020-25863: MIME Multipart dissector crash (bsc#1176908)
  * CVE-2020-25862: TCP dissector crash (bsc#1176909)
  * CVE-2020-25866: BLIP dissector crash (bsc#1176910)
  * CVE-2020-17498: Kafka dissector crash (bsc#1175204)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3248-1
Released:    Fri Nov  6 17:02:05 2020
Summary:     Recommended update for SUSE Manager Client Tools
Type:        recommended
Severity:    moderate
References:  1167907,1169664

This update fixes the following issues:

dracut-saltboot:

- Support autosign grains in saltboot intrd

grafana:

- Update to version 7.1.5:
  * Features / Enhancements
    - Stats: Stop counting the same user multiple times.
    - Field overrides: Filter by field name using regex.
    - AzureMonitor: map more units.
    - Explore: Don't run queries on datasource change.
    - Graph: Support setting field unit & override data source (automatic) unit.
    - Explore: Unification of logs/metrics/traces user interface
    - Table: JSON Cell should try to convert strings to JSON
    - Variables: enables cancel for slow query variables queries. 
    - TimeZone: unify the time zone pickers to one that can rule them all.
    - Search: support URL query params.
    - Grafana-UI: Add FileUpload.
    - TablePanel: Sort numbers correctly.
  * Bug fixes
    - Alerting: remove LongToWide call in alerting.
    - AzureMonitor: fix panic introduced in 7.1.4 when unit was unspecified and alias was used. 
    - Variables: Fixes issue with All variable not being resolved.
    - Templating: Fixes so texts show in picker not the values.
    - Templating: Templating: Fix undefined result when using raw interpolation format
    - TextPanel: Fix content overflowing panel boundaries. 
    - StatPanel: Fix stat panel display name not showing when explicitly set.
    - Query history: Fix search filtering if null value.
    - Flux: Ensure connections to InfluxDB are closed.
    - Dashboard: Fix for viewer can enter panel edit mode by modifying url (but cannot not save anything).
    - Prometheus: Fix prom links in mixed mode.
    - Sign In Use correct url for the Sign In button.
    - StatPanel: Fixes issue with name showing for single series / field results
    - BarGauge: Fix space bug in single series mode.
    - Auth: Fix POST request failures with anonymous access
    - Templating: Fix recursive loop of template variable queries when changing ad-hoc-variable
    - Templating: Fixed recursive queries triggered when switching dashboard settings view
    - GraphPanel: Fix annotations overflowing panels.
    - Prometheus: Fix performance issue in processing of histogram labels.
    - Datasources: Handle URL parsing error.
    - Security: Use Header.Set and Header.Del for X-Grafana-User header.
  * Changes in spec file
    - Fix golang version = 1.14 to avoid dependency conflicts on some OBS projects

grafana-ha-cluster-dashboards:

- Add the package to the SUSE Manager Client Tools 12 channels.

grafana-sap-hana-dashboards:

- Add the package to the SUSE Manager Client Tools 12 channels.

grafana-sap-netweaver-dashboards:

- Add the package to the SUSE Manager Client Tools 12 channels.

grafana-sap-providers:

- Add the package to the SUSE Manager Client Tools 12 channels.

mgr-daemon:

- Update translation strings

spacecmd:

- Python3 fixes for errata in spacecmd (bsc#1169664)
- Added support for i18n of user-facing strings
- Python3 fix for sorted usage (bsc#1167907)

spacewalk-client-tools:

- Remove RH references in Python/Ruby localization and use the product name instead


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3261-1
Released:    Tue Nov 10 09:45:30 2020
Summary:     Security update for SDL
Type:        security
Severity:    moderate
References:  1141844,CVE-2019-13616
This update for SDL fixes the following issues:

Security issue fixed:

- CVE-2019-13616: Fixed heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit (bsc#1141844).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3264-1
Released:    Tue Nov 10 09:50:29 2020
Summary:     Security update for zeromq
Type:        security
Severity:    moderate
References:  1176116,1176256,1176257,1176258,1176259,CVE-2020-15166
This update for zeromq fixes the following issues:

- CVE-2020-15166: Fixed the possibility of unauthenticated clients causing a denial-of-service (bsc#1176116).
- Fixed a heap overflow when receiving malformed ZMTP v1 packets (bsc#1176256)
- Fixed a memory leak in client induced by malicious server(s) without CURVE/ZAP (bsc#1176257)
- Fixed memory leak when processing PUB messages with metadata (bsc#1176259)
- Fixed a stack overflow in PUB/XPUB subscription store (bsc#1176258)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3269-1
Released:    Tue Nov 10 15:57:24 2020
Summary:     Security update for python-waitress
Type:        security
Severity:    moderate
References:  1160790,1161088,1161089,1161670,CVE-2019-16785,CVE-2019-16786,CVE-2019-16789,CVE-2019-16792
This update for python-waitress to 1.4.3 fixes the following security issues:

- CVE-2019-16785: HTTP request smuggling through LF vs CRLF handling (bsc#1161088).
- CVE-2019-16786: HTTP request smuggling through invalid Transfer-Encoding (bsc#1161089).
- CVE-2019-16789: HTTP request smuggling through invalid whitespace characters (bsc#1160790).
- CVE-2019-16792: HTTP request smuggling by sending the Content-Length header twice (bsc#1161670).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3271-1
Released:    Tue Nov 10 19:05:17 2020
Summary:     Security update for ucode-intel
Type:        security
Severity:    moderate
References:  1170446,1173594,CVE-2020-8695,CVE-2020-8698
This update for ucode-intel fixes the following issues:

- Intel CPU Microcode updated to 20201027 pre-release 
- CVE-2020-8695: Fixed Intel RAPL sidechannel attack (SGX) (bsc#1170446)
- CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 (bsc#1173594)

  # New Platforms:
  | Processor      | Stepping | F-M-S/PI    | Old Ver  | New Ver  | Products
  |:---------------|:---------|:------------|:---------|:---------|:---------
  | TGL            | B1       | 06-8c-01/80 |          | 00000068 | Core Gen11 Mobile
  | CPX-SP         | A1       | 06-55-0b/bf |          | 0700001e | Xeon Scalable Gen3
  | CML-H          | R1       | 06-a5-02/20 |          | 000000e0 | Core Gen10 Mobile
  | CML-S62        | G1       | 06-a5-03/22 |          | 000000e0 | Core Gen10
  | CML-S102       | Q0       | 06-a5-05/22 |          | 000000e0 | Core Gen10 
  | CML-U62 V2     | K0       | 06-a6-01/80 |          | 000000e0 | Core Gen10 Mobile
  # Updated Platforms:
  | Processor      | Stepping | F-M-S/PI    | Old Ver  | New Ver  | Products
  |:---------------|:---------|:------------|:---------|:---------|:---------
  | GKL-R          | R0       | 06-7a-08/01 | 00000016 | 00000018 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120
  | SKL-U/Y        | D0       | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile
  | SKL-U23e       | K1       | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile
  | APL            | D0       | 06-5c-09/03 | 00000038 | 00000040 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx
  | APL            | E0       | 06-5c-0a/03 | 00000016 | 0000001e | Atom x5-E39xx
  | SKL-H/S        | R0/N0    | 06-5e-03/36 | 000000d6 | 000000e2 | Core Gen6; Xeon E3 v5
  | HSX-E/EP       | Cx/M1    | 06-3f-02/6f | 00000043 | 00000044 | Core Gen4 X series; Xeon E5 v3
  | SKX-SP         | B1       | 06-55-03/97 | 01000157 | 01000159 | Xeon Scalable
  | SKX-SP         | H0/M0/U0 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon Scalable
  | SKX-D          | M1       | 06-55-04/b7 | 02006906 | 02006a08 | Xeon D-21xx
  | CLX-SP         | B0       | 06-55-06/bf | 04002f01 | 04003003 | Xeon Scalable Gen2
  | CLX-SP         | B1       | 06-55-07/bf | 05002f01 | 05003003 | Xeon Scalable Gen2
  | ICL-U/Y        | D1       | 06-7e-05/80 | 00000078 | 000000a0 | Core Gen10 Mobile
  | AML-Y22        | H0       | 06-8e-09/10 | 000000d6 | 000000de | Core Gen8 Mobile
  | KBL-U/Y        | H0       | 06-8e-09/c0 | 000000d6 | 000000de | Core Gen7 Mobile
  | CFL-U43e       | D0       | 06-8e-0a/c0 | 000000d6 | 000000e0 | Core Gen8 Mobile
  | WHL-U          | W0       | 06-8e-0b/d0 | 000000d6 | 000000de | Core Gen8 Mobile
  | AML-Y42        | V0       | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile
  | CML-Y42        | V0       | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile
  | WHL-U          | V0       | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen8 Mobile
  | KBL-G/H/S/E3   | B0       | 06-9e-09/2a | 000000d6 | 000000de | Core Gen7; Xeon E3 v6
  | CFL-H/S/E3     | U0       | 06-9e-0a/22 | 000000d6 | 000000de | Core Gen8 Desktop, Mobile, Xeon E
  | CFL-S          | B0       | 06-9e-0b/02 | 000000d6 | 000000de | Core Gen8
  | CFL-H/S        | P0       | 06-9e-0c/22 | 000000d6 | 000000de | Core Gen9
  | CFL-H          | R0       | 06-9e-0d/22 | 000000d6 | 000000de | Core Gen9 Mobile
  | CML-U62        | A0       | 06-a6-00/80 | 000000ca | 000000e0 | Core Gen10 Mobile

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3277-1
Released:    Wed Nov 11 09:06:52 2020
Summary:     Recommended update for google-osconfig-agent
Type:        recommended
Severity:    moderate
References:  1176427,1178249
This update for google-osconfig-agent fixes the following issues:

This update ships the google-osconfig-agent in version 20200929.00 (bsc#1176427, bsc#1178249, jsc#ECO-2702, jsc#PM-2203)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3308-1
Released:    Thu Nov 12 14:20:07 2020
Summary:     Recommended update for sysstat
Type:        recommended
Severity:    moderate
References:  1177747
This update for sysstat fixes the following issues:

- Fix iostat switch '-y' to display the correct results. (bsc#1177747)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3312-1
Released:    Thu Nov 12 16:05:57 2020
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    important
References:  1178588,CVE-2020-26950
This update for MozillaFirefox fixes the following issues:

- Firefox Extended Support Release 78.4.1 ESR
  * Fixed: Security fix
  MFSA 2020-49 (bsc#1178588)
  * CVE-2020-26950 (bmo#1675905)
    Write side effects in MCallGetProperty opcode not accounted
    for

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3317-1
Released:    Fri Nov 13 08:53:23 2020
Summary:     Recommended update for SAPHanaSR-ScaleOut
Type:        recommended
Severity:    moderate
References:  1144729,1174610,1176330
This update for SAPHanaSR-ScaleOut fixes the following issues:

- adapt man page SAPHanaSR-showAttr(8) and the README. (bsc#1144729)
- Fixed an issue when takeover in maintenance mode master node still has PROMOTED status. (bsc#1176330)
- Score of secondary in takeover phase increased from 122 to 145 to avoid promotion of former primary masternameserver candidates. (bsc#1174610)
- Fixed typos and improved descriptions in comments.
- Change default timeouts and intervals to match the official recommendations.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3321-1
Released:    Fri Nov 13 13:16:01 2020
Summary:     Recommended update for rpmlint
Type:        recommended
Severity:    moderate
References:  1176676,1177684
This update for rpmlint fixes the following issues:

- Backported systemd portable1 D-Bus whitelisting (bsc#1176676).
- Backporsted pam_pwquality whitelisting for PackageHub (bsc#1177684).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3323-1
Released:    Fri Nov 13 15:25:55 2020
Summary:     Recommended update for cloud-init
Type:        recommended
Severity:    moderate
References:  1174443,1174444,1177526
This update for cloud-init contains the following fixes:

+ Avoid exception if no gateway information is present and warning
  is triggered for existing routing. (bsc#1177526)

Update to version 20.2 (bsc#1174443, bsc#1174444)

  + doc/format: reference make-mime.py instead of an inline script (#334)
  + Add docs about  creating parent folders (#330) [Adrian Wilkins]
  + DataSourceNoCloud/OVF: drop claim to support FTP (#333) (LP: #1875470)
  + schema: ignore spurious pylint error (#332)
  + schema: add json schema for write_files module (#152)
  + BSD: find_devs_with_ refactoring (#298) [Gonéri Le Bouder]
  + nocloud: drop work around for Linux 2.6 (#324) [Gonéri Le Bouder]
  + cloudinit: drop dependencies on unittest2 and contextlib2 (#322)
  + distros: handle a potential mirror filtering error case (#328)
  + log: remove unnecessary import fallback logic (#327)
  + .travis.yml: don't run integration test on ubuntu/* branches (#321)
  + More unit test documentation (#314)
  + conftest: introduce disable_subp_usage autouse fixture (#304)
  + YAML align indent sizes for docs readability  (#323) [Tak Nishigori]
  + network_state: add missing space to log message (#325)
  + tests: add missing mocks for get_interfaces_by_mac (#326) (LP: #1873910)
  + test_mounts: expand happy path test for both happy paths (#319)
  + cc_mounts: fix incorrect format specifiers (#316) (LP: #1872836)
  + swap file 'size' being used before checked if str (#315) [Eduardo Otubo]
  + HACKING.rst: add pytest version gotchas section (#311)
  + docs: Add steps to re-run cloud-id and cloud-init (#313) [Joshua Powers]
  + readme: OpenBSD is now supported (#309) [Gonéri Le Bouder]
  + net: ignore 'renderer' key in netplan config (#306) (LP: #1870421)
  + Add support for NFS/EFS mounts (#300) [Andrew Beresford] (LP: #1870370)
  + openbsd: set_passwd should not unlock user (#289) [Gonéri Le Bouder]
  + tools/.github-cla-signers: add beezly as CLA signer (#301)
  + util: remove unnecessary lru_cache import fallback (#299)
  + HACKING.rst: reorganise/update CLA signature info (#297)
  + distros: drop leading/trailing hyphens from mirror URL labels (#296)
  + HACKING.rst: add note about variable annotations (#295)
  + CiTestCase: stop using and remove sys_exit helper (#283)
  + distros: replace invalid characters in mirror URLs with hyphens (#291)
    (LP: #1868232)
  + rbxcloud: gracefully handle arping errors (#262) [Adam Dobrawy]
  + Fix cloud-init ignoring some misdeclared mimetypes in user-data.
    [Kurt Garloff]
  + net: ubuntu focal prioritize netplan over eni even if both present
    (#267) (LP: #1867029)
  + cloudinit: refactor util.is_ipv4 to net.is_ipv4_address (#292)
  + net/cmdline: replace type comments with annotations (#294)
  + HACKING.rst: add Type Annotations design section (#293)
  + net: introduce is_ip_address function (#288)
  + CiTestCase: remove now-unneeded parse_and_read helper method (#286)
  + .travis.yml: allow 30 minutes of inactivity in cloud tests (#287)
  + sources/tests/test_init: drop use of deprecated inspect.getargspec (#285)
  + setup.py: drop NIH check_output implementation (#282)
  + Identify SAP Converged Cloud as OpenStack [Silvio Knizek]
  + add Openbsd support (#147) [Gonéri Le Bouder]
  + HACKING.rst: add examples of the two test class types (#278)
  + VMWware: support to update guest info gc status if enabled (#261)
    [xiaofengw-vmware]
  + Add lp-to-git mapping for kgarloff (#279)
  + set_passwords: avoid chpasswd on BSD (#268) [Gonéri Le Bouder]
  + HACKING.rst: add Unit Testing design section (#277)
  + util: read_cc_from_cmdline handle urlencoded yaml content (#275)
  + distros/tests/test_init: add tests for _get_package_mirror_info (#272)
  + HACKING.rst: add links to new Code Review Process doc (#276)
  + freebsd: ensure package update works (#273) [Gonéri Le Bouder]
  + doc: introduce Code Review Process documentation (#160)
  + tools: use python3 (#274)
  + cc_disk_setup: fix RuntimeError (#270) (LP: #1868327)
  + cc_apt_configure/util: combine search_for_mirror implementations (#271)
  + bsd: boottime does not depend on the libc soname (#269)
    [Gonéri Le Bouder]
  + test_oracle,DataSourceOracle: sort imports (#266)
  + DataSourceOracle: update .network_config docstring (#257)
  + cloudinit/tests: remove unneeded with_logs configuration (#263)
  + .travis.yml: drop stale comment (#255)
  + .gitignore: add more common directories (#258)
  + ec2: render network on all NICs and add secondary IPs as static (#114)
    (LP: #1866930)
  + ec2 json validation: fix the reference to the 'merged_cfg' key (#256)
    [Paride Legovini]
  + releases.yaml: quote the Ubuntu version numbers (#254) [Paride Legovini]
  + cloudinit: remove six from packaging/tooling (#253)
  + util/netbsd: drop six usage (#252)
  + workflows: introduce stale pull request workflow (#125)
  + cc_resolv_conf: introduce tests and stabilise output across Python
    versions (#251)
  + fix minor issue with resolv_conf template (#144) [andreaf74]
  + doc: CloudInit also support NetBSD (#250) [Gonéri Le Bouder]
  + Add Netbsd support (#62) [Gonéri Le Bouder]
  + tox.ini: avoid substition syntax that causes a traceback on xenial (#245)
  + Add pub_key_ed25519 to cc_phone_home (#237) [Daniel Hensby]
  + Introduce and use of a list of GitHub usernames that have signed CLA
    (#244)
  + workflows/cla.yml: use correct username for CLA check (#243)
  + tox.ini: use xenial version of jsonpatch in CI (#242)
  + workflows: CLA validation altered to fail status on pull_request (#164)
  + tox.ini: bump pyflakes version to 2.1.1 (#239)
  + cloudinit: move to pytest for running tests (#211)
  + instance-data: add cloud-init merged_cfg and sys_info keys to json
    (#214) (LP: #1865969)
  + ec2: Do not fallback to IMDSv1 on EC2 (#216)
  + instance-data: write redacted cfg to instance-data.json (#233)
    (LP: #1865947)
  + net: support network-config:disabled on the kernel commandline (#232)
    (LP: #1862702)
  + ec2: only redact token request headers in logs, avoid altering request
    (#230) (LP: #1865882)
  + docs: typo fixed: dta → data [Alexey Vazhnov]
  + Fixes typo on Amazon Web Services (#217) [Nick Wales]
  + Fix docs for OpenStack DMI Asset Tag (#228)
    [Mark T. Voelker] (LP: #1669875)
  + Add physical network type: cascading to openstack helpers (#200)
    [sab-systems]
  + tests: add focal integration tests for ubuntu (#225)
- From 20.1 (first vesrion after 19.4)
  + ec2: Do not log IMDSv2 token values, instead use REDACTED (#219)
    (LP: #1863943)
  + utils: use SystemRandom when generating random password. (#204)
    [Dimitri John Ledkov]
  + docs: mount_default_files is a list of 6 items, not 7 (#212)
  + azurecloud: fix issues with instances not starting (#205) (LP: #1861921)
  + unittest: fix stderr leak in cc_set_password random unittest
    output. (#208)
  + cc_disk_setup: add swap filesystem force flag (#207)
  + import sysvinit patches from freebsd-ports tree (#161) [Igor Galić]
  + docs: fix typo (#195) [Edwin Kofler]
  + sysconfig: distro-specific config rendering for BOOTPROTO option (#162)
    [Robert Schweikert] (LP: #1800854)
  + cloudinit: replace 'from six import X' imports (except in util.py) (#183)
  + run-container: use 'test -n' instead of 'test ! -z' (#202)
    [Paride Legovini]
  + net/cmdline: correctly handle static ip= config (#201)
    [Dimitri John Ledkov] (LP: #1861412)
  + Replace mock library with unittest.mock (#186)
  + HACKING.rst: update CLA link (#199)
  + Scaleway: Fix DatasourceScaleway to avoid backtrace (#128)
    [Louis Bouchard]
  + cloudinit/cmd/devel/net_convert.py: add missing space (#191)
  + tools/run-container: drop support for python2 (#192) [Paride Legovini]
  + Print ssh key fingerprints using sha256 hash (#188) (LP: #1860789)
  + Make the RPM build use Python 3 (#190) [Paride Legovini]
  + cc_set_password: increase random pwlength from 9 to 20 (#189)
    (LP: #1860795)
  + .travis.yml: use correct Python version for xenial tests (#185)
  + cloudinit: remove ImportError handling for mock imports (#182)
  + Do not use fallocate in swap file creation on xfs. (#70)
    [Eduardo Otubo] (LP: #1781781)
  + .readthedocs.yaml: install cloud-init when building docs (#181)
    (LP: #1860450)
  + Introduce an RTD config file, and pin the Sphinx version to the RTD
    default (#180)
  + Drop most of the remaining use of six (#179)
  + Start removing dependency on six (#178)
  + Add Rootbox & HyperOne to list of cloud in README (#176) [Adam Dobrawy]
  + docs: add proposed SRU testing procedure (#167)
  + util: rename get_architecture to get_dpkg_architecture (#173)
  + Ensure util.get_architecture() runs only once (#172)
  + Only use gpart if it is the BSD gpart (#131) [Conrad Hoffmann]
  + freebsd: remove superflu exception mapping (#166) [Gonéri Le Bouder]
  + ssh_auth_key_fingerprints_disable test: fix capitalization (#165)
    [Paride Legovini]
  + util: move uptime's else branch into its own boottime function (#53)
    [Igor Galić] (LP: #1853160)
  + workflows: add contributor license agreement checker (#155)
  + net: fix rendering of 'static6' in network config (#77) (LP: #1850988)
  + Make tests work with Python 3.8 (#139) [Conrad Hoffmann]
  + fixed minor bug with mkswap in cc_disk_setup.py (#143) [andreaf74]
  + freebsd: fix create_group() cmd (#146) [Gonéri Le Bouder]
  + doc: make apt_update example consistent (#154)
  + doc: add modules page toc with links (#153) (LP: #1852456)
  + Add support for the amazon variant in cloud.cfg.tmpl (#119)
    [Frederick Lefebvre]
  + ci: remove Python 2.7 from CI runs (#137)
  + modules: drop cc_snap_config config module (#134)
  + migrate-lp-user-to-github: ensure Launchpad repo exists (#136)
  + docs: add initial troubleshooting to FAQ (#104) [Joshua Powers]
  + doc: update cc_set_hostname frequency and descrip (#109)
    [Joshua Powers] (LP: #1827021)
  + freebsd: introduce the freebsd renderer (#61) [Gonéri Le Bouder]
  + cc_snappy: remove deprecated module (#127)
  + HACKING.rst: clarify that everyone needs to do the LP->GH dance (#130)
  + freebsd: cloudinit service requires devd (#132) [Gonéri Le Bouder]
  + cloud-init: fix capitalisation of SSH (#126)
  + doc: update cc_ssh clarify host and auth keys
    [Joshua Powers] (LP: #1827021)
  + ci: emit names of tests run in Travis (#120)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3327-1
Released:    Sat Nov 14 07:22:33 2020
Summary:     Recommended update for sap-suse-cluster-connector
Type:        recommended
Severity:    moderate
References:  1136933,1166647,1177507
This update for sap-suse-cluster-connector fixes the following issues:

- Add new cluster action names according to the documentation that leads out the old action names. (bsc#1166647)
- Support the output format of different versions of the command '/usr/sbin/crm_simulate'. (bsc#1177507)
- Remove unused and outdated /etc/sap_suse_cluster_connector file. (bsc#1136933)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3338-1
Released:    Mon Nov 16 13:11:28 2020
Summary:     Recommended update for prometheus-hanadb_exporter
Type:        recommended
Severity:    moderate
References:  1178339
This update for prometheus-hanadb_exporter fixes the following issues:

- Fix using systemd macros in spec file. (bsc#1178339)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3352-1
Released:    Tue Nov 17 09:31:48 2020
Summary:     Security update for raptor
Type:        security
Severity:    important
References:  1178593,CVE-2017-18926
This update for raptor fixes the following issues:

- Fixed a heap overflow vulnerability (bsc#1178593, CVE-2017-18926).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3359-1
Released:    Tue Nov 17 13:18:30 2020
Summary:     Security update for java-11-openjdk
Type:        security
Severity:    moderate
References:  1177943,CVE-2020-14779,CVE-2020-14781,CVE-2020-14782,CVE-2020-14792,CVE-2020-14796,CVE-2020-14797,CVE-2020-14798,CVE-2020-14803
This update for java-11-openjdk fixes the following issues:

- Update to upstream tag jdk-11.0.9-11 (October 2020 CPU,
  bsc#1177943)
  * New features
    + JDK-8250784: Shenandoah: A Low-Pause-Time Garbage Collector
  * Security fixes
    + JDK-8233624: Enhance JNI linkage
    + JDK-8236196: Improve string pooling
    + JDK-8236862, CVE-2020-14779: Enhance support of Proxy class
    + JDK-8237990, CVE-2020-14781: Enhanced LDAP contexts
    + JDK-8237995, CVE-2020-14782: Enhance certificate processing
    + JDK-8240124: Better VM Interning
    + JDK-8241114, CVE-2020-14792: Better range handling
    + JDK-8242680, CVE-2020-14796: Improved URI Support
    + JDK-8242685, CVE-2020-14797: Better Path Validation
    + JDK-8242695, CVE-2020-14798: Enhanced buffer support
    + JDK-8243302: Advanced class supports
    + JDK-8244136, CVE-2020-14803: Improved Buffer supports
    + JDK-8244479: Further constrain certificates
    + JDK-8244955: Additional Fix for JDK-8240124
    + JDK-8245407: Enhance zoning of times
    + JDK-8245412: Better class definitions
    + JDK-8245417: Improve certificate chain handling
    + JDK-8248574: Improve jpeg processing
    + JDK-8249927: Specify limits of jdk.serialProxyInterfaceLimit
    + JDK-8253019: Enhanced JPEG decoding
  * Other changes
    + JDK-6532025: GIF reader throws misleading exception with
      truncated images
    + JDK-6949753: [TEST BUG]: java/awt/print/PageFormat/
      /PDialogTest.java needs update by removing an infinite loop
    + JDK-8022535: [TEST BUG] javax/swing/text/html/parser/
      /Test8017492.java fails
    + JDK-8062947: Fix exception message to correctly represent
      LDAP connection failure
    + JDK-8067354: com/sun/jdi/GetLocalVariables4Test.sh failed
    + JDK-8134599: TEST_BUG: java/rmi/transport/closeServerSocket/
      /CloseServerSocket.java fails intermittently with Address
      already in use
    + JDK-8151678: com/sun/jndi/ldap/LdapTimeoutTest.java failed
      due to timeout on DeadServerNoTimeoutTest is incorrect
    + JDK-8160768: Add capability to custom resolve host/domain
      names within the default JNDI LDAP provider
    + JDK-8172404: Tools should warn if weak algorithms are used
      before restricting them
    + JDK-8193367: Annotated type variable bounds crash javac
    + JDK-8202117: com/sun/jndi/ldap/RemoveNamingListenerTest.java
      fails intermittently: Connection reset
    + JDK-8203026: java.rmi.NoSuchObjectException: no such object
      in table
    + JDK-8203281: [Windows] JComboBox change in ui when
      editor.setBorder() is called
    + JDK-8203382: Rename SystemDictionary::initialize_wk_klass to
      resolve_wk_klass
    + JDK-8203393: com/sun/jdi/JdbMethodExitTest.sh and
      JdbExprTest.sh fail due to timeout
    + JDK-8203928: [Test] Convert non-JDB scaffolding
      serviceability shell script tests to java
    + JDK-8204963: javax.swing.border.TitledBorder has a memory leak
    + JDK-8204994: SA might fail to attach to process with 'Windbg
      Error: WaitForEvent failed'
    + JDK-8205534: Remove SymbolTable dependency from
      serviceability agent
    + JDK-8206309: Tier1 SA tests fail
    + JDK-8208281: java/nio/channels/
      /AsynchronousSocketChannel/Basic.java timed out
    + JDK-8209109: [TEST] rewrite com/sun/jdi shell tests to java
      version - step1
    + JDK-8209332: [TEST] test/jdk/com/sun/jdi/CatchPatternTest.sh
      is incorrect
    + JDK-8209342: Problemlist SA tests on Solaris due to Error
      attaching to process: Can't create thread_db agent!
    + JDK-8209343: Test javax/swing/border/TestTitledBorderLeak.java
      should be marked as headful
    + JDK-8209517: com/sun/jdi/BreakpointWithFullGC.java fails with
      timeout
    + JDK-8209604: [TEST] rewrite com/sun/jdi shell tests to java
      version - step2
    + JDK-8209605: com/sun/jdi/BreakpointWithFullGC.java fails with
      ZGC
    + JDK-8209608: Problem list com/sun/jdi/BreakpointWithFullGC.java
    + JDK-8210131: vmTestbase/nsk/jvmti/scenarios/allocation/AP10/
      /ap10t001/TestDescription.java failed with ObjectFree:
      GetCurrentThreadCpuTimerInfo returned unexpected error code
    + JDK-8210243: [TEST] rewrite com/sun/jdi shell tests to java
      version - step3
    + JDK-8210527: JShell: NullPointerException in
      jdk.jshell.Eval.translateExceptionStack
    + JDK-8210560: [TEST] convert com/sun/jdi redefineClass-related
      tests
    + JDK-8210725: com/sun/jdi/RedefineClearBreakpoint.java fails
      with waitForPrompt timed out after 60 seconds
    + JDK-8210748: [TESTBUG] lib.jdb.Jdb.waitForPrompt() should
      clarify which output is the pending reply after a timeout
    + JDK-8210760: [TEST] rewrite com/sun/jdi shell tests to java
      version - step4
    + JDK-8210977: jdk/jfr/event/oldobject/TestThreadLocalLeak.java
      fails to find ThreadLocalObject
    + JDK-8211292: [TEST] convert com/sun/jdi/DeferredStepTest.sh
      test
    + JDK-8211694: JShell: Redeclared variable should be reset
    + JDK-8212200: assert when shared java.lang.Object is redefined
      by JVMTI agent
    + JDK-8212629: [TEST] wrong breakpoint in
      test/jdk/com/sun/jdi/DeferredStepTest
    + JDK-8212665: com/sun/jdi/DeferredStepTest.java: jj1 (line 57)
      - unexpected. lastLine=52, minLine=52, maxLine=55
    + JDK-8212807: tools/jar/multiRelease/Basic.java times out
    + JDK-8213182: Minimal VM build failure after JDK-8212200
      (assert when shared java.lang.Object is redefined by JVMTI
      agent)
    + JDK-8213214: Set -Djava.io.tmpdir= when running tests
    + JDK-8213275: ReplaceCriticalClasses.java fails with
      jdk.internal.vm.PostVMInitHook not found
    + JDK-8213574: Deadlock in string table expansion when dumping
      lots of CDS classes
    + JDK-8213703: LambdaConversionException: Invalid receiver type
      not a subtype of implementation type interface
    + JDK-8214074: Ghash optimization using AVX instructions
    + JDK-8214491: Upgrade to JLine 3.9.0
    + JDK-8214797: TestJmapCoreMetaspace.java timed out
    + JDK-8215243: JShell tests failing intermitently with
      'Problem cleaning up the following threads:'
    + JDK-8215244: jdk/jshell/ToolBasicTest.java
      testHistoryReference failed
    + JDK-8215354: x86_32 build failures after JDK-8214074 (Ghash
      optimization using AVX instructions)
    + JDK-8215438: jshell tool: Ctrl-D causes EOF
    + JDK-8216021: RunTest.gmk might set concurrency level to 1 on
      Windows
    + JDK-8216974: HttpConnection not returned to the pool after
      204 response
    + JDK-8218948: SimpleDateFormat :: format - Zone Names are not
      reflected correctly during run time
    + JDK-8219712: code_size2 (defined in stub_routines_x86.hpp) is
      too small on new Skylake CPUs
    + JDK-8220150: macos10.14 Mojave returns anti-aliased glyphs
      instead of aliased B&W glyphs
    + JDK-8221658: aarch64: add necessary predicate for ubfx
      patterns
    + JDK-8221759: Crash when completing 'java.io.File.path'
    + JDK-8221918: runtime/SharedArchiveFile/serviceability/
      /ReplaceCriticalClasses.java fails: Shared archive not found
    + JDK-8222074: Enhance auto vectorization for x86
    + JDK-8222079: Don't use memset to initialize fields decode_env
      constructor in disassembler.cpp
    + JDK-8222769: [TESTBUG] TestJFRNetworkEvents should not rely
      on hostname command
    + JDK-8223688: JShell: crash on the instantiation of raw
      anonymous class
    + JDK-8223777: In posix_spawn mode, failing to exec()
      jspawnhelper does not result in an error
    + JDK-8223940: Private key not supported by chosen signature
      algorithm
    + JDK-8224184: jshell got IOException at exiting with AIX
    + JDK-8224234: compiler/codegen/TestCharVect2.java fails in
      test_mulc
    + JDK-8225037: java.net.JarURLConnection::getJarEntry() throws
      NullPointerException
    + JDK-8225625: AES Electronic Codebook (ECB) encryption and
      decryption optimization using AVX512 + VAES instructions
    + JDK-8226536: Catch OOM from deopt that fails rematerializing
      objects
    + JDK-8226575: OperatingSystemMXBean should be made container
      aware
    + JDK-8226697: Several tests which need the @key headful
      keyword are missing it.
    + JDK-8226809: Circular reference in printed stack trace is not
      correctly indented & ambiguous
    + JDK-8227059: sun/security/tools/keytool/
      /DefaultSignatureAlgorithm.java timed out
    + JDK-8227269: Slow class loading when running with JDWP
    + JDK-8227595: keytool/fakegen/DefaultSignatureAlgorithm.java
      fails due to 'exitValue = 6'
    + JDK-8228448: Jconsole can't connect to itself
    + JDK-8228967: Trust/Key store and SSL context utilities for
      tests
    + JDK-8229378: jdwp library loader in linker_md.c quietly
      truncates on buffer overflow
    + JDK-8229815: Upgrade Jline to 3.12.1
    + JDK-8230000: some httpclients testng tests run zero test
    + JDK-8230002: javax/xml/jaxp/unittest/transform/
      /SecureProcessingTest.java runs zero test
    + JDK-8230010: Remove jdk8037819/BasicTest1.java
    + JDK-8230094: CCE in createXMLEventWriter(Result) over an
      arbitrary XMLStreamWriter
    + JDK-8230402: Allocation of compile task fails with assert:
      'Leaking compilation tasks?'
    + JDK-8230767: FlightRecorderListener returns null recording
    + JDK-8230870: (zipfs) Add a ZIP FS test that is similar to
      test/jdk/java/util/zip/EntryCount64k.java
    + JDK-8231209: [REDO] ThreadMXBean::getThreadAllocatedBytes()
      can be quicker for self thread
    + JDK-8231586: enlarge encoding space for OopMapValue offsets
    + JDK-8231953: Wrong assumption in assertion in
      oop::register_oop
    + JDK-8231968: getCurrentThreadAllocatedBytes default
      implementation s/b getThreadAllocatedBytes
    + JDK-8232083: Minimal VM is broken after JDK-8231586
    + JDK-8232161: Align some one-way conversion in MS950 charset
      with Windows
    + JDK-8232855: jshell missing word in /help help
    + JDK-8233027: OopMapSet::all_do does oms.next() twice during
      iteration
    + JDK-8233228: Disable weak named curves by default in TLS,
      CertPath, and Signed JAR
    + JDK-8233386: Initialize NULL fields for unused decorations
    + JDK-8233452: java.math.BigDecimal.sqrt() with
      RoundingMode.FLOOR results in incorrect result
    + JDK-8233686: XML transformer uses excessive amount of memory
    + JDK-8233741: AES Countermode (AES-CTR) optimization using
      AVX512 + VAES instructions
    + JDK-8233829: javac cannot find non-ASCII module name under
      non-UTF8 environment
    + JDK-8233958: Memory retention due to HttpsURLConnection
      finalizer that serves no purpose
    + JDK-8234011: (zipfs) Memory leak in
      ZipFileSystem.releaseDeflater()
    + JDK-8234058: runtime/CompressedOops/
      /CompressedClassPointers.java fails with 'Narrow klass base:
      0x0000000000000000' missing from stdout/stderr
    + JDK-8234149: Several regression tests do not dispose Frame at
      end
    + JDK-8234347: 'Turkey' meta time zone does not generate
      composed localized names
    + JDK-8234385: [TESTBUG] java/awt/EventQueue/6980209/
      /bug6980209.java fails in linux nightly
    + JDK-8234535: Cross compilation fails due to missing CFLAGS
      for the BUILD_CC
    + JDK-8234541: C1 emits an empty message when it inlines
      successfully
    + JDK-8234687: change javap reporting on unknown attributes
    + JDK-8236464: SO_LINGER option is ignored by SSLSocket in JDK
      11
    + JDK-8236548: Localized time zone name inconsistency between
      English and other locales
    + JDK-8236617: jtreg test containers/docker/
      /TestMemoryAwareness.java fails after 8226575
    + JDK-8237182: Update copyright header for shenandoah and
      epsilon files
    + JDK-8237888: security/infra/java/security/cert/
      /CertPathValidator/certification/LuxTrustCA.java fails when
      checking validity interval
    + JDK-8237977: Further update
      javax/net/ssl/compatibility/Compatibility.java
    + JDK-8238270: java.net HTTP/2 client does not decrease stream
      count when receives 204 response
    + JDK-8238284: [macos] Zero VM build fails due to an obvious
      typo
    + JDK-8238380: java.base/unix/native/libjava/childproc.c
      'multiple definition' link errors with GCC10
    + JDK-8238386: (sctp) jdk.sctp/unix/native/libsctp/SctpNet.c
      'multiple definition' link errors with GCC10
    + JDK-8238388: libj2gss/NativeFunc.o 'multiple definition' link
      errors with GCC10
    + JDK-8238448: RSASSA-PSS signature verification fail when
      using certain odd key sizes
    + JDK-8238710: LingeredApp doesn't log stdout/stderr if exits
      with non-zero code
    + JDK-8239083: C1 assert(known_holder == NULL ||
      (known_holder->is_instance_klass() &&
      (!known_holder->is_interface() ||
      ((ciInstanceKlass*)known_holder)->has_nonstatic_concrete_methods())),
      'should be non-static concrete method');
    + JDK-8239385: KerberosTicket client name refers wrongly to
      sAMAccountName in AD
    + JDK-8240169: javadoc fails to link to non-modular api docs
    + JDK-8240295: hs_err elapsed time in seconds is not accurate
      enough
    + JDK-8240360: NativeLibraryEvent has wrong library name on
      Linux
    + JDK-8240676: Meet not symmetric failure when running lucene
      on jdk8
    + JDK-8241007: Shenandoah: remove
      ShenandoahCriticalControlThreadPriority support
    + JDK-8241065: Shenandoah: remove leftover code after
      JDK-8231086
    + JDK-8241086: Test runtime/NMT/HugeArenaTracking.java is
      failing on 32bit Windows
    + JDK-8241130: com.sun.jndi.ldap.EventSupport.removeDeadNotifier:
      java.lang.NullPointerException
    + JDK-8241138: http.nonProxyHosts=* causes
      StringIndexOutOfBoundsException in DefaultProxySelector
    + JDK-8241319: WB_GetCodeBlob doesn't have ResourceMark
    + JDK-8241478: vmTestbase/gc/gctests/Steal/steal001/steal001.java
      fails with OOME
    + JDK-8241574: Shenandoah: remove ShenandoahAssertToSpaceClosure
    + JDK-8241750: x86_32 build failure after JDK-8227269
    + JDK-8242184: CRL generation error with RSASSA-PSS
    + JDK-8242283: Can't start JVM when java home path includes
      non-ASCII character
    + JDK-8242556: Cannot load RSASSA-PSS public key with non-null
      params from byte array
    + JDK-8243029: Rewrite javax/net/ssl/compatibility/
      /Compatibility.java with a flexible interop test framework
    + JDK-8243138: Enhance BaseLdapServer to support starttls
      extended request
    + JDK-8243320: Add SSL root certificates to Oracle Root CA
      program
    + JDK-8243321: Add Entrust root CA - G4 to Oracle Root CA
      program
    + JDK-8243389: enhance os::pd_print_cpu_info on linux
    + JDK-8243453: java --describe-module failed with non-ASCII
      module name under non-UTF8 environment
    + JDK-8243470: [macos] bring back O2 opt level for unsafe.cpp
    + JDK-8243489: Thread CPU Load event may contain wrong data for
      CPU time under certain conditions
    + JDK-8243925: Toolkit#getScreenInsets() returns wrong value on
      HiDPI screens (Windows)
    + JDK-8244087: 2020-04-24 public suffix list update
    + JDK-8244151: Update MUSCLE PC/SC-Lite headers to the latest
      release 1.8.26
    + JDK-8244164: AArch64: jaotc generates incorrect code for
      compressed OOPs with non-zero heap base
    + JDK-8244196: adjust output in os_linux
    + JDK-8244225: stringop-overflow warning on strncpy call from
      compile_the_world_in
    + JDK-8244287: JFR: Methods samples have line number 0
    + JDK-8244703: 'platform encoding not initialized' exceptions
      with debugger, JNI
    + JDK-8244719: CTW: C2 compilation fails with
      'assert(!VerifyHashTableKeys || _hash_lock == 0) failed:
      remove node from hash table before modifying it'
    + JDK-8244729: Shenandoah: remove resolve paths from
      SBSA::generate_shenandoah_lrb
    + JDK-8244763: Update --release 8 symbol information after JSR
      337 MR3
    + JDK-8244818: Java2D Queue Flusher crash while moving
      application window to external monitor
    + JDK-8245151: jarsigner should not raise duplicate warnings on
      verification
    + JDK-8245616: Bump update version for OpenJDK: jdk-11.0.9
    + JDK-8245714: 'Bad graph detected in build_loop_late' when
      loads are pinned on loop limit check uncommon branch
    + JDK-8245801: StressRecompilation triggers assert 'redundunt
      OSR recompilation detected. memory leak in CodeCache!'
    + JDK-8245832: JDK build make-static-libs should build all JDK
      libraries
    + JDK-8245880: Shenandoah: check class unloading flag early in
      concurrent code root scan
    + JDK-8245981: Upgrade to jQuery 3.5.1
    + JDK-8246027: Minimal fastdebug build broken after JDK-8245801
    + JDK-8246094: [macos] Sound Recording and playback is not
      working
    + JDK-8246153: TestEliminateArrayCopy fails with
      -XX:+StressReflectiveCode
    + JDK-8246193: Possible NPE in ENC-PA-REP search in AS-REQ
    + JDK-8246196: javax/management/MBeanServer/OldMBeanServerTest
      fails with AssertionError
    + JDK-8246203: Segmentation fault in verification due to stack
      overflow with -XX:+VerifyIterativeGVN
    + JDK-8246330: Add TLS Tests for Legacy ECDSA curves
    + JDK-8246453: TestClone crashes with 'all collected exceptions
      must come from the same place'
    + JDK-8247246: Add explicit ResolvedJavaType.link and expose
      presence of default methods
    + JDK-8247350: [aarch64] assert(false) failed: wrong size of
      mach node
    + JDK-8247502: PhaseStringOpts crashes while optimising
      effectively dead code
    + JDK-8247615: Initialize the bytes left for the heap sampler
    + JDK-8247824: CTW: C2 (Shenandoah) compilation fails with SEGV
      in SBC2Support::pin_and_expand
    + JDK-8247874: Replacement in VersionProps.java.template not
      working when --with-vendor-bug-url contains '&'
    + JDK-8247979: aarch64: missing side effect of killing flags
      for clearArray_reg_reg
    + JDK-8248214: Add paddings for TaskQueueSuper to reduce
      false-sharing cache contention
    + JDK-8248219: aarch64: missing memory barrier in
      fast_storefield and fast_accessfield
    + JDK-8248348: Regression caused by the update to BCEL 6.0
    + JDK-8248385: [testbug][11u] Adapt TestInitiExceptions to
      jtreg 5.1
    + JDK-8248495: [macos] zerovm is broken due to libffi headers
      location
    + JDK-8248851: CMS: Missing memory fences between free chunk
      check and klass read
    + JDK-8248987: AOT's Linker.java seems to eagerly fail-fast on
      Windows
    + JDK-8249159: Downport test rework for SSLSocketTemplate from
      8224650
    + JDK-8249215: JFrame::setVisible crashed with
      -Dfile.encoding=UTF-8 on Japanese Windows.
    + JDK-8249251: [dark_mode ubuntu 20.04] The selected menu is
      not highlighted in GTKLookAndFeel
    + JDK-8249255: Build fails if source code in cygwin home dir
    + JDK-8249277: TestVerifyIterativeGVN.java is failing with
      timeout in OpenJDK 11
    + JDK-8249278: Revert JDK-8226253 which breaks the spec of
      AccessibleState.SHOWING for JList
    + JDK-8249560: Shenandoah: Fix racy GC request handling
    + JDK-8249801: Shenandoah: Clear soft-refs on requested GC cycle
    + JDK-8249953: Shenandoah: gc/shenandoah/mxbeans tests should
      account for corner cases
    + JDK-8250582: Revert Principal Name type to NT-UNKNOWN when
      requesting TGS Kerberos tickets
    + JDK-8250609: C2 crash in IfNode::fold_compares
    + JDK-8250627: Use -XX:+/-UseContainerSupport for
      enabling/disabling Java container metrics
    + JDK-8250755: Better cleanup for
      jdk/test/javax/imageio/plugins/shared/CanWriteSequence.java
    + JDK-8250787: Provider.put no longer registering aliases in
      FIPS env
    + JDK-8250826: jhsdb does not work with coredump which comes
      from Substrate VM
    + JDK-8250827: Shenandoah: needs to reset/finish StringTable's
      dead count before/after parallel walk
    + JDK-8250844: Make sure {type,obj}ArrayOopDesc accessors check
      the bounds
    + JDK-8251117: Cannot check P11Key size in P11Cipher and
      P11AEADCipher
    + JDK-8251354: Shenandoah: Fix jdk/jfr/tool/TestPrintJSON.java
      test failure
    + JDK-8251451: Shenandoah: Remark ObjectSynchronizer roots with
      I-U
    + JDK-8251469: Better cleanup for
      test/jdk/javax/imageio/SetOutput.java
    + JDK-8251487: Shenandoah: missing detail timing tracking for
      final mark cleaning phase
    + JDK-8252120: compiler/oracle/TestCompileCommand.java
      misspells 'occured'
    + JDK-8252157: JDK-8231209 11u backport breaks jmm binary
      compatibility
    + JDK-8252258: [11u] JDK-8242154 changes the default vendor
    + JDK-8252804: [test] Fix 'ReleaseDeflater.java' test after
      downport of 8234011
    + JDK-8253134: JMM_VERSION should remain at 0x20020000 (JDK 10)
      in JDK 11
    + JDK-8253283: [11u] Test build/translations/
      /VerifyTranslations.java failing after JDK-8252258
    + JDK-8253813: Backout JDK-8244287 from 11u: it causes several
      crashes
    + Fix regression '8250861: Crash in MinINode::Ideal(PhaseGVN*,
      bool)' introduced in jdk 11.0.9

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3373-1
Released:    Thu Nov 19 09:27:44 2020
Summary:     Security update for ucode-intel
Type:        security
Severity:    moderate
References:  1170446,1173592,1173594,CVE-2020-8695,CVE-2020-8696,CVE-2020-8698
This update for ucode-intel fixes the following issues:

- Updated Intel CPU Microcode to 20201110 official release.
 - CVE-2020-8695: Fixed Intel RAPL sidechannel attack (SGX) (bsc#1170446)
 - CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 (bsc#1173594)
 - CVE-2020-8696: Vector Register Sampling Active INTEL-SA-00381 (bsc#1173592)

- Release notes:
  - Security updates for [INTEL-SA-00381](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html).
  - Security updates for [INTEL-SA-00389](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html).
  - Update for functional issues. Refer to [Second Generation Intel® Xeon® Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338848) for details.
  - Update for functional issues. Refer to [Intel® Xeon® Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/613537) for details.
  - Update for functional issues. Refer to [Intel® Xeon® Processor E5 v3 Product Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e5-v3-spec-update.html?wapkw=processor+spec+update+e5) for details.
  - Update for functional issues. Refer to [10th Gen Intel® Core™ Processor Families Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/10th-gen-core-families-specification-update.html) for details.
  - Update for functional issues. Refer to [8th and 9th Gen Intel® Core™ Processor Family Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/8th-gen-core-spec-update.html) for details.
  - Update for functional issues. Refer to [7th Gen and 8th Gen (U Quad-Core) Intel® Processor Families Specification Update](https://www.intel.com/content/www/us/en/processors/core/7th-gen-core-family-spec-update.html) for details.
  - Update for functional issues. Refer to [6th Gen Intel® Processor Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/332689) for details.
  - Update for functional issues. Refer to [Intel® Xeon® E3-1200 v6 Processor Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e3-1200v6-spec-update.html) for details.
  - Update for functional issues. Refer to [Intel® Xeon® E-2100 and E-2200 Processor Family Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-e-2100-specification-update.html) for details.

  ### New Platforms
  | Processor      | Stepping | F-M-S/PI    | Old Ver  | New Ver  | Products
  |:---------------|:---------|:------------|:---------|:---------|:---------
  | CPX-SP         | A1       | 06-55-0b/bf |          | 0700001e | Xeon Scalable Gen3
  | LKF            | B2/B3    | 06-8a-01/10 |          | 00000028 | Core w/Hybrid Technology
  | TGL            | B1       | 06-8c-01/80 |          | 00000068 | Core Gen11 Mobile
  | CML-H          | R1       | 06-a5-02/20 |          | 000000e0 | Core Gen10 Mobile
  | CML-S62        | G1       | 06-a5-03/22 |          | 000000e0 | Core Gen10
  | CML-S102       | Q0       | 06-a5-05/22 |          | 000000e0 | Core Gen10 
  | CML-U62 V2     | K0       | 06-a6-01/80 |          | 000000e0 | Core Gen10 Mobile
  ### Updated Platforms
  | Processor      | Stepping | F-M-S/PI    | Old Ver  | New Ver  | Products
  |:---------------|:---------|:------------|:---------|:---------|:---------
  | HSX-E/EP       | Cx/M1    | 06-3f-02/6f | 00000043 | 00000044 | Core Gen4 X series; Xeon E5 v3
  | SKL-U/Y        | D0       | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile
  | SKL-U23e       | K1       | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile
  | SKX-SP         | B1       | 06-55-03/97 | 01000157 | 01000159 | Xeon Scalable
  | SKX-SP         | H0/M0/U0 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon Scalable
  | SKX-D          | M1       | 06-55-04/b7 | 02006906 | 02006a08 | Xeon D-21xx
  | CLX-SP         | B0       | 06-55-06/bf | 04002f01 | 04003003 | Xeon Scalable Gen2
  | CLX-SP         | B1       | 06-55-07/bf | 05002f01 | 05003003 | Xeon Scalable Gen2
  | APL            | D0       | 06-5c-09/03 | 00000038 | 00000040 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx
  | APL            | E0       | 06-5c-0a/03 | 00000016 | 0000001e | Atom x5-E39xx
  | SKL-H/S        | R0/N0    | 06-5e-03/36 | 000000d6 | 000000e2 | Core Gen6; Xeon E3 v5
  | GKL-R          | R0       | 06-7a-08/01 | 00000016 | 00000018 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120
  | ICL-U/Y        | D1       | 06-7e-05/80 | 00000078 | 000000a0 | Core Gen10 Mobile
  | AML-Y22        | H0       | 06-8e-09/10 | 000000d6 | 000000de | Core Gen8 Mobile
  | KBL-U/Y        | H0       | 06-8e-09/c0 | 000000d6 | 000000de | Core Gen7 Mobile
  | CFL-U43e       | D0       | 06-8e-0a/c0 | 000000d6 | 000000e0 | Core Gen8 Mobile
  | WHL-U          | W0       | 06-8e-0b/d0 | 000000d6 | 000000de | Core Gen8 Mobile
  | AML-Y42        | V0       | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile
  | CML-Y42        | V0       | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile
  | WHL-U          | V0       | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen8 Mobile
  | KBL-G/H/S/E3   | B0       | 06-9e-09/2a | 000000d6 | 000000de | Core Gen7; Xeon E3 v6
  | CFL-H/S/E3     | U0       | 06-9e-0a/22 | 000000d6 | 000000de | Core Gen8 Desktop, Mobile, Xeon E
  | CFL-S          | B0       | 06-9e-0b/02 | 000000d6 | 000000de | Core Gen8
  | CFL-H/S        | P0       | 06-9e-0c/22 | 000000d6 | 000000de | Core Gen9
  | CFL-H          | R0       | 06-9e-0d/22 | 000000d6 | 000000de | Core Gen9 Mobile
  | CML-U62        | A0       | 06-a6-00/80 | 000000ca | 000000e0 | Core Gen10 Mobile

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3376-1
Released:    Thu Nov 19 09:29:13 2020
Summary:     Security update for wireshark
Type:        security
Severity:    moderate
References:  1177406,1178291,CVE-2020-26575,CVE-2020-28030
This update for wireshark fixes the following issues:

- wireshark was updated to 3.2.8:
  - CVE-2020-26575: Fixed an issue where FBZERO dissector was entering in infinite loop (bsc#1177406)
  - CVE-2020-28030: Fixed an issue where GQUIC dissector was crashing (bsc#1178291)
  * Infinite memory allocation while parsing this tcp packet

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3384-1
Released:    Thu Nov 19 11:33:53 2020
Summary:     Security update for perl-DBI
Type:        security
Severity:    moderate
References:  1176492,CVE-2014-10401,CVE-2014-10402
This update for perl-DBI fixes the following issues:

- DBD::File drivers can open files from folders other than those
  specifically passed via the f_dir attribute in the data source
  name (DSN). [bsc#1176492, CVE-2014-10401, CVE-2014-10402]

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3450-1
Released:    Thu Nov 19 17:39:23 2020
Summary:     Recommended update for hawk-apiserver
Type:        recommended
Severity:    moderate
References:  1178228
This update for hawk-apiserver fixes the following issues:

- Update from version 0.0.2 to version 0.0.4:
  - various enhancement security https related (bsc#1178228)
  - update go modules to 1.13
  - add -version flag to show build version

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3452-1
Released:    Thu Nov 19 19:42:47 2020
Summary:     Recommended update for tomcat
Type:        recommended
Severity:    moderate
References:  1178396
This update for tomcat fixes the following issues:

- Fixes an issue when after removing package rest remained in 'examples'.
- Remove 'tomcat-9.0.init' and '/usr/lib/tmpfiles.d/tomcat.conf' because of using systemd. (bsc#1178396)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3458-1
Released:    Fri Nov 20 11:09:46 2020
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    important
References:  1178824,CVE-2020-15999,CVE-2020-16012,CVE-2020-26951,CVE-2020-26953,CVE-2020-26956,CVE-2020-26958,CVE-2020-26959,CVE-2020-26960,CVE-2020-26961,CVE-2020-26965,CVE-2020-26966,CVE-2020-26968
This update for MozillaFirefox fixes the following issues:

- Firefox Extended Support Release 78.5.0 ESR (bsc#1178824)
  * CVE-2020-26951: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code
  * CVE-2020-16012: Variable time processing of cross-origin images during drawImage calls
  * CVE-2020-26953: Fullscreen could be enabled without displaying the security UI
  * CVE-2020-26956: XSS through paste (manual and clipboard API)
  * CVE-2020-26958: Requests intercepted through ServiceWorkers lacked MIME type restrictions
  * CVE-2020-26959: Use-after-free in WebRequestService
  * CVE-2020-26960: Potential use-after-free in uses of nsTArray
  * CVE-2020-15999: Heap buffer overflow in freetype
  * CVE-2020-26961: DoH did not filter IPv4 mapped IP Addresses
  * CVE-2020-26965: Software keyboards may have remembered typed passwords
  * CVE-2020-26966: Single-word search queries were also broadcast to local network
  * CVE-2020-26968: Memory safety bugs fixed in Firefox 83 and Firefox ESR 78.5

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3460-1
Released:    Fri Nov 20 12:41:23 2020
Summary:     Security update for java-1_8_0-openjdk
Type:        security
Severity:    moderate
References:  1174157,1177943,CVE-2020-14556,CVE-2020-14577,CVE-2020-14578,CVE-2020-14579,CVE-2020-14581,CVE-2020-14583,CVE-2020-14593,CVE-2020-14621,CVE-2020-14779,CVE-2020-14781,CVE-2020-14782,CVE-2020-14792,CVE-2020-14796,CVE-2020-14797,CVE-2020-14798,CVE-2020-14803
This update for java-1_8_0-openjdk fixes the following issues:

- Fix regression '8250861: Crash in MinINode::Ideal(PhaseGVN*, bool)',
  introduced in October 2020 CPU.

- Update to version jdk8u272 (icedtea 3.17.0) (July 2020 CPU,
  bsc#1174157, and October 2020 CPU, bsc#1177943)
  * New features
    + JDK-8245468: Add TLSv1.3 implementation classes from 11.0.7
    + PR3796: Allow the number of curves supported to be specified
  * Security fixes
    + JDK-8028431, CVE-2020-14579: NullPointerException in
      DerValue.equals(DerValue)
    + JDK-8028591, CVE-2020-14578: NegativeArraySizeException in
      sun.security.util.DerInputStream.getUnalignedBitString()
    + JDK-8230613: Better ASCII conversions
    + JDK-8231800: Better listing of arrays
    + JDK-8232014: Expand DTD support
    + JDK-8233255: Better Swing Buttons
    + JDK-8233624: Enhance JNI linkage
    + JDK-8234032: Improve basic calendar services
    + JDK-8234042: Better factory production of certificates
    + JDK-8234418: Better parsing with CertificateFactory
    + JDK-8234836: Improve serialization handling
    + JDK-8236191: Enhance OID processing
    + JDK-8236196: Improve string pooling
    + JDK-8236862, CVE-2020-14779: Enhance support of Proxy class
    + JDK-8237117, CVE-2020-14556: Better ForkJoinPool behavior
    + JDK-8237592, CVE-2020-14577: Enhance certificate verification
    + JDK-8237990, CVE-2020-14781: Enhanced LDAP contexts
    + JDK-8237995, CVE-2020-14782: Enhance certificate processing
    + JDK-8238002, CVE-2020-14581: Better matrix operations
    + JDK-8238804: Enhance key handling process
    + JDK-8238842: AIOOBE in GIFImageReader.initializeStringTable
    + JDK-8238843: Enhanced font handing
    + JDK-8238920, CVE-2020-14583: Better Buffer support
    + JDK-8238925: Enhance WAV file playback
    + JDK-8240119, CVE-2020-14593: Less Affine Transformations
    + JDK-8240124: Better VM Interning
    + JDK-8240482: Improved WAV file playback
    + JDK-8241114, CVE-2020-14792: Better range handling
    + JDK-8241379: Update JCEKS support
    + JDK-8241522: Manifest improved jar headers redux
    + JDK-8242136, CVE-2020-14621: Better XML namespace handling
    + JDK-8242680, CVE-2020-14796: Improved URI Support
    + JDK-8242685, CVE-2020-14797: Better Path Validation
    + JDK-8242695, CVE-2020-14798: Enhanced buffer support
    + JDK-8243302: Advanced class supports
    + JDK-8244136, CVE-2020-14803: Improved Buffer supports
    + JDK-8244479: Further constrain certificates
    + JDK-8244955: Additional Fix for JDK-8240124
    + JDK-8245407: Enhance zoning of times
    + JDK-8245412: Better class definitions
    + JDK-8245417: Improve certificate chain handling
    + JDK-8248574: Improve jpeg processing
    + JDK-8249927: Specify limits of jdk.serialProxyInterfaceLimit
    + JDK-8253019: Enhanced JPEG decoding
  * Import of OpenJDK 8 u262 build 01
    + JDK-4949105: Access Bridge lacks html tags parsing
    + JDK-8003209: JFR events for network utilization
    + JDK-8030680: 292 cleanup from default method code assessment
    + JDK-8035633: TEST_BUG: java/net/NetworkInterface/Equals.java
      and some tests failed on windows intermittently
    + JDK-8041626: Shutdown tracing event
    + JDK-8141056: Erroneous assignment in HeapRegionSet.cpp
    + JDK-8149338: JVM Crash caused by Marlin renderer not handling
       NaN coordinates
    + JDK-8151582: (ch) test java/nio/channels/
      /AsyncCloseAndInterrupt.java failing due to 'Connection
      succeeded'
    + JDK-8165675: Trace event for thread park has incorrect unit
       for timeout
    + JDK-8176182: 4 security tests are not run
    + JDK-8178910: Problemlist sample tests
    + JDK-8183925: Decouple crash protection from watcher thread
    + JDK-8191393: Random crashes during cfree+0x1c
    + JDK-8195817: JFR.stop should require name of recording
    + JDK-8195818: JFR.start should increase autogenerated name by
       one
    + JDK-8195819: Remove recording=x from jcmd JFR.check output
    + JDK-8199712: Flight Recorder
    + JDK-8202578: Revisit location for class unload events
    + JDK-8202835: jfr/event/os/TestSystemProcess.java fails on
      missing events
    + JDK-8203287: Zero fails to build after JDK-8199712 (Flight
      Recorder)
    + JDK-8203346: JFR: Inconsistent signature of
      jfr_add_string_constant
    + JDK-8203664: JFR start failure after AppCDS archive created
      with JFR StartFlightRecording
    + JDK-8203921: JFR thread sampling is missing fixes from
      JDK-8194552
    + JDK-8203929: Limit amount of data for JFR.dump
    + JDK-8205516: JFR tool
    + JDK-8207392: [PPC64] Implement JFR profiling
    + JDK-8207829: FlightRecorderMXBeanImpl is leaking the first
      classloader which calls it
    + JDK-8209960: -Xlog:jfr* doesn't work with the JFR
    + JDK-8210024: JFR calls virtual is_Java_thread from ~Thread()
    + JDK-8210776: Upgrade X Window System 6.8.2 to the latest XWD
      1.0.7
    + JDK-8211239: Build fails without JFR: empty JFR events
      signatures mismatch
    + JDK-8212232: Wrong metadata for the configuration of the
      cutoff for old object sample events
    + JDK-8213015: Inconsistent settings between JFR.configure and
      -XX:FlightRecorderOptions
    + JDK-8213421: Line number information for execution samples
      always 0
    + JDK-8213617: JFR should record the PID of the recorded process
    + JDK-8213734: SAXParser.parse(File, ..) does not close
      resources when Exception occurs.
    + JDK-8213914: [TESTBUG] Several JFR VM events are not covered
      by tests
    + JDK-8213917: [TESTBUG] Shutdown JFR event is not covered by
      test
    + JDK-8213966: The ZGC JFR events should be marked as
      experimental
    + JDK-8214542: JFR: Old Object Sample event slow on a deep heap
      in debug builds
    + JDK-8214750: Unnecessary <p> tags in jfr classes
    + JDK-8214896: JFR Tool left files behind
    + JDK-8214906: [TESTBUG] jfr/event/sampling/TestNative.java
      fails with UnsatisfiedLinkError
    + JDK-8214925: JFR tool fails to execute
    + JDK-8215175: Inconsistencies in JFR event metadata
    + JDK-8215237: jdk.jfr.Recording javadoc does not compile
    + JDK-8215284: Reduce noise induced by periodic task
      getFileSize()
    + JDK-8215355: Object monitor deadlock with no threads holding
      the monitor (using jemalloc 5.1)
    + JDK-8215362: JFR GTest JfrTestNetworkUtilization fails
    + JDK-8215771: The jfr tool should pretty print reference chains
    + JDK-8216064: -XX:StartFlightRecording:settings= doesn't work
      properly
    + JDK-8216486: Possibility of integer overflow in
      JfrThreadSampler::run()
    + JDK-8216528: test/jdk/java/rmi/transport/
       /runtimeThreadInheritanceLeak/
       /RuntimeThreadInheritanceLeak.java failing with Xcomp
    + JDK-8216559: [JFR] Native libraries not correctly parsed from
      /proc/self/maps
    + JDK-8216578: Remove unused/obsolete method in JFR code
    + JDK-8216995: Clean up JFR command line processing
    + JDK-8217744: [TESTBUG] JFR TestShutdownEvent fails on some
      systems due to process surviving SIGINT
    + JDK-8217748: [TESTBUG] Exclude TestSig test case from JFR
      TestShutdownEvent
    + JDK-8218935: Make jfr strncpy uses GCC 8.x friendly
    + JDK-8223147: JFR Backport
    + JDK-8223689: Add JFR Thread Sampling Support
    + JDK-8223690: Add JFR BiasedLock Event Support
    + JDK-8223691: Add JFR G1 Region Type Change Event Support
    + JDK-8223692: Add JFR G1 Heap Summary Event Support
    + JDK-8224172: assert(jfr_is_event_enabled(id)) failed:
      invariant
    + JDK-8224475: JTextPane does not show images in HTML rendering
    + JDK-8226253: JAWS reports wrong number of radio buttons when
      buttons are hidden.
    + JDK-8226779: [TESTBUG] Test JFR API from Java agent
    + JDK-8226892: ActionListeners on JRadioButtons don't get
      notified when selection is changed with arrow keys
    + JDK-8227011: Starting a JFR recording in response to JVMTI
      VMInit and / or Java agent premain corrupts memory
    + JDK-8227605: Kitchensink fails 'assert((((klass)->trace_id()
      & (JfrTraceIdEpoch::leakp_in_use_this_epoch_bit())) != 0))
      failed: invariant'
    + JDK-8229366: JFR backport allows unchecked writing to memory
    + JDK-8229401: Fix JFR code cache test failures
    + JDK-8229708: JFR backport code does not initialize
    + JDK-8229873: 8229401 broke jdk8u-jfr-incubator
    + JDK-8230448: [test] JFRSecurityTestSuite.java is failing on
      Windows
    + JDK-8230707: JFR related tests are failing
    + JDK-8230782: Robot.createScreenCapture() fails if
      'awt.robot.gtk' is set to false
    + JDK-8230856: Java_java_net_NetworkInterface_getByName0 on
       unix misses ReleaseStringUTFChars in early return
    + JDK-8230947: TestLookForUntestedEvents.java is failing after
      JDK-8230707
    + JDK-8231995: two jtreg tests failed after 8229366 is fixed
    + JDK-8233623: Add classpath exception to copyright in
      EventHandlerProxyCreator.java file
    + JDK-8236002: CSR for JFR backport suggests not leaving out
      the package-info
    + JDK-8236008: Some backup files were accidentally left in the
      hotspot tree
    + JDK-8236074: Missed package-info
    + JDK-8236174: Should update javadoc since tags
    + JDK-8238076: Fix OpenJDK 7 Bootstrap Broken by JFR Backport
    + JDK-8238452: Keytool generates wrong expiration date if
      validity is set to 2050/01/01
    + JDK-8238555: Allow Initialization of SunPKCS11 with NSS when
      there are external FIPS modules in the NSSDB
    + JDK-8238589: Necessary code cleanup in JFR for JDK8u
    + JDK-8238590: Enable JFR by default during compilation in 8u
    + JDK-8239055: Wrong implementation of VMState.hasListener
    + JDK-8239476: JDK-8238589 broke windows build by moving
      OrderedPair
    + JDK-8239479: minimal1 and zero builds are failing
    + JDK-8239867: correct over use of INCLUDE_JFR macro
    + JDK-8240375: Disable JFR by default for July 2020 release
    + JDK-8241444: Metaspace::_class_vsm not initialized if
      compressed class pointers are disabled
    + JDK-8241902: AIX Build broken after integration of
      JDK-8223147 (JFR Backport)
    + JDK-8242788: Non-PCH build is broken after JDK-8191393
  * Import of OpenJDK 8 u262 build 02
    + JDK-8130737: AffineTransformOp can't handle child raster with
      non-zero x-offset
    + JDK-8172559: [PIT][TEST_BUG] Move @test to be 1st annotation
      in java/awt/image/Raster/TestChildRasterOp.java
    + JDK-8230926: [macosx] Two apostrophes are entered instead of
      one with 'U.S. International - PC' layout
    + JDK-8240576: JVM crashes after transformation in C2
      IdealLoopTree::merge_many_backedges
    + JDK-8242883: Incomplete backport of JDK-8078268: backport
      test part
  * Import of OpenJDK 8 u262 build 03
    + JDK-8037866: Replace the Fun class in tests with lambdas
    + JDK-8146612: C2: Precedence edges specification violated
    + JDK-8150986: serviceability/sa/jmap-hprof/
       /JMapHProfLargeHeapTest.java failing because expects HPROF
      JAVA PROFILE 1.0.1 file format
    + JDK-8229888: (zipfs) Updating an existing zip file does not
      preserve original permissions
    + JDK-8230597: Update GIFlib library to the 5.2.1
    + JDK-8230769: BufImg_SetupICM add
      ReleasePrimitiveArrayCritical call in early return
    + JDK-8233880, PR3798: Support compilers with multi-digit major
      version numbers
    + JDK-8239852: java/util/concurrent tests fail with
      -XX:+VerifyGraphEdges: assert(!VerifyGraphEdges) failed:
      verification should have failed
    + JDK-8241638: launcher time metrics always report 1 on Linux
      when _JAVA_LAUNCHER_DEBUG set
    + JDK-8243059: Build fails when --with-vendor-name contains a
      comma
    + JDK-8243474: [TESTBUG] removed three tests of 0 bytes
    + JDK-8244461: [JDK 8u] Build fails with glibc 2.32
    + JDK-8244548: JDK 8u: sun.misc.Version.jdkUpdateVersion()
      returns wrong result
  * Import of OpenJDK 8 u262 build 04
    + JDK-8067796: (process) Process.waitFor(timeout, unit) doesn't
      throw NPE if timeout is less than, or equal to zero when unit
      == null
    + JDK-8148886: SEGV in sun.java2d.marlin.Renderer._endRendering
    + JDK-8171934:
      ObjectSizeCalculator.getEffectiveMemoryLayoutSpecification()
      does not recognize OpenJDK's HotSpot VM
    + JDK-8196969: JTreg Failure:
      serviceability/sa/ClhsdbJstack.java causes NPE
    + JDK-8243539: Copyright info (Year) should be updated for fix
      of 8241638
    + JDK-8244777: ClassLoaderStats VM Op uses constant hash value
  * Import of OpenJDK 8 u262 build 05
    + JDK-7147060: com/sun/org/apache/xml/internal/security/
      /transforms/ClassLoaderTest.java doesn't run in agentvm mode
    + JDK-8178374: Problematic ByteBuffer handling in
      CipherSpi.bufferCrypt method
    + JDK-8181841: A TSA server returns timestamp with precision
      higher than milliseconds
    + JDK-8227269: Slow class loading when running with JDWP
    + JDK-8229899: Make java.io.File.isInvalid() less racy
    + JDK-8236996: Incorrect Roboto font rendering on Windows with
      subpixel antialiasing
    + JDK-8241750: x86_32 build failure after JDK-8227269
    + JDK-8244407: JVM crashes after transformation in C2
      IdealLoopTree::split_fall_in
    + JDK-8244843: JapanEraNameCompatTest fails
  * Import of OpenJDK 8 u262 build 06
    + JDK-8246223: Windows build fails after JDK-8227269
  * Import of OpenJDK 8 u262 build 07
    + JDK-8233197: Invert JvmtiExport::post_vm_initialized() and
      Jfr:on_vm_start() start-up order for correct option parsing
    + JDK-8243541: (tz) Upgrade time-zone data to tzdata2020a
    + JDK-8245167: Top package in method profiling shows null in JMC
    + JDK-8246703: [TESTBUG] Add test for JDK-8233197
  * Import of OpenJDK 8 u262 build 08
    + JDK-8220293: Deadlock in JFR string pool
    + JDK-8225068: Remove DocuSign root certificate that is
      expiring in May 2020
    + JDK-8225069: Remove Comodo root certificate that is expiring
      in May 2020
  * Import of OpenJDK 8 u262 build 09
    + JDK-8248399: Build installs jfr binary when JFR is disabled
  * Import of OpenJDK 8 u262 build 10
    + JDK-8248715: New JavaTimeSupplementary localisation for 'in'
      installed in wrong package
  * Import of OpenJDK 8 u265 build 01
    + JDK-8249677: Regression in 8u after JDK-8237117: Better
      ForkJoinPool behavior
    + JDK-8250546: Expect changed behaviour reported in JDK-8249846
  * Import of OpenJDK 8 u272 build 01
    + JDK-8006205: [TESTBUG] NEED_TEST: please JTREGIFY
      test/compiler/7177917/Test7177917.java
    + JDK-8035493: JVMTI PopFrame capability must instruct
      compilers not to prune locals
    + JDK-8036088: Replace strtok() with its safe equivalent
      strtok_s() in DefaultProxySelector.c
    + JDK-8039082: [TEST_BUG] Test java/awt/dnd/
      /BadSerializationTest/BadSerializationTest.java fails
    + JDK-8075774: Small readability and performance improvements
      for zipfs
    + JDK-8132206: move ScanTest.java into OpenJDK
    + JDK-8132376: Add @requires os.family to the client tests with
      access to internal OS-specific API
    + JDK-8132745: minor cleanup of java/util/Scanner/ScanTest.java
    + JDK-8137087: [TEST_BUG] Cygwin failure of java/awt/
      /appletviewer/IOExceptionIfEncodedURLTest/
      /IOExceptionIfEncodedURLTest.sh
    + JDK-8145808: java/awt/Graphics2D/MTGraphicsAccessTest/
      /MTGraphicsAccessTest.java hangs on Win. 8
    + JDK-8151788: NullPointerException from ntlm.Client.type3
    + JDK-8151834: Test SmallPrimeExponentP.java times out
      intermittently
    + JDK-8153430: jdk regression test MletParserLocaleTest,
      ParserInfiniteLoopTest reduce default timeout
    + JDK-8153583: Make OutputAnalyzer.reportDiagnosticSummary
      public
    + JDK-8156169: Some sound tests rarely hangs because of
      incorrect synchronization
    + JDK-8165936: Potential Heap buffer overflow when seaching
      timezone info files
    + JDK-8166148: Fix for JDK-8165936 broke solaris builds
    + JDK-8167300: Scheduling failures during gcm should be fatal
    + JDK-8167615: Opensource unit/regression tests for JavaSound
    + JDK-8172012: [TEST_BUG] delays needed in
      javax/swing/JTree/4633594/bug4633594.java
    + JDK-8177628: Opensource unit/regression tests for ImageIO
    + JDK-8183341: Better cleanup for javax/imageio/AllowSearch.java
    + JDK-8183351: Better cleanup for jdk/test/javax/imageio/spi/
      /AppletContextTest/BadPluginConfigurationTest.sh
    + JDK-8193137: Nashorn crashes when given an empty script file
    + JDK-8194298: Add support for per Socket configuration of TCP
      keepalive
    + JDK-8198004: javax/swing/JFileChooser/6868611/bug6868611.java
      throws error
    + JDK-8200313: java/awt/Gtk/GtkVersionTest/GtkVersionTest.java
      fails
    + JDK-8210147: adjust some WSAGetLastError usages in windows
      network coding
    + JDK-8211714: Need to update vm_version.cpp to recognise
      VS2017 minor versions
    + JDK-8214862: assert(proj != __null) at compile.cpp:3251
    + JDK-8217606: LdapContext#reconnect always opens a new
      connection
    + JDK-8217647: JFR: recordings on 32-bit systems unreadable
    + JDK-8226697: Several tests which need the @key headful
      keyword are missing it.
    + JDK-8229378: jdwp library loader in linker_md.c quietly
      truncates on buffer overflow
    + JDK-8230303: JDB hangs when running monitor command
    + JDK-8230711: ConnectionGraph::unique_java_object(Node* N)
      return NULL if n is not in the CG
    + JDK-8234617: C1: Incorrect result of field load due to
      missing narrowing conversion
    + JDK-8235243: handle VS2017 15.9 and VS2019 in
      abstract_vm_version
    + JDK-8235325: build failure on Linux after 8235243
    + JDK-8235687: Contents/MacOS/libjli.dylib cannot be a symlink
    + JDK-8237951: CTW: C2 compilation fails with 'malformed
      control flow'
    + JDK-8238225: Issues reported after replacing symlink at
      Contents/MacOS/libjli.dylib with binary
    + JDK-8239385: KerberosTicket client name refers wrongly to
      sAMAccountName in AD
    + JDK-8239819: XToolkit: Misread of screen information memory
    + JDK-8240295: hs_err elapsed time in seconds is not accurate
      enough
    + JDK-8241888: Mirror jdk.security.allowNonCaAnchor system
      property with a security one
    + JDK-8242498: Invalid 'sun.awt.TimedWindowEvent' object leads
      to JVM crash
    + JDK-8243489: Thread CPU Load event may contain wrong data for
      CPU time under certain conditions
    + JDK-8244818: Java2D Queue Flusher crash while moving
      application window to external monitor
    + JDK-8246310: Clean commented-out code about ModuleEntry
      and PackageEntry in JFR
    + JDK-8246384: Enable JFR by default on supported architectures
      for October 2020 release
    + JDK-8248643: Remove extra leading space in JDK-8240295 8u
      backport
    + JDK-8249610: Make
      sun.security.krb5.Config.getBooleanObject(String... keys)
      method public
  * Import of OpenJDK 8 u272 build 02
    + JDK-8023697: failed class resolution reports different class
      name in detail message for the first and subsequent times
    + JDK-8025886: replace [[ and == bash extensions in regtest
    + JDK-8046274: Removing dependency on jakarta-regexp
    + JDK-8048933: -XX:+TraceExceptions output should include the
      message
    + JDK-8076151: [TESTBUG] Test java/awt/FontClass/CreateFont/
      /fileaccess/FontFile.java fails
    + JDK-8148854: Class names 'SomeClass' and 'LSomeClass;'
      treated by JVM as an equivalent
    + JDK-8154313: Generated javadoc scattered all over the place
    + JDK-8163251: Hard coded loop limit prevents reading of smart
      card data greater than 8k
    + JDK-8173300: [TESTBUG]compiler/tiered/NonTieredLevelsTest.java
      fails with compiler.whitebox.SimpleTestCaseHelper(int) must be
      compiled
    + JDK-8183349: Better cleanup for jdk/test/javax/imageio/
      /plugins/shared/CanWriteSequence.java and WriteAfterAbort.java
    + JDK-8191678: [TESTBUG] Add keyword headful in java/awt
      FocusTransitionTest test.
    + JDK-8201633: Problems with AES-GCM native acceleration
    + JDK-8211049: Second parameter of 'initialize' method is not
          used
    + JDK-8219566: JFR did not collect call stacks when
      MaxJavaStackTraceDepth is set to zero
    + JDK-8220165: Encryption using GCM results in
      RuntimeException- input length out of bound
    + JDK-8220555: JFR tool shows potentially misleading message
      when it cannot access a file
    + JDK-8224217: RecordingInfo should use textual representation
      of path
    + JDK-8231779: crash
      HeapWord*ParallelScavengeHeap::failed_mem_allocate
    + JDK-8238380, PR3798: java.base/unix/native/libjava/childproc.c
      'multiple definition' link errors with GCC10
    + JDK-8238386, PR3798: (sctp) jdk.sctp/unix/native/libsctp/
      /SctpNet.c 'multiple definition' link errors with GCC10
    + JDK-8238388, PR3798: libj2gss/NativeFunc.o 'multiple
      definition' link errors with GCC10
    + JDK-8242556: Cannot load RSASSA-PSS public key with non-null
      params from byte array
    + JDK-8250755: Better cleanup for jdk/test/javax/imageio/
      /plugins/shared/CanWriteSequence.java
  * Import of OpenJDK 8 u272 build 03
    + JDK-6574989: TEST_BUG:
      javax/sound/sampled/Clip/bug5070081.java fails sometimes
    + JDK-8148754: C2 loop unrolling fails due to unexpected graph
      shape
    + JDK-8192953: sun/management/jmxremote/bootstrap/*.sh tests
      fail with error : revokeall.exe: Permission denied
    + JDK-8203357: Container Metrics
    + JDK-8209113: Use WeakReference for lastFontStrike for created
      Fonts
    + JDK-8216283: Allow shorter method sampling interval than 10 ms
    + JDK-8221569: JFR tool produces incorrect output when both
      --categories and --events are specified
    + JDK-8233097: Fontmetrics for large Fonts has zero width
    + JDK-8248851: CMS: Missing memory fences between free chunk
      check and klass read
    + JDK-8250875: Incorrect parameter type for update_number in
      JDK_Version::jdk_update
  * Import of OpenJDK 8 u272 build 04
    + JDK-8061616: HotspotDiagnosticMXBean.getVMOption() throws
      IllegalArgumentException for flags of type double
    + JDK-8177334: Update xmldsig implementation to Apache
      Santuario 2.1.1
    + JDK-8217878: ENVELOPING XML signature no longer works in JDK
      11
    + JDK-8218629: XML Digital Signature throws NAMESPACE_ERR
      exception on OpenJDK 11, works 8/9/10
    + JDK-8243138: Enhance BaseLdapServer to support starttls
      extended request
  * Import of OpenJDK 8 u272 build 05
    + JDK-8026236: Add PrimeTest for BigInteger
    + JDK-8057003: Large reference arrays cause extremely long
      synchronization times
    + JDK-8060721: Test runtime/SharedArchiveFile/
      /LimitSharedSizes.java fails in jdk 9 fcs new
      platforms/compiler
    + JDK-8152077: (cal) Calendar.roll does not always roll the
      hours during daylight savings
    + JDK-8168517: java/lang/ProcessBuilder/Basic.java failed
    + JDK-8211163: UNIX version of Java_java_io_Console_echo does
      not return a clean boolean
    + JDK-8220674: [TESTBUG] MetricsMemoryTester failcount test in
      docker container only works with debug JVMs
    + JDK-8231213: Migrate SimpleDateFormatConstTest to JDK Repo
    + JDK-8236645: JDK 8u231 introduces a regression with
      incompatible handling of XML messages
    + JDK-8240676: Meet not symmetric failure when running lucene
      on jdk8
    + JDK-8243321: Add Entrust root CA - G4 to Oracle Root CA
      program
    + JDK-8249158: THREAD_START and THREAD_END event posted in
      primordial phase
    + JDK-8250627: Use -XX:+/-UseContainerSupport for
      enabling/disabling Java container metrics
    + JDK-8251546: 8u backport of JDK-8194298 breaks AIX and
      Solaris builds
    + JDK-8252084: Minimal VM fails to bootcycle: undefined symbol:
      AgeTableTracer::is_tenuring_distribution_event_enabled
  * Import of OpenJDK 8 u272 build 06
    + JDK-8064319: Need to enable -XX:+TraceExceptions in release
      builds
    + JDK-8080462, PR3801: Update SunPKCS11 provider with PKCS11
      v2.40 support
    + JDK-8160768: Add capability to custom resolve host/domain
      names within the default JNDI LDAP provider
    + JDK-8161973: PKIXRevocationChecker.getSoftFailExceptions()
      not working
    + JDK-8169925, PR3801: PKCS #11 Cryptographic Token Interface
      license
    + JDK-8184762: ZapStackSegments should use optimized memset
    + JDK-8193234: When using -Xcheck:jni an internally allocated
      buffer can leak
    + JDK-8219919: RuntimeStub name lost with
      PrintFrameConverterAssembly
    + JDK-8220313: [TESTBUG] Update base image for Docker testing
      to OL 7.6
    + JDK-8222079: Don't use memset to initialize fields decode_env
      constructor in disassembler.cpp
    + JDK-8225695: 32-bit build failures after JDK-8080462 (Update
      SunPKCS11 provider with PKCS11 v2.40 support)
    + JDK-8226575: OperatingSystemMXBean should be made container
      aware
    + JDK-8226809: Circular reference in printed stack trace is not
      correctly indented & ambiguous
    + JDK-8228835: Memory leak in PKCS11 provider when using AES GCM
    + JDK-8233621: Mismatch in jsse.enableMFLNExtension property
      name
    + JDK-8238898, PR3801: Missing hash characters for header on
      license file
    + JDK-8243320: Add SSL root certificates to Oracle Root CA
      program
    + JDK-8244151: Update MUSCLE PC/SC-Lite headers to the latest
      release 1.8.26
    + JDK-8245467: Remove 8u TLSv1.2 implementation files
    + JDK-8245469: Remove DTLS protocol implementation
    + JDK-8245470: Fix JDK8 compatibility issues
    + JDK-8245471: Revert JDK-8148188
    + JDK-8245472: Backport JDK-8038893 to JDK8
    + JDK-8245473: OCSP stapling support
    + JDK-8245474: Add TLS_KRB5 cipher suites support according to
      RFC-2712
    + JDK-8245476: Disable TLSv1.3 protocol in the ClientHello
      message by default
    + JDK-8245477: Adjust TLS tests location
    + JDK-8245653: Remove 8u TLS tests
    + JDK-8245681: Add TLSv1.3 regression test from 11.0.7
    + JDK-8251117: Cannot check P11Key size in P11Cipher and
      P11AEADCipher
    + JDK-8251120, PR3793: [8u] HotSpot build assumes ENABLE_JFR is
      set to either true or false
    + JDK-8251341: Minimal Java specification change
    + JDK-8251478: Backport TLSv1.3 regression tests to JDK8u
  * Import of OpenJDK 8 u272 build 07
    + JDK-8246193: Possible NPE in ENC-PA-REP search in AS-REQ
  * Import of OpenJDK 8 u272 build 08
    + JDK-8062947: Fix exception message to correctly represent
      LDAP connection failure
    + JDK-8151678: com/sun/jndi/ldap/LdapTimeoutTest.java failed
      due to timeout on DeadServerNoTimeoutTest is incorrect
    + JDK-8252573: 8u: Windows build failed after 8222079 backport
  * Import of OpenJDK 8 u272 build 09
    + JDK-8252886: [TESTBUG] sun/security/ec/TestEC.java :
      Compilation failed
  * Import of OpenJDK 8 u272 build 10
    + JDK-8254673: Call to JvmtiExport::post_vm_start() was removed
      by the fix for JDK-8249158
    + JDK-8254937: Revert JDK-8148854 for 8u272
  * Backports
    + JDK-8038723, PR3806: Openup some PrinterJob tests
    + JDK-8041480, PR3806: ArrayIndexOutOfBoundsException when
      JTable contains certain string
    + JDK-8058779, PR3805: Faster implementation of
      String.replace(CharSequence, CharSequence)
    + JDK-8130125, PR3806: [TEST_BUG] add @modules to the several
      client tests unaffected by the automated bulk update
    + JDK-8144015, PR3806: [PIT] failures of text layout font tests
    + JDK-8144023, PR3806: [PIT] failure of text measurements in
      javax/swing/text/html/parser/Parser/6836089/bug6836089.java
    + JDK-8144240, PR3806: [macosx][PIT] AIOOB in
      closed/javax/swing/text/GlyphPainter2/6427244/bug6427244.java
    + JDK-8145542, PR3806: The case failed automatically and thrown
      java.lang.ArrayIndexOutOfBoundsException exception
    + JDK-8151725, PR3806: [macosx] ArrayIndexOOB exception when
      displaying Devanagari text in JEditorPane
    + JDK-8152358, PR3800: code and comment cleanups found during
      the hunt for 8077392
    + JDK-8152545, PR3804: Use preprocessor instead of compiling a
      program to generate native nio constants
    + JDK-8152680, PR3806: Regression in
      GlyphVector.getGlyphCharIndex behaviour
    + JDK-8158924, PR3806: Incorrect i18n text document layout
    + JDK-8166003, PR3806: [PIT][TEST_BUG] missing helper for
      javax/swing/text/GlyphPainter2/6427244/bug6427244.java
    + JDK-8166068, PR3806: test/java/awt/font/GlyphVector/
      /GetGlyphCharIndexTest.java does not compile
    + JDK-8169879, PR3806: [TEST_BUG] javax/swing/text/
      /GlyphPainter2/6427244/bug6427244.java - compilation failed
    + JDK-8191512, PR3806: T2K font rasterizer code removal
    + JDK-8191522, PR3806: Remove Bigelow&Holmes Lucida fonts from
      JDK sources
    + JDK-8236512, PR3801: PKCS11 Connection closed after
      Cipher.doFinal and NoPadding
    + JDK-8254177, PR3809: (tz) Upgrade time-zone data to
      tzdata2020b
  * Bug fixes
    + PR3798: Fix format-overflow error on GCC 10, caused by
      passing NULL to a '%s' directive
    + PR3795: ECDSAUtils for XML digital signatures should support
      the same curve set as the rest of the JDK
    + PR3799: Adapt elliptic curve patches to JDK-8245468: Add
      TLSv1.3 implementation classes from 11.0.7
    + PR3808: IcedTea does not install the JFR *.jfc files
    + PR3810: Enable JFR on x86 (32-bit) now that JDK-8252096 has
      fixed its use with Shenandoah
    + PR3811: Don't attempt to install JFR files when JFR is
      disabled
  * Shenandoah
    + [backport] 8221435: Shenandoah should not mark through weak
      roots
    + [backport] 8221629: Shenandoah: Cleanup class unloading logic
    + [backport] 8222992: Shenandoah: Pre-evacuate all roots
    + [backport] 8223215: Shenandoah: Support verifying subset of
      roots
    + [backport] 8223774: Shenandoah: Refactor
      ShenandoahRootProcessor and family
    + [backport] 8224210: Shenandoah: Refactor
      ShenandoahRootScanner to support scanning CSet codecache roots
    + [backport] 8224508: Shenandoah: Need to update thread roots
      in final mark for piggyback ref update cycle
    + [backport] 8224579: ResourceMark not declared in
      shenandoahRootProcessor.inline.hpp with
      --disable-precompiled-headers
    + [backport] 8224679: Shenandoah: Make
      ShenandoahParallelCodeCacheIterator noncopyable
    + [backport] 8224751: Shenandoah: Shenandoah Verifier should
      select proper roots according to current GC cycle
    + [backport] 8225014: Separate ShenandoahRootScanner method for
      object_iterate
    + [backport] 8225216: gc/logging/TestMetaSpaceLog.java doesn't
      work for Shenandoah
    + [backport] 8225573: Shenandoah: Enhance ShenandoahVerifier to
      ensure roots to-space invariant
    + [backport] 8225590: Shenandoah: Refactor
      ShenandoahClassLoaderDataRoots API
    + [backport] 8226413: Shenandoah: Separate root scanner for
      SH::object_iterate()
    + [backport] 8230853: Shenandoah: replace leftover
      assert(is_in(...)) with rich asserts
    + [backport] 8231198: Shenandoah: heap walking should visit all
      roots most of the time
    + [backport] 8231244: Shenandoah: all-roots heap walking misses
      some weak roots
    + [backport] 8237632: Shenandoah: accept NULL fwdptr to
      cooperate with JVMTI and JFR
    + [backport] 8239786: Shenandoah: print per-cycle statistics
    + [backport] 8239926: Shenandoah: Shenandoah needs to mark
      nmethod's metadata
    + [backport] 8240671: Shenandoah: refactor
      ShenandoahPhaseTimings
    + [backport] 8240749: Shenandoah: refactor ShenandoahUtils
    + [backport] 8240750: Shenandoah: remove leftover files and
      mentions of ShenandoahAllocTracker
    + [backport] 8240868: Shenandoah: remove CM-with-UR
      piggybacking cycles
    + [backport] 8240872: Shenandoah: Avoid updating new regions
      from start of evacuation
    + [backport] 8240873: Shenandoah: Short-cut arraycopy barriers
    + [backport] 8240915: Shenandoah: Remove unused fields in init
      mark tasks
    + [backport] 8240948: Shenandoah: cleanup not-forwarded-objects
      paths after JDK-8240868
    + [backport] 8241007: Shenandoah: remove
      ShenandoahCriticalControlThreadPriority support
    + [backport] 8241062: Shenandoah: rich asserts trigger 'empty
      statement' inspection
    + [backport] 8241081: Shenandoah: Do not modify
      update-watermark concurrently
    + [backport] 8241093: Shenandoah: editorial changes in flag
      descriptions
    + [backport] 8241139: Shenandoah: distribute mark-compact work
      exactly to minimize fragmentation
    + [backport] 8241142: Shenandoah: should not use parallel
      reference processing with single GC thread
    + [backport] 8241351: Shenandoah: fragmentation metrics overhaul
    + [backport] 8241435: Shenandoah: avoid disabling pacing with
      'aggressive'
    + [backport] 8241520: Shenandoah: simplify region sequence
      numbers handling
    + [backport] 8241534: Shenandoah: region status should include
      update watermark
    + [backport] 8241574: Shenandoah: remove
      ShenandoahAssertToSpaceClosure
    + [backport] 8241583: Shenandoah: turn heap lock asserts into
      macros
    + [backport] 8241668: Shenandoah: make ShenandoahHeapRegion not
      derive from ContiguousSpace
    + [backport] 8241673: Shenandoah: refactor anti-false-sharing
      padding
    + [backport] 8241675: Shenandoah: assert(n->outcnt() > 0) at
      shenandoahSupport.cpp:2858 with
      java/util/Collections/FindSubList.java
    + [backport] 8241692: Shenandoah: remove
      ShenandoahHeapRegion::_reserved
    + [backport] 8241700: Shenandoah: Fold
      ShenandoahKeepAliveBarrier flag into ShenandoahSATBBarrier
    + [backport] 8241740: Shenandoah: remove
      ShenandoahHeapRegion::_heap
    + [backport] 8241743: Shenandoah: refactor and inline
      ShenandoahHeap::heap()
    + [backport] 8241748: Shenandoah: inline MarkingContext TAMS
      methods
    + [backport] 8241838: Shenandoah: no need to trash cset during
      final mark
    + [backport] 8241841: Shenandoah: ditch one of allocation type
      counters in ShenandoahHeapRegion
    + [backport] 8241842: Shenandoah: inline
      ShenandoahHeapRegion::region_number
    + [backport] 8241844: Shenandoah: rename
      ShenandoahHeapRegion::region_number
    + [backport] 8241845: Shenandoah: align ShenandoahHeapRegions
      to cache lines
    + [backport] 8241926: Shenandoah: only print heap changes for
      operations that directly affect it
    + [backport] 8241983: Shenandoah: simplify FreeSet logging
    + [backport] 8241985: Shenandoah: simplify collectable garbage
      logging
    + [backport] 8242040: Shenandoah: print allocation failure type
    + [backport] 8242041: Shenandoah: adaptive heuristics should
      account evac reserve in free target
    + [backport] 8242042: Shenandoah: tune down
      ShenandoahGarbageThreshold
    + [backport] 8242054: Shenandoah: New incremental-update mode
    + [backport] 8242075: Shenandoah: rename
      ShenandoahHeapRegionSize flag
    + [backport] 8242082: Shenandoah: Purge Traversal mode
    + [backport] 8242083: Shenandoah: split 'Prepare Evacuation'
      tracking into cset/freeset counters
    + [backport] 8242089: Shenandoah: per-worker stats should be
      summed up, not averaged
    + [backport] 8242101: Shenandoah: coalesce and parallelise heap
      region walks during the pauses
    + [backport] 8242114: Shenandoah: remove
      ShenandoahHeapRegion::reset_alloc_metadata_to_shared
    + [backport] 8242130: Shenandoah: Simplify arraycopy-barrier
      dispatching
    + [backport] 8242211: Shenandoah: remove
      ShenandoahHeuristics::RegionData::_seqnum_last_alloc
    + [backport] 8242212: Shenandoah: initialize
      ShenandoahHeuristics::_region_data eagerly
    + [backport] 8242213: Shenandoah: remove
      ShenandoahHeuristics::_bytes_in_cset
    + [backport] 8242217: Shenandoah: Enable GC mode to be
      diagnostic/experimental and have a name
    + [backport] 8242227: Shenandoah: transit regions to cset state
      when adding to collection set
    + [backport] 8242228: Shenandoah: remove unused
      ShenandoahCollectionSet methods
    + [backport] 8242229: Shenandoah: inline ShenandoahHeapRegion
      liveness-related methods
    + [backport] 8242267: Shenandoah: regions space needs to be
      aligned by os::vm_allocation_granularity()
    + [backport] 8242271: Shenandoah: add test to verify GC mode
      unlock
    + [backport] 8242273: Shenandoah: accept either SATB or IU
      barriers, but not both
    + [backport] 8242301: Shenandoah: Inline LRB runtime call
    + [backport] 8242316: Shenandoah: Turn NULL-check into assert
      in SATB slow-path entry
    + [backport] 8242353: Shenandoah: micro-optimize region
      liveness handling
    + [backport] 8242365: Shenandoah: use uint16_t instead of
      jushort for liveness cache
    + [backport] 8242375: Shenandoah: Remove
      ShenandoahHeuristic::record_gc_start/end methods
    + [backport] 8242641: Shenandoah: clear live data and update
      TAMS optimistically
    + [backport] 8243238: Shenandoah: explicit GC request should
      wait for a complete GC cycle
    + [backport] 8243301: Shenandoah: ditch
      ShenandoahAllowMixedAllocs
    + [backport] 8243307: Shenandoah: remove
      ShCollectionSet::live_data
    + [backport] 8243395: Shenandoah: demote guarantee in
      ShenandoahPhaseTimings::record_workers_end
    + [backport] 8243463: Shenandoah: ditch total_pause counters
    + [backport] 8243464: Shenandoah: print statistic counters in
      time order
    + [backport] 8243465: Shenandoah: ditch unused pause_other,
      conc_other counters
    + [backport] 8243487: Shenandoah: make _num_phases illegal
      phase type
    + [backport] 8243494: Shenandoah: set counters once per cycle
    + [backport] 8243573: Shenandoah: rename GCParPhases and
      related code
    + [backport] 8243848: Shenandoah: Windows build fails after
      JDK-8239786
    + [backport] 8244180: Shenandoah: carry Phase to
      ShWorkerTimingsTracker explicitly
    + [backport] 8244200: Shenandoah: build breakages after
      JDK-8241743
    + [backport] 8244226: Shenandoah: per-cycle statistics contain
      worker data from previous cycles
    + [backport] 8244326: Shenandoah: global statistics should not
      accept bogus samples
    + [backport] 8244509: Shenandoah: refactor
      ShenandoahBarrierC2Support::test_* methods
    + [backport] 8244551: Shenandoah: Fix racy update of
      update_watermark
    + [backport] 8244667: Shenandoah: SBC2Support::test_gc_state
      takes loop for wrong control
    + [backport] 8244730: Shenandoah: gc/shenandoah/options/
      /TestHeuristicsUnlock.java should only verify the heuristics
    + [backport] 8244732: Shenandoah: move heuristics code to
      gc/shenandoah/heuristics
    + [backport] 8244737: Shenandoah: move mode code to
      gc/shenandoah/mode
    + [backport] 8244739: Shenandoah: break superclass dependency
      on ShenandoahNormalMode
    + [backport] 8244740: Shenandoah: rename ShenandoahNormalMode
      to ShenandoahSATBMode
    + [backport] 8245461: Shenandoah: refine mode name()-s
    + [backport] 8245463: Shenandoah: refine ShenandoahPhaseTimings
      constructor arguments
    + [backport] 8245464: Shenandoah: allocate collection set
      bitmap at lower addresses
    + [backport] 8245465: Shenandoah: test_in_cset can use more
      efficient encoding
    + [backport] 8245726: Shenandoah: lift/cleanup
      ShenandoahHeuristics names and properties
    + [backport] 8245754: Shenandoah: ditch ShenandoahAlwaysPreTouch
    + [backport] 8245757: Shenandoah: AlwaysPreTouch should not
      disable heap resizing or uncommits
    + [backport] 8245773: Shenandoah: Windows assertion failure
      after JDK-8245464
    + [backport] 8245812: Shenandoah: compute root phase parallelism
    + [backport] 8245814: Shenandoah: reconsider format specifiers
      for stats
    + [backport] 8245825: Shenandoah: Remove diagnostic flag
      ShenandoahConcurrentScanCodeRoots
    + [backport] 8246162: Shenandoah: full GC does not mark code
      roots when class unloading is off
    + [backport] 8247310: Shenandoah: pacer should not affect
      interrupt status
    + [backport] 8247358: Shenandoah: reconsider free budget slice
      for marking
    + [backport] 8247367: Shenandoah: pacer should wait on lock
      instead of exponential backoff
    + [backport] 8247474: Shenandoah: Windows build warning after
      JDK-8247310
    + [backport] 8247560: Shenandoah: heap iteration holds root
      locks all the time
    + [backport] 8247593: Shenandoah: should not block pacing
      reporters
    + [backport] 8247751: Shenandoah: options tests should run with
      smaller heaps
    + [backport] 8247754: Shenandoah: mxbeans tests can be shorter
    + [backport] 8247757: Shenandoah: split heavy tests by
      heuristics to improve parallelism
    + [backport] 8247860: Shenandoah: add update watermark line in
      rich assert failure message
    + [backport] 8248041: Shenandoah: pre-Full GC root updates may
      miss some roots
    + [backport] 8248652: Shenandoah: SATB buffer handling may
      assume no forwarded objects
    + [backport] 8249560: Shenandoah: Fix racy GC request handling
    + [backport] 8249649: Shenandoah: provide per-cycle pacing stats
    + [backport] 8249801: Shenandoah: Clear soft-refs on requested
      GC cycle
    + [backport] 8249953: Shenandoah: gc/shenandoah/mxbeans tests
      should account for corner cases
    + Fix slowdebug build after JDK-8230853 backport
    + JDK-8252096: Shenandoah: adjust SerialPageShiftCount for
      x86_32 and JFR
    + JDK-8252366: Shenandoah: revert/cleanup changes in
      graphKit.cpp
    + Shenandoah: add JFR roots to root processor after JFR
      integration
    + Shenandoah: add root statistics for string dedup table/queues
    + Shenandoah: enable low-frequency STW class unloading
    + Shenandoah: fix build failures after JDK-8244737 backport
    + Shenandoah: Fix build failure with +JFR -PCH
    + Shenandoah: fix forceful pacer claim
    + Shenandoah: fix formats in
      ShenandoahStringSymbolTableUnlinkTask
    + Shenandoah: fix runtime linking failure due to non-compiled
      shenandoahBarrierSetC1
    + Shenandoah: hook statistics printing to PrintGCDetails, not
      PrintGC
    + Shenandoah: JNI weak roots are always cleared before Full GC
      mark
    + Shenandoah: missing SystemDictionary roots in
      ShenandoahHeapIterationRootScanner
    + Shenandoah: move barrier sets to their proper locations
    + Shenandoah: move parallelCleaning.* to shenandoah/
    + Shenandoah: pacer should use proper Atomics for intptr_t
    + Shenandoah: properly deallocates class loader metadata
    + Shenandoah: specialize String Table scans for better pause
      performance
    + Shenandoah: Zero build fails after recent Atomic cleanup in
      Pacer
  * AArch64 port
    + JDK-8161072, PR3797: AArch64: jtreg
      compiler/uncommontrap/TestDeoptOOM failure
    + JDK-8171537, PR3797: aarch64: compiler/c1/Test6849574.java
      generates guarantee failure in C1
    + JDK-8183925, PR3797: [AArch64] Decouple crash protection from
      watcher thread
    + JDK-8199712, PR3797: [AArch64] Flight Recorder
    + JDK-8203481, PR3797: Incorrect constraint for unextended_sp
      in frame:safe_for_sender
    + JDK-8203699, PR3797: java/lang/invoke/SpecialInterfaceCall
      fails with SIGILL on aarch64
    + JDK-8209413, PR3797: AArch64: NPE in clhsdb jstack command
    + JDK-8215961, PR3797: jdk/jfr/event/os/TestCPUInformation.java
      fails on AArch64
    + JDK-8216989, PR3797:
      CardTableBarrierSetAssembler::gen_write_ref_array_post_barrier()
      does not check for zero length on AARCH64
    + JDK-8217368, PR3797: AArch64: C2 recursive stack locking
      optimisation not triggered
    + JDK-8221658, PR3797: aarch64: add necessary predicate for
      ubfx patterns
    + JDK-8237512, PR3797: AArch64: aarch64TestHook leaks a
      BufferBlob
    + JDK-8246482, PR3797: Build failures with +JFR -PCH
    + JDK-8247979, PR3797: aarch64: missing side effect of killing
      flags for clearArray_reg_reg
    + JDK-8248219, PR3797: aarch64: missing memory barrier in
      fast_storefield and fast_accessfield

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3462-1
Released:    Fri Nov 20 13:14:35 2020
Summary:     Recommended update for pam and sudo
Type:        recommended
Severity:    moderate
References:  1174593,1177858,1178727
This update for pam and sudo fixes the following issue:

pam:

- pam_xauth: do not *free* a string which has been successfully passed to *putenv*. (bsc#1177858)
- Initialize the local variable *daysleft* to avoid a misleading warning for password expire days. (bsc#1178727)
- Run /usr/bin/xauth using the old user's and group's identifiers. (bsc#1174593)

sudo:

- Fix a problem with pam_xauth which checks effective and real uids to get the real identity of the user. (bsc#1174593)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3463-1
Released:    Fri Nov 20 13:49:58 2020
Summary:     Security update for postgresql12
Type:        security
Severity:    important
References:  1178666,1178667,1178668,CVE-2020-25694,CVE-2020-25695,CVE-2020-25696
This update for postgresql12 fixes the following issues:

- Upgrade to version 12.5:
  * CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD
    and firing of deferred triggers within index expressions and
    materialized view queries.
  * CVE-2020-25694, bsc#1178667:
    a) Fix usage of complex connection-string parameters in pg_dump,
    pg_restore, clusterdb, reindexdb, and vacuumdb.
    b) When psql's \connect command re-uses connection parameters,
    ensure that all non-overridden parameters from a previous
    connection string are re-used.
  * CVE-2020-25696, bsc#1178668: Prevent psql's \gset command from
    modifying specially-treated variables.
  * Fix recently-added timetz test case so it works when the USA
    is not observing daylight savings time.
  * https://www.postgresql.org/about/news/2111/
  * https://www.postgresql.org/docs/12/release-12-5.html

- Stop building the mini and lib packages as they are now coming
  from postgresql13.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3470-1
Released:    Fri Nov 20 17:42:57 2020
Summary:     Recommended update for monitoring-plugins
Type:        recommended
Severity:    moderate
References:  1175828
This update for monitoring-plugins fixes the following issues:

- Fixed a bug for hosts, that ran out of swap memory and reported 'ok' when running
  monitoring-plugins with '-n ok'. (bsc#1175828)

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2020:3471-1
Released:    Fri Nov 20 17:43:45 2020
Summary:     Optional update for brp-check-suse
Type:        optional
Severity:    low
References:  1074711
This update for brp-check-suse doesn't fix any runtime specific errors, but improves the packaging
related build procedure (bsc#1074711)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3478-1
Released:    Mon Nov 23 09:33:17 2020
Summary:     Security update for c-ares
Type:        security
Severity:    moderate
References:  1178882,CVE-2020-8277
This update for c-ares fixes the following issues:

- Version update to 1.17.0
  * CVE-2020-8277: Fixed a Denial of Service through DNS request (bsc#1178882)
  * For further details see https://c-ares.haxx.se/changelog.html

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3480-1
Released:    Mon Nov 23 10:34:36 2020
Summary:     Security update for dash
Type:        security
Severity:    moderate
References:  1178978
This update for dash fixes the following issues:

- Fixed an issue where code was executed even if noexec ('-n')  was specified (bsc#1178978).

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2020:3495-1
Released:    Tue Nov 24 06:22:06 2020
Summary:     Optional update for ec2-instance-connect
Type:        optional
Severity:    low
References:  1131916,1152806
This patch ships the package ec2-instance-connect for the first time. It enables support
for the AWS EC2 instance connect.
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3500-1
Released:    Tue Nov 24 13:49:59 2020
Summary:     Security update for mariadb
Type:        security
Severity:    moderate
References:  1175596,1177472,1178428,CVE-2020-14765,CVE-2020-14776,CVE-2020-14789,CVE-2020-14812,CVE-2020-15180
This update for mariadb and mariadb-connector-c fixes the following issues:

- Update mariadb to 10.2.36 GA [bsc#1177472, bsc#1178428] fixing for the 
  following security vulnerabilities:
    CVE-2020-14812, CVE-2020-14765, CVE-2020-14776, CVE-2020-14789 CVE-2020-15180

- Update mariadb-connector-c to 3.1.11 [bsc#1177472 and bsc#1178428]

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3525-1
Released:    Wed Nov 25 17:00:31 2020
Summary:     Recommended update for ucode-intel
Type:        recommended
Severity:    important
References:  1178971
This update for ucode-intel fixes the following issues:

- Updated Intel CPU Microcode to 20201118 official release. (bsc#1178971)

  - Removed TGL/06-8c-01/80 due to functional issues with some OEM platforms.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3535-1
Released:    Thu Nov 26 15:14:08 2020
Summary:     Recommended update for python-kiwi
Type:        recommended
Severity:    moderate
References:  1170863,1175729,1176129,1176134,1176977
This update for python-kiwi fixes the following issues:

Update from version 9.21.7 to version 9.21.23
    
- Do not exclude filesystem folders in OCI images. (bsc#1176129)
  
  This commit does not exclude filesystem folders during the rsync call
  in OCI images. It has been noted that including an empty /dev folder does
  not hurt and it can eventually help to work around some limitations of
  container related tools such as buildah.
    
- Fix/Refactor s390 support (bsc#1170863, bsc#1176977, bsc#1170863,bsc#1175729, bsc#1176134)

  - On s390 the boot process is based on zipl which boots into an
  initrd from which a userspace grub process is started to support
  the grub capabilities. The implementation of this concept is
  provided via the grub2-s390x-emu package. Once installed the
  setup of the bootloader is done via the grub2-mkconfig and
  grub2-install commands and therefore from a caller perspective
  the same as with any other grub2 setup process. For kiwi this
  means no extra zipl bootloader target code is needed. Therefore
  this commit deletes the zipl setup from kiwi and puts on the standard grub2 process. 
    
  - To support different targettypes the grub2-s390x-emu provided
  zipl template must be adapted. Parts of the former zipl bootloader
  setup therefore now applies to an update of the zipl2grub
  template file
    
  - Support for CDL/LDL DASD targets has been disabled in the schema
  When testing 4k devices and a respective zipl2grub template
  setup for CDL/LDL targettype it has turned out that grub2-install
  is not able to run on such a device. My assumption is that
  the device code in grub2-install does not work for 4k devices
  with an fdasd created partition table. As this needs further
  investigations and most probably adaptions on the grub toolchain
  for s390, we disabled the setup of these modes for now.
  emulated DASD (FBA) and SCSI targets stays supported.
    
  - Fix compat link for rpmdb location
  Fix the symlink creation for `/var/lib/rpm`. More specific
  or derived container images in which the base root tree already
  included the `/var/lib/rpm` the link, the `ln` command was creating a
  symlink inside the `/var/lib/rpm` folder given that it was following
  the already existing symlink. Adding the `--no-target-directory` force
  `ln` command to treat `/var/lib/rpm` path as the fully qualified symlink name.
        
  - Fixed s390/sle15 Virtual disk integration test
  The integration test used FBA mode as target. As the target
  is expected to be KVM this is the wrong setting. SCSI should
  be used instead.
    
  - Support dynamic linux/linuxefi in any case
  Instead of restricting the dynamic linux vs. linuxefi setup
  to a specific grub version, support this setup for any version
  of grub. 

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3547-1
Released:    Fri Nov 27 11:21:56 2020
Summary:     Recommended update for xrdp
Type:        recommended
Severity:    moderate
References:  
This update for xrdp fixes the following issues:

- Introduce more buffer protection fixes (jsc#SLE-11518):
  - Address memory allocation overflow security issues
  - Remove unnecessary g_malloc() call
  - Add checks to prevent buffer overruns during data chunk re-assembly

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3551-1
Released:    Fri Nov 27 14:54:37 2020
Summary:     Security update for libssh2_org
Type:        security
Severity:    moderate
References:  1130103,1178083,CVE-2019-17498,CVE-2019-3855,CVE-2019-3856,CVE-2019-3857,CVE-2019-3858,CVE-2019-3859,CVE-2019-3860,CVE-2019-3861,CVE-2019-3862,CVE-2019-3863
This update for libssh2_org fixes the following issues:

- Version update to 1.9.0: [bsc#1178083, jsc#SLE-16922]
   Enhancements and bugfixes:
    * adds ECDSA keys and host key support when using OpenSSL
    * adds ED25519 key and host key support when using OpenSSL 1.1.1
    * adds OpenSSH style key file reading
    * adds AES CTR mode support when using WinCNG
    * adds PEM passphrase protected file support for Libgcrypt and WinCNG
    * adds SHA256 hostkey fingerprint
    * adds libssh2_agent_get_identity_path() and libssh2_agent_set_identity_path()
    * adds explicit zeroing of sensitive data in memory
    * adds additional bounds checks to network buffer reads
    * adds the ability to use the server default permissions when creating sftp directories
    * adds support for building with OpenSSL no engine flag
    * adds support for building with LibreSSL
    * increased sftp packet size to 256k
    * fixed oversized packet handling in sftp
    * fixed building with OpenSSL 1.1
    * fixed a possible crash if sftp stat gets an unexpected response
    * fixed incorrect parsing of the KEX preference string value
    * fixed conditional RSA and AES-CTR support
    * fixed a small memory leak during the key exchange process
    * fixed a possible memory leak of the ssh banner string
    * fixed various small memory leaks in the backends
    * fixed possible out of bounds read when parsing public keys from the server
    * fixed possible out of bounds read when parsing invalid PEM files
    * no longer null terminates the scp remote exec command
    * now handle errors when diffie hellman key pair generation fails
    * improved building instructions
    * improved unit tests

- Version update to 1.8.2: [bsc#1130103]
   Bug fixes:
    * Fixed the misapplied userauth patch that broke 1.8.1
    * moved the MAX size declarations from the public header
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3568-1
Released:    Mon Nov 30 16:58:38 2020
Summary:     Security update for mutt
Type:        security
Severity:    important
References:  1179035,1179113,CVE-2020-28896
This update for mutt fixes the following issues:

- CVE-2020-28896: incomplete connection termination could lead to sending credentials over unencrypted connections (bsc#1179035)
- Avoid that message with a million tiny parts can freeze MUA for several minutes (bsc#1179113)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3576-1
Released:    Tue Dec  1 09:34:12 2020
Summary:     Recommended update for lifecycle-data-sle-module-live-patching
Type:        recommended
Severity:    moderate
References:  1020320
This update for lifecycle-data-sle-module-live-patching fixes the following issues:

- Added data for the live patches 4_12_14-197_61, 4_12_14-197_64, 4_12_14-197_67,
  5_3_18-24_24, 5_3_18-24_29, 5_3_18-24_34, 5_3_18-24_37. (bsc#1020320)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3588-1
Released:    Tue Dec  1 16:31:58 2020
Summary:     Security update for xorg-x11-server
Type:        security
Severity:    important
References:  1174908,1177596,CVE-2020-14360,CVE-2020-25712
This update for xorg-x11-server fixes the following issues:

- CVE-2020-25712: Fixed a heap-based buffer overflow which could have led to privilege escalation (bsc#1177596).
- CVE-2020-14360: Fixed an out of bounds memory accesses on too short request which could lead to denial of service (bsc#1174908).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3590-1
Released:    Tue Dec  1 18:09:24 2020
Summary:     Recommended update for hawk2
Type:        recommended
Severity:    moderate
References:  1163381
This update for hawk2 fixes the following issues:

- Update from version 2.1.2+git.1594886920.d00b94aa to version 2.2.0+git.1603969748.10468582:
  - Fix server error after authentication if a resource has the same name as a node (bsc#1163381)
  - Allow also users in haclient to view history explorer (jsc#SLE-7358)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3591-1
Released:    Wed Dec  2 09:58:31 2020
Summary:     Security update for java-1_8_0-openjdk
Type:        security
Severity:    important
References:  1179441
This update for java-1_8_0-openjdk fixes the following issues:

- Update to version jdk8u275 (icedtea 3.17.1)
  * JDK-8214440, bsc#1179441: Fix StartTLS functionality that was broken in openjdk272. (bsc#1179441)
  * JDK-8223940: Private key not supported by chosen signature algorithm
  * JDK-8236512: PKCS11 Connection closed after Cipher.doFinal and NoPadding
  * JDK-8250861: Crash in MinINode::Ideal(PhaseGVN*, bool)
  * PR3815: Fix new s390 size_t issue in g1ConcurrentMarkObjArrayProcessor.cpp

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3603-1
Released:    Wed Dec  2 15:11:46 2020
Summary:     Recommended update for lifecycle-data-sle-module-development-tools
Type:        recommended
Severity:    moderate
References:  
This update for lifecycle-data-sle-module-development-tools fixes the following issues:

- Added expiration data for the GCC 9 yearly update for the Toolchain/Development modules.  
  (jsc#ECO-2373, jsc#SLE-10950, jsc#SLE-10951)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3608-1
Released:    Wed Dec  2 18:16:12 2020
Summary:     Recommended update for cloud-init
Type:        recommended
Severity:    important
References:  1177526,1179150,1179151
This update for cloud-init contains the following fixes:

- Add cloud-init-azure-def-usr-pass.patch (bsc#1179150, bsc#1179151)
  + Properly set the password for the default user in all circumstances

- Patch the full package version into the cloud-init version file

- Update cloud-init-write-routes.patch (bsc#1177526)
  + Fix missing default route when dual stack network setup is used. Once
    a default route was configured for Ipv6 or IPv4 the default route
    configuration for the othre protocol was skipped.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3613-1
Released:    Thu Dec  3 09:34:21 2020
Summary:     Security update for rpmlint
Type:        security
Severity:    moderate
References:  1169614
This update for rpmlint fixes the following issues:

- Whitelist PAM modules and DBUS rules for cockpit (bsc#1169614)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3616-1
Released:    Thu Dec  3 10:56:12 2020
Summary:     Recommended update for c-ares
Type:        recommended
Severity:    moderate
References:  1178882


- Fixed incomplete c-ares-devel dependencies introduced by the privous update (bsc#1178882).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3620-1
Released:    Thu Dec  3 17:03:55 2020
Summary:     Recommended update for pam
Type:        recommended
Severity:    moderate
References:  
This update for pam fixes the following issues:

- Check if the password is part of the username. (jsc#SLE-16719, jsc#SLE-16720)
  - Check whether the password contains a substring of of the user's name of at least `<N>` characters length in 
  some form. This is enabled by the new parameter `usersubstr=<N>`

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3633-1
Released:    Mon Dec  7 11:51:47 2020
Summary:     Recommended update for mutt
Type:        recommended
Severity:    important
References:  1179461
This update for mutt fixes the following issue:

- Find and display the content of messages properly. (bsc#1179461)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3640-1
Released:    Mon Dec  7 13:24:41 2020
Summary:     Recommended update for binutils
Type:        recommended
Severity:    important
References:  1179036,1179341
This update for binutils fixes the following issues:

Update binutils 2.35 branch to commit 1c5243df:

* Fixes PR26520, aka [bsc#1179036], a problem in addr2line with
  certain DWARF variable descriptions.
* Also fixes PR26711, PR26656, PR26655, PR26929, PR26808, PR25878,
  PR26740, PR26778, PR26763, PR26685, PR26699, PR26902, PR26869,
  PR26711
* The above includes fixes for dwo files produced by modern dwp,
  fixing several problems in the DWARF reader.

Update binutils to 2.35.1 and rebased branch diff:

* This is a point release over the previous 2.35 version, containing bug
  fixes, and as an exception to the usual rule, one new feature.  The
  new feature is the support for a new directive in the assembler:
  '.nop'.  This directive creates a single no-op instruction in whatever
  encoding is correct for the target architecture.  Unlike the .space or
  .fill this is a real instruction, and it does affect the generation of
  DWARF line number tables, should they be enabled. This fixes an 
  incompatibility introduced in the latest update that broke the install
  scripts of the Oracle server. [bsc#1179341]

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3708-1
Released:    Tue Dec  8 10:22:36 2020
Summary:     Recommended update for python-shaptools, salt-shaptools
Type:        recommended
Severity:    moderate
References:  
This update for python-shaptools, salt-shaptools fixes the following issues:

python-shaptools:

Update from version 0.3.10+git.1600699158.46fca28 to version 0.3.11+git.1605798399.b036435

- Retrieve the currently installed ENSA version for Netweaver (only for ASCS and ERS instances). (jsc#SLE-4047)

salt-shaptools:

Update from version 0.3.10+git.1600699854.f5950bc to version 0.3.11+git.1605797958.ae2f08a
   
- Improve extract_pydbapi to check recursively in subfolders (jsc#SLE-4047)
- Implement a new state to set the ENSA version grains data 

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3731-1
Released:    Wed Dec  9 15:52:32 2020
Summary:     Recommended update for realmd
Type:        recommended
Severity:    moderate
References:  1175617
This update for realmd fixes the following issues:

- Fix the `Name Service Switch` (`nsswitch`) handling when joining and leaving a domain. (bsc#1175617)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3737-1
Released:    Wed Dec  9 18:21:04 2020
Summary:     Security update for python-pip, python-scripttest
Type:        security
Severity:    moderate
References:  1175297,1176262,CVE-2019-20916
This update for python-pip, python-scripttest fixes the following issues:

- Update in SLE-15 (bsc#1175297, jsc#ECO-3035, jsc#PM-2318)

python-pip was updated to 20.0.2:

* Fix a regression in generation of compatibility tags
* Rename an internal module, to avoid ImportErrors due to improper uninstallation
* Switch to a dedicated CLI tool for vendoring dependencies.
* Remove wheel tag calculation from pip and use packaging.tags. This should provide more tags ordered better than in prior releases.
*  Deprecate setup.py-based builds that do not generate an .egg-info directory.
*  The pip>=20 wheel cache is not retro-compatible with previous versions. Until pip 21.0, pip will continue to take advantage of existing legacy cache entries.
*  Deprecate undocumented --skip-requirements-regex option.
*  Deprecate passing install-location-related options via --install-option.
*  Use literal 'abi3' for wheel tag on CPython 3.x, to align with PEP 384 which only defines it for this platform.
*  Remove interpreter-specific major version tag e.g. cp3-none-any from consideration. This behavior was not documented strictly, and this tag in particular is not useful. Anyone with a use case can create an issue with pypa/packaging.
*  Wheel processing no longer permits wheels containing more than one top-level .dist-info directory.
*  Support for the git+git@ form of VCS requirement is being deprecated and will be removed in pip 21.0. Switch to git+https:// or git+ssh://. git+git:// also works but its use is discouraged as it is insecure.
*  Default to doing a user install (as if --user was passed) when the main site-packages directory is not writeable and user site-packages are enabled.
*  Warn if a path in PATH starts with tilde during pip install.
*  Cache wheels built from Git requirements that are considered immutable, because they point to a commit hash.
*  Add option --no-python-version-warning to silence warnings related to deprecation of Python versions.
*  Cache wheels that pip wheel built locally, matching what pip install does. This particularly helps performance in workflows where pip wheel is used for building before installing. Users desiring the original behavior can use pip wheel --no-cache-dir
*  Display CA information in pip debug.
*  Show only the filename (instead of full URL), when downloading from PyPI.
*  Suggest a more robust command to upgrade pip itself to avoid confusion when the current pip command is not available as pip.
*  Define all old pip console script entrypoints to prevent import issues in stale wrapper scripts.
*  The build step of pip wheel now builds all wheels to a cache first, then copies them to the wheel directory all at once. Before, it built them to a temporary directory and moved them to the wheel directory one by one.
*  Expand ~ prefix to user directory in path options, configs, and environment variables. Values that may be either URL or path are not currently supported, to avoid ambiguity:

   --find-links
   --constraint, -c
   --requirement, -r
   --editable, -e

*  Correctly handle system site-packages, in virtual environments created with venv (PEP 405).
*  Fix case sensitive comparison of pip freeze when used with -r option.
*  Enforce PEP 508 requirement format in pyproject.toml build-system.requires.
*  Make ensure_dir() also ignore ENOTEMPTY as seen on Windows.
*  Fix building packages which specify backend-path in pyproject.toml.
*  Do not attempt to run setup.py clean after a pep517 build error, since a setup.py may not exist in that case.
*  Fix passwords being visible in the index-url in 'Downloading <url>' message.
*  Change method from shutil.remove to shutil.rmtree in noxfile.py.
*  Skip running tests which require subversion, when svn isn't installed
*  Fix not sending client certificates when using --trusted-host.
*  Make sure pip wheel never outputs pure python wheels with a python implementation tag. Better fix/workaround for #3025 by using a per-implementation wheel cache instead of caching pure python wheels with an implementation tag in their name.
*  Include subdirectory URL fragments in cache keys.
*  Fix typo in warning message when any of --build-option, --global-option and --install-option is used in requirements.txt
*  Fix the logging of cached HTTP response shown as downloading.
*  Effectively disable the wheel cache when it is not writable, as is the case with the http cache.
*  Correctly handle relative cache directory provided via --cache-dir.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3744-1
Released:    Thu Dec 10 11:32:41 2020
Summary:     Recommended update for enigmail
Type:        recommended
Severity:    moderate
References:  1179505
This update for enigmail fixes the following issues:

Update from version 2.1.5 to version 2.2.4

- Enigmail version 2.2.x is a specially modified version, which only works with Thunderbird 78 and later version. 
  Enigmail 2.2.x doesn't provide the traditional functionality, rather it exists to help you migrate your keys 
  and settings to Thunderbird 78.

Fixes included from  version 2.1.5 to 2.1.8:

- 'Encrypt to key' action destroys PGP/MIME signature.
- Filter fails silently on Enigmail's 'Encrypt to key' action.
- Disable autocrypt header on custom sender address.
- `VKS` keyserver with custom port cannot be accessed.
- Thunderbird dies immediately when sending a signed empty-bodied mail.
- Decrypted mail has empty `Content-Type` in the `MIME` part.
- Improper `Content-Type` setting for keyserver upload.
- Display information about Thunderbird 78.
- Minor rendering problem with `Deep Dark` theme.
- Setup Wizard gets Stuck if Keys in GnuPG available.
- Cannot confirm publish GnuPG key on `WKS` server.
- Automatic Key Refresh doesn't work with `keys.openpgp.org`.
- Per-recipients rule `set enigmail rules for` field unable to edit.
- File names of attachments are not encrypted.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3749-1
Released:    Thu Dec 10 14:39:28 2020
Summary:     Security update for gcc7
Type:        security
Severity:    moderate
References:  1150164,1161913,1167939,1172798,1178577,1178614,1178624,1178675,CVE-2020-13844
This update for gcc7 fixes the following issues:

- CVE-2020-13844: Added mitigation for aarch64 Straight Line Speculation issue (bsc#1172798)
- Enable fortran for the nvptx offload compiler. 
- Update README.First-for.SuSE.packagers
- avoid assembler errors with AVX512 gather and scatter instructions when using -masm=intel.
- Backport the aarch64 -moutline-atomics feature and accumulated fixes but not its
  default enabling.  [jsc#SLE-12209, bsc#1167939]
- Fixed 32bit libgnat.so link.  [bsc#1178675]
- Fixed memcpy miscompilation on aarch64. [bsc#1178624, bsc#1178577]
- Fixed debug line info for try/catch.  [bsc#1178614]
- Remove -mbranch-protection=standard (aarch64 flag) when gcc7 is used to build gcc7 (ie when ada is enabled)
- Fixed corruption of pass private ->aux via DF. [gcc#94148]
- Fixed debug information issue with inlined functions and passed by reference arguments.  [gcc#93888]
- Fixed binutils release date detection issue.
- Fixed register allocation issue with exception handling code on s390x.  [bsc#1161913] 
- Fixed miscompilation of some atomic code on aarch64. [bsc#1150164]

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3762-1
Released:    Fri Dec 11 14:12:48 2020
Summary:     Security update for openssl-1_0_0
Type:        security
Severity:    important
References:  1155346,1176029,1177479,1177575,1177673,1177793,1179491,CVE-2020-1971
This update for openssl-1_0_0 fixes the following issues:

- CVE-2020-1971: Fixed a null pointer dereference in EDIPARTYNAME (bsc#1179491).
- Initialized dh->nid to NID_undef in DH_new_method() (bsc#1177673).
- Fixed a test failure in apache_ssl in fips mode (bsc#1177793).
- Renamed BN_get_rfc3526_prime_* functions back to get_rfc3526_prime_* (bsc#1177575).
- Restored private key check in EC_KEY_check_key (bsc#1177479).
- Added shared secret KAT to FIPS DH selftest (bsc#1176029).
- Included ECDH/DH Requirements from SP800-56Arev3 (bsc#1176029).
- Used SHA-2 in the RSA pairwise consistency check (bsc#1155346)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3772-1
Released:    Mon Dec 14 11:11:29 2020
Summary:     Recommended update for hamcrest
Type:        recommended
Severity:    moderate
References:  1174544
This update for hamcrest fixes the following issue:

- Add obsoletes in the core API to solve conflicts during updates. (bsc#1174544)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3773-1
Released:    Mon Dec 14 11:12:18 2020
Summary:     Recommended update for cdrtools and schily-libs
Type:        recommended
Severity:    moderate
References:  1178692
This update for cdrtools and schily-libs fixes the following issues:

cdrtools:
- Initialize memory that created the partition table instead of writing random bytes to it. (bsc#1178692)

schily-libs:
- Initialize memory that created the partition table instead of writing random bytes to it. (bsc#1178692)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3790-1
Released:    Mon Dec 14 15:01:22 2020
Summary:     Security update for clamav
Type:        security
Severity:    moderate
References:  1104457,1118459,1130721,1144504,1149458,1157763,CVE-2019-12625,CVE-2019-12900,CVE-2019-15961,CVE-2019-1785,CVE-2019-1786,CVE-2019-1787,CVE-2019-1788,CVE-2019-1789,CVE-2019-1798,CVE-2020-3123,CVE-2020-3327,CVE-2020-3341,CVE-2020-3350,CVE-2020-3481
This update for clamav fixes the following issues:

clamav was updated to the new major release 0.103.0. (jsc#ECO-3010,bsc#1118459)

Note that libclamav was changed incompatible, if you have a 3rd party
application that uses libclamav, it needs to be rebuilt.

Update to 0.103.0

* clamd can now reload the signature database without blocking
  scanning. This multi-threaded database reload improvement was made
  possible thanks to a community effort.

  - Non-blocking database reloads are now the default behavior. Some
    systems that are more constrained on RAM may need to disable
    non-blocking reloads as it will temporarily consume two times as
     much memory. We added a new clamd config option
    ConcurrentDatabaseReload, which may be set to no.

  * Fix clamav-milter.service (requires clamd.service to run)

Update to 0.102.4

  * CVE-2020-3350: Fix a vulnerability wherein a malicious user could
    replace a scan target's directory with a symlink to another path
    to trick clamscan, clamdscan, or clamonacc into removing or moving
    a different file (eg. a critical system file). The issue would
    affect users that use the --move or --remove options for clamscan,
    clamdscan, and clamonacc.
  * CVE-2020-3327: Fix a vulnerability in the ARJ archive parsing
    module in ClamAV 0.102.3 that could cause a Denial-of-Service
    (DoS) condition. Improper bounds checking results in an
    out-of-bounds read which could cause a crash. The previous fix for
    this CVE in 0.102.3 was incomplete. This fix correctly resolves
    the issue.
  * CVE-2020-3481: Fix a vulnerability in the EGG archive module in
    ClamAV 0.102.0 - 0.102.3 could cause a Denial-of-Service (DoS)
    condition. Improper error handling may result in a crash due to a
    NULL pointer dereference. This vulnerability is mitigated for
    those using the official ClamAV signature databases because the
    file type signatures in daily.cvd will not enable the EGG archive
    parser in versions affected by the vulnerability.

Update to 0.102.3

  * CVE-2020-3327: Fix a vulnerability in the ARJ archive parsing
    module in ClamAV 0.102.2 that could cause a Denial-of-Service (DoS)
    condition. Improper bounds checking of an unsigned variable results
    in an out-of-bounds read which causes a crash.
  * CVE-2020-3341: Fix a vulnerability in the PDF parsing module in
    ClamAV 0.101 - 0.102.2 that could cause a Denial-of-Service (DoS)
    condition. Improper size checking of a buffer used to initialize AES
    decryption routines results in an out-of-bounds read which may cause
    a crash.
  * Fix 'Attempt to allocate 0 bytes' error when parsing some PDF
    documents.
  * Fix a couple of minor memory leaks.
  * Updated libclamunrar to UnRAR 5.9.2.

Update to 0.102.2:

  * CVE-2020-3123: A denial-of-service (DoS) condition may occur when
    using the optional credit card data-loss-prevention (DLP) feature.
    Improper bounds checking of an unsigned variable resulted in an
    out-of-bounds read, which causes a crash.
  * Significantly improved the scan speed of PDF files on Windows.
  * Re-applied a fix to alleviate file access issues when scanning RAR
    files in downstream projects that use libclamav where the scanning
    engine is operating in a low-privilege process. This bug was originally
    fixed in 0.101.2 and the fix was mistakenly omitted from 0.102.0.
  * Fixed an issue where freshclam failed to update if the database version
    downloaded is one version older than advertised. This situation may
    occur after a new database version is published. The issue affected
    users downloading the whole CVD database file.
  * Changed the default freshclam ReceiveTimeout setting to 0 (infinite).
    The ReceiveTimeout had caused needless database update failures for
    users with slower internet connections.
  * Correctly display the number of kilobytes (KiB) in progress bar and
    reduced the size of the progress bar to accommodate 80-character width
    terminals.
  * Fixed an issue where running freshclam manually causes a daemonized
    freshclam process to fail when it updates because the manual instance
    deletes the temporary download directory. The freshclam temporary files
    will now download to a unique directory created at the time of an update
    instead of using a hardcoded directory created/destroyed at the program
    start/exit.
  * Fix for freshclam's OnOutdatedExecute config option.
  * Fixes a memory leak in the error condition handling for the email
    parser.
  * Improved bound checking and error handling in ARJ archive parser.
  * Improved error handling in PDF parser.
  * Fix for memory leak in byte-compare signature handler.

- The freshclam.service should not be started before the network is
  online (it checks for updates immediately upon service start)

Update to 0.102.1:

  * CVE-2019-15961, bsc#1157763: A Denial-of-Service (DoS)
    vulnerability may occur when scanning a specially crafted email
    file as a result of excessively long scan times. The issue is
    resolved by implementing several maximums in parsing MIME
    messages and by optimizing use of memory allocation.
  * Build system fixes to build clamav-milter, to correctly link
    with libxml2 when detected, and to correctly detect fanotify
    for on-access scanning feature support.
  * Signature load time is significantly reduced by changing to a
    more efficient algorithm for loading signature patterns and
    allocating the AC trie. Patch courtesy of Alberto Wu.
  * Introduced a new configure option to statically link libjson-c
    with libclamav. Static linking with libjson is highly
    recommended to prevent crashes in applications that use
    libclamav alongside another JSON parsing library.
  * Null-dereference fix in email parser when using the
    --gen-json metadata option.
  * Fixes for Authenticode parsing and certificate signature
    (.crb database) bugs.

Update to 0.102.0:

  * The On-Access Scanning feature has been migrated out of clamd
    and into a brand new utility named clamonacc. This utility is
    similar to clamdscan and clamav-milter in that it acts as a
    client to clamd. This separation from clamd means that clamd no
    longer needs to run with root privileges while scanning potentially
    malicious files. Instead, clamd may drop privileges to run under an
    account that does not have super-user. In addition to improving the
    security posture of running clamd with On-Access enabled, this
    update fixed a few outstanding defects:
    - On-Access scanning for created and moved files (Extra-Scanning)
      is fixed.
    - VirusEvent for On-Access scans is fixed.
    - With clamonacc, it is now possible to copy, move, or remove a
      file if the scan triggered an alert, just like with clamdscan.
  * The freshclam database update utility has undergone a significant
    update. This includes:
    - Added support for HTTPS.
    - Support for database mirrors hosted on ports other than 80.
    - Removal of the mirror management feature (mirrors.dat).
    - An all new libfreshclam library API.
- created new subpackage libfreshclam2

Update to 0.101.4:

  * CVE-2019-12900: An out of bounds write in the NSIS bzip2
    (bsc#1149458)
  * CVE-2019-12625: Introduce a configurable time limit to mitigate
    zip bomb vulnerability completely. Default is 2 minutes,
    configurable useing the clamscan --max-scantime and for clamd
    using the MaxScanTime config option (bsc#1144504)

Update to version 0.101.3:

  * bsc#1144504: ZIP bomb causes extreme CPU spikes

Update to version 0.101.2 (bsc#1130721)

  * CVE-2019-1787:
    An out-of-bounds heap read condition may occur when scanning PDF
    documents. The defect is a failure to correctly keep track of the number
    of bytes remaining in a buffer when indexing file data.
  * CVE-2019-1789:
    An out-of-bounds heap read condition may occur when scanning PE files
    (i.e. Windows EXE and DLL files) that have been packed using Aspack as a
    result of inadequate bound-checking.
  * CVE-2019-1788:
    An out-of-bounds heap write condition may occur when scanning OLE2 files
    such as Microsoft Office 97-2003 documents. The invalid write happens when
    an invalid pointer is mistakenly used to initialize a 32bit integer to
    zero. This is likely to crash the application.
  * CVE-2019-1786:
    An out-of-bounds heap read condition may occur when scanning malformed
    PDF documents as a result of improper bounds-checking.
  * CVE-2019-1785:
    A path-traversal write condition may occur as a result of improper
    input validation when scanning RAR archives.
  * CVE-2019-1798:
    A use-after-free condition may occur as a result of improper error
    handling when scanning nested RAR archives.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3791-1
Released:    Mon Dec 14 17:39:19 2020
Summary:     Recommended update for gzip
Type:        recommended
Severity:    moderate
References:  
This update for gzip fixes the following issue:

- Enable `DFLTCC` (Deflate Conversion Call) compression for s390x for levels 1-6 to `CFLAGS`. (jsc#SLE-13775)
  
  Enable by adding `-DDFLTCC_LEVEL_MASK=0x7e` to `CFLAGS`.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3793-1
Released:    Mon Dec 14 17:39:29 2020
Summary:     Recommended update for sblim-sfcb
Type:        recommended
Severity:    moderate
References:  1178415
This update for sblim-sfcb fixes the following issues:

- Allow older SSL protocols to be disabled.
- Add a configuration option `sslNoTLSv1_1` to optionally disable `TLSv1.1.` (bsc#1178415)

  When the protocol version is disabled, the connection will fail and the error will be recorded in the logs.

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2020:3795-1
Released:    Mon Dec 14 17:43:26 2020
Summary:     Optional update for systemd-rpm-macros
Type:        optional
Severity:    low
References:  1059627,1178481,1179020
This update for systemd-rpm-macros fixes the following issues:

- Deprecate '-f'/'-n' options
  When used with %service_del_preun, support for these options will be
  dropped as DISABLE_STOP_ON_REMOVAL support will be removed on the
  next version of SLE (jsc#SLE-8968)
  When used with %service_del_postun, they should be replaced with
  their counterpart
  %service_del_postun_with_restart/%service_del_postun_without_restart
- Introduced %service_del_postun_with_restart()
  It's the counterpart of %service_del_postun_without_restart() and
  replaces the '-f' option of %service_del_postun().
- Does no longer apply presets when migrating from a disabled initscript (bsc#1178481)
- Fix importing of %{_unitdir}

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3619-1
Released:    Tue Dec 15 13:41:16 2020
Summary:     Recommended update for cloud-netconfig, google-guest-agent
Type:        recommended
Severity:    moderate
References:  1159460,1178486,1179031,1179032
This update for cloud-netconfig, google-guest-agent fixes the following issues:

cloud-netconfig:

- Update to version 1.5:
  + Add support for GCE (bsc#1159460, bsc#1178486, jsc#ECO-2800)
  + Improve default gateway determination

google-guest-agent:

- Update to version 20201026.00
  * remove old unused workflow files
  * fallback to IP for metadata
  * getPasswd: Check full prefix of line for username

- dont_overwrite_ifcfg.patch: Do not overwrite existing ifcfg files
  to allow manual configuration and compatibility with
  cloud-netconfig. (bsc#1159460, bsc#1178486)

- Update to version 20200929.00
  * correct varname
  * don't call dhclient -x on network setup
  * add instance id dir override
  * update agent systemd service file
  * typo, change to noadjfile
  * add gaohannk to OWNERS
  * remove illfelder from OWNERS
  * Add all license files to packages

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3812-1
Released:    Tue Dec 15 15:23:59 2020
Summary:     Recommended update for grafana-ha-cluster-dashboards
Type:        recommended
Severity:    moderate
References:  
This update for grafana-ha-cluster-dashboards fixes the following issue:

- Update from version 1.0.3+git.1600360477.8b8f9ce to version 1.1.0+git.1605027022.a84d536
  - Split the provider file to the sub-package grafana-sleha-provider

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3840-1
Released:    Wed Dec 16 10:32:03 2020
Summary:     Recommended update for llvm7
Type:        recommended
Severity:    moderate
References:  1176964,1179155
This update for llvm7 fixes the following issues:

- Fix dsymutil crash on ELF file. (bsc#1176964)
- Add Conflicts: clang-tools to clang7 and llvm7 packages to properly handle newer llvm versions. (bsc#1179155)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3856-1
Released:    Wed Dec 16 17:56:03 2020
Summary:     Recommended update for ucode-intel
Type:        recommended
Severity:    important
References:  1179224
This update for ucode-intel fixes the following issues:

- Reverted 3 CPU microcodes back to 20200616 release level after regression reports. (bsc#1179224)

  - SKX-SP         | H0/M0/U0 | 06-55-04/b7 | 02006906 | Xeon Scalable
  - SKX-D          | M1       | 06-55-04/b7 | 02006906 | Xeon D-21xx
  - CLX-SP         | B0       | 06-55-06/bf | 04002f01 | Xeon Scalable Gen2
  - CLX-SP         | B1       | 06-55-07/bf | 05002f01 | Xeon Scalable Gen2

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3868-1
Released:    Thu Dec 17 12:44:47 2020
Summary:     Recommended update for perl-Test-Warnings
Type:        recommended
Severity:    moderate
References:  
This update for perl-Test-Warnings fixes the following issues:

Update from version 0.026 to version 0.030

- Fix tests that can fail when there is already an installed module named `Foo::Bar::Baz`
- `report_warnings` feature, for printing all of the (unexpected) warning content when `had_no_warnings()` is called 
- Allow for calling `warnings->import` being called after importing the 'warnings' sub
- `fail_on_warning` feature, for more easily seeing where the surprising warning appeared during testing

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3901-1
Released:    Mon Dec 21 20:07:56 2020
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    critical
References:  1180039,CVE-2020-16042,CVE-2020-26971,CVE-2020-26973,CVE-2020-26974,CVE-2020-26978,CVE-2020-35111,CVE-2020-35112,CVE-2020-35113
This update for MozillaFirefox fixes the following issues:

- Firefox Extended Support Release 78.6.0 ESR
  * Fixed: Various stability, functionality, and security fixes
  MFSA 2020-55 (bsc#1180039)
  * CVE-2020-16042 (bmo#1679003)
    Operations on a BigInt could have caused uninitialized memory
    to be exposed
  * CVE-2020-26971 (bmo#1663466)
    Heap buffer overflow in WebGL
  * CVE-2020-26973 (bmo#1680084)
    CSS Sanitizer performed incorrect sanitization
  * CVE-2020-26974 (bmo#1681022)
    Incorrect cast of StyleGenericFlexBasis resulted in a heap
    use-after-free
  * CVE-2020-26978 (bmo#1677047)
    Internal network hosts could have been probed by a malicious
    webpage
  * CVE-2020-35111 (bmo#1657916)
    The proxy.onRequest API did not catch view-source URLs
  * CVE-2020-35112 (bmo#1661365)
    Opening an extension-less download may have inadvertently
    launched an executable instead
  * CVE-2020-35113 (bmo#1664831, bmo#1673589)
    Memory safety bugs fixed in Firefox 84 and Firefox ESR 78.6

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3917-1
Released:    Tue Dec 22 14:16:53 2020
Summary:     Security update for groovy
Type:        security
Severity:    moderate
References:  1179729,CVE-2020-17521
This update for groovy fixes the following issues:
	  
- groovy was updated to 2.4.21
- CVE-2020-17521: Fixed an information disclosure vulnerability (bsc#1179729).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3920-1
Released:    Tue Dec 22 15:16:47 2020
Summary:     Recommended update for mutt
Type:        recommended
Severity:    moderate
References:  1179461
This update for mutt fixes the following issues:

- Add a further correction in for external bodies as well. (bsc#1179461)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3922-1
Released:    Tue Dec 22 15:20:46 2020
Summary:     Security update for jetty-minimal
Type:        security
Severity:    moderate
References:  1179727,CVE-2020-27218
This update for jetty-minimal fixes the following issues:

- jetty-minimal was upgraded to version 9.4.35.v20201120
- CVE-2020-27218: Fixed an issue where buffer not correctly recycled in Gzip Request inflation (bsc#1179727).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3929-1
Released:    Wed Dec 23 10:06:31 2020
Summary:     Recommended update for lifecycle-data-sle-module-live-patching
Type:        recommended
Severity:    moderate
References:  1020320
This update for lifecycle-data-sle-module-live-patching fixes the following issue:

- Added data for 4_12_14-150_63, 4_12_14-197_72, 4_12_14-197_75, 5_3_18-24_43. (bsc#1020320)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3932-1
Released:    Wed Dec 23 18:21:59 2020
Summary:     Security update for java-1_8_0-ibm
Type:        security
Severity:    moderate
References:  1177943,1180063,CVE-2020-14779,CVE-2020-14781,CVE-2020-14792,CVE-2020-14796,CVE-2020-14797,CVE-2020-14798,CVE-2020-14803
This update for java-1_8_0-ibm fixes the following issues:

- Update to Java 8.0 Service Refresh 6 Fix Pack 20 [bsc#1180063,bsc#1177943]
  CVE-2020-14792 CVE-2020-14797 CVE-2020-14781 CVE-2020-14779
  CVE-2020-14798 CVE-2020-14796 CVE-2020-14803
  * Class libraries:
    - SOCKETADAPTOR$SOCKETINPUTSTREAM.READ is blocking for more time
      that the set timeout
    - Z/OS specific C function send_file is changing the file pointer
      position
  * Java Virtual Machine:
    - Crash on iterate java stack
    - Java process hang on SIGTERM
  * JIT Compiler:
    - JMS performance regression from JDK8 SR5 FP40 TO FP41

  * Class Libraries:
    - z15 high utilization following Z/VM and Linux migration from
      z14 To z15
  * Java Virtual Machine:
    - Assertion failed when trying to write a class file
    - Assertion failure at modronapi.cpp
    - Improve the performance of defining and finding classes
  * JIT Compiler:
    - An assert in ppcbinaryencoding.cpp may trigger when running
      with traps disabled on power
    - AOT field offset off by n bytes
    - Segmentation fault in jit module on ibm z platform
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3933-1
Released:    Thu Dec 24 12:35:40 2020
Summary:     Security update for flac
Type:        security
Severity:    moderate
References:  1180099,1180112,CVE-2020-0487,CVE-2020-0499
This update for flac fixes the following issues:

- CVE-2020-0487: Fixed a memory leak (bsc#1180112).
- CVE-2020-0499: Fixed an out-of-bounds access (bsc#1180099).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3934-1
Released:    Thu Dec 24 12:37:11 2020
Summary:     Security update for openexr
Type:        security
Severity:    moderate
References:  1179879,CVE-2020-16587,CVE-2020-16588,CVE-2020-16589
This update for openexr fixes the following issues:

Security issues fixed:

- CVE-2020-16587: Fixed a heap-based buffer overflow in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp (bsc#1179879).
- CVE-2020-16588: Fixed a null pointer deference in generatePreview (bsc#1179879).
- CVE-2020-16589: Fixed a heap-based buffer overflow in writeTileData in ImfTiledOutputFile.cpp (bsc#1179879).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3935-1
Released:    Fri Dec 25 09:26:54 2020
Summary:     Security update for MozillaThunderbird
Type:        security
Severity:    critical
References:  1179530,1180039,CVE-2020-16042,CVE-2020-26970,CVE-2020-26971,CVE-2020-26973,CVE-2020-26974,CVE-2020-26978,CVE-2020-35111,CVE-2020-35112,CVE-2020-35113
This update for MozillaThunderbird fixes the following issues:

- Mozilla Thunderbird 78.6
  * new: MailExtensions: Added
    browser.windows.openDefaultBrowser() (bmo#1664708)
  * changed: Thunderbird now only shows quota exceeded
    indications on the main window (bmo#1671748)
  * changed: MailExtensions: menus API enabled in messages being
    composed (bmo#1670832)
  * changed: MailExtensions: Honor allowScriptsToClose argument
    in windows.create API function (bmo#1675940)
  * changed: MailExtensions: APIs that returned an accountId will
    reflect the account the message belongs to, not what is
    stored in message headers (bmo#1644032)
  * fixed: Keyboard shortcut for toggling message 'read' status
    not shown in menus (bmo#1619248)
  * fixed: OpenPGP: After importing a secret key, Key Manager
    displayed properties of the wrong key (bmo#1667054)
  * fixed: OpenPGP: Inline PGP parsing improvements (bmo#1660041)
  * fixed: OpenPGP: Discovering keys online via Key Manager
    sometimes failed on Linux (bmo#1634053)
  * fixed: OpenPGP: Encrypted attachment 'Decrypt and Open/Save
    As' did not work (bmo#1663169)
  * fixed: OpenPGP: Importing keys failed on macOS (bmo#1680757)
  * fixed: OpenPGP: Verification of clear signed UTF-8 text
    failed (bmo#1679756)
  * fixed: Address book: Some columns incorrectly displayed no
    data (bmo#1631201)
  * fixed: Address book: The address book view did not update
    after changing the name format in the menu (bmo#1678555)
  * fixed: Calendar: Could not import an ICS file into a CalDAV
    calendar (bmo#1652984)
  * fixed: Calendar: Two 'Home' calendars were visible on a new
    profile (bmo#1656782)
  * fixed: Calendar: Dark theme was incomplete on Linux
    (bmo#1655543)
  * fixed: Dark theme did not apply to new mail notification
    popups (bmo#1681083)
  * fixed: Folder icon, message list, and contact side bar visual
    improvements (bmo#1679436)
  * fixed: MailExtensions: HTTP refresh in browser content tabs
    did not work (bmo#1667774)
  * fixed: MailExtensions: messageDisplayScripts failed to run in
    main window (bmo#1674932)
  * fixed: Various security fixes
  MFSA 2020-56 (bsc#1180039)
  * CVE-2020-16042 (bmo#1679003)
    Operations on a BigInt could have caused uninitialized memory
    to be exposed
  * CVE-2020-26971 (bmo#1663466)
    Heap buffer overflow in WebGL
  * CVE-2020-26973 (bmo#1680084)
    CSS Sanitizer performed incorrect sanitization
  * CVE-2020-26974 (bmo#1681022)
    Incorrect cast of StyleGenericFlexBasis resulted in a heap
    use-after-free
  * CVE-2020-26978 (bmo#1677047)
    Internal network hosts could have been probed by a malicious
    webpage
  * CVE-2020-35111 (bmo#1657916)
    The proxy.onRequest API did not catch view-source URLs
  * CVE-2020-35112 (bmo#1661365)
    Opening an extension-less download may have inadvertently
    launched an executable instead
  * CVE-2020-35113 (bmo#1664831, bmo#1673589)
    Memory safety bugs fixed in Thunderbird 78.6

Mozilla Thunderbird 78.5.1

* new: OpenPGP: Added option to disable email subject
  encryption (bmo#1666073)
* changed: OpenPGP public key import now supports multi-file
  selection and bulk accepting imported keys (bmo#1665145)
* changed: MailExtensions: getComposeDetails will wait for
  'compose-editor-ready' event (bmo#1675012)
* fixed: New mail icon was not removed from the system tray at
  shutdown (bmo#1664586)
* fixed: 'Place replies in the folder of the message being
  replied to' did not work when using 'Reply to List'
  (bmo#522450)
* fixed: Thunderbird did not honor the 'Run search on server'
  option when searching messages (bmo#546925)
* fixed: Highlight color for folders with unread messages
  wasn't visible in dark theme (bmo#1676697)
* fixed: OpenPGP: Key were missing from Key Manager
  (bmo#1674521)
* fixed: OpenPGP: Option to import keys from clipboard always
  disabled (bmo#1676842)
* fixed: The 'Link' button on the large attachments info bar
  failed to open up Filelink section in Options if the user had
  not yet configured Filelink (bmo#1677647)
* fixed: Address book: Printing members of a mailing list
  resulted in incorrect output (bmo#1676859)
* fixed: Unable to connect to LDAP servers configured with a
  self-signed SSL certificate (bmo#1659947)
* fixed: Autoconfig via LDAP did not work as expected
  (bmo#1662433)
* fixed: Calendar: Pressing Ctrl-Enter in the new event dialog
  would create duplicate events (bmo#1668478)
* fixed: Various security fixes

MFSA 2020-53 (bsc#1179530)
* CVE-2020-26970 (bmo#1677338)
  Stack overflow due to incorrect parsing of SMTP server
  response codes

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3942-1
Released:    Tue Dec 29 12:22:01 2020
Summary:     Recommended update for libidn2
Type:        recommended
Severity:    moderate
References:  1180138
This update for libidn2 fixes the following issues:

- The library is actually dual licensed, GPL-2.0-or-later or LGPL-3.0-or-later,
  adjusted the RPM license tags (bsc#1180138)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:28-1
Released:    Tue Jan  5 15:57:44 2021
Summary:     Security update for dovecot23
Type:        security
Severity:    important
References:  1174920,1174922,1174923,1180405,1180406,CVE-2020-12100,CVE-2020-12673,CVE-2020-12674,CVE-2020-24386,CVE-2020-25275
This update for dovecot23 fixes the following issues:

Security issues fixed:

- CVE-2020-12100: Fixed a resource exhaustion caused by deeply nested MIME parts (bsc#1174920).
- CVE-2020-12673: Fixed an improper implementation of NTLM that did not check the message buffer size (bsc#1174922).
- CVE-2020-12674: Fixed an improper implementation of the RPA mechanism (bsc#1174923).
- CVE-2020-24386: Fixed an issue with IMAP hibernation that allowed users to access other users' emails (bsc#1180405).
- CVE-2020-25275: Fixed a crash when the 10000th MIME part was message/rfc822 (bsc#1180406).

Non-security issues fixed:

- Pigeonhole was updated to version 0.5.11.
- Dovecot was updated to version 2.3.11.3.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:35-1
Released:    Wed Jan  6 12:31:37 2021
Summary:     Recommended update for taglib
Type:        recommended
Severity:    moderate
References:  1179817
This update for taglib fixes the following issues:

- Fixed a possible file corruption of ogg files (bsc#1179817, gh#taglib/taglib#864):

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:41-1
Released:    Thu Jan  7 11:51:31 2021
Summary:     Security update for tomcat
Type:        security
Severity:    moderate
References:  1179602,CVE-2020-17527
This update for tomcat fixes the following issue:

- CVE-2020-17527: Fixed a HTTP/2 request header mix-up (bsc#1179602).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:65-1
Released:    Mon Jan 11 15:11:49 2021
Summary:     Recommended update for hamcrest
Type:        recommended
Severity:    low
References:  1120493,1179994
This update for hamcrest fixes the following issues:

- Make hamcrest build reproducibly. (bsc#1120493)
- Fix typo in hamcrest-core description. (bsc#1179994)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:71-1
Released:    Tue Jan 12 08:30:53 2021
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    important
References:  1180623,CVE-2020-16044
This update for MozillaFirefox fixes the following issues:

- Firefox Extended Support Release 78.6.1 ESR
  * Fixed: Critical security issue MFSA 2021-01 (bsc#1180623)
  * CVE-2020-16044
    Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:79-1
Released:    Tue Jan 12 10:49:34 2021
Summary:     Recommended update for gcc7
Type:        recommended
Severity:    moderate
References:  1167939
This update for gcc7 fixes the following issues:

- Amend the gcc7 aarch64 atomics for glibc namespace violation with getauxval.  [bsc#1167939]

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:88-1
Released:    Tue Jan 12 14:33:31 2021
Summary:     Security update for hawk2
Type:        security
Severity:    important
References:  1179998,CVE-2020-35458
This update for hawk2 fixes the following security issue:

- CVE-2020-35458: Fixed an insufficient input handler that could have led to remote code execution (bsc#1179998).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:105-1
Released:    Tue Jan 12 19:50:06 2021
Summary:     Recommended update for postgresql12
Type:        recommended
Severity:    low
References:  1178961
This update for postgresql12 fixes the following issues:

- Marked symlinks to pg_config and ecpg as ghost files, so that rpm doesn't complain
  when they are not there (bsc#1178961)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:111-1
Released:    Wed Jan 13 11:47:54 2021
Summary:     Recommended update for prometheus-ha_cluster_exporter
Type:        recommended
Severity:    moderate
References:  
This update for prometheus-ha_cluster_exporter fixes the following issue:

Update to version 1.2.1

- Remove Pacemaker dependency from systemd unit (jsc#TEAM-2169)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:123-1
Released:    Thu Jan 14 10:28:40 2021
Summary:     Security update for MozillaThunderbird
Type:        security
Severity:    important
References:  1180623,CVE-2020-16044
This update for MozillaThunderbird fixes the following issues:

- Mozilla Thunderbird 78.6.1
  * changed: MailExtensions: browserAction, composeAction, and
    messageDisplayAction toolbar buttons now support label and
    default_label properties (bmo#1583478)
  * fixed: Running a quicksearch that returned no results did not
    offer to re-run as a global search (bmo#1663153)
  * fixed: Message search toolbar fixes (bmo#1681010)
  * fixed: Very long subject lines distorted the message compose
    and display windows, making them unusable (bmo#77806)
  * fixed: Compose window: Recipient addresses that had not yet
    been autocompleted were lost when clicking Send button
    (bmo#1674054)
  * fixed: Compose window: New message is no longer marked as
    'changed' just from tabbing out of the recipient field
    without editing anything (bmo#1681389)
  * fixed: Account autodiscover fixes when using MS Exchange
    servers (bmo#1679759)
  * fixed: LDAP address book stability fix (bmo#1680914)
  * fixed: Messages with invalid vcard attachments were not
    marked as read when viewed in the preview window
    (bmo#1680468)
  * fixed: Chat: Could not add TLS certificate exceptions for
    XMPP connections (bmo#1590471)
  * fixed: Calendar: System timezone was not always properly
    detected (bmo#1678839)
  * fixed: Calendar: Descriptions were sometimes blank when
    editing a single occurrence of a repeating event
    (bmo#1664731)
  * fixed: Various printing bugfixes (bmo#1676166)
  * fixed: Visual consistency and theme improvements
    (bmo#1682808)
  MFSA 2021-02 (bsc#1180623)
  * CVE-2020-16044 (bmo#1683964)
    Use-after-free write when handling a malicious COOKIE-ECHO
    SCTP chunk

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:130-1
Released:    Thu Jan 14 13:08:01 2021
Summary:     Recommended update for aide
Type:        recommended
Severity:    moderate
References:  1180165
This update for aide fixes the following issue:

- Add a `syslog_format` to Advanced Intrusion Detection Environment (AIDE). (bsc#1180165)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:134-1
Released:    Fri Jan 15 10:30:56 2021
Summary:     Recommended update for gnu-compilers-hpc
Type:        recommended
Severity:    important
References:  1174439
This update for gnu-compilers-hpc fixes the following issues:

- Add build support for gcc10 to HPC build. (bsc#1174439)
- Fix version parsing for gcc10 and up.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:175-1
Released:    Wed Jan 20 09:23:50 2021
Summary:     Security update for postgresql, postgresql13
Type:        security
Severity:    moderate
References:  1178666,1178667,1178668,1178961,CVE-2020-25694,CVE-2020-25695,CVE-2020-25696
This update for postgresql, postgresql13 fixes the following issues:

This update ships postgresql13.

Upgrade to version 13.1:

* CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD
  and firing of deferred triggers within index expressions and
  materialized view queries.
* CVE-2020-25694, bsc#1178667:
  a) Fix usage of complex connection-string parameters in pg_dump,
  pg_restore, clusterdb, reindexdb, and vacuumdb.
  b) When psql's \connect command re-uses connection parameters,
  ensure that all non-overridden parameters from a previous
  connection string are re-used.
* CVE-2020-25696, bsc#1178668: Prevent psql's \gset command from
  modifying specially-treated variables.
* Fix recently-added timetz test case so it works when the USA
  is not observing daylight savings time.
  (obsoletes postgresql-timetz.patch)
* https://www.postgresql.org/about/news/2111/
* https://www.postgresql.org/docs/13/release-13-1.html

Initial packaging of PostgreSQL 13:

* https://www.postgresql.org/about/news/2077/
* https://www.postgresql.org/docs/13/release-13.html

- bsc#1178961: %ghost the symlinks to pg_config and ecpg.

Changes in postgresql wrapper package:

- Bump major version to 13.
- We also transfer PostgreSQL 9.4.26 to the new package layout in
  SLE12-SP2 and newer. Reflect this in the conflict with
  postgresql94.
- Also conflict with PostgreSQL versions before 9.
- Conflicting with older versions is not limited to SLE.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:176-1
Released:    Wed Jan 20 09:49:05 2021
Summary:     Security update for xstream
Type:        security
Severity:    important
References:  1180145,1180146,1180994,CVE-2020-26217,CVE-2020-26258,CVE-2020-26259
This update for xstream fixes the following issues:

xstream was updated to version 1.4.15.

- CVE-2020-26217: Fixed a remote code execution due to insecure XML deserialization when relying on blocklists (bsc#1180994).
- CVE-2020-26258: Fixed a server-side request forgery vulnerability (bsc#1180146).
- CVE-2020-26259: Fixed an arbitrary file deletion vulnerability (bsc#1180145).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:179-1
Released:    Wed Jan 20 13:38:51 2021
Summary:     Recommended update for timezone
Type:        recommended
Severity:    moderate
References:  1177460
This update for timezone fixes the following issues:

- timezone update 2020f (bsc#1177460)
  * 'make rearguard_tarballs' no longer generates a bad rearguard.zi,
    fixing a 2020e bug.

- timezone update 2020e (bsc#1177460)
  * Volgograd switches to Moscow time on 2020-12-27 at 02:00.

- timezone update 2020f (bsc#1177460)
  * 'make rearguard_tarballs' no longer generates a bad rearguard.zi,
    fixing a 2020e bug.

- timezone update 2020e (bsc#1177460)
  * Volgograd switches to Moscow time on 2020-12-27 at 02:00.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:183-1
Released:    Thu Jan 21 11:35:36 2021
Summary:     Security update for perl-Convert-ASN1
Type:        security
Severity:    moderate
References:  1168934,CVE-2013-7488
This update for perl-Convert-ASN1 fixes the following issue:

- CVE-2013-7488: Fixed an infinite loop via unexpected input (bsc#1168934).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:186-1
Released:    Thu Jan 21 14:55:16 2021
Summary:     Security update for wavpack
Type:        security
Severity:    moderate
References:  1091340,1091341,1091342,1091343,1091344,1180414,CVE-2018-10536,CVE-2018-10537,CVE-2018-10538,CVE-2018-10539,CVE-2018-10540,CVE-2018-19840,CVE-2018-19841,CVE-2018-6767,CVE-2018-7253,CVE-2018-7254,CVE-2019-1010319,CVE-2019-11498,CVE-2020-35738
This update for wavpack fixes the following issues:

- Update to version 5.4.0
  * CVE-2020-35738: Fixed an out-of-bounds write in WavpackPackSamples (bsc#1180414) 
  * fixed: disable A32 asm code when building for Apple silicon
  * fixed: issues with Adobe-style floating-point WAV files
  * added: --normalize-floats option to wvunpack for correctly
             exporting un-normalized floating-point files
- Update to version 5.3.0 
  * fixed: OSS-Fuzz issues 19925, 19928, 20060, 20448
  * fixed: trailing garbage characters on imported ID3v2 TXXX tags
  * fixed: various minor undefined behavior and memory access issues
  * fixed: sanitize tag extraction names for length and path inclusion
  * improved: reformat wvunpack 'help' and split into long + short versions
  * added: regression testing to Travis CI for OSS-Fuzz crashers
- Updated to version 5.2.0 
  *fixed: potential security issues including the following CVEs:
         CVE-2018-19840, CVE-2018-19841, CVE-2018-10536 (bsc#1091344),
         CVE-2018-10537 (bsc#1091343) CVE-2018-10538 (bsc#1091342),  
         CVE-2018-10539 (bsc#1091341), CVE-2018-10540 (bsc#1091340), 
         CVE-2018-7254,  CVE-2018-7253, CVE-2018-6767, CVE-2019-11498 
         and CVE-2019-1010319
  * added: support for CMake, Travis CI, and Google's OSS-fuzz
  * fixed: use correction file for encode verify (pipe input, Windows)
  * fixed: correct WAV header with actual length (pipe input, -i option)
  * fixed: thumb interworking and not needing v6 architecture (ARM asm)
  * added: handle more ID3v2.3 tag items and from all file types
  * fixed: coredump on Sparc64 (changed MD5 implementation)
  * fixed: handle invalid ID3v2.3 tags from sacd-ripper
  * fixed: several corner-case memory leaks

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:194-1
Released:    Fri Jan 22 13:31:01 2021
Summary:     Security update for stunnel
Type:        security
Severity:    moderate
References:  1177580,1178533
This update for stunnel fixes the following issues:

Security issue fixed:

- The 'redirect' option was fixed to properly handle 'verifyChain = yes' (bsc#1177580).

Non-security issues fixed:

- Fix startup problem of the stunnel daemon (bsc#1178533)

- update to 5.57:
  * Security bugfixes
  * New features
    - New securityLevel configuration file option.
    - Support for modern PostgreSQL clients
    - TLS 1.3 configuration updated for better compatibility.
  * Bugfixes
    - Fixed a transfer() loop bug.
    - Fixed memory leaks on configuration reloading errors.
    - DH/ECDH initialization restored for client sections.
    - Delay startup with systemd until network is online.
    - A number of testing framework fixes and improvements.

- update to 5.56:
  - Various text files converted to Markdown format.
  - Support for realpath(3) implementations incompatible
    with POSIX.1-2008, such as 4.4BSD or Solaris.
  - Support for engines without PRNG seeding methods (thx to
    Petr Mikhalitsyn).
  - Retry unsuccessful port binding on configuration
    file reload.
  - Thread safety fixes in SSL_SESSION object handling.
  - Terminate clients on exit in the FORK threading model.

- Fixup stunnel.conf handling:
  * Remove old static openSUSE provided stunnel.conf.
  * Use upstream stunnel.conf and tailor it for openSUSE using sed.
  * Don't show README.openSUSE when installing.

- enable /etc/stunnel/conf.d
- re-enable openssl.cnf

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:195-1
Released:    Fri Jan 22 15:17:17 2021
Summary:     Security update for mutt
Type:        security
Severity:    moderate
References:  1181221,CVE-2021-3181
This update for mutt fixes the following issue:

- CVE-2021-3181: Fixed a memory leak in recipient parsing (bsc#1181221).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:200-1
Released:    Fri Jan 22 15:39:33 2021
Summary:     Security update for hawk2
Type:        security
Severity:    critical
References:  1179998,CVE-2020-35458
This update for hawk2 fixes the following issues:

hawk2 was updated to version 2.4.0+git.1611141202.2fe6369e.

Security issue fixed:

- Fixed another possible code execution vulnerability in the controller code (bsc#1179998).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:207-1
Released:    Mon Jan 25 16:16:05 2021
Summary:     Recommended update for python-websockify
Type:        recommended
Severity:    moderate
References:  1163513
This update for python-websockify fixes the following issues:

- Add 'python-numpy' as requirement. (bsc#1163513)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:220-1
Released:    Tue Jan 26 14:00:51 2021
Summary:     Recommended update for keyutils
Type:        recommended
Severity:    moderate
References:  1180603
This update for keyutils fixes the following issues:

- Adjust the library license to be LPGL-2.1+ only (the tools are GPL2+, the library is just LGPL-2.1+) (bsc#1180603)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:228-1
Released:    Tue Jan 26 23:05:38 2021
Summary:     Recommended update for python-kiwi
Type:        recommended
Severity:    moderate
References:  1179562,1180781
This update for python-kiwi fixes the following issues:

- Azure generated images are not bootable. (bsc#1180781)
- Fixed validation of bool value in dracut module.
  
  - The `oem-multipath-scan` setup results in a bool variable inside of the initrd code.  
  The variable `kiwi_oemmultipath_scan` is therefore either set to `true` or `false`. 
  This update fixes the validation to make use of the `bool()` method provided for these type of variables.
- Azure `LI/VLI` Production image boot process drops to dracut rescue shell during boot randomly (bsc#1179562)
- Omit multipath module by default
  
  - The plain installation of the multipath toolkit activates the dracut multipath code. 
  The setup if the target image runs in a multipath environment or not should however be decided explicitly
  in the image description via `<oem-multipath-scan>` and not implicitly by the presence of tools
- Fixed multipath disk device assignment in kiwi lib
  
  - The former lookup of the multipath mapped disk device contained a race condition. 
  If the lookup of the device mapper files happened before multipathd has finished the initialization, kiwi continues
  with the unix node name and fails when the device mapper keeps a busy state on it. 
  Now, in case of an explicit request to use multipath the lookup of the mapped device becomes a mandatory process 
  that runs until the `DEVICE_TIMEOUT` is reached. Default timeout is set to 60 sec. 
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:237-1
Released:    Thu Jan 28 18:22:24 2021
Summary:     Recommended update for habootstrap-formula
Type:        recommended
Severity:    moderate
References:  1177860
This update for drbd-formula, habootstrap-formula, iscsi-formula, saphanabootstrap-formula, sapnwbootstrap-formula fixes the following issues:

drbd-formula:

- Version 0.4.0
  - Change `salt-formulas-configuration` requirement in SLE12 codestream to a recommendation (bsc#1177860)

habootstrap-formula:

- Version 0.4.0
  - Change `salt-formulas-configuration` requirement in SLE12 codestream to a recommendation (bsc#1177860)
  - Remove lock states as this is done in `crmsh` now
  - Fix ssh keys management to run them once the first node is initialized
  - Remove `--no-overwrite-sshkey` option from the formula
  - `qdevice` support: it can be created when initializing a cluster when multiple nodes are joining in parallel
  
iscsi-formula:

- Change `salt-formulas-configuration` requirement in SLE12 codestream to a recommendation (bsc#1177860)

saphanabootstrap-formula:

- Version 0.7.0
  - Change `salt-formulas-configuration` requirement in SLE12 codestream to a recommendation (bsc#1177860)
  - Start the `saptune` daemon service
  - Add requisite of HANA installation to subsequent salt states
  - Add support to extract and install HANA Client `sar` packages
  - Set the native fence mechanism usage for `CSP` as optional (jsc#SLE-4047)
  - Fix the HANA media extraction and installation logics when using `exe` archives
  - Update the SUSE Manager HANA form metadata, to show HANA form under SAP deployment group
  - Update SUSe Manager `form.yml` file and prevalidation state with latest changes in formula

sapnwbootstrap-formula:

- Version 0.6.0
  - Change `salt-formulas-configuration` requirement in SLE12 codestream to a recommendation (bsc#1177860)
  - Add requisites of `netweaver` installation to subsequent salt states
  - Start the `saptune` systemd service
  - Fix `additional_dvds` variable usage when salt uses python 2. 
    - The variable is filtered by `tojson` option to avoid `u` prefix in lists
  - Set the native fence mechanism usage for `CSP` as optional
  - Add instance name suffix to `socat` resources
  - Remove meta `resource-stickness` to the `ERS` resources group
  - Update the db installation template to use correctly the schema names for S/4HANA
  - Update the default `nw_extract_dir` `SWPM` media extraction location


  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:243-1
Released:    Fri Jan 29 09:37:29 2021
Summary:     Security update for jackson-databind
Type:        security
Severity:    moderate
References:  1177616,1180391,1181118,CVE-2020-25649,CVE-2020-35728,CVE-2021-20190
This update for jackson-databind fixes the following issues:

jackson-databind was updated to 2.10.5.1:
  * #2589: `DOMDeserializer`: setExpandEntityReferences(false) may
    not prevent external entity expansion in all cases
    (CVE-2020-25649, bsc#1177616)
  * #2787 (partial fix): NPE after add mixin for enum
  * #2679: 'ObjectMapper.readValue('123', Void.TYPE)' throws
    'should never occur'

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:257-1
Released:    Mon Feb  1 14:46:06 2021
Summary:     Security update for MozillaThunderbird
Type:        security
Severity:    important
References:  1181414,CVE-2020-15685,CVE-2020-26976,CVE-2021-23953,CVE-2021-23954,CVE-2021-23960,CVE-2021-23964
This update for MozillaThunderbird fixes the following issues:

- Mozilla Thunderbird was updated to 78.7.0 ESR  (MFSA 2021-05, bsc#1181414)
  * CVE-2021-23953: Fixed a Cross-origin information leakage via redirected PDF requests
  * CVE-2021-23954: Fixed a type confusion when using logical assignment operators in JavaScript switch statements
  * CVE-2020-26976: Fixed an issue where HTTPS pages could have been intercepted by a registered service worker when they should not have been
  * CVE-2021-23960: Fixed a use-after-poison for incorrectly redeclared JavaScript variables during GC
  * CVE-2021-23964: Fixed Memory safety bugs
  * CVE-2020-15685: Fixed an IMAP Response Injection when using STARTTLS

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:259-1
Released:    Mon Feb  1 14:50:33 2021
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    important
References:  1181414,CVE-2020-26976,CVE-2021-23953,CVE-2021-23954,CVE-2021-23960,CVE-2021-23964
This update for MozillaFirefox fixes the following issues:

- Firefox Extended Support Release 78.7.0 ESR  (MFSA 2021-04, bsc#1181414)
  * CVE-2021-23953: Fixed a Cross-origin information leakage via redirected PDF requests
  * CVE-2021-23954: Fixed a type confusion when using logical assignment operators in JavaScript switch statements
  * CVE-2020-26976: Fixed an issue where HTTPS pages could have been intercepted by a registered service worker when they should not have been
  * CVE-2021-23960: Fixed a use-after-poison for incorrectly redeclared JavaScript variables during GC
  * CVE-2021-23964: Fixed Memory safety bugs 

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:263-1
Released:    Mon Feb  1 15:01:07 2021
Summary:     Security update for terraform
Type:        security
Severity:    moderate
References:  1168921,1170264,1177421,CVE-2020-14039
This update for terraform fixes the following issues:

- Updated terraform to version 0.13.4 (bsc#1177421)

  * Many features, bug fixes, and enhancements were made during this update. Please refer to the
    terraform rpm changelog, for a full list of all changes.

- The following terraform providers were updated:

  * terraform-provider-aws
  * terraform-provider-azurerm
  * terraform-provider-external
  * terraform-provider-google
  * terraform-provider-helm
  * terraform-provider-kubernetes
  * terraform-provider-local
  * terraform-provider-null
  * terraform-provider-random
  * terraform-provider-tls

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:271-1
Released:    Mon Feb  1 21:04:13 2021
Summary:     Recommended update for lshw
Type:        recommended
Severity:    moderate
References:  1181411
This update for lshw fixes the following issues:

- Display UUID on Power VM LPAR. (bsc#1181411, ltc#191040)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:285-1
Released:    Tue Feb  2 13:08:54 2021
Summary:     Security update for cups
Type:        security
Severity:    moderate
References:  1170671,1180520,CVE-2019-8842,CVE-2020-10001
This update for cups fixes the following issues:

- CVE-2020-10001: Fixed an out-of-bounds read in the ippReadIO function (bsc#1180520).
- CVE-2019-8842: Fixed an out-of-bounds read in an extension field (bsc#1170671).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:289-1
Released:    Tue Feb  2 15:20:09 2021
Summary:     Recommended update for arpwatch
Type:        recommended
Severity:    low
References:  
This update for arpwatch fixes the following issues:

- Included arp2ethers script (jsc#SLE-17224)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:292-1
Released:    Wed Feb  3 11:46:32 2021
Summary:     Recommended update for python-azure-agent
Type:        recommended
Severity:    moderate
References:  1180719,1181600,1181601
This update for python-azure-agent contains the following fix:

- Added sysvinit-tools as dependency (bsc#1181600, bsc#1181601)
- Recognise SLE_HPC as SLES and use the proper RDMA handler and distro specific
  initialization code (bsc#1180719)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:293-1
Released:    Wed Feb  3 12:52:34 2021
Summary:     Recommended update for gmp
Type:        recommended
Severity:    moderate
References:  1180603
This update for gmp fixes the following issues:

- correct license statements of packages (library itself is no GPL-3.0) (bsc#1180603)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:294-1
Released:    Wed Feb  3 12:54:28 2021
Summary:     Recommended update for libprotobuf
Type:        recommended
Severity:    moderate
References:  

libprotobuf was updated to fix:

- ship the libprotobuf-lite15 on the basesystem module and the INSTALLER channel. (jsc#ECO-2911)
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:301-1
Released:    Thu Feb  4 08:46:27 2021
Summary:     Recommended update for timezone
Type:        recommended
Severity:    moderate
References:  1177460
This update for timezone fixes the following issues:

- timezone update 2021a (bsc#1177460)
  * South Sudan changes from +03 to +02 on 2021-02-01 at 00:00.

- timezone update 2021a (bsc#1177460)
  * South Sudan changes from +03 to +02 on 2021-02-01 at 00:00.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:337-1
Released:    Mon Feb  8 13:14:24 2021
Summary:     Recommended update for build
Type:        recommended
Severity:    low
References:  1181646
This update for build fixes the following issues:

Features:
- initial flatpak build support added
- ccache support added
- debtransform: Add Debian revision if not present
- allow nodirindex filesystems via BuildFlags: vmfsoptions:nodirindex
- rich dep handling for PreReqs
- kiwi image: configure ndb database if we install the rpm-ndb package
- Implement alternative method to specify build-ignores

A lot of fixes came with this update, please refer to this rpm's changelog to obtain
a full list of all changes.

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2021:339-1
Released:    Mon Feb  8 13:16:07 2021
Summary:     Optional update for pam
Type:        optional
Severity:    low
References:  
This update for pam fixes the following issues:

- Added rpm macros for this package, so that other packages can make use of it

This patch is optional to be installed - it doesn't fix any bugs.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:352-1
Released:    Tue Feb  9 15:02:05 2021
Summary:     Security update for java-11-openjdk
Type:        security
Severity:    important
References:  1181239
This update for java-11-openjdk fixes the following issues:

java-11-openjdk was upgraded to include January 2021 CPU  (bsc#1181239)
- Enable Sheandoah GC for x86_64 (jsc#ECO-3171)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:417-1
Released:    Wed Feb 10 12:02:41 2021
Summary:     Recommended update for osc
Type:        recommended
Severity:    moderate
References:  235071
This update for osc fixes the following issues:

- support --lastsucceeded/--last-succeeded in 'osc buildlog', 'osc remotebuildlog' + friends
  (perform the corresponding operation on the build log of the last successful build)
- several fixes in request related code paths (no double html_escape of a request's description etc.)
- fix potential TypeErrors+UnicodeEncodeErrors in the util.cpio and util.ar modules
- support local flatpak builds (requires a recent build version)
- 'osc init <prj>' works for a non-existent (server-side) project <prj>
- .old dir support for source services so that some services have access to the results of a
  previous service run
- maintainer search: lookup via package name by default and binary as fallback 
- fix crash on console resize when downloading files during build 
- add proper repourls to osc reporuls 
- new command osc releaserequest: This command is used to transfer sources and binaries
  without rebuilding them. 
- It requires defined release targets set to trigger='manual'. 
- some improvements on output of help and error messages 
- Fix path and permissions for fish completion file to  /usr/share/fish/vendor_completions.d
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:421-1
Released:    Wed Feb 10 12:05:23 2021
Summary:     Recommended update for hwdata
Type:        recommended
Severity:    low
References:  1180422,1180482
This update for hwdata fixes the following issues:

- Added merge-pciids.pl to fully duplicate behavior of pciutils-ids (bsc#1180422, bsc#1180482)
- Updated pci, usb and vendor ids.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:430-1
Released:    Wed Feb 10 19:21:55 2021
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    low
References:  1181848
This update for MozillaFirefox fixes the following issues:

Firefox Extended Support Release 78.7.1 ESR (bsc#1181848)

- Fixed: Prevent access to NTFS special paths that could lead to filesystem corruption. 
- Buffer overflow in depth pitch calculations for compressed textures 

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:435-1
Released:    Thu Feb 11 14:47:25 2021
Summary:     Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork
Type:        security
Severity:    important
References:  1174075,1176708,1178801,1178969,1180243,1180401,1181730,1181732,CVE-2020-15257,CVE-2021-21284,CVE-2021-21285
This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues:

Security issues fixed:

- CVE-2020-15257: Fixed a privilege escalation in containerd (bsc#1178969).
- CVE-2021-21284: potential privilege escalation when the root user in the remapped namespace has access to the host filesystem (bsc#1181732)
- CVE-2021-21285: pulling a malformed Docker image manifest crashes the dockerd daemon (bsc#1181730)

Non-security issues fixed:

- Update Docker to 19.03.15-ce. See upstream changelog in the packaged
  /usr/share/doc/packages/docker/CHANGELOG.md. This update includes fixes for
  bsc#1181732 (CVE-2021-21284) and bsc#1181730 (CVE-2021-21285).

- Only apply the boo#1178801 libnetwork patch to handle firewalld on openSUSE.
  It appears that SLES doesn't like the patch. (bsc#1180401)

- Update to containerd v1.3.9, which is needed for Docker v19.03.14-ce and
  fixes CVE-2020-15257. bsc#1180243

- Update to containerd v1.3.7, which is required for Docker 19.03.13-ce.
  bsc#1176708

- Update to Docker 19.03.14-ce. See upstream changelog in the packaged
  /usr/share/doc/packages/docker/CHANGELOG.md. CVE-2020-15257 bsc#1180243
  https://github.com/docker/docker-ce/releases/tag/v19.03.14

- Enable fish-completion

- Add a patch which makes Docker compatible with firewalld with
  nftables backend. Backport of https://github.com/moby/libnetwork/pull/2548
  (bsc#1178801, SLE-16460)

- Update to Docker 19.03.13-ce. See upstream changelog in the packaged
  /usr/share/doc/packages/docker/CHANGELOG.md. bsc#1176708

- Fixes for %_libexecdir changing to /usr/libexec (bsc#1174075)

- Emergency fix: %requires_eq does not work with provide symbols,
  only effective package names. Convert back to regular Requires.

- Update to Docker 19.03.12-ce. See upstream changelog in the packaged
  /usr/share/doc/packages/docker/CHANGELOG.md.
- Use Go 1.13 instead of Go 1.14 because Go 1.14 can cause all sorts of
  spurrious errors due to Go returning -EINTR from I/O syscalls much more often
  (due to Go 1.14's pre-emptive goroutine support).
- Add BuildRequires for all -git dependencies so that we catch missing
  dependencies much more quickly.

- Update to libnetwork 55e924b8a842, which is required for Docker 19.03.14-ce.
  bsc#1180243

- Add patch which makes libnetwork compatible with firewalld with
  nftables backend. Backport of https://github.com/moby/libnetwork/pull/2548
  (bsc#1178801, SLE-16460)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:450-1
Released:    Fri Feb 12 11:38:29 2021
Summary:     Recommended update for drbd-formula, habootstrap-formula, saphanabootstrap-formula, sapnwbootstrap-formula
Type:        recommended
Severity:    moderate
References:  1177860,1181453
This update for drbd-formula, habootstrap-formula, saphanabootstrap-formula, sapnwbootstrap-formula fixes the following issues:

habootstrap-formula:

- Version 0.4.1
  - Improved handling of sshkeys entry in pillar file (bsc#1181453)
  - Change `salt-formulas-configuration` requirement in SLE12 codestream to a recommendation (bsc#1177860)
  - Remove lock states as this is done in `crmsh` now
  - Fix ssh keys management to run them once the first node is initialized
  - Remove `--no-overwrite-sshkey` option from the formula
  - `qdevice` support: it can be created when initializing a cluster when multiple nodes are joining in parallel

saphanabootstrap-formula:

- Version 0.7.0
  - Change `salt-formulas-configuration` requirement in SLE12 codestream to a recommendation (bsc#1177860)
  - Start the `saptune` daemon service
  - Add requisite of HANA installation to subsequent salt states
  - Add support to extract and install HANA Client `sar` packages
  - Set the native fence mechanism usage for `CSP` as optional (jsc#SLE-4047)
  - Fix the HANA media extraction and installation logics when using `exe` archives
  - Update the SUSE Manager HANA form metadata, to show HANA form under SAP deployment group
  - Update SUSE Manager `form.yml` file and prevalidation state with latest changes in formula

sapnwbootstrap-formula:

- Version 0.6.0
  - Change `salt-formulas-configuration` requirement in SLE12 codestream to a recommendation (bsc#1177860)
  - Add requisites of `netweaver` installation to subsequent salt states
  - Start the `saptune` systemd service
  - Fix `additional_dvds` variable usage when salt uses python 2. 
    - The variable is filtered by `tojson` option to avoid `u` prefix in lists
  - Set the native fence mechanism usage for `CSP` as optional
  - Add instance name suffix to `socat` resources
  - Remove meta `resource-stickness` to the `ERS` resources group
  - Update the db installation template to use correctly the schema names for S/4HANA
  - Update the default `nw_extract_dir` `SWPM` media extraction location

drbd-formula:

- Version 0.4.0
  - Change `salt-formulas-configuration` requirement in SLE12 codestream to a recommendation (bsc#1177860)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:483-1
Released:    Tue Feb 16 10:04:38 2021
Summary:     Security update for python-bottle
Type:        security
Severity:    important
References:  1182181,CVE-2020-28473
This update for python-bottle fixes the following issues:

- CVE-2020-28473: Fixed Web Cache Poisoning vulnerability using parameter cloaking (bsc#1182181).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:488-1
Released:    Tue Feb 16 12:42:38 2021
Summary:     Security update for jasper
Type:        security
Severity:    important
References:  1179748,1181483,CVE-2020-27828,CVE-2021-3272
This update for jasper fixes the following issues:

- bsc#1179748 CVE-2020-27828: Fix heap overflow by checking maxrlvls
- bsc#1181483 CVE-2021-3272: Fix buffer over-read in jp2_decode

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:492-1
Released:    Wed Feb 17 09:40:06 2021
Summary:     Security update for screen
Type:        security
Severity:    important
References:  1182092,CVE-2021-26937
This update for screen fixes the following issues:

- CVE-2021-26937: Fixed double width combining char handling that could lead to a denial of service or code execution (bsc#1182092).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:493-1
Released:    Wed Feb 17 11:25:46 2021
Summary:     Recommended update for python-kiwi
Type:        recommended
Severity:    moderate
References:  1170863,1175729,1176129,1176134,1176977,1179562,1180781
This update for python-kiwi fixes the following issues:

Update to version 9.21.23
 
- Azure generated images are not bootable. (bsc#1180781)
- Fixed validation of bool value in dracut module. (bsc#1179562)
  
  - The `oem-multipath-scan` setup results in a bool variable inside of the initrd code. 
  The variable `kiwi_oemmultipath_scan` is therefore either set to _true_ or _false_. 
  This update fixes the validation to make use of the `bool()` method provided for these type of variables.
    
- Omit multipath module by default (bsc#1179562)
    
  - The plain installation of the multipath toolkit activates the
    dracut multipath code. The setup if the target image runs in a
    multipath environment or not should however be decided explicitly
    in the image description via `<oem-multipath-scan>` and not
    implicitly by the presence of tools. 
    
- Fixed multipath disk device assignment in kiwi lib (bsc#1179562)
    
  - The former lookup of the multipath mapped disk device contained
    a race condition. If the lookup of the device mapper files happened
    before multipathd has finished the initialization, kiwi continues
    with the unix node name and fails when the device mapper keeps
    a busy state on it. This update changes the code such that in case
    of an explicit request to use multipath the lookup of the mapped
    device becomes a mandatory process that runs until the
    `DEVICE_TIMEOUT` is reached. Default timeout is set to 60 sec.
    
- Do not exclude filesystem folders in OCI images (bsc#1176129)
    
  - This update does not exclude filesystem folders during the rsync call
    in OCI images. It has been noted that including an empty `/dev` folder does
    not hurt and it can eventually help to workaround some limitations of
    container related tools such as `buildah`.
    
- Fix/Refactor s390 support (bsc#1170863)
    
  - This changes the s390 support on several stages:
    - On s390 the boot process is based on zipl which boots into an initrd from which a userspace grub process is
    started to support the grub capabilities. The implementation of this concept is provided via the 
    `grub2-s390x-emu` package. Once installed the setup of the bootloader is done via the `grub2-mkconfig` and
    `grub2-install` commands and therefore from a caller perspective the same as with any other 
    grub2 setup process. For kiwi this means no extra zipl bootloader target code is needed. Therefore
    this update deletes the zipl setup from kiwi and puts on the standard grub2 process. 
    - To support different targettypes the `grub2-s390x-emu` provided
    zipl template must be adapted. Parts of the former zipl bootloader
    setup therefore now applies to an update of the `zipl2grub` template file
    - Support for `CDL/LDL DASD` targets has been disabled in the schema.
    When testing 4k devices and a respective zipl2grub template
    setup for `CDL/LDL` targettype it has turned out that `grub2-install` is not able to run on such a device. 
    Probably the device code in `grub2-install` does not work for 4k devices with an fdasd created partition table. 
    As this needs further investigations and most probably adaptions on the grub toolchain for s390, 
    we disabled the setup of these modes for now. Emulated DASD (FBA) and SCSI targets stays supported.

- Fix compat link for rpmdb location. (bsc#1176977) 

  - This update fixes the symbolic link creation for `/var/lib/rpm`. More specific for derived container images 
    in which the base root tree already included the `/var/lib/rpm` the link, the `ln` command was creating a
    symbolic link inside the `/var/lib/rpm` folder givent that it was following the already existing symbolic link. 
    Adding the `--no-target-directory` force `ln` command to treat `/var/lib/rpm` path as the fully qualified 
    symlink name.
    
- Fixed s390/sle15 Virtual disk integration test. (bsc#1170863)
    
  - The integration test used FBA mode as target. As the target is expected to be KVM this is the wrong setting. 
    SCSI should be used instead. 
    
- Support dynamic `linux/linuxefi` in any case. (bsc#1175729, bsc#1176134)
    
  - Instead of restricting the dynamic linux vs. linuxefi setup to a specific grub version, 
    support this setup for any version of grub. 
    
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:499-1
Released:    Wed Feb 17 19:07:44 2021
Summary:     Recommended update for MozillaThunderbird
Type:        recommended
Severity:    moderate
References:  1181848
This update for MozillaThunderbird fixes the following issues:

- Mozilla Thunderbird 78.7.1 (bsc#1181848)
  * changed: Building OpenPGP shared library linked to system libraries now supported
  * changed: MailExtension errors now shown in Developer Tools console by default
  * changed: MailExtensions: Dynamic registration of calendar providers now supported
  * fixed: OpenPGP improvements
  * fixed: Message preview was sometimes blank after upgrading from Thunderbird 68
  * fixed: Email addresses whitelisted for remote content not displayed in preferences
  * fixed: Importing data from Seamonkey did not work
  * fixed: Renaming a mail list did not update the side bar
  * fixed: MailExtensions: messenger.* namespace was undefined

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:509-1
Released:    Thu Feb 18 12:11:19 2021
Summary:     Recommended update for ucode-intel
Type:        recommended
Severity:    important
References:  1179224,1182347
This update for ucode-intel fixes the following issues:

Updated Intel CPU Microcode to 20210216 official release. (bsc#1182347 bsc#1179224)

- | Processor      | Stepping | F-M-S/PI    | Old Ver  | New Ver  | Products
- |:---------------|:---------|:------------|:---------|:---------|:---------
- | SKX-SP         | H0/M0/U0 | 06-55-04/b7 | 02006a08 | 02006a0a | Xeon Scalable
- | SKX-D          | M1       | 06-55-04/b7 | 02006a08 | 02006a0a | Xeon D-21xx
- | CLX-SP         | B0       | 06-55-06/bf | 04003003 | 04003006 | Xeon Scalable Gen2
- | CLX-SP         | B1       | 06-55-07/bf | 05003003 | 05003006 | Xeon Scalable Gen2

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:516-1
Released:    Thu Feb 18 14:42:51 2021
Summary:     Recommended update for docker, golang-github-docker-libnetwork
Type:        recommended
Severity:    moderate
References:  1178801,1180401,1182168
This update for docker, golang-github-docker-libnetwork fixes the following issues:

- A libnetwork firewalld integration enhancement was broken, disable it (bsc#1178801,bsc#1180401,bsc#1182168)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:518-1
Released:    Thu Feb 18 17:57:56 2021
Summary:     Recommended update for highlight
Type:        recommended
Severity:    moderate
References:  1142155
This update for highlight fixes the following issues:

Update from version 3.42 to 3.59:

- HTML output: Added `white-space: pre-wrap` to pre tag CSS.
- Updated mark_lines.lua plug-in accept a line range as input parameter and output xterm256 terminal sequences.
- Improved Ruby code folding of the outhtml_codefold plug-in.
- Updated astyle lib to rev 672.
- Added support for reStructured Text.
- Added support for Rego (openpolicyagent.org).
- Added `outhtml_copy_clipboard.lua` plugin.
- CLI: Adapted default xterm256/truecolor theme to terminal background colour.
- CLI: Adapted ANSI line numbers to terminal background colour.
- CLI: Fixed segfault if the user home directory cannot be determined.
- GUI: Initial font set to Monospace.
- GUI: Replaced highlight.xpm by highlight.png icon.
- Add hicolor-icon-themes as build requirement: Required since move of highlight-gui icon.
- Improved `--force` fallback argument handling.
- Added C++ attribute syntax support.
- Added Lua fuction `StoreValue` to set and retrieve information across Lua states.
- Added `extras/eclipse-themes/eclipse_color_themes.py` script to retrieve themes from eclipsecolorthemes.org.
- Added support for Web Assembly Text.
- Updated mark_lines.lua to output 16m terminal sequences
- Fixed issues in bash.lang.
  - Fixed Bash heredoc highlighting in bash_functions.lua
- CLI: `highlight --version -q` only prints the version number.
  * GUI: Added theme contrast indicator.
- Added support for Haml.
- Added support for Wren.
  * Added Lua function `OverrideParam`.
- Fixed regression in xterm256 or truecolor output
  * Fixed `--list-scripts` with read-only language definitions
- Improved several language definitions.
  * Added support for Sequence Alignment Maps (SAM files).
  * Added empty-file mode to --no-trailing-nl
- Fixed issue with --syntax-by-name waiting for stdin
- Fixed issue with --syntax reading matching files in the current working directory 
- Fixed string parsing in lisp.lang 
  * Fixed output of UTF-8 text in xterm256 or truecolor output
  * Fixed regex in js.lang.
  * Fixed calculation of testcase markers with UTF-8 input.
- Allowed number literals with underscores in Java, Scala, D, Julia, C#, Perl and Ada definitions.
  * Added Nord theme.
- Improved handling of empty files in xterm256 and truecolor output 
- Added EncodingHint attributes to filetypes.conf and language definitions 
- CLI: Allowed file paths as --theme and --syntax argument
  * GUI: Removed deprecated QTime API call.
- Fixed default colour output in BBCode
- Fixed corner case in sh.lang.
  * Fixed syntax tests with UTF-8 input
- Added support for Bash in outhtml_codefold.lua plug-in.
  * Added ballerina.lang.
  * Added block strings to java.lang.
- Added author hints in themes and language definitions.
  * Added C++20 reserved words in c.lang.
- Added editorconfig file and validated all files accordingly.
  * CLI: Fixed --list-scripts with -d or HIGHLIGHT_DATADIR env variable 
  * GUI: Removed AsciiDoc instruction lines from the README popup window.
- Use lang_package macro for highlight-gui-lang declaration.
- Fixed out-of-range exception with repeated AddKeyword calls.
- Added KeywordFormatHints, Priority and Constraints elements to syntax definitions.
- Added Lua function AddPersistentState
- Renamed md.lang to markdown.lang.
- Added Fish syntax definition.
- Makefile: added _FILE_OFFSET_BITS=64 flag.
- CLI: added optional fallback syntax to --force
- CLI: added option --max-size 
  * GUI: added multibyte path trace window.
  * GUI: fixed superfluous creation of the same stylesheet file.
- Fix build instability (bsc#1142155).
- Added negation `~` to test state indicators
- Added support for Hugo.
  * Added 5 duotone themes.
- CLI: fixed segfault with `--force` 
  * GUI: limited font selection to monospace fonts
  * SVG output: Added `white-space: pre` in styles.
- HTML output: Replaced `&apos;` by `&#39;`
- HTML output: Fixed index file format (missing close tags).
- CLI: Moved syntax recognition functions to DataDir class.
  * CLI: Added regular expressions and default false values to --verbose output.
- CLI: Fixed `--list-cat` without `--list-scripts`
  * CLI: Added optional argument to `--base16`
  * CLI: Added default base16 themes
- CLI: Added `--isolate` option 
- Added lineno, column parameters to OnStateChange hook.
- Added support for Crystal.
- Added support for Slim.
- Fixed several typos in documentaion and manpages.
  * CLI: Added `--syntax-by-name` option.
  * CLI: Removed deprecated `--list-langs` and`--list-themes` options.
- GUI: Added terminal sequence output options
- Added support for Meson, Solidity, TOML and Terraform.
- Improved Perl and Yaml highlighting.
- Added Categories field to all config files.
- CLI: added category info in --list-scripts output.
  * CLI: added --list-cat option 
- CLI: added optional topic parameter to --help.
  * GUI: added theme category selection.
- GUI: display categories of selected syntax or theme.
- Fixed --list-scripts abortion with Fedora default compile options 
  * Fixed a problem with syntax test indicators reporting wrong states after comments.
- Improved Verilog syntax.
- Improved quoted string highlighting for Perl and Ruby.
- Detection of pkg-config's Lua version in src/makefile.
- Fixed xterm256 and truecolor whitespace output #2
- Fixed LaTeX, TeX, SVG and ODT whitespace output (regression of version 3.45).
  * Added darkplus theme.
  * Converted ChangeLog to AsciiDoc.
- Allowed state test indicators to match both whitespace (ws) and the enclosing state (others).
- CLI: Default output changed to xterm256 or truecolor if run in a terminal with color support and only a single file 
  is outputted.
- GUI: Added checkbox in the clipboard tab to output selected lines only.
- Fixed xterm256 and truecolor whitespace output
- Converted manuals to AsciiDoc.
- Added DocumentHeader and DocumentFooter plug-in hooks.
- Added RemoveKeyword Lua function for syntax definitions.
- Added syntax test indicators (see README_TESTCASES).
- Added support for ISO and R10 variants of Modula2.
- Fixed R identifiers.
- Fixed ALAN IF identifiers.
- Fixed issue with Bash string interpolation.
- Added Swift keywords and types.
- Added Gradle extension mapping.
- Fixed Ruby string interpolation 
- Added support for ALAN IF.
- Added 107 Base16 themes.
  * Updated Rust and Java reserved words lists.
  * Revised documentation.
- Moved extras/css-themes into extras/themes-resources.
  * Added extras/themes-resources/base16.
  * GUI: added Base16 theme selection checkbox.
  * CLI: added --base16 option to enable the new themes.
- CLI: accept - as argument to read from stdin
- Make the build of gui subpackage conditional (built by default).
- Updated astyle code to release 3.1 (Rev. 655).
- Added webkit reformatting style.
- Improved several language definitions.
- Fixed Matlab string recognition
- Fixed Autohotkey escape sequence recognition.
- Added excel.lang
- Improved Qt pro file
- CLI: Added --reformat-option
  * CLI: Added --line-range
- GUI: Added Bulgarian translation.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:526-1
Released:    Fri Feb 19 12:46:27 2021
Summary:     Recommended update for python-distro
Type:        recommended
Severity:    moderate
References:  
This update for python-distro fixes the following issues:

Upgrade from version 1.2.0 to 1.5.0 (jsc#ECO-3212)

- Backward compatibility:
  - Keep output as native string so we can compatible with python2 interface
  - Prefer the `VERSION_CODENAME` field of `os-release` to parsing it from `VERSION`

- Bug Fixes:
  - Fix detection of RHEL 6 `ComputeNode`
  - Fix Oracle 4/5 `lsb_release` id and names
  - Ignore `/etc/plesk-release` file while parsing distribution
  - Return `_uname_info` from the `uname_info()` method
  - Fixed `CloudLinux` id discovery
  - Update Oracle matching 
  - Warn about wrong locale.

- Documentation:
  - Distro is the recommended replacement for `platform.linux_distribution`
  - Add Ansible reference implementation and fix arch-linux link
  - Add facter reference implementation 

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:531-1
Released:    Fri Feb 19 14:54:06 2021
Summary:     Security update for tomcat
Type:        security
Severity:    moderate
References:  1180947,CVE-2021-24122
This update for tomcat fixes the following issues:

- CVE-2021-24122: Fixed an information disclosure if resources are served from the NTFS file system (bsc#1180947).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:542-1
Released:    Mon Feb 22 12:14:19 2021
Summary:     Recommended update for poppler
Type:        recommended
Severity:    moderate
References:  1181551
This update for poppler fixes the following issues:

- Fixed an issue where it was not possible to open signed DocuSign documents with poppler (bsc#1181551)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:543-1
Released:    Mon Feb 22 13:54:49 2021
Summary:     Security update for postgresql13
Type:        security
Severity:    moderate
References:  1179765,1182039,1182040,CVE-2021-20229,CVE-2021-3393
This update for postgresql13 fixes the following issues:

Upgrade to version 13.2:

  * Updating stored views and reindexing might be needed after applying this update.
  * CVE-2021-3393, bsc#1182040: Fix information leakage in constraint-violation error messages.
  * CVE-2021-20229, bsc#1182039: Fix failure to check per-column SELECT privileges in some join queries.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:554-1
Released:    Tue Feb 23 11:14:46 2021
Summary:     Recommended update for lifecycle-data-sle-module-live-patching
Type:        recommended
Severity:    moderate
References:  1020320
This update for lifecycle-data-sle-module-live-patching fixes the following issue:

- Added data for 4_12_14-150_66, 4_12_14-197_78, 5_3_18-24_46, 5_3_18-24_49. (bsc#1020320)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:571-1
Released:    Tue Feb 23 16:11:33 2021
Summary:     Recommended update for cloud-init
Type:        recommended
Severity:    moderate
References:  1180176
This update for cloud-init contains the following fixes:

- Update cloud-init-write-routes.patch (bsc#1180176)
  + Follow up to previous changes. Fix order of operations
    error to make gateway comparison between subnet configuration and
    route configuration valuable rather than self-comparing.

- Add cloud-init-sle12-compat.patch (jsc#PM-2335)
  - Python 3.4 compatibility in setup.py
  - Disable some test for mock version compatibility

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:577-1
Released:    Wed Feb 24 10:00:26 2021
Summary:     Recommended update for fio
Type:        recommended
Severity:    moderate
References:  
This update for fio fixes the following issues:

- Fixes for several bug fixes and issues.
- Added support for NBD and ZBD

For a full list of changes, please refer to this rpm's changelog.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:579-1
Released:    Wed Feb 24 10:38:22 2021
Summary:     Recommended update for arpwatch
Type:        recommended
Severity:    moderate
References:  1181936
This update for arpwatch fixes the following issues:

- Fix arp2ethers script (bsc#1181936).

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2021:582-1
Released:    Wed Feb 24 11:24:09 2021
Summary:     Optional update for netpbm
Type:        optional
Severity:    low
References:  1181571
This update for netpbm fixes the following issues:

- Skips failing test cases for armv7hl (bsc#1181571)

This patch is optional to install. It doesn't fix any issues for users.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:589-1
Released:    Thu Feb 25 06:11:06 2021
Summary:     Recommended update for hawk2
Type:        recommended
Severity:    moderate
References:  1181436,1182163
This update for hawk2 fixes the following issues:

- Fixed an issue where the path to /usr/sbin/attrd_updater was wrong (bsc#1181436)
- Removed the use of %x (bsc#1182163)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:596-1
Released:    Thu Feb 25 10:26:30 2021
Summary:     Recommended update for gcc7
Type:        recommended
Severity:    moderate
References:  1181618
This update for gcc7 fixes the following issues:

- Fixed webkit2gtk3 build (bsc#1181618)
- Change GCC exception licenses to SPDX format
- Remove include-fixed/pthread.h

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:598-1
Released:    Thu Feb 25 10:30:23 2021
Summary:     Recommended update for go
Type:        recommended
Severity:    moderate
References:  1164903,1172608,1175132
This update for go fixes the following issues:

Update to current stable go1.15 (bsc#1175132)

* Ensure 'Provides: golang(API) = %{api_version}' is consistent
  to improve package resolution for common go dependency expressions
  'BuildRequires: golang(API) >= 1.x' and BuildRequires: go >= 1.x
  OBS projects that contain go code often have prjconf entries
  'Prefer: go' which selects go metapackage over go1.x packages.
  When go metapackage Provides: version is lower than go1.x versions,
  'Prefer: go' is not effective and build failures occur with errors
  unresolvable: have choice for golang(API) >= 1.13: go1.13 go1.14
  Edits and changelog Jeff Kowalczyk <jkowalczyk@suse.com> (bsc#1172608)

* Unify '{version'} and '{short_version}' as '{api_version}' for
  'Provides: golang(API) = %{api_version}'
* Use both 'BuildRequires: go%{api_version}' and 'Requires: go%{api_version}'
  to trigger build errors if go1.x is unavailable
* Add aarch64 to supported systems for go-race via
  %define tsan_arch x86_64 aarch64
* Add tsan_arch x86_64 aarch64 for suse_version >= 1500 and
  sle_version >= 150000, formerly conditional on suse_version >= 1315
* Ensure %ifarch %{tsan_arch} always evaluates (nil does not work)
  via dummy tsan_arch on systems where go-race is not supported

Update to current stable go1.14 (bsc#1164903)

* Remove redundant Provides: go-doc=%{version} per rpmlint warning

- Change suse_version >= 1315 (was 1550) defines short_version 1.12
  go1.12 packages are available for SLE-12.

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2021:612-1
Released:    Fri Feb 26 04:55:47 2021
Summary:     Optional update for m4
Type:        optional
Severity:    low
References:  1181571
This update for m4 fixes the following issues:

- Fixed an issue in building against newer glibc versions (bsc#1181571)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:654-1
Released:    Fri Feb 26 20:01:10 2021
Summary:     Security update for python-Jinja2
Type:        security
Severity:    important
References:  1181944,1182244,CVE-2020-28493
This update for python-Jinja2 fixes the following issues:

- CVE-2020-28493: Fixed a ReDOS vulnerability where urlize could have 
  been called with untrusted user data (bsc#1181944).  

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:656-1
Released:    Mon Mar  1 09:34:21 2021
Summary:     Recommended update for protobuf
Type:        recommended
Severity:    moderate
References:  1177127
This update for protobuf fixes the following issues:

- Add missing dependency of python subpackages on python-six. (bsc#1177127)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:659-1
Released:    Mon Mar  1 13:41:20 2021
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    important
References:  1182357,1182614,CVE-2021-23968,CVE-2021-23969,CVE-2021-23973,CVE-2021-23978
This update for MozillaFirefox fixes the following issues:

- Firefox Extended Support Release 78.8.0 ESR
  * Fixed: Various stability, functionality, and security fixes
  MFSA 2021-08 (bsc#1182614)
  * CVE-2021-23969: Content Security Policy violation report could have contained the destination of a redirect
  * CVE-2021-23968: Content Security Policy violation report could have contained the destination of a redirect
  * CVE-2021-23973: MediaError message property could have leaked information about cross-origin resources
  * CVE-2021-23978: Memory safety bugs fixed in Firefox 86 and Firefox ESR 78.8

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:661-1
Released:    Mon Mar  1 16:12:47 2021
Summary:     Security update for MozillaThunderbird
Type:        security
Severity:    important
References:  1182357,1182614,CVE-2021-23968,CVE-2021-23969,CVE-2021-23973,CVE-2021-23978
This update for MozillaThunderbird fixes the following issues:

- Mozilla Thunderbird 78.8
  * fixed: Importing an address book from a CSV file always reported an error
  * fixed: Security information for S/MIME messages was not displayed correctly prior to a draft being saved
  * fixed: Calendar: FileLink UI fixes for Caldav calendars
  * fixed: Recurring tasks were always marked incomplete; unable to use filters
  * fixed: Various UI widgets not working
  * fixed: Dark theme improvements
  * fixed: Extension manager was missing link to addon support web page
  * fixed: Various security fixes
  MFSA 2021-09 (bsc#1182614)
  * CVE-2021-23969: Content Security Policy violation report could have contained the destination of a redirect
  * CVE-2021-23968: Content Security Policy violation report could have contained the destination of a redirect
  * CVE-2021-23973: MediaError message property could have leaked information about cross-origin resources
  * CVE-2021-23978: Memory safety bugs fixed in Thunderbird 78.8

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:665-1
Released:    Mon Mar  1 16:15:47 2021
Summary:     Security update for java-1_8_0-openjdk
Type:        security
Severity:    moderate
References:  1181239,CVE-2020-14803
This update for java-1_8_0-openjdk fixes the following issues:

- Update to version jdk8u282 (icedtea 3.18.0)
  * January 2021 CPU (bsc#1181239)
  * Security fixes
    + JDK-8247619: Improve Direct Buffering of Characters (CVE-2020-14803)
  * Import of OpenJDK 8 u282 build 01
    + JDK-6962725: Regtest javax/swing/JFileChooser/6738668/
      /bug6738668.java fails under Linux
    + JDK-8025936: Windows .pdb and .map files does not have proper
      dependencies setup
    + JDK-8030350: Enable additional compiler warnings for GCC
    + JDK-8031423: Test java/awt/dnd/DisposeFrameOnDragCrash/
      /DisposeFrameOnDragTest.java fails by Timeout on Windows
    + JDK-8036122: Fix warning 'format not a string literal'
    + JDK-8051853: new
      URI('x/').resolve('..').getSchemeSpecificPart() returns null!
    + JDK-8132664: closed/javax/swing/DataTransfer/DefaultNoDrop/
      /DefaultNoDrop.java locks on Windows
    + JDK-8134632: Mark javax/sound/midi/Devices/
      /InitializationHang.java as headful
    + JDK-8148854: Class names 'SomeClass' and 'LSomeClass;'
      treated by JVM as an equivalent
    + JDK-8148916: Mark bug6400879.java as intermittently failing
    + JDK-8148983: Fix extra comma in changes for JDK-8148916
    + JDK-8160438: javax/swing/plaf/nimbus/8057791/bug8057791.java
      fails
    + JDK-8165808: Add release barriers when allocating objects
      with concurrent collection
    + JDK-8185003: JMX: Add a version of
      ThreadMXBean.dumpAllThreads with a maxDepth argument
    + JDK-8202076: test/jdk/java/io/File/WinSpecialFiles.java on
      windows with VS2017
    + JDK-8207766: [testbug] Adapt tests for Aix.
    + JDK-8212070: Introduce diagnostic flag to abort VM on failed
      JIT compilation
    + JDK-8213448: [TESTBUG] enhance jfr/jvm/TestDumpOnCrash
    + JDK-8215727: Restore JFR thread sampler loop to old /
      previous behavior
    + JDK-8220657: JFR.dump does not work when filename is set
    + JDK-8221342: [TESTBUG] Generate Dockerfile for docker testing
    + JDK-8224502: [TESTBUG] JDK docker test TestSystemMetrics.java
      fails with access issues and OOM
    + JDK-8231209: [REDO] ThreadMXBean::getThreadAllocatedBytes()
      can be quicker for self thread
    + JDK-8231968: getCurrentThreadAllocatedBytes default
      implementation s/b getThreadAllocatedBytes
    + JDK-8232114: JVM crashed at imjpapi.dll in native code
    + JDK-8234270: [REDO] JDK-8204128 NMT might report incorrect
      numbers for Compiler area
    + JDK-8234339: replace JLI_StrTok in java_md_solinux.c
    + JDK-8238448: RSASSA-PSS signature verification fail when
      using certain odd key sizes
    + JDK-8242335: Additional Tests for RSASSA-PSS
    + JDK-8244225: stringop-overflow warning on strncpy call from
      compile_the_world_in
    + JDK-8245400: Upgrade to LittleCMS 2.11
    + JDK-8248214: Add paddings for TaskQueueSuper to reduce
      false-sharing cache contention
    + JDK-8249176: Update GlobalSignR6CA test certificates
    + JDK-8250665: Wrong translation for the month name of May in
      ar_JO,LB,SY
    + JDK-8250928: JFR: Improve hash algorithm for stack traces
    + JDK-8251469: Better cleanup for
      test/jdk/javax/imageio/SetOutput.java
    + JDK-8251840: Java_sun_awt_X11_XToolkit_getDefaultScreenData
      should not be in make/mapfiles/libawt_xawt/mapfile-vers
    + JDK-8252384: [TESTBUG] Some tests refer to COMPAT provider
      rather than JRE
    + JDK-8252395: [8u] --with-native-debug-symbols=external
      doesn't include debuginfo files for binaries
    + JDK-8252497: Incorrect numeric currency code for ROL
    + JDK-8252754: Hash code calculation of JfrStackTrace is
      inconsistent
    + JDK-8252904: VM crashes when JFR is used and JFR event class
      is transformed
    + JDK-8252975: [8u] JDK-8252395 breaks the build for
      --with-native-debug-symbols=internal
    + JDK-8253284: Zero OrderAccess barrier mappings are incorrect
    + JDK-8253550: [8u] JDK-8252395 breaks the build for make
      STRIP_POLICY=no_strip
    + JDK-8253752: test/sun/management/jmxremote/bootstrap/
      /RmiBootstrapTest.java fails randomly
    + JDK-8254081: java/security/cert/PolicyNode/
      /GetPolicyQualifiers.java fails due to an expired certificate
    + JDK-8254144: Non-x86 Zero builds fail with return-type
      warning in os_linux_zero.cpp
    + JDK-8254166: Zero: return-type warning in
       zeroInterpreter_zero.cpp
    + JDK-8254683: [TEST_BUG] jdk/test/sun/tools/jconsole/
      /WorkerDeadlockTest.java fails
    + JDK-8255003: Build failures on Solaris

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:670-1
Released:    Mon Mar  1 17:35:51 2021
Summary:     Security update for java-1_8_0-ibm
Type:        security
Severity:    important
References:  1181239,1182186,CVE-2020-14803,CVE-2020-27221
This update for java-1_8_0-ibm fixes the following issues:

- Update to Java 8.0 Service Refresh 6 Fix Pack 25
  [bsc#1182186, bsc#1181239, CVE-2020-27221, CVE-2020-14803]
  * CVE-2020-27221: Potential for a stack-based buffer overflow
    when the virtual machine or JNI natives are converting from
    UTF-8 characters to platform encoding.
  * CVE-2020-14803: Unauthenticated attacker with network access
    via multiple protocols allows to compromise Java SE.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:690-1
Released:    Wed Mar  3 17:14:42 2021
Summary:     Recommended update for scap-security-guide
Type:        recommended
Severity:    moderate
References:  
This update for scap-security-guide fixes the following issues:

This update ships the ComplianceAsCode build version 0.1.54,
containing the following supported file:

- SCAP STIG automation for SUSE Linux Enterprise 12 (SUSE supplied)
- CIS automation for SUSE Linux Enterprise 15 (community supplied)

It can be evaluated using 'oscap' from 'openscap-utils', e.g. by doing on SUSE Linux Enterprise 12:

- oscap xccdf eval --profile stig /usr/share/xml/scap/ssg/content/ssg-sle12-ds.xml

or the community supplied CIS on SUSE Linux Enterprise 15:

- oscap xccdf eval --profile cis /suse/meissner/scap/usr/share/xml/scap/ssg/content/ssg-sle15-ds.xml

More content will be added in future updates.

Also supplied are Red Hat, CentOS, Fedora, Debian, Ubuntu and related builds from ComplianceAsCode.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:707-1
Released:    Thu Mar  4 09:19:36 2021
Summary:     Recommended update for systemd-rpm-macros
Type:        recommended
Severity:    moderate
References:  1177039
This update for systemd-rpm-macros fixes the following issues:

- Bump to version 6

- Make upstream '%systemd_{pre,post,preun,postun}' aliases to their SUSE counterparts.
  Packagers can now choose to use the upstream or the SUSE variants
  indifferently. For consistency the SUSE variants should be preferred
  since almost all SUSE packages already use them but the upstream
  versions might be usefull in certain cases where packages need to
  support multiple distros based on RPM.

- Improve the logic used to apply the presets. (bsc#1177039)
  Before presests were applied at a) package installation b) new units
  introduced via a package update (but after making sure that it was
  not a SysV initscript being converted).
  The problem is that a) didn't handle package a renaming or split
  properly since the package with the new name is installed rather
  being updated and therefore the presets were applied even if they
  were already with the old name.
  We now cover this case (and the other ones) by applying presets only
  if the units are new and the services are not being migrated. This
  regardless of whether this happens during an install or an update.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:716-1
Released:    Fri Mar  5 17:22:27 2021
Summary:     Recommended update for go
Type:        recommended
Severity:    moderate
References:  1182345
This update for go fixes the following issues:

- Update to current stable go1.16 (bsc#1182345)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:717-1
Released:    Fri Mar  5 17:22:41 2021
Summary:     Recommended update for stunnel
Type:        recommended
Severity:    moderate
References:  1182376
This update for stunnel fixes the following issues:

- Do not replace the active config file (bsc#1182376)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:726-1
Released:    Mon Mar  8 17:16:33 2021
Summary:     Recommended update for regionServiceClientConfigEC2
Type:        recommended
Severity:    moderate
References:  1176005,1176007
This update for regionServiceClientConfigEC2 contains the following fixes:

- Update to version 3.0.0: (bsc#1176005, bsc#1176007)
  + Reduce the number of region servers
  + Require python3-ec2metadata to support IMDSv2 only setups
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:734-1
Released:    Tue Mar  9 14:40:17 2021
Summary:     Recommended update for dehydrated
Type:        recommended
Severity:    moderate
References:  1154167,1178927
This update for dehydrated fixes the following issues:

Update to dehydrated 0.7.0 (jsc#SLE-15909)

- Added

  - Support for external account bindings
  - Special support for ZeroSSL
  - Support presets for some CAs instead of requiring URLs
  - Allow requesting preferred chain (--preferred-chain)
  - Added method to show CAs current terms of service (--display-terms)
  - Allow setting path to domains.txt using cli arguments (--domains-txt)
  - Added new cli command --cleanupdelete which deletes old files instead of archiving them

- Fixed

  - No more silent failures on broken hook-scripts
  - Better error-handling with KEEP_GOING enabled
  - Check actual order status instead of assuming it's valid
  - Don't include keyAuthorization in challenge validation (RFC compliance)

- Changed

  - Using EC secp384r1 as default certificate type
  - Use JSON.sh to parse JSON
  - Use account URL instead of account ID (RFC compliance)
  - Dehydrated now has a new home: https://github.com/dehydrated-io/dehydrated
  - Added OCSP_FETCH and OCSP_DAYS to per-certificate configurable options

- dehydrated-apache2: Check for mod_compat (bsc#1178927) 

- Update maintainer file and package description, remove features
  that are better described in the (upstream maintained) man page.

- Remove potentially harmful scriptlet (bsc#1154167). 

- Removed lighttpd 1.x integration package. If you still would like
  to use lighttpd with dehydrated, follow the instructions in the
  README.maintainers file.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:746-1
Released:    Tue Mar  9 16:57:49 2021
Summary:     Recommended update for xorg-x11-server
Type:        recommended
Severity:    moderate
References:  1182884
This update for xorg-x11-server fixes the following issues:

- Fix for build issues with armv7. (bsc#1182884)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:761-1
Released:    Wed Mar 10 12:26:54 2021
Summary:     Recommended update for libX11
Type:        recommended
Severity:    moderate
References:  1181963
This update for libX11 fixes the following issues:

	  - Fixes a race condition in 'libX11' that causes various applications to crash randomly. (bsc#1181963)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:769-1
Released:    Thu Mar 11 20:22:29 2021
Summary:     Security update for openssl-1_0_0
Type:        security
Severity:    moderate
References:  1182331,1182333,CVE-2021-23840,CVE-2021-23841
This update for openssl-1_0_0 fixes the following issues:

- CVE-2021-23840: Fixed an Integer overflow in CipherUpdate (bsc#1182333)
- CVE-2021-23841: Fixed a Null pointer dereference in X509_issuer_and_serial_hash() (bsc#1182331)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:772-1
Released:    Fri Mar 12 11:56:21 2021
Summary:     Security update for stunnel
Type:        security
Severity:    important
References:  1177580,1182529,CVE-2021-20230
This update for stunnel fixes the following issues:

- Security fix: [bsc#1177580, bsc#1182529, CVE-2021-20230]
  * 'redirect' option does not properly handle 'verifyChain = yes'

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:784-1
Released:    Mon Mar 15 11:19:08 2021
Summary:     Recommended update for efivar
Type:        recommended
Severity:    moderate
References:  1181967
This update for efivar fixes the following issues:

- Fixed an issue with the NVME path parsing (bsc#1181967)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:795-1
Released:    Tue Mar 16 10:28:02 2021
Summary:     Recommended update for systemd-rpm-macros
Type:        recommended
Severity:    low
References:  1182661,1183012,1183051
This update for systemd-rpm-macros fixes the following issues:

- Added a %systemd_user_pre macro (bsc#1183051, bsc#1183012)
- Fixed an issue with %systemd_user_post, where the --global parameter was treated like if
  it was another service (bsc#1183051, bsc#1182661)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:800-1
Released:    Tue Mar 16 12:53:08 2021
Summary:     Security update for velocity
Type:        security
Severity:    important
References:  1183360,CVE-2020-13936
This update for velocity fixes the following issues:

- CVE-2020-13936: Fixed an arbitrary code execution when attacker is able to modify templates (bsc#1183360).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:873-1
Released:    Thu Mar 18 09:40:58 2021
Summary:     Recommended update for xorg-x11-server
Type:        recommended
Severity:    moderate
References:  1182510
This update for xorg-x11-server fixes the following issues:

- Fix broken man page in 'autoconf' build. (bsc#1182510)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:880-1
Released:    Fri Mar 19 04:14:38 2021
Summary:     Recommended update for hwdata
Type:        recommended
Severity:    low
References:  1170160,1182482
This update for hwdata fixes the following issues:

- Updated pci, usb and vendor ids (bsc#1182482, bsc#1170160, jsc#SLE-13791)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:906-1
Released:    Fri Mar 19 16:18:34 2021
Summary:     Recommended maintenance update for SUSE Manager 4.1: Server and Proxy
Type:        recommended
Severity:    moderate
References:  1157711,1173893,1175660,1177508,1179579,1180145,1180146,1180224,1180439,1180547,1180558,1180757,1180994,1181048,1181165,1181228,1181290,1181416,1181423,1181635,1181807,1181814,1182001,1182006,1182008,1182071,1182200,1182492,1182685,CVE-2020-26217,CVE-2020-26258,CVE-2020-26259,CVE-2020-28477
Maintenance update for SUSE Manager 4.1: Server and Proxy

This is a codestream only patchinfo.
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:924-1
Released:    Tue Mar 23 10:00:49 2021
Summary:     Recommended update for filesystem
Type:        recommended
Severity:    moderate
References:  1078466,1146705,1175519,1178775,1180020,1180083,1180596,1181011,1181831,1183094
This update for filesystem the following issues:

- Remove duplicate line due to merge error
- Add fix for 'mesa' creating cache with perm 0700. (bsc#1181011) 
- Fixed an issue causing failure during installation/upgrade a failure. (rh#1548403) (bsc#1146705)
- Allows to override config to add cleanup options of '/var/tmp'. (bsc#1078466)
- Create config to cleanup '/tmp' regular required with 'tmpfs'. (bsc#1175519)

This update for systemd fixes the following issues:

- Fix for a possible memory leak. (bsc#1180020)
- Fix for a case when to a bind mounted directory results inactive mount units. (#7811) (bsc#1180596)
- Fixed an issue when starting a container conflicts with another one. (bsc#1178775)
- Drop most of the tmpfiles that deal with generic paths and avoid warnings. (bsc#1078466, bsc#1181831)
- Don't use shell redirections when calling a rpm macro. (bsc#1183094)
- 'systemd' requires 'aaa_base' >= 13.2. (bsc#1180083)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:925-1
Released:    Tue Mar 23 10:39:19 2021
Summary:     Recommended update for fetchmail
Type:        recommended
Severity:    moderate
References:  1136538,1182807
This update for fetchmail fixes the following issues:

- Remove comment about not available FETCHMAIL_USER configuration variable in sysconfig.fetchmail. (bsc#1136538)
- Set the hostname for SNI when using TLS (bsc#1182807)


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:927-1
Released:    Tue Mar 23 14:07:06 2021
Summary:     Recommended update for libreoffice
Type:        recommended
Severity:    moderate
References:  1041090,1049382,1116658,1136234,1155141,1173404,1173409,1173410,1173471,1174465,1176547,1177955,1178807,1178943,1178944,1179025,1179203,1181122,1181644,1181872,1182790
This update for libreoffice provides the upgrade from version 6.4.5.2 to 7.1.1.2 (jsc#ECO-3150, bsc#1182790)


libreoffice:

- Image shown with different aspect ratio (bsc#1176547)
- Text changes are reproducibly lost on PPTX with SmartArt (bsc#1181644)
- Adjust to new Box2D and enable KDE on SUSE Linux Enterprise 15-SP3 or newer (jsc#ECO-3375)
- Wrong bullet points in Impress (bsc#1174465)
- SmartArt: text wrongly aligned, background boxes not quite right (bsc#1177955)
- Update the SUSE color palette to reflect the new SUSE branding. (bsc#1181122, bsc#1173471)
  - SUSE Mint
  - SUSE Midnight Blue
  - SUSE Waterhole Blue
  - SUSE Persimmon
- Fix a crash opening a PPTX. (bsc#1179025)
- Fix text box from PowerPoint renders vertically instead of horizontally (bsc#1178807)
- Shadow effects for table completely missing (bsc#1178944, bsc#1178943)
- Disable firebird integration for the time being (bsc#1179203)
- Fixes hang on Writer on scrolling/saving of a document (bsc#1136234)
- Wrong rendering of bulleted lists in PPTX document (bsc#1155141)
- Sidebar: paragraph widget: numeric fields become inactive/unaccessible after saving (bsc#1173404) 
- Crash of Writer opening any document having 'invalid' python file in home directory (bsc#1116658)

libixion:

Update to 0.16.1:

- fixed a build issue on 32-bit linux platforms, caused by slicing of integer string ID values.
- worked around floating point rounding errors which prevented two theoretically-equal numeric values from being 
  evaluated as equal in test code.
- added new function to allow printing of single formula tokens.
- added method for setting cached results on formula cells in model_context.
- changed the model_context design to ensure that all sheets are of the same size.
- added an accessor method to formula_model_access interface (and implicitly in model_context) that directly returns
  a string value from cell.
- added cell_access class for querying of cell states without knowing its type ahead of time.
- added document class which provides a layer on top of model_context, to abstract away the handling of formula 
  calculations.
- deprecated model_context::erase_cell() in favor of empty_cell().
- added support for 3D references - references that contain multiple sheets.
- added support for the exponent (^) and concatenation (&) operators.
- fixed incorrect handling of range references containing whole columns such as A:A.
- added support for unordered range references - range references whose start row or column is greater than 
  their end position counterparts, such as A3:A1.
- fixed a bug that prevented nested formula functions from working properly.
- implemented Calc A1 style reference resolver.
- formula results now directly store the string values when the results are of string type.  
  They previously stored string ID values after interning the original strings.
- Removed build-time dependency on spdlog.

libmwaw:

Update to 0.3.17:

- add a parser for Jazz(Lotus) writer and spreasheet files. The writer parser can only be called if the file 
  still contains its resource fork
- add a parser for Canvas 3 and 3.5 files
- AppleWorks parser: try to retrieve more Windows presentation
- add a parser for Drawing Table files
- add a parser for Canvas 2 files
- API: add new reserved enums in MWAWDocument.hxx `MWAW_T_RESERVED10..MWAW_T_RESERVED29` 
  and add a new define in libmwaw.hxx `MWAW_INTERFACE_VERSION` to check if these enums are defined
- remove the QuarkXPress parser (must be in libqxp)
- retrieve the annotation in MsWord 5 document
- try to better understand RagTime 5-6 document

libnumbertext:

Update to 1.0.6

liborcus:

Update to 0.16.1

- Add upstream changes to fix build with GCC 11 (bsc#1181872)

libstaroffice:

Update to 0.0.7:

- fix `text:sender-lastname` when creating meta-data

libwps:

Update to 0.4.11:

- XYWrite: add a parser to .fil v2 and v4 files
- wks,wk1: correct some problems when retrieving cell's reference.

glfw:

New package provided on version 3.3.2:

- See also: https://www.glfw.org/changelog.html
- Sort list of input files to geany for reproducible builds (bsc#1049382, bsc#1041090)
  * Require pkgconfig(gl) for the devel package to supply needed include GL/gl.h
  * glfwFocusWindow could terminate on older WMs or without a WM
  * Creating an undecorated window could fail with BadMatch 
  * Querying a disconnected monitor could segfault 
  * Video modes with a duplicate screen area were discarded
  * The CMake files did not check for the XInput headers
  * Key names were not updated when the keyboard layout changed 
  * Decorations could not be enabled after window creation
  * Content scale fallback value could be inconsistent 
  * Disabled cursor mode was interrupted by indicator windows
  * Monitor physical dimensions could be reported as zero mm
  * Window position events were not emitted during resizing
  * Added on-demand loading of Vulkan and context creation API libraries
  * [X11] Bugfix: Window size limits were ignored if the minimum or maximum size was 
    set to `GLFW_DONT_CARE`
  * [X11] Bugfix: Input focus was set before window was visible,
    causing BadMatch on some non-reparenting WMs 
  * [X11] Bugfix: glfwGetWindowPos and glfwSetWindowPos operated on
    the window frame instead of the client area
  * [WGL] Added reporting of errors from `WGL_ARB_create_context` extension
  * [EGL] Added lib prefix matching between EGL and OpenGL ES library binaries
  * [EGL] Bugfix: Dynamically loaded entry points were not verified
- Made build of geany-tags optional.

Box2D:

New package provided on version 2.4.1:

    * Extended distance joint to have a minimum and maximum limit.
    * `B2_USER_SETTINGS` and `b2_user_settings.h` can control user 
      data, length units, and maximum polygon vertices.
    * Default user data is now uintptr_t instead of void*
    * b2FixtureDef::restitutionThreshold lets you set the 
      restitution velocity threshold per fixture.
  * Collision
    * Chain and edge shape must now be one-sided to eliminate ghost 
      collisions
    * Broad-phase optimizations
    * Added b2ShapeCast for linear shape casting
  * Dynamics
    * Joint limits are now predictive and not stateful
    * Experimental 2D cloth (rope)
    * b2Body::SetActive -> b2Body::SetEnabled
    * Better support for running multiple worlds
    * Handle zero density better
      * The body behaves like a static body
      * The body is drawn with a red color
    * Added translation limit to wheel joint
    * World dump now writes to box2d_dump.inl
    * Static bodies are never awake
    * All joints with spring-dampers now use stiffness and damping
    * Added utility functions to convert frequency and damping 
      ratio to stiffness and damping
 * Polygon creation now computes the convex hull.
 * The convex hull code will merge vertices closer than dm_linearSlop.


 
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:930-1
Released:    Wed Mar 24 12:09:23 2021
Summary:     Security update for nghttp2
Type:        security
Severity:    important
References:  1172442,1181358,CVE-2020-11080
This update for nghttp2 fixes the following issues:

- CVE-2020-11080: HTTP/2 Large Settings Frame DoS (bsc#1181358)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:933-1
Released:    Wed Mar 24 12:16:14 2021
Summary:     Security update for ruby2.5
Type:        security
Severity:    important
References:  1177125,1177222,CVE-2020-25613
This update for ruby2.5 fixes the following issues:

- CVE-2020-25613: Fixed a potential HTTP Request Smuggling  in WEBrick (bsc#1177125).
- Enable optimizations also on ARM64 (bsc#1177222)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:936-1
Released:    Wed Mar 24 12:21:17 2021
Summary:     Security update for libass
Type:        security
Severity:    important
References:  1177862,CVE-2020-26682
This update for libass fixes the following issues:

- CVE-2020-26682: Fixed a signed integer overflow in the call to outline_stroke() (bsc#1177862).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:940-1
Released:    Wed Mar 24 12:25:20 2021
Summary:     Security update for jetty-minimal
Type:        security
Severity:    important
References:  1182898,CVE-2020-27223
This update for jetty-minimal fixes the following issues:

- jetty-minimal was upgraded to version 9.4.38.v20210224
  - CVE-2020-27223: Fixed an issue with Accept request header which might have led to Denial of Service (bsc#1182898).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:941-1
Released:    Wed Mar 24 12:25:53 2021
Summary:     Security update for hawk2
Type:        security
Severity:    important
References:  1179999,1182165,1182166,CVE-2020-35459,CVE-2021-25314
This update for hawk2 fixes the following issues:

- Update to version 2.6.3:
  * Remove hawk_invoke and use capture3 instead of runas (bsc#1179999)(CVE-2020-35459)
  * Remove unnecessary chmod (bsc#1182166)(CVE-2021-25314) 
  * Sanitize filename to contains whitelist of alphanumeric (bsc#1182165)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:949-1
Released:    Wed Mar 24 14:32:00 2021
Summary:     Security update for evolution-data-server
Type:        security
Severity:    moderate
References:  1173910,1174712,1182882,CVE-2020-14928,CVE-2020-16117
This update for evolution-data-server fixes the following issues:

- CVE-2020-16117: Fix crash on malformed server response with minimal capabilities (bsc#1174712).
- CVE-2020-14928: Response injection via STARTTLS in SMTP and POP3 (bsc#1173910).
- Fix buffer overrun when parsing base64 data (bsc#1182882).

This update for evolution-ews fixes the following issue:

- Fix buffer overrun when parsing base64 data (bsc#1182882).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:952-1
Released:    Thu Mar 25 14:36:56 2021
Summary:     Recommended update for libunwind
Type:        recommended
Severity:    moderate
References:  1160876,1171549
This update for libunwind fixes the following issues:

- Update to version 1.5.0. (jsc#ECO-3395)
- Enable s390x for building. (jsc#ECO-3395)
- Fix compilation with 'fno-common'. (bsc#1171549)
- Fix build with 'GCC-10'. (bsc#1160876)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:953-1
Released:    Thu Mar 25 14:37:26 2021
Summary:     Recommended update for psmisc
Type:        recommended
Severity:    moderate
References:  1178407
This update for psmisc fixes the following issues:

- Fix for 'fuser' when it does not show open kvm storage image files such as 'qcow2' files. (bsc#1178407)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:960-1
Released:    Mon Mar 29 11:16:28 2021
Summary:     Recommended update for cloud-init
Type:        recommended
Severity:    moderate
References:  1181283
This update for cloud-init fixes the following issues:

- Does no longer include the sudoers.d directory twice (bsc#1181283)

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2021:961-1
Released:    Mon Mar 29 11:19:46 2021
Summary:     Feature providing sapstartsrv-resource-agents
Type:        feature
Severity:    moderate
References:  
This update for sapstartsrv-resource-agents provides the following changes:

Simplified Cluster FS architecture for S/4HANA and NetWeaver (jsc#ECO-3341):

- This is a resource agent for the instance specific SAP start framework. 
  It controls the instance specific sapstartsrv process which provides the 
  API to start, stop and check an SAP instance.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:964-1
Released:    Mon Mar 29 11:31:30 2021
Summary:     Recommended update for clamsap
Type:        recommended
Severity:    moderate
References:  1181586
This update for clamsap fixes the following issues:

- updated the documentation about RAM allocation of anon memory segment
  for SAP worker processes (bsc#1181586)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:966-1
Released:    Mon Mar 29 13:06:24 2021
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    important
References:  1183942,CVE-2021-23981,CVE-2021-23982,CVE-2021-23984,CVE-2021-23987
This update for MozillaFirefox fixes the following issues:

- Firefox was updated to 78.9.0 ESR  (MFSA 2021-11, bsc#1183942)
  * CVE-2021-23981: Texture upload into an unbound backing buffer resulted in an out-of-bound read
  * CVE-2021-23982: Internal network hosts could have been probed by a malicious webpage
  * CVE-2021-23984: Malicious extensions could have spoofed popup information
  * CVE-2021-23987: Memory safety bugs

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:967-1
Released:    Mon Mar 29 13:48:07 2021
Summary:     Recommended update for scap-security-guide
Type:        recommended
Severity:    moderate
References:  
This update for scap-security-guide fixes the following issues:

- Restore the Red Hat conflict when the package builds on Red Hat, Fedora or derivates.
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:974-1
Released:    Mon Mar 29 19:31:27 2021
Summary:     Security update for tar
Type:        security
Severity:    low
References:  1181131,CVE-2021-20193
This update for tar fixes the following issues:

CVE-2021-20193: Memory leak in read_header() in list.c (bsc#1181131)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:981-1
Released:    Tue Mar 30 10:59:43 2021
Summary:     Recommended update for cloud-regionsrv
Type:        recommended
Severity:    moderate
References:  1029162,1171232,1171233
This update for cloud-regionsrv fixes the following issues:

- Fix for region server that may return an incorrect region and during verification of the IP leads to a mismatch. (bsc#1171232, bsc#1171233)
- Update to version 8.0.5 (bsc#1029162)
  - Improve region hint matching by forcing config settings and received 'regionHint' to lower case
  - IPv6 support

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:985-1
Released:    Tue Mar 30 14:43:43 2021
Summary:     Recommended update for the Azure SDK and CLI
Type:        recommended
Severity:    moderate
References:  1125671,1140565,1154393,1174514,1175289,1176784,1176785,1178168,CVE-2020-14343,CVE-2020-25659

This update for the Azure SDK and CLI adds support for the AHB (Azure Hybrid Benefit).
(bsc#1176784, jsc#ECO=3105)
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:996-1
Released:    Wed Mar 31 15:17:03 2021
Summary:     Recommended update for mariadb-connector-c
Type:        recommended
Severity:    moderate
References:  1182739
This update for mariadb-connector-c fixes the following issues:

- mariadb-connector-c was updated to 3.1.12 (bsc#1182739):
  * MDEV-24577: Fix warnings generated during compilation of
    plugin/auth_pam/testing/pam_mariadb_mtr.c on FreeBSD
  * CONC-521: Fixed warning on MacOS when including ucontext.h
  * CONC-518: Check if mysql->options.extension was allocated before
    checking async_context
  * CONC-517: C/C looks for plugins in wrong location on Windows

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1002-1
Released:    Thu Apr  1 13:59:48 2021
Summary:     Recommended update for wireguard-tools
Type:        recommended
Severity:    low
References:  1181334
This update for wireguard-tools fixes the following issues:

- Added tunnel config reload functionality (e.g. systemctl reload wg-quick@wg0.service)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1007-1
Released:    Thu Apr  1 17:47:20 2021
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    important
References:  1183942,CVE-2021-23981,CVE-2021-23982,CVE-2021-23984,CVE-2021-23987
This update for MozillaFirefox fixes the following issues:

- Firefox was updated to 78.9.0 ESR  (MFSA 2021-11, bsc#1183942)
  * CVE-2021-23981: Texture upload into an unbound backing buffer resulted in an out-of-bound read
  * CVE-2021-23982: Internal network hosts could have been probed by a malicious webpage
  * CVE-2021-23984: Malicious extensions could have spoofed popup information
  * CVE-2021-23987: Memory safety bugs 	  

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1008-1
Released:    Thu Apr  1 17:49:05 2021
Summary:     Security update for tomcat
Type:        security
Severity:    important
References:  1182909,1182912,CVE-2021-25122,CVE-2021-25329
This update for tomcat fixes the following issues:

CVE-2021-25122: Apache Tomcat h2c request mix-up (bsc#1182912)
CVE-2021-25329: Complete fix for CVE-2020-9484 (bsc#1182909)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1017-1
Released:    Tue Apr  6 14:27:58 2021
Summary:     Recommended update for dehydrated
Type:        recommended
Severity:    moderate
References:  
This update for dehydrated fixes the following issues:

- Add directory where cleanup can archive unused certificates
- Clarified new default settings. KEY_ALGO=secp384r1. Please consult
  README.maintainer for details and how to return to RSA-based certificate
  issuance. (jsc#ECO-3435, jsc#SLE-15909)
- Added a note about ACMEv1 deprecation
- Added a note on new ACME providers and the new non-URL provider syntax.
  See README.maintainer for details.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1018-1
Released:    Tue Apr  6 14:29:13 2021
Summary:     Recommended update for gzip
Type:        recommended
Severity:    moderate
References:  1180713
This update for gzip fixes the following issues:

- Fixes an issue when 'gzexe' counts the lines to skip wrong. (bsc#1180713)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1021-1
Released:    Tue Apr  6 14:30:30 2021
Summary:     Recommended update for cups
Type:        recommended
Severity:    moderate
References:  1175960
This update for cups fixes the following issues:

- Fixed the web UI kerberos authentication (bsc#1175960)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1029-1
Released:    Tue Apr  6 18:26:20 2021
Summary:     Security update for gssproxy
Type:        security
Severity:    moderate
References:  1180515,CVE-2020-12658
This update for gssproxy fixes the following issues:

- CVE-2020-12658: Fixed an issue where gssproxy was not unlocking cond_mutex before pthread exit in gp_worker_main() (bsc#1180515).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1097-1
Released:    Wed Apr  7 18:06:54 2021
Summary:     Security update for openexr
Type:        security
Severity:    moderate
References:  1184172,1184173,1184174,CVE-2021-3474,CVE-2021-3475,CVE-2021-3476
This update for openexr fixes the following issues:

- CVE-2021-3474: Undefined-shift in Imf_2_5::FastHufDecoder::FastHufDecoder (bsc#1184174)
- CVE-2021-3475: Integer-overflow in Imf_2_5::calculateNumTiles (bsc#1184173)
- CVE-2021-3476: Undefined-shift in Imf_2_5::unpack14 (bsc#1184172)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1100-1
Released:    Thu Apr  8 08:44:13 2021
Summary:     Recommended update for sapconf
Type:        recommended
Severity:    moderate
References:  1176061,1179524,1182314,1182906
This update for sapconf fixes the following issues:

- Added sapconf_check and supportconfig plugin for sapconf
- Added change log message for 'MIN_PERF_PCT' parameter to reduce the spot light (bsc#1179524)
- Added an additional check to detect an active saptune service to improve log messages (bsc#1182314)
- sapconf.service starts now automatically during package update, if tuned is running
  with sapconf as profile (bsc#1176061)
- sapconf.service will now only be disabled if saptune is active (bsc#1182906)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1104-1
Released:    Thu Apr  8 10:32:42 2021
Summary:     Security update for fwupdate
Type:        security
Severity:    important
References:  1182057
This update for fwupdate fixes the following issues:

- Add SBAT section to EFI images (bsc#1182057)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1116-1
Released:    Fri Apr  9 10:56:55 2021
Summary:     Security update for umoci
Type:        security
Severity:    important
References:  1184147,CVE-2021-29136
This update for umoci fixes the following issues:

- Update to umoci v0.4.6.
- CVE-2021-29136: malicious layer allows overwriting of host files (bsc#1184147)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1137-1
Released:    Mon Apr 12 13:09:53 2021
Summary:     Recommended update for lifecycle-data-sle-live-patching
Type:        recommended
Severity:    low
References:  1020320
This update for lifecycle-data-sle-live-patching fixes the following issues:

- Added data for 4_12_14-122_63, 4_12_14-95_71, 4_4_121-92_152, 4_4_180-94_141 (bsc#1020320)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1155-1
Released:    Tue Apr 13 04:42:54 2021
Summary:     Recommended update for sblim-sfcb
Type:        recommended
Severity:    important
References:  1180753
This update for sblim-sfcb fixes the following issue:

- Avoid a double free during a failed localhost client connection. (bsc#1180753)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1163-1
Released:    Tue Apr 13 13:42:38 2021
Summary:     Security update for spamassassin
Type:        security
Severity:    important
References:  1159133,1184221,CVE-2019-12420,CVE-2020-1946
This update for spamassassin fixes the following issues:

- CVE-2019-12420: memory leak via crafted messages (bsc#1159133)
- CVE-2020-1946: security update (bsc#1184221)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1167-1
Released:    Tue Apr 13 14:04:14 2021
Summary:     Security update for MozillaThunderbird
Type:        security
Severity:    important
References:  1177542,1183942,1184536,CVE-2021-23981,CVE-2021-23982,CVE-2021-23984,CVE-2021-23987,CVE-2021-23991,CVE-2021-23992
This update for MozillaThunderbird fixes the following issues:

- Mozilla Thunderbird was updated to version 78.9.1 (MFSA 2021-12,MFSA 2021-13, bsc#1183942, bsc#1184536)
  * CVE-2021-23981: Texture upload into an unbound backing buffer resulted in an out-of-bound read
  * CVE-2021-23982: Internal network hosts could have been probed by a malicious webpage
  * CVE-2021-23984: Malicious extensions could have spoofed popup information
  * CVE-2021-23987: Memory safety bugs
  * CVE-2021-23991: An attacker may use Thunderbird's OpenPGP key refresh mechanism to poison an existing key
  * CVE-2021-23993: Inability to send encrypted OpenPGP email after importing a crafted OpenPGP key
- cleaned up and fixed mozilla.sh.in for wayland (bsc#1177542)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1169-1
Released:    Tue Apr 13 15:01:42 2021
Summary:     Recommended update for procps
Type:        recommended
Severity:    low
References:  1181976
This update for procps fixes the following issues:

- Corrected a statement in the man page about processor pinning via taskset (bsc#1181976)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1182-1
Released:    Tue Apr 13 18:38:05 2021
Summary:     Security update for xorg-x11-server
Type:        security
Severity:    important
References:  1180128,CVE-2021-3472
This update for xorg-x11-server fixes the following issues:

- CVE-2021-3472: XChangeFeedbackControl Integer Underflow Privilege Escalation (bsc#1180128)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1190-1
Released:    Wed Apr 14 14:08:13 2021
Summary:     Security update for clamav
Type:        security
Severity:    important
References:  1181256,1184532,1184533,1184534,CVE-2021-1252,CVE-2021-1404,CVE-2021-1405
This update for clamav fixes the following issues:

- CVE-2021-1252: Fix for Excel XLM parser infinite loop. (bsc#1184532)
- CVE-2021-1404: Fix for PDF parser buffer over-read; possible crash. (bsc#1184533)
- CVE-2021-1405: Fix for mail parser NULL-dereference crash. (bsc#1184534)
- Fix errors when scanning files > 4G (bsc#1181256)
- Update clamav.keyring
- Update to 0.103.2

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1230-1
Released:    Thu Apr 15 17:09:58 2021
Summary:     Recommended update for SUSE Manager Client Tools
Type:        recommended
Severity:    moderate
References:  1131670,1178072,1181124,1181474,1182339,1182603,1183959

This update fixes the following issues:

golang-github-boynux-squid_exporter:

- Build requires Go 1.15
- Add %license macro for LICENSE file 

golang-github-lusitaniae-apache_exporter:

- Build with Go 1.15

golang-github-prometheus-prometheus:

- Uyuni: `hostname` label is now set to FQDN instead of IP

grafana:

- Update to version 7.4.2:
  * Make Datetime local (No date if today) working (#31274) (#31275)
  * 'Release: Updated versions in package to 7.4.2' (#31272)
  * [v7.4.x] Chore: grafana-toolkit uses grafana-ui and grafana-data workspaces (#31269)
  * Snapshots: Disallow anonymous user to create snapshots (#31263) (#31266)
  * only update usagestats every 30min (#31131) (#31262)
  * Prometheus: Fix enabling of disabled queries when editing in dashboard (#31055) (#31248)
  * CloudWatch: Ensure empty query row errors are not passed to the panel (#31172) (#31245)
  * StatPanels: Fixes to palette color scheme is not cleared when loading panel (#31126) (#31246)
  * QueryEditors: Fixes issue that happens after moving queries then editing would update other queries (#31193) (#31244)
  * LibraryPanels: Disconnect before connect during dashboard save (#31235) (#31238)
  * SqlDataSources: Fixes the Show Generated SQL button in query editors (#31236) (#31239)
  * Variables: Adds back default option for data source variable (#31208) (#31232)
  * IPv6: Support host address configured with enclosing square brackets (#31226) (#31228)
  * Postgres: Fix timeGroup macro converts long intervals to invalid numbers when TimescaleDB is enabled (#31179) (#31224)
  * Remove last synchronisation field from LDAP debug view (#30984) (#31221)
  * [v7.4.x]: Sync drone config from master to stable release branch (#31213)
  * DataSourceSrv: Filter out non queryable data sources by default (#31144) (#31214)
  * Alerting: Fix modal text for deleting obsolete notifier (#31171) (#31209)
  * Variables: Fixes missing empty elements from regex filters (#31156) (#31201)
  * DashboardLinks: Fixes links always cause full page reload (#31178) (#31181)
  * DashboardListPanel: Fixes issue with folder picker always showing All and using old form styles (#31160) (#31162)
  * Permissions: Fix team and role permissions on folders/dashboards not displayed for non Grafana Admin users (#31132) (#31176)
  * Prometheus: Multiply exemplars timestamp to follow api change (#31143) (#31170)
- Added add-gotest-module.patch to fix 'inconsistent vendoring' build failure
- Update to version 7.4.1:
  * 'Release: Updated versions in package to 7.4.1' (#31128)
  * Transforms: Fixes Outer join issue with duplicate field names not getting the same unique field names as before  (#31121) (#31127)
  * MuxWriter: Handle error for already closed file (#31119) (#31120)
  * Logging: sourcemap transform asset urls from CDN in logged stacktraces (#31115) (#31117)
  * Exemplars: Change CTA style (#30880) (#31105)
  * test: add support for timeout to be passed in for addDatasource (#30736) (#31090)
  * Influx: Make max series limit configurable and show the limiting message if applied (#31025) (#31100)
  * Elasticsearch: fix log row context erroring out (#31088) (#31094)
  * test: update addDashboard flow for v7.4.0 changes (#31059) (#31084)
  * Usage stats: Adds source/distributor setting (#31039) (#31076)
  * DashboardLinks: Fixes crash when link has no title (#31008) (#31050)
  * Make value mappings correctly interpret numeric-like strings (#30893) (#30912)
  * Elasticsearch: Fix alias field value not being shown in query editor (#30992) (#31037)
  * BarGauge: Improvements to value sizing and table inner width calculations  (#30990) (#31032)
  * convert path to posix by default (#31045) (#31053)
  * Alerting: Fixes so notification channels are properly deleted (#31040) (#31046)
  * Drone: Fix deployment image (#31027) (#31029)
  * Graph: Fixes so graph is shown for non numeric time values (#30972) (#31014)
  * instrumentation: make the first database histogram bucket smaller (#30995) (#31001)
  * Build: Releases e2e and e2e-selectors too (#31006) (#31007)
  * TextPanel: Fixes so panel title is updated when variables change (#30884) (#31005)
  * StatPanel: Fixes issue formatting date values using unit option (#30979) (#30991)
  * Units: Fixes formatting of duration units (#30982) (#30986)
  * Elasticsearch: Show Size setting for raw_data metric (#30980) (#30983)
  * Logging: sourcemap support for frontend stacktraces (#30590) (#30976)
  * e2e: extends selector factory to plugins (#30932) (#30934)
  * Variables: Adds queryparam formatting option (#30858) (#30924)
  * Exemplars: change api to reflect latest changes (#30910) (#30915)
  * 'Release: Updated versions in package to 7.4.0' (#30898)
  * DataSourceSettings: Adds info box and link to Grafana Cloud (#30891) (#30896)
  * GrafanaUI: Add a way to persistently close InfoBox (#30716) (#30895)
  * [7.4.x] AlertingNG: List saved Alert definitions in Alert Rule list (30890)(30603)
  * Alerting: Fixes alert panel header icon not showing (#30840) (#30885)
  * Plugins: Requests validator (#30445) (#30877)
  * PanelLibrary: Adds library panel meta information to dashboard json (#30770) (#30883)
  * bump grabpl version to 0.5.36 (#30874) (#30878)
  * Chore: remove __debug_bin (#30725) (#30857)
  * Grafana-ui: fixes closing modals with escape key (#30745) (#30873)
  * DashboardLinks: Support variable expression in to tooltip - Issue #30409 (#30569) (#30852)
  * Add alt text to plugin logos (#30710) (#30872)
  * InfluxDB: Add http configuration when selecting InfluxDB v2 flavor  (#30827) (#30870)
  * Prometheus: Set type of labels to string (#30831) (#30835)
  * AlertingNG: change API permissions (#30781) (#30814)
  * Grafana-ui: fixes no data message in Table component (#30821) (#30855)
  * Prometheus: Add tooltip to explain possibility to use patterns in text and title fields in annotations (#30825) (#30843)
  * Chore: add more docs annotations (#30847) (#30851)
  * BarChart: inside-align strokes, upgrade uPlot to 1.6.4. (#30806) (#30846)
  * Transforms: allow boolean in field calculations (#30802) (#30845)
  * CDN: Fixes cdn path when Grafana is under sub path (#30822) (#30823)
  * bump cypress to 6.3.0 (#30644) (#30819)
  * Expressions: Measure total transformation requests and elapsed time (#30514) (#30789)
  * Grafana-UI: Add story/docs for ErrorBoundary (#30304) (#30811)
  * [v7.4.x]: Menu: Mark menu components as internal (#30801)
  * Graph: Fixes auto decimals issue in legend and tooltip (#30628) (#30635)
  * GraphNG: Disable Plot logging by default (#30390) (#30500)
  * Storybook: Migrate card story to use controls  (#30535) (#30549)
  * GraphNG: add bar alignment option (#30499) (#30790)
  * Variables: Clears drop down state when leaving dashboard (#30810) (#30812)
  * Add missing callback dependency (#30797) (#30809)
  * GraphNG: improve behavior when switching between solid/dash/dots (#30796) (#30799)
  * Add width for Variable Editors (#30791) (#30795)
  * Panels: Fixes so panels are refreshed when scrolling past them fast (#30784) (#30792)
  * PanelEdit: Trigger refresh when changing data source (#30744) (#30767)
  * AlertingNG: Enable UI to Save Alert Definitions (#30394) (#30548)
  * CDN: Fix passing correct prefix to GetContentDeliveryURL (#30777) (#30779)
  * CDN: Adds support for serving assets over a CDN (#30691) (#30776)
  * Explore: Update styling of buttons (#30493) (#30508)
  * Loki: Append refId to logs uid (#30418) (#30537)
  * skip symlinks to directories when generating plugin manifest (#30721) (#30738)
  * Mobile: Fixes issue scrolling on mobile in chrome (#30746) (#30750)
  * BarChart: add alpha bar chart panel (#30323) (#30754)
  * Datasource: Use json-iterator configuration compatible with standard library (#30732) (#30739)
  * Variables: Fixes so text format will show All instead of custom all (#30730) (#30731)
  * AlertingNG: pause/unpause definitions via the API (#30627) (#30672)
  * PanelLibrary: better handling of deleted panels (#30709) (#30726)
  * Transform: improve the 'outer join' performance/behavior (#30407) (#30722)
  * DashboardPicker: switch to promise-based debounce, return dashboard UID (#30706) (#30714)
  * Use connected GraphNG in Explore (#30707) (#30708)
  * PanelLibrary: changes casing of responses and adds meta property (#30668) (#30711)
  * DeployImage: Switch base images to Debian (#30684) (#30699)
  * Trace: trace to logs design update (#30637) (#30702)
  * Influx: Show all datapoints for dynamically windowed flux query (#30688) (#30703)
  * ci(npm-publish): add missing github package token to env vars (#30665) (#30673)
  * Loki: Improve live tailing errors and fix Explore's logs container type errors (#30517) (#30681)
  * Grafana-UI: Fix setting default value for MultiSelect (#30671) (#30687)
  * Explore: Fix jumpy live tailing (#30650) (#30677)
  * Docs: Refer to product docs in whats new for alerting templating feature (#30652) (#30670)
  * Variables: Fixes display value when using capture groups in regex (#30636) (#30661)
  * Docs: Fix expressions enabled description (#30589) (#30651)
  * Licensing Docs: Adding license restrictions docs (#30216) (#30648)
  * DashboardSettings: fixes vertical scrolling (#30640) (#30643)
  * chore: bump redux toolkit to 1.5.0 for immer 8.0.1 vulnerability fix (#30605) (#30631)
  * Explore: Fix loading visualisation on the top of the new time series panel (#30553) (#30557)
  * Footer: Fixes layout issue in footer  (#30443) (#30494)
  * Variables: Fixes so queries work for numbers values too (#30602) (#30624)
  * Admin: Fixes so form values are filled in from backend (#30544) (#30623)
  * Docs: Update 7.4 What's New to use more correct description of alerting notification template feature (#30502) (#30614)
  * NodeGraph: Add docs (#30504) (#30613)
  * Cloud Monitoring: Fix legend naming with display name override (#30440) (#30503)
  * Expressions: Add option to disable feature (#30541) (#30558)
  * OldGraph: Fix height issue in Firefox (#30565) (#30582)
  * XY Chart: fix editor error with empty frame (no fields) (#30573) (#30577)
  * XY Chart: share legend config with timeseries (#30559) (#30566)
  * DataFrame: cache frame/field index in field state (#30529) (#30560)
  * Prometheus: Fix show query instead of Value if no __name__ and metric (#30511) (#30556)
  * Decimals: Big Improvements to auto decimals and fixes to auto decimals bug found in 7.4-beta1  (#30519) (#30550)
  * chore: update packages dependent on dot-prop to fix security vulnerability (#30432) (#30487)
  * GraphNG: uPlot 1.6.3 (fix bands not filling below 0). close #30523. (#30527) (#30528)
  * GraphNG: uPlot 1.6.2 (#30521) (#30522)
  * Chore: Upgrade grabpl version (#30486) (#30513)
  * grafana/ui: Fix internal import from grafana/data (#30439) (#30507)
  * prevent field config from being overwritten (#30437) (#30442)
  * Chore: upgrade NPM security vulnerabilities (#30397) (#30495)
  * TimeSeriesPanel: Fixed default value for gradientMode (#30484) (#30492)
  * Admin: Fixes so whole org drop down is visible when adding users to org (#30481) (#30497)
  * Chore: adds wait to e2e test (#30488) (#30490)
  * Graph: Fixes so only users with correct permissions can add annotations (#30419) (#30466)
  * Alerting: Hides threshold handle for percentual thresholds (#30431) (#30467)
  * Timeseries: only migrage point size when configured (#30461) (#30470)
  * Expressions: Fix button icon (#30444) (#30450)
  * PanelModel: Make sure the angular options are passed to react panel type changed handler (#30441) (#30451)
  * Docs: Fix img link for alert notification template (#30436) (#30447)
  * Chore: Upgrade build pipeline tool (#30456) (#30457)
  * PanelOptions: Refactoring applying panel and field options out of PanelModel and add property clean up for properties not in field config registry  (#30389) (#30438)
  * 'Release: Updated versions in package to 7.4.0-beta.1' (#30427)
  * Chore: Update what's new URL (#30423)
  * GraphNG: assume uPlot's series stroke is always a function (#30416)
  * PanelLibrary: adding library panels to Dashboard Api (#30278)
  * Prettier: Fixes to files that came in after main upgrade (#30410)
  * Cloud Monitoring: Add curated dashboards for the most popular GCP services (#29930)
  *  Mssql integrated security (#30369)
  * Prettier: Upgrade to 2  (#30387)
  * GraphNG: sort ascending if the values appear reversed (#30405)
  * Docs: Grafana whats new 7.4 (#30404)
  * Dashboards: Adds cheat sheet toggle to supported query editors (#28857)
  * Docs: Update timeseries-dimensions.md (#30403)
  * Alerting: Evaluate data templating in alert rule name and message (#29908)
  * Docs: Add links to 7.3 patch release notes (#30292)
  * Docs: Update _index.md (#29546)
  * Docs: Update jaeger.md (#30401)
  * Expressions: Remove feature toggle (#30316)
  * Docs: Update tempo.md (#30399)
  * Docs: Update zipkin.md (#30400)
  * services/provisioning: Various cleanup (#30396)
  * DashboardSchemas: OpenAPI Schema Generation (#30242)
  * AlertingNG: Enforce unique alert definition title (non empty)/UID per organisation (#30380)
  * Licensing: Document new v7.4 options and APIs (#30217)
  * Auth: add expired token error and update CreateToken function (#30203)
  * NodeGraph: Add node graph visualization (#29706)
  * Add jwtTokenAuth to plugin metadata schema (#30346)
  * Plugins: Force POSIX style path separators for manifest generation (#30287)
  * Add enterprise reporting fonts to gitignore (#30385)
  * Field overrides: skipping overrides for properties no longer existing in plugin (#30197)
  * NgAlerting: View query result (#30218)
  * Grafana-UI: Make Card story public (#30388)
  * Dashboard: migrate version history list (#29970)
  * Search: use Card component (#29892)
  * PanelEvents: Isolate more for old angular query editors (#30379)
  * Loki: Remove showing of unique labels with the empty string value (#30363)
  * Chore: Lint all files for no-only-tests (#30364)
  * Clears errors after running new query (#30367)
  * Prometheus: Change exemplars endpoint (#30378)
  * Explore: Fix a bug where Typeahead crashes when a large amount of ite… (#29637)
  * Circular vector: improve generics (#30375)
  * Update signing docs (#30296)
  * Email: change the year in templates (#30294)
  * grafana/ui: export TLS auth component (#30320)
  * Query Editor: avoid word wrap (#30373)
  * Transforms: add sort by transformer (#30370)
  * AlertingNG: Save alert instances (#30223)
  * GraphNG: Color series from by value scheme & change to fillGradient to gradientMode  (#29893)
  * Chore: Remove not used PanelOptionsGrid component (#30358)
  * Zipkin: Remove browser access mode (#30360)
  * Jaeger: Remove browser access mode (#30349)
  * chore: bump lodash to 4.17.20 (#30359)
  * ToolbarButton: New emotion based component to replace all navbar, DashNavButton and scss styles (#30333)
  * Badge: Increase contrast, remove rocket icon for plugin beta/alpha state (#30357)
  * Licensing: Send map of environment variables to plugins (#30347)
  * Dashboards: Exit to dashboard when deleting panel from panel view / edit view (#29032)
  * Cloud Monitoring: MQL support (#26551)
  * ReleaseNotes: Updated changelog and release notes for 7.4.0-beta1 (#30348)
  * Panel options UI: Allow collapsible categories (#30301)
  * Grafana-ui: Fix context menu item always using onClick instead of href (#30350)
  * Badge: Design improvement & reduce contrast (#30328)
  * make sure stats are added horizontally and not vertically (#30106)
  * Chore(deps): Bump google.golang.org/grpc from 1.33.1 to 1.35.0 (#30342)
  * Chore(deps): Bump github.com/stretchr/testify from 1.6.1 to 1.7.0 (#30341)
  * Chore(deps): Bump github.com/google/uuid from 1.1.2 to 1.1.5 (#30340)
  * Chore(deps): Bump github.com/hashicorp/go-version from 1.2.0 to 1.2.1 (#30339)
  * Fix HTML character entity error (#30334)
  * GraphNG: fix fillBelowTo regression (#30330)
  * GraphNG: implement softMin/softMax for auto-scaling stabilization. close #979. (#30326)
  * Legend: Fixes right y-axis legend from being pushed outside the bounds of the panel (#30327)
  * Grafana-toolkit: Update component generator templates (#30306)
  * Panels: remove beta flag from stat and bargauge panels (#30324)
  * GraphNG: support fill below to (bands) (#30268)
  * grafana-cli: Fix security issue (#28888)
  * AlertingNG: Modify queries and transform endpoint to get datasource UIDs (#30297)
  * Chore: Fix missing property from ExploreGraph (#30315)
  * Prometheus: Add support for Exemplars (#28057)
  * Grafana-UI: Enhances for TimeRangePicker and TimeRangeInput (#30102)
  * ReleaseNotes: Updated changelog and release notes for 7.4.0 (#30312)
  * Table: Fixes BarGauge cell display mode font size so that it is fixed to the default cell font size (#30303)
  * AngularGraph: Fixes issues with legend wrapping after legend refactoring (#30283)
  * Plugins: Add Open Distro to the list of data sources supported by sigv4 (#30308)
  * Chore: Moves common and response into separate packages (#30298)
  * GraphNG: remove y-axis position control from series color picker in the legend (#30302)
  * Table: migrate old-table config to new table config (#30142)
  * Elasticsearch: Support extended stats and percentiles in terms order by (#28910)
  * Docs: Update release notes index
  * GraphNG: stats in legend (#30251)
  * Grafana UI: EmptySearchResult docs (#30281)
  * Plugins: Use the includes.path (if exists) on sidebar includes links (#30291)
  * Fix spinner and broken buttons (#30286)
  * Graph: Consider reverse sorted data points on isOutsideRange check (#30289)
  * Update getting-started.md (#30257)
  * Backend: use sdk version (v0.81.0) without transform (gel) code (#29236)
  * Chore: update latest versions to 7.3.7 (#30282)
  * Loki: Fix hiding of series in table if labels have number values (#30185)
  * Loki: Lower min step to 1ms (#30135)
  * Prometheus: Improve autocomplete performance and remove disabling of dynamic label lookup (#30199)
  * Icons: Adds custom icon support ands new panel and interpolation icons (#30277)
  * ReleaseNotes: Updated changelog and release notes for 7.3.7 (#30280)
  * Grafana-ui: Allow context menu items to be open in new tab (#30141)
  * Cloud Monitoring: Convert datasource to use Dataframes (#29830)
  * GraphNG: added support to change series color from legend. (#30256)
  * AzureMonitor: rename labels for query type dropdown (#30143)
  * Decimals: Improving auto decimals logic for high numbers and scaled units  (#30262)
  * Elasticsearch: Use minimum interval for alerts (#30049)
  * TimeSeriesPanel: The new graph panel now supports y-axis value mapping #30272
  * CODEOWNERS: Make backend squad owners of backend style guidelines (#30266)
  * Auth: Add missing request headers to SigV4 middleware allowlist (#30115)
  * Grafana-UI: Add story/docs for FilterPill (#30252)
  * Grafana-UI: Add story/docs for Counter (#30253)
  * Backend style guide: Document JSON guidelines (#30267)
  * GraphNG: uPlot 1.6, hide 'Show points' in Points mode, enable 'dot' lineStyle (#30263)
  * Docs: Update prometheus.md (#30240)
  * Docs: Cloudwatch filter should be JSON format (#30243)
  * API: Add by UID routes for data sources  (#29884)
  * Docs: Update datasource_permissions.md (#30255)
  * Cloudwatch: Move deep link creation to the backend (#30206)
  * Metrics API: Use jsoniter for JSON encoding (#30250)
  * Add option in database config to skip migrations for faster startup. (#30146)
  * Set signed in users email correctly (#30249)
  * Drone: Upgrade build pipeline tool (#30247)
  * runRequest: Fixes issue with request time range and time range returned to panels are off causing data points to be cut off (outside) (#30227)
  * Elasticsearch: fix handling of null values in query_builder (#30234)
  * Docs: help users connect to Prometheus using SigV4 (#30232)
  * Update documentation-markdown-guide.md (#30207)
  * Update documentation-markdown-guide.md (#30235)
  * Better logging of plugin scanning errors (#30231)
  * Print Node.js and Toolkit versions (#30230)
  * Chore: bump rollup across all packages (#29486)
  * Backend style guide: Document database patterns (#30219)
  * Chore: Bump plugin-ci-alpine Docker image version (#30225)
  * Legends: Refactoring and rewrites of legend components to simplify components & reuse (#30165)
  * Use Node.js 14.x in plugin CI (#30209)
  * Field overrides: extracting the field config factory into its own reusable module. (#30214)
  * LibraryPanels: adds connections (#30212)
  * PanelOptionsGroups: Only restore styles from PanelOptionsGroup (#30215)
  * Variables: Add deprecation warning for value group tags (#30160)
  * GraphNG: Hide grid for right-y axis if left x-axis exists (#30195)
  * Middleware: Add CSP support (#29740)
  * Updated image links to have newer format. (#30208)
  * Docs: Update usage-insights.md (#30150)
  * Share panel dashboard add images (#30201)
  * Update documentation-style-guide.md (#30202)
  * Docs: Fix links to transforms (#30194)
  * docs(badge): migrate story to use controls (#30180)
  * Chore(deps): Bump github.com/prometheus/common from 0.14.0 to 0.15.0 (#30188)
  * Fix alert definition routine stop (#30117)
  * Chore(deps): Bump gopkg.in/square/go-jose.v2 from 2.4.1 to 2.5.1 (#30189)
  * InlineSwitch: Minor story fix (#30186)
  * Chore(deps): Bump github.com/gosimple/slug from 1.4.2 to 1.9.0 (#30178)
  * Chore(deps): Bump github.com/fatih/color from 1.9.0 to 1.10.0 (#30183)
  * Chore(deps): Bump github.com/lib/pq from 1.3.0 to 1.9.0 (#30181)
  * Chore(deps): Bump github.com/hashicorp/go-plugin from 1.2.2 to 1.4.0 (#30175)
  * Chore(deps): Bump github.com/getsentry/sentry-go from 0.7.0 to 0.9.0 (#30171)
  * Gauge: Fixes issue with all null values cause min & max to be null (#30156)
  * Links: Add underline on hover for links in NewsPanel (#30166)
  * GraphNG: Update to test dashboards (#30153)
  * CleanUp: Removed old panel options group component (#30157)
  * AngularQueryEditors: Fixes to Graphite query editor and other who refer to other queries (#30154)
  * Chore(deps): Bump github.com/robfig/cron/v3 from 3.0.0 to 3.0.1 (#30172)
  * Chore(deps): Bump github.com/urfave/cli/v2 from 2.1.1 to 2.3.0 (#30173)
  * Chore: Fix spelling issue (#30168)
  * Revise README.md. (#30145)
  * Chore(deps): Bump github.com/mattn/go-sqlite3 from 1.11.0 to 1.14.6 (#30174)
  * InlineSwitch: Added missing InlineSwitch component and fixed two places that used unaligned inline switch (#30162)
  * GraphNG: add new alpha XY Chart  (#30096)
  * Elastic: Support request cancellation properly (Uses new backendSrv.fetch Observable request API) (#30009)
  * OpenTSDB: Support request cancellation properly (#29992)
  * InfluxDB: Update Flux external link (#30158)
  * Allow dependabot to keep go packages up-to-date (#30170)
  * PluginState: Update comment
  * GraphNG: Minor polish & updates to new time series panel and move it from alpha to beta (#30163)
  * Share panel dashboard (#30147)
  * GraphNG: rename 'graph3' to 'timeseries' panel (#30123)
  * Add info about access mode (#30137)
  * Prometheus: Remove running of duplicated metrics query (#30108)
  * Prometheus: Fix autocomplete does not work on incomplete input (#29854)
  * GraphNG: remove graph2 panel (keep the parts needed for explore) (#30124)
  * Docs: Add metadata to activating licensing page (#30140)
  * MixedDataSource: Added missing variable support flag (#30110)
  * AngularPanels: Fixes issue with some panels not rendering when going into edit mode due to no height (#30113)
  * AngularPanels: Fixes issue with discrete panel that used the initialized event (#30133)
  * Explore: Make getFieldLinksForExplore more reusable (#30134)
  * Elasticsearch: Add Support for Serial Differencing Pipeline Aggregation (#28618)
  * Angular: Fixes issue with angular directive caused by angular upgrade in master (#30114)
  * Analytics: add data source type in data-request events (#30087)
  * GraphNG: 'Interpolation: Step after' test (#30127)
  * GraphNG: check cross-axis presence when auto-padding. close #30121. (#30126)
  * Alerting: improve alerting default datasource search when extracting alerts (#29993)
  * Loki: Timeseries should not produce 0-values for missing data (#30116)
  * GraphNG: support dashes (#30070)
  * GraphNG: fix spanGaps optimization in alignDataFrames(). see #30101. (#30118)
  * Alerting NG: update API to expect UIDs instead of IDs (#29896)
  * GraphNG: Overhaul of main test dashboard and update to null & gaps dashboard (#30101)
  * Chore: Fix intermittent time-related test failure in explore datasource instance update (#30109)
  * QueryEditorRow: Ability to change query name (#29779)
  * Frontend: Failed to load application files message improvement IE11 (#30011)
  * Drone: Upgrade build pipeline tool (#30104)
  * Fix phrasing. (#30075)
  * Chore: Add CloudWatch HTTP API tests (#29691)
  * Elastic: Fixes so templating queries work (#30003)
  * Chore: Rewrite elasticsearch client test to standard library (#30093)
  * Chore: Rewrite tsdb influxdb test to standard library (#30091)
  * Fix default maximum lifetime  an authenticated user can be logged in (#30030)
  * Instrumentation: re-enable database wrapper feature to expose counter and histogram for database queries (#29662)
  * Docs: Update labels to fields transform (#30086)
  * GraphNG: adding possibility to toggle tooltip, graph and legend for series (#29575)
  * Chore: Rewrite tsdb cloudmonitoring test to standard library (#30090)
  * Chore: Rewrite tsdb azuremonitor time grain test to standard library (#30089)
  * Chore: Rewrite tsdb graphite test to standard library (#30088)
  * Chore: Upgrade Docker build image wrt. Go/golangci-lint/Node (#30077)
  * Usage Stats: Calculate concurrent users as a histogram (#30006)
  * Elasticsearch: Fix broken alerting when using pipeline aggregations (#29903)
  * Drone: Fix race conditions between Enterprise and Enterprise2 (#30076)
  * Chore: Rewrite models datasource cache test to standard library (#30040)
  * Plugins: prevent app plugin from rendering with wrong location (#30017)
  * Update NOTICE.md
  * Chore: Tiny typo fix `rage` -> `range` (#30067)
  * Docs: loki.md: Add example of Loki data source config (#29976)
  * ReleaseNotes: Updated changelog and release notes for 7.3.6 (#30066)
  * Docs: Update usage-insights.md (#30065)
  * Docs: Update white-labeling.md (#30064)
  * Chore(deps): Bump axios from 0.19.2 to 0.21.1 (#30059)
  * Chore: Rewrite models tags test to standard library (#30041)
  * Bump actions/setup-node from v1 to v2.1.4 (#29891)
  * Build(deps): Bump ini from 1.3.5 to 1.3.7 (#29787)
  * fall back to any architecture when getting plugin's checksum #30034 (#30035)
  * Lerna: Update to 3.22.1 (#30057)
  * SeriesToRows: Fixes issue in transform so that value field is always named Value (#30054)
  * [dashboard api] manage error when data in dashboard table is not valid json (#29999)
  * use sha256 checksum instead of md5 (#30018)
  * Chore: Rewrite brute force login protection test to standard library (#29986)
  * Chore: Rewrite login auth test to standard library (#29985)
  * Chore: Rewrite models dashboards test to standard library (#30023)
  * Chore: Rewrite models dashboard acl test to standard library (#30022)
  * Chore: Rewrite models alert test to standard library (#30021)
  * Chore: Rewrite ldap login test to standard library (#29998)
  * Chore: Rewrite grafana login test to standard library (#29997)
  * Fix two ini-file typos regarding LDAP (#29843)
  * Chore: Changes source map devtool to inline-source-map (#30004)
  * Chore: Sync Enterprise go.sum (#30005)
  * Chore: Add Enterprise dependencies (#29994)
  * SQLStore: customise the limit of retrieved datasources per organisation (#29358)
  * Chore: update crewjam/saml library to the latest master (#29991)
  * Graph: Fixes so users can not add annotations in readonly dash (#29990)
  * Currency: add Vietnamese dong (VND) (#29983)
  * Drone: Update pipelines for Enterprise (#29939)
  * Remove the bus from teamgroupsync (#29810)
  * Influx: Make variable query editor input uncontrolled (#29968)
  * PanelLibrary: Add PATCH to the API (#29956)
  * PanelEvents: Isolating angular panel events into it's own event bus + more event refactoring  (#29904)
  * Bump node-notifier from 8.0.0 to 8.0.1 (#29952)
  * LDAP: Update use_ssl documentation (#29964)
  * Docs: Missing 's' on 'logs' (#29966)
  * Docs: Update opentsdb.md (#29963)
  * Docs: Minor typo correction (#29962)
  * librarypanels: Fix JSON field casing in tests (#29954)
  * TemplateSrv: Do not throw  error for an unknown format but use glob as fallback and warn in the console (#29955)
  * PanelLibrary: Adds uid and renames title to name (#29944)
  * Docs: Fix raw format variable docs (#29945)
  * RedirectResponse: Implement all of api.Response (#29946)
  * PanelLibrary: Adds get and getAll to the api (#29772)
  * Chore: Remove duplicate interpolateString test (#29941)
  * Chore: Rewrite influxdb query parser test to standard library (#29940)
  * Folders: Removes the possibility to delete the General folder (#29902)
  * Chore: Convert tsdb request test to standard library (#29936)
  * Chore: Convert tsdb interval test to standard library (#29935)
  * Docs: Update configuration.md (#29912)
  * Docs: Update organization_roles.md (#29911)
  * Docs: Update _index.md (#29918)
  * GraphNG: bring back tooltip (#29910)
  * Ng Alerting: Remove scroll and fix SplitPane limiters (#29906)
  * Dashboard: Migrating dashboard settings to react (#27561)
  * Minor correction to explanation on correct MS SQL usage. (#29889)
  * AlertingNG: Create a scheduler to evaluate alert definitions (#29305)
  * Add changelog items for 7.3.6, 7.2.3 and 6.7.5 (#29901)
  * bump stable to 7.3.6 (#29899)
  * Upgrade go deps.  (#29900)
  * Expressions: Replace query input fields with select. (#29816)
  * PanelEdit: Update UI if panel plugin changes field config (#29898)
  * Elasticsearch: Remove timeSrv dependency (#29770)
  * PanelEdit: Need new data after plugin change (#29874)
  * Chore(toolkit): disable react/prop-types for eslint config (#29888)
  * Field Config API: Add ability to hide field option or disable it from the overrides (#29879)
  * SharedQuery: Fixes shared query editor now showing queries (#29849)
  * GraphNG: support fill gradient (#29765)
  * Backend style guide: Add more guidelines (#29871)
  * Keep query keys consistent (#29855)
  * Alerting: Copy frame field labels to time series tags (#29886)
  * Update configure-docker.md (#29883)
  * Usage Stats: Introduce an interface for usage stats service (#29882)
  * DataFrame: add a writable flag to fields (#29869)
  * InlineForms: Changes to make inline forms more flexible for query editors  (#29782)
  * Usage Stats: Allow to add additional metrics to the stats (#29774)
  * Fix the broken link of XORM documentation (#29865)
  * Move colors demo under theme colors (#29873)
  * Dashboard: Increase folder name size in search dashboard (#29821)
  * MSSQL: Config UI touches (#29834)
  * QueryOptions:  Open QueryEditors: run queries after changing group options #29864
  * GraphNG: uPlot 1.5.2, dynamic stroke/fill, Flot-style hover points (#29866)
  * Variables: Fixes so numerical sortorder works for options with null values (#29846)
  * GraphNG: only initialize path builders once (#29863)
  * GraphNG: Do not set fillColor from GraphNG only opacity (#29851)
  * add an example cloudwatch resource_arns() query that uses multiple tags (ref: #29499) (#29838)
  * Backend: Remove more globals (#29644)
  * MS SQL: Fix MS SQL add data source UI issues (#29832)
  * Display palette and colors for dark and light themes in storybook (#29848)
  * Docs: Fix broken link in logs-panel (#29833)
  * Docs: Add info about typing of connected props to Redux style guide (#29842)
  * Loki: Remove unnecessary deduplication (#29421)
  * Varibles: Fixes so clicking on Selected will not include All (#29844)
  * Explore/Logs: Correctly display newlines in detected fields (#29541)
  * Link suppliers: getLinks API update (#29757)
  * Select: Changes default menu placement for Select from auto to bottom (#29837)
  * Chore: Automatically infer types for dashgrid connected components  (#29818)
  * Chore: Remove unused Loki and Cloudwatch syntax providers  (#29686)
  * Pass row (#29839)
  * GraphNG: Context menu (#29745)
  * GraphNG: Enable scale distribution configuration (#29684)
  * Explore: Improve Explore performance but removing unnecessary re-renders (#29752)
  * DashboardDS: Fixes display of long queries (#29808)
  * Sparkline: Fixes issue with sparkline that sent in custom fillColor instead of fillOpacity (#29825)
  * Chore: Disable default golangci-lint filter (#29751)
  * Update style guide with correct usage of MS SQL (#29829)
  * QueryEditor: do not auto refresh on every update (#29762)
  * Chore: remove unused datasource status enum (#29827)
  * Expressions: support ${my var} syntax (#29819)
  * Docs: Update types-options.md (#29777)
  * Chore: Enable more go-ruleguard rules (#29781)
  * GraphNG: Load uPlot path builders lazily (#29813)
  * Elasticsearch: ensure query model has timeField configured in datasource settings (#29807)
  * Chore: Use Header.Set method instead of Header.Add (#29804)
  * Allow dependabot to check actions (#28159)
  * Grafana-UI: Support optgroup for MultiSelect (#29805)
  * Sliders: Update behavior and style tweak (#29795)
  * Grafana-ui: Fix collapsible children sizing (#29776)
  * Style guide: Document avoidance of globals in Go code (#29803)
  * Chore: Rewrite opentsdb test to standard library (#29792)
  * CloudWatch: Add support for AWS DirectConnect ConnectionErrorCount metric (#29583)
  * GraphNG: uPlot 1.5.1 (#29789)
  * GraphNG: update uPlot v1.5.0 (#29763)
  * Added httpMethod to webhook (#29780)
  * @grafana-runtime: Throw error if health check fails in DataSourceWithBackend (#29743)
  * Explore: Fix remounting of query row (#29771)
  * Expressions: Add placeholders to hint on input (#29773)
  * Alerting: Next gen Alerting page (#28397)
  * GraphNG: Add test dashboard for null & and gaps rendering (#29769)
  * Expressions: Field names from refId (#29755)
  * Plugins: Add support for signature manifest V2 (#29240)
  * Chore: Configure go-ruleguard via golangci-lint (#28419)
  * Move middleware context handler logic to service (#29605)
  * AlertListPanel: Add options to sort by Time(asc) and Time(desc) (#29764)
  * PanelLibrary: Adds delete Api (#29741)
  * Tracing: Release trace to logs feature (#29443)
  * ReleaseNotes: Updated changelog and release notes for 7.3.5 (#29753)
  * DataSourceSettings: Add servername field to DataSource TLS config (#29279)
  * Chore: update stable and testing versions (#29748)
  * ReleaseNotes: Updated changelog and release notes for 7.3.5 (#29744)
  * Elasticsearch: View in context feature for logs (#28764)
  * Chore: Disable gosec on certain line (#29382)
  * Logging: log frontend errors caught by ErrorBoundary, including component stack (#29345)
  * ChangePassword: improved keyboard navigation (#29567)
  * GrafanaDataSource: Fix selecting -- Grafana -- data source, broken after recent changes (#29737)
  * Docs: added version note for rename by regex transformation. (#29735)
  * @grafana/ui: Fix UI issues for cascader button dropdown and query input (#29727)
  * Docs: Update configuration.md (#29728)
  * Docs: Remove survey (#29549)
  * Logging: rate limit fronted logging endpoint (#29272)
  * API: add Status() to RedirectResponse (#29722)
  * Elasticsearch: Deprecate browser access mode (#29649)
  * Elasticsearch: Fix query initialization action (#29652)
  * PanelLibrary: Adds api and db to create Library/Shared/Reusable Panel (#29642)
  * Transformer: Rename metrics based on regex (#29281)
  * Variables: Fixes upgrade of legacy Prometheus queries (#29704)
  * Auth: Add SigV4 header allowlist to reduce chances of verification issues (#29650)
  * DataFrame: add path and description metadata (#29695)
  * Alerting: Use correct time series name override from frame fields (#29693)
  * GraphNG: fix bars migration and support color and linewidth (#29697)
  * PanelHeader: Fix panel header description inline code wrapping (#29628)
  * Bugfix 29848: Remove annotation_tag entries as part of annotations cleanup (#29534)
  * GraphNG: simple settings migration from flot panel (#29599)
  * GraphNG: replace bizcharts with uPlot for sparklines (#29632)
  * GitHubActions: Update node version in github action (#29683)
  * Adds go dep used by an Enterprise feature.  (#29645)
  * Typescript: Raise strict error limit for enterprise (#29688)
  * Remove unnecessary escaping (#29677)
  * Update getting-started-prometheus.md (#29678)
  * instrumentation: align label name with our other projects (#29514)
  * Typescript: Fixing typescript strict error, and separate check from publishing (#29679)
  * CloudWatch: namespace in search expression should be quoted if match exact is enabled #29109 (#29563)
  * Docs: Plugin schema updates (#28232)
  * RadioButton: Fix flex issue in master for radio buttons (#29664)
  * Update getting-started.md (#29670)
  * Expr: fix time unit typo in ds queries (#29668)
  * Expr: make reduction nan/null more consistent (#29665)
  * Expr: fix func argument panic (#29663)
  * Update documentation-style-guide.md (#29661)
  * Update documentation-markdown-guide.md (#29659)
  * Docs: Changed image format (#29658)
  * Expr: fix failure to execute due to OrgID (#29653)
  * GraphNG: rename 'points' to 'showPoints' (#29635)
  * Expressions: Restore showing expression query editor even if main data source is not mixed (#29656)
  * GraphNG: time range should match the panel timeRange (#29596)
  * Support svg embedded favicons in whitelabeling (#29436)
  * Add changelog to docs style guide (#29581)
  * Loki: Retry web socket connection when connection is closed abnormally (#29438)
  * GraphNG: Fix annotations and exemplars plugins (#29613)
  * Chore: Rewrite tsdb sql engine test to standard library (#29590)
  * GraphNG: fix and optimize spanNulls (#29633)
  * Build(deps): Bump highlight.js from 10.4.0 to 10.4.1 (#29625)
  * Cloudwatch: session cache should use UTC consistently (#29627)
  * GraphNG: rename GraphMode to DrawStyle (#29623)
  * GraphNG: add spanNulls config option (#29512)
  * Docs: add docs for concatenate transformer (#28667)
  * Stat/Gauge: expose explicit font sizing (#29476)
  * GraphNG: add gaps/nulls support to staircase & smooth interpolation modes (#29593)
  * grafana/ui: Migrate Field knobs to controls (#29433)
  * Prometheus: Fix link to Prometheus graph in dashboard (#29543)
  * Build: Publish next and latest npm channels to Github (#29615)
  * Update broken aliases (#29603)
  * API: add ID to snapshot API responses (#29600)
  * Elasticsearch: Migrate queryeditor to React (#28033)
  * QueryGroup & DataSourceSrv & DataSourcePicker changes simplify usage, error handling and reduce duplication, support for uid (#29542)
  * Elastic: Fixes config UI issues (#29608)
  * GraphNG: Fix issues with plugins not retrieving plot instance (#29585)
  * middleware: Make scenario test functions take a testing.T argument (#29564)
  * Grafana/ui: Storybook controls understand component types (#29574)
  * Login: Fixes typo in tooltip (#29604)
  * Panel: making sure we support all versions of chrome when detecting position of click event. (#29544)
  * Chore: Rewrite sqlstore migration test to use standard library (#29589)
  * Chore: Rewrite tsdb prometheus test to standard library (#29592)
  * Security: Add gosec G304 auditing annotations (#29578)
  * Chore: Rewrite tsdb testdatasource scenarios test to standard library (#29591)
  * Docs: Add missing key to enable SigV4 for provisioning Elasticsearch data source (#29584)
  * Add Microsoft.Network/natGateways (#29479)
  * Update documentation-style-guide.md (#29586)
  * @grafana/ui: Add bell-slash to available icons (#29579)
  * Alert: Fix forwardRef warning (#29577)
  * Update documentation-style-guide.md (#29580)
  * Chore: Upgrade typescript to 4.1 (#29493)
  * PanelLibrary: Adds library_panel table (#29565)
  * Make build docker full fix (#29570)
  * Build: move canary packages to github (#29411)
  * Devenv: Add default db for influxdb (#29371)
  * Chore: Check errors from Close calls (#29562)
  * GraphNG: support auto and explicit axis width (#29553)
  * Chore: upgrading y18n to 4.0.1 for security reasons (#29523)
  * Middleware: Rewrite tests to use standard library (#29535)
  * Overrides: show category on the overrides (#29556)
  * GraphNG: Bars, Staircase, Smooth modes (#29359)
  * Docs: Fix docs sync actions (#29551)
  * Chore: Update dev guide node version for Mac (#29548)
  * Docs: Update formatting-multi-value-variables.md (#29547)
  * Arrow: toArray() on nullable values should include null values (#29520)
  * Docs: Update syntax.md (#29545)
  * NodeJS: Update to LTS (14) (#29467)
  * Docs: Update repeat-panels-or-rows.md (#29540)
  * 3 minor changes, including updating the title TOC (#29501)
  * Auth proxy: Return standard error type (#29502)
  * Data: use pre-defined output array length in vectorToArray() (#29516)
  * Dashboards: hide playlist edit functionality from viewers and snapshots link from unauthenticated users (#28992)
  * docker: use yarn to build (#29538)
  * QueryEditors: Refactoring & rewriting out dependency on PanelModel (#29419)
  * Chore: skip flaky tests (#29537)
  * Graph NG: Invalidate uPlot config on timezone changes (#29531)
  * IntelliSense: Fix autocomplete and highlighting for Loki, Prometheus, Cloudwatch (#29381)
  * Variables: Fixes Textbox current value persistence (#29481)
  * OptionsEditor: simplify the options editor interfaces (#29518)
  * Icon: Changed the icon for signing in (#29530)
  * fixes bug with invalid handler name for metrics (#29529)
  * Middleware: Simplifications (#29491)
  * GraphNG: simplify effects responsible for plot updates/initialization  (#29496)
  * Alarting: fix alarm messages in dingding (Fixes #29470) (#29482)
  * PanelEdit: making sure the correct datasource query editor is being rendered. (#29500)
  * AzureMonitor: Unit MilliSeconds naming (#29399)
  * Devenv: update mysql_tests and postgres_tests blocks for allowing dynamically change of underlying docker image (#29525)
  * Chore: Enable remaining eslint-plugin-react rules (#29519)
  * Docs/Transformations: Add documentation about Binary operations in Add field from calculation (#29511)
  * Datasources: fixed long error message overflowing container (#29440)
  * docker: fix Dockerfile after Gruntfile.js removed (#29515)
  * Chore: Adds Panel Library featuretoggle (#29521)
  * Docs: Update filter-variables-with-regex.md (#29508)
  * Docs: InfluxDB_V2 datasource: adding an example on how to add InfluxQL as a datasource (#29490)
  * Loki: Add query type and line limit to query editor in dashboard (#29356)
  * Docs: Added Security Group support to Azure Auth (#29418)
  * DataLinks: Removes getDataSourceSettingsByUid from applyFieldOverrides  (#29447)
  * Bug: trace viewer doesn't show more than 300 spans (#29377)
  * Live: publish all dashboard changes to a single channel (#29474)
  * Chore: Enable eslint-plugin-react partial rules (#29428)
  * Alerting: Update alertDef.ts with more time options (#29498)
  * DataSourceSrv: Look up data source by uid and name transparently (#29449)
  * Instrumentation: Add examplars for request histograms (#29357)
  * Variables: Fixes Constant variable persistence confusion (#29407)
  * Docs: Fix broken link for plugins (#29346)
  * Prometheus: don't override displayName property (#29441)
  * Grunt: Removes grunt dependency and replaces some of its usage (#29461)
  * Transformation: added support for excluding/including rows based on their values. (#26884)
  * Chore: Enable exhaustive linter (#29458)
  * Field overrides: added matcher to match all fields within frame/query. (#28872)
  * Log: Use os.Open to open file for reading (#29483)
  * MinMax: keep global min/main in field state (#29406)
  * ReactGridLayout: Update dependency to 1.2 (#29455)
  * Jest: Upgrade to latest (#29450)
  * Chore: bump grafana-ui rollup dependencies (#29315)
  * GraphNG: use uPlot's native ms support (#29445)
  * Alerting: Add support for Sensu Go notification channel (#28012)
  * adds tracing for all bus calls that passes ctx (#29434)
  * prometheus: Improve IsAPIError's documentation (#29432)
  * ReleaseNotes: Updated changelog and release notes for 7.3.4 (#29430)
  * Elasticsearch: Fix index pattern not working with multiple base sections (#28348)
  * Plugins: Add support for includes' icon (#29416)
  * Docs: fixing frontend docs issue where enums ending up in wrong folder level. (#29429)
  * Variables: Fixes issue with upgrading legacy queries (#29375)
  * Queries: Extract queries from dashboard (#29349)
  * Docs: docker -> Docker (#29331)
  * PanelEvents: Refactors and removes unnecessary events, fixes panel editor update issue when panel options change (#29414)
  * Fix: Correct panel edit uistate migration (#29413)
  * Alerting: Improve Prometheus Alert Rule error message (#29390)
  * Fix: Migrate Panel edit uiState percentage strings to number (#29412)
  * remove insecure cipher suit as default option (#29378)
  * * prometheus fix variables fetching when  customQueryParameters used #28907 (#28949)
  * Chore: Removes observableTester (#29369)
  * Chore: Adds e2e tests for Variables (#29341)
  * Fix gosec finding of unhandled errors (#29398)
  * Getting started with Grafana and MS SQL (#29401)
  * Arrow: cast timestams to Number (#29402)
  * Docs: Add Cloud content links (#29317)
  * PanelEditor: allow access to the eventBus from panel options (#29327)
  * GraphNG: support x != time in library (#29353)
  * removes unused golint file (#29391)
  * prefer server cipher suites (#29379)
  * Panels/DashList: Fix order of recent dashboards (#29366)
  * Core: Move SplitPane layout from PanelEdit. (#29266)
  * Drone: Upgrade build pipeline tool (#29365)
  * Update yarn.lock to use latest rc-util (#29313)
  * Variables: Adds description field  (#29332)
  * Chore: Update latest.json (#29351)
  * Drone: Upload artifacts for release branch builds (#29297)
  * Docs: fixing link issues in auto generated frontend docs. (#29326)
  * Drone: Execute artifact publishing for both editions in parallel during release (#29362)
  * Devenv: adding default credentials for influxdb (#29344)
  * Drone: Check CUE dashboard schemas (#29334)
  * Backend: fix IPv6 address parsing erroneous (#28585)
  * dashboard-schemas cue 3.0.0 compatible (#29352)
  * Update documentation-style-guide.md (#29354)
  * Docs: Update requirements.md (#29350)
  * ReleaseNotes: Updated changelog and release notes for 7.3.4 (#29347)
  * ReleaseNotes: Updated changelog and release notes for 7.3.4 (#29338)
  * Drone: Publish NPM packages after Storybook to avoid race condition (#29340)
  * Add an option to hide certain users in the UI (#28942)
  * Guardian: Rewrite tests from goconvey (#29292)
  * Docs: Fix editor role and alert notification channel description (#29301)
  * Docs: Improve custom Docker image instructions (#29263)
  * Security: Fixes minor security issue with alert notification webhooks that allowed GET & DELETE requests #29330
  * Chore: Bump storybook to v6 (#28926)
  * ReleaseNotes: Updates release notes link in package.json (master) (#29329)
  * Docs: Accurately reflecting available variables (#29302)
  * Heatmap: Fixes issue introduced by new eventbus (#29322)
  * Dashboard Schemas (#28793)
  * devenv: Add docker load test which authenticates with API key (#28905)
  * Login: Fixes redirect url encoding issues of # %23 being unencoded after login (#29299)
  * InfluxDB: update flux library and support boolean label values (#29310)
  * Explore/Logs: Update Parsed fields to Detected fields (#28881)
  * GraphNG: Init refactorings and fixes (#29275)
  * fixing a broken relref link (#29312)
  * Drone: Upgrade build pipeline tool (#29308)
  * decreasing frontend docs threshold. (#29304)
  * Docker: update docker root group docs and docker image (#29222)
  * WebhookNotifier: Convert tests away from goconvey (#29291)
  * Annotations: fixing so when changing annotations query links submenu will be updated. (#28990)
  * [graph-ng] add temporal DataFrame alignment/outerJoin & move null-asZero pass inside (#29250)
  * Dashboard: Fixes kiosk state after being redirected to login page and back (#29273)
  * make it possible to hide change password link in profile menu (#29246)
  * Theme: Add missing color type (#29265)
  * Chore: Allow reducerTester to work with every data type & payload-less actions (#29241)
  * Explore/Prometheus: Update default query type option to 'Both' (#28935)
  * Loki/Explore: Add query type selector (#28817)
  * Variables: New Variables are stored immediately (#29178)
  * reduce severity level to warning (#28939)
  * Units: Changes FLOP/s to FLOPS and some other rates per second units get /s suffix  (#28825)
  * Docs: Remove duplicate 'Transformations overview' topics from the TOC (#29247)
  * Docs: Fixed broken relrefs and chanfed TOC entry name from Alerting to Alerts. (#29251)
  * Docs: Remove duplicate Panel overview topic.  (#29248)
  * Increase search limit on team add user and improve placeholder (#29258)
  * Fix warnings for conflicting style rules (#29249)
  * Make backwards compatible (#29212)
  * Minor cosmetic markdown tweaks in docs/cloudwatch.md (#29238)
  * Getting Started: Updated index topic, removed 'what-is-grafana', and adjusted weight o… (#29216)
  * BarGauge: Fix story for BarGauge, caused knobs to show for other stories (#29232)
  * Update glossary to add hyperlinks to Explore and Transformation entries (#29217)
  * Chore: Enable errorlint linter (#29227)
  * TimeRegions: Fixed issue with time regions and tresholds due to angular js upgrade (#29229)
  * CloudWatch: Support request cancellation properly (#28865)
  * CloudMonitoring: Support request cancellation properly (#28847)
  * Chore: Handle wrapped errors (#29223)
  * Expressions: Move GEL into core as expressions (#29072)
  * Chore: remove compress:release grunt task (#29225)
  * Refactor/Explore: Inline datasource actions into initialisation (#28953)
  * Fix README typo (#29219)
  * Grafana UI: Card API refactor (#29034)
  * Plugins: Changed alertlist alert url to view instead of edit (#29060)
  * React: Upgrading react to v17, wip (#29057)
  * Gauge: Tweaks short value auto-sizing (#29197)
  * BackendSrv: support binary responseType like $http did (#29004)
  * GraphNG: update the options config (#28917)
  * Backend: Fix build (#29206)
  * Permissions: Validate against Team/User permission role update (#29101)
  * ESlint: React fixes part 1 (#29062)
  * Tests: Adds expects for observables (#28929)
  * Variables: Adds new Api that allows proper QueryEditors for Query variables (#28217)
  * Introduce eslint-plugin-react (#29053)
  * Automation: Adds GitHub release action (#29194)
  * Refactor declarative series configuration to a config builder (#29106)
  * ReleaseNotes: Updated changelog and release notes for 7.3.3 (#29189)
  * Panels: fix positioning of the header title (#29167)
  * trace user login and datasource name instead of id (#29183)
  * playlist: Improve test (#29120)
  * Drone: Fix publish-packages invocation (#29179)
  * Table: Fix incorrect condtition for rendering table filter (#29165)
  * Chore: Upgrade grafana/build-ci-deploy image to latest Go (#29171)
  * DashboardLinks: will only refresh dashboard search when changing tags for link. (#29040)
  * ReleaseNotes: Updated changelog and release notes for 7.3.3 (#29169)
  * CloudWatch: added HTTP API Gateway specific metrics and dimensions (#28780)
  * Release: Adding release notes for 7.3.3 (#29168)
  * SQL: Define primary key for tables without it (#22255)
  * changed link format from MD to HTML (#29163)
  * Backend: Rename variables for style conformance (#29097)
  * Docs: Fixes what'new menu and creates index page, adds first draft of release notes to docs (#29158)
  * Drone: Upgrade build pipeline tool and build image (#29161)
  * ReleaseNotes: Updated changelog and release notes for 7.4.0 (#29160)
  * ReleaseNotes: Updated changelog and release notes for 7.3.3 (#29159)
  * Chore: Upgrade Go etc in build images (#29157)
  * Chore: Remove unused Go code (#28852)
  * API: Rewrite tests from goconvey (#29091)
  * Chore: Fix linting issues caught by ruleguard (#28799)
  * Fix panic when using complex dynamic URLs in app plugin routes  (#27977)
  * Snapshots: Fixes so that dashboard snapshots show data when using Stat, Gauge, BarGauge or Table panels (#29031)
  * Fix authomation text: remove hyphen (#29149)
  * respect fronted-logging.enabled flag (#29107)
  * build paths in an os independent way (#29143)
  * Provisioning: always pin app to the sidebar when enabled (#29084)
  * Automation: Adds new changelog actions (#29142)
  * Chore: Rewrite preferences test from GoConvey to stdlib and testify (#29129)
  * Chore: Upgrade Go dev tools (#29124)
  * Automation: Adding version bump action
  * DataFrames: add utility function to check if structure has changed (#29006)
  * Drone: Fix Drone config verification for enterprise on Windows (#29118)
  * Chore: Require OrgId to be specified in delete playlist command (#29117)
  * Plugin proxy: Handle URL parsing errors (#29093)
  * Drone: Verify Drone config at beginning of pipelines (#29071)
  * Legend/GraphNG: Refactoring legend types and options (#29067)
  * Doc: Update documentation-style-guide.md (#29082)
  * Chore: Bumps types for jest (#29098)
  * LogsPanel: Fix scrolling in dashboards (#28974)
  * sort alphabetically unique labels, labels and parsed fields (#29030)
  * Data source proxy: Convert 401 from data source to 400 (#28962)
  * Plugins: Implement testDatasource for Jaeger (#28916)
  * Update react-testing-library (#29061)
  * Graph: Fixes stacking issues like floating bars when data is not aligned  (#29051)
  * StatPanel: Fixes hanging issue when all values are zero (#29077)
  * Auth: Enable more complete credential chain for SigV4 default SDK auth option (#29065)
  * Chore: Convert API tests to standard Go lib (#29009)
  * Update README.md (#29075)
  * Update CODEOWNERS (#28906)
  * Enhance automation text for missing information (#29052)
  * GraphNG: Adding ticks test dashboard and improves tick spacing (#29044)
  * Chore: Migrate Dashboard List panel to React (#28607)
  * Test Datasource/Bug: Fixes division by zero in csv metric values scenario (#29029)
  * Plugins: Bring back coreplugin package (#29064)
  * Add 'EventBusName' dimension to CloudWatch 'AWS/Events' namespace (#28402)
  * CloudWatch: Add support for AWS/ClientVPN metrics and dimensions (#29055)
  * AlertingNG: manage and evaluate alert definitions via the API (#28377)
  * Fix linting issues (#28811)
  * Logging: Log frontend errors (#28073)
  * Fix for multi-value template variable for project selector (#29042)
  * Chore: Rewrite test helpers from GoConvey to stdlib (#28919)
  * GraphNG: Fixed axis measurements (#29036)
  * Fix links to logql docs (#29037)
  * latest 7.3.2 (#29041)
  * Elasticsearch: Add Moving Function Pipeline Aggregation (#28131)
  * changelog 7.3.2 (#29038)
  * MutableDataFrame: Remove unique field name constraint and values field index and unused/seldom used stuff  (#27573)
  * Fix prometheus docs related to query variable (#29027)
  * Explore: support ANSI colors in live logs (#28895)
  * Docs: Add documentation about log levels (#28975)
  * Dashboard: remove usage of Legacyforms (#28707)
  * Docs: Troubleshoot starting docker containers on Mac (#28754)
  * Elasticsearch: interpolate variables in Filters Bucket Aggregation (#28969)
  * Chore: Bump build pipeline version (#29023)
  * Annotations: Fixes error when trying to create annotation when dashboard is unsaved (#29013)
  * TraceViewer: Make sure it does not break when no trace is passed (#28909)
  * Thresholds: Fixes color assigned to null values (#29010)
  * Backend: Remove unused code (#28933)
  * Fix documentation (#28998)
  * Tracing: Add setting for sampling server (#29011)
  * Logs Panel: Fix inconsistent higlighting (#28971)
  * MySQL: Update README.md (#29003)
  * IntervalVariable: Fix variable tooltip (#28988)
  * StatPanels: Fixes auto min max when latest value is zero (#28982)
  * Chore: Fix SQL related Go variable naming (#28887)
  * MSSQL: Support request cancellation properly (Uses new backendSrv.fetch Observable request API) (#28809)
  * Variables: Fixes loading with a custom all value in url (#28958)
  * Backend: Adds route for well-known change password URL (#28788)
  * docs: fix repeated dashboards link (#29002)
  * LogsPanel: Don't show scroll bars when not needed (#28972)
  * Drone: Fix docs building (#28986)
  * StatPanel: Fixed center of values in edge case scenarios (#28968)
  * Update getting-started-prometheus.md (#28502)
  * Docs: fix relref (#28977)
  * Docs: Minor docs update
  * Docs: Another workflow docs update
  * Docs: Workflow minor edit
  * Docs: Another minor edit
  * Docs: Update PR workflow docs
  * Docs: Update bot docs
  * StatPanels: set default to last (#28617)
  * Tracing: log traceID in request logger (#28952)
  * start tracking usage stats for tempo (#28948)
  * Docs: Update bot docs
  * GrafanaBot: Update labels and commands and adds docs  (#28950)
  * Docs: updates for file-based menu (#28500)
  * Grot: Added command/label to close feature requests with standard message (#28937)
  * GraphNG: Restore focus option (#28946)
  * Docs: Fix links (#28945)
  * Short URL: Cleanup unvisited/stale short URLs (#28867)
  * GraphNG: Using new VizLayout, moving Legend into GraphNG and some other refactorings (#28913)
  * CloudWatch Logs: Change what we use to measure progress (#28912)
  * Chore: use jest without grunt (#28558)
  * Chore: Split Explore redux code into multiple sections (#28819)
  * TestData: Fix issue with numeric inputs in TestData query editor (#28936)
  * setting: Fix tests on Mac (#28886)
  *  Plugins signing: Fix docs urls (#28930)
  * Field color: handling color changes when switching panel types (#28875)
  * Variables: make sure that we support both old and new syntax for custom variables. (#28896)
  * CodeEditor: added support for javascript language (#28818)
  * Update CHANGELOG.md (#28928)
  * Plugins: allow override when allowing unsigned plugins (#28901)
  * Chore: Fix spelling issue (#28904)
  * Grafana-UI: LoadingPlaceholder docs (#28874)
  * Gauge: making sure threshold panel json is correct before render (#28898)
  * Chore: Rewrite test in GoConvey to stdlib and testify (#28918)
  * Update documentation-style-guide.md (#28908)
  * Adding terms to glossary (#28884)
  * Devenv: Fix Prometheus basic auth proxy (#28889)
  * API: replace SendLoginLogCommand with LoginHook (#28777)
  * Dashboards / Folders: delete related data (permissions, stars, tags, versions, annotations) when deleting a dashboard or a folder (#28826)
  * Loki: Correct grammar in DerivedFields.tsx (#28885)
  * Docs: Update list of Enterprise plugins (#28882)
  * Live: update centrifuge and the ChannelHandler api (#28843)
  * Update share-panel.md (#28880)
  * CRLF (#28822)
  * PanelHeader: show streaming indicator (and allow unsubscribe)  (#28682)
  * Docs: Plugin signing docs (#28671)
  * Chore: Fix issues reported by staticcheck; enable stylecheck linter (#28866)
  * Elasticsearch: Filter pipeline aggregations from order by options (#28620)
  * Variables: added __user.email to global variable (#28853)
  * Fix titles case and add missing punctuation marks (#28713)
  * VizLayout: Simple viz layout component for legend placement and scaling (#28820)
  * Chore: Fix staticcheck issues (#28860)
  * Chore: Fix staticcheck issues (#28854)
  * Disable selecting enterprise plugins with no license (#28758)
  * Tempo: fix test data source (#28836)
  * Prometheus: fix missing labels from value (#28842)
  * Chore: Fix issues found by staticcheck (#28802)
  * Chore: Remove dead code (#28664)
  * Units: added support to handle negative fractional numbers. (#28849)
  * Variables: Adds variables inspection (#25214)
  * Marked: Upgrade and always sanitize by default (#28796)
  * Currency: add Philippine peso currency (PHP) (#28823)
  * Alert: Remove z-index on Alert component so that it does not overlay ontop of other content (#28834)
  * increase blob column size for encrypted dashboard data (#28831)
  * Gauge: Improve font size auto sizing (#28797)
  * grafana/toolkit: allow builds with lint warnings (#28810)
  * core and grafana/toolkit: Use latest version of grafana-eslint-conifg (#28816)
  * Icon: Replace font awesome icons where possible (#28757)
  * Remove homelinks panel (#28808)
  * StatPanels: Add new calculation option for percentage difference  (#26369)
  * Dashboard: Add Datetime local (No date if today) option in panel axes' units (#28011)
  * Variables: Adds named capture groups to variable regex (#28625)
  * Panel inspect: Interpolate variables in panel inspect title (#28779)
  * grafana/toolkit: Drop console and debugger statements by default when building plugin with toolkit (#28776)
  * Variables: Fixes URL values for dependent variables (#28798)
  * Graph: Fixes event emit function error (#28795)
  * Adds storybook integrity check to drone config (#28785)
  * Live: improve broadcast semantics and avoid double posting (#28765)
  * Events: Remove unused or unnecessary events  (#28783)
  * Docs: added code comments to frontend packages. (#28784)
  * Plugin Dockerfiles: Upgrade Go, golangci-lint, gcloud SDK (#28767)
  * Dependencies: Update angularjs to 1.8.2 (#28736)
  * EventBus: Introduces new event bus with emitter backward compatible interface (#27564)
  * ColorSchemes: Add new color scheme (#28719)
  * Docs: Add NGINX example for using websockets to Loki (#27998)
  * Docs: Made usage of config/configuration consistent #19270 (#28167)
  * Cloudwatch: Fix issue with field calculation transform not working properly with Cloudwatch data (#28761)
  * grafana/toolkit: Extract CHANGELOG when building plugin (#28773)
  * Drone: Upgrade build pipeline tool (#28769)
  * devenv: Upgrade MSSQL Docker image (#28749)
  * Docs: Add docs for InfoBox component (#28705)
  * Reoeragnization. (#28760)
  * gtime: Add ParseDuration function (#28525)
  * Explore: Remove redundant decodeURI and fix urls (#28697)
  * Dashboard: fix view panel mode for Safari / iOS (#28702)
  * Provisioning: Fixed problem with getting started panel being added to custom home dashboard (#28750)
  * LoginPage: Removed auto-capitalization from the login form (#28716)
  * Plugin page: Fix dom validation warning (#28737)
  * Migration: Remove LegacyForms from dashboard folder permissions (#28564)
  * Dependencies: Remove unused dependency (#28711)
  * AlertRuleList: Add keys to alert rule items (#28735)
  * Chore: Pin nginx base image in nginx proxy Dockerfiles (#28730)
  * Drone: Upgrade build-pipeline tool (#28728)
  * TableFilters: Fixes filtering with field overrides (#28690)
  * Templating: Speeds up certain variable queries for Postgres, MySql and MSSql (#28686)
  * Fix typo in unsigned plugin warning (#28709)
  * Chore: Convert sqlstore annotation test from GoConvey to testify (#28715)
  * updates from https://github.com/grafana/grafana/pull/28679 (#28708)
  * Chore: Add some scenario tests for Explore (#28534)
  * Update latest version to 7.3.1 (#28701)
  * Changelog update - 7.3.1 (#28699)
  * Drone: Don't build on Windows for PRs (#28663)
  * Build: changing docs docker image to prevent setting up frontend devenv. (#28670)
  * Prometheus: Fix copy paste behaving as cut and paste (#28622)
  * Loki: Fix error when some queries return zero results (#28645)
  * Chore: allow higher nodejs version than 12 (#28624)
  * TextPanel: Fixes problems where text panel would show old content (#28643)
  * PanelMenu: Fixes panel submenu not being accessible for panels close to the right edge of the screen (#28666)
  * Cloudwatch: Fix duplicate metric data (#28642)
  * Add info about CSV download for Excel in What's new article (#28661)
  * Docs: Describe pipeline aggregation changes in v7.3 (#28660)
  * Plugins: Fix descendent frontend plugin signature validation (#28638)
  * Docker:  use root group in the custom Dockerfile (#28639)
  * Bump rxjs to 6.6.3 (#28657)
  * StatPanel: Fixed value being under graph and reduced likley hood for white and dark value text mixing (#28641)
  * Table: Fix image cell mode so that it works with value mappings (#28644)
  * Build: support custom build tags (#28609)
  * Plugin signing: Fix copy on signed plugin notice (#28633)
  * Dashboard: Fix navigation from one SoloPanelPage to another one (#28578)
  * CloudWatch: Improve method name, performance optimization (#28632)
  * Developer guide: Update wrt. Windows (#28559)
  * Docs: Update graph panel for tabs (#28552)
  * update latest.json (#28603)
  * Docs: data source insights (#28542)
  * Field config API: add slider editor (#28007)
  * changelog: update for 7.3.0 (#28602)
  * Update uPlot to 1.2.2 and align timestamps config with new uPLot API (#28569)
  * Live: updated the reference to use lazy loaded Monaco in code editor. (#28597)
  * Dashboard: Allow add panel for viewers_can_edit (#28570)
  * Docs: Data source provisioning and sigV4 (#28593)
  * Docs: Additional 7.3 upgrade notes (#28592)
  * CI: Add GCC to Windows Docker image (#28562)
  * CloudWatch Logs queue and websocket support (#28176)
  * Explore/Loki: Update docs and cheatsheet (#28541)
  * Grafana-UI: Add Card component (#28216)
  * AddDatasource: Improve plugin categories (#28584)
  * StatPanel: Fixes BizChart error max: yyy should not be less than min zzz (#28587)
  * docs: a few tweaks for clarity and readability (#28579)
  * API: Reducing some api docs errors (#28575)
  * Grafana-UI: ContextMenu docs (#28508)
  * Short URL: Update last seen at when visiting a short URL (#28565)
  * Fix backend build on Windows (#28557)
  * add value prop (#28561)
  * Plugin signing: UI information (#28469)
  * Use fetch API in InfluxDB data source (#28555)
  * PanelEdit: Prevent the preview pane to be resized further than window height (#28370)
  * Docs: Update generic-oauth.md (#28517)
  * GCS image uploader: Add tests (#28521)
  * Move metrics collector queries to config (#28549)
  * Plugins: Fix plugin URL paths on Windows (#28548)
  * API: add login username in SendLoginLogCommand (#28544)
  * AzureMonitor: Support decimal (as float64) type in analytics/logs (#28480)
  * Auth: Fix SigV4 request verification step for Amazon Elasticsearch Service (#28481)
  * Grafana/ui: auto focus threshold editor input (#28360)
  * Docs: SigV4 What's New and AWS Elasticsearch documentation (#28506)
  * Drone: Upgrade build pipeline tool (#28533)
  * Drone: Refactor version branch pipeline logic (#28531)
  * Drone: Upgrade build-pipeline tool (#28520)
  * Docs: Update field color scheme docs and 7.3 what's new (#28496)
  * Templating: Custom variable edit UI, change text input into textarea  (#28312) (#28322)
  * Currency: Adds Indonesian IDR currency (#28363)
  * Chore: Fix flaky sqlstore annotation test (#28527)
  * Checkbox: Fix component sample typo (#28518)
  * Image uploader: Fix uploading of images to GCS (#26493)
  * OAuth: Support Forward OAuth Identity for backend data source plugins (#27055)
  * Updated documentation style guide  (#28488)
  * Cloud Monitoring: Fix help section for aliases (#28499)
  * Docs: what's new in enterprise 7.3 (#28472)
  * Plugins: Track plugin signing errors and expose them to the frontend (#28219)
  * Elasticsearch: Fix handling of errors when testing data source (#28498)
  * Auth: Should redirect to login when anonymous enabled and URL with different org than anonymous specified  (#28158)
  * Drone: Don't build Windows installer for version branches (#28494)
  * Docs: Grafana Enterprise auditing feature (#28356)
  * Drone: Add version branch pipeline (#28490)
  * Getting Started section rehaul (#28090)
  * Docs: Add survey content (#28446)
  * Docs: Update prometheus.md (#28483)
  * Docs: Add view settings and view stats (#28155)
  * Remove entry from 7.3.0-beta2 Changelog (#28478)
  * Circle: Remove release pipeline (#28474)
  * Update latest.json (#28476)
  * Switch default version to Graphite 1.1 (#28471)
  * Plugin page: update readme icon (#28465)
  * Chore: Update changelog (#28473)
  * Explore: parse time range fix (#28467)
  * Alerting: Log alert warnings for obsolete notifiers when extracting alerts and remove spammy error (#28162)
  * Shorten url: Unification across Explore and Dashboards (#28434)
  * Explore: Support wide data frames (#28393)
  * Docs: updated cmd to build docs locally to generate docs prior to building site. (#28371)
  * Live: support real time measurements (alpha) (#28022)
  * CloudWatch/Athena - valid metrics and dimensions. (#28436)
  * Chore: Use net.JoinHostPort (#28421)
  * Chore: Upgrade grafana-eslint to latest (#28444)
  * Fix cut off icon (#28442)
  * Docs: Add shared (#28411)
  * Loki: Visually distinguish error logs for LogQL2 (#28359)
  * Database; Remove database metric feature flag and update changelog (#28438)
  * TestData: multiple arrow requests should return multiple frames (#28417)
  * Docs: Test survey code (#28437)
  * Docs: improved github action that syncs docs to website (#28277)
  * update latest.json with latest stable version (#28433)
  * 7.2.2 changelog update (#28406)
  * plugins: Don't exit on duplicate plugin (#28390)
  * API: Query database from /api/health endpoint (#28349)
  * Chore: Fix conversion of a 64-bit integer to a lower bit size type uint (#28425)
  * Prometheus: fix parsing of infinite sample values (#28287) (#28288)
  * Chore: Rewrite some tests to use testify (#28420)
  * Plugins: do not remount app plugin on nav change (#28105)
  * App Plugins: Add backend support (#28272)
  * Chore: react hooks eslint fixes in grafana-ui (#28026)
  * ci-e2e: Add Git (#28410)
  * TestData: Remove useEffect that triggeres query on component load (#28321)
  * FieldColor: Remove inverted color scheme (#28408)
  * Chore: Set timezone for tests to non utc. (#28405)
  * Chore: fix jsdoc desc and return (#28383)
  * Docs: Fixing v51 link (#28396)
  * fixes windows crlf warning (#28346)
  * Grafana/ui: pass html attributes to segment (#28316)
  * Alerting: Return proper status code when trying to create alert notification channel with duplicate name or uid (#28043)
  * OAuth: Able to skip auto login (#28357)
  * CloudWatch: Fix custom metrics (#28391)
  * Docs: Adds basic frontend data request concepts (#28253)
  * Instrumentation: Add histogram for request duration (#28364)
  * remove status label from histogram (#28387)
  * OAuth: configurable user name attribute (#28286)
  * Component/NewsPanel: Add rel='noopener' to NewsPanel links (#28379)
  * Webpack: Split out unicons and bizcharts (#28374)
  * Explore: Fix date formatting in url for trace logs link (#28381)
  * Docs: Add activate-license (#28156)
  * Instrumentation: Add counters and histograms for database queries (#28236)
  * Docs: Make tables formatting more consistent (#28164)
  * CloudWatch: Adding support for additional Amazon CloudFront metrics (#28378)
  * Add unique ids to query editor fields (#28376)
  * Plugins: Compose filesystem paths with filepath.Join (#28375)
  * Explore: Minor tweaks to exemplars marble (#28366)
  * Instrumentation: Adds environment_info metric  (#28355)
  * AzureMonitor: Fix capitalization of NetApp 'volumes' namespace (#28369)
  * ColorSchemes: Adds more color schemes and text colors that depend on the background (#28305)
  * Automation: Update backport github action trigger (#28352)
  * Dashboard links: Places drop down list so it's always visible (#28330)
  * Docs: Add missing records from grafana-ui 7.2.1 CHANGELOG (#28302)
  * Templating: Replace all '$tag' in tag values query (#28343)
  * Docs: Add docs for valuepicker (#28327)
  * Git: Create .gitattributes for windows line endings (#28340)
  * Update auth-proxy.md (#28339)
  * area/grafana/toolkit: update e2e docker image (#28335)
  * AlertingNG: remove warn/crit from eval prototype (#28334)
  * Automation: Tweaks to more info message (#28332)
  * Loki: Run instant query only when doing metric query (#28325)
  * SAML: IdP-initiated SSO docs (#28280)
  * IssueTriage: Needs more info automation and messages (#28137)
  * GraphNG: Use AxisSide enum (#28320)
  * BackendSrv: Fixes queue countdown when unsubscribe is before response (#28323)
  * Automation: Add backport github action (#28318)
  * Build(deps): Bump http-proxy from 1.18.0 to 1.18.1 (#27507)
  * Bump handlebars from 4.4.3 to 4.7.6 (#27416)
  * Bump tree-kill from 1.2.1 to 1.2.2 (#27405)
  * Loki: Base maxDataPoints limits on query type (#28298)
  * Explore: respect min_refresh_interval (#27988)
  * Drone: Use ${DRONE_TAG} in release pipelines, since it should work (#28299)
  * Graph NG: fix toggling queries and extract Graph component from graph3 panel (#28290)
  * fix: for graph size not taking up full height or width
  * should only ignore the file in the grafana mixin root folder (#28306)
  * Drone: Fix grafana-mixin linting (#28308)
  * SQLStore: Run tests as integration tests (#28265)
  * Chore: Add cloud-middleware as code owners (#28310)
  * API: Fix short URLs (#28300)
  * CloudWatch: Add EC2CapacityReservations Namespace (#28309)
  * Jaeger: timeline collapser to show icons (#28284)
  * update latest.json with latest beta version (#28293)
  * Update changelog (#28292)
  * Docs : - Added period (#28260)
  * Add monitoring mixing for Grafana (#28285)
  * Chore: Update package.json (#28291)
  * Drone: Fix enterprise release pipeline (#28289)
  * Alerting: Append appSubUrl to back button on channel form (#28282)
- Rework package Makefile & README now that Grunt is gone
- Update to version 7.3.6:
  * fixes for saml vulnerability
  * [v7.3.x] Fix: Correct panel edit uistate migration (#29413) (#29711)
  * PanelEdit: Prevent the preview pane to be resized further than window height (#28370) (#29726)
  * Fix: Migrate Panel edit uiState percentage strings to number (#29412) (#29723)
  * 'Release: Updated versions in package to 7.3.5' (#29710)
  * Chore: upgrading y18n to 4.0.1 for security reasons (#29523) (#29709)
  * Panel: making sure we support all versions of chrome when detecting position of click event. (#29544) (#29708)
  * PanelEdit: making sure the correct datasource query editor is being rendered. (#29500) (#29707)
  * [v7.3.x] Auth: Add SigV4 header allowlist to reduce chances of verification issues (#29705)
  * Alerting: Use correct time series name override from frame fields (#29693) (#29698)
  * CloudWatch: namespace in search expression should be quoted if match exact is enabled #29109 (#29563) (#29687)
  * Adds go dep used by an Enterprise feature.  (#29645) (#29690)
  * instrumentation: align label name with our other projects (#29514) (#29685)
  * Instrumentation: Add examplars for request histograms (#29357) (#29682)
  * Login: Fixes typo in tooltip (#29604) (#29606)
  * fixes bug with invalid handler name for metrics (#29529) (#29532)
  * AzureMonitor: Unit MilliSeconds naming (#29399) (#29526)
  * Alarting: fix alarm messages in dingding (Fixes #29470) (#29482) (#29527)
  * Bug: trace viewer doesn't show more than 300 spans (#29377) (#29504)
  * Prometheus: don't override displayName property (#29441) (#29488)
  * resolve conflicts (#29415)
  * Drone: Upgrade build pipeline tool (#29365) (#29368)
  * Drone: Upload artifacts for release branch builds (#29297) (#29364)
  * Drone: Execute artifact publishing for both editions in parallel during release (#29362) (#29363)
  * Drone: Publish NPM packages after Storybook to avoid race condition (#29340) (#29343)
  * Docs: Fix editor role and alert notification channel description (#29301) (#29337)
  * 'Release: Updated versions in package to 7.3.4' (#29336)
  * Security: Fixes minor security issue with alert notification webhooks that allowed GET & DELETE requests #29330 (#29335)
  * Backport of InfluxDB: update flux library and support boolean label values #29333
  * ReleaseNotes: Update link in package.json (#29328)
  * Login: Fixes redirect url encoding issues of # %23 being unencoded after login (#29299) (#29323)
  * Drone: Upgrade build pipeline tool (#29308) (#29309)
  * Annotations: fixing so when changing annotations query links submenu will be updated. (#28990) (#29285)
  * Dashboard: Fixes kiosk state after being redirected to login page and back (#29273) (#29278)
  * Increase search limit on team add user and improve placeholder (#29258) (#29261)
  * Drone: Sync with master (#29205)
  * Drone: Fix publish-packages invocation (#29179) (#29184)
  * Chore: Upgrade grafana/build-ci-deploy image to latest Go (#29171) (#29180)
  * Table: Fix incorrect condtition for rendering table filter (#29165) (#29181)
  * DashboardLinks: will only refresh dashboard search when changing tags for link. (#29040) (#29177)
  * Drone: Upgrade build pipeline tool and build image (#29161) (#29162)
  * Release: Updated versions in package to 7.3.3 (#29126)
  * git cherry-pick -x 0f3bebb38daa488e108881ce17d4f68167a834e6 (#29155)
  * Build: support custom build tags (#28609) (#29128)
  * Revert 'Graph: Fixes stacking issues like floating bars when data is not aligned  (#29051) (#29088)' (#29151)
  * Provisioning: always pin app to the sidebar when enabled (#29084) (#29146)
  * build paths in an os independent way (#29143) (#29147)
  * Chore: Upgrade Go dev tools (#29124) (#29132)
  * Automatin: set node version
  * Automation: Adding version bump action
  * Drone: Fix Drone config verification for enterprise on Windows (#29118) (#29119)
  * [v7.3.x] Drone: Verify Drone config at beginning of pipelines (#29111)
  * Test Datasource/Bug: Fixes division by zero in csv metric values scenario (#29029) (#29068)
  * [v7.3.x] StatPanel: Fixes hanging issue when all values are zero (#29087)
  * Data source proxy: Convert 401 from data source to 400 (#28962) (#29095)
  * Graph: Fixes stacking issues like floating bars when data is not aligned  (#29051) (#29088)
  * Auth: Enable more complete credential chain for SigV4 default SDK auth option (#29065) (#29086)
  * Fix for multi-value template variable for project selector (#29042) (#29054)
  * Thresholds: Fixes color assigned to null values (#29010) (#29018)
  * [v7.3.x] Chore: Bump build pipeline version (#29025)
  * Release v7.3.2 (#29024)
  * Fix conflict (#29020)
  * StatPanels: Fixes auto min max when latest value is zero (#28982) (#29007)
  * Tracing: Add setting for sampling server (#29011) (#29015)
  * Gauge: making sure threshold panel json is correct before render (#28898) (#28984)
  * Variables: make sure that we support both old and new syntax for custom variables. (#28896) (#28985)
  * Explore: Remove redundant decodeURI and fix urls (#28697) (#28963)
  * [v7.3.x] Drone: Fix docs building (#28987)
  * Alerting: Append appSubUrl to back button on channel form (#28282) (#28983)
  * Plugins: allow override when allowing unsigned plugins (#28901) (#28927)
  * CloudWatch Logs: Change what we use to measure progress (#28912) (#28964)
  * Tracing: log traceID in request logger (#28952) (#28959)
  * Panel inspect: Interpolate variables in panel inspect title (#28779) (#28801)
  * UsageStats: start tracking usage stats for tempo (#28948) (#28951)
  * Short URL: Cleanup unvisited/stale short URLs (#28867) (#28944)
  *  Plugins signing: Fix docs urls (#28930) (#28934)
  * Chore: Fix spelling issue (#28904) (#28925)
  * API: replace SendLoginLogCommand with LoginHook (#28777) (#28891)
  * Elasticsearch: Exclude pipeline aggregations from order by options (#28620) (#28873)
  * Dashboards / Folders: delete related data (permissions, stars, tags, versions, annotations) when deleting a dashboard or a folder (#28826) (#28890)
  * Disable selecting enterprise plugins with no license (#28758) (#28859)
  * Tempo: fix test data source (#28836) (#28856)
  * Prometheus: fix missing labels from value (#28842) (#28855)
  * Units: added support to handle negative fractional numbers. (#28849) (#28851)
  * increase blob column size for encrypted dashboard data (#28831) (#28832)
  * Gauge: Improve font size auto sizing (#28797) (#28828)
  * Variables: Fixes URL values for dependent variables (#28798) (#28800)
  * grafana/toolkit: Extract CHANGELOG when building plugin (#28773) (#28774)
  * Templating: Custom variable edit UI, change text input into textarea  (#28312) (#28322) (#28704)
  * Cloudwatch: Fix issue with field calculation transform not working properly with Cloudwatch data (#28761) (#28775)
  * Plugin page: Fix dom validation warning (#28737) (#28741)
  * Dashboard: fix view panel mode for Safari / iOS (#28702) (#28755)
  * Fix typo in unsigned plugin warning (#28709) (#28722)
  * TableFilters: Fixes filtering with field overrides (#28690) (#28727)
  * Templating: Speeds up certain variable queries for Postgres, MySql and MSSql (#28686) (#28726)
  * Prometheus: Fix copy paste behaving as cut and paste (#28622) (#28691)

rhnlib:

- Require missing python-backports.ssl_match_hostname on SLE 11 (bsc#1183959)

spacecmd:

- Handle SIGPIPE without user-visible Exception (bsc#1181124)

spacewalk-client-tools:

- Fallback to sysfs when reading info from python-dmidecode fails (bsc#1182603)
- Log an error when product detection failed (bsc#1182339)

supportutils-plugin-salt:

- Fix yaml.load() warnings and issues with Python versions (bsc#1178072) (bsc#1181474)
- Fix errors when collecting data for salt-minion (bsc#1131670) 

zypp-plugin-spacewalk:

- Support for 'allow vendor change' for patching/upgrading


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1234-1
Released:    Thu Apr 15 17:21:44 2021
Summary:     Recommended update for python-kiwi
Type:        recommended
Severity:    moderate
References:  1178670,1182211,1182264,1182963,1183059
This update for python-kiwi fixes the following issues:

Upgrade from version 9.23.19 to  version 9.23.20
  
- Require `qemu-img` in any filesystem based image.
  Move the qemu-img requirement into the `kiwi-systemdeps-filesystems` 
  to ensure ISO, OEM and PXE images include it in the build service. 
  This is also required for images that are simple root-trees in a filesystem `(image=ext4)`.
- Add a requirement for `kiwi-systemdeps-iso-media` on disk images.
  Add a requirement for `kiwi-systemdeps-iso-media` in `kiwi-systemdeps-disk-images`. 
  This is to ensure that installing `kiwi-systemdeps-disk-images` is enough to build OEM 
  images including install media.
- Turn `fb-util-for-appx` requirement into a recommendation.
  Relax the requirement for `fb-util-for-appx` since the utiliy is not part of all 
  SUSE Linux Enterprise 15 Service Packs.
- Refactor grub2 installation. (bsc#1182211)
  Split the installation in two parts. Former `grub2.install` method was meant to run the 
  `grub2-install` tool, however, in addition it was also running the secure boot installation `shim-install`.
  The install method in `KIWI` is skipped for those architectures and firmware combinations for which 
  bios support doesn't exist. This was leading to skip the secure boot installation.
  The current approach strips the secure boot installation logic from the `grub2.install` method, 
  so skipping the install method does not automatically result in skipping the secure boot installation.
- Fix `lsblk` flags to get sorted output (bsc#1182264, bsc#1182963, bsc#1183059)
  Modify the `lsblk` command flags to get a sorted output according to the disk layout.
- Avoid using generators in `pre-mount` hooks (bsc#1178670)
  Delete the generator that was creating the `sysroot.mount` unit for ramdisk deployments. 
  Generators, specially the `sysroot.mount` is expected to be created on very early stages of the boot 
  procedure as this has impact on relevant targets such as `initrd-root-fs.target`, which does not depend on 
  `sysroot.mount` if the unit is not there.
  In ramdisk deployments some data is known on pre-mount stage as it is downloaded from the PXE server. 
  At this stage it is not safe to generate a `sysroot.mount` unit that depends on `initrd-root-fs.target` as
  the target is close to finalize or even finalized already and could potentially skip `sysroot.mount` exection.
  Instead include a mount hook which is only executed on ramdisk deployments that simply runs the mount 
  command to mount `/sysroot`.
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1236-1
Released:    Fri Apr 16 08:13:51 2021
Summary:     Recommended update for tcsh
Type:        recommended
Severity:    important
References:  1179316
This update for tcsh fixes the following issues:

- Fixed an issue, where the history file continued growing, leading to csh processes
  consuming 100% of the CPU (bsc#1179316)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1280-1
Released:    Tue Apr 20 14:34:19 2021
Summary:     Security update for ruby2.5
Type:        security
Severity:    moderate
References:  1184644,CVE-2021-28965
This update for ruby2.5 fixes the following issues:

- Update to 2.5.9
- CVE-2021-28965: XML round-trip vulnerability in REXML (bsc#1184644)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1282-1
Released:    Tue Apr 20 14:47:17 2021
Summary:     Security update for apache-commons-io
Type:        security
Severity:    moderate
References:  1184755,CVE-2021-29425
This update for apache-commons-io fixes the following issues:

- CVE-2021-29425: Limited path traversal when invoking the method FileNameUtils.normalize with an improper input string (bsc#1184755)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1289-1
Released:    Wed Apr 21 14:02:46 2021
Summary:     Recommended update for gzip
Type:        recommended
Severity:    moderate
References:  1177047
This update for gzip fixes the following issues:

- Fixed a potential segfault when zlib acceleration is enabled (bsc#1177047)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1291-1
Released:    Wed Apr 21 14:04:06 2021
Summary:     Recommended update for mpfr
Type:        recommended
Severity:    moderate
References:  1141190
This update for mpfr fixes the following issues:

- Fixed an issue when building for ppc64le (bsc#1141190)

Technical library fixes:

- A subtraction of two numbers of the same sign or addition of two numbers of different signs
  can be rounded incorrectly (and the ternary value can be incorrect) when one of the two
  inputs is reused as the output (destination) and all these MPFR numbers have exactly
  GMP_NUMB_BITS bits of precision (typically, 32 bits on 32-bit machines, 64 bits on 64-bit
  machines).
- The mpfr_fma and mpfr_fms functions can behave incorrectly in case of internal overflow or
  underflow.
- The result of the mpfr_sqr function can be rounded incorrectly in a rare case near underflow
  when the destination has exactly GMP_NUMB_BITS bits of precision (typically, 32 bits on
  32-bit machines, 64 bits on 64-bit machines) and the input has at most GMP_NUMB_BITS bits
  of precision.
- The behavior and documentation of the mpfr_get_str function are inconsistent concerning the
  minimum precision (this is related to the change of the minimum precision from 2 to 1 in
  MPFR 4.0.0). The get_str patch fixes this issue in the following way: the value 1 can now be
  provided for n (4th argument of mpfr_get_str); if n = 0, then the number of significant digits
  in the output string can now be 1, as already implied by the documentation (but the code was
  increasing it to 2).
- The mpfr_cmp_q function can behave incorrectly when the rational (mpq_t) number has a null
  denominator.
- The mpfr_inp_str and mpfr_out_str functions might behave incorrectly when the stream is a
  null pointer: the stream is replaced by stdin and stdout, respectively. This behavior is
  useless, not documented (thus incorrect in case a null pointer would have a special meaning),
  and not consistent with other input/output functions.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1307-1
Released:    Fri Apr 23 09:15:01 2021
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    important
References:  1184960,CVE-2021-23961,CVE-2021-23994,CVE-2021-23995,CVE-2021-23998,CVE-2021-23999,CVE-2021-24002,CVE-2021-29945,CVE-2021-29946
This update for MozillaFirefox fixes the following issues:

- Firefox was updated to 78.10.0 ESR (bsc#1184960)
  * CVE-2021-23994: Out of bound write due to lazy initialization
  * CVE-2021-23995: Use-after-free in Responsive Design Mode
  * CVE-2021-23998: Secure Lock icon could have been spoofed
  * CVE-2021-23961: More internal network hosts could have been probed by a malicious webpage
  * CVE-2021-23999: Blob URLs may have been granted additional privileges
  * CVE-2021-24002: Arbitrary FTP command execution on FTP servers using an encoded URL
  * CVE-2021-29945: Incorrect size computation in WebAssembly JIT could lead to null-reads
  * CVE-2021-29946: Port blocking could be bypassed

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1313-1
Released:    Mon Apr 26 09:12:07 2021
Summary:     Security update for python-aiohttp
Type:        security
Severity:    important
References:  1184745,CVE-2021-21330
This update for python-aiohttp fixes the following issues:

- CVE-2021-21330: Fixed the way pure-Python HTTP parser interprets `//` (bsc#1184745)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1320-1
Released:    Mon Apr 26 15:07:58 2021
Summary:     Recommended update for xorg-x11-server
Type:        recommended
Severity:    moderate
References:  1184072,1184543
This update for xorg-x11-server fixes the following issues:

- Fixed a crash that might occur when talking to Xwayland (bsc#1184072, bsc#1184543)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1327-1
Released:    Tue Apr 27 13:41:31 2021
Summary:     Recommended update for sapstartsrv-resource-agents
Type:        recommended
Severity:    moderate
References:  1183969
This update for sapstartsrv-resource-agents fixes the following issues:

- sapping.service does no longer run a second time after a restart/start of corosync (bsc#1183969)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1335-1
Released:    Tue Apr 27 17:01:57 2021
Summary:     Recommended update for hawk2
Type:        recommended
Severity:    important
References:  1184274
This update for hawk2 fixes the following issue:

Update to version 2.6.4:

- Fix the wizards User Interface and show it.(bsc#1184274)
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1405-1
Released:    Wed Apr 28 15:09:07 2021
Summary:     Recommended update for brp-check-suse
Type:        recommended
Severity:    moderate
References:  1184555
This update for brp-check-suse fixes the following issues:

- Add patch to implement fipscheck. (bsc#1184555)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1409-1
Released:    Wed Apr 28 16:32:50 2021
Summary:     Security update for giflib
Type:        security
Severity:    low
References:  1184123
This update for giflib fixes the following issues:

- Enable Position Independent Code and inherit CFLAGS from the build system (bsc#1184123).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1414-1
Released:    Wed Apr 28 18:32:11 2021
Summary:     Recommended update for boost-legacy
Type:        recommended
Severity:    important
References:  1006584,1038083,1076640,1082318,1175886,401964,439805,457699,461372,477603,479659,544958,621140,655747,714373,765443,951902,958150,994378,994381,994382,994383,996917,CVE-2008-0171
This update for boost-legacy fixes the following issues:


Create a new boost-legacy package with version 1.66.0. (bsc#1175886, jsc#SLE-17304, jsc#ECO-3147)

- Remove duplicate license package that we get from original Boost
- Add a backport of `Boost.Optional::has_value()` for LibreOffice
- Use `%license` instead of `%doc` (bsc#1082318)
- Multibuild requires versioned `Name: tag` . (bsc#1076640)

Changes in version 1.66.0:

- `Beast`: new portable HTTP, WebSocket and network operations using `Boost.Asio`. Header-only library.
- `Callable Traits`: new library and successor to `Boost.FunctionTypes`. Header-only library.
- `Mp11:` new metaprogramming library 
- ` Asio`:
   - implemented interface changes to reflect the Networking TS (N4656)
   - functions and classes that have been superseded by Networking TS functionality have been deprecated.
   - added support for customized handler tracking
   - removed previously deprecated functions
- `Atomic`: improved compatibility with GCC 7. 128-bit operations on `x86_64` no longer require linking 
   with compiled library.
- `DateTime`: Fixed an integral overflow that could cause incorrect results when adding or subtracting 
   many years from a date.
- `Format`: New format specifiers added and volatile arguments can not be safely used with operator`%`
- `Fusion`:
   - fix compile error with `std::array`
   - remove circular preprocessor include
- `PolyCollection`: backported to GCC 4.8 and 4.9 with some limitations
- `Uuid`: added `RTF-4122` namespaces in `boost::uuids::ns`
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1416-1
Released:    Thu Apr 29 06:19:16 2021
Summary:     Recommended update for kyotocabinet
Type:        recommended
Severity:    low
References:  1185033
This update for kyotocabinet fixes the following issues:

- Proactive fix for a hardening making 'kyotokabinet' in SLE as position independent executable. (bsc#1185033)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1417-1
Released:    Thu Apr 29 06:19:47 2021
Summary:     Recommended update for ntp
Type:        recommended
Severity:    moderate
References:  1185171
This update for ntp fixes the following issues:

- Use '/run' instead of '/var/run' for PIDFile in 'ntpd.service'. (bsc#1185171)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1424-1
Released:    Thu Apr 29 06:22:32 2021
Summary:     Recommended update for openslp
Type:        recommended
Severity:    moderate
References:  1166637,1184008
This update for openslp fixes the following issues:

- Added automated active discovery retries so that DAs do not get dropped, if they are
  not reachable for some time (bsc#1166637, bsc#1184008)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1427-1
Released:    Thu Apr 29 06:24:32 2021
Summary:     Recommended update for scap-security-guide
Type:        recommended
Severity:    moderate
References:  
This update for scap-security-guide fixes the following issues:

This update ships the ComplianceAsCode build version 0.1.55+git
containing the following supported file:

- SCAP STIG automation for SUSE Linux Enterprise 12 (SUSE supplied, more rules added compared to 0.1.54)
- SCAP STIG automation for SUSE Linux Enterprise 15 (SUSE supplied, new, first rules added)
- CIS automation for SUSE Linux Enterprise 15 (community supplied)

It can be evaluated using 'oscap' from 'openscap-utils', e.g. by doing on SUSE Linux Enterprise 12:

- oscap xccdf eval --profile stig /usr/share/xml/scap/ssg/content/ssg-sle12-ds.xml

On SUSE Linux Enterprise 15:

- oscap xccdf eval --profile stig /usr/share/xml/scap/ssg/content/ssg-sle15-ds.xml

or the community supplied CIS on SUSE Linux Enterprise 15:

- oscap xccdf eval --profile cis /usr/share/xml/scap/ssg/content/ssg-sle15-ds.xml

More content will be added in future updates.


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1432-1
Released:    Thu Apr 29 10:06:47 2021
Summary:     Security update for MozillaThunderbird
Type:        security
Severity:    important
References:  1184960,CVE-2021-23961,CVE-2021-23994,CVE-2021-23995,CVE-2021-23998,CVE-2021-23999,CVE-2021-24002,CVE-2021-29945,CVE-2021-29946,CVE-2021-29948
This update for MozillaThunderbird fixes the following issues:

- Firefox was updated to 78.10.0 ESR (bsc#1184960)
  * CVE-2021-23994: Out of bound write due to lazy initialization
  * CVE-2021-23995: Use-after-free in Responsive Design Mode
  * CVE-2021-23998: Secure Lock icon could have been spoofed
  * CVE-2021-23961: More internal network hosts could have been probed by a malicious webpage
  * CVE-2021-23999: Blob URLs may have been granted additional privileges
  * CVE-2021-24002: Arbitrary FTP command execution on FTP servers using an encoded URL
  * CVE-2021-29945: Incorrect size computation in WebAssembly JIT could lead to null-reads
  * CVE-2021-29946: Port blocking could be bypassed	  
  * CVE-2021-29948: Race condition when reading from disk while verifying signatures

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1448-1
Released:    Fri Apr 30 08:08:17 2021
Summary:     Recommended update for pidentd
Type:        recommended
Severity:    moderate
References:  1185070
This update for pidentd fixes the following issues:

- Use '/run' instead of '/var/run'. (bsc#1185070)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1449-1
Released:    Fri Apr 30 08:08:25 2021
Summary:     Recommended update for systemd-presets-branding-SLE
Type:        recommended
Severity:    moderate
References:  1165780
This update for systemd-presets-branding-SLE fixes the following issues:

- Don't enable 'btrfsmaintenance-refresh.service', 'btrfsmaintenance' is managed by systemd-presets-common-SUSE instead. (bsc#1165780)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1451-1
Released:    Fri Apr 30 08:08:45 2021
Summary:     Recommended update for dhcp
Type:        recommended
Severity:    moderate
References:  1185157
This update for dhcp fixes the following issues:

- Use '/run' instead of '/var/run' for PIDFile in 'dhcrelay.service'. (bsc#1185157)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1454-1
Released:    Fri Apr 30 09:22:26 2021
Summary:     Security update for cups
Type:        security
Severity:    important
References:  1184161,CVE-2021-25317
This update for cups fixes the following issues:

- CVE-2021-25317: ownership of /var/log/cups could allow privilege escalation from lp user to root via symlink attacks (bsc#1184161)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1462-1
Released:    Fri Apr 30 14:54:23 2021
Summary:     Recommended update for cloud-init
Type:        recommended
Severity:    moderate
References:  1181283,1184085
This update for cloud-init fixes the following issues:

- Fixed an issue, where the bonding options were wrongly configured in SLE and openSUSE (bsc#1184085)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1476-1
Released:    Tue May  4 13:58:52 2021
Summary:     Recommended update for cups-filters
Type:        recommended
Severity:    moderate
References:  1182893
This update for cups-filters fixes the following issues:

- Fixed an issue when 'foomatic-rip-Filter' crashes. (bsc#1182893)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1478-1
Released:    Tue May  4 14:05:38 2021
Summary:     Recommended update for libhugetlbfs
Type:        recommended
Severity:    moderate
References:  1184123
This update for libhugetlbfs fixes the following issues:

- Hardening: Link as PIE (bsc#1184123)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1487-1
Released:    Tue May  4 15:31:45 2021
Summary:     Recommended update for python-yarl
Type:        recommended
Severity:    moderate
References:  
This update for python-yarl contains the following fixes:

- Fix python-yarl to build with new python3 version.

- Allows mixing amps and semicolons in query strings as separators over previous changes.


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1489-1
Released:    Tue May  4 17:10:15 2021
Summary:     Security update for openexr
Type:        security
Severity:    important
References:  1184353,1184354,1184355,1185216,1185217,CVE-2021-20296,CVE-2021-23215,CVE-2021-26260,CVE-2021-3477,CVE-2021-3479
This update for openexr fixes the following issues:

- CVE-2021-23215: Fixed an integer-overflow in Imf_2_5:DwaCompressor:initializeBuffers (bsc#1185216).
- CVE-2021-26260: Fixed an Integer-overflow in Imf_2_5:DwaCompressor:initializeBuffers (bsc#1185217).
- CVE-2021-20296: Fixed a  Null Pointer dereference in Imf_2_5:hufUncompress (bsc#1184355).
- CVE-2021-3477: Fixed a Heap-buffer-overflow in Imf_2_5::DeepTiledInputFile::readPixelSampleCounts (bsc#1184353).
- CVE-2021-3479: Fixed an Out-of-memory caused by allocation of a very large buffer (bsc#1184354).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1491-1
Released:    Tue May  4 17:11:03 2021
Summary:     Security update for p7zip
Type:        security
Severity:    moderate
References:  1184699,CVE-2021-3465
This update for p7zip fixes the following issues:

- CVE-2021-3465: Fixed a NULL pointer dereference in NCompress:CCopyCoder:Code (bsc#1184699)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1532-1
Released:    Thu May  6 15:32:21 2021
Summary:     Recommended update for python-shaptools
Type:        recommended
Severity:    moderate
References:  1185090
This update for python-shaptools fixes the following issues:

- Fix the HANA 'sidadm' user creation to transform to lowercase properly. (bsc#1185090)  

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1533-1
Released:    Thu May  6 17:04:28 2021
Summary:     Recommended update for google-guest-agent, google-guest-configs, google-guest-oslogin, google-osconfig-agent
Type:        recommended
Severity:    moderate
References:  1174304,1174306,1175740,1175741,1179031,1179032,1180304,1182793,1183414,1183415
This update for google-guest-agent, google-guest-configs, google-guest-oslogin, google-osconfig-agent contains the following fixes:

Changes in google-guest-agent:
- Update to version 20210223.01 (bsc#1183414, bsc#1183415)
  * add a match block to sshd_config for SAs (#99)
  * add ipv6 forwarded ip support (#101)
  * call restorecon on ssh host keys (#98)
  * Include startup and shutdown in preset (#96)
  * set metadata URL earlier (#94)
- Fix activation logic of systemd services (bsc#1182793)

- Update to version 20201211.00
  * Require snapshot scripts to live under /etc/google/snapshots (#90)
  * Adding support for Windows user account password lengths
    between 15 and 255 characters. (#91)
  * Adding bkatyl to OWNERS (#92)

Changes in google-guest-configs:
- Update to version 20210317.00 (bsc#1183414, bsc#1183415)
  * dracut.conf wants spaces around values (#19)
  * make the same change for debian (#18)
  * change path back for google_nvme_id (#17)
  * move google_nvme_id to /usr/bin (#16)
  * correct udev rule syntax (#15)
  * prune el6 spec (#13)
  * Updated udev rules (#11)
- Remove empty %{_sbindir} from %install and %files section

- Remove service files (bsc#1180304)
  + google-optimize-local-ssd.service, google-set-multiqueue.service
    scripts are called from within the guest agent

Changes in google-guest-oslogin:
- Update to version 20210316.00 (bsc#1183414, bsc#1183415)
  * call correct function in pwenthelper (#53)

- Update to version 20210108.00
  * Update logic in the cache_refresh binary (#52)
  * remove old unused workflow files (#49)

  * add getpwnam,getpwuid,getgrnam,getgrgid (#42)
  * Change requires to not require the python library for policycoreutils. (#44)
  * add dial and recvline (#41)
  * PR feedback
  * new client component and tests

Changes in google-osconfig-agent:

- Update to version 20210316.00 (bsc#1183414, bsc#1183415)
  * call correct function in pwenthelper (#53)

- Update to version 20210108.00
  * Update logic in the cache_refresh binary (#52)
  * remove old unused workflow files (#49)

- Update to version 20200925.00 (bsc#1179031, bsc#1179032)
  * add getpwnam,getpwuid,getgrnam,getgrgid (#42)
  * Change requires to not require the python library for policycoreutils. (#44)
  * add dial and recvline (#41)
  * PR feedback
  * new client component and tests

- Update to version 20200819.00 (bsc#1175740, bsc#1175741)
  * deny non-2fa users (#37)
  * use asterisks instead (#39)
  * set passwords to ! (#38)
  * correct index 0 bug (#36)
  * Support security key generated OTP challenges. (#35)

- No post action for ssh

- Initial build (bsc#1174304, bsc#1174306, jsc#ECO-2099, jsc#PM-1945)
  + Version 20200507.00
  + Replaces google-compute-engine-oslogin package
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1535-1
Released:    Thu May  6 17:05:42 2021
Summary:     Recommended update for spamassassin
Type:        recommended
Severity:    low
References:  1185184
This update for spamassassin fixes the following issues:

- Deprecated path '/var/run/' used in systemd-services (bsc#1185184) 

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1536-1
Released:    Thu May  6 17:05:59 2021
Summary:     Recommended update for dovecot
Type:        recommended
Severity:    moderate
References:  1185074
This update for dovecot fixes the following issues:

- Using /run instead of /var/run which was deprecated (bsc#1185074)
- The home directories of the internal users was moved from /var/run/dovecot
  to /run/dovecot as well.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1543-1
Released:    Fri May  7 15:16:33 2021
Summary:     Recommended update for patterns-microos
Type:        recommended
Severity:    moderate
References:  1184435
This update for patterns-microos provides the following fix:

- Require the libvirt-daemon-qemu package and include the needed dependencies in the
  product. (bsc#1184435)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1549-1
Released:    Mon May 10 13:48:00 2021
Summary:     Recommended update for procps
Type:        recommended
Severity:    moderate
References:  1185417
This update for procps fixes the following issues:

- Support up to 2048 CPU as well. (bsc#1185417)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1554-1
Released:    Tue May 11 09:43:41 2021
Summary:     Security update for java-11-openjdk
Type:        security
Severity:    important
References:  1184606,1185055,1185056,CVE-2021-2161,CVE-2021-2163
This update for java-11-openjdk fixes the following issues:

- Update to upstream tag jdk-11.0.11+9 (April 2021 CPU)
  * CVE-2021-2163: Fixed incomplete enforcement of JAR signing disabled algorithms (bsc#1185055)
  * CVE-2021-2161: Fixed incorrect handling of partially quoted arguments in ProcessBuilder (bsc#1185056)
- moved mozilla-nss dependency to java-11-openjdk-headless package, this is necessary to be able to do crypto 
  with just java-11-openjdk-headless installed (bsc#1184606).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1562-1
Released:    Tue May 11 11:12:51 2021
Summary:     Recommended update for amazon-ecs-init
Type:        recommended
Severity:    moderate
References:  1182343,1182344
This update for amazon-ecs-init contains the following fixes:

- Fix for an issue where no restart happens when ECS Agent exits with exit code 5 (bsc#1182343, bsc#1182344)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1563-1
Released:    Tue May 11 11:16:00 2021
Summary:     Recommended update for maven
Type:        recommended
Severity:    moderate
References:  1184022
This update for systemtap fixes the following issues:

- Releasing maven for SLE-15 SP1 and SP2. (bsc#1184022) 

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1570-1
Released:    Wed May 12 11:59:39 2021
Summary:     Recommended update for python-paramiko
Type:        recommended
Severity:    moderate
References:  1178341
This update for python-paramiko fixes the following issue:

- Do not use deprecated methods. SUSE Linux Enterprise 15-SP1 and newer have `python-cryptography 2.8`. (bsc#1178341)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1583-1
Released:    Wed May 12 13:40:35 2021
Summary:     Recommended update for sensors
Type:        recommended
Severity:    moderate
References:  1185183
This update for sensors fixes the following issues:

- Change PIDFile path from '/var/run' to '/run' as the it is deprecated. (bsc#1185183)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1587-1
Released:    Wed May 12 13:43:48 2021
Summary:     Recommended update for cloud-regionsrv-client
Type:        recommended
Severity:    moderate
References:  1182779,1185198,1185234
This update for cloud-regionsrv-client fixes the following issues:

- Added a fix when the zypper lock is acquired by another process. In that case cloud-regionsrv-client
  will now wait up to 30 seconds for that lock to be freed (bsc#1182779, bsc#1185234, bsc#1185198)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1588-1
Released:    Wed May 12 13:44:31 2021
Summary:     Recommended update for python3-azuremetadata
Type:        recommended
Severity:    moderate
References:  1172581,1184720
This update for python3-azuremetadata fixes the following issues:

- Fixed an issue where SUSEConnect was unable to set cloud_provider when registering
  an instance the first time (bsc#1172581)
- When querying the metdata server for access verification via a proxy, the wrong
  data was delivered. This has been fixed (bsc#1184720)

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2021:1591-1
Released:    Wed May 12 13:46:23 2021
Summary:     Optional update for apache2-mod_auth_openidc
Type:        optional
Severity:    low
References:  
This update for apache2-mod_auth_openidc fixes the following issues:

- Avoid pulling hiredis-devel during build time (jsc#SLE-11726)

This patch is optional to install and does not address any user visible issues.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1599-1
Released:    Thu May 13 13:15:20 2021
Summary:     Security update for ipvsadm
Type:        security
Severity:    low
References:  1184988
This update for ipvsadm fixes the following issues:

- Hardening: link as position independent executable (bsc#1184988).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1601-1
Released:    Thu May 13 16:34:34 2021
Summary:     Recommended update for brp-check-suse
Type:        recommended
Severity:    moderate
References:  1184555
This update for brp-check-suse fixes the following issues:

- Make sure all brp-scripts are actually executable.  (bsc#1184555)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1603-1
Released:    Thu May 13 16:35:55 2021
Summary:     Recommended update for gssproxy
Type:        recommended
Severity:    low
References:  1185161
This update for gssproxy fixes the following issues:

- Using now /run instead of /var/run for daemon PID files (bsc#1185161)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1604-1
Released:    Thu May 13 16:36:13 2021
Summary:     Recommended update for autofs
Type:        recommended
Severity:    low
References:  1185155
This update for autofs fixes the following issues:

- Changed pidfile path to /run from /var/run (bsc#1185155)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1618-1
Released:    Mon May 17 13:11:28 2021
Summary:     Recommended update for llvm7 and libqt5-qttools
Type:        recommended
Severity:    moderate
References:  1067478,1109367,1145085,1184920
This update for llvm7 and libqt5-qttools fixes the following issues:

libqt5-qttools:

- Use `libclang` instead of `clang`, now that `llvm7` moved the header files to `libclang` (bsc#1109367, bsc#1184920)

llvm7:

- Remove unneeded and unused dependencies:
  - groff, bison, flex, jsoncpp

- Devel packages are only required in other devel packages, when their headers are included in the installed headers.
- Skip a test that is broken with 387 FPU registers and avoids check failure on i586. (bsc#1145085)
- Link `libomp` with `atomic` if needed and fix build using gcc-4.8. (bsc#1145085)
- Make build of `gnustep-libobjc2` package reproducible. (bsc#1067478)
- Remove `-fno-strict-aliasing` which upstream doesn't use any more.
- Package `clang` builtin headers with `libclang`. (bsc#1109367)

  - The library is unusable without the builtin headers. Currently consumers of `libclang` have to require `clang` 
  as well, although only the headers are needed. 

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1641-1
Released:    Wed May 19 13:48:59 2021
Summary:     Security update for djvulibre
Type:        security
Severity:    important
References:  1185895,1185900,1185904,1185905,CVE-2021-32490,CVE-2021-32491,CVE-2021-32492,CVE-2021-32493
This update for djvulibre fixes the following issues:

- CVE-2021-32490 [bsc#1185895]: Out of bounds write in function DJVU:filter_bv() via crafted djvu file
- CVE-2021-32491 [bsc#1185900]: Integer overflow in function render() in tools/ddjvu via crafted djvu file
- CVE-2021-32492 [bsc#1185904]: Out of bounds read in function DJVU:DataPool:has_data() via crafted djvu file
- CVE-2021-32493 [bsc#1185905]: Heap buffer overflow in function DJVU:GBitmap:decode() via crafted djvu file

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1643-1
Released:    Wed May 19 13:51:48 2021
Summary:     Recommended update for pam
Type:        recommended
Severity:    important
References:  1181443,1184358,1185562
This update for pam fixes the following issues:

- Fixed a bug, where the 'unlimited'/'-1' value was not interpreted correctly (bsc#1181443)
- Fixed a bug, where pam_access interpreted the keyword 'LOCAL' incorrectly, leading to
  an attempt to resolve it as a hostname (bsc#1184358)
- In the 32-bit compatibility package for 64-bit architectures, require 'systemd-32bit' to be also installed as it contains pam_systemd.so for 32 bit applications. (bsc#1185562)


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1660-1
Released:    Wed May 19 18:46:53 2021
Summary:     Recommended update for python-kiwi
Type:        recommended
Severity:    moderate
References:  
This update for python-kiwi fixes the following issues:

- Fix appx manifest for WSL containers
  
  This patch is two fold
  
  * This commit prevents KIWI from setting Identity Name attribute and
    DisplayName and PublisherDisplayName elements.
    Fixes #1780
    
  * Fix WSL appx filemap relative paths not preserved
    During WSL appx image type creation step the file hierarchy under
    metadata_path is written to a temporary file for eventual use as
    argument to utility appx. The file hierarchy information is dropped
    resulting in all filemap entries appearing to be at the metadata_path
    root. The resulting image will side load and run but without icon and
    other resources. Stricter checks at Windows Store submission will
    fail due to mismatch between image manifest and contents.
    Fix by preserving relative path of filemap entries relative
    to metadata_path. Add log output showing both input absolute path
    and output relative path. (jsc#SLE-12986)
    
- Recommend kiwi-systemdeps-containers
  
  This commit recommends 'kiwi-systemdeps-containers' instead of a hard
  requirement in kiwi-systemdeps package for SLE builds. This is needed
  because the containers tool chain is spread in different SLE modules.
  

  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1662-1
Released:    Wed May 19 22:24:31 2021
Summary:     Recommended update for saphanabootstrap-formula
Type:        recommended
Severity:    moderate
References:  1185090
This update for saphanabootstrap-formula fixes the following issues:

- Fix the HANA sidadm usage to transform to lowercase some states managing the sudoers file in ha_cluster.sls state file. (bsc#1185090)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1663-1
Released:    Wed May 19 22:25:14 2021
Summary:     Recommended update for drbd-formula
Type:        recommended
Severity:    moderate
References:  1179529
This update for drbd-formula fixes the following issues:

- Support different backing device per node. (bsc#1179529)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1664-1
Released:    Thu May 20 08:03:30 2021
Summary:     Security update for libass
Type:        security
Severity:    moderate
References:  1184153,CVE-2020-24994
This update for libass fixes the following issues:

- CVE-2020-24994: Fixed a stack overflow in the parse_tag (bsc#1184153).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1675-1
Released:    Thu May 20 15:00:23 2021
Summary:     Recommended update for snappy
Type:        recommended
Severity:    moderate
References:  1080040,1184507
This update for snappy fixes the following issues:

Update from version 1.1.3 to 1.1.8

- Small performance improvements.
- Removed `snappy::string` alias for `std::string`.
- Improved `CMake` configuration.
- Improved packages descriptions.
- Fix RPM groups.
- Aarch64 fixes
- PPC speedups
- PIE improvements
- Fix license install. (bsc#1080040)
- Fix a 1% performance regression when snappy is used in PIE executable.
- Improve compression performance by 5%.
- Improve decompression performance by 20%.
- Use better download URL.
- Fix a build issue for tensorflow2. (bsc#1184507)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1677-1
Released:    Thu May 20 15:29:32 2021
Summary:     Recommended update for purge-kernels-service
Type:        recommended
Severity:    low
References:  1184399
This update for purge-kernels-service fixes the following issues:

- Add 'ZYPP_LOCK_TIMEOUT=-1' to keep waiting for the lock to avoid possible conflict with other background services uding zypper. (bsc#1184399)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1678-1
Released:    Thu May 20 15:30:01 2021
Summary:     Recommended update for prometheus-ha_cluster_exporter
Type:        recommended
Severity:    moderate
References:  1184422
This update for prometheus-ha_cluster_exporter fixes the following issues:

- Add parsing of the `crm_config` node in the CIB parser.
- Update the minimum required Go version to 1.14.
- Avoid duplicate metric recording errors for non-running OCFS resources. (bsc#1184422)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1679-1
Released:    Thu May 20 15:31:35 2021
Summary:     Recommended update for ddclient
Type:        recommended
Severity:    moderate
References:  1185069
This update for ddclient fixes the following issues:

- As '/var/run' is deprecated, replaced by '/run' in 'ddclient-tmpfiles.conf' (bsc#1185069)
- Systemd expects the PID file to exist as soon as the main process exists. However, it takes quite a while until the pid file is created by the daemon process, so we delay the main process for 1 second before exit()ing. This gets rid of an annoying warning message in 'systemctl status'.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1681-1
Released:    Thu May 20 16:49:23 2021
Summary:     Recommended update for sapstartsrv-resource-agents
Type:        recommended
Severity:    moderate
References:  1185152
This update for sapstartsrv-resource-agents fixes the following issues:

- Remove deprecated option 'syslog' from the 'sapping.service' and 'sappong.service' files. (bsc#1185152)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1698-1
Released:    Fri May 21 19:46:59 2021
Summary:     Recommended update for SAPHanaSR-ScaleOut
Type:        recommended
Severity:    moderate
References:  1144442,1182115,1182545
This update for SAPHanaSR-ScaleOut fixes the following issues:

- The resource start and stop timeout is now configurable by increasing the timeout for the action 'start' and/or 'stop'. (bsc#1182545)
- Add return codes for saphana_stop and saphana_StopSystem. (bsc#1182115)
- Man page SAPhanaSR-ScaleOut minor mistakes. (bsc#1144442)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1700-1
Released:    Mon May 24 16:39:35 2021
Summary:     Recommended update for google-guest-agent, google-guest-oslogin, google-osconfig-agent
Type:        recommended
Severity:    moderate
References:  1185848,1185849
This update for google-guest-agent, google-guest-oslogin, google-osconfig-agent contains the following fixes:

- Update to version 20210414.00 (bsc#1185848, bsc#1185849)
  * start sshd (#106)
  * Add systemd-networkd.service restart dependency. (#104)
  * Update error message for handleHealthCheckRequest. (#105)

- Update to version 20210429.00 (bsc#1185848, bsc#1185849)
  * correct pagetoken in groupsforuser (#59)
  * resolve self groups last (#58)
  * support empty groups (#57)
  * no paginating to find groups (#56)
  * clear users vector (#55)
  * correct usage of pagetoken (#54)

- Update to version 20210506.00 (bsc#1185848, bsc#1185849)
  * Add more os policy assignment examples (#348)
  * e2e_tests: enable stable tests for OSPolicies (#347)
  * Align start and end task logs (#346)
  * ConfigTask: add additional info logs (#345)
  * e2e_tests: add validation tests (#344)
  * Config Task: make sure agent respects policy mode (#343)
  * update
  * e2e_tests: readd retries to OSPolicies
  * Set minWaitDuration as a string instead of object (#341)
  * e2e_tests: Fix a few SUSE tests (#339)
  * Remove pre-release flag from config (#340)
  * e2e_tests: fixup OSPolicy tests (#338)
  * e2e_tests: unlock mutex for CreatePolicies as soon as create finishes (#337)
  * e2e_tests: Don't retry failed OSPolicy tests, fix msi test (#336)
  * Examples for os policy assignments (#334)
  * e2e_tests: increase the deadline for OSPolicy tests and only start after a zone has been secured (#335)
  * Fix panic when installing MSI (#332)
  * e2e_tests: Add test cases of installing dbe, rpm and msi packages (#333)
  * e2e_tests: add more logging
  * e2e_tests: (#330)
  * e2e_test: Add timouts to OSPolicy tests so we don't wait forever (#329)
  * Create top level directories for gcloud and console for os policy assignment examples (#328)
  * e2e_tests: Move api from an internal directory (#327)
  * Make sure we use the same test name for reruns (#326)
  * Add CONFIG_V1 capability (#325)
  * e2e_tests: reduce size of instances, use pd-balanced, rerun failed tests once (#324)
  * Only report installed packages for dpkg (#322)
  * e2e_tests: fix windows package and repository tests (#323)
  * Add top level directories for os policy examples (#321)
  * e2e_tests: move to using inventory api for inventory reporting (#320)
  * e2e_tests: add ExecResource tests (#319)
  * ExecResource: make sure we set permissions correctly for downloaded files (#318)
  * Config task: only run post check on resources that have already been evaluated (#317)
  * e2e_test: reorganize OSPolicy tests to be per Resource type (#316)
  * Set custom user agent (#299)
  * e2e_tests: check InstanceOSPoliciesCompliance for each test case, add LocalPath FileResource test (#314)
  * PackageResource: make sure to run AptUpdate prior to package install (#315)
  * Fix bugs/add more logging for OSPolicies (#313)
  * Change metadata http client to ignore http proxies (#312)
  * e2e_test: add tests for FileResource (#311)
  * Add task_type context logging (#310)
  * Fix e2e_test typo (#309)
  * Fix e2e_tests (#308)
  * Disable OSPolicies by default since it is an unreleased feature (#307)
  * e2e_tests: Add more OSPolicies package and repo tests (#306)
  * Do not enforce repo_gpgcheck in guestpolicies (#305)
  * Gather inventory 3-5min after agent start (#303)
  * e2e_tests: add OSPolicies tests for package install (#302)
  * Add helpful error log if a service account is missing (#304)
  * OSPolicies: correct apt repo extension, remove yum/zypper gpgcheck override (#301)
  * Update cos library to parse new version of packages file (#300)
  * config_task: Rework config step logic (#296)
  * e2e_test: enable serial logs in cos to support ReportInventory test (#297)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1752-1
Released:    Tue May 25 13:26:10 2021
Summary:     Recommended update for expect
Type:        recommended
Severity:    moderate
References:  1172681,1183904,1184122
This update for expect fixes the following issues:

- Fixed an issue when expect in permanently open connection causes hanging for scripts. (bsc#1183904)
- pass explicit -pie flag to CFLAGS and hack `make` invocation so that
  /usr/bin/expect actually becomes a PIE binary. This is especially awkard
  since the expect build system implicitly passes -fPIC which breaks our
  gcc-PIE package, but does not pass -pie while linking the executable.
  Shared libraries are also not linked with -shared so we need to explicitly
  pass this, too, to avoid build breakage. (bsc#1184122)
- Add an unversioned symlink to make linking easier for applications that use libexpect without Tcl. (bsc#1172681)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1755-1
Released:    Tue May 25 13:29:57 2021
Summary:     Security update for libu2f-host
Type:        security
Severity:    moderate
References:  1124781,1128140,1184648,CVE-2018-20340,CVE-2019-9578
This update for libu2f-host fixes the following issues:

This update ships the u2f-host package (jsc#ECO-3687 bsc#1184648)

Version 1.1.10 (released 2019-05-15)

- Add new devices to udev rules.
- Fix a potentially uninitialized buffer (CVE-2019-9578, bsc#1128140)

Version 1.1.9 (released 2019-03-06)

- Fix CID copying from the init response, which broke compatibility with
some devices.

Version 1.1.8 (released 2019-03-05)

- Add udev rules
- Drop 70-old-u2f.rules and use 70-u2f.rules for everything
- Use a random nonce for setting up CID to prevent fingerprinting
- CVE-2019-9578: Parse the response to init in a more stable way to prevent
  leakage of uninitialized stack memory back to the device (bsc#1128140).

Version 1.1.7 (released 2019-01-08)

- Fix for trusting length from device in device init.
- Fix for buffer overflow when receiving data from device. (YSA-2019-01,
  CVE-2018-20340, bsc#1124781)
- Add udev rules for some new devices.

- Add udev rule for Feitian ePass FIDO 
  - Add a timeout to the register and authenticate actions.
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1759-1
Released:    Wed May 26 11:16:44 2021
Summary:     Security update for rubygem-actionpack-5_1
Type:        security
Severity:    important
References:  1185715,CVE-2021-22885
This update for rubygem-actionpack-5_1 fixes the following issues:

- CVE-2021-22885: Fixed possible information disclosure / unintended method execution in Action Pack (bsc#1185715).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1765-1
Released:    Wed May 26 12:36:38 2021
Summary:     Security update for libX11
Type:        security
Severity:    moderate
References:  1182506,CVE-2021-31535
This update for libX11 fixes the following issues:

- CVE-2021-31535: Fixed missing request length checks in libX11 (bsc#1182506).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1772-1
Released:    Wed May 26 17:21:45 2021
Summary:     Recommended update for motif
Type:        recommended
Severity:    moderate
References:  1184184
This update for motif fixes the following issues:

- Add patches to prevent the third party application crashing. (bsc#1184184)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1785-1
Released:    Thu May 27 16:44:19 2021
Summary:     Security update for postgresql13
Type:        security
Severity:    moderate
References:  1179945,1183118,1183168,1185924,1185925,1185926,CVE-2021-32027,CVE-2021-32028,CVE-2021-32029
This update for postgresql13 fixes the following issues:

- Upgrade to version 13.3:
- CVE-2021-32027: Fixed integer overflows in array subscripting calculations (bsc#1185924).
- CVE-2021-32028: Fixed mishandling of junk columns in INSERT ... ON CONFLICT ... UPDATE target lists (bsc#1185925).
- CVE-2021-32029: Fixed possibly-incorrect computation of UPDATE ... RETURNING outputs for joined cross-partition updates (bsc#1185926).

- Don't use %_stop_on_removal, because it was meant to be private and got removed from openSUSE. %_restart_on_update is also private, but still supported and needed for now (bsc#1183168).
- Re-enable build of the llvmjit subpackage on SLE, but it will only be delivered on PackageHub for now (bsc#1183118).
- Disable icu for PostgreSQL 10 (and older) on TW (bsc#1179945).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1794-1
Released:    Thu May 27 19:25:29 2021
Summary:     Recommended update for radvd
Type:        recommended
Severity:    moderate
References:  1185066
This update for radvd fixes the following issues:

- replace '/var/run' with '/run' in '/usr/lib/tmpfiles.d/radvd.conf' (bsc#1185066) 

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1797-1
Released:    Fri May 28 12:56:31 2021
Summary:     Recommended update for python-aliyun-img-utils, python-click-man, python-crcmod, python-oss2
Type:        recommended
Severity:    moderate
References:  1181995
This update for python-aliyun-img-utils, python-click-man, python-crcmod, python-oss2 fixes the following issues:


- Include in SLE-15 (bsc#1181995, jsc#ECO-3329, jsc#PM-2475)

- Cleanup spec file
- Use fdupes
- Do not bundle html doc
- singlespec auto-conversion
- Include in SLE 12 (FATE #316168)
- No need to use upstream tarball, download PyPI tarball instead
- Switch to github archive as the tests are not present on pypi version.
- Initial build

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1805-1
Released:    Mon May 31 15:34:37 2021
Summary:     Recommended update for amazon-ssm-agent and amazon-ecs-init
Type:        recommended
Severity:    moderate
References:  1186239,1186262
This update for amazon-ssm-agent and amazon-ecs-init fixes the following issues:

- Added support for Amazon ECS Anywhere (bsc#1186239, bsc#1186262)

The amazon-ssm-agent package provides a RELEASENOTES.md file with a more detailed list of all changes.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1806-1
Released:    Mon May 31 16:23:04 2021
Summary:     Security update for python-httplib2
Type:        security
Severity:    moderate
References:  1171998,1182053,CVE-2020-11078,CVE-2021-21240
This update for python-httplib2 fixes the following issues:

- Update to version 0.19.0 (bsc#1182053).
- CVE-2021-21240: Fixed regular expression denial of service via malicious header (bsc#1182053).
- CVE-2020-11078: Fixed unescaped part of uri where an attacker could change request headers and body (bsc#1182053).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1817-1
Released:    Tue Jun  1 10:09:53 2021
Summary:     Recommended update for google-poppins-fonts
Type:        recommended
Severity:    moderate
References:  1186642

This update of google-poppins-fonts releases it in a higher version than on SLES 15 SP2, 
to allow better migration and solve a openSUSE Leap 15.3 patch problem. (bsc#1186642)
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1826-1
Released:    Tue Jun  1 16:40:26 2021
Summary:     Security update for bind
Type:        security
Severity:    important
References:  1183453,1185073,CVE-2021-25214,CVE-2021-25215
This update for bind fixes the following issues:


- CVE-2021-25214: Fixed a broken inbound incremental zone update (IXFR) which could have caused named to terminate unexpectedly (bsc#1185345).
- CVE-2021-25215: Fixed an assertion check which could have failed while answering queries for DNAME records that required the DNAME to be processed to resolve itself (bsc#1185345).
- Switched from /var/run to /run (bsc#1185073)
- Hardening: Compiled binary with PIE flags to make it position independent

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1840-1
Released:    Wed Jun  2 16:29:28 2021
Summary:     Security update for xstream
Type:        security
Severity:    important
References:  1184372,1184373,1184374,1184375,1184376,1184377,1184378,1184379,1184380,1184796,1184797,CVE-2021-21341,CVE-2021-21342,CVE-2021-21343,CVE-2021-21344,CVE-2021-21345,CVE-2021-21346,CVE-2021-21347,CVE-2021-21348,CVE-2021-21349,CVE-2021-21350,CVE-2021-21351
This update for xstream fixes the following issues:

- Upgrade to 1.4.16
- CVE-2021-21351: remote attacker to load and execute arbitrary code (bsc#1184796)
- CVE-2021-21349: SSRF can lead to a remote attacker to request data from internal resources (bsc#1184797)
- CVE-2021-21350: arbitrary code execution (bsc#1184380)
- CVE-2021-21348: remote attacker could cause denial of service by consuming maximum CPU time (bsc#1184374)
- CVE-2021-21347: remote attacker to load and execute arbitrary code from a remote host (bsc#1184378)
- CVE-2021-21344: remote attacker could load and execute arbitrary code from a remote host (bsc#1184375)
- CVE-2021-21342: server-side forgery (bsc#1184379)
- CVE-2021-21341: remote attacker could cause a denial of service by allocating 100% CPU time (bsc#1184377)
- CVE-2021-21346: remote attacker could load and execute arbitrary code (bsc#1184373)
- CVE-2021-21345: remote attacker with sufficient rights could execute commands (bsc#1184372)
- CVE-2021-21343: replace or inject objects, that result in the deletion of files on the local host (bsc#1184376)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1841-1
Released:    Wed Jun  2 16:30:17 2021
Summary:     Security update for dhcp
Type:        security
Severity:    important
References:  1186382,CVE-2021-25217
This update for dhcp fixes the following issues:

- CVE-2021-25217: A buffer overrun in lease file parsing code can be used to exploit a common vulnerability shared by dhcpd and dhclient (bsc#1186382)

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2021:1847-1
Released:    Fri Jun  4 08:47:12 2021
Summary:     Optional update for bison
Type:        optional
Severity:    low
References:  1183777
This update for bison fixes the following issues:

- Fixed an issue when building bison for SUSE Linux Enterprise Server 15 SP3 (bsc#1183777)

This update does not fix any user visible issues, thus it is optional to install.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1848-1
Released:    Fri Jun  4 08:48:03 2021
Summary:     Recommended update for libraw
Type:        recommended
Severity:    low
References:  1184123
This update for libraw fixes the following issues:

- Hardening: Link as PIE (bsc#1184123)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1849-1
Released:    Fri Jun  4 08:48:14 2021
Summary:     Recommended update for fltk
Type:        recommended
Severity:    low
References:  1184122
This update for fltk fixes the following issues:

- Hardening: Removed non position independent binaries (bsc#1184122)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1850-1
Released:    Fri Jun  4 08:48:41 2021
Summary:     Recommended update for doxygen
Type:        recommended
Severity:    low
References:  1184122
This update for doxygen fixes the following issues:

- Hardeing: Removed non-PIE binaries (bsc#1184122)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1852-1
Released:    Fri Jun  4 08:49:00 2021
Summary:     Recommended update for libstoragemgmt
Type:        recommended
Severity:    low
References:  1185067
This update for libstoragemgmt fixes the following issues:

- Moved from /var/run to /run because of deprecation warnings (bsc#1185067)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1853-1
Released:    Fri Jun  4 08:49:13 2021
Summary:     Recommended update for exfatprogs
Type:        recommended
Severity:    moderate
References:  1184882
This update for exfatprogs fixes the following issue:

-  Make `set_bit_le()` 64-bit compatible. (bsc#1184882)

   bitmap data is not written normally in bitmap location s390x (64bit big endian system) and 
   this fix makes it 64-bit compatible.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1854-1
Released:    Fri Jun  4 08:54:10 2021
Summary:     Security update for MozillaThunderbird
Type:        security
Severity:    moderate
References:  1185086,1185633,1186198,1186199,CVE-2021-29950,CVE-2021-29951,CVE-2021-29956,CVE-2021-29957
This update for MozillaThunderbird fixes the following issues:

- Mozilla Thunderbird 78.10.2
- CVE-2021-29957: Fixed partial protection of inline OpenPGP message not indicated (bsc#1186198).
- CVE-2021-29956: Fixed Thunderbird stored OpenPGP secret keys without master password protection (bsc#1186199).
- CVE-2021-29951: Fixed Thunderbird Maintenance Service could have been started or stopped by domain users (bsc#1185633).
- CVE-2021-29950: Fixed logic issue potentially leaves key material unlocked (bsc#1185086).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1859-1
Released:    Fri Jun  4 09:02:38 2021
Summary:     Security update for python-py
Type:        security
Severity:    moderate
References:  1179805,1184505,CVE-2020-29651
This update for python-py fixes the following issues:

- CVE-2020-29651: Fixed regular expression denial of service in svnwc.py (bsc#1179805, bsc#1184505).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1860-1
Released:    Fri Jun  4 09:04:05 2021
Summary:     Security update for libwebp
Type:        security
Severity:    critical
References:  1185652,1185654,1185673,1185674,1185685,1185686,1185688,1185690,1185691,1186247,CVE-2018-25009,CVE-2018-25010,CVE-2018-25011,CVE-2018-25012,CVE-2018-25013,CVE-2020-36328,CVE-2020-36329,CVE-2020-36330,CVE-2020-36331,CVE-2020-36332
This update for libwebp fixes the following issues:

- CVE-2018-25010: Fixed heap-based buffer overflow in ApplyFilter() (bsc#1185685).
- CVE-2020-36330: Fixed heap-based buffer overflow in ChunkVerifyAndAssign() (bsc#1185691).
- CVE-2020-36332: Fixed extreme memory allocation when reading a file (bsc#1185674).
- CVE-2020-36329: Fixed use-after-free in EmitFancyRGB() (bsc#1185652).
- CVE-2018-25012: Fixed heap-based buffer overflow in GetLE24() (bsc#1185690).
- CVE-2020-36328: Fixed heap-based buffer overflow in WebPDecode*Into functions (bsc#1185688).
- CVE-2018-25013: Fixed heap-based buffer overflow in ShiftBytes() (bsc#1185654).
- CVE-2020-36331: Fixed heap-based buffer overflow in ChunkAssignData() (bsc#1185686).
- CVE-2018-25009: Fixed heap-based buffer overflow in GetLE16() (bsc#1185673).
- CVE-2018-25011: Fixed fail on multiple image chunks (bsc#1186247).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1861-1
Released:    Fri Jun  4 09:59:40 2021
Summary:     Recommended update for gcc10
Type:        recommended
Severity:    moderate
References:  1029961,1106014,1178577,1178624,1178675,1182016
This update for gcc10 fixes the following issues:

- Disable nvptx offloading for aarch64 again since it doesn't work
- Fixed a build failure issue. (bsc#1182016)
- Fix for memory miscompilation on 'aarch64'. (bsc#1178624, bsc#1178577)
- Fix 32bit 'libgnat.so' link. (bsc#1178675)
- prepare usrmerge: Install libgcc_s into %_libdir. ABI wise it stays /%lib. (bsc#1029961)
- Build complete set of multilibs for arm-none target. (bsc#1106014)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1863-1
Released:    Fri Jun  4 11:16:23 2021
Summary:     Security update for umoci
Type:        security
Severity:    important
References:  1184147,CVE-2021-29136
This update for umoci fixes the following issues:

Update to v0.4.7 (bsc#1184147).

- CVE-2021-29136: Fixed overwriting of host files via malicious layer (bsc#1184147).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1876-1
Released:    Mon Jun  7 14:01:09 2021
Summary:     Security update for snakeyaml
Type:        security
Severity:    important
References:  1159488,1186088,CVE-2017-18640
This update for snakeyaml fixes the following issues:

- Upgrade to 1.28
- CVE-2017-18640: The Alias feature allows entity expansion during a load operation (bsc#1159488, bsc#1186088)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1877-1
Released:    Mon Jun  7 15:33:46 2021
Summary:     Recommended update for gpm
Type:        recommended
Severity:    low
References:  1160873,1182147
This update for gpm fixes the following issues:

- Removed unnecessary StandardOutput override in the unit definition file. (bsc#1182147)
- Fixed a compilation issue when using -fno-common during compilation (bsc#1160873)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1884-1
Released:    Tue Jun  8 15:05:25 2021
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    important
References:  1185633,1186696,CVE-2021-29951,CVE-2021-29964,CVE-2021-29967
This update for MozillaFirefox fixes the following issues:

Firefox Extended Support Release 78.11.0 ESR (bsc#1186696)

  * CVE-2021-29964: Out of bounds-read when parsing a `WM_COPYDATA` message
  * CVE-2021-29967: Memory safety bugs fixed in Firefox

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1896-1
Released:    Tue Jun  8 16:08:27 2021
Summary:     Security update for pam_radius
Type:        security
Severity:    moderate
References:  1163933,CVE-2015-9542
This update for pam_radius fixes the following issues:

- CVE-2015-9542: pam_radius: buffer overflow in password field (bsc#1163933)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1897-1
Released:    Tue Jun  8 16:15:17 2021
Summary:     Security update for libX11
Type:        security
Severity:    important
References:  1186643,CVE-2021-31535
This update for libX11 fixes the following issues:

- Regression in the fix for CVE-2021-31535, causing segfaults for xforms applications like fdesign (bsc#1186643)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1914-1
Released:    Wed Jun  9 14:29:32 2021
Summary:     Security update for libopenmpt
Type:        security
Severity:    moderate
References:  1186663
This update for libopenmpt fixes the following issues:

Various bugfix and stability issues were fixed, some of those
might have security impact.

libopenmpt was updated to 0.3.28:

* Fixed excessive memory consumption with malformed files in
  various formats.

Changes in 0.3.27:

* AMS: Avoid allocating excessive amount of memory for compressed
  song message in malformed files.
* S3M: Some samples were imported with a too high sample rate if
  module was saved with Scream Tracker 3.

Changes in 0.3.26:

* DMF: Improve import of finetune effect with parameters larger
  than +/-15.

Changes in 0.3.25:

* AMS: An upper bound for uncompressed sample size is now
  established to avoid memory exhaustion from malformed files.
* MO3: Avoid certain ModPlug hacks from being fixed up twice,
  which could lead to e.g. very narrow pan swing range for old
  OpenMPT IT files saved with a recent MO3 encoder version.
* IMF: Instrument sample mapping was off by one octave, notable
  in the guitar part of Astaris by Karsten Koch.
* PLM: Percentage offset (Mxx) was slightly off.

Changes in 0.3.24:

* PP20: The first few bytes of some files were not decompressed
  properly, making some files unplayable (depending on the
  original format).

Changes in 0.3.23:

* IT: Global volume slides with both nibbles set preferred the
  “slide up” nibble over the “slide down” nibble in old OpenMPT
  versions, unlike other slides. Such old files are now imported
  correctly again.
* IT: Fixed an edge case where, if the filter hit full cutoff /
  no resonance on the first tick of a row where a new delayed
  note would be triggered, the filter would be disabled even
  though it should stay active. Fixes trace.it by maddie.
* XM: Out-of-range arpeggio clamping behaviour broke in OpenMPT
  1.23.05.00. The arpeggios in Binary World by Dakota now play
  correctly again.
* S3M: Support old-style sample pre-amp value in very early
  S3M files.
* S3M: Only force-enable fast slides for files ST 3.00.
  Previously, any S3M file made with an ST3 version older than
  3.20 enabled them.
* M15: Improve tracker detection heuristics to never assume
  SoundTracker 2.0 if there is a huge number of Dxx commands,
  as that is a definite hint that they should be treated as
  volume slides. Fixes Monty On The Run by Master Blaster.

Changes in 0.3.22:

* IT: Disable retrigger with short notes quirk for modules saved
  with Chibi Tracker, as it does not implement that quirk.
* MOD: Fix early song ending due to ProTracker pattern jump quirk
  (EEx + Dxx on same row) if infinite looping is disabled.
  Fixes Haunted Tracks.mod by Triace.
* MOD: Vibrato type “ramp down” was upside down.

Changes in 0.3.21:

* IT: Vibrato was too fast in Old Effects mode since
  libopenmpt 0.3.
* XM: Treat 8bitbubsy’s FT2 clone exactly like Fasttracker 2 with
  respect to compatibility and playback flags. For example,
  FT2 Pan Law was not applied.
* DMF: Some files had a wrong tempo since libopenmpt
  0.2.5705-beta15.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1926-1
Released:    Thu Jun 10 08:38:14 2021
Summary:     Recommended update for gcc
Type:        recommended
Severity:    moderate
References:  1096677
This update for gcc fixes the following issues:

- Added gccgo symlink and go and gofmt as alternatives to support parallel installation
  of golang (bsc#1096677)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1933-1
Released:    Thu Jun 10 10:28:41 2021
Summary:     Security update for ucode-intel
Type:        security
Severity:    important
References:  1179833,1179836,1179837,1179839,CVE-2020-24489,CVE-2020-24511,CVE-2020-24512,CVE-2020-24513
This update for ucode-intel fixes the following issues:

Updated to Intel CPU Microcode 20210608 release.

- CVE-2020-24513: A domain bypass transient execution vulnerability was discovered on some Intel Atom processors that use a micro-architectural incident channel. (INTEL-SA-00465 bsc#1179833)
    See also: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00465.html

- CVE-2020-24511: The IBRS feature to mitigate Spectre variant 2 transient execution side channel vulnerabilities may not fully prevent non-root (guest) branches from controlling the branch predictions of the root (host) (INTEL-SA-00464 bsc#1179836)

    See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html)

- CVE-2020-24512: Fixed trivial data value cache-lines such as all-zero value cache-lines may lead to changes in cache-allocation or write-back behavior for such cache-lines (bsc#1179837 INTEL-SA-00464)

    See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html)

  - CVE-2020-24489: Fixed Intel VT-d device pass through potential local privilege escalation (INTEL-SA-00442 bsc#1179839)

    See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00442.html

Other fixes:

- Update for functional issues. Refer to [Third Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/637780)for details.
- Update for functional issues. Refer to [Second Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338848) for details.
- Update for functional issues. Refer to [Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/613537) for details.
- Update for functional issues. Refer to [Intel Xeon Processor D-1500, D-1500 NS and D-1600 NS Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-d-1500-specification-update.html) for details.
- Update for functional issues. Refer to [Intel Xeon E7-8800 and E7-4800 v3 Processor Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e7-v3-spec-update.html) for details.
- Update for functional issues. Refer to [Intel Xeon Processor E5 v3 Product Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e5-v3-spec-update.html?wapkw=processor+spec+update+e5) for details.
- Update for functional issues. Refer to [10th Gen Intel Core Processor Families Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/10th-gen-core-families-specification-update.html) for details.
- Update for functional issues. Refer to [8th and 9th Gen Intel Core Processor Family Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/8th-gen-core-spec-update.html) for details.
- Update for functional issues. Refer to [7th Gen and 8th Gen (U Quad-Core) Intel Processor Families Specification Update](https://www.intel.com/content/www/us/en/processors/core/7th-gen-core-family-spec-update.html) for details.
- Update for functional issues. Refer to [6th Gen Intel Processor Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/332689) for details.
- Update for functional issues. Refer to [Intel Xeon E3-1200 v6 Processor Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e3-1200v6-spec-update.html) for details.
- Update for functional issues. Refer to [Intel Xeon E-2100 and E-2200 Processor Family Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-e-2100-specification-update.html) for details.

- New platforms:

| Processor      | Stepping | F-M-S/PI    | Old Ver  | New Ver  | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| CLX-SP         | A0       | 06-55-05/b7 |          | 03000010 | Xeon Scalable Gen2
| ICX-SP         | C0       | 06-6a-05/87 |          | 0c0002f0 | Xeon Scalable Gen3
| ICX-SP         | D0       | 06-6a-06/87 |          | 0d0002a0 | Xeon Scalable Gen3
| SNR            | B0       | 06-86-04/01 |          | 0b00000f | Atom P59xxB
| SNR            | B1       | 06-86-05/01 |          | 0b00000f | Atom P59xxB
| TGL            | B1       | 06-8c-01/80 |          | 00000088 | Core Gen11 Mobile
| TGL-R          | C0       | 06-8c-02/c2 |          | 00000016 | Core Gen11 Mobile
| TGL-H          | R0       | 06-8d-01/c2 |          | 0000002c | Core Gen11 Mobile
| EHL            | B1       | 06-96-01/01 |          | 00000011 | Pentium J6426/N6415, Celeron J6412/J6413/N6210/N6211, Atom x6000E
| JSL            | A0/A1    | 06-9c-00/01 |          | 0000001d | Pentium N6000/N6005, Celeron N4500/N4505/N5100/N5105
| RKL-S          | B0       | 06-a7-01/02 |          | 00000040 | Core Gen11

- Updated platforms:

| Processor      | Stepping | F-M-S/PI    | Old Ver  | New Ver  | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| HSX-E/EP       | Cx/M1    | 06-3f-02/6f | 00000044 | 00000046 | Core Gen4 X series; Xeon E5 v3
| HSX-EX         | E0       | 06-3f-04/80 | 00000016 | 00000019 | Xeon E7 v3
| SKL-U/Y        | D0       | 06-4e-03/c0 | 000000e2 | 000000ea | Core Gen6 Mobile
| SKL-U23e       | K1       | 06-4e-03/c0 | 000000e2 | 000000ea | Core Gen6 Mobile
| BDX-ML         | B0/M0/R0 | 06-4f-01/ef | 0b000038 | 0b00003e | Xeon E5/E7 v4; Core i7-69xx/68xx
| SKX-SP         | B1       | 06-55-03/97 | 01000159 | 0100015b | Xeon Scalable
| SKX-SP         | H0/M0/U0 | 06-55-04/b7 | 02006a0a | 02006b06 | Xeon Scalable
| SKX-D          | M1       | 06-55-04/b7 | 02006a0a | 02006b06 | Xeon D-21xx
| CLX-SP         | B0       | 06-55-06/bf | 04003006 | 04003102 | Xeon Scalable Gen2
| CLX-SP         | B1       | 06-55-07/bf | 05003006 | 05003102 | Xeon Scalable Gen2
| CPX-SP         | A1       | 06-55-0b/bf | 0700001e | 07002302 | Xeon Scalable Gen3
| BDX-DE         | V2/V3    | 06-56-03/10 | 07000019 | 0700001b | Xeon D-1518/19/21/27/28/31/33/37/41/48, Pentium D1507/08/09/17/19
| BDX-DE         | Y0       | 06-56-04/10 | 0f000017 | 0f000019 | Xeon D-1557/59/67/71/77/81/87
| BDX-NS         | A0       | 06-56-05/10 | 0e00000f | 0e000012 | Xeon D-1513N/23/33/43/53
| APL            | D0       | 06-5c-09/03 | 00000040 | 00000044 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx
| APL            | E0       | 06-5c-0a/03 | 0000001e | 00000020 | Atom x5-E39xx
| SKL-H/S        | R0/N0    | 06-5e-03/36 | 000000e2 | 000000ea | Core Gen6; Xeon E3 v5
| DNV            | B0       | 06-5f-01/01 | 0000002e | 00000034 | Atom C Series
| GLK            | B0       | 06-7a-01/01 | 00000034 | 00000036 | Pentium Silver N/J5xxx, Celeron N/J4xxx
| GKL-R          | R0       | 06-7a-08/01 | 00000018 | 0000001a | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120
| ICL-U/Y        | D1       | 06-7e-05/80 | 000000a0 | 000000a6 | Core Gen10 Mobile
| LKF            | B2/B3    | 06-8a-01/10 | 00000028 | 0000002a | Core w/Hybrid Technology
| AML-Y22        | H0       | 06-8e-09/10 | 000000de | 000000ea | Core Gen8 Mobile
| KBL-U/Y        | H0       | 06-8e-09/c0 | 000000de | 000000ea | Core Gen7 Mobile
| CFL-U43e       | D0       | 06-8e-0a/c0 | 000000e0 | 000000ea | Core Gen8 Mobile
| WHL-U          | W0       | 06-8e-0b/d0 | 000000de | 000000ea | Core Gen8 Mobile
| AML-Y42        | V0       | 06-8e-0c/94 | 000000de | 000000ea | Core Gen10 Mobile
| CML-Y42        | V0       | 06-8e-0c/94 | 000000de | 000000ea | Core Gen10 Mobile
| WHL-U          | V0       | 06-8e-0c/94 | 000000de | 000000ea | Core Gen8 Mobile
| KBL-G/H/S/E3   | B0       | 06-9e-09/2a | 000000de | 000000ea | Core Gen7; Xeon E3 v6
| CFL-H/S/E3     | U0       | 06-9e-0a/22 | 000000de | 000000ea | Core Gen8 Desktop, Mobile, Xeon E
| CFL-S          | B0       | 06-9e-0b/02 | 000000de | 000000ea | Core Gen8
| CFL-H/S        | P0       | 06-9e-0c/22 | 000000de | 000000ea | Core Gen9
| CFL-H          | R0       | 06-9e-0d/22 | 000000de | 000000ea | Core Gen9 Mobile
| CML-H          | R1       | 06-a5-02/20 | 000000e0 | 000000ea | Core Gen10 Mobile
| CML-S62        | G1       | 06-a5-03/22 | 000000e0 | 000000ea | Core Gen10
| CML-S102       | Q0       | 06-a5-05/22 | 000000e0 | 000000ec | Core Gen10
| CML-U62        | A0       | 06-a6-00/80 | 000000e0 | 000000e8 | Core Gen10 Mobile
| CML-U62 V2     | K0       | 06-a6-01/80 | 000000e0 | 000000ea | Core Gen10 Mobile

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1934-1
Released:    Thu Jun 10 10:35:09 2021
Summary:     Recommended update for xorg-x11-server
Type:        recommended
Severity:    moderate
References:  1184906,1186092
This update for xorg-x11-server fixes the following issues:

- xwayland: Fix invisible window produced by Xwayland. (bsc#1186092, bsc#1184906) 

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1935-1
Released:    Thu Jun 10 10:45:09 2021
Summary:     Recommended update for gzip
Type:        recommended
Severity:    moderate
References:  1186642

This update for gzip fixes the following issue:

- gzip had a lower release number in 15 sp2 and sp3 than in 15 sp1, which could lead
  to migration issues. (bsc#1186642)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1937-1
Released:    Thu Jun 10 10:47:09 2021
Summary:     Recommended update for nghttp2
Type:        recommended
Severity:    moderate
References:  1186642

This update for nghttp2 fixes the following issue:

- The (lib)nghttp2 packages had a lower release number in SUSE Linux Enterprise 15 sp2 and sp3 than in 15 sp1, which could lead
  to migration issues. (bsc#1186642)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1941-1
Released:    Thu Jun 10 10:49:52 2021
Summary:     Recommended update for sysconfig
Type:        recommended
Severity:    moderate
References:  1186642

This update for sysconfig fixes the following issue:

- sysconfig had a lower release number in 15 sp2 and sp3 than in 15 sp1, which could lead
  to migration issues. (bsc#1186642)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1948-1
Released:    Thu Jun 10 12:32:08 2021
Summary:     Security update for djvulibre
Type:        security
Severity:    important
References:  1186253,CVE-2021-3500
This update for djvulibre fixes the following issues:

- CVE-2021-3500: Stack overflow in function DJVU:DjVuDocument:get_djvu_file() via crafted djvu file (bsc#1186253)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1950-1
Released:    Thu Jun 10 14:42:00 2021
Summary:     Recommended update for hwdata
Type:        recommended
Severity:    moderate
References:  1170160,1182482,1185697
This update for hwdata fixes the following issues:

- Update to version 0.347:
  + Updated pci, usb and vendor ids. (bsc#1185697)

- Update to version 0.346:
  + Updated pci, usb and vendor ids. (bsc#1182482, jsc#SLE-13791, bsc#1170160)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1954-1
Released:    Fri Jun 11 10:45:09 2021
Summary:     Security update for containerd, docker, runc
Type:        security
Severity:    important
References:  1168481,1175081,1175821,1181594,1181641,1181677,1181730,1181732,1181749,1182451,1182476,1182947,1183024,1183855,1184768,1184962,1185405,CVE-2021-21284,CVE-2021-21285,CVE-2021-21334,CVE-2021-30465
This update for containerd, docker, runc fixes the following issues:

Docker was updated to 20.10.6-ce (bsc#1184768, bsc#1182947, bsc#1181594)

* Switch version to use -ce suffix rather than _ce to avoid confusing other
  tools (bsc#1182476).
* CVE-2021-21284: Fixed a potential privilege escalation when the root user in 
  the remapped namespace has access to the host filesystem (bsc#1181732)
* CVE-2021-21285: Fixed an issue where pulling a malformed Docker image manifest 
  crashes the dockerd daemon (bsc#1181730). 
* btrfs quotas being removed by Docker regularly (bsc#1183855, bsc#1175081)

runc was updated to v1.0.0~rc93 (bsc#1182451, bsc#1175821 bsc#1184962).

* Use the upstream runc package (bsc#1181641, bsc#1181677, bsc#1175821).
* Fixed /dev/null is not available (bsc#1168481).
* CVE-2021-30465: Fixed a symlink-exchange attack vulnarability (bsc#1185405).

containerd was updated to v1.4.4

* CVE-2021-21334: Fixed a potential information leak through environment variables (bsc#1183397).
* Handle a requirement from docker (bsc#1181594).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1955-1
Released:    Fri Jun 11 12:50:54 2021
Summary:     Recommended update for webkit2gtk3
Type:        recommended
Severity:    moderate
References:  1186642

This update for webkit2gtk3 fixes the following issue:

- webkit2gtk3 had a lower release number in 15 sp2 and sp3 than in 15 sp1, which could lead
  to migration issues. (bsc#1186642)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1973-1
Released:    Tue Jun 15 12:10:55 2021
Summary:     Recommended update for libreoffice and xmlsec1
Type:        recommended
Severity:    important
References:  1184527,1184961,1185505,1185797,1186110,1186706
This update for libreoffice and xmlsec1 fixes the following issues:

libreoffice:

Update from version 7.1.2.2 to version 7.1.3.2

- Searching in PPTX document makes LibreOffice crash. (bsc#1185797)
- Fix a text highlight issue when saving as PPTX. (bsc#1185505)
- Recommend `libreoffice-qt5` only when it is actually created
- Fix a build error with GCC11. (bsc#1186110)
- LibreOffice requires at least java 1.8.0 to run properly.
- Fix a potential dataloss in LibreOffice Math. (bsc#1184961, bsc#1184527)

  The issue occurred only while trying to close the document via shortcuts. 
  In this case LibreOffice Math was closed without asking to save the document.

xmlsec1:

- Provide missing binaries to SUSE Linux Enterprise 15-SP3 with l3 support level. (bsc#1186706)

myspell-dictionaries:

- Provide missing binaries to SUSE Linux Enterprise 15-SP3 with l2 support level. (bsc#1186706)

 
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1989-1
Released:    Thu Jun 17 09:51:26 2021
Summary:     Security update for java-1_8_0-openjdk
Type:        security
Severity:    moderate
References:  1185055,CVE-2021-2163
This update for java-1_8_0-openjdk fixes the following issues:

- Update to version jdk8u292 (icedtea 3.19.0).
- CVE-2021-2161: Fixed incomplete enforcement of JAR signing disabled algorithms (bsc#1185055).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1995-1
Released:    Thu Jun 17 15:11:40 2021
Summary:     Security update for xstream
Type:        security
Severity:    important
References:  1186651,CVE-2021-29505
This update for xstream fixes the following issues:

Upgrade to 1.4.17

- CVE-2021-29505: Fixed potential code execution when unmarshalling with XStream instances
  using an uninitialized security framework (bsc#1186651)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2000-1
Released:    Thu Jun 17 16:50:00 2021
Summary:     Recommended update for tomcat
Type:        recommended
Severity:    moderate
References:  1186642

This update for tomcat fixes the following issue:

- tomcat had a lower release number in 15 sp2 and sp3 than in 15 sp1, which could lead
  to migration issues. (bsc#1186642)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2001-1
Released:    Thu Jun 17 16:54:07 2021
Summary:     Recommended update for python-pycryptodome
Type:        recommended
Severity:    moderate
References:  1186642

This update for python-pycryptodome fixes the following issue:

- python-pycryptodome had a lower release number in 15 sp2 and sp3 than in 15 sp1, which could lead
  to migration issues. (bsc#1186642)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2002-1
Released:    Thu Jun 17 17:27:47 2021
Summary:     Recommended update for open-vm-tools
Type:        recommended
Severity:    moderate
References:  1186642

This update for open-vm-tools fixes the following issue:

- open-vm-tools had a lower release number in 15 sp2 and sp3 than in 15 sp1, which could lead
  to migration issues. (bsc#1186642)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2003-1
Released:    Thu Jun 17 18:03:10 2021
Summary:     Security update for MozillaThunderbird
Type:        security
Severity:    important
References:  1186696,CVE-2021-29964,CVE-2021-29967
This update for MozillaThunderbird fixes the following issues:

Mozilla Thunderbird 78.11 (bsc#1186696)

Security issues fixed:

- CVE-2021-29964: Out of bounds-read when parsing a `WM_COPYDATA` message
- CVE-2021-29967: Memory safety bugs fixed in Thunderbird 78.11

General improvements:

- OpenPGP could not be disabled for an account if a key was previously configured
- Recipients were unable to decrypt some messages when the sender had changed the message encryption from OpenPGP to S/MIME
- Contacts moved between CardDAV address books were not synced to the new server
- CardDAV compatibility fixes for Google Contacts
- Folder pane had no clear indication of focus on macOS

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2005-1
Released:    Thu Jun 17 18:04:06 2021
Summary:     Security update for jetty-minimal
Type:        security
Severity:    important
References:  1184366,1184367,1184368,1187117,CVE-2021-28163,CVE-2021-28164,CVE-2021-28165,CVE-2021-28169
This update for jetty-minimal fixes the following issues:

Update to version 9.4.42.v20210604

- Fix: bsc#1187117, CVE-2021-28169 - possible for requests to the ConcatServlet with a doubly encoded path to access protected resources within the WEB-INF directory
- Fix: bsc#1184367, CVE-2021-28165 - jetty server high CPU when client send data length > 17408
- Fix: bsc#1184368, CVE-2021-28164 - Normalize ambiguous URIs
- Fix: bsc#1184366, CVE-2021-28163 - Exclude webapps directory from deployment scan

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2008-1
Released:    Thu Jun 17 18:07:45 2021
Summary:     Security update for python-rsa
Type:        security
Severity:    important
References:  1172389,CVE-2020-13757
This update for python-rsa fixes the following issues:

- CVE-2020-13757: Proper handling of leading '\0' bytes during decryption of ciphertext (bsc#1172389)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2011-1
Released:    Fri Jun 18 09:14:39 2021
Summary:     Security update for xterm
Type:        security
Severity:    important
References:  1182091,CVE-2021-27135
This update for xterm fixes the following issues:

- CVE-2021-27135: Fixed buffer-overflow when clicking on selected utf8 text. (bsc#1182091)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2012-1
Released:    Fri Jun 18 09:15:13 2021
Summary:     Security update for python-urllib3
Type:        security
Severity:    important
References:  1187045,CVE-2021-33503
This update for python-urllib3 fixes the following issues:

- CVE-2021-33503: Fixed a denial of service when the URL contained many @ characters in the authority component (bsc#1187045)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2076-1
Released:    Fri Jun 18 13:47:19 2021
Summary:     Recommended update for dovecot23
Type:        recommended
Severity:    moderate
References:  1186642

This update for dovecot23 fixes the following issue:

- dovecot23 had a lower release number in 15 sp2 and sp3 than in 15 sp1, which could lead
  to migration issues. (bsc#1186642)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2079-1
Released:    Fri Jun 18 14:39:49 2021
Summary:     Recommended update for build
Type:        recommended
Severity:    moderate
References:  1186642

This update for build fixes the following issue:

- build had a lower release number in 15 sp2 and sp3 than in 15 sp1, which could lead
  to migration issues. (bsc#1186642)

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2021:2090-1
Released:    Mon Jun 21 10:43:56 2021
Summary:     Optional update for p7zip
Type:        optional
Severity:    low
References:  1185910
This update for p7zip fixes the following issues:
  
- Initial shipping of p7zip-full (bsc#1185910)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2091-1
Released:    Mon Jun 21 10:45:13 2021
Summary:     Recommended update for wget
Type:        recommended
Severity:    moderate
References:  1181173
This update for wget fixes the following issue:

- When running recursively, wget will verify the length of the whole
  URL when saving the files. This will make it overwrite files with
  truncated names, throwing the following message: 
  'The name is too long,... trying to shorten'. (bsc#1181173)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2095-1
Released:    Mon Jun 21 13:35:08 2021
Summary:     Recommended update for ntp
Type:        recommended
Severity:    low
References:  
This update for ntp fixes the following issues:

- Adjusted the man page documentation to clarify that 'interface ignore all'
  does not cover the wildcard and localhost addresses (jsc#SLE-15482)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2096-1
Released:    Mon Jun 21 13:35:38 2021
Summary:     Recommended update for python-six
Type:        recommended
Severity:    moderate
References:  1186642

This update for python-six fixes the following issue:

- python-six had a lower release number in 15 sp2 and sp3 than in 15 sp1, which could lead
  to migration issues. (bsc#1186642)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2103-1
Released:    Mon Jun 21 19:23:28 2021
Summary:     Recommended update for SUSE Manager Client Tools
Type:        recommended
Severity:    moderate
References:  1173557,1177884,1177928,1180583,1180584,1180585,1185178
This update fixes the following issues:

POS_Image-Graphical7:

- Use absolute path in bootloader service
- Update install-local-bootloader.service for recent saltboot
- Use linuxefi only on x86

POS_Image-JeOS7:

- Use absolute path in bootloader service
- Update install-local-bootloader.service for recent saltboot
- Use linuxefi only on x86

golang-github-prometheus-prometheus:

- Add tarball with vendor modules and web assets
- Read formula data from exporters map
- Add support for TLS targets
- Upgrade to upstream version 2.26.0
  + Changes
    * Alerting: Using Alertmanager v2 API by default.
    * Prometheus/Promtool: Binaries are now printing help and usage to stdout instead of stderr.
    * UI: Make the React UI default.
    * Remote write: The following metrics were removed/renamed in remote write.
      > prometheus_remote_storage_succeeded_samples_total was removed and
      prometheus_remote_storage_samples_total was introduced for all the samples attempted to send.
      > prometheus_remote_storage_sent_bytes_total was removed and replaced with
      prometheus_remote_storage_samples_bytes_total and prometheus_remote_storage_metadata_bytes_total.
      > prometheus_remote_storage_failed_samples_total -> prometheus_remote_storage_samples_failed_total.
      > prometheus_remote_storage_retried_samples_total -> prometheus_remote_storage_samples_retried_total.
      > prometheus_remote_storage_dropped_samples_total -> prometheus_remote_storage_samples_dropped_total.
      > prometheus_remote_storage_pending_samples -> prometheus_remote_storage_samples_pending.
    * Remote: Do not collect non-initialized timestamp metrics.
  + Features
    * Remote: Add support for AWS SigV4 auth method for remote_write.
    * PromQL: Allow negative offsets. Behind --enable-feature=promql-negative-offset flag.
    * UI: Add advanced auto-completion, syntax highlighting and linting to graph page query input.
    * Include a new `--enable-feature=` flag that enables experimental features.
    * Add TLS and basic authentication to HTTP endpoints.
    * promtool: Add check web-config subcommand to check web config files.
    * promtool: Add tsdb create-blocks-from openmetrics subcommand to backfill metrics data from an
      OpenMetrics file.
  + Enhancements
    * PromQL: Add last_over_time, sgn, clamp functions.
    * Scrape: Add support for specifying type of Authorization header credentials with Bearer
      by default.
    * Scrape: Add follow_redirects option to scrape configuration.
    * Remote: Allow retries on HTTP 429 response code for remote_write.
    * Remote: Allow configuring custom headers for remote_read.
    * UI: Hitting Enter now triggers new query.
    * UI: Better handling of long rule and names on the /rules and /targets pages.
    * UI: Add collapse/expand all button on the /targets page.
    * Add optional name property to testgroup for better test failure output.
    * Add warnings into React Panel on the Graph page.
    * TSDB: Increase the number of buckets for the compaction duration metric.
    * Remote: Allow passing along custom remote_write HTTP headers.
    * Mixins: Scope grafana configuration.
    * Kubernetes SD: Add endpoint labels metadata.
    * UI: Expose total number of label pairs in head in TSDB stats page.
    * TSDB: Reload blocks every minute, to detect new blocks and enforce retention more often.
    * Cache basic authentication results to significantly improve performance of HTTP endpoints.
    * HTTP API: Fast-fail queries with only empty matchers.
    * HTTP API: Support matchers for labels API.
    * promtool: Improve checking of URLs passed on the command line.
    * SD: Expose IPv6 as a label in EC2 SD.
    * SD: Reuse EC2 client, reducing frequency of requesting credentials.
    * TSDB: Add logging when compaction takes more than the block time range.
    * TSDB: Avoid unnecessary GC runs after compaction.
    * Remote write: Added a metric prometheus_remote_storage_max_samples_per_send for remote write.
    * TSDB: Make the snapshot directory name always the same length.
    * TSDB: Create a checkpoint only once at the end of all head compactions.
    * TSDB: Avoid Series API from hitting the chunks.
    * TSDB: Cache label name and last value when adding series during compactions making
      compactions faster.
    * PromQL: Improved performance of Hash method making queries a bit faster.
    * promtool: tsdb list now prints block sizes.
    * promtool: Calculate mint and maxt per test avoiding unnecessary calculations.
    * SD: Add filtering of services to Docker Swarm SD.
  + Bug fixes
    * API: Fix global URL when external address has no port.
    * Deprecate unused flag --alertmanager.timeout.

mgr-cfg:

- SPEC: Updated Python definitions for RHEL8 and quoted text comparisons.

mgr-custom-info:

- Update package version to 4.2.0

mgr-daemon:

- Update translation strings
- Update the translations from weblate
- Added quotes around %{_vendor} token for the if statements in spec file.
- Fix removal of mgr-deamon with selinux enabled (bsc#1177928)
- Updating translations from weblate

mgr-osad:

- Change the log file permissions as expected by logrotate (bsc#1177884)
- Change deprecated path /var/run into /run for systemd (bsc#1185178)
- Python fixes
- Removal of RHEL5

mgr-push:

- Defined __python for python2.
- Excluded RHEL8 for Python 2 build.

mgr-virtualization:

- Update package version to 4.2.0

python-hwdata:

- Modified to build on RHEL8.

rhnlib:

- Update package version to 4.2.0

spacecmd:

- Rename system migration to system transfer
- Rename SP to product migration
- Update translation strings
- Add group_addconfigchannel and group_removeconfigchannel
- Add group_listconfigchannels and configchannel_listgroups
- Fix spacecmd compat with Python 3
- Deprecated 'Software Crashes' feature
- Document advanced package search on '--help' (bsc#1180583)
- Fixed advanced search on 'package_listinstalledsystems'
- Fixed duplicate results when using multiple search criteria (bsc#1180585)
- Fixed 'non-advanced' package search when using multiple package names (bsc#1180584)
- Update translations
- Fix: make spacecmd build on Debian
- Add Service Pack migration operations (bsc#1173557)

spacewalk-client-tools:

- Update the translations from weblate
- Drop the --noSSLServerURL option
- Updated RHEL Python requirements.
- Added quotes around %{_vendor}.

spacewalk-koan:

- Fix for spacewalk-koan test

spacewalk-oscap:

- Update package version to 4.2.0

spacewalk-remote-utils:

- Update package version to 4.2.0

supportutils-plugin-susemanager-client:

- Update package version to 4.2.0

suseRegisterInfo:

- Add support for Amazon Linux 2
- Add support for Alibaba Cloud Linux 2
- Adapted for RHEL build.

uyuni-common-libs:

- Cleaning up unused Python 2 build leftovers.
- Disabled debug package build.


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2106-1
Released:    Mon Jun 21 19:26:19 2021
Summary:     Security update for salt
Type:        security
Severity:    critical
References:  1171257,1176293,1179831,1181368,1182281,1182293,1182382,1185092,1185281,1186674,CVE-2018-15750,CVE-2018-15751,CVE-2020-11651,CVE-2020-11652,CVE-2020-25592,CVE-2021-25315,CVE-2021-31607
This update for salt fixes the following issues:

Update to Salt release version 3002.2 (jsc#ECO-3212, jsc#SLE-18033, jsc#SLE-18028) 

- Check if dpkgnotify is executable (bsc#1186674)
- Drop support for Python2. Obsoletes `python2-salt` package (jsc#SLE-18028)
- virt module updates
  * network: handle missing ipv4 netmask attribute
  * more network support
  * PCI/USB host devices passthrough support
- Set distro requirement to oldest supported version in requirements/base.txt
- Bring missing part of async batch implementation back (CVE-2021-25315, bsc#1182382)
- Always require `python3-distro` (bsc#1182293)
- Remove deprecated warning that breaks minion execution when 'server_id_use_crc' opts is missing
- Fix pkg states when DEB package has 'all' arch
- Do not force beacons configuration to be a list.
- Remove msgpack < 1.0.0 from base requirements (bsc#1176293)
- msgpack support for version >= 1.0.0 (bsc#1171257)
- Fix issue parsing errors in ansiblegate state module
- Prevent command injection in the snapper module (bsc#1185281, CVE-2021-31607)
- transactional_update: detect recursion in the executor
- Add subpackage salt-transactional-update (jsc#SLE-18033)
- Improvements on 'ansiblegate' module (bsc#1185092):
  * New methods: ansible.targets / ansible.discover_playbooks
- Add support for Alibaba Cloud Linux 2 (Aliyun Linux)
- Regression fix of salt-ssh on processing targets
- Update target fix for salt-ssh and avoiding race condition on salt-ssh event processing (bsc#1179831, bsc#1182281)
- Add notify beacon for Debian/Ubuntu systems
- Fix zmq bug that causes salt-call to freeze (bsc#1181368)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2107-1
Released:    Mon Jun 21 19:29:09 2021
Summary:     Recommended update for golang-github-prometheus-node_exporter
Type:        recommended
Severity:    moderate
References:  1151558
This update for golang-github-prometheus-node_exporter fixes the following issues:

Update from version 1.0.1 to version 1.1.2

- Bug fixes:
  - Do not include sources (bsc#1151558)
  - Handle errors from disabled `Pressure Stall Information (PSI)` subsystem
  - Sanitize strings from `/sys/class/power_supply`
  - Silence missing `netclass` errors
  - Fix `ineffassign` issue
  - Demote some warning to `Debug` level
  - `filesystem_freebsd`: Fix label values      
  - Fix various `procfs` parsing errors      
  - Handle no data from the power supply class
  - `udp_queues_linux.go`: change `upd` to `udp` in two error strings      
  - Fix `node_scrape_collector_success` behavior      
  - Fix `NodeRAIDDegraded` to not use a string rule expressions      
  - Fix `node_md_disks` state label from fail to failed      
  - Handle `EPERM` for syscall in timex collector      
  - `bcache`: fix typo in a metric name      
  - Fix XFS read/write stats
    
- Enhancements:
  - Improve filter flag names
  - Add `btrfs` and `powersupplyclass` to list of exporters enabled by default
  - Add more `InfiniBand` counters
  - Add a flag to aggregate `ipvs` metrics to avoid high cardinality metrics          
  - Add `backlog/current` queue length to `qdisc` collector      
  - Include `TCP OutRsts` in `netstat` metrics    
  - Add the `pool size` to entropy collector          
  - Remove `CGO` dependencies for OpenBSD amd64      
  - `bcache`: add `writeback_rate_debug` statistics 
  - Add `check state` for `mdadm` arrays via `node_md_state metric` 
  - Expose `XFS inode` statistics      
  - Expose `zfs zpool` state    
  - Add the ability to pass `collector.supervisord.url` via `SUPERVISORD_URL` environment variable 

- Features:
  - Add fiber channel collector
  - Expose cpu bugs and flags as info metrics.
  - Add `network_route` collector
  - Add `zoneinfo` collector

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2123-1
Released:    Tue Jun 22 14:29:43 2021
Summary:     Security update for dovecot23
Type:        security
Severity:    important
References:  1187418,1187419,CVE-2021-29157,CVE-2021-33515
This update for dovecot23 fixes the following issues:

- CVE-2021-29157: Local attacker can login as any user and access their emails (bsc#1187418)
- CVE-2021-33515: Attacker can potentially steal user credentials and mails (bsc#1187419)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2125-1
Released:    Tue Jun 22 14:41:26 2021
Summary:     Security update for wireshark
Type:        security
Severity:    important
References:  1179930,1179931,1179932,1179933,1180102,1180232,1181598,1181599,1183353,1184110,1185128,CVE-2020-26418,CVE-2020-26419,CVE-2020-26420,CVE-2020-26421,CVE-2020-26422,CVE-2021-22173,CVE-2021-22174,CVE-2021-22191,CVE-2021-22207
This update for wireshark, libvirt, sbc and libqt5-qtmultimedia fixes the following issues:

Update wireshark to version 3.4.5

- New and updated support and bug fixes for multiple protocols
- Asynchronous DNS resolution is always enabled
- Protobuf fields can be dissected as Wireshark (header) fields
- UI improvements

Including security fixes for:

- CVE-2021-22191: Wireshark could open unsafe URLs (bsc#1183353).
- CVE-2021-22207: MS-WSP dissector excessive memory consumption (bsc#1185128)
- CVE-2020-26422: QUIC dissector crash (bsc#1180232)
- CVE-2020-26418: Kafka dissector memory leak (bsc#1179930)
- CVE-2020-26419: Multiple dissector memory leaks (bsc#1179931)
- CVE-2020-26420: RTPS dissector memory leak (bsc#1179932) 
- CVE-2020-26421: USB HID dissector crash (bsc#1179933)
- CVE-2021-22173: Fix USB HID dissector memory leak (bsc#1181598)
- CVE-2021-22174: Fix USB HID dissector crash (bsc#1181599)

libqt5-qtmultimedia and sbc are necessary dependencies. libvirt is needed to rebuild wireshark-plugin-libvirt.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2136-1
Released:    Wed Jun 23 13:40:13 2021
Summary:     Security update for cryptctl
Type:        security
Severity:    important
References:  1186226,CVE-2019-18906
This update for cryptctl fixes the following issues:

Update to version 2.4:

- CVE-2019-18906: Client side password hashing was equivalent to clear text password storage (bsc#1186226)
- First step to use plain text password instead of hashed password.
- Move repository into the SUSE github organization
- in RPC server, if client comes from localhost, remember its ipv4 localhost address instead of ipv6 address
- tell a record to clear expired pending commands upon saving a command result; introduce pending commands RPC test case
- avoid hard coding 127.0.0.1 in host ID of alive message test; let system administrator mount and unmount disks by issuing these two commands on key server.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2140-1
Released:    Wed Jun 23 14:53:09 2021
Summary:     Recommended update for prometheus-ha_cluster_exporter
Type:        recommended
Severity:    moderate
References:  
This update for prometheus-ha_cluster_exporter fixes the following issues:

Update from version 1.2.2 to version 1.2.3:

- Compress GitHub artifacts after having built them.
- Fix cloned resource collection and track stopped resources even when they are cloned.
  `Pacemaker Clone Resources` appear multiple times in `crm_mon`; since the main discriminator field is the node, 
  and that's missing when a resource is stopped, the cloned and stopped entries will appear multiple times in 
  the `crm_mon` output, with the exact same fields and values: this is a problem for the `Prometheus SDK`, 
  which doesn't expect duplicate metrics over the course of a single collection cycle.
- Remove the `make download` target, which was required when using old Go versions.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2146-1
Released:    Wed Jun 23 17:55:14 2021
Summary:     Recommended update for openssh
Type:        recommended
Severity:    moderate
References:  1115550,1174162
This update for openssh fixes the following issues:

- Fixed a race condition leading to a sshd termination of multichannel sessions with non-root users (bsc#1115550, bsc#1174162).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2148-1
Released:    Wed Jun 23 21:11:07 2021
Summary:     Recommended update for csync2
Type:        recommended
Severity:    moderate
References:  1187080
This update for csync2 fixes the following issues:

- Removal of csync2 package throws error for non-existent service template. (bsc#1187080)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2150-1
Released:    Thu Jun 24 09:59:44 2021
Summary:     Recommended update for x3270
Type:        recommended
Severity:    moderate
References:  1186642

This update for x3270 fixes the following issue:

- x3270 had a lower release number in 15 sp3 than in 15 sp2, which could lead
  to migration issues. (bsc#1186642)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2154-1
Released:    Thu Jun 24 13:49:13 2021
Summary:     Recommended update for python-Cython
Type:        recommended
Severity:    moderate
References:  1186642,1187450

This update for python-Cython fixes the following issue:

- python-Cython had a lower release number in 15 sp2 and sp3 than in 15 sp1, which could lead
  to migration issues. (bsc#1186642 bsc#1187450)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2158-1
Released:    Thu Jun 24 15:40:57 2021
Summary:     Security update for openexr
Type:        security
Severity:    important
References:  1187310,1187395,CVE-2021-3598,CVE-2021-3605
This update for openexr fixes the following issues:

- Fixed CVE-2021-3605 [bsc#1187395]: Heap buffer overflow in the rleUncompress function
- Fixed CVE-2021-3598 [bsc#1187310]: Heap buffer overflow in Imf_3_1:CharPtrIO:readChars

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2163-1
Released:    Fri Jun 25 18:03:45 2021
Summary:     Security update for bouncycastle
Type:        security
Severity:    moderate
References:  1186328,CVE-2020-15522
This update for bouncycastle fixes the following issues:

- CVE-2020-15522: Fixed a timing issue within the EC math library (bsc#1186328).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2169-1
Released:    Mon Jun 28 13:19:09 2021
Summary:     Recommended update for hexchat
Type:        recommended
Severity:    moderate
References:  1187587
This update for hexchat fixes the following issues:

- Added Libera.chat to available servers (bsc#1187587)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2171-1
Released:    Mon Jun 28 14:06:45 2021
Summary:     Recommended update for btrfsmaintenance
Type:        recommended
Severity:    moderate
References:  1178874
This update for btrfsmaintenance fixes the following issues:

- Remove [Install] section from btrfsmaintenance. (bsc#1178874)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2173-1
Released:    Mon Jun 28 14:59:45 2021
Summary:     Recommended update for automake
Type:        recommended
Severity:    moderate
References:  1040589,1047218,1182604,1185540,1186049
This update for automake fixes the following issues:

- Implement generated autoconf makefiles reproducible (bsc#1182604)
- Add fix to avoid date variations in docs. (bsc#1047218, jsc#SLE-17848)
- Avoid bashisms in test-driver script. (bsc#1185540)

This update for pcre fixes the following issues:

- Do not run profiling 'check' in parallel to make package build reproducible. (bsc#1040589)

This update for brp-check-suse fixes the following issues:

- Add fixes to support reproducible builds. (bsc#1186049) 


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2177-1
Released:    Mon Jun 28 15:47:27 2021
Summary:     Security update for arpwatch
Type:        security
Severity:    important
References:  1186240,CVE-2021-25321
This update for arpwatch fixes the following issues:

- CVE-2021-25321: Fixed local privilege escalation from runtime user to root (bsc#1186240).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2179-1
Released:    Mon Jun 28 17:36:37 2021
Summary:     Recommended update for thin-provisioning-tools
Type:        recommended
Severity:    moderate
References:  1184124
This update for thin-provisioning-tools fixes the following issues:

- Link as position-independent executable (bsc#1184124)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2191-1
Released:    Mon Jun 28 18:38:12 2021
Summary:     Recommended update for patterns-microos
Type:        recommended
Severity:    moderate
References:  1186791
This update for patterns-microos provides the following fix:

- Add zypper-migration-plugin to the default pattern. (bsc#1186791)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2193-1
Released:    Mon Jun 28 18:38:43 2021
Summary:     Recommended update for tar
Type:        recommended
Severity:    moderate
References:  1184124
This update for tar fixes the following issues:

- Link '/var/lib/tests/tar/bin/genfile' as Position-Independent Executable (bsc#1184124)
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2196-1
Released:    Tue Jun 29 09:41:39 2021
Summary:     Security update for lua53
Type:        security
Severity:    moderate
References:  1175448,1175449,CVE-2020-24370,CVE-2020-24371
This update for lua53 fixes the following issues:

Update to version 5.3.6:

- CVE-2020-24371: lgc.c mishandles the interaction between barriers and the sweep phase, leading to a memory access violation involving collectgarbage (bsc#1175449)
- CVE-2020-24370: ldebug.c allows a negation overflow and segmentation fault in getlocal and setlocal (bsc#1175448)
- Long brackets with a huge number of '=' overflow some internal buffer arithmetic.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2215-1
Released:    Wed Jun 30 17:13:30 2021
Summary:     Recommended update for scap-security-guide
Type:        recommended
Severity:    moderate
References:  
This update for scap-security-guide fixes the following issues:

The scap-security-guide was updated to 0.1.56 release (jsc#ECO-3319)

- Align ism_o profile with latest ISM SSP (#6878)
- Align RHEL 7 STIG profile with DISA STIG V3R3
- Creating new RHEL 7 STIG GUI profile (#6863)
- Creating new RHEL 8 STIG GUI profile (#6862)
- Add the RHEL9 product (#6801)
- Initial support for SUSE SLE-15 (#6666)
- add support for osbuild blueprint remediations (#6970)

This update brings the following SUSE Linux Enterprise STIG SCAP automations:

- SCAP STIG automation for SUSE Linux Enterprise 12 (SUSE supplied, nearly complete, missing 4 rules)
- SCAP STIG automation for SUSE Linux Enterprise 15 (SUSE supplied, nearly complete, missing 4 rules)
- CIS automation for SUSE Linux Enterprise 15 (community supplied)

It can be evaluated using 'oscap' from 'openscap-utils', e.g. by doing on SUSE Linux Enterprise 12:

- oscap xccdf eval --profile stig /usr/share/xml/scap/ssg/content/ssg-sle12-ds.xml

On SUSE Linux Enterprise 15:

- oscap xccdf eval --profile stig /usr/share/xml/scap/ssg/content/ssg-sle15-ds.xml

or the community supplied CIS on SUSE Linux Enterprise 15:

- oscap xccdf eval --profile cis /usr/share/xml/scap/ssg/content/ssg-sle15-ds.xml

More content will be added in future updates.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2217-1
Released:    Wed Jun 30 17:17:50 2021
Summary:     Recommended update for supportutils-plugin-ha-sap
Type:        recommended
Severity:    moderate
References:  1187373
This update for supportutils-plugin-ha-sap fixes the following issues:

Update to version 0.0.2+git.1623772960.fed5aa7 (bsc#1187373)

- Added process list for 'sid<adm>' user
- Added 'ENSA1' and 'ENSA2' informational messages
- Added filter to gather logs for 'sap_suse_cluster_connector'
- Updated Documentation Links
- Added Authentication Section and capture information about 'sid<adm>' user
- Obscure clear text password from cluster resources using 'crm configure show' output

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2219-1
Released:    Wed Jun 30 17:19:34 2021
Summary:     Recommended update for lifecycle-data-sle-module-live-patching
Type:        recommended
Severity:    moderate
References:  1020320
This update for lifecycle-data-sle-module-live-patching fixes the following issue:

- Added data for 4_12_14-150_72, 4_12_14-197_89, 5_3_18-24_61, 5_3_18-24_64. (bsc#1020320)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2224-1
Released:    Thu Jul  1 13:48:44 2021
Summary:     Recommended update for psmisc
Type:        recommended
Severity:    important
References:  1185208
This update for psmisc fixes the following issues:

- It does no longer list all processes from different private namespaces
  when fuser is run on an NFS mount. This led to an issue where the wrong
  processes were terminated in an SAP application cluster environment (bsc#1185208)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2234-1
Released:    Fri Jul  2 13:56:08 2021
Summary:     Recommended update for ntp
Type:        recommended
Severity:    moderate
References:  1186431
This update for ntp fixes the following issues:

- Fix a typo in '%post' section. (bsc#1186431)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2245-1
Released:    Mon Jul  5 12:14:52 2021
Summary:     Recommended update for lifecycle-data-sle-module-development-tools
Type:        recommended
Severity:    moderate
References:  
This update for lifecycle-data-sle-module-development-tools fixes the following issues:

- mark go1.14 as 'end of life' as go1.16 was released and we only support 2 go versions parallel (jsc#ECO-1484)

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2021:2248-1
Released:    Mon Jul  5 15:40:28 2021
Summary:     Recommended update for sysstat
Type:        optional
Severity:    low
References:  1186827
This update for sysstat fixes the following issues:

- Dropped systemd runtime requirement (bsc#1186827)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2254-1
Released:    Tue Jul  6 09:23:54 2021
Summary:     Recommended update for raptor
Type:        recommended
Severity:    moderate
References:  1186642,1187464

This update for raptor fixes the following issue:

- raptor was not delivered correctly for openSUSE Leap 15.3 (bsc#1186642)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2255-1
Released:    Tue Jul  6 10:27:54 2021
Summary:     Recommended update for myspell-dictionaries, ucpp
Type:        recommended
Severity:    moderate
References:  1186642,1187464

This update rereleases myspell-dictionaries and ucpp for SUSE Linux Enterprise 15 sp3 to fix a migration issue.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2261-1
Released:    Tue Jul  6 13:34:21 2021
Summary:     Recommended update for xmlsec1
Type:        recommended
Severity:    moderate
References:  1177233,1186642,1186706
This update rereleases xmlsec1 for SUSE Linux Enterprise 15 SP3 to fix a migration issue.
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2265-1
Released:    Tue Jul  6 17:13:10 2021
Summary:     Recommended update for mariadb-connector-c
Type:        recommended
Severity:    moderate
References:  1179921,1183878,1185868,1185870,1185872,1187459
This update for mariadb-connector-c fixes the following issues:

Update to release 3.1.13 [bsc#1185870], [bsc#1185872], [bsc#1185868]

- CONC-537: Only read from MYSQL_HOME if MARIADB_HOME was not set
- CONC-548: Symbol conflict with libsodium
- CONC-490: Handshake error when CLIENT_CONNECT_WITH_DB flag was set without specifying database
- CONC-543: Hash functions conflict with GnuTLS
- CONC-539: Added cipher suites ECDHE-RSA-AES128-SHA256 (0xC027)
  and ECDHE-RSA-AES256-SHA384 (0xC028) to the cipher map which
  maps cipher suite names to the corresponding algorithm ids (Windows Schannel)
- CONC-535: Disabled checksum ignored in events (replication/ binlog API)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2266-1
Released:    Tue Jul  6 22:38:01 2021
Summary:     Recommended update for clamav
Type:        recommended
Severity:    important
References:  1187509
This update for clamav fixes the following issue:

- In the 'clamscan' and 'clamdscan' manpages, document that files over a certain size by default will silently not be 
  scanned and how this can be adjusted. (bsc#1187509)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2270-1
Released:    Wed Jul  7 17:20:31 2021
Summary:     Recommended update for migrate-sles-to-sles4sap
Type:        recommended
Severity:    important
References:  1171033,1187433
This update for migrate-sles-to-sles4sap fixes the following issues:

- Migrating SUSE Linux Enterprise Server to SUSE Linux Enterprise Server for SAP with SMT server fails. (bsc#1187433)
- Fix setup scripts URL. (bsc#1171033)
- Fix pattern to find release packages 

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2286-1
Released:    Fri Jul  9 17:38:53 2021
Summary:     Recommended update for dosfstools
Type:        recommended
Severity:    moderate
References:  1172863
This update for dosfstools fixes the following issue:

- Fixed a bug that was causing an installation issue when trying to create 
  an EFI partition on an NVMe-over-Fabrics device (bsc#1172863)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2287-1
Released:    Fri Jul  9 18:08:31 2021
Summary:     Recommended update for xorg-x11-server
Type:        recommended
Severity:    moderate
References:  1182955
This update for xorg-x11-server fixes the following issues:

- Fixes an issue where screen rotation was not working (bsc#1182955)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2290-1
Released:    Fri Jul  9 19:03:39 2021
Summary:     Recommended update for postgresql13
Type:        recommended
Severity:    moderate
References:  1183118,1187751

This update for postgresql13 fixes the following issue:

- reduce requirement of clang and llvm to recommends in 'postgresql13-server-devel'.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2293-1
Released:    Mon Jul 12 08:26:26 2021
Summary:     Security update for jdom2
Type:        security
Severity:    important
References:  1187446,CVE-2021-33813
This update for jdom2 fixes the following issues:

- CVE-2021-33813: XXE issue in SAXBuilder can cause a denial of service via a crafted HTTP request (bsc#1187446)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2314-1
Released:    Wed Jul 14 13:07:21 2021
Summary:     Recommended update for netcontrol
Type:        recommended
Severity:    moderate
References:  1179144
This update for netcontrol fixes the following issues:

- Fixed an issue when the interface list takes too long with many interfaces. (bsc#1179144)
- Install pkgconfig into libdir instead of datadir

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2320-1
Released:    Wed Jul 14 17:01:06 2021
Summary:     Security update for sqlite3
Type:        security
Severity:    important
References:  1157818,1158812,1158958,1158959,1158960,1159491,1159715,1159847,1159850,1160309,1160438,1160439,1164719,1172091,1172115,1172234,1172236,1172240,1173641,928700,928701,CVE-2015-3414,CVE-2015-3415,CVE-2019-19244,CVE-2019-19317,CVE-2019-19603,CVE-2019-19645,CVE-2019-19646,CVE-2019-19880,CVE-2019-19923,CVE-2019-19924,CVE-2019-19925,CVE-2019-19926,CVE-2019-19959,CVE-2019-20218,CVE-2020-13434,CVE-2020-13435,CVE-2020-13630,CVE-2020-13631,CVE-2020-13632,CVE-2020-15358,CVE-2020-9327
This update for sqlite3 fixes the following issues:

- Update to version 3.36.0
- CVE-2020-15358: heap-based buffer overflow in multiSelectOrderBy due to mishandling of query-flattener
  optimization (bsc#1173641)
- CVE-2020-9327: NULL pointer dereference and segmentation fault because of generated column optimizations in
  isAuxiliaryVtabOperator (bsc#1164719)
- CVE-2019-20218: selectExpander in select.c proceeds with WITH stack unwinding even after a parsing error (bsc#1160439)
- CVE-2019-19959: memory-management error via ext/misc/zipfile.c involving embedded '\0' input (bsc#1160438)
- CVE-2019-19923: improper handling  of  certain uses of SELECT DISTINCT in flattenSubquery may lead to null pointer
  dereference (bsc#1160309)
- CVE-2019-19924: improper error handling in sqlite3WindowRewrite() (bsc#1159850)
- CVE-2019-19925: improper handling of NULL pathname during an update of a ZIP archive (bsc#1159847)
- CVE-2019-19926: improper handling  of certain errors during parsing  multiSelect in select.c (bsc#1159715)
- CVE-2019-19880: exprListAppendList in window.c allows attackers to trigger an invalid pointer dereference
  (bsc#1159491)
- CVE-2019-19603: during handling of CREATE TABLE and CREATE VIEW statements, does not consider confusion with
  a shadow table name (bsc#1158960)
- CVE-2019-19646: pragma.c mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated
  columns (bsc#1158959)
- CVE-2019-19645: alter.c allows attackers to trigger infinite recursion via certain types of self-referential views
  in conjunction with ALTER TABLE statements (bsc#1158958)
- CVE-2019-19317: lookupName in resolve.c omits bits from the colUsed bitmask in the case of a generated column,
  which allows attackers to cause a denial of service (bsc#1158812)
- CVE-2019-19244: sqlite3,sqlite2,sqlite: The function sqlite3Select in select.c allows a crash if a
  sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage (bsc#1157818)
- CVE-2015-3415: sqlite3VdbeExec comparison operator vulnerability (bsc#928701)
- CVE-2015-3414: sqlite3,sqlite2: dequoting of collation-sequence names (bsc#928700)
- CVE-2020-13434: integer overflow in sqlite3_str_vappendf (bsc#1172115)
- CVE-2020-13630: (bsc#1172234: use-after-free in fts3EvalNextRow
- CVE-2020-13631: virtual table allowed to be renamed to one of its shadow tables (bsc#1172236)
- CVE-2020-13632: NULL pointer dereference via crafted matchinfo() query (bsc#1172240)
- CVE-2020-13435: Malicious SQL statements could have crashed the process that is running SQLite (bsc#1172091)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2322-1
Released:    Wed Jul 14 17:03:03 2021
Summary:     Security update for ffmpeg
Type:        security
Severity:    important
References:  1172640,1186406,1186583,1186586,1186587,1186596,1186597,1186598,1186600,1186603,1186604,1186605,1186613,1186614,1186615,1186616,1186658,1186660,1186757,1186758,1186762,1186763,CVE-2019-17539,CVE-2020-13904,CVE-2020-20448,CVE-2020-20451,CVE-2020-21041,CVE-2020-22015,CVE-2020-22016,CVE-2020-22017,CVE-2020-22019,CVE-2020-22020,CVE-2020-22021,CVE-2020-22022,CVE-2020-22023,CVE-2020-22025,CVE-2020-22026,CVE-2020-22031,CVE-2020-22032,CVE-2020-22033,CVE-2020-22034,CVE-2020-22038,CVE-2020-22039,CVE-2020-22043,CVE-2020-22044
This update for ffmpeg fixes the following issues:

- CVE-2020-13904: Fixed use-after-free via a crafted EXTINF duration in an m3u8 file (bsc#1172640).
- CVE-2020-21041: Fixed buffer overflow vulnerability via apng_do_inverse_blend in libavcodec/pngenc.c  (bsc#1186406).
- CVE-2019-17539: Fixed NULL pointer dereference in avcodec_open2 in libavcodec/utils.c (bsc# 1154065).
- CVE-2020-22026: Fixed buffer overflow vulnerability in config_input() at libavfilter/af_tremolo.c (bsc#1186583).
- CVE-2020-22021: Fixed buffer overflow vulnerability in filter_edges function in libavfilter/vf_yadif.c (bsc#1186586).
- CVE-2020-22020: Fixed buffer overflow vulnerability in build_diff_map() in libavfilter/vf_fieldmatch.c (bsc#1186587).
- CVE-2020-22015: Fixed buffer overflow vulnerability in mov_write_video_tag() due to the out of bounds in libavformat/movenc.c (bsc#1186596).
- CVE-2020-22016: Fixed a heap-based Buffer Overflow vulnerability at libavcodec/get_bits.h when writing .mov files (bsc#1186598).
- CVE-2020-22017: Fixed a heap-based Buffer Overflow vulnerability in ff_fill_rectangle() in libavfilter/drawutils.c (bsc#1186600).
- CVE-2020-22022: Fixed a heap-based Buffer Overflow vulnerability in filter_frame at libavfilter/vf_fieldorder.c (bsc#1186603).
- CVE-2020-22023: Fixed a heap-based Buffer Overflow vulnerability in filter_frame at libavfilter/vf_bitplanenoise.c (bsc#1186604)
- CVE-2020-22025: Fixed a heap-based Buffer Overflow vulnerability in gaussian_blur at libavfilter/vf_edgedetect.c (bsc#1186605).
- CVE-2020-22031: Fixed a heap-based Buffer Overflow vulnerability at libavfilter/vf_w3fdif.c in filter16_complex_low() (bsc#1186613).
- CVE-2020-22032: Fixed a heap-based Buffer Overflow vulnerability at libavfilter/vf_edgedetect.c in gaussian_blur() (bsc#1186614).
- CVE-2020-22034: Fixed a heap-based Buffer Overflow vulnerability at libavfilter/vf_floodfill.c (bsc#1186616).
- CVE-2020-20451: Fixed denial of service issue due to resource management errors via fftools/cmdutils.c (bsc#1186658).
- CVE-2020-20448: Fixed divide by zero issue via libavcodec/ratecontrol.c (bsc#1186660).
- CVE-2020-22038: Fixed denial of service vulnerability due to a memory leak in the ff_v4l2_m2m_create_context function in v4l2_m2m.c (bsc#1186757).
- CVE-2020-22039: Fixed denial of service vulnerability due to a memory leak in the inavi_add_ientry function (bsc#1186758).
- CVE-2020-22043: Fixed denial of service vulnerability due to a memory leak at the fifo_alloc_common function in libavutil/fifo.c (bsc#1186762).
- CVE-2020-22044: Fixed denial of service vulnerability due to a memory leak in the url_open_dyn_buf_internal function in libavformat/aviobuf.c (bsc#1186763).
- CVE-2020-22033,CVE-2020-22019: Fixed a heap-based Buffer Overflow Vulnerability at libavfilter/vf_vmafmotion.c in convolution_y_8bit() and in convolution_y_10bit() in libavfilter/vf_vmafmotion.c (bsc#1186615, bsc#1186597).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2351-1
Released:    Thu Jul 15 13:48:23 2021
Summary:     Recommended update for mgetty
Type:        recommended
Severity:    low
References:  1184124
This update for mgetty fixes the following issues:

- Link /usr/bin/newslock as PIE. (bsc#1184124)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2393-1
Released:    Mon Jul 19 09:01:49 2021
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    important
References:  1188275,CVE-2021-29970,CVE-2021-29976,CVE-2021-30547
This update for MozillaFirefox fixes the following issues:

Firefox Extended Support Release 78.12.0 ESR

* Fixed: Various stability, functionality, and security fixes

MFSA 2021-29 (bsc#1188275)

* CVE-2021-29970 (bmo#1709976): Use-after-free in accessibility features of a document
* CVE-2021-30547 (bmo#1715766): Out of bounds write in ANGLE
* CVE-2021-29976 (bmo#1700895, bmo#1703334, bmo#1706910, bmo#1711576, bmo#1714391): Memory safety bugs fixed in Firefox 90 and Firefox ESR 78.12

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2395-1
Released:    Mon Jul 19 12:08:34 2021
Summary:     Recommended update for efivar
Type:        recommended
Severity:    moderate
References:  1187386
This update for efivar provides the following fix:

- Fix the eMMC sysfs parsing. (bsc#1187386)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2412-1
Released:    Tue Jul 20 15:25:21 2021
Summary:     Security update for containerd
Type:        security
Severity:    moderate
References:  1188282,CVE-2021-32760
This update for containerd fixes the following issues:

- CVE-2021-32760: Fixed a bug which allows untrusted container images to change permissions in the host's filesystem. (bsc#1188282)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2444-1
Released:    Wed Jul 21 15:53:37 2021
Summary:     Recommended update for autogen
Type:        recommended
Severity:    low
References:  1047218
This update for autogen fixes the following issue:

This update doesn't solve any visible issue to final users but it makes the builds reproducible. (bsc#1047218)

In particular:

- it normalize 'tar'
- it normalize date in 'man-pages' 
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2447-1
Released:    Thu Jul 22 08:26:29 2021
Summary:     Recommended update for hwdata
Type:        recommended
Severity:    moderate
References:  1186749,1187948
This update for hwdata fixes the following issue:

- Version 0.349: Updated pci, usb and vendor ids (bsc#1187948).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2454-1
Released:    Thu Jul 22 13:16:58 2021
Summary:     Security update for transfig
Type:        security
Severity:    moderate
References:  1143650,1159130,1159293,1161698,1186329,CVE-2019-14275,CVE-2019-19555,CVE-2019-19746,CVE-2019-19797,CVE-2021-3561
This update for transfig fixes the following issues:

Update to version 3.2.8, including fixes for

- CVE-2021-3561: overflow in fig2dev/read.c in function read_colordef() (bsc#1186329).
- CVE-2019-19797: out-of-bounds write in read_colordef in read.c (bsc#1159293).
- CVE-2019-19555: stack-based buffer overflow because of an incorrect sscanf (bsc#1161698).
- CVE-2019-19746: segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type (bsc#1159130).
- CVE-2019-14275: stack-based buffer overflow in the calc_arrow function in bound.c (bsc#1143650).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2455-1
Released:    Thu Jul 22 15:28:19 2021
Summary:     Recommended update for php7-pear
Type:        recommended
Severity:    moderate
References:  1187372
This update for php7-pear fixes the following issues:

- Fix for an issue when php-pear provides error messages with invalid variables. (bsc#1187372)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2456-1
Released:    Thu Jul 22 15:28:39 2021
Summary:     Recommended update for pam-config
Type:        recommended
Severity:    moderate
References:  1187091
This update for pam-config fixes the following issues:

- Add 'revoke' to the option list for 'pam_keyinit'.
- Fixed an issue when pam-config fails to create a new service config file. (bsc#1187091)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2457-1
Released:    Thu Jul 22 18:05:53 2021
Summary:     Security update for wireshark
Type:        security
Severity:    moderate
References:  1186790
This update for wireshark fixes the following issues:

Update wireshark to 3.4.6.

Including a fix for:

- DVB-S2-BB dissector infinite loop (bsc#1186790).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2458-1
Released:    Thu Jul 22 18:08:47 2021
Summary:     Security update for MozillaThunderbird
Type:        security
Severity:    important
References:  1188275,CVE-2021-29969,CVE-2021-29970,CVE-2021-29976,CVE-2021-30547
This update for MozillaThunderbird fixes the following issues:

Mozilla Thunderbird 78.12

  * fixed: Sending an email containing HTML links with spaces in
    the URL sometimes resulted in broken links
  * fixed: Folder Pane display theme fixes for macOS
  * fixed: Chat account settings did not always save as expected
  * fixed: RSS feed subscriptions sometimes lost
  * fixed: Calendar: A parsing error for alarm triggers of type
    'DURATION' caused sync problems for some users
  * fixed: Various security fixes

MFSA 2021-30 (bsc#1188275)

* CVE-2021-29969: IMAP server responses sent by a MITM prior to STARTTLS could be processed
* CVE-2021-29970: Use-after-free in accessibility features of a document
* CVE-2021-30547: Out of bounds write in ANGLE
* CVE-2021-29976: Memory safety bugs fixed in Thunderbird 78.12

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2463-1
Released:    Fri Jul 23 12:56:22 2021
Summary:     Recommended update for python-pyzmq
Type:        recommended
Severity:    moderate
References:  1186945
This update for python-pyzmq fixes the following issues:

- Update to version 17.1.2 (bsc#1186945)
  * Fix possible hang when working with asyncio
  * Remove some outdated workarounds for old Cython versions
  * Fix some compilation with custom compilers
  * Remove unneeded link of libstdc++ on PyPy

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2464-1
Released:    Fri Jul 23 14:20:23 2021
Summary:     Recommended update for shim
Type:        recommended
Severity:    moderate
References:  1185232,1185261,1185441,1185464,1185961,1187071,1187260,1187696
This update for shim fixes the following issues:

- shim-install: Always assume 'removable' for Azure to avoid the endless reset loop (bsc#1185464)
- Avoid deleting the mirrored RT variables (bsc#1187696)
- Split the keys in vendor-dbx.bin to vendor-dbx-sles and
  vendor-dbx-opensuse for shim-sles and shim-opensuse to reduce
  the size of MokListXRT (bsc#1185261)
  + Also update generate-vendor-dbx.sh in dbx-cert.tar.xz
- Handle ignore_db and user_insecure_mode correctly (bsc#1185441, bsc#1187071)
- Relax the maximum variable size check for u-boot (bsc#1185621)
- Relax the check for import_mok_state() when Secure Boot is off. (bsc#1185261)
- Ignore the odd LoadOptions length (bsc#1185232)
- shim-install: reset def_shim_efi to 'shim.efi' if the given file doesn't exist
- Fided the size of rela sections for AArch64
- Disable exporting vendor-dbx to MokListXRT since writing a large RT variable could crash some machines (bsc#1185261)
- Avoid potential crash when calling QueryVariableInfo in EFI 1.10 machines (bsc#1187260)
- Avoid buffer overflow when copying data to the MOK config table (bsc#1185232)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2467-1
Released:    Mon Jul 26 11:57:11 2021
Summary:     Recommended update for jsch
Type:        recommended
Severity:    low
References:  
This update for jsch fixes the following issues:

- Miscellaneous clean-up
- Create the osgi manifest during the ant build.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2475-1
Released:    Tue Jul 27 13:03:29 2021
Summary:     Recommended update for novnc
Type:        recommended
Severity:    important
References:  1183291
This update for novnc fixes the following issues:

- Update to 1.2.0:
    * Quality and compression hints can now be modified dynamically
    * Added touch gestures to emulate common mouse actions
    * Support for full Unicode in clipboard
    * Support for VeNCrypt Plain authentication
    * Support for TightVNC Unix authentication
    * Support for alpha cursors
    * The session name is now updated whilst connected

- Update to 1.1.0:
  Application:
    * New translations for Russian, Korean, Czech and Chinese (traditional) languages
    * Fixed an issue where you didn't get scrollbars in your browser on Windows you had a touch screen.
    * Added the Super/Windows key to the toolbar.
    * Added an option to show a dot when there otherwise wouldn't be a visible cursor.
    * View drag is no longer available when in scaling mode.
  Library:
    * A large number of coding style changes has been made to make the code easier to read and better to work with.
    * Many keyboard issues has been fixed.
    * Local cursor is now available on all platforms.
    * Fixed a number of crashes related to clipboard.
    * Fixed issues that occurred if data from the server was being received slowly.
    * A problem has been fixed where the display module would incorrectly handle high DPI systems causing scrollbars to show when they shouldn't.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2477-1
Released:    Tue Jul 27 13:32:50 2021
Summary:     Recommended update for growpart-rootgrow
Type:        recommended
Severity:    important
References:  1165198,1188179
This update for growpart-rootgrow fixes the following issues:

- Change the logic to determine the partition ID of the root filesystem
  (bsc#1188179)
  + Previously the algorithm depended on the order of the output
  from lsblk using an index to keep track of the known partitions.
  The new implementation is order independent, it depends on the
  partition ID being numerical in nature and at the end of the device
  string.

- Add coverage config.
  Omit version module from coverage check.

- Fix string formatting for flake8 formatting.

- Replace travis testing with GitHub actions.
  Add ci testing workflow action.

- Switch implementation to use Popen for Python 3.4 compatibility (bsc#1165198)

- Bump version: 1.0.2 → 1.0.3

- Fixed unit tests and style
  This clobbers several fixes into one. Sorry about it but I
  started on already made changes done by other people.
  This commit includes several pep8 style fixes mostly on
  the indentation level. In addition it fixes the unit
  tests to really cover all code and to make the exception
  tests really effective.

- Switch to use Popen instead of run
  The run() fuction in the subprocess module was implemented after
  Python 3.4. However, we need to support Python 3.4 for SLES 12

- Bump version: 1.0.1 → 1.0.2

- Package LICENSE file
  The LICENSE file is part of the source repo but was not
  packaged with the rpm package

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2481-1
Released:    Tue Jul 27 14:20:27 2021
Summary:     Recommended update for sysconfig
Type:        recommended
Severity:    moderate
References:  1184124
This update for sysconfig fixes the following issues:

- Link as Position Independent Executable (bsc#1184124).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2555-1
Released:    Thu Jul 29 08:29:55 2021
Summary:     Security update for git
Type:        security
Severity:    moderate
References:  1168930,1183026,1183580,CVE-2021-21300
This update for git fixes the following issues:

Update from version 2.26.2 to version 2.31.1 (jsc#SLE-18152)

Security fixes:

- CVE-2021-21300: On case-insensitive file systems with support for symbolic links, if Git is configured globally 
  to apply delay-capable clean/smudge filters (such as Git LFS), Git could run remote code during a clone. (bsc#1183026)

Non security changes:

- Add `sysusers` file to create `git-daemon` user.
- Remove `perl-base` and `openssh-server` dependency on `git-core`and provide a `perl-Git` package. (jsc#SLE-17838)
- `fsmonitor` bug fixes
- Fix `git bisect` to take an annotated tag as a good/bad endpoint
- Fix a corner case in `git mv` on case insensitive systems
- Require only `openssh-clients` where possible (like Tumbleweed or SUSE Linux Enterprise >= 15 SP3). (bsc#1183580)
- Drop `rsync` requirement, not necessary anymore.
- Use of `pack-redundant` command is discouraged and will trigger a warning. The replacement is `repack -d`.
- The `--format=%(trailers)` mechanism gets enhanced to make it easier to design output for machine consumption.
- No longer give message to choose between rebase or merge upon pull if the history `fast-forwards`.
- The configuration variable `core.abbrev` can be set to `no` to force no abbreviation regardless of the hash algorithm
- `git rev-parse` can be explicitly told to give output as absolute or relative path with the 
  `--path-format=(absolute|relative)` option.
- Bash completion update to make it easier for end-users to add completion for their custom `git` subcommands.
- `git maintenance` learned to drive scheduled maintenance on platforms whose native scheduling methods are not 'cron'.
- After expiring a reflog and making a single commit, the reflog for the branch would record a single entry that 
  knows both `@{0}` and `@{1}`, but we failed to answer 'what commit were we on?', i.e. `@{1}`
- `git bundle` learns `--stdin` option to read its refs from the standard input.  
  Also, it now does not lose refs when they point at the same object.
- `git log` learned a new `--diff-merges=<how>` option.
- `git ls-files` can and does show multiple entries when the index is unmerged, which is a source for confusion 
  unless `-s/-u` option is in use.  A new option `--deduplicate` has been introduced.
- `git worktree list` now annotates worktrees as prunable, shows locked and prunable attributes 
  in `--porcelain mode`, and gained a `--verbose` option.
- `git clone` tries to locally check out the branch pointed at by HEAD of the remote repository after it 
  is done, but the protocol did not convey the information necessary to do so when copying an empty repository.  
  The protocol v2 learned how to do so.
- There are other ways than `..` for a single token to denote a `commit range', namely `<rev>^!` 
   and `<rev>^-<n>`, but `git range-diff` did not understand them.
- The `git range-diff` command learned `--(left|right)-only` option to show only one side of the compared range.
- `git mergetool` feeds three versions (base, local and remote) of a conflicted path unmodified. 
  The command learned to optionally prepare these files with unconflicted parts already resolved.
- The `.mailmap` is documented to be read only from the root level of a working tree, but a stray file 
  in a bare repository also was read by accident, which has been corrected.
- `git maintenance` tool learned a new `pack-refs` maintenance task.
- Improved error message given when a configuration variable that is expected to have a boolean value.
- Signed commits and tags now allow verification of objects, whose two object names 
  (one in SHA-1, the other in SHA-256) are both signed.
- `git rev-list` command learned `--disk-usage` option.
- `git diff`, `git log` `--{skip,rotate}-to=<path>` allows the user to discard diff output for early 
  paths or move them to the end of the output.
- `git difftool` learned `--skip-to=<path>` option to restart an interrupted session from an arbitrary path.
- `git grep` has been tweaked to be limited to the sparse checkout paths.
- `git rebase --[no-]fork-point` gained a configuration variable `rebase.forkPoint` so that users do not have 
  to keep specifying a non-default setting.
- `git stash` did not work well in a sparsely checked out working tree.
- Newline characters in the host and path part of `git://` URL are now forbidden.
- `Userdiff` updates for PHP, Rust, CSS
- Avoid administrator error leading to data loss with `git push --force-with-lease[=<ref>]` by 
  introducing `--force-if-includes`
- only pull `asciidoctor` for the default ruby version
- The `--committer-date-is-author-date` option of `rebase` and `am` subcommands lost the e-mail address by 
  mistake in 2.29
- The transport protocol v2 has become the default again
- `git worktree` gained a `repair` subcommand, `git init --separate-git-dir` no longer corrupts administrative data 
  related to linked worktrees
- `git maintenance` introduced for repository maintenance tasks
- `fetch.writeCommitGraph` is deemed to be still a bit too risky and is no longer part of the 
  `feature.experimental` set.
- The commands in the `diff` family honors the `diff.relative` configuration variable.
- `git diff-files` has been taught to say paths that are marked as `intent-to-add` are new files, 
  not modified from an empty blob.
- `git gui` now allows opening work trees from the start-up dialog.
- `git bugreport` reports what shell is in use.
- Some repositories have commits that record wrong committer timezone; `git fast-import` has an option to pass 
  these timestamps intact to allow recreating existing repositories as-is.
- `git describe` will always use the `long` version when giving its output based misplaced tags 
- `git pull` issues a warning message until the `pull.rebase` configuration variable is explicitly given
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2558-1
Released:    Thu Jul 29 12:05:03 2021
Summary:     Recommended update for python-pytz
Type:        recommended
Severity:    moderate
References:  1185748
This update for python-pytz fixes the following issues:

- Add %pyunittest shim for platforms where it is missing.
- Remove real directory of %{python_sitelib}/pytz/zoneinfo when upgrading, before it is replaced by a symlink. (bsc#1185748)
- Bump tzdata_version
- update to 2021.1:
  * update to IANA 2021a timezone release 

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2568-1
Released:    Thu Jul 29 14:18:37 2021
Summary:     Recommended update for open-vm-tools
Type:        recommended
Severity:    moderate
References:  1029961,1185103,1185175,1187567
This update for open-vm-tools fixes the following issues:

Update to 11.3.0 (bsc#1187567)

- Reduce or eliminate Linux dependency on the 'net-tools' package. 
  - The 'ifconfig' and 'netstat' commands are deprecated in more recent releases of Linux. 
  Update the Linux 'vm-support' script to use the 'ip' and 'ss' commands when available.
  If the new commands are missing a fallback will be used. In Particular, 'ip' has a fallback on 'ifconfig', 
  'ip route' will fallback on 'route' and 'ss' will fallback on 'netstat'.
- Configuring OVT with the '--without-pam' option will implicitly disable 'vgauth'.
  - When no 'vgauth' option is given alongside '--without-pam', a warning is displayed with a 
  message 'Building without PAM; vgauth will be disabled.'.
  - When '--disable-vgauth' is supplied alongside '--without-pam', no warning or error message is displayed.
  - When '--enable-vgauth' is supplied alongside '--without-pam', an error will be shown and the configure 
  stage will be aborted with an error message 
  'Cannot enable vgauth without PAM. Please configure without --without-pam or without --enable-vgauth.'
- Fix issues using GCC 11 with gtk >= 3.20 and glib >=2.66.3
- Fix more GCC 11 failures. (bsc#1185103)
- Update the 'FreeBSD' specific sections of 'open-vm-tools' to adjust what necessary for 'ARM64'.
- New command line tool 'vmwgfxctrl' introduced in 'open-vm-tools'.
  - A user can now control various aspects of the 'vmwgfx' Linux kernel module. 
  Currently it can both display and set the current topology of the 'vmwgfx' kernel driver. 
  It is useful when trying to configure custom resolutions on recent Linux distributions, 
  including multi-monitor setups.
- New command line tool 'vmware-alias-import' added to 'open-vm-tools' that can be used to import 'vgauth' 
  config data and apply it to the running 'vgauth' service.
- Enhancements to support or utilize various vSphere features.
- In 'vmtoolsd.service' move the deprecated path '/var/run' to '/run' for it's 'PID' file. (bsc#1185175)
- Finalize the 'UsrMerge'. (bsc#1029961)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2573-1
Released:    Thu Jul 29 14:21:52 2021
Summary:     Recommended update for timezone
Type:        recommended
Severity:    moderate
References:  1188127
This update for timezone fixes the following issue:
- From systemd v249: when enumerating time zones the timedatectl tool will now consult the 'tzdata.zi' file shipped by
the IANA time zone database package, in addition to 'zone1970.tab', as before. This makes sure time zone aliases are
now correctly supported. This update adds the 'tzdata.zi' file (bsc#1188127).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2579-1
Released:    Sun Aug  1 15:57:01 2021
Summary:     Recommended update for rust, rust1.43, rust1.53
Type:        recommended
Severity:    moderate
References:  
This update for rust, rust1.43, rust1.53 fixes the following issues:

This will ship multiple rust versions.

- rust1.43: for Firefox ESR
- rust1.53: The current rust release

The 'rust' package itself will be a wrapper package.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2602-1
Released:    Wed Aug  4 08:45:01 2021
Summary:     Recommended update for amazon-ecs-init
Type:        recommended
Severity:    moderate
References:  1187662
This update for amazon-ecs-init fixes the following issues:

- Update to version 1.53.0-1 (bsc#1187662)
  * Cache Agent version 1.53.0
- from version 1.52.2-2
  * Cache Agent version 1.52.2
  * ecs-anywhere-install: fix incorrect download url when running in cn region
- from version 1.52.2-1
  * Cache Agent version 1.52.2
  * ecs-anywhere-install: remove dependency on gpg key server
  * ecs-anywhere-install: allow sandboxed apt installations

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2606-1
Released:    Wed Aug  4 13:16:09 2021
Summary:     Recommended update for libcbor
Type:        recommended
Severity:    moderate
References:  1102408
This update for libcbor fixes the following issues:

- Implement a fix to avoid building shared library twice. (bsc#1102408)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2612-1
Released:    Thu Aug  5 10:17:44 2021
Summary:     Security update for apache-commons-compress
Type:        security
Severity:    important
References:  1188463,1188464,1188465,1188466,CVE-2021-35515,CVE-2021-35516,CVE-2021-35517,CVE-2021-36090
This update for apache-commons-compress fixes the following issues:

- Updated to 1.21
- CVE-2021-35515: Fixed an infinite loop when reading a specially crafted 7Z archive. (bsc#1188463)
- CVE-2021-35516: Fixed an excessive memory allocation when reading a specially crafted 7Z archive. (bsc#1188464)
- CVE-2021-35517: Fixed an excessive memory allocation when reading a specially crafted TAR archive. (bsc#1188465)
- CVE-2021-36090: Fixed an excessive memory allocation when reading a specially crafted ZIP archive. (bsc#1188466)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2619-1
Released:    Thu Aug  5 10:35:15 2021
Summary:     Security update for djvulibre
Type:        security
Severity:    important
References:  1187869,CVE-2021-3630
This update for djvulibre fixes the following issues:

- CVE-2021-3630: out-of-bounds write in DJVU:DjVuTXT:decode() in DjVuText.cpp (bsc#1187869)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2625-1
Released:    Thu Aug  5 12:10:27 2021
Summary:     Recommended update for supportutils
Type:        recommended
Severity:    moderate
References:  1185991,1185993,1186347,1186397,1186687,1188348
This update for supportutils fixes the following issues:

ethtool was updated to version 3.1.17:

- Solve a downgrade issue between SUSE Linux Enterprise SP3 and lower (bsc#1188348)
- Adding ethtool options g l m to network.txt (jsc#SLE-18240)
- lsof options to improve performance (bsc#1186687)
- Exclude rhn.conf from etc.txt (bsc#1186347)
- analyzevmcore supports local directories (bsc#1186397)
- getappcore checks for valid compression binary (bsc#1185991)
- getappcore does not trigger errors with help message (bsc#1185993)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2627-1
Released:    Thu Aug  5 12:10:46 2021
Summary:     Recommended maintenance update for systemd-default-settings
Type:        recommended
Severity:    moderate
References:  1188348
This update for systemd-default-settings fixes the following issue:

- Solve a downgrade issue between SUSE Linux Enterprise SP3 and lower (bsc#1188348)
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2640-1
Released:    Fri Aug  6 13:25:58 2021
Summary:     Recommended update for cloud-regionsrv-client
Type:        recommended
Severity:    moderate
References:  1029162
This update for cloud-regionsrv-client contains the following fix:

- Update to version 9.2.0: (bsc#1029162)
  + Support IPv6 as best-effort, with fallback to IPv4
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2652-1
Released:    Wed Aug 11 13:25:42 2021
Summary:     Recommended update for cloud-regionsrv
Type:        recommended
Severity:    moderate
References:  1029162
This update for cloud-regionsrv contains the following fix:

- Update to version 8.1.0: (bsc#1029162)
  + Enable multiple IP assignments (IPv4+IPv6) on TLS Certificate

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2681-1
Released:    Thu Aug 12 14:59:06 2021
Summary:     Recommended update for growpart-rootgrow
Type:        recommended
Severity:    important
References:  1188868,1188904
This update for growpart-rootgrow fixes the following issues:

- Fix root partition ID lookup. Only consider trailing digits to be part of the paritition ID. (bsc#1188868) (bsc#1188904)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2682-1
Released:    Thu Aug 12 20:06:19 2021
Summary:     Security update for rpm
Type:        security
Severity:    important
References:  1179416,1181805,1183543,1183545,CVE-2021-20266,CVE-2021-20271,CVE-2021-3421
This update for rpm fixes the following issues:

- Changed default package verification level to 'none' to be compatible to rpm-4.14.1
- Made illegal obsoletes a warning
- Fixed a potential access of freed mem in ndb's glue code (bsc#1179416)
- Added support for enforcing signature policy and payload verification step to
  transactions (jsc#SLE-17817)
- Added :humansi and :hmaniec query formatters for human readable output
- Added query selectors for whatobsoletes and whatconflicts
- Added support for sorting caret higher than base version
- rpm does no longer require the signature header to be in a contiguous
  region when signing (bsc#1181805)

Security fixes:

- CVE-2021-3421: A flaw was found in the RPM package in the read functionality. This flaw allows an
  attacker who can convince a victim to install a seemingly verifiable package or compromise an RPM
  repository, to cause RPM database corruption. The highest threat from this vulnerability is to
  data integrity (bsc#1183543)

- CVE-2021-20271: A flaw was found in RPM's signature check functionality when reading a package file.
  This flaw allows an attacker who can convince a victim to install a seemingly verifiable package,
  whose signature header was modified, to cause RPM database corruption and execute code. The highest
  threat from this vulnerability is to data integrity, confidentiality, and system availability (bsc#1183545)

- CVE-2021-20266: A flaw was found in RPM's hdrblobInit() in lib/header.c. This flaw allows an attacker
  who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability
  is to system availability.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2688-1
Released:    Sat Aug 14 10:18:12 2021
Summary:     Recommended update for patterns-base, patterns-server-enterprise, sles15-image
Type:        recommended
Severity:    moderate
References:  1183154
This update for patterns-base, patterns-server-enterprise, sles15-image fixes the following issues:

- Add pattern to install necessary packages for FIPS (bsc#1183154)
- Add patterns-base-fips to work also in FIPS environments (bsc#1183154)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2760-1
Released:    Tue Aug 17 17:11:14 2021
Summary:     Security update for c-ares
Type:        security
Severity:    important
References:  1188881,CVE-2021-3672
This update for c-ares fixes the following issues:

Version update to git snapshot 1.17.1+20200724:

- CVE-2021-3672: fixed missing input validation on hostnames returned by DNS servers (bsc#1188881)
- If ares_getaddrinfo() was terminated by an ares_destroy(), it would cause crash
- Crash in sortaddrinfo() if the list size equals 0 due to an unexpected DNS response
- Expand number of escaped characters in DNS replies as per RFC1035 5.1 to prevent spoofing
- Use unbuffered /dev/urandom for random data to prevent early startup performance issues

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2764-1
Released:    Tue Aug 17 17:17:17 2021
Summary:     Security update for libsndfile
Type:        security
Severity:    critical
References:  1100167,1116993,1117954,1188540,CVE-2018-13139,CVE-2018-19432,CVE-2018-19758,CVE-2021-3246
This update for libsndfile fixes the following issues:

- CVE-2018-13139: Fixed a stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. (bsc#1100167)
- CVE-2018-19432: Fixed a NULL pointer dereference in the function sf_write_int in sndfile.c, which will lead to a denial of service. (bsc#1116993)
- CVE-2021-3246: Fixed a heap buffer overflow vulnerability in msadpcm_decode_block. (bsc#1188540)
- CVE-2018-19758: Fixed a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service. (bsc#1117954)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2774-1
Released:    Thu Aug 19 13:49:30 2021
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    important
References:  1188891,CVE-2021-29980,CVE-2021-29984,CVE-2021-29985,CVE-2021-29986,CVE-2021-29988,CVE-2021-29989
This update for MozillaFirefox fixes the following issues:

Firefox Extended Support Release 78.13.0 ESR (MFSA 2021-34, bsc#1188891):

- CVE-2021-29986: Race condition when resolving DNS names could have led to memory corruption
- CVE-2021-29988: Memory corruption as a result of incorrect style treatment
- CVE-2021-29984: Incorrect instruction reordering during JIT optimization
- CVE-2021-29980: Uninitialized memory in a canvas object could have led to memory corruption
- CVE-2021-29985: Use-after-free media channels
- CVE-2021-29989: Memory safety bugs fixed in Firefox 91 and Firefox ESR 78.13

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2778-1
Released:    Thu Aug 19 15:19:52 2021
Summary:     Recommended update for compat-libpthread-nonshared
Type:        recommended
Severity:    moderate
References:  1188004
This update for compat-libpthread-nonshared fixes the following issues:

- Add build for 32-bit version for Oracle client. (bsc#1188004)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2781-1
Released:    Thu Aug 19 18:54:14 2021
Summary:     Recommended update for psqlODBC
Type:        recommended
Severity:    moderate
References:  
This update for psqlODBC fixes the following issues:

- Update to 13.01.0000:
  * Fix a bug of CC_send_query_append() when the ignore_roundtrip_time flag is on.
  * Add a call for SQLDescribeCol() before SQLExecute() to prepare-test.
  * Add a *update returning* test case to insertreturning regression test.
  * Let SQLDescribeCol() use parsed result when the current executed result is NULL.
  * Let SQLExecute() destroy the old result first.
  * Forget to apply disable_convert_func flag to VARCHAR and LONGVARCHAR.
  * Prioritize DISABLE_KEEPALIVE checkbox over the disable_keepalive bit of ExtraOptions.
  * Format check for ExtraOptions of setup dialog.

- Update to 13.00.0000:
  * Add support for CONVERT scalar function.
  * Cope with the case that openssl libraries link msvc runtimes other than libraries which psqlodbc or libpq links.
  * Call AC_CHECK_SIZEOF() or AC_CHECK_TYPES() macros at earlier stage where LIBS variable isn't set yet.
  * Fix a compilation error with GCC 10 due to conflicting variable names.
  * Remove curr_param_result property of StatementClass and separate parsed result from the exec result.
  * Add support for development with VC16(Visual Studio 2019).
  * Hold the first and last result for parametrized SQL statements with array of parameters.
  * This would improve the performance of bulk inserts/updates etc.
  * Revise the handling of QResultClass list.
  * Introduce macros QR_concat(), QR_detach() and QR_next().
  * Correct the handling of SQL_ROW_ERROR and SQL_ROW_SUCCESS_WITH_INFO.
  * Remove the single table restriction in SC_set_SS_columnkey.
  * Improve error reporting about SC_pos_reload_needed().

- Update to 12.02.0000:
  * Add a new *Display Optional Error Message* option.
  * Handle notice messages in libpq_bind_and_exec().
  * Ignore PQtransactionStatus PQTRANS_ACTIVE in LIBPQ_update_transaction_status(). PQTRANS_ACTIVE isn't a transaction status.
  * Improve execution of parameterized SQL statements with arrays
  * Add a new option IgnoreTimeout.
  * An improvement for psqlodbc developpers. Make it possible to call some shell scripts from other directories. 

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2791-1
Released:    Fri Aug 20 10:14:13 2021
Summary:     Security update for fetchmail
Type:        security
Severity:    moderate
References:  1188034,1188875,CVE-2021-36386
This update for fetchmail fixes the following issues:

- CVE-2021-36386: Fixed a missing variable initialization that can cause read from bad memory locations. (bsc#1188875)
- Change PASSWORDLEN from 64 to 256 (bsc#1188034)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2792-1
Released:    Fri Aug 20 10:18:15 2021
Summary:     Security update for libass
Type:        security
Severity:    important
References:  1188539,CVE-2020-36430
This update for libass fixes the following issues:

- CVE-2020-36430: Fixed heap-based buffer overflow in decode_chars (bsc#1188539).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2793-1
Released:    Fri Aug 20 10:22:53 2021
Summary:     Security update for openexr
Type:        security
Severity:    important
References:  1188457,1188458,1188459,1188460,1188461,1188462,CVE-2021-20298,CVE-2021-20299,CVE-2021-20300,CVE-2021-20302,CVE-2021-20303,CVE-2021-20304,CVE-2021-3476
This update for openexr fixes the following issues:

- CVE-2021-20298 [bsc#1188460]: Fixed Out-of-memory in B44Compressor
- CVE-2021-20299 [bsc#1188459]: Fixed Null-dereference READ in Imf_2_5:Header:operator
- CVE-2021-20300 [bsc#1188458]: Fixed Integer-overflow in Imf_2_5:hufUncompress
- CVE-2021-20302 [bsc#1188462]: Fixed Floating-point-exception in Imf_2_5:precalculateTileInfot
- CVE-2021-20303 [bsc#1188457]: Fixed Heap-buffer-overflow in Imf_2_5::copyIntoFrameBuffer
- CVE-2021-20304 [bsc#1188461]: Fixed Undefined-shift in Imf_2_5:hufDecode

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2794-1
Released:    Fri Aug 20 10:25:35 2021
Summary:     Security update for aspell
Type:        security
Severity:    important
References:  1177523,1188576,CVE-2019-25051
This update for aspell fixes the following issues:

- CVE-2019-25051: Fixed heap-buffer-overflow in acommon:ObjStack:dup_top (bsc#1188576).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2798-1
Released:    Fri Aug 20 10:37:58 2021
Summary:     Security update for java-1_8_0-openjdk
Type:        security
Severity:    important
References:  1185056,1188564,1188565,1188566,CVE-2021-2161,CVE-2021-2341,CVE-2021-2369,CVE-2021-2388
This update for java-1_8_0-openjdk fixes the following issues:

- Update to version jdk8u302 (icedtea 3.20.0)
- CVE-2021-2341: Improve file transfers. (bsc#1188564)
- CVE-2021-2369: Better jar file validation. (bsc#1188565)
- CVE-2021-2388: Enhance compiler validation. (bsc#1188566)
- CVE-2021-2161: Less ambiguous processing. (bsc#1185056)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2802-1
Released:    Fri Aug 20 10:47:08 2021
Summary:     Security update for libmspack
Type:        security
Severity:    moderate
References:  1103032,CVE-2018-14679,CVE-2018-14681,CVE-2018-14682
This update for libmspack fixes the following issues:

- CVE-2018-14681: Bad KWAJ file header extensions could cause a one or two byte overwrite. (bsc#1103032)
- CVE-2018-14682: There is an off-by-one error in the TOLOWER() macro for CHM decompression. (bsc#1103032)
- CVE-2018-14679: There is an off-by-one error in the CHM PMGI/PMGL chunk number validity checks, which could lead to denial of service. (bsc#1103032)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2812-1
Released:    Mon Aug 23 12:17:44 2021
Summary:     Security update for libvirt
Type:        security
Severity:    moderate
References:  1184253,1187871,1188232,1188843,CVE-2021-3631,CVE-2021-3667
This update for libvirt fixes the following issues:

Security issues fixed:

- CVE-2021-3631: fix SELinux label generation logic (bsc#1187871)
- CVE-2021-3667: Unlock object on ACL fail in storagePoolLookupByTargetPath (bsc#1188843)

Non-security issues fixed:

- virtlockd: Don't report error if lockspace exists (bsc#1184253)
- Don't forcibly remove '--listen' arg from /etc/sysconfig/libvirtd. Add '--timeout 120' if '--listen' is not specified. (bsc#1188232)

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2021:2816-1
Released:    Mon Aug 23 14:17:28 2021
Summary:     Optional update for python-kubernetes
Type:        optional
Severity:    low
References:  
This patch provides the python3-kubernetes package to the following modules:

- Container Module for SUSE Linux Enterprise 15 SP2
- Container Module for SUSE Linux Enterprise 15 SP3

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2817-1
Released:    Mon Aug 23 15:05:18 2021
Summary:     Security update for aws-cli, python-boto3, python-botocore, python-service_identity, python-trustme, python-urllib3
Type:        security
Severity:    moderate
References:  1102408,1138715,1138746,1176389,1177120,1182421,1182422,CVE-2020-26137
This patch updates the Python AWS SDK stack in SLE 15:

General:

# aws-cli

- Version updated to upstream release v1.19.9
  For a detailed list of all changes, please refer to the changelog file of this package.

# python-boto3

- Version updated to upstream release 1.17.9
  For a detailed list of all changes, please refer to the changelog file of this package.

# python-botocore

- Version updated to upstream release 1.20.9
  For a detailed list of all changes, please refer to the changelog file of this package.

# python-urllib3

- Version updated to upstream release 1.25.10
  For a detailed list of all changes, please refer to the changelog file of this package.

# python-service_identity

- Added this new package to resolve runtime dependencies for other packages.
  Version: 18.1.0

# python-trustme

- Added this new package to resolve runtime dependencies for other packages.
  Version: 0.6.0

Security fixes:

# python-urllib3:
  
- CVE-2020-26137: urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated
  by inserting CR and LF control characters in the first argument of putrequest() (bsc#1177120)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2821-1
Released:    Tue Aug 24 10:53:01 2021
Summary:     Recommended update for ClusterTools2
Type:        recommended
Severity:    moderate
References:  1166943,1186119
This update for ClusterTools2 fixes the following issues:

- change version from 3.1.0 to 3.1.1
- As some of the supportconfig plugins of ClusterTools2 take very long time to process, we will disable these plugins by default. (bsc#1186119)
- Add file samples to support SLE15. (bsc#1166943)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2827-1
Released:    Tue Aug 24 16:16:26 2021
Summary:     Security update for openssl-1_0_0
Type:        security
Severity:    important
References:  1189521,CVE-2021-3712
This update for openssl-1_0_0 fixes the following issues:

- CVE-2021-3712: a bug in the code for printing certificate details could lead
  to a buffer overrun that a malicious actor could exploit to crash the
  application, causing a denial-of-service attack. [bsc#1189521]

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2838-1
Released:    Wed Aug 25 12:34:01 2021
Summary:     Security update for jetty-minimal
Type:        security
Severity:    moderate
References:  1188438,CVE-2021-34429
This update for jetty-minimal fixes the following issues:

- Update to version 9.4.43.v20210629
- CVE-2021-34429: URIs can be crafted using some encoded characters to access the content of the WEB-INF directory and/or bypass some security constraints. (bsc#1188438)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2861-1
Released:    Fri Aug 27 14:41:03 2021
Summary:     Security update for spectre-meltdown-checker
Type:        security
Severity:    moderate
References:  1189477,CVE-2017-5753
This update for spectre-meltdown-checker fixes the following issues:

spectre-meltdown-checker was updated to version 0.44 (bsc#1189477)

- feat: add support for SRBDS related vulnerabilities
- feat: add zstd kernel decompression (#370)
- enh: arm: add experimental support for binary arm images
- enh: rsb filling: no longer need the 'strings' tool to check for kernel support in live mode
- fix: fwdb: remove Intel extract tempdir on exit
- fix: has_vmm: ignore kernel threads when looking for a hypervisor (fixes #278)
- fix: fwdb: use the commit date as the intel fwdb version
- fix: fwdb: update Intel's repository URL
- fix: arm64: CVE-2017-5753: kernels 4.19+ use a different nospec macro
- fix: on CPU parse info under FreeBSD
- chore: github: add check run on pull requests
- chore: fwdb: update to v165.20201021+i20200616

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2863-1
Released:    Mon Aug 30 08:18:50 2021
Summary:     Recommended update for python-dbus-python
Type:        recommended
Severity:    moderate
References:  1183818
This update for python-dbus-python fixes the following issues:

- Update to latest version from tumbleweed. (jsc#ECO-3589, bsc#1183818)

- update to 1.2.16:
  * All tests are run even if the 'tap.py' module is not available, althoug diagnostics for failing tests will be better if it is present.

- Support builds with more than one python3 flavor
- Clean duplicate python flavor variables for configure

- Version update to version 1.2.14:
  * Ensure that the numeric types from dbus.types get the same str() under Python 3.8 that they did under previous versions.
  * Disable -Winline.
  * Add clearer license information using SPDX-License-Identifier.
  * Include inherited methods and properties when documenting objects, which regressed when migrating from epydoc to sphinx.
  * Add missing variant_level member to UnixFd type, for parity with the other dbus.types types
  * Don't reply to method calls if they have the NO_REPLY_EXPECTED flag
  * Silence '-Wcast-function-type' with gcc 8.
  * Fix distcheck with python3.7 by deleting '__pycache__' during uninstall.
  * Consistently save and restore the exception indicator when called from C code.

- Add missing dependency for pkg-config files

- Version update to version 1.2.8:
  * Python 2.7 required or 3.4 respectively
  * Upstream dropped epydoc completely

- Add dbus-1-python3 package
- Make BusConnection.list_activatable_names actually call struct entries than the signature allows with libdbus 1.4 imports dbus, is finalized, is re-initialized, and re-imports - When removing signal matches, clean up internal state, avoiding a memory leak in long-lived Python processes that connect to
- When setting the sender of a message, allow it to be org.freedesktop.DBus so you can implement a D-Bus daemon
- New package: dbus-1-python-devel

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2874-1
Released:    Mon Aug 30 15:54:34 2021
Summary:     Security update for MozillaThunderbird
Type:        security
Severity:    important
References:  1188891,CVE-2021-29980,CVE-2021-29984,CVE-2021-29985,CVE-2021-29986,CVE-2021-29988,CVE-2021-29989
This update for MozillaThunderbird fixes the following issues:

Update to version 78.13 (MFSA 2021-35, bsc#1188891)

- CVE-2021-29986: Race condition when resolving DNS names could have led to memory corruption
- CVE-2021-29988: Memory corruption as a result of incorrect style treatment
- CVE-2021-29984: Incorrect instruction reordering during JIT optimization
- CVE-2021-29980: Uninitialized memory in a canvas object could have led to memory corruption
- CVE-2021-29985: Use-after-free media channels
- CVE-2021-29989: Memory safety bugs fixed in Thunderbird 78.13

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2885-1
Released:    Tue Aug 31 12:21:17 2021
Summary:     Recommended update for publicsuffix
Type:        recommended
Severity:    low
References:  1189124
This update for publicsuffix fixes the following issues:

- Updates the list of known/accepted domains with recent data (bsc#1189124).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2886-1
Released:    Tue Aug 31 13:21:20 2021
Summary:     Recommended update for bind
Type:        recommended
Severity:    moderate
References:  1187921
This update for bind fixes the following issues:

- tsig-keygen is now used to generate DDNS keys (bsc#1187921)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2887-1
Released:    Tue Aug 31 13:31:19 2021
Summary:     Recommended update for cloud-init
Type:        recommended
Severity:    moderate
References:  1183939,1184758
This update for cloud-init contains the following:

- Change log file creation mode to 640. (bsc#1183939)
- Do not write the generated password to the log file. (bsc#1184758)
- Allow purging cache when Python when version change detected.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2892-1
Released:    Tue Aug 31 16:38:22 2021
Summary:     Security update for dovecot23
Type:        security
Severity:    moderate
References:  1187418,1187419,1187420,CVE-2020-28200,CVE-2021-29157
This update for dovecot23 fixes the following issues:

Update dovecot to version 2.3.15 (jsc#SLE-19970):

Security issues fixed:

- CVE-2021-29157: Dovecot does not correctly escape kid and azp fields in
  JWT tokens. This may be used to supply attacker controlled keys to
  validate tokens, if attacker has local access. (bsc#1187418)
  Local attacker can login as any user and access their emails
- CVE-2021-33515:  On-path attacker could have injected plaintext commands
  before STARTTLS negotiation that would be executed after STARTTLS
  finished with the client. (bsc#1187419)
  Attacker can potentially steal user credentials and mails

* Disconnection log messages are now more standardized across services.
  They also always now start with 'Disconnected' prefix.
* Dovecot now depends on libsystemd for systemd integration.
* Removed support for Lua 5.2. Use version 5.1 or 5.3 instead.
* config: Some settings are now marked as 'hidden'. It's discouraged to
  change these settings. They will no longer be visible in doveconf
  output, except if they have been changed or if doveconf -s parameter
  is used. See https://doc.dovecot.org/settings/advanced/ for details.
* imap-compress: Compression level is now algorithm specific.
  See https://doc.dovecot.org/settings/plugin/compress-plugin/
* indexer-worker: Convert 'Indexed' info logs to an event named
  'indexer_worker_indexing_finished'. See
  https://doc.dovecot.org/admin_manual/list_of_events/#indexer-worker-indexing-finished
+ Add TSLv1.3 support to min_protocols.
+ Allow configuring ssl_cipher_suites. (for TLSv1.3+)
+ acl: Add acl_ignore_namespace setting which allows to entirely ignore
  ACLs for the listed namespaces.
+ imap: Support official RFC8970 preview/snippet syntax. Old methods of
  retrieving preview information via IMAP commands ('SNIPPET and PREVIEW
  with explicit algorithm selection') have been deprecated.
+ imapc: Support INDEXPVT for imapc storage to enable private
  message flags for cluster wide shared mailboxes.
+ lib-storage: Add new events: mail_opened, mail_expunge_requested,
  mail_expunged, mail_cache_lookup_finished. See
  https://doc.dovecot.org/admin_manual/list_of_events/#mail
+ zlib, imap-compression, fs-compress: Support compression levels that
  the algorithm supports. Before, we would allow hardcoded value between
  1 to 9 and would default to 6. Now we allow using per-algorithm value
  range and default to whatever default the algorithm specifies.
- *-login: Commands pipelined together with and just after the authenticate
  command cause these commands to be executed twice. This applies to all
  protocols that involve user login, which currently comprises of imap,
  pop3, submisision and managesieve.
- *-login: Processes are supposed to disconnect the oldest non-logged in
  connection when process_limit was reached. This didn't actually happen
  with the default 'high-security mode' (with service_count=1) where each
  connection is handled by a separate process.
- *-login: When login process reaches client/process limits, oldest
  client connections are disconnected. If one of these was still doing
  anvil lookup, this caused a crash. This could happen only if the login
  process limits were very low or if the server was overloaded.
- Fixed building with link time optimizations (-flto).
- auth: Userdb iteration with passwd driver does not always return all
  users with some nss drivers.
- dsync: Shared INBOX not synced when 'mail_shared_explicit_inbox' was
  disabled. If a user has a shared mailbox which is another user's INBOX,
  dsync didn't include the mailbox in syncing unless explicit naming is
  enabled with 'mail_shared_explicit_inbox' set to 'yes'.
- dsync: Shared namespaces were not synced with '-n' flag.
- dsync: Syncing shared INBOX failed if mail_attribute_dict was not set.
  If a user has a shared mailbox that is another user's INBOX, dsync
  failed to export the mailbox if mail attributes are disabled.
- fts-solr, fts-tika: Using both Solr FTS and Tika may have caused HTTP
  requests to assert-crash: Panic: file http-client-request.c: line 1232
  (http_client_request_send_more): assertion failed: (req->payload_input != NULL)
- fts-tika: 5xx errors returned by Tika server as indexing failures.
  However, Tika can return 5xx for some attachments every time.
  So the 5xx error should be retried once, but treated as success if it
  happens on the retry as well. v2.3 regression.
- fts-tika: v2.3.11 regression: Indexing messages with fts-tika may have
  resulted in Panic: file message-parser.c: line 802 (message_parser_deinit_from_parts):
  assertion failed: (ctx->nested_parts_count == 0 || i_stream_have_bytes_left(ctx->input))
- imap: SETMETADATA could not be used to unset metadata values.
  Instead NIL was handled as a 'NIL' string. v2.3.14 regression.
- imap: IMAP BINARY FETCH crashes at least on empty base64 body:
  Panic: file index-mail-binary.c: line 358 (blocks_count_lines):
  assertion failed: (block_count == 0 || block_idx+1 == block_count)
- imap: If IMAP client using the NOTIFY command was disconnected while
  sending FETCH notifications to the client, imap could crash with
  Panic: Trying to close mailbox INBOX with open transactions.
- imap: Using IMAP COMPRESS extension can cause IMAP connection to hang
  when IMAP commands are >8 kB long.
- imapc: If remote server sent BYE but didn't immediately disconnect, it
  could cause infinite busy-loop.
- lib-index: Corrupted cache record size in dovecot.index.cache file
  could have caused a crash (segfault) when accessing it.
- lib-oauth2: JWT token time validation now works correctly with
  32-bit systems.
- lib-ssl-iostream: Checking hostnames against an SSL certificate was
  case-sensitive.
- lib-storage: Corrupted mime.parts in dovecot.index.cache may have
  resulted in Panic: file imap-bodystructure.c: line 206 (part_write_body):
  assertion failed: (text == ((part->flags & MESSAGE_PART_FLAG_TEXT) != 0))
- lib-storage: Index rebuilding (e.g. via doveadm force-resync) didn't
  preserve the 'hdr-pop3-uidl' header. Because of this, the next pop3
  session could have accessed all of the emails' metadata to read their
  POP3 UIDL (opening dbox files).
- listescape: When using the listescape plugin and a shared namespace
  the plugin didn't work properly anymore resulting in errors like:
  'Invalid mailbox name: Name must not have '/' character.'
- lmtp: Connection crashes if connection gets disconnected due to
  multiple bad commands and the last bad command is BDAT.
- lmtp: The Dovecot-specific LMTP parameter XRCPTFORWARD was blindly
  forwarded by LMTP proxy without checking that the backend has support.
  This caused a command parameter error from the backend if it was
  running an older Dovecot release. This could only occur in more complex
  setups where the message was proxied twice; when the proxy generated
  the XRCPTFORWARD parameter itself the problem did not occur, so this
  only happened when it was forwarded.
- lmtp: The LMTP proxy crashes with a panic when the remote server
  replies with an error while the mail is still being forwarded through
  a DATA/BDAT command.
- lmtp: Username may have been missing from lmtp log line prefixes when
  it was performing autoexpunging.
- master: Dovecot would incorrectly fail with haproxy 2.0.14 service
  checks.
- master: Systemd service: Dovecot announces readiness for accepting
  connections earlier than it should. The following environment variables
  are now imported automatically and can be omitted from
  import_environment setting: NOTIFY_SOCKET LISTEN_FDS LISTEN_PID.
- master: service { process_min_avail } was launching processes too
  slowly when master was forking a lot of processes.
- util: Make the health-check.sh example script POSIX shell compatible.
* Added new aliases for some variables. Usage of the old ones is possible,
  but discouraged. (These were partially added already to v2.3.13.)
  See https://doc.dovecot.org/configuration_manual/config_file/config_variables/
  for more information.
* Optimize imap/pop3/submission/managesieve proxies to use less CPU at
  the cost of extra memory usage.
* Remove autocreate, expire, snarf and mail-filter plugins.
* Remove cydir storage driver.
* Remove XZ/LZMA write support. Read support will be removed in future release.
* doveadm -D: Add timestamps to debug output even when LOG_STDERR_TIMESTAMP
  environment variable is not set. Timestamp format is taken from
  log_timestamp setting.
* If BROKENCHAR or listescape plugin is used, the escaped folder names
  may be slightly different from before in some situations. This is
  unlikely to cause issues, although caching clients may redownload the
  folders.
* imapc: It now enables BROKENCHAR=~ by default to escape remote folder
  names if necessary. This also means that if there are any '~'
  characters in the remote folder names, they will be visible as '~7e'.
* imapc: When using local index files folder names were escaped on
  filesystem a bit differently. This affects only if there are folder
  names that actually require escaping, which isn't so common. The old
  style folders will be automatically deleted from filesystem.
* stats: Update exported metrics to be compliant with OpenMetrics standard.
+ doveadm: Add an optional '-p' parameter to metadata list command. If
  enabled, '/private', and '/shared' metadata prefixes will be prepended
  to the keys in the list output.
+ doveconf: Support environment variables in config files. See
  https://doc.dovecot.org/configuration_manual/config_file/config_file_syntax/#environment-variables
  for more details.
+ indexer-worker: Change indexer to disconnect from indexer-worker
  after each request. This allows service indexer-worker's service_count &
  idle_kill settings to work. These can be used to restart indexer-worker
  processes once in a while to reduce their memory usage.
- auth: 'nodelay' with various authentication mechanisms such as apop
  and digest-md5 crashed AUTH process if authentication failed.
- auth: Auth lua script generating an error triggered an assertion
  failure: Panic: file db-lua.c: line 630 (auth_lua_call_password_verify):
  assertion failed: (lua_gettop(script->L) == 0).
- configure: Fix libunwind detection to work on other than x86_64 systems.
- doveadm-server: Process could crash if logging was done outside command
  handling. For example http-client could have done debug logging
  afterwards, resulting in either segfault or Panic:
  file http-client.c: line 642 (http_client_context_close):
  assertion failed: (cctx->clients_list == NULL).
- dsync: Folder name escaping with BROKENCHAR didn't work completely
  correctly. This especially caused problems with dsync-migrations using
  imapc where some of the remote folder names may not have been accessible.
- dsync: doveadm sync + imapc doesn't always sync all mails when doing
  an incremental sync (-1), which could lead to mail loss when it's used
  for migration. This happens only when GUIDs aren't used (i.e.
  imapc without imapc_features=guid-forced).
- fts-tika: When tika server returns error, some mails cause Panic:
  file message-parser.c: line 802 (message_parser_deinit_from_parts):
  assertion failed: (ctx->nested_parts_count == 0 || i_stream_have_bytes_left(ctx->input))
- lib-imap: imapc parsing illegal BODYSTRUCTUREs with NILs could have
  resulted in crashes. This exposed that Dovecot was wrongly accepting
  atoms in 'nstring' handling. Changed the IMAP parsing to be more
  strict about this now.
- lib-index: If dovecot.index.cache has corrupted message size, fetching
  BODY/BODYSTRUCTURE may cause assert-crash:
  Panic: file index-mail.c: line 1140 (index_mail_parse_body_finish):
  assertion failed: (mail->data.parts != NULL).
- lib-index: Minor error handling and race condition fixes related to
  rotating dovecot.index.log. These didn't usually cause problems,
  unless the log files were rotated rapidly.
- lib-lua: Lua scripts using coroutines or lua libraries using coroutines
  (e.g., cqueues) panicked.
- Message PREVIEW handled whitespace wrong so first space would get
  eaten from between words.
- FTS and message PREVIEW (snippet) parsed HTML &entities case-sensitively.
- lib-mail: When max nested MIME parts were reached, IMAP BODYSTRUCTURE
  was written in a way that may have caused confusion for IMAP clients
  and also Dovecot itself when parsing it. The truncated part is now
  written out using application/octet-stream MIME type.
- lib-oauth2: HS512 and HS384 JWT token algorithms crash when you try to
  use them: Panic: file hmac.c: line 26 (hmac_init): assertion failed:
  (meth->context_size <= MAC_MAX_CONTEXT_SIZE).
- event filters: NOT keyword did not have the correct associativity.
- Ignore ECONNRESET when closing socket. This avoids logging useless
  errors on systems like FreeBSD.
- event filters: event filter syntax error may lead to Panic:
  file event-filter.c: line 137 (event_filter_parse): assertion failed:
  (state.output == NULL)
- lib: timeval_cmp_margin() was broken on 32-bit systems. This could
  potentially have caused HTTP timeouts to be handled incorrectly.
- log: instance_name wasn't used as syslog ident by the log process.
- master: After a service reached process_limit and client_limit, it
  could have taken up to 1 second to realize that more client connections
  became available. During this time client connections could have been
  unnecessarily rejected and a warning logged:
  Warning: service(...): process_limit (...) reached, client connections are being dropped
- stats: Crash would occur when generating openmetrics data for metrics
  using aggregating functions.
- stats: Event filters comparing against empty strings crash the stats
  process.
* CVE-2020-24386: Specially crafted command can cause IMAP hibernate to
  allow logged in user to access other people's emails and filesystem
  information.
* Metric filter and global event filter variable syntax changed to a
  SQL-like format. See https://doc.dovecot.org/configuration_manual/event_filter/
* auth: Added new aliases for %{variables}. Usage of the old ones is
  possible, but discouraged.
* auth: Removed RPA auth mechanism, SKEY auth mechanism, NTLM auth
  mechanism and related password schemes.
* auth: Removed passdb-sia, passdb-vpopmail and userdb-vpopmail.
* auth: Removed postfix postmap socket
+ auth: Added new fields for auth server events. These fields are now
  also available for all auth events. See
  https://doc.dovecot.org/admin_manual/list_of_events/#authentication-server
  for details.
+ imap-hibernate: Added imap_client_hibernated, imap_client_unhibernated
  and imap_client_unhibernate_retried events. See
  https://doc.dovecot.org/admin_manual/list_of_events/ for details.
+ lib-index: Added new mail_index_recreated event. See
  https://doc.dovecot.org/admin_manual/list_of_events/#mail-index-recreated
+ lib-sql: Support TLS options for cassandra driver. This requires
  cpp-driver v2.15 (or later) to work reliably.
+ lib-storage: Missing $HasAttachment / $HasNoAttachment flags are now
  added to existing mails if mail_attachment_detection_option=add-flags
  and it can be done inexpensively.
+ login proxy: Added login_proxy_max_reconnects setting (default 3) to
  control how many reconnections are attempted.
+ login proxy: imap/pop3/submission/managesieve proxying now supports
  reconnection retrying on more than just connect() failure. Any error
  except a non-temporary authentication failure will result in reconnect
  attempts.
- auth: Lua passdb/userdb leaks stack elements per call, eventually
  causing the stack to become too deep and crashing the auth or
  auth-worker process.
- auth: SASL authentication PLAIN mechanism could be used to trigger
  read buffer overflow. However, this doesn't seem to be exploitable in
  any way.
- auth: v2.3.11 regression: GSSAPI authentication fails because dovecot
  disallows NUL bytes for it.
- dict: Process used too much CPU when iterating keys, because each key
  used a separate write() syscall.
- doveadm-server: Crash could occur if logging was done outside command
  handling. For example http-client could have done debug logging
  afterwards, resulting in either segfault or
  Panic: file http-client.c: line 642 (http_client_context_close):
  assertion failed: (cctx->clients_list == NULL).
- doveadm-server: v2.3.11 regression: Trying to connect to doveadm server
  process via starttls assert-crashed if there were no ssl=yes listeners:
  Panic: file master-service-ssl.c: line 22 (master_service_ssl_init):
  assertion failed: (service->ssl_ctx_initialized).
- fts-solr: HTTP requests may have assert-crashed:
  Panic: file http-client-request.c: line 1232 (http_client_request_send_more):
  assertion failed: (req->payload_input != NULL)
- imap: IMAP NOTIFY could crash with a segmentation fault due to a bad
  configuration that causes errors. Sending the error responses to the
  client can cause the segmentation fault. This can for example happen
  when several namespaces use the same mail storage location.
- imap: IMAP NOTIFY used on a shared namespace that doesn't actually
  exist (e.g. public namespace for a nonexistent user) can crash with a panic:
  Panic: Leaked view for index /tmp/home/asdf/mdbox/dovecot.list.index: Opened in (null):0
- imap: IMAP session can crash with QRESYNC extension if many changes
  are done before asking for expunged mails since last sync.
- imap: Process might hang indefinitely if client disconnects after
  sending some long-running commands pipelined, for example FETCH+LOGOUT.
- lib-compress: Mitigate crashes when configuring a not compiled in
  compression. Errors with compression configuration now distinguish
  between not supported and unknown.
- lib-compression: Using xz/lzma compression in v2.3.11 could have
  written truncated output in some situations. This would result in
  'Broken pipe' read errors when trying to read it back.
- lib-compression: zstd compression could have crashed in some situations:
  Panic: file ostream.c: line 287 (o_stream_sendv_int): assertion failed: (!stream->blocking)
- lib-dict: dict client could have crashed in some rare situations when
  iterating keys.
- lib-http: Fix several assert-crashes in HTTP client.
- lib-index: v2.3.11 regression: When mails were expunged at the same
  time as lots of new content was being saved to the cache (e.g. cache
  file was lost and is being re-filled) a deadlock could occur with
  dovecot.index.cache / dovecot.index.log.
- lib-index: v2.3.11 regression: dovecot.index.cache file was being
  purged (rewritten) too often when it had a field that hadn't been
  accessed for over 1 month, but less than 2 months. Every cache file
  change caused a purging in this situation.
- lib-mail: MIME parts were not returned correctly by Dovecot MIME parser.
  Regression caused by fixing CVE-2020-12100.
- lib-mail: When max nested MIME parts were reached, IMAP BODYSTRUCTURE
  was written in a way that may have caused confusion for both IMAP
  clients and Dovecot itself when parsing it. The truncated part is now
  written out using application/octet-stream MIME type.
- lib-mail: v2.3.11 regression: Mail delivery / parsing crashed when the
  10000th MIME part was message/rfc822 (or if parent was multipart/digest):
  Panic: file message-parser.c: line 167 (message_part_append):
  assertion failed: (ctx->total_parts_count <= ctx->max_total_mime_parts).
- lib-oauth2: Dovecot incorrectly required oauth2 server introspection
  reply to contain username with invalid token.
- lib-ssl-iostream, lib-dcrypt: Fix building with OpenSSL that has
  deprecated APIs disabled.
- lib-storage: When mail's size is different from the cached one (in
  dovecot.index.cache or Maildir S=size in the filename), this is
  handled by logging 'Cached message size smaller/larger than expected'
  error. However, in some situations this also ended up crashing with:
  Panic: file istream.c: line 315 (i_stream_read_memarea):
  assertion failed: (old_size <= _stream->pos - _stream->skip).
- lib-storage: v2.3 regression: Copying/moving mails was taking much more
  memory than before. This was mainly visible when copying/moving
  thousands of mails in a single transaction.
- lib-storage: v2.3.11 regression: Searching messages assert-crashed
  (without FTS): Panic: file message-parser.c: line 174 (message_part_finish):
  assertion failed: (ctx->nested_parts_count > 0).
- lib: Dovecot v2.3 moved signal handlers around in ioloops,
  causing more CPU usage than in v2.2.
- lib: Fixed JSON parsing: '\' escape sequence may have wrongly resulted
  in error if it happened to be at read boundary. Any NUL characters and
  '\u0000' will now result in parsing error instead of silently
  truncating the data.
- lmtp, submission: Server may hang if SSL client connection disconnects
  during the delivery. If this happened repeated, it could have ended
  up reaching process_limit and preventing any further lmtp/submission
  deliveries.
- lmtp: Proxy does not always properly log TLS connection problems as
  errors; in some cases, only a debug message is logged if enabled.
- lmtp: The LMTP service can hang when commands are pipelined. This can
  particularly occur when one command in the middle of the pipeline fails.
  One example of this occurs for proxied LMTP transactions in which the
  final DATA or BDAT command is pipelined after a failing RCPT command.
- login-proxy: The login_source_ips setting has no effect, and therefore
  the proxy source IPs are not cycled through as they should be.
- master: Process was using 100% CPU in some situations when a broken
  service was being throttled.
- pop3-login: POP3 login would fail with 'Input buffer full' if the
  initial response for SASL was too long.
- stats: Crash would occur when generating openmetrics data for metrics
  using aggregating functions.

Update pigeonhole to version 0.5.15

* CVE-2020-28200: Sieve interpreter is not protected against abusive
  scripts that claim excessive resource usage. Fixed by limiting the
  user CPU time per single script execution and cumulatively over
  several script runs within a configurable timeout period. Sufficiently
  large CPU time usage is summed in the Sieve script binary and execution
  is blocked when the sum exceeds the limit within that time. The block
  is lifted when the script is updated after the resource usage times out.
  (bsc#1187420) Attacker can DoS the mail delivery system
  (jsc#PM-2746) ECO: Dovecot 2.3.15 version upgrade
* Disconnection log messages are now more standardized across services.
  They also always now start with 'Disconnected' prefix.
* managesieve: Commands pipelined together with and just after the
  authenticate command cause these commands to be executed twice.
* duplicate: The test was handled badly in a multiscript (sieve_before,
  sieve_after) scenario in which an earlier script in the sequence with
  a duplicate test succeeded, while a later script caused a runtime
  failure. In that case, the message is recorded for duplicate tracking,
  while the message may not actually have been delivered in the end.
* editheader: Sieve interpreter entered infinite loop at startup when
  the 'editheader' configuration listed an invalid header name. This
  problem can only be triggered by the administrator.
* relational: The Sieve relational extension can cause a segfault at
  compile time. This is triggered by invalid script syntax. The segfault
  happens when this match type is the last argument of the test command.
  This situation is not possible in a valid script; positional arguments
  are normally present after that, which would prevent the segfault.
* sieve: For some Sieve commands the provided mailbox name is not
  properly checked for UTF-8 validity, which can cause assert crashes at
  runtime when an invalid mailbox name is encountered. This can be
  caused by the user by writing a bad Sieve script involving the
  affected commands ('mailboxexists', 'specialuse_exists').
  This can be triggered by the remote sender only when the user has
  written a Sieve script that passes message content to one of the
  affected commands.
* sieve: Large sequences of 8-bit octets passed to certain Sieve
  commands that create or modify message headers that allow UTF-8 text
  (vacation, notify and addheader) can cause the delivery or IMAP
  process (when IMAPSieve is used) to enter a memory-consuming
  semi-infinite loop that ends when the process exceeds its memory
  limits. Logged in users can cause these hangs only for their own
  processes.


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2895-1
Released:    Tue Aug 31 19:40:32 2021
Summary:     Recommended update for unixODBC
Type:        recommended
Severity:    moderate
References:  
This update for unixODBC fixes the following issues:

- ECO: Update unixODBC to 2.3.9 in SLE 15. (jsc#SLE-18004)
- Fix incorrect permission for documentation files.
- Update requires and baselibs for new libodbc2.
- Employ shared library packaging guideline: new subpacakge libodbc2. 
- Update to 2.3.9:
  * Remove '#define UNIXODBC_SOURCE' from unixodbc_conf.h

- Update to 2.3.8:
  * Add configure support for editline
  * SQLDriversW was ignoring user config
  * SQLDataSources Fix termination character
  * Fix for pooling seg fault
  * Make calling SQLSetStmtAttrW call the W function in the driver is its there
  * Try and fix race condition clearing system odbc.ini file
  * Remove trailing space from isql/iusql SQL
  * When setting connection attributes set before connect also check if the W entry poins can be used
  * Try calling the W error functions first if available in the driver
  * Add iconvperdriver configure option to allow calling unicode_setup in SQLAllocHandle
  * iconv handles was being lost when reusing pooled connection
  * Catch null copy in iniPropertyInsert
  * Fix a few leaks 

- Update to 2.3.7:
  * Fix for pkg-config file update on no linux platforms
  * Add W entry for GUI work
  * Various fixes for SQLBrowseConnect/W, SQLGetConnectAttr/W,and SQLSetConnectAttr/W
  * Fix buffer overflows in SQLConnect/W and refine behaviour of SQLGet/WritePrivateProfileString
  * SQLBrowseConnect/W allow disconnecting a started browse session after error
  * Add --with-stats-ftok-name configure option to allow the selection of a file name
    used to generate the IPC id when collecting stats. Default is the system odbc.ini file
  * Improve diag record handling with the behavior of Windows DM and export SQLCancelHandle
  * bug fix when SQLGetPrivateProfileString() is called to get a list of sections or a list of keys
  * Connection pooling: Fix liveness check for Unicode drivers

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2899-1
Released:    Wed Sep  1 08:30:58 2021
Summary:     Recommended update for systemd-rpm-macros
Type:        recommended
Severity:    moderate
References:  1186282,1187332
This update for systemd-rpm-macros fixes the following issues:

- Fixed an issue whe zypper ignores the ordering constraints. (bsc#1187332)
- Introduce '%sysusers_create_package': '%sysusers_create' and '%sysusers_create_inline' are now deprecated and the new macro should be used instead.
- %sysusers_create_inline: use here-docs instead of echo (bsc#1186282)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2901-1
Released:    Wed Sep  1 10:34:50 2021
Summary:     Recommended update for insserv-compat
Type:        recommended
Severity:    moderate
References:  1187941
This update for insserv-compat fixes the following issues:

- Require sysvinit-tools. (bsc#1187941)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2905-1
Released:    Wed Sep  1 14:18:41 2021
Summary:     Recommended update for corosync
Type:        recommended
Severity:    important
References:  1189680
This update for corosync fixes the following issue:

- Add 'cancel_hold_on_retransmit' config option on corosync totem (bsc#1189680)
  - This option allows Corosync to hold the token by representative when there are too many retransmit messages. 
    This allows the network to process increased load without overloading it. The used mechanism is same as described 
    for the hold directive.
    Some deployments may prefer to never hold token when there is retransmit messages. If so, the option should 
    be set to yes. The default value is no.
 
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2919-1
Released:    Thu Sep  2 10:04:41 2021
Summary:     Security update for ffmpeg
Type:        security
Severity:    important
References:  1129714,1186849,1186859,1186861,1186863,1189142,1189348,1189350,CVE-2019-9721,CVE-2020-21688,CVE-2020-21697,CVE-2020-22046,CVE-2020-22048,CVE-2020-22049,CVE-2020-22054,CVE-2021-38114
This update for ffmpeg fixes the following issues:

- CVE-2019-9721: Fix denial of service in the subtitle decoder in handle_open_brace from libavcodec/htmlsubtitles.c (bsc#1129714).
- CVE-2020-22046: Fix a denial of service vulnerability exists in FFmpeg 4.2 due to a memory leak in the avpriv_float_dsp_allocl function in libavutil/float_dsp.c (bsc#1186849).
- CVE-2020-22048: Fix a denial of service vulnerability exists in FFmpeg 4.2 due to a memory leak in the ff_frame_pool_get function in framepool.c (bsc#1186859).
- CVE-2020-22049: Fix a denial of service vulnerability exists in FFmpeg 4.2 due to a memory leak in the wtvfile_open_sector function in wtvdec.c (bsc#1186861).
- CVE-2020-22054: Fix a denial of service vulnerability exists in FFmpeg 4.2 due to a memory leak in the av_dict_set function in dict.c (bsc#1186863).
- CVE-2020-21688: Fixed a heap-use-after-free in the av_freep function in libavutil/mem.c (bsc#1189348).
- CVE-2020-21697: Fixed a heap-use-after-free in the mpeg_mux_write_packet function in libavformat/mpegenc.c (bsc#1189350).
- CVE-2021-38114: Fixed a not checked return value of the init_vlc function (bsc#1189142).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2934-1
Released:    Thu Sep  2 18:29:50 2021
Summary:     Recommended update for SAPHanaSR-ScaleOut
Type:        recommended
Severity:    important
References:  1144312,1144442,1173581,1182115,1182545
This update for SAPHanaSR-ScaleOut fixes the following issues:

- change version to 0.180.1
- Extent the SAP HANA ressource agents from single replication automation to multi replication automation (jsc#SLE-17452, jsc#SLE-20081)
- The resource start and stop timeout is now configurable by increasing the timeout for the action 'start' and/or 'stop' in the cluster. (bsc#1182545)
- Improve handling of return codes in 'saphana_stopSystem' and 'saphana_stop' function. (bsc#1182115)
- Integrate man pages back to the base package SAPHanaSR-ScaleOut.
- Fixed an issue when HANA failover returns and empty site name. (bsc#1173581)
- Add SAPHanaSR-call-monitor
- Fixed an issue when HANA is configured to have only one master name server, but no additional master name server candidates, there may be the situation, where the master name server died and so the landscape has no active name server anymore.
- Manual page updates:
  SAPHanaSR-ScaleOut.7 (bsc#1144442)
  SAPHanaSR-showAttr.8 (bsc#1144312)
  and others

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2937-1
Released:    Fri Sep  3 09:18:45 2021
Summary:     Security update for libesmtp
Type:        security
Severity:    important
References:  1160462,1189097,CVE-2019-19977
This update for libesmtp fixes the following issues:

- CVE-2019-19977: Fixed stack-based buffer over-read in ntlm/ntlmstruct.c (bsc#1160462).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2947-1
Released:    Fri Sep  3 09:49:40 2021
Summary:     Recommended update for lifecycle-data-sle-module-live-patching
Type:        recommended
Severity:    moderate
References:  1020320
This update for lifecycle-data-sle-module-live-patching fixes the following issues:

- Added data for 4_12_14-197_92, 5_3_18-24_53_4, 5_3_18-24_67, 5_3_18-57, 5_3_18-59_10, 5_3_18-59_5. (bsc#1020320)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2951-1
Released:    Fri Sep  3 14:18:50 2021
Summary:     Recommended update for scap-security-guide
Type:        recommended
Severity:    moderate
References:  
This update for scap-security-guide fixes the following issues:

Updated to 0.1.57 release (jsc#ECO-3319)

- Small bugfixes for SUSE Linux Enterprise STIG profiles.
- CIS profile for RHEL 7 is updated.
- Initial CIS profiles for Ubuntu 20.04.
- Major improvement of RHEL 9 content.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2952-1
Released:    Fri Sep  3 14:38:44 2021
Summary:     Security update for java-11-openjdk
Type:        security
Severity:    important
References:  1185476,1188564,1188565,1188566,CVE-2021-2341,CVE-2021-2369,CVE-2021-2388
This update for java-11-openjdk fixes the following issues:

- Update to jdk-11.0.12+7
- CVE-2021-2369: Fixed JAR file handling problem containing multiple MANIFEST.MF files. (bsc#1188565)
- CVE-2021-2388: Fixed a flaw inside the Hotspot component performed range check elimination. (bsc#1188566)
- CVE-2021-2341: Fixed a flaw inside the FtpClient. (bsc#1188564)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2960-1
Released:    Mon Sep  6 13:35:58 2021
Summary:     Recommended update for habootstrap-formula
Type:        recommended
Severity:    moderate
References:  1181731
This update for habootstrap-formula fixes the following issue:

- Fix SUSE Manager integration. (bsc#1181731)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2962-1
Released:    Mon Sep  6 18:23:01 2021
Summary:     Recommended update for runc
Type:        recommended
Severity:    critical
References:  1189743
This update for runc fixes the following issues:

- Fixed an issue when toolbox container fails to start. (bsc#1189743)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2971-1
Released:    Tue Sep  7 10:45:21 2021
Summary:     Security update for ntfs-3g_ntfsprogs
Type:        security
Severity:    important
References:  1189720,CVE-2019-9755,CVE-2021-33285,CVE-2021-33286,CVE-2021-33287,CVE-2021-33289,CVE-2021-35266,CVE-2021-35267,CVE-2021-35268,CVE-2021-35269,CVE-2021-39251,CVE-2021-39252,CVE-2021-39253,CVE-2021-39255,CVE-2021-39256,CVE-2021-39257,CVE-2021-39258,CVE-2021-39259,CVE-2021-39260,CVE-2021-39261,CVE-2021-39262,CVE-2021-39263
This update for ntfs-3g_ntfsprogs fixes the following issues:

Update to version 2021.8.22 (bsc#1189720):

* Fixed compile error when building with libfuse < 2.8.0
* Fixed obsolete macros in configure.ac
* Signalled support of UTIME_OMIT to external libfuse2
* Fixed an improper macro usage in ntfscp.c
* Updated the repository change in the README
* Fixed vulnerability threats caused by maliciously tampered NTFS partitions
* Security fixes: CVE-2021-33285, CVE-2021-33286, CVE-2021-33287,
  CVE-2021-33289, CVE-2021-35266, CVE-2021-35267, CVE-2021-35268,
  CVE-2021-35269, CVE-2021-39251, CVE-2021-39252, CVE-2021-39253,
  CVE_2021-39254, CVE-2021-39255, CVE-2021-39256, CVE-2021-39257,
  CVE-2021-39258, CVE-2021-39259, CVE-2021-39260, CVE-2021-39261,
  CVE-2021-39262, CVE-2021-39263.

- Library soversion is now 89

* Changes in version 2017.3.23
* Delegated processing of special reparse points to external plugins
* Allowed kernel cacheing by lowntfs-3g when not using Posix ACLs
* Enabled fallback to read-only mount when the volume is hibernated
* Made a full check for whether an extended attribute is allowed
* Moved secaudit and usermap to ntfsprogs (now ntfssecaudit and ntfsusermap)
* Enabled encoding broken UTF-16 into broken UTF-8
* Autoconfigured selecting <sys/sysmacros.h> vs <sys/mkdev>
* Allowed using the full library API on systems without extended attributes support
* Fixed DISABLE_PLUGINS as the condition for not using plugins
* Corrected validation of multi sector transfer protected records
* Denied creating/removing files from $Extend
* Returned the size of locale encoded target as the size of symlinks

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2973-1
Released:    Tue Sep  7 16:56:08 2021
Summary:     Recommended update for hwdata
Type:        recommended
Severity:    moderate
References:  1190091
This update for hwdata fixes the following issue:

- Update pci, usb and vendor ids (bsc#1190091)
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2974-1
Released:    Tue Sep  7 17:17:23 2021
Summary:     Recommended update for librdkafka
Type:        recommended
Severity:    important
References:  1189792
This update for librdkafka fixes the following issue:

- Fixed thread creation on SUSE Linux Enterprise Server 15 SP3. (bsc#1189792)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2977-1
Released:    Wed Sep  8 11:54:32 2021
Summary:     Recommended update for usbutils
Type:        recommended
Severity:    moderate
References:  
This update for usbutils fixes the following issue:

- Update to version 0.14 (jira#SLE-19451)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2987-1
Released:    Thu Sep  9 00:00:13 2021
Summary:     Recommended update for pesign
Type:        recommended
Severity:    low
References:  1184124
This update for pesign fixes the following issues:

- Link as Position Independent Executable (bsc#1184124).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2993-1
Released:    Thu Sep  9 14:31:33 2021
Summary:     Recommended update for gcc
Type:        recommended
Severity:    moderate
References:  1185348
This update for gcc fixes the following issues:

- With gcc-PIE add -pie even when -fPIC is specified but we are
  not linking a shared library.  [bsc#1185348]
- Fix postun of gcc-go alternative.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2994-1
Released:    Thu Sep  9 14:33:21 2021
Summary:     Security update for openssl-1_0_0
Type:        security
Severity:    low
References:  1189521,CVE-2021-3712
This update for openssl-1_0_0 fixes the following issues:

- CVE-2021-3712: This is an update for the incomplete fix for CVE-2021-3712. 
  Read buffer overruns processing ASN.1 strings (bsc#1189521).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2997-1
Released:    Thu Sep  9 14:37:34 2021
Summary:     Recommended update for python3
Type:        recommended
Severity:    moderate
References:  1187338,1189659
This update for python3 fixes the following issues:

- Fixed an issue when the missing 'stropts.h' causing build errors for different python modules. (bsc#1187338)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3000-1
Released:    Thu Sep  9 15:08:04 2021
Summary:     Recommended update for vncmanager-controller
Type:        recommended
Severity:    moderate
References:  1188118
This update for vncmanager-controller fixes the following issues:

- Fix extension loading error that disables 'Vnc session configuration' option (bsc#1188118)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3001-1
Released:    Thu Sep  9 15:08:13 2021
Summary:     Recommended update for netcfg
Type:        recommended
Severity:    moderate
References:  1189683
This update for netcfg fixes the following issues:

- add submissions port/protocol to services file for message submission over TLS protocol [bsc#1189683]

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3004-1
Released:    Thu Sep  9 15:20:43 2021
Summary:     Security update for libtpms
Type:        security
Severity:    important
References:  1189935,CVE-2021-3746
This update for libtpms fixes the following issues:

- CVE-2021-3746: Fixed out-of-bounds access via specially crafted TPM 2 command packets (bsc#1189935).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3017-1
Released:    Mon Sep 13 09:13:11 2021
Summary:     Security update for wireshark
Type:        security
Severity:    moderate
References:  1188375,CVE-2021-22235
This update for wireshark fixes the following issues:

- Update to Wireshark 3.4.7

- CVE-2021-22235: Fixed DNP dissector crash (bsc#1188375).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3018-1
Released:    Mon Sep 13 09:13:56 2021
Summary:     Security update for php7-pear
Type:        security
Severity:    important
References:  1189591,CVE-2020-36193
This update for php7-pear fixes the following issues:

- CVE-2020-36193: Fixed Archive_Tar directory traversal due to inadequate checking of symbolic links (bsc#1189591).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3020-1
Released:    Mon Sep 13 09:17:14 2021
Summary:     Security update for apache2-mod_auth_openidc
Type:        security
Severity:    moderate
References:  1188638,1188639,1188848,1188849,CVE-2021-32785,CVE-2021-32786,CVE-2021-32791,CVE-2021-32792
This update for apache2-mod_auth_openidc fixes the following issues:

- CVE-2021-32785: format string bug via hiredis (bsc#1188638)
- CVE-2021-32786: open redirect in logout functionality (bsc#1188639)
- CVE-2021-32791: Hardcoded static IV and AAD with a reused key in AES GCM encryption (bsc#1188849)
- CVE-2021-32792: XSS when using OIDCPreservePost On (bsc#1188848)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3022-1
Released:    Mon Sep 13 10:48:16 2021
Summary:     Recommended update for c-ares
Type:        recommended
Severity:    important
References:  1190225
This update for c-ares fixes the following issue:

- Allow '_' as part of DNS response. (bsc#1190225)
  - 'c-ares' 1.17.2 introduced response validation to prevent a security issue, however it was not listing '_' as a 
    valid character for domain name responses which caused issues when a 'CNAME' referenced a 'SRV' record which 
    contained underscores.

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2021:3027-1
Released:    Mon Sep 13 14:53:51 2021
Summary:     Feature providing NVIDIA GPU utilities
Type:        feature
Severity:    moderate
References:  
This feature provides NVIDIA GPU utilities (jsc#SLE-18750, jsc#SLE-19341):

Provide:

- 'bmake' version 20181221
- 'libnvidia-container' version 1.4.0
- 'nvidia-container-runtime' version 3.5.0
- 'nvidia-container-toolkit' version 1.5.1

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3028-1
Released:    Mon Sep 13 14:55:33 2021
Summary:     Recommended update for wxWidgets-3_0
Type:        recommended
Severity:    moderate
References:  1162418,1180492
This update for wxWidgets-3_0 fixes the following issues:

Update from version 3.0.3 to 3.0.5.1 (bsc#1180492, jsc#ECO-3376)

- Workaround for the problem with overflowing the maximum command line length in MinGW builds not using configure.
- Fix for a problem with 'wxSpinCtrl' in 'wxGTK'
- Update the 'SOVERSION'
- Relax the ABI changes avoiding to check for the exact match of '__GXX_ABI_VERSION'.
- Build 'wxWidgets-3_0-nostl' variant with LTO disabled. (bsc#1162418)
- Don't crash on trailing '%' in 'wxDateTime::Format()'.
- Fix various problems when parsing invalid ZIP files.
- Fix generic 'wxTimePickerCtrl' to accept max values from keyboard.
- Multiple surrogate-related fixes in UTF-16 support.
- Fix reading wide character data in 'wxFile::ReadAll()'.
- Make parsing 'WAV' data more robust.
- Fix copy 'ctor' in numeric validators classes.
- Fix a memory error when 'wxDataViewCtrl' is deleted.
- Avoid some GTK+ run-time errors when using 'wx{File,Dir}PickerCtrl'.
- Prevent breaking binaries, if C++11 is enabled.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3029-1
Released:    Tue Sep 14 07:32:31 2021
Summary:     Recommended update for sapconf
Type:        recommended
Severity:    moderate
References:  1189496
This update for sapconf fixes the following issues:

- Adapt the activity detection of saptune to the upcoming saptune version 3. (bsc#1189496)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3036-1
Released:    Tue Sep 14 15:21:53 2021
Summary:     Recommended update for ocl-icd
Type:        recommended
Severity:    moderate
References:  1172303

This update for ocl-icd fixes the following issue:

- provide a libOpenCL1-32bit for use by Wine.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3040-1
Released:    Tue Sep 14 17:35:59 2021
Summary:     Recommended update for lifecycle-data-sle-module-live-patching
Type:        recommended
Severity:    moderate
References:  1020320
This update for lifecycle-data-sle-module-live-patching fixes the following issue:

Lifecycle data updates. (bsc#1020320)

- Updates for 4_12_14-150_75, 4_12_14-197_99, 5_3_18-24_70, 5_3_18-24_75, 5_3_18-24_78, 5_3_18-59_13, 5_3_18-59_16, 
5_3_18-59_19.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3044-1
Released:    Wed Sep 15 10:17:23 2021
Summary:     Security update for ghostscript
Type:        security
Severity:    critical
References:  1184123,1190381,CVE-2021-3781
This update for ghostscript fixes the following issues:

Security issue fixed:

- CVE-2021-3781: Fixed a trivial -dSAFER bypass command injection (bsc#1190381)

Also a hardening fix was added:

- Link as position independent executable (bsc#1184123)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3045-1
Released:    Wed Sep 15 10:32:15 2021
Summary:     Recommended update for golang-github-vpenso-prometheus_slurm_exporter
Type:        recommended
Severity:    important
References:  1188619
This update for golang-github-vpenso-prometheus_slurm_exporter fixes the following issues:

- Update to version 0.19
  - GPUs accounting has to be activated explicitly via cmd line option.
  - Export detailed usage info for every node (CPU, Memory).
- With the present version of Slurm (20.11), GPU accounting in the prometheus-slurm-exporter will cause the exporter to terminate, thus it must not be enabled for the time being. (bsc#1188619)
- Do not ship sources.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3052-1
Released:    Thu Sep 16 10:05:24 2021
Summary:     Recommended update for lshw
Type:        recommended
Severity:    moderate
References:  
This update for lshw fixes the following issues:
    
- Update to version B.02.19.2+git.20210619 (jsc#SLE-19399)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3115-1
Released:    Thu Sep 16 14:04:26 2021
Summary:     Recommended update for mozilla-nspr, mozilla-nss
Type:        recommended
Severity:    moderate
References:  1029961,1174697,1176206,1176934,1179382,1188891,CVE-2020-12400,CVE-2020-12401,CVE-2020-12403,CVE-2020-25648,CVE-2020-6829
This update for mozilla-nspr fixes the following issues:

mozilla-nspr was updated to version 4.32:

* implement new socket option PR_SockOpt_DontFrag
* support larger DNS records by increasing the default buffer
  size for DNS queries 
* Lock access to PRCallOnceType members in PR_CallOnce* for
  thread safety bmo#1686138
* PR_GetSystemInfo supports a new flag PR_SI_RELEASE_BUILD to get
  information about the operating system build version.


Mozilla NSS was updated to version 3.68:

* bmo#1713562 - Fix test leak.
* bmo#1717452 - NSS 3.68 should depend on NSPR 4.32.
* bmo#1693206 - Implement PKCS8 export of ECDSA keys.
* bmo#1712883 - DTLS 1.3 draft-43.
* bmo#1655493 - Support SHA2 HW acceleration using Intel SHA Extension.
* bmo#1713562 - Validate ECH public names.
* bmo#1717610 - Add function to get seconds from epoch from pkix::Time.

update to NSS 3.67

* bmo#1683710 - Add a means to disable ALPN.
* bmo#1715720 - Fix nssckbi version number in NSS 3.67 (was supposed to be incremented in 3.66).
* bmo#1714719 - Set NSS_USE_64 on riscv64 target when using GYP/Ninja.
* bmo#1566124 - Fix counter increase in ppc-gcm-wrap.c.
* bmo#1566124 - Fix AES_GCM mode on ppc64le for messages of length more than 255-byte.

update to NSS 3.66

* bmo#1710716 - Remove Expired Sonera Class2 CA from NSS.
* bmo#1710716 - Remove Expired Root Certificates from NSS - QuoVadis Root Certification Authority.
* bmo#1708307 - Remove Trustis FPS Root CA from NSS.
* bmo#1707097 - Add Certum Trusted Root CA to NSS.
* bmo#1707097 - Add Certum EC-384 CA to NSS.
* bmo#1703942 - Add ANF Secure Server Root CA to NSS.
* bmo#1697071 - Add GLOBALTRUST 2020 root cert to NSS.
* bmo#1712184 - NSS tools manpages need to be updated to reflect that sqlite is the default database.
* bmo#1712230 - Don't build ppc-gcm.s with clang integrated assembler.
* bmo#1712211 - Strict prototype error when trying to compile nss code that includes blapi.h.
* bmo#1710773 - NSS needs FIPS 180-3 FIPS indicators.
* bmo#1709291 - Add VerifyCodeSigningCertificateChain.

update to NSS 3.65

* bmo#1709654 - Update for NetBSD configuration.
* bmo#1709750 - Disable HPKE test when fuzzing.
* bmo#1566124 - Optimize AES-GCM for ppc64le.
* bmo#1699021 - Add AES-256-GCM to HPKE.
* bmo#1698419 - ECH -10 updates.
* bmo#1692930 - Update HPKE to final version.
* bmo#1707130 - NSS should use modern algorithms in PKCS#12 files by default.
* bmo#1703936 - New coverity/cpp scanner errors.
* bmo#1697303 - NSS needs to update it's csp clearing to FIPS 180-3 standards.
* bmo#1702663 - Need to support RSA PSS with Hashing PKCS #11 Mechanisms.
* bmo#1705119 - Deadlock when using GCM and non-thread safe tokens.

update to NSS 3.64

* bmo#1705286 - Properly detect mips64.
* bmo#1687164 - Introduce NSS_DISABLE_CRYPTO_VSX and
		disable_crypto_vsx.
* bmo#1698320 - replace __builtin_cpu_supports('vsx') with
		ppc_crypto_support() for clang.
* bmo#1613235 - Add POWER ChaCha20 stream cipher vector
		acceleration.

Fixed in 3.63

* bmo#1697380 - Make a clang-format run on top of helpful contributions.
* bmo#1683520 - ECCKiila P384, change syntax of nested structs
		initialization to prevent build isses with GCC 4.8.
* bmo#1683520 - [lib/freebl/ecl] P-384: allow zero scalars in dual
		scalar multiplication.
* bmo#1683520 - ECCKiila P521, change syntax of nested structs
		initialization to prevent build isses with GCC 4.8.
* bmo#1683520 - [lib/freebl/ecl] P-521: allow zero scalars in dual
		scalar multiplication.
* bmo#1696800 - HACL* update March 2021 - c95ab70fcb2bc21025d8845281bc4bc8987ca683.
* bmo#1694214 - tstclnt can't enable middlebox compat mode.
* bmo#1694392 - NSS does not work with PKCS #11 modules not supporting
		profiles.
* bmo#1685880 - Minor fix to prevent unused variable on early return.
* bmo#1685880 - Fix for the gcc compiler version 7 to support setenv
		with nss build.
* bmo#1693217 - Increase nssckbi.h version number for March 2021 batch
		of root CA changes, CA list version 2.48.
* bmo#1692094 - Set email distrust after to 21-03-01 for Camerfirma's
		'Chambers of Commerce' and 'Global Chambersign' roots.
* bmo#1618407 - Symantec root certs - Set CKA_NSS_EMAIL_DISTRUST_AFTER.
* bmo#1693173 - Add GlobalSign R45, E45, R46, and E46 root certs to NSS.
* bmo#1683738 - Add AC RAIZ FNMT-RCM SERVIDORES SEGUROS root cert to NSS.
* bmo#1686854 - Remove GeoTrust PCA-G2 and VeriSign Universal root certs
		from NSS.
* bmo#1687822 - Turn off Websites trust bit for the “Staat der
		Nederlanden Root CA - G3” root cert in NSS.
* bmo#1692094 - Turn off Websites Trust Bit for 'Chambers of Commerce
		Root - 2008' and 'Global Chambersign Root - 2008’.
* bmo#1694291 - Tracing fixes for ECH.

update to NSS 3.62

* bmo#1688374 - Fix parallel build NSS-3.61 with make
* bmo#1682044 - pkix_Build_GatherCerts() + pkix_CacheCert_Add()
		can corrupt 'cachedCertTable'
* bmo#1690583 - Fix CH padding extension size calculation
* bmo#1690421 - Adjust 3.62 ABI report formatting for new libabigail
* bmo#1690421 - Install packaged libabigail in docker-builds image
* bmo#1689228 - Minor ECH -09 fixes for interop testing, fuzzing
* bmo#1674819 - Fixup a51fae403328, enum type may be signed
* bmo#1681585 - Add ECH support to selfserv
* bmo#1681585 - Update ECH to Draft-09
* bmo#1678398 - Add Export/Import functions for HPKE context
* bmo#1678398 - Update HPKE to draft-07

update to NSS 3.61

* bmo#1682071 - Fix issue with IKE Quick mode deriving incorrect key
		values under certain conditions.
* bmo#1684300 - Fix default PBE iteration count when NSS is compiled
		with NSS_DISABLE_DBM.
* bmo#1651411 - Improve constant-timeness in RSA operations.
* bmo#1677207 - Upgrade Google Test version to latest release.
* bmo#1654332 - Add aarch64-make target to nss-try.

Update to NSS 3.60.1:

Notable changes in NSS 3.60:
* TLS 1.3 Encrypted Client Hello (draft-ietf-tls-esni-08) support
  has been added, replacing the previous ESNI (draft-ietf-tls-esni-01)
  implementation. See bmo#1654332 for more information.
* December 2020 batch of Root CA changes, builtins library updated
  to version 2.46. See bmo#1678189, bmo#1678166, and bmo#1670769
  for more information.

Update to NSS 3.59.1:

* bmo#1679290 - Fix potential deadlock with certain third-party
		PKCS11 modules

Update to NSS 3.59:

Notable changes:

* Exported two existing functions from libnss:
  CERT_AddCertToListHeadWithData and CERT_AddCertToListTailWithData

Bugfixes

* bmo#1607449 - Lock cert->nssCertificate to prevent a potential data race
* bmo#1672823 - Add Wycheproof test cases for HMAC, HKDF, and DSA
* bmo#1663661 - Guard against NULL token in nssSlot_IsTokenPresent
* bmo#1670835 - Support enabling and disabling signatures via Crypto Policy
* bmo#1672291 - Resolve libpkix OCSP failures on SHA1 self-signed
		root certs when SHA1 signatures are disabled.
* bmo#1644209 - Fix broken SelectedCipherSuiteReplacer filter to
		solve some test intermittents
* bmo#1672703 - Tolerate the first CCS in TLS 1.3 to fix a regression in
		our CVE-2020-25648 fix that broke purple-discord
		(boo#1179382)
* bmo#1666891 - Support key wrap/unwrap with RSA-OAEP
* bmo#1667989 - Fix gyp linking on Solaris
* bmo#1668123 - Export CERT_AddCertToListHeadWithData and
		CERT_AddCertToListTailWithData from libnss
* bmo#1634584 - Set CKA_NSS_SERVER_DISTRUST_AFTER for Trustis FPS Root CA
* bmo#1663091 - Remove unnecessary assertions in the streaming
		ASN.1 decoder that affected decoding certain PKCS8
		private keys when using NSS debug builds
*  bmo#670839 - Use ARM crypto extension for AES, SHA1 and SHA2 on MacOS.

update to NSS 3.58

Bugs fixed:

* bmo#1641480 (CVE-2020-25648)
  Tighten CCS handling for middlebox compatibility mode.
* bmo#1631890 - Add support for Hybrid Public Key Encryption
  (draft-irtf-cfrg-hpke) support for TLS Encrypted Client Hello
  (draft-ietf-tls-esni).
* bmo#1657255 - Add CI tests that disable SHA1/SHA2 ARM crypto
  extensions.
* bmo#1668328 - Handle spaces in the Python path name when using
  gyp on Windows.
* bmo#1667153 - Add PK11_ImportDataKey for data object import.
* bmo#1665715 - Pass the embedded SCT list extension (if present)
  to TrustDomain::CheckRevocation instead of the notBefore value.

update to NSS 3.57

* The following CA certificates were Added:
  bmo#1663049 - CN=Trustwave Global Certification Authority
      SHA-256 Fingerprint: 97552015F5DDFC3C8788C006944555408894450084F100867086BC1A2BB58DC8
  bmo#1663049 - CN=Trustwave Global ECC P256 Certification Authority
      SHA-256 Fingerprint: 945BBC825EA554F489D1FD51A73DDF2EA624AC7019A05205225C22A78CCFA8B4
  bmo#1663049 - CN=Trustwave Global ECC P384 Certification Authority
      SHA-256 Fingerprint: 55903859C8C0C3EBB8759ECE4E2557225FF5758BBD38EBD48276601E1BD58097
* The following CA certificates were Removed:
  bmo#1651211 - CN=EE Certification Centre Root CA
      SHA-256 Fingerprint: 3E84BA4342908516E77573C0992F0979CA084E4685681FF195CCBA8A229B8A76
  bmo#1656077 - O=Government Root Certification Authority; C=TW
      SHA-256 Fingerprint: 7600295EEFE85B9E1FD624DB76062AAAAE59818A54D2774CD4C0B2C01131E1B3
* Trust settings for the following CA certificates were Modified:
  bmo#1653092 - CN=OISTE WISeKey Global Root GA CA
      Websites (server authentication) trust bit removed.
* https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.57_release_notes

update to NSS 3.56

Notable changes

* bmo#1650702 - Support SHA-1 HW acceleration on ARMv8
* bmo#1656981 - Use MPI comba and mulq optimizations on x86-64 MacOS.
* bmo#1654142 - Add CPU feature detection for Intel SHA extension.
* bmo#1648822 - Add stricter validation of DH keys in FIPS mode.
* bmo#1656986 - Properly detect arm64 during GYP build architecture
		detection.
* bmo#1652729 - Add build flag to disable RC2 and relocate to
		lib/freebl/deprecated.
* bmo#1656429 - Correct RTT estimate used in 0-RTT anti-replay.
* bmo#1588941 - Send empty certificate message when scheme selection
		fails.
* bmo#1652032 - Fix failure to build in Windows arm64 makefile
		cross-compilation.
* bmo#1625791 - Fix deadlock issue in nssSlot_IsTokenPresent.
* bmo#1653975 - Fix 3.53 regression by setting 'all' as the default
		makefile target.
* bmo#1659792 - Fix broken libpkix tests with unexpired PayPal cert.
* bmo#1659814 - Fix interop.sh failures with newer tls-interop
		commit and dependencies.
* bmo#1656519 - NSPR dependency updated to 4.28

update to NSS 3.55

Notable changes
* P384 and P521 elliptic curve implementations are replaced with
  verifiable implementations from Fiat-Crypto [0] and ECCKiila [1].
* PK11_FindCertInSlot is added. With this function, a given slot
  can be queried with a DER-Encoded certificate, providing performance
  and usability improvements over other mechanisms. (bmo#1649633)
* DTLS 1.3 implementation is updated to draft-38. (bmo#1647752)

Relevant Bugfixes

* bmo#1631583 (CVE-2020-6829, CVE-2020-12400) - Replace P384 and
  P521 with new, verifiable implementations from Fiat-Crypto and ECCKiila.
* bmo#1649487 - Move overzealous assertion in VFY_EndWithSignature.
* bmo#1631573 (CVE-2020-12401) - Remove unnecessary scalar padding.
* bmo#1636771 (CVE-2020-12403) - Explicitly disable multi-part
  ChaCha20 (which was not functioning correctly) and more strictly
  enforce tag length.
* bmo#1649648 - Don't memcpy zero bytes (sanitizer fix).
* bmo#1649316 - Don't memcpy zero bytes (sanitizer fix).
* bmo#1649322 - Don't memcpy zero bytes (sanitizer fix).
* bmo#1653202 - Fix initialization bug in blapitest when compiled
  with NSS_DISABLE_DEPRECATED_SEED.
* bmo#1646594 - Fix AVX2 detection in makefile builds.
* bmo#1649633 - Add PK11_FindCertInSlot to search a given slot
  for a DER-encoded certificate.
* bmo#1651520 - Fix slotLock race in NSC_GetTokenInfo.
* bmo#1647752 - Update DTLS 1.3 implementation to draft-38.
* bmo#1649190 - Run cipher, sdr, and ocsp tests under standard test cycle in CI.
* bmo#1649226 - Add Wycheproof ECDSA tests.
* bmo#1637222 - Consistently enforce IV requirements for DES and 3DES.
* bmo#1067214 - Enforce minimum PKCS#1 v1.5 padding length in
  RSA_CheckSignRecover.
* bmo#1646324 - Advertise PKCS#1 schemes for certificates in the
  signature_algorithms extension.

update to NSS 3.54

Notable changes

* Support for TLS 1.3 external pre-shared keys (bmo#1603042).
* Use ARM Cryptography Extension for SHA256, when available
  (bmo#1528113)
* The following CA certificates were Added:
  bmo#1645186 - certSIGN Root CA G2.
  bmo#1645174 - e-Szigno Root CA 2017.
  bmo#1641716 - Microsoft ECC Root Certificate Authority 2017.
  bmo#1641716 - Microsoft RSA Root Certificate Authority 2017.
* The following CA certificates were Removed:
  bmo#1645199 - AddTrust Class 1 CA Root.
  bmo#1645199 - AddTrust External CA Root.
  bmo#1641718 - LuxTrust Global Root 2.
  bmo#1639987 - Staat der Nederlanden Root CA - G2.
  bmo#1618402 - Symantec Class 2 Public Primary Certification Authority - G4.
  bmo#1618402 - Symantec Class 1 Public Primary Certification Authority - G4.
  bmo#1618402 - VeriSign Class 3 Public Primary Certification Authority - G3.

* A number of certificates had their Email trust bit disabled.
  See bmo#1618402 for a complete list.

Bugs fixed

* bmo#1528113 - Use ARM Cryptography Extension for SHA256.
* bmo#1603042 - Add TLS 1.3 external PSK support.
* bmo#1642802 - Add uint128 support for HACL* curve25519 on Windows.
* bmo#1645186 - Add 'certSIGN Root CA G2' root certificate.
* bmo#1645174 - Add Microsec's 'e-Szigno Root CA 2017' root certificate.
* bmo#1641716 - Add Microsoft's non-EV root certificates.
* bmo1621151 - Disable email trust bit for 'O=Government
	       Root Certification Authority; C=TW' root.
* bmo#1645199 - Remove AddTrust root certificates.
* bmo#1641718 - Remove 'LuxTrust Global Root 2' root certificate.
* bmo#1639987 - Remove 'Staat der Nederlanden Root CA - G2' root
		certificate.
* bmo#1618402 - Remove Symantec root certificates and disable email trust
		bit.
* bmo#1640516 - NSS 3.54 should depend on NSPR 4.26.
* bmo#1642146 - Fix undefined reference to `PORT_ZAlloc_stub' in seed.c.
* bmo#1642153 - Fix infinite recursion building NSS.
* bmo#1642638 - Fix fuzzing assertion crash.
* bmo#1642871 - Enable SSL_SendSessionTicket after resumption.
* bmo#1643123 - Support SSL_ExportEarlyKeyingMaterial with External PSKs.
* bmo#1643557 - Fix numerous compile warnings in NSS.
* bmo#1644774 - SSL gtests to use ClearServerCache when resetting
		self-encrypt keys.
* bmo#1645479 - Don't use SECITEM_MakeItem in secutil.c.
* bmo#1646520 - Stricter enforcement of ASN.1 INTEGER encoding.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3128-1
Released:    Fri Sep 17 16:23:21 2021
Summary:     Recommended update for rpmlint
Type:        recommended
Severity:    moderate
References:  1169494,1189106
This update for rpmlint fixes the following issues:

- Backport whitelisting of oddjob (bsc#1189106, bsc#1169494).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3131-1
Released:    Fri Sep 17 16:36:55 2021
Summary:     Recommended update for xorg-x11-fonts
Type:        recommended
Severity:    moderate
References:  1174895
This update for xorg-x11-fonts fixes the following issues:

- Convert the 'helv*.otb' and 'cour*.otb' files in a different way, generating all available font sizes. (bsc#1174895)
- As part of the above fix, don't remove the 'Regular' suffix from the full name of fonts in 'convertfont.py'

This update for fonttosfnt fixes the following issues:
- Fix more metric calculations (bsc#1174895):

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3132-1
Released:    Fri Sep 17 16:37:37 2021
Summary:     Recommended update for google-guest-oslogin
Type:        recommended
Severity:    moderate
References:  1188992,1189041
This update for google-guest-oslogin contains the following fixes:

- Update to version 20210728.00 (bsc#1188992, bsc#1189041)
  * JSON object cleanup (#65)

- Update to version 20210707.00
  * throw exceptions in cache_refresh (#64)

- from version 20210702.00
  * Use IP address for calling the metadata server. (#63)

- Update to version 20210618.00
  * flush each group member write (#62)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3171-1
Released:    Mon Sep 20 17:26:34 2021
Summary:     Recommended update for java-11-openjdk
Type:        recommended
Severity:    important
References:  1189201,1190252
This update for java-11-openjdk fixes the following issues:

- Implement FIPS support in OpenJDK
- Fix build with 'glibc-2.34' (bsc#1189201)
- Add support for 'riscv64' (zero VM)
- Make NSS the default security provider. (bsc#1190252)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3182-1
Released:    Tue Sep 21 17:04:26 2021
Summary:     Recommended update for file
Type:        recommended
Severity:    moderate
References:  1189996
This update for file fixes the following issues:

- Fixes exception thrown by memory allocation problem (bsc#1189996)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3187-1
Released:    Wed Sep 22 15:09:23 2021
Summary:     Security update for samba
Type:        security
Severity:    important
References:  1182830,1183572,1183574,1184677,1189875,CVE-2020-27840,CVE-2021-20254,CVE-2021-20277
This update for samba fixes the following issues:

- CVE-2021-20277: Fixed an out of bounds read in ldb_handler_fold (bsc#1183574).
- CVE-2021-20254: Fixed a buffer overrun in sids_to_unixids() (bsc#1184677).
- CVE-2020-27840: Fixed an unauthenticated remote heap corruption via bad DNs (bsc#1183572).

- Spec file fixes around systemd and requires (bsc#1182830)
- Fix dependency problem upgrading from libndr0 to libndr1 (bsc#1189875)
- Fix dependency problem upgrading from libsmbldap0 to libsmbldap2 (bsc#1189875)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3188-1
Released:    Wed Sep 22 15:45:22 2021
Summary:     Recommended update for sapnwbootstrap-formula
Type:        recommended
Severity:    moderate
References:  1181541,1185093,1185627,1186236
This update for sapnwbootstrap-formula fixes the following issues:

Update to version 0.6.4+git.1621842068.a86c37c:

- Set the default empty dictionary for 'virtual_addresses'. (bsc#1185627)
  - This also ensures that a dictionary is obtained if the value is None (needed by SUSE Manager)
- Fix issue when 'azure-lb' resource for 'ASCS/ERS' is not added in the corresponding Resource Group (bsc#1186236)
- Set the virtual ip addresses as permanent, except for HA scenarios, 
  to have them even after a reboot of the machine. (bsc#1185093)
- Give the option to mount '/sapmnt' folder locally without using a 'NFS' share.
- Make '/sapmnt' path configurable using 'sapmnt_path' pillar variable
- Update PAS and AAS templates to use HANA sid and instance number to create the configuration file
- Fix error about missing instance installation requisite when monitoring is enabled. (bsc#1181541)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3193-1
Released:    Thu Sep 23 11:24:50 2021
Summary:     Security update for ffmpeg
Type:        security
Severity:    important
References:  1189724,CVE-2021-38171
This update for ffmpeg fixes the following issues:

- CVE-2021-38171: Fixed adts_decode_extradata in libavformat/adtsenc.c to check the init_get_bits return value (bsc#1189724).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3203-1
Released:    Thu Sep 23 14:41:35 2021
Summary:     Recommended update for kmod
Type:        recommended
Severity:    moderate
References:  1189537,1190190
This update for kmod fixes the following issues:

- Use docbook 4 rather than docbook 5 for building man pages (bsc#1190190).
- Enable support for ZSTD compressed modules    
- Display module information even for modules built into the running kernel (bsc#1189537)
- '/usr/lib' should override '/lib' where both are available. Support '/usr/lib' for depmod.d as well.
- Remove test patches included in release 29

- Update to release 29
  * Fix `modinfo -F` not working for built-in modules and certain fields.
  * Fix a memory leak, overflow and double free on error path.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3221-1
Released:    Fri Sep 24 10:20:35 2021
Summary:     Recommended update for apache2-mod_wsgi
Type:        recommended
Severity:    moderate
References:  1189467
This update for apache2-mod_wsgi fixes the following issue:

- Enable installation of Python 'sitelib' wrapper. (bsc#1189467)
  - This update will solve a 'DistributionNotFound' error providing the Python metadata and wrapper for 'mod_wsgi'.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3224-1
Released:    Fri Sep 24 11:34:33 2021
Summary:     Recommended update for shim-susesigned
Type:        recommended
Severity:    moderate
References:  1177315,1177789,1182057,1184454,1185232,1185261,1185441,1185464,1185621,1185961,1187260,1187696
This update for shim-susesigned fixes the following issues:

Sync with Microsoft signed shim to Thu Jul 15 08:13:26 UTC 2021.

This update addresses the 'susesigned' shim component.

shim was updated to 15.4 (bsc#1182057)

- console: Move the countdown function to console.c 
- fallback: show a countdown menu before reset 
- MOK: Fix the missing vendor cert in MokListRT  
- mok: fix the mirroring of RT variables
- Add the license change statement for errlog.c and mok.c
- Remove a couple of incorrect license claims.
- MokManager: Use CompareMem on MokListNode.Type instead of CompareGuid
- Make EFI variable copying fatal only on secureboot enabled systems
- Remove call to TPM2 get_event_log
- tpm: Fix off-by-one error when calculating event size
- tpm: Define EFI_VARIABLE_DATA_TREE as packed
- tpm: Don't log duplicate identical events
- VLogError(): Avoid NULL pointer dereferences in (V)Sprint calls
- OpenSSL: always provide OBJ_create() with name strings.
- translate_slashes(): don't write to string literals
- Fix a use of strlen() instead of Strlen()
- shim: Update EFI_LOADED_IMAGE with the second stage loader file path
- tpm: Include information about PE/COFF images in the TPM Event Log
- Fix a broken tpm type
- All newly released openSUSE kernels enable kernel lockdown
  and signature verification, so there is no need to add the
  prompt anymore.
- Fix the NULL pointer dereference in AuthenticodeVerify()
- Remove the build ID to make the binary reproducible when building with AArch64 container
- Prevent the build id being added to the binary. That can cause issues with the signature
- Allocate MOK config table as BootServicesData to avoid the error message from linux kernel
- Handle ignore_db and user_insecure_mode correctly (bsc#1185441)
- Relax the maximum variable size check for u-boot
- Relax the check for import_mok_state() when Secure Boot is off
- Relax the check for the LoadOptions length
- Fix the size of rela* sections for AArch64
- Disable exporting vendor-dbx to MokListXRT
- Don't call QueryVariableInfo() on EFI 1.10 machines
- Avoid buffer overflow when copying the MOK config table
- Avoid deleting the mirrored RT variables
- Update to 15.3 for SBAT support (bsc#1182057)
- Generate vender-specific SBAT metadata
- Rename the SBAT variable and fix the self-check of SBAT
- Split the keys in vendor-dbx.bin to vendor-dbx-sles and
  vendor-dbx-opensuse for shim-sles and shim-opensuse to reduce
  the size of MokListXRT (bsc#1185261)
- shim-install: reset def_shim_efi to 'shim.efi' if the given file doesn't exist
- shim-install: instead of assuming 'removable' for Azure, remove
  fallback.efi from \EFI\Boot and copy grub.efi/cfg to \EFI\Boot
  to make \EFI\Boot bootable and keep the boot option created by
  efibootmgr (bsc#1185464, bsc#1185961)
- shim-install: always assume 'removable' for Azure to avoid the endless reset loop (bsc#1185464)
- shim-install: Support changing default shim efi binary in /usr/etc/default/shim and /etc/default/shim (bsc#1177315)
- Update dbx-cert.tar.xz and vendor-dbx.bin to block the following sign keys:
  + SLES-UEFI-SIGN-Certificate-2020-07.crt
  + openSUSE-UEFI-SIGN-Certificate-2020-07.crt

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3227-1
Released:    Mon Sep 27 09:50:51 2021
Summary:     Recommended update for createrepo_c, libmodulemd, and zchunk
Type:        recommended
Severity:    moderate
References:  
This update for createrepo_c fixes the following issues:

createrepo_c:

- Does no longer perform a dir walk when --recycle-pkglist is specified
- Added automatic module metadata handling for repos
- Fixed a couple of memory leaks
- Added --arch-expand option
- Added --recycle-pkglist option
- Set global_exit_status on sigint so that .repodata are cleaned up
- Enhance error handling when locating repositories

libmodulemd:

- Just a rebuild of the package, no source changes

zchunk:

- Initial shipment of zchunk to SUSE Linux Enterprise

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3236-1
Released:    Mon Sep 27 16:37:22 2021
Summary:     Security update for gd
Type:        security
Severity:    moderate
References:  1190400,CVE-2021-40812
This update for gd fixes the following issues:

- CVE-2021-40812: Fixed out-of-bounds read caused by the lack of certain gdGetBuf and gdPutBuf return value checks (bsc#1190400).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3242-1
Released:    Tue Sep 28 10:50:36 2021
Summary:     Recommended update for apache2-mod_auth_mellon, lasso
Type:        recommended
Severity:    moderate
References:  
This update for lasso fixes the following issues:

- Implement package 'apache2-mod_auth_mellon' along with its dependency 'lasso' in SLE-15-SP2. (jsc#SLE-8958, jsc#ECO-1309)  
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3244-1
Released:    Tue Sep 28 13:17:04 2021
Summary:     Security update for shibboleth-sp
Type:        security
Severity:    low
References:  1184222
This update for shibboleth-sp fixes the following issues:

- Template generation allows external parameters to override placeholders (bsc#1184222)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3245-1
Released:    Tue Sep 28 13:54:31 2021
Summary:     Recommended update for docker
Type:        recommended
Severity:    important
References:  1190670
This update for docker fixes the following issues:

- Return ENOSYS for clone3 in the seccomp profile to avoid breaking containers using glibc 2.34.
- Add shell requires for the *-completion subpackages.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3255-1
Released:    Wed Sep 29 16:29:48 2021
Summary:     Security update for postgresql13
Type:        security
Severity:    moderate
References:  1179945,1185952,1187751,1189748,CVE-2021-3677
This update for postgresql13 fixes the following issues:

- CVE-2021-3677: Fixed memory disclosure in certain queries (bsc#1189748).

- Fixed build with llvm12 on s390x (bsc#1185952).
- Re-enabled icu for PostgreSQL 10 (bsc#1179945).
- Made the dependency of postgresqlXX-server-devel on llvm and clang optional (bsc#1187751).
- llvm12 breaks PostgreSQL 11 and 12 on s390x. Use llvm11 as a workaround (bsc#1185952).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3274-1
Released:    Fri Oct  1 10:34:17 2021
Summary:     Recommended update for ca-certificates-mozilla
Type:        recommended
Severity:    important
References:  1190858
This update for ca-certificates-mozilla fixes the following issues:

- remove one of the Letsencrypt CAs DST_Root_CA_X3.pem, as it expires
  September 30th 2021 and openssl certificate chain handling does not
  handle this correctly in openssl 1.0.2 and older.
  (bsc#1190858)


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3291-1
Released:    Wed Oct  6 16:45:36 2021
Summary:     Security update for glibc
Type:        security
Severity:    moderate
References:  1186489,1187911,CVE-2021-33574,CVE-2021-35942
This update for glibc fixes the following issues:

- CVE-2021-33574: Fixed use __pthread_attr_copy in mq_notify (bsc#1186489).
- CVE-2021-35942: Fixed wordexp handle overflow in positional parameter number (bsc#1187911).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3293-1
Released:    Wed Oct  6 16:47:31 2021
Summary:     Security update for ffmpeg
Type:        security
Severity:    moderate
References:  1186761,CVE-2020-22042
This update for ffmpeg fixes the following issues:

- CVE-2020-22042: Fixed a denial of service vulnerability led by a memory leak in the link_filter_inouts function in libavfilter/graphparser.c. (bsc#1186761)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3307-1
Released:    Wed Oct  6 18:12:07 2021
Summary:     Recommended update for virt-what
Type:        recommended
Severity:    moderate
References:  1161850,1176132
This update for virt-what fixes the following issues:

- Nutanix Acropolis Hypervisor detection
- podman detection
- Add 'which' to requires

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3325-1
Released:    Sat Oct  9 19:45:01 2021
Summary:     Security update for rabbitmq-server
Type:        security
Severity:    moderate
References:  1185075,1186203,1187818,1187819,CVE-2021-22116,CVE-2021-32718,CVE-2021-32719
This update for rabbitmq-server fixes the following issues:

- CVE-2021-32718: Fixed improper neutralization of script-related HTML tags in a web page (basic XSS) in management UI (bsc#1187818).
- CVE-2021-32719: Fixed improper neutralization of script-related HTML tags in a web page (basic XSS) in federation management plugin (bsc#1187819).
- CVE-2021-22116: Fixed improper input validation may lead to DoS (bsc#1186203).

- Use /run instead of /var/run in tmpfiles.d configuration (bsc#1185075).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3349-1
Released:    Tue Oct 12 13:21:48 2021
Summary:     Recommended update for libgphoto2
Type:        recommended
Severity:    moderate
References:  1172301
This update for libgphoto2 fixes the following issues:

libgphoto2 was updated to the 2.5.27 release  (jsc#SLE-21615)

- Lots of new camera models added.
- Camera support enhanced for Sony Alpha, Fuji XT, Nikon Z, Canon EOS R, Panasonic Lumix, Leica SL, ...
- Better support for files over 4GB
- Lumix Wifi, Docupen support added.
- Lots of bugfixes

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3382-1
Released:    Tue Oct 12 14:30:17 2021
Summary:     Recommended update for ca-certificates-mozilla
Type:        recommended
Severity:    moderate
References:  
This update for ca-certificates-mozilla fixes the following issues:

- A new sub-package for minimal base containers (jsc#SLE-22162)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3390-1
Released:    Tue Oct 12 18:53:38 2021
Summary:     Recommended update for fcoe-utils
Type:        recommended
Severity:    moderate
References:  1010047,1182804
This update for fcoe-utils fixes the following issues:

Update to version 1.0.34 (bsc#1182804)

- Fix 21 string-op truncation, format truncation, and format overflow errors
- Use of uninitialized values detected during LTO
- fix VLAN device name overflow check
- Fix an issue caused by 'safe_makepath' change in 'libopenfcoe.c' 
- Char can be unsigned on ARM, so set signed explicitly as the check expects it can be negative
- Handle NIC names longer than 7 characters. (bsc#1010047)
- Change debug->log message if daemon running
- Remove references to 'open-fcoe.org'
- Fix two gcc-11 compiler warnings.
- Exit 'fcoemon' command if 'fcoemon' daemon is already running.
- Update systemd service files

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3406-1
Released:    Wed Oct 13 10:40:44 2021
Summary:     Recommended update for ServiceReport
Type:        recommended
Severity:    moderate
References:  
This update for ServiceReport fixes the following issues:

- ServiceReport v2.2.3 release.(jsc#18193)
- Added hardening to systemd service(s).
- Run-on supported architectures only.
- [fadump] Update crashkernel recommendation.
- [Daemon] check active status along with enabled.
- Take crashkernel recommendation from kdump-lib.sh scripts.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3409-1
Released:    Wed Oct 13 10:41:02 2021
Summary:     Recommended update for libGLw
Type:        recommended
Severity:    low
References:  1191122
This update for libGLw fixes the following issue:

- fix libGLw.so symlink of devel package. (bsc#1191122)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3410-1
Released:    Wed Oct 13 10:41:36 2021
Summary:     Recommended update for xkeyboard-config
Type:        recommended
Severity:    moderate
References:  1191242
This update for xkeyboard-config fixes the following issue:

- Wrong keyboard mapping causing input delays with ABNT2 keyboards. (bsc#1191242)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3445-1
Released:    Fri Oct 15 09:03:39 2021
Summary:     Security update for rpm
Type:        security
Severity:    important
References:  1183659,1185299,1187670,1188548
This update for rpm fixes the following issues:

Security issues fixed:

- PGP hardening changes (bsc#1185299)

Maintaince issues fixed:

- Fixed zstd detection (bsc#1187670)
- Added ndb rofs support (bsc#1188548)
- Fixed deadlock when multiple rpm processes try tp acquire the database lock (bsc#1183659)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3448-1
Released:    Fri Oct 15 09:12:28 2021
Summary:     Recommended update for scap-security-guide
Type:        recommended
Severity:    moderate
References:  1191431,1191432
This update for scap-security-guide fixes the following issues:

The scap-security-guide was updated to 0.1.58 release (jsc#ECO-3319)

- Support for Script Checking Engine (SCE)
- Split RHEL 8 CIS profile using new controls file format
- CIS Profiles for SUSE Linux Enterprise 12
- Initial Ubuntu 20.04 STIG Profiles
- Addition of an automated CCE adder


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3451-1
Released:    Sat Oct 16 10:49:25 2021
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    important
References:  1188891,1189547,1190269,1190274,1190710,1191332,CVE-2021-29980,CVE-2021-29981,CVE-2021-29982,CVE-2021-29983,CVE-2021-29984,CVE-2021-29985,CVE-2021-29986,CVE-2021-29987,CVE-2021-29988,CVE-2021-29989,CVE-2021-29990,CVE-2021-29991,CVE-2021-32810,CVE-2021-38492,CVE-2021-38495,CVE-2021-38496,CVE-2021-38497,CVE-2021-38498,CVE-2021-38500,CVE-2021-38501
This update for MozillaFirefox fixes the following issues:

This update contains the Firefox Extended Support Release 91.2.0 ESR.

Release 91.2.0 ESR:

* Fixed: Various stability, functionality, and security fixes

MFSA 2021-45 (bsc#1191332):

* CVE-2021-38496: Use-after-free in MessageTask
* CVE-2021-38497: Validation message could have been overlaid on another origin
* CVE-2021-38498: Use-after-free of nsLanguageAtomService object
* CVE-2021-32810: Fixed Data race in crossbeam-deque
* CVE-2021-38500: Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2
* CVE-2021-38501: Memory safety bugs fixed in Firefox 93 and Firefox ESR 91.2

- Fixed crash in FIPS mode (bsc#1190710)

Release 91.1.0 ESR:

* Fixed: Various stability, functionality, and security fixes

MFSA 2021-40 (bsc#1190269, bsc#1190274):

* CVE-2021-38492: Navigating to `mk:` URL scheme could load Internet Explorer
* CVE-2021-38495: Memory safety bugs fixed in Firefox 92 and Firefox ESR 91.1

Release 91.0.1esr ESR:

* Fixed: Fixed an issue causing buttons on the tab bar to be
  resized when loading certain websites (bug 1704404)
* Fixed: Fixed an issue which caused tabs from private windows
  to be visible in non-private windows when viewing switch-to-
  tab results in the address bar panel (bug 1720369)
* Fixed: Various stability fixes
* Fixed: Security fix MFSA 2021-37 (bsc#1189547)
* CVE-2021-29991 (bmo#1724896)
  Header Splitting possible with HTTP/3 Responses

Firefox Extended Support Release 91.0 ESR

* New: Some of the highlights of the new Extended Support Release are:

  - A number of user interface changes. For more information,
    see the Firefox 89 release notes.
  - Firefox now supports logging into Microsoft, work, and
    school accounts using Windows single sign-on. Learn more
  - On Windows, updates can now be applied in the background
    while Firefox is not running.
  - Firefox for Windows now offers a new page about:third-party
    to help identify compatibility issues caused by third-party
    applications
  - Version 2 of Firefox's SmartBlock feature further improves
    private browsing. Third party Facebook scripts are blocked to
    prevent you from being tracked, but are now automatically
    loaded 'just in time' if you decide to 'Log in with Facebook'
    on any website.
  - Enhanced the privacy of the Firefox Browser's Private
    Browsing mode with Total Cookie Protection, which confines
    cookies to the site where they were created, preventing
    companis from using cookies to track your browsing across
    sites. This feature was originally launched in Firefox's ETP
    Strict mode.
  - PDF forms now support JavaScript embedded in PDF files.
    Some PDF forms use JavaScript for validation and other
    interactive features.
  - You'll encounter less website breakage in Private Browsing
    and Strict Enhanced Tracking Protection with SmartBlock,
    which provides stand-in scripts so that websites load
    properly.
  - Improved Print functionality with a cleaner design and
    better integration with your computer's printer settings.
  - Firefox now protects you from supercookies, a type of
    tracker that can stay hidden in your browser and track you
    online, even after you clear cookies. By isolating
    supercookies, Firefox prevents them from tracking your web
    browsing from one site to the next.
  - Firefox now remembers your preferred location for saved
    bookmarks, displays the bookmarks toolbar by default on new
    tabs, and gives you easy access to all of your bookmarks via
    a toolbar folder.
  - Native support for macOS devices built with Apple Silicon
    CPUs brings dramatic performance improvements over the non-
    native build that was shipped in Firefox 83: Firefox launches
    over 2.5 times faster and web apps are now twice as
    responsive (per the SpeedoMeter 2.0 test). If you are on a
    new Apple device, follow these steps to upgrade to the latest
    Firefox.
  - Pinch zooming will now be supported for our users with
    Windows touchscreen devices and touchpads on Mac devices.
    Firefox users may now use pinch to zoom on touch-capable
    devices to zoom in and out of webpages.
  - We’ve improved functionality and design for a number of
    Firefox search features:
    * Selecting a search engine at the bottom of the search
      panel now enters search mode for that engine, allowing you to
      see suggestions (if available) for your search terms. The old
      behavior (immediately performing a search) is available with
      a shift-click.
    * When Firefox autocompletes the URL of one of your search
      engines, you can now search with that engine directly in the
      address bar by selecting the shortcut in the address bar
      results.
    * We’ve added buttons at the bottom of the search panel to
      allow you to search your bookmarks, open tabs, and history.
  - Firefox supports AcroForm, which will allow you to fill in,
    print, and save supported PDF forms and the PDF viewer also
    has a new fresh look.
  - For our users in the US and Canada, Firefox can now save,
    manage, and auto-fill credit card information for you, making
    shopping on Firefox ever more convenient.
  - In addition to our default, dark and light themes, with
    this release, Firefox introduces the Alpenglow theme: a
    colorful appearance for buttons, menus, and windows. You can
    update your Firefox themes under settings or preferences.
* Changed: Firefox no longer supports Adobe Flash. There is no
  setting available to re-enable Flash support.
* Enterprise: Various bug fixes and new policies have been
  implemented in the latest version of Firefox. See more
  details in the Firefox for Enterprise 91 Release Notes.

  MFSA 2021-33 (bsc#1188891):

* CVE-2021-29986: Race condition when resolving DNS names could have led to
  memory corruption
* CVE-2021-29981: Live range splitting could have led to conflicting
  assignments in the JIT
* CVE-2021-29988: Memory corruption as a result of incorrect style treatment
* CVE-2021-29983: Firefox for Android could get stuck in fullscreen mode
* CVE-2021-29984: Incorrect instruction reordering during JIT optimization
* CVE-2021-29980: Uninitialized memory in a canvas object could have led to
  memory corruption
* CVE-2021-29987: Users could have been tricked into accepting unwanted
  permissions on Linux
* CVE-2021-29985: Use-after-free media channels
* CVE-2021-29982: Single bit data leak due to incorrect JIT optimization and
  type confusion
* CVE-2021-29989: Memory safety bugs fixed in Firefox 91 and Firefox ESR 78.13
* CVE-2021-29990: Memory safety bugs fixed in Firefox 91

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3465-1
Released:    Tue Oct 19 13:12:46 2021
Summary:     Recommended update for cloud-regionsrv
Type:        recommended
Severity:    moderate
References:  1190250
This update for cloud-regionsrv contains the following fixes:

- Update to version 8.1.2 (bsc#1190250)
  + Place certificate key in proper destination

- Update to version 8.1.1 (bsc#1190250)
  + Use a cross-filesystem compatible method to move certificates

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3471-1
Released:    Wed Oct 20 08:39:41 2021
Summary:     Recommended update for habootstrap-formula
Type:        recommended
Severity:    moderate
References:  1190940
This update for habootstrap-formula fixes the following issues:

Update to version 0.4.4

- Wait for cluster startup after a 'corosync' restart. (bsc#1190940)
- Add support for The Oracle Cluster File System v2 (OCFS2) 
- Enable native fencing for 'microsoft-azure'
- Add documentation on how to enable native fencing

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3476-1
Released:    Wed Oct 20 08:42:00 2021
Summary:     Security update for xstream
Type:        security
Severity:    important
References:  1189798,CVE-2021-39139,CVE-2021-39140,CVE-2021-39141,CVE-2021-39144,CVE-2021-39145,CVE-2021-39146,CVE-2021-39147,CVE-2021-39148,CVE-2021-39149,CVE-2021-39150,CVE-2021-39151,CVE-2021-39152,CVE-2021-39153,CVE-2021-39154
This update for xstream fixes the following issues:

- Upgrade to 1.4.18
- CVE-2021-39139: Fixed an issue that allowed an attacker to execute arbitrary code execution by manipulating the processed input stream with type information. (bsc#1189798)
- CVE-2021-39140: Fixed an issue that allowed an attacker to execute a DoS attack by manipulating the processed input stream. (bsc#1189798)
- CVE-2021-39141: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798)
- CVE-2021-39144: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798)
- CVE-2021-39145: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798)
- CVE-2021-39146: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798)
- CVE-2021-39147: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798)
- CVE-2021-39148: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798)
- CVE-2021-39149: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798)
- CVE-2021-39150: Fixed an issue that allowed an attacker to access protected resources hosted within the intranet or in the host itself. (bsc#1189798)
- CVE-2021-39151: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798)
- CVE-2021-39152: Fixed an issue that allowed an attacker to access protected resources hosted within the intranet or in the host itself. (bsc#1189798)
- CVE-2021-39153: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798)
- CVE-2021-39154: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798)

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2021:3483-1
Released:    Wed Oct 20 16:08:18 2021
Summary:     Feature update for saptune
Type:        feature
Severity:    moderate
References:  1149205,1164720,1167213,1167416,1167618,1170672,1176243,1178207,1179275,1182009,1182287,1182289,1185702
This update for saptune fixes the following issues:

Update saptune from version 2.0.3 to version 3.0.0 (jsc#SLE-20985)

- This will be additional reflected in the saptune version found in '/etc/sysconfig/saptune' '(SAPTUNE_VERSION)'
- Strengthen configuration process with staging, checks of external changes and expansion of automation to new
  platforms (Azure, AWS) and hardware specifics (jsc#SLE-20985)
- Remove saptune version 1 (jsc#SLE-10823, jsc#SLE-10842)
- Remove usage of 'tuned' from saptune
  - Add an own systemd service file for saptune to 'start/stop' tuning of parameter values during a reboot of the
    system.
  - Add a new saptune action 'service' to handle the 'saptune.service' supporting 'start/stop/enable/disable/status'.
  - The saptune action 'daemon', which handled 'tuned.service' in the past, is now flagged as 'deprecated' and
    internally linked to the new action 'service'. (jsc#SLE-5589, jsc#SLE-5588, jsc#SLE-6457)
- Add a sanity check to detect Note definition files which do not exist anymore. (bsc#1149205)
  This can happen when a Note is renamed or deleted, but without reverting the Note before.
  saptune will now print an error message, remove the Note from the tracking variables in '/etc/sysconfig/saptune'
  and try to revert the related parameter settings.
- Validate if the json input file is empty and handle left-over files from the migration from saptune v1 to
  saptune v2 (bsc#1167618)
- To support system parameters only relevant for specific SUSE Linux Enterprise Server releases, service packs and/or
  hardware architectures saptune now supports 'tagged' sections inside the Note 
  definition files. (jsc#SLE-13246, jsc#SLE-13245)
- New kernel requirement for Power added to SAP-Note 2205917 and 2684254 (bsc#1167416)
  SAP Note 2205917 updated to Version 61
  SAP Note 2684254 updated to Version 15
- SAP Note 2382421 updated to Version 37 (bsc#1170672)
  - Move all 'not-well-defined' parameters from the 'reminder' section into the 'sysctl' section, but with 
  'empty' values.
  - Use an override file to define the values fitting your system requirements
- Support empty parameter values in the Note definition files and not only in the override 
  file. (bsc#1170672, jsc#TEAM-1702)
  - This is needed for the support of SAP Notes like 2382421, so that the customer is able to simply use an override 
  file to define some special parameters instead of using a customer specific Note definition file.
- Report an 'error' instead of 'info' and set the exit code to '1', if we reject the apply of a solution (bsc#1167213)
- Skip perf bias change if secure boot is enabled. (bsc#1176243)
  - When a system is in lockdown mode, i.e., Secure Boot is enabled, MSR cannot be altered in user-space. So check, if 
  Secure Boot is enabled using the mokutil utility and skip setting the perf bias in case it is.
- Rework the internal block device handling to speed up the apply of block device related tunings on systems with a 
  high number of block devices. (bsc#1178207)
- Change block device handling to handle multipath devices correctly. Only the DM multipath devices will be used for
  the settings, but not its paths. (bsc#1179275)
- fixed wrong comparison used for setting FORCE_LATENCY (bsc#1185702)
- add keyword 'all' to the 'rpm' section description in the man page saptune-note(5). (bsc#1182287)
- support note definition versions containing digits, upper-case and lower-case letters, dots, underscores, minus and
  plus signs. (bsc#1182289)
- fixed issue with 'verify' operation and parameter 'VSZ_TMPFS_PERCENT'. As this parameter is only used to calculate
  the value of 'ShmFileSystemSizeMB' (if it is not set to a value >0 in the Note definition file) it will not be
  checked and compared during the saptune operation 'verify'. A footnote is pointing this out.  (bsc#1182009)
- SAP Note 1771258 update nofile values (bsc#1164720)
- SAP Note 2684254 updated to Version 20
  SAP Note 2578899 updated to Version 39
  SAP Note 1680803 updated to Version 26
- enhancements for saptune version 3 (jsc#SLE-16972)
  - Implement a lock to avoid multiple instances of saptune running in parallel. (jsc#TEAM-1700)
  - Support for non-colorized output (jsc#TEAM-1679)
  - If redirecting the output from saptune to a pipe, you no longer need to deal with the
	  'ugly' control sequences for the colorized output.
  - Add enable/disable for systemd units and support all systemd unit types in section [service] (jsc#TEAM-1701)
  - remove script '/usr/share/doc/packages/saptune/sapconf2saptune' and the associated man page (jsc#TEAM-1707)
  - implement staging of Note definition file and solution definitions. (jsc#TEAM-1844)
    - The idea is to freeze the saptune configuration to avoid config changes on package update when 
    adding/removing/changing notes or solutions within the package
  - support custom solutions and override files for solutions. (jsc#TEAM-1706)
    - Partners and customers will now be able to define their own solution definitions by using files in 
    '/etc/saptune/extra' or to override the shipped solution definitions by using override files in 
    '/etc/saptune/override'
  - support for device specific configurations (jsc#TEAM-1728)
    - only supported for the [block] section, tags are 'vendor' and 'model' to support special block devices 
    of a dedicated hardware vendor or a dedicated hardware model
  - add support for AZURE cloud (SAP Note 2993054) (jsc#TEAM-2676)
  - add support for AWS cloud (SAP Note 1656250) (jsc#TEAM-1754, jsc#TEAM-1755)
  - add NVMe support to the block device handling to support AWS (jsc#TEAM-2675)
  - add SAP Note 3024346 (a NetApp note) (jsc#TEAM-3454)
  - rework daemon and service actions (jsc#TEAM-3154)
  - add support for 'read_ahead_kb' and 'max_sectors_kb' to the [block] section (jsc#TEAM-1699)
  - add a warning to the reminder section of SAP Note 2382421 regarding iSCSI devices and setting of 
    'net.ipv4.tcp_syn_retries' (jsc#TEAM-1705)
  - For the actions 'note customise' and 'note create' check, if the customer has changed something during the editor 
  session. If not, remove the temporary created note definition file. (jsc#TEAM-825)
  - add support for [sys] section and handle double configurations for parameters defined in the [sys] 
  section (jsc#TEAM-3342)
  - check system sysctl config files as mentioned in the comments of '/etc/sysctl.conf' and in man 
  page 'sysctl.conf(5)' for 'sysctl' parameters currently set by saptune notes. Print a warning and a 
  footnote for 'verify' and 'customize'. (jsc#TEAM-1696)
  - add support for [filesystem] section only check filesystem mount options, not modify. 
  Starting with filesystem type 'xfs' (jsc#TEAM-4093)
  - add SAP Note 900929 for SAP Netweaver workloads. (jsc#TEAM-4386)
    - It's the equivalent to the HANA Note 1980196.
  - move state files from '/var/lib/saptune' to '/run/saptune' to solve the problem of state files surviving a reboot.
  - add '/sbin/saptune_check'
  - add the description of the solution definitions shipped with saptune to the man page saptune(8) (jsc#TEAM-4260)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3490-1
Released:    Wed Oct 20 16:31:55 2021
Summary:     Security update for ncurses
Type:        security
Severity:    moderate
References:  1190793,CVE-2021-39537
This update for ncurses fixes the following issues:

- CVE-2021-39537: Fixed an heap-based buffer overflow in _nc_captoinfo. (bsc#1190793)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3493-1
Released:    Wed Oct 20 16:37:44 2021
Summary:     Security update for fetchmail
Type:        security
Severity:    moderate
References:  1190069,CVE-2021-39272
This update for fetchmail fixes the following issues:

- CVE-2021-39272: Fix failure to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH. (bsc#1190069)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3494-1
Released:    Wed Oct 20 16:48:46 2021
Summary:     Recommended update for pam
Type:        recommended
Severity:    moderate
References:  1190052
This update for pam fixes the following issues:

- Added pam_faillock to the set of available PAM modules. (jsc#SLE-20638)
- Added new file macros.pam on request of systemd. (bsc#1190052)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3500-1
Released:    Fri Oct 22 09:42:21 2021
Summary:     Recommended update for open-vm-tools
Type:        recommended
Severity:    moderate
References:  1190987
This update for open-vm-tools fixes the following issues:

- New/Updated features:
  * Added a configurable logging capability to the network script
  * The hgfsmounter (mount.vmhgfs) command has been removed from open-vm-tools.
    It has been replaced by hgfs-fuse.
- Resolved issues:
  * Customization: Retry the Linux reboot if telinit is a soft link to systemctl
  * open-vm-tools commands would hang if configured with '--enable-valgrind'

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3501-1
Released:    Fri Oct 22 10:42:46 2021
Summary:     Recommended update for libzypp, zypper, libsolv, protobuf
Type:        recommended
Severity:    moderate
References:  1186503,1186602,1187224,1187425,1187466,1187738,1187760,1188156,1188435,1189031,1190059,1190199,1190465,1190712,1190815
This update for libzypp, zypper, libsolv and protobuf fixes the following issues:

- Choice rules: treat orphaned packages as newest (bsc#1190465)
- Avoid calling 'su' to detect a too restrictive sudo user umask (bsc#1186602)
- Do not check of signatures and keys two times(redundant) (bsc#1190059)
- Rephrase vendor conflict message in case 2 packages are involved (bsc#1187760)
- Show key fpr from signature when signature check fails (bsc#1187224)
- Fix solver jobs for PTFs (bsc#1186503)
- Fix purge-kernels fails (bsc#1187738)
- Fix obs:// platform guessing for Leap (bsc#1187425)
- Make sure to keep states alives while transitioning. (bsc#1190199)
- Manpage: Improve description about patch updates(bsc#1187466)
- Manpage: Recommend the needs-rebooting command to test whether a system reboot is suggested.
- Fix kernel-*-livepatch removal in purge-kernels. (bsc#1190815)
- Fix crashes in logging code when shutting down (bsc#1189031)
- Do not download full files even if the checkExistsOnly flag is set. (bsc#1190712)
- Add need reboot/restart hint to XML install summary (bsc#1188435)
- Prompt: choose exact match if prompt options are not prefix free (bsc#1188156)
- Include libprotobuf-lite20 in products to enable parallel downloads. (jsc#ECO-2911, jsc#SLE-16862)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3506-1
Released:    Mon Oct 25 10:20:22 2021
Summary:     Security update for containerd, docker, runc
Type:        security
Severity:    important
References:  1102408,1185405,1187704,1188282,1190826,1191015,1191121,1191334,1191355,1191434,CVE-2021-30465,CVE-2021-32760,CVE-2021-41089,CVE-2021-41091,CVE-2021-41092,CVE-2021-41103
This update for containerd, docker, runc fixes the following issues:

Docker was updated to 20.10.9-ce. (bsc#1191355)

See upstream changelog in the packaged
  /usr/share/doc/packages/docker/CHANGELOG.md. 

  CVE-2021-41092 CVE-2021-41089 CVE-2021-41091 CVE-2021-41103

container was updated to v1.4.11, to fix CVE-2021-41103. bsc#1191355

- CVE-2021-32760: Fixed that a archive package allows chmod of file outside of unpack target directory (bsc#1188282)

- Install systemd service file as well (bsc#1190826)

Update to runc v1.0.2. Upstream changelog is available from

  https://github.com/opencontainers/runc/releases/tag/v1.0.2

* Fixed a failure to set CPU quota period in some cases on cgroup v1.
* Fixed the inability to start a container with the 'adding seccomp filter
  rule for syscall ...' error, caused by redundant seccomp rules (i.e. those
  that has action equal to the default one). Such redundant rules are now
  skipped.
* Made release builds reproducible from now on.
* Fixed a rare debug log race in runc init, which can result in occasional
  harmful 'failed to decode ...' errors from runc run or exec.
* Fixed the check in cgroup v1 systemd manager if a container needs to be
  frozen before Set, and add a setting to skip such freeze unconditionally.
  The previous fix for that issue, done in runc 1.0.1, was not working.

Update to runc v1.0.1. Upstream changelog is available from

https://github.com/opencontainers/runc/releases/tag/v1.0.1

* Fixed occasional runc exec/run failure ('interrupted system call') on an
  Azure volume.
* Fixed 'unable to find groups ... token too long' error with /etc/group
  containing lines longer than 64K characters.
* cgroup/systemd/v1: fix leaving cgroup frozen after Set if a parent cgroup is
  frozen. This is a regression in 1.0.0, not affecting runc itself but some
  of libcontainer users (e.g Kubernetes).
* cgroupv2: bpf: Ignore inaccessible existing programs in case of
  permission error when handling replacement of existing bpf cgroup
  programs. This fixes a regression in 1.0.0, where some SELinux
  policies would block runc from being able to run entirely.
* cgroup/systemd/v2: don't freeze cgroup on Set.
* cgroup/systemd/v1: avoid unnecessary freeze on Set.
- fix issues with runc under openSUSE MicroOS's SELinux policy. bsc#1187704

Update to runc v1.0.0. Upstream changelog is available from

https://github.com/opencontainers/runc/releases/tag/v1.0.0

! The usage of relative paths for mountpoints will now produce a warning
  (such configurations are outside of the spec, and in future runc will
  produce an error when given such configurations).
* cgroupv2: devices: rework the filter generation to produce consistent
  results with cgroupv1, and always clobber any existing eBPF
  program(s) to fix runc update and avoid leaking eBPF programs
  (resulting in errors when managing containers).
* cgroupv2: correctly convert 'number of IOs' statistics in a
  cgroupv1-compatible way.
* cgroupv2: support larger than 32-bit IO statistics on 32-bit architectures.
* cgroupv2: wait for freeze to finish before returning from the freezing
  code, optimize the method for checking whether a cgroup is frozen.
* cgroups/systemd: fixed 'retry on dbus disconnect' logic introduced in rc94
* cgroups/systemd: fixed returning 'unit already exists' error from a systemd
  cgroup manager (regression in rc94)
+ cgroupv2: support SkipDevices with systemd driver
+ cgroup/systemd: return, not ignore, stop unit error from Destroy
+ Make 'runc --version' output sane even when built with go get or
  otherwise outside of our build scripts.
+ cgroups: set SkipDevices during runc update (so we don't modify
  cgroups at all during runc update).
+ cgroup1: blkio: support BFQ weights.
+ cgroupv2: set per-device io weights if BFQ IO scheduler is available.

Update to runc v1.0.0~rc95. Upstream changelog is available from https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc95

This release of runc contains a fix for CVE-2021-30465, and users are
strongly recommended to update (especially if you are providing
semi-limited access to spawn containers to untrusted users). (bsc#1185405)

Update to runc v1.0.0~rc94. Upstream changelog is available from https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc94

Breaking Changes:
* cgroupv1: kernel memory limits are now always ignored, as kmemcg has
  been effectively deprecated by the kernel. Users should make use of regular
  memory cgroup controls.

Regression Fixes:

* seccomp: fix 32-bit compilation errors
* runc init: fix a hang caused by deadlock in seccomp/ebpf loading code
* runc start: fix 'chdir to cwd: permission denied' for some setups

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3510-1
Released:    Tue Oct 26 11:22:15 2021
Summary:     Recommended update for pam
Type:        recommended
Severity:    important
References:  1191987
This update for pam fixes the following issues:

- Fixed a bad directive file which resulted in
  the 'securetty' file to be installed as 'macros.pam'.
  (bsc#1191987)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3512-1
Released:    Tue Oct 26 13:33:17 2021
Summary:     Recommended update for MozillaFirefox
Type:        recommended
Severity:    moderate
References:  1190141,1191815
This update for MozillaFirefox fixes the following issues:

- Allow accessing /proc/sys/crypto/fips_enabled
  from within the newly introduced socket process sandbox. (bsc#1191815, bsc#1190141)
- Add a way to let users overwrite MOZ_ENABLE_WAYLAND

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3516-1
Released:    Tue Oct 26 14:42:44 2021
Summary:     Recommended update for azure-cli, azure-cli-core, python-azure-mgmt, python-azure-mgmt-billing, python-azure-mgmt-cdn, python-azure-mgmt-hdinsight, python-azure-mgmt-netapp, python-azure-mgmt-resource, python-azure-mgmt-synapse
Type:        recommended
Severity:    important
References:  1187880,1188178
This update for azure-cli, azure-cli-core, python-azure-mgmt, python-azure-mgmt-billing, python-azure-mgmt-cdn, python-azure-mgmt-hdinsight, python-azure-mgmt-netapp, python-azure-mgmt-resource, python-azure-mgmt-synapse contains the following fixes:

Changes in python-azure-mgmt:
- Remove all version constraints in Requires. (bsc#1187880, bsc#1188178)

Changes in azure-cli-core:
- Update in SLE-15 (bsc#1187880, bsc#1188178)

- New upstream release
  + Version 2.16.0
  + For detailed information about changes see the
    HISTORY.rst file provided with this package
- Refresh patches for new version
- Update Requires from setup.py
  + Temporarily use a vendored copy of azure-mgmt-resource

- New upstream release
  + Version 2.15.0
  + For detailed information about changes see the
    HISTORY.rst file provided with this package
- Update Requires from setup.py

Changes in azure-cli:
- Update in SLE-15 (bsc#1187880, bsc#1188178)

- Add missing python3-azure-mgmt-resource dependency to Requires

- New upstream release
  + Version 2.16.0
  + For detailed information about changes see the
    HISTORY.rst file provided with this package
- Update Requires from setup.py

- New upstream release
  + Version 2.15.0
  + For detailed information about changes see the
    HISTORY.rst file provided with this package
- Update Requires from setup.py

Changes in python-azure-mgmt-billing:
- Update in SLE-15 (bsc#1187880, bsc#1188178)

- New upstream release
  + Version 1.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

Changes in python-azure-mgmt-cdn:
- Update in SLE-15 (bsc#1187880, bsc#1188178)

- New upstream release
  + Version 5.2.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

Changes in python-azure-mgmt-hdinsight:
- Update in SLE-15 (bsc#1187880, bsc#1188178)

- New upstream release
  + Version 2.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

Changes in python-azure-mgmt-netapp:
- Update in SLE-15 (bsc#1187880, bsc#1188178)

- New upstream release
  + Version 0.14.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package

Changes in python-azure-mgmt-resource:
- Update in SLE-15 (bsc#1187880, bsc#1188178)

- New upstream release
  + Version 15.0.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
- Update Requires from setup.py

Changes in python-azure-mgmt-synapse:
- Update in SLE-15 (bsc#1187880, bsc#1188178)

- New upstream release
  + Version 0.5.0
  + For detailed information about changes see the
    CHANGELOG.md file provided with this package
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3521-1
Released:    Tue Oct 26 15:38:44 2021
Summary:     Security update for ffmpeg
Type:        security
Severity:    moderate
References:  1186756,1187852,1189166,1190718,1190719,1190722,1190723,1190726,1190729,1190733,1190734,1190735,CVE-2020-20891,CVE-2020-20892,CVE-2020-20895,CVE-2020-20896,CVE-2020-20899,CVE-2020-20902,CVE-2020-22037,CVE-2020-35965,CVE-2021-3566,CVE-2021-38092,CVE-2021-38093,CVE-2021-38094
This update for ffmpeg fixes the following issues:

- CVE-2021-3566: Fixed information leak (bsc#1189166).
- CVE-2021-38093: Fixed integer overflow vulnerability in filter_robert() (bsc#1190734)
- CVE-2021-38092: Fixed integer overflow vulnerability in filter_prewitt() (bsc#1190733)
- CVE-2021-38094: Fixed integer overflow vulnerability in filter_sobel() (bsc#1190735)
- CVE-2020-22037: Fixed denial of service vulnerability caused by memory leak in avcodec_alloc_context3() (bsc#1186756)
- CVE-2020-35965: Fixed out-of-bounds write in decode_frame() (bsc#1187852)
- CVE-2020-20892: Fixed an issue with filter_frame() (bsc#1190719)
- CVE-2020-20891: Fixed a buffer overflow vulnerability in config_input() (bsc#1190718)
- CVE-2020-20895: Fixed a buffer overflow vulnerability in function filter_vertically_##name (bsc#1190722)
- CVE-2020-20896: Fixed an issue with latm_write_packet() (bsc#1190723)
- CVE-2020-20899: Fixed a buffer overflow vulnerability in config_props() (bsc#1190726)
- CVE-2020-20902: Fixed an out-of-bounds read vulnerabilit long_term_filter() (bsc#1190729)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3527-1
Released:    Tue Oct 26 17:03:06 2021
Summary:     Security update for wireguard-tools
Type:        security
Severity:    moderate
References:  1191224
This update for wireguard-tools fixes the following issues:

- Removed world-readable permissions from /etc/wireguard (bsc#1191224)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3529-1
Released:    Wed Oct 27 09:23:32 2021
Summary:     Security update for pcre
Type:        security
Severity:    moderate
References:  1172973,1172974,CVE-2019-20838,CVE-2020-14155
This update for pcre fixes the following issues:

Update pcre to version 8.45:

- CVE-2020-14155: Fixed integer overflow via a large number after a '(?C' substring (bsc#1172974).
- CVE-2019-20838: Fixed buffer over-read in JIT compiler (bsc#1172973)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3574-1
Released:    Thu Oct 28 12:50:07 2021
Summary:     Recommended update for rpmlint
Type:        recommended
Severity:    moderate
References:  1190790,1191821
This update for rpmlint fixes the following issues:

- whitelisting of systemd-od (bsc#1191821) and pam_u2f (bsc#1190790 jsc#SLE-21888)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3578-1
Released:    Fri Oct 29 11:36:22 2021
Summary:     Recommended update for migrate-sles-to-sles4sap
Type:        recommended
Severity:    moderate
References:  1189481
This update for migrate-sles-to-sles4sap fixes the following issues:

- migrate-sles-to-sles4sap package has dependency perl-XML-Twig that is not installed. (bsc#1189481)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3579-1
Released:    Fri Oct 29 14:56:48 2021
Summary:     Recommended update for cloud-regionsrv-client
Type:        recommended
Severity:    moderate
References:  1182026,1189362
This update for cloud-regionsrv-client fixes the following issues:

- Avoid race confition with ca-certificates. (bsc#1189362)
  + Make the service run after ca-sertificates is done
  + Attempt multiple times to update the trust chain

- New package to enable/disable access due to AHB. (bsc#1182026, jsc#SLE-21246, jsc#SLE-21247,
  jsc#SLE-21248, jsc#SLE-21249)
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3584-1
Released:    Fri Oct 29 16:27:43 2021
Summary:     Security update for transfig
Type:        security
Severity:    important
References:  1189325,1189343,1189345,1189346,1190607,1190611,1190612,1190615,1190616,1190617,1190618,1192019,CVE-2020-21529,CVE-2020-21530,CVE-2020-21531,CVE-2020-21532,CVE-2020-21533,CVE-2020-21534,CVE-2020-21535,CVE-2020-21680,CVE-2020-21681,CVE-2020-21682,CVE-2020-21683,CVE-2021-32280
This update for transfig fixes the following issues:

Update to fig2dev version 3.2.8 Patchlevel 8b (Aug 2021)

- bsc#1190618, CVE-2020-21529: stack buffer overflow in the bezier_spline function in genepic.c.
- bsc#1190615, CVE-2020-21530: segmentation fault in the read_objects function in read.c.
- bsc#1190617, CVE-2020-21531: global buffer overflow in the conv_pattern_index function in gencgm.c.
- bsc#1190616, CVE-2020-21532: global buffer overflow in the setfigfont function in genepic.c.
- bsc#1190612, CVE-2020-21533: stack buffer overflow in the read_textobject function in read.c.
- bsc#1190611, CVE-2020-21534: global buffer overflow in the get_line function in read.c.
- bsc#1190607, CVE-2020-21535: segmentation fault in the gencgm_start function in gencgm.c.
- bsc#1192019, CVE-2021-32280: NULL pointer dereference in compute_closed_spline() in trans_spline.c

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3591-1
Released:    Tue Nov  2 06:26:33 2021
Summary:     Recommended update for man-pages
Type:        recommended
Severity:    moderate
References:  1185534
This update for man-pages fixes the following issues:

- Added missing manual entry for kernel_lockdown in section 7 (bsc#1185534)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3599-1
Released:    Wed Nov  3 10:29:54 2021
Summary:     Recommended update for postgresql, postgresql13, postgresql14
Type:        recommended
Severity:    moderate
References:  
This update for postgresql, postgresql13, postgresql14 fixes the following issues:

This update ships postgresql14. (jsc#SLE-20675 jsc#SLE-20676)

Feature changes in postgresql14:

- https://www.postgresql.org/about/news/postgresql-14-released-2318/
- https://www.postgresql.org/docs/14/release-14.html

Changes in postgresql13:

- Stop building the mini and lib packages as they are now coming
  from postgresql14.

Changes in postgresql:

- Bump version to 14, leave default at 12.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3616-1
Released:    Thu Nov  4 12:29:16 2021
Summary:     Security update for binutils
Type:        security
Severity:    moderate
References:  1179898,1179899,1179900,1179901,1179902,1179903,1180451,1180454,1180461,1181452,1182252,1183511,1184620,1184794,CVE-2020-16590,CVE-2020-16591,CVE-2020-16592,CVE-2020-16593,CVE-2020-16598,CVE-2020-16599,CVE-2020-35448,CVE-2020-35493,CVE-2020-35496,CVE-2020-35507,CVE-2021-20197,CVE-2021-20284,CVE-2021-3487
This update for binutils fixes the following issues:

Update to binutils 2.37:

* The GNU Binutils sources now requires a C99 compiler and library to
  build.
* Support for Realm Management Extension (RME) for AArch64 has been
  added.
* A new linker option '-z report-relative-reloc' for x86 ELF targets
  has been added to report dynamic relative relocations.
* A new linker option '-z start-stop-gc' has been added to disable
  special treatment of __start_*/__stop_* references when
  --gc-sections.
* A new linker options '-Bno-symbolic' has been added which will
  cancel the '-Bsymbolic' and '-Bsymbolic-functions' options.
* The readelf tool has a new command line option which can be used to
  specify how the numeric values of symbols are reported.
  --sym-base=0|8|10|16 tells readelf to display the values in base 8,
  base 10 or base 16.  A sym base of 0 represents the default action
  of displaying values under 10000 in base 10 and values above that in
  base 16.
* A new format has been added to the nm program.  Specifying
  '--format=just-symbols' (or just using -j) will tell the program to
  only display symbol names and nothing else.
* A new command line option '--keep-section-symbols' has been added to
  objcopy and strip.  This stops the removal of unused section symbols
  when the file is copied.  Removing these symbols saves space, but
  sometimes they are needed by other tools.
* The '--weaken', '--weaken-symbol' and '--weaken-symbols' options
  supported by objcopy now make undefined symbols weak on targets that
  support weak symbols. 
* Readelf and objdump can now display and use the contents of .debug_sup
  sections.
* Readelf and objdump will now follow links to separate debug info
  files by default.  This behaviour can be stopped via the use of the
  new '-wN' or '--debug-dump=no-follow-links' options for readelf and
  the '-WN' or '--dwarf=no-follow-links' options for objdump.  Also
  the old behaviour can be restored by the use of the
  '--enable-follow-debug-links=no' configure time option.

  The semantics of the =follow-links option have also been slightly
  changed.  When enabled, the option allows for the loading of symbol
  tables and string tables from the separate files which can be used
  to enhance the information displayed when dumping other sections,
  but it does not automatically imply that information from the
  separate files should be displayed.

  If other debug section display options are also enabled (eg
  '--debug-dump=info') then the contents of matching sections in both
  the main file and the separate debuginfo file *will* be displayed.
  This is because in most cases the debug section will only be present
  in one of the files.

  If however non-debug section display options are enabled (eg
  '--sections') then the contents of matching parts of the separate
  debuginfo file will *not* be displayed.  This is because in most
  cases the user probably only wanted to load the symbol information
  from the separate debuginfo file.  In order to change this behaviour
  a new command line option --process-links can be used.  This will
  allow di0pslay options to applied to both the main file and any
  separate debuginfo files.

* Nm has a new command line option: '--quiet'.  This suppresses 'no
  symbols' diagnostic.

Update to binutils 2.36:

New features in the Assembler:

- General:

   * When setting the link order attribute of ELF sections, it is now
     possible to use a numeric section index instead of symbol name.
   * Added a .nop directive to generate a single no-op instruction in
     a target neutral manner.  This instruction does have an effect on
     DWARF line number generation, if that is active.
   * Removed --reduce-memory-overheads and --hash-size as gas now
     uses hash tables that can be expand and shrink automatically.

- X86/x86_64:

   * Add support for AVX VNNI, HRESET, UINTR, TDX, AMX and Key
     Locker instructions. 
   * Support non-absolute segment values for lcall and ljmp.
   * Add {disp16} pseudo prefix to x86 assembler.
   * Configure with --enable-x86-used-note by default for Linux/x86.

-  ARM/AArch64:

   * Add support for Cortex-A78, Cortex-A78AE and Cortex-X1,
     Cortex-R82, Neoverse V1, and Neoverse N2 cores.
   * Add support for ETMv4 (Embedded Trace Macrocell), ETE (Embedded
     Trace Extension), TRBE (Trace Buffer Extension), CSRE (Call
     Stack Recorder Extension) and BRBE (Branch Record Buffer
     Extension) system registers.
   * Add support for Armv8-R and Armv8.7-A ISA extensions.
   * Add support for DSB memory nXS barrier, WFET and WFIT
     instruction for Armv8.7.
   * Add support for +csre feature for -march. Add CSR PDEC
     instruction for CSRE feature in AArch64.
   * Add support for +flagm feature for -march in Armv8.4 AArch64.
   * Add support for +ls64 feature for -march in Armv8.7
     AArch64. Add atomic 64-byte load/store instructions for this
     feature. 
   * Add support for +pauth (Pointer Authentication) feature for
     -march in AArch64.

New features in the Linker:

  * Add --error-handling-script=<NAME> command line option to allow
    a helper script to be invoked when an undefined symbol or a
    missing library is encountered.  This option can be suppressed
    via the configure time switch: --enable-error-handling-script=no.
  * Add -z x86-64-{baseline|v[234]} to the x86 ELF linker to mark
    x86-64-{baseline|v[234]} ISA level as needed.
  * Add -z unique-symbol to avoid duplicated local symbol names.
  * The creation of PE format DLLs now defaults to using a more
    secure set of DLL characteristics.
  * The linker now deduplicates the types in .ctf sections.  The new 
     command-line option --ctf-share-types describes how to do this:
     its default value, share-unconflicted, produces the most compact
     output.
  * The linker now omits the 'variable section' from .ctf sections
    by default, saving space.  This is almost certainly what you
    want unless you are working on a project that has its own
    analogue of symbol tables that are not reflected in the ELF
    symtabs.

New features in other binary tools:

  * The ar tool's previously unused l modifier is now used for
    specifying dependencies of a static library. The arguments of
    this option (or --record-libdeps long form option) will be
    stored verbatim in the __.LIBDEP member of the archive, which
    the linker may read at link time.
  * Readelf can now display the contents of LTO symbol table
    sections when asked to do so via the --lto-syms command line
    option.
  * Readelf now accepts the -C command line option to enable the
    demangling of symbol names.  In addition the --demangle=<style>,
    --no-demangle, --recurse-limit and --no-recurse-limit options
    are also now availale.

The following security fixes are addressed by the update:

- CVE-2021-20197: Fixed a race condition which allows users to own arbitrary files (bsc#1181452).
- CVE-2021-20284: Fixed a heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c (bsc#1183511).
- CVE-2021-3487: Fixed a denial of service via excessive debug section size causing excessive memory consumption in bfd's dwarf2.c read_section() (bsc#1184620).
- CVE-2020-35448: Fixed a heap-based buffer over-read in bfd_getl_signed_32() in libbfd.c (bsc#1184794).
- CVE-2020-16590: Fixed a double free vulnerability in process_symbol_table() (bsc#1179898).
- CVE-2020-16591: Fixed an invalid read in process_symbol_table() (bsc#1179899).
- CVE-2020-16592: Fixed an use-after-free in bfd_hash_lookup() (bsc#1179900).
- CVE-2020-16593: Fixed a null pointer dereference in scan_unit_for_symbols() (bsc#1179901).
- CVE-2020-16598: Fixed a null pointer dereference in debug_get_real_type() (bsc#1179902).
- CVE-2020-16599: Fixed a null pointer dereference in _bfd_elf_get_symbol_version_string() (bsc#1179903)
- CVE-2020-35493: Fixed heap-based buffer overflow in bfd_pef_parse_function_stubs function in bfd/pef.c via crafted PEF file (bsc#1180451).
- CVE-2020-35496: Fixed multiple null pointer dereferences in bfd module due to not checking return value of bfd_malloc (bsc#1180454).
- CVE-2020-35507: Fixed a null pointer dereference in bfd_pef_parse_function_stubs() (bsc#1180461).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3619-1
Released:    Fri Nov  5 12:29:52 2021
Summary:     Security update for libvirt
Type:        security
Severity:    moderate
References:  1177902,1183247,1186398,1190420,1190493,1190693,1190695,1190917
This update for libvirt fixes the following issues:

- lxc: controller: Fix container launch on cgroup v1. (bsc#1183247)
- supportconfig: Use systemctl command 'is-active' instead of 'is-enabled' when checking if libvirtd is active.
- qemu: Do not report error in the logs when processing monitor IO. (bsc#1190917)
- spec: Fix an issue when package update hangs (bsc#1177902, bsc#1190693)
- spec: Don't add '--timeout' argument to '/etc/sysconfig/libvirtd' when running in traditional mode without socket activation. (bsc#1190695)
- libxl: Improve reporting of 'die_id' in capabilities. (bsc#1190493)
- libxl: Fix driver reload. (bsc#1190420)
- qemu: Set label on virtual host network device when hotplugging. (bsc#1186398)
- supportconfig: When checking for installed hypervisor drivers,
  use the libvirtr-daemon-driver-<hypervisor> package instead of
  libvirt-daemon-<hypervisor>. The latter are not required packages
  for a functioning hypervisor driver.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3634-1
Released:    Tue Nov  9 10:51:05 2021
Summary:     Security update for rubygem-activerecord-5_1
Type:        security
Severity:    moderate
References:  1182169,CVE-2021-22880
This update for rubygem-activerecord-5_1 fixes the following issues:

- CVE-2021-22880: Fixed possible DoS vector in PostgreSQL money type (bsc#1182169).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3638-1
Released:    Tue Nov  9 15:16:02 2021
Summary:     Recommended update for samba
Type:        recommended
Severity:    important
References:  1188727,1189017,14571
This update for samba fixes the following issues:

Features added:

- Add Certificate Auto Enrollment Policy. (jsc#SLE-18456)

Bugs fixed:

- Fix wrong kvno exported to keytab after net ads changetrustpw due to replication delay. (bsc#1188727)
- Fix 'net rpc' authentication when using the machine account. (bsc#1189017)

Samba was updated to 4.13.10

* s3: smbd: Ensure POSIX default ACL is mapped into returned
  Windows ACL for directory handles; (bso#14708);
* Take a copy to make sure we don't reference free'd memory; (bso#14721);
* s3: lib: Fix talloc heirarcy error in parent_smb_fname(); (bso#14722);
* s3: smbd: Remove erroneous TALLOC_FREE(smb_fname_parent) in
  change_file_owner_to_parent() error path; (bso#14736);
* samba-tool: Give better error information when the
  'domain backup restore' fails with a duplicate SID; (bso#14575);
* smbd: Correctly initialize close timestamp fields; (bso#14714);
* Spotlight RPC service doesn't work with vfs_glusterfs; (bso#14740);
* ctdb: Fix a crash in run_proc_signal_handler(); (bso#14475);
* gensec_krb5: Restore ipv6 support for kpasswd; (bso#14750);
* smbXsrv_{open,session,tcon}: Protect
  smbXsrv_{open,session,tcon}_global_traverse_fn against invalid records; (bso#14752);
* samba-tool domain backup offline doesn't work against bind DLZ
  backend; (bso#14027);
* netcmd: Use next_free_rid() function to calculate a SID for
  restoring a backup; (bso#14669);

Samba was updated to 4.13.9:

* s3: smbd: SMB1 SMBsplwr doesn't send a reply packet on success; (bso#14696);
* Add documentation for dsdb_group_audit and dsdb_group_json_audit
  to 'log level', synchronise 'log level' in smb.conf with the code; (bso#14689);
* Fix smbd panic when two clients open same file; (bso#14672);
* Fix memory leak in the RPC server; (bso#14675);
* s3: smbd: Fix deferred renames; (bso#14679);
* s3-iremotewinspool: Set the per-request memory context; (bso#14675);
* rpc_server3: Fix a memleak for internal pipes; (bso#14675);
* third_party: Update socket_wrapper to version 1.3.2; (bso#11899);
* third_party: Update socket_wrapper to version 1.3.3; (bso#14639);
* idmap_rfc2307 and idmap_nss return wrong mapping for uid/gid
  conflict; (bso#14663);
* Fix the build on OmniOS; (bso#14288);

Update to 4.13.7

* Release with dependency on ldb version 2.2.1.
- Fix wrong kvno exported to keytab after net ads changetrustpw due to replication delay (bsc#1188727)


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3643-1
Released:    Tue Nov  9 19:32:18 2021
Summary:     Security update for binutils
Type:        security
Severity:    moderate
References:  1183909,1184519,1188941,1191473,1192267,CVE-2021-20294
This update for binutils fixes the following issues:

- For compatibility on old code stream that expect 'brcl 0,label' to
  not be disassembled as 'jgnop label' on s390x.  (bsc#1192267)
  This reverts IBM zSeries HLASM support for now.
- Fixed that ppc64 optflags did not enable LTO (bsc#1188941).
- Fix empty man-pages from broken release tarball
- Fixed a memory corruption with rpath option (bsc#1191473).
- Fixed slow performance of stripping some binaries (bsc#1183909).

Security issue fixed:

- CVE-2021-20294: Fixed out-of-bounds write in print_dynamic_symbol in readelf (bnc#1184519)


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3647-1
Released:    Wed Nov 10 17:34:14 2021
Summary:     Security update for samba and ldb
Type:        security
Severity:    important
References:  1014440,1192214,1192215,1192246,1192247,1192283,1192284,1192505,CVE-2016-2124,CVE-2020-25717,CVE-2020-25718,CVE-2020-25719,CVE-2020-25721,CVE-2020-25722,CVE-2021-23192,CVE-2021-3738
This update for samba and ldb fixes the following issues:

- CVE-2020-25718: Fixed that an RODC can issue (forge) administrator tickets to other servers (bsc#1192246).
- CVE-2021-3738: Fixed crash in dsdb stack (bsc#1192215).
- CVE-2016-2124: Fixed not to fallback to non spnego authentication if we require kerberos (bsc#1014440).
- CVE-2020-25717: Fixed privilege escalation inside an AD Domain where a user could become root on domain members (bsc#1192284).
- CVE-2020-25719: Fixed AD DC Username based races when no PAC is given (bsc#1192247).
- CVE-2020-25722: Fixed AD DC UPN vs samAccountName not checked (top-level bug for AD DC validation issues) (bsc#1192283).
- CVE-2021-23192: Fixed dcerpc requests to don't check all fragments against the first auth_state (bsc#1192214).
- CVE-2020-25721: Fixed fill in the new HAS_SAM_NAME_AND_SID values (bsc#1192505).

Samba was updated to 4.13.13

* rodc_rwdc test flaps;(bso#14868).
* Backport bronze bit fixes, tests, and selftest improvements;
  (bso#14881).
* Provide a fix for MS CVE-2020-17049 in Samba [SECURITY]
  'Bronze bit' S4U2Proxy Constrained Delegation bypass in Samba
  with embedded Heimdal;(bso#14642).
* Python ldb.msg_diff() memory handling failure;(bso#14836).
* 'in' operator on ldb.Message is case sensitive;(bso#14845).
* Fix Samba support for UF_NO_AUTH_DATA_REQUIRED;(bso#14871).
* Allow special chars like '@' in samAccountName when generating
  the salt;(bso#14874).
* Fix transit path validation;(bso#12998).
* Prepare to operate with MIT krb5 >= 1.20;(bso#14870).
* rpcclient NetFileEnum and net rpc file both cause lock order
  violation: brlock.tdb, share_entries.tdb;(bso#14645).
* Python ldb.msg_diff() memory handling failure;(bso#14836).
* Release LDB 2.3.1 for Samba 4.14.9;(bso#14848).

Samba was updated to 4.13.12:

* Address a signifcant performance regression in database access
  in the AD DC since Samba 4.12;(bso#14806).
* Fix performance regression in lsa_LookupSids3/LookupNames4
  since Samba 4.9 by using an explicit database handle cache;
  (bso#14807).
* An unuthenticated user can crash the AD DC KDC by omitting the
  server name in a TGS-REQ;(bso#14817).
* Address flapping samba_tool_drs_showrepl test;(bso#14818).
* Address flapping dsdb_schema_attributes test;(bso#14819).
* An unuthenticated user can crash the AD DC KDC by omitting the
  server name in a TGS-REQ;(bso#14817).
* Fix CTDB flag/status update race conditions(bso#14784).

Samba was updated to 4.13.11:

* smbd: panic on force-close share during offload write; (bso#14769).
* Fix returned attributes on fake quota file handle and avoid
  hitting the VFS;(bso#14731).
* smbd: 'deadtime' parameter doesn't work anymore;(bso#14783).
* net conf list crashes when run as normal user;(bso#14787).
* Work around special SMB2 READ response behavior of NetApp Ontap
  7.3.7;(bso#14607).
* Start the SMB encryption as soon as possible;(bso#14793).
* Winbind should not start if the socket path for the privileged
  pipe is too long;(bso#14792).

ldb was updated to 2.2.2:

+ CVE-2020-25718: samba: An RODC can issue (forge) administrator tickets to other servers; (bsc#1192246); (bso#14558)
+ CVE-2021-3738: samba: crash in dsdb stack; (bsc#1192215);(bso#14848)

Release ldb 2.2.2

+ Corrected python behaviour for 'in' for LDAP attributes contained as part of ldb.Message;(bso#14845).
+ Fix memory handling in ldb.msg_diff Corrected python docstrings;(bso#14836)
+ Backport bronze bit fixes, tests, and selftest improvements; (bso#14881).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3662-1
Released:    Mon Nov 15 19:13:54 2021
Summary:     Security update for samba
Type:        security
Severity:    important
References:  1192601,CVE-2020-25717
This update for samba fixes the following issues:

- Fix regression introduced by CVE-2020-25717 patches, winbindd
  does not start when 'allow trusted domains' is off; (bso#14899);

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3671-1
Released:    Tue Nov 16 14:48:10 2021
Summary:     Security update for java-11-openjdk
Type:        security
Severity:    important
References:  1191901,1191903,1191904,1191906,1191909,1191910,1191911,1191912,1191913,1191914,CVE-2021-35550,CVE-2021-35556,CVE-2021-35559,CVE-2021-35561,CVE-2021-35564,CVE-2021-35565,CVE-2021-35567,CVE-2021-35578,CVE-2021-35586,CVE-2021-35603
This update for java-11-openjdk fixes the following issues:

Update to 11.0.13+8 (October 2021 CPU)

- CVE-2021-35550, bsc#1191901: Update the default enabled cipher suites preference
- CVE-2021-35565, bsc#1191909: com.sun.net.HttpsServer spins on TLS session close
- CVE-2021-35556, bsc#1191910: Richer Text Editors
- CVE-2021-35559, bsc#1191911: Enhanced style for RTF kit
- CVE-2021-35561, bsc#1191912: Better hashing support
- CVE-2021-35564, bsc#1191913: Improve Keystore integrity
- CVE-2021-35567, bsc#1191903: More Constrained Delegation
- CVE-2021-35578, bsc#1191904: Improve TLS client handshaking
- CVE-2021-35586, bsc#1191914: Better BMP support
- CVE-2021-35603, bsc#1191906: Better session identification
- Improve Stream handling for SSL
- Improve requests of certificates
- Correct certificate requests
- Enhance DTLS client handshake

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3672-1
Released:    Tue Nov 16 14:50:18 2021
Summary:     Security update for tomcat
Type:        security
Severity:    moderate
References:  1188278,1188279,1190558,CVE-2021-30640,CVE-2021-33037,CVE-2021-41079
This update for tomcat fixes the following issues:

- CVE-2021-30640: Escape parameters in JNDI Realm queries (bsc#1188279).
- CVE-2021-33037: Process T-E header from both HTTP 1.0 and HTTP 1.1. clients (bsc#1188278).
- CVE-2021-41079: Fixed a denial of service caused by an unexpected TLS packet (bsc#1190558).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3745-1
Released:    Fri Nov 19 17:13:35 2021
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    important
References:  1192250,CVE-2021-38503,CVE-2021-38504,CVE-2021-38505,CVE-2021-38506,CVE-2021-38507,CVE-2021-38508,CVE-2021-38509,CVE-2021-38510
This update for MozillaFirefox fixes the following issues:

MozillaFirefox was updated to Extended Support Release 91.3.0 ESR

* Fixed: Various stability, functionality, and security fixes

MFSA 2021-49 (bsc#1192250)

  * CVE-2021-38503: iframe sandbox rules did not apply to XSLT stylesheets
  * CVE-2021-38504: Use-after-free in file picker dialog
  * CVE-2021-38505: Windows 10 Cloud Clipboard may have recorded sensitive user data
  * CVE-2021-38506: Firefox could be coaxed into going into fullscreen mode without notification or warning
  * CVE-2021-38507: Opportunistic Encryption in HTTP2 could be used to bypass the Same-Origin-Policy on services hosted on other ports
  * CVE-2021-38508: Permission Prompt could be overlaid, resulting in user confusion and potential spoofing
  * CVE-2021-38509: Javascript alert box could have been spoofed onto an arbitrary domain
  * CVE-2021-38510: Download Protections were bypassed by .inetloc files on Mac OS
  * MOZ-2021-0008: Use-after-free in HTTP2 Session object
  * MOZ-2021-0007: Memory safety bugs fixed in Firefox 94 and Firefox ESR 91.3

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3759-1
Released:    Mon Nov 22 09:40:19 2021
Summary:     Security update for postgresql14
Type:        security
Severity:    important
References:  1191782,1192516,CVE-2021-23214,CVE-2021-23222
This update for postgresql14 fixes the following issues:
          
- CVE-2021-23214: Make the server reject extraneous data after an SSL or GSS encryption handshake (bsc#1192516).
- CVE-2021-23222: Make libpq reject extraneous data after an SSL or GSS encryption handshake (bsc#1192516).

- Let rpmlint ignore shlib-policy-name-error (boo#1191782).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3766-1
Released:    Tue Nov 23 07:07:43 2021
Summary:     Recommended update for git
Type:        recommended
Severity:    moderate
References:  1192023
This update for git fixes the following issues:

- Installation of the 'git-daemon' package needs nogroup group dependency (bsc#1192023)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3767-1
Released:    Tue Nov 23 14:26:06 2021
Summary:     Recommended update for apr-util
Type:        recommended
Severity:    moderate
References:  1191619

This update for apr-util fixes the following problem:

- The dbm backend is shipped in the libapr-util1-dbm-db package in the Legacy Module.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3770-1
Released:    Tue Nov 23 15:44:42 2021
Summary:     Security update for java-1_8_0-openjdk
Type:        security
Severity:    important
References:  1191901,1191903,1191904,1191905,1191906,1191909,1191910,1191911,1191912,1191913,1191914,CVE-2021-35550,CVE-2021-35556,CVE-2021-35559,CVE-2021-35561,CVE-2021-35564,CVE-2021-35565,CVE-2021-35567,CVE-2021-35578,CVE-2021-35586,CVE-2021-35588,CVE-2021-35603
This update for java-1_8_0-openjdk fixes the following issues:

Update to version OpenJDK 8u312 (October 2021 CPU):
  
- CVE-2021-35550: Fixed weak ciphers preferred over stronger ones for TLS (bsc#1191901).
- CVE-2021-35556: Fixed excessive memory allocation in RTFParser (bsc#1191910).
- CVE-2021-35559: Fixed excessive memory allocation in RTFReader (bsc#1191911).
- CVE-2021-35561: Fixed excessive memory allocation in HashMap and HashSet (bsc#1191912).
- CVE-2021-35564: Fixed certificates with end dates too far in the future can corrupt keystore (bsc#1191913).
- CVE-2021-35565: Fixed loop in HttpsServer triggered during TLS session close (bsc#1191909).
- CVE-2021-35567: Fixed incorrect principal selection when using Kerberos Constrained Delegation (bsc#1191903).
- CVE-2021-35578: Fixed unexpected exception raised during TLS handshake (bsc#1191904).
- CVE-2021-35586: Fixed excessive memory allocation in BMPImageReader (bsc#1191914).
- CVE-2021-35588: Fixed incomplete validation of inner class references in ClassFileParser (bsc#1191905)
- CVE-2021-35603: Fixed non-constant comparison during TLS handshakes (bsc#1191906).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3792-1
Released:    Wed Nov 24 06:12:09 2021
Summary:     Recommended update for kmod
Type:        recommended
Severity:    moderate
References:  1192104
This update for kmod fixes the following issues:

- Enable ZSTD compression (bsc#1192104)(jsc#SLE-21256)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3796-1
Released:    Wed Nov 24 09:45:25 2021
Summary:     Recommended update for lifecycle-data-sle-module-live-patching
Type:        recommended
Severity:    moderate
References:  1020320
This update for lifecycle-data-sle-module-live-patching fixes the following issues:

Lifecycle data updates. (bsc#1020320)

- Updates for 5_3_18-24_83, 5_3_18-24_86, 5_3_18-59_24, 5_3_18-59_27.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3798-1
Released:    Wed Nov 24 18:01:36 2021
Summary:     Recommended update for gcc7
Type:        recommended
Severity:    moderate
References:  


This update for gcc7 fixes the following issues:

- Fixed a build issue when built with recent kernel headers.
- Backport the '-fpatchable-function-entry' feature from newer GCC. (jsc#SLE-20049)
- do not handle exceptions in std::thread (jsc#CAR-1182)


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3799-1
Released:    Wed Nov 24 18:07:54 2021
Summary:     Recommended update for gcc11
Type:        recommended
Severity:    moderate
References:  1187153,1187273,1188623
This update for gcc11 fixes the following issues:

The additional GNU compiler collection GCC 11 is provided:

To select these compilers install the packages:

- gcc11
- gcc-c++11
- and others with 11 prefix.

to select them for building:

- CC='gcc-11'
- CXX='g++-11'

The compiler baselibraries (libgcc_s1, libstdc++6 and others) are being replaced by the GCC 11 variants.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3801-1
Released:    Wed Nov 24 19:00:52 2021
Summary:     Recommended update for cloud-regionsrv-client
Type:        recommended
Severity:    important
References:  1029162
This update for cloud-regionsrv-client fixes the following issues:

- Update to version 9.3.0
  - Support AHB-v3
  - Support registration of BYOS instances against the update infrastructure
  - Properly extract the region for local zones in AWS to ensure instances get connected to the proper update servers
  - Azure addon service and executable rename
  - Support non SLE repos
  - Fix handling of regionservers configured with DNS names
    
This update for regionServiceClientConfigEC2 fixes the following issues:
  
  - Update to version 3.1.0 (bsc#1029162)
  - Add IPv6 addresses to config
  - Include IPv6 certificates

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3817-1
Released:    Wed Dec  1 08:21:53 2021
Summary:     Recommended update for saptune
Type:        recommended
Severity:    important
References:  1190509,1192053,1192062,1192272,1192460
This update for saptune fixes the following issues:

- Fix the scheduler settings for multi path devices and suppress missleading warning messages 
  regarding vendor and model information during block device detection (bsc#1192460)
- Fix override of custom solutions (bsc#1192062)
- Fix Cloud Notes marked as manually reverted after update from saptune2 to saptune3 (bsc#1192053)
- saptune_check: degraded system is no longer considered an error (bsc#1192272)
- Log missing model and vendor information to the saptune log file (bsc#1190509)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3832-1
Released:    Wed Dec  1 14:51:19 2021
Summary:     Recommended update for hwdata
Type:        recommended
Severity:    moderate
References:  1191375
This update for hwdata fixes the following issue:

- Update to version 0.353 (bsc#1191375)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3838-1
Released:    Wed Dec  1 16:07:54 2021
Summary:     Security update for ruby2.5
Type:        security
Severity:    important
References:  1188160,1188161,1190375,CVE-2021-31799,CVE-2021-31810,CVE-2021-32066
This update for ruby2.5 fixes the following issues:

- CVE-2021-31799: Fixed Command injection vulnerability in RDoc (bsc#1190375).
- CVE-2021-31810: Fixed trusting FTP PASV responses vulnerability in Net:FTP (bsc#1188161).
- CVE-2021-32066: Fixed StartTLS stripping vulnerability in Net:IMAP (bsc#1188160).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3839-1
Released:    Wed Dec  1 16:10:52 2021
Summary:     Security update for python-Pygments
Type:        security
Severity:    important
References:  1184812,CVE-2021-27291
This update for python-Pygments fixes the following issues:

- CVE-2021-27291: Fixed ReDoS via crafted malicious input (bsc#1184812).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3844-1
Released:    Wed Dec  1 16:37:10 2021
Summary:     Security update for openexr
Type:        security
Severity:    moderate
References:  1192498,1192556,CVE-2021-3933,CVE-2021-3941
This update for openexr fixes the following issues:

- CVE-2021-3941: Fixed divide-by-zero in Imf_3_1:RGBtoXYZ (bsc#1192556).
- CVE-2021-3933: Fixed integer-overflow in Imf_3_1:bytesPerDeepLineTable (bsc#1192498).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3846-1
Released:    Wed Dec  1 16:55:20 2021
Summary:     Recommended update for blktrace
Type:        recommended
Severity:    moderate
References:  1191788
This update for blktrace fixes the following issues:

- Fix a rare crash due to dropped first event while using pipe input. (bsc#1191788)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3857-1
Released:    Wed Dec  1 17:02:08 2021
Summary:     Security update for python-sqlparse
Type:        security
Severity:    moderate
References:  1190741,CVE-2021-32839
This update for python-sqlparse fixes the following issues:

- CVE-2021-32839: Fixed ReDoS via regular expression in StripComments filter (bsc#1190741).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3860-1
Released:    Wed Dec  1 17:04:59 2021
Summary:     Security update for speex
Type:        security
Severity:    moderate
References:  1192580,CVE-2020-23903
This update for speex fixes the following issues:

- CVE-2020-23903: Fixed zero division error in read_samples (bsc#1192580).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3868-1
Released:    Thu Dec  2 07:09:27 2021
Summary:     Recommended update for acct
Type:        recommended
Severity:    moderate
References:  1188159
This update for acct fixes the following issues:

- Migrate pacct log file to new location when upgrading from SLE12 (bsc#1188159)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3871-1
Released:    Thu Dec  2 07:14:51 2021
Summary:     Recommended update for xorg-cf-files
Type:        recommended
Severity:    moderate
References:  1192589
This update for xorg-cf-files fixes the following issues:

- Resolves compatibility issue between binutils and imake (bsc#1192589)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3872-1
Released:    Thu Dec  2 07:25:55 2021
Summary:     Recommended update for cracklib
Type:        recommended
Severity:    moderate
References:  1191736
This update for cracklib fixes the following issues:

- Enable build time tests (bsc#1191736)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3883-1
Released:    Thu Dec  2 11:47:07 2021
Summary:     Recommended update for timezone
Type:        recommended
Severity:    moderate
References:  1177460
This update for timezone fixes the following issues:

Update timezone to 2021e (bsc#1177460)

- Palestine will fall back 10-29 (not 10-30) at 01:00
- Fiji suspends DST for the 2021/2022 season
- 'zic -r' marks unspecified timestamps with '-00'
- Fix a bug in 'zic -b fat' that caused old timestamps to be mishandled in 32-bit-only readers
- Refresh timezone info for china

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2021:3884-1
Released:    Thu Dec  2 12:16:20 2021
Summary:     Feature update for libmwaw and libetonyek
Type:        feature
Severity:    moderate
References:  
This update for libmwaw and libetonyek fixes the following issues:

libetonyek: update to version 0.1.10 (jsc#SLE-18214)

- Use mdds-1.5 by default.
- Parse shadow.
- Improve detection of the 'new' formats.
- Fix handling of text baseline shift.
- Improve various formats.
- Various small bugfixes and fuzzer fixes


libmwaw: update to 0.3.20 (jsc#SLE-18214)

- add a parser for Student Writing Center files (v1)
- add a parser for Word Maker files (v1)
- add a parser for Canvas 9/10 files (Mac)
- add a parser for Canvas 7/8 files (Mac)
- add a parser for Canvas Image files (Mac 5-8, Windows 5-6)
- add a parser for Canvas 6 (Mac and Windows)
- remove many coverity warnings
- add a parser for Canvas 5 (Mac and Windows)
- add basic support for hatch
- add basic support for drop cap

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3891-1
Released:    Fri Dec  3 10:21:49 2021
Summary:     Recommended update for keyutils
Type:        recommended
Severity:    moderate
References:  1029961,1113013,1187654
This update for keyutils fixes the following issues:

- Add /etc/keys/ and /usr/etc/keys/ directory (bsc#1187654)

keyutils was updated to 1.6.3 (jsc#SLE-20016):

* Revert the change notifications that were using /dev/watch_queue.
* Apply the change notifications that use pipe2(O_NOTIFICATION_PIPE).
* Allow 'keyctl supports' to retrieve raw capability data.
* Allow 'keyctl id' to turn a symbolic key ID into a numeric ID.
* Allow 'keyctl new_session' to name the keyring.
* Allow 'keyctl add/padd/etc.' to take hex-encoded data.
* Add 'keyctl watch*' to expose kernel change notifications on keys.
* Add caps for namespacing and notifications.
* Set a default TTL on keys that upcall for name resolution.
* Explicitly clear memory after it's held sensitive information.
* Various manual page fixes.
* Fix C++-related errors.
* Add support for keyctl_move().
* Add support for keyctl_capabilities().
* Make key=val list optional for various public-key ops.
* Fix system call signature for KEYCTL_PKEY_QUERY.
* Fix 'keyctl pkey_query' argument passing.
* Use keyctl_read_alloc() in dump_key_tree_aux().
* Various manual page fixes. 

Updated to 1.6:

* Apply various specfile cleanups from Fedora.
* request-key: Provide a command line option to suppress helper execution.
* request-key: Find least-wildcard match rather than first match.
* Remove the dependency on MIT Kerberos.
* Fix some error messages
* keyctl_dh_compute.3: Suggest /proc/crypto for list of available hashes.
* Fix doc and comment typos.
* Add public key ops for encrypt, decrypt, sign and verify (needs linux-4.20).
* Add pkg-config support for finding libkeyutils.
* upstream isn't offering PGP signatures for the source tarballs anymore

Updated to 1.5.11 (bsc#1113013)

* Add keyring restriction support.
* Add KDF support to the Diffie-Helman function.
* DNS: Add support for AFS config files and SRV records
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3938-1
Released:    Mon Dec  6 14:41:55 2021
Summary:     Security update for wireshark
Type:        security
Severity:    moderate
References:  1192830,CVE-2021-39920,CVE-2021-39921,CVE-2021-39922,CVE-2021-39924,CVE-2021-39925,CVE-2021-39926,CVE-2021-39928,CVE-2021-39929
This update for wireshark fixes the following issues:

- Update to Wireshark 3.4.10:
- CVE-2021-39920: IPPUSB dissector crash (bsc#1192830).
- CVE-2021-39921: Modbus dissector crash (bsc#1192830).
- CVE-2021-39922: C12.22 dissector crash (bsc#1192830).
- CVE-2021-39924: Bluetooth DHT dissector large loop (bsc#1192830).
- CVE-2021-39925: Bluetooth SDP dissector crash (bsc#1192830).
- CVE-2021-39926: Bluetooth HCI_ISO dissector crash (bsc#1192830).
- CVE-2021-39928: IEEE 802.11 dissector crash (bsc#1192830).
- CVE-2021-39929: Bluetooth DHT dissector crash (bsc#1192830).      

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3942-1
Released:    Mon Dec  6 14:46:05 2021
Summary:     Security update for brotli
Type:        security
Severity:    moderate
References:  1175825,CVE-2020-8927
This update for brotli fixes the following issues:

- CVE-2020-8927: Fixed integer overflow when input chunk is larger than 2GiB (bsc#1175825).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3945-1
Released:    Mon Dec  6 14:56:55 2021
Summary:     Security update for python-Babel
Type:        security
Severity:    important
References:  1185768,CVE-2021-42771
This update for python-Babel fixes the following issues:

- CVE-2021-42771: Fixed relative path traversal that may lead to arbitrary locale files loading and arbitrary code execution (bsc#1185768).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3946-1
Released:    Mon Dec  6 14:57:42 2021
Summary:     Security update for gmp
Type:        security
Severity:    moderate
References:  1192717,CVE-2021-43618
This update for gmp fixes the following issues:
    
- CVE-2021-43618: Fixed buffer overflow via crafted input in mpz/inp_raw.c (bsc#1192717).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3949-1
Released:    Mon Dec  6 14:58:52 2021
Summary:     Security update for clamav
Type:        security
Severity:    moderate
References:  1188284,1192346
This update for clamav fixes the following issues:

- Update to 0.103.4 (bsc#1192346).
- Update to 0.103.3 (bsc#1188284).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3950-1
Released:    Mon Dec  6 14:59:37 2021
Summary:     Security update for openssh
Type:        security
Severity:    important
References:  1190975,CVE-2021-41617
This update for openssh fixes the following issues:

- CVE-2021-41617: Fixed privilege escalation when AuthorizedKeysCommand/AuthorizedPrincipalsCommand are configured (bsc#1190975).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3959-1
Released:    Mon Dec  6 19:54:32 2021
Summary:     Recommended update for aide
Type:        recommended
Severity:    moderate
References:  1191422
This update for aide fixes the following issues:

- Fix issue with Libgcrypt FIPS mode and AIDE by disabling MD5 in FIPS mode (bsc#1191422)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3980-1
Released:    Thu Dec  9 16:42:19 2021
Summary:     Recommended update for glibc
Type:        recommended
Severity:    moderate
References:  1191592

glibc was updated to fix the following issue:

- Support for new IBM Z Hardware (bsc#1191592, jsc#IBM-869)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3991-1
Released:    Fri Dec 10 12:21:37 2021
Summary:     Recommended update for python-boto3
Type:        recommended
Severity:    important
References:  1075263,1146853,1189649
This update for python-boto3 fixes the following issues:

-Disables Py 2 build for SLE 15
  -Py 2 is considered legacy with limited support.
    
-Update to version 1.18.7 (bsc#1189649)
  - S3 Access Point aliases can be used anywhere you use S3 bucket names to access data in S3
  - Adds support for AnalyzeExpense, a new API to extract relevant data such as contact information, items purchased, and vendor name, from almost any invoice or receipt without the need for any templates or configuration.
  - Documentation-only update links
  - Documentation updates for SSO API Ref.
  - Update cloudwatch client to latest version
  - CloudWatch Synthetics now supports visual testing in its canaries.
  - Added product name, company name, and Region fields for security findings. Added details objects for RDS event subscriptions and AWS ECS services. Added fields to the details for AWS Elasticsearch domains.
  - Update to documentation to reapply missing change to SSM uninstall switch default value and improve description.
  - Add on-premise access type support for endpoints
  - MediaLive now supports passing through style data on WebVTT caption outputs.
  - This SDK release adds two new features: 
  1) Output to Native JDBC destinations and
  2) Adding configurations to profile jobs
  - Update elbv2 client to latest version
  - Documentation updates for Amazon S3-control
  - This release allows customers to assign prefixes to their elastic network interface and to reserve IP blocks in their subnet CIDRs. These reserved blocks  can be used to assign prefixes to elastic network interfaces or be excluded from auto-assignment.
  - Amazon QLDB now supports ledgers encrypted with customer managed KMS keys. Changes in CreateLedger, UpdateLedger and DescribeLedger APIs to support the changes.
  - Amazon Kendra now provides a data source connector for Amazon WorkDocs.
  - Documentation updates for AWS Proton
  - Documentation updates for AWS Identity and Access Management (IAM).
  - Adds the OriginalSnapshotCreateTime field to the DBSnapshot response object. This field timestamps the underlying data of a snapshot and doesn't change when the snapshot is copied.
  - Update elbv2 client to latest version
  - New ResourceConflictException error code for PutFunctionEventInvokeConfig, UpdateFunctionEventInvokeConfig, and DeleteFunctionEventInvokeConfig operations.
  - AWS CodeBuild now allows you to set the access permissions for build artifacts, project artifacts, and log files that are uploaded to an Amazon S3 bucket that is owned by another account.
  - My AWS Service (placeholder) -Making minProvisionedTPS an optional parameter when creating a campaign. If not provided, it defaults to 1.
  - Update emr client to latest version
  - Documentation updates for Compute Optimizer
  - Added idempotency to the CreateVolume API using the ClientToken request parameter
  - Documentation updates for reversal of default value for additional instance configuration SSM switch, plus improved descriptions for semantic versioning.
  - Documentation updates for directconnect
  - In the Health API, the maximum number of entities for the EventFilter and EntityFilter data types has changed from 100 to 99. This change is related to an internal optimization of the AWS Health service.
  - This release allows customers to create a new version of WorldTemplates with support for Doors.
  - Add five new API operations: UpdateGeofenceCollection, UpdateMap, UpdatePlaceIndex, UpdateRouteCalculator, UpdateTracker.
  - Updated DescribeManagedEndpoint and ListManagedEndpoints to return failureReason and stateDetails in API response.
  - Documentation update for AppIntegrations Service
  - This SDK release adds Account Status as one of the attributes in Account API response
  - This release relaxes the S3 URL character restrictions in AWS Audit Manager. Regex patterns have been updated for the following attributes: s3RelativePath, destination, and s3ResourcePath. 'AWS' terms have also been replaced with entities to align with China Rebrand documentation efforts.
  - This feature enables customers  to specify weekly recurring time window(s) for scheduled events that reboot, stop or terminate EC2 instances.
  - Documentation updates for cognito-idp
  - Documentation updates for support of awsvpc mode on Windows. Lex now supports the en-IN locale
  - Update the default endpoint for the APIs used to manage asset models, assets, gateways, tags, and account configurations. If you have firewalls with strict egress rules, configure the rules to grant you access to api.iotsitewise.[region].amazonaws.com or api.iotsitewise.[cn-region].amazonaws.com.cn.
  - Drop support for Python 2.7
  - Dropped support for Python 2.7
  - Release of feature needed for ECA-Endpoint settings. This allows customer to delete a field in endpoint settings by using --exact-settings flag in modify-endpoint api. This also displays default values for certain required fields
    of endpoint settings in describe-endpoint-settings api.
  - Add support for Event Driven Workflows
  - Added support for RSA 3072 SSL certificate import
  - General availability for Amazon HealthLake.
    StartFHIRImportJob and StartFHIRExportJob APIs now require AWS KMS parameter. For more
    information, see the Amazon HealthLake Documentation
    https://docs.aws.amazon.com/healthlake/index.html.
  - This update provides support for Well-
    Architected API users to mark answer choices as not applicable.
  - This release adds support for the Amazon Lightsail
    object storage service, which allows you to create buckets and store objects.
  - Added Sign in with Apple OAuth provider.
  - Release new APIs to support new Redshift feature -Authentication Profile
  - Changes to OpsCenter APIs to support a new feature, operational insights.
  - Customers can now migrate bots built with
    Lex V1 APIs to V2 APIs. This release adds APIs to initiate and manage the migration of a bot.
  - This release adds a new filed named awsLogicalDeviceId that it displays the AWS Direct Connect endpoint which terminates
    a physical connection's BGP Sessions.
  - Documentation updates for api.pricing
  - Documentation updates for Wesley to support
    the parallel node upgrade feature.
  - Amazon Kendra now supports Principal Store
  - Releasing new APIs related to Tuning
    steps in model building pipelines.
  - This release adds support for ML Explainability
    to display model variable importance value in Amazon Fraud Detector.
  - MediaConvert now supports color, style and position
    information passthrough from 608 and Teletext to SRT and WebVTT subtitles. MediaConvert now
    also supports Automatic QVBR quality levels for QVBR RateControlMode.
  - Added waiters for EKS FargateProfiles.
  - Added property filters for listOutposts
  - AWS Firewall Manager now supports route table monitoring,
    and provides remediation action recommendations to security administrators for AWS Network
    Firewall policies with misconfigured routes.
  - Add ListAlerts for Channel, Program, Source Location,
    and VOD Source to return alerts for resources.
  - Add AnomalyReportedTimeRange field to include
    open and close time of anomalies.
  - Updated description for CreateContactChannel contactId.
  - Documentation updates for AWS Identity and Access Management (IAM).
  - Documentation updates for AWS Security Token Service.
  - adds support for modifying the maintenance window for brokers.
  - Amazon CloudFront now provides two new APIs,
    ListConflictingAliases and AssociateAlias, that help locate and move Alternate Domain Names (CNAMEs)
    if you encounter the CNAMEAlreadyExists error code.
  - Releasing new APIs for AWS Chime MediaCapturePipeline
  - This release add storage configuration APIs for AWS IoT SiteWise.
  - Adding support for oplocks for SMB file shares,
    S3 Access Point and S3 Private Link for all file shares and IP address support for file system associations
  - This release adds resource ids and tagging support for
    VPC security group rules.
  - Added support for AmazonMQRabbitMQ as an event source.
    Added support for VIRTUAL_HOST as SourceAccessType for streams event source mappings.
  - Adds support for specifying parameters to customize components
    for recipes. Expands configuration of the Amazon EC2 instances that are used for building and testing images,
    including the ability to specify commands to run on launch, and more control over installation and removal
    of the SSM agent.
  - Bug fix: Remove not supported EBS encryption type 'NONE'
  - Adding new error code UnsupportedAddonModification for Addons in EKS
  - Sensitive data findings in Amazon Macie now include enhanced location
    data for JSON and JSON Lines files
  - Documentation updates for Amazon SNS.
  - Update elbv2 client to latest version
  - This release removes network-insights-boundary
  - SageMaker model registry now supports up to 5 containers
    and associated environment variables.
  - Documentation updates for Amazon SQS.
  - Adding a new reserved field to support future infrastructure
    improvements for Amazon EC2 Fleet.
  - Amazon EC2 Auto Scaling infrastructure improvements and optimizations.
  - Amazon Kendra Enterprise Edition now offered in smaller more granular
    units to enable customers with smaller workloads. Virtual Storage Capacity units now offer scaling in increments
    of 100,000 documents (up to 30GB) per unit and Virtual Query Units offer scaling increments of 8,000 queries per day.
  - Add support for Widevine DRM on CMAF packaging configurations.
    Both Widevine and FairPlay DRMs can now be used simultaneously, with CBCS encryption.
  - Fixes the tag key length range to 128 chars,  tag value length to 256 chars;
    Adds support for UTF-8 chars for contact and channel names, Allows users to unset name in UpdateContact API; Adds
    throttling exception to StopEngagement API, validation exception to APIs UntagResource, ListTagsForResource
  - Adds support for the output of job results to the AWS Glue Data Catalog.
  - AWS Cloud Map now allows configuring the TTL of the SOA record for a
    hosted zone to control the negative caching for new services.
  - Sagemaker Neo now supports running compilation jobs using customer's Amazon VPC
  - Add JSON Support for Glue Schema Registry
  - Added InvalidClusterStateFault to the DisableLogging API, thrown when calling the
    API on a non available cluster.
  - MediaConvert adds support for HDR10+, ProRes 4444,  and XAVC outputs, ADM/DAMF
    support for Dolby Atmos ingest, and alternative audio and WebVTT caption ingest via HLS inputs. MediaConvert also now
    supports creating trickplay outputs for Roku devices for HLS, CMAF, and DASH output groups.
  - Added waiters for template registration, service operations, and environment deployments.
  - Imports an existing backend authentication resource.
  - AWS Snow Family customers can remotely monitor and operate their connected AWS
    Snowcone devices. AWS Snowball Edge Storage Optimized customers can now import and export their data using NFS.
  - Adds EventIngestionUrl field to MediaPlacement
  - Minor update to AWS Cloud9 documentation to allow correct parsing of outputted text
  - Released Amazon Connect quick connects management API for general availability (GA).
    For more information, see https://docs.aws.amazon.com/connect/latest/APIReference/Welcome.html
  - Add support for encryption in transit to DAX clusters.
  - Added support for 15 new text transformation.
  - Amazon Kendra now supports SharePoint 2013 and SharePoint 2016
    when using a SharePoint data source.
  - Added new resource details for ECS clusters and ECS task definitions.
    Added additional information for S3 buckets, Elasticsearch domains, and API Gateway V2 stages.
  - Customers can successfully use legacy clients with Transfer Family
    endpoints enabled for FTPS and FTP behind routers, firewalls, and load balancers by providing a Custom IP
    address used for data channel communication.
  - BucketOwnerAccess is currently not supported
  - DocumentDB documentation-only edits
  - Updated documentation for CreateEnvironmentEC2 to explain that because Amazon
    Linux AMI has ended standard support as of December 31, 2020, we recommend you choose Amazon Linux 2--which includes
    long term support through 2023--for new AWS Cloud9 environments.
  - Releasing new APIs for AWS QuickSight Folders
  - Update GetChannelSchedule to return information on ad breaks.
  - Amazon CloudFront adds support for a new security policy, TLSv1.2_2021.
  - AWS License Manager now allows license administrators and end users
    to communicate to each other by setting custom status reasons when updating the status on a granted license.
  - This release adds support for provisioning your own IP (BYOIP) range in multiple
    regions. This feature is in limited Preview for this release. Contact your account manager if you are interested in
    this feature.
  - Added the following parameters to ECS targets: CapacityProviderStrategy,
    EnableECSManagedTags, EnableExecuteCommand, PlacementConstraints, PlacementStrategy, PropagateTags, ReferenceId,
    and Tags
  - This release replaces previous generation CloudSearch instances with
    equivalent new instances that provide better stability at the same price.
  - Adds support for S3 based full repository analysis
    and changed lines scan.
  - CloudFormation registry service now supports 3rd party public type sharing
  - Amazon Kendra now supports the indexing of web documents for search through the web crawler.
  - Enable ml.g4dn instance types for SageMaker Batch Transform and SageMaker Processing
  - This release enables Database Activity Streams for RDS Oracle
  - This release adds a new API UpdateSipMediaApplicationCall, to update an in-progress
    call for SipMediaApplication.
  - Adds support for multi-Region keys
  - This release adds support for VLAN-tagged network traffic over an
    Elastic Network Interface (ENI). This feature is in limited Preview for this release. Contact your account manager
    if you are interested in this feature.
  - This release enables fast cloning in Aurora Serverless. You can now clone between
    Aurora Serverless clusters and Aurora Provisioned clusters.
  - Adds AWS Secrets Manager Access Token Authentication for Source Locations
  - Redshift Data API service now supports SQL parameterization.
  - This release adds new sets of APIs: AssociateBot, DisassociateBot, and ListBots.
    You can use it to programmatically add an Amazon Lex bot or Amazon Lex V2 bot on the specified Amazon Connect instance
  - EC2 M5n, M5dn, R5n, R5dn metal instances with 100 Gbps network performance and
    Elastic Fabric Adapter (EFA) for ultra low latency
  - Update lexv2-runtime client to latest version
  - Update lexv2-models client to latest version
  - Added 'LEARNING' status for anomaly detector and updated description for
    'Offset' parameter in MetricSet APIs.
  - Adds support for data store partitions.
  - We have verified the APIs being released here and are ready to release
  - Amazon EC2 adds new AMI property to flag outdated AMIs
  - AWS MediaLive now supports OCR-based conversion of DVB-Sub and SCTE-27
    image-based source captions to WebVTT, and supports ingest of ad avail decorations in HLS input manifests.
  - When you enable source failover, you can now designate one of two sources
    as the primary source. You can choose between two failover modes to prevent any disruption to the video stream. Merge
    combines the sources into a single stream. Failover allows switching between a primary and a backup stream.
  - Using SageMaker Edge Manager with AWS IoT Greengrass v2 simplifies accessing,
    maintaining, and deploying models to your devices. You can now create deployable IoT Greengrass components during edge
    packaging jobs. You can choose to create a device fleet with or without creating an AWS IoT role alias.
  - AppMesh now supports additional routing capabilities in match and rewrites for
    Gateway Routes and Routes. Additionally, App Mesh also supports specifying DNS Response Types in Virtual Nodes.
  - Added InvalidClusterStateFault to the ModifyAquaConfiguration API, thrown when
    calling the API on a non available cluster.
  - This SDK release adds support for UpdateAccount API to allow users to update their
    default license on Chime account.
  - This release adds a new optional parameter connectivityType (public, private) for the
    CreateNatGateway API. Private NatGateway does not require customers to attach an InternetGateway to the VPC and can be
    used for communication with other VPCs and on-premise networks.
  - AWS Resource Access Manager (RAM) is releasing new field isResourceTypeDefault in
    ListPermissions and GetPermission response, and adding permissionArn parameter to GetResourceShare request to filter
    by permission attached
  - Release BatchGetRecord API for AWS SageMaker
    Feature Store Runtime.
  - Amazon Cognito now supports targeted sign out through refresh token revocation
  - Adding MAP_ALL task type support.
  - This release supports KMS customer-managed Customer Master Keys (CMKs)
    on member-specific Hyperledger Fabric resources.
  - Documentation updates for the AWS Transfer Family service.
  - Support for unstructured text inputs in the items dataset to to
    automatically extract key information from product/content description as an input when creating solution versions.
  - This is the initial SDK release for AWS Proton
  - AWS Kendra now supports checking document status.
  - This release adds support for auditing end-user access to files, folders, and file
    shares using Windows event logs, enabling customers to meet their security and compliance needs.
  - increase max pagesize for List/Search apis
  - This release of the Amazon Macie API introduces stricter validation of S3 object
    criteria for classification jobs.
  - Documentation updates for cognito-idp
  - AWS SageMaker -Releasing new APIs related to Callback steps in model building
    pipelines. Adds experiment integration to model building pipelines.
  - Add SampleSize variable to S3Target to enable s3-sampling feature through API.
  - Update regex validation in kmsKeyArn and s3 path API parameters for AWS Personalize APIs
  - Added updateConfig option that allows customers to control upgrade velocity in Managed Node Group.
  - Documentation updates for RDS: fixing an outdated link to the RDS
    documentation in DBInstance$DBInstanceStatus
  - The new GetDimensionKeyDetails action retrieves the attributes of the specified
    dimension group for a DB instance or data source.
  - AWS CloudTrail supports data events on new service resources, including
    Amazon DynamoDB tables and S3 Object Lambda access points.
  - Add support for automatically setting the H.264 adaptive quantization
    and GOP B-frame fields.
  - Documentation updates for Amazon EC2 Auto Scaling
  - Documentation updates for Amazon QLDB
  - S3 Inventory now supports Bucket Key Status
  - Amazon S3 Batch Operations now supports S3 Bucket Keys.
  - Documentation updates for Route 53 Resolver
  - Documentation updates for ssm to fix customer reported issue
  - Added optional field AutoMLOverrideStrategy to CreatePredictor API
    that allows users to customize AutoML strategy. If provided in CreatePredictor request, this field is visible
    in DescribePredictor and GetAccuracyMetrics responses.
  - Update BuildRequires and Requires from setup.py


- Update to version 1.17.86
  - You can now launch EC2 instances with
    GP3 volumes when using Auto Scaling groups with Launch Configurations
  - Documentation updates for Lightsail
  - Documentation updates for Amazon ECS.
  - This SDK release adds support for DocDB global clusters.
  - Documentation updates for AWS Identity and Access Management (IAM).
  - Introduction of a RETIRED status for devices.
  - This release adds SMS sandbox in Amazon SNS and the ability to
    view all configured origination numbers. The SMS sandbox provides a safe environment for sending
    SMS messages, without risking your reputation as an SMS sender.
  - Amazon Polly adds new Canadian French voice -Gabrielle.
    Gabrielle is available as Neural voice only.
  - Added idempotency to CreateNetworkInterface using the ClientToken parameter.
  - Added six new public customer logging APIs to allow customers
    to set/get/reset log levels at resource type and resource id level. The log level set from the APIs will
    be used to filter log messages that can be emitted to CloudWatch in customer accounts.
  - Bugfixes -The DiscoverInstances API operation now provides
    an option to return all instances for health-checked services when there are no healthy instances available.
  - Allowing dot(.) character in table name for RDS
    and Redshift as source connector.
  - Adds support for calculation of routes, resource tagging and
    customer provided KMS keys.
  - Added SecurityDescriptorCopyFlags option that allows for control
    of which components of SMB security descriptors are copied from source to destination objects.
  - Releasing new APIs for AWS IoT Events Alarms
  - Introduces support for using our desktop testing service
    with applications hosted within your Virtual Private Cloud (VPC).
  - Amazon Kendra now suggests popular queries in order to help
    guide query typing and help overall accuracy.
  - IoT SiteWise Monitor Portal API updates to add alarms
    feature configuration.
  - Documentation updates for Resource Groups.
  - Documentation updates for Lightsail
  - Releasing new APIs for AWS IoT Events Alarms
  - This release adds LZ4 data compression support to FSx for Lustre to
    reduce storage consumption of both file system storage and file system backups.
  - Documentation updates for Amazon SQS for General Availability
    of high throughput for FIFO queues.
  - This release removes resource ids and tagging support
    for VPC security group rules.
  - Support STANDARD permissions mode in CreateLedger and DescribeLedger.
    Add UpdateLedgerPermissionsMode to update permissions mode on existing ledgers.
  - Documentation fix for CloudFront
  - Add ConflictException to DeleteOutpost, CreateOutpost
  - Adds scheduler count selection for Environments using
    Airflow version 2.0.2 or later.
  - This release adds resource ids and tagging support
    for VPC security group rules.
  - The release adds support for registering External instances
    to your Amazon ECS clusters.
  - This release enables customers to store CRLs in S3 buckets with
    Block Public Access enabled. The release adds the S3ObjectAcl parameter to the CreateCertificateAuthority
    and UpdateCertificateAuthority APIs to allow customers to choose whether their CRL will be publicly available.
  - AWS Transfer Family customers can now use AWS Managed Active
    Directory or AD Connector to authenticate their end users, enabling seamless migration of file transfer
    workflows that rely on AD authentication, without changing end users' credentials or needing a custom
    authorizer.
  - This release includes support for a new feature: Job templates for
    AWS IoT Device Management Jobs. The release includes job templates as a new resource and APIs for
    managing job templates.
  - Adds support for Linux device types in WorkspaceAccessProperties
  - Add new parameters on RegisterUser and UpdateUser APIs to assign
    or update external ID associated to QuickSight users federated through web identity.
  - Introduced FindingReasonCodes, PlatformDifferences, DiskResourceUtilization
    and NetworkResourceUtilization to GetRightsizingRecommendation action
  - Adds support for 1) additional instance types, 2) additional
    instance metrics, 3) finding reasons for instance recommendations, and 4) platform differences between a current
    instance and a recommended instance type.
  - This release adds support for creating and managing EC2 On-Demand
    Capacity Reservations on Outposts.
  - This release provides dimensions and unit support for metric filters.
  - Update efs client to latest version
  - Documentation updates for Amazon S3
  - Updated attribute statistics in DescribeDatasetImportJob
    response to support Long values
  - New PUPPET_API_CRL attribute returned by DescribeServers API;
    new EngineVersion of 2019 available for Puppet Enterprise servers.
  - Added new API to stop a solution version creation that is
    pending or in progress for Amazon Personalize
  - Update lexv2-models client to latest version
  - Add ARN based Row Level Security support to CreateDataSet/UpdateDataSet APIs.
  - Documentation updates for AWS Identity and Access Management (IAM).
  - Kinesis Data Analytics now allows rapid iteration on Apache
    Flink stream processing through the Kinesis Data Analytics Studio feature.
  - Amazon Rekognition Custom Labels adds support for customer managed
    encryption, using AWS Key Management Service, of image files copied into the service and files written back
    to the customer.
  - Add pagination to ListUserTags operation
  - Update the EKS AddonActive waiter.
  - With this release, customers can easily use Predictive Scaling as a
    policy directly through Amazon EC2 Auto Scaling configurations to proactively scale their applications ahead
    of predicted demand.
  - Documentation updates for Amazon Lightsail.
- Update BuildRequires and Requires from setup.py

-Update to version 1.17.75
  - Documentation updates for support
  - AWS App Runner is a service that provides a fast, simple, and cost-effective way to deploy from source code or a container image directly to a scalable and secure web application in the AWS Cloud.
  - This release enables compute optimizer to support exporting recommendations to Amazon S3 for EBS volumes and Lambda Functions.
  - Amazon Personalize now supports the ability to optimize a solution for a custom objective in addition to maximizing relevance.
  - AWS License Manager now supports periodic report generation.
  - Documentation updates for AWS IoT SiteWise.
  - Update lexv2-models client to latest version
  - MediaConnect now supports JPEG XS for AWS Cloud Digital Interface (AWS CDI) uncompressed workflows, allowing you to establish a bridge between your on-premises live video network and the AWS Cloud.
  - Documentation updates for Amazon A2I Runtime model
  - APIs for AWS Application Cost Profiler
  - Neptune support for CopyTagsToSnapshots
  - AWS IoT Core Device Advisor is fully managed test capability for IoT devices. Device manufacturers can use Device Advisor to test their IoT devices for reliable and secure connectivity with AWS IoT.
  - Documentation updates for elasticache
  - Update InputTransformer variable limit from 10 to 100 variables.
  - Block endpoint resolution of clients configured with S3 pseudo-regions (e.g. aws-global, s3-external-1) that will never resolve to a correct access point endpoint.
  - This release of the Amazon Macie API adds support for defining run-time, S3 bucket criteria for classification jobs. It also adds resources for querying data about AWS resources that Macie monitors.
  - Adds support for cold storage.
  - Updated descriptions to add notes on array lengths.
  - Updated descriptions of array parameters to add the restrictions on the array and value lengths.
  - Transcribe Medical now  supports identification of PHI entities within transcripts
  - Text-only updates for bundled documentation feedback tickets -spring 2021.
  - Add validation to only attempt to connect to FIPS endpoints with a FIPS pseudo-region if the pseudo-region is explicitly known to the SDK.
  - High Memory virtual instances are powered by Intel Sky Lake CPUs and offer up to 12TB of memory.
  - AWS Systems Manager Incident Manager enables faster resolution of critical application availability and performance issues, management of contacts and post-incident analysis
  - Documentation updates for Amazon S3-control
  - AWS Elemental MediaConvert SDK has added support for Kantar SNAP File Audio Watermarking with a Kantar Watermarking account, and Display Definition Segment(DDS) segment data controls for DVB-Sub caption outputs.
  - This release contains updates for Amazon ECS.
  - Documentation updates for CodeArtifact
  - This release updates create-nodegroup and update-nodegroup-config APIs for adding/updating taints on managed nodegroups.
  - Add three new optional fields to support filtering and configurable sub-band in WirelessGateway APIs. The filtering is for all the RF region supported. The sub-band configuration is only applicable to LoRa gateways of US915 or AU915 RF region.
  - This release adds new APIs to associate, disassociate and list related items in SSM OpsCenter; and this release adds DisplayName as a version-level attribute for SSM Documents and introduces two new document types: ProblemAnalysis, ProblemAnalysisTemplate.
  - Amazon Kinesis Analytics now supports ListApplicationVersions and DescribeApplicationVersion API for Apache Flink applications
  - Adds paginator to multiple APIs: By default, the paginator allows user to iterate over the results and allows the CLI to return up to 1000 results.
  - This release adds Tag Based Access Control to AWS Lake Formation service
  - Enforcing UUID style for parameters that are already in UUID format today. Documentation specifying eventual consistency of lookoutmetrics resources.
  - Adds tagging support for Connect APIs CreateIntegrationAssociation and CreateUseCase.
  - Bugfix: Improved input validation for RegisterInstance action, InstanceId field
  - IAM Access Control for Amazon MSK enables you to create clusters that use IAM to authenticate clients and to allow or deny Apache Kafka actions for those clients.
  - SSM feature release -ChangeCalendar integration with StateManager.
  - AWS Snow Family adds APIs for ordering and managing Snow jobs with long term pricing
  - This release updates the CreateAssessmentFrameworkControlSet and UpdateAssessmentFrameworkControlSet API data types. For both of these data types, the control set name is now a required attribute.
  - Documentation Updates for Amazon Nimble Studio.
  - Amazon Kinesis Analytics now supports RollbackApplication for Apache Flink applications to revert the application to the previous running version
  - Amazon SageMaker Autopilot now provides the ability to automatically deploy the best model to an endpoint
  - Documentation updates for FinSpace API.
  - Documentation updates for FinSpaceData API.
  - Added GetCostEstimation and StartCostEstimation to get the monthly resource usage cost and added ability to view resource health by AWS service name and to search insights be AWS service name.
  - This release adds the KeyStorageSecurityStandard parameter to the CreateCertificateAuthority API to allow customers to mandate a security standard to which the CA key will be stored within.
  - Documentation updates for health
  - This release adds the ability to search for and order international phone numbers for Amazon Chime SIP media applications.
  - Enable retrying Training and Tuning Jobs that fail with InternalServerError by setting RetryStrategy.
  - Update FinSpace Data serviceAbbreviation
  - This is the initial SDK release for the data APIs for Amazon FinSpace. Amazon FinSpace is a data management and analytics application for the financial services industry (FSI).
  - Update mturk client to latest version
  - Added new BatchCreateChannelMembership API to support multiple membership creation for channels
  - This is the initial SDK release for the management APIs for Amazon FinSpace. Amazon FinSpace is a data management and analytics service for the financial services industry (FSI).
  - Updated ASFF to add the following new resource details objects: AwsEc2NetworkAcl, AwsEc2Subnet, and AwsElasticBeanstalkEnvironment.
  - Update URL for dataset export job documentation.
  - Allows user defined names for Changes in a ChangeSet. Users can use ChangeNames to reference properties in another Change within a ChangeSet. This feature allows users to make changes to an entity when the entity identifier is not yet available while constructing the StartChangeSet request.
  - Added new DeleteResourceTree operation that helps in deleting all the child resources of a given resource including the given resource.
  - Adds ROS2 Foxy as a supported Robot Software Suite Version and Gazebo 11 as a supported Simulation Software Suite Version
  - CloudFront now supports CloudFront Functions, a native feature of CloudFront that enables you to write lightweight functions in JavaScript for high-scale, latency-sensitive CDN customizations.
  - This release introduces GetMatches and MergeProfiles APIs to fetch and merge duplicate profiles
  - The Amazon Macie API now provides S3 bucket metadata that indicates whether a bucket policy requires server-side encryption of objects when objects are uploaded to the bucket.
  - Minor text updates for AWS Organizations API Reference
  - Add support for EphemeralStorage on TaskDefinition and TaskOverride
  - Increase AppInstanceUserId length to 64 characters
  - Updated max number of tags that can be attached from 200 to 50. MaxContacts is now an optional parameter for the UpdateQueueMaxContact API.
  - MediaPackage now offers the option to place your Sequence Parameter Set (SPS), Picture Parameter Set (PPS), and Video Parameter Set (VPS) encoder metadata in every video segment instead of in the init fragment for DASH and CMAF endpoints.
  - Amazon Nimble Studio is a virtual studio service that empowers visual effects, animation, and interactive content teams to create content securely within a scalable, private cloud service.
  - AWS IoT SiteWise interpolation API will get interpolated values for an asset property per specified time interval during a period of time.
  - Add CallAs parameter to GetTemplateSummary to enable use with StackSets delegated administrator integration
  - This release restricts using backslashes in control, assessment, and framework names. The controlSetName field of the UpdateAssessmentFrameworkControlSet API now allows strings without backslashes.
  - Adding support for Red Hat Enterprise Linux with HA for Reserved Instances.
  - Add a new optional field MessageType to support Sidewalk devices in SendDataToWirelessDevice API
  - Amazon Kinesis Data Analytics now supports custom application maintenance configuration using UpdateApplicationMaintenanceConfiguration API for Apache Flink applications. Customers will have visibility when their application is under maintenance status using 'MAINTENANCE' application status.
  - Added support for exporting data imported into an Amazon Personalize dataset to a specified data source (Amazon S3 bucket).
  - Documentation updates for mediaconvert
  - Include KMS Key Details in Repository Association APIs to enable usage of customer managed KMS Keys.
  - Adding Kafka Client Auth Related Parameters
  - This release updates existing Amazon EKS input validation so customers will see an InvalidParameterException instead of a ParamValidationError when they enter 0 for minSize and/or desiredSize. It also adds LaunchTemplate information to update responses and a new 'CUSTOM' value for AMIType.
  - Add support for Widevine DRM on CMAF origin endpoints. Both Widevine and FairPlay DRMs can now be used simultaneously, with CBCS encryption.
  - Amazon SNS adds two new attributes, TemplateId and EntityId, for using sender IDs to send SMS messages to destinations in India.
  - This release adds EstimatedTimeRemaining minutes field to the DescribeDatasetImportJob, DescribePredictor, DescribeForecast API response which denotes the time remaining to complete the job IN_PROGRESS.
  - Replaced the term 'master' with 'administrator'. Added new actions to replace AcceptInvitation, GetMasterAccount, and DisassociateFromMasterAccount. In Member, replaced MasterId with AdministratorId.
  - Documentation updates for cognito-idp
  - This release introduces log delivery of Redis slow log from Amazon ElastiCache.
  - Added parameters to track the data volume in bytes for a member account. Deprecated the existing parameters that tracked the volume as a percentage of the allowed volume for a behavior graph. Changes reflected in MemberDetails object.
  - Add operations: AddPartner, DescribePartners, DeletePartner, and UpdatePartnerStatus to support tracking integration status with data partners.
  - Support new S3 Recording Config allowing customers to write downlink data directly to S3.
  - Amazon Kendra now enables users to override index-level boosting configurations for each query.
  - Added support for creating and updating stack sets with self-managed permissions from templates that reference macros.
  - Added support for Amazon SageMaker in Machine Learning Savings Plans
  - Adding support for Sagemaker savings plans in GetSavingsPlansPurchaseRecommendation API
  - STS now supports assume role with Web Identity using JWT token length upto 20000 characters
  - AWS DMS added support of TLS for Kafka endpoint. Added Describe endpoint setting API for DMS endpoints.
  - For flows that use Listener protocols, you can now easily locate an output's outbound IP address for a private internet. Additionally, MediaConnect now supports the Waiters feature that makes it easier to poll for the status of a flow until it reaches its desired state.
  - Add exception for DeleteRemediationConfiguration and DescribeRemediationExecutionStatus
  - Documentation updates for route53
  - This release adds tagging support for CodeStar Connections Host resources
  - Documentation updates for Amazon Lightsail.
  - This release adds the SourceIdentity parameter that can be set when assuming a role.
  - The InferICD10CM API now returns TIME_EXPRESSION entities that refer to medical conditions.
  - Clarify that enabling or disabling automated backups causes a brief downtime, not an outage.
  - Added support to enable AQUA in Amazon Redshift clusters.
  - Support for cross-region and cross-account backup copies
  - AWS CodeBuild now allows you to set the access permissions for build artifacts, project artifacts, and log files that are uploaded to an Amazon S3 bucket that is owned by another account.
  - Add support for case sensitive table level restore
  - Add paginator support to DescribeStoreImageTasks and update documentation.
  - CreateProtection now throws InvalidParameterException instead of InternalErrorException when system tags (tag with keys prefixed with 'aws:') are passed in.
  - This release introduces support for Amazon Lookout for Equipment.
  - Documentation updates for archived.kinesisvideo
  - This release allows RoboMaker customers to specify custom tools to run with their simulation job
  - This release provides support for image updates
  - Documentation updates for AWS RAM resource sharing
  - Documentation updates for Put-Integration API
  - Amazon EC2 Auto Scaling announces Warm Pools that help applications to scale out faster by pre-initializing EC2 instances and save money by requiring fewer continuously running instances
  - File Gateway APIs now support FSx for Windows as a cloud storage.
  - IAM Access Analyzer now analyzes your CloudTrail events to identify actions and services that have been used by an IAM entity (user or role) and generates an IAM policy that is based on that activity.
  - This release adds tagging support for all AWS ElastiCache resources except Global Replication Groups.
  - This release adds support for the Auto-Record to S3 feature. Amazon IVS now enables you to save your live video to Amazon S3.
  - Add new service -Application Migration Service.
  - Supports removing a label or labels from a parameter, enables ScheduledEndTime and ChangeDetails for StartChangeRequestExecution API, supports critical/security/other noncompliant count for patch API.
  - MediaLive VPC outputs update to include Availability Zones, Security groups, Elastic Network Interfaces, and Subnet Ids in channel response
  - This release adds support for storing EBS-backed AMIs in S3 and restoring them from S3 to enable cross-partition copying of AMIs
  - Documentation updates for Cloud9
  - AWS Audit Manager has updated the GetAssessment API operation to include a new response field called userRole. The userRole field indicates the role information and IAM ARN of the API caller.
  - MediaLive now support HTML5 Motion Graphics overlay
  - Added destination properties for Zendesk.
  - SPEKE v2 is an upgrade to the existing SPEKE API to support multiple encryption keys, based on an encryption contract selected by the customer.
  - This release adds support for Block Device Mappings for container image builds, and adds distribution configuration support for EC2 launch templates in AMI builds.
  - Route 53 Resolver DNS Firewall is a firewall service that allows you to filter and regulate outbound DNS traffic for your VPCs.
  - MediaConvert now supports HLS ingest, sidecar WebVTT ingest, Teletext color & style passthrough to TTML subtitles, TTML to WebVTT subtitle conversion with style, & DRC profiles in AC3 audio.
  - This release adds support for state detail for Amazon Lightsail container services.
  - AWS Kendra's ServiceNow data source now supports OAuth 2.0 authentication and knowledge article filtering via a ServiceNow query.
  - Lex now supports the ja-JP locale
  - Update lex-runtime client to latest version
  - Added Firewall Manager policy support for AWS Route 53 Resolver DNS Firewall.
  - VPC Flow Logs Service adds a new API, GetFlowLogsIntegrationTemplate, which generates CloudFormation templates for Athena.
  - Added support for ScopeDownStatement for ManagedRuleGroups, Labels, LabelMatchStatement, and LoggingFilter. For more information on these features, see the AWS WAF Developer Guide.
  - Added ability to prefix search on attribute value for ListThings API.
  - Minor documentation and link updates.
  - Amazon Transcribe now supports creating custom language models in the following languages: British English (en-GB), Australian English (en-AU), Indian Hindi (hi-IN), and US Spanish (es-US).
  - Minor documentation and link updates.
  - Support for customer managed KMS encryption of Comprehend custom models
  - Minor documentation updates and link updates.
  - AWS Batch adds support for Amazon EFS File System
  - Added the ability to assign tag values to Detective behavior graphs. Tag values can be used for attribute-based access control, and for cost allocation for billing.
  - Add Sidewalk support to APIs: GetWirelessDevice, ListWirelessDevices, GetWirelessDeviceStatistics. Add Gateway connection status in GetWirelessGatewayStatistics API.
  - 1. Added a new parameter RegionConcurrencyType in OperationPreferences. 2. Changed the name of AccountUrl to AccountsUrl in DeploymentTargets parameter.
  - Add ImageId input parameter to CreateEnvironmentEC2 endpoint. New parameter enables creation of environments with different AMIs.
  - This release adds MACsec support to AWS Direct Connect
  - Enable customers to share access to their Redshift clusters from other VPCs (including VPCs from other accounts).
  - This release adds support for mobile device access rules management in Amazon WorkMail.
  - Minor documentation updates and link updates.
  - Minor documentation updates and link updates.
  - Amazon SageMaker Autopilot now supports 1) feature importance reports for AutoML jobs and 2) PartialFailures for AutoML jobs
  - Adding support to push SSH keys to the EC2 serial console in order to allow an SSH connection to your Amazon EC2 instance's serial port.
  - Update cloudwatch client to latest version
  - This SDK release adds two new dataset features:
    1) support for specifying a database connection as a dataset input
    2) support for dynamic datasets that accept configurable parameters in S3 path.
  - This release adds support for Batch Predictions in Amazon Fraud Detector.
  - ReplaceRootVolume feature enables customers to replace the EBS root volume of a running instance to a previously known state. Add support to grant account-level access to the EC2 serial console
  - Adding new APIs to support ConformancePack Compliance CI in Aggregators
  - Added support for journey pause/resume, journey updatable import segment and journey quiet time wait.
  - Added custom request handling and custom response support in rule actions and default action; Added the option to inspect the web request body as parsed and filtered JSON.
  - AWS Identity and Access Management GetAccessKeyLastUsed API will throw a custom error if customer public key is not found for access keys.
  - Allow Dots in Registry and Schema Names for CreateRegistry, CreateSchema; Fixed issue when duplicate keys are present and not returned as part of QuerySchemaVersionMetadata.
  - This release adds support for Event Subscriptions to DocumentDB.
  - Amazon Location added support for specifying pricing plan information on resources in alignment with our cost model.
  - Support tag-on-create for WirelessDevice.
  - This release adds an optional parameter named FlowDefinition in PutIntegrationRequest.
  - Add support for SageMaker Model Builder Pipelines Targets to EventBridge
  - Amazon Transcribe now supports tagging words that match your vocabulary filter for batch transcription.
  - Allowing uppercase alphabets for RDS and Redshift database names.
  - Documentation updates for Amazon SQS
  - This release introduces AWS tagging support for Amazon Rekognition collections, stream processors, and Custom Label models.
  - This feature allows customer to specify the environment variables in their CreateTrainingJob requests.
  - EML now supports handling HDR10 and HLG 2020 color space from a Link input.
  - Amazon Lookout for Metrics is now generally available. You can use Lookout for Metrics to monitor your data for anomalies. For more information, see the Amazon Lookout for Metrics Developer Guide.
  - Added support for enabling and disabling data retention in the CreateProfile and UpdateProfile APIs and retrieving the state of data retention for a profile in the GetProfile API.
  - This release allows SSM Explorer customers to enable OpsData sources across their organization when creating a resource data sync.
  - Documentation updates for route53
  - Fix an issue with XML newline normalization in PutBucketLifecycleConfiguration requests.
  - Documentation updates for Amazon S3
  - Documentation updates for s3-control
  - maximumEfaInterfaces added to DescribeInstanceTypes API
  - Updated the parameters to make name required for CreateGroup API.
  - You can now create cost categories with inherited value rules and specify default values for any uncategorized costs.
  - Updated maximum allowed size of action parameter from 64 to 1024
  - Removed APIs to control AQUA on clusters.
  - Documentation updates for IAM operations and descriptions.
  - GameLift adds support for using event notifications to monitor game session placements. Specify an SNS topic or use CloudWatch Events to track activity for a game session queue.
  - This release adds support for UEFI boot on  selected AMD-and Intel-based EC2 instances.
  - Added support to enable AQUA in Amazon Redshift clusters.
  - Documentation updates for CodeArtifact
  - This release of the Amazon Macie API adds support for publishing sensitive data findings to AWS Security Hub and specifying which categories of findings to publish to Security Hub.
  - Adding authentication support for pulling images stored in private Docker registries to build containers for real-time inference.
  - X2gd instances are the next generation of memory-optimized instances powered by AWS-designed, Arm-based AWS Graviton2 processors.
  - Updated mislabeled exceptions for S3 Object Lambda
  - Amazon EC2 Auto Scaling Instance Refresh now supports phased deployments.
  - S3 Object Lambda is a new S3 feature that enables users to apply their own custom code to process the output of a standard S3 GET request by automatically invoking a Lambda function with a GET request
  - Add new fields for additional information about VPC endpoint for clusters with reallocation enabled, and a new field for total storage capacity for all clusters.
  - S3 Object Lambda is a new S3 feature that enables users to apply their own custom code to process the output of a standard S3 GET request by automatically invoking a Lambda function with a GET request
  - New object for separate provider and customer values. New objects track S3 Public Access Block configuration and identify sensitive data. BatchImportFinding requests are limited to 100 findings.
  - Support new target device ml_eia2 in SageMaker CreateCompilationJob API
  - Making serviceRole an optional parameter when creating a compute environment. If serviceRole is not provided then Service Linked Role will be created (or reused if it already exists).
  - Allow empty list for function response types
  - Documentation updates for AWS Identity and Access Management (IAM).
  - This release adds support for the SRT-listener protocol on sources and outputs.
  - This release adds support for the ValidatePolicy API. IAM Access Analyzer is adding over 100 policy checks and actionable recommendations that help you validate your policies during authoring.
  - MediaTailor channel assembly is a new manifest-only service that allows you to assemble linear streams using your existing VOD content.
  - This release adds UPDATE_FAILED and UNAVAILABLE MWAA environment states.
  - GameLift expands to six new AWS Regions, adds support for multi-location fleets to streamline management of hosting resources, and lets you customize more of the game session placement process.
  - Initial release of AWS Fault Injection Simulator, a managed service that enables you to perform fault injection experiments on your AWS workloads
  - AWS CodeDeploy can now detect instances running an outdated revision of your application and automatically update them with the latest revision.
  - Update emr client to latest version
  - This is for ecs exec feature release which includes two new APIs -execute-command and update-cluster and an AWS CLI customization for execute-command API
  - MediaTailor channel assembly is a new manifest-only service that allows you to assemble linear streams using your existing VOD content.
  - Adds API support for WorkSpaces bundle management operations.
  - Added optional billingViewArn field for OSG.
  - Update comprehend client to latest version
  - Update wafv2 client to latest version
  - Update medialive client to latest version
  - Update network-firewall client to latest version
  - Update accessanalyzer client to latest version
  - Update ssm client to latest version
  - Update s3 client to latest version
  - Update backup client to latest version
  - Update rds client to latest version
  - Update codeguruprofiler client to latest version
  - Update autoscaling client to latest version
  - Update iotwireless client to latest version
  - Update efs client to latest version
  - Update lambda client to latest version
  - Update emr client to latest version
  - Update kinesis-video-archived-media client to latest version
  - Update s3 client to latest version
  - Update s3control client to latest version
  - Update autoscaling client to latest version
  - Update license-manager client to latest version
  - Update network-firewall client to latest version
  - Update ec2 client to latest version
  - Update athena client to latest version
  - Update medialive client to latest version
  - Update shield client to latest version
  - Update codepipeline client to latest version
  - Update appflow client to latest version
  - Update servicediscovery client to latest version
  - Update events client to latest version
  - Update sagemaker client to latest version
  - Update mwaa client to latest version
  - Update forecast client to latest version
  - Update secretsmanager client to latest version
  - Update macie2 client to latest version
  - Update codebuild client to latest version
  - Update es client to latest version
  - Update acm client to latest version
  - Update wellarchitected client to latest version
  - Update iotwireless client to latest version
  - Update directconnect client to latest version
  - Fix an issue with XML newline normalization that could result in the DeleteObjects operation incorrectly deleting the wrong keys.
  - Update managedblockchain client to latest version
  - Update events client to latest version
  - Update compute-optimizer client to latest version
  - Update datasync client to latest version
  - Add a `__bytes__` method to the `Binary` DynamoDB type.
  - Update alexaforbusiness client to latest version
  - Update ssm client to latest version
  - Update codepipeline client to latest version
  - Update eks client to latest version
  - Update s3 client to latest version
  - Update sso-admin client to latest version
  - Update eks client to latest version
  - Update emr client to latest version
  - Update databrew client to latest version
  - Update detective client to latest version
  - Update lightsail client to latest version
  - Update imagebuilder client to latest version
  - Update transfer client to latest version
  - Update es client to latest version
  - Update mediapackage-vod client to latest version
  - Update appflow client to latest version
  - Update ecr-public client to latest version
  - Update compute-optimizer client to latest version
  - Update glue client to latest version
  - Update redshift-data client to latest version
  - Update s3control client to latest version
  - Update autoscaling client to latest version
  - Update pinpoint client to latest version
  - Update quicksight client to latest version
  - Update iotevents client to latest version
  - Update connect client to latest version
  - Update sagemaker-runtime client to latest version
  - Update sagemaker client to latest version
  - Update rds client to latest version
  - Update health client to latest version
  - Update sagemaker client to latest version
  - Update cloudformation client to latest version
  - Update codebuild client to latest version
  - Update ec2 client to latest version
  - Update config client to latest version
  - Update lookoutvision client to latest version
  
This update for python-s3transfer fixes the following issues:

- Update 0.5.0: (bsc#1189649)
  - Add set_exception to CRTTransferFuture to allow setting exceptions in subscribers.
  - Add optional AWS Common Runtime (CRT) support. The AWS CRT provides a C-based S3 transfer client that can improve transfer throughput.
  - Fix seek behavior in ReadFileChunk class
  - Block TransferManager methods for S3 Object Lambda resources
  - Add server side encryption context into allowed list

- Update to version 0.2.1 (bsc#1146853)
- Update to 0.1.13 (bsc#1075263)
    
This update for aws-cli fixes the following issues:

- Update to version 1.20.7 (bsc#1189649)
- Update Requires in spec file from setup.py
  
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3993-1
Released:    Fri Dec 10 15:04:05 2021
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    important
References:  1193321,1193485,CVE-2021-43536,CVE-2021-43537,CVE-2021-43538,CVE-2021-43539,CVE-2021-43541,CVE-2021-43542,CVE-2021-43543,CVE-2021-43545,CVE-2021-43546
This update for MozillaFirefox fixes the following issues:

Update to Extended Support Release 91.4.0 (bsc#1193485):

- CVE-2021-43536: URL leakage when navigating while executing asynchronous function
- CVE-2021-43537: Heap buffer overflow when using structured clone
- CVE-2021-43538: Missing fullscreen and pointer lock notification when requesting both
- CVE-2021-43539: GC rooting failure when calling wasm instance methods
- CVE-2021-43541: External protocol handler parameters were unescaped
- CVE-2021-43542: XMLHttpRequest error codes could have leaked the existence of an external protocol handler
- CVE-2021-43543: Bypass of CSP sandbox directive when embedding
- CVE-2021-43545: Denial of Service when using the Location API in a loop
- CVE-2021-43546: Cursor spoofing could overlay user interface when native cursor is zoomed
- Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4
- Removed x-scheme-handler/ftp from MozillaFirefox.desktop (bsc#1193321)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3999-1
Released:    Sun Dec 12 10:17:43 2021
Summary:     Security update for log4j
Type:        security
Severity:    important
References:  1193611,CVE-2021-44228
This update for log4j fixes the following issues:

- CVE-2021-44228: Fix a remote code execution vulnerability that existed in the
  LDAP JNDI parser. [bsc#1193611, CVE-2021-44228]

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:4009-1
Released:    Mon Dec 13 11:24:43 2021
Summary:     Recommended update for systemd-rpm-macros
Type:        recommended
Severity:    low
References:  
This update for systemd-rpm-macros fixes the following issues:

- Introduce rpm macro %_systemd_util_dir

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:4018-1
Released:    Tue Dec 14 08:58:22 2021
Summary:     Security update for fetchmail
Type:        security
Severity:    moderate
References:  1152964,1174075,1181400,1188875,1190069,1190896,CVE-2021-36386,CVE-2021-39272
This update for fetchmail fixes the following issues:

- CVE-2021-36386: Fixed DoS or information disclosure in some configurations (bsc#1188875).
- CVE-2021-39272: Fixed STARTTLS session encryption bypassing (fetchmail-SA-2021-02) (bsc#1190069).

- Update to 6.4.22 (bsc#1152964, jsc#SLE-18159, jsc#SLE-17903, jsc#SLE-18059)
- Remove all python2 dependencies (bsc#1190896).
- De-hardcode /usr/lib path for launch executable (bsc#1174075).
- Added hardening to systemd service(s) (bsc#1181400).
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:4063-1
Released:    Tue Dec 14 13:58:09 2021
Summary:     Security update for icu.691
Type:        security
Severity:    important
References:  1158955,1159131,1161007,1162882,1167603,1182252,1182645
This update for icu.691 fixes the following issues:


- Renamed package from icu 69.1 for SUSE:SLE-15-SP3:Update. (jsc#SLE-17893)
- Fix undefined behaviour in 'ComplexUnitsConverter::applyRounder'

- Update to release 69.1
  - For Norwegian, 'no' is back to being the canonical code, with
    'nb' treated as equivalent. This aligns handling of Norwegian
    with other macro language codes.
  - Binary prefixes in measurement units (KiB, MiB, etc.)
  - Time zone offsets from local time with new APIs.
- Don't disable testsuite under 'qemu-linux-user'
- Fixed an issue when ICU test on 'aarch64 fails. (bsc#1182645)
- Drop 'SUSE_ASNEEDED' as the issue was in binutils. (bsc#1182252)
- Fix 'pthread' dependency issue. (bsc#1182252)

- Update to release 68.2
  - Fix memory problem in 'FormattedStringBuilder'
  - Fix assertion when 'setKeywordValue w/' long value.
  - Fix UBSan breakage on 8bit of rbbi
  - fix int32_t overflow in listFormat
  - Fix memory handling in MemoryPool::operator=()
  - Fix memory leak in AliasReplacer

- Add back icu.keyring.
- Update to release 68.1
  - PluralRules selection for ranges of numbers
  - Locale ID canonicalization now conforms to the CLDR spec including edge cases
  - DateIntervalFormat supports output options such as capitalization
  - Measurement units are normalized in skeleton string output
  - Time zone data (tzdata) version 2020d

- Add the provides for libicu to Make .Net core can install successfully. (bsc#1167603, bsc#1161007) 
- Update to version 67.1
  - Unicode 13 (ICU-20893, same as in ICU 66)
    - Total of 5930 new characters
    - 4 new scripts
    - 55 new emoji characters, plus additional new sequences
    - New CJK extension, first characters in plane 3: U+30000..U+3134A
    - New language at Modern coverage: Nigerian Pidgin
    - New languages at Basic coverage: Fulah (Adlam), Maithili,
      Manipuri, Santali, Sindhi (Devanagari), Sundanese
    - Region containment: EU no longer includes GB
    - Unicode 13 root collation data and Chinese data for collation and transliteration
  - DateTimePatternGenerator now obeys the 'hc' preference in the locale identifier
  - Various other improvements for ECMA-402 conformance
  - Number skeletons have a new 'concise' form that can be used in MessageFormat strings
  - Currency formatting options for formal and other currency display name variants
  - ListFormatter: new public API to select the style & type
  - ListFormatter now selects the proper “and”/“or” form for Spanish & Hebrew.
  - Locale ID canonicalization upgraded to implement the complete CLDR spec.
  - LocaleMatcher: New option to ignore one-way matches
  - acceptLanguage() reimplemented via LocaleMatcher
  - Data build tool: tzdbNames.res moved from the 'zone_tree' category to the 'zone_supplemental' category
  - Fixed uses of u8'literals' broken by the C++20 introduction of the incompatible char8_t type
  - and added a few API overloads to reduce the need for reinterpret_cast.
  - Support for manipulating CLDR 37 unit identifiers in MeasureUnit.

- Drop icu-versioning. (bsc#1159131)
- Update to version 66.1
  - Unicode 13 support
  - Fix uses of u8'literals' broken by C++20 introduction of incompatible char8_t type.

- Fixed an issue when Qt apps can't handle non-ASCII filesystem path. ([bsc#1162882)
- Remove '/usr/lib(64)/icu/current'. (bsc#1158955)


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:4070-1
Released:    Tue Dec 14 14:56:22 2021
Summary:     Security update for xorg-x11-server
Type:        security
Severity:    important
References:  1193030,CVE-2021-4008
This update for xorg-x11-server fixes the following issues:
	  
- CVE-2021-4008: Fixed Privilege Escalation Vulnerability via Out-Of-Bounds Access in SProcRenderCompositeGlyphs (bsc#1193030).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:4094-1
Released:    Wed Dec 15 11:17:24 2021
Summary:     Security update for log4j
Type:        security
Severity:    important
References:  1193611,1193743,CVE-2021-44228,CVE-2021-45046
This update for log4j fixes the following issue:

CVE-2021-44228: The previously published fix by upstream turned out to be
incomplete. Therefore, upstream has recommended disabling JNDI support in log4j
by default to be completely sure that this vulnerability cannot be exploited.

This update implements that recommendation and disables JNDI support by
default. [bsc#1193611, CVE-2021-44228]

CVE-2021-45046: A Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack 
is also fixed by disabling JNDI support by default (bsc#1193743)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:4104-1
Released:    Thu Dec 16 11:14:12 2021
Summary:     Security update for python3
Type:        security
Severity:    moderate
References:  1180125,1183374,1183858,1185588,1187668,1189241,1189287,CVE-2021-3426,CVE-2021-3733,CVE-2021-3737
This update for python3 fixes the following issues:

- CVE-2021-3426: Fixed information disclosure via pydoc (bsc#1183374).
- CVE-2021-3733: Fixed infinitely reading potential HTTP headers after a 100 Continue status response from the server (bsc#1189241).
- CVE-2021-3737: Fixed ReDoS in urllib.request (bsc#1189287).

- We do not require python-rpm-macros package (bsc#1180125).
- Use versioned python-Sphinx to avoid dependency on other version of Python (bsc#1183858).
- Stop providing 'python' symbol, which means python2 currently (bsc#1185588).
- Modify Lib/ensurepip/__init__.py to contain the same version numbers as are in reality the ones in the bundled wheels (bsc#1187668).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:4107-1
Released:    Thu Dec 16 19:02:22 2021
Summary:     Security update for log4j
Type:        security
Severity:    important
References:  1193743,CVE-2021-44228,CVE-2021-45046
This update for log4j fixes the following issue:

- Previously published fixes for log4jshell turned out to be incomplete.
  Upstream has followed up on the original patch for CVE-2021-44228 with
  several additional changes (LOG4J2-3198, LOG4J2-3201, LOG4J2-3208, and
  LOG4J2-3211) that are included in this update. Since the totality of
  those patches is pretty much equivalent to an update to the latest
  version of log4j, we did update the package's tarball from version
  2.13.0 to 2.16.0 instead of trying to apply those patches to the old
  version. This change brings in a new dependency on 'jakarta-servlet'
  and a version update of 'disruptor'. [bsc#1193743, CVE-2021-45046]

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:4112-1
Released:    Fri Dec 17 12:19:22 2021
Summary:     Security update for log4j12
Type:        security
Severity:    important
References:  1193662,CVE-2021-4104
This update for log4j12 fixes the following issues:

- CVE-2021-4104: Disable the JMSAppender class from log4j to protect against
  the log4jshell vulnerability. [bsc#1193662]

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:4118-1
Released:    Mon Dec 20 12:43:09 2021
Summary:     Security update for log4j
Type:        security
Severity:    important
References:  1193887,1193888,CVE-2021-45105
This update for log4j fixes the following issues:

- Update to 2.17.0
- CVE-2021-45105: Apache Log4j2 does not always protect from infinite recursion in lookup evaluation. (bsc#1193887, bsc#1193888)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:4136-1
Released:    Tue Dec 21 15:33:48 2021
Summary:     Security update for xorg-x11-server
Type:        security
Severity:    important
References:  1190487,1190488,1190489,CVE-2021-4009,CVE-2021-4010,CVE-2021-4011
This update for xorg-x11-server fixes the following issues:

- CVE-2021-4009: The handler for the CreatePointerBarrier request of the XFixes 
  extension does not properly validate the request length leading to out of 
  bounds memory write. (bsc#1190487)
- CVE-2021-4010: The handler for the Suspend request of the Screen Saver extension
  does not properly validate the request length leading to out of
  bounds memory write. (bsc#1190488)
- CVE-2021-4011: The handlers for the RecordCreateContext and RecordRegisterClients
  requests of the Record extension do not properly validate the request
  length leading to out of bounds memory write. (bsc#1190489)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:4143-1
Released:    Wed Dec 22 05:26:22 2021
Summary:     Recommended update for libteam
Type:        recommended
Severity:    moderate
References:  1185424
This update for libteam fixes the following issues:

- Fix permission issues in NetworkManager (bsc#1185424)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:4144-1
Released:    Wed Dec 22 05:27:09 2021
Summary:     Recommended update for openssl-1_0_0
Type:        recommended
Severity:    moderate
References:  1180995,1186495,1190885
This update for openssl-1_0_0 fixes the following issues:

- Fix parameters by name ffdheXXXX and modp_XXXX sometimes result in 'not found' (bsc#1190885)
- Fix binaries not linked as position independent executables (bsc#1186495)
- Add RFC3526 and RFC7919 groups to 'openssl genpkey' so that it can output 
  FIPS-appropriate parameter (bsc#1180995)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:4149-1
Released:    Wed Dec 22 10:41:05 2021
Summary:     Recommended update for samba
Type:        recommended
Severity:    important
References:  1192849,CVE-2020-25717
This update for samba fixes the following issues:

The username map advice from the CVE-2020-25717 advisory
note has undesired side effects for the local nt token. Fallback
to a SID/UID based mapping if the name based lookup fails (bsc#1192849).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:4150-1
Released:    Wed Dec 22 10:58:00 2021
Summary:     Security update for MozillaThunderbird
Type:        security
Severity:    important
References:  1182863,1189547,1190244,1190269,1191332,1192250,1193485,CVE-2021-29981,CVE-2021-29982,CVE-2021-29987,CVE-2021-29991,CVE-2021-32810,CVE-2021-38492,CVE-2021-38493,CVE-2021-38495,CVE-2021-38496,CVE-2021-38497,CVE-2021-38498,CVE-2021-38500,CVE-2021-38501,CVE-2021-38502,CVE-2021-38503,CVE-2021-38504,CVE-2021-38505,CVE-2021-38506,CVE-2021-38507,CVE-2021-38508,CVE-2021-38509,CVE-2021-38510,CVE-2021-40529,CVE-2021-43528,CVE-2021-43536,CVE-2021-43537,CVE-2021-43538,CVE-2021-43539,CVE-2021-43541,CVE-2021-43542,CVE-2021-43543,CVE-2021-43545,CVE-2021-43546
This update for MozillaThunderbird fixes the following issues:

- Update to version 91.4 MFSA 2021-54 (bsc#1193485)
- CVE-2021-43536: URL leakage when navigating while executing asynchronous function
- CVE-2021-43537: Heap buffer overflow when using structured clone
- CVE-2021-43538: Missing fullscreen and pointer lock notification when requesting both
- CVE-2021-43539: GC rooting failure when calling wasm instance methods
- CVE-2021-43541: External protocol handler parameters were unescaped
- CVE-2021-43542: XMLHttpRequest error codes could have leaked the existence of an external protocol handler
- CVE-2021-43543: Bypass of CSP sandbox directive when embedding
- CVE-2021-43545: Denial of Service when using the Location API in a loop
- CVE-2021-43546: Cursor spoofing could overlay user interface when native cursor is zoomed
- CVE-2021-43528: JavaScript unexpectedly enabled for the composition area

- Update to version 91.3.2
- CVE-2021-40529: Fixed ElGamal implementation could allow plaintext recovery (bsc#1190244)

- Update to version 91.3 MFSA 2021-50 (bsc#1192250)
- CVE-2021-38503: Fixed iframe sandbox rules did not apply to XSLT stylesheets
- CVE-2021-38504: Fixed use-after-free in file picker dialog
- CVE-2021-38505: Fixed Windows 10 Cloud Clipboard may have recorded sensitive user data
- CVE-2021-38506: Fixed Thunderbird could be coaxed into going into fullscreen mode without notification or warning
- CVE-2021-38507: Fixed opportunistic Encryption in HTTP2 could be used to bypass the Same-Origin-Policy on services hosted on other ports
- CVE-2021-38508: Fixed permission Prompt could be overlaid, resulting in user confusion and potential spoofing
- CVE-2021-38509: Fixed Javascript alert box could have been spoofed onto an arbitrary domain
- CVE-2021-38510: Fixed Download Protections were bypassed by .inetloc files on Mac OS
- Fixed plain text reformatting regression (bsc#1182863)

- Update to version 91.2 MFSA 2021-47 (bsc#1191332)
- CVE-2021-29981: Live range splitting could have led to conflicting assignments in the JIT
- CVE-2021-29982: Single bit data leak due to incorrect JIT optimization and type confusion
- CVE-2021-29987: Users could have been tricked into accepting unwanted permissions on Linux
- CVE-2021-32810: Data race in crossbeam-deque
- CVE-2021-38493: Memory safety bugs fixed in Thunderbird 78.14 and Thunderbird 91.1
- CVE-2021-38496: Use-after-free in MessageTask
- CVE-2021-38497: Validation message could have been overlaid on another origin
- CVE-2021-38498: Use-after-free of nsLanguageAtomService object
- CVE-2021-38500: Memory safety bugs fixed in Thunderbird 91.2
- CVE-2021-38501: Memory safety bugs fixed in Thunderbird 91.2
- CVE-2021-38502: Downgrade attack on SMTP STARTTLS connections

- Update to version 91.1.0 MFSA 2021-41 (bsc#1190269)
- CVE-2021-38492: Navigating to `mk:` URL scheme could load Internet Explorer
- CVE-2021-38495: Memory safety bugs fixed in Thunderbird 91.1

- Update to version 91.0.1 MFSA 2021-37 (bsc#1189547)
- CVE-2021-29991: Header Splitting possible with HTTP/3 Responses

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:4153-1
Released:    Wed Dec 22 11:00:48 2021
Summary:     Security update for openssh
Type:        security
Severity:    important
References:  1183137,CVE-2021-28041
This update for openssh fixes the following issues:

- CVE-2021-28041: Fixed double free in ssh-agent (bsc#1183137).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:4158-1
Released:    Wed Dec 22 11:40:12 2021
Summary:     Recommended update for python3-ec2imgutils
Type:        recommended
Severity:    important
References:  1189649,1190538,1192298
This update for python3-ec2imgutils fixes the following issues:

- Update to version 9.0.4 (bsc#1192298)
  - Set a time out for the ssh connection to avoid hang in a multi threaded environment

- Update to version 9.0.3 (bsc#1190538)
  - Support setting the boot mode for EC2 images, either to legacy-bios or uefi. Argument is optional, without it instance will use the default boot mode for the given instance type.

- Update to version 9.0.2 (bsc#1189649)
  - In addition to tagging images in AWS also set them to deprecated in EC2. This allows the framework to hide the images from new users when images are no longer supposed to be used.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:4165-1
Released:    Wed Dec 22 22:52:11 2021
Summary:     Recommended update for kmod
Type:        recommended
Severity:    moderate
References:  1193430
This update for kmod fixes the following issues:

- Ensure that kmod and packages linking to libkmod provide same features. (bsc#1193430)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:4171-1
Released:    Thu Dec 23 09:55:13 2021
Summary:     Security update for runc
Type:        security
Severity:    moderate
References:  1193436,CVE-2021-43784
This update for runc fixes the following issues:

Update to runc v1.0.3. 
    
* CVE-2021-43784: Fixed a potential vulnerability related to the internal usage
  of netlink, which is believed to not be exploitable with any released versions of runc (bsc#1193436)
* Fixed inability to start a container with read-write bind mount of a read-only fuse host mount.
* Fixed inability to start when read-only /dev in set in spec.
* Fixed not removing sub-cgroups upon container delete, when rootless cgroup
  v2 is used with older systemd.
* Fixed returning error from GetStats when hugetlb is unsupported (which
  causes excessive logging for kubernetes).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:4174-1
Released:    Thu Dec 23 11:22:14 2021
Summary:     Recommended update for gnu-compilers-hpc
Type:        recommended
Severity:    moderate
References:  
This update for gnu-compilers-hpc fixes the following issues:

- Add build support for gcc11 to HPC build. (jsc#SLE-18780, jsc#SLE-18781, jsc#SLE-18782, jsc#SLE-18806)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:4177-1
Released:    Thu Dec 23 11:42:57 2021
Summary:     Recommended update for ServiceReport
Type:        recommended
Severity:    important
References:  1193718
This update for ServiceReport fixes the following issues:

- Fix build to require python-rpm-macros (bsc#1193718)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:4179-1
Released:    Thu Dec 23 11:49:09 2021
Summary:     Recommended update for corosync
Type:        recommended
Severity:    moderate
References:  1192467
This update for corosync fixes the following issues:

- Fix corosync not recognizing isolated nodes when interface is down (bsc#1192467)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:4183-1
Released:    Thu Dec 23 11:52:19 2021
Summary:     Recommended update for cpuset
Type:        recommended
Severity:    moderate
References:  1191418
This update for cpuset fixes the following issues:

- Fix wrong parentheses in the code that lead to an unsupported operand error (bsc#1191418)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:4189-1
Released:    Fri Dec 24 07:43:34 2021
Summary:     Recommended update for scap-security-guide
Type:        recommended
Severity:    moderate
References:  
This update for scap-security-guide fixes the following issues:

- updated to 0.1.59 release (jsc#ECO-3319)
  - Support for Debian 11
  - NERC CIP profiles for OCP4 and RHCOS
  - HIPAA profile for SLE15
  - Delta Tailoring Files for STIG profiles

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:4204-1
Released:    Thu Dec 30 11:48:55 2021
Summary:     Recommended update for pptp
Type:        recommended
Severity:    moderate
References:  1131960,1191717
This update for pptp fixes the following issues:
- Fix issue when connecting to Microtic routers (bsc#1191717)
- Remove UID related output from routing because not needed and prompts error (bsc#1131960)
- Prevent pptpsetup creating world-readable peers file
- Allow setting up passwords with quotes and trailing spaces
- Fix tunnel file generation to make sure it can be used by a non-root user
- Fix a memory leak in pqueue
- Fix read and writes beyond allocated memory
- Fix Use-After-Free in call close request handler
- Allow missing window value to be specified in command line instead of being hardcoded
- Randomise call-id to allow connecting with simultaneous pptp sessions
- Fix file descriptor in call to ttyname. Resulting error was a common message:
  'pptp: GRE-to-PPP gateway on (null)'

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:4208-1
Released:    Thu Dec 30 12:55:58 2021
Summary:     Security update for log4j
Type:        security
Severity:    moderate
References:  1194127,CVE-2021-44832
This update for log4j fixes the following issues:

- CVE-2021-44832: Fixes a remote code execution via JDBC Appender (bsc#1194127)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:4210-1
Released:    Fri Dec 31 09:55:30 2021
Summary:     Security update for gegl
Type:        security
Severity:    important
References:  1194045,CVE-2021-45463
This update for gegl fixes the following issues:

- CVE-2021-45463: fixed shell expansion via crafted pathname in the ImageMagick convert fallback (bsc#1194045).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1-1
Released:    Mon Jan  3 08:26:27 2022
Summary:     Recommended update for ha-cluster-bootstrap
Type:        recommended
Severity:    important
References:  1193437
This update for ha-cluster-bootstrap fixes the following issues:

- Add deprecated warning when using ha-cluster-bootstrap (bsc#1193437)

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2022:6-1
Released:    Mon Jan  3 08:29:42 2022
Summary:     Feature update for numatop
Type:        feature
Severity:    moderate
References:  
This feature update for numatop fixes the following issues:

- Add support for ICX processors (jsc#SLE-19499, jsc#SLE-23044)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:8-1
Released:    Mon Jan  3 08:50:44 2022
Summary:     Recommended update for mailx
Type:        recommended
Severity:    moderate
References:  1180355,1192916
This update for mailx fixes the following issues:

- To add description how to avoid such mailx does not send mails unless run via strace or in verbose mode. (bsc#1192916)
- Fix name argument when calling '/usr/sbin/sendmail' (bsc#1180355)
- If the openssl RNG is already seeded (on linux it always is) skip snake-oil reeseeding from file. Update man page accordingly.
- Update man page with information that ssl2 and ssl3 are not only deprecated but currently unavailable and that tls1 forces TLS 1.0 but not later versions.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:11-1
Released:    Mon Jan  3 15:34:56 2022
Summary:     Recommended update for lifecycle-data-sle-module-live-patching
Type:        recommended
Severity:    moderate
References:  1020320
This update for lifecycle-data-sle-module-live-patching fixes the following issue:

Lifecycle data updates. (bsc#1020320)

- Updates for 4_12_14-150_78, 4_12_14-197_102, 5_3_18-24_93,
  5_3_18-24_96, 5_3_18-59_30, 5_3_18-59_34, 5_3_18-59_37.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:12-1
Released:    Mon Jan  3 15:36:04 2022
Summary:     Recommended update for cairo, jbigkit, libjpeg-turbo, libwebp, libxcb, openjpeg2, pixman, poppler, tiff
Type:        recommended
Severity:    moderate
References:  
This recommended update for cairo, jbigkit, libjpeg-turbo, libwebp, libxcb, openjpeg2, pixman, poppler, tiff provides the following fix:

- Ship some missing binaries to PackageHub.
  
-----------------------------------------------------------------
Advisory ID: SUSE-feature-2022:19-1
Released:    Tue Jan  4 10:23:31 2022
Summary:     Feature update for ghostscript and gswrap
Type:        feature
Severity:    moderate
References:  
This update for ghostscript, gswrap fixes the following issues:

We now ship an additional wraper for ghostscript, called gswrap, for SLE 15 SP2 and SLE15 SP3. You can install this wrapper by installing the gswrap package.

- Allow the `gswrap` package to use its wrapper script for `ghostscript` (jsc#SLE-21705 jsc#SLE-21706)
- Use `update-alternatives` to get the real `ghostscript` binary from `/usr/bin/gs` to `/usr/bin/gs.bin`

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:20-1
Released:    Tue Jan  4 14:29:14 2022
Summary:     Recommended update for sles-installer-sap-bone-release
Type:        recommended
Severity:    moderate
References:  1175174,1192872
This update for sles-installer-sap-bone-release fixes the following issues:


- SAP B1 Image release package update required (bsc#1192872)
  Increase release
  ECO: Deliver Missing package sles-installer-sap-bone-release to SLES 15 SP2. (jsc#SLE-23111)

- The reason of this package is the need of identification for preloded OEM installation. (bsc#1175174)
 
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:21-1
Released:    Tue Jan  4 16:06:08 2022
Summary:     Security update for libvirt
Type:        security
Severity:    important
References:  1191668,1192017,1193623,1193719,1193981,1194041,CVE-2021-4147
This update for libvirt fixes the following issues:

- CVE-2021-4147: libxl: Fix libvirtd deadlocks and segfaults. (bsc#1194041)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:35-1
Released:    Thu Jan  6 10:03:47 2022
Summary:     Recommended update for telnet
Type:        recommended
Severity:    low
References:  1129925
This update for telnet fixes the following issues:

- Update Source location to use Gentoo mirror, fixes bsc#1129925

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:37-1
Released:    Thu Jan  6 14:11:01 2022
Summary:     Recommended update for s3fs
Type:        recommended
Severity:    moderate
References:  1193236
This update for s3fs fixes the following issues:

- Update to version 1.90 (bsc#1193236)
  + Don't ignore nomultipart when storage is low
  + Fix POSIX compatibility issues found by pjdfstest
  + Fail CheckBucket when S3 returns PermanentRedirect
  + Do not create zero-byte object when creating file
  + Allow arbitrary size AWS secret keys
  + Fix race conditions
  + Set explicit Content-Length: 0 when initiating MPU
  + Set CURLOPT_UNRESTRICTED_AUTH when authenticating
  + Add jitter to avoid thundering herd
  + Loosen CheckBucket to check only the bucket
  + Add support for AWS-style environment variables

- Update to version 1.89
  + Fix a regression when writing objects larger than 10 GB during periodic
    dirty data flush (on by default).
  + Propagate S3 errors to errno more accurately
  + Allow writing > 5 GB single-part objects supported by some non-AWS S3
  + Allow configuration of multipart copy size and limit to 5 GB
  + Allow configuration of multipart upload threshold and reduce default to
    25 MB
  + Set default stat timeout to 900 seconds correctly
  + Fix data corruption while updating metadata with use_cache

- Update to version 1.88
  + Fixed a bug about move file over limit of ensure space
  + Fix multiple race conditions
  + Dynamically determine whether lseek extended options are supported
  + Add support for deep archive storage class
  + Plug FdEntity leaks
  + Fix use_session_token option parsing
  + Allow 32-bit platforms to upload single-part objects > 2 GB
  + Fix dead lock in disk insufficient and optimize code
  + Ensure environment variable is set when using ECS
  + Do not call put headers if not exist pending meta
  + Do not send SSE headers during bucket creation
  + Add sigv4 only option
  + Add atime and correct atime/mtime/ctime operations
  + Fixed a bug that symlink could not be read after restarting s3fs
  + Periodically flush written data to reduce temporary local storage
  + Added logfile option for non-syslog logging
  + Add AWS IMDSv2 support
  + Fix multiple issues when retrying requests

- Update to version 1.87
  + use correct content-type when complete multipart upload
  + Fixed a bug of stats cache compression
  + Fixed the truncation bug of stat file for cache file
  + Improved strictness of cache file stats(file)
  + Fixed insufficient upload size for mix multipart upload
  + Warn about missing MIME types instead of exiting
  + Not abort process by exception threw from s3fs_strtoofft
  + Support Google Cloud Storage headers
  + Added a parameter to output body to curldbg option
  + Fix renames of open files with nocopyapi option
  + Relink cache stats file atomically via rename
  + Ignore case when comparing ETags
  + Retry with exponential backoff during 500 error
  + Fixed a bug about serializing from cache file
  + Fixed about ParallelMixMultipartUpload
  + Add support for glacier storage class
  + Fixed upload error about mixuploading sparse file and truncating file
  + Added SIGUSR1 option for cache file integrity test
  + Change default stat_cache_expire

- Update to version 1.86
  + enable various optimizations when using modern curl
  + allow SSE-C keys to have NUL bytes
  + add session token support
  + allow large files on 32-bit systems like Raspberry Pi
  + fix data corruption when external modification changes a cached object
  + fix data corruption when opening a second fd to an unflushed file
  + fix clock skew errors when writing large files
  + allow concurrent metadata queries during data operations
  + use server-side copy for partially modified files
  + fix multiple concurrency issues
  + add requester_pays support
  + add symlink cache
  + add intelligent_ia storage tier

- Make COPYING file a license file
- Update to version 1.85
  + add Backblaze B2
  + Fix typo s/mutliple/multiple/
  + Made instructions for creating password file more obvious.
  + Enable big writes if capable
  + For RPM distributions fuse-libs is enough
  + Add support for storage class ONEZONE_IA.
  + Simplify hex conversion
  + New installation instructions for Fedora >= 27 and CentOS7
  + Improve template for issues
  + Make the compilation instructions generic
  + Replace all mentions to MacOS X to macOS
  + Correct typo
  + Correctly compare list_object_max_keys
  + Allow credentials from ${HOME}/.aws/credentials
  + Replace ~ with ${HOME} in examples
  + Include StackOverflow in FAQs
  + Add icon for s3fs
  + Upload S3 parts without batching
  + Add 'profile' option to command line help.
  + fix multihead warning check
  + Multi-arch support for ppc64le
  + Correct typos in command-line parsing
  + Address cppcheck 1.86 errors
  + Check arguments and environment before .aws/creds
  + [curl] Assume long encryption keys are base64 encoded
  + Update s3fs_util.cpp for correspondence of Nextcloud contype
  + Add Server Fault to FAQs
  + Repair xattr tests
  + Store and retrieve file change time
  + Default uid/gid/mode when object lacks permissions
  + Emit more friendly error for buckets with dots
  + Flush file before renaming
  + Tighten up HTTP response code check
  + Plug memory leak
  + Plug memory leaks
  + Avoid pass-by-value when not necessary
  + Prefer find(char) over find(const char *)
  + Remove unnecessary calls to std::string::c_str
  + Fix comparison in s3fs_strtoofft
  + Prefer HTTPS links where possible
  + Added an error message when HTTP 301 status
  + Ignore after period character of floating point in x-amz-meta-mtime
  + Added a missing extension to .gitignore, and formatted dot files
  + Added detail error message when HTTP 301/307 status
  + Automatic region change made possible other than us-east-1(default)
  + Prefer abort over assert(false)
  + Issue readdir HEAD requests without batching
  + Reference better-known AWS CLI for compatibility
  + Load tail range during overwrite
  + Add test for mv non-empty directory
  + Remove unnecessary string copies
  + Remove redundant string initializations
  + Reverted automatic region change and changed messages
  + Prefer empty over size checks
  + Remove redundant null checks before delete
  + Accept paths with : in them
  + Correct enable_content_md5 docs
  + Correct sigv2 typo
  + Prefer AutoLock for synchronization
  + Remove mirror path when deleting cache
  + Checked and corrected all typo
  + Disable malloc_trim
  + Remove unneeded void parameter
  + Prefer specific [io]stringstream where possible
  + Copy parts in parallel
  + Ensure s3fs compiles with C++03
  + Return not supported when hard linking
  + Repair utility mode
  + Simplify async request completion code
  + Add logging for too many parts
  + Implement exponential backoff for 503
  + Added S3FS_MALLOC_TRIM build switch
  + Added a non-interactive option to utility mode
  + Automatically abort failed multipart requests
  + Update s3ql link
  + Clear containers instead of individual erases
  + Address miscellaneous clang-tidy warnings
  + Upgrade to S3Proxy 1.6.1
  + Document lack of inotify support
  + Fixed code for latest cppcheck error on OSX
  + Wtf8
  + Work around cppcheck warnings
  + Improvement of curl session pool for multipart
  + Increase FdEntity reference count when returning
  + Fix lazy typo
  + Remove from file from stat cache during rename
  + Add instructions for Amazon Linux
  + Changed the description order of man page options
  + Fixed ref-count when error occurred.
  + Make macOS instructions consistent with others


- Update to version 1.84
  + Update README.md with details about .passwd-s3fs
  + add disk space reservation
  + Added Cygwin build options
  + reduce lock contention on file open
  + don't fail multirequest on single thread error
  + add an instance_name option for logging
  + FreeBSD build fixes
  + More useful error message for dupe entries in passwd file
  + cleanup curl handle state on retries
  + don't fail mkdir when directory exists
  + fix xpath selector in bucket listing
  + Validate the URL format for http/https
  + Added reset curl handle when returning to handle pool
  + Optimize defaults
  + Simplify installation for Ubuntu 16.04
  + Upgrade to S3Proxy 1.6.0
  + cleanup curl handles before curl share
  + Remove false multihead warnings
  + Add Debian installation instructions
  + Remove s3fs-python
  + Fixed memory leak
  + Revert 'enable FUSE read_sync by default'
  + Option for IAM authentication endpoint
  + gnutls_auth: initialize libgcrypt
  + Fixed an error by cppcheck on OSX
  + Log messages for 5xx and 4xx HTTP response code
  + Instructions for SUSE and openSUSE prebuilt packages
  + Added list_object_max_keys option based on #783 PR 
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:46-1
Released:    Tue Jan 11 09:08:25 2022
Summary:     Recommended update for java-1_8_0-openjdk
Type:        recommended
Severity:    moderate
References:  1193314
This update for java-1_8_0-openjdk fixes the following issues:

- When system crypto policy files are not available, use the information from the java.security file that we distribute with OpenJDK as a fallback. (bsc#1193314)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:47-1
Released:    Tue Jan 11 09:11:59 2022
Summary:     Recommended update for wsmancli
Type:        recommended
Severity:    moderate
References:  1047218
This update for wsmancli fixes the following issues:


- Add patch to have fixed build date (bsc#1047218)

- Version 2.6.0
  - add '-L locale' flag to specify request-locale

- Update to version 2.5.0
  - 'wsman -h' exits with zero
  - properties and selectors are kept sorted (requires Openwsman 2.5 now)
  - use API to set properties
  - exit with non-zero code if connection fails
  - add man pages (Kent Baxley)
  - add '--non-interactive' option to prevent asking for credentials in scripts
  - don't crash on filter parse error
  - remove -Q (don't send request) option
  - complain about bad filter expression
  - fix autotools build for MacOS
  - adapt to reduced libu exposure in openwsman
  - openwsman C++ bindings need libwsman_clientpp-devel now
  - add wseventmgr
  - fix the default port setting to match wsmc_create() call. Use https (port 5986) when CA info is set.
  - in debug mode, dump the complete response XML if it can't be parsed
  - fix '--sslkey' handling
  - add warning if ssl used without --cacert
- Enhance enumerate with association filter to have the ability to specify the optional elements

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:48-1
Released:    Tue Jan 11 09:17:57 2022
Summary:     Recommended update for python3
Type:        recommended
Severity:    moderate
References:  1190566,1192249,1193179
This update for python3 fixes the following issues:

- Don't use OpenSSL 1.1 on platforms which don't have it.

- Remove shebangs from python-base libraries in '_libdir'. (bsc#1193179, bsc#1192249).
- Build against 'openssl 1.1' as it is incompatible with 'openssl 3.0+'  (bsc#1190566)
- Fix for permission error when changing the mtime of the source file in presence of 'SOURCE_DATE_EPOCH'.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:50-1
Released:    Tue Jan 11 10:11:28 2022
Summary:     Security update for net-snmp
Type:        security
Severity:    important
References:  1027353,1081164,1102775,1108471,1111122,1116807,1140341,1145864,1152968,1174961,1178021,1178351,1179009,1179699,1181591,CVE-2018-18065,CVE-2020-15862
This update for net-snmp fixes the following issues:

- CVE-2020-15862: Make extended MIB read-only (bsc#1174961)
- CVE-2018-18065: Fix remote DoS in agent/helpers/table.c (bsc#1111122)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:52-1
Released:    Tue Jan 11 10:14:46 2022
Summary:     Security update for libsndfile
Type:        security
Severity:    important
References:  1194006,CVE-2021-4156
This update for libsndfile fixes the following issues:

- CVE-2021-4156: Fixed heap buffer overflow in flac_buffer_copy that 
could potentially lead to heap exploitation (bsc#1194006).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:55-1
Released:    Tue Jan 11 12:53:23 2022
Summary:     Recommended update for rsyslog
Type:        recommended
Severity:    moderate
References:  1029961,1160414,1178490,1182653
This update for rsyslog fixes the following issues:

- Upgrade to rsyslog 8.2106.0:
  * The prime new feature is support for TLS and non-TLS connections
    via imtcp in parallel. Furthermore, most TLS parameters can now be overriden
    at the input() level. The notable exceptions are certificate files, something
    that is due to be implemented as next step.
  * New global option 'parser.supportCompressionExtension'
    This permits to turn off rsyslog's single-message compression extension
    when it interferes with non-syslog message processing (the parser
    subsystem expects syslog messages, not generic text)
    closes https://github.com/rsyslog/rsyslog/issues/4598
  * imtcp: add more override config params to input()
    It is now possible to override all module parameters at the input() level. Module
    parameters serve as defaults. Existing configs need no modification.
  * imtcp: add stream driver parameter to input() configuration
    This permits to have different inputs use different stream drivers
    and stream driver parameters.
  * imtcp: permit to run multiple inputs in parallel
    Previously, a single server was used to run all imtcp inputs. This
    had a couple of drawsbacks. First and foremost, we could not use
    different stream drivers in the varios inputs. This patch now
    provides a baseline to do that, but does still not implement the
    capability (in this sense it is a staging patch).
    Secondly, we now ensure that each input has at least one exclusive
    thread for processing, untangling the performance of multiple
    inputs from each other.
  * tcpsrv bugfix: potential sluggishnes and hang on shutdown
    tcpsrv is used by multiple other modules (imtcp, imdiag, imgssapi, and,
    in theory, also others - even ones we do not know about). However, the
    internal synchornization did not properly take multiple tcpsrv users
    in consideration.
    As such, a single user could hang under some circumstances. This was
    caused by improperly awaking all users from a pthread condition wait.
    That in turn could lead to some sluggish behaviour and, in rare cases,
    a hang at shutdown.
    Note: it was highly unlikely to experience real problems with the
    officially provided modules.
  * refactoring of syslog/tcp driver parameter passing
    This has now been generalized to a parameter block, which makes it much cleaner and
    also easier to add new parameters in the future.
  * config script: add re_match_i() and re_extract_i() functions
    This provides case-insensitive regex functionality.
- Upgrade to rsyslog 8.2104.0:
  * rainerscript: call getgrnam_r repeatedly to get all group members  (bsc#1178490)
  * new built-in function get_property() to access property vars
  * mmdblookup: add support for mmdb DB reload on HUP
  * new contributed function module fmunflatten
  * test bugfix: some tests did not work with newer TLS library versions

- Update 'remote.conf' example file to new 'Address' and 'Port' notation. (bsc#1182653)

- Upgrade to rsyslog 8.2102.0:
  * omfwd: add stats counter for sent bytes
  * omfwd: add error reporting configuration option
  * action stats counter bugfix: failure count was not properly incremented
  * action stats counter bugfix: resume count was not incremented
  * omfwd bugfix: segfault or error if port not given
  * lookup table bugfix: data race on lookup table reload
  * testbench modernization
  * testbench: fix invalid sequence of kafka tests runs
  * testbench: fix kafkacat issues
  * testbench: fix year-dependendt clickhouse test

- Upgrade to rsyslog 8.2012.0:
  * testbench bugfix: some tests did not work in make distcheck
  * immark: rewrite with many improvements
  * usability: re-phrase error message to help users better understand cause
  * add new system property $now-unixtimestamp
  * omfwd: add new rate limit option
  * omfwd bug: param 'StreamDriver.PermitExpiredCerts' is not 'off' by default

- prepare usrmerge (bsc#1029961)

- remove legacy stuff from specfile
  * sysvinit is not supported anymore, so remove all tests related to systemv in the specfile

- Upgrade to rsyslog 8.2010.0:
  * gnutls TLS subsystem bugfix: handshake error handling
  * core/msg bugfix: memory leak
  * core/msg bugfix: segfault in jsonPathFindNext() when <root> not an object
  * openssl TLS subsystem: improvments of error and status messages
  * core bugfix: do not create empty JSON objects on non-existent key access
  * gnutls subsysem bugfix: potential hang on session closure
  * core/network bugfix: obey net.enableDNS=off when querying local hostname
  * core bugfix: potential segfault on query of PROGRAMNAME property
  * imtcp bugfix: broken connection not necessariy detected
  * new module: imhttp - http input
  * mmdarwin bugfix: potential zero uuid when reusing existing one
  * imdocker bugfix: build issue on some platforms
  * omudpspoof bugfix: make compatbile with Solaris build
  * testbench fix: python 3 incompatibility
  * core bugfix: segfault if disk-queue file cannot be created
  * cosmetic: fix dummy module name in debug output
  * config bugfix: intended warning emitted as error

- Upgrade to rsyslog 8.2008.0
- Added custom unit file rsyslog.service because systemd service file was removed from upstream project
- Use systemd_ordering instead of requiring to make rsyslog useable in containers.
- Fix the URL for bug reporting, should not point to 'novell.com'. (bsc#1173433)
- Add support for 'omkafka'.
- Avoid build error with gcc flag '-fno-common'. (bsc#1160414)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:58-1
Released:    Wed Jan 12 09:20:23 2022
Summary:     Security update for MozillaThunderbird
Type:        security
Severity:    important
References:  1194020,1194215,CVE-2021-4126,CVE-2021-44538
This update for MozillaThunderbird fixes the following issues:

- Mozilla Thunderbird 91.4.1
- CVE-2021-4126: OpenPGP signature status doesn't consider additional message content. (bsc#1194215)
- CVE-2021-44538: Matrix chat library libolm bundled with Thunderbird vulnerable to a buffer overflow. (bsc#1194020)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:62-1
Released:    Wed Jan 12 14:18:31 2022
Summary:     Security update for openexr
Type:        security
Severity:    important
References:  1194333,CVE-2021-45942
This update for openexr fixes the following issues:

- CVE-2021-45942: Fixed heap-based buffer overflow in Imf_3_1:LineCompositeTask:execute. (bsc#1194333)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:69-1
Released:    Thu Jan 13 15:12:30 2022
Summary:     Security update for libmspack
Type:        security
Severity:    low
References:  1113040,CVE-2018-18586
This update for libmspack fixes the following issues:

- CVE-2018-18586: Fixed directory traversal in chmextract by adding anti '../' and leading slash protection (bsc#1113040).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:70-1
Released:    Thu Jan 13 15:25:27 2022
Summary:     Recommended update for python-configshell-fb
Type:        recommended
Severity:    moderate
References:  
This update for python-configshell-fb fixes the following issues:

- Upgrade to latest upstream version v1.1.29 (jsc#SLE-17360):
  * setup.py: specify a version range for pyparsing
  * setup.py: lets stick to pyparsing v2.4.7
  * Don't warn if prefs file doesn't exist

- Update to version v1.1.28 from v1.1.27 (jsc#SLE-17360):
  * version 1.1.28
  * Ensure that all output reaches the client when daemonized
  * Remove Epydoc markup from command messages
  * Remove epydoc imports and epydoc calls

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:71-1
Released:    Thu Jan 13 15:37:28 2022
Summary:     Recommended update for container-suseconnect
Type:        recommended
Severity:    moderate
References:  

This update for container-suseconnect is a rebuild against updated
go toolchain to ensure an up to date GO runtime.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:84-1
Released:    Mon Jan 17 04:40:30 2022
Summary:     Recommended update for dosfstools
Type:        recommended
Severity:    moderate
References:  1172863,1188401
This update for dosfstools fixes the following issues:

- To be able to create filesystems compatible with previous
  version, add -g command line option to mkfs (bsc#1188401)
- BREAKING CHANGES:
  After fixing of bsc#1172863 in the last update, mkfs started to
  create different images than before. Applications that depend on
  exact FAT file format (e. g. embedded systems) may be broken in
  two ways:
  * The introduction of the alignment may create smaller images
    than before, with a different positions of important image
    elements. It can break existing software that expect images in
    doststools <= 4.1 style.
    To work around these problems, use '-a' command line argument.
  * The new image may contain a different geometry values. Geometry
    sensitive applications expecting doststools <= 4.1 style images
    can fails to accept different geometry values.
    There is no direct work around for this problem. But you can
    take the old image, use 'file -s $IMAGE', check its
    'sectors/track' and 'heads', and use them in the newly
    introduced '-g' command line argument.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:88-1
Released:    Mon Jan 17 13:40:16 2022
Summary:     Security update for ghostscript
Type:        security
Severity:    moderate
References:  1194303,1194304,CVE-2021-45944,CVE-2021-45949
This update for ghostscript fixes the following issues:

- CVE-2021-45944: Fixed use-after-free in sampled_data_sample (bsc#1194303)
- CVE-2021-45949: Fixed heap-based buffer overflow in sampled_data_finish (bsc#1194304)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:96-1
Released:    Tue Jan 18 05:14:44 2022
Summary:     Recommended update for rpm
Type:        recommended
Severity:    important
References:  1180125,1190824,1193711
This update for rpm fixes the following issues:

- Fix header check so that old rpms no longer get rejected (bsc#1190824)
- Add explicit requirement on python-rpm-macros (bsc#1180125, bsc#1193711)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:97-1
Released:    Tue Jan 18 05:15:32 2022
Summary:     Recommended update for log4j12
Type:        recommended
Severity:    important
References:  1193184
This update for log4j12 fixes the following issues:

- Fix 'chainsaw' executable (bsc#1193184)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:100-1
Released:    Tue Jan 18 05:20:03 2022
Summary:     Recommended update for hwdata
Type:        recommended
Severity:    moderate
References:  1194338
This update for hwdata fixes the following issues:

- Update hwdata from version 0.353 to 0.355 which includes updated pci, usb 
  and vendor ids (bsc#1194338)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:104-1
Released:    Tue Jan 18 09:37:01 2022
Summary:     Security update for SDL2
Type:        security
Severity:    important
References:  1181201,1181202,CVE-2020-14409,CVE-2020-14410
This update for SDL2 fixes the following issues:

- CVE-2020-14409: Fixed Integer Overflow resulting in heap corruption in SDL_BlitCopy in video/SDL_blit_copy.c via a crafted .BMP (bsc#1181202).
- CVE-2020-14410: Fixed heap-based buffer over-read in Blit_3or4_to_3or4__inversed_rgb in video/SDL_blit_N.c via a crafted .BMP (bsc#1181201).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:108-1
Released:    Tue Jan 18 11:46:37 2022
Summary:     Security update for java-1_8_0-ibm
Type:        security
Severity:    important
References:  1185055,1188564,1188565,1191902,1191904,1191905,1191909,1191910,1191911,1191913,1191914,1192052,1194198,1194232,CVE-2021-2163,CVE-2021-2341,CVE-2021-2369,CVE-2021-35556,CVE-2021-35559,CVE-2021-35560,CVE-2021-35564,CVE-2021-35565,CVE-2021-35578,CVE-2021-35586,CVE-2021-35588,CVE-2021-41035
This update for java-1_8_0-ibm fixes the following issues:

- Update to Java 8.0 Service Refresh 7 Fix Pack 0
- CVE-2021-41035: before version 0.29.0, the openj9 JVM does not throw IllegalAccessError for MethodHandles that invoke inaccessible interface methods. (bsc#1194198, bsc#1192052)
- CVE-2021-35586: Excessive memory allocation in BMPImageReader. (bsc#1191914)
- CVE-2021-35564: Certificates with end dates too far in the future can corrupt keystore. (bsc#1191913)
- CVE-2021-35559: Excessive memory allocation in RTFReader. (bsc#1191911)
- CVE-2021-35556: Excessive memory allocation in RTFParser. (bsc#1191910)
- CVE-2021-35565: Loop in HttpsServer triggered during TLS session close. (bsc#1191909) 
- CVE-2021-35588: Incomplete validation of inner class references in ClassFileParser. (bsc#1191905)
- CVE-2021-2341: Fixed a flaw inside the FtpClient. (bsc#1188564)
- CVE-2021-2369: JAR file handling problem containing multiple MANIFEST.MF files. (bsc#1188565)
- CVE-2021-2163: Incomplete enforcement of JAR signing disabled algorithms. (bsc#1185055)
- CVE-2021-35560: Fixed a vulnerability in the component Deployment. (bsc#1191902)
- CVE-2021-35578: Fixed unexpected exception raised during TLS handshake. (bsc#1191904)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:111-1
Released:    Tue Jan 18 13:03:07 2022
Summary:     Security update for virglrenderer
Type:        security
Severity:    important
References:  1194601,CVE-2022-0175
This update for virglrenderer fixes the following issues:

- CVE-2022-0175: Fixed missing initialization of res->ptr (bsc#1194601).

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2022:122-1
Released:    Tue Jan 18 17:56:11 2022
Summary:     Feature update for zxing-cpp
Type:        feature
Severity:    moderate
References:  1158377,1180479,1181915,1183655,1187982,1189813
This feature update for zxing-cpp fixes the following issues:

Update LibreOffice from version 7.1.4.2 to 7.2.3.2 (jsc#SLE-18214):

- Fix UI scaling on HIDPI Wayland/KDE screens
- Fix gtk popover usage on gtk 3.20 for SUSE Linux Enterprise 12
- Fix inteaction between multi-column shape text and automatic height. (bsc#1187982)
- Fix interaction of transparent cell fill and transparent shadow. (bsc#1189813)
- Use external `poppler` version 21.01.0 (jsc#SLE-18214)
- Use external `CMIS` version 0.5.2
- Update external `boost` to version 1.75.0
- Update external `pdfium` to version 4500
- Update external `skia` to version `m90`
- Do not use `qrcodegen-devel` but move to `zxing-cpp` (jsc#SLE-18214)
- Keep upstream desktop file names (bsc#1183655) 
- Display math icon (bsc#1180479)
- Source `profile.d/alljava.sh` from either `/etc` (if found) or `/usr/etc`.


Provide `zxing-cpp` 1.2.0 as new LibreOffice dependency. (jsc#SLE-18214)

- Do not build examples to avoid a cycle with `QT5Multimedia`
- Use `cmake3-full` package instead of `cmake` on SUSE Linux Enterprise 12
- Do not build examples on SUSE Linux Enterprise 12
- Only build blackbox tests on openSUSE Tumbleweed
- New `BarcodeFormat`
- New ZXingQtCamReader demo app based on `QtMultimedia` and `QtQuick`
- New QRCode reader, faster and better support for rotated symbols
- Add `Structured Append` support for `DataMatrix`, `Aztec` and `MaxiCode`
- Add `DMRE` support for `DataMatrix`
- Switch to the reimplemented 1D detectors, about 5x faster
- Faster and more capable `isPure` detection for all 2D codes
- 20% faster `ReedSolomon` error correction.
- `ReedSolomon` error detection code 2x speedup.
- PDF417 is faster and supports flipped symbols
- Reduced false positive rate for `UPC/EAN` barcodes and improved Add-On symbol handling
- Fix country-code metadata decoding for UPC/EAN codes.
- Proper ECI handling in all 2D barcodes
- Add baselibs.conf
- Many performance improvements for 1D readers
- More meta-data exported when reading specific format
- Improve DataMatrix encoder
- Add interface to simplify basic usage
- WASM API to support pixels array as input
- `LuminanceSource` based API is now deprecated but still compiles.
- New BarcodeFormats flag type to specify the set of barcodes to look for.
- New simplified and consistent Python API
- Slightly improved QRCode detection for rotated symbols.
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:123-1
Released:    Wed Jan 19 05:02:35 2022
Summary:     Recommended update for fetchmail
Type:        recommended
Severity:    important
References:  1194203
This update for fetchmail fixes the following issues:

- Always create fetchmail group, even if the user is already 
  present, as a leftover from Leap 15.2 upgrade. This may happen 
  also if user is messing with groups/users directly or upgrading 
  from even an older fetchmail versions (bsc#1194203) 

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:127-1
Released:    Wed Jan 19 11:11:41 2022
Summary:     Recommended update for obs-service-docker_label_helper
Type:        recommended
Severity:    moderate
References:  1193429
This update for obs-service-docker_label_helper fixes the following issues:

- Support new syntax which makes Dockerfiles compatible with plain Docker/podman build.
  The new syntax uses  entry/exit point to determine whether labels should be expanded.
  Doing so makes the Dockerfile compatible with standard `docker build` and `podman build` command.
  (bsc#1193429)
- Retain compatibility with old syntax. Update documentation
- Improve summary, description and README.md a bit
- Improve regexp instead of having two as proposed by Fabian Vogt

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:136-1
Released:    Thu Jan 20 10:06:10 2022
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    important
References:  1194547,CVE-2021-4140,CVE-2022-22737,CVE-2022-22738,CVE-2022-22739,CVE-2022-22740,CVE-2022-22741,CVE-2022-22742,CVE-2022-22743,CVE-2022-22744,CVE-2022-22745,CVE-2022-22746,CVE-2022-22747,CVE-2022-22748,CVE-2022-22751
This update for MozillaFirefox fixes the following issues:

- CVE-2021-4140: Fixed iframe sandbox bypass with XSLT (bsc#1194547).
- CVE-2022-22737: Fixed race condition when playing audio files (bsc#1194547).
- CVE-2022-22738: Fixed heap-buffer-overflow in blendGaussianBlur (bsc#1194547).
- CVE-2022-22739: Fixed missing throttling on external protocol launch dialog (bsc#1194547).
- CVE-2022-22740: Fixed use-after-free of ChannelEventQueue::mOwner (bsc#1194547).
- CVE-2022-22741: Fixed browser window spoof using fullscreen mode (bsc#1194547).
- CVE-2022-22742: Fixed out-of-bounds memory access when inserting text in edit mode (bsc#1194547).
- CVE-2022-22743: Fixed browser window spoof using fullscreen mode (bsc#1194547).
- CVE-2022-22744: Fixed possible command injection via the 'Copy as curl' feature in DevTools (bsc#1194547).
- CVE-2022-22745: Fixed leaking cross-origin URLs through securitypolicyviolation event (bsc#1194547).
- CVE-2022-22746: Fixed calling into reportValidity could have lead to fullscreen window spoof (bsc#1194547).
- CVE-2022-22747: Fixed crash when handling empty pkcs7 sequence(bsc#1194547).
- CVE-2022-22748: Fixed spoofed origin on external protocol launch dialog (bsc#1194547).
- CVE-2022-22751: Fixed memory safety bugs (bsc#1194547).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:143-1
Released:    Thu Jan 20 14:32:30 2022
Summary:     Recommended update for java-11-openjdk
Type:        recommended
Severity:    moderate
References:  1193314
This update for java-11-openjdk fixes the following issues:

- Java Cryptography was always operating in FIPS mode if crypto-policies was not used.
- Allow plain key import in fips mode unless 'com.suse.fips.plainKeySupport' is set to false

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:147-1
Released:    Thu Jan 20 17:41:29 2022
Summary:     Recommended update for obs-service-format_spec_file
Type:        recommended
Severity:    moderate
References:  
This update for obs-service-format_spec_file fixes the following issues:

obs-service-format_spec_file:

Update obs-service-format_spec_file from version 20191114 to version 20211115:

- Sync license identifiers from SPDX (spdx.org). (jsc#SLE-18915)
- Be more wary on usage of macros in Tags
- Do not Cache Source.* but only Source[0-9]*
- Stop pretending we can guess what the spec file is for
- Avoid deep recursion in merge_comments
- Allow to override date
- Split out final comments in description
- Make a special exception for short %p* snippets
- Also split Conflict headers
- Keep the old require sorting
- Improve the performance of reorder_tags
- Fix merge_comments
- Do not split %if and section start
- Support multiline copyrights (for Firefox)
- Simplify how to calculate the `base_package`
- Split tag values of certain tags
- Be careful with macros that appear between tags
- Replace SPDX mapper with an advanced version
- Fix merging empty sections
- Allow before lines to commented tags
- Keep comments close to the original line
- Review some deltas in the test suites that are acceptable for now
- Parse more into the description - basically everything for now
- Fix Release tag
- Add an empty line before each section
- Reorder tags that are below each other
- Fix whitespace
- Add test cases for spec-file cleaner (with current output)
- Use perltidy like Cavil
- Remove patch_license - old helper script for mass migration
- Only parse Provides in Header section
- Trim all trailing whitespace - including \r
- Fix copyright year to 2012 in the test cases
- Fetch licenses from JSON and remove + variants
- Fetch exceptions from JSON
- prepare_spec handle the case where License/Group are in a if/else/endif

rpmlint:

- Rebuild rpmlint with the new obs-service-format_spec_file.

rpmlint-mini:

- BuildRequires `python-rpm-macros` since the `py3_ver` macro is now considered obsolete in `python3-base`.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:150-1
Released:    Fri Jan 21 11:24:43 2022
Summary:     Security update for aide
Type:        security
Severity:    important
References:  1194735,CVE-2021-45417
This update for aide fixes the following issues:

- CVE-2021-45417: Fix a bufferoverflow in base64 functions (bsc#1194735)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:151-1
Released:    Fri Jan 21 12:40:52 2022
Summary:     Security update for bind
Type:        security
Severity:    moderate
References:  1192146,CVE-2021-25219
This update for bind fixes the following issues:

- CVE-2021-25219: Fixed flaw that allowed abusing lame cache to severely degrade resolver performance (bsc#1192146).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:157-1
Released:    Mon Jan 24 10:10:38 2022
Summary:     Security update for zxing-cpp
Type:        security
Severity:    important
References:  1191743,1191942,1191944,CVE-2021-28021,CVE-2021-42715,CVE-2021-42716
This update for zxing-cpp fixes the following issues:

- CVE-2021-28021: Fixed buffer overflow vulnerability in function stbi__extend_receive in stb_image.h via a crafted JPEG file. (bsc#1191743).
- CVE-2021-42715: Fixed buffer overflow in stb_image PNM loader (bsc#1191942).
- CVE-2021-42716: Fixed denial of service in stb_image HDR loader when reading crafted HDR files (bsc#1191944).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:158-1
Released:    Mon Jan 24 10:42:05 2022
Summary:     Recommended update for cloud-regionsrv-client
Type:        recommended
Severity:    important
References:  1182026
This update for cloud-regionsrv-client fixes the following issues:

- Follow up changes to (jsc#PCT-130, bsc#1182026)
  + Fix executable name for AHB service/timer
  + Update manpage for BYOS instance registration

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:167-1
Released:    Mon Jan 24 18:16:24 2022
Summary:     Recommended update for cloud-netconfig
Type:        recommended
Severity:    moderate
References:  1187939
This update for cloud-netconfig fixes the following issues:

- Update to version 1.6:
  + Ignore proxy when accessing metadata (bsc#1187939)
  + Print warning in case metadata is not accessible
  + Documentation update

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:170-1
Released:    Tue Jan 25 11:22:10 2022
Summary:     Recommended update for python3-azuremetadata
Type:        recommended
Severity:    important
References:  1175609,1175610,1194663
This update for python3-azuremetadata fixes the following issues:

- Version 5.1.5 (bsc#1194663)
  + Handle lsblk output format change. The json data now contains
    'mountpoints' instead of 'mountpoint'

  + Use versions endpoint to list the available versions
  + Add bypass proxy
  + Update way to check classic vms  

- Fix provides directive (bsc#1175609, bsc#1175610)
  + The provides directive must set a version or update does not work
    as expected
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:176-1
Released:    Tue Jan 25 14:12:47 2022
Summary:     Security update for unbound
Type:        security
Severity:    important
References:  1076963,1112009,1112033,1179191,1185382,1185383,1185384,1185385,1185386,1185387,1185388,1185389,1185390,1185391,1185392,1185393,CVE-2019-25031,CVE-2019-25032,CVE-2019-25033,CVE-2019-25034,CVE-2019-25035,CVE-2019-25036,CVE-2019-25037,CVE-2019-25038,CVE-2019-25039,CVE-2019-25040,CVE-2019-25041,CVE-2019-25042,CVE-2020-28935
This update for unbound fixes the following issues:

- CVE-2019-25031: Fixed configuration injection in create_unbound_ad_servers.sh upon a successful man-in-the-middle attack (bsc#1185382).
- CVE-2019-25032: Fixed integer overflow in the regional allocator via regional_alloc (bsc#1185383).
- CVE-2019-25033: Fixed integer overflow in the regional allocator via the ALIGN_UP macro (bsc#1185384).
- CVE-2019-25034: Fixed integer overflow in sldns_str2wire_dname_buf_origin, leading to an out-of-bounds write (bsc#1185385).
- CVE-2019-25035: Fixed out-of-bounds write in sldns_bget_token_par (bsc#1185386).
- CVE-2019-25036: Fixed assertion failure and denial of service in synth_cname (bsc#1185387).
- CVE-2019-25037: Fixed assertion failure and denial of service in dname_pkt_copy via an invalid packet (bsc#1185388).
- CVE-2019-25038: Fixed integer overflow in a size calculation in dnscrypt/dnscrypt.c (bsc#1185389).
- CVE-2019-25039: Fixed integer overflow in a size calculation in respip/respip.c (bsc#1185390).
- CVE-2019-25040: Fixed infinite loop via a compressed name in dname_pkt_copy (bsc#1185391).
- CVE-2019-25041: Fixed assertion failure via a compressed name in dname_pkt_copy (bsc#1185392).
- CVE-2019-25042: Fixed out-of-bounds write via a compressed name in rdata_copy (bsc#1185393).
- CVE-2020-28935: Fixed symbolic link traversal when writing PID file (bsc#1179191).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:184-1
Released:    Tue Jan 25 18:20:56 2022
Summary:     Security update for json-c
Type:        security
Severity:    important
References:  1171479,CVE-2020-12762
This update for json-c fixes the following issues:

- CVE-2020-12762: Fixed integer overflow and out-of-bounds write. (bsc#1171479)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:188-1
Released:    Tue Jan 25 19:02:57 2022
Summary:     Recommended update for hunspell
Type:        recommended
Severity:    moderate
References:  1193627
This update for hunspell fixes the following issues:

- Fix myspell english dictionary not being installed (bsc#1193627)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:199-1
Released:    Wed Jan 26 09:36:05 2022
Summary:     Security update for MozillaThunderbird
Type:        security
Severity:    important
References:  1194547,CVE-2021-4140,CVE-2022-22737,CVE-2022-22738,CVE-2022-22739,CVE-2022-22740,CVE-2022-22741,CVE-2022-22742,CVE-2022-22743,CVE-2022-22744,CVE-2022-22745,CVE-2022-22746,CVE-2022-22747,CVE-2022-22748,CVE-2022-22751
This update for MozillaThunderbird fixes the following issues:

- CVE-2021-4140: Fixed Iframe sandbox bypass with XSLT (bsc#1194547).
- CVE-2022-22737: Fixed race condition when playing audio files (bsc#1194547).
- CVE-2022-22738: Fixed heap-buffer-overflow in blendGaussianBlur (bsc#1194547).
- CVE-2022-22739: Fixed missing throttling on external protocol launch dialog (bsc#1194547).
- CVE-2022-22740: Fixed use-after-free of ChannelEventQueue::mOwner (bsc#1194547).
- CVE-2022-22741: Fixed browser window spoof using fullscreen mode (bsc#1194547).
- CVE-2022-22742: Fixed out-of-bounds memory access when inserting text in edit mode (bsc#1194547).
- CVE-2022-22743: Fixed browser window spoof using fullscreen mode (bsc#1194547).
- CVE-2022-22744: Fixed possible command injection via the 'Copy as curl' feature in DevTools (bsc#1194547).
- CVE-2022-22745: Fixed leaking cross-origin URLs through securitypolicyviolation event (bsc#1194547).
- CVE-2022-22746: Fixed calling into reportValidity could have lead to fullscreen window spoof (bsc#1194547).
- CVE-2022-22747: Fixed crash when handling empty pkcs7 sequence(bsc#1194547).
- CVE-2022-22748: Fixed spoofed origin on external protocol launch dialog (bsc#1194547).
- CVE-2022-22751: Fixed memory safety bugs (bsc#1194547).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:203-1
Released:    Wed Jan 26 14:13:45 2022
Summary:     Recommended update for cloud-init
Type:        recommended
Severity:    important
References:  1186004
This update for cloud-init fixes the following issues:

- Update to version 21.2 (bsc#1186004)
  +  Add \r\n check for SSH keys in Azure (#889)
  +  Revert 'Add support to resize rootfs if using LVM (#721)' (#887)
     (LP: #1922742)
  +  Add Vultaire as contributor (#881) [Paul Goins]
  +  Azure: adding support for consuming userdata from IMDS (#884) [Anh Vo]
  +  test_upgrade: modify test_upgrade_package to run for more sources (#883)
  +  Fix chef module run failure when chef_license is set (#868) [Ben Hughes]
  +  Azure: Retry net metadata during nic attach for non-timeout errs (#878)
     [aswinrajamannar]
  +  Azure: Retrieve username and hostname from IMDS (#865) [Thomas Stringer]
  +  Azure: eject the provisioning iso before reporting ready (#861) [Anh Vo]
  +  Use `partprobe` to re-read partition table if available (#856)
     [Nicolas Bock] (LP: #1920939)
  +  fix error on upgrade caused by new vendordata2 attributes (#869)
     (LP: #1922739)
  +  add prefer_fqdn_over_hostname config option (#859)
     [hamalq] (LP: #1921004)
  +  Emit dots on travis to avoid timeout (#867)
  +  doc: Replace remaining references to user-scripts as a config module
     (#866) [Ryan Harper]
  +  azure: Removing ability to invoke walinuxagent (#799) [Anh Vo]
  +  Add Vultr support (#827) [David Dymko]
  +  Fix unpickle for source paths missing run_dir (#863)
     [lucasmoura] (LP: #1899299)
  +  sysconfig: use BONDING_MODULE_OPTS on SUSE (#831) [Jens Sandmann]
  +  bringup_static_routes: fix gateway check (#850) [Petr Fedchenkov]
  +  add hamalq user (#860) [hamalq]
  +  Add support to resize rootfs if using LVM (#721)
     [Eduardo Otubo] (LP: #1799953)
  +  Fix mis-detecting network configuration in initramfs cmdline (#844)
     (LP: #1919188)
  +  tools/write-ssh-key-fingerprints: do not display empty header/footer
     (#817) [dermotbradley]
  +  Azure helper: Ensure Azure http handler sleeps between retries (#842)
     [Johnson Shi]
  +  Fix chef apt source example (#826) [timothegenzmer]
  +  .travis.yml: generate an SSH key before running tests (#848)
  +  write passwords only to serial console, lock down cloud-init-output.log
     (#847) (LP: #1918303)
  +  Fix apt default integration test (#845)
  +  integration_tests: bump pycloudlib dependency (#846)
  +  Fix stack trace if vendordata_raw contained an array (#837) [eb3095]
  +  archlinux: Fix broken locale logic (#841)
     [Kristian Klausen] (LP: #1402406)
  +  Integration test for #783 (#832)
  +  integration_tests: mount more paths IN_PLACE (#838)
  +  Fix requiring device-number on EC2 derivatives (#836) (LP: #1917875)
  +  Remove the vi comment from the part-handler example (#835)
  +  net: exclude OVS internal interfaces in get_interfaces (#829)
     (LP: #1912844)
  +  tox.ini: pass OS_* environment variables to integration tests (#830)
  +  integration_tests: add OpenStack as a platform (#804)
  +  Add flexibility to IMDS api-version (#793) [Thomas Stringer]
  +  Fix the TestApt tests using apt-key on Xenial and Hirsute (#823)
     [Paride Legovini] (LP: #1916629)
  +  doc: remove duplicate 'it' from nocloud.rst (#825) [V.I. Wood]
  +  archlinux: Use hostnamectl to set the transient hostname (#797)
     [Kristian Klausen]
  +  cc_keys_to_console.py: Add documentation for recently added config key
     (#824) [dermotbradley]
  +  Update cc_set_hostname documentation (#818) [Toshi Aoyama]
From 21.1
  +  Azure: Support for VMs without ephemeral resource disks. (#800)
     [Johnson Shi] (LP: #1901011)
  +  cc_keys_to_console: add option to disable key emission (#811)
     [Michael Hudson-Doyle] (LP: #1915460)
  +  integration_tests: introduce lxd_use_exec mark (#802)
  +  azure: case-insensitive UUID to avoid new IID during kernel upgrade
     (#798) (LP: #1835584)
  +  stale.yml: don't ask submitters to reopen PRs (#816)
  +  integration_tests: fix use of SSH agent within tox (#815)
  +  integration_tests: add UPGRADE CloudInitSource (#812)
  +  integration_tests: use unique MAC addresses for tests (#813)
  +  Update .gitignore (#814)
  +  Port apt cloud_tests to integration tests (#808)
  +  integration_tests: fix test_gh626 on LXD VMs (#809)
  +  Fix attempting to decode binary data in test_seed_random_data test (#806)
  +  Remove wait argument from tests with session_cloud calls (#805)
  +  Datasource for UpCloud (#743) [Antti Myyrä]
  +  test_gh668: fix failure on LXD VMs (#801)
  +  openstack: read the dynamic metadata group vendor_data2.json (#777)
     [Andrew Bogott] (LP: #1841104)
  +  includedir in suoders can be prefixed by 'arroba' (#783)
     [Jordi Massaguer Pla]
  +  [VMware] change default max wait time to 15s (#774) [xiaofengw-vmware]
  +  Revert integration test associated with reverted #586 (#784)
  +  Add jordimassaguerpla as contributor (#787) [Jordi Massaguer Pla]
  +  Add Rick Harding to CLA signers (#792) [Rick Harding]
  +  HACKING.rst: add clarifying note to LP CLA process section (#789)
  +  Stop linting cloud_tests (#791)
  +  cloud-tests: update cryptography requirement (#790) [Joshua Powers]
  +  Remove 'remove-raise-on-failure' calls from integration_tests (#788)
  +  Use more cloud defaults in integration tests (#757)
  +  Adding self to cla signers (#776) [Andrew Bogott]
  +  doc: avoid two warnings (#781) [Dan Kenigsberg]
  +  Use proper spelling for Red Hat (#778) [Dan Kenigsberg]
  +  Add antonyc to .github-cla-signers (#747) [Anton Chaporgin]
  +  integration_tests: log image serial if available (#772)
  +  [VMware] Support cloudinit raw data feature (#691) [xiaofengw-vmware]
  +  net: Fix static routes to host in eni renderer (#668) [Pavel Abalikhin]
  +  .travis.yml: don't run cloud_tests in CI (#756)
  +  test_upgrade: add some missing commas (#769)
  +  cc_seed_random: update documentation and fix integration test (#771)
     (LP: #1911227)
  +  Fix test gh-632 test to only run on NoCloud (#770) (LP: #1911230)
  +  archlinux: fix package upgrade command handling (#768) [Bao Trinh]
  +  integration_tests: add integration test for LP: #1910835 (#761)
  +  Fix regression with handling of IMDS ssh keys (#760) [Thomas Stringer]
  +  integration_tests: log cloud-init version in SUT (#758)
  +  Add ajmyyra as contributor (#742) [Antti Myyrä]
  +  net_convert: add some missing help text (#755)
  +  Missing IPV6_AUTOCONF=no to render sysconfig dhcp6 stateful on RHEL
     (#753) [Eduardo Otubo]
  +  doc: document missing IPv6 subnet types (#744) [Antti Myyrä]
  +  Add example configuration for datasource `AliYun` (#751) [Xiaoyu Zhong]
  +  integration_tests: add SSH key selection settings (#754)
  +  fix a typo in man page cloud-init.1 (#752) [Amy Chen]
  +  network-config-format-v2.rst: add Netplan Passthrough section (#750)
  +  stale: re-enable post holidays (#749)
  +  integration_tests: port ca_certs tests from cloud_tests (#732)
  +  Azure: Add telemetry for poll IMDS (#741) [Johnson Shi]
  +  doc: move testing section from HACKING to its own doc (#739)
  +  No longer allow integration test failures on travis (#738)
  +  stale: fix error in definition (#740)
  +  integration_tests: set log-cli-level to INFO by default (#737)
  +  PULL_REQUEST_TEMPLATE.md: use backticks around commit message (#736)
  +  stale: disable check for holiday break (#735)
  +  integration_tests: log the path we collect logs into (#733)
  +  .travis.yml: add (most) supported Python versions to CI (#734)
  +  integration_tests: fix IN_PLACE CLOUD_INIT_SOURCE (#731)
  +  cc_ca_certs: add RHEL support (#633) [cawamata]
  +  Azure: only generate config for NICs with addresses (#709)
     [Thomas Stringer]
  +  doc: fix CloudStack configuration example (#707) [Olivier Lemasle]
  +  integration_tests: restrict test_lxd_bridge appropriately (#730)
  +  Add integration tests for CLI functionality (#729)
  +  Integration test for gh-626 (#728)
  +  Some test_upgrade fixes (#726)
  +  Ensure overriding test vars with env vars works for booleans (#727)
  +  integration_tests: port lxd_bridge test from cloud_tests (#718)
  +  Integration test for gh-632. (#725)
  +  Integration test for gh-671 (#724)
  +  integration-requirements.txt: bump pycloudlib commit (#723)
  +  Drop unnecessary shebang from cmd/main.py (#722) [Eduardo Otubo]
  +  Integration test for LP: #1813396 and #669 (#719)
  +  integration_tests: include timestamp in log output (#720)
  +  integration_tests: add test for LP: #1898997 (#713)
  +  Add integration test for power_state_change module (#717)
  +  Update documentation for network-config-format-v2 (#701) [ggiesen]
  +  sandbox CA Cert tests to not require ca-certificates (#715)
     [Eduardo Otubo]
  +  Add upgrade integration test (#693)
  +  Integration test for 570 (#712)
  +  Add ability to keep snapshotted images in integration tests (#711)
  +  Integration test for pull #586 (#706)
  +  integration_tests: introduce skipping of tests by OS (#702)
  +  integration_tests: introduce IntegrationInstance.restart (#708)
  +  Add lxd-vm to list of valid integration test platforms (#705)
  +  Adding BOOTPROTO = dhcp to render sysconfig dhcp6 stateful on RHEL
     (#685) [Eduardo Otubo]
  +  Delete image snapshots created for integration tests (#682)
  +  Parametrize ssh_keys_provided integration test (#700) [lucasmoura]
  +  Drop use_sudo attribute on IntegrationInstance (#694) [lucasmoura]
  +  cc_apt_configure: add riscv64 as a ports arch (#687)
     [Dimitri John Ledkov]
  +  cla: add xnox (#692) [Dimitri John Ledkov]
  +  Collect logs from integration test runs (#675)
From 20.4.1
  +  Revert 'ssh_util: handle non-default AuthorizedKeysFile config (#586)'
From 20.4
  +  tox: avoid tox testenv subsvars for xenial support (#684)
  +  Ensure proper root permissions in integration tests (#664) [James Falcon]
  +  LXD VM support in integration tests (#678) [James Falcon]
  +  Integration test for fallocate falling back to dd (#681) [James Falcon]
  +  .travis.yml: correctly integration test the built .deb (#683)
  +  Ability to hot-attach NICs to preprovisioned VMs before reprovisioning
     (#613) [aswinrajamannar]
  +  Support configuring SSH host certificates. (#660) [Jonathan Lung]
  +  add integration test for LP: #1900837 (#679)
  +  cc_resizefs on FreeBSD: Fix _can_skip_ufs_resize (#655)
     [Mina Galić] (LP: #1901958, #1901958)
  +  DataSourceAzure: push dmesg log to KVP (#670) [Anh Vo]
  +  Make mount in place for tests work (#667) [James Falcon]
  +  integration_tests: restore emission of settings to log (#657)
  +  DataSourceAzure: update password for defuser if exists (#671) [Anh Vo]
  +  tox.ini: only select 'ci' marked tests for CI runs (#677)
  +  Azure helper: Increase Azure Endpoint HTTP retries (#619) [Johnson Shi]
  +  DataSourceAzure: send failure signal on Azure datasource failure (#594)
     [Johnson Shi]
  +  test_persistence: simplify VersionIsPoppedFromState (#674)
  +  only run a subset of integration tests in CI (#672)
  +  cli: add  + -system param to allow validating system user-data on a
     machine (#575)
  +  test_persistence: add VersionIsPoppedFromState test (#673)
  +  introduce an upgrade framework and related testing (#659)
  +  add  + -no-tty option to gpg (#669) [Till Riedel] (LP: #1813396)
  +  Pin pycloudlib to a working commit (#666) [James Falcon]
  +  DataSourceOpenNebula: exclude SRANDOM from context output (#665)
  +  cloud_tests: add hirsute release definition (#662)
  +  split integration and cloud_tests requirements (#652)
  +  faq.rst: add warning to answer that suggests running `clean` (#661)
  +  Fix stacktrace in DataSourceRbxCloud if no metadata disk is found (#632)
     [Scott Moser]
  +  Make wakeonlan Network Config v2 setting actually work (#626)
     [dermotbradley]
  +  HACKING.md: unify network-refactoring namespace (#658) [Mina Galić]
  +  replace usage of dmidecode with kenv on FreeBSD (#621) [Mina Galić]
  +  Prevent timeout on travis integration tests. (#651) [James Falcon]
  +  azure: enable pushing the log to KVP from the last pushed byte  (#614)
     [Moustafa Moustafa]
  +  Fix launch_kwargs bug in integration tests (#654) [James Falcon]
  +  split read_fs_info into linux & freebsd parts (#625) [Mina Galić]
  +  PULL_REQUEST_TEMPLATE.md: expand commit message section (#642)
  +  Make some language improvements in growpart documentation (#649)
     [Shane Frasier]
  +  Revert '.travis.yml: use a known-working version of lxd (#643)' (#650)
  +  Fix not sourcing default 50-cloud-init ENI file on Debian (#598)
     [WebSpider]
  +  remove unnecessary reboot from gpart resize (#646) [Mina Galić]
  +  cloudinit: move dmi functions out of util (#622) [Scott Moser]
  +  integration_tests: various launch improvements (#638)
  +  test_lp1886531: don't assume /etc/fstab exists (#639)
  +  Remove Ubuntu restriction from PR template (#648) [James Falcon]
  +  util: fix mounting of vfat on *BSD (#637) [Mina Galić]
  +  conftest: improve docstring for disable_subp_usage (#644)
  +  doc: add example query commands to debug Jinja templates (#645)
  +  Correct documentation and testcase data for some user-data YAML (#618)
     [dermotbradley]
  +  Hetzner: Fix instance_id / SMBIOS serial comparison (#640)
     [Markus Schade]
  +  .travis.yml: use a known-working version of lxd (#643)
  +  tools/build-on-freebsd: fix comment explaining purpose of the script
     (#635) [Mina Galić]
  +  Hetzner: initialize instance_id from system-serial-number (#630)
     [Markus Schade] (LP: #1885527)
  +  Explicit set IPV6_AUTOCONF and IPV6_FORCE_ACCEPT_RA on static6 (#634)
     [Eduardo Otubo]
  +  get_interfaces: don't exclude Open vSwitch bridge/bond members (#608)
     [Lukas Märdian] (LP: #1898997)
  +  Add config modules for controlling IBM PowerVM RMC. (#584)
     [Aman306] (LP: #1895979)
  +  Update network config docs to clarify MAC address quoting (#623)
     [dermotbradley]
  +  gentoo: fix hostname rendering when value has a comment (#611)
     [Manuel Aguilera]
  +  refactor integration testing infrastructure (#610) [James Falcon]
  +  stages: don't reset permissions of cloud-init.log every boot (#624)
     (LP: #1900837)
  +  docs: Add how to use cloud-localds to boot qemu (#617) [Joshua Powers]
  +  Drop vestigial update_resolve_conf_file function (#620) [Scott Moser]
  +  cc_mounts: correctly fallback to dd if fallocate fails (#585)
     (LP: #1897099)
  +  .travis.yml: add integration-tests to Travis matrix (#600)
  +  ssh_util: handle non-default AuthorizedKeysFile config (#586)
     [Eduardo Otubo]
  +  Multiple file fix for AuthorizedKeysFile config (#60) [Eduardo Otubo]
  +  bddeb: new  + -packaging-branch argument to pull packaging from branch
     (#576) [Paride Legovini]
  +  Add more integration tests (#615) [lucasmoura]
  +  DataSourceAzure: write marker file after report ready in preprovisioning
     (#590) [Johnson Shi]
  +  integration_tests: emit settings to log during setup (#601)
  +  integration_tests: implement citest tests run in Travis (#605)
  +  Add Azure support to integration test framework (#604) [James Falcon]
  +  openstack: consider product_name as valid chassis tag (#580)
     [Adrian Vladu] (LP: #1895976)
  +  azure: clean up and refactor report_diagnostic_event (#563) [Johnson Shi]
  +  net: add the ability to blacklist network interfaces based on driver
     during enumeration of physical network devices (#591) [Anh Vo]
  +  integration_tests: don't error on cloud-init failure (#596)
  +  integration_tests: improve cloud-init.log assertions (#593)
  +  conftest.py: remove top-level import of httpretty (#599)
  +  tox.ini: add integration-tests testenv definition (#595)
  +  PULL_REQUEST_TEMPLATE.md: empty checkboxes need a space (#597)
  +  add integration test for LP: #1886531 (#592)
  +  Initial implementation of integration testing infrastructure (#581)
     [James Falcon]
  +  Fix name of ntp and chrony service on CentOS and RHEL. (#589)
     [Scott Moser] (LP: #1897915)
  +  Adding a PR template (#587) [James Falcon]
  +  Azure parse_network_config uses fallback cfg when generate IMDS network
     cfg fails (#549) [Johnson Shi]
  +  features: refresh docs for easier out-of-context reading (#582)
  +  Fix typo in resolv_conf module's description (#578) [Wacław Schiller]
  +  cc_users_groups: minor doc formatting fix (#577)
  +  Fix typo in disk_setup module's description (#579) [Wacław Schiller]
  +  Add vendor-data support to seedfrom parameter for NoCloud and OVF (#570)
     [Johann Queuniet]
  +  boot.rst: add First Boot Determination section (#568) (LP: #1888858)
  +  opennebula.rst: minor readability improvements (#573) [Mina Galić]
  +  cloudinit: remove unused LOG variables (#574)
  +  create a shutdown_command method in distro classes (#567)
     [Emmanuel Thomé]
  +  user_data: remove unused constant (#566)
  +  network: Fix type and respect name when rendering vlan in
     sysconfig. (#541) [Eduardo Otubo] (LP: #1788915, #1826608)
  +  Retrieve SSH keys from IMDS first with OVF as a fallback (#509)
     [Thomas Stringer]
  +  Add jqueuniet as contributor (#569) [Johann Queuniet]
  +  distros: minor typo fix (#562)
  +  Bump the integration-requirements versioned dependencies (#565)
     [Paride Legovini]
  +  network-config-format-v1: fix typo in nameserver example (#564)
     [Stanislas]
  +  Run cloud-init-local.service after the hv_kvp_daemon (#505)
     [Robert Schweikert]
  +  Add method type hints for Azure helper (#540) [Johnson Shi]
  +  systemd: add Before=shutdown.target when Conflicts=shutdown.target is
     used (#546) [Paride Legovini]
  +  LXD: detach network from profile before deleting it (#542)
     [Paride Legovini] (LP: #1776958)
  +  redhat spec: add missing BuildRequires (#552) [Paride Legovini]
  +  util: remove debug statement (#556) [Joshua Powers]
  +  Fix cloud config on chef example (#551) [lucasmoura]
From 20.3
  +  Azure: Add netplan driver filter when using hv_netvsc driver (#539)
     [James Falcon] (LP: #1830740)
  +  query: do not handle non-decodable non-gzipped content (#543)
  +  DHCP sandboxing failing on noexec mounted /var/tmp (#521) [Eduardo Otubo]
  +  Update the list of valid ssh keys. (#487)
     [Ole-Martin Bratteng] (LP: #1877869)
  +  cmd: cloud-init query to handle compressed userdata (#516) (LP: #1889938)
  +  Pushing cloud-init log to the KVP (#529) [Moustafa Moustafa]
  +  Add Alpine Linux support. (#535) [dermotbradley]
  +  Detect kernel version before swap file creation (#428) [Eduardo Otubo]
  +  cli: add devel make-mime subcommand (#518)
  +  user-data: only verify mime-types for TYPE_NEEDED and x-shellscript
     (#511) (LP: #1888822)
  +  DataSourceOracle: retry twice (and document why we retry at all) (#536)
  +  Refactor Azure report ready code (#468) [Johnson Shi]
  +  tox.ini: pin correct version of httpretty in xenial{,-dev} envs (#531)
  +  Support Oracle IMDSv2 API (#528) [James Falcon]
  +  .travis.yml: run a doc build during CI (#534)
  +  doc/rtd/topics/datasources/ovf.rst: fix doc8 errors (#533)
  +  Fix 'Users and Groups' configuration documentation (#530) [sshedi]
  +  cloudinit.distros: update docstrings of add_user and create_user (#527)
  +  Fix headers for device types in network v2 docs (#532)
     [Caleb Xavier Berger]
  +  Add AlexBaranowski as contributor (#508) [Aleksander Baranowski]
  +  DataSourceOracle: refactor to use only OPC v1 endpoint (#493)
  +  .github/workflows/stale.yml: s/Josh/Rick/ (#526)
  +  Fix a typo in apt pipelining module (#525) [Xiao Liang]
  +  test_util: parametrize devlist tests (#523) [James Falcon]
  +  Recognize LABEL_FATBOOT labels (#513) [James Falcon] (LP: #1841466)
  +  Handle additional identifier for SLES For HPC (#520) [Robert Schweikert]
  +  Revert 'test-requirements.txt: pin pytest to <6 (#512)' (#515)
  +  test-requirements.txt: pin pytest to <6 (#512)
  +  Add 'tsanghan' as contributor (#504) [tsanghan]
  +  fix brpm building (LP: #1886107)
  +  Adding eandersson as a contributor (#502) [Erik Olof Gunnar Andersson]
  +  azure: disable bouncing hostname when setting hostname fails (#494)
     [Anh Vo]
  +  VMware: Support parsing DEFAULT-RUN-POST-CUST-SCRIPT (#441)
     [xiaofengw-vmware]
  +  DataSourceAzure: Use ValueError when JSONDecodeError is not available
     (#490) [Anh Vo]
  +  cc_ca_certs.py: fix blank line problem when removing CAs and adding
     new one (#483) [dermotbradley]
  +  freebsd: py37-serial is now py37-pyserial (#492) [Gonéri Le Bouder]
  +  ssh exit with non-zero status on disabled user (#472)
     [Eduardo Otubo] (LP: #1170059)
  +  cloudinit: remove global disable of pylint W0107 and fix errors (#489)
  +  networking: refactor wait_for_physdevs from cloudinit.net (#466)
     (LP: #1884626)
  +  HACKING.rst: add pytest.param pytest gotcha (#481)
  +  cloudinit: remove global disable of pylint W0105 and fix errors (#480)
  +  Fix two minor warnings (#475)
  +  test_data: fix faulty patch (#476)
  +  cc_mounts: handle missing fstab (#484) (LP: #1886531)
  +  LXD cloud_tests: support more lxd image formats (#482) [Paride Legovini]
  +  Add update_etc_hosts as default module on *BSD (#479) [Adam Dobrawy]
  +  cloudinit: fix tip-pylint failures and bump pinned pylint version (#478)
  +  Added BirknerAlex as contributor and sorted the file (#477)
     [Alexander Birkner]
  +  Update list of types of modules in cli.rst [saurabhvartak1982]
  +  tests: use markers to configure disable_subp_usage (#473)
  +  Add mention of vendor-data to no-cloud format documentation (#470)
     [Landon Kirk]
  +  Fix broken link to OpenStack metadata service docs (#467)
     [Matt Riedemann]
  +  Disable ec2 mirror for non aws instances (#390)
     [lucasmoura] (LP: #1456277)
  +  cloud_tests: don't pass  + -python-version to read-dependencies (#465)
  +  networking: refactor is_physical from cloudinit.net (#457) (LP: #1884619)
  +  Enable use of the caplog fixture in pytest tests, and add a
     cc_final_message test using it (#461)
  +  RbxCloud: Add support for FreeBSD (#464) [Adam Dobrawy]
  +  Add schema for cc_chef module (#375) [lucasmoura] (LP: #1858888)
  +  test_util: add (partial) testing for util.mount_cb (#463)
  +  .travis.yml: revert to installing ubuntu-dev-tools (#460)
  +  HACKING.rst: add details of net refactor tracking (#456)
  +  .travis.yml: rationalise installation of dependencies in host (#449)
  +  Add dermotbradley as contributor. (#458) [dermotbradley]
  +  net/networking: remove unused functions/methods (#453)
  +  distros.networking: initial implementation of layout (#391)
  +  cloud-init.service.tmpl: use 'rhel' instead of 'redhat' (#452)
  +  Change from redhat to rhel in systemd generator tmpl (#450)
     [Eduardo Otubo]
  +  Hetzner: support reading user-data that is base64 encoded. (#448)
     [Scott Moser] (LP: #1884071)
  +  HACKING.rst: add strpath gotcha to testing gotchas section (#446)
  +  cc_final_message: don't create directories when writing boot-finished
     (#445) (LP: #1883903)
  +  .travis.yml: only store new schroot if something has changed (#440)
  +  util: add ensure_dir_exists parameter to write_file (#443)
  +  printing the error stream of the dhclient process before killing it
     (#369) [Moustafa Moustafa]
  +  Fix link to the MAAS documentation (#442)
     [Paride Legovini] (LP: #1883666)
  +  RPM build: disable the dynamic mirror URLs when using a proxy (#437)
     [Paride Legovini]
  +  util: rename write_file's copy_mode parameter to preserve_mode (#439)
  +  .travis.yml: use $TRAVIS_BUILD_DIR for lxd_image caching (#438)
  +  cli.rst: alphabetise devel subcommands and add net-convert to list (#430)
  +  Default to UTF-8 in /var/log/cloud-init.log (#427) [James Falcon]
  +  travis: cache the chroot we use for package builds (#429)
  +  test: fix all flake8 E126 errors (#425) [Joshua Powers]
  +  Fixes KeyError for bridge with no 'parameters:' setting (#423)
     [Brian Candler] (LP: #1879673)
  +  When tools.conf does not exist, running cmd 'vmware-toolbox-cmd
     config get deployPkg enable-custom-scripts', the return code will
     be EX_UNAVAILABLE(69), on this condition, it should not take it as
     error. (#413) [chengcheng-chcheng]
  +  Document CloudStack data-server well-known hostname (#399) [Gregor Riepl]
  +  test: move conftest.py to top-level, to cover tests/ also (#414)
  +  Replace cc_chef is_installed with use of subp.is_exe. (#421)
     [Scott Moser]
  +  Move runparts to subp. (#420) [Scott Moser]
  +  Move subp into its own module. (#416) [Scott Moser]
  +  readme: point at travis-ci.com (#417) [Joshua Powers]
  +  New feature flag functionality and fix includes failing silently (#367)
     [James Falcon] (LP: #1734939)
  +  Enhance poll imds logging (#365) [Moustafa Moustafa]
  +  test: fix all flake8 E121 and E123 errors (#404) [Joshua Powers]
  +  test: fix all flake8 E241 (#403) [Joshua Powers]
  +  test: ignore flake8 E402 errors in main.py (#402) [Joshua Powers]
  +  cc_grub_dpkg: determine idevs in more robust manner with grub-probe
     (#358) [Matthew Ruffell] (LP: #1877491)
  +  test: fix all flake8 E741 errors (#401) [Joshua Powers]
  +  tests: add groovy integration tests for ubuntu (#400)
  +  Enable chef_license support for chef infra client (#389) [Bipin Bachhao]
  +  testing: use flake8 again (#392) [Joshua Powers]
  +  enable Puppet, Chef mcollective in default config (#385)
     [Mina Galić (deprecated: Igor Galić)] (LP: #1880279)
  +  HACKING.rst: introduce .net  + > Networking refactor section (#384)
  +  Travis: do not install python3-contextlib2 (dropped dependency) (#388)
     [Paride Legovini]
  +  HACKING: mention that .github-cla-signers is alpha-sorted (#380)
  +  Add bipinbachhao as contributor (#379) [Bipin Bachhao]
  +  cc_snap: validate that assertions property values are strings (#370)
  +  conftest: implement partial disable_subp_usage (#371)
  +  test_resolv_conf: refresh stale comment (#374)
  +  cc_snap: apply validation to snap.commands properties (#364)
  +  make finding libc platform independent (#366)
     [Mina Galić (deprecated: Igor Galić)]
  +  doc/rtd/topics/faq: Updates LXD docs links to current site (#368) [TomP]
  +  templater: drop Jinja Python 2 compatibility shim (#353)
  +  cloudinit: minor pylint fixes (#360)
  +  cloudinit: remove unneeded __future__ imports (#362)
  +  migrating momousta lp user to Moustafa-Moustafa GitHub user (#361)
     [Moustafa Moustafa]
  +  cloud_tests: emit dots on Travis while fetching images (#347)
  +  Add schema to apt configure config (#357) [lucasmoura] (LP: #1858884)
  +  conftest: add docs and tests regarding CiTestCase's subp functionality
     (#343)
  +  analyze/dump: refactor shared string into variable (#350)
  +  doc: update boot.rst with correct timing of runcmd (#351)
  +  HACKING.rst: change contact info to Rick Harding (#359) [lucasmoura]
  +  HACKING.rst: guide people to add themselves to the CLA file (#349)
  +  HACKING.rst: more unit testing documentation (#354)
  +  .travis.yml: don't run lintian during integration test package builds
     (#352)
  +  Add test to ensure docs examples are valid cloud-init configs (#355)
     [James Falcon] (LP: #1876414)
  +  make suse and sles support 127.0.1.1 (#336) [chengcheng-chcheng]
  +  Create tests to validate schema examples (#348)
     [lucasmoura] (LP: #1876412)
  +  analyze/dump: add support for Amazon Linux 2 log lines (#346)
     (LP: #1876323)
  +  bsd: upgrade support (#305) [Gonéri Le Bouder]
  +  Add lucasmoura as contributor (#345) [lucasmoura]
  +  Add 'therealfalcon' as contributor (#344) [James Falcon]
  +  Adapt the package building scripts to use Python 3 (#231)
     [Paride Legovini]
  +  DataSourceEc2: use metadata's NIC ordering to determine route-metrics
     (#342) (LP: #1876312)
  +  .travis.yml: introduce caching (#329)
  +  cc_locale: introduce schema (#335)
  +  doc/rtd/conf.py: bump copyright year to 2020 (#341)
  +  yum_add_repo: Add Centos to the supported distro list (#340)

- Fix unit test fail in TestGetPackageMirrorInfo::test_substitution.

- Add patch from upstream to remove python2 compatibility so
  cloud-init builds fine in Tumbleweed with a recent Jinja2
  version. This patch is only applied in TW.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:207-1
Released:    Thu Jan 27 09:24:49 2022
Summary:     Recommended update for glibc
Type:        recommended
Severity:    moderate
References:  
This update for glibc fixes the following issues:

- Add support for livepatches on x86_64 for SUSE Linux Enterprise 15 SP4 (jsc#SLE-20049).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:209-1
Released:    Thu Jan 27 14:03:58 2022
Summary:     Recommended update for opencl-headers
Type:        recommended
Severity:    moderate
References:  1193617
This update for opencl-headers fixes the following issues:

Update opencl-headers from 2.2+git.20170617 to version 2.2+git.20211214 (bsc#1193617)

- Add definitions for cl_arm_protected_memory_allocation
- Update headers for cl_intel_unified_shared_memory
- Add provisional command-buffer extension
- Rename cl_intel_thread_local_exec to cl_intel_exec_by_local_thread
- Fix API suffix version macros for semaphore extensions command definitions
- If change the include path destination when run cmake configure with `DCMAKE_INSTALL_INCLUDEDIR`, 
  the .cmake generated still point to hardcoded path `include`. this fix it
- Add external memory, external semaphore, and semaphore provisional extensions
- Fix condition for warning 4201 pop
- Update extension headers for cl_intel_device_attribute_query
- Update extension headers for cl_intel_sharing_format_query
- Add support for cl_khr_integer_dot_product v2
- Update headers for cl_khr_integer_dot_product
- Add cl_khr_pci_bus_info and cl_khr_suggested_local_work_size
- Add missing 'stdint.h' include to 'CL/cl.h'
- Disable failing CI configs
- Fixes for usage of macro CL_API_ENTRY
- cl_intel_command_queue_families extension
- Update default OpenCL version in README
- Replace uses of CL_EXT_{PRE,SUF}FIX* with CL_API_{PRE,SUF}FIX*
- Do not include cl_gl_ext.h from opencl.h
- Move cl_khr_gl_event to cl_gl.h
- Add testing for cl_d3d10.h, cl_d3d11.h, and cl_dx9_media_sharing.h
- Add definitions for cl_arm_import_memory_android_hardware_buffer v1.1.0
- Add support for user-supplied prefix/suffix in function declarations
- Move cl_icd_layer.h from OpenCL-ICD-Loader to OpenCL-Headers.
- Add definitions for cl_arm_controlled_kernel_termination
- Add definitions for cl_arm_scheduling_controls v0.3.0
- Remove unused CL_EXTENSION_WEAK_LINK definition
- Move Intel extensions into common files
- Add definitions for cl_arm_scheduling_controls v0.2.0
- Update apt package list in CI before running cmake
- Re-enable format string warning in CI
- Use PRId64 and PRIu64 when printing 64-bit values
- Fix test format string warnings
- Fix origin argument names for rect functions
- Enable GitHub Actions for pull requests
- Added definitions for cl_img_generate_mipmap.
- Added missing define for cl_img_use_gralloc_ptr.
- Use the alignment attribute under Integrity OS.
- Comprehensive CMake Package Config support
- Added definitions for cl_img_mem_properties.
- Switch the default version for the OpenCL headers to OpenCL 3.0
- Re-enable anonymous unions by default
- Avoid anon structs when MSVC uses /Za
- Update APIs and enums for cl_intel_unified_shared_memory for rev Q
- Header changes for cl_intel_mem_force_host_memory
- Add definitions for cl_ext_cxx_for_opencl
- Add definitions for cl_arm_scheduling_controls
- Add cl_intel_create_buffer_with_properties and cl_intel_mem_channel_property extensions
- Add cl_api prefix for clSetContextDestructorCallback
- Update ICD dispatch table with clSetContextDestructorCallback
- Deprecate clSetProgramReleaseCallback
- Add CL_DEVICE_LATEST_CONFORMANCE_VERSION_PASSED
- Add clSetContextDestructorCallback
- Introduce cl_properties type
- Switch device enqueue boolean query to capabilities query
- Fix build of dependent software with clang
- Add APIs and enums for cl_intel_unified_shared_memory
- Add cl_khr_device_uuid definitions
- Add cl_half.h header
- Add tokens for cl_amd_device_attribute_query
- Add Windows CI using Travis
- Update headers for OpenCL 3.0
- Add cl_khr_extended_versioning macro
- Synchronize experimental enum etc with cl.xml
- Include the DirectX sharing headers from CL/cl_icd.h.
- Add missing error code CL_CONTEXT_TERMINATED_KHR
- Change license to Apache 2.0
- Add enum value for `cl_khronos_vendor_id`
- Experimental enum cl_khronos_vendor_id
- Experimental enums for language queries
- Add experimental enum CL_COMMAND_SVM_MIGRATE_MEM
- Move two subgroup queries from cl_kernel_info to cl_kernel_sub_group_info
- Add experimental enums
- Add CL_IMPORT_DMA_BUF_DATA_CONSISTENCY_WITH_HOST_ARM definition
- Add tests and Travis CI config
- Add definitions for cl_arm_import_memory_android_hardware_buffer
- Add version guards to ICD declarations
- Add cl_khr_extended_versioning definitions
- Add API function pointer and ICD dispatch table definitions
- Add definitions for cl_arm_job_slot_selection
- Fix _cl_image_desc for OpenCL 1.2 compatibility
- Simplify the definition of deprecation prefixes/suffixes
- Added suffixed enums for cl_khr_image2d_from_buffer
- Drop __attribute__((aligned(X))) from cl_X defs
- Small typo fix for pfn_notify
- Use __vector instead of vector to fix altivec builds
- Fix clCreateFromGLBuffer error code result type
- Fixed w4201 triggering with MSVC in /W4 /Za builds
- Add suffixed enums for cl_khr_mipmap_image
- Remove all Apple specific content from headers
- Add enums for cl_arm_get_core_id
- Rename CL_IMPORT_TYPE_SECURE_ARM
- Add CL_DEVICE_DOUBLE_FP_CONFIG
- Remove CL_DEVICE_HALF_FP_CONFIG
- Unified Headers and added clSetCommandQueueProperty to unified headers
- Add cl_khr_il_program to OpenCL 1.2 and 2.0 headers
- Add cl_khr_create_command_queue
- Use correctly rounded decimal mathematical constants
- Shorten CL_DBL_MAX for Visual Studio to fix token overflow
- Anon structs supported in C11

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:220-1
Released:    Fri Jan 28 08:13:30 2022
Summary:     Recommended update for saptune
Type:        recommended
Severity:    important
References:  1192029,1192697,1193241,1193435,1193576,1193580,1194299,1194334
This update for saptune fixes the following issues:

- Fix LVM slave devices not to be excluded when they are valid block devices (bsc#1194299)
- Fix 'not compliant' state for energy_perf_bias on PowerPC systems and suppress misleading 
  error message regarding missing 'mokutil' (bsc#1193435)
- Remove the dependency to 'mokutil' by relying on sysfs to detect a secure boot environment (bsc#1193435)
- Fix problem with command `saptune revert all`, if the saptune service was stopped between the two 
  commands `apply` and `revert all`
- Fix `saptune service enablestart|disablestop` to always perform both actions and no longer
  stop working, if the service is already started|stopped (bsc#1193241)
- Fix support support for AWS x1e instances (bsc#1192029)
- Support /etc/fstab entries with 4 instead of 6 fields and change error handling from 'panic' 
  to error log messages (bsc#1193580)
- Enhance documentation in man page 'saptune.8' with the entry 'configured Note' and some more 
  descriptions of the entries from `saptune service status` (bsc#1192697)
- Fix block device settings (e.g. NRREQ) for multipath devices (bsc#1193576)
- Fix `saptune verify` command to report a non existing sysctl or sys parameter as 
  'not available on the system'. An additional warning is displayed to raise attention to typos 
  in the parameter name.
- Fix `saptune status` command to accurately report the unit state (bsc#1194334)
- Added a hint to the man page and some additional log messages as the PowerPC systems 
  (hardware architecture 'ppc64le') don't support files in '/sys/class/dmi'

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:222-1
Released:    Fri Jan 28 09:57:54 2022
Summary:     Recommended update for xrdp
Type:        recommended
Severity:    moderate
References:  1187258
This update for xrdp fixes the following issues:

- Fix crash in xrdp-fate318398-change-expired-password.patch (bsc#1187258)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:226-1
Released:    Fri Jan 28 17:21:40 2022
Summary:     Security update for log4j12
Type:        security
Severity:    important
References:  1193184,1194842,1194843,1194844,CVE-2022-23302,CVE-2022-23305,CVE-2022-23307
This update for log4j12 fixes the following issues:

- CVE-2022-23307: Fix deserialization issue by removing the chainsaw sub-package. (bsc#1194844)
- CVE-2022-23305: Fix SQL injection by removing src/main/java/org/apache/log4j/jdbc/JDBCAppender.java. (bsc#1194843)
- CVE-2022-23302: Fix remote code execution by removing src/main/java/org/apache/log4j/net/JMSSink.java. (bsc#1194842)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:227-1
Released:    Mon Jan 31 06:05:25 2022
Summary:     Recommended update for git
Type:        recommended
Severity:    moderate
References:  1193722
This update for git fixes the following issues:

- update to 2.34.1 (bsc#1193722):
  * 'git grep' looking in a blob that has non-UTF8 payload was
    completely broken when linked with certain versions of PCREv2
    library in the latest release.
  * 'git pull' with any strategy when the other side is behind us
    should succeed as it is a no-op, but doesn't.
  * An earlier change in 2.34.0 caused JGit application (that abused
    GIT_EDITOR mechanism when invoking 'git config') to get stuck with
    a SIGTTOU signal; it has been reverted.
  * An earlier change that broke .gitignore matching has been reverted.
  * SubmittingPatches document gained a syntactically incorrect mark-up,
    which has been corrected.

- git 2.33.0:
  * 'git send-email' learned the '--sendmail-cmd' command line option
    and the 'sendemail.sendmailCmd' configuration variable, which is a
    more sensible approach than the current way of repurposing the
    'smtp-server' that is meant to name the server to instead name the
    command to talk to the server.
  * The userdiff pattern for C# learned the token 'record'.
  * 'git rev-list' learns to omit the 'commit <object-name>' header
    lines from the output with the `--no-commit-header` option.
  * 'git worktree add --lock' learned to record why the worktree is
    locked with a custom message.
  * internal improvements including performance optimizations
  * a number of bug fixes

- git 2.32.0:
  * '.gitattributes', '.gitignore', and '.mailmap' files that are
    symbolic links are ignored
  * 'git apply --3way' used to first attempt a straight
    application, and only fell back to the 3-way merge algorithm
    when the straight application failed.  Starting with this
    version, the command will first try the 3-way merge algorithm
    and only when it fails (either resulting with conflict or the
    base versions of blobs are missing), falls back to the usual
    patch application.
  * 'git stash show' can now show the untracked part of the stash
  * Improved 'git repack' strategy
  * http code can now unlock a certificate with a cached password
    respectively.
  * 'git clone --reject-shallow' option fails the clone as soon as
    we notice that we are cloning from a shallow repository.
  * 'gitweb' learned 'e-mail privacy' feature
  * Multiple improvements to output and configuration options
  * Bug fixes and developer visible fixes
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:228-1
Released:    Mon Jan 31 06:07:52 2022
Summary:     Recommended update for boost
Type:        recommended
Severity:    moderate
References:  1194522
This update for boost fixes the following issues:

- Fix compilation errors (bsc#1194522)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:273-1
Released:    Tue Feb  1 14:15:21 2022
Summary:     Recommended update for google-guest-agent, google-guest-configs, google-guest-oslogin, google-osconfig-agent
Type:        recommended
Severity:    important
References:  1102408,1192652,1192653,1193257,1193258
This update for google-guest-agent, google-guest-configs, google-guest-oslogin, google-osconfig-agent contains the following fixes:

Changes in google-guest-agent:
- Update to version 20211116.00 (bsc#1193257, bsc#1193258)
  * dont duplicate logs (#146)
  * Add WantedBy network dependencies to google-guest-agent service (#136)
  * dont try dhcpv6 when not needed (#145)
  * Integration tests: instance setup (#143)
  * Integration test: test create and remove google user (#128)
  * handle comm errors in script runner (#140)
  * enforce script ordering (#138)
  * enable ipv6 on secondary interfaces (#133)
- from version 20211103.00
  * Integration tests: instance setup (#143)
- from version 20211027.00
  * Integration test: test create and remove google user (#128)

- Update to version 20211019.00
  * handle comm errors in script runner (#140)
- from version 20211015.00
  * enforce script ordering (#138)
- from version 20211014.00
  * enable ipv6 on secondary interfaces (#133)
- from version 20211013.00
  * dont open ssh tempfile exclusively (#137)
- from version 20211011.00
  * correct linux startup script order (#135)
  * Emit sshable attribute (#123)
- from version 20210908.1
  * restore line (#127)
- from version 20210908.00
  * New integ test (#124)
- from version 20210901.00
  * support enable-oslogin-sk key (#120)
  * match script logging to guest agent (#125)
- from version 20210804.00
  * Debug logging (#122)
- Refresh patches for new version
  * dont_overwrite_ifcfg.patch

- Build with go1.15 for reproducible build results (bsc#1102408)

- Update to version 20210707.00
  * Use IP address for calling the metadata server. (#116)
- from version 20210629.00
  * use IP for MDS (#115)

- Update to version 20210603.00
  * systemd-notify in agentInit (#113)
  * dont check status (#112)
- from version 20210524.00
  * more granular service restarts (#111)
- from version 20210414.00
  * (no functional changes)

Changes in google-guest-configs:
- Add missing pkg-config dependency to BuildRequires for SLE-12

- Install modprobe configuration files into /etc again on SLE-15-SP2 and
  older since that's stil the default location on these distributions
- Probe udev directory using the 'udevdir' pkg-config variable on SLE-15-SP2
  and older since the variable got renamed to 'udev_dir' in later versions
- Remove redundant pkgconfig(udev) from BuildRequires for SLE-12

- Update to version 20211116.00 (bsc#1193257, bsc#1193258)
  * GCE supports up to 24 NVMe local SSDs, but the regex in the PROGRAM field
    only looks for the last digit of the given string causing issues when there
    are >= 10  local SSDs. Changed REGEX to get the last number of the string
    instead to support the up to 24 local SSDs. (#30)
  * chmod+x google_nvme_id on EL (#31)
- Fix duplicate installation of google_optimize_local_ssd and google_set_multiqueue
- Install google_nvme_id into /usr/lib/udev (bsc#1192652, bsc#1192653)

- Update to version 20210916.00
  * Revert 'dont set IP in etc/hosts; remove rsyslog (#26)' (#28)
- from version 20210831.00
  * restore rsyslog (#27)
- from version 20210830.00
  * Fix NVMe partition names (#25)
- from version 20210824.00
  * dont set IP in etc/hosts; remove rsyslog (#26)
  * update OWNERS

- Use %_modprobedir for modprobe.d files (out of /etc)
- Use %_sysctldir for sysctl.d files (out of /etc)

- Update to version 20210702.00
  * use grep for hostname check (#23)
- from version 20210629.00
  * address set_hostname vuln (#22)
- from version 20210324.00
  * dracut.conf wants spaces around values (#19)

Changes in google-guest-oslogin:
- Update to version 20211013.00 (bsc#1193257, bsc#1193258)
  * remove deprecated binary (#79)
- from version 20211001.00
  * no message if no groups (#78)
- from version 20210907.00
  * use sigaction for signals (#76)
- from version 20210906.00
  * include cstdlib for exit (#75)
  * catch SIGPIPE in authorized_keys (#73)
- from version 20210805.00
  * fix double free in ParseJsonToKey (#70)
- from version 20210804.00
  * fix packaging for authorized_keys_sk (#68)
  * add authorized_keys_sk (#66)
- Add google_authorized_keys_sk to %files section
- Remove google_oslogin_control from %files section

Changes in google-osconfig-agent:
- Update to version 20211117.00 (bsc#1193257, bsc#1193258)
  * Add retry logic for RegisterAgent (#404)
- from version 20211111.01
  * e2e_test: drop ubuntu 1604 image as its EOL (#403)
- from version 20211111.00
  * e2e_test: move to V1 api for OSPolicies (#397)
- from version 20211102.00
  * Fix context logging and fix label names (#400)
- from version 20211028.00
  * Add cloudops example for gcloud (#399)

- Update to version 20211021.00
  * Added patch report logging for Zypper. (#395)
- from version 20211012.00
  * Replace deprecated instance filters with the new filters (#394)
- from version 20211006.00
  * Added patch report log messages for Yum and Apt (#392)
- from version 20210930.00
  * Config: Add package info caching (#391)
- from version 20210928.00
  * Fixed the runWithPty function to set ctty to child's filedesc (#389)
- from version 20210927.00
  * e2e_tests: fix a test output mismatch (#390)
- from version 20210924.00
  * Fix some e2e test failures (#388)
- from version 20210923.02
  * Correctly check for folder existance in package upgrade (#387)
- from version 20210923.01
  * ReportInventory: Fix bug in deb/rpm inventory, reduce calls to append (#386)
- from version 20210923.00
  * Deprecate old config directory in favor of new cache directory (#385)
- from version 20210922.02
  * Fix rpm/deb package formating for inventory reporting (#384)
- from version 20210922.01
  * Add centos stream rocky linux and available package tests (#383)
- from version 20210922.00
  * Add more info logs, actually cleanup unmanaged repos (#382)
- from version 20210901.00
  * Add E2E tests for Windows Application (#379)
  * Return lower-case package name (#377)
  * Update Terraform scripts for multi-project deployments tutorial. (#378)
- from version 20210811.00
  * Support Windows Application Inventory (#371)
- from version 20210723.00
  * Send basic inventory with RegisterAgent (#373)
- from version 20210722.1
  * e2e_tests: move to manually generated osconfig library (#372)
- from version 20210722.00
  * Create OWNERS file for examples directory (#368)
- from version 20210719.00
  * Update Zypper patch info parsing (#370)

- Build with go1.15 for reproducible build results (bsc#1102408)

- Update to version 20210712.1
  * Skip getting patch info when no patches are found. (#369)
- from version 20210712.00
  * Add Terraform scripts for multi-project deployments (#367)
- from version 20210709.00
  * Add examples/Terraform directory. (#366)
- from version 20210707.00
  * Fix bug in printing packages to update,
    return error for zypper patch (#365)
- from version 20210629.00
  * Add CloudOps examples for CentOS (#364)

- Update to version 20210621.00
  * chore: Fixing a comment. (#363)
- from version 20210617.00
  * Use exec.CommandContext so that canceling the context also
    kills any running processes (#362)
- from version 20210608.1
  * e2e_tests: point to official osconfig client library (#359)
- from version 20210608.00
  * e2e_tests: deflake tests (#358)
- from version 20210607.00
  * Fix build on some architectures (#357)
- from version 20210603.00
  * Create win-validation-powershell.yaml (#356)
- from version 20210602.00
  * Agent efficiency improvements/bugfixes/logging updates (#355)
  * e2e_tests: add tests for ExecResource output (#354)
- from version 20210525.00
  * Run fieldalignment on all structs (#353)
- from version 20210521.00
  * Config Task: add error message and ExecResource output recording (#350)
  * e2e_tests: remove Windows server 1909 and add server 20h2 (#352)
  * Added a method for logging structured data (#349)
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:302-1
Released:    Wed Feb  2 11:07:36 2022
Summary:     Recommended update for rpmlint, rpmlint-mini, obs-service-format_spec_file
Type:        recommended
Severity:    moderate
References:  1195085
This update for rpmlint, rpmlint-mini, obs-service-format_spec_file fixes the following issues:

obs-service-format_spec_file:

- Synchronize the license identifiers from SPDX (spdx.org). (jsc#SLE-18915)

rpmlint:

- Accept any license ending with a '+' as indicated in the SPDX syntax. (bsc#1195085)
- Remove licenses ending with '+' from the valid license array
- Rebuild rpmlint with the new obs-service-format_spec_file.

rpmlint-mini:

- Rebuild rpmlint-mini with the new obs-service-format_spec_file and rpmlint.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:312-1
Released:    Wed Feb  2 13:49:08 2022
Summary:     Recommended update for rrdtool
Type:        recommended
Severity:    moderate
References:  1189375
This update for rrdtool fixes the following issues:

- Remove umask usage as it creates issues and it's not thread safe. (bsc#1189375)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:313-1
Released:    Wed Feb  2 13:52:26 2022
Summary:     Recommended update for infinipath-psm
Type:        recommended
Severity:    moderate
References:  1047218,1133133,1160270
This update for infinipath-psm fixes the following issues:

- Fix compilation with GCC10. (bsc#1160270)
- Disable LTO. (bsc#1133133)
- Fix build date. (bsc#1047218)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:321-1
Released:    Thu Feb  3 12:55:16 2022
Summary:     Recommended update for go
Type:        recommended
Severity:    moderate
References:  1190649
This update for go fixes the following issues:

- Update the go wrapper package to switch to the current stable go1.17 (bsc#1190649)
- Add golang Provides for RH/Fedora compatibility

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:330-1
Released:    Fri Feb  4 09:29:08 2022
Summary:     Security update for glibc
Type:        security
Severity:    important
References:  1194640,1194768,1194770,1194785,CVE-2021-3999,CVE-2022-23218,CVE-2022-23219

This update for glibc fixes the following issues:

- CVE-2021-3999: Fixed incorrect errno in getcwd (bsc#1194640)
- CVE-2022-23219: Fixed buffer overflow in sunrpc clnt_create for 'unix' (bsc#1194768)
- CVE-2022-23218: Fixed buffer overflow in sunrpc svcunix_create (bsc#1194770)

Features added:

- IBM Power 10 string operation improvements (bsc#1194785, jsc#SLE-18195)


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:334-1
Released:    Fri Feb  4 09:30:58 2022
Summary:     Security update for containerd, docker
Type:        security
Severity:    moderate
References:  1191015,1191121,1191334,1191434,1193273,CVE-2021-41089,CVE-2021-41091,CVE-2021-41092,CVE-2021-41103,CVE-2021-41190
This update for containerd, docker fixes the following issues:

- CVE-2021-41089: Fixed 'cp' can chmod host files (bsc#1191015).
- CVE-2021-41091: Fixed flaw that could lead to data directory traversal in moby (bsc#1191434).
- CVE-2021-41092: Fixed exposed user credentials with a misconfigured configuration file (bsc#1191334).
- CVE-2021-41103: Fixed file access to local users in containerd (bsc#1191121).
- CVE-2021-41190: Fixed OCI manifest and index parsing confusion (bsc#1193273).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:339-1
Released:    Mon Feb  7 10:22:03 2022
Summary:     Recommended update for google-droid-fonts
Type:        recommended
Severity:    moderate
References:  1190886
This update for google-droid-fonts fixes the following issue:

- Add sources DroidSansFallback.ttf DroidSansFallbackFull.ttf 
  DroidSansMono.ttf: Merge the latest modification from Android
  project (bsc#1190886).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:353-1
Released:    Tue Feb  8 17:41:48 2022
Summary:     Recommended update for systemd-rpm-macros
Type:        recommended
Severity:    moderate
References:  
This update for systemd-rpm-macros fixes the following issues:

- Bump version to 10

- %sysusers_create_inline was wrongly marked as deprecated
- %sysusers_create can be useful in certain cases and won't go away until we'll
  move to file triggers. So don't mark it as deprecated too

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:373-1
Released:    Mon Feb 14 09:58:24 2022
Summary:     Recommended update for rpmlint
Type:        recommended
Severity:    moderate
References:  1195491,1195548,1195662
This update for rpmlint fixes the following issues:

- Whitelisting `kdenetwork-filesharing`. (bsc#1195548)
- Whitelisting of `powerdevil5`. (bsc#1195662)
- Whitelisting of `plasma5-disks`. (bsc#1195491)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:375-1
Released:    Mon Feb 14 11:12:44 2022
Summary:     Security update for wireshark
Type:        security
Severity:    moderate
References:  1194166,1194167,1194168,1194169,1194170,1194171,1194780,CVE-2021-4181,CVE-2021-4182,CVE-2021-4183,CVE-2021-4184,CVE-2021-4185,CVE-2021-4190
This update for wireshark fixes the following issues:

Update to version 3.6.1: 

- CVE-2021-4185: RTMPT dissector infinite loop (bsc#1194166)
- CVE-2021-4184: BitTorrent DHT dissector infinite loop (bsc#1194167)
- CVE-2021-4183: pcapng file parser crash (bsc#1194168)
- CVE-2021-4182: RFC 7468 file parser infinite loop (bsc#1194169)
- CVE-2021-4181: Sysdig Event dissector crash (bsc#1194170)
- CVE-2021-4190: Kafka dissector infinite loop (bsc#1194171)
- Support for Shared Memory Communications (SMC) (jsc#SLE-18727)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:479-1
Released:    Thu Feb 17 14:48:24 2022
Summary:     Security update for virglrenderer
Type:        security
Severity:    important
References:  1195389,CVE-2022-0135
This update for virglrenderer fixes the following issues:
	  
- CVE-2022-0135: Fixed out-of-bonds write in read_transfer_data() (bsc#1195389).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:480-1
Released:    Thu Feb 17 15:10:52 2022
Summary:     Security update for tiff
Type:        security
Severity:    important
References:  1071031,1154365,1182808,1182809,1182811,1182812,1190312,1194539,CVE-2017-17095,CVE-2019-17546,CVE-2020-19131,CVE-2020-35521,CVE-2020-35522,CVE-2020-35523,CVE-2020-35524,CVE-2022-22844
This update for tiff fixes the following issues:

- CVE-2017-17095: Fixed DoS in tools/pal2rgb.c in pal2rgb (bsc#1071031).
- CVE-2019-17546: Fixed integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image (bsc#1154365).
- CVE-2020-19131: Fixed buffer overflow in tiffcrop that may cause DoS via the invertImage() function (bsc#1190312).
- CVE-2020-35521: Fixed memory allocation failure in tif_read.c (bsc#1182808).
- CVE-2020-35522: Fixed memory allocation failure in tif_pixarlog.c (bsc#1182809).
- CVE-2020-35523: Fixed integer overflow in tif_getimage.c (bsc#1182811).
- CVE-2020-35524: Fixed heap-based buffer overflow in TIFF2PDF tool (bsc#1182812).
- CVE-2022-22844: Fixed out-of-bounds read in _TIFFmemcpy in tif_unix.c (bsc#1194539).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:485-1
Released:    Fri Feb 18 04:30:56 2022
Summary:     Recommended update for tomcat
Type:        recommended
Severity:    moderate
References:  1193569
This update for tomcat fixes the following issues:

- Fix Null Pointer Exception in JNDIRealm, when userRoleAttribute is not set (bsc#1193569)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:493-1
Released:    Fri Feb 18 10:36:59 2022
Summary:     Security update for clamav
Type:        security
Severity:    important
References:  1194731,CVE-2022-20698
This update for clamav fixes the following issues:

- CVE-2022-20698: Fixed invalid pointer read allowing denial of service crash. (bsc#1194731)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:503-1
Released:    Fri Feb 18 10:55:49 2022
Summary:     Security update for xerces-j2
Type:        security
Severity:    important
References:  1195108,CVE-2022-23437
This update for xerces-j2 fixes the following issues:

- CVE-2022-23437: Fixed infinite loop within Apache XercesJ xml parser (bsc#1195108).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:519-1
Released:    Fri Feb 18 12:44:57 2022
Summary:     Recommended update for sysstat
Type:        recommended
Severity:    moderate
References:  1194679
This update for sysstat fixes the following issues:

- Fix possible segfault (bsc#1194679).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:520-1
Released:    Fri Feb 18 12:45:19 2022
Summary:     Recommended update for rpm
Type:        recommended
Severity:    moderate
References:  1194968
This update for rpm fixes the following issues:

- Revert unwanted /usr/bin/python to /usr/bin/python2 change we got with the update to 4.14.3 (bsc#1194968)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:522-1
Released:    Fri Feb 18 12:47:18 2022
Summary:     Recommended update for fetchmail
Type:        recommended
Severity:    moderate
References:  1193894
This update for fetchmail fixes the following issues:

- Restore autoprobe functionality (bsc#1193894)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:533-1
Released:    Mon Feb 21 09:28:48 2022
Summary:     Recommended update for python-kiwi
Type:        recommended
Severity:    moderate
References:  1180539,1184128,1184823,1185287,1185937,1187460,1187461,1187515,1192975,1195229
This update for python-kiwi fixes the following issues:

This version upgrade includes several fixes:

- Ensure backward compatibility on deprecated methods
  
  This commit ensures backward compatibility for deprecated
  config bash script utilities. (bsc#1195229)

  * Fixed regression in compression detection. (bsc#1192975)
    
  * index.rst: Change title (bsc#1189294#c2)
    
  * suggested in bsc#1189294#c2 for more clarity
  * change has been discussed with and approved by main author (Marcus S.)
    
  * Care for different snapper template locations. (bsc#1192940)
    
  * Do not force dracut into a compression setting
    
  * Fixed secure boot fallback setup
    
    Make sure MokManager gets copied. The name and location of
    the mok manager is distribution specific in the same way as
    the shim loader. Thus we need to apply a similar concept
    for looking it up. (bsc#1187515)
    
  * Allow creation of LUKS system with empty key
    
    To support cloud platforms better we should allow the
    creation of an initial(insecure) LUKS encrypted image
    with an empty passphrase/keyfile. (bsc#1187461, bsc#1187460)
    
  * Delete obsolete 'ddb.adapterType' patching
    
    When building a vmdk image with pvscsi as adapter type, kiwi
    implicitly changed the adapter_type from pvscsi to lsilogic
    because qemu only knows lsilogic. At the end kiwi patched
    the adapter type in the descriptor of the vmdk header back
    to pvscsi. That patching seems to be wrong according to
    information from users and VMware support. This commit
    deletes the descriptor patching and only leaves the pvscsi
    setting in the guest configuration(vmx). bsc#1180539)
    
  * Make dracut version check more robust
    
    The check_dracut_module_versions_compatible_to_kiwi() runtime
    check calls the package manager from the host and reads the
    package database from the image root. Doing this requires
    the package database in the image to be compatible with the
    package manager on the host. However this cannot be guarenteed
    and it is more robust to chroot into the image root and call
    the package manager from there. However, this change also comes
    with the cost that it's required to have a package manager
    available in the image root tree. Therefore along with the
    chroot based call, eventual exceptions from the call are now
    catched and leads to a debug message in the log file but will
    not lead the runtime check to fail. I consider the cases
    without a package database inside of the image to be less
    critical than the incompatibility issue between the host
    tooling and the package database in the image. (bsc#1185937)
    
  * Fixed setup of repository architecture
    
    Unfortunately the architecture reported by uname is not
    necessarily the same name as used in the repository metadata.
    Therefore it was not a good idea to set the architecture
    and manage the name via a mapping table. It also has turned
    out that repo arch names are distro specific which causes
    more complexity on an eventual mapping table. In the end
    this commit changes the way how the repository architecture
    is setup in a way that we only set the architecture if
    a name was explicitly specified such that the user keeps
    full control over it without any mapping magic included (bsc#1185287)
    
  * Do not apply default subcommand for derivate containers
    
    This commit does not apply the default subcommand for derivate containers. (bsc#1184823)
    
  * Added openssl to the core requires
    
    openssl is used in kiwi to construct a password hash
    if the plaintext password feature for user settings
    is used. (bsc#1184128)
    

    
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:546-1
Released:    Mon Feb 21 20:36:36 2022
Summary:     Recommended update for monitoring-plugins
Type:        recommended
Severity:    important
References:  1047218,1114483,1191011
This update for monitoring-plugins fixes the following issues:

  the patch just reverts the problem, if you get more than 64K on 
  stdout

- recommend syslog for monitoring-plugins-log, as people probably 
  want to analize logs generated by (r)syslog or journald
  check_snmp will segfaults at line 489 if number of lines returned 
  by SNMPD is greater than number of defined thresholds

- Remove unneeded build requirement on 'syslog'

- Remove unneeded BuildRequires on python-devel (bsc#1191011)

- Call gettextize with --no-changelog to make package build
  reproducible (bsc#1047218)

- Update to 2.3.1:
  Enhancements
  * check_curl: Add an option to verify the peer certificate and host using the system CA's
  Fixes
  * check_curl: fixed help, usage and errors for TLS 1.3
  * check_curl: fixed a potential buffer overflow in url buffer
  * check_dns: split multiple IP addresses passed in one -a argument
  * check_curl: added string_statuscode function for printing HTTP/1.1 and HTTP/2 correctly
  * check_curl: fix crash if http header contains leading spaces
  * check_curl: display a specific human-readable error message where possible
  * check_pgsql: Using snprintf which honors the buffers size and guarantees null termination.
  * check_snmp: put the 'c' (to mark a counter) after the perfdata value
  * check_http: Increase regexp limit
  * check_http: make -C obvious
  * check_curl: Increase regexp limit (to 1024 as in check_http)
  * check_curl: make -C obvious (from check_http)

- Update to 2.3 (final):
  Enhancements
  * check_dns: allow 'expected address' (-a) to be specified in CIDR notation (IPv4 only).
  * check_dns: allow for IPv6 RDNS
  * check_dns: Accept CIDR
  * check_dns: allow unsorted addresses
  * check_dns: allow forcing complete match of all addresses
  * check_apt: add --only-critical switch
  * check_apt: add -l/--list option to print packages
  * check_file_age: add range checking
  * check_file_age: enable to test for maximum file size
  * check_apt: adding packages-warning option
  * check_load: Adding top consuming processes option
  * check_http: Adding Proxy-Authorization and extra headers
  * check_snmp: make calcualtion of timeout value in help output more clear
  * check_uptime: new plugin for checking uptime to see how long the system is running
  * check_curl: check_http replacement based on libcurl
  * check_http: Allow user to specify HTTP method after proxy CONNECT
  * check_http: Add new flag --show-body/-B to print body
  * check_cluster: Added data argument validation
  * check_icmp: Add IPv6 support
  * check_icmp: Automatically detect IP protocol
  * check_icmp: emit error if multiple protocol version
  * check_disk: add support to display inodes usage in perfdata
  * check_hpjd: Added -D option to disable warning on 'out of paper'
  * check_http: support the --show-body/-B flag when --expect is used
  * check_mysql: allow mariadbclient to be used
  * check_tcp: add --sni
  * check_dns: detect unreachable dns service in nslookup output
  Fixes
  * Fix regression where check_dhcp was rereading response in a tight loop
  * check_dns: fix error detection on sles nslookup
  * check_disk_smb: fix timeout issue
  * check_swap: repaired -n behaviour
  * check_icmp: Correctly set address_family on lookup
  * check_icmp: Do not overwrite -4,-6 on lookup
  * check_smtp: initializes n before it is used
  * check_dns: fix typo in parameter description
  * check_by_ssh: fix child process leak on timeouts
  * check_mysql: Allow sockets to be specified to -H
  * check_procs: improve command examples for 'at least' processes
  * check_disk: include -P switch in help
  * check_mailq: restore accidentially removed options

- change version to 2.3~alpha.$date.$commit
  changes summarized
  * detect unreachable dns service in nslookup output
  * check_curl: host_name may be null
  * update test parameter according to check_http
  * check_curl: use CURLOPT_RESOLVE to fix connecting to the right ip
  * workaround for issue #1550 - better use 'ping -4' instead
    of 'ping' if supported
  * Use size_t instead of int when calling sysctl(3)
  * check_tcp: add --sni
  * Fix timeout_interval declarations
  * check_curl: NSS, parse more date formats from certificate (in
    -C cert check)
  * check_curl: more tolerant CN= parsing when checking
    certificates (hit on Centos 8)
  * setting no_body to TRUE when we have a HEAD request
  * some LIBCURL_VERSION checks around HTTP/2 feature
  * added --http-version option to check_curl to choose HTTP
  * improved curlhelp_parse_statusline to handle both HTTP/1.x
    and HTTP/2
  * check_curl: updates embedded picohttpparser to newest git
    version
  * setting progname of check_curl plugin to check_curl (at least
    for now)
  * Allow mariadbclient to be used for check_mysql
  * fix maxfd being zero
  * include -P switch in help
  * check_swap: repaired '-n' behaviour
  * improve command examples for 'at least' processes
  * check_mysql: Allow sockets to be specified to -H
  * Adding packages-warning option to check_apt plugin
  * Adding print top consuming processes option to check_load
  * check_snmp: make calcualtion of timeout value in help output more clear
  * [check_disk] add support to display inodes usage in perfdata
  * check_by_ssh: fix child process leak on timeouts
  * check_icmp: Add IPv6 support
  * check_dns: fix typo in parameter description
  * Also support the --show-body/-B flag when --expect is used
  * check_dns: improve support for checking multiple addresses
  * check_hpjd: Added -D option to disable warning on 'out of paper'
  * check_icmp: Do not overwrite -4,-6 on lookup
  * check_icmp: emit error if multiple protocol version
  * check_icmp: move opts string into a variable
  * check_cluster.c: Added data argument validation.
  * check_icmp: Correctly set address_family on lookup
  * check_icmp: process protocol version args first
  * check_icmp: Add IPv6 support
- drop explicit attr in filelist for check_host and check_rta_multi
  as they are symlinks to check_icmp
- add new subpackage monitoring-plugins-uptime

- include upstream fixes for check_swap
- simply fix the plugin name in the comment
- improve the output if the swap has zero size
- use unknown exit code for help/version in plugins
- updated context in

- monitoring-plugins-mysql should also provide monitoring-plugins-mysql_query
- Provide/Obsolete nagios-plugins in old version for better 
  compatibility and to allow dist upgrade (bsc#1114483)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:548-1
Released:    Tue Feb 22 13:48:55 2022
Summary:     Recommended update for blog
Type:        recommended
Severity:    moderate
References:  1186506,1191057
This update for blog fixes the following issues:

- Update to version 2.26
  * On s390/x and PPC64 gcc misses unused arg0

- Update to version 2.24
  * Avoid install errror due missed directory

- Update to version 2.22
  * Avoid KillMode=none for newer systemd version as well as rework
    the systemd unit files of blog (bsc#1186506)

- Move to /usr for UsrMerge (bsc#1191057) 

- Update to version 2.21
  * Merge pull request #4 from samueldr/fix/makefile
    Fixup Makefile for better build system support
  * Silent new gcc compiler

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:559-1
Released:    Wed Feb 23 15:04:54 2022
Summary:     Security update for MozillaThunderbird
Type:        security
Severity:    important
References:  1195682,1196072,CVE-2022-0566,CVE-2022-22753,CVE-2022-22754,CVE-2022-22756,CVE-2022-22759,CVE-2022-22760,CVE-2022-22761,CVE-2022-22763,CVE-2022-22764
This update for MozillaThunderbird fixes the following issues:

- Mozilla Thunderbird 91.6.1 / MFSA 2022-07 (bsc#1196072)
  * CVE-2022-0566 (bmo#1753094)
    Crafted email could trigger an out-of-bounds write

- Mozilla Thunderbird 91.6 / MFSA 2022-06 (bsc#1195682)
  * CVE-2022-22753 (bmo#1732435)
    Privilege Escalation to SYSTEM on Windows via Maintenance
    Service
  * CVE-2022-22754 (bmo#1750565)
    Extensions could have bypassed permission confirmation during
    update
  * CVE-2022-22756 (bmo#1317873)
    Drag and dropping an image could have resulted in the dropped
    object being an executable
  * CVE-2022-22759 (bmo#1739957)
    Sandboxed iframes could have executed script if the parent
    appended elements
  * CVE-2022-22760 (bmo#1740985, bmo#1748503)
    Cross-Origin responses could be distinguished between script
    and non-script content-types
  * CVE-2022-22761 (bmo#1745566)
    frame-ancestors Content Security Policy directive was not
    enforced for framed extension pages
  * CVE-2022-22763 (bmo#1740534)
    Script Execution during invalid object state
  * CVE-2022-22764 (bmo#1742682, bmo#1744165, bmo#1746545,
    bmo#1748210, bmo#1748279)
    Memory safety bugs fixed in Thunderbird 91.6

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:562-1
Released:    Thu Feb 24 08:37:16 2022
Summary:     Security update for jasper
Type:        security
Severity:    moderate
References:  1188437,CVE-2021-27845
This update for jasper fixes the following issues:

- CVE-2021-27845: Fixed divide-by-zery issue in cp_create() (bsc#1188437).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:572-1
Released:    Thu Feb 24 11:58:05 2022
Summary:     Recommended update for psmisc
Type:        recommended
Severity:    moderate
References:  1194172
This update for psmisc fixes the following issues:

- Determine the namespace of a process only once to speed up the parsing of 'fdinfo'. (bsc#1194172)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:574-1
Released:    Fri Feb 25 16:59:28 2022
Summary:     Security update for ucode-intel
Type:        security
Severity:    important
References:  1192615,1195779,1195780,1195781,CVE-2021-0127,CVE-2021-0145,CVE-2021-0146,CVE-2021-33120
This update for ucode-intel fixes the following issues:

Updated to Intel CPU Microcode 20220207 release.

- CVE-2021-0146: Fixed a potential security vulnerability in some Intel Processors may allow escalation of privilege (bsc#1192615)
- CVE-2021-0127: Intel Processor Breakpoint Control Flow (bsc#1195779)
- CVE-2021-0145: Fast store forward predictor - Cross Domain Training (bsc#1195780)
- CVE-2021-33120: Out of bounds read for some Intel Atom processors (bsc#1195781)

- Security updates for [INTEL-SA-00528](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00528.html)
- Security updates for [INTEL-SA-00532](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00532.html)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:675-1
Released:    Wed Mar  2 18:50:37 2022
Summary:     Security update for ldns
Type:        security
Severity:    moderate
References:  1195057,1195058,CVE-2020-19860,CVE-2020-19861
This update for ldns fixes the following issues:

- CVE-2020-19860: Fixed heap-based out of bounds read when verifying a zone file (bsc#1195057).
- CVE-2020-19861: Fixed heap-based out of bounds read in ldns_nsec3_salt_data() (bsc#1195058).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:681-1
Released:    Thu Mar  3 11:36:29 2022
Summary:     Recommended update for cloud-regionsrv-client
Type:        recommended
Severity:    critical
References:  1195414,1195564,1196305
This update for cloud-regionsrv-client fixes the following issues:

- Update -addon-azure to 1.0.2 (bsc#1196305)
  - Fix regression in the cloud-regionsrv-client' with OnDemand images
- Update to version 10.0.0 (bsc#1195414, bsc#1195564)
  - Refactor removes check_registration() function in utils implementation
  - Only start the registration service for PAYG images
  - addon-azure sub-package to version 1.0.1

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:682-1
Released:    Thu Mar  3 11:37:03 2022
Summary:     Recommended update for supportutils-plugin-suse-public-cloud
Type:        recommended
Severity:    important
References:  1195095,1195096
This update for supportutils-plugin-suse-public-cloud fixes the following issues:

- Update to version 1.0.6 (bsc#1195095, bsc#1195096)
  - Include cloud-init logs whenever they are present
  - Update the packages we track in AWS, Azure, and Google
  - Include the ecs logs for AWS ECS instances

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:687-1
Released:    Thu Mar  3 11:39:23 2022
Summary:     Recommended update for libvirt
Type:        recommended
Severity:    moderate
References:  1191668,1192119
This update for libvirt fixes the following issues:

- libxl: Mark auto-allocated graphics ports to used on reconnect.
- libxl: Release all auto-allocated graphics ports. (bsc#1191668)
- libxl: Add lock process indicator to saved VM state. (bsc#1191668)
- spec: Weaken apparmor-abstractions dependency to Recommends. (bsc#1192119, jsc#SLE-23394)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:689-1
Released:    Thu Mar  3 11:41:05 2022
Summary:     Recommended update for python-openstackclient, python-openstackdocstheme, python-oslo.context, python-oslosphinx, python-reno
Type:        recommended
Severity:    important
References:  1191205
This update for python-openstackclient fixes the following issues:

- update to version 5.2.0 (bsc#1191205)
  - Add bindep file
  - Use 'KeyValueAppendAction' from osc-lib
  - Bump lower constraint of MarkupSafe
  - Replace six.iteritems() with .items()
  - Don't look up project by id if given id
  - Add storage policy option to create container command
  - Stop configuring install_command in tox and stop use pip.
  - Update http links in docs
  - Doc: launchpad => storyboard
  - Allow setting floating IP description
  - Deflate .htaccess
  - Fix network segment range '_get_ranges' function
  - Fix copypaste errors in access rule command
  - Remove redundant OpenStackShell.prepare_to_run_command
  - Remove plugin projects from test-requirements.txt
  - neutron: autogenerate docs
  - Incorrect title for service provider
  - Add plugin doc page for watcher
  - Show correct name for resource with quota set to zero
  - Disallow setting default on internal network
  - Fix openstack server list --deleted --marker option
  - Add support for app cred access rules
  - Fix plugin autodoc generation
  - Switch image to use SDK
  - Provide stderr in exception when check_parser fails
  - Microversion 2.79: Add delete_on_termination to volume-attach API
  - Complete switch from glanceclient to SDK for image service
  - Use autoprogram-cliff for remaining plugin docs
  - Bump tox minversion
  - Add unit tests and release note for dns_publish_fixed_ip
  - common: autogenerate docs
  - Update master for stable/train
  - Create Volume v3 functional tests
  - Change dockerhub password
  - Honor endpoint override from config for volume
  - Fix functional tests for py3
  - Stop testing python 2 in tox and zuul.
  - Raise hacking to more recent 2.0.0
  - Now we can add description for role creation in OSC
  - Build utility image for using osc
  - Replace port 35357 with 5000 for 'auth_url'
  - Switch to using osc_lib.utils.tags
  - Split plugin docs per project
  - Fix router create/show if extraroute not supported
  - Add qos_network_policy_id to network port tests
  - Link to (some) plugin doc pages
  - Refactor AggregateTests
  - Remove trailing newline from dockerhub secret
  - Update a stale doc reference to use :neutron-doc:
  - Add dns_publish_fixed_ip attribute to subnets
  - Fix osc-lib interface change: catch osc-lib Forbidden
  - Use SDK to get compute API extensions
  - Add placement to known plugins
  - Update the content about Import Format
  - compute: autogenerate docs
  - versions: Fix 'versions show' help message
  - Add parent project filter for listing projects
  - Raise flake8-import-order version to latest
  - Add 'fields' parameter to ListSecurityGroup query
  - openstack.cli: autogenerate docs
  - Add redirect testing
  - Stop silently ignoring invalid 'server create --hint' options
  - Produce complete content for plugin docs
  - Remove mention of meetings from docs
  - Update image building jobs
  - Add 'openstack server migrate (confirm|revert)' commands
  - Complete 'Drop python2 support' goal
  - Fix faulthy state argument choice

- remove nonsensical update-alternatives, which leaves an empty file behind 

- switch to python 3.x only package

- update to version 4.0.0
  - Batch up minor cleanups for release
  - Bump min osc-lib to 1.14.0
  - Fix RuntimeError when showing project which has extra properties
  - Fix BFV server list handling with --name-lookup-one-by-one
  - Fix typo: 'to and endpoint'
  - Fix functional.base.TestCase.openstack() to optionally omit --os-auth-type
  - Use cliff formattable columns in image commands
  - Add server add/remove volume description for microversion 2.20
  - Document that server dump create requires 2.17
  - Remove code migrated to osc-lib long ago
  - Fix docs bug link to go to storyboard rather than launchpad
  - Mention compute service set --up|--down requires 2.11 or greater
  - Update master for stable/stein
  - Compute: Add description support for server
  - Remove deprecated volume commands and args
  - Volume backup functional test tweak
  - Use cliff formattable columns in network commands
  - Deprecate openstack server migrate --host option
  - Ignore case in security group rule --ethertype
  - Add host and hypervisor_hostname to create servers
  - Delete the LB object quotas set command in openstackclient
  - Rename review.openstack.org to review.opendev.org
  - Fix: incorrect check when no shared/private input
  - Remove deprecated image commands
  - Tweak network segment range fiunction tests
  - Default to Cinder v3 API
  - Fix <id> description for --block-device-mapping
  - Add floating IP Port Forwarding commands
  - Format aggregate command fields and de-race functional tests
  - docs: clarify compute service --service option
  - Fix bug in endpoint group deletion
  - Format location columns in network commands
  - Fix --limit option in image list sub-command
  - Add 'openstack server resize (confirm|revert)' commands
  - openstack port create support --extra-dhcp-option
  - Update release table for Train and 4.0.0
  - Update api-ref location
  - Add openstack server create --boot-from-volume option
  - Microversion 2.73: Support adding the reason behind a server lock
  - Aggregate functional test tweak
  - Bump lower constraint of python-zunclient
  - Follow-up: fix the invalid releasenote link
  - Change default security group protocol to 'any'
  - Followup opendev cleanup and test jobs
  - OpenDev Migration Patch
  - Fix link to new opendev repo
  - Remove token_endpoint auth type
  - Allow 'server migrate' (not live) to take '--host' option
  - Add 'security_group' type support to network rbac commands
  - Bump hacking version
  - Fix: set invalid None project_id on range creation
  - Stop leaving temp files after unit test runs
  - Support type=image with --block-device-mapping option
  - Remove races in floating ip functional tests
  - Remove deprecated network options
  - Use cliff formattable columns in volume v1 commands
  - Fix compute service set handling for 2.53+
  - Add changes-before attribute to server list
  - Use cliff formattable columns in identity commands
  - Support IPv6 addresses better
  - Fix service discovery in functional tests
  - Serialize more aggregate functional tests
  - Update the constraints url
  - Add CLI argument tests before making changes
  - More aggregate functional race chasing
  - Dropping the py35 testing
  - Remove deprecated compute commands
  - Add Python 3 Train unit tests
  - Blacklist Bandit 1.6.0 due to directory exclusion bug
  - Remove deprecated identity commands and args
  - Microversion 2.77: Support Specifying AZ to unshelve
  - Use cliff formattable columns in object storage commands
  - Document 2.53 behavior for compute service list/delete
  - document the --timing option
  - Add server event command documentation for compute API 2.21
  - Update sphinx requirement.
  - Fix module paths for volumev3 volume backup commands
  - Make configuration show not require auth
  - Before writing object data to stdout, re-open it in binary mode
  - Add doc and relnote for review 639652
  - Clean up app initialization and config
  - Use cliff formattable columns in volume v2 commands

- update to version 3.18.0
  - Fix missing trailing spaces in network help messages
  - Add volume backend capability show command
  - Add metavar for name parameter in subnet create
  - Modify the help message for 'registered limit set'
  - image/v2: support multiple property filters
  - Add note about version 2.5 when listing servers using --ip6
  - Add dns-domain support to Network object
  - Fix broken gate jobs
  - Fix 'project purge' deleting wrong project's servers and volumes
  - Support enable/disable uplink status propagation
  - Allow endpoint filtering on both project and project-domain
  - Add --key-name and --key-unset option for server rebuild API.
  - Remove invalid 'unlock-volume' migration arg
  - Default --nic to 'auto' if creating a server with >= 2.37
  - Add monascaclient to `not plugins` list
  - import zuul job settings from project-config
  - Add DNS support to floating IP commands
  - More state handling in volume transfer requests functional tests
  - Updated the take_actions for unified limits
  - More volume functional test fixes
  - Use devstack functional base job
  - Add --property option to 'server rebuild' command
  - This fix removes an erroneous underscore found within the function named
  - Partially Revert 'Add command to unset information from Subnet-pools'
  - API microversion 2.69: Handles Down Cells
  - Don't display router's is_ha and is_distributed attributes always
  - trivial: modify spelling error of project
  - Disabling c-backup service for osc-functional-devstack-tips job
  - Detailed help message for QoS max-burst-kbps value
  - Update release note version reference table
  - Update reno for stable/rocky
  - Update the Neutron CLI decoder document
  - Make use of keystoneauth service-type filtering for versions
  - add python 3.6 unit test job
  - Deprecate volume create --project and --user options
  - Trivial: remove commented-out code
  - Typo fix
  - Change openstack-dev to openstack-discuss
  - Remove str() when setting network objects names
  - Add Python 3.6 classifier to setup.cfg
  - Replace assertEqual(True/False, expr) with assertTrue/assertFalse
  - Remove testr.conf as it's been replaced by stestr
  - Add py36 env
  - add lib-forward-testing-python3 test job
  - Fix inconsistency (nit)
  - osc-included image signing (using openstacksdk)
  - Update the URL in doc
  - Add possibility to filter images using member_status
  - Handle multiple ports in AddFloatingIP
  - Mention 2.51 in help for openstack server event show
  - Add osc repo to the base job definition
  - Add --name-lookup-one-by-one option to server list
  - switch documentation job to new PTI
  - Add floating IP filter to floating IP list command
  - Address issues from volume backend commands
  - Paginate over usage list to return all usages
  - Fix tox python3 overrides
  - Fix i18n issue
  - Add network segment range command object
  - Improve document 'openstack complete'
  - Add volume backup import/export commands
  - Supports router gateway IP QoS
  - Add volume backend pool list command
  - fix multiple server delete produce multiple new lines
  - Fix some spaces in help messages
  - Fix: Restore output 'VolumeBackupsRestore' object is not iterable
  - Fix help message for subnetpool default-quota value
  - Use os-cloud instead of OS env vars for functional tests
  - Fix help message of image add project
  - Handle not having cinderclient.v1 available
  - Mention compute API 2.50 in openstack quota show --class
  - Add support for get details of Quota
  - Add --attached / --detached parameter to volume set
  - add python 3.7 unit test job
  - Remove python-ceilometerclient
  - Use templates for cover and lower-constraints
  - Add project param in LimitList parser

- update to version 3.16.2
  - Fix 'project purge' deleting wrong project's servers and volumes
  - Allow endpoint filtering on both project and project-domain
  - Handle multiple ports in AddFloatingIP
  - Default --nic to 'auto' if creating a server with >= 2.37

- update to version 3.16.1
  - Update UPPER_CONSTRAINTS_FILE for stable/rocky
  - Update .gitreview for stable/rocky
  - import zuul job settings from project-config
  - Fix broken gate jobs

- update to version 3.16.0
  - Implement support for registered limits
  - Prevent 'server migrate --wait' from hanging
  - Pass volume snapshot size to volume create
  - Update reno for stable/queens
  - neutron: add --mtu for create/set network
  - Make osc-functional-devstack-tips actually use tips
  - Update role document to include system parameter
  - Imported Translations from Zanata
  - Format port_details field of Floating IP
  - Rename python-openstacksdk to openstacksdk
  - Fix limits show command without Nova and Cinder
  - Clean up W503 and E402 pep8 errors
  - Correct application credential usage doc
  - Use Server.to_dict() rather than Server._info
  - Support filtering port with IP address substring
  - Retry floating IP tests
  - Remove deprecated ip floating commands
  - Fix volume type functional tests
  - Display private flavors in server list
  - Fix server show for microversion 2.47
  - compute: host: expand kwargs in host_set() call
  - Zuul: Remove project name
  - Add release note link in README
  - Fix docs from I0dc80bee3ba6ff4ec8cc3fc113b6de7807e0bf2a
  - Add support for endpoint group commands
  - Fix crashing 'console log show'
  - Add project tags functionality
  - Fix additional output encoding issues
  - Add ability to filter image list by tag
  - Replace pbr autodoc with sphinxcontrib-apidoc
  - Add help for nova interface-list to decoder
  - Slow down and retry aggregate create/delete to lessen race
  - Add --image-property parameter in 'server create'
  - Change bug url to a correct one
  - Add support for '--dns-domain' argument
  - Add cliff project link
  - Update command test for volume.v3
  - Fix the `role implies list` command.
  - Add command to show all service versions
  - compute: limit the service's force down command above 2.10
  - Update help text for encryption provider
  - Update links in README
  - Trivial: Update pypi url to new url
  - Add system role functionality
  - Remove duplicated network attributes
  - Fix tox -e venv -- reno new <slug>
  - Implement support for project limits
  - Add bgp commands to neutron decoder
  - Add support to list image members
  - Release note cleanup for 3.16.0 release
  - Allow setting network-segment on subnet update
  - Use find_ip from openstacksdk
  - Network: Add tag support for security group
  - Skip calls to glance and nova when got no servers
  - Network: Add tag support for floating ip
  - Fix typo in 'floating ip associate' command and doc
  - Fix functional job failed
  - Cleanup error messages on failure
  - Don't sent disk_over_commit if nova api > 2.24
  - Add CRUD support for application credentials
  - Optimize _prep_server_detail to avoid redundant find_resource
  - Fix error with image show when image name is None
  - Make max_burst_kbps option as optional for bw limit QoS rule
  - Fix subnet host_routes error
  - add lower-constraints job
  - Re-implement novaclient bits removed in 10.0
  - Adding api_version to FakeApp
  - Make functional-tips job voting
  - Do not require port argument when updating floating IP
  - Support --community in openstack image list
  - Fix lower-constraints.txt
  - Compute: Add description support for flavor
  - Updated from global requirements
  - Make Profile fallback go bye-bye
  - Fix urls in README.rst

This update for python-openstackdocstheme the following issues:
    
- update to version 2.0.2 (bsc#1191205):
  * [ussuri][goal] Drop python 2.7 support and testing

This update for python-oslo.context the following issues:
    
- update to 3.0.2 (bsc#1191205):
  * Update hacking for Python3
  * Filter out auth\_token\_info from logging values
  * trivial: Cleanup tox.ini
  * remove outdated header
  * reword releasenote for py27 support dropping
  * Drop python 2.7 support and testing
  * tox: Trivial cleanup
  * tox: Trivial cleanup
  * Bump the openstackdocstheme extension to 1.20
  * gitignore: Hide reno cache files
  * tox: Stop using 'python setup.py test'
  * Switch to Ussuri jobs
  * tox: Keeping going with docs
  * Switch to Ussuri jobs
  * Update the constraints url
  * Update master for stable/train
  * Add Python 3 Train unit tests
  * Cap Bandit below 1.6.0 and update Sphinx requirement
  * Replace git.openstack.org URLs with opendev.org URLs
  * OpenDev Migration Patch
  * Dropping the py35 testing
  * Update master for stable/stein
  * add python 3.7 unit test job
  * Update hacking version
  * Use template for lower-constraints
  * Update mailinglist from dev to discuss
  * Implement domain-scope for context objects
  * Clean up .gitignore references to personal tools
  * Always build universal wheels
  * add lib-forward-testing-python3 test job
  * add python 3.6 unit test job
  * import zuul job settings from project-config
  * import zuul job settings from project-config
  * Update reno for stable/rocky
  * Switch to stestr
  * Add release notes link to README
  * fix tox python3 overrides
  * Implement system-scope
  * Remove stale pip-missing-reqs tox test
  * Trivial: Update pypi url to new url
  * Switch pep8 job to python 3
  * add lower-constraints job
  * pypy not checked at gate
  * Updated from global requirements
  * Update links in README
  * Add -W for document build
  * Update reno for stable/queens
  * Updated from global requirements

This update for python-oslosphinx the following issues:
    
- switch to stable/ussuri spec template (bsc#1191205) 

This update for python-reno the following issues:
    
- update to version 3.0.1 (bsc#1191205)
  * Add python 3.6 unit test job
  * Update the min version of tox to 2.0
  * Switch to use stestr for unit test
  * Update sphinx extension logging
  * only override config values from command line if they are actually set
  * refactor handling of missing config files for better testing
  * update test fixtures to capture log output
  * build universal wheels
  * update the oudated URL in doc
  * sphinxext: Use unicode\_literals
  * Use unicode for debug string
  * link to the europython 2018 presentation about reno
  * build our docs with the lower-constraints
  * update sphinx to at least 1.6.1
  * move sphinx flags to tox.ini
  * add lower-constraints tox environment and job
  * Migrate the link of bug report button to storyboard
  * Allow tags prefixed with v in default regex
  * move package publishing template back to project-config
  * fix documentation project template
  * Fix traceback when no args are passed to reno
  * sphinxext: Use 'sphinx.util.logging'
  * switch doc and pypi jobs to use python3
  * import zuul job settings from project-config
  * fix tox python3 overrides
  * report line numbers for generated content more accurately
  * tests: Use mock decorator instead of context manager
  * preserve the order of tags when reading the cache file
  * include the branch name in anchors to make them more unique
  * report when loading data from the cache file
  * Streamline published release notes
  * Collapse Unreleased and Mainline sections
  * Make section titles have stable anchor links
  * Integrate a setuptools command
  * Enhance the travis hack
  * add unreleased\_version\_title configuration option
  * Add usage with travis CI to docs
  * cleanups for dev workflow descriptions
  * doc: Note development workflows supported by reno
  * update bug report URLs to use storyboard
  * Update links in 'README'
  * Update url in 'HACKING.rst'
  * trivial change to contributing instructions

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:692-1
Released:    Thu Mar  3 15:46:47 2022
Summary:     Recommended update for filesystem
Type:        recommended
Severity:    moderate
References:  1190447
This update for filesystem fixes the following issues:

- Release ported filesystem to LTSS channels (bsc#1190447).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:696-1
Released:    Thu Mar  3 16:18:29 2022
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    important
References:  1195230,1195682,CVE-2022-22753,CVE-2022-22754,CVE-2022-22756,CVE-2022-22759,CVE-2022-22760,CVE-2022-22761,CVE-2022-22763,CVE-2022-22764
This update for MozillaFirefox fixes the following issues:

Firefox Extended Support Release 91.6.0 ESR / MFSA 2022-05 (bsc#1195682)

- CVE-2022-22753: Privilege Escalation to SYSTEM on Windows via Maintenance Service
- CVE-2022-22754: Extensions could have bypassed permission confirmation during update
- CVE-2022-22756: Drag and dropping an image could have resulted in the dropped object being an executable
- CVE-2022-22759: Sandboxed iframes could have executed script if the parent appended elements
- CVE-2022-22760: Cross-Origin responses could be distinguished between script and non-script content-types
- CVE-2022-22761: frame-ancestors Content Security Policy directive was not enforced for framed extension pages
- CVE-2022-22763: Script Execution during invalid object state
- CVE-2022-22764: Memory safety bugs fixed in Firefox 97 and Firefox ESR 91.6


Firefox Extended Support Release 91.5.1 ESR (bsc#1195230)

- Fixed an issue that allowed unexpected data to be submitted in some of our search telemetry

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2022:718-1
Released:    Fri Mar  4 10:10:19 2022
Summary:     Feature update for duperemove
Type:        feature
Severity:    moderate
References:  
This feature update for duperemove fixes the following issue:

Update from version 0.11.beta4 to version 0.11.3 (jsc#SLE-11306)

- Increase open file limit.
- Create hash database file with 600 permission for improved security.
- Read more data per pread, for v2 hashfile format this reduces the overall number of syscalls made which in turns 
  results in better performance.
- Fix truncated file handling, eliminating a an infinite loop case.
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:720-1
Released:    Fri Mar  4 10:20:28 2022
Summary:     Security update for containerd
Type:        security
Severity:    moderate
References:  1196441,CVE-2022-23648
This update for containerd fixes the following issues:

- CVE-2022-23648: A specially-crafted image configuration could gain access to 
  read-only copies of arbitrary files and directories on the host (bsc#1196441).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:722-1
Released:    Fri Mar  4 10:28:09 2022
Summary:     Security update for wireshark
Type:        security
Severity:    important
References:  1195866,1195867,1195868,1195869,1195870,CVE-2022-0581,CVE-2022-0582,CVE-2022-0583,CVE-2022-0585,CVE-2022-0586
This update for wireshark fixes the following issues:

Update to Wireshark 3.6.2:

- CVE-2022-0586: RTMPT dissector infinite loop (bsc#1195866)
- CVE-2022-0585: Large loops in multiple dissectors (bsc#1195867)
- CVE-2022-0583: PVFS dissector crash (bsc#1195868)
- CVE-2022-0582: CSN.1 dissector crash (bsc#1195869)
- CVE-2022-0581: CMS dissector crash (bsc#1195870)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:735-1
Released:    Fri Mar  4 14:49:47 2022
Summary:     Security update for zsh
Type:        security
Severity:    important
References:  1163882,1196435,CVE-2019-20044,CVE-2021-45444
This update for zsh fixes the following issues:

- CVE-2021-45444: Fixed a vulnerability where arbitrary shell commands could be 
  executed related to prompt expansion (bsc#1196435).
- CVE-2019-20044: Fixed a vulnerability where shell privileges would not be
  properly dropped when unsetting the PRIVILEGED option (bsc#1163882).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:769-1
Released:    Wed Mar  9 09:23:56 2022
Summary:     Security update for libcaca
Type:        security
Severity:    important
References:  1184751,1184752,CVE-2021-30498,CVE-2021-30499
This update for libcaca fixes the following issues:

- CVE-2021-30498, CVE-2021-30499: If an image has a size of 0x0, when exporting, no 
  data is written and space is allocated for the header only, not taking into
  account that sprintf appends a NUL byte (bsc#1184751, bsc#1184752).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:772-1
Released:    Wed Mar  9 09:44:13 2022
Summary:     Recommended update for icewm-theme-branding
Type:        recommended
Severity:    moderate
References:  1195328,1196336
This update for icewm-theme-branding fixes the following issues:

- Fix font configuration after google-droid-fonts update
  (bsc#1195328 bsc#1196336)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:773-1
Released:    Wed Mar  9 09:53:03 2022
Summary:     Recommended update for fwupd
Type:        recommended
Severity:    moderate
References:  1193921
This update for fwupd fixes the following issues:

- Ignore non-PCI NVMe devices (e.g. NVMe-over-Fabrics) when probing (bsc#1193921)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:775-1
Released:    Wed Mar  9 12:55:03 2022
Summary:     Recommended update for pciutils
Type:        recommended
Severity:    moderate
References:  1192862
This update for pciutils fixes the following issues:

- Report the theoretical speeds for PCIe 5.0 and 6.0 (bsc#1192862) 

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2022:781-1
Released:    Wed Mar  9 15:00:10 2022
Summary:     Optional update for SUSE Package Hub
Type:        optional
Severity:    moderate
References:  
This optional update provides the following changes:

- Provide binaries for non x86_64 architectures directly to SUSE Package Hub.
- There are no visible changes for the final user.
- Affected source packages: MozillaThunderbird, enigmail

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:783-1
Released:    Wed Mar  9 15:16:36 2022
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    important
References:  1196809,CVE-2022-26485,CVE-2022-26486
This update for MozillaFirefox fixes the following issues:

Firefox Extended Support Release 91.6.1 ESR (bsc#1196809):

- CVE-2022-26485: Use-after-free in XSLT parameter processing
- CVE-2022-26486: Use-after-free in WebGPU IPC Framework

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:789-1
Released:    Thu Mar 10 11:22:05 2022
Summary:     Recommended update for update-alternatives
Type:        recommended
Severity:    moderate
References:  1195654
This update for update-alternatives fixes the following issues:

- Break bash - update-alternatives cycle rewrite of '%post' in 'lua'. (bsc#1195654)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:791-1
Released:    Thu Mar 10 11:53:04 2022
Summary:     Recommended update for scap-security-guide
Type:        recommended
Severity:    moderate
References:  
This update for scap-security-guide fixes the following issues:

scap-security-guide (ComplianceAsCode) was updated to 0.1.60 (jsc#ECO-3319)

- Various bugfixes
- New draft stig profile v1r1 for OL8
- New product Amazon EKS platform and initial CIS profiles
- New product CentOS Stream 9, as a derivative from RHEL9 product

Note that SUSE only supports for SUSE Linux Enterprise 12 and 15:

- STIG profiles
- HIPAA profiles
- PCI-DSS profiles

The CIS profile is community supplied and currently not supported by SUSE.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:792-1
Released:    Thu Mar 10 11:58:18 2022
Summary:     Recommended update for suse-build-key
Type:        recommended
Severity:    moderate
References:  1194845,1196494,1196495
This update for suse-build-key fixes the following issues:

- The old SUSE PTF key was extended, but also move it to suse_ptf_key_old.asc (as it is a DSA1024 key).
- Added a new SUSE PTF key with RSA2048 bit as suse_ptf_key.asc (bsc#1196494)
- Extended the expiry of SUSE Linux Enterprise 11 key (bsc#1194845)
- Added SUSE Container signing key in PEM format for use e.g. by cosign.
- The SUSE security key was replaced with 2022 edition (E-Mail usage only). (bsc#1196495)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:804-1
Released:    Thu Mar 10 17:52:55 2022
Summary:     Security update for MozillaThunderbird
Type:        security
Severity:    important
References:  1196809,CVE-2022-26485,CVE-2022-26486
This update for MozillaThunderbird fixes the following issues:

Mozilla Thunderbird 91.6.2 (bsc#1196809):

- CVE-2022-26485: Use-after-free in XSLT parameter processing
- CVE-2022-26486: Use-after-free in WebGPU IPC Framework

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:808-1
Released:    Fri Mar 11 06:07:58 2022
Summary:     Recommended update for procps
Type:        recommended
Severity:    moderate
References:  1195468
This update for procps fixes the following issues:

- Stop registering signal handler for SIGURG, to avoid `ps` failure if
  someone sends such signal. Without the signal handler, SIGURG will
  just be ignored. (bsc#1195468)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:815-1
Released:    Mon Mar 14 10:21:35 2022
Summary:     Security update for flac
Type:        security
Severity:    moderate
References:  1196660,CVE-2021-0561
This update for flac fixes the following issues:

- CVE-2021-0561: Fixed out of bound write in append_to_verify_fifo_interleaved_ (bsc#1196660).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:816-1
Released:    Mon Mar 14 10:22:04 2022
Summary:     Security update for java-11-openjdk
Type:        security
Severity:    moderate
References:  1194925,1194926,1194927,1194928,1194929,1194930,1194931,1194932,1194933,1194934,1194935,1194937,1194939,1194940,1194941,CVE-2022-21248,CVE-2022-21277,CVE-2022-21282,CVE-2022-21283,CVE-2022-21291,CVE-2022-21293,CVE-2022-21294,CVE-2022-21296,CVE-2022-21299,CVE-2022-21305,CVE-2022-21340,CVE-2022-21341,CVE-2022-21360,CVE-2022-21365,CVE-2022-21366
This update for java-11-openjdk fixes the following issues:

- CVE-2022-21248: Fixed incomplete deserialization class filtering in ObjectInputStream. (bnc#1194926)
- CVE-2022-21277: Fixed incorrect reading of TIFF files in TIFFNullDecompressor. (bnc#1194930)
- CVE-2022-21282: Fixed Insufficient URI checks in the XSLT TransformerImpl. (bnc#1194933)
- CVE-2022-21283: Fixed unexpected exception thrown in regex Pattern. (bnc#1194937)
- CVE-2022-21291: Fixed Incorrect marking of writeable fields. (bnc#1194925)
- CVE-2022-21293: Fixed Incomplete checks of StringBuffer and StringBuilder during deserialization. (bnc#1194935)
- CVE-2022-21294: Fixed Incorrect IdentityHashMap size checks during deserialization. (bnc#1194934)
- CVE-2022-21296: Fixed Incorrect access checks in XMLEntityManager. (bnc#1194932)
- CVE-2022-21299: Fixed Infinite loop related to incorrect handling of newlines in XMLEntityScanner. (bnc#1194931)
- CVE-2022-21305: Fixed Array indexing issues in LIRGenerator. (bnc#1194939)
- CVE-2022-21340: Fixed Excessive resource use when reading JAR manifest attributes. (bnc#1194940)
- CVE-2022-21341: Fixed OpenJDK: Insufficient checks when deserializing exceptions in ObjectInputStream. (bnc#1194941)
- CVE-2022-21360: Fixed Excessive memory allocation in BMPImageReader. (bnc#1194929)
- CVE-2022-21365: Fixed Integer overflow in BMPImageReader. (bnc#1194928)
- CVE-2022-21366: Fixed Excessive memory allocation in TIFF*Decompressor. (bnc#1194927)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:817-1
Released:    Mon Mar 14 10:22:28 2022
Summary:     Security update for xstream
Type:        security
Severity:    moderate
References:  1195458,CVE-2021-43859
This update for xstream fixes the following issues:
 
- CVE-2021-43859: Fixed a denial of service when unmarshalling highly recursive collections or maps (bsc#1195458).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:818-1
Released:    Mon Mar 14 10:23:01 2022
Summary:     Security update for tomcat
Type:        security
Severity:    important
References:  1195255,1196137,CVE-2022-23181
This update for tomcat fixes the following issues:

Security issues fixed:

- CVE-2022-23181: Make calculation of session storage location more robust (bsc#1195255)
- Remove log4j (bsc#1196137) 

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:821-1
Released:    Mon Mar 14 14:52:30 2022
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    important
References:  1196900,CVE-2022-26381,CVE-2022-26383,CVE-2022-26384,CVE-2022-26386,CVE-2022-26387
This update for MozillaFirefox fixes the following issues:

Firefox Extended Support Release 91.7.0 ESR (bsc#1196900):

- CVE-2022-26383: Browser window spoof using fullscreen mode
- CVE-2022-26384: iframe allow-scripts sandbox bypass
- CVE-2022-26387: Time-of-check time-of-use bug when verifying add-on signatures
- CVE-2022-26381: Use-after-free in text reflows
- CVE-2022-26386: Temporary files downloaded to /tmp and accessible by other local users

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:846-1
Released:    Tue Mar 15 11:41:51 2022
Summary:     Recommended update for log4j
Type:        recommended
Severity:    moderate
References:  

This update ships log4j 2.17.1 to the SUSE Linux Enterprise Basesystem module. (jsc#SLE-23508)

- Removed alias log4j:log4j from log4j-1.2-api, since it is not a
  drop-in replacement

Update to 2.17.1.

Fixed bugs:

- JdbcAppender now uses JndiManager to access JNDI resources.
  JNDI is only enabled when system property log4j2.enableJndiJdbc 
  is set to true.
- Remove unused method.
- ExtendedLoggerWrapper.logMessage no longer double-logs when
  location is requested.
- log4j-to-slf4j no longer re-interpolates formatted message
  contents.
- Correct SpringLookup package name in Interpolator.
- log4j-to-slf4j takes the provided MessageFactory into account.
- Fix MapLookup to lookup MapMessage before DefaultMap.
- Buffered I/O checked had inverted logic in 
  RollingFileAppenderBuidler.
- Fix NPE when input is null in 
  StrSubstitutor.replace(String, Properties).
- Lookups with no prefix only read values from the configuration
  properties as expected.
- Reduce ignored package scope of KafkaAppender.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:849-1
Released:    Tue Mar 15 13:18:56 2022
Summary:     Recommended update for python-kiwi
Type:        recommended
Severity:    important
References:  1196644
This update for python-kiwi fixes the following issues:

- Don't exit the script on deprecated function use (bsc#1196644)
  * The 'exit 0' stops processing of the calling script with a success exit code, which leads to incomplete 
    and broken images.
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:856-1
Released:    Tue Mar 15 19:31:39 2022
Summary:     Security update for openssl-1_0_0
Type:        security
Severity:    important
References:  1196877,CVE-2022-0778
This update for openssl-1_0_0 fixes the following issues:

- CVE-2022-0778: Infinite loop in BN_mod_sqrt() reachable when parsing certificates (bsc#1196877).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:861-1
Released:    Tue Mar 15 23:31:21 2022
Summary:     Recommended update for openssl-1_1 
Type:        recommended
Severity:    moderate
References:  1182959,1195149,1195792,1195856
This update for openssl-1_1 fixes the following issues:

openssl-1_1:

- Fix PAC pointer authentication in ARM (bsc#1195856)
- Pull libopenssl-1_1 when updating openssl-1_1 with the same version (bsc#1195792)
- FIPS: Fix function and reason error codes (bsc#1182959)
- Enable zlib compression support (bsc#1195149)
    
glibc:

- Resolve installation issue of `glibc-devel` in SUSE Linux Enterprise Micro 5.1
    
linux-glibc-devel:

- Resolve installation issue of `linux-kernel-headers` in SUSE Linux Enterprise Micro 5.1

libxcrypt:

- Resolve installation issue of `libxcrypt-devel` in SUSE Linux Enterprise Micro 5.1

zlib:

- Resolve installation issue of `zlib-devel` in SUSE Linux Enterprise Micro 5.1

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:862-1
Released:    Wed Mar 16 05:32:11 2022
Summary:     Recommended update for SAPHanaSR-ScaleOut
Type:        recommended
Severity:    important
References:  1182774,1189532,1189533,1189540
This update for SAPHanaSR-ScaleOut fixes the following issues:

- Add systemd support for the resource agent to interact with the new SAP unit files for sapstartsrv.
  As the new version of the SAP Startup Framework uses systemd unit files to control the sapstartsrv process instead of
  the previous used SysV init script, the handling of sapstartsrv inside the resource agents is adapted to support both
  ways. (bsc#1189532, bsc#1189533)
- Add dedicated logging of HANA_CALL problems. It is now possible to identify if the called `hana` command or the needed
  `su` command throws the error, and for further hints it logs the stderr output.
  Additionally it is possible to get regular log messages for the used commands, their return code and their stderr
  output by enabling the 'debug' mode of the resource agents. (bsc#1182774)
- Add switch 'cib_access' to the SAPHanaSrMultiTarget hook to give control over the hook runtime.
  Default is 'all-on' which means there are 3 cib calls performed inside the hook script. Changing the value of 
  'cib_access' inside the global.ini file to'site-on' to perform the absolute minimum cib calls  (only one). 
  (bsc#1189540)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:863-1
Released:    Wed Mar 16 05:32:42 2022
Summary:     Recommended update for sapstartsrv-resource-agents
Type:        recommended
Severity:    important
References:  1189529,1193568
This update for sapstartsrv-resource-agents fixes the following issues:

- Add systemd support for the resource agent to interact with the new SAP unit files for sapstartsrv.
  As the new version of the SAP Startup Framework uses systemd unit files to control the sapstartsrv process instead
  of the previous used SysV init script, handling of sapstartsrv inside the resource agents is adapted to support both
  ways (bsc#1189529)
- Prevent false posivite with pgrep in function '_get_status' (bsc#1193568)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:864-1
Released:    Wed Mar 16 05:33:13 2022
Summary:     Recommended update for SAPHanaSR
Type:        recommended
Severity:    important
References:  1174557,1181765,1182201,1182545,1182774,1189530,1189531
This update for SAPHanaSR fixes the following issues:

- Add systemd support for the resource agent to interact with the new SAP unit files for sapstartsrv.
  As the new version of the SAP Startup Framework will use systemd unit files to control the sapstartsrv process
  instead of the previous used SysV init script, the handling of sapstartsrv inside the resource agents is adapted 
  to support both ways. (bsc#1189530, bsc#1189531)
- The resource start and stop timeout is now configurable by increasing the timeout for the action 'start' and/or 
  'stop'. 95% of this action timeouts will be used to calculate the new resource start and stop timeout for the 
  'WaitforStarted' and 'WaitforStopped' functions. If the new, calculated timeout value is less than '3600', it will 
  be set to '3600', so that we do not decrease this timeout by accident. (bsc#1182545)
- Change promotion scoring during maintenance procedure to prevent that both sides have an equal promotion scoring after
  refresh which might result in a critical promotion of the secondary. (bsc#1174557)
- Update of man page SAPHanaSR.py.7 - correct the supported HANA version (bsc#1182201)
- If the $hdbState command fails to retrieve the current state of the System Replication, the resource agent now uses
  the system_replication/actual_mode attribute (if available) from the global.ini file as a fallback.
  This should prevent some confusing and misleading log messages during a takeover and solves the problem of a not
  working takeover back (after a successful first takeover) (bsc#1181765)
- Add dedicated logging of HANA_CALL problems. It is now possible to identify if the called `hana` command or the
  needed `su` command throws the error, and for further hints it logs the stderr output.
  Additionally it is possible to get regular log messages for the used commands, their return code and their stderr 
  output by enabling the 'debug' mode of the resource agents (bsc#1182774)

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2022:868-1
Released:    Wed Mar 16 07:16:06 2022
Summary:     Feature update for tcl and tk
Type:        feature
Severity:    moderate
References:  1138797,1185662,1195257,903017,CVE-2021-35331
This feature update for tcl and tk fixes the following issues:

Update tcl and tk to version 8.6.12 (jsc#SLE-21016, jsc#SLE-23284):

- Move tcl.macros to /usr/lib/rpm/macros.d (bsc#1185662) 
- Use FAT LTO objects in order to provide proper static library (bsc#1138797)
- Fix a bug in itcl that was affecting iwidgets (bsc#903017)
- Add [combobox current] support 'end' index
- Add fixes in [text] bindings
- Add missing 'deferred clear code' support to GIF photo images
- Add new virtual event <<TkWorldChanged>> 
- Add new keycodes: CodeInput, SingleCandidate, MultipleCandidate, PreviousCandidate
- Add new support for POSIX error: EILSEQ
- Add new command [tcl::unsupported::corotype]
- Add new command [tcl::unsupported::timerate] for performance testing
- Add new option -state to [ttk::scale]
- Add portable keycodes: OE, oe, Ydiaeresis
- Add support for backrefs in [array names -regexp]
- Add support for Unicode 14
- Disfavor Master/Slave terminology
- Enhance [oo::object] to acquire or lose a class identity dynamically
- Fix canvas rotated text overlap detection
- Fix canvas closed polylines yo fully honor -joinstyle
- Fix display of Long non-wrapped lines in text
- Fix display treeview focus ring when -selectmode none
- Fix focus events not to break entry validation
- Fix [package prefer stable] failing case
- Fix auto_path initialization by Safe Base interps
- Fix bad interaction between grab and mouse pointer warp
- Fix borderwidth calculations on menu items
- Fix cascade tearoff menu redraw artifacts
- Fix coords rounding when drawing canvas items
- Fix corrupt result from [$c postscript] with -file or -channel
- Fix errno management in socket full close
- Fix failure when a [proc] argument name is computed, not literal
- Fix focus on unmapped windows
- Fix handling of duplicates in spinbox -values list
- Fix incomplete read of multi-image GIF
- Fix initialization order of static package in wish 
- Fix issue when trying to display angled text without Xft
- Fix issue with font initialization when no font is installed
- Fix problems with Noto Color Emoji font
- Fix race conditions in [file delete] and [file mkdir]
- Fix Std channel initialization for multi-thread operations
- Fix tearoff menu redraw artifacts
- Fix up arrow key in [text] to correctly move cursor to index 1.0
- Fix various cursor issues
- Fix various encoding issues
- Fix various fontchooser issues
- Fix various issues causing crashes and hang in
- Fix various memory issues
- Fix various scrolling bugs and add improvements
- Fix 32/64-bit confusion of FS DIR operations reported for AIX
- Improve appearance of text selection in [*entry] widgets
- Improve checkbutton handling of -selectcolor
- Improve handling of resolution changes
- Improve multi-thread safety when Xft is in use 
- Improve ttk high-contrast-mode support
- Improve emoji support
- Improve legacy support for [tk_setPalette]
- Make combobox -postoffset option work with default style
- Make spinbox use proper names in query of option database
- Menu flaws when empty menubar clicked
- New index argument in [$menubutton post x y index]
- Preserve canvas tag list order during add/delete
- Prevent cross-manager loops of geom management
- Rewrite of zlib inflation for multi-stream and completeness
- Run fileevents in proper thread after [thread::attach $channel]
- Stop [unload] corruption of list of loaded packages
- Stop app switching exposing withdrawn windows as zombies
- Tk now denied access to PRIMARY selection from safe interps
- TkpDrawAngledCharsInContext leaked a CGColor
- Try to restore Tcl's [update] command when Tk is unloaded
- Changed [info * methods] to include mixins
- [package require] is now NR-enabled

The following fixes might show some potential incompatibilities with existing software:

- Revised [binary (en|de)code base64] for RFC compliance and roundtrip
- Tcl_DStringAppendElement # quoting precision, dstring-2.13, dstring-3.10
- Extended [clock scan] ISO format and time zone support
- Allow for select/copy from disabled text widget on all platforms
- Revised case of [info loaded] module names
- [info hostname] reports DNS name, not NetBIOS name
- Force -eofchar \032 when evaluating library scripts
- Revised error messages: 'too few' => 'not enough'
- Performed rewrite of Tk event loop to prevent ring overflow
- Refactored all MouseWheel bindings
- Revised precision of ::scale widget tick mark values
- Prevent transient window cycles (crashed on Aqua)
- Builds no longer use -lieee
- Quoting of command line arguments by [exec] on Windows revised. Prior
  quoting rules left holes where some values would not pass through, but
  could trigger substitutions or program execution. See
  https://core.tcl-lang.org/tcl/info/21b0629c81 
- [lreplace] accepts all out-of-range index values

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:872-1
Released:    Wed Mar 16 10:35:02 2022
Summary:     Security update for stunnel
Type:        security
Severity:    important
References:  1181400,1182529
This update for stunnel fixes the following issues:

Update to 5.62 including new features and bugfixes:

  * Security bugfixes
    - The 'redirect' option was fixed to properly handle unauthenticated requests (bsc#1182529).
    - Fixed a double free with OpenSSL older than 1.1.0.
    - Added hardening to systemd service (bsc#1181400).
  * New features
    - Added new 'protocol = capwin' and 'protocol = capwinctrl' configuration file options.
    - Added support for the new SSL_set_options() values.
    - Added a bash completion script.
    - New 'sessionResume' service-level option to allow or disallow session resumption
    - Download fresh ca-certs.pem for each new release.
    - New 'protocolHeader' service-level option to insert custom 'connect' protocol negotiation headers.
      This feature can be used to impersonate other software (e.g. web browsers).
    - 'protocolHost' can also be used to control the client SMTP protocol negotiation HELO/EHLO value.
    - Initial FIPS 3.0 support.
    - Client-side 'protocol = ldap' support
  * Bugfixes
    - Fixed a transfer() loop bug.
    - Fixed reloading configuration with 'systemctl reload stunnel.service'.
    - Fixed incorrect messages logged for OpenSSL errors.
    - Fixed 'redirect' with 'protocol'.  This combination is not supported by 'smtp', 'pop3' and 'imap' protocols.
    - X.509v3 extensions required by modern versions of OpenSSL are added to generated self-signed test certificates.
    - Fixed a tiny memory leak in configuration file reload error handling.
    - Fixed engine initialization.
    - FIPS TLS feature is reported when a provider or container is available, and not when FIPS control API is available.
    - Fix configuration reload when compression is used
    - Fix test suite fixed not to require external connectivity

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:873-1
Released:    Wed Mar 16 10:36:01 2022
Summary:     Security update for java-1_8_0-openjdk
Type:        security
Severity:    important
References:  1193314,1193444,1193491,1194926,1194928,1194929,1194931,1194932,1194933,1194934,1194935,1194937,1194939,1194940,1194941,1195163,CVE-2022-21248,CVE-2022-21282,CVE-2022-21283,CVE-2022-21293,CVE-2022-21294,CVE-2022-21296,CVE-2022-21299,CVE-2022-21305,CVE-2022-21340,CVE-2022-21341,CVE-2022-21349,CVE-2022-21360,CVE-2022-21365
This update for java-1_8_0-openjdk fixes the following issues:

Update to version jdk8u322 (icedtea-3.22.0)

Including the following security fixes:

- CVE-2022-21248, bsc#1194926: Enhance cross VM serialization
- CVE-2022-21283, bsc#1194937: Better String matching
- CVE-2022-21293, bsc#1194935: Improve String constructions
- CVE-2022-21294, bsc#1194934: Enhance construction of Identity maps
- CVE-2022-21282, bsc#1194933: Better resolution of URIs
- CVE-2022-21296, bsc#1194932: Improve SAX Parser configuration management
- CVE-2022-21299, bsc#1194931: Improved scanning of XML entities
- CVE-2022-21305, bsc#1194939: Better array indexing
- CVE-2022-21340, bsc#1194940: Verify Jar Verification
- CVE-2022-21341, bsc#1194941: Improve serial forms for transport
- CVE-2022-21349: Improve Solaris font rendering
- CVE-2022-21360, bsc#1194929: Enhance BMP image support
- CVE-2022-21365, bsc#1194928: Enhanced BMP processing

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:876-1
Released:    Wed Mar 16 10:51:39 2022
Summary:     Recommended update for xorg-x11-server
Type:        recommended
Severity:    moderate
References:  1188970,1196577
This update for xorg-x11-server fixes the following issue:

- Fix segmentation fault during terminal switches with multiple attached displays. (bsc#1188970)
- Fix a regression that may cause gdm/lightdm fail to start. (bsc#1196577)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:884-1
Released:    Thu Mar 17 09:47:43 2022
Summary:     Recommended update for python-jsonschema, python-rfc3987, python-strict-rfc3339
Type:        recommended
Severity:    moderate
References:  1082318
This update for python-jsonschema, python-rfc3987, python-strict-rfc3339 fixes the following issues:

- Add patch to fix build with new webcolors.

- update to version 3.2.0 (jsc#SLE-18756):
  * Added a format_nongpl setuptools extra, which installs only format
    dependencies that are non-GPL (#619).

- specfile:
  * require python-importlib-metadata
- update to version 3.1.1:
  * Temporarily revert the switch to js-regex until #611 and #612 are
    resolved.
- changes from version 3.1.0:
  - Regular expressions throughout schemas now respect the ECMA 262
    dialect, as recommended by the specification (#609).

- Activate more of the test suite
- Remove tests and benchmarking from the runtime package
- Update to v3.0.2
  - Fixed a bug where 0 and False were considered equal by
    const and enum
- from v3.0.1
  - Fixed a bug where extending validators did not preserve their 
    notion of which validator property contains $id information.

- Update to 3.0.1:
  - Support for Draft 6 and Draft 7
  - Draft 7 is now the default
  - New TypeChecker object for more complex type definitions (and overrides)
  - Falling back to isodate for the date-time format checker is no longer attempted, in accordance with the specification

- Use %license instead of %doc (bsc#1082318)

- Remove hashbang from runtime module
- Replace PyPI URL with https://github.com/dgerber/rfc3987
- Activate doctests

- Add missing runtime dependency on timezone
- Replace dead link with GitHub URL
- Activate test suite

- Trim bias from descriptions.

- Initial commit, needed by flex
-----------------------------------------------------------------
Advisory ID: SUSE-OU-2022:885-1
Released:    Thu Mar 17 09:47:48 2022
Summary:     Optional update for SUSE Package Hub
Type:        optional
Severity:    moderate
References:  
This optional update provides the following changes:

- Provide binaries for non x86_64 architectures directly to SUSE Package Hub.
- There are no visible changes for the final user.
- Affected source packages: freerdp, libgsm
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:898-1
Released:    Fri Mar 18 09:34:38 2022
Summary:     Recommended update for lifecycle-data-sle-module-live-patching
Type:        recommended
Severity:    moderate
References:  1020320
This update for lifecycle-data-sle-module-live-patching fixes the following issues:

- Added data for 5_3_18-150300_59_43, 5_3_18-24_99, 5_3_18-59_40. (bsc#1020320)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:899-1
Released:    Fri Mar 18 09:34:51 2022
Summary:     Recommended update for smartmontools
Type:        recommended
Severity:    moderate
References:  1195785
This update for smartmontools fixes the following issues:

- Restart smartd and generate smartd_opts only if there are real sysconfig changes; do not trigger generate_smartd_opts by YaST, systemd is enough. (bsc#1195785)

- Update smartmontools to the latest version from the upstream branch. (jsc#SLE-21751)
-  Fix update needed logic.

- update to 7.2 (jsc#SLE-21751):
  - smartctl: New option '--json=y[c]' selects YAML output.
  - smartctl '-i': Prints ATA TRIM and Zoned Device capabilities.
  - smartctl '-j': Fixed 'scsi_grown_defect_list' value.
  - smartctl '-a': Prints SCSI 'Accumulated power on time'.
  - smartctl '-n POWERMODE': SCSI support.
  - smartctl '-s standby,now' and '-s standby,off': SCSI support.
  - smartctl '-c': NVMe 1.4 additions.
  - smartd: Support for staggered self-tests.
  - smartd: No longer writes attribute log if no attributes were read
    due to standby mode or other error.
  - smartd: Now resolves symlinks before device names are checked for
    duplicates.
  - smartd: Fixed SMARTD_DEVICETYPE environment variable if DEVICESCAN is
    used without '-d TYPE'.
  - ATA: Device type '-d jmb39x-q,N' for JMB39x protocol variant used by
    some QNAP NAS devices.
  - ATA: Device type '-d jms56x,N' for JMS562 USB to SATA RAID bridges.
  - SCSI: Improved heuristics for log subpages of new and very old disks.
  - NVMe: Log transfer size limited to avoid device or kernel crashes.
  - NVMEe/USB: Device type '-d sntrealtek' for Realtek RTL9210 USB to
    NVMe bridges.
  - update-smart-drivedb: New option '--branch X.Y'.
  - HDD, SSD and USB additions to drive database.
  - Dropped support for pre-C99 snprintf().
  - configure: Dropped option '--without-working-snprintf'.
  - configure: Fixed '-fstack-protector*' detection.
  - Linux: Various fixes of smartd.service file (bsc#1183699).
  - Darwin: NVMe log support.
  - FreeBSD: Device scan does no longer include T_ENCLOSURE devices.
  - NetBSD: Fixed timeout handling.
  - NetBSD big endian: Fixed ATA register handling.
  - OpenBSD: Fixed timeout handling.
  - Windows: Dropped backward compatibility fixes for very old compilers. 

- Update to version 7.1:
  - smartctl: Fixed bogus exception on unknown form factor value.
  - smartctl '--json=cg': Suppresses extra spaces also in 'g' format.
  - smartctl '-i': ATA ACS-4 and ACS-5 enhancements.
  - smartd: No longer truncates very long device names in warning emails.
  - smartd: No longer skips scheduled tests if system clock has been adjusted to the past.
  - smartd '-A': Attribute logs now use local time instead of UTC.
  - Autodetection of '-d sntjmicron' type for JMicron USB to NVMe bridges.
  - Fixed segfault on CCISS transfer sizes.
  - Fixed smartd.service 'Type' if libsystemd-dev is not available.
  - Fixed '/dev/megaraid_sas_ioctl_node' fd leak.


-----------------------------------------------------------------
Advisory ID: SUSE-OU-2022:902-1
Released:    Fri Mar 18 15:28:03 2022
Summary:     Optional update for SUSE Package Hub
Type:        optional
Severity:    moderate
References:  
This optional update provides the following changes:

- Provide binaries for non x86_64 architectures directly to SUSE Package Hub.
- There are no visible changes for the final user.
- Affected source packages: argyllcms, csync
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:906-1
Released:    Mon Mar 21 09:47:11 2022
Summary:     Security update for MozillaThunderbird
Type:        security
Severity:    important
References:  1196900,CVE-2022-26381,CVE-2022-26383,CVE-2022-26384,CVE-2022-26386,CVE-2022-26387
This update for MozillaThunderbird fixes the following issues:

Updated to version 91.7 (bsc#1196900):
  - CVE-2022-26381: Fixed an invalid memory access due to text reflow when SVG
    objects were present.
  - CVE-2022-26383: Fixed an issue where, when resizing a popup after requesting
    fullscreen access, the popup would not display the fullscreen notification.
  - CVE-2022-26384: Fixed an iframe XSS sandbox bypass when allow-popups was used
    on the iframe.
  - CVE-2022-26386: Fixed an issue where downloadable temporary files were
    accessible to other local users.
  - CVE-2022-26387: Fixed a potential add-on signature verification bypass due to
    a race condition.

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2022:911-1
Released:    Mon Mar 21 13:00:39 2022
Summary:     Feature update for libbluray
Type:        feature
Severity:    moderate
References:  
This feature update for libbluray fixes the following issues:

Update to version 1.3.0 (jsc#SLE-23838):

- Remove unused dependencies from pkgconfig(libbluray)
- Enable build against java-devel >= 10.
- Add functions to list and read BD-ROM files.
- Add initial support for .fmts files.
- Add initial support for OpenJDK 11.
- Add initial support for UHD disc BD-J menus.
- Add support for AWT mouse events (BD-J).
- Add support for compiling .jar file with Java 9+ compiler.
- Add support for separate key pressed / typed / released user input events.
- Enable playback without menus when index.bdmv is missing.
- Fix JVM bootstrap issues with some Java 9 versions.
- Fix build with Java 1.6.
- Fix build with OpenJDK 12 / 13.
- Fix creating organization and disc specific BD-J BUDA directories.
- Fix memory leak
- Fix loading classes with Windows Java 8.
- Fix loading libmmbd in Windows 64-bit.
- Fix long delay in 'Evangelion, You are (not) alone' menu.
- Fix mark triggering when multiple marks are passed during single read().
- Fix playback of discs without normal titles (only TopMenu / FirstPlay title).
- Fix playback of some broken BD-J discs.
- Fix polygon-based BD-J graphics primitives.
- Fix reading resources indirectly from mounted .jar file.
- Fix resetting user-selected streams when playing without menus.
- Fix seek bar pop-up at chapter boundary with some discs.
- Fix sign extended bytes when reading single bytes in BDJ.
- Fix stack overflow when using Java9+ with debugger connection.
- Improve BD-J compability.
- Improve JVM and .jar file probing.
- Improve Java 8+ compability.
- Improve UHD metadata support.
- Improve error resilience and stability.
- Improve main title selection.
- Improve missing/broken playlist handling.
- Improve portability.
- Move AWT classes to separate .jar file.
- Rename list_titles to bd_list_titles and add it to installed programs.
- Update libudfread submodule repository URL.
- Use external libudfread when available.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:915-1
Released:    Mon Mar 21 16:50:43 2022
Summary:     Security update for lapack
Type:        security
Severity:    moderate
References:  1193562,CVE-2021-4048
This update for lapack fixes the following issues:

- CVE-2021-4048: Fixed an out of bounds read when user input was not validated properly (bsc#1193562).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:936-1
Released:    Tue Mar 22 18:10:17 2022
Summary:     Recommended update for filesystem and systemd-rpm-macros
Type:        recommended
Severity:    moderate
References:  1196275,1196406
This update for filesystem and systemd-rpm-macros fixes the following issues:

filesystem:

- Add path /lib/modprobe.d (bsc#1196275, jsc#SLE-20639)

systemd-rpm-macros:

- Make %_modprobedir point to /lib/modprobe.d (bsc#1196275, bsc#1196406)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:942-1
Released:    Thu Mar 24 10:30:15 2022
Summary:     Security update for python3
Type:        security
Severity:    moderate
References:  1186819,CVE-2021-3572
This update for python3 fixes the following issues:

- CVE-2021-3572: Fixed an improper handling of unicode characters in pip (bsc#1186819).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:945-1
Released:    Thu Mar 24 12:53:37 2022
Summary:     Security update for bind
Type:        security
Severity:    important
References:  1197135,CVE-2021-25220
This update for bind fixes the following issues:

- CVE-2021-25220: Fixed a DNS cache poisoning vulnerability due to loose
  caching rules (bsc#1197135).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:947-1
Released:    Thu Mar 24 18:49:41 2022
Summary:     Recommended update for dapl
Type:        recommended
Severity:    moderate
References:  1047218
This update for dapl fixes the following issues:

- Allow to override build date in order to allow for reproducible builds. (bsc#1047218)

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2022:950-1
Released:    Fri Mar 25 12:47:04 2022
Summary:     Feature update for lifecycle-data-sle-module-development-tools
Type:        feature
Severity:    moderate
References:  
This feature update for lifecycle-data-sle-module-development-tools fixes the following issues:

- Added expiration data for GCC 10 yearly update for the Toolchain/Development modules
  (jsc#ECO-2373, jsc#SLE-16821, jsc#SLE-16822)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:952-1
Released:    Fri Mar 25 15:27:42 2022
Summary:     Recommended update for rpmlint
Type:        recommended
Severity:    moderate
References:  1178848,1194799,1196149
This update for rpmlint fixes the following issues:

- Add tukitd dbus whitelist (bsc#1196149)
- Add kpmcore whitelisting (bsc#1178848).
- Add whitelisting for NetworkManager nm-priv helper for SLE-15-SP4 (bsc#1194799).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:953-1
Released:    Mon Mar 28 09:21:37 2022
Summary:     Security update for perl-DBD-SQLite
Type:        security
Severity:    moderate
References:  1195771
This update for perl-DBD-SQLite fixes the following issues:

- updated to 1.66
- Use external sqlite3 library rather than internal code. (bsc#1195771)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:954-1
Released:    Mon Mar 28 09:21:52 2022
Summary:     Security update for wavpack
Type:        security
Severity:    moderate
References:  1197020,CVE-2021-44269
This update for wavpack fixes the following issues:

- CVE-2021-44269: Fixed out of bounds read in processing .wav files (bsc#1197020).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:957-1
Released:    Mon Mar 28 12:01:47 2022
Summary:     Recommended update for trilinos
Type:        recommended
Severity:    moderate
References:  1194648
This update for trilinos fixes the following issues:

- Update to version 13.2.0
  For information on changes consult the release notes of its sub-packages.
- Add dependency for library package to devel package.
- Fix by calculating the relative path elements between
  the 'cmake' directory and the installation directory. This works
  only if 'Trilinos_INSTALL_LIB_DIR' is relative, while other parts
  of the code allow it to be absolute. (bsc#1194648)
- Fix doc building.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1027-1
Released:    Tue Mar 29 15:41:51 2022
Summary:     Security update for java-1_8_0-ibm
Type:        security
Severity:    important
References:  1194925,1194926,1194927,1194928,1194929,1194930,1194931,1194932,1194933,1194934,1194935,1194937,1194939,1194940,1194941,1195146,1196500,1197126,CVE-2022-21248,CVE-2022-21271,CVE-2022-21277,CVE-2022-21282,CVE-2022-21283,CVE-2022-21291,CVE-2022-21293,CVE-2022-21294,CVE-2022-21296,CVE-2022-21299,CVE-2022-21305,CVE-2022-21340,CVE-2022-21341,CVE-2022-21349,CVE-2022-21360,CVE-2022-21365,CVE-2022-21366
This update for java-1_8_0-ibm fixes the following issues:

Update Java 8.0 to Service Refresh 7 Fix Pack 5 (bsc#1197126).

Including fixes for the following vulnerabilities: 

  CVE-2022-21366, CVE-2022-21365, CVE-2022-21360, CVE-2022-21349,
  CVE-2022-21341, CVE-2022-21340, CVE-2022-21305, CVE-2022-21277,
  CVE-2022-21299, CVE-2022-21296, CVE-2022-21282, CVE-2022-21294,
  CVE-2022-21293, CVE-2022-21291, CVE-2022-21283, CVE-2022-21248,
  CVE-2022-21271.

Non-securtiy fix:

- Fixed a broken symlink for javaws (bsc#1195146).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1033-1
Released:    Tue Mar 29 18:42:05 2022
Summary:     Recommended update for java-11-openjdk
Type:        recommended
Severity:    moderate
References:  
This update for java-11-openjdk fixes the following issues:

- Build failure on Solaris.
- Unable to connect to https://google.com using java.net.HttpClient.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1040-1
Released:    Wed Mar 30 09:40:58 2022
Summary:     Security update for protobuf
Type:        security
Severity:    moderate
References:  1195258,CVE-2021-22570
This update for protobuf fixes the following issues:

- CVE-2021-22570: Fix incorrect parsing of nullchar in the proto symbol (bsc#1195258).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1047-1
Released:    Wed Mar 30 16:20:56 2022
Summary:     Recommended update for pam
Type:        recommended
Severity:    moderate
References:  1196093,1197024
This update for pam fixes the following issues:

- Define _pam_vendordir as the variable is needed by systemd and others. (bsc#1196093)
- Between allocating the variable 'ai' and free'ing them, there are two 'return NO' were we don't free this variable. 
  This patch inserts freaddrinfo() calls before the 'return NO;'s. (bsc#1197024)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1074-1
Released:    Fri Apr  1 13:27:00 2022
Summary:     Recommended update for cloud-init
Type:        recommended
Severity:    moderate
References:  1193531
This update for cloud-init contains the following fixes:

- Enable broader systemctl location. (bsc#1193531)

- Remove unneeded BuildRequires on python3-nose.

  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1092-1
Released:    Fri Apr  1 17:24:58 2022
Summary:     Recommended update for cloud-regionsrv-client
Type:        recommended
Severity:    critical
References:  1195414,1195564,1197113
This update for cloud-regionsrv-client fixes the following issues:

- Update to version 10.0.2
  + Fix name of logfile in error message
  + Fix variable scoping to properly detect registration error
  + Cleanup any artifacts on registration failure
  + Fix latent bug with /etc/hosts population
  + Do not throw error when attemting to unregister a system that is not registered
  + Skip extension registration if the extension is recommended by the baseproduct as it gets automatically installed

- Update to version 10.0.1 (bsc#1197113)
  + Provide status feedback on registration, success or failure
  + Log warning message if data provider is configured but no data can be retrieved
- Update -addon-azure to 1.0.3 follow up fix for (bsc#1195414, bsc#1195564)
  + The repo enablement timer cannot depend on 'guestregister.service'
	  

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1097-1
Released:    Mon Apr  4 10:45:38 2022
Summary:     Recommended update for xorg-x11-server
Type:        recommended
Severity:    moderate
References:  1197045,1197046,1197269
This update for xorg-x11-server fixes the following issues:

- sync pci ids with Mesa 20.2.4 (bsc#1197046)
- sync GL driver PCI IDs with Mesa. (bsc#1197045)
- avoid consequently failing page flip. (bsc#1197269)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1098-1
Released:    Mon Apr  4 12:51:35 2022
Summary:     Recommended update for davfs2
Type:        recommended
Severity:    moderate
References:  1188967,1193733,1194537
This update for davfs2 fixes the following issues:

- Fix potential crash on umount (bsc#1194537)
- Check for valid server etag property (bsc#1193733)
- Fix cached file attributes (bsc#1188967)

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2022:1115-1
Released:    Tue Apr  5 18:31:13 2022
Summary:     Feature update for alsa-oss
Type:        feature
Severity:    moderate
References:  1181571
This feature update for alsa-oss provides the following changes:

Update from version 1.0.28 to version 1.1.8 (bsc#1181571)

- Drop the superfluous build requires `alsa-topology-devel`. It is no longer mandatory.
- Avoid repetition of name in package summary and updated description.
- Fix build issues with the recent `glibc` (bsc#1181571)
- Update the Free Software Foundation, Inc. address
- Provide binaries for non x86_64 architectures directly to SUSE Package Hub.

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2022:1116-1
Released:    Tue Apr  5 18:31:34 2022
Summary:     Optional update for SUSE Package Hub
Type:        optional
Severity:    moderate
References:  
This optional update provides the following changes:

- Provide binaries for non x86_64 architectures directly to SUSE Package Hub.
- There are no visible changes for the final user.
- Affected source packages: libexttextcat

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1118-1
Released:    Tue Apr  5 18:34:06 2022
Summary:     Recommended update for timezone
Type:        recommended
Severity:    moderate
References:  1177460
This update for timezone fixes the following issues:

- timezone update 2022a (bsc#1177460):
  * Palestine will spring forward on 2022-03-27, not on 03-26
  * `zdump -v` now outputs better failure indications
  * Bug fixes for code that reads corrupted TZif data

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1119-1
Released:    Wed Apr  6 09:16:06 2022
Summary:     Recommended update for supportutils
Type:        recommended
Severity:    moderate
References:  1189028,1190315,1190943,1191096,1191794,1193204,1193732,1193868,1195797
This update for supportutils fixes the following issues:

- Add command `blkid`
- Add email.txt based on OPTION_EMAIL (bsc#1189028)
- Add rpcinfo -p output #116
- Add s390x specific files and output
- Add shared memory as a log directory for emergency use (bsc#1190943)
- Fix cron package for RPM validation (bsc#1190315)
- Fix for invalid argument during updates (bsc#1193204)
- Fix iscsi initiator name (bsc#1195797)
- Improve `lsblk` readability with `--ascsi` option
- Include 'multipath -t' output in mpio.txt
- Include /etc/sssd/conf.d configuration files
- Include udev rules in /lib/udev/rules.d/
- Made /proc directory and network names spaces configurable (bsc#1193868)
- Prepare future installation of binaries to /usr/sbin instead of /sbin. This does not affect 
  SUSE Linux Enterprise 15 Serivce Pack 3 and 4 (bsc#1191096)
- Move localmessage/warm logs out of messages.txt to new localwarn.txt
- Optimize configuration files
- Remove chronyc DNS lookups with -n switch (bsc#1193732)
- Remove duplicate commands in network.txt
- Remove duplicate firewalld status output
- getappcore identifies compressed core files (bsc#1191794)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1124-1
Released:    Wed Apr  6 13:07:05 2022
Summary:     Recommended update for compat-libpthread-nonshared
Type:        recommended
Severity:    low
References:  1197272
This update for compat-libpthread-nonshared fixes the following issues:

- Also build s390x version (bsc#1197272)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1127-1
Released:    Thu Apr  7 17:03:49 2022
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    important
References:  1197698,1197903,CVE-2022-1097,CVE-2022-1196,CVE-2022-24713,CVE-2022-28281,CVE-2022-28282,CVE-2022-28285,CVE-2022-28286,CVE-2022-28289
This update for MozillaFirefox fixes the following issues:

Firefox Extended Support Release 91.8.0 ESR (bsc#1197903):

MFSA 2022-14 (bsc#1197903)

* CVE-2022-1097: Fixed memory safety violations that could occur when PKCS#11 tokens are removed while in use
* CVE-2022-28281: Fixed an out of bounds write due to unexpected WebAuthN Extensions
* CVE-2022-1196: Fixed a use-after-free after VR Process destruction
* CVE-2022-28282: Fixed a use-after-free in DocumentL10n::TranslateDocument
* CVE-2022-28285: Fixed incorrect AliasSet used in JIT Codegen
* CVE-2022-28286: Fixed that iframe contents could be rendered outside the border
* CVE-2022-24713: Fixed a denial of service via complex regular expressions
* CVE-2022-28289: Memory safety bugs fixed in Firefox 99 and Firefox ESR 91.8

The following non-security bugs were fixed:

- Adjust rust dependency for SP3 and later. TW uses always the
  newest version of rust, but we don't, so we can't use the
  rust+cargo notation, which would need both < and >= requirements.
  (bsc#1197698)

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2022:1134-1
Released:    Fri Apr  8 13:11:34 2022
Summary:     Optional update for SUSE Package Hub
Type:        optional
Severity:    moderate
References:  
This optional update provides the following changes:

- Provide binaries for non x86_64 architectures directly to SUSE Package Hub.
- There are no visible changes for the final user.
- Affected source packages: gfbgraph, librest, gnome-online-accounts, gcr

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1146-1
Released:    Mon Apr 11 15:40:25 2022
Summary:     Recommended update for reload4j
Type:        recommended
Severity:    moderate
References:  1197642
This update for reload4j fixes the following issues:

This update provides reload4j 1.2.19, a upstream supported drop-in
replace of log4j 1.2.x, which is declared EOL upstream.

Additional changes:

- Some projects using log4j12 expect the org.apache.log4j.MDC
  class to have internal boolean variable java1. We add it
  there just to avoid runtime incompatibilities as a log4j12
  drop-in replacement.
- Add Provides and Obsoletes to the javadoc package in order to 
  transition smoothly out of log4j12-javadoc and log4j12-manual

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1147-1
Released:    Mon Apr 11 15:49:43 2022
Summary:     Recommended update for containerd
Type:        recommended
Severity:    moderate
References:  1195784

This update of containerd fixes the following issue:

- container-ctr is shipped to the PackageHub repos.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1148-1
Released:    Mon Apr 11 15:55:14 2022
Summary:     Security update for libexif
Type:        security
Severity:    important
References:  1172768,1172802,1178479,CVE-2020-0181,CVE-2020-0198,CVE-2020-0452
This update for libexif fixes the following issues:

- CVE-2020-0181: Fixed an integer overflow that could lead to denial of service
  (bsc#1172802).
- CVE-2020-0198: Fixed and unsigned integer overflow that could lead to denial
  of service (bsc#1172768).
- CVE-2020-0452: Fixed a buffer overflow check that could be optimized away
  by the compiler (bsc#1178479).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1150-1
Released:    Mon Apr 11 17:34:19 2022
Summary:     Recommended update for suse-build-key
Type:        recommended
Severity:    moderate
References:  1197293
This update for suse-build-key fixes the following issues:

No longer install 1024bit keys by default. (bsc#1197293)

- The SLE11 key has been moved to documentation directory, and is obsoleted / removed by the package.
- The old PTF (pre March 2022) key moved to documentation directory.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1158-1
Released:    Tue Apr 12 14:44:43 2022
Summary:     Security update for xz
Type:        security
Severity:    important
References:  1198062,CVE-2022-1271
This update for xz fixes the following issues:

- CVE-2022-1271: Fixed an incorrect escaping of malicious filenames (ZDI-CAN-16587). (bsc#1198062)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1166-1
Released:    Tue Apr 12 16:18:25 2022
Summary:      Recommended update for cloud-regionsrv-client 
Type:        recommended
Severity:    important
References:  
 Recommended update for cloud-regionsrv-client contains the following fix:

cloud-regionsrv-client:
    Shipping cloud-regionsrv-client-addon-azure to unrestricted channels. (#MSC-282)

  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1176-1
Released:    Wed Apr 13 12:15:44 2022
Summary:     Security update for MozillaThunderbird
Type:        security
Severity:    important
References:  1197903,CVE-2022-1097,CVE-2022-1196,CVE-2022-1197,CVE-2022-24713,CVE-2022-28281,CVE-2022-28282,CVE-2022-28285,CVE-2022-28286,CVE-2022-28289
This update for MozillaThunderbird fixes the following issues:

- Updated to version 91.8 (bsc#1197903):
  - CVE-2022-1097: Fixed a memory corruption issue with NSSToken objects.
  - CVE-2022-28281: Fixed a memory corruption issue due to unexpected WebAuthN
    Extensions.
  - CVE-2022-1197: Fixed an issue where OpenPGP revocation information was ignored.
  - CVE-2022-1196: Fixed a memory corruption issue after VR process destruction.
  - CVE-2022-28282: Fixed a memory corruption issue in document translation.
  - CVE-2022-28285: Fixed a memory corruption issue in JIT code generation.
  - CVE-2022-28286: Fixed an iframe layout issue that could have been exploited
    to stage spoofing attacks.
  - CVE-2022-24713: Fixed a potential denial of service via complex regular
    expressions.
  - CVE-2022-28289: Fixed multiple memory corruption issues.

Non-security fixes:

- Changed Google accounts using password authentication to use OAuth2.
- Fixed an issue where OpenPGP ECC keys created by Thunderbird could not be
  imported into GnuPG.
- Fixed an issue where exporting multiple public PGP keys from Thunderbird
  was not possible.
- Fixed an issue where replying to a newsgroup message erroneously displayed
  a 'No-reply' popup warning.
- Fixed an issue with opening older address books.
- Fixed an issue where LDAP directories would be lost when switching to
  'Offline' mode.
- Fixed an issue when importing webcals.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1179-1
Released:    Wed Apr 13 15:47:16 2022
Summary:     Recommended update for net-snmp
Type:        recommended
Severity:    moderate
References:  1196955
This update for net-snmp fixes the following issues:

- Decouple snmp-mibs from net-snmp version to allow major version
  upgrade (bsc#1196955).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1190-1
Released:    Wed Apr 13 20:52:23 2022
Summary:     Recommended update for cloud-init
Type:        recommended
Severity:    important
References:  1192343
This update for cloud-init contains the following fixes:

- Update to version 21.4 (bsc#1192343, jsc#PM-3181)
  + Also include VMWare functionality for (jsc#PM-3175)
  + Remove patches included upstream.
  + Forward port fixes.
  + Fix for VMware Test, system dependend, not properly mocked previously.
  + Azure: fallback nic needs to be reevaluated during reprovisioning
    (#1094) [Anh Vo]
  + azure: pps imds (#1093) [Anh Vo]
  + testing: Remove calls to 'install_new_cloud_init' (#1092)
  + Add LXD datasource (#1040)
  + Fix unhandled apt_configure case. (#1065) [Brett Holman]
  + Allow libexec for hotplug (#1088)
  + Add necessary mocks to test_ovf unit tests (#1087)
  + Remove (deprecated) apt-key (#1068) [Brett Holman] (LP: #1836336)
  + distros: Remove a completed 'TODO' comment (#1086)
  + cc_ssh.py: Add configuration for controlling ssh-keygen output (#1083)
    [dermotbradley]
  + Add 'install hotplug' module (SC-476) (#1069) (LP: #1946003)
  + hosts.alpine.tmpl: rearrange the order of short and long hostnames
    (#1084) [dermotbradley]
  + Add max version to docutils
  + cloudinit/dmi.py: Change warning to debug to prevent console display
    (#1082) [dermotbradley]
  + remove unnecessary EOF string in
    disable-sshd-keygen-if-cloud-init-active.conf (#1075) [Emanuele
    Giuseppe Esposito]
  + Add module 'write-files-deferred' executed in stage 'final' (#916)
    [Lucendio]
  + Bump pycloudlib to fix CI (#1080)
  + Remove pin in dependencies for jsonschema (#1078)
  + Add 'Google' as possible system-product-name (#1077) [vteratipally]
  + Update Debian security suite for bullseye (#1076) [Johann Queuniet]
  + Leave the details of service management to the distro (#1074)
    [Andy Fiddaman]
  + Fix typos in setup.py (#1059) [Christian Clauss]
  + Update Azure _unpickle (SC-500) (#1067) (LP: #1946644)
  + cc_ssh.py: fix private key group owner and permissions (#1070)
    [Emanuele Giuseppe Esposito]
  + VMware: read network-config from ISO (#1066) [Thomas Weißschuh]
  + testing: mock sleep in gce unit tests (#1072)
  + CloudStack: fix data-server DNS resolution (#1004)
    [Olivier Lemasle] (LP: #1942232)
  + Fix unit test broken by pyyaml upgrade (#1071)
  + testing: add get_cloud function (SC-461) (#1038)
  + Inhibit sshd-keygen@.service if cloud-init is active (#1028)
    [Ryan Harper]
  + VMWARE: search the deployPkg plugin in multiarch dir (#1061)
    [xiaofengw-vmware] (LP: #1944946)
  + Fix set-name/interface DNS bug (#1058) [Andrew Kutz] (LP: #1946493)
  + Use specified tmp location for growpart (#1046) [jshen28]
  + .gitignore: ignore tags file for ctags users (#1057) [Brett Holman]
  + Allow comments in runcmd and report failed commands correctly (#1049)
    [Brett Holman] (LP: #1853146)
  + tox integration: pass the *_proxy, GOOGLE_*, GCP_* env vars (#1050)
    [Paride Legovini]
  + Allow disabling of network activation (SC-307) (#1048) (LP: #1938299)
  + renderer: convert relative imports to absolute (#1052) [Paride Legovini]
  + Support ETHx_IP6_GATEWAY, SET_HOSTNAME on OpenNebula (#1045)
    [Vlastimil Holer]
  + integration-requirements: bump the pycloudlib commit (#1047)
    [Paride Legovini]
  + Allow Vultr to set MTU and use as-is configs (#1037) [eb3095]
  + pin jsonschema in requirements.txt (#1043)
  + testing: remove cloud_tests (#1020)
  + Add andgein as contributor (#1042) [Andrew Gein]
  + Make wording for module frequency consistent (#1039) [Nicolas Bock]
  + Use ascii code for growpart (#1036) [jshen28]
  + Add jshen28 as contributor (#1035) [jshen28]
  + Skip test_cache_purged_on_version_change on Azure (#1033)
  + Remove invalid ssh_import_id from examples (#1031)
  + Cleanup Vultr support (#987) [eb3095]
  + docs: update cc_disk_setup for fs to raw disk (#1017)
  + HACKING.rst: change contact info to James Falcon (#1030)
  + tox: bump the pinned flake8 and pylint version (#1029)
    [Paride Legovini] (LP: #1944414)
  + Add retries to DataSourceGCE.py when connecting to GCE (#1005)
    [vteratipally]
  + Set Azure to apply networking config every BOOT (#1023)
  + Add connectivity_url to Oracle's EphemeralDHCPv4 (#988) (LP: #1939603)
  + docs: fix typo and include sudo for report bugs commands (#1022)
    [Renan Rodrigo] (LP: #1940236)
  + VMware: Fix typo introduced in #947 and add test (#1019) [PengpengSun]
  + Update IPv6 entries in /etc/hosts (#1021) [Richard Hansen] (LP: #1943798)
  + Integration test upgrades for the 21.3-1 SRU (#1001)
  + Add Jille to tools/.github-cla-signers (#1016) [Jille Timmermans]
  + Improve ug_util.py (#1013) [Shreenidhi Shedi]
  + Support openEuler OS (#1012) [zhuzaifangxuele]
  + ssh_utils.py: ignore when sshd_config options are not key/value pairs
    (#1007) [Emanuele Giuseppe Esposito]
  + Set Azure to only update metadata on BOOT_NEW_INSTANCE (#1006)
  + cc_update_etc_hosts: Use the distribution-defined path for the hosts
    file (#983) [Andy Fiddaman]
  + Add CloudLinux OS support (#1003) [Alexandr Kravchenko]
  + puppet config: add the start_agent option (#1002) [Andrew Bogott]
  + Fix `make style-check` errors (#1000) [Shreenidhi Shedi]
  + Make cloud-id copyright year (#991) [Andrii Podanenko]
  + Add support to accept-ra in networkd renderer (#999) [Shreenidhi Shedi]
  + Update ds-identify to pass shellcheck (#979) [Andrew Kutz]
  + Azure: Retry dhcp on timeouts when polling reprovisiondata (#998)
    [aswinrajamannar]
  + testing: Fix ssh keys integration test (#992)

- From 21.3
  + Azure: During primary nic detection, check interface status continuously
    before rebinding again (#990) [aswinrajamannar]
  + Fix home permissions modified by ssh module (SC-338) (#984)
    (LP: #1940233)
  + Add integration test for sensitive jinja substitution (#986)
  + Ignore hotplug socket when collecting logs (#985) (LP: #1940235)
  + testing: Add missing mocks to test_vmware.py (#982)
  + add Zadara Edge Cloud Platform to the supported clouds list (#963)
    [sarahwzadara]
  + testing: skip upgrade tests on LXD VMs (#980)
  + Only invoke hotplug socket when functionality is enabled (#952)
  + Revert unnecesary lcase in ds-identify (#978) [Andrew Kutz]
  + cc_resolv_conf: fix typos (#969) [Shreenidhi Shedi]
  + Replace broken httpretty tests with mock (SC-324) (#973)
  + Azure: Check if interface is up after sleep when trying to bring it up
    (#972) [aswinrajamannar]
  + Update dscheck_VMware's rpctool check (#970) [Shreenidhi Shedi]
  + Azure: Logging the detected interfaces (#968) [Moustafa Moustafa]
  + Change netifaces dependency to 0.10.4 (#965) [Andrew Kutz]
  + Azure: Limit polling network metadata on connection errors (#961)
    [aswinrajamannar]
  + Update inconsistent indentation (#962) [Andrew Kutz]
  + cc_puppet: support AIO installations and more (#960) [Gabriel Nagy]
  + Add Puppet contributors to CLA signers (#964) [Noah Fontes]
  + Datasource for VMware (#953) [Andrew Kutz]
  + photon: refactor hostname handling and add networkd activator (#958)
    [sshedi]
  + Stop copying ssh system keys and check folder permissions (#956)
    [Emanuele Giuseppe Esposito]
  + testing: port remaining cloud tests to integration testing framework
    (SC-191) (#955)
  + generate contents for ovf-env.xml when provisioning via IMDS (#959)
    [Anh Vo]
  + Add support for EuroLinux 7 && EuroLinux 8 (#957) [Aleksander Baranowski]
  + Implementing device_aliases as described in docs (#945)
    [Mal Graty] (LP: #1867532)
  + testing: fix test_ssh_import_id.py (#954)
  + Add ability to manage fallback network config on PhotonOS (#941) [sshedi]
  + Add VZLinux support (#951) [eb3095]
  + VMware: add network-config support in ovf-env.xml (#947) [PengpengSun]
  + Update pylint to v2.9.3 and fix the new issues it spots (#946)
    [Paride Legovini]
  + Azure: mount default provisioning iso before try device listing (#870)
    [Anh Vo]
  + Document known hotplug limitations (#950)
  + Initial hotplug support (#936)
  + Fix MIME policy failure on python version upgrade (#934)
  + run-container: fixup the centos repos baseurls when using http_proxy
    (#944) [Paride Legovini]
  + tools: add support for building rpms on rocky linux (#940)
  + ssh-util: allow cloudinit to merge all ssh keys into a custom user
    file, defined in AuthorizedKeysFile (#937) [Emanuele Giuseppe Esposito]
    (LP: #1911680)
  + VMware: new 'allow_raw_data' switch (#939) [xiaofengw-vmware]
  + bump pycloudlib version (#935)
  + add renanrodrigo as a contributor (#938) [Renan Rodrigo]
  + testing: simplify test_upgrade.py (#932)
  + freebsd/net_v1 format: read MTU from root (#930) [Gonéri Le Bouder]
  + Add new network activators to bring up interfaces (#919)
  + Detect a Python version change and clear the cache (#857)
    [Robert Schweikert]
  + cloud_tests: fix the Impish release name (#931) [Paride Legovini]
  + Removed distro specific network code from Photon (#929) [sshedi]
  + Add support for VMware PhotonOS (#909) [sshedi]
  + cloud_tests: add impish release definition (#927) [Paride Legovini]
  + docs: fix stale links rename master branch to main (#926)
  + Fix DNS in NetworkState (SC-133) (#923)
  + tests: Add 'adhoc' mark for integration tests (#925)
  + Fix the spelling of 'DigitalOcean' (#924) [Mark Mercado]
  + Small Doc Update for ReportEventStack and Test (#920) [Mike Russell]
  + Replace deprecated collections.Iterable with abc replacement (#922)
    (LP: #1932048)
  + testing: OCI availability domain is now required (SC-59) (#910)
  + add DragonFlyBSD support (#904) [Gonéri Le Bouder]
  + Use instance-data-sensitive.json in jinja templates (SC-117) (#917)
    (LP: #1931392)
  + doc: Update NoCloud docs stating required files (#918) (LP: #1931577)
  + build-on-netbsd: don't pin a specific py3 version (#913)
    [Gonéri Le Bouder]
  + Create the log file with 640 permissions (#858) [Robert Schweikert]
  + Allow braces to appear in dhclient output (#911) [eb3095]
  + Docs: Replace all freenode references with libera (#912)
  + openbsd/net: flush the route table on net restart (#908)
    [Gonéri Le Bouder]
  + Add Rocky Linux support to cloud-init (#906) [Louis Abel]
  + Add 'esposem' as contributor (#907) [Emanuele Giuseppe Esposito]
  + Add integration test for #868 (#901)
  + Added support for importing keys via primary/security mirror clauses
    (#882) [Paul Goins] (LP: #1925395)
  + [examples] config-user-groups expire in the future (#902)
    [Geert Stappers]
  + BSD: static network, set the mtu (#894) [Gonéri Le Bouder]
  + Add integration test for lp-1920939 (#891)
  + Fix unit tests breaking from new httpretty version (#903)
  + Allow user control over update events (#834)
  + Update test characters in substitution unit test (#893)
  + cc_disk_setup.py: remove UDEVADM_CMD definition as not used (#886)
    [dermotbradley]
  + Add AlmaLinux OS support (#872) [Andrew Lukoshko]

  + Still need to consider the 'network' configuration option
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1200-1
Released:    Thu Apr 14 11:33:22 2022
Summary:     Recommended update for ClusterTools2
Type:        recommended
Severity:    moderate
References:  1188456,1188652
This update for ClusterTools2 fixes the following issues:

- change version from 3.1.1 to 3.1.2
- As newer versions of pacemaker display the output from command
  'crmadmin --quiet' on stdout instead on stderr, the command
  'cs_clusterstate' was enhanced to adapt these change.
  (bsc#1188652)
- Adapt 'cs_show_scores' to support newer versions of pacemaker
  and crmshi. (bsc#1188456)
- man page updates

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1204-1
Released:    Thu Apr 14 12:15:55 2022
Summary:     Recommended update for hwdata
Type:        recommended
Severity:    moderate
References:  1196332
This update for hwdata fixes the following issues:

-  Updated pci, usb and vendor ids (bsc#1196332)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1208-1
Released:    Thu Apr 14 12:41:38 2022
Summary:     Recommended update for vncmanager
Type:        recommended
Severity:    moderate
References:  1169732,1171344,1189247
This update for vncmanager fixes the following issues:

- Consider different pixel format depths on Tight Encoding. TightPixel was considering only pixels defined with 3 bytes. (bsc#1189247)
- Fix tight decoder with 888 pixel encodings. (bsc#1169732, bsc#1171344)
- Fix PixelFormat::ntoh() and PixelFormat::hton(). (bsc#1169732, bsc#1171344)
- Fix tight compression decoder on big-endian systems. (bsc#1171344)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1218-1
Released:    Thu Apr 14 16:53:33 2022
Summary:     Security update for SDL2
Type:        security
Severity:    important
References:  1198001,CVE-2021-33657
This update for SDL2 fixes the following issues:

- CVE-2021-33657: Fix a buffer overflow when parsing a crafted BMP image (bsc#1198001).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1252-1
Released:    Tue Apr 19 08:51:06 2022
Summary:     Security update for openjpeg2
Type:        security
Severity:    important
References:  1076314,1076967,1079845,1102016,1106881,1106882,1140130,1160782,1162090,1173578,1180457,1184774,1197738,CVE-2018-14423,CVE-2018-16375,CVE-2018-16376,CVE-2018-20845,CVE-2018-5727,CVE-2018-5785,CVE-2018-6616,CVE-2020-15389,CVE-2020-27823,CVE-2020-6851,CVE-2020-8112,CVE-2021-29338,CVE-2022-1122
This update for openjpeg2 fixes the following issues:

- CVE-2018-5727: Fixed integer overflow vulnerability in theopj_t1_encode_cblks function (bsc#1076314).
- CVE-2018-5785: Fixed integer overflow caused by an out-of-bounds leftshift in the opj_j2k_setup_encoder function (bsc#1076967).
- CVE-2018-6616: Fixed excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c (bsc#1079845).
- CVE-2018-14423: Fixed division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl,and pi_next_rpcl in lib/openjp3d/pi.c (bsc#1102016).
- CVE-2018-16375: Fixed missing checks for header_info.height and header_info.width in the function pnmtoimage in bin/jpwl/convert.c (bsc#1106882).
- CVE-2018-16376: Fixed heap-based buffer overflow function t2_encode_packet in lib/openmj2/t2.c (bsc#1106881).
- CVE-2018-20845: Fixed division-by-zero in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in openmj2/pi.ci (bsc#1140130).
- CVE-2020-6851: Fixed heap-based buffer overflow in opj_t1_clbl_decode_processor (bsc#1160782).
- CVE-2020-8112: Fixed heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c (bsc#1162090).
- CVE-2020-15389: Fixed use-after-free if t a mix of valid and invalid files in a directory operated on by the decompressor (bsc#1173578).
- CVE-2020-27823: Fixed heap buffer over-write in opj_tcd_dc_level_shift_encode() (bsc#1180457).
- CVE-2021-29338: Fixed integer overflow that allows remote attackers to crash the application (bsc#1184774).
- CVE-2022-1122: Fixed segmentation fault in opj2_decompress due to uninitialized pointer (bsc#1197738).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1253-1
Released:    Tue Apr 19 09:00:06 2022
Summary:     Recommended update for helm
Type:        recommended
Severity:    moderate
References:  

This update for helm delivers helm 3.8.0 to the Containers module.


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1259-1
Released:    Tue Apr 19 11:10:16 2022
Summary:     Security update for icedtea-web
Type:        security
Severity:    important
References:  1142825,1142832,1142835,CVE-2019-10181,CVE-2019-10182,CVE-2019-10185
This update for icedtea-web fixes the following issues:

- CVE-2019-10181: Fixed an issue where an attacker could inject unsigned code
  in a signed JAR file (bsc#1142835).
- CVE-2019-10182: Fixed a path traversal issue where an attacker could upload
  arbritrary files by tricking a victim into running a specially crafted
  application(bsc#1142825).
- CVE-2019-10185: Fixed an issue where an attacker could write files to arbitrary
  locations during JAR auto-extraction (bsc#1142832).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1263-1
Released:    Tue Apr 19 13:32:00 2022
Summary:     Recommended update for cloud-regionsrv-client
Type:        recommended
Severity:    critical
References:  1198389
This update for cloud-regionsrv-client fixes the following issues:

- Update to version 10.0.3 (bsc#1198389)
  - Descend into the extension tree even if top level module is recommended
  - Cache license state for AHB support to detect type switch
  - Properly clean suse.com credentials when switching from SCC to update
    infrastructure
  - New log message to indicate base product registration success

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1265-1
Released:    Tue Apr 19 15:22:37 2022
Summary:     Security update for jsoup, jsr-305
Type:        security
Severity:    important
References:  1189749,CVE-2021-37714
This update for jsoup, jsr-305 fixes the following issues:

- CVE-2021-37714: Fixed infinite in untrusted HTML or XML data parsing (bsc#1189749).

Changes in jsr-305:
- Build with java source and target levels 8 
- Upgrade to upstream version 3.0.2

Changes in jsoup:
- Upgrade to upstream version 1.14.2
- Generate tarball using source service instead of a script

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1273-1
Released:    Wed Apr 20 09:09:48 2022
Summary:     Security update for SDL
Type:        security
Severity:    important
References:  1181201,1181202,1198001,CVE-2020-14409,CVE-2020-14410,CVE-2021-33657
This update for SDL fixes the following issues:

- CVE-2020-14409: Fixed an integer overflow (and resultant SDL_memcpy heap corruption) in SDL_BlitCopy in video/SDL_blit_copy.c. (bsc#1181202)
- CVE-2020-14410: Fixed a heap-based buffer over-read in Blit_3or4_to_3or4__inversed_rgb in video/SDL_blit_N.c. (bsc#1181201)
- CVE-2021-33657: Fixed a Heap overflow problem in video/SDL_pixels.c. (bsc#1198001)
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1279-1
Released:    Wed Apr 20 12:22:48 2022
Summary:     Recommended update for sgi-bitmap-fonts
Type:        recommended
Severity:    important
References:  1197854
This update for sgi-bitmap-fonts fixes the following issues:

- Fix package building issue (bsc#1197854)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1280-1
Released:    Wed Apr 20 12:23:33 2022
Summary:     Recommended update for HANA-Firewall
Type:        recommended
Severity:    important
References:  1197697
This update for HANA-Firewall fixes the following issues:

- Fix package building issues (bsc#1197697)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1281-1
Released:    Wed Apr 20 12:26:38 2022
Summary:     Recommended update for libtirpc
Type:        recommended
Severity:    moderate
References:  1196647
This update for libtirpc fixes the following issues:

- Add option to enforce connection via protocol version 2 first (bsc#1196647)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1296-1
Released:    Thu Apr 21 17:28:44 2022
Summary:     Security update for openjpeg
Type:        security
Severity:    important
References:  1102016,1106881,1162090,1173578,1180457,1184774,CVE-2018-14423,CVE-2018-16376,CVE-2020-15389,CVE-2020-27823,CVE-2020-8112,CVE-2021-29338
This update for openjpeg fixes the following issues:

- CVE-2018-14423: Fixed division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl,and pi_next_rpcl in lib/openjp3d/pi.c (bsc#1102016).
- CVE-2018-16376: Fixed heap-based buffer overflow function t2_encode_packet in lib/openmj2/t2.c (bsc#1106881).
- CVE-2020-8112: Fixed a heap buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c (bsc#1162090).
- CVE-2020-15389: Fixed a use-after-free if a mix of valid and invalid files in a directory operated on by the decompressor (bsc#1173578).
- CVE-2020-27823: Fixed a heap buffer over-write in opj_tcd_dc_level_shift_encode() (bsc#1180457),
- CVE-2021-29338: Fixed an integer Overflow allows remote attackers to crash the application (bsc#1184774).

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2022:1298-1
Released:    Fri Apr 22 07:21:47 2022
Summary:     Optional update for SUSE Package Hub
Type:        optional
Severity:    moderate
References:  
This optional update provides the following changes:

- Provide binaries for non x86_64 architectures directly to SUSE Package Hub.
- There are no visible changes for the final user.
- Affected source packages: gutenprint

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1304-1
Released:    Fri Apr 22 15:25:36 2022
Summary:     Security update for tomcat
Type:        security
Severity:    important
References:  1198136
This update for tomcat fixes the following issues:

Security hardening, related to Spring Framework vulnerabilities:
    
- Deprecate getResources() and always return null (bsc#1198136).

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2022:1317-1
Released:    Fri Apr 22 19:01:25 2022
Summary:     Optional update for dvd+rw-tools
Type:        optional
Severity:    low
References:  1197713
This update for dvd+rw-tools fixes the following issues:

- There are no visible changes for the final user:
  * Make the source building on 15 SP4. (bsc#1197713)
  * Refresh of exisiting patches.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1373-1
Released:    Mon Apr 25 15:00:40 2022
Summary:     Recommended update for rpmlint
Type:        recommended
Severity:    moderate
References:  1070943,1196681,1198521
This update for rpmlint fixes the following issues:

- fix kpmcore, nm-priv and tukitd whitelistings that contained absolute paths
  instead of only the basenames (bsc#1198521)
- Backport of deepin-api whitelists (bsc#1196681 bsc#1070943)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1374-1
Released:    Mon Apr 25 15:02:13 2022
Summary:     Recommended update for openldap2
Type:        recommended
Severity:    moderate
References:  1191157,1197004
This update for openldap2 fixes the following issues:

- allow specification of max/min TLS version with TLS1.3 (bsc#1191157)
- libldap was able to be out of step with openldap in some cases which could cause incorrect installations and symbol
  resolution failures. openldap2 and libldap now are locked to their related release versions. (bsc#1197004)
- restore CLDAP functionality in CLI tools (jsc#PM-3288)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1376-1
Released:    Mon Apr 25 15:41:46 2022
Summary:     Security update for mutt
Type:        security
Severity:    moderate
References:  1198518,CVE-2022-1328
This update for mutt fixes the following issues:

- CVE-2022-1328: Fixed an invalid memory access when reading untrusted uuencoded
  data. This could result in including private memory in replies (bsc#1198518).

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2022:1400-1
Released:    Tue Apr 26 08:19:29 2022
Summary:     Feature update for glm
Type:        feature
Severity:    moderate
References:  
This feature update for glm fixes the following issues:

Update from version 0.9.7.5 to version 0.9.9.8 (jsc#SLE-23864):

- Added CMake GLM interface 
- Added EXT_scalar_integer extension with power of two and multiple scalar functions
- Added EXT_vector_integer extension with power of two and multiple vector functions
- Added GLM_FORCE_QUAT_DATA_WXYZ to store quat data as w,x,y,z instead of x,y,z,w 
- Added Neon support
- Added SYCL support 
- Added fma implementation based on std::fma 
- Added missing genType check for bitCount and bitfieldReverse 
- Added missing quat constexpr 
- Ensure glmConfig.cmake gets installed
- Fixed 'if constexpr' warning
- Fixed .natvis due to renamed structs 
- Fixed ARM 64bit detection 
- Fixed Nvidia CUDA 9 build 
- Fixed Clang or GCC build due to wrong GLM_HAS_IF_CONSTEXPR definition 
- Fixed EXT_matrix_clip_space perspectiveFov
- Fixed EXT_scalar_ulp and EXT_vector_ulp API coding style
- Fixed GLM_EXT_matrix_clip_space warnings 
- Fixed GLM_HAS_CXX11_STL broken on Clang with Linux 
- Fixed Wimplicit-int-float-conversion warnings with clang 10+ 
- Fixed build errors when defining GLM_ENABLE_EXPERIMENTAL
- Fixed equal ULP variation when using negative sign 
- Fixed for g++6 where -std=c++1z sets __cplusplus to 201500 instead of 201402 
- Fixed for glm::length using arch64 
- Fixed for intersection ray/plane and added related tests 
- Fixed hash hashes 'qua' instead of 'tquat'
- Fixed ldexp and frexp declaration 
- Fixed missing const to quaternion conversion operators 
- Fixed missing declarations for 'frexp' and 'ldexp'
- Fixed quaternion componant order: w, {x, y, z} 
- Fixed quaternion slerp overload which interpolates with extra spins 
- Fixed singularity check for quatLookAt 
- Improved Neon support with more functions optimized

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1401-1
Released:    Tue Apr 26 08:44:16 2022
Summary:     Recommended update for ppp
Type:        recommended
Severity:    important
References:  1197799
This update for ppp fixes the following issues:

- Fix package building issues (bsc#1197799)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1405-1
Released:    Tue Apr 26 09:55:02 2022
Summary:     Recommended update for autofs
Type:        recommended
Severity:    moderate
References:  1181715,1195697,1196485
This update for autofs fixes the following issues:

- Fix problem with quote handling (bsc#1181715)
- Fix locking problem that causes deadlock when sss is used (bsc#1196485)
- Suppress portmap calls when port explicitly given (bsc#1195697)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1409-1
Released:    Tue Apr 26 12:54:57 2022
Summary:     Recommended update for gcc11
Type:        recommended
Severity:    moderate
References:  1195628,1196107
This update for gcc11 fixes the following issues:

- Add a list of Obsoletes to libstdc++6-pp-gcc11 so updates from
  packages provided by older GCC work.  Add a requires from that
  package to the corresponding libstc++6 package to keep those
  at the same version.  [bsc#1196107]
- Fixed memory corruption when creating dependences with the D language frontend.
- Add gcc11-PIE, similar to gcc-PIE but affecting gcc11 [bsc#1195628]
- Put libstdc++6-pp Requires on the shared library and drop
  to Recommends.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1418-1
Released:    Wed Apr 27 09:19:31 2022
Summary:     Security update for ant
Type:        security
Severity:    moderate
References:  1188468,1188469,CVE-2021-36373,CVE-2021-36374
This update for ant fixes the following issues:

- CVE-2021-36373: Fixed an excessive memory allocation when reading a specially
  crafted TAR archive (bsc#1188468).
- CVE-2021-36374: Fixed an excessive memory allocation when reading a specially
  crafted ZIP archive (bsc#1188469).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1420-1
Released:    Wed Apr 27 09:21:36 2022
Summary:     Recommended update for lifecycle-data-sle-module-live-patching
Type:        recommended
Severity:    moderate
References:  1020320
This update for lifecycle-data-sle-module-live-patching fixes the following issues:

Lifecycle data update. (bsc#1020320)

- Added data for 4_12_14-150_83, 4_12_14-150_86, 4_12_14-197_105, 4_12_14-197_108, 5_3_18-150300_59_46,
  5_3_18-150300_59_49, 5_3_18-150300_59_54, 5_3_18-24_102, 5_3_18-24_107.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1439-1
Released:    Wed Apr 27 16:08:04 2022
Summary:     Recommended update for binutils
Type:        recommended
Severity:    moderate
References:  1198237
This update for binutils fixes the following issues:

- The official name IBM z16 for IBM zSeries arch14 is recognized.  (bsc#1198237)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1445-1
Released:    Thu Apr 28 09:44:08 2022
Summary:     Recommended update for patterns-public-cloud-15
Type:        recommended
Severity:    important
References:  1196122
This update for patterns-public-cloud-15 fixes the following issues:

- Fix pattern migration issue from SLE 12 to SLE 15. (bsc#1196122) 

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1446-1
Released:    Thu Apr 28 09:46:53 2022
Summary:     Security update for python-paramiko
Type:        security
Severity:    moderate
References:  1197279,CVE-2022-24302
This update for python-paramiko fixes the following issues:

- CVE-2022-24302: Fixed a race condition between creation and chmod when writing private keys. (bsc#1197279) 

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1451-1
Released:    Thu Apr 28 10:47:22 2022
Summary:     Recommended update for perl
Type:        recommended
Severity:    moderate
References:  1193489
This update for perl fixes the following issues:

- Fix Socket::VERSION evaluation and stabilize Socket:VERSION comparisons (bsc#1193489)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1460-1
Released:    Thu Apr 28 16:21:58 2022
Summary:     Recommended update for google-guest-agent, google-guest-configs, google-guest-oslogin, google-osconfig-agent
Type:        recommended
Severity:    moderate
References:  1195437,1195438
This update for google-guest-agent, google-guest-configs, google-guest-oslogin, google-osconfig-agent fixes the following issues:

- Update to version 20220204.00. (bsc#1195437, bsc#1195438)
  * remove han from owners (#154)
  * Remove extra slash from metadata URL. (#151)
- from version 20220104.00
  * List IPv6 routes (#150)
- from version 20211228.00
  * add add or remove route integration test, utils (#147)
- from version 20211214.00
  * add malformed ssh key unit test  (#142)

- Update to version 20220211.00. (bsc#1195437, bsc#1195438)
  * Set NVMe-PD IO timeout to 4294967295. (#32)

- Update to version 20220205.00. (bsc#1195437, bsc#1195438)
  * Fix build for EL9. (#82)
- from version 20211213.00
  * Reauth error (#81)
- Rename Source0 field to Source
- Update URL in Source field to point to upstream tarball

- Update to version 20220209.00 (bsc#1195437, bsc#1195438)
  * Update licences, remove deprecated centos-8 tests (#414)

- Update to version 20220204.00
  * Add DisableLocalLogging option (#413)
- from version 20220107.00
  * OS assignment example: Copy file from bucket

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1463-1
Released:    Fri Apr 29 09:39:45 2022
Summary:     Recommended update for postgresql13
Type:        recommended
Severity:    moderate
References:  1190740,1195680
This update for postgresql13 fixes the following issues:

- Upgrade to 14.2: (bsc#1195680)
  * https://www.postgresql.org/docs/14/release-14-2.html
  * Reindexing might be needed after applying this upgrade, so
  please read the release notes carefully.
- Add constraints file with 12GB of memory for s390x as a workaround. (bsc#1190740)
- Add a llvmjit-devel subpackage to pull in the right versions
  of clang and llvm for building extensions. 
- Fix some mistakes in the interdependencies between the
  implementation packages and their noarch counterpart.
- Update the BuildIgnore section.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1472-1
Released:    Fri Apr 29 16:48:46 2022
Summary:     Recommended update for python-Whoosh
Type:        recommended
Severity:    low
References:  1197830
This update for python-Whoosh fixes the following issues:

- python-Whoosh won't compile on SP4 (bsc#1197830)
- Remove superfluous devel dependency for noarch package

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1476-1
Released:    Fri Apr 29 17:31:16 2022
Summary:     Security update for libcaca
Type:        security
Severity:    moderate
References:  1197028,CVE-2022-0856
This update for libcaca fixes the following issues:

- CVE-2022-0856: Fixed a divide by zero issue which could be exploited to cause
  an application crash (bsc#1197028).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1479-1
Released:    Fri Apr 29 17:32:01 2022
Summary:     Security update for jasper
Type:        security
Severity:    moderate
References:  1182104,1182105,1184757,1184798,CVE-2021-26926,CVE-2021-26927,CVE-2021-3443,CVE-2021-3467
This update for jasper fixes the following issues:

- CVE-2021-3467: Fixed NULL pointer deref in jp2_decode() (bsc#1184757). 
- CVE-2021-3443: Fixed NULL pointer deref in jp2_decode() (bsc#1184798).
- CVE-2021-26927: Fixed NULL pointer deref in jp2_decode() (bsc#1182104).
- CVE-2021-26926: Fixed an out of bounds read in jp2_decode() (bsc#1182105).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1484-1
Released:    Mon May  2 16:47:10 2022
Summary:     Security update for git
Type:        security
Severity:    important
References:  1181400,1198234,CVE-2022-24765
This update for git fixes the following issues:

- Updated to version 2.35.3:
  - CVE-2022-24765: Fixed a potential command injection via git worktree (bsc#1198234).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1490-1
Released:    Tue May  3 07:06:10 2022
Summary:     Recommended update for liblangtag
Type:        recommended
Severity:    important
References:  1197767
This update for liblangtag fixes the following issues:

- Fix build of future service packs of SUSE Linux Enterprise 15 (bsc#1197767)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1491-1
Released:    Tue May  3 07:09:44 2022
Summary:     Recommended update for psmisc
Type:        recommended
Severity:    moderate
References:  1194172
This update for psmisc fixes the following issues:

- Add a fallback if the system call name_to_handle_at() is not supported by the used file system.
- Replace the synchronizing over pipes of the sub process for the stat(2) system call with mutex and conditions from 
  pthreads(7) (bsc#1194172)
- Use statx(2) or SYS_statx system call to replace the stat(2) system call and avoid the sub process (bsc#1194172)

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2022:1492-1
Released:    Tue May  3 07:11:20 2022
Summary:     Optional update for SUSE Package Hub
Type:        optional
Severity:    moderate
References:  
This optional update provides the following changes:

- Provide binaries for non x86_64 architectures directly to SUSE Package Hub.
- There are no visible changes for the final user.
- Affected source packages: libdvdread

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2022:1493-1
Released:    Tue May  3 07:13:58 2022
Summary:     Optional update for SUSE Package Hub
Type:        optional
Severity:    moderate
References:  
This optional update provides the following changes:

- Provide binaries for non x86_64 architectures directly to SUSE Package Hub.
- There are no visible changes for the final user.
- Affected source packages: a52dec

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2022:1494-1
Released:    Tue May  3 07:16:18 2022
Summary:     Optional update for SUSE Package Hub
Type:        optional
Severity:    moderate
References:  
This optional update provides the following changes:

- Provide binaries for non x86_64 architectures directly to SUSE Package Hub.
- There are no visible changes for the final user.
- Affected source packages: hp-drive-guard, upower

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1501-1
Released:    Tue May  3 09:32:00 2022
Summary:     Recommended update for python-uamqp
Type:        recommended
Severity:    moderate
References:  1197848
This update for python-uamqp fixes the following issues:

- python-uamqp won't compile on SP4 (bsc#1197848)
- Only build Python3 flavors for distributions 15 and greater
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1503-1
Released:    Tue May  3 11:49:28 2022
Summary:     Recommended update for rpmlint
Type:        recommended
Severity:    moderate
References:  1198693,1199006
This update for rpmlint fixes the following issues:

- whitelist kcron (bsc#1199006)
- whitelisted power-profiles-daemon (bsc#1198693).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1510-1
Released:    Tue May  3 16:08:55 2022
Summary:     Security update for amazon-ssm-agent
Type:        security
Severity:    important
References:  1196556,CVE-2022-29527
This update for amazon-ssm-agent fixes the following issues:

- CVE-2022-29527: Fixed unsafe file creation mode of ssm-agent-users sudoer file (bsc#1196556).

Update to version 3.1.1260.0

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1512-1
Released:    Tue May  3 16:11:28 2022
Summary:     Security update for ruby2.5
Type:        security
Severity:    important
References:  1188160,1188161,1190375,1193035,1198441,CVE-2021-31799,CVE-2021-31810,CVE-2021-32066,CVE-2021-41817,CVE-2022-28739
This update for ruby2.5 fixes the following issues:

- CVE-2022-28739: Fixed a buffer overrun in String-to-Float conversion (bsc#1198441).
- CVE-2021-41817: Fixed a regular expression denial of service in Date Parsing Methods (bsc#1193035).
- CVE-2021-32066: Fixed a StartTLS stripping vulnerability in Net:IMAP (bsc#1188160).
- CVE-2021-31810: Fixed a trusting FTP PASV responses vulnerability in Net:FTP (bsc#1188161).
- CVE-2021-31799: Fixed a command injection vulnerability in RDoc (bsc#1190375). 

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1513-1
Released:    Tue May  3 16:13:25 2022
Summary:     Security update for java-11-openjdk
Type:        security
Severity:    important
References:  1198671,1198672,1198673,1198674,1198675,CVE-2022-21426,CVE-2022-21434,CVE-2022-21443,CVE-2022-21476,CVE-2022-21496
This update for java-11-openjdk fixes the following issues:

- CVE-2022-21426: Fixed Oracle Java SE compromission via unauthenticated attacker with network access via multiple protocols (bsc#1198672).
- CVE-2022-21434: Fixed Oracle Java SE compromission via unauthenticated attacker with network access via multiple protocols (bsc#1198674).
- CVE-2022-21496: Fixed Oracle Java SE compromission via unauthenticated attacker with network access via multiple protocols (bsc#1198673).
- CVE-2022-21443: Fixed Oracle Java SE compromission via unauthenticated attacker with network access via multiple protocols (bsc#1198675).
- CVE-2022-21476: Fixed Oracle Java SE compromission via unauthenticated attacker with network access via multiple protocols (bsc#1198671).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1515-1
Released:    Wed May  4 10:24:10 2022
Summary:     Security update for rubygem-puma
Type:        security
Severity:    important
References:  1188527,1191681,1196222,CVE-2021-29509,CVE-2021-41136,CVE-2022-23634
This update for rubygem-puma fixes the following issues:

rubygem-puma was updated to version 4.3.11:

* CVE-2021-29509: Adjusted an incomplete fix for  allows Denial of Service (DoS) (bsc#1188527)
* CVE-2021-41136: Fixed request smuggling if HTTP header value contains the LF character (bsc#1191681)
* CVE-2022-23634: Fixed information leak between requests (bsc#1196222)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1516-1
Released:    Wed May  4 10:25:15 2022
Summary:     Security update for libwmf
Type:        security
Severity:    important
References:  1006739,1123522,1174075,CVE-2016-9011,CVE-2019-6978
This update for libwmf fixes the following issues:

libwmf was updated to 0.2.12:

* upstream changed to fork from Fedora: https://github.com/caolanm/libwmf
* merged all the pending fixes
* merge in fixes for libgd CVE-2019-6978 (bsc#1123522)
* fixed memory allocation failure (CVE-2016-9011)

* Fixes for %_libexecdir changing to /usr/libexec (bsc#1174075)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1517-1
Released:    Wed May  4 10:25:51 2022
Summary:     Recommended update for lksctp-tools
Type:        recommended
Severity:    moderate
References:  1133097,1197590
This update for lksctp-tools fixes the following issues:

Update to version 1.0.17 (bsc#1197590)

* sctp_test: fix hostname resolution
* man: remove sysctl listing from sctp.7
* Fix recieved->received typos
* Fix usage help for sctp_test
* test_1_to_1_accept_close: also expect EACCES when accept on
  an established socket
* lksctp-tools: make bind_test can do while disable IPV6
* libsctp: add pkg-config support

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1518-1
Released:    Wed May  4 11:42:04 2022
Summary:     Recommended update for sanlock
Type:        recommended
Severity:    important
References:  1197853
This update for sanlock fixes the following issues:

- Add libuuid as a build requirement to fix build issues on future SUSE Linux Enterprise Service Packs (bsc#1197853)

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2022:1519-1
Released:    Wed May  4 12:11:57 2022
Summary:     Feature update for python-contextvars, python-immutables
Type:        feature
Severity:    moderate
References:  
This feature update for python-contextvars, python-immutables fixes the following issues:


python-immutables:

- Provide python-immutables version 0.11 in SUSE Linux Enterprise 15 (jsc#SLE-24404)

python-contextvars:

- Provide python-contextvars version 2.4 in SUSE Linux Enterprise 15 (jsc#SLE-24404)
 
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1524-1
Released:    Wed May  4 13:46:39 2022
Summary:     Security update for apache2-mod_auth_mellon
Type:        security
Severity:    moderate
References:  1188926,CVE-2021-3639
This update for apache2-mod_auth_mellon fixes the following issues:

- CVE-2021-3639: Fixed open Redirect vulnerability in logout URLs (bsc#1188926)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1541-1
Released:    Wed May  4 17:35:16 2022
Summary:     Security update for pgadmin4
Type:        security
Severity:    important
References:  1197143,CVE-2022-0959
This update for pgadmin4 fixes the following issues:

- CVE-2022-0959: Fixed an unrestricted file upload (bsc#1197143).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1542-1
Released:    Wed May  4 23:37:33 2022
Summary:     Recommended update for sblim-sfcb
Type:        recommended
Severity:    moderate
References:  1190107
This update for sblim-sfcb fixes the following issues:

- Add config option to optionally disable TLSv1.2 (bsc#1190107)
- Enable TLS v1.3 by removing explicit curve selection. This should not be required for OpenSSL 1.1.0+ (bsc#1190107)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1548-1
Released:    Thu May  5 16:45:28 2022
Summary:     Security update for tar
Type:        security
Severity:    moderate
References:  1029961,1120610,1130496,1181131,CVE-2018-20482,CVE-2019-9923,CVE-2021-20193
This update for tar fixes the following issues:

- CVE-2021-20193: Fixed a memory leak in read_header() in list.c (bsc#1181131).
- CVE-2019-9923: Fixed a null-pointer dereference in pax_decode_header in sparse.c (bsc#1130496).
- CVE-2018-20482: Fixed infinite read loop in sparse_dump_region in sparse.c (bsc#1120610).

- Update to GNU tar 1.34:
  * Fix extraction over pipe
  * Fix memory leak in read_header (CVE-2021-20193) (bsc#1181131)
  * Fix extraction when . and .. are unreadable
  * Gracefully handle duplicate symlinks when extracting
  * Re-initialize supplementary groups when switching to user
    privileges

- Update to GNU tar 1.33:
  * POSIX extended format headers do not include PID by default
  * --delay-directory-restore works for archives with reversed
    member ordering
  * Fix extraction of a symbolic link hardlinked to another
    symbolic link
  * Wildcards in exclude-vcs-ignore mode don't match slash
  * Fix the --no-overwrite-dir option
  * Fix handling of chained renames in incremental backups
  * Link counting works for file names supplied with -T
  * Accept only position-sensitive (file-selection) options in file
    list files

- prepare usrmerge (bsc#1029961)

- Update to GNU 1.32
  * Fix the use of --checkpoint without explicit --checkpoint-action
  * Fix extraction with the -U option
  * Fix iconv usage on BSD-based systems
  * Fix possible NULL dereference (savannah bug #55369)
    [bsc#1130496] [CVE-2019-9923]
  * Improve the testsuite

- Update to GNU 1.31
  * Fix heap-buffer-overrun with --one-top-level, bug introduced
    with the addition of that option in 1.28
  * Support for zstd compression
  * New option '--zstd' instructs tar to use zstd as compression
    program. When listing, extractng and comparing, zstd compressed
    archives are recognized automatically. When '-a' option is in
    effect, zstd compression is selected if the destination archive
    name ends in '.zst' or '.tzst'.
  * The -K option interacts properly with member names given in the
    command line. Names of members to extract can be specified along
    with the '-K NAME' option. In this case, tar will extract NAME
    and those of named members that appear in the archive after it,
    which is consistent with the semantics of the option. Previous
    versions of tar extracted NAME, those of named members that
    appeared before it, and everything after it.
  * Fix CVE-2018-20482 - When creating archives with the --sparse
    option, previous versions of tar would loop endlessly if a
    sparse file had been truncated while being archived.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1549-1
Released:    Thu May  5 16:45:52 2022
Summary:     Security update for libvirt
Type:        security
Severity:    moderate
References:  1193364,1196625,1197636,CVE-2022-0897
This update for libvirt fixes the following issues:

- CVE-2022-0897: Fixed a crash in nwfilter when counting number of network filters (bsc#1197636).

The following non-security bugs were fixed:

- qemu: Improve save operation by increasing pipe size
  c61d1e9b-virfile-set-pipe-size.patch,
  47d6d185-virfile-fix-indent.patch,
  cd7acb33-virfile-report-error.patch
  bsc#1196625
  
- qemu: Directly query KVM for TSC scaling support
  5df2c492-use-kvm-for-tsc-scaling.patch
  bsc#1193364

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2022:1553-1
Released:    Fri May  6 12:42:08 2022
Summary:     Optional update for SUSE Package Hub
Type:        optional
Severity:    moderate
References:  
This optional update provides the following changes:

- Provide binaries for non x86_64 architectures directly to SUSE Package Hub.
- There are no visible changes for the final user.
- Affected source packages: gom

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1556-1
Released:    Fri May  6 12:54:09 2022
Summary:     Recommended update for xkeyboard-config
Type:        recommended
Severity:    moderate
References:  1188867
This update for xkeyboard-config fixes the following issues:

- Add French standardized AZERTY layout (AFNOR: NF Z71-300) (bsc#1188867)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1561-1
Released:    Fri May  6 14:51:35 2022
Summary:     Recommended update for python-kiwi
Type:        recommended
Severity:    moderate
References:  1192523
This update for python-kiwi fixes the following issue:

- Fix booting GRUB submenu entries with hybrid images (linux/linuxefi)
  Variables assigned with 'set' are not visible in submenus. Export $linux and $initrd, so that they also work in
  submenu entries. (bsc#1192523)
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1565-1
Released:    Fri May  6 17:09:36 2022
Summary:     Security update for giflib
Type:        security
Severity:    moderate
References:  1094832,1146299,1184123,974847,CVE-2016-3977,CVE-2018-11490,CVE-2019-15133
This update for giflib fixes the following issues:

- CVE-2019-15133: Fixed a divide-by-zero exception in the decoder function DGifSlurp in dgif_lib.c if the height field of the ImageSize data structure is equal to zero (bsc#1146299).
- CVE-2018-11490: Fixed a heap-based buffer overflow in DGifDecompressLine function in dgif_lib.c (bsc#1094832).
- CVE-2016-3977: Fixed a heap buffer overflow in gif2rgb (bsc#974847). 
     
Update to version 5.2.1
  * In gifbuild.c, avoid a core dump on no color map.
  * Restore inadvertently removed library version numbers in Makefile.
   
Changes in version 5.2.0
  * The undocumented and deprecated GifQuantizeBuffer() entry point
    has been moved to the util library to reduce libgif size and attack
    surface. Applications needing this function are couraged to link the
    util library or make their own copy.
  * The following obsolete utility programs are no longer installed:
    gifecho, giffilter, gifinto, gifsponge. These were either installed in
    error or have been obsolesced by modern image-transformmation tools
    like ImageMagick convert. They may be removed entirely in a future
    release.
  * Address SourceForge issue #136: Stack-buffer-overflow in gifcolor.c:84
  * Address SF bug #134: Giflib fails to slurp significant number of gifs
  * Apply SPDX convention for license tagging.
   
Changes in version 5.1.9
  * The documentation directory now includes an HTMlified version of the
    GIF89 standard, and a more detailed description of how LZW compression
    is applied to GIFs.
  * Address SF bug #129: The latest version of giflib cannot be build on windows.
  * Address SF bug #126: Cannot compile giflib using c89
   
Changes in version 5.1.8
  * Address SF bug #119: MemorySanitizer: FPE on unknown address (CVE-2019-15133 bsc#1146299)
  * Address SF bug #125: 5.1.7: xmlto is still required for tarball
  * Address SF bug #124: 5.1.7: ar invocation is not crosscompile compatible
  * Address SF bug #122: 5.1.7 installs manpages to wrong directory
  * Address SF bug #121: make: getversion: Command not found
  * Address SF bug #120: 5.1.7 does not build a proper library - no 
   
Changes in version 5.1.7
  * Correct a minor packaging error (superfluous symlinks) in the 5.1.6 tarballs.
   
Changes in version 5.1.6
  * Fix library installation in the Makefile.
   
Changes in version 5.1.5
  * Fix SF bug #114: Null dereferences in main() of gifclrmp
  * Fix SF bug #113: Heap Buffer Overflow-2 in function DGifDecompressLine()
    in cgif.c.  This had been assigned (CVE-2018-11490 bsc#1094832).
  * Fix SF bug #111: segmentation fault in PrintCodeBlock
  * Fix SF bug #109: Segmentation fault of giftool reading a crafted file
  * Fix SF bug #107: Floating point exception in giftext utility
  * Fix SF bug #105: heap buffer overflow in DumpScreen2RGB in gif2rgb.c:317
  * Fix SF bug #104: Ineffective bounds check in DGifSlurp
  * Fix SF bug #103: GIFLIB 5.1.4: DGifSlurp fails on empty comment
  * Fix SF bug #87: Heap buffer overflow in 5.1.2 (gif2rgb). (CVE-2016-3977 bsc#974847)
  * The horrible old autoconf build system has been removed with extreme prejudice. 
    You now build this simply by running 'make' from the top-level directory.

The following non-security bugs were fixed:

- build path independent objects and inherit CFLAGS from the build system (bsc#1184123)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1579-1
Released:    Mon May  9 17:22:05 2022
Summary:     Recommended update for MozillaFirefox
Type:        recommended
Severity:    important
References:  1198970,CVE-2022-29909,CVE-2022-29911,CVE-2022-29912,CVE-2022-29914,CVE-2022-29916,CVE-2022-29917
This update for MozillaFirefox fixes the following issues:

Firefox Extended Support Release 91.9.0 ESR

MFSA 2022-17 (bsc#1198970)

* CVE-2022-29914: Fullscreen notification bypass using popups
* CVE-2022-29909: Bypassing permission prompt in nested browsing contexts
* CVE-2022-29916: Leaking browser history with CSS variables
* CVE-2022-29911: iframe Sandbox bypass
* CVE-2022-29912: Reader mode bypassed SameSite cookies
* CVE-2022-29917: Memory safety bugs fixed in Firefox 100 and Firefox ESR 91.9


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1595-1
Released:    Tue May 10 05:30:16 2022
Summary:     Recommended update for libnss_nis
Type:        recommended
Severity:    important
References:  1197768
This update for libnss_nis fixes the following issues:

- Fix build issues occurring on SUSE Linux Enterprise 15 Service Pack 4 (bsc#1197768)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1617-1
Released:    Tue May 10 14:40:12 2022
Summary:     Security update for gzip
Type:        security
Severity:    important
References:  1198062,1198922,CVE-2022-1271
This update for gzip fixes the following issues:

- CVE-2022-1271: Fix escaping of malicious filenames. (bsc#1198062)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1644-1
Released:    Thu May 12 07:57:26 2022
Summary:     Security update for clamav
Type:        security
Severity:    important
References:  1199242,1199244,1199245,1199246,1199274,CVE-2022-20770,CVE-2022-20771,CVE-2022-20785,CVE-2022-20792,CVE-2022-20796
This update for clamav fixes the following issues:

- CVE-2022-20770: Fixed a possible infinite loop vulnerability in the CHM file parser (bsc#1199242).
- CVE-2022-20796: Fixed a possible NULL-pointer dereference crash in the scan verdict cache check (bsc#1199246).
- CVE-2022-20771: Fixed a possible infinite loop vulnerability in the TIFF file parser (bsc#1199244).
- CVE-2022-20785: Fixed a possible memory leak in the HTML file parser / Javascript normalizer (bsc#1199245).
- CVE-2022-20792: Fixed a possible multi-byte heap buffer overflow write vulnerability in the signature database load module (bsc#1199274).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1655-1
Released:    Fri May 13 15:36:10 2022
Summary:     Recommended update for pam
Type:        recommended
Severity:    moderate
References:  1197794
This update for pam fixes the following issue:

- Do not include obsolete header files (bsc#1197794)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1656-1
Released:    Fri May 13 15:38:02 2022
Summary:     Recommended update for llvm7
Type:        recommended
Severity:    moderate
References:  1197775
This update for llvm7 fixes the following issues:

- Backport fixes and changes from Factory. (bsc#1197775)
- Drop RUNPATH from packaged binaries, instead set LD_LIBRARY_PATH for building and testing to simulate behavior of 
  actual package.
- Fix build with linux-glibc-devel 5.13.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1658-1
Released:    Fri May 13 15:40:20 2022
Summary:     Recommended update for libpsl
Type:        recommended
Severity:    important
References:  1197771
This update for libpsl fixes the following issues:

- Fix libpsl compilation issues (bsc#1197771)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1659-1
Released:    Fri May 13 15:41:32 2022
Summary:     Recommended update for cups
Type:        recommended
Severity:    moderate
References:  1189517,1195115
This update for cups fixes the following issues:

- CUPS printservice takes much longer than before with a big number of printers (bsc#1189517)
- CUPS PreserveJobHistory doesn't work with seconds (bsc#1195115)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1660-1
Released:    Fri May 13 15:42:21 2022
Summary:     Recommended update for publicsuffix
Type:        recommended
Severity:    low
References:  1198068
This update for publicsuffix fixes the following issue:

- Update to version 20220405 (bsc#1198068)

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2022:1663-1
Released:    Mon May 16 09:51:22 2022
Summary:     Optional update for SUSE Package Hub
Type:        optional
Severity:    moderate
References:  
This optional update provides the following changes:

- Provide binaries for non x86_64 architectures directly to SUSE Package Hub.
- There are no visible changes for the final user.
- Affected source packages: meanwhile

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1670-1
Released:    Mon May 16 10:06:30 2022
Summary:     Security update for openldap2
Type:        security
Severity:    important
References:  1199240,CVE-2022-29155
This update for openldap2 fixes the following issues:

- CVE-2022-29155: Fixed SQL injection in back-sql (bsc#1199240).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1678-1
Released:    Mon May 16 10:19:03 2022
Summary:     Security update for jackson-databind, jackson-dataformats-binary, jackson-annotations, jackson-bom, jackson-core
Type:        security
Severity:    important
References:  1177616,1182481,1197132,CVE-2020-25649,CVE-2020-28491,CVE-2020-36518
This update for jackson-databind, jackson-dataformats-binary, jackson-annotations, jackson-bom, jackson-core fixes the following issues:

Security issues fixed:

- CVE-2020-36518: Fixed a Java stack overflow exception and denial of service via a large depth of nested objects in jackson-databind. (bsc#1197132)
- CVE-2020-25649: Fixed an insecure entity expansion in jackson-databind which was vulnerable to XML external entity (XXE). (bsc#1177616)
- CVE-2020-28491: Fixed a bug which could cause `java.lang.OutOfMemoryError` exception in jackson-dataformats-binary. (bsc#1182481)

Non security fixes:

jackson-annotations - update from version 2.10.2 to version 2.13.0:

   + Build with source/target levels 8
   + Add 'mvnw' wrapper
   + 'JsonSubType.Type' should accept array of names
   + Jackson version alignment with Gradle 6
   + Add '@JsonIncludeProperties'
   + Add '@JsonTypeInfo(use=DEDUCTION)'
   + Ability to use '@JsonAnyGetter' on fields
   + Add '@JsonKey' annotation
   + Allow repeated calls to 'SimpleObjectIdResolver.bindItem()' for same mapping
   + Add 'namespace' property for '@JsonProperty' (for XML module)
   + Add target 'ElementType.ANNOTATION_TYPE' for '@JsonEnumDefaultValue'
   + 'JsonPattern.Value.pattern' retained as '', never (accidentally) exposed as 'null'
   + Rewrite to use `ant` for building in order to be able to use it in packages that have to be built before maven

jackson-bom - update from version 2.10.2 to version 2.13.0:

   + Configure moditect plugin with '<jvmVersion>11</jvmVersion>'
   + jackson-bom manages the version of 'junit:junit'
   + Drop 'jackson-datatype-hibernate3' (support for Hibernate 3.x datatypes)
   + Removed 'jakarta' classifier variants of JAXB/JSON-P/JAX-RS modules due to the addition of new Jakarta artifacts
     (Jakarta-JSONP, Jakarta-xmlbind-annotations, Jakarta-rs-providers)
   + Add version for 'jackson-datatype-jakarta-jsonp' module (introduced after 2.12.2)
   + Add (beta) version for 'jackson-dataformat-toml'
   + Jakarta 9 artifact versions are missing from jackson-bom
   + Add default settings for 'gradle-module-metadata-maven-plugin' (gradle metadata)
   + Add default settings for 'build-helper-maven-plugin'
   + Drop 'jackson-module-scala_2.10' entry (not released for Jackson 2.12 or later)
   + Add override for 'version.plugin.bundle' (for 5.1.1) to help build on JDK 15+
   + Add missing version for jackson-datatype-eclipse-collections
    
jackson-core - update from version 2.10.2 to version 2.13.0:

   + Build with source and target levels 8
   + Misleading exception for input source when processing byte buffer with start offset
   + Escape contents of source document snippet for 'JsonLocation._appendSourceDesc()'
   + Add 'StreamWriteException' type to eventually replace 'JsonGenerationException'
   + Replace 'getCurrentLocation()'/'getTokenLocation()' with 'currentLocation()'/'currentTokenLocation()' in 
     'JsonParser'
   + Replace 'JsonGenerator.writeObject()' (and related) with 'writePOJO()'
   + Replace 'getCurrentValue()'/'setCurrentValue()' with 'currentValue()'/'assignCurrentValue()' in 
     'JsonParser'/'JsonGenerator
   + Introduce O(n^1.5) BigDecimal parser implementation
   + ByteQuadsCanonicalizer.addName(String, int, int) has incorrect handling for case of q2 == null
   + UTF32Reader ArrayIndexOutOfBoundsException
   + Improve exception/JsonLocation handling for binary content: don't show content, include byte offset
   + Fix an issue with the TokenFilter unable to ignore properties when deserializing.
   + Optimize array allocation by 'JsonStringEncoder'
   + Add 'mvnw' wrapper
   + (partial) Optimize array allocation by 'JsonStringEncoder'
   + Add back accidentally removed 'JsonStringEncoder' related methods in 'BufferRecyclers' 
     (like 'getJsonStringEncoder()')
   + 'ArrayOutOfBoundException' at 'WriterBasedJsonGenerator.writeString(Reader, int)'
   + Allow 'optional-padding' for 'Base64Variant'
   + More customizable TokenFilter inclusion (using 'Tokenfilter.Inclusion')
   + Publish Gradle Module Metadata
   + Add 'StreamReadCapability' for further format-based/format-agnostic handling improvements
   + Add 'JsonParser.isExpectedNumberIntToken()' convenience method
   + Add 'StreamWriteCapability' for further format-based/format-agnostic handling improvements
   + Add 'JsonParser.getNumberValueExact()' to allow precision-retaining buffering
   + Limit initial allocated block size by 'ByteArrayBuilder' to max block size
   + Add 'JacksonException' as parent class of 'JsonProcessingException'
   + Make 'JsonWriteContext.reset()' and 'JsonReadContext.reset()' methods public
   + Deprecate 'JsonParser.getCurrentTokenId()' (use '#currentTokenId()' instead)
   + Full 'LICENSE' included in jar for easier access by compliancy tools
   + Fix NPE in 'writeNumber(String)' method of 'UTF8JsonGenerator', 'WriterBasedJsonGenerator'
   + Add a String Array write method in the Streaming API
   + Synchronize variants of 'JsonGenerator#writeNumberField' with 'JsonGenerator#writeNumber'
   + Add JsonGenerator#writeNumber(char[], int, int) method
   + Do not clear aggregated contents of 'TextBuffer' when 'releaseBuffers()' called
   + 'FilteringGeneratorDelegate' does not handle 'writeString(Reader, int)'
   + Optionally allow leading decimal in float tokens
   + Rewrite to use ant for building in order to be able to use it in packages that have to be built before maven
   + Parsing JSON with 'ALLOW_MISSING_VALUE' enabled results in endless stream of 'VALUE_NULL' tokens
   + Handle case when system property access is restricted
   + 'FilteringGeneratorDelegate' does not handle 'writeString(Reader, int)'
   + DataFormatMatcher#getMatchedFormatName throws NPE when no match exists
   + 'JsonParser.getCurrentLocation()' byte/char offset update incorrectly for big payloads 

jackson-databind - update from version 2.10.5.1 to  version 2.13.0:

   + '@JsonValue' with integer for enum does not deserialize correctly
   + 'AnnotatedMethod.getValue()/setValue()' doesn't have useful exception message
   + Add 'DatabindException' as intermediate subtype of 'JsonMappingException'
   + Jackson does not support deserializing new Java 9 unmodifiable collections
   + Allocate TokenBuffer instance via context objects (to
      allow format-specific buffer types)
   + Add mechanism for setting default 'ContextAttributes' for 'ObjectMapper'
   + Add 'DeserializationContext.readTreeAsValue()' methods
      for more convenient conversions for deserializers to use
   + Clean up support of typed 'unmodifiable', 'singleton'
      Maps/Sets/Collections
   + Extend internal bitfield of 'MapperFeature' to be
      'long'
   + Add 'removeMixIn()' method in 'MapperBuilder'
   + Backport 'MapperBuilder' lambda-taking methods:
      'withConfigOverride()', 'withCoercionConfig()',
      'withCoercionConfigDefaults()'
   + configOverrides(boolean.class) silently ignored,
      whereas .configOverride(Boolean.class) works for both
      primitives and boxed boolean values
   + Dont track unknown props in buffer if
      'ignoreAllUnknown' is true
   + Should allow deserialization of java.time types via
      opaque 'JsonToken.VALUE_EMBEDDED_OBJECT'
   + Optimize 'AnnotatedConstructor.call()' case by passing
      explicit null
   + Add AnnotationIntrospector.XmlExtensions interface for
      decoupling javax dependencies
   + Custom SimpleModule not included in list returned by
      ObjectMapper.getRegisteredModuleIds() after registration
   + Use more limiting default visibility settings for JDK
      types (java.*, javax.*)
   + Deep merge for 'JsonNode' using 'ObjectReader.readTree()'
   + IllegalArgumentException: Conflicting setter
      definitions for property with more than 2 setters
   + Serializing java.lang.Thread fails on JDK 11 and above
   + String-based 'Map' key deserializer is not
      deterministic when there is no single arg constructor
   + Add ArrayNode#set(int index, primitive_type value)
   + JsonStreamContext 'currentValue' wrongly references to
      '@JsonTypeInfo' annotated object
   + DOM 'Node' serialization omits the default namespace
      declaration
   + Support 'suppressed' property when deserializing 'Throwable'
   + 'AnnotatedMember.equals()' does not work reliably
   + Add 'MapperFeature.APPLY_DEFAULT_VALUES', initially for Scala module
   + For an absent property Jackson injects 'NullNode'
      instead of 'null' to a JsonNode-typed constructor argument of
      a '@ConstructorProperties'-annotated constructor
   + 'XMLGregorianCalendar' doesn't work with default typing
   + Content 'null' handling not working for root values
   + StdDeserializer rejects blank (all-whitespace) strings
      for ints
   + 'USE_BASE_TYPE_AS_DEFAULT_IMPL' not working with
      'DefaultTypeResolverBuilder'
   + Add PropertyNamingStrategies.UpperSnakeCaseStrategy
      (and UPPER_SNAKE_CASE constant)
   + StackOverflowError when serializing JsonProcessingException
   + Support for BCP 47 'java.util.Locale' serialization/deserialization
   + String property deserializes null as 'null' for
      JsonTypeInfo.As.EXISTING_PROPERTY
   + Can not deserialize json to enum value with
      Object-/Array-valued input, '@JsonCreator'
   + Fix to avoid problem with 'BigDecimalNode', scale of
      'Integer.MIN_VALUE'
   + Extend handling of 'FAIL_ON_NULL_FOR_PRIMITIVES' to cover
      coercion from (Empty) String via 'AsNull'
   + Add 'mvnw' wrapper
   + (regression) Factory method generic type resolution
      does not use Class-bound type parameter
   + Deserialization of 'empty' subtype with DEDUCTION failed
   + Merge findInjectableValues() results in
      AnnotationIntrospectorPair
   + READ_UNKNOWN_ENUM_VALUES_USING_DEFAULT_VALUE doesn't
      work with empty strings
   + 'TypeFactory' cannot convert 'Collection' sub-type
      without type parameters to canonical form and back
    + Fix for [modules-java8#207]: prevent fail on secondary Java 8
      date/time types
   + EXTERNAL_PROPERTY does not work well with '@JsonCreator'
      and 'FAIL_ON_UNKNOWN_PROPERTIES'
   + String property deserializes null as 'null' for
     'JsonTypeInfo.As.EXTERNAL_PROPERTY'
   + Property ignorals cause 'BeanDeserializer 'to forget
      how to read from arrays (not copying
      '_arrayDelegateDeserializer')
   + UntypedObjectDeserializer' mixes multiple unwrapped
      collections (related to #2733)
   + Two cases of incorrect error reporting about
      DeserializationFeature
   + Bug in polymorphic deserialization with '@JsonCreator',
      '@JsonAnySetter', 'JsonTypeInfo.As.EXTERNAL_PROPERTY'
   + Polymorphic subtype deduction ignores 'defaultImpl'
      attribute
   + MismatchedInputException: Cannot deserialize instance
      of 'com.fasterxml.jackson.databind.node.ObjectNode' out of
      VALUE_NULL token
   + Missing override for 'hasAsKey()' in
      'AnnotationIntrospectorPair'
   + Creator lookup fails with 'InvalidDefinitionException'
      for conflict between single-double/single-Double arg constructor
   + 'MapDeserializer' forcing 'JsonMappingException'
      wrapping even if WRAP_EXCEPTIONS set to false
   + Auto-detection of constructor-based creator method
      skipped if there is an annotated factory-based creator method
      (regression from 2.11)
   + 'ObjectMapper.treeToValue()' no longer invokes
      'JsonDeserializer.getNullValue()'
   + DeserializationProblemHandler is not invoked when
      trying to deserialize String
   + Fix failing 'double' JsonCreators in jackson 2.12.0
   + Conflicting in POJOPropertiesCollector when having
      namingStrategy
   + Breaking API change in 'BasicClassIntrospector' (2.12.0)
   + 'JsonNode.requiredAt()' does NOT fail on some path expressions
   + Exception thrown when 'Collections.synchronizedList()'
      is serialized with type info, deserialized
   + Add option to resolve type from multiple existing
      properties, '@JsonTypeInfo(use=DEDUCTION)'
   + '@JsonIgnoreProperties' does not prevent Exception
      Conflicting getter/setter definitions for property
   + Deserialization Not Working Right with Generic Types and
      Builders
   + Add '@JsonIncludeProperties(propertyNames)' (reverse of
      '@JsonIgnoreProperties')
   + '@JsonAnyGetter' should be allowed on a field
   + Allow handling of single-arg constructor as property
      based by default
   + Allow case insensitive deserialization of String value
      into 'boolean'/'Boolean' (esp for Excel)
   + Allow use of '@JsonFormat(with=JsonFormat.Feature
      .ACCEPT_CASE_INSENSITIVE_PROPERTIES)' on Class
   + Abstract class included as part of known type ids for
      error message   when using JsonSubTypes
   + Distinguish null from empty string for UUID
      deserialization
   + 'ReferenceType' does not expose valid containedType
   + Add 'CoercionConfig[s]' mechanism for configuring
      allowed coercions
   + 'JsonProperty.Access.READ_ONLY' does not work with
      'getter-as-setter' 'Collection's
   + Support 'BigInteger' and 'BigDecimal' creators in
      'StdValueInstantiator'
   + 'JsonProperty.Access.READ_ONLY' fails with collections
      when a property name is specified
   + 'BigDecimal' precision not retained for polymorphic
      deserialization
   + Support use of 'Void' valued properties
      ('MapperFeature.ALLOW_VOID_VALUED_PROPERTIES')
   + Explicitly fail (de)serialization of 'java.time.*'
      types in absence of registered custom (de)serializers
   + Improve description included in by
      'DeserializationContext.handleUnexpectedToken()'
   + Support for JDK 14 record types ('java.lang.Record')
   + 'PropertyNamingStrategy' class initialization depends
      on its subclass, this can lead to class loading deadlock
   + 'FAIL_ON_IGNORED_PROPERTIES' does not throw on
      'READONLY' properties with an explicit name
   + Add Gradle Module Metadata for version alignment with
      Gradle 6
   + Allow 'JsonNode' auto-convert into 'ArrayNode' if
      duplicates found (for XML)
   + Allow values of 'untyped' auto-convert into 'List' if
      duplicates found (for XML)
   + Add 'ValueInstantiator.createContextual(...)
   + Support multiple names in 'JsonSubType.Type'
   + Disabling 'FAIL_ON_INVALID_SUBTYPE' breaks polymorphic
      deserialization of Enums
   + Explicitly fail (de)serialization of 'org.joda.time.*'
      types in absence of registered custom (de)serializers
   + Trailing zeros are stripped when deserializing
      BigDecimal values inside a @JsonUnwrapped property
   + Extract getter/setter/field name mangling from
      'BeanUtil' into pluggable 'AccessorNamingStrategy'
   + Throw 'InvalidFormatException' instead of
      'MismatchedInputException' for ACCEPT_FLOAT_AS_INT coercion
      failures
   + Add '@JsonKey' annotation (similar to '@JsonValue') for
      customizable serialization of Map keys
   + 'MapperFeature.ACCEPT_CASE_INSENSITIVE_ENUMS' should
      work for enum as keys
   + Add support for disabling special handling of 'Creator
      properties' wrt alphabetic property ordering
   + Add 'JsonNode.canConvertToExactIntegral()' to indicate
      whether floating-point/BigDecimal values could be converted to
      integers losslessly
   + Improve static factory method generic type resolution
      logic
   + Allow preventing 'Enum from integer' coercion using new
      'CoercionConfig' system
   + '@JsonValue' not considered when evaluating inclusion
   + Make some java platform modules optional
   + Add support for serializing 'java.sql.Blob'
   + 'AnnotatedCreatorCollector' should avoid processing
      synthetic static (factory) methods
   + Add errorprone static analysis profile to detect bugs at build time
   + Problem with implicit creator name detection for constructor detection
   + Add 'BeanDeserializerBase.isCaseInsensitive()'
   + Refactoring of 'CollectionDeserializer' to solve CSV array handling issues
   + Full 'LICENSE' included in jar for easier access by compliancy tools
   + Fix type resolution for static methods (regression in 2.11.3)
   + '@JsonCreator' on constructor not compatible with '@JsonIdentityInfo', 
     'PropertyGenerator'
   + Add debug improvements about 'ClassUtil.getClassMethods()'
   + Cannot detect creator arguments of mixins for JDK types
   + Add 'JsonFormat.Shape' awareness for UUID serialization ('UUIDSerializer')
   + Json serialization fails or a specific case that
      contains generics and static methods with generic parameters
      (2.11.1 -> 2.11.2 regression)
   + 'ObjectMapper.activateDefaultTypingAsProperty()' is not
      using parameter 'PolymorphicTypeValidator'
   + Problem deserialization 'raw generic' fields
      (like 'Map') in 2.11.2
   + Fix issues with 'MapLikeType.isTrueMapType()',
      'CollectionLikeType.isTrueCollectionType()'
   + Parser/Generator features not set when using
      'ObjectMapper.createParser()', 'createGenerator()'
   + Polymorphic subtypes not registering on copied
      ObjectMapper (2.11.1)
   + Failure to read AnnotatedField value in Jackson 2.11
   + 'TypeFactory.constructType()' does not take
      'TypeBindings' correctly
   + Builder Deserialization with JsonCreator Value vs Array
   + JsonCreator on static method in Enum and Enum used as
      key in map fails randomly
   + 'StdSubtypeResolver' is not thread safe (possibly due
      to copy not being made with 'ObjectMapper.copy()')
   + 'Conflicting setter definitions for property' exception
      for 'Map' subtype during deserialization
   + Fail to deserialize local Records
   + Rearranging of props when property-based generator is
      in use leads to incorrect output
   + Jackson doesn't respect
      'CAN_OVERRIDE_ACCESS_MODIFIERS=false' for deserializer
      properties
   + 'DeserializationFeature.UNWRAP_SINGLE_VALUE_ARRAYS'
      don't support 'Map' type field
   + JsonParser from MismatchedInputException cannot
      getText() for floating-point value
   + i-I case conversion problem in Turkish locale with
      case-insensitive deserialization
   + '@JsonInject' fails on trying to find deserializer even
      if inject-only
   + Polymorphic deserialization should handle
      case-insensitive Type Id property name if
      'MapperFeature.ACCEPT_CASE_INSENSITIVE_PROPERTIES' is enabled
   + TreeTraversingParser and UTF8StreamJsonParser create
      contexts differently
   + Support use of '@JsonAlias' for enum values
   + 'declaringClass' of 'enum-as-POJO' not removed for
      'ObjectMapper' with a naming strategy
   + Fix 'JavaType.isEnumType()' to support sub-classes
   + BeanDeserializerBuilder Protected Factory Method for Extension
   + Support '@JsonSerialize(keyUsing)' and
      '@JsonDeserialize(keyUsing)' on Key class
   + Add 'SerializationFeature.WRITE_SELF_REFERENCES_AS_NULL'
   + 'ObjectMapper.registerSubtypes(NamedType...)' doesn't
      allow registering same POJO for two different type ids
   + 'DeserializationContext.handleMissingInstantiator()'
      throws 'MismatchedInputException' for non-static inner classes
   + Incorrect 'JsonStreamContext' for 'TokenBuffer' and
      'TreeTraversingParser'
   + Add 'AnnotationIntrospector.findRenameByField()' to
      support Kotlin's 'is-getter' naming convention
   + Use '@JsonProperty(index)' for sorting properties on
      serialization
   + Java 8 'Optional' not working with '@JsonUnwrapped' on
      unwrappable type
   + Add 'MapperFeature.BLOCK_UNSAFE_POLYMORPHIC_BASE_TYPES'
      to allow blocking use of unsafe base type for polymorphic
      deserialization
   + 'ObjectMapper.setSerializationInclusion()' is ignored
      for 'JsonAnyGetter'
   + 'ValueInstantiationException' when deserializing using
      a builder and 'UNWRAP_SINGLE_VALUE_ARRAYS'
   + JsonIgnoreProperties(ignoreUnknown = true) does not
      work on field and method level
   + Failure to resolve generic type parameters on
      serialization
   + JsonParser cannot getText() for input stream on
      MismatchedInputException
   + ObjectReader readValue lacks Class<T> argument
   + Change default textual serialization of
      'java.util.Date'/'Calendar' to include colon in timezone
      offset
   + Add 'ObjectMapper.createParser()' and 'createGenerator()' methods
   + Allow serialization of 'Properties' with non-String values
   + Add new factory method for creating custom 'EnumValues'
      to pass to 'EnumDeserializer
   + 'IllegalArgumentException' thrown for mismatched
      subclass deserialization
   + Add convenience methods for creating 'List', 'Map'
      valued 'ObjectReader's (ObjectMapper.readerForListOf())
   + 'SerializerProvider.findContentValueSerializer()' methods
    
jackson-dataformats-binary - update from version 2.10.1 to version 2.13.0:
    
   + (cbor) Should validate UTF-8 multi-byte validity for short decode path too
   + (ion) Deprecate 'CloseSafeUTF8Writer', remove use
   + (smile) Make 'SmileFactory' support 'JsonFactory.Feature.CANONICALIZE_FIELD_NAMES'
   + (cbor) Make 'CBORFactory' support 'JsonFactory.Feature.CANONICALIZE_FIELD_NAMES'
   + (cbor) Handle case of BigDecimal with Integer.MIN_VALUE for scale gracefully
   + (cbor) Uncaught exception in CBORParser._nextChunkedByte2 (by ossfuzzer)
   + (cbor) Another uncaught exception in CBORParser._nextChunkedByte2 (by ossfuzzer)
   + (smile) Add 'SmileGenerator.Feature.LENIENT_UTF_ENCODING' for lenient
     handling of broken Unicode surrogate pairs on writing
   + (avro) Add 'logicalType' support for some 'java.time' types; add 'AvroJavaTimeModule'
     for native ser/deser
   + Support base64 strings in 'getBinaryValue()' for CBOR and Smile
   + (cbor) 'ArrayIndexOutOfBounds' for truncated UTF-8 name
   + (avro) Generate logicalType switch
   + (smile) 'ArrayIndexOutOfBounds' for truncated UTF-8 name
   + (ion) 'jackson-dataformat-ion' does not handle
      null.struct deserialization correctly
   + 'Ion-java' dep 1.4.0 -> 1.8.0
   + Minor change to Ion module registration names (fully-qualified)
   + (cbor) Uncaught exception in CBORParser._nextChunkedByte2 (by ossfuzzer)
   + (cbor) Uncaught exception in CBORParser._findDecodedFromSymbols() (by ossfuzzer)
   + (smile) Uncaught validation problem wrt Smile 'BigDecimal' type
   + (smile) ArrayIndexOutOfBoundsException for malformed Smile header
   + (cbor) Failed to handle case of alleged String with length of Integer.MAX_VALUE
   + (smile) Allocate byte[] lazily for longer Smile binary data payloads
   + (cbor) CBORParser need to validate zero-length byte[] for BigInteger
   + (smile) Handle invalid chunked-binary-format length gracefully
   + (smile) Allocate byte[] lazily for longer Smile binary data payloads (7-bit encoded)
   + (smile)  ArrayIndexOutOfBoundsException in SmileParser._decodeShortUnicodeValue()
   + (smile) Handle sequence of Smile header markers without recursion
   + (cbor) CBOR loses 'Map' entries with specific 'long' Map key values (32-bit boundary)
   + (ion) Ion Polymorphic deserialization in 2.12 breaks wrt use of Native Type Ids 
     when upgrading from 2.8
   + (cbor) 'ArrayIndexOutOfBoundsException' in 'CBORParser' for invalid UTF-8 String
   + (cbor) Handle invalid CBOR content like '[0x84]' (incomplete array)
   + (ion) Respect 'WRITE_ENUMS_USING_TO_STRING' in 'EnumAsIonSymbolSerializer'
   + (ion) Add support for generating IonSexps
   + (ion) Add support for deserializing IonTimestamps and IonBlobs
   + (ion) Add 'IonObjectMapper.builderForBinaryWriters()' /
      '.builderforTextualWriters()' convenience methods
   + (ion) Enabling pretty-printing fails Ion serialization
   + (ion) Allow disabling native type ids in IonMapper
   + (smile) Small bug in byte-alignment for long field names
      in Smile, symbol table reuse
   + (ion) Add 'IonFactory.getIonSystem()' accessor
   + (ion) Optimize 'IonParser.getNumberType()' using
      'IonReader.getIntegerSize()'
   + (cbor) Add 'CBORGenerator.Feature.LENIENT_UTF_ENCODING'
      for lenient handling of Unicode surrogate pairs on writing
   + (cbor) Add support for decoding unassigned 'simple
      values' (type 7)
   + Add Gradle Module Metadata
      (https://blog.gradle.org/alignment-with-gradle-module-metadata)
   + (avro) Cache record names to avoid hitting class loader
   + (avro) Avro null deserialization
   + (ion) Add 'IonFactory.getIonSystem()' accessor
   + (avro) Add 'AvroGenerator.canWriteBinaryNatively()' to
      support binary writes, fix 'java.util.UUID' representation
   + (ion) Allow 'IonObjectMapper' with class name annotation
      introspector to deserialize generic subtypes
   + Remove dependencies upon Jackson 1.X and Avro's
      JacksonUtils
   + 'jackson-databind' should not be full dependency for
      (cbor, protobuf, smile) modules
   + 'CBORGenerator.Feature.WRITE_MINIMAL_INTS' does not
      write most compact form for all integers
   + 'AvroGenerator' overrides 'getOutputContext()' properly
   + (ion) Add 'IonFactory.getIonSystem()' accessor
   + (avro) Fix schema evolution involving maps of non-scalar
   + (protobuf) Parsing a protobuf message doesn't properly skip unknown fields
   + (ion) IonObjectMapper close()s the provided IonWriter unnecessarily
   + ion-java dependency 1.4.0 -> 1.5.1  
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1689-1
Released:    Mon May 16 14:09:01 2022
Summary:     Security update for containerd, docker
Type:        security
Severity:    important
References:  1193930,1196441,1197284,1197517,CVE-2021-43565,CVE-2022-23648,CVE-2022-24769,CVE-2022-27191
This update for containerd, docker fixes the following issues:

- CVE-2022-24769: Fixed incorrect default inheritable capabilities (bsc#1197517).
- CVE-2022-23648: Fixed directory traversal issue (bsc#1196441).
- CVE-2022-27191: Fixed a crash in a golang.org/x/crypto/ssh server (bsc#1197284).
- CVE-2021-43565: Fixed a panic in golang.org/x/crypto by empty plaintext packet (bsc#1193930).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1693-1
Released:    Tue May 17 09:13:13 2022
Summary:     Security update for pidgin
Type:        security
Severity:    important
References:  1199025,CVE-2022-26491
This update for pidgin fixes the following issues:

- CVE-2022-26491: Fixed MITM vulnerability when DNSSEC wasn't used (bsc#1199025).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1703-1
Released:    Tue May 17 12:13:36 2022
Summary:     Recommended update for hwdata
Type:        recommended
Severity:    important
References:  1196332
This update for hwdata fixes the following issues:

- Updated pci, usb and vendor ids (bsc#1196332)

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2022:1706-1
Released:    Tue May 17 17:34:30 2022
Summary:     Optional update for SUSE Package Hub
Type:        optional
Severity:    moderate
References:  
This optional update provides the following changes:

- Provide binaries for non x86_64 architectures directly to SUSE Package Hub.
- There are no visible changes for the final user.
- Affected source packages: libgadu

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1709-1
Released:    Tue May 17 17:35:47 2022
Summary:     Recommended update for libcbor
Type:        recommended
Severity:    important
References:  1197743
This update for libcbor fixes the following issues:

- Fix build errors occuring on SUSE Linux Enterprise 15 Service Pack 4

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2022:1712-1
Released:    Tue May 17 17:38:36 2022
Summary:     Optional update for SUSE Package Hub
Type:        optional
Severity:    moderate
References:  
This optional update provides the following changes:

- Provide binaries for non x86_64 architectures directly to SUSE Package Hub.
- There are no visible changes for the final user.
- Affected source packages: libchamplain cogl clutter clutter-gtk

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1718-1
Released:    Tue May 17 17:44:43 2022
Summary:     Security update for e2fsprogs
Type:        security
Severity:    important
References:  1198446,CVE-2022-1304
This update for e2fsprogs fixes the following issues:

- CVE-2022-1304: Fixed out-of-bounds read/write leading to segmentation fault
  and possibly arbitrary code execution. (bsc#1198446)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1719-1
Released:    Tue May 17 17:45:16 2022
Summary:     Security update for MozillaThunderbird
Type:        security
Severity:    important
References:  1198970,CVE-2022-1520,CVE-2022-29909,CVE-2022-29911,CVE-2022-29912,CVE-2022-29913,CVE-2022-29914,CVE-2022-29916,CVE-2022-29917
This update for MozillaThunderbird fixes the following issues:

Various security fixes MFSA 2022-18 (bsc#1198970):

- CVE-2022-1520: Incorrect security status shown after viewing an attached email (bmo#1745019).
- CVE-2022-29914: Fullscreen notification bypass using popups (bmo#1746448).
- CVE-2022-29909: Bypassing permission prompt in nested browsing contexts (bmo#1755081).
- CVE-2022-29916: Leaking browser history with CSS variables (bmo#1760674).
- CVE-2022-29911: iframe sandbox bypass (bmo#1761981).
- CVE-2022-29912: Reader mode bypassed SameSite cookies (bmo#1692655).
- CVE-2022-29913: Speech Synthesis feature not properly disabled (bmo#1764778).
- CVE-2022-29917: Memory safety bugs fixed in Thunderbird 91.9 (bmo#1684739, bmo#1706441, bmo#1753298, bmo#1762614, bmo#1762620).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1727-1
Released:    Wed May 18 16:54:08 2022
Summary:     Security update for ucode-intel
Type:        security
Severity:    moderate
References:  1198717,1199423,CVE-2022-21151
This update for ucode-intel fixes the following issues:

Updated to Intel CPU Microcode 20220510 release. (bsc#1199423)
Updated to Intel CPU Microcode 20220419 release. (bsc#1198717)

- CVE-2022-21151: Processor optimization removal or modification of security-critical code for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access (bsc#1199423).

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2022:1734-1
Released:    Thu May 19 09:12:21 2022
Summary:     Optional update for SUSE Package Hub
Type:        optional
Severity:    moderate
References:  
This optional update provides the following changes:

- Provide binaries for non x86_64 architectures directly to SUSE Package Hub.
- There are no visible changes for the final user.
- Affected source packages: lpsolve

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2022:1736-1
Released:    Thu May 19 09:13:16 2022
Summary:     Optional update for SUSE Package Hub
Type:        optional
Severity:    moderate
References:  
This optional update provides the following changes:

- Provide binaries for non x86_64 architectures directly to SUSE Package Hub.
- There are no visible changes for the final user.
- Affected source packages: mysql-connector-cpp

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2022:1739-1
Released:    Thu May 19 09:15:05 2022
Summary:     Optional update for SUSE Package Hub
Type:        optional
Severity:    moderate
References:  
This optional update provides the following changes:

- Provide binaries for non x86_64 architectures directly to SUSE Package Hub.
- There are no visible changes for the final user.
- Affected source packages: libGLw motif

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2022:1741-1
Released:    Thu May 19 11:19:39 2022
Summary:     Optional update for SUSE Package Hub
Type:        optional
Severity:    moderate
References:  
This optional update provides the following changes:

- Provide binaries for non x86_64 architectures directly to SUSE Package Hub.
- There are no visible changes for the final user.
- Affected source packages: libotr

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2022:1742-1
Released:    Thu May 19 11:20:25 2022
Summary:     Optional update for SUSE Package Hub
Type:        optional
Severity:    moderate
References:  
This optional update provides the following changes:

- Provide binaries for non x86_64 architectures directly to SUSE Package Hub.
- There are no visible changes for the final user.
- Affected source packages: libmpeg2

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2022:1743-1
Released:    Thu May 19 11:21:02 2022
Summary:     Optional update for SUSE Package Hub
Type:        optional
Severity:    moderate
References:  
This optional update provides the following changes:

- Provide binaries for non x86_64 architectures directly to SUSE Package Hub.
- There are no visible changes for the final user.
- Affected source packages: tbb

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1748-1
Released:    Thu May 19 11:36:05 2022
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    important
References:  1198970,CVE-2022-29909,CVE-2022-29911,CVE-2022-29912,CVE-2022-29914,CVE-2022-29916,CVE-2022-29917
This update for MozillaFirefox fixes the following issues:

Firefox Extended Support Release 91.9.0 ESR (MFSA 2022-17)(bsc#1198970):

- CVE-2022-29914: Fullscreen notification bypass using popups
- CVE-2022-29909: Bypassing permission prompt in nested browsing contexts
- CVE-2022-29916: Leaking browser history with CSS variables
- CVE-2022-29911: iframe Sandbox bypass
- CVE-2022-29912: Reader mode bypassed SameSite cookies
- CVE-2022-29917: Memory safety bugs fixed in Firefox 100 and Firefox ESR 91.9

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1755-1
Released:    Thu May 19 16:39:41 2022
Summary:     Security update for php7
Type:        security
Severity:    low
References:  1197644
This update for php7 fixes the following issues:

- Fixed filter_var bypass vulnerability (bsc#1197644).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1761-1
Released:    Fri May 20 09:00:46 2022
Summary:     Recommended update for go
Type:        recommended
Severity:    moderate
References:  1193742
This update for go fixes the following issues:

Updated wrapper package to current stable go1.18 (bsc#1193742).

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2022:1767-1
Released:    Fri May 20 12:35:42 2022
Summary:     Optional update for SUSE Package Hub
Type:        optional
Severity:    moderate
References:  
This optional update provides the following changes:

- Provide binaries for non x86_64 architectures directly to SUSE Package Hub.
- There are no visible changes for the final user.
- Affected source packages: rasqal redland raptor

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1814-1
Released:    Mon May 23 14:04:13 2022
Summary:     Recommended update for sapconf
Type:        recommended
Severity:    moderate
References:  1185702,1188743,1192841
This update for sapconf fixes the following issues:

Version update from 5.0.3 to 5.0.4:

- Change block device handling to handle multipath devices correctly. Only the DM multipath devices (mpath) will be
  used for the settings, but not its paths (bsc#1188743)
- Fixed wrong comparison used for setting force_latency (bsc#1185702)
- SAP Note 1771258 v6 updates nofile values to 1048576 (bsc#1192841)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1820-1
Released:    Mon May 23 17:04:18 2022
Summary:     Recommended update for rzsz
Type:        recommended
Severity:    low
References:  1197852
This update for rzsz fixes the following issue:

- Fix build with the latest gettext (bsc#1197852)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1821-1
Released:    Tue May 24 08:01:58 2022
Summary:     Recommended update for read-only-root-fs
Type:        recommended
Severity:    low
References:  1156421,1161264,1176052
This update for read-only-root-fs fixes the following issues:

- Add required mount for /etc for systemd udevd.
- Workaround for /var being RO during systemd journal flush. (bsc#1156421)
- Better check for already existing etc overlay. (bsc#1161264)
- Adjust btrfs maintenance sysconfig to not use the read-only root filesystem. (bsc#1176052)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1824-1
Released:    Tue May 24 10:31:13 2022
Summary:     Recommended update for dhcp
Type:        recommended
Severity:    moderate
References:  1198657
This update for dhcp fixes the following issues:

- Properly handle DHCRELAY(6)_OPTIONS (bsc#1198657)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1828-1
Released:    Tue May 24 10:47:38 2022
Summary:     Recommended update for oath-toolkit
Type:        recommended
Severity:    important
References:  1197790
This update for oath-toolkit fixes the following issues:

- Fix build issues occurring on SUSE Linux Enterprise 15 Service Pack 4 (bsc#1197790)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1830-1
Released:    Tue May 24 11:27:00 2022
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    important
References:  1199768,CVE-2022-1529,CVE-2022-1802
This update for MozillaFirefox fixes the following issues:

Firefox Extended Support Release 91.9.1 ESR - MFSA 2022-19 (bsc#1199768):

- CVE-2022-1802: Prototype pollution in Top-Level Await implementation
- CVE-2022-1529: Untrusted input used in JavaScript object indexing, leading to prototype pollution

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1837-1
Released:    Wed May 25 10:28:43 2022
Summary:     Recommended update for suse-hpc, trilinos
Type:        recommended
Severity:    moderate
References:  1197781
This update for suse-hpc, trilinos fixes the following issues:

- Update to version 0.5.20211210
- Add an 'Obsoletes:/Provides:' for a bogus package name that was released to SLE/Leap by accident.
- Tie %python_flavor to python3 on Leap/SLE 15-SP3 (bsc#1197781).
- Lower disk and memory constraints to match actual requirements.
- Add openmpi4 non-HPC flavor

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1843-1
Released:    Wed May 25 15:25:44 2022
Summary:     Recommended update for suse-build-key
Type:        recommended
Severity:    moderate
References:  1198504
This update for suse-build-key fixes the following issues:

- still ship the old ptf key in the documentation directory (bsc#1198504)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1850-1
Released:    Thu May 26 08:32:57 2022
Summary:     Recommended update for perl-XML-LibXML
Type:        recommended
Severity:    moderate
References:  1197798
This update for perl-XML-LibXML fixes the following issues:

- Allow compile against latest version available of libxml in SP4 so perl-XML-LibXSLT compiles cleanly. (bsc#1197798) 

This update has no customer visible change.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1851-1
Released:    Thu May 26 08:59:55 2022
Summary:     Recommended update for gcc8
Type:        recommended
Severity:    moderate
References:  1197716
This update for gcc8 fixes the following issues:

- Fix build against SP4. (bsc#1197716)
- Remove bogus fixed include bits/statx.h from glibc 2.30 (bsc#1197716)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1861-1
Released:    Thu May 26 12:07:40 2022
Summary:     Security update for cups
Type:        security
Severity:    important
References:  1199474,CVE-2022-26691
This update for cups fixes the following issues:

- CVE-2022-26691: Fixed an authentication bypass and code execution vulnerability (bsc#1199474)

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2022:1863-1
Released:    Fri May 27 09:06:37 2022
Summary:     Optional update for ckermit
Type:        optional
Severity:    low
References:  1197708
This optional update for ckermit fixes the following issues:

There are no visible changes for the final user.

- Solve a source build issue (FTBFS) after the removal of `libio` with `glibc-2.28`. (bsc#1197708)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1864-1
Released:    Fri May 27 09:07:30 2022
Summary:     Recommended update for leveldb
Type:        recommended
Severity:    low
References:  1197742
This update for leveldb fixes the following issue:

- fix tests (bsc#1197742)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1865-1
Released:    Fri May 27 09:08:32 2022
Summary:     Recommended update for xiterm
Type:        recommended
Severity:    low
References:  1197864
This update for xiterm fixes the following issues:

- Remove use of obsolete XSI STREAMS interface. (bsc#1197864)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1867-1
Released:    Fri May 27 09:13:41 2022
Summary:     Recommended update for v4l-utils
Type:        recommended
Severity:    low
References:  1197861
This update for v4l-utils fixes the following issues:

- fix build (bsc#1197861)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1868-1
Released:    Fri May 27 09:14:45 2022
Summary:     Recommended update for openwsman
Type:        recommended
Severity:    low
References:  1197792
This update for openwsman fixes the following issue:

- fix FTBFS with newer libcurl in SLE 15-SP4 (bsc#1197792)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1871-1
Released:    Fri May 27 10:54:05 2022
Summary:     Recommended update for nftables
Type:        recommended
Severity:    moderate
References:  1197606
This update for nftables fixes the following issues:

- Fix rare crashes that could occur e.g. in firewalld (bsc#1197606)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1872-1
Released:    Fri May 27 10:54:41 2022
Summary:     Recommended update for oprofile
Type:        recommended
Severity:    important
References:  1197793
This update for oprofile fixes the following issues:

- Resolve build issues due to binutils 2.34 api changes (bsc#1197793)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1875-1
Released:    Mon May 30 00:10:24 2022
Summary:     Recommended update for grpc
Type:        recommended
Severity:    low
References:  1197726
This update for grpc fixes the following issues:

- grpc won't compile on SP4(bsc#1197726)
- Add conditional to build without python2 if needed

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1876-1
Released:    Mon May 30 00:11:47 2022
Summary:     Recommended update for csync
Type:        recommended
Severity:    low
References:  1197711
This update for csync fixes the following issues:

- Detect libssh version. (bsc#1197711)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1882-1
Released:    Mon May 30 12:37:13 2022
Summary:     Security update for tiff
Type:        security
Severity:    important
References:  1195964,1195965,1197066,1197068,1197072,1197073,1197074,1197631,CVE-2022-0561,CVE-2022-0562,CVE-2022-0865,CVE-2022-0891,CVE-2022-0908,CVE-2022-0909,CVE-2022-0924,CVE-2022-1056
This update for tiff fixes the following issues:

- CVE-2022-0561: Fixed null source pointer passed as an argument to memcpy() within TIFFFetchStripThing() in tif_dirread.c (bsc#1195964).
- CVE-2022-0562: Fixed null source pointer passed as an argument to memcpy() within TIFFReadDirectory() in tif_dirread.c (bsc#1195965).
- CVE-2022-0865: Fixed assertion failure in TIFFReadAndRealloc (bsc#1197066).
- CVE-2022-0909: Fixed divide by zero error in tiffcrop that could have led to a denial-of-service via a crafted tiff file (bsc#1197072).
- CVE-2022-0924: Fixed out-of-bounds read error in tiffcp that could have led to a denial-of-service via a crafted tiff file (bsc#1197073).
- CVE-2022-0908: Fixed null source pointer passed as an argument to memcpy in TIFFFetchNormalTag() (bsc#1197074).
- CVE-2022-1056: Fixed out-of-bounds read error in tiffcrop that could have led to a denial-of-service via a crafted tiff file (bsc#1197631).
- CVE-2022-0891: Fixed heap buffer overflow in extractImageSection (bsc#1197068).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1887-1
Released:    Tue May 31 09:24:18 2022
Summary:     Recommended update for grep
Type:        recommended
Severity:    moderate
References:  1040589
This update for grep fixes the following issues:

- Make profiling deterministic. (bsc#1040589, SLE-24115)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1888-1
Released:    Tue May 31 10:44:41 2022
Summary:     Security update for helm-mirror
Type:        security
Severity:    moderate
References:  1156646,1197728,CVE-2019-18658
This update for helm-mirror fixes the following issues:

- Updated to version 0.3.1:
  - CVE-2019-18658: Fixed a potential symbolic link issue in helm that could be
    used to leak sensitive files (bsc#1156646).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1898-1
Released:    Tue May 31 18:03:55 2022
Summary:     Security update for fribidi
Type:        security
Severity:    moderate
References:  1196147,1196148,1196150,CVE-2022-25308,CVE-2022-25309,CVE-2022-25310
This update for fribidi fixes the following issues:

- CVE-2022-25308: Fixed stack out of bounds read (bsc#1196147).
- CVE-2022-25309: Fixed heap-buffer-overflow in fribidi_cap_rtl_to_unicode (bsc#1196148).
- CVE-2022-25310: Fixed NULL pointer dereference in fribidi_remove_bidi_marks (bsc#1196150).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1899-1
Released:    Wed Jun  1 10:43:22 2022
Summary:     Recommended update for libtirpc
Type:        recommended
Severity:    important
References:  1198176
This update for libtirpc fixes the following issues:

- Add a check for nullpointer in check_address to prevent client from crashing (bsc#1198176)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1900-1
Released:    Wed Jun  1 10:45:21 2022
Summary:     Recommended update for rabbitmq-c
Type:        recommended
Severity:    moderate
References:  1198202
This update for rabbitmq-c fixes the following issues:

- Resolve package build issues (bsc#1198202)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1904-1
Released:    Wed Jun  1 14:16:50 2022
Summary:     Recommended update for libbluray
Type:        recommended
Severity:    important
References:  1199463
This update for libbluray fixes the following issues:

- Implement the new java.io.FileSystem.isInvalid method that entered all
  supported java versions with April 2022 CPU (bsc#1199463)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1907-1
Released:    Wed Jun  1 14:20:29 2022
Summary:     Recommended update for hunspell
Type:        recommended
Severity:    moderate
References:  1199209
This update for hunspell fixes the following issues:

- Add requirement for english dictionary (bsc#1199209)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1908-1
Released:    Wed Jun  1 15:31:33 2022
Summary:     Security update for postgresql14
Type:        security
Severity:    important
References:  1199475,CVE-2022-1552
This update for postgresql14 fixes the following issues:
 
- CVE-2022-1552: Confine additional operations within 'security restricted operation' sandboxes (bsc#1199475).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1909-1
Released:    Wed Jun  1 16:25:35 2022
Summary:     Recommended update for glibc
Type:        recommended
Severity:    moderate
References:  1198751
This update for glibc fixes the following issues:

- Add the correct name for the IBM Z16 (bsc#1198751).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1913-1
Released:    Thu Jun  2 10:05:26 2022
Summary:     Recommended update for aws-iam-authenticator
Type:        recommended
Severity:    moderate
References:  1197703
This update for aws-iam-authenticator fixes the following issues:

- Update in SLE-15 (bsc#1197703)

- Update to version 0.5.3
  * Bump Go to 1.15 in Travis (#361)
  * Update aws sdk go v1.37.1 (#360)
  * (arn): validate partition against all partitions returned by the aws sdk (#348)
  * Document AccessKeyId from UserInfo (#332)
  * Support IPv6 listen address (#352)
  * Added user agent to AWS SDK (#359)
  * Remove Chris Hein from OWNERS (#351)
  * Add instructions for the release process (#346)
- from version 0.5.2
  * Added partition flag (#341)
  * Update link to Kops docs site (#338)
  * Security Improvements on the example yaml (#335)
  * Fix RBAC on example file: service account requires get to ConfigMap (#334)
  * Add AccessKeyID as variable for username (#337)
  * Added server side AWS account ID log redaction (#327)
- from version 0.5.1
  * Update examples/README (#317)
  * Changelog gen (#318)
  * Fix CRD mapper blocking all others because caches
    never sync and revamp backend-mode flag (#303)
  * Update aws-sdk-go to version v1.30.0 (#306)
  * Bump k8s.io/ dependencies to 1.16.8 (#305)
  * chown aws-iam-authenticator to avoid permission denied (#302)
  * Indentation and unit test improvements (#298)
  * Adding Rate limiting ec2:DescribeInstances API
    along with Batching for high TPS (#292)
  * Restrict ClusterRole to readonly IAMIdentityMapping access (#287)
  * added selector to spec and changed from extenstions to apps/v1 (#291)
  * Add AWS AccessKeyID as an extra field in UserInfo (#286)
  * Allow server port customization (#278)
- from version 0.5.0
  * Remove DNS-1123 validation of usernames and groups (#260)
  * switch to use regional sts endpoint & imdsV2 (#283)
  * Add AWS Access Key ID to log (#282)
  * Require to pass in interface instead of the concrete type (#279)
  * Refactor to allow configurable backends (configmap, eks configmap, crd) (#269)
  * Update go version (#255)
  * Adding session name parameter to TokenGenerator (#272)
  * Rename prometheus metrics to match new project name (#249)
  * Remove inactive approvers, add wongma7 (#266)
  * Update aws-sdk-go to v1.23.11 (257)
  * Added go module download check (#259)
  * Updating goreleaser yaml to fix deprecated options (#252)
  * Remove deprecated language from README (#244)
  * Lowercase ARN inside doMapping and log about it (#239)
  * IAMIdentityMapping CRD Implementation (#116)
  * Adding micahhausler as approver (#237)
  * add support for passing externalID to assume role (#228)
  * Update README.md (#231)
  * Using sigs.k8s.io domain instead of github.com (#223)
  * Refactored EC2 API calls to be testable (#226)
  * Include aws request ID when logging errors (#178)
- Remove global Go project variables
- Set GO111MODULE=off to force use of vendored modules
- Update Go build paths

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1919-1
Released:    Thu Jun  2 12:04:09 2022
Summary:     Security update for udisks2
Type:        security
Severity:    moderate
References:  1190606,CVE-2021-3802
This update for udisks2 fixes the following issues:

- CVE-2021-3802: Fixed denial of service vulnerability caused by insecure defaults in user-accessible mount helpers (bsc#1190606).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1920-1
Released:    Thu Jun  2 13:04:48 2022
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    important
References:  1200027,CVE-2022-31736,CVE-2022-31737,CVE-2022-31738,CVE-2022-31739,CVE-2022-31740,CVE-2022-31741,CVE-2022-31742,CVE-2022-31747
This update for MozillaFirefox fixes the following issues:

Firefox Extended Support Release 91.10.0 ESR (MFSA 2022-21)(bsc#1200027)

- CVE-2022-31736: Cross-Origin resource's length leaked
- CVE-2022-31737: Heap buffer overflow in WebGL
- CVE-2022-31738: Browser window spoof using fullscreen mode
- CVE-2022-31739: Attacker-influenced path traversal when saving downloaded files
- CVE-2022-31740: Register allocation problem in WASM on arm64
- CVE-2022-31741: Uninitialized variable leads to invalid memory read
- CVE-2022-31742: Querying a WebAuthn token with a large number of allowCredential entries may have leaked cross-origin information
- CVE-2022-31747: Memory safety bugs fixed in Firefox 101 and Firefox ESR 91.10

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1925-1
Released:    Thu Jun  2 14:35:20 2022
Summary:     Security update for patch
Type:        security
Severity:    moderate
References:  1080985,1111572,1142041,1198106,CVE-2018-6952,CVE-2019-13636
This update for patch fixes the following issues:

Security issues fixed:

- CVE-2019-13636: Fixed follow symlinks unless --follow-symlinks is given. This increases the security against malicious patches (bsc#1142041).
- CVE-2018-6952: Fixed swapping fakelines in pch_swap. This bug was causing a double free leading to a crash (bsc#1080985).

Bugfixes:

- Abort when cleaning up fails. This bug could cause an infinite loop when a patch wouldn't apply, leading to a segmentation fault (bsc#1111572).
- Pass the correct stat to backup files. This bug would occasionally cause backup files to be missing when all hunks failed to apply (bsc#1198106).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1928-1
Released:    Thu Jun  2 17:34:05 2022
Summary:     Security update for php8
Type:        security
Severity:    low
References:  1197644
This update for php8 fixes the following issues:

- Fixed filter_var bypass vulnerability (bsc#1197644).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1929-1
Released:    Thu Jun  2 17:34:19 2022
Summary:     Security update for redis
Type:        security
Severity:    moderate
References:  1198952,1198953,CVE-2022-24735,CVE-2022-24736
This update for redis fixes the following issues:

- CVE-2022-24735: Fixed Lua code injection (bsc#1198952).
- CVE-2022-24736: Fixed Lua NULL pointer dereference (bsc#1198953).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1930-1
Released:    Thu Jun  2 17:34:37 2022
Summary:     Security update for libarchive
Type:        security
Severity:    moderate
References:  1022528,1188572,1189528,1197634,CVE-2017-5601,CVE-2021-36976,CVE-2022-26280
This update for libarchive fixes the following issues:

- CVE-2022-26280: Fixed out-of-bounds read via the component zipx_lzma_alone_init (bsc#1197634).
- CVE-2021-36976: Fixed use-after-free in copy_string (called from do_uncompress_block and process_block) (bsc#1188572).
- CVE-2017-5601: Fixed out-of-bounds memory access preventing denial-of-service (bsc#1197634, bsc#1189528).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1934-1
Released:    Fri Jun  3 14:57:53 2022
Summary:     Security update for openvpn
Type:        security
Severity:    moderate
References:  1123557,1197341,CVE-2022-0547
This update for openvpn fixes the following issues:

- CVE-2022-0547: Fixed possible authentication bypass in external authentication plug-in (bsc#1197341).

- By default the --suppress-timestamps flag is not needed (bsc#1123557).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2001-1
Released:    Mon Jun  6 20:52:04 2022
Summary:     Recommended update for s3fs
Type:        recommended
Severity:    moderate
References:  1198900
This update for s3fs fixes the following issues:

- Update to version 1.91 (bsc#1198900)
  * Fix RowFlush can not upload last part smaller than 5MB using NoCacheMultipartPost
  * Fix IAM role retrieval from IMDSv2
  * Add option to allow unsigned payloads
  * Fix mixupload return EntityTooSmall while a copypart is less than 5MB after split
  * Allow compilation on Windows via MSYS2
  * Handle utimensat UTIME_NOW and UTIME_OMIT special values
  * Preserve sub-second precision in more situations
  * Always flush open files with O_CREAT flag
  * Fixed not to call Flush even if the file size is increased
  * Include climits to support musl libc

- Update to version 1.90
  + Don't ignore nomultipart when storage is low
  + Fix POSIX compatibility issues found by pjdfstest
  + Fail CheckBucket when S3 returns PermanentRedirect
  + Do not create zero-byte object when creating file
  + Allow arbitrary size AWS secret keys
  + Fix race conditions
  + Set explicit Content-Length: 0 when initiating MPU
  + Set CURLOPT_UNRESTRICTED_AUTH when authenticating
  + Add jitter to avoid thundering herd
  + Loosen CheckBucket to check only the bucket
  + Add support for AWS-style environment variables

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2014-1
Released:    Tue Jun  7 19:08:55 2022
Summary:     Recommended update for scap-security-guide
Type:        recommended
Severity:    moderate
References:  
This update for scap-security-guide fixes the following issues:

scap-security-guide was updated to 0.1.61 (jsc#ECO-3319):

- Stop building PCI-DSS-centric XCCDF benchmark for RHEL 7
- Introduce OL9 product
- Implement handling of logical expressions in platform definitions


Please note that SUSE supports only the DISA STIG, HIPAA and PCI-DSS profiles
for SUSE Linux Enterprise Server 12 and 15.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2016-1
Released:    Wed Jun  8 16:26:36 2022
Summary:     Recommended update for vulkan
Type:        recommended
Severity:    low
References:  1197862
This update for vulkan fixes the following issue:

- Disable RPATH to make the inherited package run on SLE-15-SP4. (bsc#1197862)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2017-1
Released:    Wed Jun  8 16:27:06 2022
Summary:     Recommended update for icewm
Type:        recommended
Severity:    low
References:  1197729
This update for icewm fixes the following issues:

- A later glib2 update will cause icewm fail to build. (bsc#1197729)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2018-1
Released:    Wed Jun  8 16:47:04 2022
Summary:     Recommended update for build
Type:        recommended
Severity:    moderate
References:  1197298,1197699,1198740
This update for build fixes the following issues:

- Update SLE 15 SP4 and Leap 15.4 build config (bsc#1198740)
- Use aio=io_uring if available (bsc#1197699) (build#814)
- Add arm32 and loongarch definitions (build#808)
- Add compatibility code to initvm
- Use upstream way of binfmt argv0 preservation (bsc#1197298) (build#809)
- Add template support for Build::SimpleJSON
- minor documentation updates
- docker: Add support for --root and --installroot global zypper options
- debian cross build support via multi-arch (obsoleting cbinstall remnants)
- Tumbleweed config synced
- documentation updates
- smaller bugfixes

- regression fix from last release, avoid calling shutdown handler
  twice when building in vm

Changes:

 * pbuild: add --debug option for building debuginfo packages
 * rename --debug to --debuginfo to be more exact.
 * docu: add buildflags:ccachtype and OBS-DoNotAppendProfileToContainername

Fixes:

 * Avoid shutdown of host when using nspawn

Features:

  * download_assets: add --outdir --clean --show-dir-srcmd5 parameters
                     support multiple --arch arguments
  * asset support for golang modules
  * add support for LXC 4.
  * new shortcuts for rpm building:
    --rpm-noprep, --rpm-build-in-place, --rpm-build-in-place-noprep
    for building directly from upstream git repositories without
    any tar ball.
  * mount securityfs if not mounted by kernel-obs-build
  * collect steal time during VM builds in statistics.
  * declare armv8 and armv7 compatible
  * support OBS Debuginfo build flag for Red Hat variants
  * setup rpmmacros for all build types and earlier
  * Kiwi builds
    - Always append the profile name to kiwi container names
  * Dockerfile build
    - improve registry handling
    - initial Dockerfile.dapper support
    - support 'curl' commands in docker builds
    - strip known domains from container name
    - support container alias names
  * introducing --verbose option, currently only showing kernel
    messages.
  * support cpio creation for special files
  * handle QEMU >= 6.0 on POWER9

Changes:

  * Use git+https instead of git-https as url schema
  * add oops=panic kernel parameter
  * Updated distribution configurations (esp. Leap 15.4 and Tumbleweed)
  * new preinstallimages are using zstd by default
  * source subdirectories are used in git managed sources

Minor improvements

  * change sccache default size limit
  * speed up improvements in
    - vm shutdown
    - rpm preinstall
    - avoid calling external commands in a loop
    - using zstd for preinstallimages
    - no more unpacking progress indicators to avoid slowdown
    - virtio handling
  * fixed vm-type=qemu 
  * multiple smaller bugfixes and speed improvements

- renamed tumbleweed config to tumbleweed
- synced tumbleweed config changes
- initial config for Leap 15.4
- docker build environment
  * Use /.dockerenv as marker for docker environment
  * support privileged docker/nspawn mode
  *  move --cap-add=SYS_ADMIN --cap-add=MKNOD to privileged mode
  * initvm: do not attempt to mount /proc and binfmt_misc handler if present
- pbuild
  * rename --hide-timestamps to --no-timestamps
  * reuse options from older builds
  * revised --single build mode
  * support ccache
- Unify ccache and sccache handling

Features:

- deb zstd support (for Ubuntu 21.10)
- support KVM builds with enabled network
- modulemd support improvements
- Support a 'Distmacro' directive for recipe parser-only macros

Fixes:

- Load selinux policy when using a preinstall image
- Use the pax format for preinstall images if bsdtar is available
- Add %riscv to std_macros
- Fix combine_configs dropping newlines

pbuild:

- Implement SCC calculation
- Improve --shell-after-build and --single options
- initial documentation of pbuild
- Bugfixes
- Fix unpacking of deb/arch archives without bsdtar
- fixed regression in multiline macro evaluation from 20th August release

Features:

- cross architecture build support (for rpm and kiwi)
- modulemd meta data support
- pbuild to build multiple source packages
  (initial release, can not be considered stable yet)
- supporting external asset stores for source files
- support multiple post build checks placed in the directory:
  /usr/lib/build/post-build-checks/
- sccache support
- New --shell-after-fail option
- allow to disable squashfs in SimpleImage
- supporting aarch64 kernel on armv?l distributions
- kiwi: Add support for OBS-RemoteAsset and OBS-CopyToImage directives
- container: FROM scratch build support

Improvements:

- supporting kvm builds as non-root user
- Extend stage selection support for rpm builds
- various distribution config updates
- Support 'BuildFlags: cumulaterpms'
  (was done only via suse_version before)

Fixes:

- container builds
  * support newer podman versions
  * supporting multiple containers for multi-stage builds
- Supporting URL's in Flatpak manifests
- epoch handling in debian builds
- catch more cases where a failed build is marked as host error
- fixing wrong status reporting when a job got killed
- hugetlbfs handling fixes
- try mounting selinuxfs in VM
- Also create the /sys dir when preinstalling (to satisfy dracut)
- various XML parser fixes
- and many minor ones

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2019-1
Released:    Wed Jun  8 16:50:07 2022
Summary:     Recommended update for gcc11
Type:        recommended
Severity:    moderate
References:  1192951,1193659,1195283,1196861,1197065
This update for gcc11 fixes the following issues:

Update to the GCC 11.3.0 release.

* includes SLS hardening backport on x86_64.  [bsc#1195283]
* includes change to adjust gnats idea of the target, fixing the build of gprbuild.  [bsc#1196861]
* fixed miscompile of embedded premake in 0ad on i586.  [bsc#1197065]
* use --with-cpu rather than specifying --with-arch/--with-tune 
* Fix D memory corruption in -M output.
* Fix ICE in is_this_parameter with coroutines.  [bsc#1193659]
* fixes issue with debug dumping together with -o /dev/null
* fixes libgccjit issue showing up in emacs build  [bsc#1192951]
* Package mwaitintrin.h

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2024-1
Released:    Thu Jun  9 10:13:12 2022
Summary:     Recommended update for python-azure-agent
Type:        recommended
Severity:    moderate
References:  1198258
This update for python-azure-agent fixes the following issues:

- Reset the dhcp config when deprovisioning and instance to ensure instances from aVM image created from that instance
  send host information to the DHCP server. (bsc#1198258)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2044-1
Released:    Fri Jun 10 13:37:07 2022
Summary:     Security update for google-gson
Type:        security
Severity:    important
References:  1199064,CVE-2022-25647
This update for google-gson fixes the following issues:

- CVE-2022-25647: Fixed deserialization of untrusted data (bsc#1199064).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2047-1
Released:    Mon Jun 13 09:19:06 2022
Summary:     Security update for netty3
Type:        security
Severity:    moderate
References:  1193672,1197787,CVE-2021-43797
This update for netty3 fixes the following issues:

- CVE-2021-43797: Fixed a potential HTTP request smuggling issue due to
  insufficient validation against control characters (bsc#1193672).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2049-1
Released:    Mon Jun 13 09:23:52 2022
Summary:     Recommended update for binutils
Type:        recommended
Severity:    moderate
References:  1191908,1198422
This update for binutils fixes the following issues:

- Revert back to old behaviour of not ignoring the in-section content
  of to be relocated fields on x86-64, even though that's a RELA architecture.
  Compatibility with buggy object files generated by old tools.
  [bsc#1198422]
- Fix a problem in crash not accepting some of our .ko.debug files. (bsc#1191908)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2054-1
Released:    Mon Jun 13 10:39:42 2022
Summary:     Security update for u-boot
Type:        security
Severity:    important
References:  1199623,1200363,1200364,CVE-2022-30552,CVE-2022-30767,CVE-2022-30790
This update for u-boot fixes the following issues:

- CVE-2022-30552: A large buffer overflow could have lead to a denial of service in the IP Packet deframentation code.
(bsc#1200363)
- CVE-2022-30790: A Hole Descriptor Overwrite could have lead to an arbitrary out of bounds write primitive.
(bsc#1200364)
- CVE-2022-30767: Fixed an unbounded memcpy with a failed length check leading to a buffer overflow (bsc#1199623).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2060-1
Released:    Mon Jun 13 15:26:16 2022
Summary:     Recommended update for geronimo-specs
Type:        recommended
Severity:    moderate
References:  1200426
This recommended update for geronimo-specs provides the following fix:

- Ship geronimo-annotation-1_0-api to SUSE Manager server as it is now needed by google-gson.
  (bsc#1200426)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2062-1
Released:    Mon Jun 13 15:34:16 2022
Summary:     Security update for MozillaThunderbird
Type:        security
Severity:    important
References:  1199768,1200027,CVE-2022-1529,CVE-2022-1802,CVE-2022-1834,CVE-2022-31736,CVE-2022-31737,CVE-2022-31738,CVE-2022-31739,CVE-2022-31740,CVE-2022-31741,CVE-2022-31742,CVE-2022-31747
This update for MozillaThunderbird fixes the following issues:

Update to Mozilla Thunderbird 91.9.1

MFSA 2022-19 (bsc#1199768):

- CVE-2022-1802: Prototype pollution in Top-Level Await implementation (bmo#1770137).
- CVE-2022-1529: Untrusted input used in JavaScript object indexing, leading to prototype pollution (bmo#1770048).
  
Update to Mozilla Thunderbird 91.10

MFSA 2022-22 (bsc#1200027):

- CVE-2022-31736: Cross-Origin resource's length leaked (bmo#1735923)
- CVE-2022-31737: Heap buffer overflow in WebGL (bmo#1743767)
- CVE-2022-31738: Browser window spoof using fullscreen mode (bmo#1756388)
- CVE-2022-31739: Attacker-influenced path traversal when saving downloaded files (bmo#1765049)
- CVE-2022-31740: Register allocation problem in WASM on arm64 (bmo#1766806)
- CVE-2022-31741: Uninitialized variable leads to invalid memory read (bmo#1767590) 
- CVE-2022-1834: Braille space character caused incorrect sender email to be  shown for a digitally signed email (bmo#1767816)
- CVE-2022-31742: Querying a WebAuthn token with a large number of allowCredential entries may have leaked cross-origin information (bmo#1730434)
- CVE-2022-31747: Memory safety bugs fixed in Thunderbird 91.10 (bmo#1760765, bmo#1765610, bmo#1766283, bmo#1767365, bmo#1768559, bmo#1768734)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2071-1
Released:    Tue Jun 14 11:56:59 2022
Summary:     Security update for webkit2gtk3
Type:        security
Severity:    important
References:  1199287,1200106,CVE-2022-26700,CVE-2022-26709,CVE-2022-26716,CVE-2022-26717,CVE-2022-26719,CVE-2022-30293
This update for webkit2gtk3 fixes the following issues:

Update to version 2.36.3 (bsc#1200106)

- CVE-2022-30293: Fixed heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer (bsc#1199287).
- CVE-2022-26700: Fixed memory corruption issue that may lead to code execution when processing maliciously crafted web content (bsc#1200106).
- CVE-2022-26709: Fixed use after free issue that may lead to code execution when processing maliciously crafted web content (bsc#1200106).
- CVE-2022-26716: Fixed use after free issue that may lead to code execution when processing maliciously crafted web content (bsc#1200106).
- CVE-2022-26717: Fixed memory corruption issue that may lead to code execution when processing maliciously crafted web content (bsc#1200106).
- CVE-2022-26719: Fixed memory corruption issue that may lead to code execution when processing maliciously crafted web content (bsc#1200106).

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2022:2086-1
Released:    Wed Jun 15 09:45:24 2022
Summary:     Optional update for SUSE Package Hub
Type:        optional
Severity:    moderate
References:  
This optional update provides the following changes:

- Provide binaries for non x86_64 architectures directly to SUSE Package Hub.
- There are no visible changes for the final user.
- Affected source packages: os-prober

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2022:2087-1
Released:    Wed Jun 15 09:46:37 2022
Summary:     Optional update for SUSE Package Hub
Type:        optional
Severity:    moderate
References:  
This optional update provides the following changes:

- Provide binaries for non x86_64 architectures directly to SUSE Package Hub.
- There are no visible changes for the final user.
- Affected source packages: rp-pppoe linux-atm ppp

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2088-1
Released:    Wed Jun 15 11:10:41 2022
Summary:     Recommended update for firewalld
Type:        recommended
Severity:    moderate
References:  1191837
This update for firewalld fixes the following issues:

- Fixes setting the default zone to external during installation problem (bsc#1191837)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2090-1
Released:    Wed Jun 15 12:38:34 2022
Summary:     Recommended update for regionServiceClientConfigAzure
Type:        recommended
Severity:    moderate
References:  1199668
This update for regionServiceClientConfigAzure fixes the following issues:

- Update to version 2.0.0 (bsc#1199668)
  - Move the certs to /usr from /var to accomodate ro filesystem of SLE-Micro
  - Fix source url in spec file

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2093-1
Released:    Wed Jun 15 17:08:05 2022
Summary:     Recommended update for open-vm-tools
Type:        recommended
Severity:    moderate
References:  1196803,1196804
This update for open-vm-tools fixes the following issues:

- Update to 12.0.0 (build 19345655) (bsc#1196803)
- Update open-vm-tools 12.0.0. (jsc#SLE-24097)
- Support for managing Salt Minion through guest variables.  A new open-vm-tools-salt-minion rpm is added to handle this support.
- New ComponentMgr plugin to manage (add, remove, monitor) components on the guest VM. 
- Patch to fix potential Fail to Build from Source. (bsc#1196804)
- Build vmhgfs with either libfuse2 or libfuse3.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2108-1
Released:    Thu Jun 16 15:25:55 2022
Summary:     Security update for rubygem-actionpack-5_1, rubygem-activesupport-5_1
Type:        security
Severity:    important
References:  1185780,1196182,CVE-2021-22904,CVE-2022-23633
This update for rubygem-actionpack-5_1 and rubygem-activesupport-5_1 fixes the following issues:

- CVE-2021-22904: Fixed possible DoS Vulnerability in Action Controller Token Authentication (bsc#1185780)
- CVE-2022-23633: Fixed possible exposure of information vulnerability in Action Pack (bsc#1196182)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2112-1
Released:    Fri Jun 17 11:44:24 2022
Summary:     Recommended update for gnutls
Type:        recommended
Severity:    moderate
References:  1190698,1191021,1194907
This update for gnutls fixes the following issues:

- FIPS: Make sure zeroization is performed in all API functions [bsc#1191021]
- FIPS: Add missing requirements for the SLI [bsc#1190698]
  * Remove 3DES from FIPS approved algorithms:
  * DRBG service (gnutls_rnd) should be considered approved:
- FIPS: Mark AES-GCM as approved in the TLS context [bsc#1194907]

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2022:2114-1
Released:    Fri Jun 17 18:11:32 2022
Summary:     Feature update for build
Type:        feature
Severity:    moderate
References:  
This feature update for build provides the following changes:

Support the Multi Factor Authentication in osc (jsc#SLE-24657, jsc#SLE-24652, jsc#SLE-24653)

- Upgrade build from version 20220422 to version 20220613:
  * deb: defer dpkg triggers until all packages are installed, and disable man-db altogether
  * Add support of Debian Source format 3.0 (quilt) and changelog modification
  * Stop building aarch64_ilp32 baselibs for aarch64

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2118-1
Released:    Mon Jun 20 13:04:15 2022
Summary:     Recommended update for SUSE Manager Client Tools
Type:        recommended
Severity:    moderate
References:  1181223,1190462,1193600,1196704,1197507,1197689
This update fixes the following issues:

golang-github-QubitProducts-exporter_exporter:

- Adapted to build on Enterprise Linux.
- Fix build for RedHat 7
- Require Go >= 1.14 also for CentOS
- Add support for CentOS
- Replace %{?systemd_requires} with %{?systemd_ordering}

mgr-cfg:

- Version 4.3.6-1
  * Corrected source URL in spec file
  * Fix installation problem for SLE15SP4 due missing python-selinux
  * Fix python selinux package name depending on build target (bsc#1193600)
  * Do not build python 2 package for SLE15SP4 and higher
  * Remove unused legacy code

mgr-custom-info:

- Version 4.3.3-1
  * Remove unused legacy code

mgr-daemon:

- Version 4.3.4-1
  * Corrected source URLs in spec file.
  * Update translation strings

mgr-osad:

- Version 4.3.6-1
  * Corrected source URL in spec file.
  * Do not build python 2 package for SLE15SP4 and higher
  * Removed spacewalk-selinux dependencies.
  * Updated source url.

mgr-push:

- Version 4.3.4-1
  * Corrected source URLs in spec file.

mgr-virtualization:

- Version 4.3.5-1
  * Corrected source URLs in spec file.
  * Do not build python 2 package for SLE15SP4 and higher

prometheus-blackbox_exporter:

- Enhanced to build on Enterprise Linux 8

prometheus-postgres_exporter:

- Updated for RHEL8.

python-hwdata:

- Require python macros for building

rhnlib:

- Version 4.3.4-1
  * Reorganize python files

spacecmd:

- Version 4.3.11-1
  * on full system update call schedulePackageUpdate API (bsc#1197507)
  * parse boolean paramaters correctly (bsc#1197689)
  * Add parameter to set containerized proxy SSH port
  * Add proxy config generation subcommand
  * Option 'org_createfirst' added to perform initial organization and user creation
  * Added gettext build requirement for RHEL.
  * Removed RHEL 5 references.
  * Include group formulas configuration in spacecmd group_backup and
    spacecmd group_restore. This changes backup format to json,
    previously used plain text is still supported for reading (bsc#1190462)
  * Update translation strings
  * Improved event history listing and added new system_eventdetails 
    command to retrieve the details of an event
  * Make schedule_deletearchived to get all actions without display limit
  * Allow passing a date limit for schedule_deletearchived on spacecmd (bsc#1181223)

spacewalk-client-tools:

- Version 4.3.9-1
  * Corrected source URLs in spec file.
  * do not build python 2 package for SLE15
  * Remove unused legacy code
  * Update translation strings

spacewalk-koan:

- Version 4.3.5-1
  * Corrected source URLs in spec file.

spacewalk-oscap:

- Version 4.3.5-1
  * Corrected source URLs in spec file.
  * Do not build python 2 package for SLE15SP4 and higher

spacewalk-remote-utils:

- Version 4.3.3-1
  * Adapt the package for changes in rhnlib

supportutils-plugin-susemanager-client:

- Version 4.3.2-1
  * Add proxy containers config and logs

suseRegisterInfo:

- Version 4.3.3-1
  * Bump version to 4.3.0

supportutils-plugin-salt:

- Add support for Salt Bundle

uyuni-common-libs:

- Version 4.3.4-1
  * implement more decompression algorithms for reposync (bsc#1196704)
  * Reorganize python files
  * Add decompression of zck files to fileutils


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2140-1
Released:    Mon Jun 20 14:58:38 2022
Summary:     Security update for node_exporter
Type:        security
Severity:    important
References:  1190535,1196338,CVE-2022-21698
This security update for golang-github-prometheus-node_exporter provides:

Update golang-github-prometheus-node_exporter from version 1.1.2 to version 1.3.0 (bsc#1196338, jsc#SLE-24238, jsc#SLE-24239)

- CVE-2022-21698: Denial of service using InstrumentHandlerCounter
- Update vendor tarball with prometheus/client_golang 1.11.1
- Update to 1.3.0
  * [CHANGE] Add path label to rapl collector #2146
  * [CHANGE] Exclude filesystems under /run/credentials #2157
  * [CHANGE] Add TCPTimeouts to netstat default filter #2189
  * [FEATURE] Add lnstat collector for metrics from /proc/net/stat/ #1771
  * [FEATURE] Add darwin powersupply collector #1777
  * [FEATURE] Add support for monitoring GPUs on Linux #1998
  * [FEATURE] Add Darwin thermal collector #2032
  * [FEATURE] Add os release collector #2094
  * [FEATURE] Add netdev.address-info collector #2105
  * [FEATURE] Add clocksource metrics to time collector #2197
  * [ENHANCEMENT] Support glob textfile collector directories #1985
  * [ENHANCEMENT] ethtool: Expose node_ethtool_info metric #2080
  * [ENHANCEMENT] Use include/exclude flags for ethtool filtering #2165
  * [ENHANCEMENT] Add flag to disable guest CPU metrics #2123
  * [ENHANCEMENT] Add DMI collector #2131
  * [ENHANCEMENT] Add threads metrics to processes collector #2164
  * [ENHANCMMENT] Reduce timer GC delays in the Linux filesystem collector #2169
  * [ENHANCMMENT] Add TCPTimeouts to netstat default filter #2189
  * [ENHANCMMENT] Use SysctlTimeval for boottime collector on BSD #2208
  * [BUGFIX] ethtool: Sanitize metric names #2093
  * [BUGFIX] Fix ethtool collector for multiple interfaces #2126
  * [BUGFIX] Fix possible panic on macOS #2133
  * [BUGFIX] Collect flag_info and bug_info only for one core #2156
  * [BUGFIX] Prevent duplicate ethtool metric names #2187
- Update to 1.2.2
  * Bug fixes
     Fix processes collector long int parsing #2112
- Update to 1.2.1
  * Removed
     Remove obsolete capture permission denied error fix already included upstream
  * Bug fixes
     Fix zoneinfo parsing prometheus/procfs#386
     Fix nvme collector log noise #2091
     Fix rapl collector log noise #2092
- Update to 1.2.0
  * Changes
     Rename filesystem collector flags to match other collectors #2012
     Make node_exporter print usage to STDOUT #203
  * Features
     Add conntrack statistics metrics #1155
     Add ethtool stats collector #1832
     Add flag to ignore network speed if it is unknown #1989
     Add tapestats collector for Linux #2044
     Add nvme collector #2062
  * Enhancements
     Add ErrorLog plumbing to promhttp #1887
     Add more Infiniband counters #2019
     netclass: retrieve interface names and filter before parsing #2033
     Add time zone offset metric #2060
  * Bug fixes
     Handle errors from disabled PSI subsystem #1983
     Fix panic when using backwards compatible flags #2000
     Fix wrong value for OpenBSD memory buffer cache #2015
     Only initiate collectors once #2048
     Handle small backwards jumps in CPU idle #2067
- Capture permission denied error for 'energy_uj' file (bsc#1190535)
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2156-1
Released:    Wed Jun 22 17:08:41 2022
Summary:     Recommended updates for python3-dnspython and python3-zypp-plugin:
Type:        recommended
Severity:    important
References:  
- Add python3-dnspython and python3-zypp-plugin to unrestricted channels.
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2157-1
Released:    Wed Jun 22 17:11:26 2022
Summary:     Recommended update for binutils
Type:        recommended
Severity:    moderate
References:  1198458
This update for binutils fixes the following issues:

- For building the shim 15.6~rc1 and later versions aarch64 image, objcopy
  needs to support efi-app-aarch64 target. (bsc#1198458)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2192-1
Released:    Mon Jun 27 17:13:25 2022
Summary:     Security update for rubygem-rack
Type:        security
Severity:    critical
References:  1200748,1200750,CVE-2022-30122,CVE-2022-30123
This update for rubygem-rack fixes the following issues:

- CVE-2022-30122: Fixed crafted multipart POST request may cause a DoS (bsc#1200748)
- CVE-2022-30123: Fixed crafted requests can cause shell escape sequences (bsc#1200750)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2277-1
Released:    Wed Jul  6 05:33:48 2022
Summary:     Security update for haproxy
Type:        security
Severity:    moderate
References:  1196408,CVE-2022-0711
This update for haproxy fixes the following issues:

- CVE-2022-0711: haproxy: Denial of service via set-cookie2 header (bsc#1196408).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2292-1
Released:    Wed Jul  6 13:05:01 2022
Summary:     Security update for php7
Type:        security
Severity:    important
References:  1193041,1200628,1200645,CVE-2021-21707,CVE-2022-31625,CVE-2022-31626
This update for php7 fixes the following issues:

- CVE-2021-21707: Fixed a special character breaks path in xml parsing. (bsc#1193041)
- CVE-2022-31625: Fixed uninitialized pointers free in Postgres extension. (bsc#1200645)
- CVE-2022-31626: Fixed buffer overflow via user-supplied password when using pdo_mysql extension with mysqlnd driver. (bsc#1200628)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2294-1
Released:    Wed Jul  6 13:34:15 2022
Summary:     Security update for expat
Type:        security
Severity:    important
References:  1196025,1196026,1196168,1196169,1196171,1196784,CVE-2022-25235,CVE-2022-25236,CVE-2022-25313,CVE-2022-25314,CVE-2022-25315
This update for expat fixes the following issues:

- CVE-2022-25236: Fixed possible namespace-separator characters insertion into namespace URIs (bsc#1196025).
- Fixed a regression caused by the patch for CVE-2022-25236 (bsc#1196784).
- CVE-2022-25235: Fixed UTF-8 character validation in a certain context (bsc#1196026).
- CVE-2022-25313: Fixed stack exhaustion in build_model() via uncontrolled recursion (bsc#1196168).
- CVE-2022-25314: Fixed integer overflow in copyString (bsc#1196169).
- CVE-2022-25315: Fixed integer overflow in storeRawNames (bsc#1196171).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2297-1
Released:    Wed Jul  6 13:35:19 2022
Summary:     Security update for python-Twisted
Type:        security
Severity:    important
References:  1196739,CVE-2022-21716
This update for python-Twisted fixes the following issues:

- CVE-2022-21716: Fixed that ssh server accepts an infinite amount of data using all the available memory (bsc#1196739).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2298-1
Released:    Wed Jul  6 13:35:44 2022
Summary:     Security update for liblouis
Type:        security
Severity:    important
References:  1197085,1200120,CVE-2022-26981,CVE-2022-31783
This update for liblouis fixes the following issues:

- CVE-2022-26981: fix buffer overrun in compilePassOpcode (bsc#1197085).
- CVE-2022-31783: prevent an invalid memory write in compileRule (bsc#1200120).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2301-1
Released:    Wed Jul  6 13:36:39 2022
Summary:     Security update for ImageMagick
Type:        security
Severity:    moderate
References:  1200387,1200388,1200389,CVE-2022-32545,CVE-2022-32546,CVE-2022-32547
This update for ImageMagick fixes the following issues:

  - CVE-2022-32545: Fixed an outside the range of representable values of type. (bsc#1200388)
  - CVE-2022-32546: Fixed an outside the range of representable values of type. (bsc#1200389)
  - CVE-2022-32547: Fixed a load of misaligned address at MagickCore/property.c. (bsc#1200387)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2302-1
Released:    Wed Jul  6 13:37:15 2022
Summary:     Security update for apache2
Type:        security
Severity:    important
References:  1198913,1200338,1200340,1200341,1200345,1200348,1200350,1200352,CVE-2022-26377,CVE-2022-28614,CVE-2022-28615,CVE-2022-29404,CVE-2022-30522,CVE-2022-30556,CVE-2022-31813
This update for apache2 fixes the following issues:

  - CVE-2022-26377: Fixed possible request smuggling in mod_proxy_ajp (bsc#1200338)
  - CVE-2022-28614: Fixed read beyond bounds via ap_rwrite() (bsc#1200340)
  - CVE-2022-28615: Fixed read beyond bounds in ap_strcmp_match() (bsc#1200341)
  - CVE-2022-29404: Fixed denial of service in mod_lua r:parsebody (bsc#1200345)
  - CVE-2022-30556: Fixed information disclosure in mod_lua with websockets (bsc#1200350)
  - CVE-2022-30522: Fixed mod_sed denial of service (bsc#1200352)
  - CVE-2022-31813: Fixed mod_proxy X-Forwarded-For dropped by hop-by-hop mechanism (bsc#1200348)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2303-1
Released:    Wed Jul  6 13:37:48 2022
Summary:     Security update for php8
Type:        security
Severity:    important
References:  1193041,1200628,1200645,CVE-2021-21707,CVE-2022-31625,CVE-2022-31626
This update for php8 fixes the following issues:

- CVE-2021-21707: Fixed a special character that breaks path in xml parsing. (bsc#1193041)
- CVE-2022-31625: Fixed uninitialized pointers free in Postgres extension. (bsc#1200645)
- CVE-2022-31626: Fixed buffer overflow via user-supplied password when using pdo_mysql extension with mysqlnd driver. (bsc#1200628)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2305-1
Released:    Wed Jul  6 13:38:42 2022
Summary:     Security update for curl
Type:        security
Severity:    important
References:  1200734,1200735,1200736,1200737,CVE-2022-32205,CVE-2022-32206,CVE-2022-32207,CVE-2022-32208
This update for curl fixes the following issues:

- CVE-2022-32205: Set-Cookie denial of service (bsc#1200734)
- CVE-2022-32206: HTTP compression denial of service (bsc#1200735)
- CVE-2022-32207: Unpreserved file permissions (bsc#1200736)
- CVE-2022-32208: FTP-KRB bad message verification (bsc#1200737)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2313-1
Released:    Wed Jul  6 16:13:05 2022
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    important
References:  1200793,CVE-2022-2200,CVE-2022-31744,CVE-2022-34468,CVE-2022-34470,CVE-2022-34472,CVE-2022-34478,CVE-2022-34479,CVE-2022-34481,CVE-2022-34484
This update for MozillaFirefox fixes the following issues:

Update to Firefox Extended Support Release 91.11.0 ESR (MFSA 2022-25) (bsc#1200793):

- CVE-2022-2200: Undesired attributes could be set as part of prototype pollution (bmo#1771381)
- CVE-2022-31744: CSP bypass enabling stylesheet injection (bmo#1757604)
- CVE-2022-34468: CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI (bmo#1768537)
- CVE-2022-34470: Use-after-free in nsSHistory (bmo#1765951)
- CVE-2022-34472: Unavailable PAC file resulted in OCSP requests being blocked (bmo#1770123)
- CVE-2022-34478: Microsoft protocols can be attacked if a user accepts a prompt (bmo#1773717)
- CVE-2022-34479: A popup window could be resized in a way to overlay the address bar with web content (bmo#1745595)
- CVE-2022-34481: Potential integer overflow in ReplaceElementsAt (bmo#1497246)
- CVE-2022-34484: Memory safety bugs fixed in Firefox 102 and Firefox ESR 91.11 (bmo#1763634, bmo#1772651)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2320-1
Released:    Thu Jul  7 10:04:33 2022
Summary:     Security update for MozillaThunderbird
Type:        security
Severity:    important
References:  1200793,CVE-2022-2200,CVE-2022-2226,CVE-2022-31744,CVE-2022-34468,CVE-2022-34470,CVE-2022-34472,CVE-2022-34478,CVE-2022-34479,CVE-2022-34481,CVE-2022-34484
This update for MozillaThunderbird fixes the following issues:

  - CVE-2022-2200: Undesired attributes could be set as part of prototype pollution (bmo#1771381)
  - CVE-2022-2226: An email with a mismatching OpenPGP signature date was accepted as valid (bmo#1775441)
  - CVE-2022-31744: CSP bypass enabling stylesheet injection (bmo#1757604)
  - CVE-2022-34468: CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI (bmo#1768537)
  - CVE-2022-34470: Use-after-free in nsSHistory (bmo#1765951)
  - CVE-2022-34472: Unavailable PAC file resulted in OCSP requests being blocked (bmo#1770123)
  - CVE-2022-34478: Microsoft protocols can be attacked if a user accepts a prompt (bmo#1773717)
  - CVE-2022-34479: A popup window could be resized in a way to overlay the address bar with web content (bmo#1745595)
  - CVE-2022-34481: Potential integer overflow in ReplaceElementsAt (bmo#1497246)
  - CVE-2022-34484: Memory safety bugs fixed in Thunderbird 91.11 and Thunderbird 102 (bmo#1763634, bmo#1772651)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2321-1
Released:    Thu Jul  7 11:02:05 2022
Summary:     Security update for openssl-1_0_0
Type:        security
Severity:    moderate
References:  1199166,1200550,CVE-2022-1292,CVE-2022-2068
This update for openssl-1_0_0 fixes the following issues:

- CVE-2022-1292: Fixed command injection in c_rehash (bsc#1199166).
- CVE-2022-2068: Fixed more shell code injection issues in c_rehash. (bsc#1200550)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2322-1
Released:    Thu Jul  7 11:34:54 2022
Summary:     Security update for fwupd
Type:        security
Severity:    important
References:  1198581

This update of fwupd fixes the following issue:

- rebuild with new secure boot key due to grub2 boothole 3 issues (bsc#1198581)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2323-1
Released:    Thu Jul  7 12:16:58 2022
Summary:     Recommended update for systemd-presets-branding-SLE
Type:        recommended
Severity:    low
References:  
This update for systemd-presets-branding-SLE fixes the following issues:

- Enable suseconnect-keepalive.timer for SUSEConnect (jsc#SLE-23312)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2330-1
Released:    Thu Jul  7 15:32:05 2022
Summary:     Recommended update for lifecycle-data-sle-module-live-patching
Type:        recommended
Severity:    low
References:  1020320
This update for lifecycle-data-sle-module-live-patching fixes the following issues:

- Added data for 4_12_14-150000_150_89, 4_12_14-150100_197_111, 5_3_18-150200_24_112, 
  5_3_18-150300_59_60, 5_3_18-150300_59_63. (bsc#1020320)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2340-1
Released:    Fri Jul  8 16:04:13 2022
Summary:     Security update for fwupdate
Type:        security
Severity:    important
References:  1198581

This update of fwupdate fixes the following issue:

- rebuild with new secure boot key due to grub2 boothole 3 issues (bsc#1198581)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2341-1
Released:    Fri Jul  8 16:09:12 2022
Summary:     Security update for containerd, docker and runc
Type:        security
Severity:    important
References:  1192051,1199460,1199565,1200088,1200145,CVE-2022-29162,CVE-2022-31030
This update for containerd, docker and runc fixes the following issues:

containerd:

- CVE-2022-31030: Fixed denial of service via invocation of the ExecSync API (bsc#1200145)

docker:

- Update to Docker 20.10.17-ce. See upstream changelog online at
  https://docs.docker.com/engine/release-notes/#201017. (bsc#1200145)

runc:

Update to runc v1.1.3.

Upstream changelog is available from https://github.com/opencontainers/runc/releases/tag/v1.1.3.

* Our seccomp `-ENOSYS` stub now correctly handles multiplexed syscalls on
  s390 and s390x. This solves the issue where syscalls the host kernel did not
  support would return `-EPERM` despite the existence of the `-ENOSYS` stub
  code (this was due to how s390x does syscall multiplexing).
* Retry on dbus disconnect logic in libcontainer/cgroups/systemd now works as
  intended; this fix does not affect runc binary itself but is important for
  libcontainer users such as Kubernetes.
* Inability to compile with recent clang due to an issue with duplicate
  constants in libseccomp-golang.
* When using systemd cgroup driver, skip adding device paths that don't exist,
  to stop systemd from emitting warnings about those paths.
* Socket activation was failing when more than 3 sockets were used.
* Various CI fixes.
* Allow to bind mount /proc/sys/kernel/ns_last_pid to inside container.
- Fixed issues with newer syscalls (namely faccessat2) on older kernels on s390(x) caused by
  that platform's syscall multiplexing semantics. (bsc#1192051 bsc#1199565)

Update to runc v1.1.2.

Upstream changelog is available from https://github.com/opencontainers/runc/releases/tag/v1.1.2.

Security issue fixed:

- CVE-2022-29162: A bug was found in runc where runc exec --cap executed processes with
  non-empty inheritable Linux process capabilities, creating an atypical Linux
  environment. (bsc#1199460)

- `runc spec` no longer sets any inheritable capabilities in the created
  example OCI spec (`config.json`) file.

Update to runc v1.1.1.

Upstream changelog is available from https://github.com/opencontainers/runc/releases/tag/v1.1.1.

* runc run/start can now run a container with read-only /dev in OCI spec,
  rather than error out. (#3355)
* runc exec now ensures that --cgroup argument is a sub-cgroup. (#3403)
  libcontainer systemd v2 manager no longer errors out if one of the files
  listed in /sys/kernel/cgroup/delegate do not exist in container's
  cgroup. (#3387, #3404)
* Loosen OCI spec validation to avoid bogus 'Intel RDT is not supported'
  error. (#3406)
* libcontainer/cgroups no longer panics in cgroup v1 managers if stat
  of /sys/fs/cgroup/unified returns an error other than ENOENT. (#3435)

Update to runc v1.1.0.

Upstream changelog is available from https://github.com/opencontainers/runc/releases/tag/v1.1.0.

- libcontainer will now refuse to build without the nsenter package being
  correctly compiled (specifically this requires CGO to be enabled). This
  should avoid folks accidentally creating broken runc binaries (and
  incorrectly importing our internal libraries into their projects). (#3331)

Update to runc v1.1.0~rc1.

Upstream changelog is available from https://github.com/opencontainers/runc/releases/tag/v1.1.0-rc.1.

+ Add support for RDMA cgroup added in Linux 4.11.
* runc exec now produces exit code of 255 when the exec failed.
  This may help in distinguishing between runc exec failures
  (such as invalid options, non-running container or non-existent
  binary etc.) and failures of the command being executed.
+ runc run: new --keep option to skip removal exited containers artefacts.
  This might be useful to check the state (e.g. of cgroup controllers) after
  the container hasexited.
+ seccomp: add support for SCMP_ACT_KILL_PROCESS and SCMP_ACT_KILL_THREAD
  (the latter is just an alias for SCMP_ACT_KILL).
+ seccomp: add support for SCMP_ACT_NOTIFY (seccomp actions). This allows
  users to create sophisticated seccomp filters where syscalls can be
  efficiently emulated by privileged processes on the host.
+ checkpoint/restore: add an option (--lsm-mount-context) to set
  a different LSM mount context on restore.
+ intelrdt: support ClosID parameter.
+ runc exec --cgroup: an option to specify a (non-top) in-container cgroup
  to use for the process being executed.
+ cgroup v1 controllers now support hybrid hierarchy (i.e. when on a cgroup v1
  machine a cgroup2 filesystem is mounted to /sys/fs/cgroup/unified, runc
  run/exec now adds the container to the appropriate cgroup under it).
+ sysctl: allow slashes in sysctl names, to better match sysctl(8)'s
  behaviour.
+ mounts: add support for bind-mounts which are inaccessible after switching
  the user namespace. Note that this does not permit the container any
  additional access to the host filesystem, it simply allows containers to
  have bind-mounts configured for paths the user can access but have
  restrictive access control settings for other users.
+ Add support for recursive mount attributes using mount_setattr(2). These
  have the same names as the proposed mount(8) options -- just prepend r
  to the option name (such as rro).
+ Add runc features subcommand to allow runc users to detect what features
  runc has been built with. This includes critical information such as
  supported mount flags, hook names, and so on. Note that the output of this
  command is subject to change and will not be considered stable until runc
  1.2 at the earliest. The runtime-spec specification for this feature is
  being developed in opencontainers/runtime-spec#1130.
* system: improve performance of /proc/$pid/stat parsing.
* cgroup2: when /sys/fs/cgroup is configured as a read-write mount, change
  the ownership of certain cgroup control files (as per
  /sys/kernel/cgroup/delegate) to allow for proper deferral to the container
  process.
* runc checkpoint/restore: fixed for containers with an external bind mount
  which destination is a symlink.
* cgroup: improve openat2 handling for cgroup directory handle hardening.
  runc delete -f now succeeds (rather than timing out) on a paused
  container.
* runc run/start/exec now refuses a frozen cgroup (paused container in case of
  exec). Users can disable this using --ignore-paused.
- Update version data embedded in binary to correctly include the git commit of the release.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2354-1
Released:    Mon Jul 11 12:21:13 2022
Summary:     Security update for freerdp
Type:        security
Severity:    critical
References:  1198919,1198921,CVE-2022-24882,CVE-2022-24883
This update for freerdp fixes the following issues:

- CVE-2022-24882: Fixed incorrect check parameters in NTLM (bsc#1198919).
- CVE-2022-24883: Fixed authentication against invalid SAM files (bsc#1198921).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2355-1
Released:    Mon Jul 11 12:44:33 2022
Summary:     Recommended update for python-cryptography
Type:        recommended
Severity:    moderate
References:  1198331,CVE-2020-25659

This update for python-cryptography fixes the following issues:

python-cryptography was updated to 3.3.2.

update to 3.3.0:

* BACKWARDS INCOMPATIBLE: The GCM and AESGCM now require 64-bit
  to 1024-bit (8 byte to 128 byte) initialization vectors. This
  change is to conform with an upcoming OpenSSL release that will
  no longer support sizes outside this window.
* BACKWARDS INCOMPATIBLE: When deserializing asymmetric keys we
  now raise ValueError rather than UnsupportedAlgorithm when an
  unsupported cipher is used. This change is to conform with an
  upcoming OpenSSL release that will no longer distinguish
  between error types.
* BACKWARDS INCOMPATIBLE: We no longer allow loading of finite
  field Diffie-Hellman parameters of less than 512 bits in
  length. This change is to conform with an upcoming OpenSSL
  release that no longer supports smaller sizes. These keys were
  already wildly insecure and should not have been used in any
  application outside of testing.
* Added the recover_data_from_signature() function to
  RSAPublicKey for recovering the signed data from an RSA
  signature. 

Update to 3.2.1:

Disable blinding on RSA public keys to address an error with
some versions of OpenSSL.

update to 3.2 (bsc#1178168, CVE-2020-25659):

* CVE-2020-25659: Attempted to make RSA PKCS#1v1.5 decryption more constant time,
  to protect against Bleichenbacher vulnerabilities. Due to limitations imposed
  by our API, we cannot completely mitigate this vulnerability.
* Added basic support for PKCS7 signing (including SMIME) via PKCS7SignatureBuilder.

update to 3.1:

* **BACKWARDS INCOMPATIBLE:** Removed support for ``idna`` based
  :term:`U-label` parsing in various X.509 classes. This support was originally
  deprecated in version 2.1 and moved to an extra in 2.5.
* ``backend`` arguments to functions are no longer required and the
  default backend will automatically be selected if no ``backend`` is provided.
* Added initial support for parsing certificates from PKCS7 files with
  :func:`~cryptography.hazmat.primitives.serialization.pkcs7.load_pem_pkcs7_certificates`
  and
  :func:`~cryptography.hazmat.primitives.serialization.pkcs7.load_der_pkcs7_certificates`
  .
* Calling ``update`` or ``update_into`` on
  :class:`~cryptography.hazmat.primitives.ciphers.CipherContext` with ``data``
  longer than 2\ :sup:`31` bytes no longer raises an ``OverflowError``. This
  also resolves the same issue in :doc:`/fernet`.

update to 3.0:

* RSA generate_private_key() no longer accepts public_exponent values except
   65537 and 3 (the latter for legacy purposes).
* X.509 certificate parsing now enforces that the version field contains
   a valid value, rather than deferring this check until version is accessed.
* Deprecated support for Python 2
* Added support for OpenSSH serialization format for ec, ed25519, rsa and dsa
   private keys: load_ssh_private_key() for loading and OpenSSH for writing.
* Added support for OpenSSH certificates to load_ssh_public_key().
* Added encrypt_at_time() and decrypt_at_time() to Fernet.
* Added support for the SubjectInformationAccess X.509 extension.
* Added support for parsing SignedCertificateTimestamps in OCSP responses.
* Added support for parsing attributes in certificate signing requests via get_attribute_for_oid().
* Added support for encoding attributes in certificate signing requests via add_attribute().
* On OpenSSL 1.1.1d and higher cryptography now uses OpenSSL’s built-in CSPRNG
   instead of its own OS random engine because these versions of OpenSSL properly reseed on fork.
* Added initial support for creating PKCS12 files with serialize_key_and_certificates().

Update to 2.9:

* BACKWARDS INCOMPATIBLE: Support for Python 3.4 has been removed due to
  low usage and maintenance burden.
* BACKWARDS INCOMPATIBLE: Support for OpenSSL 1.0.1 has been removed.
  Users on older version of OpenSSL will need to upgrade.
* BACKWARDS INCOMPATIBLE: Support for LibreSSL 2.6.x has been removed.
* Removed support for calling public_bytes() with no arguments, as per 
  our deprecation policy. You must now pass encoding and format.
* BACKWARDS INCOMPATIBLE: Reversed the order in which rfc4514_string()
  returns the RDNs as required by RFC 4514.
* Added support for parsing single_extensions in an OCSP response.
* NameAttribute values can now be empty strings.


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2357-1
Released:    Mon Jul 11 20:34:20 2022
Summary:     Security update for python3
Type:        security
Severity:    important
References:  1198511,CVE-2015-20107
This update for python3 fixes the following issues:

- CVE-2015-20107: avoid command injection in the mailcap module (bsc#1198511).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2358-1
Released:    Tue Jul 12 04:21:59 2022
Summary:     Recommended update for augeas
Type:        recommended
Severity:    moderate
References:  1197443
This update for augeas fixes the following issues:

- Fix handling of keywords in new sysctl.conf (bsc#1197443)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2359-1
Released:    Tue Jul 12 09:37:11 2022
Summary:     Security update for squid
Type:        security
Severity:    important
References:  1200907,CVE-2021-46784
This update for squid fixes the following issues:

- CVE-2021-46784: Fixed DoS when processing gopher server responses. (bsc#1200907)

- Update to 5.6:
    - Improve handling of Gopher responses
  
- Changes in 5.5:
    - fixes regression Bug 5192: esi_parser default is incorrect
    - Bug 5177: clientca certificates sent to https_port clients
    - Bug 5090: Must(!request->pinnedConnection()) violation
    - Kid restart leads to persistent queue overflows, delays/timeouts

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2360-1
Released:    Tue Jul 12 12:01:39 2022
Summary:     Security update for pcre2
Type:        security
Severity:    important
References:  1199232,CVE-2022-1586
This update for pcre2 fixes the following issues:

- CVE-2022-1586: Fixed unicode property matching issue. (bsc#1199232)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2361-1
Released:    Tue Jul 12 12:05:01 2022
Summary:     Security update for pcre
Type:        security
Severity:    important
References:  1199232,CVE-2022-1586
This update for pcre fixes the following issues:

- CVE-2022-1586: Fixed unicode property matching issue. (bsc#1199232)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2375-1
Released:    Tue Jul 12 15:26:43 2022
Summary:     Security update for xorg-x11-server
Type:        security
Severity:    important
References:  1194179,1194181,CVE-2022-2319,CVE-2022-2320
This update for xorg-x11-server fixes the following issues:

- CVE-2022-2319: Fixed out-of-bounds access in _CheckSetSections() (ZDI-CAN-16062) (bsc#1194179).
- CVE-2022-2320: Fixed out-of-bounds access in CheckSetDeviceIndicators() (ZDI-CAN-16070) (bsc#1194181). 

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2378-1
Released:    Wed Jul 13 10:27:03 2022
Summary:     Security update for cifs-utils
Type:        security
Severity:    important
References:  1197216,CVE-2022-27239
This update for cifs-utils fixes the following issues:

- CVE-2022-27239: Fixed a buffer overflow in the command line ip option (bsc#1197216).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2386-1
Released:    Wed Jul 13 14:48:19 2022
Summary:     - Update in SLE-15 (bsc#1189411, bsc#1191482)
Type:        recommended
Severity:    important
References:  

  This update for azure-cli, azurecli-core, python-azure-core, python-azure-batch, python-azure-mgmt-compute, python-azure-mgmt-containerregistry, python-azure-mgmt-databoxedge, python-azure-mgmt-network, python-azure-mgmt-security, python-azure-sdk, python-msrest, python-azure-ai-formrecognizer, python-azure-synapse-managedprivateendpoints, python-azure-synapse-monitoring, python-azure-template contains the following fixes:

Changes in azure-cli, azurecli-core: - Update in SLE-15. (bsc#1189411, bsc#1191482) - Fix regression in patch to disable update check. (bsc#1192671)

- New upstream release 2.17.1:
- For detailed information about changes see the HISTORY.rst file provided with this package
Changes in python-azure-core: - Update from 1.9.0 to 1.22.1. (bsc#1189411, bsc#1191482) For detailed information about changes see the CHANGELOG.md file provided with this package

Changes in python-azure-batch: - Update in SLE-15 (bsc#1189411, bsc#1191482)

- New upstream release
- Version 10.0.0
- For detailed information about changes see the CHANGELOG.md file provided with this package

- Only build Python3 flavors for distributions 15 and greater

Changes in python-azure-ai-formrecognizer: - Inclusion in SLE-15 .(bsc#1189411, bsc#1191482)

Changes in python-azure-mgmt-compute: - Update in SLE-15 (bsc#1189411, bsc#1191482)

- New upstream release
- Version 18.0.0
- For detailed information about changes see the CHANGELOG.md file provided with this package

- Version 17.0.0

Changes in python-azure-mgmt-containerregistry: - Update in SLE-15 (bsc#1189411, bsc#1191482)

- New upstream release
- Version 3.0.0rc16
- For detailed information about changes see the CHANGELOG.md file provided with this package
Changes in python-azure-mgmt-databoxedge: - Update in SLE-15 (bsc#1189411, bsc#1191482)

- New upstream release
- Version 0.2.0
- For detailed information about changes see the CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Changes in python-azure-mgmt-network: - Update in SLE-15 (bsc#1189411, bsc#1191482)

- New upstream release
- Version 17.0.0
- For detailed information about changes see the CHANGELOG.md file provided with this package
- Changes in python-azure-mgmt-security: - Update in SLE-15 (bsc#1189411, bsc#1191482)

- New upstream release
- Version 0.6.0
- For detailed information about changes see the CHANGELOG.md file provided with this package
Changes in python-azure-synapse-managedprivateendpoints: - Inclusion in SLE-15 .(bsc#1189411, bsc#1191482)

Changes in python-azure-synapse-monitoring: - Inclusion in SLE-15 .(bsc#1189411, bsc#1191482)

Changes in python-azure-template: - Inclusion in SLE-15 .(bsc#1189411, bsc#1191482)

Changes in python-azure-sdk:

Update in SLE-15 (bsc#1189411, bsc#1191482)
- Add python-azure-sdk (Python2) to Obsoletes
- Add additional packages from the Azure SDK to Requires
- python-azure-ai-formrecognizer
- python-azure-synapse-managedprivateendpoints
- python-azure-synapse-monitoring
- python-azure-template
- Remove all version constraints in Requires
Only build Python3 flavors for distributions 15 and greater
Changes in python-msrest: - Update from 0.6.19 to 0.6.21. (bsc#1189411, bsc#1191482) For detailed information about changes see the CHANGELOG.md file provided with this package
  
-----------------------------------------------------------------
Advisory ID: SUSE-feature-2022:2390-1
Released:    Wed Jul 13 16:52:47 2022
Summary:     Feature update for build, obs-scm-bridge, obs-service-tar_scm, osc
Type:        feature
Severity:    moderate
References:  1197298,1197699,1198740,1200148
This feature update for build, obs-scm-bridge, obs-service-tar_scm, osc fixes the following issues:

Support the Multi Factor Authentication and the git based workflow. (jsc#SLE-24657, jsc#SLE-24652, jsc#SLE-24653)

Please, see the following details changes for more information.


Upgrade build from version 20210120 to 20220613 as obs-scm-bridge dependency (jsc#SLE-24657, jsc#SLE-24652, jsc#SLE-24653)

- Stop building aarch64_ilp32 baselibs for aarch64
- avod aio=io_uring for now on SLE15-SP4 workers
- Update SLE 15 SP4 and Leap 15.4 build config (bsc#1198740)
- Use aio=io_uring if available (bsc#1197699)
- debian cross build support via multi-arch (obsoleting cbinstall remnants)
- Tumbleweed config synced
- documentation updates
- rename --debug to --debuginfo to be more exact.
- docu: add buildflags:ccachtype and OBS-DoNotAppendProfileToContainername
- Use git+https instead of git-https as url schema
- add oops=panic kernel parameter
- Updated distribution configurations (esp. Leap 15.4 and Tumbleweed)
- new preinstallimages are using zstd by default
- source subdirectories are used in git managed sources
- supporting kvm builds as non-root user
- Extend stage selection support for rpm builds
- various distribution config updates
- Support 'BuildFlags: cumulaterpms' (was done only via suse_version before)
- docker:
  * Add support for --root and --installroot global zypper options
  * improve registry handling
  * initial Dockerfile.dapper support
  * support 'curl' commands in docker builds
  * strip known domains from container name
  * support container alias names
- pbuild:
  * add --debug option for building debuginfo packages
  * Use /.dockerenv as marker for docker environment
  * support privileged docker/nspawn mode
  * move --cap-add=SYS_ADMIN --cap-add=MKNOD to privileged mode
  * initvm: do not attempt to mount /proc and binfmt_misc handler if present
  * rename --hide-timestamps to --no-timestamps
  * reuse options from older builds
  * revised --single build mode
  * support ccache
  * Implement SCC calculation
  * Improve --shell-after-build and --single options
  * initial documentation of pbuild
- Kiwi:
  * always append the profile name to kiwi container names
  * Add support for OBS-RemoteAsset and OBS-CopyToImage directives
- container builds:
  * support newer podman versions
  * supporting multiple containers for multi-stage builds
  * FROM scratch build support
- Other fixes:
  * Avoid shutdown of host when using nspawn
  * change sccache default size limit
  * speed up improvements in
    - vm shutdown
    - rpm preinstall
    - avoid calling external commands in a loop
    - using zstd for preinstallimages
    - no more unpacking progress indicators to avoid slowdown
    - virtio handling
  * fixed vm-type=qemu
  * multiple smaller bugfixes and speed improvements
  * Load selinux policy when using a preinstall image
  * Use the pax format for preinstall images if bsdtar is available
  * Add %riscv to std_macros
  * Fix combine_configs dropping newlines
  * epoch handling in debian builds
  * catch more cases where a failed build is marked as host error
  * fixing wrong status reporting when a job got killed
  * hugetlbfs handling fixes
  * try mounting selinuxfs in VM
  * Create the /sys dir when preinstalling (to satisfy dracut)
- Features:
  * Add arm32 and loongarch definitions
  * Add compatibility code to initvm
  * Use upstream way of binfmt argv0 preservation (bsc#1197298)
  * Add template support for Build::SimpleJSON
  * download_assets: add --outdir --clean --show-dir-srcmd5 parameters support multiple --arch arguments
  * asset support for golang modules
  * add support for LXC 4.
  * new shortcuts for rpm building:
    --rpm-noprep, --rpm-build-in-place, --rpm-build-in-place-noprep
    for building directly from upstream git repositories without any tar ball.
  * mount securityfs if not mounted by kernel-obs-build
  * collect steal time during VM builds in statistics.
  * declare armv8 and armv7 compatible
  * support OBS Debuginfo build flag for Red Hat variants
  * setup rpmmacros for all build types and earlier
  * introducing --verbose option, currently only showing kernel messages.
  * support cpio creation for special files
  * handle QEMU >= 6.0 on POWER9
  * deb zstd support (for Ubuntu 21.10)
  * support KVM builds with enabled network
  * modulemd support improvements
  * Support a 'Distmacro' directive for recipe parser-only macros
  * initial config for Leap 15.4
  * Unify ccache and sccache handling
  * Fix unpacking of deb/arch archives without bsdtar
  * cross architecture build support (for rpm and kiwi)
  * modulemd meta data support
  * supporting external asset stores for source files
  * support multiple post build checks placed in the directory:
    /usr/lib/build/post-build-checks/
  * sccache support
  * New --shell-after-fail option
  * allow to disable squashfs in SimpleImage
  * supporting aarch64 kernel on armv?l distributions
  * Supporting URL's in Flatpak manifests


Provide obs-scm-bridge on version 0.2: (jsc#SLE-24657, jsc#SLE-24652, jsc#SLE-24653)
  * no shallow clone when used with osc
  * support for LFS fetch
  * Fixes for _config file export and path handling
  * Fix a traceback when a project or a package is managed in scm, print a warning instead.

Update osc from version 0.172.0 to 0.179.0 (jsc#SLE-24657, jsc#SLE-24652, jsc#SLE-24653)

- 0.179.0
  - signature (ssh key) authetication fixes (RSA key support, skip binary files)
  - commandline: handle calls without arguments gracefully
  - use percent-quoted url for download url generation
  - osc co/up: highlight pending requests' header
  - get_results(): fix check for empty details
  - another exception for github URLs for 'osc add'
  - update Sphinx configuration, documentation fixes
  - make Sphinx optional in setup.py not to break package builds
  - support flavors in aggregatepac
  - check if repos provided to aggregatepac command exist
  - several coding style fixes
- 0.178.0
  - EXPERIMENTAL: git repository handling
    * init command is working inside of a git repository
    * downloadassets command fetches references assets from build description
    * checkout is cloning from git
  - EXPERIMENTAL: signature (ssh key) authetication
    * allow to configure 'sshkey' option in the config
    * try to guess ssh key from the keys added to ssh-agent
    * rename OscHTTPBasicAuthHandler to OscHTTPAuthHandler
    * simplify bad auth retry workaround needed for old python versions
  - add support for building preinstall images
  - add support for building Helm charts
  - show the md5s that are failing to validate after fetching a package
  - add missing space to copypac completion
  - never require login in the help command
  - linkdiff: raise an exception when an added file is missing
  - run tests via calling 'setup.py test'
  - several coding style fixes
- spec file:
  - run tests via calling 'setup.py test'
  - disabled tests in debian.rules
- 0.177.0
  * switch to python3 in osc-wrapper and make python3 explicit
  * allow formatting of the sccache uri
  * show repository state and details
  * a few minor fixes and improvements in credentials handling
  * order credential managers by priority
  * kernel keyring is now supported as credential manager
  * support regex based name filtering in core.get_prj_results()
  * revision parsing parseRevisionOption(): cleanup and make logic consistent
  * use sr_ids[0] for superseding (fixes issues with superseding requests containing many packages
  * download logs and metadata in subdirs named by packages when osc getbinaries is issued on project level or in 
    multibuild case
- spec file:
  * recommed python-keyring-keyutils for new kernel keyring backend 
- 0.176.0
  * add -F option to osc submitreq
  * add --verbose option to build command
  * fix getbinaries command to fetch also multibuild packages
  * fix getbinaries -M/--multibuild-package option usage
  * skip fetching metadata and logs in the getbinaries command
  * do not download a bdep with a hdrmd5 from the api by default
  * re-download file from API when hdrmd5 doesn't match
  * honor --download-api-only option
  * remove Windows from the supported operating systems
  * fix license in setup.py
  * add py3.10 and py3.11 to the classifiers in setup.py
  * use the latest version of COPYING file from gnu.org
  * fix crash on terminal resize during download
  * do not fail with a traceback in case of a config error
  * preserve oscrc symlink when writing conf file
  * escape % character in binary download URLs
  * fix printing paths to built debian packages
- 0.175.1:
  * Modified SPEC file to be more compatible with KOJI and COPR.
  ** Modified SPEC file to use python3 for CentOS/RHEL 7
  ** Modified SPEC file use fedora/rhel version macros.
  ** Changed perl to sed in %install section of SPEC file.
- 0.175.0:
  * do not crash when running 'osc search --binary --verbose foo'
  * don't run source services when building outside of an OSC package working copy
  * fix XDG_CONFIG_HOME
  * offer a force ('f') choice in metafile.edit's error handling code path
  * fix XPath used in search requests
  * add support for creating a workflow token via 'osc token'
  * handle missing os.sysconf more gracefully
  * detachbranch: remove _link when link target got removed
  * improve error message in case of an URLError
  * fix downloading from mirrors
  * avoid sending entire projects on 'osc mr'
  * fix hdmrd5 check of local cached files
  * improve logic for conffile mode handling
- 0.174.0:
  * fix password deletion via 'osc config -d <apiurl> pass'
  * support changing the password store via 'osc config <apiurl>
    --select-password-store')
  * support slash syntax in osc browse ('osc browse prj/pkg' is equivalent to
    'osc browse prj pkg')
  * fix the commit of a frozen package wc
  * fix local product builds using obsrepositories:/ directives
  * print a meaningful message when trying to a commit a non-existent package
- force Mageia >= 8 builds to python3; python2 is deprecated in Mageia 8 and up.
- 0.173.0:
  * add showlinked command to show all references of packages linking to a given one
  * add build --shell-after-build flag. It can also be set via .oscrc.
  * add build --stage flag. Useful for example for fixing file lists and just
    running the install section to see the result of it (use --stage=i=).
    Check the help for more details.
  * allow to run build script as non-root, by setting su-wrapper empty
    => osc is not guessing anymore if user builds are wanted
  * add support for cross arch local build using a sysroot
  * support slash notation in 'osc creq -a <action type> args'
  * add '--force' option to the 'osc add' command (can be used to override
    the exclude_glob config option)
  * support the commit of arbitrary sized files
  * add support for sccache
- Install macros.osc to %{_rpmmacrodir}, not to /etc/rpm.


Update obs-service-tar_scm from version 0.10.22.1615538418.07a353d to version 0.10.30.1641990734.bdad8f9 (bsc#1200148)

- Update to version 0.10.30.1641990734.bdad8f9:
  * fixes for python2.7 compatibility
  * fix test cases
  * fix various linter problems with pylint 2.11.1
  * disable consider-using-f-string in pylint
  * added TC for _stash_pop_required
  * assertTarIsDeeply now more verbose in case of failure
  * remove tearDown/Trace from testenv.py
  * fix regression to keep local changes when running in osc
  * various fixes to make linter happy
  * fix tests for python 2.7
- Update to version 0.10.29.1634038025.85bfc3f:
  * fix test cases
  * fix various linter problems with pylint 2.11.1
  * disable consider-using-f-string in pylint
  * added TC for _stash_pop_required
  * assertTarIsDeeply now more verbose in case of failure
  * remove tearDown/Trace from testenv.py
  * fix regression to keep local changes when running in osc
- Update to version 0.10.28.1632141620.a8837d3:
  * fix missing 'checkout' when running in osc
  * fix breakage on version detection
  * change locale
- Update to version 0.10.27.1626072657.0fb7a03:
  * [ci] enhanced github actions for multiple python versions
  * Create main.yml
  * Change date format from short to %Y%m%d.
- Update to version 0.10.26.1624258505.aed4969:
  * almalinux in spec file
  * fix include filters for obscpio files
  * fix python interpreter for mageia 8
  * TarScm: use owner/group root in  .obscpio files
- Update to version 0.10.26.1623775884.87f49a8:
  * fixed include/exclude filtering
  * add '--' to git log command if file/dir equal revision exists
  * add '--source' to git log command
  * disabled consider-using-with in .pylint*rc
  * package .gitignore files
  * Fix version _none_ generate tarball with '-'
  * Prevent KeyError in check_for_branch_request method
  * removed skipped test case (obsolete since 5 yrs)
  * testing for obscpio/obsinfo
  * fix regression - obsinfo included the version string
  * Revert 'remove useless variables'
  * remove useless variables
  * added param --without-version
  * extracted dstname to _dstname
  * cleanup TarSCM/tasks.py for pylint
  * add date/time to logging output for better debugging
  * Fix typos

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2395-1
Released:    Thu Jul 14 10:21:26 2022
Summary:     Security update for virglrenderer
Type:        security
Severity:    important
References:  1195389,CVE-2022-0135
This update for virglrenderer fixes the following issues:

- CVE-2022-0135: Fix OOB in read_transfer_data. (bsc#1195389)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2396-1
Released:    Thu Jul 14 11:57:58 2022
Summary:     Security update for logrotate
Type:        security
Severity:    important
References:  1192449,1199652,1200278,1200802,CVE-2022-1348
This update for logrotate fixes the following issues:

Security issues fixed:

- CVE-2022-1348: Fixed insecure permissions for state file creation (bsc#1199652).
- Improved coredump handing for SUID binaries (bsc#1192449).

Non-security issues fixed:

- Fixed 'logrotate emits unintended warning: keyword size not properly separated, found 0x3d' (bsc#1200278, bsc#1200802).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2399-1
Released:    Thu Jul 14 15:47:55 2022
Summary:     Recommended update for scap-security-guide
Type:        recommended
Severity:    moderate
References:  
This update for scap-security-guide fixes the following issues:

ComplianceAsCode was updated to 0.1.62 (jsc#ECO-3319):

- Update rhel8 stig to v1r6
- OL7 STIG v2r7 update
- Initial definition of ANSSI BP28 minmal profile for SUSE Linux Enterprise

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2402-1
Released:    Thu Jul 14 16:58:22 2022
Summary:     Security update for python-PyJWT
Type:        security
Severity:    important
References:  1199756,CVE-2022-29217
This update for python-PyJWT fixes the following issues:

- CVE-2022-29217: Fixed key confusion through non-blocklisted public key format (bsc#1199756).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2406-1
Released:    Fri Jul 15 11:49:01 2022
Summary:     Recommended update for glibc
Type:        recommended
Severity:    moderate
References:  1197718,1199140,1200334,1200855
This update for glibc fixes the following issues:

- powerpc: Fix VSX register number on __strncpy_power9 (bsc#1200334)
- Disable warnings due to deprecated libselinux symbols used by nss and nscd (bsc#1197718)
- i386: Remove broken CAN_USE_REGISTER_ASM_EBP (bsc#1197718)
- rtld: Avoid using up static TLS surplus for optimizations (bsc#1200855, BZ #25051)

This readds the s390 32bit glibc and libcrypt1 libraries (glibc-32bit, glibc-locale-base-32bit, libcrypt1-32bit).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2426-1
Released:    Mon Jul 18 09:27:51 2022
Summary:     Recommended update for rsyslog
Type:        recommended
Severity:    moderate
References:  1198939
This update for rsyslog fixes the following issues:

- Remove inotify watch descriptor in imfile on inode change detected (bsc#1198939)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2448-1
Released:    Wed Jul 20 10:15:30 2022
Summary:     Security update for dovecot23
Type:        security
Severity:    important
References:  1201267,CVE-2022-30550
This update for dovecot23 fixes the following issues:

- CVE-2022-30550: Fixed privilege escalation in dovecot when similar master and non-master passdbs are used (bsc#1201267).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2454-1
Released:    Wed Jul 20 15:28:09 2022
Summary:     Recommended update for SAPHanaSR
Type:        recommended
Severity:    important
References:  1198780,1198897
This update for SAPHanaSR fixes the following issues:

- Version bump to 0.160.1
- fix HANA_CALL function to support MCOS environments again
  (bsc#1198780)
- fix SAPHanaSR-replay-archive to handle hb_report archives again
  (bsc#1198897)
- add HANA_CALL_TIMEOUT parameter back to the resource agents and
  read the setting from the cluster configuration, if available.
  Defaults to '60'.
  Related to github issue#36
- add new HA/DR provider hook susTkOver
  (jsc#SLE-16347)
- add new hook script for SAP HANA System Replication Scale-Up Cost
  Optimized Scenario.
  (jsc#SLE-18613)
- add a new instance parameter 'REMOVE_SAP_SOCKETS'.
  It is an optional parameter and defaults to 'true'. Now you can
  control, if the RA should remove the unix domain sockets related
  to sapstartsrv before (re-)start sapstartsrv or if it should try
  to adjust the permissions and ownership of these files instead.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2456-1
Released:    Wed Jul 20 15:29:59 2022
Summary:     Recommended update for cloud-regionsrv-client
Type:        recommended
Severity:    moderate
References:  1199668
This update for cloud-regionsrv-client fixes the following issues:

- Update to version 10.0.4 (bsc#1199668)
  - Store the update server certs in the '/etc' path instead of '/usr' to accomodate read only setup of SLE-Micro

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2458-1
Released:    Wed Jul 20 16:15:15 2022
Summary:     Recommended update for regionServiceClientConfigEC2
Type:        recommended
Severity:    moderate
References:  1199668
This update for regionServiceClientConfigEC2 fixes the following issues:

- Update to version 4.0.0 (bsc#1199668)
  - Move cert location to usr form var to accomodate ro filesystem of SLE-Micro
  - Fix source location in spec file

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2459-1
Released:    Wed Jul 20 16:16:13 2022
Summary:     Recommended update for regionServiceClientConfigGCE
Type:        recommended
Severity:    moderate
References:  1199668
This update for regionServiceClientConfigGCE fixes the following issues:

- Update to version 4.0.0 (bsc#1199668)
  - Move the cert location to /usr for compatibility with ro setup of SLE-Micro
  - Fix url in spec file to pint to the proper location of the source

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2469-1
Released:    Thu Jul 21 04:38:31 2022
Summary:     Recommended update for systemd
Type:        recommended
Severity:    important
References:  1137373,1181658,1194708,1195157,1197570,1198732,1200170,1201276
This update for systemd fixes the following issues:

- Make {/etc,/usr/lib}/systemd/network owned by both udev and systemd-network. The configuration files put in these
  directories are read by both udevd and systemd-networkd (bsc#1201276)
- Allow control characters in environment variable values (bsc#1200170)
- Fix issues with multipath setup (bsc#1137373, bsc#1181658, bsc#1194708, bsc#1195157, bsc#1197570)
- Fix parsing error in s390 udev rules conversion script (bsc#1198732)
- core/device: device_coldplug(): don't set DEVICE_DEAD
- core/device: do not downgrade device state if it is already enumerated
- core/device: drop unnecessary condition

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2473-1
Released:    Thu Jul 21 09:21:30 2022
Summary:     Recommended update for firewalld
Type:        recommended
Severity:    moderate
References:  1198814
This update for firewalld fixes the following issues:

- Fix regression introduced in previous patch (an api change to a
  function also needed backporting) (bsc#1198814)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2487-1
Released:    Thu Jul 21 11:41:58 2022
Summary:     Recommended update for python-urlgrabber
Type:        recommended
Severity:    moderate
References:  
This update for python-urlgrabber fixes the following issues:

- Fix wrong logic on `find_proxy` method causing proxy not being used

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2493-1
Released:    Thu Jul 21 14:35:08 2022
Summary:     Recommended update for rpm-config-SUSE
Type:        recommended
Severity:    moderate
References:  1193282
This update for rpm-config-SUSE fixes the following issues:

- Add SBAT values macros for other packages (bsc#1193282)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2494-1
Released:    Thu Jul 21 15:16:42 2022
Summary:     Recommended update for glibc
Type:        recommended
Severity:    important
References:  1200855,1201560,1201640
This update for glibc fixes the following issues:

- Remove tunables from static tls surplus patch which caused crashes (bsc#1200855)
- i386: Disable check_consistency for GCC 5 and above (bsc#1201640, BZ #25788)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2523-1
Released:    Fri Jul 22 09:36:50 2022
Summary:     Security update for webkit2gtk3
Type:        security
Severity:    important
References:  1201221,CVE-2022-22662,CVE-2022-22677,CVE-2022-26710
This update for webkit2gtk3 fixes the following issues:

Update to version 2.36.4 (bsc#1201221):

- CVE-2022-22662: Processing maliciously crafted web content may disclose sensitive user information.
- CVE-2022-22677: The video in a webRTC call may be interrupted if the audio capture gets interrupted.
- CVE-2022-26710: Processing maliciously crafted web content may lead to arbitrary code execution.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2530-1
Released:    Fri Jul 22 16:00:44 2022
Summary:     Security update for java-1_8_0-openjdk
Type:        security
Severity:    important
References:  1198671,1198672,1198673,1198674,1198675,CVE-2022-21426,CVE-2022-21434,CVE-2022-21443,CVE-2022-21476,CVE-2022-21496
This update for java-1_8_0-openjdk fixes the following issues:

Update to version jdk8u332 - April 2022 CPU (icedtea-3.23.0)

- CVE-2022-21426: Better XPath expression handling (bsc#1198672)
- CVE-2022-21443: Improved Object Identification (bsc#1198675)
- CVE-2022-21434: Better invocation handler handling (bsc#1198674)
- CVE-2022-21476: Improve Santuario processing (bsc#1198671)
- CVE-2022-21496: Improve URL supports (bsc#1198673)

And further Security fixes, Import of OpenJDK 8 u332, Backports and Bug fixes.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2532-1
Released:    Fri Jul 22 17:23:16 2022
Summary:     Security update for python-M2Crypto
Type:        security
Severity:    important
References:  1178829,CVE-2020-25657
This update for python-M2Crypto fixes the following issues:

- CVE-2020-25657: Fixed Bleichenbacher timing attacks in the RSA decryption API (bsc#1178829).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2533-1
Released:    Fri Jul 22 17:37:15 2022
Summary:     Security update for mozilla-nss
Type:        security
Severity:    important
References:  1192079,1192080,1192086,1192087,1192228,1198486,1200027,CVE-2022-31741
This update for mozilla-nss fixes the following issues:

Various FIPS 140-3 related fixes were backported from SUSE Linux Enterprise 15 SP4:

- Makes the PBKDF known answer test compliant with NIST SP800-132. (bsc#1192079). 
- FIPS: Add on-demand integrity tests through sftk_FIPSRepeatIntegrityCheck()
  (bsc#1198980).
- FIPS: mark algorithms as approved/non-approved according to security policy
  (bsc#1191546, bsc#1201298).
- FIPS: remove hard disabling of unapproved algorithms. This requirement is now
  fulfilled by the service level indicator (bsc#1200325).
- Run test suite at build time, and make it pass (bsc#1198486).
- FIPS: skip algorithms that are hard disabled in FIPS mode.
- Prevent expired PayPalEE cert from failing the tests.
- Allow checksumming to be disabled, but only if we entered FIPS mode
  due to NSS_FIPS being set, not if it came from /proc.
- FIPS: Make the PBKDF known answer test compliant with NIST SP800-132.
- Update FIPS validation string to version-release format.
- FIPS: remove XCBC MAC from list of FIPS approved algorithms.
- Enable NSS_ENABLE_FIPS_INDICATORS and set NSS_FIPS_MODULE_ID
  for build.
- FIPS: claim 3DES unapproved in FIPS mode (bsc#1192080).
- FIPS: allow testing of unapproved algorithms (bsc#1192228).
- FIPS: add version indicators. (bmo#1729550, bsc#1192086).
- FIPS: fix some secret clearing (bmo#1697303, bsc#1192087).

Version update to NSS 3.79:

- Use PK11_GetSlotInfo instead of raw C_GetSlotInfo calls.
- Update mercurial in clang-format docker image.
- Use of uninitialized pointer in lg_init after alloc fail.
- selfserv and tstclnt should use PR_GetPrefLoopbackAddrInfo.
- Add SECMOD_LockedModuleHasRemovableSlots.
- Fix secasn1d parsing of indefinite SEQUENCE inside indefinite GROUP.
- Added RFC8422 compliant TLS <= 1.2 undefined/compressed ECPointFormat extension alerts.
- TLS 1.3 Server: Send protocol_version alert on unsupported ClientHello.legacy_version.
- Correct invalid record inner and outer content type alerts.
- NSS does not properly import or export pkcs12 files with large passwords and pkcs5v2 encoding.
- improve error handling after nssCKFWInstance_CreateObjectHandle.
- Initialize pointers passed to NSS_CMSDigestContext_FinishMultiple.
- NSS 3.79 should depend on NSPR 4.34   

Version update to NSS 3.78.1:

- Initialize pointers passed to NSS_CMSDigestContext_FinishMultiple

Version update to NSS 3.78:

- Added TLS 1.3 zero-length inner plaintext checks and tests, zero-length record/fragment handling tests.
- Reworked overlong record size checks and added TLS1.3 specific boundaries.
- Add ECH Grease Support to tstclnt
- Add a strict variant of moz::pkix::CheckCertHostname.
- Change SSL_REUSE_SERVER_ECDHE_KEY default to false.
- Make SEC_PKCS12EnableCipher succeed
- Update zlib in NSS to 1.2.12.

Version update to NSS 3.77:

- Fix link to TLS page on wireshark wiki
- Add two D-TRUST 2020 root certificates.
- Add Telia Root CA v2 root certificate.
- Remove expired explicitly distrusted certificates from certdata.txt.
- support specific RSA-PSS parameters in mozilla::pkix
- Remove obsolete stateEnd check in SEC_ASN1DecoderUpdate.
- Remove token member from NSSSlot struct.
- Provide secure variants of mpp_pprime and mpp_make_prime.
- Support UTF-8 library path in the module spec string.
- Update nssUTF8_Length to RFC 3629 and fix buffer overrun.
- Update googletest to 1.11.0
- Add SetTls13GreaseEchSize to experimental API.
- TLS 1.3 Illegal legacy_version handling/alerts.
- Fix calculation of ECH HRR Transcript.
- Allow ld path to be set as environment variable.
- Ensure we don't read uninitialized memory in ssl gtests.
- Fix DataBuffer Move Assignment.
- internal_error alert on Certificate Request with sha1+ecdsa in TLS 1.3
- rework signature verification in mozilla::pkix

Version update to NSS 3.76.1

- Remove token member from NSSSlot struct.
- Hold tokensLock through nssToken_GetSlot calls in nssTrustDomain_GetActiveSlots.
- Check return value of PK11Slot_GetNSSToken.
- Use Wycheproof JSON for RSASSA-PSS
- Add SHA256 fingerprint comments to old certdata.txt entries.
- Avoid truncating files in nss-release-helper.py.
- Throw illegal_parameter alert for illegal extensions in handshake message.

Version update to NSS 3.75

- Make DottedOIDToCode.py compatible with python3.
- Avoid undefined shift in SSL_CERT_IS while fuzzing.
- Remove redundant key type check.
- Update ABI expectations to match ECH changes.
- Enable CKM_CHACHA20.
- check return on NSS_NoDB_Init and NSS_Shutdown.
- Run ECDSA test vectors from bltest as part of the CI tests.
- Add ECDSA test vectors to the bltest command line tool.
- Allow to build using clang's integrated assembler.
- Allow to override python for the build.
- test HKDF output rather than input.
- Use ASSERT macros to end failed tests early.
- move assignment operator for DataBuffer.
- Add test cases for ECH compression and unexpected extensions in SH.
- Update tests for ECH-13.
- Tidy up error handling.
- Add tests for ECH HRR Changes.
- Server only sends GREASE HRR extension if enabled by preference.
- Update generation of the Associated Data for ECH-13.
- When ECH is accepted, reject extensions which were only advertised in the Outer Client Hello.
- Allow for compressed, non-contiguous, extensions.
- Scramble the PSK extension in CHOuter.
- Split custom extension handling for ECH.
- Add ECH-13 HRR Handling.
- Client side ECH padding.
- Stricter ClientHelloInner Decompression.
- Remove ECH_inner extension, use new enum format.
- Update the version number for ECH-13 and adjust the ECHConfig size.

Version update to NSS 3.74

- mozilla::pkix: support SHA-2 hashes in CertIDs in OCSP responses
- Ensure clients offer consistent ciphersuites after HRR
- NSS does not properly restrict server keys based on policy
- Set nssckbi version number to 2.54
- Replace Google Trust Services LLC (GTS) R4 root certificate
- Replace Google Trust Services LLC (GTS) R3 root certificate
- Replace Google Trust Services LLC (GTS) R2 root certificate
- Replace Google Trust Services LLC (GTS) R1 root certificate
- Replace GlobalSign ECC Root CA R4
- Remove Expired Root Certificates - DST Root CA X3
- Remove Expiring Cybertrust Global Root and GlobalSign root certificates
- Add renewed Autoridad de Certificacion Firmaprofesional CIF A62634068 root certificate
- Add iTrusChina ECC root certificate
- Add iTrusChina RSA root certificate
- Add ISRG Root X2 root certificate
- Add Chunghwa Telecom's HiPKI Root CA - G1 root certificate
- Avoid a clang 13 unused variable warning in opt build
- Check for missing signedData field
- Ensure DER encoded signatures are within size limits

- enable key logging option (boo#1195040)

Version update to NSS 3.73.1:

- Add SHA-2 support to mozilla::pkix's OSCP implementation

Version update to NSS 3.73

- check for missing signedData field.
- Ensure DER encoded signatures are within size limits.
- NSS needs FiPS 140-3 version indicators.
- pkix_CacheCert_Lookup doesn't return cached certs
- sunset Coverity from NSS

Fixed MFSA 2021-51 (bsc#1193170) CVE-2021-43527: Memory corruption via DER-encoded DSA and RSA-PSS signatures

Version update to NSS 3.72

- Fix nsinstall parallel failure.
- Increase KDF cache size to mitigate perf regression in about:logins

Version update to NSS 3.71

- Set nssckbi version number to 2.52.
- Respect server requirements of tlsfuzzer/test-tls13-signature-algorithms.py
- Import of PKCS#12 files with Camellia encryption is not supported
- Add HARICA Client ECC Root CA 2021.
- Add HARICA Client RSA Root CA 2021.
- Add HARICA TLS ECC Root CA 2021.
- Add HARICA TLS RSA Root CA 2021.
- Add TunTrust Root CA certificate to NSS.

Version update to NSS 3.70

- Update test case to verify fix.
- Explicitly disable downgrade check in TlsConnectStreamTls13.EchOuterWith12Max
- Explicitly disable downgrade check in TlsConnectTest.DisableFalseStartOnFallback
- Avoid using a lookup table in nssb64d.
- Use HW accelerated SHA2 on AArch64 Big Endian.
- Change default value of enableHelloDowngradeCheck to true.
- Cache additional PBE entries.
- Read HPKE vectors from official JSON.

Version update to NSS 3.69.1:

- Disable DTLS 1.0 and 1.1 by default
- integrity checks in key4.db not happening on private components with AES_CBC

NSS 3.69:

- Disable DTLS 1.0 and 1.1 by default (backed out again)
- integrity checks in key4.db not happening on private components with AES_CBC (backed out again)
- SSL handling of signature algorithms ignores environmental invalid algorithms.
- sqlite 3.34 changed it's open semantics, causing nss failures.
- Gtest update changed the gtest reports, losing gtest details in all.sh reports.
- NSS incorrectly accepting 1536 bit DH primes in FIPS mode
- SQLite calls could timeout in starvation situations.
- Coverity/cpp scanner errors found in nss 3.67
- Import the NSS documentation from MDN in nss/doc.
- NSS using a tempdir to measure sql performance not active

Version Update to 3.68.4 (bsc#1200027)

- CVE-2022-31741: Initialize pointers passed to NSS_CMSDigestContext_FinishMultiple.  (bmo#1767590)


Mozilla NSPR was updated to version 4.34:

* add an API that returns a preferred loopback IP on hosts that have two IP stacks available.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2546-1
Released:    Mon Jul 25 14:43:22 2022
Summary:     Security update for gpg2
Type:        security
Severity:    important
References:  1196125,1201225,CVE-2022-34903
This update for gpg2 fixes the following issues:

- CVE-2022-34903: Fixed a status injection vulnerability (bsc#1201225).
- Use AES as default cipher instead of 3DES when we are in FIPS mode. (bsc#1196125)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2548-1
Released:    Tue Jul 26 13:48:28 2022
Summary:     Critical update for python-cssselect
Type:        recommended
Severity:    critical
References:  
This update for python-cssselect implements packages to the unrestrictied repository.
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2550-1
Released:    Tue Jul 26 14:00:21 2022
Summary:     Security update for git
Type:        security
Severity:    important
References:  1201431,CVE-2022-29187
This update for git fixes the following issues:

- CVE-2022-29187: Incomplete fix for CVE-2022-24765: potential command injection via git worktree (bsc#1201431).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2561-1
Released:    Wed Jul 27 14:18:56 2022
Summary:     Security update for mariadb
Type:        security
Severity:    important
References:  1195076,1195325,1195334,1195339,1196016,1198603,1198604,1198605,1198606,1198607,1198609,1198610,1198611,1198612,1198613,1198628,1198629,1198630,1198631,1198632,1198633,1198634,1198635,1198636,1198637,1198638,1198639,1198640,1199928,CVE-2021-46657,CVE-2021-46658,CVE-2021-46659,CVE-2021-46661,CVE-2021-46663,CVE-2021-46664,CVE-2021-46665,CVE-2021-46668,CVE-2021-46669,CVE-2022-24048,CVE-2022-24050,CVE-2022-24051,CVE-2022-24052,CVE-2022-27376,CVE-2022-27377,CVE-2022-27378,CVE-2022-27379,CVE-2022-27380,CVE-2022-27381,CVE-2022-27382,CVE-2022-27383,CVE-2022-27384,CVE-2022-27386,CVE-2022-27387,CVE-2022-27444,CVE-2022-27445,CVE-2022-27446,CVE-2022-27447,CVE-2022-27448,CVE-2022-27449,CVE-2022-27451,CVE-2022-27452,CVE-2022-27455,CVE-2022-27456,CVE-2022-27457,CVE-2022-27458
This update for mariadb fixes the following issues:

- Added mariadb-galera (jsc#SLE-22245)

Update to 10.6.8 (bsc#1199928):

- CVE-2021-46669 (bsc#1199928)
- CVE-2022-27376 (bsc#1198628)
- CVE-2022-27377 (bsc#1198603)
- CVE-2022-27378 (bsc#1198604)
- CVE-2022-27379 (bsc#1198605)
- CVE-2022-27380 (bsc#1198606)
- CVE-2022-27381 (bsc#1198607)
- CVE-2022-27382 (bsc#1198609)
- CVE-2022-27383 (bsc#1198610)
- CVE-2022-27384 (bsc#1198611)
- CVE-2022-27386 (bsc#1198612)
- CVE-2022-27387 (bsc#1198613)
- CVE-2022-27444 (bsc#1198634)
- CVE-2022-27445 (bsc#1198629)
- CVE-2022-27446 (bsc#1198630)
- CVE-2022-27447 (bsc#1198631)
- CVE-2022-27448 (bsc#1198632)
- CVE-2022-27449 (bsc#1198633)
- CVE-2022-27451 (bsc#1198639)
- CVE-2022-27452 (bsc#1198640)
- CVE-2022-27455 (bsc#1198638)
- CVE-2022-27456 (bsc#1198635)
- CVE-2022-27457 (bsc#1198636)
- CVE-2022-27458 (bsc#1198637)

- The following issue is not affecting this package: CVE-2022-21427

Update to 10.6.7 (bsc#1196016):

- CVE-2021-46665, CVE-2021-46664, CVE-2021-46661, CVE-2021-46668, CVE-2021-46663 

Update to 10.6.6: 

- CVE-2022-24052, CVE-2022-24051, CVE-2022-24050, CVE-2022-24048, CVE-2021-46659 (bsc#1195339)

The following issues have been fixed already but didn't have CVE references:

- CVE-2021-46658 (bsc#1195334)
- CVE-2021-46657 (bsc#1195325)

Non security fixes:

- Skip failing tests for s390x, fixes bsc#1195076

External refernences:

- https://mariadb.com/kb/en/library/mariadb-1068-release-notes
- https://mariadb.com/kb/en/library/mariadb-1068-changelog
- https://mariadb.com/kb/en/library/mariadb-1067-release-notes
- https://mariadb.com/kb/en/library/mariadb-1067-changelog
- https://mariadb.com/kb/en/library/mariadb-1066-release-notes
- https://mariadb.com/kb/en/library/mariadb-1066-changelog

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2566-1
Released:    Wed Jul 27 15:04:49 2022
Summary:     Security update for pcre2
Type:        security
Severity:    important
References:  1199235,CVE-2022-1587
This update for pcre2 fixes the following issues:

- CVE-2022-1587: Fixed out-of-bounds read due to bug in recursions (bsc#1199235).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2573-1
Released:    Thu Jul 28 04:24:19 2022
Summary:     Recommended update for libzypp, zypper
Type:        recommended
Severity:    moderate
References:  1194550,1197684,1199042
This update for libzypp, zypper fixes the following issues:

libzypp:

- appdata plugin: Pass path to the repodata/ directory inside the cache (bsc#1197684)
- zypp-rpm: flush rpm script output buffer before sending endOfScriptTag
- PluginRepoverification: initial version hooked into repo::Downloader and repo refresh
- Immediately start monitoring the download.transfer_timeout. Do not wait until the first data arrived (bsc#1199042)
- singletrans: no dry-run commit if doing just download-only
- Work around cases where sat repo.start points to an invalid solvable. May happen if (wrong arch) solvables were 
  removed at the  beginning of the repo.
- Fix misplaced #endif SINGLE_RPMTRANS_AS_DEFAULT_FOR_ZYPPER

zypper:

- Basic JobReport for 'cmdout/monitor'
- versioncmp: if verbose, also print the edition 'parts' which are compared
- Make sure MediaAccess is closed on exception (bsc#1194550)
- Display plus-content hint conditionally
- Honor the NO_COLOR environment variable when auto-detecting whether to use color
- Define table columns which should be sorted natural [case insensitive]
- lr/ls: Use highlight color on name and alias as well

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2583-1
Released:    Fri Jul 29 10:42:06 2022
Summary:     Security update for aws-iam-authenticator
Type:        security
Severity:    important
References:  1201395,CVE-2022-2385
This update for aws-iam-authenticator fixes the following issues:

- CVE-2022-2385: Fixed AccessKeyID validation bypass (bsc#1201395).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2592-1
Released:    Fri Jul 29 13:34:21 2022
Summary:     Security update for rubygem-tzinfo
Type:        security
Severity:    important
References:  1201835,CVE-2022-31163
This update for rubygem-tzinfo fixes the following issues:

- CVE-2022-31163: Fixed relative path traversal vulnerability that allows TZInfo::Timezone.get to load arbitrary files (bsc#1201835).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2593-1
Released:    Fri Jul 29 13:48:28 2022
Summary:     Recommended update for perl-IO-Socket-SSL
Type:        recommended
Severity:    moderate
References:  1200295
This update for perl-IO-Socket-SSL fixes the following issues:

- Follow system crypto-policies 'PROFILE=SYSTEM' on OpenSSL ciphers (bsc#1200295)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2595-1
Released:    Fri Jul 29 16:00:42 2022
Summary:     Security update for mozilla-nss
Type:        security
Severity:    important
References:  1192079,1192080,1192086,1192087,1192228,1198486,1200027,CVE-2022-31741
This update for mozilla-nss fixes the following issues:

Various FIPS 140-3 related fixes were backported from SUSE Linux Enterprise 15 SP4:

- Makes the PBKDF known answer test compliant with NIST SP800-132. (bsc#1192079). 
- FIPS: Add on-demand integrity tests through sftk_FIPSRepeatIntegrityCheck()
  (bsc#1198980).
- FIPS: mark algorithms as approved/non-approved according to security policy
  (bsc#1191546, bsc#1201298).
- FIPS: remove hard disabling of unapproved algorithms. This requirement is now
  fulfilled by the service level indicator (bsc#1200325).
- Run test suite at build time, and make it pass (bsc#1198486).
- FIPS: skip algorithms that are hard disabled in FIPS mode.
- Prevent expired PayPalEE cert from failing the tests.
- Allow checksumming to be disabled, but only if we entered FIPS mode
  due to NSS_FIPS being set, not if it came from /proc.
- FIPS: Make the PBKDF known answer test compliant with NIST SP800-132.
- Update FIPS validation string to version-release format.
- FIPS: remove XCBC MAC from list of FIPS approved algorithms.
- Enable NSS_ENABLE_FIPS_INDICATORS and set NSS_FIPS_MODULE_ID
  for build.
- FIPS: claim 3DES unapproved in FIPS mode (bsc#1192080).
- FIPS: allow testing of unapproved algorithms (bsc#1192228).
- FIPS: add version indicators. (bmo#1729550, bsc#1192086).
- FIPS: fix some secret clearing (bmo#1697303, bsc#1192087).

Version update to NSS 3.79:

- Use PK11_GetSlotInfo instead of raw C_GetSlotInfo calls.
- Update mercurial in clang-format docker image.
- Use of uninitialized pointer in lg_init after alloc fail.
- selfserv and tstclnt should use PR_GetPrefLoopbackAddrInfo.
- Add SECMOD_LockedModuleHasRemovableSlots.
- Fix secasn1d parsing of indefinite SEQUENCE inside indefinite GROUP.
- Added RFC8422 compliant TLS <= 1.2 undefined/compressed ECPointFormat extension alerts.
- TLS 1.3 Server: Send protocol_version alert on unsupported ClientHello.legacy_version.
- Correct invalid record inner and outer content type alerts.
- NSS does not properly import or export pkcs12 files with large passwords and pkcs5v2 encoding.
- improve error handling after nssCKFWInstance_CreateObjectHandle.
- Initialize pointers passed to NSS_CMSDigestContext_FinishMultiple.
- NSS 3.79 should depend on NSPR 4.34   

Version update to NSS 3.78.1:

- Initialize pointers passed to NSS_CMSDigestContext_FinishMultiple

Version update to NSS 3.78:

- Added TLS 1.3 zero-length inner plaintext checks and tests, zero-length record/fragment handling tests.
- Reworked overlong record size checks and added TLS1.3 specific boundaries.
- Add ECH Grease Support to tstclnt
- Add a strict variant of moz::pkix::CheckCertHostname.
- Change SSL_REUSE_SERVER_ECDHE_KEY default to false.
- Make SEC_PKCS12EnableCipher succeed
- Update zlib in NSS to 1.2.12.

Version update to NSS 3.77:

- Fix link to TLS page on wireshark wiki
- Add two D-TRUST 2020 root certificates.
- Add Telia Root CA v2 root certificate.
- Remove expired explicitly distrusted certificates from certdata.txt.
- support specific RSA-PSS parameters in mozilla::pkix
- Remove obsolete stateEnd check in SEC_ASN1DecoderUpdate.
- Remove token member from NSSSlot struct.
- Provide secure variants of mpp_pprime and mpp_make_prime.
- Support UTF-8 library path in the module spec string.
- Update nssUTF8_Length to RFC 3629 and fix buffer overrun.
- Update googletest to 1.11.0
- Add SetTls13GreaseEchSize to experimental API.
- TLS 1.3 Illegal legacy_version handling/alerts.
- Fix calculation of ECH HRR Transcript.
- Allow ld path to be set as environment variable.
- Ensure we don't read uninitialized memory in ssl gtests.
- Fix DataBuffer Move Assignment.
- internal_error alert on Certificate Request with sha1+ecdsa in TLS 1.3
- rework signature verification in mozilla::pkix

Version update to NSS 3.76.1

- Remove token member from NSSSlot struct.
- Hold tokensLock through nssToken_GetSlot calls in nssTrustDomain_GetActiveSlots.
- Check return value of PK11Slot_GetNSSToken.
- Use Wycheproof JSON for RSASSA-PSS
- Add SHA256 fingerprint comments to old certdata.txt entries.
- Avoid truncating files in nss-release-helper.py.
- Throw illegal_parameter alert for illegal extensions in handshake message.

Version update to NSS 3.75

- Make DottedOIDToCode.py compatible with python3.
- Avoid undefined shift in SSL_CERT_IS while fuzzing.
- Remove redundant key type check.
- Update ABI expectations to match ECH changes.
- Enable CKM_CHACHA20.
- check return on NSS_NoDB_Init and NSS_Shutdown.
- Run ECDSA test vectors from bltest as part of the CI tests.
- Add ECDSA test vectors to the bltest command line tool.
- Allow to build using clang's integrated assembler.
- Allow to override python for the build.
- test HKDF output rather than input.
- Use ASSERT macros to end failed tests early.
- move assignment operator for DataBuffer.
- Add test cases for ECH compression and unexpected extensions in SH.
- Update tests for ECH-13.
- Tidy up error handling.
- Add tests for ECH HRR Changes.
- Server only sends GREASE HRR extension if enabled by preference.
- Update generation of the Associated Data for ECH-13.
- When ECH is accepted, reject extensions which were only advertised in the Outer Client Hello.
- Allow for compressed, non-contiguous, extensions.
- Scramble the PSK extension in CHOuter.
- Split custom extension handling for ECH.
- Add ECH-13 HRR Handling.
- Client side ECH padding.
- Stricter ClientHelloInner Decompression.
- Remove ECH_inner extension, use new enum format.
- Update the version number for ECH-13 and adjust the ECHConfig size.

Version update to NSS 3.74

- mozilla::pkix: support SHA-2 hashes in CertIDs in OCSP responses
- Ensure clients offer consistent ciphersuites after HRR
- NSS does not properly restrict server keys based on policy
- Set nssckbi version number to 2.54
- Replace Google Trust Services LLC (GTS) R4 root certificate
- Replace Google Trust Services LLC (GTS) R3 root certificate
- Replace Google Trust Services LLC (GTS) R2 root certificate
- Replace Google Trust Services LLC (GTS) R1 root certificate
- Replace GlobalSign ECC Root CA R4
- Remove Expired Root Certificates - DST Root CA X3
- Remove Expiring Cybertrust Global Root and GlobalSign root certificates
- Add renewed Autoridad de Certificacion Firmaprofesional CIF A62634068 root certificate
- Add iTrusChina ECC root certificate
- Add iTrusChina RSA root certificate
- Add ISRG Root X2 root certificate
- Add Chunghwa Telecom's HiPKI Root CA - G1 root certificate
- Avoid a clang 13 unused variable warning in opt build
- Check for missing signedData field
- Ensure DER encoded signatures are within size limits

- enable key logging option (boo#1195040)

Version update to NSS 3.73.1:

- Add SHA-2 support to mozilla::pkix's OSCP implementation

Version update to NSS 3.73

- check for missing signedData field.
- Ensure DER encoded signatures are within size limits.
- NSS needs FiPS 140-3 version indicators.
- pkix_CacheCert_Lookup doesn't return cached certs
- sunset Coverity from NSS

Fixed MFSA 2021-51 (bsc#1193170) CVE-2021-43527: Memory corruption via DER-encoded DSA and RSA-PSS signatures

Version update to NSS 3.72

- Fix nsinstall parallel failure.
- Increase KDF cache size to mitigate perf regression in about:logins

Version update to NSS 3.71

- Set nssckbi version number to 2.52.
- Respect server requirements of tlsfuzzer/test-tls13-signature-algorithms.py
- Import of PKCS#12 files with Camellia encryption is not supported
- Add HARICA Client ECC Root CA 2021.
- Add HARICA Client RSA Root CA 2021.
- Add HARICA TLS ECC Root CA 2021.
- Add HARICA TLS RSA Root CA 2021.
- Add TunTrust Root CA certificate to NSS.

Version update to NSS 3.70

- Update test case to verify fix.
- Explicitly disable downgrade check in TlsConnectStreamTls13.EchOuterWith12Max
- Explicitly disable downgrade check in TlsConnectTest.DisableFalseStartOnFallback
- Avoid using a lookup table in nssb64d.
- Use HW accelerated SHA2 on AArch64 Big Endian.
- Change default value of enableHelloDowngradeCheck to true.
- Cache additional PBE entries.
- Read HPKE vectors from official JSON.

Version update to NSS 3.69.1:

- Disable DTLS 1.0 and 1.1 by default
- integrity checks in key4.db not happening on private components with AES_CBC

NSS 3.69:

- Disable DTLS 1.0 and 1.1 by default (backed out again)
- integrity checks in key4.db not happening on private components with AES_CBC (backed out again)
- SSL handling of signature algorithms ignores environmental invalid algorithms.
- sqlite 3.34 changed it's open semantics, causing nss failures.
- Gtest update changed the gtest reports, losing gtest details in all.sh reports.
- NSS incorrectly accepting 1536 bit DH primes in FIPS mode
- SQLite calls could timeout in starvation situations.
- Coverity/cpp scanner errors found in nss 3.67
- Import the NSS documentation from MDN in nss/doc.
- NSS using a tempdir to measure sql performance not active

Version Update to 3.68.4 (bsc#1200027)

- CVE-2022-31741: Initialize pointers passed to NSS_CMSDigestContext_FinishMultiple.  (bmo#1767590)



-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2611-1
Released:    Mon Aug  1 09:57:27 2022
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    important
References:  1201758,CVE-2022-36318,CVE-2022-36319
This update for MozillaFirefox fixes the following issues:

Firefox Extended Support Release 91.12.0 ESR (bsc#1201758):

- CVE-2022-36319: Mouse Position spoofing with CSS transforms
- CVE-2022-36318: Directory indexes for bundled resources reflected URL parameters

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2613-1
Released:    Mon Aug  1 10:28:50 2022
Summary:     Recommended update for python-parallax
Type:        recommended
Severity:    moderate
References:  1200833
This update for python-parallax fixes the following issues:

- Don't use ssh if a command is running on local (bsc#1200833) 

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2616-1
Released:    Mon Aug  1 10:43:46 2022
Summary:     Recommended update for scap-security-guide
Type:        recommended
Severity:    moderate
References:  
This update for scap-security-guide fixes the following issues:

- Fix the build for RHEL 7 and clones (python-setuptools is used) 


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2619-1
Released:    Mon Aug  1 16:01:28 2022
Summary:     Security update for gimp
Type:        security
Severity:    moderate
References:  1199653,CVE-2022-30067
This update for gimp fixes the following issues:

- CVE_2022-30067: Fixed an out of memory when reading. (bsc#1199653)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2632-1
Released:    Wed Aug  3 09:51:00 2022
Summary:     Security update for permissions
Type:        security
Severity:    important
References:  1198720,1200747,1201385
This update for permissions fixes the following issues:

* apptainer: fix starter-suid location (bsc#1198720)
* static permissions: remove deprecated bind / named chroot entries (bsc#1200747)
* postfix: add postlog setgid for maildrop binary (bsc#1201385)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2633-1
Released:    Wed Aug  3 10:33:50 2022
Summary:     Security update for mokutil
Type:        security
Severity:    moderate
References:  1198458
This update for mokutil fixes the following issues:

- Adds SBAT revocation support to mokutil. (bsc#1198458)

New options added (see manpage):

- mokutil --set-sbat-policy  (latest | previous | delete)
  to set the SBAT acceptance policy.

- mokutil --list-sbat-revocations

  To list the current SBAT revocations.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2640-1
Released:    Wed Aug  3 10:43:44 2022
Summary:     Recommended update for yaml-cpp
Type:        recommended
Severity:    moderate
References:  1160171,1178331,1178332,1200624
This update for yaml-cpp fixes the following issue:

- Version 0.6.3 changed ABI without changing SONAME. Re-add symbol from the old
  ABI to prevent ABI breakage and crash of applications compiled with 0.6.1 
  (bsc#1200624, bsc#1178332, bsc#1178331, bsc#1160171).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2646-1
Released:    Wed Aug  3 12:41:33 2022
Summary:     Security update for python-numpy
Type:        security
Severity:    moderate
References:  1193911,CVE-2021-41495
This update for python-numpy fixes the following issues:

- CVE-2021-41495: Fixed Null Pointer Dereference in numpy.sort (bsc#1193911).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2647-1
Released:    Wed Aug  3 13:44:01 2022
Summary:     Security update for tiff
Type:        security
Severity:    low
References:  1201174,1201175,1201176,CVE-2022-2056,CVE-2022-2057,CVE-2022-2058
This update for tiff fixes the following issues:

- CVE-2022-2056: Fixed a division by zero denial of service (bsc#1201176).
- CVE-2022-2057: Fixed a division by zero denial of service (bsc#1201175).
- CVE-2022-2058: Fixed a division by zero denial of service (bsc#1201174).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2650-1
Released:    Wed Aug  3 15:09:21 2022
Summary:     Security update for java-1_8_0-ibm
Type:        security
Severity:    important
References:  1191912,1194931,1198670,1198671,1198672,1198673,1198674,1198675,1201643,CVE-2021-35561,CVE-2022-21299,CVE-2022-21426,CVE-2022-21434,CVE-2022-21443,CVE-2022-21449,CVE-2022-21476,CVE-2022-21496
This update for java-1_8_0-ibm fixes the following issues:

Update to Java 8.0 Service Refresh 7 Fix Pack 10 [bsc#1201643]

- CVE-2022-21476 (bsc#1198671), CVE-2022-21449 (bsc#1198670),
  CVE-2022-21496 (bsc#1198673), CVE-2022-21434 (bsc#1198674),
  CVE-2022-21426 (bsc#1198672), CVE-2022-21443 (bsc#1198675),
  CVE-2021-35561 (bsc#1191912), CVE-2022-21299 (bsc#1194931).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2655-1
Released:    Wed Aug  3 15:47:49 2022
Summary:     Security update for postgresql-jdbc
Type:        security
Severity:    moderate
References:  1197356,CVE-2022-26520
This update for postgresql-jdbc fixes the following issues:

- CVE-2022-26520: Fixed arbitrary File Write Vulnerability (bsc#1197356)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2658-1
Released:    Wed Aug  3 21:04:57 2022
Summary:     Security update for keylime
Type:        security
Severity:    important
References:  1199253,1200885,1201466,1201866,CVE-2022-1053,CVE-2022-31250
This update for keylime fixes the following issues:

Update to version 6.3.2, including fixes for:

- CVE-2022-1053: Fixed Tenant and Verifier might not use the same registrar data (bsc#1199253).
- CVE-2022-31250: Fixed %post scriplet allows for privilege escalation from keylime user to root (bsc#1200885).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2660-1
Released:    Wed Aug  3 21:06:01 2022
Summary:     Security update for java-17-openjdk
Type:        security
Severity:    important
References:  1201684,1201685,1201692,1201694,CVE-2022-21540,CVE-2022-21541,CVE-2022-21549,CVE-2022-34169
This update for java-17-openjdk fixes the following issues:

Update to upstream tag jdk-17.0.4+8 (July 2022 CPU)

- CVE-2022-21540: Improve class compilation (bsc#1201694)
- CVE-2022-21541: Enhance MethodHandle invocations (bsc#1201692)
- CVE-2022-34169: Improve Xalan supports (bsc#1201684)
- CVE-2022-21549: java.util.random does not correctly sample exponential or Gaussian distributions (bsc#1201685)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2661-1
Released:    Wed Aug  3 21:07:23 2022
Summary:     Security update for u-boot
Type:        security
Severity:    important
References:  1201214,1201745,CVE-2022-33967,CVE-2022-34835
This update for u-boot fixes the following issues:

- CVE-2022-33967: Fixed heap overflow in squashfs filesystem implementation (bsc#1201745).
- CVE-2022-34835: Fixed stack buffer overflow vulnerability in i2c md command (bsc#1201214).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2664-1
Released:    Thu Aug  4 09:22:06 2022
Summary:     Security update for harfbuzz
Type:        security
Severity:    important
References:  1200900,CVE-2022-33068
This update for harfbuzz fixes the following issues:

- CVE-2022-33068: Fixed a integer overflow in hb-ot-shape-fallback.cc (bsc#1200900).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2668-1
Released:    Thu Aug  4 10:23:44 2022
Summary:     Recommended update for ldns
Type:        recommended
Severity:    moderate
References:  1200843

This update of ldns fixes the following issue:

- ldns is shipped to the unsupported packagehub module as dependency of unbound. (bsc#1200843)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2673-1
Released:    Thu Aug  4 14:07:09 2022
Summary:     Security update for python-ujson
Type:        security
Severity:    moderate
References:  1201254,1201255,CVE-2022-31116,CVE-2022-31117
This update for python-ujson fixes the following issues:

- CVE-2022-31116: Fixed improper decoding of escaped surrogate characters (bsc#1201255).
- CVE-2022-31117: Fixed a double free while reallocating a buffer for string decoding (bsc#1201254).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2681-1
Released:    Fri Aug  5 11:19:46 2022
Summary:     Security update for wavpack
Type:        security
Severity:    low
References:  1201716,CVE-2022-2476
This update for wavpack fixes the following issues:

- CVE-2022-2476: Fixed a Null pointer dereference in wvunpack (bsc#1201716).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2687-1
Released:    Fri Aug  5 13:13:00 2022
Summary:     Security update for fwupd
Type:        security
Severity:    moderate
References:  1193921,1198581
This update for fwupd fixes the following issues:

- Ignore non-PCI NVMe devices (e.g. NVMe-over-Fabrics) when probing (bsc#1193921)
- package was rebuilt with new UEFI secure boot key. (bsc#1198581)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2691-1
Released:    Fri Aug  5 18:12:17 2022
Summary:     Security update for python-M2Crypto
Type:        security
Severity:    important
References:  1178829,CVE-2020-25657
This update for python-M2Crypto fixes the following issues:

- CVE-2020-25657: Fixed Bleichenbacher timing attacks in the RSA decryption API (bsc#1178829).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2703-1
Released:    Tue Aug  9 09:09:13 2022
Summary:     Recommended update for python-google-resumable-media
Type:        recommended
Severity:    moderate
References:  1197841
This update for python-google-resumable-media fixes the following issues:

- Fix testsuite invocation (bsc#1197841)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2707-1
Released:    Tue Aug  9 10:18:18 2022
Summary:     Security update for java-11-openjdk
Type:        security
Severity:    important
References:  1201684,1201692,1201694,CVE-2022-21540,CVE-2022-21541,CVE-2022-34169
This update for java-11-openjdk fixes the following issues:

Update to upstream tag jdk-11.0.16+8 (July 2022 CPU)

- CVE-2022-21540: Improve class compilation (bsc#1201694)
- CVE-2022-21541: Enhance MethodHandle invocations (bsc#1201692)
- CVE-2022-34169: Improve Xalan supports (bsc#1201684)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2713-1
Released:    Tue Aug  9 12:38:05 2022
Summary:     Security update for bind
Type:        security
Severity:    important
References:  1192146,1197135,1197136,1199044,1200685,CVE-2021-25219,CVE-2021-25220,CVE-2022-0396
This update for bind fixes the following issues:

- CVE-2021-25219: Fixed flaw that allowed abusing lame cache to severely degrade resolver performance (bsc#1192146).
- CVE-2021-25220: Fixed potentially incorrect answers by cached forwarders (bsc#1197135).
- CVE-2022-0396: Fixed a incorrect handling of TCP connection slots time frame  leading to deny of service (bsc#1197136).

The following non-security bugs were fixed:

- Update to release 9.16.31 (jsc#SLE-24600). 
- Logrotation broken since dropping chroot (bsc#1200685).
- A non-existent initialization script (eg a leftorver
  'createNamedConfInclude' in /etc/sysconfig/named) may cause named
  not to start. A warning message is printed in named.prep and
  the fact is ignored.
  Also, the return value of a failed script was not handled properly
  causing a failed script to not prevent named to start. This
  is now fixed properly.
  [bsc#1199044, vendor-files.tar.bz2]

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2717-1
Released:    Tue Aug  9 12:54:16 2022
Summary:     Security update for ncurses
Type:        security
Severity:    moderate
References:  1198627,CVE-2022-29458
This update for ncurses fixes the following issues:

- CVE-2022-29458: Fixed segfaulting out-of-bounds read in convert_strings in tinfo/read_entry.c (bsc#1198627).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2735-1
Released:    Wed Aug 10 04:31:41 2022
Summary:     Recommended update for tar
Type:        recommended
Severity:    moderate
References:  1200657
This update for tar fixes the following issues:

- Fix race condition while creating intermediate subdirectories (bsc#1200657)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2737-1
Released:    Wed Aug 10 04:33:19 2022
Summary:     Recommended update for gedit
Type:        recommended
Severity:    moderate
References:  1198312
This update for gedit fixes the following issues:

- Add necessary dependency to resolve schema 'is not installed' error after install in WSL (bsc#1198312)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2748-1
Released:    Wed Aug 10 13:30:07 2022
Summary:     Security update for MozillaThunderbird
Type:        security
Severity:    important
References:  1201758,CVE-2022-36318,CVE-2022-36319
This update for MozillaThunderbird fixes the following issues:

- Mozilla Thunderbird 91.12
  * changed: Support for Google Talk chat accounts removed
  * fixed: OpenPGP signatures were broken when 'Primary Password'
    dialog remained open
  * fixed: Various security fixes

- Security fixes (MFSA 2022-31) (bsc#1201758):
  - CVE-2022-36319: Fixed mouse Position spoofing with CSS transforms (bmo#1737722)
  - CVE-2022-36318: Fixed directory indexes for bundled resources reflected URL parameters (bmo#1771774)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2749-1
Released:    Wed Aug 10 13:32:57 2022
Summary:     Recommended update for go1.19
Type:        recommended
Severity:    moderate
References:  1200441
This update for go1.19 fixes the following issues:

go1.19 (released 2022-08-02) is a major release of Go.

go1.19.x minor releases will be provided through August 2023.

  https://github.com/golang/go/wiki/Go-Release-Cycle

go1.19 arrives five months after go1.18. Most of its changes are
in the implementation of the toolchain, runtime, and libraries.

As always, the release maintains the Go 1 promise of
compatibility. We expect almost all Go programs to continue to
compile and run as before.  (Refs bsc#1200441 go1.19 release tracking)

* See release notes https://golang.org/doc/go1.19. Excerpts
  relevant to OBS environment and for SUSE/openSUSE follow:
* There is only one small change to the language, a very small
  correction to the scope of type parameters in method
  declarations. Existing programs are unaffected.
* The Go memory model has been revised to align Go with the
  memory model used by C, C++, Java, JavaScript, Rust, and
  Swift. Go only provides sequentially consistent atomics, not
  any of the more relaxed forms found in other languages. Along
  with the memory model update, Go 1.19 introduces new types in
  the sync/atomic package that make it easier to use atomic
  values, such as atomic.Int64 and atomic.Pointer[T].
* go1.19 adds support for the Loongson 64-bit architecture
  LoongArch on Linux (GOOS=linux, GOARCH=loong64). The ABI
  implemented is LP64D. Minimum kernel version supported is 5.19.
* The riscv64 port now supports passing function arguments and
  result using registers. Benchmarking shows typical performance
  improvements of 10% or more on riscv64.
* Go 1.19 adds support for links, lists, and clearer headings in
  doc comments. As part of this change, gofmt now reformats doc
  comments to make their rendered meaning clearer. See 'Go Doc
  Comments' for syntax details and descriptions of common
  mistakes now highlighted by gofmt. As another part of this
  change, the new package go/doc/comment provides parsing and
  reformatting of doc comments as well as support for rendering
  them to HTML, Markdown, and text.
* The new build constraint 'unix' is now recognized in //go:build
  lines. The constraint is satisfied if the target operating
  system, also known as GOOS, is a Unix or Unix-like system. For
  the 1.19 release it is satisfied if GOOS is one of aix,
  android, darwin, dragonfly, freebsd, hurd, illumos, ios, linux,
  netbsd, openbsd, or solaris. In future releases the unix
  constraint may match additional newly supported operating
  systems.
* The -trimpath flag, if set, is now included in the build
  settings stamped into Go binaries by go build, and can be
  examined using go version -m or debug.ReadBuildInfo.
* go generate now sets the GOROOT environment variable explicitly
  in the generator's environment, so that generators can locate
  the correct GOROOT even if built with -trimpath.
* go test and go generate now place GOROOT/bin at the beginning
  of the PATH used for the subprocess, so tests and generators
  that execute the go command will resolve it to same GOROOT.
* go env now quotes entries that contain spaces in the
  CGO_CFLAGS, CGO_CPPFLAGS, CGO_CXXFLAGS, CGO_FFLAGS,
  CGO_LDFLAGS, and GOGCCFLAGS variables it reports.
* go list -json now accepts a comma-separated list of JSON fields
  to populate. If a list is specified, the JSON output will
  include only those fields, and go list may avoid work to
  compute fields that are not included. In some cases, this may
  suppress errors that would otherwise be reported.
* The go command now caches information necessary to load some
  modules, which should result in a speed-up of some go list
  invocations.
* The vet checker 'errorsas' now reports when errors.As is called
  with a second argument of type *error, a common mistake.
* The runtime now includes support for a soft memory limit. This
  memory limit includes the Go heap and all other memory managed
  by the runtime, and excludes external memory sources such as
  mappings of the binary itself, memory managed in other
  languages, and memory held by the operating system on behalf of
  the Go program. This limit may be managed via
  runtime/debug.SetMemoryLimit or the equivalent GOMEMLIMIT
  environment variable. The limit works in conjunction with
  runtime/debug.SetGCPercent / GOGC, and will be respected even
  if GOGC=off, allowing Go programs to always make maximal use of
  their memory limit, improving resource efficiency in some
  cases.
* In order to limit the effects of GC thrashing when the
  program's live heap size approaches the soft memory limit, the
  Go runtime also attempts to limit total GC CPU utilization to
  50%, excluding idle time, choosing to use more memory over
  preventing application progress. In practice, we expect this
  limit to only play a role in exceptional cases, and the new
  runtime metric /gc/limiter/last-enabled:gc-cycle reports when
  this last occurred.
* The runtime now schedules many fewer GC worker goroutines on
  idle operating system threads when the application is idle
  enough to force a periodic GC cycle.
* The runtime will now allocate initial goroutine stacks based on
  the historic average stack usage of goroutines. This avoids
  some of the early stack growth and copying needed in the
  average case in exchange for at most 2x wasted space on
  below-average goroutines.
* On Unix operating systems, Go programs that import package os
  now automatically increase the open file limit (RLIMIT_NOFILE)
  to the maximum allowed value; that is, they change the soft
  limit to match the hard limit. This corrects artificially low
  limits set on some systems for compatibility with very old C
  programs using the select system call. Go programs are not
  helped by that limit, and instead even simple programs like
  gofmt often ran out of file descriptors on such systems when
  processing many files in parallel. One impact of this change is
  that Go programs that in turn execute very old C programs in
  child processes may run those programs with too high a
  limit. This can be corrected by setting the hard limit before
  invoking the Go program.
* Unrecoverable fatal errors (such as concurrent map writes, or
  unlock of unlocked mutexes) now print a simpler traceback
  excluding runtime metadata (equivalent to a fatal panic) unless
  GOTRACEBACK=system or crash. Runtime-internal fatal error
  tracebacks always include full metadata regardless of the value
  of GOTRACEBACK
* Support for debugger-injected function calls has been added on
  ARM64, enabling users to call functions from their binary in an
  interactive debugging session when using a debugger that is
  updated to make use of this functionality.
* The address sanitizer support added in Go 1.18 now handles
  function arguments and global variables more precisely.
* The compiler now uses a jump table to implement large integer
  and string switch statements. Performance improvements for the
  switch statement vary but can be on the order of 20%
  faster. (GOARCH=amd64 and GOARCH=arm64 only)
* The Go compiler now requires the -p=importpath flag to build a
  linkable object file. This is already supplied by the go
  command and by Bazel. Any other build systems that invoke the
  Go compiler directly will need to make sure they pass this flag
  as well.
* The Go compiler no longer accepts the -importmap flag. Build
  systems that invoke the Go compiler directly must use the
  -importcfg flag instead.
* Like the compiler, the assembler now requires the -p=importpath
  flag to build a linkable object file. This is already supplied
  by the go command. Any other build systems that invoke the Go
  assembler directly will need to make sure they pass this flag
  as well.
* Command and LookPath no longer allow results from a PATH search
  to be found relative to the current directory. This removes a
  common source of security problems but may also break existing
  programs that depend on using, say, exec.Command('prog') to run
  a binary named prog (or, on Windows, prog.exe) in the current
  directory. See the os/exec package documentation for
  information about how best to update such programs.
* On Windows, Command and LookPath now respect the
  NoDefaultCurrentDirectoryInExePath environment variable, making
  it possible to disable the default implicit search of “.” in
  PATH lookups on Windows systems.
* crypto/elliptic: Operating on invalid curve points (those for
  which the IsOnCurve method returns false, and which are never
  returned by Unmarshal or by a Curve method operating on a valid
  point) has always been undefined behavior and can lead to key
  recovery attacks. If an invalid point is supplied to Marshal,
  MarshalCompressed, Add, Double, or ScalarMult, they will now
  panic. ScalarBaseMult operations on the P224, P384, and P521
  curves are now up to three times faster, leading to similar
  speedups in some ECDSA operations. The generic (not platform
  optimized) P256 implementation was replaced with one derived
  from a formally verified model; this might lead to significant
  slowdowns on 32-bit platforms.
* crypto/rand: Read no longer buffers random data obtained from
  the operating system between calls. Applications that perform
  many small reads at high frequency might choose to wrap Reader
  in a bufio.Reader for performance reasons, taking care to use
  io.ReadFull to ensure no partial reads occur. The Prime
  implementation was changed to use only rejection sampling,
  which removes a bias when generating small primes in
  non-cryptographic contexts, removes one possible minor timing
  leak, and better aligns the behavior with BoringSSL, all while
  simplifying the implementation. The change does produce
  different outputs for a given random source stream compared to
  the previous implementation, which can break tests written
  expecting specific results from specific deterministic random
  sources. To help prevent such problems in the future, the
  implementation is now intentionally non-deterministic with
  respect to the input stream.
* crypto/tls: The GODEBUG option tls10default=1 has been
  removed. It is still possible to enable TLS 1.0 client-side by
  setting Config.MinVersion. The TLS server and client now reject
  duplicate extensions in TLS handshakes, as required by RFC
  5246, Section 7.4.1.4 and RFC 8446, Section 4.2.
* crypto/x509: CreateCertificate no longer supports creating
  certificates with SignatureAlgorithm set to
  MD5WithRSA. CreateCertificate no longer accepts negative serial
  numbers. CreateCertificate will not emit an empty SEQUENCE
  anymore when the produced certificate has no
  extensions. ParseCertificate and ParseCertificateRequest now
  reject certificates and CSRs which contain duplicate
  extensions. The new CertPool.Clone and CertPool.Equal methods
  allow cloning a CertPool and checking the equivalence of two
  CertPools respectively. The new function ParseRevocationList
  provides a faster, safer to use CRL parser which returns a
  RevocationList. Parsing a CRL also populates the new
  RevocationList fields RawIssuer, Signature, AuthorityKeyId, and
  Extensions, which are ignored by CreateRevocationList. The new
  method RevocationList.CheckSignatureFrom checks that the
  signature on a CRL is a valid signature from a Certificate. The
  ParseCRL and ParseDERCRL functions are now deprecated in favor
  of ParseRevocationList. The Certificate.CheckCRLSignature
  method is deprecated in favor of
  RevocationList.CheckSignatureFrom. The path builder of
  Certificate.Verify was overhauled and should now produce better
  chains and/or be more efficient in complicated scenarios. Name
  constraints are now also enforced on non-leaf certificates.
* crypto/x509/pkix: The types CertificateList and
  TBSCertificateList have been deprecated. The new crypto/x509
  CRL functionality should be used instead.
* debug/elf: The new EM_LOONGARCH and R_LARCH_* constants support
  the loong64 port.
* debug/pe: The new File.COFFSymbolReadSectionDefAux method,
  which returns a COFFSymbolAuxFormat5, provides access to COMDAT
  information in PE file sections. These are supported by new
  IMAGE_COMDAT_* and IMAGE_SCN_* constants.
* runtime: The GOROOT function now returns the empty string
  (instead of 'go') when the binary was built with the -trimpath
  flag set and the GOROOT variable is not set in the process
  environment.
* runtime/metrics: The new /sched/gomaxprocs:threads metric
  reports the current runtime.GOMAXPROCS value. The new
  /cgo/go-to-c-calls:calls metric reports the total number of
  calls made from Go to C. This metric is identical to the
  runtime.NumCgoCall function. The new
  /gc/limiter/last-enabled:gc-cycle metric reports the last GC
  cycle when the GC CPU limiter was enabled. See the runtime
  notes for details about the GC CPU limiter.
* runtime/pprof: Stop-the-world pause times have been
  significantly reduced when collecting goroutine profiles,
  reducing the overall latency impact to the application. MaxRSS
  is now reported in heap profiles for all Unix operating systems
  (it was previously only reported for GOOS=android, darwin, ios,
  and linux).
* runtime/race: The race detector has been upgraded to use thread
  sanitizer version v3 on all supported platforms except
  windows/amd64 and openbsd/amd64, which remain on v2. Compared
  to v2, it is now typically 1.5x to 2x faster, uses half as much
  memory, and it supports an unlimited number of goroutines. On
  Linux, the race detector now requires at least glibc version
  2.17 and GNU binutils 2.26. The race detector is now supported
  on GOARCH=s390x. Race detector support for openbsd/amd64 has
  been removed from thread sanitizer upstream, so it is unlikely
  to ever be updated from v2.
* runtime/trace: When tracing and the CPU profiler are enabled
  simultaneously, the execution trace includes CPU profile
  samples as instantaneous events.
* syscall: On PowerPC (GOARCH=ppc64, ppc64le), Syscall, Syscall6,
  RawSyscall, and RawSyscall6 now always return 0 for return
  value r2 instead of an undefined value. On AIX and Solaris,
  Getrusage is now defined.

- Trace viewer html and javascript files moved from misc/trace in
previous versions to src/cmd/trace/static in go1.19.
* Added files with mode 0644:
  /usr/share/go/1.19/src/cmd/trace/static
  /usr/share/go/1.19/src/cmd/trace/static/README.md
  /usr/share/go/1.19/src/cmd/trace/static/trace_viewer_full.html
  /usr/share/go/1.19/src/cmd/trace/static/webcomponents.min.js

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2753-1
Released:    Wed Aug 10 13:36:18 2022
Summary:     Recommended update for libpulp
Type:        recommended
Severity:    moderate
References:  1200129,1200316
This update for libpulp fixes the following issues:

- Fix ulp tool not patching on high process count (bsc#1200316).
- Implement a timeout feature in case of deadlocks.

- Fix ulp tool crashing on high process count (bsc#1200316).
- Avoid parsing /proc/<pid>/comm when not needed.

Update package with libpulp-0.2.4.

- Fix dlsym interposition changing program behaviour (bsc#1200129)
- Fix free call of mmap'ed buffers (bsc#1200129)
- Fix error message when user has no permission to open livepatch.

Update package with libpulp-0.2.3 (jsc#SLE-20049).

- Add support for endbr64 instructions on function beginning.
- Fix use-after-free bug.
- Fix compilation in Tumbleweed.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2758-1
Released:    Wed Aug 10 14:05:17 2022
Summary:     Recommended update for clamsap
Type:        recommended
Severity:    moderate
References:  
This update for clamsap fixes the following issues:

clamsap was updated to version 0.104 (jsc#PED-805)

* Relax javascript check in PDF
* use https source url, also https URL
* Wildcard support for MIME type lists
* Fix SAR file content scan
* Add option for PDF active content
* Remove own default settings from VsaGetConfig and rely on clamav defaults
* Change default virusname in case clamav does not return any virus name.
* Limit pcre calls
* Increase Version because tested with latest clam engine
* Support new parameter SCANHEURISTICLEVEL

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2790-1
Released:    Fri Aug 12 10:11:24 2022
Summary:     Recommended update for supportutils-plugin-ha-sap
Type:        recommended
Severity:    moderate
References:  1201831
This update for supportutils-plugin-ha-sap fixes the following issues:

- Update to version 0.0.3+git.1659022100.39bfcd6:
  * Update README.md
  * Replace spaces to tabs.
  * Search for other groups too.
  * Include /etc/group in plugin-ha_sap.txt (bsc#1201831)
  * Update ha_sap
  * Update pacemaker.log location change
  * suppress link path in Readme.md
  * add section 'Additional information' to the Readme.md
  * change release status of the project

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2796-1
Released:    Fri Aug 12 14:34:31 2022
Summary:     Recommended update for jitterentropy
Type:        recommended
Severity:    moderate
References:  
This update for jitterentropy fixes the following issues:

jitterentropy is included in version 3.4.0 (jsc#SLE-24941):

This is a FIPS 140-3 / NIST 800-90b compliant userspace jitter entropy generator library, 
used by other FIPS libraries.
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2804-1
Released:    Mon Aug 15 06:58:29 2022
Summary:     Recommended update for gvfs
Type:        recommended
Severity:    moderate
References:  1198718
This update for gvfs fixes the following issues:

- Fixes inability to mount smb shares with samba 4.16 (bsc#1198718)
- Fix build with meson 0.61 and newer
- Package org.gtk.vfs.file-operations.rules polkit rules file as an example in docs

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2810-1
Released:    Tue Aug 16 09:03:20 2022
Summary:     Recommended update for python-kiwi
Type:        recommended
Severity:    moderate
References:  1194992,1197616,1197783
This update for python-kiwi fixes the following issues:

- Preserve the LABEL= setting when the grub config file is re-generated. (bsc#1197616)
- Add ensure empty tmpdirs option for OCI containers. (bsc#1197783)
- Set /.snapshots subvolume to mode 0700 (bsc#1194992)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2818-1
Released:    Tue Aug 16 12:48:08 2022
Summary:     Security update for ceph
Type:        security
Severity:    important
References:  1194131,1195359,1196044,1196785,1200064,1200553,CVE-2021-3979
This update for ceph fixes the following issues:

- Update to 16.2.9-536-g41a9f9a5573:
  + (bsc#1195359, bsc#1200553) rgw: check bucket shard init status in RGWRadosBILogTrimCR 
  + (bsc#1194131) ceph-volume: honour osd_dmcrypt_key_size option (CVE-2021-3979)

- Update to 16.2.9-158-gd93952c7eea:
  + cmake: check for python(\d)\.(\d+) when building boost
  + make-dist: patch boost source to support python 3.10

- Update to ceph-16.2.9-58-ge2e5cb80063:
  + (bsc#1200064, pr#480) Remove last vestiges of docker.io image paths

- Update to 16.2.9.50-g7d9f12156fb:
  + (jsc#SES-2515) High-availability NFS export 
  + (bsc#1196044) cephadm: prometheus: The generatorURL in alerts is only using hostname
  + (bsc#1196785) cephadm: avoid crashing on expected non-zero exit

- Update to 16.2.7-969-g6195a460d89
  + (jsc#SES-2515) High-availability NFS export 

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2825-1
Released:    Tue Aug 16 17:12:47 2022
Summary:     Security update for rsync
Type:        security
Severity:    important
References:  1201840,CVE-2022-29154
This update for rsync fixes the following issues:

- CVE-2022-29154: Fixed an arbitrary file write when connecting to a
  malicious server (bsc#1201840).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2826-1
Released:    Tue Aug 16 17:14:24 2022
Summary:     Security update for webkit2gtk3
Type:        security
Severity:    important
References:  1201980,CVE-2022-32792,CVE-2022-32816
This update for webkit2gtk3 fixes the following issues:

- Update to version 2.36.5 (bsc#1201980):
  - Add support for PAC proxy in the WebDriver implementation.
  - Fix video playback when loaded through custom URIs, this fixes
    video playback in the Yelp documentation browser.
  - Fix WebKitWebView::context-menu when using GTK4.
  - Fix LTO builds with GCC.
  - Fix several crashes and rendering issues.
  
- Security fixes:
  - CVE-2022-32792: Fixed processing maliciously crafted web content may lead to
    arbitrary code execution.
  - CVE-2022-32816: Fixed visiting a website that frames malicious content may lead to
    UI spoofing.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2831-1
Released:    Wed Aug 17 14:41:07 2022
Summary:     Recommended update for aws-efs-utils, python-ansi2html, python-py, python-pytest-html, python-pytest-metadata, python-pytest-rerunfailures, python-coverage, python-oniconfig, python-unittest-mixins
Type:        security
Severity:    moderate
References:  1195916,1196696,CVE-2020-29651
This update for aws-efs-utils, python-ansi2html, python-py, python-pytest-html, python-pytest-metadata, python-pytest-rerunfailures fixes the following issues:

- Update in SLE-15 (bsc#1196696, bsc#1195916, jsc#SLE-23972)

- Remove redundant python3 dependency from Requires
- Update regular expression to fix python shebang
- Style is enforced upstream and triggers unnecessary build version requirements
- Allow specifying fs_id in cloudwatch log group name
- Includes fix for stunnel path
- Added hardening to systemd service(s). 
- Raise minimal pytest version
- Fix typo in the ansi2html Requires
- Cleanup with spec-cleaner
- Make sure the tests are really executed
- Remove useless devel dependency
- Multiprocessing support in Python 3.8 was broken, but is now fixed
- Bumpy the URL to point to github rather than to docs


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2835-1
Released:    Wed Aug 17 16:52:22 2022
Summary:     Security update for ntfs-3g_ntfsprogs
Type:        security
Severity:    important
References:  1199978,CVE-2021-46790,CVE-2022-30783,CVE-2022-30784,CVE-2022-30785,CVE-2022-30786,CVE-2022-30787,CVE-2022-30788,CVE-2022-30789
This update for ntfs-3g_ntfsprogs fixes the following issues:

Updated to version 2022.5.17 (bsc#1199978):
- CVE-2022-30783: Fixed an issue where messages between NTFS-3G and
  the kernel could be intercepted when using libfuse-lite.
- CVE-2022-30784: Fixed a memory exhaustion issue when opening a
  crafted NTFS image.
- CVE-2022-30785: Fixed a bug where arbitrary memory read and write
  operations could be achieved whe using libfuse-lite.
- CVE-2022-30786: Fixed a memory corruption issue when opening a
  crafted NTFS image.
- CVE-2022-30787: Fixed an integer underflow which enabled arbitrary
  memory read operations when using libfuse-lite.
- CVE-2022-30788: Fixed a memory corruption issue when opening a
  crafted NTFS image.
- CVE-2022-30789: Fixed a memory corruption issue when opening a
  crafted NTFS image.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2844-1
Released:    Thu Aug 18 14:41:25 2022
Summary:     Recommended update for tar
Type:        recommended
Severity:    important
References:  1202436
This update for tar fixes the following issues:

- A regression in a previous update lead to potential deadlocks when extracting an archive. (bsc#1202436)

 
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2848-1
Released:    Fri Aug 19 03:57:50 2022
Summary:     Recommended update for gdm
Type:        recommended
Severity:    important
References:  1200323
This update for gdm fixes the following issues:

- Disable Wayland on aspeed chipsets because of performance issues (bsc#1200323)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2849-1
Released:    Fri Aug 19 03:59:48 2022
Summary:     Recommended update for at
Type:        recommended
Severity:    moderate
References:  1196219
This update for at fixes the following issues:

- Fixes an issue when an error 'Read-only file system' appears when writing to '/dev/kmsg'. (bsc#1196219)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2851-1
Released:    Fri Aug 19 09:57:06 2022
Summary:     Recommended update for rustup
Type:        recommended
Severity:    moderate
References:  1200499
This update for rustup fixes the following issues:

- added correct provides to the obsoletes of older rust subpackages, to get correct provides
  obsoletes pairs and allow better transition between RPMs. (bsc#1200499)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2853-1
Released:    Fri Aug 19 15:59:42 2022
Summary:     Recommended update for sle-module-legacy-release
Type:        recommended
Severity:    low
References:  1202498
This update for python-iniconfig provides the following fix:

- Ship python3-iniconfig also to openSUSE 15.3 and 15.4 (bsc#1202498)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2856-1
Released:    Fri Aug 19 16:10:43 2022
Summary:     Security update for java-1_8_0-openjdk
Type:        security
Severity:    important
References:  1195163,1201684,1201692,1201694,CVE-2022-21540,CVE-2022-21541,CVE-2022-34169
This update for java-1_8_0-openjdk fixes the following issues:

- Updated to version jdk8u345 (icedtea-3.24.0)
    - CVE-2022-21540: Fixed a potential Java sandbox bypass (bsc#1201694).
    - CVE-2022-21541: Fixed a potential Java sandbox bypass (bsc#1201692).
    - CVE-2022-34169: Fixed an issue where arbitrary bytecode could
      be executed via a malicious stylesheet (bsc#1201684).

- Non-security fixes:
    - Allowed for customization of PKCS12 keystores (bsc#1195163).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2869-1
Released:    Mon Aug 22 17:08:50 2022
Summary:     Security update for u-boot
Type:        security
Severity:    important
References:  1201213,CVE-2022-33103
This update for u-boot fixes the following issues:

- CVE-2022-33103: Fixed a flaw in the squashfs subsystem that could
  lead to arbitrary code execution (bsc#1201213).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2870-1
Released:    Mon Aug 22 23:02:55 2022
Summary:     Security update for rubygem-rails-html-sanitizer
Type:        security
Severity:    moderate
References:  1201183,CVE-2022-32209
This update for rubygem-rails-html-sanitizer fixes the following issues:

- CVE-2022-32209: Fixed a potential content injection under specific
  configurations (bsc#1201183).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2874-1
Released:    Tue Aug 23 10:33:35 2022
Summary:     Security update for perl-HTTP-Daemon
Type:        security
Severity:    moderate
References:  1201157,CVE-2022-31081
This update for perl-HTTP-Daemon fixes the following issues:

- CVE-2022-31081: Fixed request smuggling in HTTP::Daemon (bsc#1201157).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2877-1
Released:    Tue Aug 23 13:31:23 2022
Summary:     Security update for cosign
Type:        security
Severity:    important
References:  1202157,CVE-2022-35929
This update for cosign fixes the following issues:

- Updated to 1.10.1 (jsc#SLE-23879):
  - CVE-2022-35929: Fixed an issue where cosign verify-attestation --type
    could report false positives when there was at least one attestation
    with a valid signature and there were no attestations of the type
    being verified (bsc#1202157).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2879-1
Released:    Tue Aug 23 14:49:17 2022
Summary:     Recommended update for scap-security-guide
Type:        recommended
Severity:    moderate
References:  1200122,1200149,1200163
This update for scap-security-guide fixes the following issues:

scap-security-guide was updated to 0.1.63 (jsc#ECO-3319):

- multiple bugfixes in SUSE profiles
- Expand project guidelines 
- Add Draft OCP4 STIG profile 
- Add anssi_bp28_intermediary profile 
- add products/uos20 to support UnionTech OS Server 20
- products/alinux3: Add CIS Alibaba Cloud Linux 3 profiles
- Remove WRLinux Products
- Update CIS RHEL8 Benchmark for v2.0.0

SUSE specific issues fixed:

- stig: /etc/shadow group owner should not be root but shadow (bsc#1200149)
- sles15_script-stig.sh: remediation_functions: No such file or directory (bsc#1200163)
- SLES-15-010130 - The SUSE operating system must initiate a session lock after a 15-minute period of inactivity (bsc#1200122)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2889-1
Released:    Thu Aug 25 04:11:03 2022
Summary:     Recommended update for emacs-apel
Type:        recommended
Severity:    important
References:  1197714
This update for emacs-apel fixes the following issues:

- Fix build issue on SUSE Linux Enterprise 15 Service Pack 4 (bsc#1197714)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2896-1
Released:    Thu Aug 25 11:09:47 2022
Summary:     Security update for raptor
Type:        security
Severity:    moderate
References:  1178903,CVE-2020-25713
This update for raptor fixes the following issues:

- CVE-2020-25713: Fixed an out of bounds access triggered via a
  malformed input file (bsc#1178903).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2901-1
Released:    Fri Aug 26 03:34:23 2022
Summary:     Recommended update for elfutils
Type:        recommended
Severity:    moderate
References:  
This update for elfutils fixes the following issues:

- Fix runtime dependency for devel package

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2903-1
Released:    Fri Aug 26 05:25:50 2022
Summary:     Recommended update for Mesa
Type:        recommended
Severity:    moderate
References:  1197045,1197046,1200965
This update for Mesa fixes the following issues:

- Change default driver from 'iris' back to 'i965' for Intel Gen8-11 hardware; that way we also use the same driver
  used by X and Mesa (bsc#1200965, bsc#1197045, bsc#1197046)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2904-1
Released:    Fri Aug 26 05:28:34 2022
Summary:     Recommended update for openldap2
Type:        recommended
Severity:    moderate
References:  1198341
This update for openldap2 fixes the following issues:

- Prevent memory reuse which may lead to instability (bsc#1198341)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2916-1
Released:    Fri Aug 26 12:51:21 2022
Summary:     Recommended update for aws-efs-utils
Type:        recommended
Severity:    critical
References:  
This update for aws-efs-utils fixes the following issues:

- Fix missing binaries from the previous update

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2919-1
Released:    Fri Aug 26 15:04:20 2022
Summary:     Security update for gnutls
Type:        security
Severity:    important
References:  1190698,1198979,1202020,CVE-2022-2509
This update for gnutls fixes the following issues:

- CVE-2022-2509: Fixed a double free issue during PKCS7 verification (bsc#1202020).

Non-security fixes:

- FIPS: Check minimum keylength for symmetric key generation [bsc#1190698]
- FIPS: Only allows ECDSA signature with valid set of hashes (SHA2 and SHA3) [bsc#1190698]
- FIPS: Provides interface for running library self tests on-demand [bsc#1198979]

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2920-1
Released:    Fri Aug 26 15:17:02 2022
Summary:     Recommended update for systemd
Type:        recommended
Severity:    important
References:  1195059,1201795
This update for systemd fixes the following issues:

- Don't replace /etc/systemd/system/tmp.mount symlink with a dangling one pointing to /usr/lib/systemd/ (bsc#1201795)
- Drop or soften some of the deprecation warnings (jsc#PED-944)
- Ensure root user can login even if systemd-user-sessions.service is not activated yet (bsc#1195059)
- Avoid applying presets to any services shipped by the experimental sub-package, as they aren't enabled by default
- analyze: Fix offline check for syscal filter
- calendarspec: Fix timer skipping the next elapse
- core: Allow command argument to be longer
- hwdb: Add AV production controllers to hwdb and add uaccess
- hwdb: Allow console users access to rfkill
- hwdb: Allow end-users root-less access to TL866 EPROM readers
- hwdb: Permit unsetting power/persist for USB devices
- hwdb: Tag IR cameras as such
- hwdb: Fix parsing issue
- hwdb: Make usb match patterns uppercase
- hwdb: Update the hardware database
- journal-file: Stop using the event loop if it's already shutting down
- journal-remote: Disable `--trust` option when gnutls is disabled and check_permission() should not be called
- journald: Ensure resources are properly allocated for SIGTERM handling
- kernel-install: Ensure modules.builtin.alias.bin is removed when no longer needed
- macro: Account for negative values in DECIMAL_STR_WIDTH()
- manager: Disallow clone3() function call in seccomp filters 
- missing-syscall: Define MOVE_MOUNT_T_EMPTY_PATH if missing
- pid1,cgroup-show: Prevent failure if cgroup.procs in some subcgroups is not readable
- resolve: Fix typo in dns_class_is_pseudo()
- sd-event: Improve handling of process events and termination of processes
- sd-ipv4acd: Fix ARP packet conflicts occurring when sender hardware is one of the host's interfaces
- stdio-bridge: Improve the meaning of the error message  
- tmpfiles: Check for the correct directory

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2925-1
Released:    Mon Aug 29 03:16:48 2022
Summary:     Recommended update for audit-secondary
Type:        recommended
Severity:    important
References:  1201519
This update for audit-secondary fixes the following issues:

- Create symbolic link from /sbin/audisp-syslog to /usr/sbin/audisp-syslog (bsc#1201519)

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2022:2926-1
Released:    Mon Aug 29 10:38:54 2022
Summary:     Feature update for LibreOffice
Type:        feature
Severity:    moderate
References:  1041090,1183308,1192616,1195881,1196017,1196212,1196499,1197017
This feature update for LibreOffice provides the following fixes:

abseil-cpp:

- Provide abseil-cpp version 20211102.0 as LibreOffice 7.3 dependency. (jsc#SLE-23447)
- Mention already fixed issues. (fate#326485, bsc#1041090)

libcuckoo:

- Provide libcuckoo version 0.3 as LibreOffice dependency. (jsc#SLE-23447)

libixion:

- Update libixion from version 0.16.1 to version 0.17.0. (jsc#SLE-23447)
- Build with mdds-2_0 instead of mdds-1.5. (jsc#SLE-23447)
- Build with gcc11 and gcc11-c++. (jsc#SLE-23447)
- Remove unneeded vulkan dependency
- Provide binaries for non x86_64 architectures directly to SUSE Package Hub. (ijsc#MSC-303)
 
libreoffice:

- Update LibreOffice from version 7.2.5.1 to version 7.3.3.1. (jsc#SLE-23447, jsc#SLE-24021)
  * Update bundled dependencies:
    * gpgme from version 1.13.1 to version 1.16.0
    * libgpg-error from version 1.37 to version 1.43
    * libassuan from version 2.5.3 to version 2.5.5
    * pdfium from version 4500 to version 4699
    * skia from version m90-45c57e116ee0ce214bdf78405a4762722e4507d9 to version m97-a7230803d64ae9d44f4e1282444801119a3ae967
    * boost from version 1_75 to version 1_77
    * icu4c from version 69_1 to version 70_1
    * On SUSE Linux Enterprise 15 SP3 and newer require curl-devel 7.68.0 or newer
  * New build dependencies:
    * abseil-cpp-devel
    * libassuan0
    * libcuckoo-devel
    * libopenjp2
    * requrire liborcus-0.17 instead of liborcus-0.16
    * requrire mdds-2.0 instead of mdds-1.5
  * Do not use serf-1 anymore but use curl instead.
  * Other fixes:
    * Extraneous/missing lines in table in Impress versus PowerPoint (bsc#1192616)
    * Text with tabs appears quite different in Impress than in PowerPoint (bsc#1196212)
    * Bullets appear larger and green instead of black. (bsc#1195881)
    * Enable gtk3_kde5 and make it possible to use gtk3 in kde with the kde filepicker (bsc#1197017)
    * Mention already fixed issues. (bsc#1183308, bsc#1196017, bsc#1196499)

liborcus:

- Update liborcus from version 0.16.1 to version 0.17.2. (jsc#SLE-23447)
- Require mdds-2_0 instead of mdds-1.5. (jsc#SLE-23447)
- Require libixion-0.17 instead of libixion-0.16. (jsc#SLE-23447)
- Build with libtool and use autotools. (jsc#SLE-23447)
- Provide binaries for non x86_64 architectures directly to SUSE Package Hub. (ijsc#MSC-303)

mdds-2_0:

- Provide mdds-2_0 version 2.0.2 as LibreOffice dependency. (jsc#SLE-23447)

myspell-dictionaries:

- Provide binaries for non x86_64 architectures directly to SUSE Package Hub. (ijsc#MSC-303)
- There are no visible changes for the final user.

ucpp:

- Provide binaries for non x86_64 architectures directly to SUSE Package Hub. (ijsc#MSC-303)
- There are no visible changes for the final user.

xmlsec1:

- Provide binaries for non x86_64 architectures directly to SUSE Package Hub. (ijsc#MSC-303)
- There are no visible changes for the final user.
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2929-1
Released:    Mon Aug 29 11:21:47 2022
Summary:     Recommended update for timezone
Type:        recommended
Severity:    important
References:  1202310
This update for timezone fixes the following issue:

- Reflect new Chile DST change (bsc#1202310)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2932-1
Released:    Mon Aug 29 12:18:14 2022
Summary:     Recommended update for kernel-livepatch-tools
Type:        recommended
Severity:    moderate
References:  1200407
This update for kernel-livepatch-tools fixes the following issues:

- Add patch expiration info to klp -vv patches output (jsc#SLE-23644)
- Avoid error messages in the absence of the sysconfig file (bsc#1200407)
- Add 'downgrade' command (jsc#SLE-23644)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2936-1
Released:    Mon Aug 29 14:34:13 2022
Summary:     Security update for open-vm-tools
Type:        security
Severity:    important
References:  1202657,1202733,CVE-2022-31676
This update for open-vm-tools fixes the following issues:

- Updated to version 12.1.0 (build 20219665) (bsc#1202733):
  - CVE-2022-31676: Fixed an issue that could allow unprivileged users
    inside a virtual machine to escalate privileges (bsc#1202657).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2939-1
Released:    Mon Aug 29 14:49:17 2022
Summary:     Recommended update for mozilla-nss
Type:        recommended
Severity:    moderate
References:  1201298,1202645
This update for mozilla-nss fixes the following issues:

Update to NSS 3.79.1 (bsc#1202645)

* compare signature and signatureAlgorithm fields in legacy certificate verifier.
* Uninitialized value in cert_ComputeCertType.
* protect SFTKSlot needLogin with slotLock.
* avoid data race on primary password change.
* check for null template in sec_asn1{d,e}_push_state.

- FIPS: unapprove the rest of the DSA ciphers, keeping signature verification only (bsc#1201298).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2943-1
Released:    Tue Aug 30 15:42:16 2022
Summary:     Recommended update for python-iniconfig
Type:        recommended
Severity:    low
References:  1202498
This update for python-iniconfig provides the following fix:

- Ship missing python2-iniconfig to openSUSE 15.3 (bsc#1202498)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2944-1
Released:    Wed Aug 31 05:39:14 2022
Summary:     Recommended update for procps
Type:        recommended
Severity:    important
References:  1181475
This update for procps fixes the following issues:

- Fix 'free' command reporting misleading 'used' value (bsc#1181475)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2949-1
Released:    Wed Aug 31 09:20:16 2022
Summary:     Security update for java-1_8_0-ibm
Type:        security
Severity:    important
References:  1201684,1201685,1201692,1201694,1202427,CVE-2022-21540,CVE-2022-21541,CVE-2022-21549,CVE-2022-34169
This update for java-1_8_0-ibm fixes the following issues:

- Updated to Java 8.0 Service Refresh 7 Fix Pack 11 (bsc#1202427):
  - CVE-2022-34169: Fixed an integer truncation issue in the Xalan
    Java XSLT library that occurred when processing malicious
    stylesheets (bsc#1201684).
  - CVE-2022-21549: Fixed an issue that could lead to computing
    negative random exponentials (bsc#1201685).
  - CVE-2022-21541: Fixed a potential bypass of sandbox restrictions
    in the Hotspot component (bsc#1201692).
  - CVE-2022-21540: Fixed a potential bypass of sandbox restrictions
    in the Hotspot component (bsc#1201694).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2953-1
Released:    Wed Aug 31 10:36:20 2022
Summary:     Recommended update for cloud-regionsrv-client
Type:        recommended
Severity:    moderate
References:  1201612,1202706
This update for cloud-regionsrv-client fixes the following issues:

- While the source code was updated to support SLE Micro the spec file
  was not updated for the new locations of the cache and the certs.
  Update the spec file to be consistent with the code implementation. (bsc#1202706)

- Handle exception when trying to deregister a system form the server. (bsc#1201612)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2960-1
Released:    Wed Aug 31 13:11:50 2022
Summary:     Security update for ucode-intel
Type:        security
Severity:    moderate
References:  1201727,CVE-2022-21233
This update for ucode-intel fixes the following issues:

Updated to Intel CPU Microcode 20220809 release (bsc#1201727):

- CVE-2022-21233: Fixed an issue where stale data may have been leaked from the legacy xAPIC MMIO region, which could be used to compromise an SGX enclave (INTEL-SA-00657).
    See also: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00657.html

Other fixes:

- Update for functional issues.
    See also: https://www.intel.com/content/www/us/en/processors/xeon/scalable/xeon-scalable-spec-update.html?wapkw=processor+specification+update

- Updated Platforms:

  | Processor      | Stepping | F-M-S/PI    | Old Ver  | New Ver  | Products
  |:---------------|:---------|:------------|:---------|:---------|:---------
  | SKX-SP         | B1       | 06-55-03/97 | 0100015d | 0100015e | Xeon Scalable
  | SKX-SP         | H0/M0/U0 | 06-55-04/b7 | 02006d05 | 02006e05 | Xeon Scalable
  | SKX-D          | M1       | 06-55-04/b7 | 02006d05 | 02006e05 | Xeon D-21xx
  | ICX-SP         | D0       | 06-6a-06/87 | 0d000363 | 0d000375 | Xeon Scalable Gen3
  | GLK            | B0       | 06-7a-01/01 | 0000003a | 0000003c | Pentium Silver N/J5xxx, Celeron N/J4xxx
  | GLK-R          | R0       | 06-7a-08/01 | 0000001e | 00000020 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120
  | ICL-U/Y        | D1       | 06-7e-05/80 | 000000b0 | 000000b2 | Core Gen10 Mobile
  | TGL-R          | C0       | 06-8c-02/c2 | 00000026 | 00000028 | Core Gen11 Mobile
  | TGL-H          | R0       | 06-8d-01/c2 | 0000003e | 00000040 | Core Gen11 Mobile
  | RKL-S          | B0       | 06-a7-01/02 | 00000053 | 00000054 | Core Gen11
  | ADL            | C0       | 06-97-02/03 | 0000001f | 00000022 | Core Gen12
  | ADL            | C0       | 06-97-05/03 | 0000001f | 00000022 | Core Gen12
  | ADL            | L0       | 06-9a-03/80 | 0000041c | 00000421 | Core Gen12
  | ADL            | L0       | 06-9a-04/80 | 0000041c | 00000421 | Core Gen12
  | ADL            | C0       | 06-bf-02/03 | 0000001f | 00000022 | Core Gen12
  | ADL            | C0       | 06-bf-05/03 | 0000001f | 00000022 | Core Gen12
  ------------------------------------------------------------------

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2967-1
Released:    Thu Sep  1 10:45:01 2022
Summary:     Recommended update for Mesa
Type:        recommended
Severity:    critical
References:  1202850
This update for Mesa fixes the following issues:

- Revert bsc#1200965 and make Xorg and Mesa able to load 'i965' driver again. (bsc#1202850)
 
-----------------------------------------------------------------
Advisory ID: SUSE-OU-2022:2969-1
Released:    Thu Sep  1 10:56:05 2022
Summary:     Optional update for SUSE Package Hub
Type:        optional
Severity:    moderate
References:  1201055
This optional update provides the following changes:

- Fix KDE Plasma 5 missing binaries in SUSE Linux Enterprise Desktop 15 Service Pack 4 via PackageHub (bsc#1201055)
- Affected source packages: AppStream attica-qt5 ffmpeg-4 gucharmap karchive kauth kbookmarks kcodecs kcompletion 
kconfig kconfigwidgets kcoreaddons kcrash kdbusaddons kded kdoctools kglobalaccel kguiaddons ki18n kiconthemes 
kitemviews kjobwidgets knotifications kservice ktextwidgets kwallet kwidgetsaddons kwindowsystem kxmlgui 
libqt5-qtvirtualkeyboard polkit-qt5-1 solid sonnet xcb-util-cursor

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2022:2972-1
Released:    Thu Sep  1 11:08:29 2022
Summary:     Feature update for python-kubernetes
Type:        feature
Severity:    moderate
References:  
This feature update for python-kubernetes provides:

- Deliver python3-kubernetes to the Containers Module 15 SP4. (jsc#SLE-17904, MSC-443)
  * Deliver python3-google-auth to Basesystem Module 15 SP4 as dependency of python3-kubernetes.
  * Deliver python3-cachetools to Basesystem Module 15 SP4 as dependency of python3-google-auth.
- There are no visible changes for the final user.
  
-----------------------------------------------------------------
Advisory ID: SUSE-feature-2022:2980-1
Released:    Thu Sep  1 12:32:23 2022
Summary:     Feature update for clamsap
Type:        feature
Severity:    moderate
References:  
This update for clamsap provides:

Update clamsap to version 0.104.3 (jsc#PED-805)
- Fix XML MIME type detection using libmagic

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2989-1
Released:    Thu Sep  1 14:24:28 2022
Summary:     Security update for postgresql14
Type:        security
Severity:    important
References:  1198166,1200437,1202368,CVE-2022-2625
This update for postgresql14 fixes the following issues:

- Upgrade to version 14.5:
- CVE-2022-2625: Fixed an issue where extension scripts would replace objects not belonging to that extension (bsc#1202368).

- Upgrade to version 14.4 (bsc#1200437)
- Release notes: https://www.postgresql.org/docs/release/14.4/
- Release announcement: https://www.postgresql.org/about/news/p-2470/
- Prevent possible corruption of indexes created or rebuilt with the CONCURRENTLY option (bsc#1200437)
- Pin to llvm13 until the next patchlevel update (bsc#1198166)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2993-1
Released:    Fri Sep  2 09:49:10 2022
Summary:     Security update for freerdp
Type:        security
Severity:    important
References:  1191895,CVE-2021-41159,CVE-2021-41160
This update for freerdp fixes the following issues:

- Fixed two input validation issues (bsc#1191895):
  - CVE-2021-41159: Fixed an improper validation of client input for gateway connections.
  - CVE-2021-41160: Fixed improper region checks that could lead to memory corruption.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2994-1
Released:    Fri Sep  2 10:44:54 2022
Summary:     Recommended update for lame, libass, libcdio-paranoia, libdc1394, libgsm, libva, libvdpau, libvorbis, libvpx, libwebp, openjpeg, opus, speex, twolame
Type:        recommended
Severity:    moderate
References:  1198925

This update for lame, libass, libcdio-paranoia, libdc1394, libgsm, libva, libvdpau, libvorbis, libvpx, libwebp, openjpeg, opus, speex, twolame adds some missing 32bit libraries to some products. (bsc#1198925)

No codechanges were done in this update.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2995-1
Released:    Fri Sep  2 12:12:22 2022
Summary:     Security update for gdk-pixbuf
Type:        security
Severity:    moderate
References:  1201826,CVE-2021-46829
This update for gdk-pixbuf fixes the following issues:

Update to version 2.42.8, including the following:

- CVE-2021-46829: Fixed a heap-based buffer overflow when compositing or clearing frames in GIF files (bsc#1201826).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2998-1
Released:    Fri Sep  2 12:14:03 2022
Summary:     Security update for ImageMagick
Type:        security
Severity:    moderate
References:  1199350,1202250,CVE-2022-2719,CVE-2022-28463
This update for ImageMagick fixes the following issues:

- CVE-2022-2719: Fixed a reachable assertion that could lead to denial
  of service via a crafted file (bsc#1202250).
- CVE-2022-28463: Fixed a buffer overflow that could be triggered by
  a crafted input file (bsc#1199350).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3003-1
Released:    Fri Sep  2 15:01:44 2022
Summary:     Security update for curl
Type:        security
Severity:    low
References:  1202593,CVE-2022-35252
This update for curl fixes the following issues:

- CVE-2022-35252: Fixed a potential injection of control characters
  into cookies, which could be exploited by sister sites to cause a
  denial of service (bsc#1202593).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3009-1
Released:    Mon Sep  5 04:49:43 2022
Summary:     Recommended update for rsyslog
Type:        recommended
Severity:    moderate
References:  1199283
This update for rsyslog fixes the following issues:

-Fix memory access violation issue in qDeqLinkedList during shutdown (bsc#1199283)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3019-1
Released:    Mon Sep  5 11:00:23 2022
Summary:     Recommended update for lshw
Type:        recommended
Severity:    moderate
References:  
This update for lshw fixes the following issues:

- Update to version B.02.19.2+git.20220628
  * make version check optional
- Update to version B.02.19.2+git.20220310:
  * Set product name for all netdevs sharing the same PCI number
- Update to version B.02.19.2+git.20211222:
  * Add Spanish translation
  * Fix mistakes in Catalan translation
- Update to version B.02.19.2+git.20211102:
  * Read and parse network transceiver module eeprom
  * use max (9) Gzip compression
  * Add Catalan translation
  * Update POT file
  * Add more network speeds
- Update to version B.02.19.2+git.20211013:
  * support for new ethtool capabilities
  * code clean-up
  * allow pkg-config override
  * Translate all words of a phrase together

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3020-1
Released:    Mon Sep  5 11:23:15 2022
Summary:     Security update for php-composer2
Type:        security
Severity:    important
References:  1198494,CVE-2022-24828
This update for php-composer2 fixes the following issues:

- CVE-2022-24828: Fixed a code injection issue that affected
  integrators using specific APIs to read untrusted input files (bsc#1198494).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3021-1
Released:    Mon Sep  5 11:57:55 2022
Summary:     Recommended update for python-dmidecode
Type:        recommended
Severity:    moderate
References:  1194351
This update for python-dmidecode fixes the following issues:

- Fixed memory map size for 'Type Detail' (bsc#1194351)
- Use update-alternatives mechanism instead of shared subpackage.
- Realign the spec file for python singlespec

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3022-1
Released:    Mon Sep  5 15:16:02 2022
Summary:     Recommended update for python-pyOpenSSL
Type:        recommended
Severity:    moderate
References:  1200771
This update for python-pyOpenSSL fixes the following issues:

- Fixed checks for invalid ALPN lists before calling OpenSSL (gh#pyca/pyopenssl#1056).

python-pyOpenSSL was updated to 21.0.0 (bsc#1200771, jsc#SLE-24519):

- The minimum ``cryptography`` version is now 3.3.
- Raise an error when an invalid ALPN value is set.
- Added ``OpenSSL.SSL.Context.set_min_proto_version`` and ``OpenSSL.SSL.Context.set_max_proto_version``
- Updated ``to_cryptography`` and ``from_cryptography`` methods to support an upcoming release of ``cryptography`` without raising deprecation warnings.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3025-1
Released:    Mon Sep  5 16:12:53 2022
Summary:     Recommended update for plymouth
Type:        recommended
Severity:    moderate
References:  1183425,1184309
This update for plymouth fixes the following issues:

- Avoid aborting on multiple font path match, pick the first one. (bsc#1183425)
- When screen DPI greater then 160, display will scale output twice. (bsc#1183425, bsc#1184309)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3026-1
Released:    Mon Sep  5 16:13:10 2022
Summary:     Recommended update for setools
Type:        recommended
Severity:    moderate
References:  1200649
This update for setools fixes the following issues:

- require python3 in python3-setools, not python (bsc#1200649)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3028-1
Released:    Mon Sep  5 16:31:24 2022
Summary:     Recommended update for python-pytz
Type:        recommended
Severity:    low
References:  
This update for python-pytz fixes the following issues:

- update to 2022.1:
  matches tzdata 2022a

- declare python 3.10 compatibility

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3030-1
Released:    Mon Sep  5 16:43:37 2022
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    important
References:  1202645,CVE-2022-38472,CVE-2022-38473,CVE-2022-38478
This update for MozillaFirefox fixes the following issues:

Firefox Extended Support Release 91.13.0 ESR (bsc#1202645):

- CVE-2022-38472: Fixed a potential address bar spoofing via XSLT error handling.
- CVE-2022-38473: Fixed an issue where cross-origin XSLT documents could inherit the parent's permissions.
- CVE-2022-38478: Fixed various memory safety issues.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3032-1
Released:    Mon Sep  5 17:11:05 2022
Summary:     Recommended update for libtcnative-1-0
Type:        recommended
Severity:    moderate
References:  1199170
This update for libtcnative-1-0 fixes the following issues:

- Avoid crash reading session ID after handshake failure. (bsc#1199170)

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2022:3086-1
Released:    Tue Sep  6 06:01:19 2022
Summary:     Feature update for iio-sensor-proxy
Type:        feature
Severity:    moderate
References:  1199308
This update for iio-sensor-proxy fixes the following issues:

- New package iio-sensor-proxy required because otherwise libQt5Sensors5 can't be installed (bsc#1199308, jsc#SLE-24553)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3089-1
Released:    Tue Sep  6 06:08:12 2022
Summary:     Recommended update for gnome-packagekit
Type:        recommended
Severity:    moderate
References:  1198801
This update for gnome-packagekit fixes the following issues:

- Fix runtime error to make it work as before. (bsc#1198801)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3093-1
Released:    Tue Sep  6 07:52:06 2022
Summary:     Security update for python-Flask-Security-Too
Type:        security
Severity:    important
References:  1181058,CVE-2021-21241
This update for python-Flask-Security-Too fixes the following issues:

- CVE-2021-21241: Fixed an issue where GET requests lacking CSRF
  protection to certain endpoints could return the user's
  authentication token (bsc#1181058).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3095-1
Released:    Tue Sep  6 07:53:26 2022
Summary:     Recommended update for lifecycle-data-sle-module-live-patching
Type:        recommended
Severity:    moderate
References:  1020320
This update for lifecycle-data-sle-module-live-patching fixes the following issues:

- Added data for 4_12_14-150000_150_92, 4_12_14-150100_197_114,
  5_14_21-150400_22, 5_3_18-150200_24_115,
  5_3_18-150300_59_68, 5_3_18-150300_59_71,
  5_3_18-150300_59_76. (bsc#1020320)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3099-1
Released:    Tue Sep  6 09:34:34 2022
Summary:     Security update for openvswitch
Type:        security
Severity:    moderate
References:  1188524,CVE-2021-36980
This update for openvswitch fixes the following issues:

- CVE-2021-36980: Fixed a use-after-free issue during the decoding of
  a RAW_ENCAP action (bsc#1188524).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3102-1
Released:    Tue Sep  6 09:48:57 2022
Summary:     Recommended update for gtk4
Type:        recommended
Severity:    moderate
References:  1200614
This update for gtk4 fixes the following issues:

- Ensure python3-gobject-Gdk is isntalled as dependency (bsc#1200614)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3103-1
Released:    Tue Sep  6 10:30:59 2022
Summary:     Security update for python-bottle
Type:        security
Severity:    important
References:  1200286,CVE-2022-31799
This update for python-bottle fixes the following issues:

- CVE-2022-31799: Fixed an error mishandling issue that could lead to
  remote denial of service (bsc#1200286).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3106-1
Released:    Tue Sep  6 10:58:09 2022
Summary:     Security update for gimp
Type:        security
Severity:    moderate
References:  1201192,CVE-2022-32990
This update for gimp fixes the following issues:

- CVE-2022-32990: Fixed an unhandled exception which may lead to denial
  of service (bsc#1201192).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3113-1
Released:    Tue Sep  6 13:23:02 2022
Summary:     Recommended update for PackageKit
Type:        recommended
Severity:    moderate
References:  1199895
This update for PackageKit fixes the following issues:

- Ensure locked packages are not listed as being able to be updated (bsc#1199895)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3122-1
Released:    Tue Sep  6 18:07:40 2022
Summary:     Recommended update for amavisd-milter
Type:        recommended
Severity:    important
References:  1202232
This update for amavisd-milter fixes the following issues:

- Provide the missing amavisd-milter in version 1.7.2. (bsc#1202232)
  * amavisd-milter was initially part of amavisd-new but it is now an independent source package.
  * The SMTP_AUTH* attributes are missing in policy_bank.
  * Added hardening to systemd service(s) with a modified amavisd-milter.service
  * An empty sender must always be enclosed in angle brackets.
  * Fork after initializing milter socket.
  * Use client_name if available instead of hostname passed to xxfi_connect.
  * Generate amamvisd-milter.8 from AMAVISD-MILTER.md.
  * Removed obsoleted file amavisd-milter.spec.
  
-----------------------------------------------------------------
Advisory ID: SUSE-feature-2022:3126-1
Released:    Wed Sep  7 04:34:30 2022
Summary:     Feature update for gdb
Type:        feature
Severity:    important
References:  1185605
This feature update for gdb fixes the following issues:

- Enable build option `--with-debuginfod` (bsc#1185605, jsc#PED-1246, jsc#PED-1149, jsc#PED-1138)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3127-1
Released:    Wed Sep  7 04:36:10 2022
Summary:     Recommended update for libtirpc
Type:        recommended
Severity:    moderate
References:  1198752,1200800
This update for libtirpc fixes the following issues:

- Exclude ipv6 addresses in client protocol version 2 code (bsc#1200800)
- Fix memory leak in params.r_addr assignement (bsc#1198752)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3128-1
Released:    Wed Sep  7 04:39:27 2022
Summary:     Recommended update for gtk3 and gtk3-branding
Type:        recommended
Severity:    moderate
References:  1197480,1200614
This update for gtk3 and gtk3-branding fixes the following issues:

gtk3:

- Ensure python3-gobject-Gdk is isntalled as dependency (bsc#1200614)
- Include legacy hicolor icons (bsc#1197480)
- Fix axis name handling in GtkFontChooser
- Fix border color for tiled windows.
- Fix cell accessible leak in Accessibility
- Fix the build with gcc 12
- Wayland: Fix problem with textview scrolling
- Wayland: Support new high-contrast setting
- Wayland: Avoid unnecessary display scale changes

gtk3-branding:

- Resolve installation issues

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3133-1
Released:    Wed Sep  7 05:55:52 2022
Summary:     Recommended update for sg3_utils
Type:        recommended
Severity:    moderate
References:  1199248
This update for sg3_utils fixes the following issues:

- Add timeout parameter to rescan-scsi-bus.sh (bsc#1199248)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3134-1
Released:    Wed Sep  7 08:17:38 2022
Summary:     Recommended update for distribution
Type:        recommended
Severity:    moderate
References:  
This update for distribution fixes the following issues:

This update provides Distribution 2.8.1. (jsc#SLE-24963)


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3135-1
Released:    Wed Sep  7 08:39:31 2022
Summary:     Recommended update for hwdata
Type:        recommended
Severity:    low
References:  1200110
This update for hwdata fixes the following issue:

- Update pci, usb and vendor ids to version 0.360 (bsc#1200110)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3137-1
Released:    Wed Sep  7 09:27:12 2022
Summary:     Security update for webkit2gtk3
Type:        security
Severity:    important
References:  1202169,1202807,CVE-2022-32893
This update for webkit2gtk3 fixes the following issues:

- Updated to version 2.36.7 (bsc#1202807):
  - CVE-2022-32893: Fixed an issue that would be triggered when
    processing malicious web content and that could lead to arbitrary
    code execution.
  - Fixed several crashes and rendering issues.

- Updated to version 2.36.6:
  - Fixed handling of touchpad scrolling on GTK4 builds
  - Fixed WebKitGTK not allowing to be used from non-main threads
    (bsc#1202169).
  - Fixed several crashes and rendering issues

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3141-1
Released:    Wed Sep  7 09:53:09 2022
Summary:     Security update for icu
Type:        security
Severity:    moderate
References:  1193951,CVE-2020-21913
This update for icu fixes the following issues:

- CVE-2020-21913: Fixed a memory safetey issue that could lead to use
  after free (bsc#1193951).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3142-1
Released:    Wed Sep  7 09:54:18 2022
Summary:     Security update for icu
Type:        security
Severity:    moderate
References:  1193951,CVE-2020-21913
This update for icu fixes the following issues:

- CVE-2020-21913: Fixed a memory safetey issue that could lead to use
  after free (bsc#1193951).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3145-1
Released:    Wed Sep  7 11:07:52 2022
Summary:     Recommended update for perl-LWP-Protocol-https
Type:        recommended
Severity:    moderate
References:  1199718
This update for perl-LWP-Protocol-https fixes the following issues:

- Explicitly add hostname for SNI to start_SSL (bsc#1199718)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3148-1
Released:    Wed Sep  7 11:44:02 2022
Summary:     Recommended update for branding-SLE
Type:        recommended
Severity:    moderate
References:  1199818,997317
This update for branding-SLE fixes the following issues:

- Fix bootloader menu to display correct operating system information (bsc#997317, bsc#1199818)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3149-1
Released:    Wed Sep  7 12:11:48 2022
Summary:     Recommended update for hplip
Type:        recommended
Severity:    low
References:  1198794
This update for hplip fixes the following issues:

- Fix C compiler flags which results in better device detection. (bsc#1198794)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3153-1
Released:    Wed Sep  7 14:31:15 2022
Summary:     Security update for gdk-pixbuf
Type:        security
Severity:    important
References:  1194633,1195391,CVE-2021-44648
This update for gdk-pixbuf fixes the following issues:

Update to version 2.42.9:
- CVE-2021-44648: Fixed overflow vulnerability in lzw code size (bsc#1194633).

Bugfixes:
- Fixed loading of larger images (glgo#GNOME/gdk-pixbuf#216).
- Avoided bashism in baselibs postscript (bsc#1195391).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3158-1
Released:    Wed Sep  7 14:33:16 2022
Summary:     Recommended update for go1.19
Type:        recommended
Severity:    moderate
References:  1200441
This update for go1.19 fixes the following issues:

- Bootstrap using go1.16 on SUSE Linux Enterprise 15 and newer (bsc#1200441)
- Simplify conditional gcc_go_version 12 on Tumbleweed, 11 elsewhere
- Add _constraints for worker disk space 5G needed by SUSE Linux Enterprise 15 x86_64
- SUSE Linux Enterprise 12 s390x use bcond_without gccgo to bootstrap using gcc11go
- Refresh Go bootstrap builds with gcc8 for SUSE Linux Enterprise 12.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3159-1
Released:    Wed Sep  7 14:33:42 2022
Summary:     Security update for mariadb
Type:        security
Severity:    important
References:  1200105,1201161,1201162,1201163,1201164,1201165,1201166,1201167,1201168,1201169,1201170,CVE-2022-32081,CVE-2022-32082,CVE-2022-32083,CVE-2022-32084,CVE-2022-32085,CVE-2022-32086,CVE-2022-32087,CVE-2022-32088,CVE-2022-32089,CVE-2022-32091
This update for mariadb fixes the following issues:

- Updated to 10.6.9:
  - CVE-2022-32082: Fixed a reachable assertion that would crash the server (bsc#1201162).
  - CVE-2022-32089: Fixed a segmentation fault that coudl be triggered via a crafted query (bsc#1201169).
  - CVE-2022-32081: Fixed a buffer overflow on instant ADD/DROP of generated column (bsc#1201161).
  - CVE-2022-32091: Fixed a memory corruption issue that could be triggered via a crafted query (bsc#1201170).
  - CVE-2022-32084: Fixed a segmentation fault on INSERT SELECT queries (bsc#1201164).

- Additionaly, the following issues were previously fixed:
  - CVE-2022-32088: Fixed a server crash when using ORDER BY with window function and UNION(bsc#1201168).
  - CVE-2022-32087: Fixed a segmentation fault that could be triggered via a crafted query (bsc#1201167).
  - CVE-2022-32086: Fixed a server crash on INSERT SELECT queries (bsc#1201166).
  - CVE-2022-32085: Fixed a segmentation fault that could be triggered via a crafted query (bsc#1201165).
  - CVE-2022-32083: Fixed a segmentation fault that could be triggered via a crafted query (bsc#1201163).

Bugfixes:

- Update mysql-systemd-helper to be aware of custom group (bsc#1200105).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3162-1
Released:    Wed Sep  7 15:07:31 2022
Summary:     Security update for libyajl
Type:        security
Severity:    moderate
References:  1198405,CVE-2022-24795
This update for libyajl fixes the following issues:

- CVE-2022-24795: Fixed heap-based buffer overflow when handling large inputs (bsc#1198405).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3166-1
Released:    Thu Sep  8 09:25:24 2022
Summary:     Recommended update for Salt
Type:        recommended
Severity:    moderate
References:  1195895,1197288,1198489,1198744,1199372,1201082

This update fixes the following issues:

salt:

- Add support for gpgautoimport in zypperpkg module
- Update Salt to work with Jinja >= and <= 3.1.0 (bsc#1198744)
- Fix salt.states.file.managed() for follow_symlinks=True and test=True (bsc#1199372)
- Make Salt 3004 compatible with pyzmq >= 23.0.0 (bsc#1201082)
- Add support for name, pkgs and diff_attr parameters to upgrade function for zypper and yum (bsc#1198489)
- Fix ownership of salt thin directory when using the Salt Bundle
- Set default target for pip from VENV_PIP_TARGET environment variable
- Normalize package names once with pkg.installed/removed using yum (bsc#1195895)
- Save log to logfile with docker.build
- Use Salt Bundle in dockermod
- Ignore errors on reading license files with dpkg_lowpkg (bsc#1197288)

supportutils-plugin-salt:

- Update to version 1.2.1
  * Remove ERROR messages on Salt client systems
- Declare the LICENSE file as license and not doc


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3179-1
Released:    Thu Sep  8 09:37:41 2022
Summary:     Recommended update for golang-github-prometheus-node_exporter
Type:        recommended
Severity:    moderate
References:  1196652
This update for golang-github-prometheus-node_exporter fixes the following issues:

- Exclude s390 arch.
- Update spec file in order to make --version work (bsc#1196652)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3185-1
Released:    Thu Sep  8 09:42:29 2022
Summary:     Recommended update for apache-commons-compress
Type:        recommended
Severity:    moderate
References:  
This optional update for apache-commons-compress provides:

- There are no code changes in this update. 
- The update delivers apache-commons-compress 1.21 to SUSE Manager as new dependency for spacewalk-java.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3195-1
Released:    Thu Sep  8 10:15:43 2022
Summary:     Recommended update for yast2 packages
Type:        recommended
Severity:    moderate
References:  1179893,1201129
This updates for yast2: rmt, network and schema fixes the following issues:

yast2-rmt:
- Adapted unit test to recent changes (bsc#1179893).

- Sync ExcludeArch with rmt-server: whenever rmt-server is not
  available, the yast2-rmt module can't be usable neither.
    
- No longer build as noarch: as the package is not installable on
  all architectures, it is by definition not 'architecture
  independent'.
    
- Add rpmlintrc, filtering out 'E: no-binary': the package is
  intentionally not marked noarch.

yast2-network and yast2-schema:
- Added missing route extrapara element to the networking section (bsc#1201129)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3198-1
Released:    Thu Sep  8 10:36:02 2022
Summary:     Security update for php8-pear
Type:        security
Severity:    moderate
References:  CVE-2021-32610
This update for php8-pear fixes the following issues:

- Add php8-pear to SLE15-SP4 (jsc#SLE-24728)
- Update to 1.10.21
  - PEAR 1.10.13
    * unsupported protocol - use --force to continue
    * Add $this operator to _determineIfPowerpc calls
- Update to 1.10.20
  - Archive_Tar 1.4.14
    * Properly fix symbolic link path traversal (CVE-2021-32610)
  - Archive_Tar 1.4.13
    * Relative symlinks failing (out-of path file extraction)
  - Archive_Tar 1.4.12
  - Archive_Tar 1.4.11
  - Archive_Tar 1.4.10
    * Fix block padding when the file buffer length is a multiple
      of 512 and smaller than Archive_Tar buffer length
    * Don't try to copy username/groupname in chroot jail

- provides and obsoletes php7-pear-Archive_Tar, former location
  of PEAR/Archive/Tar.php

- Update to version 1.10.19
  - PEAR 1.10.12
    * adjust dependencies based on new releases
  - XML_Util 1.4.5
    * fix Trying to access array offset on value of type int

- Update to version 1.10.18
- Remove pear-cacheid-array-check.patch (upstreamed)
- Contents of .filemap are now sorted internally

- Sort contents of .filemap to make build reproducible

- Recommend php7-openssl to allow https sources to be used
- Modify metadata_dir for system configuration only
- Add /var/lib/pear directory where xml files are stored
- Cleanup %files section

- Only use the GPG keys of Chuck Burgess. Extracted from the 
  Release Manager public keys.
- Add release versions of PEAR modules

- Install metadata files (registry, filemap, channels, ...) in
  /var/lib/pear/ instead of /usr/share/php7/PEAR/

- Update to version 1.10.17

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3199-1
Released:    Thu Sep  8 10:36:17 2022
Summary:     Security update for yast2-samba-provision
Type:        security
Severity:    moderate
References:  1117597,1132676,1140548,1184897,CVE-2018-17956
This update for yast2-samba-provision fixes the following issues:

Security issue fixed:

- CVE-2018-17956: Fixed a credentials leak (bsc#1117597).

Non-Security issues fixed:

- Stop packaging docdir, it only contained the license which is now in licensedir. (bsc#1184897)
- Catch and show internal python exceptions. (bsc#1140548)
- Show a dialog with provision details or errors. (bsc#1132676)
- Add metainfo (fate#319035)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3200-1
Released:    Thu Sep  8 10:41:57 2022
Summary:     Recommended update for rpmlint
Type:        recommended
Severity:    moderate
References:  1188680,1201207
This update for rpmlint fixes the following issues:
    
- Add oddjob-gpupdate whitelisting for D-Bus (bsc#1188680)
- Adjust NetworkManager priv helper spelling in whitelisting (bsc#1201207)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3215-1
Released:    Thu Sep  8 15:58:27 2022
Summary:     Recommended update for rpm
Type:        recommended
Severity:    moderate
References:  
This update for rpm fixes the following issues:

- Support Ed25519 RPM signatures [jsc#SLE-24714]

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3219-1
Released:    Thu Sep  8 21:15:24 2022
Summary:     Recommended update for sysconfig
Type:        recommended
Severity:    moderate
References:  1185882,1194557,1199093
This update for sysconfig fixes the following issues:

- netconfig: remove sed dependency
- netconfig/dns-resolver: remove search limit of 6 domains (bsc#1199093)
- netconfig: cleanup /var/run leftovers (bsc#1194557)
- netconfig: update ntp man page documentation, fix typos
- netconfig: revert NM default policy change change (bsc#1185882)
  With the change to the default policy, netconfig with NetworkManager
  as network.service accepted settings from all services/programs
  directly instead only from NetworkManager, where plugins/services
  have to deliver their settings to apply them.
- Also support service(network) provides
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3220-1
Released:    Fri Sep  9 04:30:52 2022
Summary:     Recommended update for libzypp, zypper
Type:        recommended
Severity:    moderate
References:  1199895,1200993,1201092,1201576,1201638
This update for libzypp, zypper fixes the following issues:

libzypp:

- Improve handling of package locks, allowing to reset the status of its initial state (bsc#1199895)
- Fix issues when receiving exceptions from curl_easy_cleanup (bsc#1201092)
- Don't auto-flag kernel-firmware as 'reboot-needed' (bsc#1200993)
- Remove Medianetwork and its dependent code. First reason for this is that MediaNetwork was just meant as a way to test
  the new CURL based downloaded. Second the Provide API is going to completely replace the current media backend.

zypper:

- Truncate the 'Name' column when using `zypper lr`, if the table is wider than the terminal (bsc#1201638)
- Reject install/remove modifier without argument (bsc#1201576)
- zypper-download: Handle unresolvable arguments as errors
- Put signing key supplying repository name in quotes

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3228-1
Released:    Fri Sep  9 13:52:35 2022
Summary:     Recommended update for regionServiceClientConfigEC2
Type:        recommended
Severity:    critical
References:  1203215
This update for regionServiceClientConfigEC2 fixes the following issues:

- Update to version 4.1.0 (bsc#1203215)
  + New certs for 52.79.82.165 and 54.247.166.75

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3241-1
Released:    Mon Sep 12 07:21:04 2022
Summary:     Recommended update for cups
Type:        recommended
Severity:    moderate
References:  1201511
This update for cups fixes the following issues:

- Stuck print jobs being cancelled immediately, despite MaxJobTime being set to 0 (bsc#1201511)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3248-1
Released:    Mon Sep 12 09:03:13 2022
Summary:     Security update for qpdf
Type:        security
Severity:    important
References:  1188514,CVE-2021-36978
This update for qpdf fixes the following issues:

- CVE-2021-36978: Fixed heap-based buffer overflow in Pl_ASCII85Decoder::write (bsc#1188514).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3249-1
Released:    Mon Sep 12 09:05:26 2022
Summary:     Security update for clamav
Type:        security
Severity:    important
References:  1202986
This update for clamav fixes the following issues:

clamav was updated to 0.103.7 (bsc#1202986)

* Upgrade the vendored UnRAR library to version 6.1.7.
* Fix logical signature 'Intermediates' feature.
* Relax constraints on slightly malformed zip archives that
  contain overlapping file entries.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3252-1
Released:    Mon Sep 12 09:07:53 2022
Summary:     Security update for freetype2
Type:        security
Severity:    moderate
References:  1198823,1198830,1198832,CVE-2022-27404,CVE-2022-27405,CVE-2022-27406
This update for freetype2 fixes the following issues:

- CVE-2022-27404 Fixed a segmentation fault via a crafted typeface (bsc#1198830).
- CVE-2022-27405 Fixed a buffer overflow via a crafted typeface (bsc#1198832).
- CVE-2022-27406 Fixed a segmentation fault via a crafted typeface (bsc#1198823).

Non-security fixes:

- Updated to version 2.10.4

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3254-1
Released:    Mon Sep 12 10:35:38 2022
Summary:     Recommended update for inkscape
Type:        recommended
Severity:    moderate
References:  1200369
This update for inkscape fixes the following issues:

- Fix rendering of multi-line text (bsc#1200369)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3258-1
Released:    Mon Sep 12 12:23:26 2022
Summary:     Recommended update for sca-appliance-broker
Type:        recommended
Severity:    moderate
References:  1201011
This update for sca-appliance-broker fixes the following issues:

- Update setup-sca checks for php8 (bsc#1201011)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3259-1
Released:    Mon Sep 12 12:50:32 2022
Summary:     Security update for rubygem-kramdown
Type:        security
Severity:    important
References:  1174297,CVE-2020-14001
This update for rubygem-kramdown fixes the following issues:

- CVE-2020-14001: Fixed processing template options inside documents allowing unintended read access or embedded Ruby code execution (bsc#1174297).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3262-1
Released:    Tue Sep 13 15:34:29 2022
Summary:     Recommended update for gcc11
Type:        recommended
Severity:    moderate
References:  1199140

This update for gcc11 ships some missing 32bit libraries for s390x. (bsc#1199140)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3271-1
Released:    Wed Sep 14 06:45:39 2022
Summary:     Security update for perl
Type:        security
Severity:    moderate
References:  1047178,CVE-2017-6512
This update for perl fixes the following issues:

- CVE-2017-6512: Fixed File::Path rmtree/remove_tree race condition (bsc#1047178).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3275-1
Released:    Thu Sep 15 06:12:51 2022
Summary:     Recommended update for python-aiohttp, python-typing_extensions
Type:        recommended
Severity:    moderate
References:  1121578,1197831,CVE-2021-21330
This update for python-aiohttp, python-typing_extensions fixes the following issues:


- Include in SLE-15 (bsc#1197831)
- Fixed required/optional keys with old-style TypedDict
- Test in separate multibuild flavor to break depcycles with full python stdlib
- Clean requirements specifications for python flavors
- Add transitional typing-extensions provides 
- Fix tests for Python 3.9 
- Official support for Python 3.8 and 3.9
- Fix build without python2 available
- Fix isinstance() with generic protocol subclasses after subscripting
- Fix tests for non-default interpreters
- Use environment marker to specify typing dependency
- Fix unions of protocols on Python 2

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3279-1
Released:    Thu Sep 15 10:54:17 2022
Summary:     Recommended update for netty-tcnative
Type:        recommended
Severity:    low
References:  1198792
This update for netty-tcnative fixes the following issues:

- Remove dependency on separate package netty-jni-util-sources
- Unpack the sources to their right place without passing through maven mechanisms
- This version fixes bsc#1198792
- Build with java source and target levels 1.8
- Update to the 2.0.36 Final

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3281-1
Released:    Thu Sep 15 15:33:02 2022
Summary:     Security update for MozillaThunderbird
Type:        security
Severity:    important
References:  1200793,1201758,1202645,1203007,CVE-2022-2200,CVE-2022-2226,CVE-2022-2505,CVE-2022-3032,CVE-2022-3033,CVE-2022-3034,CVE-2022-31744,CVE-2022-34468,CVE-2022-34470,CVE-2022-34472,CVE-2022-34478,CVE-2022-34479,CVE-2022-34481,CVE-2022-34484,CVE-2022-36059,CVE-2022-36314,CVE-2022-36318,CVE-2022-36319,CVE-2022-38472,CVE-2022-38473,CVE-2022-38476,CVE-2022-38477,CVE-2022-38478
This update for MozillaThunderbird fixes the following issues:

Updated to Mozilla Thunderbird 102.2.2:
- CVE-2022-3033: Fixed leaking of sensitive information when composing a response to an HTML email with a META refresh tag (bsc#1203007).
- CVE-2022-3032: Fixed missing blocking of remote content specified in an HTML document that was nested inside an iframe's srcdoc attribute (bsc#1203007).
- CVE-2022-3034: Fixed issue where iframe element in an HTML email could trigger a network request (bsc#1203007).
- CVE-2022-36059: Fixed DoS in Matrix SDK bundled with Thunderbird service attack (bsc#1203007).
 
- CVE-2022-38472: Fixed Address bar spoofing via XSLT error handling (bsc#1202645).
- CVE-2022-38473: Fixed cross-origin XSLT Documents inheriting the parent's permissions (bsc#1202645).
- CVE-2022-38476: Fixed data race and potential use-after-free in PK11_ChangePW (bsc#1202645).
- CVE-2022-38477: Fixed memory safety bugs (bsc#1202645).
- CVE-2022-38478: Fixed memory safety bugs (bsc#1202645).

- CVE-2022-36319: Fixed mouse position spoofing with CSS transforms (bsc#1201758).
- CVE-2022-36318: Fixed directory indexes for bundled resources reflected URL parameters (bsc#1201758).
- CVE-2022-36314: Fixed unexpected network loads when opening local .lnk files (bsc#1201758).
- CVE-2022-2505: Fixed memory safety bugs (bsc#1201758).

- CVE-2022-34479: Fixed vulnerability which could overlay the address bar with web content (bsc#1200793).
- CVE-2022-34470: Fixed use-after-free in nsSHistory (bsc#1200793).
- CVE-2022-34468: Fixed CSP sandbox header without `allow-scripts` bypass via retargeted javascript (bsc#1200793).
- CVE-2022-2226: Fixed emails with a mismatching OpenPGP signature date incorrectly accepted as valid (bsc#1200793).
- CVE-2022-34481: Fixed integer overflow in ReplaceElementsAt (bsc#1200793).
- CVE-2022-31744: Fixed CSP bypass enabling stylesheet injection (bsc#1200793).
- CVE-2022-34472: Fixed unavailable PAC file resulting in OCSP requests being blocked (bsc#1200793).
- CVE-2022-34478: Fixed Microsoft protocols attacks if a user accepts a prompt (bsc#1200793).
- CVE-2022-2200: Fixed vulnerability where undesired attributes could be set as part of prototype pollution (bsc#1200793).
- CVE-2022-34484: Fixed memory safety bugs (bsc#1200793).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3283-1
Released:    Thu Sep 15 15:33:51 2022
Summary:     Security update for libgit2
Type:        security
Severity:    important
References:  1198234,1201431,CVE-2022-24765,CVE-2022-29187
This update for libgit2 fixes the following issues:

- CVE-2022-24765: Fixed potential command injection via git worktree (bsc#1198234).
- CVE-2022-29187: Fixed incomplete fix for CVE-2022-24765 (bsc#1201431).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3292-1
Released:    Fri Sep 16 17:06:20 2022
Summary:     Security update for ruby2.5
Type:        security
Severity:    moderate
References:  1193081,CVE-2021-41819
This update for ruby2.5 fixes the following issues:

- CVE-2021-41819: Fixed cookie prefix spoofing in CGI::Cookie.parse (bsc#1193081).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3295-1
Released:    Sat Sep 17 10:29:30 2022
Summary:     Recommended update for go
Type:        recommended
Severity:    moderate
References:  1200441
This update for go fixes the following issues:

- Update to current stable go1.19 (bsc#1200441)
- Add define tsan_arch for s390x ppc64le new in go1.19

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3296-1
Released:    Sat Sep 17 10:30:01 2022
Summary:     Recommended update for nss_synth
Type:        recommended
Severity:    moderate
References:  
This update for nss_synth fixes the following issues:


- Support running 389-ds with bare uid/gid (non-root) in containers. (jsc#SLE-22585)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3298-1
Released:    Mon Sep 19 08:43:44 2022
Summary:     Recommended update for python-psutil
Type:        recommended
Severity:    important
References:  1181475
This update for python-psutil fixes the following issues:

- Adopt change of used memory calculation from upstream of procps (bsc#1181475)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3300-1
Released:    Mon Sep 19 08:45:25 2022
Summary:     Recommended update for gnome-shell-extension-desktop-icons
Type:        recommended
Severity:    important
References:  1199377,1203262
This update for gnome-shell-extension-desktop-icons fixes the following issues:

- Fix desktop icons to be Compatible with GNOME 41 (bsc#1199377, bsc#1203262)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3301-1
Released:    Mon Sep 19 08:48:57 2022
Summary:     Recommended update for Mesa
Type:        recommended
Severity:    important
References:  1202850
This update for Mesa fixes the following issues:

- Do not use 'iris' as default driver on Intel Gen8-11 hardware but 'i965'. (bsc#1202850)

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2022:3302-1
Released:    Mon Sep 19 08:51:02 2022
Summary:     Feature update for python310-pip
Type:        feature
Severity:    moderate
References:  1201041
This feature update for python310-pip and python-rpm-macros provides:

python310-pip: 

Upgrade from version 20.2.4 to version 22.0.4 (jsc#SLE-24539)

- Adjust SPEC file to generate python310 module only
- Avoid cycle: BuildRequire ca-certificates only in tests
- This version is not compatible with Python 3.6 and thus not suitable for SUSE Linux Enterprise 15.
- Drop the doctype check, that presented a warning for index pages that use non-compliant HTML 5.
- Print the exception via rich.traceback, when running with `--debug`.
- Only calculate topological installation order, for packages that are going to be installed/upgraded.
  * This error occurred when determining the installation order for a very specific combination of 
    upgrading of already installed packages, change of dependencies and fetching some packages 
    from a package index. This combination was especially common in Read the Docs' builds.
- Use html.parser by default, instead of falling back to html5lib when --use-deprecated=html5lib is not passed.
- Clarify that using per-requirement overrides disables the usage of wheels.
- Instead of failing on index pages that use non-compliant HTML 5, print a deprecation warning 
  and fall back to html5lib-based parsing for now. 
  This simplifies the migration for non-compliant index pages, by letting such indexes function with a warning.
- Accept lowercase <!doctype html> on index pages.
- Properly handle links parsed by html5lib, when using --use-deprecated=html5lib.
- Changed PackageFinder to parse HTML documents using the
    stdlib :class:`html.parser.HTMLParser` class instead of the
    html5lib package.
- For now, the deprecated html5lib code remains and can be used with the --use-deprecated=html5lib 
  command line option. However, it will be removed in a future pip release.
- Completely replace :pypi:`tox` in our development workflow, with :pypi:`nox`.
- Deprecate alternative progress bar styles, leaving only on and off as available choices.
- Drop support for Python 3.6.
- Disable location mismatch warnings on Python versions prior to 3.10.
  * These warnings were helping identify potential issues as part
    of the sysconfig -> distutils transition, and we no longer
    need to rely on reports from older Python versions for information on the transition.
- Utilize rich for presenting pip's default download progress bar.
- Present a better error message when an invalid wheel file is
    encountered, providing more context where the invalid wheel file is.
- Documents the --require-virtualenv flag for pip install.
- pip install <tab> autocompletes paths.
- Allow Python distributors to opt-out from or opt-in to the
    sysconfig installation scheme backend by setting
    sysconfig._PIP_USE_SYSCONFIG to True or False.
- Make it possible to deselect tests requiring cryptography package on systems where it cannot be installed.
- Start using Rich for presenting error messages in a consistent format.
- Improve presentation of errors from subprocesses.
- Forward pip's verbosity configuration to VCS tools to control their output accordingly.
- Optimize installation order calculation to improve
    performance when installing requirements that form a complex
    dependency graph with a large amount of edges.
- When a package is requested by the user for upgrade,
    correctly identify that the extra-ed variant of that same
    package depended by another user-requested package is
    requesting the same package, and upgrade it accordingly.
- Prevent pip from installing yanked releases unless explicitly
    pinned via the `==` or `===` operators.
- Stop backtracking on build failures, by instead surfacing
    them to the user and aborting immediately. This behaviour
    provides more immediate feedback when a package cannot be
    built due to missing build dependencies or platform
    incompatibility.
- Silence Value for <location> does not match warning caused by
    an erroneous patch in Slackware-distributed Python 3.9.
- Fix an issue where pip did not consider dependencies with and without extras to be equal
- Always refuse installing or building projects that have no ``pyproject.toml`` nor ``setup.py``. 
- Tweak running-as-root detection, to check ``os.getuid`` if it exists, on Unix-y and non-Linux/non-MacOS machines.
- When installing projects with a ``pyproject.toml`` in editable mode, and the build
    backend does not support :pep:`660`, prepare metadata using
    ``prepare_metadata_for_build_wheel`` instead of ``setup.py egg_info``. Also, refuse
    installing projects that only have a ``setup.cfg`` and no ``setup.py`` nor
    ``pyproject.toml``. These restore the pre-21.3 behaviour.
- Restore compatibility of where configuration files are loaded from on MacOS
- Upgrade pep517 to 0.12.0
- Improve deprecation warning regarding the copying of source trees when installing from a local directory.
- Suppress location mismatch warnings when pip is invoked from a Python source
    tree, so ``ensurepip`` does not emit warnings on CPython ``make install``.
- On Python 3.10 or later, the installation scheme backend has been changed to use
    ``sysconfig``. This is to anticipate the deprecation of ``distutils`` in Python
    3.10, and its scheduled removal in 3.12. For compatibility considerations, pip
    installations running on Python 3.9 or lower will continue to use ``distutils``.
- Remove the ``--build-dir`` option and aliases, one last time.
- In-tree builds are now the default. ``--use-feature=in-tree-build`` is now
    ignored. ``--use-deprecated=out-of-tree-build`` may be used temporarily to ease the transition.
- Un-deprecate source distribution re-installation behaviour.
- Replace vendored appdirs with platformdirs.
- Support `PEP 610 <https://www.python.org/dev/peps/pep-0610/>`_ to detect
    editable installs in ``pip freeze`` and  ``pip list``. The ``pip list`` column output
    has a new ``Editable project location`` column, and the JSON output has a new
    ``editable_project_location`` field.
- ``pip freeze`` will now always fallback to reporting the editable project
    location when it encounters a VCS error while analyzing an editable
    requirement. Before, it sometimes reported the requirement as non-editable.
- ``pip show`` now sorts ``Requires`` and ``Required-By`` alphabetically.
- Do not raise error when there are no files to remove with ``pip cache purge/remove``.
    Instead log a warning and continue (to log that we removed 0 files).
- When backtracking during dependency resolution, prefer the dependencies
  which are involved in the most recent conflict. This can significantly reduce the amount of backtracking required.
- Cache requirement objects, to improve performance reducing reparses of requirement strings.
- Support editable installs for projects that have a ``pyproject.toml`` and use a
    build backend that supports :pep:`660`.
- When a revision is specified in a Git URL, use git's partial clone feature to speed up source retrieval.
- Add a ``--debug`` flag, to enable a mode that doesn't log errors and
  propagates them to the top level instead. This is primarily to aid with debugging pip's crashes.
- If a host is explicitly specified as trusted by the user (via the
    --trusted-host option), cache HTTP responses from it in addition to HTTPS ones.
- Present a better error message, when a ``file:`` URL is not found.
- Fix the auth credential cache to allow for the case in which the index url contains the username, but the password 
  comes from an external source, such as keyring.
- Fix double unescape of HTML ``data-requires-python`` and ``data-yanked`` attributes.
- New resolver: Fixes depth ordering of packages during resolution, e.g. a
  dependency 2 levels deep will be ordered before a dependency 3 levels deep.

python-rpm-macros:

Update from version 20220106.80d3756 to version 20220809.cf8a7b8 (bsc#1201041)
- Pass `--ignore-installed` to `pip install` in %pyproject_install
- restore end-of-line in alternative scriptlets
- make python_flavored_alternatives less verbose
- Move install of libalts from sciptlets to python_clone -a
- hard-code %py_ver 
- print proper error on missing python interpreter
- Update compile-macros.sh
- Create python_flavored_alternatives and use for testing
- Switch primary_interpreter from python38 to python310
- Avoid bashism in %()
- Fix flavor executable substitution
- Keep python38 as primary python3
- Add python310 to the buildset
- Move python39 to the primary place in %pythons
- Disable python36 flavor in Factory buildset
- Add python310 flavor macros to compile set

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3304-1
Released:    Mon Sep 19 11:43:25 2022
Summary:     Recommended update for libassuan
Type:        recommended
Severity:    moderate
References:  
This update for libassuan fixes the following issues:

- Add a timeout for writing to a SOCKS5 proxy
- Add workaround for a problem with LD_LIBRARY_PATH on newer systems
- Fix issue in the logging code
- Fix some build trivialities
- Upgrade autoconf

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3305-1
Released:    Mon Sep 19 11:45:57 2022
Summary:     Security update for libtirpc
Type:        security
Severity:    important
References:  1201680,CVE-2021-46828
This update for libtirpc fixes the following issues:

- CVE-2021-46828: Fixed denial of service vulnerability with lots of connections (bsc#1201680).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3306-1
Released:    Mon Sep 19 11:51:55 2022
Summary:     Security update for libarchive
Type:        security
Severity:    moderate
References:  1192425,CVE-2021-23177
This update for libarchive fixes the following issues:

- CVE-2021-23177: Fixed symlink ACL extraction that modifies ACLs of the target system (bsc#1192425).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3307-1
Released:    Mon Sep 19 13:26:51 2022
Summary:     Security update for sqlite3
Type:        security
Severity:    moderate
References:  1189802,1195773,1201783,CVE-2021-36690,CVE-2022-35737
This update for sqlite3 fixes the following issues:

- CVE-2022-35737: Fixed an array-bounds overflow if billions of bytes are used in a string argument to a C API (bnc#1201783).
- CVE-2021-36690: Fixed an issue with the SQLite Expert extension when a column has no collating sequence (bsc#1189802).
  
- Package the Tcl bindings here again so that we only ship one copy of SQLite (bsc#1195773).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3309-1
Released:    Mon Sep 19 15:51:27 2022
Summary:     Security update for wireshark
Type:        security
Severity:    moderate
References:  1194165,1203388,CVE-2021-4186,CVE-2022-3190
This update for wireshark fixes the following issues:

Updated to Wireshark 3.6.8:
- CVE-2022-3190: Fixed F5 Ethernet Trailer dissector infinite loop (bsc#1203388).
- CVE-2021-4186: Fixed Gryphon dissector crash (bsc#1194165).


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3316-1
Released:    Tue Sep 20 11:12:14 2022
Summary:     Recommended update for gnutls
Type:        recommended
Severity:    moderate
References:  1190698,1191021,1202146
This update for gnutls fixes the following issues:

- FIPS: Zeroize the calculated hmac and new_hmac in the
  check_binary_integrity() function. [bsc#1191021]

- FIPS: Additional modifications to the SLI. [bsc#1190698]

  * Mark CMAC and GMAC and non-approved in gnutls_pbkfd2().
  * Mark HMAC keylength less than 112 bits as non-approved in
    gnutls_pbkfd2().

- FIPS: Port GnuTLS to use jitterentropy [bsc#1202146, jsc#SLE-24941]

  * Add new dependency on jitterentropy

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3317-1
Released:    Tue Sep 20 11:51:26 2022
Summary:     Recommended update for live-langset-data
Type:        recommended
Severity:    moderate
References:  1187618
This update for live-langset-data fixes the following issues:

- Don't restart systemd-vconsole-setup.service explicitly (bsc#1187618)
- Use command `y2start` instead of `y2base` that caused issues with nokogiri

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3319-1
Released:    Tue Sep 20 14:27:21 2022
Summary:     Recommended update for perl-DBD-Pg
Type:        recommended
Severity:    low
References:  1197797
This update for perl-DBD-Pg fixes the following issues:

- Adjust tests for reltuples being -1 for new relations (bsc#1197797)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3320-1
Released:    Tue Sep 20 14:47:07 2022
Summary:     Security update for vsftpd
Type:        security
Severity:    important
References:  1021387,1052900,1187678,1187686,786024,CVE-2021-3618
This update for vsftpd fixes the following issues:

- CVE-2021-3618: Enforced security checks against ALPACA attack (bsc#1187678, bsc#1187686, PM-3322).

Bugfixes:
- Fixed a seccomp failure in FIPS mode when SSL was enabled (bsc#1052900).
- Allowed wait4() to be called so that the broker can wait for its child processes (bsc#1021387).
- Allowed sendto() syscall when /dev/log support is enabled (bsc#786024).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3326-1
Released:    Wed Sep 21 12:28:41 2022
Summary:     Security update for go1.19
Type:        security
Severity:    important
References:  1200441,1203185,1203186,CVE-2022-27664,CVE-2022-32190
This update for go1.19 fixes the following issues:

Update to go version 1.19.1 (bsc#1200441):

- CVE-2022-27664: Fixed DoS in net/http caused by mishandled server errors after sending GOAWAY (bsc#1203185).
- CVE-2022-32190: Fixed missing stripping of relative path components in net/url JoinPath (bsc#1203186).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3327-1
Released:    Wed Sep 21 12:47:17 2022
Summary:     Security update for oniguruma
Type:        security
Severity:    important
References:  1142847,1150130,1157805,1164550,1164569,1177179,CVE-2019-13224,CVE-2019-16163,CVE-2019-19203,CVE-2019-19204,CVE-2019-19246,CVE-2020-26159
This update for oniguruma fixes the following issues:

- CVE-2019-19246: Fixed an out of bounds access during regular
  expression matching (bsc#1157805).
- CVE-2019-19204: Fixed an out of bounds access when compiling a
  crafted regular expression (bsc#1164569).
- CVE-2019-19203: Fixed an out of bounds access when performing a
  string search (bsc#1164550).
- CVE-2019-16163: Fixed an uncontrolled recursion issue when compiling
  a crafted regular expression, which could lead to denial of service (bsc#1150130).
- CVE-2020-26159: Fixed an off-by-one buffer overflow (bsc#1177179).
- CVE-2019-13224: Fixed a potential use-after-free when handling
  multiple different encodings (bsc#1142847).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3328-1
Released:    Wed Sep 21 12:48:56 2022
Summary:     Recommended update for jitterentropy
Type:        recommended
Severity:    moderate
References:  1202870
This update for jitterentropy fixes the following issues:

- Hide the non-GNUC constructs that are library internal from the 
  exported header, to make it usable in builds with strict C99
  compliance. (bsc#1202870)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3336-1
Released:    Thu Sep 22 10:55:21 2022
Summary:     Recommended update for distribution
Type:        recommended
Severity:    moderate
References:  1203324
This update for distribution fixes the following issues:

- Explicitly require nologin shell which is needed for registry
  system user (bsc#1203324)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3347-1
Released:    Fri Sep 23 10:34:39 2022
Summary:     Security update for rubygem-rack
Type:        security
Severity:    moderate
References:  1172037,1173351,CVE-2020-8161,CVE-2020-8184
This update for rubygem-rack fixes the following issues:

- CVE-2020-8184: Fixed vulnerability where percent-encoded cookies can be used to overwrite existing prefixed cookie names (bsc#1173351). 
- CVE-2020-8161: Fixed directory traversal in Rack:Directory (bsc#1172037).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3353-1
Released:    Fri Sep 23 15:23:40 2022
Summary:     Security update for permissions
Type:        security
Severity:    moderate
References:  1203018,CVE-2022-31252
This update for permissions fixes the following issues:

- CVE-2022-31252: Fixed chkstat group controlled paths (bsc#1203018).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3388-1
Released:    Mon Sep 26 12:51:36 2022
Summary:     Recommended update for google-guest-agent, google-guest-oslogin, google-osconfig-agent
Type:        recommended
Severity:    moderate
References:  1191036,1194319,1195391,1202100,1202101,1202826
This update for google-guest-agent, google-guest-oslogin, google-osconfig-agent fixes the following issues:

- Update to version 20220713.00 (bsc#1202100, bsc#1202101)
- Use pam_moduledir (bsc#1191036)
- Use install command in %post section to create state file (bsc#1202826)
- Avoid bashim in post install scripts (bsc#1195391)
- Don't restart daemon on package upgrade, create a state file instead (bsc#1194319)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3395-1
Released:    Mon Sep 26 16:35:18 2022
Summary:     Recommended update for ca-certificates-mozilla
Type:        recommended
Severity:    moderate
References:  1181994,1188006,1199079,1202868
This update for ca-certificates-mozilla fixes the following issues:

Updated to 2.56 state of Mozilla SSL root CAs (bsc#1202868)

- Added:

  - Certainly Root E1
  - Certainly Root R1
  - DigiCert SMIME ECC P384 Root G5
  - DigiCert SMIME RSA4096 Root G5
  - DigiCert TLS ECC P384 Root G5
  - DigiCert TLS RSA4096 Root G5
  - E-Tugra Global Root CA ECC v3
  - E-Tugra Global Root CA RSA v3

- Removed:

  - Hellenic Academic and Research Institutions RootCA 2011

Updated to 2.54 state of Mozilla SSL root CAs (bsc#1199079)

- Added:

  - Autoridad de Certificacion Firmaprofesional CIF A62634068
  - D-TRUST BR Root CA 1 2020
  - D-TRUST EV Root CA 1 2020
  - GlobalSign ECC Root CA R4
  - GTS Root R1
  - GTS Root R2
  - GTS Root R3
  - GTS Root R4
  - HiPKI Root CA - G1
  - ISRG Root X2
  - Telia Root CA v2
  - vTrus ECC Root CA
  - vTrus Root CA

- Removed:

  - Cybertrust Global Root
  - DST Root CA X3
  - DigiNotar PKIoverheid CA Organisatie - G2
  - GlobalSign ECC Root CA R4
  - GlobalSign Root CA R2
  - GTS Root R1
  - GTS Root R2
  - GTS Root R3
  - GTS Root R4
  

Updated to 2.50 state of the Mozilla NSS Certificate store (bsc#1188006)

- Added:

  - HARICA Client ECC Root CA 2021
  - HARICA Client RSA Root CA 2021
  - HARICA TLS ECC Root CA 2021
  - HARICA TLS RSA Root CA 2021
  - TunTrust Root CA


Updated to 2.46 state of the Mozilla NSS Certificate store (bsc#1181994)

- Added new root CAs:

  - NAVER Global Root Certification Authority

- Removed old root CAs:

  - GeoTrust Global CA
  - GeoTrust Primary Certification Authority
  - GeoTrust Primary Certification Authority - G3
  - GeoTrust Universal CA
  - GeoTrust Universal CA 2
  - thawte Primary Root CA
  - thawte Primary Root CA - G2
  - thawte Primary Root CA - G3
  - VeriSign Class 3 Public Primary Certification Authority - G4
  - VeriSign Class 3 Public Primary Certification Authority - G5
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3396-1
Released:    Mon Sep 26 16:37:26 2022
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    important
References:  1200793,1201758,1202645,1203477,CVE-2022-2200,CVE-2022-2505,CVE-2022-34468,CVE-2022-34469,CVE-2022-34470,CVE-2022-34471,CVE-2022-34472,CVE-2022-34473,CVE-2022-34474,CVE-2022-34475,CVE-2022-34476,CVE-2022-34477,CVE-2022-34478,CVE-2022-34479,CVE-2022-34480,CVE-2022-34481,CVE-2022-34482,CVE-2022-34483,CVE-2022-34484,CVE-2022-34485,CVE-2022-36314,CVE-2022-36318,CVE-2022-36319,CVE-2022-38472,CVE-2022-38473,CVE-2022-38476,CVE-2022-38477,CVE-2022-38478,CVE-2022-40956,CVE-2022-40957,CVE-2022-40958,CVE-2022-40959,CVE-2022-40960,CVE-2022-40962
This update for MozillaFirefox fixes the following issues:

Mozilla Firefox was updated to 102.3.0esr ESR (bsc#1200793, bsc#1201758, bsc#1202645, bsc#1203477):

- CVE-2022-40959: Fixed bypassing FeaturePolicy restrictions on transient pages.
- CVE-2022-40960: Fixed data-race when parsing non-UTF-8 URLs in threads.   
- CVE-2022-40958: Fixed bypassing secure context restriction for cookies with __Host and __Secure prefix.                                                           
- CVE-2022-40956: Fixed content-security-policy base-uri bypass.                                                                           
- CVE-2022-40957: Fixed incoherent instruction cache when building WASM on ARM64.
- CVE-2022-40962: Fixed memory safety bugs.
- CVE-2022-38472: Fixed a potential address bar spoofing via XSLT error handling.
- CVE-2022-38473: Fixed an issue where cross-origin XSLT documents could inherit the parent's permissions.
- CVE-2022-38478: Fixed various memory safety issues.
- CVE-2022-38476: Fixed data race and potential use-after-free in PK11_ChangePW.
- CVE-2022-38477: Fixed memory safety bugs.
- CVE-2022-36319: Fixed mouse position spoofing with CSS transforms.
- CVE-2022-36318: Fixed directory indexes for bundled resources reflected URL parameters.
- CVE-2022-36314: Fixed unexpected network loads when opening local .lnk files.
- CVE-2022-2505: Fixed memory safety bugs.
- CVE-2022-34479: Fixed vulnerabilty where a popup window could be resized in a way to overlay the address bar with web content.
- CVE-2022-34470: Fixed use-after-free in nsSHistory.
- CVE-2022-34468: Fixed bypass of CSP sandbox header without `allow-scripts` via retargeted javascript: URI.
- CVE-2022-34482: Fixed drag and drop of malicious image that could have led to malicious executable and potential code execution.
- CVE-2022-34483: Fixed drag and drop of malicious image that could have led to malicious executable and potential code execution.
- CVE-2022-34476: Fixed vulnerability where ASN.1 parser could have been tricked into accepting malformed ASN.1.
- CVE-2022-34481: Fixed potential integer overflow in ReplaceElementsAt
- CVE-2022-34474: Fixed vulnerability where sandboxed iframes could redirect to external schemes.
- CVE-2022-34469: Fixed TLS certificate errors on HSTS-protected domains which could be bypassed by the user on Firefox for Android.
- CVE-2022-34471: Fixed vulnerability where a compromised server could trick a browser into an addon downgrade.
- CVE-2022-34472: Fixed vulnerability where an unavailable PAC file resulted in OCSP requests being blocked.
- CVE-2022-34478: Fixed vulnerability where Microsoft protocols can be attacked if a user accepts a prompt.
- CVE-2022-2200: Fixed vulnerability where undesired attributes could be set as part of prototype pollution.
- CVE-2022-34480: Fixed free of uninitialized pointer in lg_init.
- CVE-2022-34477: Fixed vulnerability in MediaError message property leaking information on cross-origin same-site pages.
- CVE-2022-34475: Fixed vulnerability where the HTML Sanitizer could have been bypassed via same-origin script via use tags.
- CVE-2022-34473: Fixed vulnerability where the HTML Sanitizer could have been bypassed via use tags.
- CVE-2022-34484: Fixed memory safety bugs.
- CVE-2022-34485: Fixed memory safety bugs.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3397-1
Released:    Mon Sep 26 16:38:49 2022
Summary:     Security update for snakeyaml
Type:        security
Severity:    important
References:  1202932,1203149,1203153,1203154,1203158,CVE-2020-13936,CVE-2022-25857,CVE-2022-38749,CVE-2022-38750,CVE-2022-38751,CVE-2022-38752
This update for snakeyaml fixes the following issues:

- CVE-2022-38750: Fixed uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (bsc#1203158).
- CVE-2022-38749: Fixed StackOverflowError for many open unmatched brackets (bsc#1203149).
- CVE-2022-38752: Fixed uncaught exception in java.base/java.util.ArrayList.hashCode (bsc#1203154).
- CVE-2022-38751: Fixed unrestricted data matched with Regular Expressions (bsc#1203153).
- CVE-2022-25857: Fixed denial of service vulnerability due missing to nested depth limitation for collections (bsc#1202932).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3399-1
Released:    Mon Sep 26 16:40:46 2022
Summary:     Security update for unzip
Type:        security
Severity:    moderate
References:  1196177,1196180,CVE-2022-0529,CVE-2022-0530
This update for unzip fixes the following issues:

- CVE-2022-0530: Fixed SIGSEGV during the conversion of an utf-8 string to a local string (bsc#1196177).
- CVE-2022-0529: Fixed heap out-of-bound writes and reads during conversion of wide string to local string (bsc#1196180)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3400-1
Released:    Mon Sep 26 17:02:16 2022
Summary:     Security update for libcaca
Type:        security
Severity:    moderate
References:  1182731,CVE-2021-3410
This update for libcaca fixes the following issues:

- CVE-2021-3410: Fixed overflow when multiplying large ints (bsc#1182731).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3435-1
Released:    Tue Sep 27 14:55:38 2022
Summary:     Recommended update for runc
Type:        recommended
Severity:    important
References:  1202821
This update for runc fixes the following issues:

- Fix mounting via wrong proc fd. When the user and mount namespaces are used, and the bind mount is followed by the 
  cgroup mount in the spec, the cgroup was mounted using the bind mount's mount fd.
- Fix 'permission denied' error from runc run on noexec fs
- Fix regression causing a failed 'exec' error after systemctl daemon-reload (bsc#1202821)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3437-1
Released:    Tue Sep 27 14:57:23 2022
Summary:     Recommended update for mariadb-galera
Type:        recommended
Severity:    important
References:  1202760
This recommended update for mariadb-galera provides:

- Deliver missing mariadb-galera to SUSE Linux Enterprise 15 Service Pack 4 PackageHub
- There are NO code changes
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3447-1
Released:    Tue Sep 27 19:13:28 2022
Summary:     Recommended update for myspell-dictionaries
Type:        recommended
Severity:    important
References:  1203307
This recommended update for myspell-dictionaries provides:

- Deliver missing myspell-de_CH and myspell-de_AT to the SUSE Linux Enterprise Basesystem Module. (bsc#1203307)
- There are NO code changes.
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3449-1
Released:    Tue Sep 27 20:12:03 2022
Summary:     Recommended update for perl-Bootloader
Type:        recommended
Severity:    moderate
References:  1198197,1198828
This update for perl-Bootloader fixes the following issues:

- Fix sysconfig parsing (bsc#1198828)
- grub2/install: Reset error code when passing through recover code. (bsc#1198197)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3452-1
Released:    Wed Sep 28 12:13:43 2022
Summary:     Recommended update for glibc
Type:        recommended
Severity:    moderate
References:  1201942
This update for glibc fixes the following issues:

- Reversing calculation of __x86_shared_non_temporal_threshold (bsc#1201942)
- powerpc: Optimized memcmp for power10 (jsc#PED-987)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3481-1
Released:    Fri Sep 30 15:53:10 2022
Summary:     Recommended update for libvirt
Type:        recommended
Severity:    moderate
References:  1197084,1202608
This update for libvirt fixes the following issues:

- spec: Include aarch64 in the list of architectures that 'Require' dmidecode (bsc#1202608)
- qemu: Support memory allocation threads (bsc#1197084)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3486-1
Released:    Sat Oct  1 13:33:54 2022
Summary:     Security update for cosign
Type:        security
Severity:    important
References:  1203430,CVE-2022-36056
This update for cosign fixes the following issues:

Updated to version 1.12.0 (jsc#SLE-23879):
- CVE-2022-36056: Fixed verify-blob could successfully verify an artifact when verification should have failed (bsc#1203430).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3487-1
Released:    Sat Oct  1 13:34:14 2022
Summary:     Security update for ImageMagick
Type:        security
Severity:    moderate
References:  1203450,CVE-2022-3213
This update for ImageMagick fixes the following issues:

- CVE-2022-3213: Fixed heap buffer overflow when processing a malformed TIFF file (bsc#1203450).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3488-1
Released:    Sat Oct  1 13:34:52 2022
Summary:     Security update for webkit2gtk3
Type:        security
Severity:    important
References:  1203530,CVE-2022-32886,CVE-2022-32912
This update for webkit2gtk3 fixes the following issues:

Updated to version 2.36.8 (bsc#1203530):
  
  - CVE-2022-32886: Fixed a buffer overflow issue that could potentially lead to code execution.
  - CVE-2022-32912: Fixed an out-of-bounds read that could potentially lead to code execution.


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3489-1
Released:    Sat Oct  1 13:35:24 2022
Summary:     Security update for expat
Type:        security
Severity:    important
References:  1203438,CVE-2022-40674
This update for expat fixes the following issues:

- CVE-2022-40674: Fixed use-after-free in the doContent function in xmlparse.c (bsc#1203438).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3496-1
Released:    Tue Oct  4 09:47:32 2022
Summary:     Security update for colord
Type:        security
Severity:    moderate
References:  1202802,CVE-2021-42523
This update for colord fixes the following issues:

- CVE-2021-42523: Fixed a small memory leak in sqlite3_exec (bsc#1202802).

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2022:3501-1
Released:    Tue Oct  4 11:03:44 2022
Summary:     Feature update for aws-cli, python-boto3, python-botocore
Type:        feature
Severity:    important
References:  1199716
This update for aws-cli, python-boto3, python-botocore fixes the following issues:

Update AWS SDK and CLI in SUSE Linux Enterprise 15 (bsc#1199716, jsc#PED-1851)
    
aws-cli:

- Update from version 1.20.7 to version 1.24.4 (bsc#1199716, jsc#PED-1851)
- For detailed changes see packaged CHANGELOG.rst or https://raw.githubusercontent.com/aws/aws-cli/1.24.4/CHANGELOG.rst
- Updated required dependencies

python-boto3:

- Update from version 1.18.7 to version 1.23.4 (bsc#1199716, jsc#PED-1851)
- For detailed changes see https://github.com/boto/boto3/blob/develop/CHANGELOG.rst#1234
- Updated required dependencies

python-botocore:

- Update from version 1.21.7 to version 1.26.4 (bsc#1199716, jsc#PED-1851)
- For detailed changes see https://github.com/boto/botocore/blob/develop/CHANGELOG.rst#1264
- Updated required dependencies

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2022:3520-1
Released:    Tue Oct  4 14:18:34 2022
Summary:     Feature update for dmidecode
Type:        feature
Severity:    moderate
References:  
This feature update for dmidecode fixes the following issues:

Update dmidecode from version 3.2 to version 3.4 (jsc#SLE-24502, jsc#SLE-24591, jsc#PED-411):

- Add bios-revision, firmware-revision and system-sku-number to `-s` option
- Decode HPE OEM records 194, 199, 203, 236, 237, 238 ans 240
- Decode system slot base bus width and peers
- Document how the UUID fields are interpreted
- Don't display the raw CPU ID in quiet mode
- Don't use memcpy on /dev/mem on arm64
- Fix OEM vendor name matching
- Fix small typo in NEWS file
- Improve the formatting of the manual pages
- Present HPE type 240 attributes as a proper list instead of packing them on a single line. 
  This makes it more readable overall, and will also scale better if the number of attributes increases
- Skip details of uninstalled memory modules
- Support for SMBIOS 3.4.0. This includes new memory device types, new processor upgrades, new slot types and
  characteristics, decoding of memor module extended speed, new system slot types, new processor characteristic and new
  format of Processor ID
- Support for SMBIOS 3.5.0. This includes new processor upgrades, BIOS characteristics, new slot characteristics, new
  on-board device types, new pointing device interface types, and a new record type
  (type 45 - Firmware Inventory Information)
- Use the most appropriate unit for cache size

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2022:3522-1
Released:    Tue Oct  4 14:19:18 2022
Summary:     Feature update for python-python-editor
Type:        feature
Severity:    moderate
References:  
This feature update for python-python-editor fixes the following issues:

Version update from 1.0.3 to 1.0.4 (jsc#SLE-24984):

- Clarify package summary and description
- Remove superfluous devel dependency for noarch package

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3525-1
Released:    Wed Oct  5 12:17:14 2022
Summary:     Security update for cifs-utils
Type:        security
Severity:    moderate
References:  1198976,CVE-2022-29869
This update for cifs-utils fixes the following issues:

- Fix changelog to include Bugzilla and CVE tracker id numbers missing from previous update

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3531-1
Released:    Thu Oct  6 09:21:50 2022
Summary:     Security update for squid
Type:        security
Severity:    important
References:  1203677,1203680,CVE-2022-41317,CVE-2022-41318
This update for squid fixes the following issues:

  Updated squid to version 5.7:
  - CVE-2022-41317: Fixed exposure of sensitive information in cache manager (bsc#1203677).
  - CVE-2022-41318: Fixed buffer overread in SSPI and SMB Authentication (bsc#1203680).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3537-1
Released:    Thu Oct  6 10:55:43 2022
Summary:     Security update for postgresql-jdbc
Type:        security
Severity:    important
References:  1202170,CVE-2022-31197
This update for postgresql-jdbc fixes the following issues:

- CVE-2022-31197: Fixed SQL injection vulnerability (bsc#1202170).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3540-1
Released:    Thu Oct  6 11:56:36 2022
Summary:     Security update for LibVNCServer
Type:        security
Severity:    moderate
References:  1203106,CVE-2020-29260
This update for LibVNCServer fixes the following issues:

- CVE-2020-29260: Fixed memory leakage via rfbClientCleanup() (bsc#1203106).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3544-1
Released:    Thu Oct  6 13:48:42 2022
Summary:     Security update for python3
Type:        security
Severity:    important
References:  1202624,CVE-2021-28861
This update for python3 fixes the following issues:

- CVE-2021-28861: Fixed an open redirection vulnerability in the HTTP server when an URI path starts with // (bsc#1202624).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3555-1
Released:    Mon Oct 10 14:05:12 2022
Summary:     Recommended update for aaa_base
Type:        recommended
Severity:    important
References:  1199492
This update for aaa_base fixes the following issues:

- The wrapper rootsh is not a restricted shell. (bsc#1199492)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3557-1
Released:    Mon Oct 10 14:48:44 2022
Summary:     Recommended update for aws-efs-utils
Type:        recommended
Severity:    critical
References:  1203170
This update for aws-efs-utils fixes the following issues:

- Update to version 1.33.4 (bsc#1203170)
  * Fix the issue where watchdog sending signal to incorrect
    processes and add FIPS mode support
  * Apply additional check on awscredsuri option
- from version 1.33.3
  * Fix the potential stunnel hanging issue caused by full
    subprocess PIPE filled by stunnel log
  * Specify FIPS mode in configuration
  * Add separate env_path for macOS; Add comments
  * Update get-pip.py download url in README
- from version 1.33.2
  * Fix the incorrect path to generate read_ahead_kb config file
    and Bump the default tls port range from 400 to 1000
- Add patch to use unittest.mock instead of mock in testsuite
- Use relative URL in Source field

- version update to 1.33.1
  * Enable mount process to retry on failed or timed out mount.nfs command
  * use unittest.mock instead of mock

- version update to 1.32.1
  * Enable watchdog to check stunnel health periodically and restart
    hanging stunnel process when necessary.
- do not require python-mock for build

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3564-1
Released:    Tue Oct 11 16:15:57 2022
Summary:     Recommended update for libzypp, zypper
Type:        recommended
Severity:    critical
References:  1189282,1201972,1203649
This update for libzypp, zypper fixes the following issues:

libzypp:
 
- Enable 'zck' support for SUSE Linux Enterprise 15 Service Pack 4 and newer (bsc#1189282)
- Fix regression leading to `-allow-vendor-change` and `no-allow-vendor-change` options being ignored (bsc#1201972)
- Remove migration code that is no longer needed (bsc#1203649)
- Store logrotate files in vendor specif directory '/usr/etc/logrotate.d' if so defined

zypper:

- Fix contradiction in the man page: `--download-in-advance` option is the default behavior
- Fix regression leading to `-allow-vendor-change` and `no-allow-vendor-change` options being ignored (bsc#1201972)
- Fix tests to use locale 'C.UTF-8' rather than 'en_US'
- Make sure 'up' respects solver related CLI options (bsc#1201972)
- Remove unneeded code to compute the PPP status because it is now auto established
- Store logrotate files in vendor specif directory '/usr/etc/logrotate.d' if so defined

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3569-1
Released:    Tue Oct 11 16:31:40 2022
Summary:     Recommended update for SAPHanaSR
Type:        recommended
Severity:    important
References:  1192963,1198127,1201945
This update for SAPHanaSR fixes the following issues:
 
- SAPHanaSR-monitor not reporting correctly. (bsc#1192963)

- Version bump to 0.161.1_BF
- add the required 'xmllint' to the package (bsc#1201945)
- changes to the demote_clone function of the resource agent:
  if the role is '1:P' (topology agent run into timeouts) the
  function fail with rc=1, to get the managed resource stopped
  changes to the stop_clone function of the topology agent:
  call landscapeHostConfiguration.py and set the roles as they were
  reported. If the command timed out, set the role to '1:P' and
  return 1 to get the node fenced.
  The used timeout for the landscapeHostConfiguration.py call can
  be configured by the cluster action timeout, if needed. It will
  be 50% of the action timeout or the minimum of 300s.
  (bsc#1198127)
- add new HA/DR provider hook susChkSrv (jsc#PED-1241, jsc#PED-1240, jsc#PED-1253)
- add new tool SAPHanaSR-manageProvider to show, add and delete
  HA/DR provider sections in the global.ini of SAP HANA.
- update suse icon to new branding

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3570-1
Released:    Tue Oct 11 20:34:21 2022
Summary:     Recommended update for prometheus-ha_cluster_exporter
Type:        recommended
Severity:    important
References:  
This update for prometheus-ha_cluster_exporter fixes the following issues:

- Release 1.3.0 (jsc#PED-2052)
 - Added:
  - TLS and basic auth support (#200)
  - sysconfig file now available to override systemd unit CLI arguments (#200)
 - Changed
  - **Deprecated**: Some CLI flags were deprecated in favour of new ones according to upstream conventions (#200)
  - Boilerplate now uses the Prometheus Exporter Toolkit (#200)
  - Rename dashboard provider subpackage (#196)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3571-1
Released:    Thu Oct 13 07:34:28 2022
Summary:     Security update for rubygem-puma
Type:        security
Severity:    important
References:  1197818,CVE-2022-24790
This update for rubygem-puma fixes the following issues:

  Updated to version 4.3.12:
  - CVE-2022-24790: Fixed HTTP request smuggling if proxy is not RFC7230 compliant (bsc#1197818).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3574-1
Released:    Thu Oct 13 09:41:17 2022
Summary:     Recommended update for clamsap
Type:        recommended
Severity:    low
References:  1200699
This update for clamsap fixes the following issues:
- Add reference to bsc#1200699 in the changelog (bsc#1200699).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3595-1
Released:    Mon Oct 17 09:40:46 2022
Summary:     Recommended update for certmonger
Type:        recommended
Severity:    moderate
References:  1197745
This update for certmonger fixes the following issues:

- Use 'pkgconfig(systemd)' for the BR to allow hacksaw systemd-mini
  package to satisfy dependencies in the openSUSE Build Service.

- Add buildrequires on systemd which is required for correct installation
  of the .service file.

- Update to 0.79.13 (bsc#1197745)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3600-1
Released:    Mon Oct 17 13:34:07 2022
Summary:     Recommended update for python-urlgrabber
Type:        recommended
Severity:    moderate
References:  1201788
This update for python-urlgrabber fixes the following issues:

- Avoid crashing when setting URLGRABBER_DEBUG=1 environment variable
- Incorporate latest changes for the fix of wrong logic on find_proxy
  method causing proxy not being used (bsc#1201788)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3621-1
Released:    Tue Oct 18 14:53:24 2022
Summary:     Security update for rubygem-activesupport-5_1
Type:        security
Severity:    moderate
References:  1199060,CVE-2022-27777
This update for rubygem-activesupport-5_1 fixes the following issues:

- CVE-2022-27777: Fixed cross-site scripting vulnerability in Action View tag helper (bsc#1199060).


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3661-1
Released:    Wed Oct 19 14:00:28 2022
Summary:     Security update for php8
Type:        security
Severity:    important
References:  1192050,1200772,1203867,1203870,CVE-2021-21703,CVE-2022-31628,CVE-2022-31629
This update for php8 fixes the following issues:

- php8 was updated to version 8.0.24
- php8 was updated to version 8.0.23 (jsc#SLE-23639).
- CVE-2021-21703: Fixed a local privilege escalation via PHP-FPM. (bsc#1192050)
- CVE-2022-31628: Fixed an uncontrolled recursion in the phar uncompressor while decompressing 'quines' gzip files. (bsc#1203867)
- CVE-2022-31629: Fixed a bug which could lead an attacker to set an insecure cookie that will treated as secure in the victim's browser. (bsc#1203870)
- Fixed missing devel package requires pear and pecl extensions (jsc#SLE-24723, bsc#1200772).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3666-1
Released:    Wed Oct 19 20:44:55 2022
Summary:     Security update for helm
Type:        security
Severity:    important
References:  1200528,1203054,CVE-2022-1996,CVE-2022-36055
This update for helm fixes the following issues:

helm was updated to version 3.9.4:

* CVE-2022-36055: Fixed denial of service through string value parsing (bsc#1203054).
* Updating the certificates used for testing
* Updating index handling

helm was updated to version 3.9.3:

- CVE-2022-1996: Updated kube-openapi to fix an issue that could result in a CORS protection bypass (bsc#1200528).
* Fix missing array length check on release

helm was updated to version 3.9.2:

* Update of the circleci image

helm was updated  to version 3.9.1:

* Update to support Kubernetes 1.24.2
* Improve logging and safety of statefulSetReady
* Make token caching an opt-in feature
* Bump github.com/lib/pq from 1.10.5 to 1.10.6
* Bump github.com/Masterminds/squirrel from 1.5.2 to 1.5.3

helm was updated to version 3.9.0:

* Added a --quiet flag to helm lint
* Added a --post-renderer-args flag to support arguments being passed to the post renderer
* Added more checks during the signing process
* Updated to add Kubernetes 1.24 support

helm was updated to version 3.8.2:

* Bump oras.land/oras-go from 1.1.0 to 1.1.1
* Fixing downloader plugin error handling
* Simplify testdata charts
* Simplify testdata charts
* Add tests for multi-level dependencies.
* Fix value precedence
* Bumping Kubernetes package versions
* Updating vcs to latest version
* Dont modify provided transport
* Pass http getter as pointer in tests
* Add docs block
* Add transport option and tests
* Reuse http transport
* Updating Kubernetes libs to 0.23.4 (latest)
* fix: remove deadcode
* fix: helm package tests
* fix: helm package with dependency update for charts with OCI dependencies
* Fix typo Unset the env var before func return in Unit Test
* add legal name check
* maint: fix syntax error in deploy.sh
* linting issue fixed
* only apply overwrite if version is canary
* overwrite flag added to az storage blob upload-batch
* Avoid querying for OCI tags can explicit version provided in chart dependencies
* Management of bearer tokens for tag listing
* Updating Kubernetes packages to 1.23.3
* refactor: use `os.ReadDir` for lightweight directory reading
* Add IngressClass to manifests to be (un)installed
* feat(comp): Shell completion for OCI
* Fix install memory/goroutine leak

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3667-1
Released:    Wed Oct 19 21:34:32 2022
Summary:     Security update for clone-master-clean-up
Type:        security
Severity:    moderate
References:  1181050,1203651,CVE-2021-32000
This update for clone-master-clean-up fixes the following issues:

- CVE-2021-32000: Fixed some potentially dangerous file system operations (bsc#1181050).

Bugfixes:
- Fixed clone-master-clean-up failing to remove btrfs snapshots (bsc#1203651).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3669-1
Released:    Wed Oct 19 21:35:23 2022
Summary:     Security update for go1.19
Type:        security
Severity:    important
References:  1200441,1204023,1204024,1204025,CVE-2022-2879,CVE-2022-2880,CVE-2022-41715
This update for go1.19 fixes the following issues:

Updated to version 1.19.2 (bsc#1200441):

  - CVE-2022-41715: Fixed memory exhaustion in regexp/syntax (bsc#1204023).
  - CVE-2022-2879: Fixed unbounded memory consumption when reading headers in archive/tar (bsc#1204024).
  - CVE-2022-2880: Fixed ReverseProxy forwarding unparseable query parameters (bsc#1204025).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3670-1
Released:    Thu Oct 20 10:44:13 2022
Summary:     Recommended update for zchunk
Type:        recommended
Severity:    moderate
References:  1204244
This update for zchunk fixes the following issues:
    
- Make sure to ship libzck1 to Micro 5.3 (bsc#1204244)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3673-1
Released:    Thu Oct 20 11:12:22 2022
Summary:     Security update for jasper
Type:        security
Severity:    moderate
References:  1202642,CVE-2022-2963
This update for jasper fixes the following issues:

- CVE-2022-2963: Fixed memory leaks in function cmdopts_parse (bsc#1202642).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3682-1
Released:    Fri Oct 21 11:42:40 2022
Summary:     Security update for bind
Type:        security
Severity:    important
References:  1201247,1203614,1203619,1203620,CVE-2022-2795,CVE-2022-38177,CVE-2022-38178
This update for bind fixes the following issues:

- CVE-2022-2795: Fixed potential performance degredation due to missing database lookup limits when processing large delegations (bsc#1203614).
- CVE-2022-38177: Fixed a memory leak that could be externally triggered in the DNSSEC verification code for the ECDSA algorithm (bsc#1203619).
- CVE-2022-38178: Fixed memory leaks that could be externally triggered in the DNSSEC verification code for the EdDSA algorithm (bsc#1203620).

Bugfixes:
- Changed ownership of /var/lib/named/master from named:named to root:root (bsc#1201247)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3683-1
Released:    Fri Oct 21 11:48:39 2022
Summary:     Security update for libksba
Type:        security
Severity:    critical
References:  1204357,CVE-2022-3515
This update for libksba fixes the following issues:

  - CVE-2022-3515: Fixed a possible overflow in the TLV parser (bsc#1204357).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3684-1
Released:    Fri Oct 21 11:56:28 2022
Summary:     Recommended update for celt, jack, libogg, libtheora
Type:        recommended
Severity:    low
References:  1108981,1132458,1198925

This update for celt, jack, libogg, libtheora fixes the following issue:

- celt, jack, libogg, libtheora 32bit base libraries are shipped to meet dependencies of the ffmpeg 32bit libraries (bsc#1198925).

Also two bugs in jack were fixed (bsc#1132458 bsc#1108981).

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2022:3685-1
Released:    Fri Oct 21 12:19:13 2022
Summary:     Optional update for monitoring-plugins and its dependencies
Type:        optional
Severity:    moderate
References:  
This optional update for monitoring-plugins and its dependencies provides:

freeradius-client:

- Deliver missing freeradius-client to SUSE Package Hub 15 SP4 and solve migration issues from 15 SP3. (ijsc#MSC-399)
- There are NO code changes.

monitoring-plugins:

- Deliver missing monitoring plugins to SUSE Package Hub 15 SP4 and solve migration issues from 15 SP3. (ijsc#MSC-399)
- There are NO code changes.

perl-Crypt-DES:

- Deliver missing perl-Crypt-DES to SUSE Package Hub 15 SP4 and solve migration issues from 15 SP3. (ijsc#MSC-399)
- There are NO code changes.

perl-Crypt-Rijndael:

- Deliver missing perl-Crypt-Rijndaelto SUSE Package Hub 15 SP4 and solve migration issues from 15 SP3. (ijsc#MSC-399)
- There are NO code changes.

perl-Net-SNMP:

- Deliver missing perl-Net-SNMP to SUSE Package Hub 15 SP4 and solve migration issues from 15 SP3. (ijsc#MSC-399)
- There are NO code changes.
  
-----------------------------------------------------------------
Advisory ID: SUSE-feature-2022:3689-1
Released:    Fri Oct 21 14:19:56 2022
Summary:     Feature update for rpm
Type:        feature
Severity:    moderate
References:  
This feature update for rpm provides:

- Support Ed25519 RPM signatures (jsc#SLE-24714, jsc#SLE-24715)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3690-1
Released:    Fri Oct 21 15:06:45 2022
Summary:     Security update for tiff
Type:        security
Severity:    important
References:  1201723,1201971,1202026,1202466,1202467,1202468,1202968,1202971,1202973,CVE-2022-0561,CVE-2022-2519,CVE-2022-2520,CVE-2022-2521,CVE-2022-2867,CVE-2022-2868,CVE-2022-2869,CVE-2022-34266,CVE-2022-34526
This update for tiff fixes the following issues:

- CVE-2022-2519: Fixed a double free in rotateImage() (bsc#1202968).
- CVE-2022-2520: Fixed a assertion failure in rotateImage() (bsc#1202973).
- CVE-2022-2521: Fixed invalid free in TIFFClose() (bsc#1202971).
- CVE-2022-2867: Fixed out of bounds read and write in tiffcrop.c (bsc#1202466).
- CVE-2022-2868: Fixed out of bounds read in reverseSamples16bits() (bsc#1202467).
- CVE-2022-2869: Fixed out of bounds read and write in extractContigSamples8bits() (bsc#1202468).
- CVE-2022-34526: Fixed stack overflow in the _TIFFVGetField function of Tiffsplit (bsc#1202026).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3694-1
Released:    Sun Oct 23 23:00:33 2022
Summary:     Recommended update for lifecycle-data-sle-module-live-patching
Type:        recommended
Severity:    moderate
References:  1020320
This update for lifecycle-data-sle-module-live-patching fixes the following issues:

Lifecycle data update. (bsc#1020320)

- Added data for 4_12_14-150000_150_95, 4_12_14-150000_150_98, 4_12_14-150100_197_117, 4_12_14-150100_197_120,
  5_14_21-150400_24_11, 5_14_21-150400_24_18, 5_3_18-150200_24_120, 5_3_18-150200_24_126, 5_3_18-150300_59_81, 
  5_3_18-150300_59_87,  5_3_18-150300_59_90.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3696-1
Released:    Mon Oct 24 07:57:07 2022
Summary:     Recommended update for drbd-utils
Type:        recommended
Severity:    moderate
References:  1184122,1190591,1203220
This update for drbd-utils fixes the following issues:

- Restore drbd scripts directory to /usr/lib/drbd from /lib/drbd (bsc#1203220) 
- Fix missing path /usr/var/run/drbd (bsc#1190591)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3726-1
Released:    Tue Oct 25 14:06:51 2022
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    important
References:  1204421,CVE-2022-42927,CVE-2022-42928,CVE-2022-42929,CVE-2022-42932
This update for MozillaFirefox fixes the following issues:

- Updated to version 102.4.0 ESR (bsc#1204421)
- CVE-2022-42927: Fixed same-origin policy violation that could have leaked cross-origin URLs.
- CVE-2022-42928: Fixed memory Corruption in JS Engine.
- CVE-2022-42929: Fixed denial of Service via window.print.
- CVE-2022-42932: Fixed memory safety bugs.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3730-1
Released:    Tue Oct 25 17:01:30 2022
Summary:     Security update for python-paramiko
Type:        security
Severity:    important
References:  1111151,1200603,CVE-2018-1000805
This update for python-paramiko fixes the following issues:

Updated to version 2.4.3:

- CVE-2018-1000805: Fixed authentication bypass (bsc#1111151).

Bugfixes:

- Fixed Ed25519 key handling for certain key comment lengths (bsc#1200603).


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3731-1
Released:    Tue Oct 25 17:10:20 2022
Summary:     Security update for python-waitress
Type:        security
Severity:    important
References:  1197255,CVE-2022-24761
This update for python-waitress fixes the following issues:

- CVE-2022-24761: Fixed a bug to avoid inconsistent interpretation of HTTP requests leading to request smuggling. (bsc#1197255)

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2022:3732-1
Released:    Tue Oct 25 17:56:45 2022
Summary:     Feature update for patterns-wsl, yast2-registration and yast2-firstboot
Type:        feature
Severity:    important
References:  
This update for patterns-wsl, yast2-registration and yast2-firstboot fixes the following issues:

patterns-wsl:
- Add patterns-wsl-base, patterns-wsl-system to basesystem.
- Add patterns-wsl-gui to SLED.

yast2-registration:
- Allow forcing registration and configuring a YAML product as installed product.

yast2-firstboot:
- Add client to select product in WSL
- Allow installing WSL GUI pattern

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3733-1
Released:    Wed Oct 26 07:54:07 2022
Summary:     Recommended update for libheif
Type:        recommended
Severity:    moderate
References:  1199987
This update for libheif fixes the following issues:

- Add missing gdk-pixbuf loader scriptlets (bsc#1199987)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3745-1
Released:    Wed Oct 26 10:37:11 2022
Summary:     Security update for golang-github-prometheus-node_exporter
Type:        security
Severity:    moderate
References:  1196338,CVE-2022-21698
This update for golang-github-prometheus-node_exporter fixes the following issues:

  (bsc#1196338, jsc#SLE-24238, jsc#SLE-24239, jsc#SUMA-114,
  CVE-2022-21698)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3767-1
Released:    Wed Oct 26 11:49:43 2022
Summary:     Recommended update for bind
Type:        security
Severity:    important
References:  1201689,1203250,1203614,1203618,1203619,1203620,CVE-2022-2795,CVE-2022-3080,CVE-2022-38177,CVE-2022-38178
This update for bind fixes the following issues:

Update to release 9.16.33:

- CVE-2022-2795: Fixed potential performance degredation due to missing database lookup limits when processing large delegations (bsc#1203614).
- CVE-2022-3080: Fixed assertion failure when there was a stale CNAME in the cache for the incoming query and the stale-answer-client-timeout option is set to 0 (bsc#1203618).
- CVE-2022-38177: Fixed a memory leak that could be externally triggered in the DNSSEC verification code for the ECDSA algorithm (bsc#1203619).
- CVE-2022-38178: Fixed memory leaks that could be externally triggered in the DNSSEC verification code for the EdDSA algorithm (bsc#1203620).

- Add systemd drop-in directory for named service (bsc#1201689).
- Add modified createNamedConfInclude script and README-bind.chrootenv (bsc#1203250).

- Feature Changes:
  - Response Rate Limiting (RRL) code now treats all QNAMEs that are
  subject to wildcard processing within a given zone as the same
  name, to prevent circumventing the limits enforced by RRL.

  - Zones using dnssec-policy now require dynamic DNS or
  inline-signing to be configured explicitly.

  - A backward-compatible approach was implemented for encoding
  internationalized domain names (IDN) in dig and converting the
  domain to IDNA2008 form; if that fails,
  BIND tries an IDNA2003 conversion.

  - The DNSSEC algorithms RSASHA1 and NSEC3RSASHA1 are now automatically
  disabled on systems where they are disallowed by the security policy.
  Primary zones using those algorithms need to be migrated to new algorithms
  prior to running on these systems, as graceful migration to different DNSSEC
  algorithms is not possible when RSASHA1 is disallowed by the operating system.

  - Log messages related to fetch limiting have been improved to provide
  more complete information. Specifically, the final counts of allowed
  and spilled fetches are now logged before the counter object is destroyed.

  - Non-dynamic zones that inherit dnssec-policy from the view or options
  blocks were not marked as inline-signed and therefore never scheduled
  to be re-signed. This has been fixed.

  - The old max-zone-ttl zone option was meant to be superseded by
  the max-zone-ttl option in dnssec-policy; however, the latter option
  was not fully effective. This has been corrected: zones no longer load
  if they contain TTLs greater than the limit configured in dnssec-policy.
  For zones with both the old max-zone-ttl option and dnssec-policy
  configured, the old option is ignored, and a warning is generated.

  - rndc dumpdb -expired was fixed to include expired RRsets,
  even if stale-cache-enable is set to no and the cache-cleaning time 
  window has passed. (jsc#SLE-24600)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3781-1
Released:    Wed Oct 26 17:50:44 2022
Summary:     Security update for container-suseconnect
Type:        security
Severity:    moderate
References:  1204397

This update of container-suseconnect is a rebuilt of the previous sources against the current security updated go compiler.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3782-1
Released:    Wed Oct 26 17:53:06 2022
Summary:     Security update for libmad
Type:        security
Severity:    important
References:  1036968,1036969,CVE-2017-8372,CVE-2017-8373
This update for libmad fixes the following issues:

  - CVE-2017-8373: Fixed heap-based buffer overflow in mad_layer_III (bsc#1036968).
  - CVE-2017-8372: Fixed assertion failure in layer3.c (bsc#1036969).


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3783-1
Released:    Wed Oct 26 17:58:02 2022
Summary:     Security update for telnet
Type:        security
Severity:    important
References:  1203759,CVE-2022-39028
This update for telnet fixes the following issues:

  - CVE-2022-39028: Fixed NULL pointer dereference in telnetd (bsc#1203759).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3784-1
Released:    Wed Oct 26 18:03:28 2022
Summary:     Security update for libtasn1
Type:        security
Severity:    critical
References:  1204690,CVE-2021-46848
This update for libtasn1 fixes the following issues:

- CVE-2021-46848: Fixed off-by-one array size check that affects asn1_encode_simple_der (bsc#1204690)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3785-1
Released:    Wed Oct 26 20:20:19 2022
Summary:     Security update for curl
Type:        security
Severity:    important
References:  1204383,1204386,CVE-2022-32221,CVE-2022-42916
This update for curl fixes the following issues:

  - CVE-2022-32221: Fixed POST following PUT confusion (bsc#1204383).
  - CVE-2022-42916: Fixed HSTS bypass via IDN (bsc#1204386).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3787-1
Released:    Thu Oct 27 04:41:09 2022
Summary:     Recommended update for permissions
Type:        recommended
Severity:    important
References:  1194047,1203911
This update for permissions fixes the following issues:

- Fix regression introduced by backport of security fix (bsc#1203911)
- Add permissions for enlightenment helper on 32bit arches (bsc#1194047)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3799-1
Released:    Thu Oct 27 14:59:06 2022
Summary:     Recommended update for gnutls
Type:        recommended
Severity:    important
References:  1202146,1203779
This update for gnutls fixes the following issues:

- FIPS: Set error state when jent init failed in FIPS mode (bsc#1202146)
- FIPS: Make XTS key check failure not fatal (bsc#1203779)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3800-1
Released:    Thu Oct 27 14:59:35 2022
Summary:     Security update for MozillaThunderbird
Type:        security
Severity:    important
References:  1203477,1204411,1204421,CVE-2022-3155,CVE-2022-3266,CVE-2022-39236,CVE-2022-39249,CVE-2022-39250,CVE-2022-39251,CVE-2022-40956,CVE-2022-40957,CVE-2022-40958,CVE-2022-40959,CVE-2022-40960,CVE-2022-40962
This update for MozillaThunderbird fixes the following issues:

- Mozilla Thunderbird 102.4.0 (bsc#1204421)
  * changed: Thunderbird will automatically detect and repair OpenPGP key storage corruption caused by using the profile import tool in Thunderbird 102   
  * fixed: POP message download into a large folder (~13000 messages) caused Thunderbird to temporarily freeze
  * fixed: Forwarding messages with special characters in Subject failed on Windows
  * fixed: Links for FileLink attachments were not added when attachment filename contained Unicode characters
  * fixed: Address Book display pane continued to show contacts after deletion
  * fixed: Printing address book did not include all contact details
  * fixed: CardDAV contacts without a Name property did not save to Google Contacts
  * fixed: 'Publish Calendar' did not work
  * fixed: Calendar database storage improvements
  * fixed: Incorrectly handled error responses from CalDAV servers sometimes caused events to disappear from calendar
  * fixed: Various visual and UX improvements
- Mozilla Thunderbird 102.3.3
  * new: Option added to show containing address book for a
    contact when using `All Address Books` in vertical mode
    (bmo#1778871)
  * changed: Thunderbird will try to use POP NTLM authentication
    even if not advertised by server (bmo#1793349)
  * changed: Task List and Today Pane sidebars will no longer
    load when not visible (bmo#1788549)
  * fixed: Sending a message while a recipient pill was being
    modified did not save changes (bmo#1779785)
  * fixed: Nickname column was not available in horizontal view
    of Address Book (bmo#1778000)
  * fixed: Multiline organization values were displayed across
    two columns in horizontal view of Address Book (bmo#1777780)
  * fixed: Contact vCard fields with multiple values such as
    Categories were truncated when saved (bmo#1792399)
  * fixed: ICS calendar files with a `FREEBUSY` property could
    not be imported (bmo#1783441)
  * fixed: Thunderbird would hang if calendar event exceeded the
    year 2035 (bmo#1789999)
- Mozilla Thunderbird 102.3.2
  * changed: Thunderbird will try to use POP CRAM-MD5
    authentication even if not advertised by server (bmo#1789975)
  * fixed: Checking messages on POP3 accounts caused POP folder
    to lock if mail server was slow or non-responsive
    (bmo#1792451)
  * fixed: Newsgroups named with consecutive dots would not
    appear when refreshing list of newsgroups (bmo#1787789)
  * fixed: Sending news articles containing lines starting with
    dot were sometimes clipped (bmo#1787955)
  * fixed: CardDAV server sync silently failed if sync token
    expired (bmo#1791183)
  * fixed: Contacts from LDAP on macOS address books were not
    displayed (bmo#1791347)
  * fixed: Chat account input now accepts URIs for supported chat
    protocols (bmo#1776706)
  * fixed: Chat ScreenName field was not migrated to new address
    book (bmo#1789990)
  * fixed: Creating a New Event from the Today Pane used the
    currently selected day from the main calendar instead of from
    the Today Pane (bmo#1791203)
  * fixed: `New Event` button in Today Pane was incorrectly
    disabled sometimes (bmo#1792058)
  * fixed: Event reminder windows did not close after being
    dismissed or snoozed (bmo#1791228)
  * fixed: Improved performance of recurring event date
    calculation (bmo#1787677)
  * fixed: Quarterly calendar events on the last day of the month
    repeated one month early (bmo#1789362)
  * fixed: Thunderbird would hang if calendar event exceeded the
    year 2035 (bmo#1789999)
  * fixed: Whitespace in calendar events was incorrectly handled
    when upgrading from Thunderbird 91 to 102 (bmo#1790339)
  * fixed: Various visual and UX improvements (bmo#1755623,bmo#17
    83903,bmo#1785851,bmo#1786434,bmo#1787286,bmo#1788151,bmo#178
    9728,bmo#1790499)
- Mozilla Thunderbird 102.3.1
  * changed: Compose window encryption options now only appear
    for encryption technologies that have already been configured
    (bmo#1788988)
  * changed: Number of contacts in currently selected address
    book now displayed at bottom of Address Book list column
    (bmo#1745571)
  * fixed: Password prompt did not include server hostname for
    POP servers (bmo#1786920)
  * fixed: `Edit Contact` was missing from Contacts sidebar
    context menus (bmo#1771795)
  * fixed: Address Book contact lists cut off display of some
    characters, the result being unreadable (bmo#1780909)
  * fixed: Menu items for dark-themed alarm dialog were invisible
    on Windows 7 (bmo#1791738)
  * fixed: Various security fixes
  MFSA 2022-43 (bsc#1204411)
  * CVE-2022-39249 (bmo#1791765)
    Matrix SDK bundled with Thunderbird vulnerable to an
    impersonation attack by malicious server administrators
  * CVE-2022-39250 (bmo#1791765)
    Matrix SDK bundled with Thunderbird vulnerable to a device
    verification attack
  * CVE-2022-39251 (bmo#1791765)
    Matrix SDK bundled with Thunderbird vulnerable to an
    impersonation attack
  * CVE-2022-39236 (bmo#1791765)
    Matrix SDK bundled with Thunderbird vulnerable to a data
    corruption issue
- Mozilla Thunderbird 102.3
  * changed: Thunderbird will no longer attempt to import account
    passwords when importing from another Thunderbird profile in
    order to prevent profile corruption and permanent data loss.
    (bmo#1790605)
  * changed: Devtools performance profile will use Thunderbird
    presets instead of Web Developer presets (bmo#1785954)
  * fixed: Thunderbird startup performance improvements
    (bmo#1785967)
  * fixed: Saving email source and images failed
    (bmo#1777323,bmo#1778804)
  * fixed: Error message was shown repeatedly when temporary disk
    space was full (bmo#1788580)
  * fixed: Attaching OpenPGP keys without a set size to non-
    encrypted messages briefly displayed a size of zero bytes
    (bmo#1788952)
  * fixed: Global Search entry box initially contained
    'undefined' (bmo#1780963)
  * fixed: Delete from POP Server mail filter rule intermittently
    failed to trigger (bmo#1789418)
  * fixed: Connections to POP3 servers without UIDL support
    failed (bmo#1789314)
  * fixed: Pop accounts with 'Fetch headers only' set downloaded
    complete messages if server did not advertise TOP capability
    (bmo#1789356)
  * fixed: 'File -> New -> Address Book Contact' from Compose
    window did not work (bmo#1782418)
  * fixed: Attach 'My vCard' option in compose window was not
    available (bmo#1787614)
  * fixed: Improved performance of matching a contact to an email
    address (bmo#1782725)
  * fixed: Address book only recognized a contact's first two
    email addresses (bmo#1777156)
  * fixed: Address book search and autocomplete failed if a
    contact vCard could not be parsed (bmo#1789793)
  * fixed: Downloading NNTP messages for offline use failed
    (bmo#1785773)
  * fixed: NNTP client became stuck when connecting to Public-
    Inbox servers (bmo#1786203)
  * fixed: Various visual and UX improvements
    (bmo#1782235,bmo#1787448,bmo#1788725,bmo#1790324)
  * fixed: Various security fixes
  * unresolved: No dedicated 'Department' field in address book
    (bmo#1777780)
  MFSA 2022-42 (bsc#1203477)
  * CVE-2022-3266 (bmo#1767360)
    Out of bounds read when decoding H264
  * CVE-2022-40959 (bmo#1782211)
    Bypassing FeaturePolicy restrictions on transient pages
  * CVE-2022-40960 (bmo#1787633)
    Data-race when parsing non-UTF-8 URLs in threads
  * CVE-2022-40958 (bmo#1779993)
    Bypassing Secure Context restriction for cookies with __Host
    and __Secure prefix
  * CVE-2022-40956 (bmo#1770094)
    Content-Security-Policy base-uri bypass
  * CVE-2022-40957 (bmo#1777604)
    Incoherent instruction cache when building WASM on ARM64
  * CVE-2022-3155 (bmo#1789061)
    Attachment files saved to disk on macOS could be executed
    without warning
  * CVE-2022-40962 (bmo#1776655, bmo#1777574, bmo#1784835,
    bmo#1785109, bmo#1786502, bmo#1789440)
    Memory safety bugs fixed in Thunderbird 102.3

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3802-1
Released:    Thu Oct 27 16:26:44 2022
Summary:     Security update for openjpeg2
Type:        security
Severity:    important
References:  1140205,1149789,1179594,1179821,1180042,1180043,1180044,1180046,CVE-2018-20846,CVE-2018-21010,CVE-2020-27814,CVE-2020-27824,CVE-2020-27841,CVE-2020-27842,CVE-2020-27843,CVE-2020-27845
This update for openjpeg2 fixes the following issues:

  - CVE-2018-20846: Fixed OOB read in pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi_next_rpcl, and pi_next_cprl in openmj2/pi.c (bsc#1140205).
  - CVE-2018-21010: Fixed heap buffer overflow in color_apply_icc_profile in bin/common/color.c (bsc#1149789).
  - CVE-2020-27814: Fixed heap buffer overflow in lib/openjp2/mqc.c (bsc#1179594),
  - CVE-2020-27824: Fixed OOB read in opj_dwt_calc_explicit_stepsizes() (bsc#1179821).
  - CVE-2020-27841: Fixed buffer over-read in lib/openjp2/pi.c (bsc#1180042).
  - CVE-2020-27842: Fixed null pointer dereference in opj_tgt_reset function in lib/openjp2/tgt.c (bsc#1180043).
  - CVE-2020-27843: Fixed OOB read in opj_t2_encode_packet function in openjp2/t2.c (bsc#1180044).
  - CVE-2020-27845: Fixed heap-based buffer over-read in functions opj_pi_next_rlcp, opj_pi_next_rpcl and opj_pi_next_lrcp in openjp2/pi.c (bsc#1180046).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3806-1
Released:    Thu Oct 27 17:21:11 2022
Summary:     Security update for dbus-1
Type:        security
Severity:    important
References:  1087072,1204111,1204112,1204113,CVE-2022-42010,CVE-2022-42011,CVE-2022-42012
This update for dbus-1 fixes the following issues:

  - CVE-2022-42010: Fixed potential crash that could be triggered by an invalid signature (bsc#1204111).
  - CVE-2022-42011: Fixed an out of bounds read caused by a fixed length array (bsc#1204112).
  - CVE-2022-42012: Fixed a use-after-free that could be trigged by a message in non-native endianness with out-of-band Unix file descriptor (bsc#1204113).

  Bugfixes:

  - Disable asserts (bsc#1087072).


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3814-1
Released:    Mon Oct 31 09:45:29 2022
Summary:     Recommended update for sapstartsrv-resource-agents and supportutils-plugin-ha-sap
Type:        recommended
Severity:    moderate
References:  1203202
This update for sapstartsrv-resource-agents and supportutils-plugin-ha-sap fixes the following issues:

sapstartsrv-resource-agents:
- Version bump to 0.9.1
- man page updates based on customer feedback
- remove 'BuildRequire python3-mock' as this is no longer needed for the tests

supportutils-plugin-ha-sap:
- Update to version 0.0.4
- fix basic support for saptune
- add saptune version 3 awareness and add a hint for the new saptune supportconfig (bsc#1203202)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3818-1
Released:    Mon Oct 31 12:49:04 2022
Summary:     Recommended update for rabbitmq-server
Type:        recommended
Severity:    important
References:  1199431
This update for rabbitmq-server fixes the following issues:

- Ensure maintenance mode state table exists after node [re]boot (bsc#1199431)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3822-1
Released:    Mon Oct 31 23:53:38 2022
Summary:     Recommended update for adcli
Type:        recommended
Severity:    moderate
References:  1202647
This update for adcli fixes the following issues:

- Remove errx() calls on error conditions to execute the cleanup
  function and delete the krb5 snippets created in /tmp (bsc#1202647)
- Set umask before calling mkdtemp (bsc#1202647)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3825-1
Released:    Tue Nov  1 08:52:52 2022
Summary:     Security update for hdf5
Type:        security
Severity:    important
References:  1093663,1101475,1101906,1107069,1111598,1125882,1167400,1194366,1194375,1195212,1195215,CVE-2018-11205,CVE-2018-13867,CVE-2018-14031,CVE-2018-16438,CVE-2018-17439,CVE-2019-8396,CVE-2020-10812,CVE-2021-45830,CVE-2021-45833,CVE-2021-46242,CVE-2021-46244
This update for hdf5 fixes the following issues:

  - CVE-2021-46244: Fixed division by zero leading to DoS (bsc#1195215).
  - CVE-2018-13867: Fixed out of bounds read in the function H5F__accum_read in H5Faccum.c (bsc#1101906).
  - CVE-2018-16438: Fixed out of bounds read in H5L_extern_query at H5Lexternal.c (bsc#1107069).
  - CVE-2020-10812: Fixed NULL pointer dereference (bsc#1167400).
  - CVE-2021-45830: Fixed heap buffer overflow vulnerability in H5F_addr_decode_len in /hdf5/src/H5Fint.c (bsc#1194375).
  - CVE-2019-8396:  Fixed buffer overflow in function H5O__layout_encode in H5Olayout.c (bsc#1125882).
  - CVE-2018-11205: Fixed out of bounds read was discovered in H5VM_memcpyvv in H5VM.c (bsc#1093663).
  - CVE-2021-46242: Fixed heap-use-after free via the component H5AC_unpin_entry (bsc#1195212).
  - CVE-2021-45833: Fixed stack buffer overflow vulnerability (bsc#1194366).
  - CVE-2018-14031: Fixed heap-based buffer over-read in the function H5T_copy in H5T.c (bsc#1101475).
  - CVE-2018-17439: Fixed out of bounds read in the function H5F__accum_read in H5Faccum.c (bsc#1111598).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3851-1
Released:    Wed Nov  2 12:34:17 2022
Summary:     Recommended update for rsync
Type:        recommended
Severity:    important
References:  1202970,1204538
This update for rsync fixes the following issues:

- Fix regression with `--delay-updates` where files never update after interruption (bsc#1204538)
- Add support for `--trust-sender` parameter (bsc#1202970)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3855-1
Released:    Wed Nov  2 12:39:09 2022
Summary:     Recommended update for mariadb
Type:        recommended
Severity:    important
References:  1202863,CVE-2022-38791
This update for mariadb fixes the following issues:

Update version from 10.6.9 to 10.6.10:
    
- Fix regression causing full text index corruption if shutdown before changes are fully flushed
- Fix regression causing frequent 'Data structure corruption' in InnoDB after OOM
- Fix incorrect recovery or backup of instant ALTER TABLE
- Fix issue with InnoDB Temporary Tablespace (ibtmp1) causing it to continuously grow in size until the disk is full
- For full list of changes please check https://mariadb.com/kb/en/library/mariadb-10610-release-notes and
  https://mariadb.com/kb/en/library/mariadb-10610-changelog

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3857-1
Released:    Wed Nov  2 13:36:36 2022
Summary:     Security update for xorg-x11-server
Type:        security
Severity:    important
References:  1204412,1204416,CVE-2022-3550,CVE-2022-3551
This update for xorg-x11-server fixes the following issues:

  - CVE-2022-3550: Fixed out of bounds read/write in _GetCountedString() (bsc#1204412).
  - CVE-2022-3551: Fixed various leaks of the return value of GetComponentSpec() (bsc#1204416).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3866-1
Released:    Thu Nov  3 14:34:47 2022
Summary:     Security update for ntfs-3g_ntfsprogs
Type:        security
Severity:    important
References:  1204734,CVE-2022-40284
This update for ntfs-3g_ntfsprogs fixes the following issues:

  - CVE-2022-40284: Fixed incorrect validation of some of the NTFS metadata that could cause buffer overflow (bsc#1204734).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3867-1
Released:    Thu Nov  3 15:54:45 2022
Summary:     Security update for python-Flask-Security-Too
Type:        security
Severity:    moderate
References:  1202105,CVE-2021-23385
This update for python-Flask-Security-Too fixes the following issues:

- CVE-2021-23385: Fixed open redirect (bsc#1202105).


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3868-1
Released:    Fri Nov  4 10:07:58 2022
Summary:     Security update for rubygem-loofah
Type:        security
Severity:    moderate
References:  1154751,CVE-2019-15587
This update for rubygem-loofah fixes the following issues:

  - CVE-2019-15587: Fixed issue in sanitization of crafted SVG elements (bsc#1154751).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3869-1
Released:    Fri Nov  4 10:55:26 2022
Summary:     Recommended update for openssl-1_0_0
Type:        recommended
Severity:    moderate
References:  1180995
This update for openssl-1_0_0 fixes the following issues:

- Default to RFC7919 groups when generating ECDH parameters using 'genpkey' or 'dhparam' in FIPS mode (bsc#1180995)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3872-1
Released:    Fri Nov  4 14:07:25 2022
Summary:     Recommended update for cepces
Type:        recommended
Severity:    important
References:  1203273
This update for cepces fixes the following issues:

- Fix cepces won't compile on SLE15SP5. (bsc#1203273)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3873-1
Released:    Fri Nov  4 14:58:08 2022
Summary:     Recommended update for mozilla-nspr, mozilla-nss
Type:        recommended
Severity:    moderate
References:  1191546,1198980,1201298,1202870,1204729
This update for mozilla-nspr, mozilla-nss fixes the following issues:

mozilla-nspr was updated to version 4.34.1:

* add file descriptor sanity checks in the NSPR poll function.

mozilla-nss was updated to NSS 3.79.2 (bsc#1204729):

* Bump minimum NSPR version to 4.34.1.
* Gracefully handle null nickname in CERT_GetCertNicknameWithValidity.

Other fixes that were applied:

- FIPS: Allow the use of DSA keys (verification only) (bsc#1201298).
- FIPS: Add sftk_FIPSRepeatIntegrityCheck() to softoken's .def file
  (bsc#1198980).
- FIPS: Allow the use of longer symmetric keys via the service level indicator
  (bsc#1191546).
- FIPS: Prevent TLS sessions from getting flagged as non-FIPS (bsc#1191546).
- FIPS: Mark DSA keygen unapproved (bsc#1191546, bsc#1201298).
- FIPS: Use libjitterentropy for entropy (bsc#1202870).
- FIPS: Fixed an abort() when both NSS_FIPS and /proc FIPS mode are enabled.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3881-1
Released:    Fri Nov  4 16:04:19 2022
Summary:     Recommended update for scap-security-guide
Type:        recommended
Severity:    moderate
References:  
This update for scap-security-guide fixes the following issues:

- Ship Ubuntu 2204 profiles.

- ComplianceAsCode was updated to 0.1.64 (jsc#ECO-3319):

   - Introduce OL9 stig and anssi profiles
   - Update RHEL8 STIG to V1R7
   - Introduce e8 profile for OL9
   - Update RHEL7 STIG to V3R8
   - some SUSE profile fixes

- Added several RPM requires that are needed by the SUSE remediation
  scripts.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3884-1
Released:    Mon Nov  7 10:59:26 2022
Summary:     Security update for expat
Type:        security
Severity:    important
References:  1204708,CVE-2022-43680
This update for expat fixes the following issues:

  - CVE-2022-43680: Fixed use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate (bsc#1204708).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3885-1
Released:    Mon Nov  7 11:32:04 2022
Summary:     Recommended update for gnutls
Type:        recommended
Severity:    moderate
References:  1203299
This update for gnutls fixes the following issues:

- Fix AVX CPU feature detection for OSXSAVE (bsc#1203299)
  This fixes a SIGILL termination at the verzoupper instruction when
  trying to run GnuTLS on a Linux kernel with the noxsave command
  line parameter set. Relevant mostly for virtual systems.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3889-1
Released:    Mon Nov  7 15:25:52 2022
Summary:     Security update for exiv2
Type:        security
Severity:    important
References:  1068871,1142675,1142679,1185002,1185218,1185447,1185913,1186053,1186192,1188645,1188733,1189332,1189333,1189334,1189335,1189338,CVE-2017-1000128,CVE-2019-13108,CVE-2019-13111,CVE-2020-19716,CVE-2021-29457,CVE-2021-29463,CVE-2021-29470,CVE-2021-29623,CVE-2021-31291,CVE-2021-32617,CVE-2021-34334,CVE-2021-37620,CVE-2021-37621,CVE-2021-37622,CVE-2021-37623
This update for exiv2 fixes the following issues:

Updated to version 0.27.5 (jsc#PED-1393):

- CVE-2017-1000128: Fixed stack out of bounds read in JPEG2000 parser (bsc#1068871).
- CVE-2019-13108: Fixed integer overflow PngImage:readMetadata (bsc#1142675).
- CVE-2020-19716: Fixed buffer overflow vulnerability in the Databuf function in types.cpp (bsc#1188645).
- CVE-2021-29457: Fixed heap buffer overflow when write metadata into a crafted image file (bsc#1185002).
- CVE-2021-29470: Fixed out-of-bounds read in Exiv2:Jp2Image:encodeJp2Header (bsc#1185447).
- CVE-2021-29623: Fixed read of uninitialized memory (bsc#1186053).
- CVE-2021-31291: Fixed heap-based buffer overflow in jp2image.cpp (bsc#1188733).
- CVE-2021-32617: Fixed denial of service due to inefficient algorithm (bsc#1186192).
- CVE-2021-37620: Fixed out-of-bounds read in XmpTextValue:read() (bsc#1189332).
- CVE-2021-37621: Fixed DoS due to infinite loop in Image:printIFDStructure (bsc#1189333).
- CVE-2021-37622: Fixed DoS due to infinite loop in JpegBase:printStructure (bsc#1189334)
- CVE-2021-34334: Fixed DoS due to integer overflow in loop counter(bsc#1189338)
- CVE-2021-37623: Fixed DoS due to infinite loop in JpegBase:printStructure (bsc#1189335)
- CVE-2021-29463: Fixed out-of-bounds read in webpimage.cpp (bsc#1185913).
- CVE-2021-34334: Fixed DoS due to integer overflow in loop counter (bsc#1189338)
- CVE-2019-13111: Fixed integer overflow in WebPImage:decodeChunks that lead to denial of service (bsc#1142679)
- CVE-2021-29463: Fixed an out-of-bounds read was found in webpimage.cpp (bsc#1185913)

Bugfixes:

- Fixed build using GCC 11 (bsc#1185218).

A new libexiv2-2_27 shared library is shipped, the libexiv2-2_26 is provided only for compatibility now.

Please recompile your applications using the exiv2 library.


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3899-1
Released:    Tue Nov  8 10:43:45 2022
Summary:     Security update for sendmail
Type:        security
Severity:    important
References:  1202937,1204696,CVE-2022-31256
This update for sendmail fixes the following issues:

  - CVE-2022-31256: Fixed mail to root privilege escalation via sm-client.pre script (bsc#1204696, bsc#1202937).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3900-1
Released:    Tue Nov  8 10:47:55 2022
Summary:     Recommended update for docker
Type:        recommended
Severity:    moderate
References:  1200022
This update for docker fixes the following issues:

- Fix a crash-on-start issue with dockerd (bsc#1200022)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3904-1
Released:    Tue Nov  8 10:52:13 2022
Summary:     Recommended update for openssh
Type:        recommended
Severity:    moderate
References:  1192439
This update for openssh fixes the following issue:

- Prevent empty messages from being sent. (bsc#1192439)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3910-1
Released:    Tue Nov  8 13:05:04 2022
Summary:     Recommended update for pam
Type:        recommended
Severity:    moderate
References:  
This update for pam fixes the following issue:

- Update pam_motd to the most current version. (PED-1712)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3915-1
Released:    Tue Nov  8 14:12:47 2022
Summary:     Security update for vsftpd
Type:        security
Severity:    moderate
References:  1196918
This update for vsftpd fixes the following issues:

  Bugfixes:

  - Removed unsupported systemd hardening options (bsc#1196918).


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3917-1
Released:    Tue Nov  8 16:41:28 2022
Summary:     Recommended update for python-azure-agent
Type:        recommended
Severity:    moderate
References:  1203164,1203181
This update for python-azure-agent fixes the following issues:

- Properly set OS.EnableRDMA flag (bsc#1203181)
- Update to version 2.8.0.11 (bsc#1203164)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3922-1
Released:    Wed Nov  9 09:03:33 2022
Summary:     Security update for protobuf
Type:        security
Severity:    important
References:  1194530,1203681,1204256,CVE-2021-22569,CVE-2022-1941,CVE-2022-3171
This update for protobuf fixes the following issues:

- CVE-2021-22569: Fixed Denial of Service in protobuf-java in the parsing procedure for binary data (bsc#1194530).
- CVE-2022-1941: Fix a potential DoS issue in protobuf-cpp and protobuf-python (bsc#1203681)
- CVE-2022-3171: Fix a potential DoS issue when parsing with binary data in protobuf-java (bsc#1204256)
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3927-1
Released:    Wed Nov  9 14:55:47 2022
Summary:     Recommended update for runc
Type:        recommended
Severity:    moderate
References:  1202021,1202821
This update for runc fixes the following issues:

- Update to runc v1.1.4 (bsc#1202021)
- Fix failed exec after systemctl daemon-reload (bsc#1202821)
- Fix mounting via wrong proc
- Fix 'permission denied' error from runc run on noexec filesystem

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3931-1
Released:    Thu Nov 10 11:26:01 2022
Summary:     Security update for git
Type:        security
Severity:    moderate
References:  1204455,1204456,CVE-2022-39253,CVE-2022-39260
This update for git fixes the following issues:

  - CVE-2022-39260: Fixed overflow in split_cmdline() (bsc#1204456).
  - CVE-2022-39253: Fixed dereference issue with symbolic links via the `--local` clone mechanism (bsc#1204455).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3932-1
Released:    Thu Nov 10 11:55:12 2022
Summary:     Security update for python-rsa
Type:        security
Severity:    moderate
References:  1178676,CVE-2020-25658
This update for python-rsa fixes the following issues:

  - CVE-2020-25658: Fixed bleichenbacher timing oracle attack against RSA decryption (bsc#1178676).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3936-1
Released:    Thu Nov 10 13:36:13 2022
Summary:     Security update for libarchive
Type:        security
Severity:    moderate
References:  1192426,1192427,CVE-2021-31566
This update for libarchive fixes the following issues:

  - CVE-2021-31566: Fixed vulnerability where libarchive modifies file flags of symlink target (bsc#1192426)
  - Fixed issue where processing fixup entries may follow symbolic links (bsc#1192427).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3953-1
Released:    Fri Nov 11 11:41:28 2022
Summary:     Security update for xterm
Type:        security
Severity:    moderate
References:  1195387,CVE-2022-24130
This update for xterm fixes the following issues:

  - CVE-2022-24130: Fixed buffer overflow in set_sixel when Sixel support is enabled (bsc#1195387).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3958-1
Released:    Fri Nov 11 15:20:45 2022
Summary:     Recommended update for mozilla-nss
Type:        recommended
Severity:    moderate
References:  1191546,1198980,1201298,1202870,1204729
This update for mozilla-nss fixes the following issues:

mozilla-nss was updated to NSS 3.79.2 (bsc#1204729)

* Bump minimum NSPR version to 4.34.1.
* Gracefully handle null nickname in CERT_GetCertNicknameWithValidity.

- FIPS: Allow the use of DSA keys (verification only) (bsc#1201298).
- FIPS: Add sftk_FIPSRepeatIntegrityCheck() to softoken's .def file
  (bsc#1198980).
- FIPS: Allow the use of longer symmetric keys via the service level indicator
  (bsc#1191546).
- FIPS: Export sftk_FIPSRepeatIntegrityCheck() correctly (bsc#1198980).
- FIPS: Prevent sessions from getting flagged as non-FIPS (bsc#1191546).
- FIPS: Mark DSA keygen unapproved (bsc#1191546, bsc#1201298).
- FIPS: Enable userspace entropy gathering via libjitterentropy (bsc#1202870).
- FIPS: Prevent keys from getting flagged as non-FIPS and add remaining TLS mechanisms.
- FIPS: Use libjitterentropy for entropy. 
- FIPS: Fixed an abort() when both NSS_FIPS and /proc FIPS mode are enabled.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3972-1
Released:    Mon Nov 14 15:03:13 2022
Summary:     Recommended update for p7zip
Type:        recommended
Severity:    low
References:  1203316
This update for p7zip fixes the following issue:
    
- Ship p7zip-full to SLE15-SP3 basesystem (bsc#1203316).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3978-1
Released:    Tue Nov 15 09:56:31 2022
Summary:     Security update for rpmlint-mini
Type:        recommended
Severity:    moderate
References:  1201207
This update for rpmlint-mini fixes the following issues:

- NetworkManager: update nm-priv-helper whitelisting (bsc#1201207)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3979-1
Released:    Tue Nov 15 11:05:22 2022
Summary:     Security update for python-Mako
Type:        security
Severity:    moderate
References:  1203246,CVE-2022-40023
This update for python-Mako fixes the following issues:

  - CVE-2022-40023: Fixed regular expression Denial of Service when using the Lexer class to parse (bsc#1203246).


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3983-1
Released:    Tue Nov 15 11:46:29 2022
Summary:     Security update for freerdp
Type:        security
Severity:    moderate
References:  1204257,1204258,CVE-2022-39282,CVE-2022-39283
This update for freerdp fixes the following issues:

- CVE-2022-39282: Fix to init data read by `/parallel` command line switch. (bsc#1204258)
- CVE-2022-39283: Fix to prevent video channel from reading uninitialized data. (bsc#1204257)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3985-1
Released:    Tue Nov 15 12:54:11 2022
Summary:     
	  Recommended update for python-apipkg
  
Type:        recommended
Severity:    moderate
References:  1204145

	  This update fixes for python3-apipkg the following issues:
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3986-1
Released:    Tue Nov 15 12:57:41 2022
Summary:     Security update for libX11
Type:        security
Severity:    moderate
References:  1204422,1204425,CVE-2022-3554,CVE-2022-3555
This update for libX11 fixes the following issues:

  - CVE-2022-3554: Fixed memory leak in XRegisterIMInstantiateCallback() (bsc#1204422).
  - CVE-2022-3555: Fixed memory leak in _XFreeX11XCBStructure() (bsc#1204425).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3991-1
Released:    Tue Nov 15 13:54:13 2022
Summary:     Security update for dhcp
Type:        security
Severity:    moderate
References:  1203988,1203989,CVE-2022-2928,CVE-2022-2929
This update for dhcp fixes the following issues:

  - CVE-2022-2928: Fixed an option refcount overflow (bsc#1203988).
  - CVE-2022-2929: Fixed a DHCP memory leak (bsc#1203989).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3995-1
Released:    Tue Nov 15 16:49:28 2022
Summary:     Security update for jackson-databind
Type:        security
Severity:    important
References:  1204369,1204370,CVE-2022-42003,CVE-2022-42004
This update for jackson-databind fixes the following issues:

  Update to version 2.13.4.2:

  - CVE-2022-42003: Fixed missing check in primitive value deserializers to avoid deep wrapper array nesting wrt 'UNWRAP_SINGLE_VALUE_ARRAYS' (bsc#1204370).
  - CVE-2022-42004: Fixed missing check in 'BeanDeserializer._deserializeFromArray()' to prevent use of deeply nested arrays (bsc#1204369).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3997-1
Released:    Tue Nov 15 17:07:17 2022
Summary:     Security update for php7
Type:        security
Severity:    important
References:  1203867,1203870,1204577,1204979,CVE-2021-21707,CVE-2021-21708,CVE-2022-31625,CVE-2022-31626,CVE-2022-31628,CVE-2022-31629,CVE-2022-31630,CVE-2022-37454
This update for php7 fixes the following issues:

- Version update to 7.4.33:
- CVE-2022-31630: Fixed out-of-bounds read due to insufficient input validation in imageloadfont() (bsc#1204979).
- CVE-2022-37454: Fixed buffer overflow in hash_update() on long parameter (bsc#1204577).


- Version update to 7.4.32 (jsc#SLE-23639)
- CVE-2022-31628: Fixed an uncontrolled recursion in the phar uncompressor while decompressing 'quines' gzip files. (bsc#1203867)
- CVE-2022-31629: Fixed a bug which could lead an attacker to set an insecure cookie that will treated as secure in the victim's browser. (bsc#1203870)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3999-1
Released:    Tue Nov 15 17:08:04 2022
Summary:     Security update for systemd
Type:        security
Severity:    moderate
References:  1204179,1204968,CVE-2022-3821
This update for systemd fixes the following issues:

- CVE-2022-3821: Fixed buffer overrun in format_timespan() function (bsc#1204968).

- Import commit 0cd50eedcc0692c1f907b24424215f8db7d3b428
  * 0469b9f2bc pstore: do not try to load all known pstore modules
  * ad05f54439 pstore: Run after modules are loaded
  * ccad817445 core: Add trigger limit for path units
  * 281d818fe3 core/mount: also add default before dependency for automount mount units
  * ffe5b4afa8 logind: fix crash in logind on user-specified message string

- Document udev naming scheme (bsc#1204179)
- Make 'sle15-sp3' net naming scheme still available for backward compatibility
  reason

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4000-1
Released:    Tue Nov 15 17:08:27 2022
Summary:     Security update for python-Twisted
Type:        security
Severity:    low
References:  1204781,CVE-2022-39348
This update for python-Twisted fixes the following issues:

- CVE-2022-39348: Fixed NameVirtualHost Host header injection  (bsc#1204781).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4002-1
Released:    Tue Nov 15 17:09:26 2022
Summary:     Recommended update for gegl, gimp, gnome-photos, libgexiv2
Type:        recommended
Severity:    moderate
References:  

This update for gegl, gimp, gnome-photos, libgexiv2 has the following changes:

- The packages were rebuilt against exiv2 0.27, to allow obsoleting the old 0.26 version.

- No other changes were done.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4005-1
Released:    Tue Nov 15 17:10:33 2022
Summary:     Security update for php8
Type:        security
Severity:    important
References:  1204577,1204979,CVE-2022-31630,CVE-2022-37454
This update for php8 fixes the following issues:

- CVE-2022-37454: Fixed buffer overflow in hash_update() on long parameter (bug#81738) (bsc#1204577).
- CVE-2022-31630: Fixed OOB read due to insufficient input validation in imageloadfont() (bug#81739) (bsc#1204979).

- version update to 8.0.25 (27 Oct 2022)
    * Session: Fixed bug GH-9583 (session_create_id() fails with user defined save handler that doesn't have a validateId() method).
    * Streams: Fixed bug GH-9590 (stream_select does not abort upon exception or empty valid fd set).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4008-1
Released:    Wed Nov 16 10:29:27 2022
Summary:     Recommended update for python3-ec2imgutils
Type:        recommended
Severity:    moderate
References:  1199722
This update for python3-ec2imgutils fixes the following issues:

- Update to version 10.0.1
  + Follow up fix to (bsc#1199722) allow the user a choice of 2.0 and v2.0 as
    tpm versions on the command line

- Update to version 10.0.0 (bsc#1199722)
  + Add --tpm-support as command line option and tpm_support to the API
    to register images that support NitroTPM
  + API change for ec2deprecateimg. It is now possible to deprecate
    an image without providing a successor image.

- Add rpm-macros to build requirements in spec.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4010-1
Released:    Wed Nov 16 11:07:36 2022
Summary:     Security update for apache2-mod_wsgi
Type:        security
Severity:    moderate
References:  1201634,CVE-2022-2255
This update for apache2-mod_wsgi fixes the following issues:

- CVE-2022-2255: Hardened the trusted proxy header filter to avoid bypass. (bsc#1201634)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4011-1
Released:    Wed Nov 16 11:29:09 2022
Summary:     Security update for jsoup
Type:        security
Severity:    moderate
References:  1203459,CVE-2022-36033
This update for jsoup fixes the following issues:

  Updated to version 1.15.3:

  - CVE-2022-36033: Fixed incorrect sanitization of user input in SafeList.preserveRelativeLinks (bsc#1203459).


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4016-1
Released:    Wed Nov 16 14:52:06 2022
Summary:     Security update for rubygem-nokogiri
Type:        security
Severity:    important
References:  1198408,1199782,CVE-2022-24836,CVE-2022-29181
This update for rubygem-nokogiri fixes the following issues:

- CVE-2022-24836: Fixes possibility to DoS because of inefficient RE in HTML encoding. (bsc#1198408)
- CVE-2022-29181: Fixes Improper Handling of Unexpected Data Typesi. (bsc#1199782)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4018-1
Released:    Wed Nov 16 15:43:31 2022
Summary:     Recommended update for python-service_identity
Type:        recommended
Severity:    low
References:  1203743
This update for python-service_identity fixes the following issues:

- Loose the filelist for the package info to avoid build failure (bsc#1203743)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4043-1
Released:    Thu Nov 17 09:05:54 2022
Summary:     Recommended update for python3-ec2metadata
Type:        recommended
Severity:    moderate
References:  1204066
This update for python3-ec2metadata fixes the following issues:

- Update to version 4.0.0 (bsc#1204066)
  - Disambiguate cli options for duplicate endpoints. This is an
    incompatible change for some API versions of IMDS. When a duplicate
    endpoint is detected the cli option for both endpoints is expanded to a
    unique name.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4054-1
Released:    Thu Nov 17 15:36:58 2022
Summary:     Security update for go1.19
Type:        security
Severity:    low
References:  1200441,1204941,CVE-2022-41716
This update for go1.19 fixes the following issues:

  Update to go 1.19.3 (released 2022-11-01) (bsc#1200441):

  Security fixes:
  - CVE-2022-41716: Fixed unsanitized NUL in environment variables in syscalls, os/exec (go#56327) (bsc#1204941).

  Bugfixes:
  - runtime: lock count' fatal error when cgo is enabled (go#56308).
  - cmd/compile: libFuzzer instrumentation fakePC overflow on 386 arch (go#56168).
  - internal/fuzz: array literal initialization causes ICE 'unhandled stmt ASOP' while fuzzing (go#56106).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4058-1
Released:    Thu Nov 17 15:40:53 2022
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    important
References:  1205270,CVE-2022-45403,CVE-2022-45404,CVE-2022-45405,CVE-2022-45406,CVE-2022-45408,CVE-2022-45409,CVE-2022-45410,CVE-2022-45411,CVE-2022-45412,CVE-2022-45416,CVE-2022-45418,CVE-2022-45420,CVE-2022-45421
This update for MozillaFirefox fixes the following issues:

Update to Firefox Extended Support Release 102.5.0 ESR (MFSA 2022-48, bsc#1205270):

- CVE-2022-45403: Service Workers might have learned size of cross-origin media files
- CVE-2022-45404: Fullscreen notification bypass
- CVE-2022-45405: Use-after-free in InputStream implementation
- CVE-2022-45406: Use-after-free of a JavaScript Realm
- CVE-2022-45408: Fullscreen notification bypass via windowName
- CVE-2022-45409: Use-after-free in Garbage Collection
- CVE-2022-45410: ServiceWorker-intercepted requests bypassed SameSite cookie policy
- CVE-2022-45411: Cross-Site Tracing was possible via non-standard override headers
- CVE-2022-45412: Symlinks may resolve to partially uninitialized buffers
- CVE-2022-45416: Keystroke Side-Channel Leakage
- CVE-2022-45418: Custom mouse cursor could have been drawn over browser UI
- CVE-2022-45420: Iframe contents could be rendered outside the iframe
- CVE-2022-45421: Memory safety bugs fixed in Firefox 107 and Firefox ESR 102.5

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2022:4059-1
Released:    Thu Nov 17 17:03:02 2022
Summary:     Optional update for ssg-apply
Type:        optional
Severity:    moderate
References:  
This update for ssg-apply fixes the following issues:

This package contains a systemd service which can be run on boot which
detects and/or mitigates hardening issues from the scap-security-guide,
aka ComplianceAsCode.

The behaviour can be configured in the config file /etc/ssg-apply/default.conf

Options:

- 'profile' ...
  Which SCAP XCCDF profile to use. The default is 'stig' for the SUSE supported DISA stig profile.

  Other profiles from the scap-security-guide can also be selected, like 'cis', 'hipaa', 'pci-dss' and others.

- 'remediate'
  Whether to have the service immediately fix the issues.

  The default is 'off', if you want to enable automatic remediation, use 'on'.

- 'tailoring-file' ... default is '' (none).

  A tailoring file is a XML configuration file that can be used to select/deselect rules to check / remediate.

The service can be enabled with:

* systemctl enable ssg-apply.service


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4061-1
Released:    Fri Nov 18 05:56:17 2022
Summary:     Recommended update for sapconf
Type:        recommended
Severity:    important
References:  1190736,1190787
This update for sapconf fixes the following issues:

- Adapt check of an active saptune service during the initial package installation to work in a chroot environment and
  fix the missing enablement of sapconf (bsc#1190736, bsc#1190787)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4062-1
Released:    Fri Nov 18 09:05:07 2022
Summary:     Recommended update for libusb-1_0
Type:        recommended
Severity:    moderate
References:  1201590
This update for libusb-1_0 fixes the following issues:

- Fix regression where some devices no longer work if they have a configuration value of 0 (bsc#1201590)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4063-1
Released:    Fri Nov 18 09:07:50 2022
Summary:     Recommended update for hwdata
Type:        recommended
Severity:    moderate
References:  
This update for hwdata fixes the following issues:

- Updated pci, usb and vendor ids

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4066-1
Released:    Fri Nov 18 10:43:00 2022
Summary:     Recommended update for timezone
Type:        recommended
Severity:    important
References:  1177460,1202324,1204649,1205156
This update for timezone fixes the following issues:

Update timezone version from 2022a to 2022f (bsc#1177460, bsc#1204649, bsc#1205156):

- Mexico will no longer observe DST except near the US border
- Chihuahua moves to year-round -06 on 2022-10-30
- Fiji no longer observes DST
- In vanguard form, GMT is now a Zone and Etc/GMT a link
- zic now supports links to links, and vanguard form uses this
- Simplify four Ontario zones
- Fix a Y2438 bug when reading TZif data
- Enable 64-bit time_t on 32-bit glibc platforms
- Omit large-file support when no longer needed
- Jordan and Syria switch from +02/+03 with DST to year-round +03
- Palestine transitions are now Saturdays at 02:00
- Simplify three Ukraine zones into one
- Improve tzselect on intercontinental Zones
- Chile's DST is delayed by a week in September 2022 (bsc#1202324)
- Iran no longer observes DST after 2022
- Rename Europe/Kiev to Europe/Kyiv
- New `zic -R` command option
- Vanguard form now uses %z

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4076-1
Released:    Fri Nov 18 15:00:38 2022
Summary:     Recommended update for jsoup
Type:        recommended
Severity:    moderate
References:  
This update for jsoup fixes the following issues:

- Fix typo in the ant *-build.xml file that caused errors while building eclipse.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4078-1
Released:    Fri Nov 18 15:34:17 2022
Summary:     Security update for java-11-openjdk
Type:        security
Severity:    moderate
References:  1203476,1204468,1204471,1204472,1204473,1204475,1204480,1204523,CVE-2022-21618,CVE-2022-21619,CVE-2022-21624,CVE-2022-21626,CVE-2022-21628,CVE-2022-39399
This update for java-11-openjdk fixes the following issues:

- Update to jdk-11.0.17+8 (October 2022 CPU)
- CVE-2022-39399: Improve HTTP/2 client usage(bsc#1204480)
- CVE-2022-21628: Better HttpServer service (bsc#1204472)
- CVE-2022-21624: Enhance icon presentations (bsc#1204475)
- CVE-2022-21619: Improve NTLM support (bsc#1204473)
- CVE-2022-21626: Key X509 usages (bsc#1204471)
- CVE-2022-21618: Wider MultiByte (bsc#1204468)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4079-1
Released:    Fri Nov 18 15:36:28 2022
Summary:     Security update for java-17-openjdk
Type:        security
Severity:    moderate
References:  1203476,1204468,1204472,1204473,1204475,1204480,CVE-2022-21618,CVE-2022-21619,CVE-2022-21624,CVE-2022-21628,CVE-2022-39399
This update for java-17-openjdk fixes the following issues:

- Update to jdk-17.0.5+8 (October 2022 CPU)
- CVE-2022-39399: Improve HTTP/2 client usage(bsc#1204480)
- CVE-2022-21628: Better HttpServer service (bsc#1204472)
- CVE-2022-21624: Enhance icon presentations (bsc#1204475)
- CVE-2022-21619: Improve NTLM support (bsc#1204473)
- CVE-2022-21618: Wider MultiByte (bsc#1204468)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4081-1
Released:    Fri Nov 18 15:40:46 2022
Summary:     Security update for dpkg
Type:        security
Severity:    low
References:  1199944,CVE-2022-1664
This update for dpkg fixes the following issues:

- CVE-2022-1664: Fixed a directory traversal vulnerability in Dpkg::Source::Archive (bsc#1199944).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4082-1
Released:    Fri Nov 18 15:44:06 2022
Summary:     Security update for openjpeg
Type:        security
Severity:    important
References:  1140205,1149789,1179821,1180043,1180044,1180046,CVE-2018-20846,CVE-2018-21010,CVE-2020-27824,CVE-2020-27842,CVE-2020-27843,CVE-2020-27845
This update for openjpeg fixes the following issues:

-  CVE-2018-20846: Fixed an Out-of-bounds accesses in pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi_next_rpcl, and pi_next_cprl in openmj2/pi.  (bsc#1140205)
-  CVE-2018-21010: Fixed a heap buffer overflow in color_apply_icc_profile in bin/common/color.c  (bsc#1149789)
-  CVE-2020-27824: Fixed an OOB read in opj_dwt_calc_explicit_stepsizes() (bsc#1179821)
-  CVE-2020-27842: Fixed null pointer dereference in opj_tgt_reset function in lib/openjp2/tgt.c (bsc#1180043)
-  CVE-2020-27843: Fixed an out-of-bounds read in opj_t2_encode_packet function in openjp2/t2.c (bsc#1180044)
-  CVE-2020-27845: Fixed a heap-based buffer over-read in functions opj_pi_next_rlcp, opj_pi_next_rpcl and opj_pi_next_lrcp in openjp2/pi.c (bsc#1180046)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4085-1
Released:    Fri Nov 18 16:38:57 2022
Summary:     Security update for MozillaThunderbird
Type:        security
Severity:    important
References:  1204421,1205270,CVE-2022-42927,CVE-2022-42928,CVE-2022-42929,CVE-2022-42932,CVE-2022-45403,CVE-2022-45404,CVE-2022-45405,CVE-2022-45406,CVE-2022-45408,CVE-2022-45409,CVE-2022-45410,CVE-2022-45411,CVE-2022-45412,CVE-2022-45416,CVE-2022-45418,CVE-2022-45420,CVE-2022-45421
This update for MozillaThunderbird fixes the following issues:

- Fixed various security issues (MFSA 2022-49, bsc#1205270):
  * CVE-2022-45403 (bmo#1762078)
    Service Workers might have learned size of cross-origin media
    files
  * CVE-2022-45404 (bmo#1790815)
    Fullscreen notification bypass
  * CVE-2022-45405 (bmo#1791314)
    Use-after-free in InputStream implementation
  * CVE-2022-45406 (bmo#1791975)
    Use-after-free of a JavaScript Realm
  * CVE-2022-45408 (bmo#1793829)
    Fullscreen notification bypass via windowName
  * CVE-2022-45409 (bmo#1796901)
    Use-after-free in Garbage Collection
  * CVE-2022-45410 (bmo#1658869)
    ServiceWorker-intercepted requests bypassed SameSite cookie
    policy
  * CVE-2022-45411 (bmo#1790311)
    Cross-Site Tracing was possible via non-standard override
    headers
  * CVE-2022-45412 (bmo#1791029)
    Symlinks may resolve to partially uninitialized buffers
  * CVE-2022-45416 (bmo#1793676)
    Keystroke Side-Channel Leakage
  * CVE-2022-45418 (bmo#1795815)
    Custom mouse cursor could have been drawn over browser UI
  * CVE-2022-45420 (bmo#1792643)
    Iframe contents could be rendered outside the iframe
  * CVE-2022-45421 (bmo#1767920, bmo#1789808, bmo#1794061)
    Memory safety bugs fixed in Thunderbird 102.5

- Fixed various security issues: (MFSA 2022-46, bsc#1204421):
  * CVE-2022-42927 (bmo#1789128)
    Same-origin policy violation could have leaked cross-origin
    URLs
  * CVE-2022-42928 (bmo#1791520)
    Memory Corruption in JS Engine
  * CVE-2022-42929 (bmo#1789439)
    Denial of Service via window.print
  * CVE-2022-42932 (bmo#1789729, bmo#1791363, bmo#1792041)
    Memory safety bugs fixed in Thunderbird 102.4

- Mozilla Thunderbird 102.5
  * changed: `Ctrl+N` shortcut to create new contacts from
    address book restored (bmo#1751288)
  * fixed: Account Settings UI did not update to reflect default
    identity changes (bmo#1782646)
  * fixed: New POP mail notifications were incorrectly shown for
    messages marked by filters as read or junk (bmo#1787531)
  * fixed: Connecting to an IMAP server configured to use
    `PREAUTH` caused Thunderbird to hang (bmo#1798161)
  * fixed: Error responses received in greeting header from NNTP
    servers did not display error message (bmo#1792281)
  * fixed: News messages sent using 'Send Later' failed to send
    after going back online (bmo#1794997)
  * fixed: 'Download/Sync Now...' did not completely sync all
    newsgroups before going offline (bmo#1795547)
  * fixed: Username was missing from error dialog on failed login
    to news server (bmo#1796964)
  * fixed: Thunderbird can now fetch RSS channel feeds with
    incomplete channel URL (bmo#1794775)
  * fixed: Add-on 'Contribute' button in Add-ons Manager did not
    work (bmo#1795751)
  * fixed: Help text for `/part` Matrix command was incorrect
    (bmo#1795578)
  * fixed: Invite Attendees dialog did not fetch free/busy info
    for attendees with encoded characters in their name
    (bmo#1797927)

- Mozilla Thunderbird 102.4.2
  * changed: 'Address Book' button in Account Central will now
    create a CardDAV address book instead of a local address book
    (bmo#1793903)
  * fixed: Messages fetched from POP server in `Fetch headers
    only` mode disappeared when moved to different folder by
    filter action (bmo#1793374)
  * fixed: Thunderbird re-downloaded locally deleted messages
    from a POP server when 'Leave messages on server' and 'Until
    I delete them' were enabled (bmo#1796903)
  * fixed: Multiple password prompts for the same POP account
    could be displayed (bmo#1786920)
  * fixed: IMAP authentication failed on next startup if ImapMail
    folder was deleted by user (bmo#1793599)
  * fixed: Retrieving passwords for authenticated NNTP accounts
    could fail due to obsolete preferences in a users profile on
    every startup (bmo#1770594)
  * fixed: `Get Next n Messages` did not consistently fetch all
    messages requested from NNTP server (bmo#1794185)
  * fixed: `Get Messages` button unable to fetch messages from
    NNTP server if root folder not selected (bmo#1792362)
  * fixed: Thunderbird text branding did not always match locale
    of localized build (bmo#1786199)
  * fixed: Thunderbird installer and Thunderbird updater created
    Windows shortcuts with different names (bmo#1787264)
  * fixed: LDAP search filters unable to work with non-ASCII
    characters (bmo#1794306)
  * fixed: 'Today' highlighting in Calendar Month view did not
    update after date change at midnight (bmo#1795176)

- Mozilla Thunderbird 102.4.1
  * new: Thunderbird will now catch and report errors parsing
    vCards that contain incorrectly formatted dates (bmo#1793415)
  * fixed: Dynamic language switching did not update interface
    when switched to right-to-left languages (bmo#1794289)
  * fixed: Custom header data was discarded after messages were
    saved as draft and reopened (bmo#195716)
  * fixed: `-remote` command line argument did not work,
    affecting integration with various applications such as
    LibreOffice (bmo#1793323)
  * fixed: Messages received via some SMS-to-email services could
    not display images (bmo#1774805)
  * fixed: VCards with nickname field set could not be edited
    (bmo#1793877)
  * fixed: Some recurring events were missing from Agenda on
    first load (bmo#1771168)
  * fixed: Download requests for remote ICS calendars incorrectly
    set 'Accept' header to text/xml (bmo#1793757)
  * fixed: Monthly events created on the 31st of a month with <30
    days placed first occurrence 1-2 days after the beginning of
    the following month (bmo#1266797)
  * fixed: Various visual and UX improvements
    (bmo#1781437,bmo#1785314,bmo#1794139,bmo#1794155,bmo#1794399)

  * changed: Thunderbird will automatically detect and repair
    OpenPGP key storage corruption caused by using the profile
    import tool in Thunderbird 102 (bmo#1790610)
  * fixed: POP message download into a large folder (~13000
    messages) caused Thunderbird to temporarily freeze
    (bmo#1792675)
  * fixed: Forwarding messages with special characters in Subject
    failed on Windows (bmo#1782173)
  * fixed: Links for FileLink attachments were not added when
    attachment filename contained Unicode characters
    (bmo#1789589)
  * fixed: Address Book display pane continued to show contacts
    after deletion (bmo#1777808)
  * fixed: Printing address book did not include all contact
    details (bmo#1782076)
  * fixed: CardDAV contacts without a Name property did not save
    to Google Contacts (bmo#1792101)
  * fixed: 'Publish Calendar' did not work (bmo#1794471)
  * fixed: Calendar database storage improvements (bmo#1792124)
  * fixed: Incorrectly handled error responses from CalDAV
    servers sometimes caused events to disappear from calendar
    (bmo#1792923)
  * fixed: Various visual and UX improvements (bmo#1776093,bmo#17
    80040,bmo#1780425,bmo#1792876,bmo#1792872,bmo#1793466,bmo#179
    3543)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4131-1
Released:    Sat Nov 19 10:25:11 2022
Summary:     Recommended update for rust, rust1.65
Type:        recommended
Severity:    moderate
References:  1196328
This update for rust, rust1.65 fixes the following issues:

This update provides rust1.65 (jsc#SLE-18626)

Version 1.65.0 (2022-11-03)

==========================

Language
--------

- Error on `as` casts of enums with `#[non_exhaustive]` variants
- Stabilize `let else`
- Stabilize generic associated types (GATs)
- Add lints `let_underscore_drop`, `let_underscore_lock`, and `let_underscore_must_use` from Clippy
- Stabilize `break`ing from arbitrary labeled blocks ('label-break-value')
- Uninitialized integers, floats, and raw pointers are now considered immediate UB
  sage of `MaybeUninit` is the correct way to work with uninitialized memory.
- Stabilize raw-dylib for Windows x86_64, aarch64, and thumbv7a
- Do not allow `Drop` impl on foreign ADTs

Compiler
--------

- Stabilize -Csplit-debuginfo on Linux
- Use niche-filling optimization even when multiple variants have data
- Associated type projections are now verified to be well-formed prior to resolving the underlying type
- Stringify non-shorthand visibility correctly
- Normalize struct field types when unsizing
- Update to LLVM 15
- Fix aarch64 call abi to correctly zeroext when needed
- debuginfo: Generalize C++-like encoding for enums
- Add `special_module_name` lint
- Add support for generating unique profraw files by default when using `-C instrument-coverage`
- Allow dynamic linking for iOS/tvOS targets

Libraries
---------

- Don't generate `PartialEq::ne` in derive(PartialEq)
- Windows RNG: Use `BCRYPT_RNG_ALG_HANDLE` by default
- Forbid mixing `System` with direct system allocator calls
- Document no support for writing to non-blocking stdio/stderr
- `std::layout::Layout` size must not overflow `isize::MAX` when rounded up to `align`
  This also changes the safety conditions on `Layout::from_size_align_unchecked`.

Stabilized APIs
---------------

- `std::backtrace::Backtrace`
- `Bound::as_ref`
- `std::io::read_to_string`
- `<*const T>::cast_mut`
- `<*mut T>::cast_const`
Thse APIs are now stable in const contexts:
- `<*const T>::offset_from`
- `<*mut T>::offset_from`

Cargo
-----

- Apply GitHub fast path even for partial hashes
- Do not add home bin path to PATH if it's already there
- Take priority into account within the pending queue
  This slightly optimizes job scheduling by Cargo, with typically small improvements on larger crate graph builds.

Compatibility Notes
-------------------

- `std::layout::Layout` size must not overflow `isize::MAX` when rounded up to `align`
  This also changes the safety conditions on `Layout::from_size_align_unchecked`.
- `PollFn` now only implements `Unpin` if the closure is `Unpin`
  This is a possible breaking change if users were relying on the blanket unpin implementation.
  See discussion on the PR for details of why this change was made.
- Drop ExactSizeIterator impl from std::char::EscapeAscii
  This is a backwards-incompatible change to the standard library's surface
  area, but is unlikely to affect real world usage.
- Do not consider a single repeated lifetime eligible for elision in the return type
  This behavior was unintentionally changed in 1.64.0, and this release reverts that change by making this an error again.
- Reenable disabled early syntax gates as future-incompatibility lints
- Update the minimum external LLVM to 13
- Don't duplicate file descriptors into stdio fds
- Sunset RLS
- Deny usage of `#![cfg_attr(..., crate_type = ...)]` to set the crate type
  This strengthens the forward compatibility lint deprecated_cfg_attr_crate_type_name to deny.
- `llvm-has-rust-patches` allows setting the build system to treat the LLVM as having Rust-specific patches
  This option may need to be set for distributions that are building Rust with a patched LLVM via `llvm-config`, not the built-in LLVM.

Changes in rust:

- Update to version 1.65.0 - for details see the rust1.65 package
- Enable armv6 again - bsc#1196328


This update also ships 'cargo-auditable', a tool to embed crate information into ELF binaries.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4133-1
Released:    Mon Nov 21 00:11:56 2022
Summary:     Recommended update for python-webencodings
Type:        recommended
Severity:    low
References:  1203743
This update for python-webencodings fixes the following issue:

- Loose the filelist for the package info to avoid build failure (bsc#1203743)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4134-1
Released:    Mon Nov 21 00:12:57 2022
Summary:     Recommended update for python-crcmod
Type:        recommended
Severity:    low
References:  1203453
This update for python-crcmod fixes the following issues:

- Replace python-base with python-devel in BuildRequires (bsc#1203453)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4135-1
Released:    Mon Nov 21 00:13:40 2022
Summary:     Recommended update for libeconf
Type:        recommended
Severity:    moderate
References:  1198165
This update for libeconf fixes the following issues:

- Update to version 0.4.6+git
  - econftool:
    Parsing error: Reporting file and line nr. --delimeters=spaces accepting all kind of spaces for delimiter.
  - libeconf:
    Parse files correctly on space characters (1198165)

- Update to version 0.4.5+git
  - econftool:
    New call 'syntax' for checking the configuration files only. Returns an error string with line number if error.
    New options '--comment' and '--delimeters'

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4138-1
Released:    Mon Nov 21 02:21:02 2022
Summary:     Recommended update for python-msgpack
Type:        recommended
Severity:    important
References:  1203743
This update for python-msgpack fixes the following issues:

- Fix build failures on SUSE Linux Enterprise 15 Service Pack 5 (bsc#1203743)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4146-1
Released:    Mon Nov 21 09:56:12 2022
Summary:     Security update for binutils
Type:        security
Severity:    moderate
References:  1142579,1185597,1185712,1188374,1191473,1193929,1194783,1197592,1198237,1202816,1202966,1202967,1202969,CVE-2019-1010204,CVE-2021-3530,CVE-2021-3648,CVE-2021-3826,CVE-2021-45078,CVE-2021-46195,CVE-2022-27943,CVE-2022-38126,CVE-2022-38127,CVE-2022-38533
This update for binutils fixes the following issues:

The following security bugs were fixed:

- CVE-2019-1010204: Fixed out-of-bounds read in elfcpp/elfcpp_file.h (bsc#1142579).
- CVE-2021-3530: Fixed stack-based buffer overflow in demangle_path() in rust-demangle.c (bsc#1185597).
- CVE-2021-3648: Fixed infinite loop while demangling rust symbols (bsc#1188374).
- CVE-2021-3826: Fixed heap/stack buffer overflow in the dlang_lname function in d-demangle.c (bsc#1202969).
- CVE-2021-45078: Fixed out-of-bounds write in stab_xcoff_builtin_type() in stabs.c (bsc#1193929).
- CVE-2021-46195: Fixed uncontrolled recursion in libiberty/rust-demangle.c (bsc#1194783).
- CVE-2022-27943: Fixed stack exhaustion in demangle_const in (bsc#1197592).
- CVE-2022-38126: Fixed assertion fail in the display_debug_names() function in binutils/dwarf.c (bsc#1202966).
- CVE-2022-38127: Fixed NULL pointer dereference in the read_and_display_attr_value() function in binutils/dwarf.c (bsc#1202967).
- CVE-2022-38533: Fixed heap out-of-bounds read in bfd_getl32 (bsc#1202816).


The following non-security bugs were fixed:
  
- SLE toolchain update of binutils, update to 2.39 from 2.37.
- Update to 2.39:  
  * The ELF linker will now generate a warning message if the stack is made
    executable.  Similarly it will warn if the output binary contains a
    segment with all three of the read, write and execute permission
    bits set.  These warnings are intended to help developers identify
    programs which might be vulnerable to attack via these executable
    memory regions.
    The warnings are enabled by default but can be disabled via a command
    line option.  It is also possible to build a linker with the warnings
    disabled, should that be necessary.
  * The ELF linker now supports a --package-metadata option that allows
    embedding a JSON payload in accordance to the Package Metadata
    specification. 
  * In linker scripts it is now possible to use TYPE=<type> in an output
    section description to set the section type value.
  * The objdump program now supports coloured/colored syntax
    highlighting of its disassembler output for some architectures.
    (Currently: AVR, RiscV, s390, x86, x86_64).
  * The nm program now supports a --no-weak/-W option to make it ignore
    weak symbols.
  * The readelf and objdump programs now support a -wE option to prevent
    them from attempting to access debuginfod servers when following
    links.
  * The objcopy program's --weaken, --weaken-symbol, and
    --weaken-symbols options now works with unique symbols as well.

- Update to 2.38:
  * elfedit: Add --output-abiversion option to update ABIVERSION.
  * Add support for the LoongArch instruction set.
  * Tools which display symbols or strings (readelf, strings, nm, objdump)
    have a new command line option which controls how unicode characters are
    handled.  By default they are treated as normal for the tool.  Using
    --unicode=locale will display them according to the current locale.
    Using --unicode=hex will display them as hex byte values, whilst
    --unicode=escape will display them as escape sequences.  In addition
    using --unicode=highlight will display them as unicode escape sequences
    highlighted in red (if supported by the output device).
  * readelf -r dumps RELR relative relocations now.
  * Support for efi-app-aarch64, efi-rtdrv-aarch64 and efi-bsdrv-aarch64 has been
    added to objcopy in order to enable UEFI development using binutils.
  * ar: Add --thin for creating thin archives. -T is a deprecated alias without
    diagnostics. In many ar implementations -T has a different meaning, as
    specified by X/Open System Interface.
  * Add support for AArch64 system registers that were missing in previous
    releases.
  * Add support for the LoongArch instruction set.
  * Add a command-line option, -muse-unaligned-vector-move, for x86 target
    to encode aligned vector move as unaligned vector move.
  * Add support for Cortex-R52+ for Arm.
  * Add support for Cortex-A510, Cortex-A710, Cortex-X2 for AArch64.
  * Add support for Cortex-A710 for Arm.
  * Add support for Scalable Matrix Extension (SME) for AArch64.
  * The --multibyte-handling=[allow|warn|warn-sym-only] option tells the
    assembler what to when it encoutners multibyte characters in the input.  The
    default is to allow them.  Setting the option to 'warn' will generate a
    warning message whenever any multibyte character is encountered.  Using the
    option to 'warn-sym-only' will make the assembler generate a warning whenever a
    symbol is defined containing multibyte characters.  (References to undefined
    symbols will not generate warnings).
  * Outputs of .ds.x directive and .tfloat directive with hex input from
    x86 assembler have been reduced from 12 bytes to 10 bytes to match the
    output of .tfloat directive.
  * Add support for 'armv8.8-a', 'armv9-a', 'armv9.1-a', 'armv9.2-a' and
    'armv9.3-a' for -march in AArch64 GAS.
  * Add support for 'armv8.7-a', 'armv8.8-a', 'armv9-a', 'armv9.1-a',
    'armv9.2-a' and 'armv9.3-a' for -march in Arm GAS.
  * Add support for Intel AVX512_FP16 instructions.
  * Add -z pack-relative-relocs/-z no pack-relative-relocs to x86 ELF
    linker to pack relative relocations in the DT_RELR section.
  * Add support for the LoongArch architecture.
  * Add -z indirect-extern-access/-z noindirect-extern-access to x86 ELF
    linker to control canonical function pointers and copy relocation.
  * Add --max-cache-size=SIZE to set the the maximum cache size to SIZE
    bytes.
- Explicitly enable --enable-warn-execstack=yes and	--enable-warn-rwx-segments=yes.
- Add gprofng subpackage.
- Include recognition of 'z16' name for 'arch14' on s390. (bsc#1198237).
- Add back fix for bsc#1191473, which got lost in the update to 2.38.
- Install symlinks for all target specific tools on arm-eabi-none (bsc#1185712).
- Enable PRU architecture for AM335x CPU (Beagle Bone Black board)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4152-1
Released:    Mon Nov 21 14:16:26 2022
Summary:     Recommended update for novnc
Type:        recommended
Severity:    low
References:  1201933
This update for novnc fixes the following issues:

- For greater compatibility specify string binary as protocol (bsc#1201933)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4160-1
Released:    Tue Nov 22 10:10:37 2022
Summary:     Recommended update for nfsidmap
Type:        recommended
Severity:    moderate
References:  1200901
This update for nfsidmap fixes the following issues:

- Various bugfixes and improvemes from upstream In particular, fixed
  a crash that can happen when a 'static' mapping is configured.
  (bsc#1200901)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4164-1
Released:    Tue Nov 22 10:58:37 2022
Summary:     Recommended update for PackageKit
Type:        recommended
Severity:    moderate
References:  1199895,1202585
This update for PackageKit fixes the following issues:

- Ensure that package locks are honored (bsc#1199895):
  * Avoid clearing status information on locked packages
  * Check if packages are locked before attempting to remove them
  * Don't refresh repos before searching
  * Updatelibzypp dependency version to 17.31.0
  * Restore pool status after simulating an update

- Add repository data in the package id (bsc#1202585)
- Implement upgrade-system method in openSUSE Leap (not supported in SUSE Linux Enterprise)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4166-1
Released:    Tue Nov 22 11:08:48 2022
Summary:     Security update for java-1_8_0-ibm
Type:        security
Severity:    important
References:  1201684,1201685,1201692,1201694,1202427,1204468,1204471,1204472,1204473,1204475,1204480,1205302,CVE-2022-21540,CVE-2022-21541,CVE-2022-21549,CVE-2022-21618,CVE-2022-21619,CVE-2022-21624,CVE-2022-21626,CVE-2022-21628,CVE-2022-34169,CVE-2022-39399
This update for java-1_8_0-ibm fixes the following issues:

- CVE-2022-21626: An unauthenticated attacker with network access via HTTPS can compromise Oracle Java SE, Oracle GraalVM Enterprise Edition (bsc#1204471).
- CVE-2022-21618: An unauthenticated attacker with network access via Kerberos can compromise Oracle Java SE, Oracle GraalVM Enterprise Edition (bsc#1204468).
- CVE-2022-21619: An unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE (bsc#1204473).
- CVE-2022-21628: An unauthenticated attacker with network access via HTTP can compromise Oracle Java SE, Oracle GraalVM Enterprise Edition (bsc#1204472).
- CVE-2022-21624: An unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise (bsc#1204475).
- CVE-2022-39399: An unauthenticated attacker with network access via HTTP can compromise Oracle Java SE, Oracle GraalVM Enterprise Edition (bsc#1204480).
- CVE-2022-21549: Fixed exponentials issue (bsc#1201685).
- CVE-2022-21541: Fixed an improper restriction of MethodHandle.invokeBasic() (bsc#1201692).
- CVE-2022-34169; Fixed an integer truncation issue in Xalan (bsc#1201684).
- CVE-2022-21540: Fixed a class compilation issue (bsc#1201694).


- Update to Java 8.0 Service Refresh 7 Fix Pack 20.
  * Security:
    - The IBM ORB Does Not Support Object-Serialisation Data Filtering
    - Large Allocation In CipherSuite
    - Avoid Evaluating Sslalgorithmconstraints Twice
    - Cache The Results Of Constraint Checks
    - An incorrect ShortBufferException is thrown by IBMJCEPlus,
      IBMJCEPlusFIPS during cipher update operation
    - Disable SHA-1 Signed Jars For Ea
    - JSSE Performance Improvement
    - Oracle Road Map Kerberos Deprecation Of 3DES And RC4 Encryption
  * Java 8/Orb:
    - Upgrade ibmcfw.jar To Version o2228.02
  * Class Libraries:
    - Crash In Libjsor.So During An Rdma Failover
    - High CPU Consumption Observed In ZosEventPort$EventHandlerTask.run
    - Update Timezone Information To The Latest tzdata2022c
  * Jit Compiler:
    - Crash During JIT Compilation
    - Incorrect JIT Optimization Of Java Code
    - Incorrect Return From Class.isArray()
    - Unexpected ClassCastException
    - Performance Regression When Calling VM Helper Code On X86
  * X/Os Extentions:
    - Add RSA-OAEP Cipher Function To IBMJCECCA

- Update to Java 8.0 Service Refresh 7 Fix Pack 16
  * Java Virtual Machine
    - Assertion failure at ClassLoaderRememberedSet.cpp
	- Assertion failure at StandardAccessBarrier.cpp when
	  -Xgc:concurrentScavenge is set.
    - GC can have unflushed ownable synchronizer objects which
	  can eventually lead to heap corruption and failure when
	  -Xgc:concurrentScavenge is set.
  *	JIT Compiler:
    - Incorrect JIT optimization of Java code
    - JAVA JIT Power: JIT compile time assert on AIX or LINUXPPC
  *	Reliability and Serviceability:
    - javacore with 'kill -3' SIGQUIT signal freezes Java process

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4168-1
Released:    Tue Nov 22 14:14:11 2022
Summary:     Security update for redis
Type:        security
Severity:    low
References:  1204633,CVE-2022-3647
This update for redis fixes the following issues:

  - CVE-2022-3647: Fixed crash in sigsegvHandler debug function (bsc#1204633).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4189-1
Released:    Wed Nov 23 10:13:39 2022
Summary:     Recommended update for abseil-cpp
Type:        recommended
Severity:    moderate
References:  1203378,1203379
This update for abseil-cpp fixes the following issues:

- Adjust headers ABI info to fix linker error when using new compilers (bsc#1203378)
- Do not make programs compiled with abseil require new-ish CPUs (bsc#1203379)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4194-1
Released:    Wed Nov 23 12:12:07 2022
Summary:     Security update for ffmpeg-4
Type:        security
Severity:    important
References:  1205388,CVE-2022-3964
This update for ffmpeg-4 fixes the following issues:

- CVE-2022-3964: Fixed out of bounds read in update_block_in_prev_frame() (bsc#1205388).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4198-1
Released:    Wed Nov 23 13:15:04 2022
Summary:     Recommended update for rpm
Type:        recommended
Severity:    moderate
References:  1202750
This update for rpm fixes the following issues:

- Strip critical bit in signature subpackage parsing
- No longer deadlock DNF after pubkey import (bsc#1202750)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4200-1
Released:    Wed Nov 23 14:04:50 2022
Summary:     Recommended update for perl-DBD-SQLite
Type:        recommended
Severity:    low
References:  1203742
This update for perl-DBD-SQLite fixes the following issues:

- Fixed a failing test when comparing lowercase data (bsc#1203742)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4204-1
Released:    Wed Nov 23 16:57:51 2022
Summary:     Security update for keylime
Type:        security
Severity:    moderate
References:  1204782,CVE-2022-3500
This update for keylime fixes the following issues:

  - CVE-2022-3500: Fixed vulnerability where a node seems as attested when in reality it is not properly attested (bsc#1204782).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4205-1
Released:    Wed Nov 23 17:34:41 2022
Summary:     Security update for net-snmp
Type:        security
Severity:    moderate
References:  1201103,CVE-2022-24805,CVE-2022-24806,CVE-2022-24807,CVE-2022-24808,CVE-2022-24809,CVE-2022-24810
This update for net-snmp fixes the following issues:

  Updated to version 5.9.3 (bsc#1201103, jsc#SLE-11203):

  - CVE-2022-24805: Fixed a buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB that can cause an out-of-bounds memory access.
  - CVE-2022-24809: Fixed a malformed OID in a GET-NEXT to the nsVacmAccessTable that can cause a NULL pointer dereference.
  - CVE-2022-24806: Fixed an improper Input Validation when SETing malformed OIDs in master agent and subagent simultaneously.
  - CVE-2022-24807: Fixed a malformed OID in a SET request to SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable can cause an out-of-bounds memory access.
  - CVE-2022-24808: Fixed a malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference.
  - CVE-2022-24810: Fixed a malformed OID in a SET to the nsVacmAccessTable can cause a NULL pointer dereference.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4206-1
Released:    Wed Nov 23 17:35:17 2022
Summary:     Security update for pixman
Type:        security
Severity:    important
References:  1205033,CVE-2022-44638
This update for pixman fixes the following issues:

- CVE-2022-44638: Fixed an integer overflow in pixman_sample_floor_y leading to heap out-of-bounds write (bsc#1205033).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4207-1
Released:    Wed Nov 23 17:35:48 2022
Summary:     Security update for webkit2gtk3
Type:        security
Severity:    important
References:  1205120,1205121,1205122,1205123,1205124,CVE-2022-32888,CVE-2022-32923,CVE-2022-42799,CVE-2022-42823,CVE-2022-42824

Security fixes:

- CVE-2022-32888: Fixed possible arbitrary code execution via maliciously crafted web content (bsc#1205121).
- CVE-2022-32923: Fixed possible information leak via maliciously crafted web content (bsc#1205122).
- CVE-2022-42799: Fixed user interface spoofing when visiting a malicious website (bsc#1205123).
- CVE-2022-42823: Fixed possible arbitrary code execution via maliciously crafted web content (bsc#1205120).
- CVE-2022-42824: Fixed possible sensitive user information leak via maliciously crafted web content (bsc#1205124).

Update to version 2.38.2:

  - Fix scrolling issues in some sites having fixed background.
  - Fix prolonged buffering during progressive live playback.
  - Fix the build with accessibility disabled.
  - Fix several crashes and rendering issues.
    
Update to version 2.38.1:

  - Make xdg-dbus-proxy work if host session bus address is an
    abstract socket.
  - Use a single xdg-dbus-proxy process when sandbox is enabled.
  - Fix high resolution video playback due to unimplemented
    changeType operation.
  - Ensure GSubprocess uses posix_spawn() again and inherit file
    descriptors.
  - Fix player stucking in buffering (paused) state for progressive
    streaming.
  - Do not try to preconnect on link click when link preconnect
    setting is disabled.
  - Fix close status code returned when the client closes a
    WebSocket in some cases.
  - Fix media player duration calculation.
  - Fix several crashes and rendering issues.

Update to version 2.38.0:

  - New media controls UI style.
  - Add new API to set WebView's Content-Security-Policy for web
    extensions support.
  - Make it possible to use the remote inspector from other
    browsers using WEBKIT_INSPECTOR_HTTP_SERVER env var.
  - MediaSession is enabled by default, allowing remote media
    control using MPRIS.
  - Add support for PDF documents using PDF.js.
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4209-1
Released:    Wed Nov 23 17:36:43 2022
Summary:     Security update for libarchive
Type:        security
Severity:    low
References:  1205629,CVE-2022-36227
This update for libarchive fixes the following issues:

- CVE-2022-36227: Fixed potential NULL pointer dereference in __archive_write_allocate_filter() (bsc#1205629).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4213-1
Released:    Thu Nov 24 15:54:17 2022
Summary:     Recommended update for libnvidia-container, nvidia-container-toolkit
Type:        recommended
Severity:    moderate
References:  
This update for libnvidia-container, nvidia-container-toolkit fixes the following issues:

Both nvidia-container-toolkit and libnvidia-container were updated to version 1.11.0 (jsc#SLE-18750):


1.11.0:

- Added support for injection of GPUDirect Storage and MOFED devices into containerized environments.

1.10.0:

- Improving support for Tegra-based systems

1.9.0:

- Added multi-arch support for the container-toolkit images.
- Enhancements for use on Tegra-systems and some notable bugfixes.

1.8.1:

- This release is a bugfix release that fixes issues around cgroups found in NVIDIA Container Toolkit 1.8.0.

1.8.0:

- It adds cgroupv2 support to the NVIDIA Container Toolkit and removes packaging support for Amazonlinux1.


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4214-1
Released:    Thu Nov 24 16:17:31 2022
Summary:     Security update for libdb-4_8
Type:        security
Severity:    low
References:  1174414,CVE-2019-2708
This update for libdb-4_8 fixes the following issues:

- CVE-2019-2708: Fixed partial DoS due to data store execution (bsc#1174414).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4215-1
Released:    Thu Nov 24 16:48:05 2022
Summary:     Security update for erlang
Type:        security
Severity:    important
References:  1205318,CVE-2022-37026
This update for erlang fixes the following issues:

- CVE-2022-37026: fixed a client authorization bypass vulnerability for SSL,
  TLS, and DTLS in Erlang/OTP. [bsc#1205318]

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4217-1
Released:    Fri Nov 25 07:23:35 2022
Summary:     Recommended update for wget
Type:        recommended
Severity:    moderate
References:  1204720
This update for wget fixes the following issues:

- Truncate long file names to prevent wget failures (bsc#1204720)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4224-1
Released:    Fri Nov 25 16:34:06 2022
Summary:     Security update for freerdp
Type:        security
Severity:    moderate
References:  1205563,1205564,CVE-2022-39318,CVE-2022-39319
This update for freerdp fixes the following issues:

- CVE-2022-39318: Fixed division by zero in urbdrc (bsc#1205563).
- CVE-2022-39319: Fixed missing input buffer length check in urbdrc (bsc#1205564).

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2022:4229-1
Released:    Fri Nov 25 18:18:05 2022
Summary:     Optional update for cmocka
Type:        optional
Severity:    low
References:  1204451
This update for cmocka fixes the following issues:

- Ship the package also to Server Applications Module (bsc#1204451)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4232-1
Released:    Fri Nov 25 18:19:06 2022
Summary:     Recommended update for llvm11
Type:        recommended
Severity:    low
References:  1189602
This update for llvm11 fixes the following issues:

- The LLVM test suite expects specific compressed binary payload but with
  IBM z HW compression that payload can vary and not match the software
  implementation, fixes testsuite errors (bsc#1189602)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4233-1
Released:    Fri Nov 25 18:19:33 2022
Summary:     Recommended update for publicsuffix
Type:        recommended
Severity:    low
References:  
This update for publicsuffix fixes the following issues:

- Update to version 20220903

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4234-1
Released:    Fri Nov 25 18:19:54 2022
Summary:     Recommended update for osc
Type:        recommended
Severity:    moderate
References:  
This update for osc fixes the following issues:

- 0.182.0
  - fix build on SLE12 / python 2.7
  - SSH auth: Fix getallmatchingheaders() output to correspond with headers.get_all()
  - send HTTP header Accept: application/xml
  - git_version: return version from the source code if there's no matching tag
- spec file:
  - Revert to python2 on SLE12
  - Recommend openssh for ssh key auth

- fix building on distros that are not openSUSE or SLE

- build against python3.6 for SLE12 and older

- 0.181.0
  - fix crash when 'pass' is not set in the config file
  - add missing attributes to Package when scm_url is set
  - fix failure to create config in current dir
  - update list of considered file names for ssh key autodetection
  - allow users to prefer ssh key over password auth
  - ssh: recognize gpg keys (yubikey usage)
  - fix operating on _project meta
  - revert 'interpretation of string literals in messages' that broke unicode handling
  - fix product build rpm caching
  - enable md5 revisions in osc log
  - parseRevisionOption(): raise an exception on invalid revisions 

- 0.180.0
  - warn when trying to commit a prj/pac managed in scm
  - fix crash on 'osc up' for git based package/projects
  - don't traceback on invalid credentials manager
  - improve README, rename it to README.md
  - declare OscHTTPSignatureAuthHandler as a new-style class
  - remove illegal character in comment 
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4238-1
Released:    Fri Nov 25 18:21:06 2022
Summary:     Recommended update for rekor
Type:        recommended
Severity:    moderate
References:  
This update for rekor fixes the following issues:

- updated to rekor 0.12.0 (jsc#SLE-23476)
- enable server build 

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4239-1
Released:    Fri Nov 25 18:21:20 2022
Summary:     Recommended update for plymouth
Type:        recommended
Severity:    low
References:  1203147
This update for plymouth fixes the following issues:

- Remove typo on patch to clear dracut 'command not found' error (bsc#1203147).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4256-1
Released:    Mon Nov 28 12:36:32 2022
Summary:     Recommended update for gcc12
Type:        recommended
Severity:    moderate
References:  
This update for gcc12 fixes the following issues:

This update ship the GCC 12 compiler suite and its base libraries.

The compiler baselibraries are provided for all SUSE Linux Enterprise 15
versions and replace the same named GCC 11 ones.

The new compilers for C, C++, and Fortran are provided for SUSE Linux
Enterprise 15 SP3 and SP4, and provided in the 'Development Tools' module.

The Go, D and Ada language compiler parts are available unsupported via the
PackageHub repositories.

To use gcc12 compilers use:

- install 'gcc12' or 'gcc12-c++' or one of the other 'gcc12-COMPILER' frontend packages.
- override your Makefile to use CC=gcc12, CXX=g++12 and similar overrides for the other languages.

For a full changelog with all new GCC12 features, check out

	https://gcc.gnu.org/gcc-12/changes.html


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4259-1
Released:    Mon Nov 28 15:42:54 2022
Summary:     Security update for tiff
Type:        security
Severity:    important
References:  1204641,1204643,1204644,1204645,1205392,CVE-2022-3597,CVE-2022-3599,CVE-2022-3626,CVE-2022-3627,CVE-2022-3970
This update for tiff fixes the following issues:

- CVE-2022-3597: Fixed out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c (bnc#1204641).
- CVE-2022-3599: Fixed out-of-bounds read in writeSingleSection in tools/tiffcrop.c (bnc#1204643).
- CVE-2022-3626: Fixed out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c (bnc#1204644)
- CVE-2022-3627: Fixed out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c (bnc#1204645).
- CVE-2022-3970: Fixed unsigned integer overflow in TIFFReadRGBATileExt() (bnc#1205392).

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2022:4261-1
Released:    Tue Nov 29 03:58:45 2022
Summary:     Feature update for libvpd
Type:        feature
Severity:    moderate
References:  
This feature update for libvpd fixes the following issues:

libvpd:
    
- New package at version 2.2.9 needed by lsvpd (jsc#SLE-25107, jsc#SLE-24497)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4263-1
Released:    Tue Nov 29 07:31:54 2022
Summary:     Recommended update for python-pyperclip
Type:        recommended
Severity:    important
References:  1203743
This update for python-pyperclip fixes the following issues:

- Fix build failures on SUSE Linux Enterprise 15 Service Pack 5 (bsc#1203743)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4278-1
Released:    Tue Nov 29 15:43:49 2022
Summary:     Security update for supportutils
Type:        security
Severity:    moderate
References:  1184689,1188086,1192252,1192648,1197428,1200330,1202269,1202337,1202417,1203818
This update for supportutils fixes the following issues:

Security issues fixed:

- Passwords correctly removed from email.txt, updates.txt and fs-iscsi.txt (bsc#1203818)

Bug fixes:

- Added lifecycle information
- Fixed KVM virtualization detection on bare metal (bsc#1184689)
- Added logging using journalctl (bsc#1200330)
- Get current sar data before collecting files (bsc#1192648)
- Collects everything in /etc/multipath/ (bsc#1192252)
- Collects power management information in hardware.txt (bsc#1197428)
- Checks for suseconnect-ng or SUSEConnect packages (bsc#1202337)
- Fixed conf_files and conf_text_files so y2log is gathered (bsc#1202269)
- Update to nvme_info and block_info (bsc#1202417)
- Added includedir directories from /etc/sudoers (bsc#1188086)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4281-1
Released:    Tue Nov 29 15:46:10 2022
Summary:     Security update for python3
Type:        security
Severity:    important
References:  1188607,1203125,1204577,CVE-2019-18348,CVE-2020-10735,CVE-2020-8492,CVE-2022-37454
This update for python3 fixes the following issues:

- CVE-2022-37454: Fixed a buffer overflow in hashlib.sha3_* implementations. (bsc#1204577)
- CVE-2020-10735: Fixed a bug to limit amount of digits converting text to int and vice vera. (bsc#1203125)

The following non-security bug was fixed:

- Fixed a crash in the garbage collection (bsc#1188607).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4299-1
Released:    Wed Nov 30 14:13:00 2022
Summary:     Recommended update for dconf
Type:        recommended
Severity:    moderate
References:  1203344,971074
This update for dconf fixes the following issues:

- Re-enable fix for `dconf update` to restore correct permissions on db files (bsc#971074, bsc#1203344)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4304-1
Released:    Thu Dec  1 09:11:59 2022
Summary:     Security update for emacs
Type:        security
Severity:    important
References:  1205822,CVE-2022-45939
This update for emacs fixes the following issues:

- CVE-2022-45939: Fixed shell command injection via source code files when using ctags (bsc#1205822).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4306-1
Released:    Thu Dec  1 09:27:10 2022
Summary:     Security update for bcel
Type:        security
Severity:    moderate
References:  1205125,CVE-2022-42920
This update for bcel fixes the following issues:

- CVE-2022-42920: Fixed producing arbitrary bytecode via out-of-bounds writing (bsc#1205125).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4308-1
Released:    Thu Dec  1 15:51:19 2022
Summary:     Security update for virt-v2v
Type:        security
Severity:    moderate
References:  1201064,CVE-2022-2211
This update for virt-v2v fixes the following issues:

- CVE-2022-2211: Fixed buffer overflow in get_keys (bsc#1201064).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4311-1
Released:    Fri Dec  2 11:02:43 2022
Summary:     Recommended update for open-vm-tools
Type:        recommended
Severity:    critical
References:  
This update for open-vm-tools fixes the following issues:

- Include binaries of open-vm-tools for ARM architecture aarch64 in SUSE Linux Enterprise 15 Service Pack 4
  (jsc#SLE-22385)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4312-1
Released:    Fri Dec  2 11:16:47 2022
Summary:     Recommended update for tar
Type:        recommended
Severity:    moderate
References:  1200657,1203600
This update for tar fixes the following issues:

- Fix unexpected inconsistency when making directory (bsc#1203600)
- Update race condition fix (bsc#1200657)

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2022:4313-1
Released:    Mon Dec  5 02:32:13 2022
Summary:     Feature update for python-cached-property, python-osc-tiny, python-responses
Type:        feature
Severity:    important
References:  
This update for python-cached-property, python-osc-tiny, python-responses fixes the following issues:

python-cached-property:    
    
- New package at version 1.5.2 (jsc#PED-1872, jsc#PED-1964)

python-responses:

- Version update from 0.10.12 to 0.21.0 (jsc#PED-1872, jsc#PED-1964) 
- Dropped support of Python 2.7, 3.5, 3.6
- For the full list of changes please read the packaged CHANGES file or https://github.com/getsentry/responses/releases

python-osc-tiny:
    
- New package at version 0.7.5 (jsc#PED-1872, jsc#PED-1964)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4326-1
Released:    Tue Dec  6 03:22:25 2022
Summary:     Recommended update for hawk2
Type:        recommended
Severity:    important
References:  1196673,1198647,1199258,1203367
This update for hawk2 fixes the following issues:

- Fix detection of partial upgrade (bsc#1196673,bsc#1203367)
- Improve handling of unmatched paths (bsc#1199258)
- Allow configuration of cookies to HttpOnly by the use of the environment variable HAWK_COOKIE_HTTP_ONLY=true 
  (bsc#1198647)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4328-1
Released:    Tue Dec  6 12:25:12 2022
Summary:     Recommended update for audit-secondary
Type:        recommended
Severity:    moderate
References:  1204844
This update for audit-secondary fixes the following issues:

- Fix rules not loaded when restarting auditd.service (bsc#1204844)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4334-1
Released:    Tue Dec  6 16:01:53 2022
Summary:     Security update for MozillaThunderbird
Type:        security
Severity:    important
References:  1205941,CVE-2022-45414
This update for MozillaThunderbird fixes the following issues:

Update to version 102.5.1:

- CVE-2022-45414: Quoting from an HTML email with certain tags will trigger network requests and load remote content, regardless of a configuration to block remote content (bsc#1205941).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4336-1
Released:    Tue Dec  6 16:27:50 2022
Summary:     Recommended update for gdb
Type:        recommended
Severity:    moderate
References:  

gdb was updated to version 12.1:

* DBX mode is deprecated, and will be removed in GDB 13.

* GDB 12 is the last release of GDB that will support building against
  Python 2.  From GDB 13, it will only be possible to build GDB itself
  with Python 3 support.

* Improved C++ template support:
  GDB now treats functions/types involving C++ templates like it does function
  overloads.  Users may omit parameter lists to set breakpoints on families of
  template functions, including types/functions composed of multiple template types:

    (gdb) break template_func(template_1, int)

  The above will set breakpoints at every function `template_func' where
  the first function parameter is any template type named `template_1' and
  the second function parameter is `int'.
  TAB completion also gains similar improvements.

* New commands:

  - maint set backtrace-on-fatal-signal on|off
  - maint show backtrace-on-fatal-signal

  This setting is 'on' by default.  When 'on' GDB will print a limited
  backtrace to stderr in the situation where GDB terminates with a
  fatal signal.  This only supported on some platforms where the
  backtrace and backtrace_symbols_fd functions are available.

  - set source open on|off
  - show source open

  This setting, which is on by default, controls whether GDB will try
  to open source code files.  Switching this off will stop GDB trying
  to open and read source code files, which can be useful if the files
  are located over a slow network connection.

  - set varsize-limit
  - show varsize-limit

  These are now deprecated aliases for 'set max-value-size' and
  'show max-value-size'.

  - task apply [all | TASK-IDS...] [FLAG]... COMMAND

  Like 'thread apply', but applies COMMAND to Ada tasks.

  - watch [...] task ID

  Watchpoints can now be restricted to a specific Ada task.

  - maint set internal-error backtrace on|off
  - maint show internal-error backtrace
  - maint set internal-warning backtrace on|off
  - maint show internal-warning backtrace

  GDB can now print a backtrace of itself when it encounters either an
  internal-error, or an internal-warning.  This is on by default for
  internal-error and off by default for internal-warning.

  - set logging on|off

  Deprecated and replaced by 'set logging enabled on|off'.

  - set logging enabled on|off
  - show logging enabled

  These commands set or show whether logging is enabled or disabled.

  - exit

  You can now exit GDB by using the new command 'exit', in addition to
  the existing 'quit' command.

  - set debug threads on|off
  - show debug threads

  Print additional debug messages about thread creation and deletion.

  - set debug linux-nat on|off
  - show debug linux-nat

  These new commands replaced the old 'set debug lin-lwp' and 'show
  debug lin-lwp' respectively.  Turning this setting on prints debug
  messages relating to GDB's handling of native Linux inferiors.

  - maint flush source-cache

  Flush the contents of the source code cache.

  - maint set gnu-source-highlight enabled on|off
  - maint show gnu-source-highlight enabled

  Whether GDB should use the GNU Source Highlight library for adding
  styling to source code.  When off, the library will not be used, even
  when available.  When GNU Source Highlight isn't used, or can't add
  styling to a particular source file, then the Python Pygments
  library will be used instead.

  - set suppress-cli-notifications (on|off)
  - show suppress-cli-notifications

  This controls whether printing the notifications is suppressed for CLI.
  CLI notifications occur when you change the selected context
  (i.e., the current inferior, thread and/or the frame), or when
  the program being debugged stops (e.g., because of hitting a
  breakpoint, completing source-stepping, an interrupt, etc.).

  - set style disassembler enabled on|off
  - show style disassembler enabled

  If GDB is compiled with Python support, and the Python Pygments
  package is available, then, when this setting is on, disassembler
  output will have styling applied.

  - set ada source-charset
  - show ada source-charset

  Set the character set encoding that is assumed for Ada symbols.  Valid
  values for this follow the values that can be passed to the GNAT
  compiler via the '-gnati' option.  The default is ISO-8859-1.

* Changed commands:

  - print

  Printing of floating-point values with base-modifying formats like
  /x has been changed to display the underlying bytes of the value in
  the desired base.  This was GDB's documented behavior, but was never
  implemented correctly.

  - maint packet

  This command can now print a reply, if the reply includes
  non-printable characters.  Any non-printable characters are printed
  as escaped hex, e.g. \x?? where '??' is replaces with the value of
  the non-printable character.

  - clone-inferior

  The clone-inferior command now ensures that the TTY, CMD and ARGS
  settings are copied from the original inferior to the new one.
  All modifications to the environment variables done using the 'set
  environment' or 'unset environment' commands are also copied to the new
  inferior.

  - set debug lin-lwp on|off
  - show debug lin-lwp

  These commands have been removed from GDB.  The new command 'set
  debug linux-nat' and 'show debug linux-nat' should be used
  instead.

  - info win

  This command now includes information about the width of the tui
  windows in its output.

* GDB's Ada parser now supports an extension for specifying the exact
  byte contents of a floating-point literal.  This can be useful for
  setting floating-point registers to a precise value without loss of
  precision.  The syntax is an extension of the based literal syntax.
  Use, e.g., '16lf#0123abcd#' -- the number of 'l's controls the width
  of the floating-point type, and the 'f' is the marker for floating
  point.

* MI changes:

 ** The '-add-inferior' with no option flags now inherits the
    connection of the current inferior, this restores the behaviour of
    GDB as it was prior to GDB 10.

 ** The '-add-inferior' command now accepts a '--no-connection'
    option, which causes the new inferior to start without a
    connection.

* Python API:

  ** New function gdb.add_history(), which takes a gdb.Value object
     and adds the value it represents to GDB's history list.  An
     integer, the index of the new item in the history list, is
     returned.

  ** New function gdb.history_count(), which returns the number of
     values in GDB's value history.

  ** New gdb.events.gdb_exiting event.  This event is called with a
     gdb.GdbExitingEvent object which has the read-only attribute
     'exit_code', which contains the value of the GDB exit code.  This
     event is triggered once GDB decides it is going to exit, but
     before GDB starts to clean up its internal state.

  ** New function gdb.architecture_names(), which returns a list
     containing all of the possible Architecture.name() values.  Each
     entry is a string.

  ** New function gdb.Architecture.integer_type(), which returns an
     integer type given a size and a signed-ness.

  ** New gdb.TargetConnection object type that represents a connection
     (as displayed by the 'info connections' command).  A sub-class,
     gdb.RemoteTargetConnection, is used to represent 'remote' and
     'extended-remote' connections.

  ** The gdb.Inferior type now has a 'connection' property which is an
     instance of gdb.TargetConnection, the connection used by this
     inferior.  This can be None if the inferior has no connection.

  ** New 'gdb.events.connection_removed' event registry, which emits a
     'gdb.ConnectionEvent' when a connection is removed from GDB.
     This event has a 'connection' property, a gdb.TargetConnection
     object for the connection being removed.

  ** New gdb.connections() function that returns a list of all
     currently active connections.

  ** New gdb.RemoteTargetConnection.send_packet(PACKET) method.  This
     is equivalent to the existing 'maint packet' CLI command; it
     allows a user specified packet to be sent to the remote target.

  ** New function gdb.host_charset(), returns a string, which is the
     name of the current host charset.

  ** New gdb.set_parameter(NAME, VALUE).  This sets the gdb parameter
     NAME to VALUE.

  ** New gdb.with_parameter(NAME, VALUE).  This returns a context
     manager that temporarily sets the gdb parameter NAME to VALUE,
     then resets it when the context is exited.

  ** The gdb.Value.format_string method now takes a 'styling'
     argument, which is a boolean.  When true, the returned string can
     include escape sequences to apply styling.  The styling will only
     be present if styling is otherwise turned on in GDB (see 'help
     set styling').  When false, which is the default if the argument
     is not given, then no styling is applied to the returned string.

  ** New read-only attribute gdb.InferiorThread.details, which is
     either a string, containing additional, target specific thread
     state information, or None, if there is no such additional
     information.

  ** New read-only attribute gdb.Type.is_scalar, which is True for
     scalar types, and False for all other types.

  ** New read-only attribute gdb.Type.is_signed.  This attribute
     should only be read when Type.is_scalar is True, and will be True
     for signed types, and False for all other types.  Attempting to
     read this attribute for non-scalar types will raise a ValueError.

  ** It is now possible to add GDB/MI commands implemented in Python.

Update libipt to v2.0.5.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4337-1
Released:    Tue Dec  6 16:51:12 2022
Summary:     Recommended update for collectd
Type:        recommended
Severity:    moderate
References:  

This update of collectd fixes the following issues:

- rebuild against the new net-snmp (jsc#SLE-11203).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4339-1
Released:    Tue Dec  6 16:51:57 2022
Summary:     Recommended update for hplip
Type:        recommended
Severity:    moderate
References:  

This update of hplip fixes the following issues:

- rebuild against the new net-snmp (jsc#SLE-11203).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4365-1
Released:    Thu Dec  8 16:14:30 2022
Summary:     Recommended update for powerman
Type:        recommended
Severity:    moderate
References:  

This update of powerman fixes the following issues:

- rebuild against the new net-snmp (jsc#SLE-11203).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4367-1
Released:    Thu Dec  8 16:56:07 2022
Summary:     Recommended update for cloud-regionsrv-client
Type:        recommended
Severity:    critical
References:  1191880,1195924,1195925,1203382,1205089,1206082
This update for cloud-regionsrv-client fixes the following issues:

- Update to version 10.0.7 (bsc#1191880, bsc#1195925, bsc#1195924) 
- Implement functionality to detect if an update server has a new cert. 
Import the new cert when it is detected. 
- From 10.0.6 (bsc#1205089) 
- Credentials are equal when username and password are the same ignore 
other entries in the credentials file 
- Handle multiple zypper names in process table, zypper and Zypp-main 
to properly detect the running process
- Require dmidecode only on supported archs (bsc#1206082)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4370-1
Released:    Thu Dec  8 17:19:14 2022
Summary:     Recommended update for rsyslog
Type:        recommended
Severity:    moderate
References:  1191833,1205275
This update for rsyslog fixes the following issues:

- Parsing of legacy config syntax (bsc#1205275)
- Remove $klogConsoleLogLevel setting from rsyslog.conf as this legacy setting from pre-systemd times is obsolete and 
  can block important systemd messages (bsc#1191833)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4375-1
Released:    Thu Dec  8 17:40:32 2022
Summary:     Recommended update for pam_saslauthd
Type:        recommended
Severity:    moderate
References:  
This update for pam_saslauthd fixes the following issues:

Initial shipment of version 0.1.0~1.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4378-1
Released:    Thu Dec  8 18:34:03 2022
Summary:     Security update for rabbitmq-server
Type:        security
Severity:    moderate
References:  1205267,CVE-2022-31008
This update for rabbitmq-server fixes the following issues:

- CVE-2022-31008: Fixed predictable secret seed in URI encryption (bsc#1205267).

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2022:4380-1
Released:    Fri Dec  9 03:58:17 2022
Summary:     Feature update for ipset
Type:        feature
Severity:    important
References:  1116432,1122853
This update for ipset fixes the following issues:

Version update from 6.36 to 7.15 (jsc#PED-2086):

- Update needed to match kernel protocol version
- Fix bug with 'ipset save -file <filename>' that wrongly produced empty files (bsc#1116432)
- A new internal protocol version between the kernel and userspace is used. This is required in order to support two
  new functions and the extendend LIST operation, which makes possible to run ipset in every case entirely over netlink
  without the need to use getsockopt()
- Allow specifying protocols by number
- Enable memory accounting for ipset allocations
- Fix argument parsing buffer overflow in ipset_parse_argv
- Fix parsing the service names for ports
- Fix memory accounting for hash types on resize
- Fix rename concurrency with listing, which can result broken list/save results
- Fix to list/save into file specified by option
- Implement sorting for hash types in the ipset tool
- Limit the maximum range of consecutive elements to add/delete
- Support the '-exist' flag with the destroy command
- For the full list of changes please consult the changelog at https://ipset.netfilter.org/changelog.html

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4383-1
Released:    Fri Dec  9 04:01:50 2022
Summary:     Recommended update for iputils
Type:        recommended
Severity:    important
References:  1203957
This update for iputils fixes the following issues:

- Fix occasional memory access violation when using `ping` (bsc#1203957)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4384-1
Released:    Fri Dec  9 04:02:25 2022
Summary:     Recommended update for migrate-sles-to-sles4sap
Type:        recommended
Severity:    moderate
References:  1205281
This update for migrate-sles-to-sles4sap fixes the following issues:

- Add missing required package dependencies to wget, coreutils, openssl and SUSE Connect (bsc#1205281)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4385-1
Released:    Fri Dec  9 04:03:31 2022
Summary:     Recommended update for clone-master-clean-up
Type:        recommended
Severity:    moderate
References:  1203024,1204835
This update for clone-master-clean-up fixes the following issues:

Version update from 1.8 to 1.10:

- Fix failure if postfix is not installed by adding a check for the directory's existance (bsc#1204835)
- Clean up initiatorname.iscsi (bsc#1203024)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4387-1
Released:    Fri Dec  9 04:05:27 2022
Summary:     Recommended update for libteam
Type:        recommended
Severity:    moderate
References:  1200505
This update for libteam fixes the following issues:

- Set ports priority to local and kernel configurations (bsc#1200505)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4397-1
Released:    Fri Dec  9 15:59:23 2022
Summary:     Security update for go1.19
Type:        security
Severity:    moderate
References:  1200441,1206134,1206135,CVE-2022-41717,CVE-2022-41720
This update for go1.19 fixes the following issues:

Update to version 1.19.4, includes the following security fixes:

- CVE-2022-41717: net/http: limit canonical header cache by bytes, not entries (bsc#1206135).
- CVE-2022-41720: os, net/http: avoid escapes from os.DirFS and http.Dir on Windows (bsc#1206134).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4404-1
Released:    Mon Dec 12 09:04:37 2022
Summary:     Recommended update for libpulp
Type:        recommended
Severity:    moderate
References:  1200129,1200316
This update for libpulp fixes the following issues:

- Fix ulp tool not patching on highly stressed environments. The reason behind it is that a 10s timeout was not enough 
  depending of how stressed the machine is (bsc#1200316)
- Fix HANA testcase failures (bsc#1200129)
- Add support for searching for patches recursively so that to include subdirectories
- Improve the process patching performance. This is achieved by reducing ptrace calls and switching to 
  'process_vm_readv/writev' when possible, and moving process discovery to a different thread.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4411-1
Released:    Tue Dec 13 04:21:08 2022
Summary:     Security update for tiff
Type:        security
Severity:    important
References:  1204642,1205422,CVE-2022-3570,CVE-2022-3598
This update for tiff fixes the following issues:

- CVE-2022-3570: Fixed heap buffer overflows in tiffcrop.c (bsc#1205422).
- CVE-2022-3598: Fixed out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c [bsc#1204642]

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4412-1
Released:    Tue Dec 13 04:47:03 2022
Summary:     Recommended update for suse-build-key
Type:        recommended
Severity:    moderate
References:  1204706
This update for suse-build-key fixes the following issues:

- added /usr/share/pki/containers directory for container pem keys
  (cosign/sigstore style), put the SUSE Container signing PEM key there too (bsc#1204706)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4452-1
Released:    Tue Dec 13 11:35:26 2022
Summary:     Security update for java-1_8_0-openjdk
Type:        security
Severity:    moderate
References:  1204471,1204472,1204473,1204475,CVE-2022-21619,CVE-2022-21624,CVE-2022-21626,CVE-2022-21628
This update for java-1_8_0-openjdk fixes the following issues:

Update to version jdk8u352 (icedtea-3.25.0):

- CVE-2022-21619,CVE-2022-21624: Fixed difficult to exploit vulnerability allows unauthenticated attacker with network access and can cause unauthorized update, insert or delete access via multiple protocols (bsc#1204473,bsc#1204475).
- CVE-2022-21626: Fixed easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to cause partial denial of service (bsc#1204471).
- CVE-2022-21628: Fixed easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to cause partial denial of service (bsc#1204472).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4453-1
Released:    Tue Dec 13 11:38:38 2022
Summary:     Security update for wireshark
Type:        security
Severity:    important
References:  1204822,1206189,1206190,CVE-2022-3725
This update for wireshark fixes the following issues:

Update to version 3.6.10:

- CVE-2022-3725: OPUS dissector crash (bsc#1204822).
- Multiple dissector infinite loops (bsc#1206189).
- Kafka dissector memory exhaustion (bsc#1206190).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4457-1
Released:    Tue Dec 13 13:10:48 2022
Summary:     Security update for libtpms
Type:        security
Severity:    moderate
References:  1187767,1204556,CVE-2021-3623
This update for libtpms fixes the following issues:

- CVE-2021-3623: Fixed out-of-bounds access when trying to resume the
  state of the vTPM (bsc#1187767)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4458-1
Released:    Tue Dec 13 13:16:04 2022
Summary:     Recommended update for container-suseconnect
Type:        recommended
Severity:    moderate
References:  1186827
This update for container-suseconnect fixes the following issues:

container-suseconnect was updated to 2.4.0 (jsc#PED-1710):

* Fix docker build example for non-SLE hosts
* Minor fixes to --help and README
* Improve documentation when building with podman on non-SLE host
* Add flag --log-credentials-errors
* Update capture to the 1.0.0 release
* Use URL.Redacted() to avoid security scanner warning
* Regcode fix

- strip binaries (removes 4MB/25% of the uncompressed size) (bsc#1186827)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4462-1
Released:    Tue Dec 13 17:00:38 2022
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    important
References:  1206242,CVE-2022-46872,CVE-2022-46874,CVE-2022-46875,CVE-2022-46878,CVE-2022-46880,CVE-2022-46881,CVE-2022-46882
This update for MozillaFirefox fixes the following issues:

Firefox Extended Support Release 102.6.0 ESR (bsc#1206242):

- CVE-2022-46880: Use-after-free in WebGL
- CVE-2022-46872: Arbitrary file read from a compromised content process
- CVE-2022-46881: Memory corruption in WebGL
- CVE-2022-46874: Drag and Dropped Filenames could have been truncated to malicious extensions
- CVE-2022-46875: Download Protections were bypassed by .atloc and .ftploc files on Mac OS
- CVE-2022-46882: Use-after-free in WebGL
- CVE-2022-46878: Memory safety bugs fixed in Firefox 108 and Firefox ESR 102.6

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4463-1
Released:    Tue Dec 13 17:04:31 2022
Summary:     Security update for containerd
Type:        security
Severity:    important
References:  1197284,1206065,1206235,CVE-2022-23471,CVE-2022-27191
This update for containerd fixes the following issues:

Update to containerd v1.6.12 including Docker v20.10.21-ce (bsc#1206065). 

Also includes the following fix:

- CVE-2022-23471: host memory exhaustion through Terminal resize goroutine leak (bsc#1206235).
- CVE-2022-27191: crash in a golang.org/x/crypto/ssh server (bsc#1197284).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4465-1
Released:    Wed Dec 14 05:58:28 2022
Summary:     Recommended update for motif
Type:        recommended
Severity:    important
References:  1205253
This update for motif fixes the following issues:

- Fix to prevent third party application crash (bsc#1205253)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4466-1
Released:    Wed Dec 14 05:59:27 2022
Summary:     Recommended update for python-kiwi
Type:        recommended
Severity:    moderate
References:  1203896
This update for python-kiwi fixes the following issues:

Version update from 9.24.36 to 9.24.43:

- Add example aarch64 integration test for Ubuntu
- Add option '--target-arch' for image info to allow cross architecture dependency solving
- Add support for group id in users setting
- Fix error handling for setfiles policy lookup and ensure the path to run scandir is properly created
- Fix handling of signing_keys in cmdline options
- Fix helper method to detect dracut outfile format
- Fix 'kexec' options setup in kiwi-dump-reboot
- Fix issues with the setfiles SELinux relabel command
- Prefer file based syscall in kexec when possible, needed to support boot on a secure boot enabled system (bsc#1203896)
- Setup SELinux on every system prepare / build

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4467-1
Released:    Wed Dec 14 06:00:36 2022
Summary:     Recommended update for python-parallax
Type:        recommended
Severity:    important
References:  1205116
This update for python-parallax fixes the following issues:

- Fix parallax file descriptor leakage (bsc#1205116)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4472-1
Released:    Wed Dec 14 06:08:43 2022
Summary:     Recommended update for pesign
Type:        recommended
Severity:    moderate
References:  1205323
This update for pesign fixes the following issues:

- Fix OID array indices (bsc#1205323)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4474-1
Released:    Wed Dec 14 07:45:26 2022
Summary:     Recommended update for python-paramiko
Type:        recommended
Severity:    moderate
References:  1205132
This update for python-paramiko fixes the following issues:

- Fix loading of RSA key (bsc#1205132)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4478-1
Released:    Wed Dec 14 11:59:24 2022
Summary:     Security update for capnproto
Type:        security
Severity:    moderate
References:  1205968,CVE-2022-46149
This update for capnproto fixes the following issues:

- CVE-2022-46149: Fixed out of bounds read when handling a list of lists (bsc#1205968).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4480-1
Released:    Wed Dec 14 12:42:46 2022
Summary:     Security update for xorg-x11-server
Type:        security
Severity:    important
References:  1205874,1205875,1205876,1205877,1205878,1205879,1206017,CVE-2022-4283,CVE-2022-46340,CVE-2022-46341,CVE-2022-46342,CVE-2022-46343,CVE-2022-46344
This update for xorg-x11-server fixes the following issues:

- CVE-2022-46340: Server XTestSwapFakeInput stack overflow (bsc#1205874)
- CVE-2022-46341: Server XIPassiveUngrabDevice out-of-bounds access (bsc#1205877)
- CVE-2022-46342: Server XvdiSelectVideoNotify use-after-free (bsc#1205879)
- CVE-2022-46343: Server ScreenSaverSetAttributes use-after-free (bsc#1205878)
- CVE-2022-46344: Server XIChangeProperty out-of-bounds access (bsc#1205876)
- CVE-2022-4283: Reset the radio_groups pointer to NULL after freeing it (bsc#1206017)
- Xi: return an error from XI property changes if verification failed (bsc#1205875)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4488-1
Released:    Wed Dec 14 13:22:53 2022
Summary:     Security update for apache2-mod_wsgi
Type:        security
Severity:    moderate
References:  1201634,CVE-2022-2255
This update for apache2-mod_wsgi fixes the following issues:

- CVE-2022-2255: Hardened the trusted proxy header filter to avoid bypass. (bsc#1201634)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4491-1
Released:    Wed Dec 14 13:31:51 2022
Summary:     Recommended update for libsodium, python-Django, python-PyNaCl, python-cffi, python-hypothesis, python-packaging, python-readthedocs-sphinx-ext, python-semver, python-sphinx_rtd_theme
Type:        recommended
Severity:    important
References:  1111657,1144506,1148184,1186870,1199282
This update for libsodium, python-Django, python-PyNaCl, python-cffi, python-hypothesis, python-packaging, python-readthedocs-sphinx-ext, python-semver, python-sphinx_rtd_theme fixes the following issues:

libsodium:

- Version update from 1.0.16 to 1.0.18 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
  * Enterprise versions of Visual Studio are now supported
  * Visual Studio 2019 is now supported
  * 32-bit binaries for Visual Studio 2010 are now provided
  * Emscripten: print and printErr functions are overridden to send errors to the console, if there is one
  * Emscripten: UTF8ToString() is now exported since Pointer_stringify() has been deprecated
  * Libsodium version detection has been fixed in the CMake recipe
  * Generic hashing got a 10% speedup on AVX2.
  * New target: WebAssembly/WASI (compile with dist-builds/wasm32-wasi.sh)
  * New functions to map a hash to an edwards25519 point or get a random point: core_ed25519_from_hash() and core_ed25519_random()
  * crypto_core_ed25519_scalar_mul() has been implemented for scalar*scalar (mod L) multiplication
  * Support for the Ristretto group has been implemented for interoperability with wasm-crypto
  * Improvements have been made to the test suite
  * Portability improvements have been made
  * 'randombytes_salsa20' has been 'renamed to randombytes_internal'
  * Support for NativeClient has been removed
  * Most ((nonnull)) attributes have been relaxed to allow 0-length inputs to be NULL.
  * The -ftree-vectorize and -ftree-slp-vectorize compiler switches are now used, if available, for optimized builds
  * For the full list of changes please consult the packaged ChangeLog
- Disable LTO to bypass build failures on Power PC architecture (bsc#1148184)

python-cffi:
    
- Version update from 1.11.2 to 1.15.0 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
  * Fixed MANIFEST.in to include missing file for Windows arm64 support
  * Fixed Linux wheel build to use gcc default ISA for libffi
  * Updated setup.py Python trove specifiers to currently-tested Python versions
  * CPython 3.10 support (including wheels)
  * MacOS arm64 support (including wheels)
  * Initial Windows arm64 support
  * Misc. doc and test updates
- Fix for using to proper void returning function not to corrupt memory in tests. (bsc#1111657)    
    
python-Django:
    
- New package at version 2.0.7 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)


python-hypothesis:
    
- Version update from 3.40.1 to 3.76.0 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
  * This release deprecates using floats for min_size and max_size
  * The type hint for average_size arguments has been changed from Optional[int] to None, because non-None values are
    always ignored and deprecated.
  * Fix a broken link in a docstring
  * Deprecate the use of 'min_size=None', setting the mdefault min_size to 0
  * Strategies are now fully constructed and validated before the timer is started
  * Fix some broken formatting and links in the documentation
  * Check that the value of the print_blob setting is a PrintSettings instance
  * Being able to specify a boolean value was not intended, and is now deprecated. In addition, specifying True will
    now cause the blob to always be printed, instead of causing it to be suppressed.
  * Specifying any value that is not a PrintSettings or a boolean is now an error
  * Changes the documentation for hypothesis.strategies.datetimes, hypothesis.strategies.dates,
    hypothesis.strategies.times to use the new parameter names min_value and max_value instead of the deprecated names
  * Ensure that Hypothesis deprecation warnings display the code that emitted them when you’re not running in -Werror
    mode
  * For the full list of changes please consult the changelog at 
    https://hypothesis.readthedocs.io/en/latest/changes.html#v3-76-0

python-packaging:
   
- Version update from 16.8 to 21.3 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
  * Fix testsuite on big-endian targets
  * Ignore python3.6.2 since the test doesn't support it 
  * Replace the blank pyparsing 3 exclusion with a 3.0.5 exclusion
  * Fix a spelling mistake
  * Work around dependency generator issues (bsc#1186870) 
  * Remove dependency on attrs (bsc#1144506)
  * Update documentation entry for 21.1.
  * Update pin to pyparsing to exclude 3.0.0.
  * PEP 656: musllinux support
  * Drop support for Python 2.7, Python 3.4 and Python 3.5.
  * Replace distutils usage with sysconfig
  * Add support for zip files in `parse_sdist_filename`
  * Use cached `_hash` attribute to short-circuit tag equality comparisons
  * Specify the default value for the `specifier` argument to `SpecifierSet`
  * Proper keyword-only 'warn' argument in packaging.tags
  * Correctly remove prerelease suffixes from ~= check
  * Fix type hints for `Version.post`` and `Version.dev`
  * Use typing alias `UnparsedVersion``
  * Improve type inference for `packaging.specifiers.filter()`
  * Tighten the return type of `canonicalize_version()`
  * For the full list of changes please consult the packaged CHANGELOG file

python-PyNaCl:
    
 - Version update from 1.2.1 to 1.4.0 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
  * Add dependency requirement to python-six, needed by the testsuite 
  * Update `libsodium` to 1.0.18.
  * **BACKWARDS INCOMPATIBLE:** We no longer distribute 32-bit `manylinux1`
    wheels. Continuing to produce them was a maintenance burden.
  * Added support for Python 3.8, and removed support for Python 3.4.
  * Add low level bindings for extracting the seed and the public key
    from crypto_sign_ed25519 secret key
  * Add low level bindings for deterministic random generation.
  * Add `wheel` and `setuptools` setup_requirements in `setup.py`
  * Fix checks on very slow builders (#481, #495)
  * Add low-level bindings to ed25519 arithmetic functions
  * Update low-level blake2b state implementation
  * Fix wrong short-input behavior of SealedBox.decrypt()
  * Raise CryptPrefixError exception instead of InvalidkeyError when trying
    to check a password against a verifier stored in a unknown format
  * Add support for minimal builds of libsodium. Trying to call functions
    not available in a minimal build will raise an UnavailableError
    exception. To compile a minimal build of the bundled libsodium, set
    the SODIUM_INSTALL_MINIMAL environment variable to any non-empty
    string (e.g. `SODIUM_INSTALL_MINIMAL=1`) for setup.
    
python-semver:
    
- New package at version 2.13.0 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

python-sphinx_rtd_theme:
  
- Version update from 0.2.4 to 0.5.1 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
  * Add github, gitlab, bitbucket page arguments option
  * Add html language attribute
  * Add language to the JS output variable
  * Add open list spacing
  * Add option to style external links
  * Add pygments support
  * Add setuptools entry point allowing to use sphinx_rtd_theme as Sphinx html_theme directly.
  * Add Sphinx as a dependency
  * Allow setting 'rel' and 'title' attributes for stylesheets
  * Changed code and literals to use a native font stack
  * Color accessibility improvements on the left navigation
  * Compress our Javascript files
  * Do not rely on readthedocs.org for CSS/JS
  * Fix line height adjustments for Liberation Mono
  * Fix line number spacing to align with the code lines
  * Fix many sidebar glitches
  * Fix many styling issues
  * Fix mkdocs version selector
  * Fix small styling issues
  * Fix some HTML warnings and errors
  * Fix table centering
  * Hide Edit links on auto created pages
  * Include missing font files with the theme
  * Updated dependencies
  * Write theme version and build date at top of JavaScript and CSS

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4492-1
Released:    Wed Dec 14 13:52:39 2022
Summary:     Recommended update for mozilla-nss
Type:        recommended
Severity:    moderate
References:  1191546,1198980,1201298
This update for mozilla-nss fixes the following issues:

- FIPS: Disapprove the creation of DSA keys, i.e. mark them as not-fips (bsc#1201298)
- FIPS: Allow the use SHA keygen mechs (bsc#1191546).
- FIPS: ensure abort() is called when the repeat integrity check fails (bsc#1198980).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4499-1
Released:    Thu Dec 15 10:48:49 2022
Summary:     Recommended update for openssh
Type:        recommended
Severity:    moderate
References:  1179465
This update for openssh fixes the following issues:

- Make ssh connections update their dbus environment (bsc#1179465):
  * Add openssh-dbus.sh, openssh-dbus.csh, openssh-dbus.fish 

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4502-1
Released:    Fri Dec 16 08:53:52 2022
Summary:     Recommended update for rekor
Type:        recommended
Severity:    moderate
References:  
This update for rekor fixes the following issues:

Rekor was updated to 1.0.1 (jsc#SLE-23476):

- stop inserting envelope hash for intoto:0.0.2 types into index

- build with FIPSified go1.18.

updated to rekor 1.0.0 (jsc#SLE-23476):

- add description on /api/v1/index/retrieve endpoint
- Adding e2e test coverage
- export rekor build/version information
- Use POST instead of GET for /api/log/entries/retrieve metrics.
- Search through all shards when searching
- verify: verify checkpoint's STH against the inclusion proof root hash
- add ability to enable/disable specific rekor API endpoints
- enable configurable client retries with backoff in RekorClient
- remove dead code around api-key and timestamp references
- update swagger API version to 1.0.0
- remove unused RekorVersion API definition
- install gocovmerge in hack/tools
- add retry command line flag on rekor-cli
- Add some info and debug logging to commonly used funcs

updated to rekor 0.12.2 (jsc#SLE-23476):

- add description on /api/v1/index/retrieve endpoint
- Adding e2e test coverage
- export rekor build/version information
- Use POST instead of GET for /api/log/entries/retrieve metrics.
- Search through all shards when searching by hash

updated to rekor 0.12.1 (jsc#SLE-23476):

- ** Rekor ** v0.12.1 comes with a breaking change to rekor-cli v0.12.1. Users of rekor-cli MUST upgrade to the latest version
  The addition of the intotov2 created a breaking change for the rekor-cli

- What's Changed

  - fix: fix harness tests with intoto v0.0.2
  - feat: add file based signer and password
  - Adds new rekor metrics for latency and QPS.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4568-1
Released:    Mon Dec 19 14:13:24 2022
Summary:     Recommended update for OpenIPMI
Type:        recommended
Severity:    moderate
References:  

This update of OpenIPMI fixes the following issues:

- rebuild against the new net-snmp (jsc#SLE-11203).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4579-1
Released:    Tue Dec 20 08:33:09 2022
Summary:     Security update for MozillaThunderbird
Type:        security
Severity:    important
References:  1206242,CVE-2022-46872,CVE-2022-46874,CVE-2022-46875,CVE-2022-46878,CVE-2022-46880,CVE-2022-46881,CVE-2022-46882
This update for MozillaThunderbird fixes the following issues:

Update to version 102.6 (bsc#1206242):

- CVE-2022-46880: Use-after-free in WebGL
- CVE-2022-46872: Arbitrary file read from a compromised content process
- CVE-2022-46881: Memory corruption in WebGL
- CVE-2022-46874: Drag and Dropped Filenames could have been truncated to malicious extensions
- CVE-2022-46875: Download Protections were bypassed by .atloc and .ftploc files on Mac OS
- CVE-2022-46882: Use-after-free in WebGL
- CVE-2022-46878: Memory safety bugs fixed in Thunderbird 102.6

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4584-1
Released:    Tue Dec 20 12:42:21 2022
Summary:     Recommended update for cloud-regionsrv-client
Type:        recommended
Severity:    critical
References:  1206428
This update for cloud-regionsrv-client fixes the following issues:

- Update to version 10.0.8 (bsc#1206428)
  - Fix regression introduced by 10.0.7. When the hosts file was modified such that there is
    no empty line at the end of the file the content after removing the registration data does
    not match the content prior to registration.
    The update fixes the issue triggered by an index logic error.
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4590-1
Released:    Tue Dec 20 15:08:51 2022
Summary:     Recommended update for openscap
Type:        recommended
Severity:    moderate
References:  1197599,1203408
This update for openscap fixes the following issues:

Added openSUSE Leap 15.4 and 15.5 dictionary entries. (bsc#1203408 bsc#1197599)

openscap was updated to 1.3.6

* New features

  - Select and exclude groups of rules on the command line
  - The boot-time remediation service for systemd's Offline Update mode
  - Memory limit control using OSCAP_PROBE_MEMORY_USAGE_RATIO environment variable
  - Allow disablement of SHA-1 and MD5
  - Allow providing pre-downloaded components
  - Introduce OSBuild Blueprint fix type

* Maintenance, bug fixes

  - Fix coverity issues
  - Patch the `segfault` in dpkginfo_fini()
  - Add an alternative source of hostname
  - Fail download on HTTP errors
  - Compile 'environmentvariable_probe' on Windows
  - FreeBSD build and test fixes
  - Add offline mode for password probe
  - Initialize crypto API only once
  - Fix UBI 9 scan
  - oval/yamlfilecontent: Add 'null' values handling
  - Do not set Rpath
  - Do not split `XCCDF:requires` with multiple `idrefs`
  - Allow empty /proc in offline mode
- oscap-remediate is shipped via /usr/bin.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4597-1
Released:    Wed Dec 21 10:13:11 2022
Summary:     Security update for curl
Type:        security
Severity:    important
References:  1206308,1206309,CVE-2022-43551,CVE-2022-43552
This update for curl fixes the following issues:

- CVE-2022-43552: HTTP Proxy deny use-after-free (bsc#1206309).
- CVE-2022-43551: Fixed HSTS bypass via IDN (bsc#1206308).

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2022:4601-1
Released:    Wed Dec 21 12:23:59 2022
Summary:     Feature update for GNOME 41
Type:        feature
Severity:    moderate
References:  1175622,1179584,1188882,1196205,1200581,1203274,1204867,944832
This update for GNOME 41 fixes the following issues:

atkmm1_6:

- Version update from 2.28.1 to 2.28.3 (jsc#PED-2235):
  * Meson build: Avoid unnecessary configuration warnings
  * Meson build: Perl is not required by new versions of mm-common
  * Meson build: Require meson >= 0.55.0
  * Meson build: Specify 'check' option in run_command(). Will be necessary with future versions of Meson.
  * Require atk >= 2.12.0 Not a new requirement, but previously it was not specified in configure.ac and meson.build
  * Support building with Visual Studio 2022

eog:

- Version update from 41.1 to 41.2 (jsc#PED-2235):
  * eog-window: use correct type for display_profile
  * Fix discovery of Evince for multi-page images

evince:

- Version update 41.3 to 41.4 (jsc#PED-2235):
  * shell: Fix failures when thumbnail extraction takes too long
  * Fix build with meson 0.60.0 and newer

evolution:
    
- Ensure evolution-devel is forward compatible with evolution-data-server-devel in a same major version (jsc#PED-2235)
    
evolution-data-center:

- Version update from 3.42.4 to 3.42.5 (jsc#PED-2235):
  * Google OAuth out-of-band (oob) flow will be deprecated

folks:

- Version update 0.15.3 to 0.15.5 (jsc#PED-2235):
  * vapi: Add missing generic type argument
  * Fix docs build against newer eds version
  * Fix build against newer eds version
  * Remove volatile keyword from tests

gcr:

- Version update 3.41.0 to 3.41.1 (jsc#PED-2235):
  * Add G_SPAWN_CLOEXEC_PIPES flag to all the g_spawn commands
  * Add gi-docgen dependency which is needed by the docs
  * Fix build with meson 0.60.0 and newer
  * Fix build without systemd 
  * Several CI fixes

geocode-glib:

- Version update from 3.26.2 to 3.26.4 (jsc#PED-2235):
   * Fix to a test data file not being installed, and a bug fix for a bug in the libsoup3 port
   * Add support for libsoup 3.x

gjs:

- Version update from 1.70.1 to 1.70.2 (jsc#PED-2235):
  * Build and compatibility fixes backported from the development branch
  * Reverse order of running-from-source checks
- Require xorg-x11-Xvfb for proper package build (bsc#1203274)


glib2:

- Version update from 2.70.4 to 2.70.5 (jsc#PED-2235):
  * Bugs fixed: glgo#GNOME/GLib#2620, glgo#GNOME/GLib!2537, glgo#GNOME/GLib!2555
  * Split gtk-docs from -devel package, these are not needed during building projects using glib2


gnome-control-center:

- Fix the size of logo icon in About system (bsc#1200581)
- Version update from 41.4 to 41.7 (jsc#PED-2235):
  * Cellular: Remove duplicate line from .desktop
  * Info: Allow changing 'Device Name' by pressing 'Enter'
  * Info: Remove trailing space after CPU name
  * Keyboard: Fix crash resetting all keyboard shortcuts
  * Keyboard: Fix leaks
  * Network: Fix saving passwords for non-wifi connections
  * Network: Fix critical when opening VPN details page
  * Wacom: Fix leaks

gnome-desktop:

- Version update from 41.2 to 41.8 (jsc#PED-2235):
  * Version increase but no actual changes

gnome-music:

- Version update from 41.0 to 41.1 (jsc#PED-2235):
  * Ensure the correct album is played
  * Fix build with meson 0.61.0 and newer
  * Fix crash on empty selection
  * Fix incorrect playlist import
  * Fix time displayed in RTL languages
  * Improve async queue work
  * Make random shuffle actually random
  * Make shuffle random
  * Speed increase on first startup on larger collections
  * Time is reversed in RTL

gnome-remote-desktop:

- Version update from 41.2 to 41.3 (jsc#PED-2235):
  * Add Icelandic translation

gnome-session:

- Clear error messages that can be ignored because expected to happen for GDM sessions (bsc#1204867)
- Add fix for gnome-session to exit immediately when lost name on bus (bsc#1175622, bsc#1188882)
  
gnome-shell:

- Disable offline update suggestion before shutdown/reboot in SLE and openSUSE Leap (bsc#944832)
- Version update from 41.4 to 41.9 (jsc#PED-2235):
  * Allow extension updates with only Extension Manager installed
  * Allow more intermediate icon sizes in app grid
  * Disable workspace switching while in search.
  * Do not create systemd scope for D-Bus activated apps
  * Fix calendar to correctly align world clocks header in RTL
  * Fix drag placeholder position in dash in RTL locales
  * Fix edge case where windows stay dimmed after a modal is closed
  * Fix feedback when turning on a11y features by keyboard
  * Fix focus tracking in magnifier on wayland
  * Fix fractional timezone offsets in world clock
  * Fix glitches in overview transition
  * Fix logging in with realmd
  * Fix memory leak
  * Fix opening device settings for enterprise WPA networks
  * Fix programatically set scrollview fade
  * Fix regression in ibus support
  * Fix unresponsive top bar in overview when in fullscreen
  * Handle monitor changes during startup animation
  * Hide overview after 'Show Details' from app context menu
  * Improve Belgian on-screen keyboard layout
  * Improve CSS shadow appearance
  * Make sure startup animation completes
  * Misc. bug fixes and cleanups
  * Only close messages via delete key if they can be closed
  * Respect IM hint for candidates list in on-screen keyboard
    
gnome-software:

- Disable offline update feature in SUSE Linux Enterprise and openSUSE Leap (bsc#944832)
- Version update from 41.4 to 41.5 (jsc#PED-2235):
  * Added several appstream-related fixed
  * Disable scroll-by-mouse-wheel on featured carousel
  * Ensure details page shows app provided on command line


gnome-terminal:

- Version update from 3.42.2 to 3.42.3 (jsc#PED-2235):
  * Fix build with meson 0.61.0 and newer
  * window: Use a normal menu for the popup menu

gnome-user-docs:

- Version update from 41.1 to 41.5 (jsc#PED-2235):
  * Added missing icon for network-wired-symbolic

gspell:

- Version update from 1.8.4 to 1.10.0 (jsc#PED-2235):
  * Build: distribute more files in tarballs
  * Documentation improvements

gtkmm3:

- Version update from 3.24.5 to 3.24.6 (jsc#PED-2235):
  * Build with Meson: MSVC build: Support Visual Studio 2022
  * Check if Perl is required for building documentation
  * Don't use deprecated python3.path() and execute (..., gui_app...)
  * GTK: TreeValueProxy: Declare copy constructor = default, avoiding warnings from the claing++ compiler
  * Object::_release_c_instance(): Unref orphan managed widgets
  * SizeGroup demo: Set active items in the combo boxs, so something is shown
  * Specify 'check' option in run_command()

gtk-vnc:

- Version update from 1.3.0 to 1.3.1 (jsc#PED-2235):
  * Add 'check' arg to meson run_command()
  * Fix invalid use of subprojects with meson
  * Support ZRLE encoding for zero size alpha cursors

gupnp-av:

- Version update from 0.12.11 to 0.14.1 (jsc#PED-2235):
  * Add utility function to format GDateTime to the iso variant DIDL expects
  * Allow to be used as a subproject
  * Drop autotools
  * Fix stripping @refID
  * Fix unsetting subtitleFileType
  * Make Feature derivable again
  * Obsolete code removal.
  * Port to modern GObject
  * Remove hand-written ref-counting, use RcBox/AtomicRcBox instead.
  * Switch to meson build system, following upstream
- Rename libgupnp-av-1_0-2 subpackage to libgupnp-av-1_0-3, correcting the package name to match the provided library
- Conflict with the wrongly provided libgupnp-av-1_0-2
  
gvfs:

- Version update from 1.48.1 to 1.48.2 (jsc#PED-2235):
  * sftp: Adapt on new OpenSSH password prompts
  * smb: Rework anonymous handling to avoid EINVAL
  * smb: Ignore EINVAL for kerberos/ccache login

libgsf:

- Version update from 1.14.48 to 1.14.50 (jsc#PED-2235):
  * Fix error handling problem when writing ole files
  * Fix problems with non-western text in OLE properties
  * Use g_date_time_new_from_iso8601 and g_date_time_format_iso8601 when available

libmediaart:

- Version update from 1.9.5 to 1.9.6 (jsc#PED-2235):
  * build: Add introspection/vapi/tests options
  * build: Use library() to optionally build a static library

libnma:

- Version update from 1.8.32 to 1.8.40 (jsc#PED-2235):
  * Ad-Hoc networks now default to using WPA2 instead of WEP
  * Add possibility of building libnma-gtk4 library with Gtk4 support
  * Do not allow setting empty 802.1x domain for EAP TLS
  * Fixed keyboard accelerator for certificate chooser
  * Fixed libnma-gtk4 version of mobile-wizard
  * Include OWE wireless security option
  * The GtkBuilder files for Gtk4 are now included in the release tarball
  * WEP is no longer provided as an option for connecting to hidden networks due to its deprecated status
- New sub-packages libnma-gtk4-0, typelib-1_0-NMA4-1_0 and libnma-gtk4-devel
- Split out documentation files in own docs sub-package

libnotify:

- Version update from 0.7.10 to 0.7.12 (jsc#PED-2235):
  * Delete unused notifynotification.xml
  * Fix potential build errors with old glib version we require
  * docs/notify-send: Add --transient option to manpage
  * notification: Bookend calling NotifyActionCallback with temporary reference
  * notification: Include sender-pid hint by default if not provided
  * notify-send: Add debug message about server not supporting persistence
  * notify-send: Add explicit option to create transient notifications
  * notify-send: Add support for boolean hints
  * notify-send: Move server capabilities check to a separate function
  * notify-send: Support passing any hint value, by parsing variant strings

libpeas:

- Version update from 1.30.0 to 1.32.0 (jsc#PED-2235):
  * Icon licenses have been corrected
  * Parallel build system operation fixes
  * Use gi-docgen for documentation
  * Various build warnings squashed
  * Various GIR data that should not have been exported was removed
- Stop packaging the demo files/sub-package

librsvg:

- Version update from 2.52.6 to 2.52.9 (jsc#PED-2235):
  * Catch circular references when rendering patterns
  * Fix regressions when computing element geometries
  * Fix regression outputting all text as paths

libsecret:

- Version update from 0.20.4 to 0.20.5 (jsc#PED-2235):
  * Add bash-completion for secret-tool
  * Add locking capabilities to secret tool
  * Add support for TPM2 based secret storage
  * Create default collection after DBus.Error.UnknownObject
  * Detect local storage in snaps in the same way as flatpaks
  * Drop autotools-based build
  * GI annotation and documentation fixes
  * Port documentation to gi-docgen
  * Use G_GNUC_NULL_TERMINATED where appropriate collection, methods, prompt: Port to GTask
  * secret-file-backend: Avoid closing the same file descriptor twice

mutter:

- Version update from 41.5 to 41.9 (jsc#PED-2235):
  * Fix '--replace option'
  * Fix missing root window properties after XWayland start
  * Fix night light without GAMMA_LUT property
  * KMS: Survive missing GAMMA_LUT property
  * wayland: Fix rotation transform
  * Misc. bug fixes

nautilus:

- Version update from 41.2 to 41.5(jsc#PED-2235):
  * Drag-and-drop bugfixes
  * HighContrast style fixes

orca:

- Version update from 41.1 to 41.3 (jsc#PED-2235):
  * Add more event-flood detection and handling for improved performance
  * Fix bug causing accessing preferences to fail for Esperanto
  * Web: Fix bug causing widgets descending from off-screen label elements to be skipped over
  * Web: Fix presentation of the FluentUI react dialog (and any other dialog which has an ARIA document-role descendant)
  * WebKitGtk: Fail gracefully when structural navigation commands are used in WebKitGtk 2.36.x

python-cairo:

- Add python3-cairo to SUSE Linux Enterprise Micro 5.3 as it is now required by python3-gobject-cairo

python-gobject:

- Add dependency on python-cairo to python-gobject-cairo: The introspection wrapper needs pycairo (bsc#1179584)
  
- Version update from 3.42.0 to 3.42.2 (jsc#PED-2235):
  * Add a workaround for a PyPy 3.9+ bug when threads are used
  * Do not error out for unknown scopes
  * Prompt an error instead of crashing when marshaling unsupported fundamental types in some cases
  * Fix a crash/refcounting error in case marshaling a hash table fails
  * Fix crashes when marshaling zero terminated arrays for certain item types
  * Implement DynamicImporter.find_spec() to silence deprecation warning
  * Make the test suite pass again with PyPy
  * Some test/CI fixes
  * gtk overrides: Do not override Treeview.enable_model_drag_xx for GTK4
  * gtk overrides: restore Gtk.ListStore.insert_with_valuesv with newer GTK4
  * interface: Fix leak when overriding GInterfaceInfo
  * setup.py: look up pycairo headers without importing the module

trackers-python:

- Allow system calls used by gstreamer (bsc#1196205)
- Version update from 3.2.2 to 3.2.1 (jsc#PED-2235):
  * Backport seccomp rules for rseq and mbind syscalls

vala:

- Version update from 0.54.6 to 0.54.8 (jsc#PED-2235):
  * Add missing TraverseVisitor.visit_data_type()
  * Add support for 'copy_/free_function' metadata for compact classes
  * Catch and throw possible inner error of lock statements
  * Clear SemanticAnalyzer.current_{symbol,source_file} when not needed anymore
  * Don't count instance-parameter when checking for backwards closure reference
  * Fix a few binding errors
  * Free empty stack list for code contexts
  * Handle duplicated and unnamed symbols.
  * Improve UI parsing and handling of nested objects and properties
  * Make sure to drop our 'trap' jump target in case of an error
  * Move dynamic property errors to semantic analyzer pass
  * Require lvalue access of delegate target/destroy 'fields'
  * Show source location when reporting deprecations
  * Transform assignment of an array element as needed
  * manual: Update from wiki.gnome.org
  * parser: Improve handling of nullable VarType in with-statement
  * parser: Reduce the source reference of main block method to its beginning

xdg-desktop-portal-gnome:

- Version update from 0.54.6 to 0.54.8 (jsc#PED-2235):
  * Properly bind property in Lockdown portal

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4606-1
Released:    Thu Dec 22 09:32:03 2022
Summary:     Security update for helm
Type:        security
Severity:    moderate
References:  1181419,1206467,1206469,1206471,CVE-2021-21272,CVE-2022-1996,CVE-2022-23524,CVE-2022-23525,CVE-2022-23526
This update for helm fixes the following issues:

Update to version 3.10.3:

- CVE-2022-23524: Fixed a denial of service in the string value parsing (bsc#1206467).
- CVE-2022-23525: Fixed a denial of service with the repository index file (bsc#1206469).
- CVE-2022-23526: Fixed a denial of service in the schema file handling (bsc#1206471).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4623-1
Released:    Tue Dec 27 08:44:28 2022
Summary:     Recommended update for rust, rust1.66
Type:        recommended
Severity:    moderate
References:  
This update for rust, rust1.66 fixes the following issues:

This update ships rust 1.66.

Version 1.66.0 (2022-12-15)
==========================

Language
--------

- Permit specifying explicit discriminants on all `repr(Int)` enums
  ```rust
  #[repr(u8)]
  enum Foo {
      A(u8) = 0,
      B(i8) = 1,
      C(bool) = 42,
  }
  ```
- Allow transmutes between the same type differing only in lifetimes
- Change constant evaluation errors from a deny-by-default lint to a hard error
- Trigger `must_use` on `impl Trait` for supertraits
  This makes `impl ExactSizeIterator` respect the existing `#[must_use]` annotation on `Iterator`.
- Allow `..X` and `..=X` in patterns
- Uplift `clippy::for_loops_over_fallibles` lint into rustc
- Stabilize `sym` operands in inline assembly
- Update to Unicode 15
- Opaque types no longer imply lifetime bounds
  This is a soundness fix which may break code that was erroneously relying on this behavior.

Compiler
--------

- Add armv5te-none-eabi and thumbv5te-none-eabi tier 3 targets
  - Refer to Rust's [platform support page][platform-support-doc] for more
    information on Rust's tiered platform support.
- Add support for linking against macOS universal libraries

Libraries
---------

- Fix `#[derive(Default)]` on a generic `#[default]` enum adding unnecessary `Default` bounds
- Update to Unicode 15

Stabilized APIs
---------------

- `proc_macro::Span::source_text`](https://doc.rust-lang.org/stable/proc_macro/struct.Span.html#method.source_text)
- `uX::{checked_add_signed, overflowing_add_signed, saturating_add_signed, wrapping_add_signed}`](https://doc.rust-lang.org/stable/std/primitive.u8.html#method.checked_add_signed)
- `iX::{checked_add_unsigned, overflowing_add_unsigned, saturating_add_unsigned, wrapping_add_unsigned}`](https://doc.rust-lang.org/stable/std/primitive.i8.html#method.checked_add_unsigned)
- `iX::{checked_sub_unsigned, overflowing_sub_unsigned, saturating_sub_unsigned, wrapping_sub_unsigned}`](https://doc.rust-lang.org/stable/std/primitive.i8.html#method.checked_sub_unsigned)
- `BTreeSet::{first, last, pop_first, pop_last}`](https://doc.rust-lang.org/stable/std/collections/struct.BTreeSet.html#method.first)
- `BTreeMap::{first_key_value, last_key_value, first_entry, last_entry, pop_first, pop_last}`](https://doc.rust-lang.org/stable/std/collections/struct.BTreeMap.html#method.first_key_value)
- Add `AsFd` implementations for stdio lock types on WASI.
- `impl TryFrom<Vec<T>> for Box<[T; N]>`](https://doc.rust-lang.org/stable/std/boxed/struct.Box.html#impl-TryFrom%3CVec%3CT%2C%20Global%3E%3E-for-Box%3C%5BT%3B%20N%5D%2C%20Global%3E)
- `core::hint::black_box`](https://doc.rust-lang.org/stable/std/hint/fn.black_box.html)
- `Duration::try_from_secs_{f32,f64}`](https://doc.rust-lang.org/stable/std/time/struct.Duration.html#method.try_from_secs_f32)
- `Option::unzip`](https://doc.rust-lang.org/stable/std/option/enum.Option.html#method.unzip)
- `std::os::fd`](https://doc.rust-lang.org/stable/std/os/fd/index.html)

Rustdoc
-------

- Add Rustdoc warning for invalid HTML tags in the documentation

Cargo
-----

- Added `cargo remove` to remove dependencies from Cargo.toml](https://doc.rust-lang.org/nightly/cargo/commands/cargo-remove.html)
- `cargo publish` now waits for the new version to be downloadable before exiting
See [detailed release notes] for more.

Compatibility Notes
-------------------
 
- Only apply `ProceduralMasquerade` hack to older versions of `rental`]
- Don't export `__heap_base` and `__data_end` on wasm32-wasi.]
- Don't export `__wasm_init_memory` on WebAssembly.]
- Only export `__tls_*` on wasm32-unknown-unknown.]
- Don't link to `libresolv` in libstd on Darwin]
- Update libstd's libc to 0.2.135 (to make `libstd` no longer pull in `libiconv.dylib` on Darwin)]
- Opaque types no longer imply lifetime bounds]
  This is a soundness fix which may break code that was erroneously relying on this behavior.
- Make `order_dependent_trait_objects` show up in future-breakage reports]
- Change std::process::Command spawning to default to inheriting the parent's signal mask]

Changes in rust:

- Update to version 1.66.0 - for details see the rust1.66 package

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4626-1
Released:    Tue Dec 27 13:05:35 2022
Summary:     Security update for freeradius-server
Type:        security
Severity:    important
References:  1206204,1206205,1206206,CVE-2022-41859,CVE-2022-41860,CVE-2022-41861
This update for freeradius-server fixes the following issues:

- CVE-2022-41859: Fixes an information leakage in EAP-PWD (bsc#1206204).
- CVE-2022-41860: Fixes a crash on unknown option in EAP-SIM (bsc#1206205).
- CVE-2022-41861: Fixes a crash on invalid abinary data (bsc#1206206).

- rebuild against the new net-snmp (jsc#SLE-11203).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4628-1
Released:    Wed Dec 28 09:23:13 2022
Summary:     Security update for sqlite3
Type:        security
Severity:    moderate
References:  1206337,CVE-2022-46908
This update for sqlite3 fixes the following issues:

- CVE-2022-46908: Properly implement the azProhibitedFunctions protection mechanism, 
  when relying on --safe for execution of an untrusted CLI script (bsc#1206337).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4629-1
Released:    Wed Dec 28 09:24:07 2022
Summary:     Security update for systemd
Type:        security
Severity:    important
References:  1200723,1205000,CVE-2022-4415
This update for systemd fixes the following issues:

- CVE-2022-4415: Fixed systemd-coredump that did not respect the fs.suid_dumpable kernel setting (bsc#1205000).

Bug fixes:

- Support by-path devlink for multipath nvme block devices (bsc#1200723).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4632-1
Released:    Wed Dec 28 09:31:41 2022
Summary:     Recommended update for lifecycle-data-sle-module-live-patching
Type:        recommended
Severity:    moderate
References:  1020320
This update for lifecycle-data-sle-module-live-patching fixes the following issues:

- Added data for 4_12_14-150000_150_101, 4_12_14-150000_150_104,
  4_12_14-150100_197_123, 4_12_14-150100_197_126,
  5_14_21-150400_24_21, 5_14_21-150400_24_28,
  5_3_18-150200_24_129, 5_3_18-150200_24_134,
  5_3_18-150300_59_93, 5_3_18-150300_59_98. (bsc#1020320)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4634-1
Released:    Thu Dec 29 10:05:17 2022
Summary:     Security update for webkit2gtk3
Type:        security
Severity:    important
References:  1206474,CVE-2022-42856
This update for webkit2gtk3 fixes the following issues:

Update to version 2.38.3:

- CVE-2022-42856: Fixed a potential arbitrary code execution when processing maliciously crafted web content (bsc#1206474).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4636-1
Released:    Thu Dec 29 14:02:23 2022
Summary:     Security update for MozillaThunderbird
Type:        security
Severity:    moderate
References:  1206653,CVE-2022-46874
This update for MozillaThunderbird fixes the following issues:

Update to version 102.6.1

* fixed: Remote content did not load in user-defined signatures
* fixed: Addons that added new action buttons were not shown for addon upgrades, requiring removal and reinstall
* fixed: Various stability improvements
* CVE-2022-46874: Drag and Dropped Filenames could have been truncated to malicious extensions (bsc#1206653)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4639-1
Released:    Fri Dec 30 09:31:14 2022
Summary:     Security update for polkit-default-privs
Type:        security
Severity:    low
References:  1206414
This update for polkit-default-privs fixes the following issues:

Update to version 13.2+20221216.a0c29e6:

- backport usbguard actions (bsc#1206414).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4640-1
Released:    Fri Dec 30 11:30:23 2022
Summary:     Recommended update for drbd-utils
Type:        recommended
Severity:    low
References:  1204276
This update for drbd-utils fixes the following issue:

- Remove crm-fence-peer.sh for drbd8 to avoid confusion with v9 (bsc#1204276)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4645-1
Released:    Sat Dec 31 16:04:44 2022
Summary:     Security update for postgresql14, postgresql15
Type:        recommended
Severity:    moderate
References:  1205300
This update for postgresql14, postgresql15 fixes the following issues:

postgresql15 is shipped in version 15.1.

* https://www.postgresql.org/about/news/2543/
* https://www.postgresql.org/docs/15/release-15-1.html

Update to 15.0:

* https://www.postgresql.org/about/news/p-2526/ 
* https://www.postgresql.org/docs/15/release-15.html

postgresql14 was updated to 14.6. (bsc#1205300)

* https://www.postgresql.org/about/news/2543/
* https://www.postgresql.org/docs/14/release-14-6.html

The libpq5 and libecpg6 libraries are now provided by postgresql15.


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:6-1
Released:    Mon Jan  2 11:39:18 2023
Summary:     Security update for nautilus
Type:        security
Severity:    moderate
References:  1205418,CVE-2022-37290
This update for nautilus fixes the following issues:

- CVE-2022-37290: Fixed a denial of service caused by pasted ZIP archives (bsc#1205418).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:7-1
Released:    Mon Jan  2 11:39:38 2023
Summary:     Security update for ffmpeg
Type:        security
Severity:    moderate
References:  1206442,CVE-2022-3109
This update for ffmpeg fixes the following issues:

- CVE-2022-3109: Fixed null pointer dereference in vp3_decode_frame() (bsc#1206442).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:8-1
Released:    Mon Jan  2 11:40:05 2023
Summary:     Security update for ffmpeg-4
Type:        security
Severity:    moderate
References:  1206442,CVE-2022-3109
This update for ffmpeg-4 fixes the following issues:

- CVE-2022-3109: Fixed null pointer dereference in vp3_decode_frame() (bsc#1206442).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:9-1
Released:    Mon Jan  2 11:42:16 2023
Summary:     Security update for saphanabootstrap-formula
Type:        security
Severity:    important
References:  1185643,1205990,CVE-2022-45153
This update for saphanabootstrap-formula fixes the following issues:

- Version bump 0.13.1
  * revert changes to spec file to re-enable SLES RPM builds
  * CVE-2022-45153: Fixed privilege escalation for arbitrary users in hana/ha_cluster.sls (bsc#1205990)

- Version bump 0.13.0
  * pass sid to sudoers in a SLES12 compatible way
  * add location constraint to gcp_stonith

- Version bump 0.12.1
  * moved templates dir into hana dir in repository to be gitfs compatible

- Version bump 0.12.0
  * add SAPHanaSR takeover blocker

- Version bump 0.11.0
  * use check_cmd instead of tmp sudoers file
  * make sudoers rules more secure
  * migrate sudoers to template file

- Version bump 0.10.1
  * fix hook removal conditions
  * fix majority_maker code on case grain is empty

- Version bump 0.10.0
  * allow to disable shared HANA basepath and rework add_hosts code
    (enables HANA scale-out on AWS)
  * do not edit global.ini directly (if not needed)

- Version bump 0.9.1
  * fix majority_maker code on case grain is empty

- Version bump 0.9.0
  * define vip_mechanism for every provider and reorder resources
    (same schema for all SAP related formulas)

- Version bump 0.8.1
  * use multi-target Hook on HANA scale-out

- Version bump 0.8.0
  * add HANA scale-out support
  * add idempotence to not affect a running HANA and cluster

- Version bump 0.7.2
  * add native fencing for microsoft-azure

- fixes a not working import of dbapi in SUSE/ha-sap-terraform-deployments#703
- removes the installation and extraction of all hdbcli files in the /hana/shared/srHook directory
- fixes execution order of srTakeover/srCostOptMemConfig hook
- renames and updates hook srTakeover to srCostOptMemConfig

- Changing exporter stickiness to => 0 and adjusting the colocation 
  score from +inf to -inf and changing the colocation from Master to Slave. 
  This change fix the impact of a failed exporter in regards to the HANA DB.

- Document extra_parameters in pillar.example (bsc#1185643)

- Change hanadb_exporter default timeout value to 30 seconds

- Set correct stickiness for the azure-lb resource
  The azure-lb resource receives an stickiness=0 to not influence on
  transitions calculations as the HANA resources have more priority

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:16-1
Released:    Tue Jan  3 11:01:45 2023
Summary:     Recommended update for qemu
Type:        recommended
Severity:    moderate
References:  1202364
This update for qemu fixes the following issues:

- Fix for qemu for broken emulation in SLES15 SP3. (bsc#1202364)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:25-1
Released:    Thu Jan  5 09:51:41 2023
Summary:     Recommended update for timezone
Type:        recommended
Severity:    moderate
References:  1177460
This update for timezone fixes the following issues:

Version update from 2022f to 2022g (bsc#1177460):

- In the Mexican state of Chihuahua:
  * The border strip near the US will change to agree with nearby US locations on 2022-11-30.
  * The strip's western part, represented by Ciudad Juarez, switches from -06 all year to -07/-06 with US DST rules,
    like El Paso, TX.
  * The eastern part, represented by Ojinaga, will observe US DST next year, like Presidio, TX.
  * A new Zone America/Ciudad_Juarez splits from America/Ojinaga.
- Much of Greenland, represented by America/Nuuk, stops observing winter time after March 2023, so its daylight saving
  time becomes standard time.
- Changes for pre-1996 northern Canada
- Update to past DST transition in Colombia (1993), Singapore (1981)
- 'timegm' is now supported by default

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:28-1
Released:    Thu Jan  5 09:54:44 2023
Summary:     Recommended update for SAPHanaSR
Type:        recommended
Severity:    moderate
References:  1192963,1203973
This update for SAPHanaSR fixes the following issues:

- Add improvements from SAP to the RA scripts regarding the handling of the SAP tools 'HDB version', 'HDBSettings.sh'
  and 'pycd' and the SAPHana log filter handling (jsc#PED-1738, jsc#PED-1739)
- Fix for SAPHanaSR-monitor reporting 'LPA status of one node is missing' (bsc#1192963, bsc#1203973)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:30-1
Released:    Thu Jan  5 13:33:15 2023
Summary:     Security update for tcl
Type:        security
Severity:    important
References:  1195773
This update for tcl fixes the following issues:

- Fixed a race condition in test socket-13.1.
- Removed the SQLite extension and use the packaged sqlite3 instead (bsc#1195773).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:32-1
Released:    Thu Jan  5 14:04:25 2023
Summary:     Security update for rpmlint-mini
Type:        security
Severity:    low
References:  1206414
This update for rpmlint-mini fixes the following issues:

Update polkit-default-privs to version 13.2+20221216.a0c29e6:

- backport usbguard actions (bsc#1206414).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:33-1
Released:    Thu Jan  5 15:09:46 2023
Summary:     Security update for xrdp
Type:        security
Severity:    important
References:  1206300,1206302,1206303,1206306,1206307,1206310,1206311,1206312,1206313,CVE-2022-23468,CVE-2022-23478,CVE-2022-23479,CVE-2022-23480,CVE-2022-23481,CVE-2022-23482,CVE-2022-23483,CVE-2022-23484,CVE-2022-23493
This update for xrdp fixes the following issues:

- CVE-2022-23468: Fixed a buffer overflow in xrdp_login_wnd_create() (bsc#1206300).
- CVE-2022-23478: Fixed an out of bound write in xrdp_mm_trans_process_drdynvc_chan() (bsc#1206302).
- CVE-2022-23479: Fixed a buffer overflow in xrdp_mm_chan_data_in() (bsc#1206303).
- CVE-2022-23480: Fixed a buffer overflow in devredir_proc_client_devlist_announce_req() (bsc#1206306).
- CVE-2022-23481: Fixed an out of bound read in xrdp_caps_process_confirm_active() (bsc#1206307).
- CVE-2022-23482: Fixed an out of bound read in xrdp_sec_process_mcs_data_CS_CORE() (bsc#1206310).
- CVE-2022-23483: Fixed an out of bound read in libxrdp_send_to_channel() (bsc#1206311).
- CVE-2022-23484: Fixed a integer overflow in xrdp_mm_process_rail_update_window_text() (bsc#1206312).
- CVE-2022-23493: Fixed an out of bound read in xrdp_mm_trans_process_drdynvc_channel_close() (bsc#1206313).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:37-1
Released:    Fri Jan  6 15:35:49 2023
Summary:     Security update for ca-certificates-mozilla
Type:        security
Severity:    important
References:  1206212,1206622
This update for ca-certificates-mozilla fixes the following issues:

- Updated to 2.60 state of Mozilla SSL root CAs (bsc#1206622)
  Removed CAs:
  - Global Chambersign Root
  - EC-ACC
  - Network Solutions Certificate Authority
  - Staat der Nederlanden EV Root CA
  - SwissSign Platinum CA - G2
  Added CAs:
  - DIGITALSIGN GLOBAL ROOT ECDSA CA
  - DIGITALSIGN GLOBAL ROOT RSA CA
  - Security Communication ECC RootCA1
  - Security Communication RootCA3
  Changed trust:
  - TrustCor certificates only trusted up to Nov 30 (bsc#1206212)
- Removed CAs (bsc#1206212) as most code does not handle 'valid before nov 30 2022'
  and it is not clear how many certs were issued for SSL middleware by TrustCor:
  - TrustCor RootCert CA-1
  - TrustCor RootCert CA-2
  - TrustCor ECA-1

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:46-1
Released:    Mon Jan  9 10:35:21 2023
Summary:     Recommended update for hwdata
Type:        recommended
Severity:    moderate
References:  
This update for hwdata fixes the following issues:

-  Update pci, usb and vendor ids

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:47-1
Released:    Mon Jan  9 10:37:28 2023
Summary:     Recommended update for cepces
Type:        recommended
Severity:    moderate
References:  1204788
This update for cepces fixes the following issues:

- Make the openssl security level configurable (bsc#1204788)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:48-1
Released:    Mon Jan  9 10:37:54 2023
Summary:     Recommended update for libtirpc
Type:        recommended
Severity:    moderate
References:  1199467
This update for libtirpc fixes the following issues:

- Consider /proc/sys/net/ipv4/ip_local_reserved_ports, before binding to a random port (bsc#1199467)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:49-1
Released:    Mon Jan  9 10:40:08 2023
Summary:     Recommended update for llvm9
Type:        recommended
Severity:    moderate
References:  1189602,1197776
This update for llvm9 fixes the following issues:

- Keep DFLTCC environment during testing so we can disable the compression facility on s390x which causes testsuite 
  issues (bsc#1189602)
- Drop RUNPATH from packaged binaries, instead set LD_LIBRARY_PATH for building and testing to simulate behavior of
  actual package (bsc#1197776)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:50-1
Released:    Mon Jan  9 10:42:21 2023
Summary:     Recommended update for shadow
Type:        recommended
Severity:    moderate
References:  1205502
This update for shadow fixes the following issues:

- Fix issue with user id field that cannot be interpreted (bsc#1205502)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:52-1
Released:    Mon Jan  9 10:43:57 2023
Summary:     Recommended update for xfsprogs
Type:        recommended
Severity:    moderate
References:  1205266,1205272,1205284,1205377
This update for xfsprogs fixes the following issues:

- mkfs: don't trample the gid set in the protofile (bsc#1205266)
- mkfs: prevent corruption of passed-in suboption string values (bsc#1205377)
- mkfs: terminate getsubopt arrays properly (bsc#1205284)
- xfs_repair: ignore empty xattr leaf blocks (bsc#1205272)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:54-1
Released:    Mon Jan  9 10:49:19 2023
Summary:     Recommended update for bash-completion
Type:        recommended
Severity:    moderate
References:  1200791
This update for bash-completion fixes the following issues:

- Fix curl help completion (bsc#1200791)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:55-1
Released:    Mon Jan  9 10:49:56 2023
Summary:     Recommended update for php8
Type:        recommended
Severity:    moderate
References:  1205782
This update for php8 fixes the following issues:

- Don't expect the user to always have the php8 module loaded in Apache (bsc#1205782)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:56-1
Released:    Mon Jan  9 11:13:43 2023
Summary:     Security update for libksba
Type:        security
Severity:    moderate
References:  1206579,CVE-2022-47629
This update for libksba fixes the following issues:

- CVE-2022-47629: Fixed an integer overflow vulnerability in the CRL
  signature parser (bsc#1206579).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:59-1
Released:    Tue Jan 10 10:05:29 2023
Summary:     Recommended update for gnome-music
Type:        recommended
Severity:    important
References:  1206751
This update for gnome-music fixes the following issues:

- Fixed a problem during application start (bsc#1206751).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:65-1
Released:    Wed Jan 11 11:43:20 2023
Summary:     Security update for w3m
Type:        security
Severity:    moderate
References:  1202684,CVE-2022-38223
This update for w3m fixes the following issues:

- CVE-2022-38223: Fixed a memory safety issue when dumping crafted
  input to standard out (bsc#1202684).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:69-1
Released:    Wed Jan 11 11:44:36 2023
Summary:     Security update for SDL2
Type:        security
Severity:    moderate
References:  1206727,CVE-2022-4743
This update for SDL2 fixes the following issues:

- CVE-2022-4743: Fixed a potential memory leak when creating a texture
  for an OpenGL ES image (bsc#1206727).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:73-1
Released:    Wed Jan 11 18:42:53 2023
Summary:     Security update for php7
Type:        security
Severity:    important
References:  1206958,CVE-2022-31631
This update for php7 fixes the following issues:

- CVE-2022-31631: Fixed an issue where PDO::quote would return an
  unquoted string (bsc#1206958).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:74-1
Released:    Wed Jan 11 18:43:26 2023
Summary:     Security update for php8
Type:        security
Severity:    important
References:  1206958,CVE-2022-31631
This update for php8 fixes the following issues:

- Updated to version 8.0.27:
  - CVE-2022-31631: Fixed an issue where PDO::quote would return an
    unquoted string (bsc#1206958).

Non-security fixes:
  - Fixed a NULL pointer dereference with -w/-s options.
  - Fixed a crash in Generator when interrupted during argument
    evaluation with extra named params.
  - Fixed a crash in Generator when memory limit was exceeded during
    initialization.
  - Fixed a memory leak in Generator when interrupted during argument
    evaluation.
  - Fixed an issue in the DateTimeZone constructor where an extra null
    byte could be added to the input.
  - Fixed a hang in SaltStack when using php-fpm 8.1.11.
  - Fixed mysqli_query warnings being shown despite using silenced
    error mode.
  - Fixed a NULL pointer dereference when serializing a SOAP response
    call.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:75-1
Released:    Thu Jan 12 09:03:11 2023
Summary:     Security update for net-snmp
Type:        security
Severity:    moderate
References:  1205148,1205150,1206044,1206828,CVE-2022-44792,CVE-2022-44793
This update for net-snmp fixes the following issues:

- CVE-2022-44793: Fixed a NULL pointer dereference issue that could
  allow a remote attacker with write access to crash the server
  instance (bsc#1205148).
- CVE-2022-44792: Fixed a NULL pointer dereference issue that could
  allow a remote attacker with write access to crash the server
  instance (bsc#1205150).

Other fixes:
- Enabled AES-192 and AES-256 privacy protocols (bsc#1206828).
- Fixed an incorrect systemd hardening that caused home directory
  size and allocation to be listed incorrectly (bsc#1206044)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:79-1
Released:    Thu Jan 12 09:05:47 2023
Summary:     Security update for python-future
Type:        security
Severity:    moderate
References:  1206673,CVE-2022-40899
This update for python-future fixes the following issues:

- CVE-2022-40899: Fixed an issue that could allow attackers to cause
  an excessive CPU usage via a crafted Set-Cookie header (bsc#1206673).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:82-1
Released:    Thu Jan 12 11:07:16 2023
Summary:     Recommended update for scap-security-guide
Type:        recommended
Severity:    moderate
References:  1203602
This update for scap-security-guide fixes the following issues:

scap-security-guide was updated to 0.1.65 (jsc#ECO-3319)

- Introduce cui profile for OL9
- Remove Support for OVAL 5.10
- Rename account_passwords_pam_faillock_audit
- CI ansible hardening and rename of existing Bash hardening
- Update contributors list for v0.1.65 release
- various SUSE profile specific fixes

- require sudo, as remediations touch sudo config or use sudo. (bsc#1203602)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:87-1
Released:    Fri Jan 13 20:08:25 2023
Summary:     Recommended update for python-cairo
Type:        recommended
Severity:    moderate
References:  1206716

This update for python-cairo ships the missing python3-cairo to openSUSE Leap Micro 5.3.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:88-1
Released:    Mon Jan 16 10:30:50 2023
Summary:     Security update for python-wheel
Type:        security
Severity:    moderate
References:  1206670,CVE-2022-40898
This update for python-wheel fixes the following issues:

- CVE-2022-40898: Fixed an excessive use of CPU that could be triggered
  via a crafted regular expression (bsc#1206670).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:103-1
Released:    Thu Jan 19 13:22:52 2023
Summary:     Security update for postgresql-jdbc
Type:        security
Severity:    moderate
References:  1206921,CVE-2022-41946
This update for postgresql-jdbc fixes the following issues:

- CVE-2022-41946: Fixed a local information disclosure issue due to
  improper handling of temporary files (bsc#1206921).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:107-1
Released:    Thu Jan 19 15:03:23 2023
Summary:     Recommended update for openssl-1_0_0
Type:        recommended
Severity:    moderate
References:  1201627
This update for openssl-1_0_0 fixes the following issues:

- Update further expiring certificates that affect tests [bsc#1201627]

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:110-1
Released:    Fri Jan 20 10:18:16 2023
Summary:     Security update for git
Type:        security
Severity:    important
References:  1207032,1207033,CVE-2022-23521,CVE-2022-41903
This update for git fixes the following issues:

- CVE-2022-41903: Fixed a heap overflow in the 'git archive' and
  'git log --format' commands (bsc#1207033).
- CVE-2022-23521: Fixed an integer overflow that could be triggered
  when parsing a gitattributes file (bsc#1207032).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:113-1
Released:    Fri Jan 20 10:21:40 2023
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    important
References:  1207119,CVE-2022-46871,CVE-2022-46877,CVE-2023-23598,CVE-2023-23601,CVE-2023-23602,CVE-2023-23603,CVE-2023-23605
This update for MozillaFirefox fixes the following issues:

- Updated to version 102.7.0 ESR (bsc#1207119):
  - CVE-2022-46871: Updated an out of date library (libusrsctp) which
    contained several vulnerabilities.
  - CVE-2023-23598: Fixed an arbitrary file read from GTK drag and
    drop on Linux.
  - CVE-2023-23601: Fixed a potential spoofing attack when dragging a
    URL from a cross-origin iframe into the same tab.
  - CVE-2023-23602: Fixed a mishandled security check, which caused
    the Content Security Policy header to be ignored for WebSockets
    in WebWorkers.
  - CVE-2022-46877: Fixed a fullscreen notification bypass which
    could be leveraged in spoofing attacks.
  - CVE-2023-23603: Fixed a Content Security Policy bypass via format
    directives.
  - CVE-2023-23605: Fixed several memory safety bugs.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:119-1
Released:    Fri Jan 20 10:28:07 2023
Summary:     Security update for mozilla-nss
Type:        security
Severity:    important
References:  1204272,1207038,CVE-2022-23491,CVE-2022-3479
This update for mozilla-nss fixes the following issues:

- CVE-2022-3479: Fixed a potential crash that could be triggered when
  a server requested a client authentication certificate, but the
  client had no certificates stored (bsc#1204272).
- Updated to version 3.79.3 (bsc#1207038):
  - CVE-2022-23491: Removed trust for 3 root certificates from TrustCor.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:127-1
Released:    Tue Jan 24 13:23:00 2023
Summary:     Security update for rubygem-websocket-extensions
Type:        security
Severity:    moderate
References:  1172445,CVE-2020-7663
This update for rubygem-websocket-extensions fixes the following issues:

- CVE-2020-7663: Fixed an excessive resource consumption when parsing
  crafted message headers sent by an attacker (bsc#1172445).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:139-1
Released:    Wed Jan 25 14:41:55 2023
Summary:     Security update for python-certifi
Type:        security
Severity:    important
References:  1206212,CVE-2022-23491
This update for python-certifi fixes the following issues:

- remove all TrustCor CAs, as TrustCor issued multiple man-in-the-middle
  certs (bsc#1206212 CVE-2022-23491)
     - TrustCor RootCert CA-1
     - TrustCor RootCert CA-2
     - TrustCor ECA-1
- Add removeTrustCor.patch

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2023:142-1
Released:    Thu Jan 26 06:40:15 2023
Summary:     Feature update for bind
Type:        feature
Severity:    moderate
References:  
This update for bind fixes the following issues:

Version update from 9.16.33 to 9.16.35 (jsc#SLE-24801, jsc#SLE-24600)

- New Features:
  * Support for parsing and validating the dohpath service
    parameter in SVCB records was added.
  * named now logs the supported cryptographic algorithms during
    startup and in the output of named -V

- Bug Fixes:
  * A crash was fixed that happened when a dnssec-policy zone that
    used NSEC3 was reconfigured to enable inline-signing.
  * In certain resolution scenarios, quotas could be erroneously
    reached for servers, including any configured forwarders,
    resulting in SERVFAIL answers being sent to clients.
  * rpz-ip rules in response-policy zones could be ineffective in
    some cases if a query had the CD (Checking Disabled) bit set to
    1.
  * Previously, if Internet connectivity issues were experienced
    during the initial startup of named, a BIND resolver with
    dnssec-validation set to auto could enter into a state where it
    would not recover without stopping named, manually deleting the
    managed-keys.bind and managed-keys.bind.jnl files, and starting
    named again.
  * The statistics counter representing the current number of
    clients awaiting recursive resolution results (RecursClients)
    could overflow in certain resolution scenarios.
  * Previously, BIND failed to start on Solaris-based systems with
    hundreds of CPUs.
  * When a DNS resource records TTL value was equal to the
    resolver configured prefetch eligibility value, the record
    was erroneously not treated as eligible for prefetching.
  * Changing just the TSIG key names for primaries in catalog
    zones member zones was not effective. This has been fixed.

- Known Issues:
  * Upgrading from BIND 9.16.32 or any older version may require a
    manual configuration change. The following configurations are
    affected:
    + type primary zones configured with dnssec-policy but without
      either allow-update or update-policy
    + type secondary zones configured with dnssec-policy
    In these cases please add inline-signing yes; to the individual
    zone configuration(s). Without applying this change, named will
    fail to start. For more details, see
    https://kb.isc.org/docs/dnssec-policy-requires-dynamic-dns-or-inline-signing

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:143-1
Released:    Thu Jan 26 06:41:22 2023
Summary:     Recommended update for bind
Type:        recommended
Severity:    moderate
References:  1201689
This update for bind fixes the following issues:

- Add systemd drop-in directory for named service (bsc#1201689)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:144-1
Released:    Thu Jan 26 06:43:05 2023
Summary:     Recommended update for freerdp
Type:        recommended
Severity:    moderate
References:  1205446
This update for freerdp fixes the following issues:

- Drop -DBUILTIN_CHANNELS=OFF option to fix missing symbols issue for builtin channels (bsc#1205446)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:151-1
Released:    Thu Jan 26 11:10:25 2023
Summary:     Security update for xrdp
Type:        security
Severity:    important
References:  1206301,CVE-2022-23477
This update for xrdp fixes the following issues:

- CVE-2022-23477: Fixed a buffer overflow for oversized audio format
  from client (bsc#1206301).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:153-1
Released:    Thu Jan 26 13:14:15 2023
Summary:     Security update for haproxy
Type:        security
Severity:    important
References:  1207181,CVE-2023-0056
This update for haproxy fixes the following issues:

- CVE-2023-0056: Fixed a server crash that could be triggered via a
  malformed HTTP/2 frame (bsc#1207181).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:158-1
Released:    Thu Jan 26 16:05:10 2023
Summary:     Recommended update for mlocate
Type:        recommended
Severity:    moderate
References:  
This update for mlocate fixes the following issues:

- Pass '--shell=/bin/sh' to 'su' when running the 'updatedb' command so that we
don't depend on the '${RUN_UPDATEDB_AS}' user's login shell. Since that user is
'nobody' by default, the login shell will oftentimes be '/bin/false'.

- require apparmor-abstractions
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:159-1
Released:    Thu Jan 26 18:21:56 2023
Summary:     Security update for python-setuptools
Type:        security
Severity:    moderate
References:  1206667,CVE-2022-40897
This update for python-setuptools fixes the following issues:

- CVE-2022-40897: Fixed an excessive CPU usage that could be triggered
  by fetching a malicious HTML document (bsc#1206667).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:161-1
Released:    Thu Jan 26 18:23:16 2023
Summary:     Security update for python-py
Type:        security
Severity:    moderate
References:  1204364,CVE-2022-42969
This update for python-py fixes the following issues:

- CVE-2022-42969: Fixed an excessive resource consumption that could
  be triggered when interacting with a Subversion repository
  containing crated data (bsc#1204364).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:171-1
Released:    Thu Jan 26 18:31:58 2023
Summary:     Security update for libXpm
Type:        security
Severity:    important
References:  1207029,1207030,1207031,CVE-2022-44617,CVE-2022-46285,CVE-2022-4883
This update for libXpm fixes the following issues:

- CVE-2022-46285: Fixed an infinite loop that could be triggered
  when reading a XPM image with a C-style comment that is never
  closed (bsc#1207029).
- CVE-2022-44617: Fixed an excessive resource consumption that could
  be triggered when reading small crafted XPM image (bsc#1207030).
- CVE-2022-4883: Fixed an issue that made decompression commands
  susceptible to PATH environment variable manipulation attacks
  (bsc#1207031).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:172-1
Released:    Thu Jan 26 18:33:30 2023
Summary:     Security update for ffmpeg-4
Type:        security
Severity:    moderate
References:  1206778,CVE-2022-3341
This update for ffmpeg-4 fixes the following issues:

- CVE-2022-3341: Fixed a potential crash when processing a crafted
  NUT stream (bsc#1206778).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:175-1
Released:    Thu Jan 26 20:53:51 2023
Summary:     Recommended update for gnutls
Type:        recommended
Severity:    moderate
References:  1207183,1207346
This update for gnutls fixes the following issues:

- FIPS: Added GnuTLS DH/ECDH pairwise consistency check for public key regeneration [bsc#1207183]
- FIPS: Change all the 140-2 references to FIPS 140-3 in order to account for the new FIPS certification [bsc#1207346]


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:179-1
Released:    Thu Jan 26 21:54:30 2023
Summary:     Recommended update for tar
Type:        recommended
Severity:    low
References:  1202436
This update for tar fixes the following issue:

- Fix hang when unpacking test tarball (bsc#1202436)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:181-1
Released:    Thu Jan 26 21:55:43 2023
Summary:     Recommended update for procps
Type:        recommended
Severity:    low
References:  1206412
This update for procps fixes the following issues:

- Improve memory handling/usage (bsc#1206412) 
- Make sure that correct library version is installed (bsc#1206412)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:182-1
Released:    Fri Jan 27 09:30:20 2023
Summary:     Recommended update for corosync
Type:        recommended
Severity:    important
References:  
This update for corosync fixes the following issues:

Version update from 2.4.5 to 2.4.6:

- Code cleanups of unused variables and trailing spaces
- Man pages improvements and fixes
- Provide more informative messages for token and consensus timeouts
- Various fixes for tests and checks
- Various improvements for error handling and logging
- For the detailed list of changes please consult the changelog at:
  https://github.com/corosync/corosync/releases/tag/v2.4.6

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:190-1
Released:    Fri Jan 27 12:13:51 2023
Summary:     Recommended update for llvm11
Type:        recommended
Severity:    important
References:  1197773
This update for llvm11 fixes the following issues:

- Drop RUNPATH from packaged binaries, instead set LD_LIBRARY_PATH for building and testing to simulate behavior of 
  the actual package (bsc#1197773)
- Propagate the complete host environment to the tests run. This ensures that all envvars needed e.g. for the compiler
  to work correctly are present. This run libc++ tests successfully getting the en LD_LIBRARY_PATH, otherwise, library
  were not found.

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2023:195-1
Released:    Fri Jan 27 12:23:02 2023
Summary:     Feature update for SAPHanaSR-ScaleOut
Type:        feature
Severity:    moderate
References:  1192963,1197239,1198127,1198780,1198897,1200969,1203973
This update for SAPHanaSR-ScaleOut fixes the following issues:

Version update from 0.181.0 to 0.184.1 (jsc#PED-1253):

- Add new HA/DR provider hook susChkSrv supporting a fast-dying indexserver (jsc#PED-1253, jsc#PED-1241, jsc#PED-1240)
- Add new HA/DR provider hook susTkOver for blocking manual takeovers (jsc#SLE-16347, jsc#SLE-11220, jsc#PED-1253)
- Add improvements from SAP to the RA scripts regarding the handling of the SAP tools 'HDB version', 'HDBSettings.sh'
  and 'pycd' and the SAPHana log filter handling (jsc#PED-1739, jsc#PED-1738)
- Add lost-nameserver-slave handling to SAPHanaTopology, to avoid toggeling SAPHanaController resource, if all
  nameserver-masters got lost. The SAP HANA instance will only be started, if enough nodes are available to fulfill the
  needs of the SAP HANA landscape.
- Add new tool SAPHanaSR-manageProvider to show, add and delete HA/DR provider sections in the global.ini of SAP HANA.
- Changes to the demote_clone function of the resource agent:
  * if the role is '*:shtdown:shtdown:shtdown' (topology agent run into timeouts) the function fails with rc=1, to get
    the managed resource stopped
- Changes to the stop_clone function of the topology agent:
  * call landscapeHostConfiguration.py and set the roles as they were reported. If the command timed out, set the role
    to '*:shtdown:shtdown:shtdown' and return 1 to get the node fenced.
    The used timeout for the landscapeHostConfiguration.py call can be configured by the cluster action timeout, if
    needed. It will be 50% of the action timeout or the minimum of 300s. (bsc#1198127)
- Change SAPHanaSR-manageAttr to support the different behaviour of 'crmadmin -qD' in different pacemaker versions
  (bsc#1200969)
- Correct the order constraint in man page ocf_suse_SAPHanaTopology.7 (bsc#1197239)
- Fix HANA_CALL function to support MCOS environments again (bsc#1198780)
- Fix SAPHanaSR-replay-archive to handle hb_report archives again (bsc#1198897)
- Fix SAPHanaSR-monitor reporting 'LPA status of one node is missing' (bsc#1192963, bsc#1203973)
- Fix SAPHanaSRTools.pm to show terminate node attribute too

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:201-1
Released:    Fri Jan 27 15:24:15 2023
Summary:     Security update for systemd
Type:        security
Severity:    moderate
References:  1204944,1205000,1207264,CVE-2022-4415
This update for systemd fixes the following issues:

- CVE-2022-4415: Fixed an issue where users could access coredumps
  with changed uid, gid or capabilities (bsc#1205000).

Non-security fixes:

- Enabled the pstore service (jsc#PED-2663).
- Fixed an issue accessing TPM when secure boot is enabled (bsc#1204944).
- Fixed an issue where a pamd file could get accidentally overwritten
  after an update (bsc#1207264).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:206-1
Released:    Mon Jan 30 11:17:59 2023
Summary:     Security update for ffmpeg
Type:        security
Severity:    moderate
References:  1140754,1206778,CVE-2019-13390,CVE-2022-3341
This update for ffmpeg fixes the following issues:

- CVE-2022-3341: Fixed a potential crash when processing a crafted
  NUT stream (bsc#1206778). 
- CVE-2019-13390: Fixed a potential crash when processing a crafted
  AVI stream (bsc#1140754).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:212-1
Released:    Mon Jan 30 17:26:44 2023
Summary:     Security update for nginx
Type:        security
Severity:    important
References:  1204526,1204527,CVE-2022-41741,CVE-2022-41742
This update for nginx fixes the following issues:

- CVE-2022-41741: Handle duplicated atoms in mp4 streams, to mitigate out-of-bound reads. (bsc#1204526) 
- CVE-2022-41742: Handle duplicated atoms in mp4 streams, to mitigate out-of-bound reads. (bsc#1204527) 

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:215-1
Released:    Mon Jan 30 17:27:24 2023
Summary:     Security update for apache2-mod_auth_openidc
Type:        security
Severity:    moderate
References:  1190223,1199868,1206441,CVE-2021-39191,CVE-2022-23527
This update for apache2-mod_auth_openidc fixes the following issues:

- CVE-2022-23527: Fixed open redirect in oidc_validate_redirect_url() using tab character (bsc#1206441).
- CVE-2021-39191: Fixed open redirect issue in target_link_uri parameter (bsc#1190223).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:218-1
Released:    Wed Feb  1 06:12:06 2023
Summary:     Recommended update for SAPHanaSR
Type:        recommended
Severity:    critical
References:  1205535,1207466
This update for SAPHanaSR fixes the following issues:

- Fix for SAPHanaTopology failing with error code 1 (OCF_ERR_GENERIC) during a normal stop action (bsc#1207466)
- Set srhook attribute to PRIM during a probe so that there is no need to wait for the first srConnectionChanged() to 
  set the attribute (bsc#1205535)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:221-1
Released:    Wed Feb  1 09:34:32 2023
Summary:     Security update for xterm
Type:        security
Severity:    important
References:  1205305,CVE-2022-45063
This update for xterm fixes the following issues:

- CVE-2022-45063: Fixed an arbitrary code execution issue under
  configurations using vi and zsh (bsc#1205305).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:225-1
Released:    Wed Feb  1 09:37:51 2023
Summary:     Security update for ctags
Type:        security
Severity:    important
References:  1206543,CVE-2022-4515
This update for ctags fixes the following issues:

- CVE-2022-4515: Fixed a command injection issue via a tag file wih a
  crafted filename (bsc#1206543).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:275-1
Released:    Mon Feb  6 17:18:38 2023
Summary:     Security update for rubygem-activesupport-5_1
Type:        security
Severity:    moderate
References:  1207454,CVE-2023-22796
This update for rubygem-activesupport-5_1 fixes the following issues:

- CVE-2023-22796: Fixed a potential denial of service when passing a
  crafted input to the underscore method due to an inefficient
  regular expression (bsc#1207454).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:276-1
Released:    Mon Feb  6 17:19:34 2023
Summary:     Security update for rubygem-rack
Type:        security
Severity:    moderate
References:  1207596,1207597,1207599,CVE-2022-44570,CVE-2022-44571,CVE-2022-44572
This update for rubygem-rack fixes the following issues:

- CVE-2022-44570: Fixed a potential denial of service when parsing a
  RFC2183 multipart boundary (bsc#1207597).
- CVE-2022-44571: Fixed a potential denial of service when parsing a
  Range header (bsc#1207599).
- CVE-2022-44572: Fixed a potential denial of service when parsing a
  Content-Disposition header (bsc#1207596).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:285-1
Released:    Tue Feb  7 09:31:42 2023
Summary:     Security update for xorg-x11-server
Type:        security
Severity:    important
References:  1207783,CVE-2023-0494
This update for xorg-x11-server fixes the following issues:

- CVE-2023-0494: Fixed a use-after-free in DeepCopyPointerClasses (bsc#1207783).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:290-1
Released:    Tue Feb  7 09:57:17 2023
Summary:     Recommended update for rust, rust1.67
Type:        recommended
Severity:    moderate
References:  
This update for rust, rust1.67 fixes the following issues:

Rust is shipped in version 1.67.0.

Changes in rust1.67:

Version 1.67.0 (2023-01-26)
==========================

Language
--------

- Make `Sized` predicates coinductive, allowing cycles.
- #[must_use]` annotations on `async fn` also affect the `Future::Output`.
- Elaborate supertrait obligations when deducing closure signatures.
- Invalid literals are no longer an error under `cfg(FALSE)`.
- Unreserve braced enum variants in value namespace.

Compiler
--------

- Enable varargs support for calling conventions other than `C` or `cdecl`.
- Add new MIR constant propagation based on dataflow analysis.
- Optimize field ordering by grouping m\*2^n-sized fields with equivalently aligned ones.
- Stabilize native library modifier `verbatim`.

Added and removed targets:

- Remove tier 3 `linuxkernel` targets
  Refer to Rust's platform support page for more information on Rust's tiered platform support.

Libraries
---------

- Merge `crossbeam-channel` into `std::sync::mpsc`.
- Fix inconsistent rounding of 0.5 when formatted to 0 decimal places.
- Derive `Eq` and `Hash` for `ControlFlow`.
- Don't build `compiler_builtins` with `-C panic=abort`.

Stabilized APIs
---------------

- {integer}::checked_ilog
- {integer}::checked_ilog2
- {integer}::checked_ilog10
- {integer}::ilog
- {integer}::ilog2
- {integer}::ilog10
- NonZeroU*::ilog2
- NonZeroU*::ilog10
- NonZero*::BITS

These APIs are now stable in const contexts:

- char::from_u32
- char::from_digit
- char::to_digit
- core::char::from_u32
- core::char::from_digit

Compatibility Notes
-------------------

- The layout of `repr(Rust)` types now groups m\*2^n-sized fields with
  equivalently aligned ones.
  This is intended to be an optimization, but it is also known to increase type
  sizes in a few cases for the placement of enum tags. As a reminder, the layout
  of `repr(Rust)` types is an implementation detail, subject to change.
- 0.5 now rounds to 0 when formatted to 0 decimal places.
  This makes it consistent with the rest of floating point formatting that
  rounds ties toward even digits.
- Chains of `&&` and `||` will now drop temporaries from their sub-expressions in
  evaluation order, left-to-right.
  Previously, it was 'twisted' such that the _first_ expression dropped its
  temporaries _last_, after all of the other expressions dropped in order.
- Underscore suffixes on string literals are now a hard error.
  This has been a future-compatibility warning since 1.20.0.
- Stop passing `-export-dynamic` to `wasm-ld`.
- main` is now mangled as `__main_void` on `wasm32-wasi`.
- Cargo now emits an error if there are multiple registries in the configuration
   with the same index URL.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:295-1
Released:    Tue Feb  7 10:39:39 2023
Summary:     Security update for redis
Type:        security
Severity:    important
References:  1207202,1207203,1207448,CVE-2022-35977,CVE-2023-22458
This update for redis fixes the following issues:

- CVE-2022-35977: Fixed an integer overflow that could allow
  authenticated users to cause a crash (bsc#1207202).
- CVE-2023-22458: Fixed a missing check that could allow authenticated
  users to cause a crash (bsc#1207203).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:297-1
Released:    Tue Feb  7 13:17:47 2023
Summary:     Recommended update for java-17-openjdk
Type:        recommended
Severity:    moderate
References:  1205916
This update for java-17-openjdk fixes the following issues:

- Modified patches:
  Revert fips patch to a version used with 17.0.4.0 (bsc#1205916)
  Apply nss-security-provider patch after the fips patch, thus rediff the hunk to changed context.

- Fix jconsole.desktop icon 

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:302-1
Released:    Tue Feb  7 16:12:57 2023
Summary:     Recommended update for libpulp
Type:        recommended
Severity:    moderate
References:  
This update for libpulp fixes the following issues:

Update package with libpulp-0.2.7:

* Add support to library to JSON library dumps, Removing any requirement of
   adding the original library .so file into the livepatch build tarball.
* Update the ulp post hook script for transactional systems (jsc#PED-1078).
* Add `setup_package.sh` as part of libpulp tools.

Update package with libpulp-0.2.6

* Add new `-R` option to specify a prefix root for livepatches (jsc#PED-1078).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:303-1
Released:    Tue Feb  7 16:18:06 2023
Summary:     Recommended update for sane-backends
Type:        recommended
Severity:    moderate
References:  

This update of sane-backends fixes the following issues:

- rebuild against the new net-snmp (jsc#SLE-11203).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:305-1
Released:    Tue Feb  7 17:31:51 2023
Summary:     Security update for openssl-1_0_0
Type:        security
Severity:    important
References:  1207533,1207534,1207536,CVE-2022-4304,CVE-2023-0215,CVE-2023-0286
This update for openssl-1_0_0 fixes the following issues:

- CVE-2023-0286: Fixed X.400 address type confusion in X.509 GENERAL_NAME_cmp for x400Address (bsc#1207533).
- CVE-2023-0215: Fixed use-after-free following BIO_new_NDEF() (bsc#1207536).
- CVE-2022-4304: Fixed timing Oracle in RSA Decryption (bsc#1207534).


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:314-1
Released:    Wed Feb  8 12:51:27 2023
Summary:     Security update for apache2-mod_security2
Type:        security
Severity:    important
References:  1207378,CVE-2022-48279
This update for apache2-mod_security2 fixes the following issues:

- CVE-2022-48279: Fixed a potential firewall bypass due to an
  incorrect parsing of HTTP multipart requests (bsc#1207378).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:322-1
Released:    Wed Feb  8 16:19:37 2023
Summary:     Security update for apache2
Type:        security
Severity:    important
References:  1207247,1207250,1207251,CVE-2006-20001,CVE-2022-36760,CVE-2022-37436
This update for apache2 fixes the following issues:

- CVE-2022-37436: Fixed an issue in mod_proxy where a malicious
  backend could cause the response headers to be truncated early,
  resulting in some headers being incorporated into the response body
  (bsc#1207251).
- CVE-2022-36760: Fixed an issue in mod_proxy_ajp that could allow
  request smuggling attacks (bsc#1207250).
- CVE-2006-20001: Fixed an issue in mod_proxy_ajp where a request
  header could cause memory corruption (bsc#1207247).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:328-1
Released:    Thu Feb  9 09:09:22 2023
Summary:     Security update for rubygem-globalid
Type:        security
Severity:    moderate
References:  1207587,CVE-2023-22799
This update for rubygem-globalid fixes the following issues:

- CVE-2023-22799: Fixed ReDoS vulnerability (bsc#1207587).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:329-1
Released:    Thu Feb  9 10:20:18 2023
Summary:     Security update for MozillaThunderbird
Type:        security
Severity:    important
References:  1207119,CVE-2022-46871,CVE-2022-46877,CVE-2023-0430,CVE-2023-23598,CVE-2023-23599,CVE-2023-23601,CVE-2023-23602,CVE-2023-23603,CVE-2023-23605
This update for MozillaThunderbird fixes the following issues:

  Updated to version 102.7.1 (bsc#1207119):
  * CVE-2022-46871: Fixed out of date libusrsctp.
  * CVE-2023-23598: Fixed arbitrary file read from GTK drag and drop on Linux.
  * CVE-2023-23599: Fixed issue where malicious command that could be hidden in devtools output on Windows.
  * CVE-2023-23601: Fixed issue where URL being dragged from cross-origin iframe into same tab triggers navigation.
  * CVE-2023-23602: Fixed Content Security Policy not being correctly applied to WebSockets in WebWorkers.
  * CVE-2022-46877: Fixed fullscreen notification bypass.
  * CVE-2023-23603: Fixed issue where calls to code tag allowed bypassing Content Security Policy via format directive.
  * CVE-2023-23605: Fixed memory safety bugs.


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:330-1
Released:    Thu Feb  9 11:41:51 2023
Summary:     Recommended update for pesign-obs-integration
Type:        recommended
Severity:    important
References:  1195805,1205917,1207520
This update for pesign-obs-integration fixes the following issues:

- Fix for a filename issue in the scripts of generated ueficert package (bsc#1195805, bsc#1205917)
- fixed dependency generators (bsc#1207520)(jsc#PED-2658):

  - Add support for including macros in pesign-repackage.spec by using pesign-spec-macros
  - Add support for copying sources to the new build directory by using pesign-copy-sources
  - Update README for dependency generation, add Dependency Generation section

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:333-1
Released:    Thu Feb  9 13:49:04 2023
Summary:     Recommended update for amazon-ecs-init
Type:        recommended
Severity:    moderate
References:  
This update for amazon-ecs-init fixes the following issues:
    
   - Add aarch64 binaries to the channels.
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:334-1
Released:    Thu Feb  9 13:49:43 2023
Summary:     Recommended update for google-osconfig-agent
Type:        recommended
Severity:    moderate
References:  
This update for google-osconfig-agent fixes the following issues:
    
   - Provide the latest version for SLE-15-SP4 too.
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:341-1
Released:    Fri Feb 10 10:04:35 2023
Summary:     Security update for bind
Type:        security
Severity:    important
References:  1207471,1207473,1207475,CVE-2022-3094,CVE-2022-3736,CVE-2022-3924
This update for bind fixes the following issues:

- Updated to version 9.16.37 (jsc#SLE-24600):
  - CVE-2022-3094: Fixed an issue where a message flood could exhaust
    all available memory (bsc#1207471).
  - CVE-2022-3736: Fixed a potential crash upon receiving an RRSIG in
    configurations with stale cache and stale answers enabled and
    stale-answer-client-timeout set to a positive value (bsc#1207473).
  - CVE-2022-3924: Fixed a potential crash upon reaching the
    recursive-clients soft quota in configurations with stale answers
    enabled and stale-answer-client-timeout set to a positive value
    (bsc#1207475).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:342-1
Released:    Fri Feb 10 10:06:46 2023
Summary:     Security update for tiff
Type:        security
Severity:    important
References:  1207413,CVE-2022-48281
This update for tiff fixes the following issues:

- CVE-2022-48281: Fixed a buffer overflow that could be triggered via
  a crafted image (bsc#1207413).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:343-1
Released:    Fri Feb 10 12:29:50 2023
Summary:     Security update for wireshark
Type:        security
Severity:    important
References:  1206189,1207447,1207663,1207664,1207665,1207667,1207668,1207669,CVE-2022-4345,CVE-2023-0411,CVE-2023-0412,CVE-2023-0413,CVE-2023-0415,CVE-2023-0416,CVE-2023-0417
This update for wireshark fixes the following issues:

- Updated to version 3.6.11 (bsc#1207447):
  - CVE-2023-0417: Fixed a memory leak in the NFS dissector (bsc#1207669).
  - CVE-2023-0413: Fixed a crash in the dissection engine (bsc#1207665).
  - CVE-2023-0416: Fixed a crash in the GNW dissector (bsc#1207668).
  - CVE-2023-0415: Fixed a crash in the iSCSI dissector (bsc#1207667).
  - CVE-2023-0411: Fixed several issues where an excessive CPU
    consumption could be triggered in multiple dissectors (bsc#1207663).
  - CVE-2023-0412: Fixed a crash in the TIPC dissector (bsc#1207664).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:348-1
Released:    Fri Feb 10 15:08:41 2023
Summary:     Security update for less
Type:        security
Severity:    moderate
References:  1207815,CVE-2022-46663
This update for less fixes the following issues:

  - CVE-2022-46663: Fixed denial-of-service by printing specially crafted escape sequences to the terminal (bsc#1207815).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:375-1
Released:    Fri Feb 10 17:05:34 2023
Summary:     Security update for java-1_8_0-ibm
Type:        security
Severity:    moderate
References:  1204703,1205302,CVE-2022-3676
This update for java-1_8_0-ibm fixes the following issues:

IBM Security Update November 2022: (bsc#1205302, bsc#1204703)

- CVE-2022-3676: A security vulnerability was fixed in version 8.0.7.20, adding the reference here.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:386-1
Released:    Mon Feb 13 03:12:28 2023
Summary:     Recommended update for NetworkManager-applet
Type:        recommended
Severity:    important
References:  
This update for NetworkManager-applet fixes the following issues:

- Fix build issues related to meson

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:389-1
Released:    Mon Feb 13 09:41:49 2023
Summary:     Security update for apr-util
Type:        security
Severity:    critical
References:  1207866,CVE-2022-25147
This update for apr-util fixes the following issues:

- CVE-2022-25147: Fixed a buffer overflow possible with specially crafted input during base64 encoding (bsc#1207866)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:399-1
Released:    Mon Feb 13 16:17:28 2023
Summary:     Security update for freerdp
Type:        security
Severity:    moderate
References:  1205512,CVE-2022-39316,CVE-2022-39317,CVE-2022-39320,CVE-2022-39347,CVE-2022-41877
This update for freerdp fixes the following issues:

- CVE-2022-39316: Fixed out of bound read in zgfx decoder (bsc#1205512).
- CVE-2022-39317: Fixed undefined behaviour in zgfx decoder (bsc#1205512).
- CVE-2022-39320: Fixed heap buffer overflow in urbdrc channel (bsc#1205512).
- CVE-2022-39347: Fixed missing path sanitation with drive channel (bsc#1205512).
- CVE-2022-41877: Fixed missing input length validation in drive channel (bsc#1205512).

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2023:401-1
Released:    Tue Feb 14 07:15:50 2023
Summary:     Feature update for LibreOffice
Type:        feature
Severity:    moderate
References:  
This update for LibreOffice fixes the following issues:

libreoffice:

- Version update from 7.3.6.2 to 7.4.3.2 (jsc#PED-1785):
  * For the highlights of changes of version 7.4 please consult the official release notes:
    https://wiki.documentfoundation.org/ReleaseNotes/7.4
  * Updated bundled dependencies:
    * boost version update from 1_77_0 to 1_79_0
    * curl version update from 7.83.1 to 7.86.0
    * icu4c-data version update from 70_1 to 71_1
    * icu4c version update from 70_1 to 71_1
    * pdfium version update from 4699 to 5058
    * poppler version update from 21.11.0 to 22.09.0
    * poppler-data version update from 0.4.10 to 0.4.11
    * skia version from m97-a7230803d64ae9d44f4e128244480111a3ae967 to m103-b301ff025004c9cd82816c86c547588e6c24b466
  * New build dependencies:
    * fixmath-devel
    * libwebp-devel
    * zlib-devel
    * dragonbox-devel
    * at-spi2-core-devel
    * libtiff-devel

dragonbox:

- New package at version 1.1.3
    * New dependency for LibreOffice 7.4

fixmath:

- New package at version 2022.07.20
    * New dependency for LibreOffice 7.4

libmwaw:

- Version update from 0.3.20 to 0.3.21 (jsc#PED-1785):
  * add debug code to read some private rsrc data
  * allow to read some MacWrite which does not have printer informations
  * add a parser for Scoop files
  * add a parser for ScriptWriter files
  * add a parser for ReadySetGo 1-4 files

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:405-1
Released:    Tue Feb 14 11:47:47 2023
Summary:     Security update for libbpf
Type:        security
Severity:    important
References:  1204391,1204502,CVE-2022-3534,CVE-2022-3606
This update for libbpf fixes the following issues:

  - CVE-2022-3534: Fixed use-after-free in btf_dump_name_dups (bsc#1204391).
  - CVE-2022-3606: Fixed null pointer dereference in find_prog_by_sec_insn() (bsc#1204502).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:411-1
Released:    Tue Feb 14 17:07:00 2023
Summary:     Security update for haproxy
Type:        security
Severity:    critical
References:  1208132,CVE-2023-25725
This update for haproxy fixes the following issues:

- CVE-2023-25725: Fixed a serious vulnerability in the HTTP/1 parser (bsc#1208132).
- Fixed an issue where sensitive data might leak to the backend.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:419-1
Released:    Wed Feb 15 11:45:51 2023
Summary:     Security update for nodejs18
Type:        security
Severity:    moderate
References:  1200303,1201325,1201326,1201327,1201328,1203831,1203832,1205042,1205119,1205236,CVE-2022-32212,CVE-2022-32213,CVE-2022-32214,CVE-2022-32215,CVE-2022-35255,CVE-2022-35256,CVE-2022-43548
This update for nodejs18 fixes the following issues:

This update ships nodejs18 (jsc#PED-2097)

Update to NodejJS 18.13.0 LTS:

* build: disable v8 snapshot compression by default
* crypto: update root certificates
* deps: update ICU to 72.1
* doc:

  + add doc-only deprecation for headers/trailers setters
  + add Rafael to the tsc
  + deprecate use of invalid ports in url.parse
  + deprecate url.parse()

* lib: drop fetch experimental warning
* net: add autoSelectFamily and autoSelectFamilyAttemptTimeout options
* src:

  + add uvwasi version
  + add initial shadow realm support

* test_runner:

  + add t.after() hook
  + don't use a symbol for runHook()

* tls:

  + add 'ca' property to certificate object

* util:

  + add fast path for utf8 encoding
  + improve textdecoder decode performance
  + add MIME utilities

- Fixes compatibility with ICU 72.1 (bsc#1205236)
- Fix migration to openssl-3 (bsc#1205042)

Update to NodeJS 18.12.1 LTS:

* inspector: DNS rebinding in --inspect via invalid octal IP
  (bsc#1205119, CVE-2022-43548)

Update to NodeJS 18.12.0 LTS:

* Running in 'watch' mode using node --watch restarts the process
  when an imported file is changed.
* fs: add FileHandle.prototype.readLines
* http: add writeEarlyHints function to ServerResponse
* http2: make early hints generic
* util: add default value option to parsearg

Update to NodeJS 18.11.0:

* added experimental watch mode -- running in 'watch' mode using
  node --watch restarts the process when an imported file is changed
* fs: add FileHandle.prototype.readLines
* http: add writeEarlyHints function to ServerResponse
* http2: make early hints generic
* lib: refactor transferable AbortSignal
* src: add detailed embedder process initialization API
* util: add default value option to parsearg

Update to NodeJS 18.10.0:

* deps: upgrade npm to 8.19.2
* http: throw error on content-length mismatch
* stream: add ReadableByteStream.tee()

Update to Nodejs 18.9.1:

* deps: llhttp updated to 6.0.10

  + CVE-2022-32213 bypass via obs-fold mechanic (bsc#1201325)
  + Incorrect Parsing of Multi-line Transfer-Encoding
    (CVE-2022-32215, bsc#1201327)
  + Incorrect Parsing of Header Fields (CVE-2022-35256, bsc#1203832)

* crypto: fix weak randomness in WebCrypto keygen
  (CVE-2022-35255, bsc#1203831)

Update to Nodejs 18.9.0:

* lib - add diagnostics channel for process and worker
* os - add machine method
* report - expose report public native apis
* src - expose environment RequestInterrupt api
* vm - include vm context in the embedded snapshot

Changes in 18.8.0:

* bootstrap: implement run-time user-land snapshots via
  --build-snapshot and --snapshot-blob. See
* crypto:
  + allow zero-length IKM in HKDF and in webcrypto PBKDF2
  + allow zero-length secret KeyObject
* deps: upgrade npm to 8.18.0
* http: make idle http parser count configurable
* net: add local family
* src: print source map error source on demand
* tls: pass a valid socket on tlsClientError

Update to Nodejs 18.7.0:

* events: add CustomEvent
* http: add drop request event for http server
* lib: improved diagnostics_channel subscribe/unsubscribe
* util: add tokens to parseArgs

- enable crypto policy ciphers for TW and SLE15 SP4+ (bsc#1200303)

Update to Nodejs 18.6.0:

* Experimental ESM Loader Hooks API. For details see,
  https://nodejs.org/api/esm.html
* dns: export error code constants from dns/promises
* esm: add chaining to loaders
* http: add diagnostics channel for http client
* http: add perf_hooks detail for http request and client
* module: add isBuiltIn method
* net: add drop event for net server
* test_runner: expose describe and it
* v8: add v8.startupSnapshot utils

For details, see
https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V18.md#18.6.0

Update to Nodejs 18.5.0:

* http: stricter Transfer-Encoding and header separator parsing
  (bsc#1201325, bsc#1201326, bsc#1201327,
   CVE-2022-32213, CVE-2022-32214, CVE-2022-32215)
* src: fix IPv4 validation in inspector_socket
  (bsc#1201328, CVE-2022-32212)

For details, see
https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V18.md#18.5.0

Update to Nodejs 18.4.0. For detailed changes see,

https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V18.md#18.4.0

Initial packaging of Nodejs 18.2.0. For detailed changes since previous versions, see
https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V18.md#18.2.0


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:423-1
Released:    Wed Feb 15 13:41:56 2023
Summary:     Security update for aws-efs-utils
Type:        security
Severity:    moderate
References:  1191055,1206737,CVE-2022-46174
This update for aws-efs-utils fixes the following issues:

- Updated to version 1.34.5:
  - CVE-2022-46174: Fixed a race condition when mounting filesystems
    using TLS, which could result in various failures (bsc#1206737).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:427-1
Released:    Wed Feb 15 17:40:08 2023
Summary:     Security update for bind
Type:        security
Severity:    important
References:  1207471,CVE-2022-3094
This update for bind fixes the following issues:

  - CVE-2022-3094: Fixed memory exhaustion due to UPDATE message flooding (bsc#1207471).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:428-1
Released:    Wed Feb 15 17:40:56 2023
Summary:     Security update for ImageMagick
Type:        security
Severity:    important
References:  1207982,1207983,CVE-2022-44267,CVE-2022-44268
This update for ImageMagick fixes the following issues:

- CVE-2022-44267: Fixed a denial of service when parsing a PNG image (bsc#1207982).
- CVE-2022-44268: Fixed arbitrary file disclosure when parsing a PNG image (bsc#1207983).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:429-1
Released:    Wed Feb 15 17:41:22 2023
Summary:     Security update for curl
Type:        security
Severity:    important
References:  1207990,1207991,1207992,CVE-2023-23914,CVE-2023-23915,CVE-2023-23916
This update for curl fixes the following issues:

- CVE-2023-23914: Fixed HSTS ignored on multiple requests (bsc#1207990).
- CVE-2023-23915: Fixed HSTS amnesia with --parallel (bsc#1207991).
- CVE-2023-23916: Fixed HTTP multi-header compression denial of service (bsc#1207992).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:430-1
Released:    Wed Feb 15 17:42:25 2023
Summary:     Security update for git
Type:        security
Severity:    important
References:  1208027,1208028,CVE-2023-22490,CVE-2023-23946
This update for git fixes the following issues:

  - CVE-2023-22490: Fixed incorrectly usable local clone optimization even when using a non-local transport (bsc#1208027).
  - CVE-2023-23946: Fixed issue where a path outside the working tree can be overwritten as the user who is running 'git apply' (bsc#1208028).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:431-1
Released:    Wed Feb 15 17:43:13 2023
Summary:     Security update for apache2-mod_security2
Type:        security
Severity:    important
References:  1207379,CVE-2023-24021
This update for apache2-mod_security2 fixes the following issues:

  - CVE-2023-24021: Fixed FILES_TMP_CONTENT missing complete content (bsc#1207379).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:432-1
Released:    Wed Feb 15 18:48:25 2023
Summary:     Recommended update for graphite2
Type:        recommended
Severity:    moderate
References:  1207676
This update for graphite2 fixes the following issue:

- Correct license string to LGPL-2.1-or-later OR MPL-2.0 OR GPL-2.0-or-later (bsc#1207676)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:434-1
Released:    Thu Feb 16 09:08:05 2023
Summary:     Security update for mozilla-nss
Type:        security
Severity:    important
References:  1208138,CVE-2023-0767
This update for mozilla-nss fixes the following issues:

  Updated to NSS 3.79.4 (bsc#1208138):

  - CVE-2023-0767: Fixed handling of unknown PKCS#12 safe bag types.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:435-1
Released:    Thu Feb 16 11:06:29 2023
Summary:     Security update for java-17-openjdk
Type:        security
Severity:    moderate
References:  1205916,1207246,1207248,CVE-2023-21835,CVE-2023-21843
This update for java-17-openjdk fixes the following issues:

  Updated to version jdk-17.0.6.0+10:

  - CVE-2023-21835: Fixed handshake DoS attack against DTLS connections (bsc#1207246).
  - CVE-2023-21843: Fixed soundbank URL remote loading (bsc#1207248).

  Bugfixes:

  - Avoid calling C_GetInfo() too early, before cryptoki is initialized (bsc#1205916).


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:444-1
Released:    Fri Feb 17 09:44:11 2023
Summary:     Security update for rubygem-actionpack-5_1
Type:        security
Severity:    important
References:  1207451,1207455,CVE-2023-22792,CVE-2023-22795
This update for rubygem-actionpack-5_1 fixes the following issues:

  - CVE-2023-22795: Fixed ReDoS in Action Dispatch cache (bsc#1207451).
  - CVE-2023-22792: Fixed ReDoS in Action Dispatch cookies (bnc#1207455).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:452-1
Released:    Mon Feb 20 11:11:10 2023
Summary:     Recommended update for build
Type:        recommended
Severity:    moderate
References:  
This update for build fixes the following issues:

build was updated to the current version:

- CycloneDX SBOM support added
- added support for generating VCS url information into rpms
- SPDX SBOM generation for container and product builds
- Revert & Redo 'Better filetype detection for temp changes files'
- Fix typo in glibc hwcaps supplements
- Implement lua string macros
- configure mkbaselibs to create glibc-hwcaps baselibs as well
- Better filetype detection for temp changes files
- Add hook to run checks after mkbaselibs run
- Delete leftover multilinedefine variable definition
- Support multiline macros in the config's macro sections
- Support #!BuildConstraint lines
- Support #!BuildTarget in spec files to set the build target
  (as workaround of broken BuildArch in rpm since 2001)
- Support a regexp for file renames
- Set home to /root when running build time services
- INCOMPATIBLE CHANGE: get rid off the power8 cpu limitation (#889) on powerpc
- Add handling of non-compressed tar when creating Debian archive for DSC 3.0
- Add automatic build-in-place detection
- Support dist/package subdir builds in pbuild
- Skip iothreads on QEMU 7.1.0
- Fix permissions of /dev/pts/ptmx
- Add license to container package list output
- initial SP5 build configurations
- vm-type:qemu use virtio on x86_64
- Improve installation of obs-docker-support for multi-stage builds
- Tweak ARG handling in dockerfile parser
- fixed Undefined subroutine &PBuild::Job::ls issue
- Add missing dependencies from vc as Recommends
- sync factory build config
- build-recipe-livebuild: run as root
- vm_kill_kvm: Use SIGKILL after 3 minutes if the kvm process is not going away
- Zip: Allow extraction of symlink targets
- Convert obsolete egrep/fgrep calls to grep -E/-F
- Add RemoteAsset support for Dockerfile based builds
- new image format: mkosi
- Support stacked container builds
- Revert 'build-vm-kvm: enable l3-cache on i386/x86_64 builds'
- handling of non-compressed tar when creating Debian archive for DSC 3.0
- kvm: exclude powerpc from io_uring, enable iothreads always (#829)
- kvm: enable more performant I/O also for s390(x) (#828)
- Changelog patching when building DSC format 3.0. (#831)
- support for building from slsa provenance files
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:457-1
Released:    Mon Feb 20 12:56:48 2023
Summary:     Recommended update for scap-security-guide
Type:        recommended
Severity:    moderate
References:  
This update for scap-security-guide fixes the following issues:

scap-security-guide was updated to 0.1.66 (jsc#ECO-3319)

  - Ubuntu 22.04 CIS
  - OL7 stig v2r9 update
  - Bump OL8 STIG version to V1R4
  - Update RHEL7 STIG to V3R10
  - Update RHEL8 STIG to V1R9
  - Introduce CIS RHEL9 profiles

- also various SUSE profile fixes were done

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:461-1
Released:    Mon Feb 20 14:36:11 2023
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    important
References:  1208138,1208144,CVE-2023-0767,CVE-2023-25728,CVE-2023-25729,CVE-2023-25730,CVE-2023-25732,CVE-2023-25734,CVE-2023-25735,CVE-2023-25737,CVE-2023-25738,CVE-2023-25739,CVE-2023-25742,CVE-2023-25743,CVE-2023-25744,CVE-2023-25746
This update for MozillaFirefox fixes the following issues:

  Updated to version 102.8.0 ESR (bsc#1208144):

  - CVE-2023-25728: Fixed content security policy leak in violation reports using iframes.
  - CVE-2023-25730: Fixed screen hijack via browser fullscreen mode.
  - CVE-2023-25743: Fixed Fullscreen notification not being shown in Firefox Focus.
  - CVE-2023-0767: Fixed arbitrary memory write via PKCS 12 in NSS.
  - CVE-2023-25735: Fixed potential use-after-free from compartment mismatch in SpiderMonkey.
  - CVE-2023-25737: Fixed invalid downcast in SVGUtils::SetupStrokeGeometry.
  - CVE-2023-25738: Fixed printing on Windows which could potentially crash Firefox with some device drivers.
  - CVE-2023-25739: Fixed use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext.
  - CVE-2023-25729: Fixed extensions opening external schemes without user knowledge.
  - CVE-2023-25732: Fixed out of bounds memory write from EncodeInputStream.
  - CVE-2023-25734: Fixed opening local .url files that causes unexpected network loads.
  - CVE-2023-25742: Fixed tab crash by Web Crypto ImportKey.
  - CVE-2023-25744: Fixed Memory safety bugs.
  - CVE-2023-25746: Fixed Memory safety bugs.


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:463-1
Released:    Mon Feb 20 16:33:39 2023
Summary:     Security update for tar
Type:        security
Severity:    moderate
References:  1202436,1207753,CVE-2022-48303
This update for tar fixes the following issues:

- CVE-2022-48303: Fixed a one-byte out-of-bounds read that resulted in use of uninitialized memory for a conditional jump (bsc#1207753). 

Bug fixes:

- Fix hang when unpacking test tarball (bsc#1202436).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:464-1
Released:    Mon Feb 20 18:11:37 2023
Summary:     Recommended update for systemd
Type:        recommended
Severity:    moderate
References:  
This update for systemd fixes the following issues:

- Merge of v249.15
- Drop workaround related to systemd-timesyncd that addressed a Factory issue.
- Conditionalize the use of /lib/modprobe.d only on systems with split usr
  support enabled (i.e. SLE).
- Make use of the %systemd_* rpm macros consistently. Using the upstream
  variants will ease the backports of Factory changes to SLE since Factory
  systemd uses the upstream variants exclusively.
- machines.target belongs to systemd-container, do its init/cleanup steps from
  the scriptlets of this sub-package.
- Make sure we apply the presets on units shipped by systemd package.
- systemd-testsuite: move the integration tests in a dedicated sub directory.
- Move systemd-cryptenroll into udev package.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:465-1
Released:    Mon Feb 20 18:33:58 2023
Summary:     Security update for prometheus-ha_cluster_exporter
Type:        security
Severity:    important
References:  1208046,1208047,CVE-2022-46146
This update for prometheus-ha_cluster_exporter fixes the following issues:

  Updated to version 1.3.1:

  - CVE-2022-46146: Fixed authentication bypass via cache poisoning in prometheus/exporter-toolkit (bsc#1208046, bsc#1208047).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:470-1
Released:    Tue Feb 21 10:05:53 2023
Summary:     Security update for clamav
Type:        security
Severity:    critical
References:  1208363,1208365,CVE-2023-20032,CVE-2023-20052
This update for clamav fixes the following issues:

- CVE-2023-20032: Fixed a possible remote code execution vulnerability in the HFS+ file parser (bsc#1208363).
- CVE-2023-20052: Fixed a possible remote information leak vulnerability in the DMG file parser (bsc#1208365).

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2023:472-1
Released:    Tue Feb 21 10:19:47 2023
Summary:     Feature update for nvptx-tools
Type:        feature
Severity:    moderate
References:  
This update for nvptx-tools fixes the following issues:

    
Update nvptx-tools (jsc#SLE-25047):
    
- Add fixes which deal with CUDA 11 dropping support for NVIDIA Kepler sm_30 and sm_32
- Add command line tools `nvptx-none-run` and `nvptx-none-run-single`

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:475-1
Released:    Wed Feb 22 10:49:14 2023
Summary:     Security update for gnutls
Type:        security
Severity:    moderate
References:  1207183,1208143,1208146,CVE-2023-0361
This update for gnutls fixes the following issues:

- CVE-2023-0361: Fixed a Bleichenbacher oracle in the TLS RSA key exchange (bsc#1208143).

- FIPS: Make the jitterentropy calls thread-safe (bsc#1208146).
- FIPS: GnuTLS DH/ECDH PCT public key regeneration (bsc#1207183).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:477-1
Released:    Wed Feb 22 14:00:53 2023
Summary:     Recommended update for google-guest-configs
Type:        recommended
Severity:    moderate
References:  1195437,1195438,1204068,1204091
This update for google-guest-configs fixes the following issues:

- Add nvme-cli to Requires (bsc#1204068, bsc#1204091)


- Update to version 20220211.00 (bsc#1195437, bsc#1195438)
  * Set NVMe-PD IO timeout to 4294967295. (#32)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:482-1
Released:    Thu Feb 23 10:00:19 2023
Summary:     Security update for openssl-1_1-livepatches
Type:        security
Severity:    important
References:  1207533,CVE-2023-0286
This update for openssl-1_1-livepatches fixes the following issues:

  - CVE-2023-0286: Fixed X.400 address type confusion in X.509 GeneralName via livepatch (bsc#1207533).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:484-1
Released:    Thu Feb 23 10:26:47 2023
Summary:     Security update for pesign
Type:        security
Severity:    important
References:  1202933,CVE-2022-3560
This update for pesign fixes the following issues:

  - CVE-2022-3560: Fixed pesign-authorize ExecStartPost script allowing privilege escalation from pesign to root (bsc#1202933).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:486-1
Released:    Thu Feb 23 10:38:13 2023
Summary:     Security update for c-ares
Type:        security
Severity:    important
References:  1208067,CVE-2022-4904
This update for c-ares fixes the following issues:

  Updated to version 1.19.0:

  - CVE-2022-4904: Fixed missing string length check in config_sortlist() (bsc#1208067).


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:489-1
Released:    Thu Feb 23 11:08:51 2023
Summary:     Security update for webkit2gtk3
Type:        security
Severity:    important
References:  1206750,1207997,1208328,CVE-2022-42826,CVE-2022-42852,CVE-2022-42863,CVE-2022-42867,CVE-2022-46691,CVE-2022-46692,CVE-2022-46698,CVE-2022-46699,CVE-2022-46700,CVE-2023-23517,CVE-2023-23518,CVE-2023-23529
This update for webkit2gtk3 fixes the following issues:

Update to version 2.38.5 (boo#1208328):

- CVE-2023-23529: Fixed possible arbitrary code execution via maliciously crafted web content.


Update to version 2.38.4 (boo#1207997):

- CVE-2023-23517: Fixed web content processing that could have led to arbitrary code execution.
- CVE-2023-23518: Fixed web content processing that could have led to arbitrary code execution.
- CVE-2022-42826: Fixed a use-after-free issue that was caused by improper memory management.


New CVE and bug references where added for already released updates:

Update to version 2.38.3 (boo#1206750):

- CVE-2022-42852: Fixed disclosure of process memory by improved memory handling.
- CVE-2022-42867: Fixed a use after free issue was addressed with improved memory management.
- CVE-2022-46692: Fixed bypass of Same Origin Policy through improved state management.
- CVE-2022-46698: Fixed disclosure of sensitive user information with improved checks.
- CVE-2022-46699: Fixed an arbitrary code execution caused by memory corruption.
- CVE-2022-46700: Fixed a potential arbitrary code execution when processing maliciously crafted web content.

Update to version 2.38.1:

- CVE-2022-46691: Fixed a potential arbitrary code execution when processing maliciously crafted web content.

Update to version 2.38.0:

- CVE-2022-42863: Fixed a potential arbitrary code execution when processing maliciously crafted web content.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:492-1
Released:    Thu Feb 23 11:38:57 2023
Summary:     Security update for rubygem-activerecord-5_1
Type:        security
Severity:    moderate
References:  1207450,CVE-2022-44566
This update for rubygem-activerecord-5_1 fixes the following issues:

- CVE-2022-44566: Fixed possible denial of service vulnerability in ActiveRecord's PostgreSQL adapter (bsc#1207450).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:495-1
Released:    Thu Feb 23 12:48:29 2023
Summary:     Security update for poppler
Type:        security
Severity:    important
References:  1202692,CVE-2022-38784
This update for poppler fixes the following issues:

  - CVE-2022-38784: Fixed integer overflow in the JBIG2 decoder (bsc#1202692).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:507-1
Released:    Fri Feb 24 10:53:08 2023
Summary:     Recommended update for numatop
Type:        recommended
Severity:    moderate
References:  
This update for numatop implements the following features:

- update to version 2.3
- Add support for SPR CPUs (jsc#PED-2015)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:511-1
Released:    Fri Feb 24 13:17:26 2023
Summary:     Security update for libraw
Type:        security
Severity:    moderate
References:  1208470,CVE-2021-32142
This update for libraw fixes the following issues:

- CVE-2021-32142: Fixed buffer overflow in the LibRaw_buffer_datastream:gets function (bsc#1208470).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:512-1
Released:    Fri Feb 24 13:17:38 2023
Summary:     Security update for libraw
Type:        security
Severity:    moderate
References:  1208470,CVE-2021-32142
This update for libraw fixes the following issues:

- CVE-2021-32142: Fixed buffer overflow in the LibRaw_buffer_datastream:gets function (bsc#1208470).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:513-1
Released:    Fri Feb 24 15:01:34 2023
Summary:     Security update for php7
Type:        security
Severity:    important
References:  1208366,1208367,1208388,CVE-2023-0567,CVE-2023-0568,CVE-2023-0662
This update for php7 fixes the following issues:

  - CVE-2023-0568: Fixed NULL byte off-by-one in php_check_specific_open_basedir (bnc#1208366).
  - CVE-2023-0662: Fixed DoS vulnerability when parsing multipart request body (bnc#1208367).
  - CVE-2023-0567: Fixed vulnerability where BCrypt hashes erroneously validate if the salt is cut short by `$` (bsc#1208388).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:517-1
Released:    Fri Feb 24 15:57:04 2023
Summary:     Recommended update for openhpi
Type:        recommended
Severity:    moderate
References:  

This update of openhpi fixes the following issues:

- rebuild against the new net-snmp (jsc#SLE-11203).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:526-1
Released:    Mon Feb 27 13:52:39 2023
Summary:     Security update for tpm2-0-tss
Type:        security
Severity:    moderate
References:  1207325,CVE-2023-22745
This update for tpm2-0-tss fixes the following issues:

- CVE-2023-22745: Fixed a memory safety issue that could be exploited
  by local attackers with TPM access (bsc#1207325).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:527-1
Released:    Mon Feb 27 14:30:44 2023
Summary:     Security update for php8
Type:        security
Severity:    important
References:  1208366,1208367,CVE-2023-0568,CVE-2023-0662
This update for php8 fixes the following issues:

  php8 was updated to version 8.0.28:

  - CVE-2023-0568: Fixed NULL byte off-by-one in php_check_specific_open_basedir (bnc#1208366).
  - CVE-2023-0662: Fixed DoS vulnerability when parsing multipart request body (bnc#1208367).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:549-1
Released:    Mon Feb 27 17:35:07 2023
Summary:     Security update for python3
Type:        security
Severity:    moderate
References:  1205244,1208443,CVE-2022-45061
This update for python3 fixes the following issues:

  - CVE-2022-45061: Fixed DoS when IDNA decodes extremely long domain names (bsc#1205244).

  Bugfixes:

  - Fixed issue where email.generator.py replaces a non-existent header (bsc#1208443).


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:557-1
Released:    Tue Feb 28 09:29:15 2023
Summary:     Security update for libxslt
Type:        security
Severity:    important
References:  1208574,CVE-2021-30560
This update for libxslt fixes the following issues:

- CVE-2021-30560: Fixing a use after free vulnerability in Blink XSLT (bsc#1208574).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:568-1
Released:    Tue Feb 28 11:06:33 2023
Summary:     Security update for ucode-intel
Type:        security
Severity:    important
References:  1208275,1208276,1208277,CVE-2022-21216,CVE-2022-33196,CVE-2022-38090
This update for ucode-intel fixes the following issues:

Updated to Intel CPU Microcode 20230214 release.
 
Security issues fixed:

- CVE-2022-38090: Security updates for [INTEL-SA-00767](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00767.html) (bsc#1208275)
- CVE-2022-33196: Security updates for [INTEL-SA-00738](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00738.html) (bsc#1208276)
- CVE-2022-21216: Security updates for [INTEL-SA-00700](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00700.html) (bsc#1208277)

- New Platforms:

  | Processor      | Stepping | F-M-S/PI    | Old Ver  | New Ver  | Products
  |:---------------|:---------|:------------|:---------|:---------|:---------
  | SPR-SP         | E2       | 06-8f-05/87 |          | 2b000181 | Xeon Scalable Gen4
  | SPR-SP         | E3       | 06-8f-06/87 |          | 2b000181 | Xeon Scalable Gen4
  | SPR-SP         | E4       | 06-8f-07/87 |          | 2b000181 | Xeon Scalable Gen4
  | SPR-SP         | E5       | 06-8f-08/87 |          | 2b000181 | Xeon Scalable Gen4
  | SPR-HBM        | B3       | 06-8f-08/10 |          | 2c000170 | Xeon Max
  | RPL-P 6+8      | J0       | 06-ba-02/07 |          | 0000410e | Core Gen13
  | RPL-H 6+8      | J0       | 06-ba-02/07 |          | 0000410e | Core Gen13
  | RPL-U 2+8      | Q0       | 06-ba-02/07 |          | 0000410e | Core Gen13

- Updated Platforms:

  | Processor      | Stepping | F-M-S/PI    | Old Ver  | New Ver  | Products
  |:---------------|:---------|:------------|:---------|:---------|:---------
  | ADL            | C0       | 06-97-02/07 | 00000026 | 0000002c | Core Gen12
  | ADL            | C0       | 06-97-05/07 | 00000026 | 0000002c | Core Gen12
  | ADL            | C0       | 06-bf-02/07 | 00000026 | 0000002c | Core Gen12
  | ADL            | C0       | 06-bf-05/07 | 00000026 | 0000002c | Core Gen12
  | ADL            | L0       | 06-9a-03/80 | 00000424 | 00000429 | Core Gen12
  | ADL            | L0       | 06-9a-04/80 | 00000424 | 00000429 | Core Gen12
  | CLX-SP         | B0       | 06-55-06/bf | 04003302 | 04003303 | Xeon Scalable Gen2
  | CLX-SP         | B1       | 06-55-07/bf | 05003302 | 05003303 | Xeon Scalable Gen2
  | CPX-SP         | A1       | 06-55-0b/bf | 07002501 | 07002503 | Xeon Scalable Gen3
  | GLK            | B0       | 06-7a-01/01 | 0000003c | 0000003e | Pentium Silver N/J5xxx, Celeron N/J4xxx
  | GLK-R          | R0       | 06-7a-08/01 | 00000020 | 00000022 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120
  | ICL-D          | B0       | 06-6c-01/10 | 01000201 | 01000211 | Xeon D-17xx, D-27xx
  | ICL-U/Y        | D1       | 06-7e-05/80 | 000000b6 | 000000b8 | Core Gen10 Mobile
  | ICX-SP         | D0       | 06-6a-06/87 | 0d000375 | 0d000389 | Xeon Scalable Gen3
  | JSL            | A0/A1    | 06-9c-00/01 | 24000023 | 24000024 | Pentium N6000/N6005, Celeron N4500/N4505/N5100/N5105
  | LKF            | B2/B3    | 06-8a-01/10 | 00000031 | 00000032 | Core w/Hybrid Technology
  | RKL-S          | B0       | 06-a7-01/02 | 00000056 | 00000057 | Core Gen11
  | RPL-S          | S0       | 06-b7-01/32 | 0000010e | 00000112 | Core Gen13
  | SKX-SP         | B1       | 06-55-03/97 | 0100015e | 01000161 | Xeon Scalable

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:569-1
Released:    Tue Feb 28 11:08:10 2023
Summary:     Security update for postgresql15
Type:        security
Severity:    important
References:  1208102,CVE-2022-41862
This update for postgresql15 fixes the following issues:

Update to 15.2:

- CVE-2022-41862: Fixed memory leak in libpq (bsc#1208102).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:584-1
Released:    Wed Mar  1 11:09:31 2023
Summary:     Security update for postgresql14
Type:        security
Severity:    important
References:  1208102,CVE-2022-41862
This update for postgresql14 fixes the following issues:

Update to 14.7:

- CVE-2022-41862: Fixed memory leak in libpq (bsc#1208102).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:594-1
Released:    Thu Mar  2 10:28:28 2023
Summary:     Recommended update for drbd-utils
Type:        recommended
Severity:    important
References:  1206754
This update for drbd-utils fixes the following issues:

- Fix drbd.service failing to load, caused by incorrect path to executable (bsc#1206754)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:598-1
Released:    Thu Mar  2 12:23:46 2023
Summary:     Security update for emacs
Type:        security
Severity:    important
References:  1208512,1208514,1208515,CVE-2022-48337,CVE-2022-48338,CVE-2022-48339
This update for emacs fixes the following issues:

  - CVE-2022-48337: Fixed etags local command injection vulnerability (bsc#1208515).
  - CVE-2022-48339: Fixed htmlfontify.el command injection vulnerability (bsc#1208512).
  - CVE-2022-48338: Fixed ruby-mode.el local command injection vulnerability (bsc#1208514).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:599-1
Released:    Thu Mar  2 14:52:07 2023
Summary:     Security update for MozillaThunderbird
Type:        security
Severity:    important
References:  1208144,CVE-2023-0616,CVE-2023-0767,CVE-2023-25728,CVE-2023-25729,CVE-2023-25730,CVE-2023-25732,CVE-2023-25734,CVE-2023-25735,CVE-2023-25737,CVE-2023-25738,CVE-2023-25739,CVE-2023-25742,CVE-2023-25746
This update for MozillaThunderbird fixes the following issues:

  Updated Mozilla Thunderbird to version 102.8.0 (bsc#1208144):
  - CVE-2023-0616: Fixed User Interface lockup via messages combining S/MIME and OpenPGP.
  - CVE-2023-25728: Fixed content security policy leak in violation reports using iframes.
  - CVE-2023-25730: Fixed screen hijack via browser fullscreen mode.
  - CVE-2023-0767: Fixed arbitrary memory write via PKCS 12 in NSS.
  - CVE-2023-25735: Fixed potential use-after-free from compartment mismatch in SpiderMonkey.
  - CVE-2023-25737: Fixed invalid downcast in SVGUtils::SetupStrokeGeometry.
  - CVE-2023-25738: Fixed printing on Windows could potentially crash Thunderbird with some device drivers.
  - CVE-2023-25739: Fixed use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext.
  - CVE-2023-25729: Fixed vulnerability where extensions could have opened external schemes without user knowledge.
  - CVE-2023-25732: Fixed out of bounds memory write from EncodeInputStream.
  - CVE-2023-25734: Fixed issue where opening local .url files could cause unexpected network loads.
  - CVE-2023-25742: Fixed tab crashing caused by Web Crypto ImportKey.
  - CVE-2023-25746: Fixed memory safety bugs.


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:600-1
Released:    Thu Mar  2 14:52:36 2023
Summary:     Security update for google-guest-agent
Type:        security
Severity:    important
References:  1191468,1195391,1195838,1208723,CVE-2021-38297,CVE-2022-23806
This update for google-guest-agent fixes the following issues:

  Updated to version 20230222.00 and bumped go API version to 1.18 to address the following (bsc#1208723):

  - CVE-2021-38297: Fixed data overwrite when passing large arguments to GOARCH=wasm GOOS=js (bsc#1191468).
  - CVE-2022-23806: Fixed Curve.IsOnCurve to incorrectly return true (bsc#1195838).

  Bugfixes: 

  - Avoid bashism in post-install scripts (bsc#1195391).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:602-1
Released:    Thu Mar  2 14:53:51 2023
Summary:     Security update for google-osconfig-agent
Type:        security
Severity:    important
References:  1191468,1195838,1208723,CVE-2021-38297,CVE-2022-23806
This update for google-osconfig-agent fixes the following issues:

  Updated to version 20230222.00 and bumped go API version to 1.18 to address the following (bsc#1208723): 

  - CVE-2021-38297: Fixed data overwrite when passing large arguments to GOARCH=wasm GOOS=js (bsc#1191468).
  - CVE-2022-23806: Fixed Curve.IsOnCurve to incorrectly return true (bsc#1195838).


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:605-1
Released:    Fri Mar  3 04:23:21 2023
Summary:     Recommended update for quagga
Type:        recommended
Severity:    moderate
References:  

This update of quagga fixes the following issues:

- rebuild against the new net-snmp (jsc#SLE-11203).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:614-1
Released:    Fri Mar  3 13:48:56 2023
Summary:     Recommended update for nut
Type:        recommended
Severity:    moderate
References:  

This update of nut fixes the following issues:

- rebuild against the new net-snmp (jsc#SLE-11203).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:617-1
Released:    Fri Mar  3 16:49:06 2023
Summary:     Recommended update for jitterentropy
Type:        recommended
Severity:    moderate
References:  1207789
This update for jitterentropy fixes the following issues:

- build jitterentropy library with debuginfo (bsc#1207789)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:622-1
Released:    Mon Mar  6 11:17:57 2023
Summary:     Recommended update for tcl
Type:        recommended
Severity:    moderate
References:  1206623
This update for tcl fixes the following issues:

- Fix string compare -length on big endian and improve string equal on little endian. (bsc#1206623)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:623-1
Released:    Mon Mar  6 11:18:25 2023
Summary:     Recommended update for xscreensaver
Type:        recommended
Severity:    moderate
References:  1199742
This update for xscreensaver fixes the following issues:

- Let XScreenSaver search for its configuration in the right default path. (bsc#1199742)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:630-1
Released:    Mon Mar  6 14:12:35 2023
Summary:     Recommended update for rust, rust1.67
Type:        recommended
Severity:    moderate
References:  1207928
This update for rust, rust1.67 fixes the following issues:

rust1.67 (bsc#1207928)

Version 1.67.1 (2023-02-09)
===========================

- [Fix interoperability with thin archives.](https://github.com/rust-lang/rust/pull/107360)
- [Fix an internal error in the compiler build process.](https://github.com/rust-lang/rust/pull/105624)
- [Downgrade `clippy::uninlined_format_args` to pedantic.](https://github.com/rust-lang/rust-clippy/pull/10265)

Changes in rust:

- Update to version 1.67.1 - for details see the rust1.67 package

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:632-1
Released:    Mon Mar  6 20:33:59 2023
Summary:     Recommended update for gnutls
Type:        recommended
Severity:    moderate
References:  1207183,1208237
This update for gnutls fixes the following issues:

- FIPS: Fix pct_test() return code in case of error (bsc#1207183)
- Increase the limit of TLS PSK usernames from 128 to 65535 characters. [bsc#1208237, jsc#PED-1562]

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:645-1
Released:    Tue Mar  7 12:46:48 2023
Summary:     Recommended update for lifecycle-data-sle-module-live-patching
Type:        recommended
Severity:    moderate
References:  1020320
This update for lifecycle-data-sle-module-live-patching adds lifecycle data for following live patches:

- 4_12_14-150000_150_109,
  4_12_14-150100_197_131, 5_14_21-150400_24_33,
  5_14_21-150400_24_38, 5_3_18-150200_24_139,
  5_3_18-150300_59_101, 5_3_18-150300_59_106,
  kernel-livepatch-5_14_21-150400_15_5-rt,*,2023-12-23 (bsc#1020320)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:658-1
Released:    Wed Mar  8 10:51:10 2023
Summary:     Recommended update for cloud-netconfig
Type:        recommended
Severity:    moderate
References:  1199853,1204549
This update for cloud-netconfig fixes the following issues:

- Update to version 1.7:
  + Overhaul policy routing setup
  + Support alias IPv4 ranges 
  + Add support for NetworkManager (bsc#1204549)
  + Remove dependency on netconfig
  + Install into libexec directory
  + Clear stale ifcfg files for accelerated NICs (bsc#1199853)
  + More debug messages
  + Documentation update

- /etc/netconfig.d/ moved to /usr/libexec/netconfig/netconfig.d/ in
  Tumbleweed, update path 

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:665-1
Released:    Wed Mar  8 11:05:36 2023
Summary:     Recommended update for pcp
Type:        recommended
Severity:    moderate
References:  1186511,1197796,1199558
This update for pcp fixes the following issues:

- Workaround intermittent build-time package preun failures by dropping
  PMDA Remove script invocation (bsc#1197796)
- Adjust systemd service types and remove deprecated KillMode=none (bsc#1186511)

- Upgrade to 5.2.5
- Client tools and utilities:
  + pcp-dstat: correct the sample count logic, was off-by-one
  + pcp-dstat: fix csv output with timestamps (no special chars)

- PMDA additions, enhancements and bug fixes:
  + pmdazfs: new Linux ZFS metrics
  + pmdasockets: new Linux ss(1) metrics
  + pmdahacluster: new HA metrics (Pacemaker, Corosync, DRBD and SBD)
  + pmdabcc: netproc module: count kernel calls, not packets
  + pmdalinux: add hinv.cpu.thermal_throttle metrics
  + pmdalinux: add missing help text for new metrics, drop dups

- Server-side utilities and log management scripts:
  + pmproxy: fix quoting of /series/metrics matched names
  + pmlogger: fix permissions mismatch for pmlogger tmp dir
  + pmlogger: fix incorrect reporting of pmcd state changes
  + pmie_check: explicity set a umask appropriate for pmieconf
  + pmlogger_check: explicity set a umask appropriate for pmlogconf
  + pmlogger_check: skip .NeedRewrite processing with -K
  + pmpost: increase timestamp resolution
  + pmpost: fix NOTICES file ownership changes
  + rc scripts: add optional logging
  + systemd: remove Wants=pmcd from pmlogger and pmie

- libpcp, libpcp_pmda, libpcp_mmv, libpcp_web and language bindings
  + libpcp: redo the interp.c time_caliper changes
  + libpcp_web: add timer driven webgroup garbage collector
  + libpcp_pmda: add new function pmdaCachePurgeCallback

- Misc build, infrastructure and packaging updates:
  + libpcp_web: fix minor memory leak on an error path (covscan)
  + build: fixes to ensure PCP_TMPFILE_DIR not used during the build

- Security Enhanced Linux:
  + selinux: enable netcheck rawip_socket if icmp_socket unavailable
  + selinux: additional rules needed for pmie/pmlogger in fedora
- Documentation and QA infrastructure:
  + docs: add pointers to readthedocs.io now that books live there
  + pcp-dstat: optionally install a man page symlink for dstat
  + docs: pmproxy(1) man page corrections and additions

- Upgrade to 5.2.3
- Client tools and utilities:
  + pcp-htop: minimal version of htop with PCP backend platform
  + pcp-atop: add per-process network statistics
  + pcp-atop: result instance indexing performance optimization
  + pcp-atop: always restore original state of process accounting
  + pcp2elasticsearch: add guard around maximum long integer size
  + pmlogsummary: fix indom lookup for dynamic instance domains
  + pmseries: provide sum() and avg() query functions
  + pmseries: persist canonical query expressions to Redis
  + pmseries: fix HMSET calls when querying timeseries expression
  + pmseries: fix for failing queries with disjuncted qualifiers
  + pmseries: fix segfault in func call with globbed metric.name

- Server-side utilities and log management scripts:
  + pmproxy: support fabricated SIDs in /series/instances requests
  + pmproxy: support fabricated SIDs in /series/metrics requests
  + pmlogger_check: add pmlc connection timeout checking current volume
  + pmlogctl,pmiectl: ignore saved control files after an upgrade
  + pmlogconf: add missing mssql template header
  + pmlogconf: add logger configuration files for the htop command
  + pmieconf: add a rule to detect and report OOM kills
  + pmieconf: cleanup old, no-longer-used tool integrations
  + pmieconf: ensure all automated invocations use the -c switch
  + pmieconf: fix default generated config file path
  + pmie_check: remove a tempfile once finished with it

- PMDA additions, enhancements and bug fixes:
  + pmdaapache: fix buffer size to allow for multiple reads of the stream
  + pmdabcc: added new netproc module with per-process network metrics
  + pmdaproc: allow to use acct.control.enable_acct as reference counting
  + pmdalinux: added network.all.* metrics for physical interfaces
  + pmdalinux: fix case of waitio counters from /proc/stat going backwards
  + pmdalinux: minor tweaks to use integer math over floating point
  + dbpmda: send inst profile prior to instances level label requests

- libpcp, libpcp_pmda, libpcp_mmv, libpcp_web and language bindings
  + libpcp: performance improvements for archives with dynamic indoms
  + libpcp: send instance profile for instances level labels requests
  + libpcp: make pmLookupName take a (const char **) namelist
  + libpcp_web: set pmseries source to all-zeroes for expressions
  + libpcp_web: handle fabricated SIDs in /series/values REST API
  + python api: fix fetchgroup max_insts size with multiple indoms
- Misc build, infrastructure and packaging updates:

- Security Enhanced Linux:
  + selinux: use matching autoconf guard for rawip_socket class

- Documentation and QA infrastructure:
  + docs: update pmdabpftrace man page and README
  + docs: improvements in diagrams
  + docs: theme_overrides.css added for readthedocs content
  + docs: pmseries(1) chapter added in Users and Administrators Guide
  + docs: add quotes to curl calls with * in pmwebapi query strings
  + docs: update pmseries schema to describe expression keys

- Fix a few rpmlint errors (to at least get below the 1000 mark)(bsc#1199558):
  + make libpcp-devel require libpcp_gui: the devel package
    installs a symlink pointing to that library, so anything
    willing to link it would fail
  + Call fdupes over /var/lib/pcp/testsuite
  + W: macro-in-comment: escape the relevant macros using %%
  + Filter out W: potential-bashisms for pcp-testsuite.

- Own %{_datadir}/zsh and %{_datadir}/zsh/site-functions: we have
  no guaranteed owner of these directories in the buildroot.

- Remove sysconfig dependencies, this is not the equivalent of
  the initscripts package and completly unneeded here;

- Add missing hostname requires;

- also buildrequire pkgconfig(systemd) to make sure configure
  detects systemd

- Replace ancient RPM variables by modern equivalents.
- Drop support for ancient SUSE and ancient Fedora.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:668-1
Released:    Wed Mar  8 11:17:33 2023
Summary:     Security update for libX11
Type:        security
Severity:    moderate
References:  1204425,1208881,CVE-2022-3555
This update for libX11 fixes the following issues:

- Fixed a regression introduced with security update for CVE-2022-3555 (bsc#1204425, bsc#1208881)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:677-1
Released:    Wed Mar  8 15:00:37 2023
Summary:     Security update for poppler
Type:        security
Severity:    important
References:  1181551,1202692,CVE-2022-38784
This update for poppler fixes the following issues:

  - CVE-2022-38784: Fixed integer overflow in the JBIG2 decoder (bsc#1202692).

  Bugfixes:

  - Fixed issue where some PDF generators generate PDF with some wrong numbers in entry table, but the content is still valid (bsc#1181551).


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:683-1
Released:    Thu Mar  9 10:14:43 2023
Summary:     Security update for xorg-x11-server
Type:        security
Severity:    important
References:  1205874,CVE-2022-46340
This update for xorg-x11-server fixes the following issues:

- Fixed a regression introduced with security update for CVE-2022-46340 (bsc#1205874).  

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:694-1
Released:    Fri Mar 10 09:39:43 2023
Summary:     Security update for redis
Type:        security
Severity:    important
References:  1208235,1208790,1208793,CVE-2022-36021,CVE-2023-25155
This update for redis fixes the following issues:

- CVE-2022-36021: Fixed integer overflow in RANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands (bsc#1208790).
- CVE-2023-25155: Fixed integer Overflow in RAND commands can lead to assertion (bsc#1208793).

The following non-security bug was fixed:

- Fixed redis-sentinel not starting due to the hardening in the systemd service (bsc#1208235).

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2023:702-1
Released:    Fri Mar 10 11:20:53 2023
Summary:     Feature update for patterns-wsl
Type:        feature
Severity:    moderate
References:  
This update for patterns-wsl fixes the following issues:

- Add support for a subset of systemd on WSL (jsc#PED-3213)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:709-1
Released:    Fri Mar 10 16:04:41 2023
Summary:     Recommended update for console-setup
Type:        recommended
Severity:    moderate
References:  1202853
This update for console-setup and kbd fixes the following issue:

- Fix Caps_Lock mapping for us.map and others (bsc#1202853)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:713-1
Released:    Mon Mar 13 10:25:04 2023
Summary:     Recommended update for suse-build-key
Type:        recommended
Severity:    moderate
References:  
This update for suse-build-key fixes the following issues:

This update provides multiple new 4096 RSA keys for SUSE Linux Enterprise
15, SUSE Manager 4.2/4.3, Storage 7.1, SUSE Registry) that we will switch
to mid of 2023. (jsc#PED-2777)

- gpg-pubkey-3fa1d6ce-63c9481c.asc: new 4096 RSA signing key for SUSE Linux Enterprise (RPM and repositories).
- gpg-pubkey-d588dc46-63c939db.asc: new 4096 RSA reserve key for SUSE Linux Enterprise (RPM and repositories).
- suse_ptf_key_4096.asc: new 4096 RSA signing key for PTF packages.
- build-container-8fd6c337-63c94b45.asc/build-container-8fd6c337-63c94b45.pem:
  New RSA 4096 key for the SUSE registry registry.suse.com, installed as
  suse-container-key-2023.pem and suse-container-key-2023.asc
- suse_ptf_containerkey_2023.asc suse_ptf_containerkey_2023.pem:
  New PTF container signing key for registry.suse.com/ptf/ space.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:714-1
Released:    Mon Mar 13 10:53:25 2023
Summary:     Recommended update for rpm
Type:        recommended
Severity:    important
References:  1207294
This update for rpm fixes the following issues:

- Fix missing python(abi) for 3.XX versions (bsc#1207294)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:720-1
Released:    Tue Mar 14 13:03:37 2023
Summary:     Security update for java-1_8_0-openjdk
Type:        security
Severity:    moderate
References:  1207248,1207249,CVE-2023-21830,CVE-2023-21843
This update for java-1_8_0-openjdk fixes the following issues:

  Updated to version jdk8u362 (icedtea-3.26.0):
 
  - CVE-2023-21830: Fixed improper restrictions in CORBA deserialization (bsc#1207249).
  - CVE-2023-21843: Fixed soundbank URL remote loading (bsc#1207248).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:722-1
Released:    Tue Mar 14 14:57:15 2023
Summary:     Security update for python-cryptography
Type:        security
Severity:    moderate
References:  1208036,CVE-2023-23931
This update for python-cryptography fixes the following issues:

  - CVE-2023-23931: Fixed memory corruption due to invalidly changed immutable object (bsc#1208036).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:725-1
Released:    Tue Mar 14 15:38:35 2023
Summary:     Security update for rubygem-rack
Type:        security
Severity:    important
References:  1209095,CVE-2023-27530
This update for rubygem-rack fixes the following issues:

- CVE-2023-27530: Fixed denial of service in Multipart MIME parsing (bsc#1209095).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:726-1
Released:    Tue Mar 14 15:40:56 2023
Summary:     Recommended update for python-shaptools
Type:        recommended
Severity:    moderate
References:  
This update for python-shaptools and salt-shaptools fixes the following issues:

- python-shaptools Version 0.3.13:
  Add HANA add_hosts feature
  Forces Instance nr always with 2 positions filled with 0
  Forces right formatting on HANA OS admin user.

- salt-shaptools Version 0.3.17:
  Add HANA add_hosts feature
  Workaround to detect aws cloud_provider
  Do not raise exception on empty HANA query results
  Add module query to HANA
  Fix typo to fix uninstalled state
  Add cluster init support for OCFS2 device
  qdevice support: it can be created when initializing a cluster
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:732-1
Released:    Tue Mar 14 18:06:09 2023
Summary:     Recommended update for jsoup, jsr-305 
Type:        recommended
Severity:    low
References:  
This update for jsoup, jsr-305 fixes the following issues:

- Redistribute packages to fix dependency inconsistencies in some products.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:733-1
Released:    Tue Mar 14 18:07:08 2023
Summary:     Security update for go1.19
Type:        security
Severity:    important
References:  1200441,1208269,1208270,1208271,1208272,1209030,CVE-2022-41722,CVE-2022-41723,CVE-2022-41724,CVE-2022-41725,CVE-2023-24532
This update for go1.19 fixes the following issues:

- CVE-2022-41722: Fixed path traversal in filepath.Clean on Windows (bsc#1208269).
- CVE-2022-41723: Fixed quadratic complexity in HPACK decoding (bsc#1208270).
- CVE-2022-41724: Fixed panic with arge handshake records in crypto/tls (bsc#1208271).
- CVE-2022-41725: Fixed denial of service from excessive resource consumption in net/http and mime/multipart (bsc#1208272).
- CVE-2023-24532: Fixed incorrect P-256 ScalarMult and ScalarBaseMult results (bsc#1209030).

Update to go1.19.7  
* go#58441 runtime: some linkname signatures do not match
* go#58502 cmd/link: relocation truncated to fit: R_ARM_CALL against `runtime.duffcopy'
* go#58535 runtime: long latency of sweep assists
* go#58716 net: TestTCPSelfConnect failures due to unexpected connections
* go#58773 syscall: Environ uses an invalid unsafe.Pointer conversion on Windows
* go#58810 crypto/x509: TestSystemVerify consistently failing


Update to go1.19.6:
* go#56154 net/http: bad handling of HEAD requests with a body
* go#57635 crypto/x509: TestBoringAllowCert failures
* go#57812 runtime: performance regression due to bad instruction used in morestack_noctxt for ppc64 in CL 425396
* go#58118 time: update zoneinfo_abbrs on Windows
* go#58223 cmd/link: .go.buildinfo is gc'ed by --gc-sections
* go#58449 cmd/go/internal/modfetch: TestCodeRepo/gopkg.in_natefinch_lumberjack.v2/latest failing

Update to go1.19.5 (bsc#1200441):
* go#57706 Misc/cgo: backport needed for dlltool fix
* go#57556 crypto/x509: re-allow duplicate attributes in CSRs
* go#57444 cmd/link: need to handle new-style LoongArch relocs
* go#57427 crypto/x509: Verify on macOS does not return typed errors
* go#57345 cmd/compile: the loong64 intrinsic for CompareAndSwapUint32 function needs to sign extend its 'old' argument.
* go#57339 syscall, internal/poll: accept4-to-accept fallback removal broke Go code on Synology DSM 6.2 ARM devices
* go#57214 os: TestLstat failure on Linux Aarch64
* go#57212 reflect: sort.SliceStable sorts incorrectly on arm64 with less function created with reflect.MakeFunc and slice of sufficient length
* go#57124 sync/atomic: allow linked lists of atomic.Pointer
* go#57100 cmd/compile: non-retpoline-compatible errors
* go#57058 cmd/go: remove test dependency on gopkg.in service
* go#57055 cmd/go: TestScript/version_buildvcs_git_gpg (if enabled) fails on linux longtest builders
* go#56983 runtime: failure in TestRaiseException on windows-amd64-2012
* go#56834 cmd/link/internal/ppc64: too-far trampoline is reused
* go#56770 cmd/compile: walkConvInterface produces broken IR
* go#56744 cmd/compile: internal compiler error: missing typecheck
* go#56712 net: reenable TestLookupDotsWithRemoteSource and TestLookupGoogleSRV with a different target
* go#56154 net/http: bad handling of HEAD requests with a body

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:735-1
Released:    Tue Mar 14 18:07:46 2023
Summary:     Security update for go1.20
Type:        security
Severity:    important
References:  1206346,1208269,1208270,1208271,1208272,1209030,CVE-2022-41722,CVE-2022-41723,CVE-2022-41724,CVE-2022-41725,CVE-2023-24532
This update for go1.20 fixes the following issues:

- Improvements to go1.x packaging spec:

  * On Tumbleweed bootstrap with current default gcc13 and gccgo118
  * On SLE-12 aarch64 ppc64le ppc64 remove overrides to bootstrap
    using go1.x package (%bcond_without gccgo). This is no longer
    needed on current SLE-12:Update and removing will consolidate
    the build configurations used.
  * Change source URLs to go.dev as per Go upstream
  * On x86_64 export GOAMD64=v1 as per the current baseline.
    At this time forgo GOAMD64=v3 option for x86_64_v3 support.
  * On x86_64 %define go_amd64=v1 as current instruction baseline
  * In %check on x86_64 use value %go_amd64=v1 as GOAMD64=v1 to
    grep correct TSAN version is checked out from LLVM with new
    spelling for internal/amd64v1/race_linux.syso

go1.20.2 (released 2023-03-07) includes a security fix to the
crypto/elliptic package, as well as bug fixes to the compiler,
the covdata command, the linker, the runtime, and the
crypto/ecdh, crypto/rsa, crypto/x509, os, and syscall packages. (boo#1206346)

* CVE-2023-24532: crypto/elliptic: Fixed that specific unreduced P-256 scalars produce incorrect results (boo#1209030)

* cmd/covdata: short read on string table when merging coverage counters
* runtime: some linkname signatures do not match
* cmd/compile: inline static init cause compile time error
* cmd/compile: internal compiler error: '(*Tree[go.shape.int]).RemoveParent.func1': value .dict (nil) incorrectly live at entry
* crypto/ecdh: ECDH method doesn't check curve
* cmd/link: relocation truncated to fit: R_ARM_CALL against `runtime.duffcopy'
* crypto/internal/bigmod: flag amd64 assembly as noescape
* runtime: endless traceback when panic in generics funtion
* runtime: long latency of sweep assists
* syscall.Faccessat and os.LookPath regression in Go 1.20
* os: cmd/go gets error 'copy_file_range: function not implemented'
* net: TestTCPSelfConnect failures due to unexpected connections
* syscall: Environ uses an invalid unsafe.Pointer conversion on Windows
* cmd/compile: ICE on method value involving imported anonymous interface
* crypto/x509: Incorrect documentation for ParsePKCS8PrivateKey
* crypto/x509: TestSystemVerify consistently failing

go1.20.1 (released 2023-02-14) includes security fixes to the
crypto/tls, mime/multipart, net/http, and path/filepath packages,
as well as bug fixes to the compiler, the go command, the linker,
the runtime, and the time package. (bsc#1206346)

- CVE-2022-41722 CVE-2022-41723 CVE-2022-41724 CVE-2022-41725

  * bsc#1208269 security: fix CVE-2022-41722 path/filepath: path traversal in filepath.Clean on Windows
  * bsc#1208270 security: fix CVE-2022-41723 net/http: avoid quadratic complexity in HPACK decoding
  * bsc#1208271 security: fix CVE-2022-41724 crypto/tls: large handshake records may cause panics
  * bsc#1208272 security: fix CVE-2022-41725 net/http, mime/multipart: denial of service from excessive resource consumption
  * time: update zoneinfo_abbrs on Windows
  * cmd/link: .go.buildinfo is gc'ed by --gc-sections
  * cmd/compile/internal/pgo: Detect sample value position instead of hard-coding
  * cmd/compile: constant overflows when assigned to package level var (Go 1.20 regression)
  * cmd/compile: internal compiler error: panic: interface conversion: ir.Node is *ir.CompLitExpr, not *ir.Name
  * cmd/compile: internal compiler error: Type.Elem UNION
  * runtime: GOOS=ios fails Apple's app validation due to use of private API
  * cmd/go/internal/test: stale flagdefs.go not detected by tests
  * all: test failures with ETXTBSY
  * cmd/go/internal/modfetch: TestCodeRepo/gopkg.in_natefinch_lumberjack.v2/latest failing

- go1.20 (released 2023-02-01) is a major release of Go.
  go1.20.x minor releases will be provided through February 2024.
  https://github.com/golang/go/wiki/Go-Release-Cycle
  go1.20 arrives six months after go1.19. Most of its changes are
  in the implementation of the toolchain, runtime, and libraries.
  As always, the release maintains the Go 1 promise of
  compatibility. We expect almost all Go programs to continue to
  compile and run as before. ( bsc#1206346 jsc#PED-1962 )

* Go 1.20 includes four changes to the language

  * Language change: Go 1.17 added conversions from slice to an
    array pointer. Go 1.20 extends this to allow conversions from a
    slice to an array
  * Language change: The unsafe package defines three new functions
    SliceData, String, and StringData. Along with Go 1.17's Slice,
    these functions now provide the complete ability to construct
    and deconstruct slice and string values, without depending on
    their exact representation.
  * Language change: The specification now defines that struct
    values are compared one field at a time, considering fields in
    the order they appear in the struct type definition, and
    stopping at the first mismatch. The specification could
    previously have been read as if all fields needed to be
    compared beyond the first mismatch. Similarly, the
    specification now defines that array values are compared one
    element at a time, in increasing index order. In both cases,
    the difference affects whether certain comparisons must
    panic. Existing programs are unchanged: the new spec wording
    describes what the implementations have always done.
  * Language change: Comparable types (such as ordinary interfaces)
    may now satisfy comparable constraints, even if the type
    arguments are not strictly comparable (comparison may panic at
    runtime). This makes it possible to instantiate a type
    parameter constrained by comparable (e.g., a type parameter for
    a user-defined generic map key) with a non-strictly comparable
    type argument such as an interface type, or a composite type
    containing an interface type.
  * go command: The directory $GOROOT/pkg no longer stores
    pre-compiled package archives for the standard library: go
    install no longer writes them, the go build no longer checks
    for them, and the Go distribution no longer ships
    them. Instead, packages in the standard library are built as
    needed and cached in the build cache, just like packages
    outside GOROOT. This change reduces the size of the Go
    distribution and also avoids C toolchain skew for packages that
    use cgo. Refs jsc#PED-1962
  * go command: The implementation of go test -json has been
    improved to make it more robust. Programs that run go test
    -json do not need any updates. Programs that invoke go tool
    test2json directly should now run the test binary with
    -v=test2json (for example, go test -v=test2json or ./pkg.test
    -test.v=test2json) instead of plain -v.
  * go command: A related change to go test -json is the addition
    of an event with Action set to start at the beginning of each
    test program's execution. When running multiple tests using the
    go command, these start events are guaranteed to be emitted in
    the same order as the packages named on the command line.
  * go command: The go command now defines architecture feature
    build tags, such as amd64.v2, to allow selecting a package
    implementation file based on the presence or absence of a
    particular architecture feature. See go help buildconstraint
    for details.
  * go command: The go subcommands now accept -C <dir> to change
    directory to <dir> before performing the command, which may be
    useful for scripts that need to execute commands in multiple
    different modules.
  * go command: The go build and go test commands no longer accept
    the -i flag, which has been deprecated since Go 1.16.
  * go command: The go generate command now accepts -skip <pattern>
    to skip //go:generate directives matching <pattern>.
  * go command: The go test command now accepts -skip <pattern> to
    skip tests, subtests, or examples matching <pattern>.
  * go command: When the main module is located within GOPATH/src,
    go install no longer installs libraries for non-main packages
    to GOPATH/pkg, and go list no longer reports a Target field for
    such packages. (In module mode, compiled packages are stored in
    the build cache only, but a bug had caused the GOPATH install
    targets to unexpectedly remain in effect.)
  * go command: The go build, go install, and other build-related
    commands now support a -pgo flag that enables profile-guided
    optimization, which is described in more detail in the Compiler
    section below. The -pgo flag specifies the file path of the
    profile. Specifying -pgo=auto causes the go command to search
    for a file named default.pgo in the main package's directory
    and use it if present. This mode currently requires a single
    main package to be specified on the command line, but we plan
    to lift this restriction in a future release. Specifying
    -pgo=off turns off profile-guided optimization.
  * go command: The go build, go install, and other build-related
    commands now support a -cover flag that builds the specified
    target with code coverage instrumentation. This is described in
    more detail in the Cover section below.
  * go version: The go version -m command now supports reading more
    types of Go binaries, most notably, Windows DLLs built with go
    build -buildmode=c-shared and Linux binaries without execute
    permission.
  * Cgo: The go command now disables cgo by default on systems
    without a C toolchain. More specifically, when the CGO_ENABLED
    environment variable is unset, the CC environment variable is
    unset, and the default C compiler (typically clang or gcc) is
    not found in the path, CGO_ENABLED defaults to 0. As always,
    you can override the default by setting CGO_ENABLED explicitly.
    The most important effect of the default change is that when Go
    is installed on a system without a C compiler, it will now use
    pure Go builds for packages in the standard library that use
    cgo, instead of using pre-distributed package archives (which
    have been removed, as noted above) or attempting to use cgo and
    failing. This makes Go work better in some minimal container
    environments as well as on macOS, where pre-distributed package
    archives have not been used for cgo-based packages since Go
    1.16.
    The packages in the standard library that use cgo are net,
    os/user, and plugin. On macOS, the net and os/user packages
    have been rewritten not to use cgo: the same code is now used
    for cgo and non-cgo builds as well as cross-compiled builds. On
    Windows, the net and os/user packages have never used cgo. On
    other systems, builds with cgo disabled will use a pure Go
    version of these packages.
    On macOS, the race detector has been rewritten not to use cgo:
    race-detector-enabled programs can be built and run without
    Xcode. On Linux and other Unix systems, and on Windows, a host
    C toolchain is required to use the race detector.
  * go cover: Go 1.20 supports collecting code coverage profiles
    for programs (applications and integration tests), as opposed
    to just unit tests. To collect coverage data for a program,
    build it with go build's -cover flag, then run the resulting
    binary with the environment variable GOCOVERDIR set to an
    output directory for coverage profiles. See the 'coverage for
    integration tests' landing page for more on how to get
    started. For details on the design and implementation, see the
    proposal.
  * go vet: Improved detection of loop variable capture by nested
    functions. The vet tool now reports references to loop
    variables following a call to T.Parallel() within subtest
    function bodies. Such references may observe the value of the
    variable from a different iteration (typically causing test
    cases to be skipped) or an invalid state due to unsynchronized
    concurrent access.
  * go vet: The tool also detects reference mistakes in more
    places. Previously it would only consider the last statement
    of the loop body, but now it recursively inspects the last
    statements within if, switch, and select statements.
  * go vet: New diagnostic for incorrect time formats. The vet tool
    now reports use of the time format 2006-02-01 (yyyy-dd-mm) with
    Time.Format and time.Parse. This format does not appear in
    common date standards, but is frequently used by mistake when
    attempting to use the ISO 8601 date format (yyyy-mm-dd).
  * Runtime: Some of the garbage collector's internal data
    structures were reorganized to be both more space and CPU
    efficient. This change reduces memory overheads and improves
    overall CPU performance by up to 2%.
  * Runtime: The garbage collector behaves less erratically with
    respect to goroutine assists in some circumstances.
  * Runtime: Go 1.20 adds a new runtime/coverage package containing
    APIs for writing coverage profile data at runtime from
    long-running and/or server programs that do not terminate via
    os.Exit().
  * Compiler: Go 1.20 adds preview support for profile-guided
    optimization (PGO). PGO enables the toolchain to perform
    application- and workload-specific optimizations based on
    run-time profile information. Currently, the compiler supports
    pprof CPU profiles, which can be collected through usual means,
    such as the runtime/pprof or net/http/pprof packages. To enable
    PGO, pass the path of a pprof profile file via the -pgo flag to
    go build, as mentioned above. Go 1.20 uses PGO to more
    aggressively inline functions at hot call sites. Benchmarks for
    a representative set of Go programs show enabling
    profile-guided inlining optimization improves performance about
    3–4%. See the PGO user guide for detailed documentation. We
    plan to add more profile-guided optimizations in future
    releases. Note that profile-guided optimization is a preview,
    so please use it with appropriate caution.
  * Compiler: The Go 1.20 compiler upgraded its front-end to use a
    new way of handling the compiler's internal data, which fixes
    several generic-types issues and enables type declarations
    within generic functions and methods.
  * Compiler: The compiler now rejects anonymous interface cycles
    with a compiler error by default. These arise from tricky uses
    of embedded interfaces and have always had subtle correctness
    issues, yet we have no evidence that they're actually used in
    practice. Assuming no reports from users adversely affected by
    this change, we plan to update the language specification for
    Go 1.22 to formally disallow them so tools authors can stop
    supporting them too.
  * Compiler: Go 1.18 and 1.19 saw regressions in build speed,
    largely due to the addition of support for generics and
    follow-on work. Go 1.20 improves build speeds by up to 10%,
    bringing it back in line with Go 1.17. Relative to Go 1.19,
    generated code performance is also generally slightly improved.
  * Linker: On Linux, the linker now selects the dynamic
    interpreter for glibc or musl at link time.
  * Linker: On Windows, the Go linker now supports modern
    LLVM-based C toolchains.
  * Linker: Go 1.20 uses go: and type: prefixes for
    compiler-generated symbols rather than go. and type.. This
    avoids confusion for user packages whose name starts with
    go.. The debug/gosym package understands this new naming
    convention for binaries built with Go 1.20 and newer.
  * Bootstrap: When building a Go release from source and
    GOROOT_BOOTSTRAP is not set, previous versions of Go looked for
    a Go 1.4 or later bootstrap toolchain in the directory
    $HOME/go1.4 (%HOMEDRIVE%%HOMEPATH%\go1.4 on Windows). Go 1.18
    and Go 1.19 looked first for $HOME/go1.17 or $HOME/sdk/go1.17
    before falling back to $HOME/go1.4, in anticipation of
    requiring Go 1.17 for use when bootstrapping Go 1.20. Go 1.20
    does require a Go 1.17 release for bootstrapping, but we
    realized that we should adopt the latest point release of the
    bootstrap toolchain, so it requires Go 1.17.13. Go 1.20 looks
    for $HOME/go1.17.13 or $HOME/sdk/go1.17.13 before falling back
    to $HOME/go1.4 (to support systems that hard-coded the path
    $HOME/go1.4 but have installed a newer Go toolchain there). In
    the future, we plan to move the bootstrap toolchain forward
    approximately once a year, and in particular we expect that Go
    1.22 will require the final point release of Go 1.20 for
    bootstrap.
  * Library: Go 1.20 adds a new crypto/ecdh package to provide
    explicit support for Elliptic Curve Diffie-Hellman key
    exchanges over NIST curves and Curve25519. Programs should use
    crypto/ecdh instead of the lower-level functionality in
    crypto/elliptic for ECDH, and third-party modules for more
    advanced use cases.
  * Error handling: Go 1.20 expands support for error wrapping to
    permit an error to wrap multiple other errors.
  * Error handling: An error e can wrap more than one error by
    providing an Unwrap method that returns a []error.
  * Error handling: The errors.Is and errors.As functions have been
    updated to inspect multiply wrapped errors.
  * Error handling: The fmt.Errorf function now supports multiple
    occurrences of the %w format verb, which will cause it to
    return an error that wraps all of those error operands.
  * Error handling: The new function errors.Join returns an error
    wrapping a list of errors.
  * HTTP ResponseController: The new 'net/http'.ResponseController
    type provides access to extended per-request functionality not
    handled by the 'net/http'.ResponseWriter interface. The
    ResponseController type provides a clearer, more discoverable
    way to add per-handler controls. Two such controls also added
    in Go 1.20 are SetReadDeadline and SetWriteDeadline, which
    allow setting per-request read and write deadlines.
  * New ReverseProxy Rewrite hook: The httputil.ReverseProxy
    forwarding proxy includes a new Rewrite hook function,
    superseding the previous Director hook.
  * archive/tar: When the GODEBUG=tarinsecurepath=0 environment
    variable is set, Reader.Next method will now return the error
    ErrInsecurePath for an entry with a file name that is an
    absolute path, refers to a location outside the current
    directory, contains invalid characters, or (on Windows) is a
    reserved name such as NUL. A future version of Go may disable
    insecure paths by default.
  * archive/zip: When the GODEBUG=zipinsecurepath=0 environment
    variable is set, NewReader will now return the error
    ErrInsecurePath when opening an archive which contains any file
    name that is an absolute path, refers to a location outside the
    current directory, contains invalid characters, or (on Windows)
    is a reserved names such as NUL. A future version of Go may
    disable insecure paths by default.
  * archive/zip: Reading from a directory file that contains file
    data will now return an error. The zip specification does not
    permit directory files to contain file data, so this change
    only affects reading from invalid archives.
  * bytes: The new CutPrefix and CutSuffix functions are like
    TrimPrefix and TrimSuffix but also report whether the string
    was trimmed.
  * bytes: The new Clone function allocates a copy of a byte slice.
  * context: The new WithCancelCause function provides a way to
    cancel a context with a given error. That error can be
    retrieved by calling the new Cause function.
  * crypto/ecdsa: When using supported curves, all operations are
    now implemented in constant time. This led to an increase in
    CPU time between 5% and 30%, mostly affecting P-384 and P-521.
  * crypto/ecdsa: The new PrivateKey.ECDH method converts an
    ecdsa.PrivateKey to an ecdh.PrivateKey.
  * crypto/ed25519: The PrivateKey.Sign method and the
    VerifyWithOptions function now support signing pre-hashed
    messages with Ed25519ph, indicated by an Options.HashFunc that
    returns crypto.SHA512. They also now support Ed25519ctx and
    Ed25519ph with context, indicated by setting the new
    Options.Context field.
  * crypto/rsa: The new field OAEPOptions.MGFHash allows
    configuring the MGF1 hash separately for OAEP decryption.
  * crypto/rsa: crypto/rsa now uses a new, safer, constant-time
    backend. This causes a CPU runtime increase for decryption
    operations between approximately 15% (RSA-2048 on amd64) and
    45% (RSA-4096 on arm64), and more on 32-bit
    architectures. Encryption operations are approximately 20x
    slower than before (but still 5-10x faster than
    decryption). Performance is expected to improve in future
    releases. Programs must not modify or manually generate the
    fields of PrecomputedValues.
  * crypto/subtle: The new function XORBytes XORs two byte slices
    together.
  * crypto/tls: Parsed certificates are now shared across all
    clients actively using that certificate. The memory savings can
    be significant in programs that make many concurrent
    connections to a server or collection of servers sharing any
    part of their certificate chains.
  * crypto/tls: For a handshake failure due to a certificate
    verification failure, the TLS client and server now return an
    error of the new type CertificateVerificationError, which
    includes the presented certificates.
  * crypto/x509: ParsePKCS8PrivateKey and MarshalPKCS8PrivateKey
    now support keys of type *crypto/ecdh.PrivateKey.
    ParsePKIXPublicKey and MarshalPKIXPublicKey now support keys of
    type *crypto/ecdh.PublicKey. Parsing NIST curve keys still
    returns values of type *ecdsa.PublicKey and *ecdsa.PrivateKey.
    Use their new ECDH methods to convert to the crypto/ecdh types.
  * crypto/x509: The new SetFallbackRoots function allows a program
    to define a set of fallback root certificates in case an
    operating system verifier or standard platform root bundle is
    unavailable at runtime. It will most commonly be used with a
    new package, golang.org/x/crypto/x509roots/fallback, which will
    provide an up to date root bundle.
  * debug/elf: Attempts to read from a SHT_NOBITS section using
    Section.Data or the reader returned by Section.Open now return
    an error.
  * debug/elf: Additional R_LARCH_* constants are defined for use
    with LoongArch systems.
  * debug/elf: Additional R_PPC64_* constants are defined for use
    with PPC64 ELFv2 relocations.
  * debug/elf: The constant value for R_PPC64_SECTOFF_LO_DS is
    corrected, from 61 to 62.
  * debug/gosym: Due to a change of Go's symbol naming conventions,
    tools that process Go binaries should use Go 1.20's debug/gosym
    package to transparently handle both old and new binaries.
  * debug/pe: Additional IMAGE_FILE_MACHINE_RISCV* constants are
    defined for use with RISC-V systems.
  * encoding/binary: The ReadVarint and ReadUvarint functions will
    now return io.ErrUnexpectedEOF after reading a partial value,
    rather than io.EOF.
  * encoding/xml: The new Encoder.Close method can be used to check
    for unclosed elements when finished encoding.
  * encoding/xml: The decoder now rejects element and attribute
    names with more than one colon, such as <a:b:c>, as well as
    namespaces that resolve to an empty string, such as xmlns:a=''.
  * encoding/xml: The decoder now rejects elements that use
    different namespace prefixes in the opening and closing tag,
    even if those prefixes both denote the same namespace.
  * errors: The new Join function returns an error wrapping a list
    of errors.
  * fmt: The Errorf function supports multiple occurrences of the
    %w format verb, returning an error that unwraps to the list of
    all arguments to %w.
  * fmt: The new FormatString function recovers the formatting
    directive corresponding to a State, which can be useful in
    Formatter. implementations.
  * go/ast: The new RangeStmt.Range field records the position of
    the range keyword in a range statement.
  * go/ast: The new File.FileStart and File.FileEnd fields record
    the position of the start and end of the entire source file.
  * go/token: The new FileSet.RemoveFile method removes a file from
    a FileSet. Long-running programs can use this to release memory
    associated with files they no longer need.
  * go/types: The new Satisfies function reports whether a type
    satisfies a constraint. This change aligns with the new
    language semantics that distinguish satisfying a constraint
    from implementing an interface.
  * io: The new OffsetWriter wraps an underlying WriterAt and
    provides Seek, Write, and WriteAt methods that adjust their
    effective file offset position by a fixed amount.
  * io/fs: The new error SkipAll terminates a WalkDir immediately
    but successfully.
  * math/big: The math/big package's wide scope and input-dependent
    timing make it ill-suited for implementing cryptography. The
    cryptography packages in the standard library no longer call
    non-trivial Int methods on attacker-controlled inputs. In the
    future, the determination of whether a bug in math/big is
    considered a security vulnerability will depend on its wider
    impact on the standard library.
  * math/rand: The math/rand package now automatically seeds the
    global random number generator (used by top-level functions
    like Float64 and Int) with a random value, and the top-level
    Seed function has been deprecated. Programs that need a
    reproducible sequence of random numbers should prefer to
    allocate their own random source, using
    rand.New(rand.NewSource(seed)).
  * math/rand: Programs that need the earlier consistent global
    seeding behavior can set GODEBUG=randautoseed=0 in their
    environment.
  * math/rand: The top-level Read function has been deprecated. In
    almost all cases, crypto/rand.Read is more appropriate.
  * mime: The ParseMediaType function now allows duplicate
    parameter names, so long as the values of the names are the
    same.
  * mime/multipart: Methods of the Reader type now wrap errors
    returned by the underlying io.Reader.
  * net: The LookupCNAME function now consistently returns the
    contents of a CNAME record when one exists. Previously on Unix
    systems and when using the pure Go resolver, LookupCNAME would
    return an error if a CNAME record referred to a name that with
    no A, AAAA, or CNAME record. This change modifies LookupCNAME
    to match the previous behavior on Windows, allowing LookupCNAME
    to succeed whenever a CNAME exists.
  * net: Interface.Flags now includes the new flag FlagRunning,
    indicating an operationally active interface. An interface
    which is administratively configured but not active (for
    example, because the network cable is not connected) will have
    FlagUp set but not FlagRunning.
  * net: The new Dialer.ControlContext field contains a callback
    function similar to the existing Dialer.Control hook, that
    additionally accepts the dial context as a parameter. Control
    is ignored when ControlContext is not nil.
  * net: The Go DNS resolver recognizes the trust-ad resolver
    option. When options trust-ad is set in resolv.conf, the Go
    resolver will set the AD bit in DNS queries. The resolver does
    not make use of the AD bit in responses.
  * net: DNS resolution will detect changes to /etc/nsswitch.conf
    and reload the file when it changes. Checks are made at most
    once every five seconds, matching the previous handling of
    /etc/hosts and /etc/resolv.conf.
  * net/http: The ResponseWriter.WriteHeader function now supports
    sending 1xx status codes.
  * net/http: The new Server.DisableGeneralOptionsHandler
    configuration setting allows disabling the default OPTIONS *
    handler.
  * net/http: The new Transport.OnProxyConnectResponse hook is
    called when a Transport receives an HTTP response from a proxy
    for a CONNECT request.
  * net/http: The HTTP server now accepts HEAD requests containing
    a body, rather than rejecting them as invalid.
  * net/http: HTTP/2 stream errors returned by net/http functions
    may be converted to a golang.org/x/net/http2.StreamError using
    errors.As.
  * net/http: Leading and trailing spaces are trimmed from cookie
    names, rather than being rejected as invalid. For example, a
    cookie setting of 'name =value' is now accepted as setting the
    cookie 'name'.
  * net/netip: The new IPv6LinkLocalAllRouters and IPv6Loopback
    functions are the net/netip equivalents of net.IPv6loopback and
    net.IPv6linklocalallrouters.
  * os: On Windows, the name NUL is no longer treated as a special
    case in Mkdir and Stat.
  * os: On Windows, File.Stat now uses the file handle to retrieve
    attributes when the file is a directory. Previously it would
    use the path passed to Open, which may no longer be the file
    represented by the file handle if the file has been moved or
    replaced. This change modifies Open to open directories without
    the FILE_SHARE_DELETE access, which match the behavior of
    regular files.
  * os: On Windows, File.Seek now supports seeking to the beginning
    of a directory.
  * os/exec: The new Cmd fields Cancel and WaitDelay specify the
    behavior of the Cmd when its associated Context is canceled or
    its process exits with I/O pipes still held open by a child
    process.
  * path/filepath: The new error SkipAll terminates a Walk
    immediately but successfully.
  * path/filepath: The new IsLocal function reports whether a path
    is lexically local to a directory. For example, if IsLocal(p)
    is true, then Open(p) will refer to a file that is lexically
    within the subtree rooted at the current directory.
  * reflect: The new Value.Comparable and Value.Equal methods can
    be used to compare two Values for equality. Comparable reports
    whether Equal is a valid operation for a given Value receiver.
  * reflect: The new Value.Grow method extends a slice to guarantee
    space for another n elements.
  * reflect: The new Value.SetZero method sets a value to be the
    zero value for its type.
  * reflect: Go 1.18 introduced Value.SetIterKey and
    Value.SetIterValue methods. These are optimizations:
    v.SetIterKey(it) is meant to be equivalent to
    v.Set(it.Key()). The implementations incorrectly omitted a
    check for use of unexported fields that was present in the
    unoptimized forms. Go 1.20 corrects these methods to include
    the unexported field check.
  * regexp: Go 1.19.2 and Go 1.18.7 included a security fix to the
    regular expression parser, making it reject very large
    expressions that would consume too much memory. Because Go
    patch releases do not introduce new API, the parser returned
    syntax.ErrInternalError in this case. Go 1.20 adds a more
    specific error, syntax.ErrLarge, which the parser now returns
    instead.
  * runtime/cgo: Go 1.20 adds new Incomplete marker type. Code
    generated by cgo will use cgo.Incomplete to mark an incomplete
    C type.
  * runtime/metrics: Go 1.20 adds new supported metrics, including
    the current GOMAXPROCS setting (/sched/gomaxprocs:threads), the
    number of cgo calls executed (/cgo/go-to-c-calls:calls), total
    mutex block time (/sync/mutex/wait/total:seconds), and various
    measures of time spent in garbage collection.
  * runtime/metrics: Time-based histogram metrics are now less
    precise, but take up much less memory.
  * runtime/pprof: Mutex profile samples are now pre-scaled, fixing
    an issue where old mutex profile samples would be scaled
    incorrectly if the sampling rate changed during execution.
  * runtime/pprof: Profiles collected on Windows now include memory
    mapping information that fixes symbolization issues for
    position-independent binaries.
  * runtime/trace: The garbage collector's background sweeper now
    yields less frequently, resulting in many fewer extraneous
    events in execution traces.
  * strings: The new CutPrefix and CutSuffix functions are like
    TrimPrefix and TrimSuffix but also report whether the string
    was trimmed.
  * sync: The new Map methods Swap, CompareAndSwap, and
    CompareAndDelete allow existing map entries to be updated
    atomically.
  * syscall: On FreeBSD, compatibility shims needed for FreeBSD 11
    and earlier have been removed.
  * syscall: On Linux, additional CLONE_* constants are defined for
    use with the SysProcAttr.Cloneflags field.
  * syscall: On Linux, the new SysProcAttr.CgroupFD and
    SysProcAttr.UseCgroupFD fields provide a way to place a child
    process into a specific cgroup.
  * testing: The new method B.Elapsed reports the current elapsed
    time of the benchmark, which may be useful for calculating
    rates to report with ReportMetric.
  * time: The new time layout constants DateTime, DateOnly, and
    TimeOnly provide names for three of the most common layout
    strings used in a survey of public Go source code.
  * time: The new Time.Compare method compares two times.
  * time: Parse now ignores sub-nanosecond precision in its input,
    instead of reporting those digits as an error.
  * time: The Time.MarshalJSON method is now more strict about
    adherence to RFC 3339.
  * unicode/utf16: The new AppendRune function appends the UTF-16
    encoding of a given rune to a uint16 slice, analogous to
    utf8.AppendRune.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:738-1
Released:    Wed Mar 15 08:17:45 2023
Summary:     Security update for nodejs18
Type:        security
Severity:    important
References:  1208413,1208481,1208483,1208485,1208487,CVE-2023-23918,CVE-2023-23919,CVE-2023-23920,CVE-2023-23936,CVE-2023-24807
This update for nodejs18 fixes the following issues:

Update to NodeJS 18.14.2 LTS:

- CVE-2023-23918: Fixed permissions policies that could have been bypassed via process.mainModule (bsc#1208481).
- CVE-2023-23919: Fixed OpenSSL error handling issues in nodejs crypto library (bsc#1208483).
- CVE-2023-23920: Fixed insecure loading of ICU data through ICU_DATA environment (bsc#1208487).
- CVE-2023-23936: Fixed protection against CRLF injection in host headers inside fetch API (bsc#1208485).
- CVE-2023-24807: Fixed possible Regular Expression Denial of Service (ReDoS) via Headers.set() and Headers.append() methods (bsc#1208413).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:743-1
Released:    Wed Mar 15 11:18:23 2023
Summary:     Recommended update for gnutls
Type:        recommended
Severity:    moderate
References:  1209001
This update for gnutls fixes the following issues:

FIPS: Establish PBKDF2 additional requirements [bsc#1209001]

* Set the minimum output key length to 112 bits (FIPS 140-3 IG D.N)
* Set the minimum salt length to 128 bits (SP 800-132 sec. 5.1)
* Set the minimum iterations count to 1000 (SP 800-132 sec 5.2)
* Set the minimum passlen of 20 characters (SP SP800-132 sec 5)
* Add regression tests for the new PBKDF2 requirements.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:746-1
Released:    Wed Mar 15 12:15:23 2023
Summary:     Security update for perl-Net-Server
Type:        security
Severity:    moderate
References:  808830,CVE-2013-1841
This update for perl-Net-Server fixes the following issues:

- CVE-2013-1841: Fixed insufficient hostname access checking (bsc#808830).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:752-1
Released:    Thu Mar 16 08:40:03 2023
Summary:     Security update for java-11-openjdk
Type:        security
Severity:    moderate
References:  1206549,1207246,1207248,CVE-2023-21835,CVE-2023-21843
This update for java-11-openjdk fixes the following issues:

- CVE-2023-21843: Fixed soundbank URL remote loading (bsc#1207248).
- CVE-2023-21835: Fixed handshake DoS attack against DTLS connections (bsc#1207246).

Bugfixes:

- Remove broken accessibility sub-package (bsc#1206549).


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:753-1
Released:    Thu Mar 16 10:25:51 2023
Summary:     Feature update for cpuid
Type:        recommended
Severity:    important
References:  
This update for cpuid fixes the following issues:

- Inclued cpuid in SUSE Linux Enterprise 15 Service Pack 4 Basesystem Module on x86_64 architecture (jsc#PED-3044)
- Version update from 20201006 to 20221201 (jsc#PED-2804, jsc#PED-3028):
  * Multiple detection and decodings updated
  * Many updated and added identified CPU models and variants
  * Updated hypervisor support
  * For the detailed list of changes please consult the packaged Changelog

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:754-1
Released:    Thu Mar 16 11:04:48 2023
Summary:     Recommended update for pam_saslauthd
Type:        recommended
Severity:    moderate
References:  1206563
This update for pam_saslauthd fixes the following issues:

- Improve pam_saslauthd default configuration for openldap migration (bsc#1206563)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:756-1
Released:    Thu Mar 16 11:17:43 2023
Summary:     Recommended update for libappindicator
Type:        recommended
Severity:    moderate
References:  1207112
This update for libappindicator fixes the following issues:

- Provide compatibility symbol required by Slack RPM  package (bsc#1207112)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:765-1
Released:    Thu Mar 16 12:21:37 2023
Summary:     Recommended update for gnu-compilers-hpc
Type:        recommended
Severity:    moderate
References:  1191381
This update for gnu-compilers-hpc fixes the following issues:

- Fix compatibility for SLE-12
- Add support for gcc12 (jsc#PED-2834).
- Fix _multibuild with correct list of gcc version.
- Update packaging macros (bsc#1191381)

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2023:775-1
Released:    Thu Mar 16 15:58:55 2023
Summary:     Feature for updating the Java stack
Type:        feature
Severity:    critical
References:  1047218,1062631,1120360,1133997,1134001,1145693,1171696,1172961,1173600,1177180,1177488,1177568,1179926,1180215,1182284,1182708,1182748,1182754,1184356,1184357,1184755,1186328,1187446,1188468,1188469,1188529,1190660,1190663,1193795,1195108,1195557,1198279,1198404,1198739,1198833,1201081,1201316,1201317,1203154,1203515,1203516,1203672,1203673,1203674,1203868,1204173,1204284,1204918,1205138,1205142,1205647,1206018,1206400,1206401,CVE-2019-17566,CVE-2020-11022,CVE-2020-11023,CVE-2020-11979,CVE-2020-11987,CVE-2020-11988,CVE-2020-13956,CVE-2020-15522,CVE-2020-1945,CVE-2020-26945,CVE-2020-28052,CVE-2020-2875,CVE-2020-2933,CVE-2020-2934,CVE-2020-8908,CVE-2021-2471,CVE-2021-26291,CVE-2021-27807,CVE-2021-27906,CVE-2021-29425,CVE-2021-33813,CVE-2021-36373,CVE-2021-36374,CVE-2021-37533,CVE-2021-42550,CVE-2021-43980,CVE-2022-2047,CVE-2022-2048,CVE-2022-23437,CVE-2022-24839,CVE-2022-28366,CVE-2022-29599,CVE-2022-37865,CVE-2022-37866,CVE-2022-38398,CVE-2022-38648,CVE-2022-38752,CVE-2022-40146,CVE-2022-40149,CVE-2022-40150,CVE-2022-42252,CVE-2022-42889,CVE-2022-45685,CVE-2022-45693
This feature update for the Java stack provides:

ant:

- Update ant from version 1.10.7 to version 1.10.12. (jsc#SLE-23217)
  * CVE-2021-36374: Excessive memory allocation when reading a crafted ZIP archive or a derived formats. (bsc#1188469)
  * CVE-2021-36373: Excessive memory allocation when reading a crafted TAR archive. (bsc#1188468)
  * Do not follow redirects if the 'followRedirects' attribute is set to 'false'.
  * Make sure setting build.compiler to the fully qualified classname that corresponds to extJavac or modern has the 
    same effect as using the shorter alias names.
  * Prevent potential deadlocks in org.apache.tools.ant.IntrospectionHelper.
  * Avoid file name canonicalization when possible.
  * Upgraded AntUnit to 1.4.1.
  * CVE-2020-11979: Fixed an insecure temporary file vulnerability. (bnc#1177180)
  * CVE-2020-1945: insecure temporary file vulnerability. (bsc#1171696)
  * sshexec, sshsession and scp now support a new sshConfig parameter. 
    It specifies the SSH configuration file (typically ${user.home}/.ssh/config) defining the username and keyfile to 
    be used per host.
  * Add rhino to the ant-apache-bsf optional tasks. (bsc#1134001)
  * Remove jakarta-commons-* dependencies and use apache-commons-logging and apache-commons-net in 
    optional tasks. (bsc#1133997)
  * Use xml-commons-apis-bootstrap as jar in classpath instead of the common xml-apis jar.
  * Do not build against the log4j12 packages, use the new reload4j

ant-antlr:

- Update ant-antlr from version 1.10.7 to  version 1.10.12. (jsc#SLE-23217)
  * CVE-2021-36374: Excessive memory allocation when reading a crafted ZIP archive or a derived formats. (bsc#1188469)
  * CVE-2021-36373: Excessive memory allocation when reading a crafted TAR archive. (bsc#1188468)
  * Do not follow redirects if the 'followRedirects' attribute is set to 'false'.
  * Make sure setting build.compiler to the fully qualified classname that corresponds to extJavac or modern has the
    same effect as using the shorter alias names.
  * Prevent potential deadlocks in org.apache.tools.ant.IntrospectionHelper.
  * Avoid file name canonicalization when possible.
  * Upgraded AntUnit to 1.4.1.
  * CVE-2020-11979: Fixed an insecure temporary file vulnerability. (bnc#1177180)
  * CVE-2020-1945: insecure temporary file vulnerability. (bsc#1171696)
  * sshexec, sshsession and scp now support a new sshConfig parameter.
    It specifies the SSH configuration file (typically ${user.home}/.ssh/config) defining the username and keyfile to
    be used per host.
  * Add rhino to the ant-apache-bsf optional tasks. (bsc#1134001)
  * Remove jakarta-commons-* dependencies and use apache-commons-logging and apache-commons-net in
    optional tasks. (bsc#1133997)
  * Use xml-commons-apis-bootstrap as jar in classpath instead of the common xml-apis jar.
  * Do not build against the log4j12 packages, use the new reload4j

ant-contrib:

- Fix build with apache-ivy 2.5.1 (jsc#SLE-23217)

ant-junit:

- Update ant-junit from version 1.10.7 to  version 1.10.12. (jsc#SLE-23217)
  * CVE-2021-36374: Excessive memory allocation when reading a crafted ZIP archive or a derived formats. (bsc#1188469)
  * CVE-2021-36373: Excessive memory allocation when reading a crafted TAR archive. (bsc#1188468)
  * Do not follow redirects if the 'followRedirects' attribute is set to 'false'.
  * Make sure setting build.compiler to the fully qualified classname that corresponds to extJavac or modern has the
    same effect as using the shorter alias names.
  * Prevent potential deadlocks in org.apache.tools.ant.IntrospectionHelper.
  * Avoid file name canonicalization when possible.
  * Upgraded AntUnit to 1.4.1.
  * CVE-2020-11979: Fixed an insecure temporary file vulnerability. (bnc#1177180)
  * CVE-2020-1945: insecure temporary file vulnerability. (bsc#1171696)
  * sshexec, sshsession and scp now support a new sshConfig parameter.
    It specifies the SSH configuration file (typically ${user.home}/.ssh/config) defining the username and keyfile to
    be used per host.
  * Add rhino to the ant-apache-bsf optional tasks. (bsc#1134001)
  * Remove jakarta-commons-* dependencies and use apache-commons-logging and apache-commons-net in
    optional tasks. (bsc#1133997)
  * Use xml-commons-apis-bootstrap as jar in classpath instead of the common xml-apis jar.
  * Do not build against the log4j12 packages, use the new reload4j

ant-junit5:

- Update ant-junit5 from version 1.10.7 to  version 1.10.12. (jsc#SLE-23217)
  * CVE-2021-36374: Excessive memory allocation when reading a crafted ZIP archive or a derived formats. (bsc#1188469)
  * CVE-2021-36373: Excessive memory allocation when reading a crafted TAR archive. (bsc#1188468)
  * Do not follow redirects if the 'followRedirects' attribute is set to 'false'.
  * Make sure setting build.compiler to the fully qualified classname that corresponds to extJavac or modern has the
    same effect as using the shorter alias names.
  * Prevent potential deadlocks in org.apache.tools.ant.IntrospectionHelper.
  * Avoid file name canonicalization when possible.
  * Upgraded AntUnit to 1.4.1.
  * CVE-2020-11979: Fixed an insecure temporary file vulnerability. (bnc#1177180)
  * CVE-2020-1945: insecure temporary file vulnerability. (bsc#1171696)
  * sshexec, sshsession and scp now support a new sshConfig parameter.
    It specifies the SSH configuration file (typically ${user.home}/.ssh/config) defining the username and keyfile to
    be used per host.
  * Add rhino to the ant-apache-bsf optional tasks. (bsc#1134001)
  * Remove jakarta-commons-* dependencies and use apache-commons-logging and apache-commons-net in
    optional tasks. (bsc#1133997)
  * Use xml-commons-apis-bootstrap as jar in classpath instead of the common xml-apis jar.
- Do not build against the log4j12 packages, use the new reload4j

antlr:

- Build antlr-manual package without examples files. (bsc#1120360)

antlr3:

- Build with source and target levels 8 (jsc#SLE-23217)

antlr4:

- Update antlr4 from version 4.7.2 to version 4.9.3. (jsc#SLE-23217)
  * The libantlr4-runtime-devel now requires utfcpp-devel
  * For more details check: https://github.com/antlr/antlr4/compare/4.7.2...4.9.3

aopalliance:

- Build with source and target levels 8 (jsc#SLE-23217)

apache-commons-beanutils:

- Provide apache-commons-beanutils 1.9.4 and solve installation issues. (jsc#SLE-23217)
- There are no source changes.

apache-commons-cli:

- Update apache-commons-cli from version 1.4 to version 1.5.0. (jsc#SLE-23217)
  * Replace deprecated FindBugs with SpotBugs
  * Replace CLIRR with JApiCmp.
  * Update Java from version 5 to 7
  * Remove deprecated sudo setting
  * Bump junit:junit to 4.13.2
  * Bump commons-parent to 52
  * Bump maven-pmd-plugin to 3.15.0
  * Bump actions/checkout to v2.3.5
  * Bump actions/setup-java to v2
  * Bump maven-antrun-plugin to 3.0.0
  * Bump maven-checkstyle-plugin to 3.1.2
  * Bump checkstyle to 9.0.1
  * Bump actions/cache to 2.1.6
  * Bump commons.animal-sniffer.version to 1.20
  * Bump maven-bundle-plugin to 5.1.2
  * Bump biz.aQute.bndlib.version to 6.0.0
  * Bump spotbugs to 4.4.2
  * Bump spotbugs-maven-plugin to 4.4.2.2
  * Add OSGi manifest to the build files.
  * Set java source/target levels to 6

apache-commons-codec:

- Update apache-commons-codec from version 1.11 to version 1.15. (jsc#SLE-23217)
  * Do not alias the artifact to itself
  * Base16Codec and Base16Input/OutputStream.
  * Hex encode/decode with existing arrays.
  * Base32/Base64 Input/OutputStream: Added strict decoding property to control handling of trailing bits. Default 
    lenient mode discards them without error. Strict mode raise an exception.
  * Update tests from JUnit to 4.13.
  * Update actions/checkout to v2.3.2
  * Update actions/setup-java to v1.4.1.
  * MurmurHash3: Deprecate hash64 methods and hash methods accepting a String that use the default encoding.
  * Allow repeat calls to MurmurHash3.IncrementalHash32.end() to generate the same value.
  * Add RandomAccessFile digest methods
  * Add Path APIs to org.apache.commons.codec.digest.DigestUtils similar to File APIs.
  * Add SHA-512/224 and SHA-512/256 to DigestUtils for Java 9 and up.
  * Deprecate Charset constants in org.apache.commons.codec.Charsets in favor of java.nio.charset.StandardCharsets.
  * Reject any decode request for a value that is impossible to encode to for Base32/Base64.
  * MurmurHash2 for 32-bit or 64-bit value.
  * MurmurHash3 for 32-bit or 128-bit value.
  * Update from Java 6 to Java 7.
  * Add Percent-Encoding Codec (described in RFC3986 and RFC7578)
  * Add SHA-3 methods in DigestUtils.

apache-commons-collections4:

- Build with source and target levels 8 (jsc#SLE-23217)

apache-commons-collections:

- Do not use a dummy pom that only declares dependencies for the testframework artifact

apache-commons-compress:

- Remove support for pack200 which depends on old asm3. (jsc#SLE-23217)

apache-commons-configuration:

- Build with source and target levels 8 (jsc#SLE-23217)

apache-commons-csv:

- Provide apache-commons-csv version 1.9.0 (jsc#SLE-23217)

apache-commons-daemon:

- Update apache-commons-daemon from version 1.0.15 to version 1.2.4. (jsc#SLE-23217)
  * Build with source/target levels 8
  * Ensure that log messages written to stdout and stderr are not lost during start-up.
  * Enable the service to start if the Options value is not present in the registry.
  * jsvc. Don't fail if the CAP_DAC_READ_SEARCH capability is not available. Fall back to using argv[0] rather than 
    /proc/self/exe to determine the path for the current binary.
  * Improved JRE/JDK detection to support increased range of both JVM versions and vendors
  * Correct multiple issues related to enabling a service to interact with the desktop. Provide a better error message 
    if this option is used with an invalid user, install the service with the option enabled if requested 
    and correctly save the setting if it is enabled in the GUI.
  * Update the list of paths searched for libjvm.so to include the path used by OpenJDK 11.
  * Add additional debug logging for Java start mode.
  * Remove incorrect definition 'supported_os' which defined in psupport.m4 file to fix jsvc build error on s390, 
    arm, aarch64, mipsel and mips.
  * More debug logging in prunsrv.c and javajni.c.
  * Update arguments.c to support Java 11 --enable-preview.
  * jsvc and Procrun: ad support for Java native memory tracking.
  * Procrun. Add a new command, print, that outputs the command to (re-)configure the service with the current 
    settings. This is intended to be used to save settings such as before an upgrade.
  * Update: Update Commons-Parent to version 49.
  * Add AArch64 support to src/native/unix/support/apsupport.m4.
  * Procrun. When running in jre mode, if the standard Java registry entries for JavaHome and RuntimeLib are not 
    present, attempt to use the Procrun JavaHome key to find the runtime library.
  * Procrun. Add an option to configure the service to use the 'Automatic (Delayed Start)' startup mode.
  * jsvc. Include the full path to the jsvc executable in the debug log.
  * Remove support for building Procrun for the Itanium platform.

apache-commons-dbcp:

- Provide apache-commons-dbcp version 2.1.1 and solve installation issues. (jsc#SLE-23217)
- There are no source changes.

apache-commons-digester:

- Build with source and target levels 8 (jsc#SLE-23217)

apache-commons-el:

- Build with source and target levels 8 (jsc#SLE-23217)

apache-commons-exec:

- Build with source and target levels 8 (jsc#SLE-23217)

apache-commons-fileupload:

- Build with source and target levels 8 (jsc#SLE-23217)

apache-commons-io:

- Update apache-commons-io from version 2.6 to version 2.11.0. (jsc#SLE-23217)
  * CVE-2021-29425: Limited path traversal in Apache Commons IO (bsc#1184755)
  * Java 8 or later is required
  * This update provides several fixes and enhancements. 
    For a full overview please, visit: https://commons.apache.org/proper/commons-io/changes-report.html

apache-commons-jexl:

- Build with source and target levels 8 (jsc#SLE-23217)

apache-commons-lang3:

- Update apache-commons-lang3 from version 3.8.1 to version 3.12.0. (jsc#SLE-23217)
  * Remove the junit bom dependency as it breaks the build of other packages like log4j.
  * Fix component version in default.properties to 3.12 
  * Add BooleanUtils.booleanValues().
  * Add BooleanUtils.primitiveValues().
  * Add StringUtils.containsAnyIgnoreCase(CharSequence, CharSequence...).
  * Add StopWatch.getStopTime().
  * Add fluent-style ArraySorter.
  * Add and use LocaleUtils.toLocale(Locale) to avoid NPEs. 
  * Add FailableShortSupplier, handy for JDBC APIs. 
  * Add JavaVersion.JAVA_17. 
  * Add missing boolean[] join method.
  * Add StringUtils.substringBefore(String, int). 
  * Add Range.INTEGER. 
  * Add DurationUtils. 
  * Introduce the use of @Nonnull, and @Nullable, and the Objects class as a helper tool.
  * Add and use true and false String constants.
  * Add and use ObjectUtils.requireNonEmpty().
  * Correct implementation of RandomUtils.nextLong(long, long).
  * Restore handling of collections for non-JSON ToStringStyle.
  * ContextedException Javadoc add missing semicolon.
  * Resolve JUnit pioneer transitive dependencies using JUnit BOM.
  * NumberUtilsTest - incorrect types in min/max tests.
  * Improve StringUtils.stripAccents conversion of remaining accents.
  * StringUtils.countMatches - clarify Javadoc.
  * Remove redundant argument from substring call.
  * BigDecimal is created when you pass it the min and max values.
  * TypeUtils.isAssignable returns wrong result for GenericArrayType and ParameterizedType.
  * testGetAllFields and testGetFieldsWithAnnotation sometimes fail.
  * TypeUtils. containsTypeVariables does not support GenericArrayType.
  * Refine StringUtils.lastIndexOfIgnoreCase.
  * Refine StringUtils.abbreviate.    
  * Refine StringUtils.isNumericSpace.  
  * Refine StringUtils.deleteWhitespace.  
  * MethodUtils.invokeMethod NullPointerException in case of null in args list.
  * Fix 2 digit week year formatting.
  * Add and use ThreadUtils.sleep(Duration).  
  * Add and use ThreadUtils.join(Thread, Duration).
  * Add ObjectUtils.wait(Duration).
  * ArrayUtils.toPrimitive(Object) does not support boolean and other types.
  * Processor.java: check enum equality with == instead of .equals() method.
  * Use own validator ObjectUtils.anyNull to check null String input.
  * Add ArrayUtils.isSameLength() to compare more array types.
  * Added the Locks class as a convenient possibility to deal with locked objects.
  * Add to Functions: FailableBooleanSupplier, FailableIntSupplier, FailableLongSupplier, FailableDoubleSupplier...
  * Add ArrayUtils.get(T[], index, T) to provide an out-of-bounds default value.
  * Add JavaVersion enum constants for Java 14, 15 and 16.
  * Use Java 8 lambdas and Map operations.
  * Change removeLastFieldSeparator to use endsWith.
  * Change a Pattern to a static final field, for not letting it compile each time the function invoked.
  * Add ImmutablePair factory methods left() and right().
  * Add ObjectUtils.toString(Object, Supplier<String>).
  * Add org.apache.commons.lang3.StringUtils.substringAfter(String, int).
  * Add org.apache.commons.lang3.StringUtils.substringAfterLast(String, int).
  * Use StandardCharsets.UTF_8.
  * Use Collections.singletonList insteadof Arrays.asList when there be only one element.
  * Change array style from `int a[]` to `int[] a`.
  * Change from addAll to constructors for some List.
  * Simplify if as some conditions are covered by others.
  * Fixed Javadocs for setTestRecursive().
  * ToStringBuilder.reflectionToString - Wrong JSON format when object has a List of Enum.
  * Make org.apache.commons.lang3.CharSequenceUtils.toCharArray(CharSequence) public.
  * Update actions/cache from v2 to v2.1.4.
  * Update actions/checkout from v2.3.1 to v2.3.4.
  * Update actions/setup-java from v1.4.0 to v1.4.2.
  * Update biz.aQute.bndlib from 5.1.1 to 5.3.0.
  * Update com.puppycrawl.tools:checkstyle to 8.34.
  * Update commons.jacoco.version 0.8.5 to 0.8.6 (Fixes Java 15 builds).
  * Update commons.japicmp.version to 0.15.2.
  * Update jmh.version from 1.21 to 1.27.
  * Update junit-bom from 5.7.0 to 5.7.1.
  * Update junit-jupiter to 5.7.0.
  * Update junit-pioneer to 1.3.0.
  * Update maven-checkstyle-plugin to 3.1.2.
  * Update maven-pmd-plugin from 3.13.0 to 3.14.0.
  * Update maven-surefire-plugin 2.22.2 -> 3.0.0-M5.
  * Update org.apache.commons:commons-parent to 51.
  * Update org.easymock:easymock to 4.2.
  * Update org.hamcrest:hamcrest 2.1 -> 2.2.
  * Update org.junit.jupiter:junit-jupiter to 5.6.2.
  * Update spotbugs to 4.2.1.
  * Update spotbugs-maven-plugin from 4.0.0 to 4.2.0.
  * Add ExceptionUtils.throwableOfType(Throwable, Class) and friends.
  * Add EMPTY_ARRAY constants to classes in org.apache.commons.lang3.tuple.
  * Add null-safe StringUtils APIs to wrap String#getBytes([Charset|String]).
  * Add zero arg constructor for org.apache.commons.lang3.NotImplementedException.
  * Add ArrayUtils.addFirst() methods.
  * Add Range.fit(T) to fit a value into a range.
  * Added Functions.as*, and tests thereof, as suggested by Peter Verhas
  * Add getters for lhs and rhs objects in DiffResult.
  * Generify builder classes Diffable, DiffBuilder, and DiffResult.
  * Add ClassLoaderUtils with toString() implementations.
  * Add null-safe APIs as StringUtils.toRootLowerCase(String) and StringUtils.toRootUpperCase(String).
  * Add org.apache.commons.lang3.time.Calendars.
  * Add EnumUtils getEnum() methods with default values.
  * Added indexesOf methods and simplified removeAllOccurences.
  * Add support of lambda value evaluation for defaulting methods.
  * Add factory methods to Pair classes with Map.Entry input.
  * Add StopWatch convenience APIs to format times and create a simple instance.
  * Allow a StopWatch to carry an optional message.
  * Add ComparableUtils.
  * Add org.apache.commons.lang3.SystemUtils.getUserName().
  * Add ObjectToStringComparator.
  * Add org.apache.commons.lang3.arch.Processor.Arch.getLabel().
  * Add IS_JAVA_14 and IS_JAVA_15 to org.apache.commons.lang3.SystemUtils.
  * ObjectUtils: Get first non-null supplier value.
  * Added the Streams class, and Functions.stream() as an accessor thereof.
  * Make test more stable by wrapping assertions in hashset.
  * Use synchronize on a set created with Collections.synchronizedSet before iterating.
  * StringUtils.unwrap incorrect throw StringIndexOutOfBoundsException.
  * StringIndexOutOfBoundsException in StringUtils.replaceIgnoreCase.
  * StringUtils.removeIgnoreCase('?a', 'a') throws IndexOutOfBoundsException.
  * StringUtils abbreviate returns String of length greater than maxWidth.
  * Deprecate org.apache.commons.lang3.ArrayUtils.removeAllOccurences(*) for 
    org.apache.commons.lang3.ArrayUtils.removeAllOccurrences(*).
  * Requires jdk >= 1.8
  * Add more SystemUtils.IS_JAVA_XX variants
  * Adding the Functions class
  * Add @FunctionalInterface to ThreadPredicate and ThreadGroupPredicate
  * Add isEmpty method to ObjectUtils
  * null-safe StringUtils.valueOf(char[]) to delegate to String.valueOf(char[]).
  * Add API org.apache.commons.lang3.SystemUtils.isJavaVersionAtMost(JavaVersion)
  * Consolidate the StringUtils equals and equalsIgnoreCase
  * Add OSGi manifest    

apache-commons-logging:

- Do not build against the log4j12 packages, use the new reload4j (jsc#SLE-23217)

apache-commons-math:

- Provide apache-commons-math version 3.6.1 (jsc#SLE-23217)

apache-commons-net:

- Update from version 3.6 to version 3.9.0 (jsc#SLE-23217)
  * CVE-2021-37533: FTP client trusts the host from PASV response by default (bsc#1206018)
  * Build with source and target levels 8

apache-commons-ognl:

- Provide apache-commons-ognl version 4.0-20191021git51cf8f4. (jsc#SLE-23217)

apache-commons-parent:

- Update apache-commons-parent from version 47 to version 52. (jsc#SLE-23217)
  * For a full changelog, please visit: 
    https://github.com/apache/commons-parent/compare/commons-parent-47...rel/commons-parent-52

apache-commons-pool2:

- Provide apache-commons-pool2 2.4.2 and solve installation issues. (jsc#SLE-23217)
- There are no source changes.

apache-commons-text:

- Provide apache-commons-text version 1.10.0 (jsc#SLE-23217)
  * CVE-2022-42889: code execution when processing untrusted input due to insecure interpolation defaults. (bsc#1204284)
  * This is a new dependency of maven-javadoc-plugin.
  * Build with ant in order to avoid build cycles.

apache-ivy:

- Upgrade from version 2.4.0 to version 2.5.1. (jsc#SLE-23217)
  * CVE-2022-37866: path traversal via user-supplied pattern (bsc#1205142)
  * CVE-2022-37865: apache-ivy: Apache Ivy allow create/overwrite any file on the system. (bsc#1205138)
  * Breaking: 
    + Removed old `fr\jayasoft\ivy\ant\antlib.xml` AntLib definition file.
  * Force building with JDK < 14, since it imports statically a class removed in JDK14.
  * Change dependencies for the httpclient to httpcomponents-client instead of apache-commons-httpclient.


apache-logging-parent:

- Update apache-logging-parent from version 2 to version 5. (jsc#SLE-23217)
  * Do not require maven-local, since it can be handled by javapackages-local

apache-parent:

- Check upstream source signature

apache-pdfbox:

- Update apache-pdfbox from version 1.8.16 to version 2.0.23. (jsc#SLE-23217)
  * CVE-2021-27807: infinite loop while loading a crafted PDF file. (bsc#1184356)
  * CVE-2021-27906: OutOfMemory-Exception while loading a crafted PDF file. (bsc#1184357)
  * Fix build with bouncycastle 1.71 and the new bcutil artifact
  * Build with source/target levels 8
  * Package all resources in pdfbox module
  * Improve document signing
  * Allow reuse of subsetted fonts by inverting the ToUnicode CMap
  * Improve performance in signature validation
  * Add more checks to PDFXrefStreamParser and reduce memory footprint
  * Use StringBuilder for key in PDDeviceN.toRGBWithTintTransform()
  * Don't use RGB loop in PDDeviceN.toRGBWithTintTransform()
  * Add source signature and keyring
  * Move from 1.x release line to the 2.x one. This is a ABI change
  * Generate the ant build system from the maven one and customize it.

apache-resource-bundles:

- Provide apache-resource-bundles version 2 (jsc#SLE-23217)
  * This package contains templates for generating necessary license files and notices for all Apache releases.
  * This is a build dependency of apache-sshd

apache-sshd:

- Provide apache-sshd version 2.7.0 as dependency of eclipse-jgit (jsc#SLE-23217)

apiguardian:

- Build with source and target levels 8 (jsc#SLE-23217)

aqute-bnd:

- Update aqute-bnd from version 3.5.0 to version 5.2.0. (jsc#SLE-23217)
  * ant plugin is in separate artifact.
  * Produce bytecode compatible with Java 8
  * Port to OSGI 7.0.0
  * Require aqute-bndlib

args4j:

- Build with source and target levels 8 (jsc#SLE-23217)

asm3:

- Build with source and target levels 8 (jsc#SLE-23217)

atinject:

- Update atinject from version 1+20100611git1f74ea7 to version 1+20160610git1f74ea7. (jsc#SLE-23217)
  * Alias to the new jakarta name
  * Fetch the sources using a source service
  * Do not use the upstream build.sh, but use it to write a necessary part directly to the spec file
  * Build with source/target levels 8
  * Fix build with javadoc 17.

auto:

- Update auto from version 1.3 to version 1.6.1. (jsc#SLE-23217)
  * Provide the auto-value-annotations artifact needed by google-errorprone
  * Provide auto-service-annotations and fix dependencies issues.

avalon-framework:

- Do not build against the log4j12 packages, use the new reload4j. (jsc#SLE-23217)

avalon-logkit:

- Do not build against the log4j12 packages, use the new reload4j. (jsc#SLE-23217)
- Do not build the org.apache.log.output.lf5 package

aws-sdk-java:

- Build with java source and target levels 8. (jsc#SLE-23217)
- Build against the standalone JavaEE modules unconditionally
- Double the maximum memory for javadoc to avoid out-of-memory on certain architectures
- Force generating javadoc with maven-javadoc-plugin, since the xmvn javadoc mojo doesn't work here.

axis:

- Require glassfish-activation-api in order to prevent missing APIs when running the ant task. (jsc#SLE-23217)
- Unify the dependency on glassfish-activation-api instead of jaf and gnu-jaf. (jsc#SLE-23217)
- On systems where the JavaEE modules exist, allow building against newer versions of APIs (jsc#SLE-23217)
- Alias relevant artifacts to org.apache.axis  (jsc#SLE-23217)
- Do not build against the log4j12 packages, use the new reload4j (jsc#SLE-23217)
- Require Java >= 1.8 (jsc#SLE-23217)

base64coder:

- Provide base64coder 20101219 and solve installation issues. (jsc#SLE-23217)
- There are no source changes.

beust-jcommander:

- Provide beust-jcommander 1.71 and solve installation issues. (jsc#SLE-23217)
- There are no source changes.

bnd-maven-plugin:

- Update bnd-maven-plugin from version 3.5.2 to version 5.2.0. (jsc#SLE-23217)
  * Produce bytecode compatible with Java 8
  * Port to OSGI 7.0.0
  * Require maven-mapping

bouncycastle:

- Update bouncycastle from version 1.64 to version 1.71. (jsc#SLE-23217)
  * Relevant fixes
    - CVE-2020-28052: OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the 
      password. (bsc#1180215)
    - CVE-2020-15522: Timing issue within the EC math library. (bsc#1186328)
    - Blake 3 output limit is enforced.
    - The PKCS12 KeyStore was relying on default precedence for its key Cipher implementation so was sometimes failing 
      if used from the keytool. The KeyStore class now makes sure it uses the correct Cipher implementation.
    - ASN.1: More robust handling of high tag numbers and  definite-length forms.
    - BCJSSE: Don't log sensitive system property values (GH#976).
    - The IES AlgorithmParameters object has been re-written to properly support all the variations of 
      IESParameterSpec.
    - PGPPublicKey.getBitStrength() now properly recognises EdDSA keys.
    - In line with GPG the PGP API now attempts to preserve comments containing non-ascii UTF8 characters.
    - An accidental partial dependency on Java 1.7 has been removed from the TLS API.
    - Lightweight and JCA conversion of Ed25519 keys in the PGP API could drop the leading byte as it was zero. This 
      has been fixed.
    - Marker packets appearing at the start of PGP public key rings could cause parsing failure. This has been fixed.
    - ESTService could fail for some valid Content-Type headers. This has been fixed.
    - CertificateFactory.generateCertificates()/generateCRLs() would throw an exception if extra data was found at 
      the end of a PEM file even if valid objects had been found. Extra data is now ignored providing at least 
      one object found.
    - PGP ArmoredInputStream now fails earlier on malformed headers.
    - Ed25519 keys being passed in via OpenSSH key spec are now validated in the KeyFactory.
    - Blowfish keys are now range checked on cipher construction.
    - The BasicConstraintsValidation class in the BC cert path validation tools has improved conformance to RFC 5280.
    - Fix various conversions and interoperability for XDH and EdDSA between BC and SunEC providers.
    - TLS: Prevent attempts to use KeyUpdate mechanism in versions before TLS 1.3.
    - Some BigIntegers utility methods would fail for BigInteger.ZERO. This has been fixed.
    - PGPUtil.isKeyRing() was not detecting secret sub-keys in its input. This has been fixed.
    - BCJSSE: Lock against multiple writers - a possible synchronization issue has been removed.
    - Certificates/CRLs with short signatures could cause an exception in toString() in the BC X509 Certificate 
      implmentation
    - In line with latest changes in the JVM, SignatureSpis which don't require parameters now return null on 
      engineGetParameters()
    - The RSA KeyFactory now always preferentially produces RSAPrivateCrtKey where it can on requests for a KeySpec 
      based on an RSAPrivateKey
    - CMSTypedStream$FullReaderStream now handles zero length reads correctly
    - CMS with Ed448 using a direct signature was using id-shake256-len rather than id-shake256.
    - Use of GCMParameterSpec could cause an AccessControlException under some circumstances.
    - DTLS: Fixed high-latency HelloVerifyRequest handshakes.
    - An encoding bug for rightEncoded() in KMAC has been fixed.
    - For a few values the cSHAKE implementation would add unnecessary pad bytes where the N and S strings produced 
      encoded data that was block aligned.
    - DLExternal would encode using DER encoding for tagged SETs.
    - ChaCha20Poly1305 could fail for large (>~2GB) files.
    - ChaCha20Poly1305 could fail for small updates when used via the provider.
    - Properties.getPropertyValue could ignore system property when other local overrides set.
    - The entropy gathering thread was not running in daemon mode, meaning there could be a delay in an application 
      shutting down due to it.
    - A recent change in Java 11 could cause an exception with the BC Provider's implementation of PSS.
    - BCJSSE: TrustManager now tolerates having no trusted certificates.
    - BCJSSE: Choice of credentials and signing algorithm now respect the peer's signature_algorithms extension 
      properly.
  * Additional Features and Functionality
    - Missing PGP CRC checksums can now be optionally ignored using setDetectMissingCRC() (default false) on 
      ArmoredInputStream.
    - PGPSecretKey.copyWithNewPassword() now has a variant which uses USAGE_SHA1 for key protection if a 
      PGPDigestCalculator is passed in.
    - PGP ASCII armored data now skips '\t', '\v', and '\f'.
    - PKCS12 files with duplicate localKeyId attributes on certificates will now have the incorrect attributes 
      filtered out, rather than the duplicate causing an exception.
    - PGPObjectFactory will now ignore packets representing unrecognised signature versions in the input stream.
    - The X.509 extension generator will now accumulate some duplicate X.509 extensions into a single extension 
      where it is possible to do so.
    - Removed support for maxXofLen in Kangaroo digest.
    - Ignore marker packets in PGP Public and Secret key ring collection.
    - An implementation of LEA has been added to the low-level API.
    - Access, recovery, and direct use for PGP session keys has been added to the OpenPGP API for processing 
      encrypted data.
    - A PGPCanonicalizedDataGenerator has been added which converts input into canonicalized literal data for 
      text and UTF-8 mode.
    - A getUserKeyingMaterial() method has been added to the KeyAgreeRecipientInformation class.
    - ASN.1: Tagged objects (and parsers) now support all tag classes. Special code for ApplicationSpecific has been 
      deprecated and re-implemented in terms of TaggedObject.
    - ASN.1: Improved support for nested tagging.
    - ASN.1: Added support for GraphicString, ObjectDescriptor, RelativeOID.
    - ASN.1: Added support for constructed BitString encodings, including efficient parsing for large values.
    - TLS: Added support for external PSK handshakes.
    - TLS: Check policy restrictions on key size when determining cipher suite support.
    - A performance issue in KeccakDigest due to left over debug code has been identified and dealt with.
    - BKS key stores can now be used for collecting protected keys (note: any attempt to store such a store will cause 
      an exception).
    - A method for recovering user keying material has been added to KeyAgreeRecipientInformation.
    - Support has been added to the CMS API for SHA-3 based PLAIN-ECDSA.
    - The low level BcDefaultDigestProvider now supports the SHAKEfamily of algorithms and the SM3 alogirthm.
    - PGPKeyRingGenerator now supports creation of key-rings with direct-key identified keys.
    - The PQC NIST candidate, signature algorithm SPHINCS+ has been added to the low-level API.
    - ArmoredInputStream now explicitly checks for a '\n' if in crLF mode.
    - Direct support for NotationDataOccurances, Exportable,Revocable, IntendedRecipientFingerPrints, and AEAD 
      algorithm preferences has been added to PGPSignatureSubpacketVector.
    - Further support has been added for keys described using S-Expressions in GPG 2.2.X.
    - Support for OpenPGP Session Keys from the (draft) Stateless OpenPGP CLI has been added.
    - Additional checks have been added for PGP marker packets in the parsing of PGP objects.
    - A CMSSignedData.addDigestAlgorithm() has been added to allow for adding additional digest algorithm identifiers 
      to CMS SignedData structures when required.
    - Support has been added to CMS for the LMS/HSS signature algorithm.
    - The system property 'org.bouncycastle.jsse.client.assumeOriginalHostName' (default false) has been added for 
      dealing with SNI problems related to the host name not being propagate by the JVM.
    - The JcePKCSPBEOutputEncryptorBuilder now supports SCRYPT with ciphers that do not have algorithm 
      parameters (e.g. AESKWP).
    - Support is now added for certificates using ETSI TS 103 097, 'Intelligent Transport Systems (ITS)' in 
      the bcpkix package.
    - Added support for OpenPGP regular expression signature packets.
    - added support for OpenPGP PolicyURI signature packets.
    - A utility method has been added to PGPSecretKeyRing to allow for inserting or replacing a PGPPublicKey.
    - The NIST PQC Finalist, Classic McEliece has been added to the low level API and the BCPQC provider.
    - The NIST PQC Alternate Candidate, SPHINCS+ has been added to the BCPQC provider.
    - The NIST PQC Alternate Candidate, FrodoKEM has been added to the low level API and the BCPQC provider.
    - The NIST PQC Finalist, SABER has been added to the low level API and the BCPQC provider.
    - KMAC128, KMAC256 has been added to the BC provider (empty customization string).
    - TupleHash128, TupleHash256 has been added to the BC provider (empty customization string).
    - ParallelHash128, ParallelHash256 has been added to the BC provider (empty customization string, 
      block size 1024 bits).
    - Two new properties: 'org.bouncycastle.rsa.max_size' (default 15360) and 'org.bouncycastle.ec.fp_max_size' 
      (default 1042) have been added to cap the maximum size of RSA and EC keys.
    - RSA modulus are now checked to be provably composite using the enhanced MR probable prime test.
    - Imported EC Fp basis values are now validated against the MR prime number test before use. The certainty level 
      of the prime test can be determined by 'org.bouncycastle.ec.fp_certainty' (default 100).
    - The BC entropy thread now has a specific name: 'BC-ENTROPY-GATHERER'.
    - Utility methods have been added for joining/merging PGP public keys and signatures.
    - Blake3-256 has been added to the BC provider.
    - DTLS: optimisation to delayed handshake hash.
    - Further additions to the ETSI 102 941 support in the ETSI/ITS package: certification request, signed message 
      generation and verification now supported.
    - CMSSignedDataGenerator now supports the direct generation of definite-length data.
    - The NetscapeCertType class now has a hasUsages() method on it for querying usage settings on its bit string.
    - Support for additional input has been added for deterministic (EC)DSA.
    - The OpenPGP API provides better support for subkey generation.
    - BCJSSE: Added boolean system properties
      'org.bouncycastle.jsse.client.dh.disableDefaultSuites' and
      'org.bouncycastle.jsse.server.dh.disableDefaultSuites'.
      Default 'false'. Set to 'true' to disable inclusion of DH
      cipher suites in the default cipher suites for client/server
      respectively.
    - GCM-SIV has been added to the lightweight API and the provider.
    - Blake3 has been added to the lightweight API.
    - The OpenSSL PEMParser can now be extended to add specialised parsers.
    - Base32 encoding has now been added, the default alphabet is from RFC 4648.
    - The KangarooTwelve message digest has been added to the lightweight API.
    - An implementation of the two FPE algorithms, FF1 and FF3-1 in SP 800-38G has been added to the lightweight API 
      and the JCE provider.
    - An implementation of ParallelHash has been added to the lightweight API.
    - An implementation of TupleHash has been added to the lightweight API.
    - RSA-PSS now supports the use of SHAKE128 and SHAKE256 as the mask generation function and digest.
    - ECDSA now supports the use of SHAKE128 and SHAKE256.
    - PGPPBEEncryptedData will now reset the stream if the initial checksum fails so another password can be tried.
    - Iterators on public and secret key ring collections in PGP now reflect the original order of the public/secret 
      key rings they contain.
    - KeyAgreeRecipientInformation now has a getOriginator() method for retrieving the underlying orginator 
      information.
    - PGPSignature now has a getDigestPrefix() method for people wanting exposure to the signature finger print 
      details.
    - The old BKS-V1 format keystore is now disabled by default. If you need to use BKS-V1 for legacy reasons, it can 
      be re-enabled by adding: org.bouncycastle.bks.enable_v1=true to the java.security file. We would be interested 
      in hearing from anyone that needs to do this.
    - PLAIN-ECDSA now supports the SHA3 digests.
    - Some highlevel support for RFC 4998 ERS has been added for ArchiveTimeStamp and EvidenceRecord. The new classes 
      are in the org.bouncycastle.tsp.ers package.
    - ECIES has now also support SHA256, SHA384, and SHA512.
    - digestAlgorithms filed in CMS SignedData now includes counter signature digest algorithms where possible.
    - A new property 'org.bouncycastle.jsse.config' has been added which can be used to configure the BCJSSE provider 
      when it is created using the no-args constructor.
    - In line with changes in OpenSSL 1.1.0, OpenSSLPBEParametersGenerator can now be configured with a digest.
    - PGPKeyRingGenerator now includes a method for adding a subkey with a primary key binding signature.
    - Support for ASN.1 PRIVATE tags has been added.
    - Performance enhancements to Nokeon, AES, GCM, and SICBlockCipher.
    - Support for ecoding/decoding McElieceCCA2 keys has been added to the PQC API
    - BCJSSE: Added support for jdk.tls.maxCertificateChainLength system property (default is 10).
    - BCJSSE: Added support for jdk.tls.maxHandshakeMessageSize system property (default is 32768).
    - BCJSSE: Added support for jdk.tls.client.enableCAExtension (default is 'false').
    - BCJSSE: Added support for jdk.tls.client.cipherSuites system property.
    - BCJSSE: Added support for jdk.tls.server.cipherSuites system property.
    - BCJSSE: Extended ALPN support via standard JSSE API to JDK 8 versions after u251/u252.
    - BCJSSE: Key managers now support EC credentials for use with TLS 1.3 ECDSA signature schemes (including 
      brainpool).
    - TLS: Add TLS 1.3 support for brainpool curves per RFC 8734.
    - BCJSSE: Added support for system property com.sun.net.ssl.requireCloseNotify. Note that we are using a 
      default value of 'true'.
    - BCJSSE: 'TLSv1.3' is now a supported protocol for both client and server. For now it is only enabled by default 
      for the 'TLSv1.3' SSLContext, but can be explicitly enabled using 'setEnabledProtocols' on an SSLSocket or 
      SSLEngine, or via SSLParameters.
    - BCJSSE: Session resumption is now also supported for servers in TLS 1.2 and earlier. For now it is disabled by 
      default, and can be enabled by setting the boolean system property 
      org.bouncycastle.jsse.server.enableSessionResumption to 'true'.
    - The provider RSA-PSS signature names that follow the JCA naming convention.
    - FIPS mode for the BCJSSE now enforces namedCurves for any presented certificates.
    - PGPSignatureSubpacketGenerator now supports editing of a pre-existing sub-packet list.
    - Performance improvement of Argon2 and Noekeon
    - A setSessionKeyObfuscation() method has been added to PublicKeyKeyEncryptionMethodGenerator to allow turning 
      off of session key obfuscation (default is on, method primarily to get around early version GPG issues 
      with AES-128 keys)
    - Implemented 'safegcd' constant-time modular inversion (as well as a variable-time variant). It has replaced 
      Fermat inversion in all our EC code, and BigInteger.modInverse in several other places, particularly signers. 
      This improves side-channel protection, and also gives a significant performance boost
    - Performance of custom binary ECC curves and Edwards Curves has been improved
    - BCJSSE: New boolean system property 'org.bouncycastle.jsse.keyManager.checkEKU' allows to disable 
      ExtendedKeyUsage restrictions when selecting credentials (although the peer may still complain)
    - Initial support has been added for 'Composite Keys and Signatures For Use In Internet PKI' using the test OID. 
      Please note there will be further refinements to this as the draft is standardised
    - The BC EdDSA signature API now supports keys implementing all methods on the EdECKey and XECKey interfaces 
      directly
    - Further optimization work has been done on GCM
    - A NewHope based processor, similar to the one for Key Agreement has been added for trying to 'quantum hard' 
      KEM algorithms
    - PGP clear signed signatures now support SHA-224
    - Treating absent vs NULL as equivalent can now be configured by a system property. By default this is not enabled
    - Mode name checks in Cipher strings should now make sure an improper mode name always results in a 
      NoSuchAlgorithmException
    - In line with changes in OpenSSL, the OpenSSLPBKDF now uses UTF8 encoding
    - The qTESLA signature algorithm has been updated to v2.8 (20191108).
    - BCJSSE: Client-side OCSP stapling now supports status_request_v2 extension.
    - Support has been added for 'ocsp.enable', 'ocsp.responderURL' and PKIXRevocationChecker for users of 
      Java 8 and later.
    - Support has been added for 'org.bouncycastle.x509.enableCRLDP' to the PKIX validator.
    - BCJSSE: Now supports system property 'jsse.enableFFDHE'
    - BCJSSE: Now supports system properties 'jdk.tls.client.SignatureSchemes' and 'jdk.tls.server.SignatureSchemes'.
    - Multi-release support has been added for Java 11 XECKeys.
    - Multi-release support has been added for Java 15 EdECKeys.
    - The MiscPEMGenerator will now output general PrivateKeyInfo structures.
    - A new property 'org.bouncycastle.pkcs8.v1_info_only' has been added to make the provider only produce version 1 
      PKCS8 PrivateKeyInfo structures.
    - The PKIX CertPathBuilder will now take the target certificate from the target constraints if a specific 
      certificate is given to the selector.
    - BCJSSE: A range of ARIA and CAMELLIA cipher suites added to supported list.
    - BCJSSE: Now supports the PSS signature schemes from RFC 8446 (TLS 1.2 onwards).
    - Performance of the Base64 encoder has been improved.
    - The PGPPublicKey class will now include direct key signatures when checking for key expiry times.
    - LMS and HSS (RFC 8554) support has been added to the low level library and the PQC provider.
    - SipHash128 support has been added to the low level library and the JCE provider.
    - BCJSSE: BC API now supports explicitly specifying the session to resume.
    - BCJSSE: Ed25519, Ed448 are now supported when TLS 1.2 or higher is negotiated (except in FIPS mode).
    - BCJSSE: Added support for extended_master_secret system properties: jdk.tls.allowLegacyMasterSecret, 
      jdk.tls.allowLegacyResumption, jdk.tls.useExtendedMasterSecret.
    - BCJSSE: Ed25519, Ed448 are now supported when TLS 1.2 or higher is negotiated (except in FIPS mode).
    - BCJSSE: KeyManager and TrustManager now check algorithm constraints for keys and certificate chains.
    - BCJSSE: KeyManager selection of server credentials now prefers matching SNI hostname (if any).
    - BCJSSE: KeyManager may now fallback to imperfect credentials (expired, SNI mismatch).
    - BCJSSE: Client-side OCSP stapling support (beta version: via status_request extension only, provides 
      jdk.tls.client.enableStatusRequestExtension, and requires CertPathBuilder support).
    - TLS: DSA in JcaTlsCrypto now falls back to stream signing to work around NoneWithDSA limitations in 
      default provider.
  * Notes
    - The deprecated QTESLA implementation has been removed from the BCPQC provider.
    - The submission update to SPHINCS+ has been added. This changes the generation of signatures - particularly 
      deterministic ones.
    - While this release should maintain source code compatibility, developers making use of some parts of the ASN.1 
      library will find that some classes need recompiling. Apologies for the inconvenience.
    - There is a small API change in the PKIX package to the DigestAlgorithmIdentifierFinder interface as a find() 
      method that takes an ASN1ObjectIdentifier has been added to it. For people wishing to extend their own 
      implementations, see DefaultDigestAlgorithmIdentifierFinder for a sample implementation.
    - A version of the bcmail API supporting Jakarta Mail has now  been added (see bcjmail jar).
    - Some work has been done on moving out code that does not need to be in the provider jar. This has reduced the 
      size of the provider jar and should also make it easier for developers to patch the classes involved as they no 
      longer need to be signed. bcpkix and bctls are both dependent on the new bcutil jar.
    - The qTESLA update breaks compatibility with previous versions. Private keys now include a hash of the public 
      key at the end, and signatures are no longer interoperable with previous versions.
- Add build dependencies on mvn(jakarta.activation:jakarta.activation-api) and mvn(jakarta.mail:jakarta.mail-api)
- Remove unneeded script bouncycastle_getpoms.sh from sources
- Build against the standalone JavaEE modules unconditionally
- Build with source/target levels 8
- Add glassfish-activation-api dependency so that we can build with JDK that does not contain the JavaEE modules
- Add bouncycastle_getpoms.sh to get pom files from Maven repos
- Add OSGi manifests to the distributed jars so that they can be used from eclipse (default enabled protocols).

bsf:

- Provide bsf 2.4.0 and solve installation issues. (jsc#SLE-23217)
- There are no source changes.

bsh2:

- Provide bsh2 2.0.0.b6 and solve installation issues. (jsc#SLE-23217)
- There are no source changes.

cal10n:

- Update cal10n from version 0.7.7 to version 0.8.1.10. (jsc#SLE-23217)
  * Fetch sources using source service from ch.qos git
  * Upgrade to the 10th commit after 0.8.1 calling it 0.8.1.10
  * Add the cal10n-ant-task to built artifacts
  * This release adds JSR-269 support. In other words, verification of bundles can be performed at compilation time. 
    See the related documentation for more details.
  * Fix issue with Eclipse not finding existing resources. Eclipse will find bundles located under 
    'src/main/resources' but still fail to find bundles located under 'src/test/resources/'.
  * When reading in bundles, the verify method in MessageKeyVerifier now uses the locale passed as parameter instead 
    of always Locale.FR.
    * Update build.xml-0.7.7.tar.xz to build.xml-0.8.1.tar.xz with references to version 0.8.1 to build correctly 
      versioned jar files.

cbi-plugins:

- Build only on architectures where eclipse is supported. (jsc#SLE-23217)
- Do not build against the legacy version of guava any more. (jsc#SLE-23217)
- Fix build with newer auto version by adding the auto-value-annotations artifact to the dependencies

cdi-api:

- Update cdi-api from version 1.2 to version 2.0.2. (jsc#SLE-23217)
  * Build with java source and target levels 8
  * Remove dependency on glassfish-el

cglib:

- Update cglib from version 3.2.4 to version 3.3.0. (jsc#SLE-23217)
  * Remove links between artifacts and their parent since we are not building with maven
  * Don't inject <optional>true</optional> in cglib pom, as 3.3.0 already provides that option and it 
    makes the POM xml incorrect.

checker-qual:

- Provide checker-qual version 3.22.0. (jsc#SLE-23217)
  * Checker Qual contains annotations (type qualifiers) that a programmer writes to specify Java code for 
    type-checking by the Checker Framework.
  * This is a dependency of Guava

classmate:

- Provide classmate version 1.5.1 (jsc#SLE-23217)

codemodel:

- Provide codemodel version 2.6 (jsc#SLE-23217)

codenarc:

- Do not generate test stubs by gmavenplus-plugin, since we are not building or running tests during build. 
- Build with source and target levels 8 (jsc#SLE-23217)

concurrentlinkedhashmap-lru:

- Provide concurrentlinkedhashmap-lru version 1.3.2 (jsc#SLE-23217)

decentxml:

- Build with source and target levels 8 (jsc#SLE-23217)

dom4j:

- Build against the standalone JavaEE modules unconditionally. (jsc#SLE-23217)
- Add alias to the new artifact coordinates org.dom4j:dom4j. (jsc#SLE-23217)
- Add jaxb-api dependency for relevant distribution versions so that we can build with JDKs that do not include the 
  JavaEE modules. (jsc#SLE-23217)

ecj:

- Update ecj from version 4.12 to version 4.18. (jsc#SLE-23217)
  * the encoding needs to be set for all JDK versions
  * Upgrade to eclipse 4.18 ecj
  * Switch java14api to java15api to be compatible to JDK 15
  * Switch to JDK 11 for build a JDK 8 is not supported anymore by ecj
  * Switch java10api to java14api to be compatible to JDK 14

eclipse:

- Update eclipse from version 4.9.0 to version 4.15. (jsc#SLE-23217)
  * Force building with Java 11, since tycho is not knowing about any Java >= 15
  * Add support for riscv64
  * Allow building with objectweb-asm 9.x
  * Do not require Java10 APIs artifact when building with java 11
  * Fix unresolved symbols when trying to load libkeystorelinuxnative.so on platforms that have it
  * Build only on 64-bit architectures, since 32-bit support was dropped upstream
  * Fix build with gcc 10
  * Build against jgit, since jgit-bootstrap does not exist
  * The dependencies of felix-scr changed. So stop linking xpp3 and kxml and link osgi.cmpn as symlink plugins.
  * Filter out the *SUNWprivate_1.1* symbols from requires 

eclipse-ecf:

- Update eclipse-ecffrom version 3.14.1 to version 3.14.8. (jsc#SLE-23217)
  * Build against jgit, since jgit-bootstrap does not exist
  * Allow building with objectweb-asm 9.x
  * Force building with Java 11, since tycho is not knowing about any Java >= 15

eclipse-egit:

- Update eclipse-egit from version 5.1.3 to version 5.11.0. (jsc#SLE-23217)
  * Needed because of change of eclipse-jgit to 5.11.0
  * Force building with Java 11, since tycho is not knowing about any Java >= 15
  * Build only on 64-bit architectures, since 32-bit support was dropped upstream

eclipse-emf:

- Update eclipse-emf from version 2.15.0~gitd1e5fdd to version 2.22.0. (jsc#SLE-23217)
  * Build against jgit, since jgit-bootstrap does not exist
  * Force building with Java 11, since tycho is not knowing about any Java >= 15
  * Build only on 64-bit architectures, since 32-bit support was dropped upstream

eclipse-jgit:

- Update eclipse-jgit from version 5.1.3 to version 5.11.0. (jsc#SLE-23217)
  * Fix build against apache-sshd 2.7.0
  * Restore java 8 compatibility when building with java 9+
  * Split the build into two spec files instead of multibuild. One produces the maven artifacts, the jgit 
    command-line and the other produces eclipse features.
  
eclipse-license:

- Update eclipse-license from version 2.0.1 to version 2.0.2. (jsc#SLE-23217)
  * Build only on architectures where eclipse is supported
  * Force building with Java 11, since tycho is not knowing about any Java >= 15
  * Update the eclipse-license2 feature to 2.0.0

eclipse-swt:

- Provide eclipse-swt version 4.9.0 for i586 architecture. (jsc#SLE-23217)

ed25519-java:

- Provide ed25519-java version 0.3.0. (jsc#SLE-23217)

ee4j:

- Provide ee4j veersion 1.0.7

exec-maven-plugin:

- Update exec-maven-plugin from version 1.6.0 to version 3.0.0. (jsc#SLE-23217)

extra166y:

- Build with source and target levels 8 (jsc#SLE-23217)

ezmorph:

- Do not build against the log4j12 packages. (jsc#SLE-23217)
- Build with source and target levels 8. (jsc#SLE-23217)

felix-bundlerepository:

- Provide felix-bundlerepository version 2.0.10. (jsc#SLE-23217)

felix-gogo-command:

- Remove forcing of maven.compiler.release, since it is not needed anymore. (jsc#SLE-23217)

felix-gogo-runtime:

- Rewrite the build system to ant so that is it possible to eventually avoid build cycles with maven-plugin-bundle 
  built against felix-bundlerepository. (jsc#SLE-23217)

felix-osgi-compendium:

- Build with source and target levels 8 (jsc#SLE-23217)

felix-osgi-foundation:

- Build with source and target levels 8 (jsc#SLE-23217)

felix-osgi-obr:

- Provide felix-osgi-obr version 1.0.2. (jsc#SLE-23217)

felix-scr:

- Update felix-scr from version 2.0.14 to version 2.1.16. (jsc#SLE-23217)
  * Drop dependencies on kxml and xpp, use the system SAX implementation instead
  * Do not embed dependencies, use import-package instead

felix-shell:

- Rewrite the build system to ant so that is it possible to eventually avoid build cycles with maven-plugin-bundle 
  built against felix-bundlerepository. (jsc#SLE-23217)
- Build against OSGi R7 APIs

felix-utils:

- Update felix-utils from version 1.10.4 to version 1.11.4. (jsc#SLE-23217)
  * Migrate away from the old felix-osgi implementation

fmpp:

- Build with source and target levels 8 (jsc#SLE-23217)

freemarker:

- Update freemarker from version 2.3.28 to version 2.3.31. (jsc#SLE-23217)
  * Fix build with javacc 7.0.11
  * Package the manual. Add build dependency on docbook5-xsl-stylesheets
  * On supported platforms, avoid building with OpenJ9, in order to prevent build cycles

geronimo-specs:

- Set version for the specs comming from tag 1_1_1 in order to avoid unexpanded version macros in pom files.
- On supported platforms, avoid building with OpenJ9, in order to prevent build cycles.

glassfish-activation:

- Provide glassfish-activation version 1.2.0. (jsc#SLE-23217)

glassfish-annotation-api:

- Build with source and target levels 8 (jsc#SLE-23217)

glassfish-dtd-parser:

- Provide glassfish-dtd-parser version 1.4 (jsc#SLE-23217)

glassfish-fastinfoset:

- Provide glassfish-fastinfoset version 1.2.15. (jsc#SLE-23217)

glassfish-jaxb-api:

- Provide glassfish-activation version 2.4.0. (jsc#SLE-23217)

glassfish-jaxb:

- Provide glassfish-jaxb version 2.3.1. (jsc#SLE-23217)

glassfish-jax-rs-api:

- Change the tarball location, since the old location does not work anymore

glassfish-jsp:

- Build with source and target levels 8 (jsc#SLE-23217)

glassfish-servlet-api:

- Provide glassfish-servlet-api 3.1.0 and solve installation issues. (jsc#SLE-23217)
- There are no source changes.

glassfish-transaction-api:

- Build with target source and target levels 8. (jsc#SLE-23217)
- Specify specMode=javaee to be able to use newer spec-version-maven-plugin.

gmavenplus-plugin:

- Update gmavenplus-plugin from version 1.5 to version 1.13.1. (jsc#SLE-23217)
  * Relevant fixes:
    + Using bindAllProjectProperties and bindSessionUserOverrideProperties together can cause an NPE.
    + Certain AST transformations had classloader issues  because 1.12.0 was no longer setting the context classloader.
    + The classloader project dependencies are loaded onto is
      reused between modules, so each module was a superset of all
      modules that preceded it. Also, the console, execute, and
      shell mojos didn't pass the classloader to use into the
      instantiated GroovyConsole/GroovyShell, so it accidentally was
      using the plugin classloader, even when configured to use
      PROJECT_ONLY classpath.
      Potentially breaking changes: This should be a non-breaking change (except for unusual situations that were 
      relying on the previous incorrect behavior). However, since it's a significant change, there's a version bump 
      for highlighitng the potential issue.
    + Disable system exits by default, to avoid potential thread safety issues.
      * Potentially breaking changes: changes the default of not allowing System.exits to allowing them.
  * Enhancements:
    + Add support for targetting Java 10, 11, 13, 14, 15, 17, 18.
    + Update Ant from 1.10.8 to 1.10.11.
    + Update Jansi to 2.x.
    + Change JDK compatibility check to also account for Java 16.
    + Some tweaks for Groovy 4 (most notably, invokedynamic is enabled by default for Groovy 4 and cannot be disabled).
    + New parameter (attachGroovyDocAnnotation) to enable attaching GroovyDoc annotation.
    + New parameter (parallelParsing) to enable parallel parsing (enabled by default with Groovy 4).
    + Remove previewFeatures parameter from stub generation goals, since it's not used there.
    + Ability to override classes used to generate GroovyDoc (#91)
    + Ability to override GStringTemplates used for GroovyDoc (#105)
    + Ability to bind overridden properties (by binding project properties and/or session user properties) (#72)
    + Ability to load a script when launching GroovyConsole (#165)
    + Change default GroovyDoc jar artifact type to javadoc, so its
      extension gets set to 'jar' by the artifact handler instead of
      'groovydoc' by the default handler logic which uses the type
      for the extension in the case of unknown types (#151).
    + Add skipBytecodeCheck property and parameter, so if a Java
      version comes out the plugin doesn't recognize, you can use it
      without having to wait for an update.
    + Use groovy.ant.AntBuilder instead of groovy.util.AntBuilder (if available).
    + Support Java preview features (#125)
    + New goals to create GroovyDoc jars (#124)
    + Use the new 'groovy.console.ui.Console' package, if available, fall back to 'groovy.ui.Console'
    + [36] - Allow script files to be executed as filenames as well
      as URLs (see Significant changes of note for an example)
    + [41] - Verify Groovy version supports target bytecode (See
      Potentially breaking changes for a description)
    + [46] - Remove scriptExtensions config option
    + [31/58] - Goals not consistantly named / IntelliJ improperly
      adding stub directories to sources
    + [61] - You can now skip Groovydoc generation with new
      skipGroovyDoc property (Thanks rvenutolo!)
    + [45] - GROOVY-7423 (JEP 118) Support (requires Groovy
      2.5.0-alpha-1 or newer and enabled with new parameters boolean
      property)
   * Potentially breaking changes:
     + 46 will break your build if you are using scriptExtensions.
       But the fix is simple, just the delete the configuration option and GMavenPlus will automatically do the right 
       thing.
     + 41 will break your build if you were passing an invalid target bytecode. GMavenPlus will no longer allow Groovy 
       to silently default to 1.4 or 1.5. It will verify that the bytecode is supported by your Groovy version (that 
       is, the option exists in org.codehaus.groovy.control.CompilerConfiguration), and fail if it isn't.
     + 58 will require renaming goals testGenerateStubs to
       generateTestStubs and testCompile to compileTests. IntelliJ has hard-coded the goal names in their plugin, 
       and these names will make IntelliJ work with both GMaven and GMavenPlus.
     + In order to support using the latest Maven plugins (and to make GMavenPlus easier to maintain), GMavenPlus 
       now requires Java 6 or newer and Maven 3.0.1 or newer (previously was Java 5 or newer and Maven 2.2.1 or newer).
     + testStubsOutputDirectory and stubsOutputDirectory inadvertently got renamed to outputDirectory, which conflicts 
       with the configuration in the compile and compileTests goals.
       You may need to setup separate executions with separate configurations for each if you need to set that 
       configuration option.
     + The Jansi upgrade should generally be compatible, but could cause issues with scripts that were using Jansi 1.x 
       specific classes.
     + If you were using the previewFeatures parameter without also
      including a compilation goal that would make that config
      valid, the build will fail because it's no longer a valid
      parameter. The fix would be to move that configuration to the
      appropriate execution(s).
     + GroovyDoc jars and test GroovyDoc jars will now be of type
      'javadoc' and have extension 'jar'.  Rather than type and
      extension 'groovydoc'.  If you do not wish to transition to
      this new behavior, set the new artifactType or
      testArtifactType property to 'groovydoc' to revert to the
      previous behavior.
      Notes: while the artifact type of GroovyDoc jars has changed, the
      Maven classifier has not. It remains 'groovydoc', and you can
      still override that, just as before.
     + maven.groovydoc.skip property was renamed to skipGroovydoc so
      it matches the pattern of the other properties and won't seem
      to imply it's a property for a standard Maven plugin.
     + Using groovy.ant.AntBuilder instead of groovy.util.AntBuilder (when available on classpath).
     + Bundling Ant 1.10.7 instead of 1.10.5.
     + Bundling Ivy 2.5.0 instead of 2.4.0.
     + If you were using useSharedClasspath before, you will
      need to replace it with new values. Please, check the docuemntation for the full details.
     + Another notable difference is that when using this new
      configuration parameter in compile, compileTests,
      generateStubs, or generateTestStubs goals, now also uses the
      configurator to add the project dependencies to the classpath
      with the plugin's dependencies. Previously, this only happened
      in the goals other than the ones mentioned.
     + corrects an inadvertent breaking change made in 1.6.0
      Please, check the documentation the full list of changes.
     + In addition, unused parameters have been removed:
       * addSources
         * -> skipTests
         * -> testSources
       * addStubSources
         * -> skipTests
         * -> sources
         * -> testSources
       *  addTestSources
         * -> outputDirectory
         * -> skipTests
         * -> sources
       * addTestStubSources
         * -> sources
         * -> testSources
       * compile
         * -> skipTests
         * -> testSources
       * compileTests
         * -> sources
       * console
         * -> skipTests
       * execute
         * -> skipTests
       * generateStubs
         * -> skipTests
         * -> testSources
       * generateTestStubs
         * -> sources
       * groovydoc
         * -> skipTests
         * -> testSources
         * -> testGroovyDocOutputDirectory
       * groovydocTests
         * -> skipTests
         * -> sources
       * removeStubs
         * -> skipTests
         * -> sources
         * -> testSources
       * removeTestStubs
         * -> sources
         * -> testSources
       * shell
         * -> skipTests
     + Lastly, addTestStubSources and removeTestStubs now respect the skipTests flag, for consistency.
  * Notes:
    + Now officially requires Java 7 instead of 6. This is not a breaking change, however, since this was actually 
      already required because of plexus-classworlds. This just wasn't discovered until an enforcer rule was added 
      to check bytecode versions of dependencies.

gmetrics:

- Do not generate test stubs by gmavenplus-plugin, since we are not building or running tests during 
  build. (jsc#SLE-23217)

google-errorprone-annotations:

- Provide google-errorprone-annotations 2.11.0. (jsc#SLE-23217)
  * This is a new dependency of Guava

google-gson:

- Update google-gson to version 2.8.9. (jsc#SLE-24261)
  * Make OSGi bundle's dependency on sun.misc optional.
  * Deprecate Gson.excluder() exposing internal Excluder class.
  * Prevent Java deserialization of internal classes.
  * Improve number strategy implementation.
  * Fix LongSerializationPolicy null handling being inconsistent with Gson.
  * Support arbitrary Number implementation for Object and Number deserialization.
  * Bump proguard-maven-plugin from 2.4.0 to 2.5.1.
  * Fix RuntimeTypeAdapterFactory depending on internal Streams class.
  * Build with Java >= 9 in order to produce a modular jar by compiling the module-info.java sources with all other
    classes built with release 8 and still compatible with Java 8

google-guice:

- Avoid using xmvn-resolve and xmvn-install in order to avoid build cycles with new dependencies in dependent packages
- Build only the NO_AOP version of the guice.jar and alias accordingly so that it provides both (jsc#SLE-23217)
- Build with source/target 8 so that the default override from the interface can be used
- Build javadoc with source level 8
- Do not build against the compatibility guava20 (jsc#SLE-23217)

google-http-java-client:

- Build with source and target levels 8 (jsc#SLE-23217)

google-oauth-java-client:

- Build with source and target levels 8 (jsc#SLE-23217)

gpars:

- Do not force building with java <= 15, since we now can run gradle-bootstrap with Java 17 too. (jsc#SLE-23217)
- Build against the org.jboss.netty:netty artifact, since the compat versions are not existing any more
- Build with source and target levels 8

gradle-bootstrap:

- Update gradle-bootstrap from version 2.4.16 to version 2.4.21. (jsc#SLE-23217)
  * Regenerate to account for changes in gradle and groovy packages
  * Modify the launcher so that gradle-bootstrap can work with Java 17
  * Adapt to the change in jline/jansi dependencies of gradle
  * The org.jboss.netty:netty artifact does not exist any more under compatibility versions
  * Regenerate to account for maven-resolver upgrade to 1.7.3 and the new added maven-resolver-named-locks artifact
  * Regenerate to account for aqute-bnd upgrade to 5.1.1 and related changes in other libraries
  * Regenerate to account for guava upgrade to 30.1.1
  * Regenerate to account for groovy upgrade to 2.4.21

gradle:

- Allow actually build gradle using Java 16+
- Modify the launcher so that gradle can work with Java 17
- Do not force building with java <= 15, since we now can run gradle-bootstrap with Java 17 too. (jsc#SLE-23217)
- Build against jansi 2.x
- Remove the jansi-native and hawtjni-runtime dependencies, since jansi 2.x does not depend on them
- Fix build with maven-resolver 1.7.x
- Remove from build dependencies some artifacts that are not needed
- Add osgi-compendium to the dependencies, since newer qute-bnd uses it
- Do not build against the legacy guava20 package any more
- Port gradle 4.4.1 to guava 30.1.1
- Set source level to 1.8, since guava 30 uses default functions in interfaces, which is Java 8+ feature

groovy:

- Solve illegal reflective access with Java 16+
- Do not force building with java <= 15, since we now can run gradle-bootstrap with Java 17 too. (jsc#SLE-23217)
- Add the content of org.gradle.jvmargs to to the forked jvm in root compileJava task
- Fixes build with Java 17
- Port to build against jansi 2.4.0
- Build the whole with java source and target levels 8
- Resolve parameter ambiguities with recent Java versions
- Remove a bogus dependency on old asm3

groovy18:

- Fix build against jansi 2.4.0
- Port to use jline 2.x instead of 1.x
- Do not fork the groovyc and java tasks in the ant build.xml file, so that the ANT_OPTS are propagated to the tasks
- Fix build with jdk17
- Build with source and target levels 8. (jsc#SLE-23217)
- Cast to Collection to help compiler to resolve ambiguities with new JDKs
- Remove dependency on the old asm3

guava20:

- Build with java source and target levels 8. (jsc#SLE-23217)
- Add bundle manifest to the guava jar so that it might be usable from eclipse

guava:

- Update Guava from version 25.0 to version 30.1.1. (jsc#SLE-23217)
  * CVE-2020-8908: A temp directory creation vulnerability allows an attacker with access to the machine to 
    potentially access data in a temporary directory created by the Guava 
    com.google.common.io.Files.createTempDir(). (bsc#1179926)
  * Remove parent reference from ALL distributed pom files

hamcrest:

- Build with source/target levels 8
- Fix build with jdk17

hawtjni-maven-plugin:

- Update hawtjni-maven-pluginfrom version 1.17 to version 1.18. (jsc#SLE-23217)
  * Build with java source and target levels 8
  * Use commons-lang3 instead of the old commons-lang

hawtjni-runtime:

- Update hawtjni-runtime from version 1.17 to version 1.18. (jsc#SLE-23217)
  * Build with java source and target levels 8              
  * Use commons-lang3 instead of the old commons-lang
  * Use in the path of hawtjni-generator the asm-all.jar that is not modular. This solves some problems with ASM 
    version mismatch.

http-builder:

- Build with source and target levels 8. (jsc#SLE-23217)
- Do not require gmavenplus-plugin, since it is only necessary to generate test stubs, but we do not run tests during 
  build

httpcomponents-client:

- Update httpcomponents-client from version 4.5.6 to version 4.5.12. (jsc#SLE-23217)
  * Build with source/target levels 8

httpcomponents-core:

- Update httpcomponents-core from version 4.4.10 to version 4.4.13. (jsc#SLE-23217)
  * Build with source/target levels 8

icu4j:

- Update icu4j from version 63.1 to version 71.1. (jsc#SLE-23217)
  * Remove build-dependency on java-javadoc, since it is not necessary with this version.
  * Updates to CLDR 41 locale data with various additions and corrections.
  * Adds phrase-based line breaking for Japanese. Existing line breaking methods follow standards and conventions for 
    body text but do not work well for short Japanese text, such as in titles and headings. This new feature is 
    optimized for these use cases.
  * Adds support for Hindi written in Latin letters (hi_Latn). The CLDR data for this increasingly popular locale has 
    been significantly revised and expanded. Note that based on user expectations, hi_Latn incorporates a large amount 
    of English, and can also be referred to as 'Hinglish'.
  * ICU 71 and CLDR 41 are minor releases, mostly focused on bug fixes and small enhancements.
  * Updates to the time zone data version 2022a. Note that pre-1970 data for a number of time zones has been removed, 
    as has been the case in the upstream tzdata release since 2021b.
  * Unicode 13 (ICU-20893, same as in ICU 66)
  * CLDR 37
    + New language at Modern coverage: Nigerian Pidgin
    + New languages at Basic coverage: Fulah (Adlam), Maithili, Manipuri, Santali, Sindhi (Devanagari), Sundanese
    + Unicode 13 root collation data and Chinese data for collation and transliteration
  * DateTimePatternGenerator now obeys the 'hc' preference in the locale identifier (ICU-20442)
  * Various other improvements for ECMA-402 conformance
  * Number skeletons have a new 'concise' form that can be used in MessageFormat strings (ICU-20418)
  * Currency formatting options for formal and other currency display name variants (ICU-20854)
  * ListFormatter: new public API to select the style and type
  * Locale ID canonicalization upgraded to implement the complete CLDR spec (ICU-20834, ICU-20272)
  * LocaleMatcher: New option to ignore one-way matches, and other tweaks to the code and data

isorelax:

- Build with java target and source version 1.8 (jsc#SLE-23217)

istack-commons:

- Provide istack-commons version 3.0.7 (jsc#SLE-23217)

j2objc-annotations:

- Provide j2objc-annotations version 2.2 (jsc#SLE-23217)
  * This is a new dependency of Guava

jackson-modules-base:

- Provide jackson-modules-base version 2.13.3 (jsc#SLE-23217)

jackson-parent:

- Update jackson-parent from version 2.10 to version 2.13. (jsc#SLE-23217)
  * Add 'mvnw' wrapper
  * 'JsonSubType.Type' should accept array of names
  * Jackson version alignment with Gradle 6
  * Add '@JsonIncludeProperties'
  * Add '@JsonTypeInfo(use=DEDUCTION)'
  * Ability to use '@JsonAnyGetter' on fields
  * Add '@JsonKey' annotation
  * Allow repeated calls to 'SimpleObjectIdResolver.bindItem()' for same mapping 
  * Add 'namespace' property for '@JsonProperty' (for XML module)
  * Add target 'ElementType.ANNOTATION_TYPE' for '@JsonEnumDefaultValue' (was missing for some reason)
  * 'JsonPattern.Value.pattern' retained as '', never (accidentally) exposed as 'null'
  * Remove `jackson-annotations` baseline dependency, version
  * Upgrade to oss-parent 43 (jacoco, javadoc plugin versions)
  * Remove managed junit version (due to [jackson-bom#43]), promoted higher up on parent pom stack (to 'jackson-base')
  * JDK baseline now JDK 8

jackson:

- Remove all dependencies on asm3
- Build with java source and target levels 1.8 (jsc#SLE-23217)
- Do not hardcode source and target levels, so that they can be overriden on command-line
- Set classpath correctly so that the project builds with standalone JavaEE modules too

jakarta-activation:

- Provide jakarta-activation version 2.1.0. (jsc#SLE-23217)
  * Required by bouncycastle-jmail.

jakarta-commons-discovery:

- Distribute commons-discovery as maven artifact
- Build with source and target levels 8
- Added build support for Enterprise Linux.


jakarta-commons-modeler:

- Update jakarta-commons-modeler from version 2.0 to version 2.0.1. (jsc#SLE-23217)
  * Build with java source and target levels 8
  * Modeler 2.0.1 is binary and source compatible with Modeler 2.0

jakarta-mail:

- Provide jakarta-mail version 2.1.0. (jsc#SLE-23217)
  * Requrired by bouncycastle-jmail.

jakarta-taglibs-standard:

- Provide jakarta-taglibs-standard 1.1.1 and solve installation issues. (jsc#SLE-23217)
- There are no source changes.

jandex:

- Provide jandex version 2.4.2. (jsc#SLE-23217)

janino:

- Update janino from version 2.7.8 to version 3.1.6. (jsc#SLE-23217)
  * Build with source and target levels 8
  * Require javapackages-tools
  * Provide commons-compiler subpackage that is needed by gradle

jansi-native:

- Build with source and target levels 8 (jsc#SLE-23217)

jansi:

- Update jansi from version 1.17.1 to version 2.4.0. (jsc#SLE-23217)
  * Build with source and target levels 8
  * Give a possibility to load the native libjansi.so from system
  * Make the jansi package archful since it installs a native library and jni jar
  * Do not depend on jansi-native and hawtjni-runtime
  * Integrates jansi-native libraries

jarjar:

- Filter out the distributionManagement section from pom files, since we use aliases and not relocations
- Drop maven2-plugin. (jsc#SLE-23217)

jatl:

- Build with source and target levels 8 (jsc#SLE-23217)

javacc-maven-plugin:

- Build with source and target levels 8 (jsc#SLE-23217)

javacc:

- Update javacc from version 7.0.4 to version 7.0.11. (jsc#SLE-23217)
  * The following changes are not upward compatible with the previous 7.0.5 version but have a very little impact on 
    existing grammars. Main advantage is to prepare a more smooth upgrade with the upcoming javacc-8.0.0 major release.
    * C++ generation: renaming the option TOKEN_EXTENDS by TOKEN_SUPER_CLASS
    * C++ generation: renaming the option TOKEN_INCLUDES by TOKEN_INCLUDE
    * C++ generation: renaming the option PARSER_INCLUDES by PARSER_INCLUDE
    * C++ generation: renaming the option TOKEN_MANAGER_INCLUDES by TOKEN_MANAGER_INCLUDE
  * Add support for Java7 language features.
  * Allow empty type parameters in Java code of grammar files.
  * LookaheadSuccess creation performance improved.
    * Removing IDE specific files. 
    * Declare trace_indent only if debug parser is enabled.
    * CPPParser.jj grammar added to grammars.
    * Build with Maven is working again.
    * WARNING: Required Java Platform: Standard Edition 7.0: known under Eclipse as JavaSE-1.7
  * Build with source/target levels 8   

java-cup:

- Update java-cup from version 11a to version 11b. (jsc#SLE-23217)
  * Regenerate the generated files with newer flex 
  * Fetch sources using source service

java-cup-bootstrap:
- Update java-cup-bootstrap from version 11a to version 11b. (jsc#SLE-23217)
  * Regenerate the generated files with newer flex 
  * Fetch sources using source service

javaewah:

- Build with source and target levels 8 (jsc#SLE-23217)

javamail:

- Add alias to com.sun.mail:jakarta.mail needed by ant-javamail
- Remove all parents, since this package is not built with maven
- Assure that every dependency has a version, or at least 'any' and fixes use with gradle. (jsc#SLE-23217)
- Build against the standalone JavaEE modules unconditionally
- Build with source/target levels 8
- Add glassfish-activation-api dependency for relevant distribution versions to make buildable with JDK that does 
  not contain the JavaEE modules

javapackages-meta:

- Fix requires not to have to redo the package on each javapackages-tools update. (jsc#SLE-23217)

javapackages-tools:

- Update javapackages-tools from version 5.3.0 to version 5.3.1. (jsc#SLE-23217)
  * Let maven_depmap.py generate metadata with dependencies under certain circumstances
  * Fix the python subpackage generation with python-rpm-macro
  * Support python subpackages for each flavor
  * Replace old nose with pytest gh#fedora-java/javapackages#86
  * when building extra flavor, BuildRequire javapackages-filesystem: /etc/java is being cleaned out of the 
    filesystems package.

javaparser:

- Update javaparser from version 3.3.5 to version 3.24.2. (jsc#SLE-23217)
  * Upgrade needed to be able to upgrade jctools and make them not depend hard on Java 8.
    For the full changelog, please refer to the official documentation.

javassist:

- Update javassist from version 3.23.1 to version 3.29.0. (jsc#SLE-23217)
  * Requires java >= 1.8
  * Add OSGi manifest to the javassist.jar
  * For the full changelog, please check the official documentation.

jboss-interceptors-1.2-api:

- Build with source and target levels 8 (jsc#SLE-23217)

jboss-websocket-1.0-api:

- Build with source and target levels 8 (jsc#SLE-23217)

jcache:

- Provide jcache version 1.1.0 (jsc#SLE-23217)

jcifs:

- Build with source and target levels 8 (jsc#SLE-23217)

jcip-annotations:

- Provide jcip-annotations 1.0 and solve installation issues. (jsc#SLE-23217)
- There are no source changes.

jcsp:

- Build with source and target levels 8 (jsc#SLE-23217)

jctools:

- Update jctools from version 2.1.2 to version 3.3.0. (jsc#SLE-23217)
  * Build with java source and target levels 8
  * API Changes:
    * Removed MpscLinkedQueue7 and MpscLinkedQueue8 and consolidated into parent. This removes the need for the 
      builder method on MpscLinkedQueue.
    * Deprecated QueueFactory and spec package classes. These are not used by any users and are only used for 
      testing internally.
    * Removed some internal classes and reduced visibility of internal utilities where practical. The @InternalAPI 
      tagging annotation is also used more extensively to discourage dependency.
    * XADD unbounded mpsc/mpmc queue: highly scalable linked array queues
    * New blocking consumer MPSC
  * Enhancements:
    * Xadd queues consumers can help producers
    * Update to latest JCStress
  * New features:
    * MpscBlockingConsumerArrayQueue
    * After long incubation and following a user request we move counters into core
    * Merging some experimental utils and we add a 'PaddedAtomicLong'
    * MpscBlockingConsumerArrayQueue::offerIfBelowThreshold is added

jdependency:

- Build with source and target levels 8 (jsc#SLE-23217)

jdepend:

- Update jdepend from version 2.9.1 to version 2.10. (jsc#SLE-23217)
  * Specify the source/target levels 8 on ant invocation
  * Official release that includes support for Java 8 constants
  * Updated license from BSD-3 Clause to MIT (as per LICENSE.md file).

jdom:

- Update jdom from version 1.1.1 to version 1.1.6. (jsc#SLE-23217)
  * CVE-2021-33813: XXE issue in SAXBuilder can cause a denial of service via a crafted HTTP request (bsc#1187446)
  * Remove unneeded dependency on glassfish-jaxb-api
  * Build against the standalone JavaEE modules unconditionally
  * Build with source/target levels 8
  * Build against standalone jaxb-api on distributions that have JDK without the JavaEE modules
  * Alias the xom artifact to the new com.io7m.xom groupId
  * Update jaxen to version 1.1.6
  * Increase java stack size to avoid overflow

jdom2:

- Update jdom2 from version 2.0.6 to version 2.0.6.1. (jsc#SLE-23217)
  * CVE-2021-33813: Fixed XXE issue in SAXBuilder that can cause a denial of service via a crafted HTTP request.
    (bsc#1187446)
  * Build with java-devel >= 1.7

jettison:

- Update from version 1.3.7 to version 1.5.3 (jsc#SLE-23217)
- CVE-2022-45685: Fixed stack overflow on malformed input. (bsc#1206400)
- CVE-2022-45693: Fixed stack overflow when creating a JSON from a HashMap. (bsc#1206401)
- CVE-2022-40149: Fixed stack overflow on malformed JSONs. (bsc#1203515)
- CVE-2022-40150: Fixed infinite loop on non-terminated comments. (bsc#1203516)
- Introducing new static methods to set the recursion depth limit
- Incorrect recursion depth check in JSONTokener
- Build with source and target levels 8 

jetty-minimal:

- Update jetty-minimal from version 9.4.43.v20210629 to version 9.4.48.v20220622 (jsc#SLE-23217)
  * CVE-2022-2047: Invalid URI parsing may produce invalid HttpURI.authority. (bsc#1201317)
  * CVE-2022-2048: Invalid HTTP/2 requests can lead to denial of service (bsc#1201316)
  * Make importing of package sun.misc optional since not all jdk versions export it
  * Build with java source and target levels 8
  * Fix javadoc generation on JDK >= 13
  * Option --write-module-graph produces wrong .dot file
  * ArrayTrie getBest fails to match the empty string entry in certain cases
  * For the full set of changes, please check the official documentation.

jetty-websocket:

- Update jetty-websocket from version 9.4.43.v20210629 to version 9.4.48.v20220622 (jsc#SLE-23217)
  * CVE-2022-2047: Invalid URI parsing may produce invalid HttpURI.authority. (bsc#1201317)
  * CVE-2022-2048: Invalid HTTP/2 requests can lead to denial of service (bsc#1201316)
  * Make importing of package sun.misc optional since not all jdk versions export it
  * Build with java source and target levels 8
  * Fix javadoc generation on JDK >= 13
  * Option --write-module-graph produces wrong .dot file
  * Make importing of package sun.misc optional since not all jdk versions export it

jeuclid:

- Update jeuclid from version 3.1.3 to version 3.1.9. (jsc#SLE-23217)
  * Build with source and target levels 8
  * This version includes several changes and improvements. For the full overview please check the changelog.

jflex:

- Update jflex from version 1.4.3 to version 1.8.2. (jsc#SLE-23217)
  * Build against the standalone JavaEE modules unconditionally
  * Build against standalone glassfish-annotation-api for relevant distribution versions that have JDK that does not 
    contain the JavaEE modules
  * Fix build with recent java-cup
  * Build the bootstrap package using ant with a generated build.xml
  * Build the non-bootstrap package using maven, since its dependency auto is already built with maven
  * Do not process auto-value-annotations in bootstrap build

jflex-bootstrap: 

- Update jflex-bootstrap from version 1.4.3 to version 1.8.2. (jsc#SLE-23217)
  * Build against the standalone JavaEE modules unconditionally
  * Build against standalone glassfish-annotation-api for relevant distribution versions that have JDK that does not 
    contain the JavaEE modules
  * Fix build with recent java-cup
  * Build the bootstrap package using ant with a generated build.xml
  * Build the non-bootstrap package using maven, since its dependency auto is already built with maven
  * Do not process auto-value-annotations in bootstrap build
  
jformatstring:

- Build with source and target levels 8 (jsc#SLE-23217)

jgit: 

- Provide jgit version 5.11.0. (jsc#SLE-23217)
  * Fix build against apache-sshd 2.7.0
  * Restore java 8 compatibility when building with java 9+
  * Split the build into two spec files instead of multibuild. One produces the maven artifacts, the jgit
    command-line and the other produces eclipse features. 

jhighlight:

- Build with source and target levels 8 (jsc#SLE-23217)

jing-trang:

- Update jing-trang from version 20151127 to version 20181222. (jsc#SLE-23217)
  * Avoid building old saxon validator in order to avoid dependency on old saxon6
  * Do not use xmvn-tools, since this is a ring package
  * Package maven metadata
  * Use testng in build process
  * Require com.github.relaxng:relaxngDatatype >= 2011.1
  * Require xml-resolver:xml-resolver

jline:

- Build with source and target levels 8 (jsc#SLE-23217)
- Remove dependency on jansi-native and hawtjni-runtime
- Fix jline build against jansi 2.4.x

jline1:

- Build with source and target levels 8 (jsc#SLE-23217)

jna:

- Update jna from version 5.4.0 to version 5.5.0. (jsc#SLE-23217)
  * Build with java source/target levels 8
  * Features:
    * Add CoreFoundation, IOKit, and DiskArbitration mappings in c.s.j.p.mac.
    * c.s.j.p.mac.SystemB now extends c.s.j.p.unix.LibCAPI.
    * Add additional OSGi headers for the JNA bundle to support 32bit ARM (hardfloat)
    * Include Win32 COM utils (c.s.j.p.win32.com.util and c.s.j.p.win32.com.annotation) in OSGI bundle

joda-convert:

- Build with java source and target levels 8. (jsc#SLE-23217)
- Do not use the legacy guava20 any more

joda-time:

- Build with source and target levels 8 (jsc#SLE-23217)

jsch-agent-proxy:

- Build with source and target levels 8 (jsc#SLE-23217)

jsch:

- Build with source and target levels 8 (jsc#SLE-23217)

json-lib:

- Do not build against the log4j12 packages
- Build with source and target levels 8 (jsc#SLE-23217)
- Do not depend on the old asm3
- Fix build with jdk17
- Specify source and target levels 8 for maven-antrun-plugin and for groovyc ant task

jsonp:

- Build with java source and target levels 8. (jsc#SLE-23217)
- Build against standalone annotation api

jsr-311:

- Build with source and target levels 8 (jsc#SLE-23217)

jtidy:

- Build with java source and target levels 8. (jsc#SLE-23217)
- Rewamp and simplify the build system

junit:

- Update junit from version 4.12 to version 4.13.2. (jsc#SLE-23217)
  * CVE-2020-1945: insecure temporary file vulnerability (bsc#1171696)
  * Build with source/target levels 8

junit5:

- Update from version 5.5.2 to version 5.8.2. (jsc#SLE-23217)
  * This is a bugfix update. For the complete overview please check the documentation.

jython:

- Change dependencies to Python 3. (jsc#SLE-23217)
- Build with java source and tartget level 1.8

jzlib:

- Build with source and target levels 8 (jsc#SLE-23217)

kryo:

- Provide kryo 4.0.2 and solve installation issues. (jsc#SLE-23217)
- There are no source changes.

kxml:

- Fetch the sources using https instead of http protocol. (bsc#1182284)
- Specify java source and target levels 1.8

libreadline-java:

- Provide libreadline-java 0.8.0 and solve installation issues. (jsc#SLE-23217)
- There are no source changes.

log4j:

- Add dependency on standalone javax.activation-api that is not included in newer JDKs. (jsc#SLE-23217)

logback:

- Update logback from version 1.2.8 to version 1.2.11. (jsc#SLE-23217)
  * CVE-2021-42550: remote code execution through JNDI call from within its configuration file. (bsc#1193795)
    * Hardened logback's JNDI lookup mechanism to only honor requests in the java: namespace. All other types of 
      requests are ignored.
    * SMTPAppender was hardened.
    * Temporarily removed DB support for security reasons.
    * Removed Groovy configuration support. As logging is so pervasive and configuration with Groovy is probably too 
      powerful, this feature is unlikely to be reinstated for security reasons.
  * Set project.build.sourceEncoding property to ISO-8859-1 to avoid the new maven-resources-plugin chocking on 
    trying to filter in UTF-8 encoding JKS (binary) resources
  * Do not build against the log4j12 packages

lucene:

- Update lucene from version 7.1.0 to version 8.5.0. (jsc#SLE-23217)
  * Do not abort compilation on html5 errors with javadoc 17
  * Upgrade forbiddenapis to version 2.7; upgrade Groovy to 2.4.17.
  * Upgrade ecj to 3.19.0 to fix sporadic precommit javadoc issues
  * This update includes several API changes, runtime behavior, bugfixes and new features. For a full overview, 
    please check the official documentation.

maven:

- Update maven from version 3.6.3 to version 3.8.5. (jsc#SLE-23217)
  * CVE-2021-26291: block repositories using http by default. (bsc#1188529)
  * CVE-2020-13956: incorrect handling of malformed URI authority component. (bsc#1177488)
  * Upgrade Maven Wagon to 3.5.1
  * Upgrade Maven JAR Plugin to 3.2.2
  * Upgrade Maven Parent to 35
  * Upgrade Maven Resolver to 1.6.3
  * Upgrade Maven Shared Utils to 3.3.4
  * Upgrade Plexus Utils to 3.3.0
  * Upgrade Plexus Interpolation to 1.26
  * Upgrade Plexus Cipher and Sec Dispatcher to 2.0
  * Upgrade Sisu Inject/Plexus to 0.3.5
  * Upgrade SLF4J to 1.7.32
  * Upgrade Jansi to 2.4.0
  * Upgrade Guice to 4.2.2
  * Fix syntax error with qdox 2.0.1 and method declarations containing the new keyword 'record' as name of variables
  * Fix build with modello-2.0.0
  * Remove using of alternatives, since the symlinks are in a separate package that one can decide not to install and 
    this is the only provider for mvn and mvnDebug links
  * Use libalternatives instead of update-alternatives.
  * Remove dependency on cglib and aopalliance, since the no_aop version of guice does not really depend on them
  * Fix build with the API incompatible maven-resolver 1.7.3
  * Link the new maven-resolver-named-locks artifact too
  * Add upstream signing key and verify source signature
  * Do not build against the compatibility version guava20 any more, but use the default guava package
  * This update includes several bugfixes and new features. For a full overview, please check the official 
    documentation.

maven2:

- Fix build with modello 2.0.0. (jsc#SLE-23217)
- Build with source and target levels 8

maven-antrun-plugin:

- Update maven-antrun-plugin from version 1.8 to version 3.0.0. (jsc#SLE-23217)
  * Removal of tasks (use target instead), sourceRoot and testSourceRoot parameters
  * Compatibility with new JDK versions
  * Build with java source and target levels 8

maven-archiver:

- Build with source and target levels 8 (jsc#SLE-23217)

maven-artifact-resolver:

- Build with source and target levels 8 (jsc#SLE-23217)

maven-artifact-transfer:

- Update maven-artifact-transfer from version 0.11.0 to version 0.13.1. (jsc#SLE-23217)
  * Remove the old org.sonatype.aether dependencies, since we don't need maven 3.0.x
  * Build with source and target levels 8
  * Do not use the legacy guava20 any more
  * Fix build against newer maven

maven-assembly-plugin:

- Update maven-assembly-plugin from version 3.2.0 to version 3.3.0. (jsc#SLE-23217)
  * Add Documentation for duplicateBehaviour option
  * Allow to override UID/GID for files stored in TAR
  * Apply try-with-resources
  * Use HTTPS instead of HTTP to resolve dependencies
  * Support concatenation of files

maven-clean-plugin:

- Build with source and target levels 8 (jsc#SLE-23217)

maven-common-artifact-filters:

- Build with source and target levels 8 (jsc#SLE-23217)

maven-compiler-plugin:

- Update maven-compiler-plugin from version 3.8.1 to version 3.10.1. (jsc#SLE-23217)
  * Remove deprecated mojos
  * Add flag to enable-preview java compiler feature
  * Add a boolean to generate missing package-info classes by default
  * Check jar files when determining if dependencies changed
  * Compile module descriptors with TestCompilerMojo
  * Changed dependency detection

maven-dependency-analyzer:

- Build with source and target levels 8. (jsc#SLE-23217)
- Do not build against the legacy guava20 any more

maven-dependency-plugin:

- Update maven-dependency-plugin from version 3.1.1 to version 3.1.2. (jsc#SLE-23217)
   * Add a TOC to ease navigating to each goal usage
   * Add note on dependecy:tree -Dverbose support in 3.0+
   * Perform transformation to artifact keys just once
   * Remove @param for a parameter which does not exists.
   * Remove newline and trailing space from log line.
   * Replace CapturingLog class with Mockito usage
   * Rewrite go-offline so it resembles resolve-plugins
   * Switch to asfMavenTlpPlgnBuild
   * Update ASM so it works with Java 13
   * Upgrade maven-artifact-transfer to 0.11.0
   * Upgrade maven-common-artifact-filters to 3.1.0
   * Upgrade maven-dependency-analyzer to 1.11.1
   * Upgrade maven-plugins parent to version 32
   * Upgrade maven-shared-utils 3.2.1
   * Upgrade parent POM from 32 to 33
   * Upgrade plexus-archiver to 4.1.0
   * Upgrade plexus-io to 3.1.0
   * Upgrade plexus-utils to 3.3.0
   * Use https for sigs, hashes and KEYS
   * Use sha512 checksums instead of sha1 

maven-dependency-tree:

- Update maven-dependency-tree from version 3.0 to version 3.0.1. (jsc#SLE-23217)
  * Build with java source and target levels 8
  * Do not build against the legacy guava20 any more
  * Fixed JavaDoc issue for JDK 8
  * maven-dependency-tree removes optional flag from managed dependencies
  * Change characters used to diplay trees to make relationships clearer
  * Pass source+target to m-invoker-p, easiest way to override default values of maven-compiler-plugin
  * Upgrade org.codehaus.plexus:plexus-component-metadata to 1.7.1

maven-doxia:

- Fix build with modello 2.0.0 (jsc#SLE-23217)
- Do not build against the log4j12 packages. (jsc#SLE-23217)
- Fix the version of the log4j that doxia-module-fo needs at runtime. (jsc#SLE-23217)
- Do not build against the legacy guava20 any more. (jsc#SLE-23217)

maven-doxia-sitetools:

- Fix build with modello 2.0.0 (jsc#SLE-23217)
- Build with source and target levels 8 (jsc#SLE-23217)
- Do not build against the legacy guava20 any more. (jsc#SLE-23217)

maven-enforcer:

- Build with source and target levels 8 (jsc#SLE-23217)

maven-file-management:

- Build with java source and target levels 8 (jsc#SLE-23217)
- Fix build with modello 2.0.0

maven-filtering:

- Update maven-filtering from version 3.1.1 to version 3.2.0 (jsc#SLE-23217)
  * Allow using a different encoding when filtering properties files
  * Upgrade plexus-interpolation to 1.25
  * Upgrade maven-shared-utils to 3.2.1
  * Upgrade plexus-utils to 3.1.0
  * Upgrade parent to 32
  * Upgrade maven-surefire/failsafe-plugin to 2.21.0 for JDK 10
  * Upgrade maven-artifact-transfer to version 0.9.1
  * Upgrade JUnit to 4.12
  * Upgrade plexus-interpolation to 1.25
  * Build with java source and target levels 8
  * Do not build against legacy guava20 any more

maven-install-plugin:

- Update maven-install-plugin from version 2.5.2 to version 3.0.0. (jsc#SLE-23217)
  * Upgrade plexus-utils to 3.2.0
  * Upgrade maven-plugins parent version 32
  * Upgrade maven-plugin-testing-harness to 1.3
  * Upgrade maven-shared-utils to 3.2.1
  * Upgrade maven-shared-components parent to version 33
  * Upgrade of commons-io to 2.5.

maven-invoker:

- Update maven-invoker from version 3.0.1 to version 3.1.0. (jsc#SLE-23217)
  * Build with java source and target levels 8
  * Fixes build with maven-shared-utils 3.3.3
  * Upgrade maven-shared-utils to 3.2.1
  * Upgrade parent to 31
  * Upgrade to JDK 7 minimum
  * Refactored to use maven-shared-utils instead of plexus-utils.
  * Remove hardcoded versions for plexus-component-annotations/plexus-component-metadata

maven-jar-plugin:

- Update maven-jar-plugin from version 3.2.0 to version 3.2.2. (jsc#SLE-23217)
  * Upgrade Maven Archiver to 3.5.2
  * Upgrade Plexus Utils to 3.3.1
  * Upgrade plexus-archiver 3.7.0
  * Upgrade JUnit to 4.12
  * Upgrade maven-plugins parent to version 32
  * Build with java source and target levels 8
  * Don't log a warning when jar will be empty and creation is forced
  * Reproducible Builds: make entries in output jar files reproducible (order + timestamp)

maven-javadoc-plugin:

- Update maven-javadoc-plugin from versionn 3.1.1. to version 3.3.2. (jsc#SLE-23217)
  * Fix build with modello 2.0.0
  * Use the same encoding when writing and getting the stale data
  * Fixes build with utf-8 sources on non utf-8 platforms
  * Do not build against the legacy guava20 package anymore

maven-mapping:

- Provide maven-mapping version 3.0.0. (jsc#SLE-23217)
  * Required by bnd-maven-plugin

maven-plugin-build-helper:

- Update maven-plugin-build-helper from version 1.9.1 to version 3.2.0. (jsc#SLE-23217)
  * Set a property based on the maven.build.timestamp
  * rootlocation does not correctly work
  * Add profile to avoid showing warnings for maven plugin plugin goals not supported in m2e
  * Site: Properly showing 'value' tag on regex-properties usage page
  * Integration test reserve-ports-with-urls fails on windows

maven-plugin-bundle:

- Fix building with the new maven-reporting-api . (jsc#SLE-23217)
- Build with the osgi bundle repository by default

maven-plugin-testing:

- Fix build against newer maven. (jsc#SLE-23217)
- Do not build against the legacy guava20 package any more
- Build with source and target levels 8

maven-plugin-tools:

- Fix build with modello 2.0.0. (jsc#SLE-23217)
- Do not force building with java-1_8_0-openjdk, since the package builds just fine with higher versions.
- Do not build against the legacy guava20 package any more

maven-remote-resources-plugin:

- Update maven-remote-resources-plugin from version 1.5 to  version 1.7.0. (jsc#SLE-23217)
  * use reproducible project.build.outputTimestamp
  * use sha512 checksums instead of sha1
  * use https for sigs, hashes and KEYS
  * Upgrade plexus-utils from 3.0.24 to 3.1.0
  * Upgrade plexus-interpolation to 1.25
  * Upgrade JUnit to 4.12
  * Upgrade parent to 32
  * Upgrade maven-filtering to 3.1.1
  * Upgrade plexus-resources from 1.0-alpha-7 to 1.0.1
  * Avoid overwrite of the destination file if the produced contents is the same
  * Remove unused dependency maven-monitor
  * Upgrade to maven-plugins parent version 27
  * Upgrade maven-plugin-testing-harness to 1.3
  * Updated plexus-archiver
  * Build with source and target levels 8

maven-reporting-api:

- Update maven-reporting-api from version 3.0  to version 3.1.0. (jsc#SLE-23217)
  * Build with source and target levels 8
  * make build Reproducible
  * Upgrade to Doxia 1.11.1

maven-resolver:

- Update maven-resolver from version 1.4.1 to  version 1.7.3. (jsc#SLE-23217)
  * Build against the standalone JavaEE modules unconditionally
  * Remove the javax.annotation:javax.annotation-api dependency on distribution versions that do not incorporate the
    JavaEE modules
  * Add the glassfish-annotation-api jar to the build classpath
  * Upgrade Sisu Components to 0.3.4
  * Upgrade SLF4J to 1.7.30
  * Update mockito-core to 2.28.2
  * Update Wagon Provider API to 3.4.0
  * Update HttpComponents
  * Update Plexus Components
  * Remove synchronization in TrackingFileManager
  * Move GlobalSyncContextFactory to a separate module
  * Migrate from maven-bundle-plugin to bnd-maven-plugin
  * Support SHA-256 and SHA-512 as checksums
  * Upgrade Redisson to 3.15.6
  * Change of API and incompatible with maven-resolver < 1.7

maven-resources-plugin:

- Update maven-resources-plugin from version 3.1.0 to version 3.2.0. (jsc#SLE-23217)
  * ISO8859-1 properties files get changed into UTF-8 when filtered
  * Upgrade plexus-interpolation 1.26
  * Add m2e lifecycle Metadata to plugin
  * make build Reproducible
  * Upgrade maven-plugins parent to version 32
  * Upgrade plexus-utils 3.3.0
  * Make Maven 3.1.0 the minimum version
  * Update to maven-filtering 3.2.0
  * Build with java source and target levels 8

maven-shared-incremental:

- Build with source and target levels 8 (jsc#SLE-23217)

maven-shared-io:

- Build with source and target levels 8 (jsc#SLE-23217)

maven-shared-utils:

- Update maven-shared-utils from version 3.2.1 to 3.3.3. (jsc#SLE-23217)
  * Commandline class shell injection vulnerabilities (bsc#1198833, CVE-2022-29599)
  * Build with source and target levels 8
  * make build Reproducible
  * Upgrade maven-shared-parent to 32
  * Upgrade parent to 31

maven-source-plugin:

- Build with source and target levels 8 (jsc#SLE-23217)

maven-surefire:

- Build with source and target levels 8 (jsc#SLE-23217)
- Update generate-tarball.sh to use https URL (bsc#1182708)

maven-verifier:

- Build with source and target levels 8 (jsc#SLE-23217)

maven-wagon:

- Provide maven-wagon 3.2.0 and solve installation issues. (jsc#SLE-23217)
- There are no source changes.

minlog:

- Provide minlog 1.3.0 and solve installation issues. (jsc#SLE-23217)
- There are no source changes.

modello-maven-plugin:

- Update modello-maven-plugin from version 1.10.0 to version 2.0.0. (jsc#SLE-23217)
  * Add Modello 2.0.0 model XSD
  * Build with java source and target levels 8
  * Bump actions/cache to 2.1.6
  * Bump actions/checkout to 2.3.4
  * Bump actions/setup-java to 2.3.1
  * Bump checkstyle to 9.3
  * Bump jackson-bom to 2.13.1
  * Bump jaxb-api to 2.3.1
  * Bump jsoup to 1.14.3
  * Bump junit to 4.13.1
  * Bump maven-assembly-plugin to 3.3.0
  * Bump maven-checkstyle-plugin to 3.1.1
  * Bump maven-clean-plugin to 3.1.0
  * Bump maven-compiler-plugin to 3.9.0
  * Bump maven-dependency-plugin to 3.2.0
  * Bump maven-enforcer-plugin to 3.0.0-M3
  * Bump maven-gpg-plugin to 3.0.1
  * Bump maven-jar-plugin to 3.2.2
  * Bump maven-javadoc-plugin to 3.3.2
  * Bump maven-jxr-plugin to 3.1.1
  * Bump maven-pmd-plugin to 3.15.0
  * Bump maven-project-info-reports-plugin to 3.1.2
  * Bump maven-release-plugin to 3.0.0-M5
  * Bump maven-resources-plugin to 3.2.0
  * Bump maven-scm-publish-plugin to 3.1.0
  * Bump maven-shared-resources to 4
  * Bump maven-site-plugin to 3.10.0
  * Bump maven-surefire-plugin to 2.22.2
  * Bump maven-surefire-report-plugin to 2.22.2
  * Bump maven-verifier-plugin to 1.1
  * Bump mavenPluginTools to 3.6.4
  * Bump org.eclipse.sisu.plexus to 0.3.5
  * Bump persistence-api to 1.0.2
  * Bump plexus-compiler-api to 2.9.0
  * Bump plexus-compiler-javac to 2.9.0
  * Bump plexus-utils to 3.4.1
  * Bump plexus-velocity to 1.3
  * Bump release-drafter/release-drafter to 5.18.0
  * Bump snakeyaml to 1.30
  * Bump stax2-api to 4.2.1
  * Bump taglist-maven-plugin to 3.0.0
  * Bump woodstox-core to 6.2.8
  * Bump xercesImpl to 2.12.1 
  * Bump xercesImpl to 2.12.2 in /modello-plugins/modello-plugin-jsonschema
  * Bump xercesImpl to 2.12.2 in /modello-plugins/modello-plugin-xsd
  * Bump xml-apis to 2.0.2
  * Bump xmlunit to 1.6
  * Bump xmlunit-core to 2.9.0
  * Depend on the jackson and jsonschema plugins too
  * Manage xdoc anchor name conflicts (2 classes with same anchor)
  * Migrate from codehaus:wstx to com.fasterxml.woodstox:woodstox-core 6.2.4
  * Require Maven 3.1.1
  * Security upgrade org.jsoup:jsoup to 1.14.2

modello:

- Update modello from version 1.10.0 to version 2.0.0. (jsc#SLE-23217)
  * New features and improvements
    + Add Modello 2.0.0 model XSD
    + Manage xdoc anchor name conflicts (2 classes with same anchor)
    + Drop unnecessary check for identical branches
    + Require Maven 3.1.1
    + Use a caching writer to avoid overwriting identical files
    + Migrate from codehaus:wstx to com.fasterxml.woodstox:woodstox-core 6.2.4
    + Make location handling more memory efficient
    + Xpp3 extended writer
    + Refactor some old java APIs usage
    + Add a new field fileComment
  * Bug Fixes
    + Fix javaSource default value
    + Fix modello-plugin-snakeyaml
  * Dependency updates
    + Bump actions/cache to 2.1.6
    + Bump actions/checkout from 2 to 2.3.4
    + Bump actions/setup-java to 2.3.1
    + Bump checkstyle to 9.3
    + Bump jackson-bom to 2.13.1
    + Bump jaxb-api from 2.1 to 2.3.1
    + Bump jsoup from 1.14.2 to 1.14.3
    + Bump junit from 4.12 to 4.13.1
    + Bump junit from 4.12 to 4.13.1 in /modello-maven-plugin/src/it/maven-model
    + Bump maven-assembly-plugin from 3.2.0 to 3.3.0
    + Bump maven-checkstyle-plugin from 2.15 to 3.1.1
    + Bump maven-clean-plugin from 3.0.0 to 3.1.0
    + Bump maven-compiler-plugin to 3.9.0
    + Bump maven-dependency-plugin to 3.2.0
    + Bump maven-enforcer-plugin from to 3.0.0-M3
    + Bump maven-gpg-plugin from 1.6 to 3.0.1
    + Bump maven-jar-plugin from 3.2.0 to 3.2.2
    + Bump maven-javadoc-plugin to 3.3.2
    + Bump maven-jxr-plugin from to 3.1.1
    + Bump maven-pmd-plugin to 3.15.0
    + Bump maven-project-info-reports-plugin from 3.1.1 to 3.1.2
    + Bump maven-release-plugin from 3.0.0-M4 to 3.0.0-M5
    + Bump maven-resources-plugin from 3.0.1 to 3.2.0
    + Bump maven-scm-publish-plugin from 3.0.0 to 3.1.0
    + Bump maven-shared-resources from 3 to 4
    + Bump maven-site-plugin to 3.10.0
    + Bump maven-surefire-plugin to 2.22.2
    + Bump maven-surefire-report-plugin to 2.22.2
    + Bump maven-verifier-plugin from 1.0 to 1.1
    + Bump mavenPluginTools to 3.6.4
    + Bump org.eclipse.sisu.plexus from 0.3.4 to 0.3.5
    + Bump persistence-api from 1.0 to 1.0.2
    + Bump plexus-compiler-api to 2.9.0
    + Bump plexus-compiler-javac to 2.9.0
    + Bump plexus-utils from 3.2.0 to 3.4.1
    + Bump plexus-velocity from 1.2 to 1.3
    + Bump release-drafter/release-drafter to 5.18.0
    + Bump snakeyaml to 1.30
    + Bump stax2-api from 4.2 to 4.2.1
    + Bump taglist-maven-plugin to 3.0.0
    + Bump woodstox-core to 6.2.8
    + Bump xercesImpl from 2.12.1 to 2.12.2 in /modello-plugins/modello-plugin-jsonschema
    + Bump xercesImpl from 2.12.1 to 2.12.2 in /modello-plugins/modello-plugin-xsd
    + Bump xml-apis from 1.3.04 to 2.0.2
    + Bump xmlunit from 1.2 to 1.6
    + Bump xmlunit-core to 2.9.0
    + Security upgrade org.jsoup:jsoup from 1.13.1 to 1.14.2
- Build with java source and target levels 8
- Build the jackson and jsonschema plugins too

mojo-parent:

- Update mojo-parent from version 40 to version 60. (jsc#SLE-23217)

msv:

- Build with source and target levels 8 (jsc#SLE-23217)

multiverse:

- Build with source and target levels 8 (jsc#SLE-23217)

mx4j:

- Build against the standalone JavaEE modules unconditionally (jsc#SLE-23217)
- Depend on glassfish-activation-api instead of on gnu-jaf (jsc#SLE-23217)
- Do not build against the log4j12 packages, use the new reload4j (jsc#SLE-23217)
- Require for build gnu-jaf instead of a virtual jaf provider in order to avoid build cycles (jsc#SLE-23217)
- On supported platforms, avoid building with OpenJ9, in order to prevent build cycles (jsc#SLE-23217)

mybatis-parent:

- Provide mybatis-parent version 31 (jsc#SLE-23217)

mybatis:

- Provide mybatis version 3.5.6 (jsc#SLE-23217)
  * CVE-2020-26945: remote code execution due to mishandles deserialization of object streams (bsc#1177568)

mysql-connector-java:

- Update mysql-connector-java from version 5.1.47 to version 8.0.29. (jsc#SLE-23217)
  * CVE-2021-2471: mysql-connector-java: unauthorized access (bsc#1195557)
  * CVE-2020-2875, CVE-2020-2933, CVE-2020-2934: Vulnerability in the MySQL Connectors product of Oracle 
    MySQL (bsc#1173600)
  * Historically, MySQL has used utf8 as an alias for utf8mb3. Since release 8.0.29, utf8mb3 has become a recognized 
    (though deprecated) character set on its own for MySQL Server. Therefore, Connector/J has added utf8mb3 to its 
    character set mapping, and users are encouraged to update to Connector/J 8.0.29 to avoid potential issues when 
    working with MySQL Server 8.0.29 or later.
  * A new connection property socksProxyRemoteDns has been added, which, when set to true, makes the 
    SocksProxySocketFactory execute its own connect() implementation that passes the unresolved InetSocketAddress of 
    a MySQL Server host to the created proxy socket, instead of having the address resolved locally.
  * The code for prepared statements has been refactored to make the code simpler and the logic for binding more 
    consistent between ServerPreparedStatement and ClientPreparedStatement.
  * Connector/J now supports Fast Identity Online (FIDO) Authentication. See Connecting Using Fast Identity 
    Online (FIDO) Authentication for details.
  * Do not build against the log4j12 packages, use the new reload4j
  * This update provide several fixes and enhancements. Please, check the chenges for a full overview.

nailgun:

- Build with source and target levels 8 (jsc#SLE-23217)

native-platform:

- Build with source and target levels 8 (jsc#SLE-23217)

nekohtml:

- Update nekohtml from version 1.9.22 to version 1.9.22.noko2. (jsc#SLE-23217)
  * CVE-2022-28366: Uncontrolled Resource Consumption in nekohtml. (bsc#1198404)
  * CVE-2022-24839: Denial of service via crafted Processing Instruction (PI) input. (bsc#1198739)
  * Use the security patched fork at https://github.com/sparklemotion/nekohtml
  * Build with source and target levels 8

netty3:

- Remove dependency on javax.activation. (jsc#SLE-23217)
- Build again against mvn(log4j:log4j). (jsc#SLE-23217)
- Use the standalone JavaEE modules unconditionally
- Remove the compat versions, since the io.netty:netty artifact coordinates exist only in version 3.x. (jsc#SLE-23217)

netty-tcnative:

- Update netty-tcnative to version 2.0.36. (jsc#SLE-23217)
  * Upgrade to OpenSSL 1.1.1i
  * Update to latest openssl version for static build
  * Update to LibreSSL 3.1.4
  * Update to latest stable libressl release
  * Cleanup BoringSSL TLSv1.3 support and consistent handle empty ciphers.
  * Support TLSv1.3 with compiling against boringssl
  * Return 0 for SSL_OP_NO_TLSv1_3 when TLSv1.3 is not supported.
  * Allow to load a private key from the OpenSSL engine.
  * Support KeyManagerFactory if compiled against OpenSSL < 1.0.2 but using OpenSSL >= 1.0.2 at runtime.
  * Build with java source and target levels 1.8

objectweb-asm:

- Update objectweb-asm from version 7.2 to version 9.3. (jsc#SLE-23217)
  * new Opcodes.V19 constant for Java 19
  * new size() method in ByteVector
  * checkDataFlow option in CheckClassAdapter can now be used without valid maxStack and maxLocals values
  * New Maven BOM
  * Build asm as modular jar files to be used as such by java >= 9
  * Leave asm-all.jar as a non-modular jar
  * JDK 18 support
  * Replace -debug flag in Printer with -nodebug (-debug continues to work)
  * New V15 constant
  * Experimental support for PermittedSubtypes and RecordComponent
  * This update provide several fixes and enhancements. Please, check the chenges for a full overview.

objenesis:

- Fix build with javadoc 17 (jsc#SLE-23217)

opentest4j:

- Update opentest4j from version 1.0.0 to version 1.2.0. (jsc#SLE-23217)
  * Build with java source and target levels 8
  * Remove unused dependency on commons-codec
  * Rename serialized output file for clarity
  * Create an OSGi compatible MANIFEST.MF

oro:

- Build with source and target levels 8 (jsc#SLE-23217)

osgi-annotation:

- Update osgi-annotation from version 6.0.0 to version 7.0.0. (jsc#SLE-23217)
  * Build with source and target levels 8

osgi-compendium:

- Update osgi-compendium from version 6.0.0 to version 7.0.0. (jsc#SLE-23217)
  * Build with source and target levels 8

osgi-core:

- Update osgi-core from version 6.0.0 to version 7.0.0. (jsc#SLE-23217)
  * Build with source and target levels 8

os-maven-plugin:

- Update os-maven-plugin from version 1.2.3 to version 1.7.0. (jsc#SLE-23217)
  * Build with java source and target levels 8
  * Changes:
    + Added a new property os.detected.arch.bitness
    + Added detection of RISC-V architecture, riscv
    + Added an abstraction layer for System property and file system access
    + Added thread safety information to Maven plugin metadata so that Maven doesn't warn about thread safety anymore
    + Added detection of z/OS operating system
    + Added m2e life cycle mapping metadata so os-maven-plugin works better with Eclipse m2e
    + Added support for MIPS and MIPSEL 32/64-bit architecture
        mips_32 - if the value is one of: mips, mips32
        mips_64 - if the value is mips64
        mipsel_32 - if the value is one of: mipsel, mips32el
        mipsel_64 - if the value is mips64el
    + Added support for PPCLE 32-bit architecture
        ppcle_32 - if the value is one of: ppcle, ppc32le
    + Added support for IA64N and IA64W architecture
        itanium_32 - if the value is ia64n
        itanium_64 - if the value is one of: ia64, ia64w (new), itanium64
    + Fixed classpath conflicts due to outdated Guava version in transitive dependencies
    + Fixed incorrect prerequisite

paradise:

- Build with source and target levels 8 (jsc#SLE-23217)

paranamer:

- Build with source and target levels 8 (jsc#SLE-23217)

parboiled:

- Build with source and target levels 1.8 (jsc#SLE-23217)

pegdown:

- Build with source and target levels 8 (jsc#SLE-23217)

picocli:

- Update picocli from version 4.0.4 to version 4.6.2. (jsc#SLE-23217)
  * Full changes from previous versions are in https://github.com/remkop/picocli/blob/v4.6.2/RELEASE-NOTES.md

plexus-ant-factory:

- Build with source and target levels 8 (jsc#SLE-23217)

plexus-archiver:

- Do not compile the test build against the legacy guava20 any more. (jsc#SLE-23217)

plexus-bsh-factory:

- Build with source and target levels 8 (jsc#SLE-23217)

plexus-build-api:

- Build with source and target levels 8 (jsc#SLE-23217)
- Fix an error of tag in javadoc

plexus-cipher:

- Update plexus-cipher from version 1.7 to version 2.0. (jsc#SLE-23217)
  * Switch from Sonatype to Plexus
  * Switch to the Eclipse sisu-maven-plugin
  * Bump junit from 4.12 to 4.13.1
  * Bump plexus from 6.5 to 8
  * Fix surefire warnings
  * This version is needed by maven 3.8.4 and plexus-sec-dispatcher 2.0

plexus-classworlds:

- Update plexus-classworlds from version 2.5.2 to version 2.6.0. (jsc#SLE-23217)
  * Modular java JPMS support

plexus-cli:

- Do not compile/run tests against the legacy guava20 package. (jsc#SLE-23217)
- Build with java source and target levels 8. (jsc#SLE-23217)
- Replace raw java.util.List with typed java.util.List<E> interface
- The GnuParser and OptionBuilder classes are deprecated in commons-cli since version 1.3

plexus-compiler:

- Update plexus-compiler from version 2.8.2 to version 2.11.1. (jsc#SLE-23217)
  * Plexus testing is a dependency with scope test
  * Removed: jikes compiler
  * New features and improvements
    + add paremeter to configure javac feature --enable-preview
    + make java 11 as project base but keep javac release 8, we will be able to upgrade ecj and errorprone
    + Bump plexus-components from 6.5 to 6.6 and upgrade to junit5
    + add adopt-openj9 build
    + Fix AspectJ basics
    + fix methods of lint and warning
    + Add new showLint compiler configuration
    + add jdk distribution to the matrix
    + Added primitive support for --processor-module-path
    + Refactor and add unit tests for support for multiple --add-exports custom compiler arguments
    + Add Maven Compiler Plugin compiler it tests
    + Close StandardJavaFileManager
    + Use latest ecj from official Eclipse release
  * Bug fixes:
    + [eclipse-compiler] Resort sources to have module-info.java first
    + Issue #106: Retain error messages from annotation processors
    + Issue #147: Support module-path for ECJ
    + Issue #166: Fix maven dependencies
    + eclipse compiler: set generated source dir even if no annotation processor is configured
    + CSharp compiler: fix role
    + Eclipse compiler: close the StandardJavaFileManager
    + Use plexus annotations rather than doclet to fix javadoc with java11
    + fix Java15 build
    + Update Error prone 2.4
    + Rename method, now that EA of JDK 16 is available
    + Eclipse Compiler Support release specifier instead of source/target
    + Issue #73: Use configured file encoding for JSR-199 Eclipse compiler
  * Dependency updates
    + Bump actions/cache to 2.1.6
    + Bump animal-sniffer-maven-plugin to 1.21
    + Bump aspectj.version from 1.9.2 to 1.9.6
    + Bump assertj-core from 3.21.0 to 3.22.0
    + Bump ecj to 3.28.0
    + Bump error_prone_core to 2.10.0
    + Bump junit to 4.13.2
    + Bump junit-jupiter-api from 5.8.1 to 5.8.2
    + Bump maven-artifact from 2.0 to 2.2.1
    + Bump maven-enforcer-plugin from 3.0.0-M3 to 3.0.0
    + Bump maven-invoker-plugin from 3.2.1 to 3.2.2
    + Bump maven-settings from 2.0 to 2.2.1
    + Bump plexus-component-annotations to 2.1.1
    + Bump plexus-components to 6.6 and upgrade to junit5
    + Bump release-drafter/release-drafter to 5.18.1
  * needed by the latest maven-compiler-plugin
  * Rewrite the plexus metadata generation in the ant build files

plexus-component-api:

- Build with source and target levels 8 (jsc#SLE-23217)

plexus-component-metadata:

- Update plexus-component-metadata from version 2.1.0 to version 2.1.1. (jsc#SLE-23217)
  * Build using asm >= 7
  * Build with java source and target levels 8

plexus-containers:

- Update plexus-containers from version 2.1.0 to version 2.1.1. (jsc#SLE-23217)
  * This is the last version before deprecation
  * Security upgrade org.jdom:jdom2 from 2.0.6 to 2.0.6.1
  * Build with java source and target levels 8
  * Upgrade ASM to 9.2
  * Requires Java 7 and Maven 3.2.5+

plexus-i18n:

- Build with java source and target levels 8 (jsc#SLE-23217)
- Do not compile/run tests against the legacy guava20 package (jsc#SLE-23217)

plexus-interactivity:

- Build with source and target levels 8 (jsc#SLE-23217)

plexus-interpolation:

- Build with java source and target levels 1.8

plexus-io:

- Do not build/run tests against the legacy guava20 package (jsc#SLE-23217)

plexus-languages:

- Update plexus-languages from version 1.0.3 to version 1.1.1. (jsc#SLE-23217)
  * Build using java >= 9
  * Build as multirelease modular jar
  * Fix builds with a mix of modular and classic jar files
  * generate-tarball.sh: use safe temporary directory, avoid accidental deletion of *.jar, *.class in the current 
    working directory.

plexus-metadata-generator:

- Update plexus-metadata-generator from version 2.1.0 to version 2.1.1 (jsc#SLE-23217)
  * Build using asm >= 7
  * Build with java source and target levels 8
  * Do not use the deprecated plexus-cli functions, but port the generator to the recommended replacement

plexus-resources:

- Build with source and target levels 8 (jsc#SLE-23217)

plexus-sec-dispatcher:

- Update plexus-sec-dispatcher from version 1.4 to version 2.0. (jsc#SLE-23217)
  * Fix build with modello-2.0.0
  * Changes:
    + Bump plexus-utils to 3.4.1
    + Bump plexus from 6.5 to 8
    + Switch from Sonatype to Plexus
    + Update pom to use modello source 1.4
  * needed for maven 3.8.4 and plexus-cipher 2.0

plexus-utils:

- Update plexus-utils from version 3.3.0 to version 3.3.1. (jsc#SLE-23217)
  * Build with source and target levels 8 (jsc#SLE-23217)
  * Don't ignore valid SCM files 
  * This is the latest version still supporting Java 8

plexus-velocity:

- Do not compiler/run the test build against legacy guava20 anymore. (jsc#SLE-23217)
- Build with java source and target levels 8. (jsc#SLE-23217)
- Simplify the build file and remove tests which depend onapache-commons-lang. (jsc#SLE-23217)

qdox:

- Update qdox from version 2.0.M9 to version 2.0.1. (jsc#SLE-23217)
  * Don't use deprecated inputstreamctor option
  * Add Automatic-Module-Name to the manifest
  * Generate ant build file from maven pom and build using ant
  * Update jflex-maven-plugin to 1.8.2
  * Changes:
    * Support Lambda Expression
    * Add SEALED / NON_SEALED tokens
    * CodeBlock for Annotation with FieldReference should prefix field with canonical name
    * Add UnqualifiedClassInstanceCreationExpression
    * Add reference to grammar documentation and hints to transform it
    * Support Text Blocks
    * Support Sealed Classes
    * Support records
    * Get interface via javaProjectBuilder.getClassByName

reflectasm:

- Build with source and target levels 8 (jsc#SLE-23217)

regexp:

- Build with source and target levels 8 (jsc#SLE-23217)

relaxngcc:

- Provide relaxngcc version 1.12 (jsc#SLE-23217)

relaxngDatatype:

- Build with source and target levels 8 (jsc#SLE-23217)

reload4j:

- Update from version 1.2.19 to version 1.2.20. (jsc#SLE-23217)
  * Build with source/target levels 8
  * For enabled logging statements, the performance of iterating on appenders attached to a logger has been 
    significantly improved.

replacer:

- Build with source and target levels 8 (jsc#SLE-23217)

rhino:

- Update rhino from version 1.7R3 to version 1.7.14. (jsc#SLE-23217)

sat4j:

- Build with source and target levels 8 (jsc#SLE-23217)

saxon9:

- Build with source and target levels 8 (jsc#SLE-23217)

sbt-launcher:

- Build with source/target levels 8 (jsc#SLE-23217)
- Fix build against ivy 2.5.0

sbt:

- Do not depend on hawtjni-runtime and jansi-native anymore (jsc#SLE-23217)
- Fix build against maven 3.8.5
- Fix build against apache-ivy 2.5.0
- Override javax.inject:javax:inject artifact coordinates in order to be able to build against newer atinject
  versions if needed
- Fix build with maven-resolver 1.7.3
- Build package as noarch, since it does not have archfull binaries
- Build with java 8

scala-pickling:

- Build with source and target levels 8 (jsc#SLE-23217)

scala:

- No longer package /usr/share/mime-info (bsc#1062631)
  *  Drop scala.keys and scala.mime source files. (jsc#SLE-23217)
- Fix the scala build to find correctly the jansi.jar file
- Make the package that links the jansi.jar file archfull
- Bootstrap the build with our own built jar instead of downloading prebuilt binaries from www.scala-lang.org

servletapi4:

- Provide servletapi4 4.0.4 and solve installation issues. (jsc#SLE-23217)
- There are no source changes.

signpost-core:

- Build with source and target levels 8 (jsc#SLE-23217)

sisu:

- Update siu from version 0.3.3 to version 0.3.5 (jsc#SLE-23217)
  * Remove dependency on glassfish-servlet-api
  * Relax bytecode check in scanner so it can scan up to and including Java14
  * Support reproducible builds by sorting generated javax.inject.Named index
  * Build with java source and target levels 8
  * Change to generate maven meta-data using the %%add_maven_depmap so that it can be built before the xmvn-tools

slf4j:

- Update slf4j from version 1.7.30 to version 1.7.36. (jsc#SLE-23217)
  * Don't use %%mvn_artifact, but %%add_maven_depmap
  * In the jcl-over-slf4j module avoid Object to String conversion.
  * In the log4j-over-slf4j module added empty constructors for ConsoleAppender.
  * In the slf4j-simple module, SimpleLogger now caters for concurrent access.
  * Fix build against reload4j
  * Fix dependencies of the module slf4j-log4j12
  * Depend for build on reload4j
  * Do not use a separate spec file for sources.
  * slf4j-log4j12 artifact automatically instructs Maven to use the slf4j-reload4j artifact instead.
  * slf4j releases are now reproducible.
  * Build with source/target levels 8
  * Add symlink to reload4j -> log4j12 for applications that expect that name.

snakeyaml:

- Update snakeyaml from version 1.31 to version 1.33. (jsc#SLE-23217)
 * Output error grow the rhn_web_ui.log rapidly (bsc#1204173)
 * CVE-2022-38752: Uncaught exception in java.base/java.util.ArrayList.hashCode (bsc#1203154)

spec-version-maven-plugin:

- Update spec-version-maven-plugin from 1.2 version to version 2.1 (jsc#SLE-23217)
  * Support both the jakarta.* and the javax.* apis
  * Build with java source and target levels 8

stax2-api:

- Build with source and target levels 8 (jsc#SLE-23217)

stax-ex:

- Provide stax-ex version 1.8 (jsc#SLE-23217)

stringtemplate4:

- Build with source and target levels 8 (jsc#SLE-23217)

string-template-maven-plugin:

- Build with source and target levels 8 (jsc#SLE-23217)

stringtemplate:

tagsoup:

- Build with source and target levels 8 (jsc#SLE-23217)

template-resolver:

- Build with source and target levels 8 (jsc#SLE-23217)

tesla-polyglot:

- Update tesla-polyglot from version 0.2.1 to version 0.4.5. (jsc#SLE-23217)
  * Build with source and target levels 8
  * Remove upper bound for JDK version to allow Java 11 and newer
  * polyglot-kotlin - revert automatic source folder setting to koltin
  * Update xstream version in test resources to avoid security alerts
  * Avoid assumption about replacement pom file being readable
  * Upgrade scala-maven-plugin, clojure-maven-plugin and Clojure
  * polyglot-kotlin: Set source folders to kotlin
  * Upgrade to kotlin 1.3.60
  * Provide a mechanism to override properties of a polyglot build
  * TeslaModelProcessor.locatePom(File) ignores files ending in.xml
  * Use platform encoding in ModelReaderSupport
  * Invoker plugin update
  * takari parent update
  * plexus-component-metadata update to 2.1.0
  * maven-enforcer-plugin update to 3.0.0-M3
  * polyglot-kotlin: Avoid IllegalStateException
  * polyglot-kotlin: improved support for IntelliJ Idea usage
  * polyglot-kotlin: kotlin update and numerous improvements to more idiomatic kotlin
  * polyglot-common:
    + Execute tasks are now installed with inheritable set to false
    + The ExecuteContext interface now has default implementations
    + The ExecuteContext now includes getMavenSession()
    + the ExecuteContext now includes getLog() to comport with Java bean conventions. The log() operation has been 
      deprecated.
    + the ExecuteContext now includes getBasedir() to comport with Java bean conventions. The basedir() operation has 
      been deprecated.
  * polyglot-kotlin:
    + Updates Kotlin to 1.3.21
    + Includes support for Maven's ClassRealm
    + Includes full support for the entire Maven model
    + Includes support for execute tasks via as inline lambdas or as external scripts.
    + Resolves ClassLoader issues that affected integration with IntelliJ IDEA
  * polyglot-java: fixed depMgt conversion
  * polyglot-ruby: java9+ support improvement
  * added polyglot-kotlin
  * polyglot-scala:
    + Convenience methods for Dependency (classifier, intransitive, % (scope))
    + Support reporting-section in pom
    + Added default value for pom property modelversion (4.0.0)
    + Updated used Scala Version (2.11.12)
    + Made output dir to pom.scala files compilation configurable via system property polyglot.scala.outputdir
    + Improved support and docs for configuration elements of plugins
  * Upgrade to latest takari-pom parent
  * polyglot-yaml: Support for xml attributes
  * polyglot-yaml: exclude pomFile property from serialization
  * polyglot-java: Linux support and test fixes
  * polyglot-java: Moved examples into polyglot-maven-examples
  * Updated Scala version
  * Scala warning fixes
  * polyglot-scala: Scala syntax friendly include preprocessor
  * Added link to user of yml version
  * polyglot-scala: Use Zinc server for Scala module
  * polyglot-scala: Support more valid XML element name chars in dynamic Config
  * Experimental addition of Java as polyglot language.

test-interface:

- Build with source and target levels 8 (jsc#SLE-23217)

testng:

- Update testng from version 6.14.3 to version 7.4.0. (jsc#SLE-23217)
  * CVE-2020-11022: jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (bsc#1190663)
  * CVE-2020-11023: jquery: Untrusted code execution while passing HTML containing <option> elements (bsc#1190660)
  * Features:
    + Ability to be notified when a data provider fails, through a TestNG listener.
      TestNG already has a listener that will let you plug in your
      callbacks for the following with respect to a data provider
      (implement org.testng.IDataProviderListener interface)
      You can now use this listener to be notified when a data
      provider fails as well.
    + Add the ability to override explicitly included test methods if they belong to any excluded groups via the 
      configuration property : overrideIncludedMethods
    + Reduced memory foot print when trying to run tests with larger projects.
      This is now a toggle feature which can be enabled via the
      JVM argument: -Dtestng.memory.friendly=true
  * Bug fixes:
    + GITHUB-2459: Support configurable start time - emailable report
    + GITHUB-2467: XmlTest does not copy the xmlClasses during clone
    + GITHUB-2469: Parameters added in XmlTest during AlterSuiteListener not available in SuiteListener
    + GITHUB-2296: Fix for assertEquals not working for sets as order is not guaranteed
    + GITHUB-2465: Fix bux where Strings.join returns empty String
    + GITHUB-1632: throwing SkipException sets iTestResult status to Failure instead of Skip
    + GITHUB-2456: Add onDataProviderFailure listener
    + GITHUB-2407: Adds 'overrideIncludedMethods' to the global config as a command-line argument, which excludes 
      explicitly included test methods if they belong to any excluded groups
    + GITHUB-2432: Rework MethodInheritance.fixMethodInheritance to 'soft' dependencies
    + GITHUB-2435: getParameterIndex() always return 0 in test listener
    + GITHUB-2405: Regression: Using TestNG via Maven breaks when optional Guice dependency is unavailable
    + GITHUB-2419: TestNG JUnit reports are not valid if system output contains XML tags
    + GITHUB-2374: Add file name to the warning message
    + GITHUB-2321: -Dtestng.thread.affinity=true do not work when running multiple instance of test in parallel
    + GITHUB-2363: JS error when switching theme
  * Build with java source and target levels 8
  * Require snakeyaml and beust-jcommander

tomcat:

- Update from version 9.0.31 to version 9.0.43 (jsc#SLE-23217)
- CVE-2021-43980: Improve the recycling of Processor objects to make it more robust. (bsc#1203868)
- CVE-2022-42252: Fixed a request smuggling. (bsc#1204918)
- set logrotate for localhost.log, manager.log, host-manager.log and localhost_access_log.txt
- use logrotate for catalina.out and configure server.xml
- Use catalina.out for logging (bsc#1205647)
- Do not hardcode /usr/libexec but use %%_libexecdir during the build where /usr/libexec 
  and %%_libexecdir are different.
- Build with source, target and release levels 8 (bsc#1201081)

treelayout:

- Build with source and target levels 8 (jsc#SLE-23217)

trilead-ssh2:

- Build with source and target levels 8 (jsc#SLE-23217)

tycho:

- Update tycho from version 1.2.0 to version 1.6.0. (jsc#SLE-23217)
  * Fix bootstrapping with new version of maven-install-plugin
  * Assure that all classes in tycho are understood by Java 8 (bsc#1198279)
  * Force building with java 11, since there is no config in tycho for java >= 15
  * Do not force building with java 1.8, but with any java >= 1.8
  * Drop support for obsolete modular JVMs (10 and 12)
  * Plexus Utils has been updated to version 3.3.0 as a prerequisite for other dependency updates.
  * ECJ has been updated to version 3.19.0. This version adds support for Java 12 bytecode and features.
  * JGit has been updated to version 5.5.0.
  * Equinox and p2 has been updated to their 2019-09 versions.
  * ObjectWeb ASM has been updated to version 7.0 from 5.0.3 which provides Java 11 
    compatibility in artifactcomparator.
  * Java 11: JDT was updated to 3.15.1

univocity-parsers:

- Update univocity-parsers from version 2.5.5 to version 2.9.1. (jsc#SLE-23217)
  * Build with source and target levels 8

utfcpp:

- Provide utfcpp version 3.2.1. (jsc#SLE-23217)
  * Required by antlr4.

velocity:

- Build with java source and target levels 8 (jsc#SLE-23217)
- Do not build against the log4j12 packages, use the new reload4j

werken-xpath:

- Build with source and target levels 8 (jsc#SLE-23217)

woodstox-core:

- Update from version 5.2.0 to version 6.2.8. (jsc#SLE-23217)
  * Build with java source and target levels 8

wsdl4j:

- Build with source and target levels 8
- Alias to axis:axis-wsdl4j

ws-jaxme:

- Do not build against the log4j12 packages, use the new reload4j (jsc#SLE-23217)
- On relevant distributions, build against the standalone jaxb-api
- Build with source/target levels 8
- Build against the standalone JavaEE modules unconditionally

xalan-j2:

- Do not link to the java_cup* compatibility links, but to the java-cup* ones
- Build with source/target levels 8

xbean:

- Update xbean from version 4.5 to version 4.20 (jsc#SLE-23217)
  * Do not build against the log4j12 packages, use the new reload4j
  * Upgrade to asm 9.1
  * Remove unnecessary dependency on log4j and commons-logging

xerces-j2:

- Update xerces-j2 from version 2.12.0 to versionn 2.12.2 (jsc#SLE-23217)
  * CVE-2022-23437: Infinite loop within Apache XercesJ xml parser (bsc#1195108)
  * Build with source/target levels 8

xml-commons-apis:

- Build with source and target levels 8 (jsc#SLE-23217)

xml-commons-resolver:

- Build with source and target levels 8 (jsc#SLE-23217)

xmlgraphics-batik:

- Update from version 1.10 to version 1.15 (jsc#SLE-23217)
  * CVE-2022-38398: Fixed information disclosure due to Jar url not being blocked by DefaultExternalResourceSecurity
    (bsc#1203674)
  * CVE-2022-38648: Fixed information disclosure due to missing blocking of external resource before calling fop
    (bsc#1203673)
  * CVE-2022-40146: Fixed information disclosure due to Jar url not being blocked by DefaultScriptSecurity
    (bsc#1203672)
  * CVE-2020-11987: Fixed SSRF due to improper input validation by the NodePickerPanel (bsc#1182748).
  * CVE-2019-17566: Fixed SSRF via 'xlink:href' attributes (bsc#1172961).

xmlgraphics-commons:

- CVE-2020-11988: Fixed a server-side request forgery caused by improper input validation by the XMPParser. (bsc#281607)
- Build with source/target levels 8

xmlgraphics-fop:

- Update xmlgraphics-fop from version 2.1 to version 2.7. (jsc#SLE-23217)
  * Update PDFBox to 2.0.24
  * Upgrade ant to 1.9.15
  * Make the build reproducible (bsc#1047218)
  * Build against fontbox from apache-pdfbox >= 2
  * Requires batik >= 1.11
  * Package xmlgraphics-fop-hyph.jar and xmlgraphics-fop-sandbox.jar (bsc#1145693)

xml-maven-plugin:

- Build with source and target levels 8 (jsc#SLE-23217)

xmlstreambuffer:

- Provide xmlstreambuffer version 1.5.4 (jsc#SLE-23217)

xmlunit:

- Update xmlunit from version 1.5 to version 1.6 (jsc#SLE-23217)
  * Build with java source and target levels 8

xmvn-connector: 

Rename xmvn-connector-aether to xmvn-connector and provide it as version 4.0.0. (jsc#SLE-23217)

xmvn-connector-gradle:

- Update xmvn-connector-gradle from version 3.1.0 to version 4.0.0. (jsc#SLE-23217)
  * Make it standalone from xmvn sources

xmvn-connector-ivy:

- Update xmvn-connector-ivy from version 3.1.0 to version 4.0.0. (jsc#SLE-23217)
  * Make it standalone from xmvn sources

xmvn-mojo:

- Update xmvn-mojo from version 3.1.0 to version 4.0.0. (jsc#SLE-23217)
  * Bump codecov/codecov-action to 2.0.2
  * Bump commons-compress from 1.20 to 1.21 in /xmvn-parent
  * Bump junit from 4.12 to 4.13.1
  * Update compiler source/target to JDK 11

xmvn-parent:

- Update xmvn-parent from version 3.1.0 to version 4.0.0. (jsc#SLE-23217)
  * Bump codecov/codecov-action to 2.0.2
  * Bump commons-compress from 1.20 to 1.21 in /xmvn-parent
  * Update compiler source/target to JDK 11

xmvn-tools:

- Update xmvn-tools from version 3.1.0 to version 4.0.0. (jsc#SLE-23217)
  * Build with modello 2.0.0
  * Bump codecov/codecov-action to 2.0.2
  * Drop bisect tool
  * Update compiler source/target to JDK 11

xmvn:

- Update xmvn from version 3.1.0 to version 4.0.0. (jsc#SLE-23217)
  * Bump codecov/codecov-action to 2.0.2
  * Bump commons-compress from 1.20 to 1.21 in /xmvn-parent
  * Fix Javadoc generation for non-JPMS project with JDK 11
  * Remove superflous JARs from assembly
  * Rename xmvn-connector-aether to xmvn-connector
  * Move release plugins to pluginManagement
  * Move prerequisites on Maven version to xmvn-mojo
  * Bump junit 4.13.1
  * Bump slf4jVersion from 1.8.0-beta4 to 2.0.0-alpha2 in /xmvn-parent
  * Update Maven plugin versions
  * Drop Ivy
  * Drop Gradle
  * Switch to SHA-256 in CacheManager
  * Update dependency xmlunit.assertj to xmlunit.assertj3
  * Update compiler source/target to JDK 11
  * Require the maven-libs we built against in order to avoid hanging symlinks

xpp2:

- Build with source/target levels 8

xpp3:

- Build with source and target levels 8 (jsc#SLE-23217)

xsom:

- Provide xsom version 0~20140925. (jsc#SLE-23217)

xstream:

- Build against the standalone JavaEE modules unconditionally
- Build against standalone activation-api and jaxb-api on systems where the JavaEE modules are not part of JDK

xz-java:

- Provide xz-java 1.8 and solve installation issues. (jsc#SLE-23217)
- There are no source changes.

zinc:

- Disambiguate the requirements. Require directly sbt non-bootstrap
- Build only *.scala and *.java files


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:776-1
Released:    Thu Mar 16 17:29:23 2023
Summary:     Recommended update for gcc12
Type:        recommended
Severity:    moderate
References:  
This update for gcc12 fixes the following issues:

This update ships gcc12 also to the SUSE Linux Enterprise 15 SP1 LTSS and 15 SP2 LTSS products.

SUSE Linux Enterprise 15 SP3 and SP4 get only refreshed builds without changes


This update ship the GCC 12 compiler suite and its base libraries.

The compiler baselibraries are provided for all SUSE Linux Enterprise 15
versions and replace the same named GCC 11 ones.

The new compilers for C, C++, and Fortran are provided in the SUSE Linux
Enterprise Module for Development Tools.

To use gcc12 compilers use:

- install 'gcc12' or 'gcc12-c++' or one of the other 'gcc12-COMPILER' frontend packages.
- override your makefile to use CC=gcc12, CXX=g++12 and similar overrides for the other languages.

For a full changelog with all new GCC12 features, check out

	https://gcc.gnu.org/gcc-12/changes.html


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:777-1
Released:    Thu Mar 16 17:31:55 2023
Summary:     Security update for hdf5
Type:        security
Severity:    moderate
References:  1207973,CVE-2021-37501
This update for hdf5 fixes the following issues:

- CVE-2021-37501: Fixed overflow in calculation of data buffer due to bogus input file (bsc#1207973).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:788-1
Released:    Thu Mar 16 19:37:59 2023
Summary:     Recommended update for libsolv, libzypp, zypper
Type:        recommended
Severity:    important
References:  1178233,1203248,1203249,1203715,1204548,1204956,1205570,1205636,1206949
This update for libsolv, libzypp, zypper fixes the following issues:

libsolv:

- Do not autouninstall SUSE PTF packages
- Ensure 'duplinvolvedmap_all' is reset when a solver is reused
- Fix 'keep installed' jobs not disabling 'best update' rules
- New '-P' and '-W' options for `testsolv`
- New introspection interface for weak dependencies similar to ruleinfos
- Ensure special case file dependencies are written correctly in the testcase writer
- Support better info about alternatives
- Support decision reason queries
- Support merging of related decisions
- Support stringification of multiple solvables
- Support stringification of ruleinfo, decisioninfo and decision reasons

libzypp:

- Avoid calling getsockopt when we know the info already.
  This patch should fix logging on WSL, getsockopt seems to not be fully supported but the code required it when
  accepting new socket connections (bsc#1178233)
- Avoid redirecting 'history.logfile=/dev/null' into the target
- Create '.no_auto_prune' in the package cache dir to prevent auto cleanup of orphaned repositories (bsc#1204956)
- Enhance yaml-cpp detection
- Improve download of optional files
- MultiCurl: Make sure to reset the progress function when falling back.
- Properly reset range requests (bsc#1204548)
- Removing a PTF without enabled repos should always fail (bsc#1203248)
  Without enabled repos, the dependent PTF-packages would be removed (not replaced!) as well. 
  To remove a PTF `zypper install -- -PTF` or a dedicated `zypper removeptf PTF` should be used. This will update the
  installed PTF packages to theit latest version.
- Skip media.1/media download for http repo status calc.
  This patch allows zypp to skip a extra media.1/media download to calculate if a repository needs to be refreshed.
  This optimisation only takes place if the repo does specify only downloading base urls.
- Use a dynamic fallback for BLKSIZE in downloads.
  When not receiving a blocklist via metalink file from the server MediaMultiCurl used to fallback to a fixed,
  relatively small BLKSIZE. This patch changes the fallback into a dynamic value based on the filesize using a similar
  metric as the MirrorCache implementation on the server side.
- ProgressData: enforce reporting the INIT||END state (bsc#1206949)
- ps: fix service detection on newer Tumbleweed systems (bsc#1205636)


zypper:

- Allow to (re)add a service with the same URL (bsc#1203715)
- Bump dependency requirement to libzypp-devel 17.31.7 or greater
- Explain outdatedness of repositories
- patterns: Avoid dispylaing superfluous @System entries (bsc#1205570)
- Provide `removeptf` command (bsc#1203249)
  A remove command which prefers replacing dependant packages to removing them as well.
  A PTF is typically removed as soon as the fix it provides is applied to the latest official update of the dependant
  packages. However it is not desired for the dependant packages to be removed together with the PTF, which is what the
  remove command would do. The `removeptf` command however will aim to replace the dependant packages by their official
  update versions.
- Update man page and explain '.no_auto_prune' (bsc#1204956)

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2023:789-1
Released:    Fri Mar 17 05:18:21 2023
Summary:     Feature update for lapack
Type:        feature
Severity:    important
References:  1087426,1166619,1184786,1207358,1207563,1207989
This update for lapack fixes the following issues:

Version update from 3.5.0 to 3.9.0 (jsc#PED-3628):
    
- As a configurable option, add tmglib code to the LAPACK library and enable TMG in LAPACKE as the header files provide
  its API (bsc#1207989, bsc#1087426)
- Build deprecated functions to avoid breaking the ABI (bsc#1207989)
- Make library links in the alternatives directory architecture dependent. This avoids conflicts when both 32-bit and
  64-bit versions are installed (bsc#1207563)   
- Fix conflicts with openblas (bsc#1207358)
- Fix build failures with GCC 10 (bsc#1166619)
- For the full list of changes and features implemented by this update please consult the release notes at:
  * https://netlib.org/lapack/lapack-3.9.0.html
  * https://netlib.org/lapack/lapack-3.8.0.html
  * https://netlib.org/lapack/lapack-3.7.0.html
  * https://netlib.org/lapack/lapack-3.6.0.html

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2023:791-1
Released:    Fri Mar 17 05:20:45 2023
Summary:     Optional update for golang-github-prometheus-node_exporter
Type:        optional
Severity:    moderate
References:  
This update for golang-github-prometheus-node_exporter fixes the following issues:
    
- Move package for SUSE Linux Enterprise Micro to the correct codestream
- No source changes

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:792-1
Released:    Fri Mar 17 05:22:08 2023
Summary:     Recommended update for gnome-shell
Type:        recommended
Severity:    moderate
References:  1205518,1207323
This update for gnome-shell fixes the following issues:

- Fix for warning messages not showing in login screen (bsc#1207323)
- Fix GNOME graphical session startup issues (bsc#1205518)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:793-1
Released:    Fri Mar 17 05:39:57 2023
Summary:     Recommended update for purge-kernels-service
Type:        recommended
Severity:    moderate
References:  1198668
This update for purge-kernels-service fixes the following issues:

- Change systemd service type to 'exec' (bsc#1198668)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:794-1
Released:    Fri Mar 17 08:42:12 2023
Summary:     Security update for python-PyJWT
Type:        security
Severity:    critical
References:  1176785,1199282,1199756,CVE-2022-29217
This update for python-PyJWT fixes the following issues:

- CVE-2022-29217: Fixed Key confusion through non-blocklisted public key formats (bsc#1199756).

- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- Update to 2.4.0 (bsc#1199756)
    - Explicit check the key for ECAlgorithm
    - Don't use implicit optionals
    - documentation fix: show correct scope 
    - fix: Update copyright information
    - Don't mutate options dictionary in .decode_complete()
    - Add support for Python 3.10
    - api_jwk: Add PyJWKSet.__getitem__
    - Update usage.rst
    - Docs: mention performance reasons for reusing RSAPrivateKey
      when encoding
    - Fixed typo in usage.rst
    - Add detached payload support for JWS encoding and decoding
    - Replace various string interpolations with f-strings by


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:795-1
Released:    Fri Mar 17 09:13:12 2023
Summary:     Security update for docker
Type:        security
Severity:    moderate
References:  1205375,1206065,CVE-2022-36109

This update for docker fixes the following issues:

Docker was updated to 20.10.23-ce.

See upstream changelog at https://docs.docker.com/engine/release-notes/#201023

Docker was updated to 20.10.21-ce (bsc#1206065)

See upstream changelog at https://docs.docker.com/engine/release-notes/#201021 

Security issues fixed:

- CVE-2022-36109: Fixed supplementary group permissions bypass (bsc#1205375)

- Fix wrong After: in docker.service, fixes bsc#1188447
- Add apparmor-parser as a Recommends to make sure that most users will end up
  with it installed even if they are primarily running SELinux.
- Allow to install container-selinux instead of apparmor-parser.
- Change to using systemd-sysusers

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:812-1
Released:    Mon Mar 20 16:32:14 2023
Summary:     Security update for SUSE Manager Client Tools
Type:        security
Severity:    important
References:  1201059,1205599,1205759,1207352,1207749,1207750,1208065,1208293,CVE-2022-23552,CVE-2022-39324,CVE-2022-41723,CVE-2022-46146

This update fixes the following issues:

dracut-saltboot:

- Update to verion 0.1.1674034019.a93ff61
  * Install copied wicked config as client.xml (bsc#1205599)
- Update to version 0.1.1673279145.e7616bd

grafana:

- CVE-2022-46146: Fix basic authentication bypass by updating the exporter
  toolkit to version 0.7.3 (bsc#1208065,)
- CVE-2022-41723: Require Go 1.19 or newer (bsc#1208293)
- Update to version 8.5.20:
  * CVE-2022-23552: Security: SVG: Add dompurify preprocessor step (bsc#1207749)
  * CVE-2022-39324: Security: Snapshots: Fix originalUrl spoof security issue
    (bsc#1207750)
  * Security: Omit error from http response 
  * Bug fix: Email and username trimming and invitation validation

spacecmd:

- Version 4.3.19-1
  * Fix spacecmd not showing any output for softwarechannel_diff
    and softwarechannel_errata_diff (bsc#1207352)
  * Prevent string api parameters to be parsed as dates if not in
    ISO-8601 format (bsc#1205759)

spacewalk-client-tools:

- Version 4.3.15-1
  * Update translation strings

supportutils-plugin-salt:

- Update to version 1.2.2
  * Remove possible passwords from Salt configuration files (bsc#1201059)

uyuni-proxy-systemd-services:

- Version 4.3.8-1
  * Allow using container images from different registry paths


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:835-1
Released:    Tue Mar 21 07:37:09 2023
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    important
References:  1208144,CVE-2023-25748,CVE-2023-25749,CVE-2023-25750,CVE-2023-25751,CVE-2023-25752,CVE-2023-28159,CVE-2023-28160,CVE-2023-28161,CVE-2023-28162,CVE-2023-28163,CVE-2023-28164,CVE-2023-28176,CVE-2023-28177
This update for MozillaFirefox fixes the following issues:

Update to version 102.9.0 ESR (bsc#1209173):

- CVE-2023-28159: Fullscreen Notification could have been hidden by download popups on Android
- CVE-2023-25748: Fullscreen Notification could have been hidden by window prompts on Android
- CVE-2023-25749: Firefox for Android may have opened third-party apps without a prompt
- CVE-2023-25750: Potential ServiceWorker cache leak during private browsing mode
- CVE-2023-25751: Incorrect code generation during JIT compilation
- CVE-2023-28160: Redirect to Web Extension files may have leaked local path
- CVE-2023-28164: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation
- CVE-2023-28161: One-time permissions granted to a local file were extended to other local files loaded in the same tab
- CVE-2023-28162: Invalid downcast in Worklets
- CVE-2023-25752: Potential out-of-bounds when accessing throttled streams
- CVE-2023-28163: Windows Save As dialog resolved environment variables
- CVE-2023-28176: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9
- CVE-2023-28177: Memory safety bugs fixed in Firefox 111

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:868-1
Released:    Wed Mar 22 09:41:01 2023
Summary:     Security update for python3
Type:        security
Severity:    important
References:  1203355,1208471,CVE-2023-24329
This update for python3 fixes the following issues:

- CVE-2023-24329: Fixed a blocklist bypass via the urllib.parse component when supplying a URL that starts with blank characters (bsc#1208471).

The following non-security bug was fixed:

- Eliminate unnecessary and dangerous calls to PyThread_exit_thread() (bsc#1203355).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:871-1
Released:    Wed Mar 22 14:32:45 2023
Summary:     Security update for container-suseconnect
Type:        security
Severity:    important
References:  1200441,1206134,1208270,1208271,1208272,1209030,CVE-2022-41720,CVE-2022-41723,CVE-2022-41724,CVE-2022-41725,CVE-2023-24532

This update of container-suseconnect fixes the following issue:

- container-suseconnect was rebuilt against the current go1.19 release, fixing security issues and other bugs fixed in go1.19.7.

- CVE-2022-41723: Fixed quadratic complexity in HPACK decoding (bsc#1208270).
- CVE-2022-41724: Fixed panic with arge handshake records in crypto/tls (bsc#1208271).
- CVE-2022-41725: Fixed denial of service from excessive resource consumption in net/http and mime/multipart (bsc#1208272).
- CVE-2023-24532: Fixed incorrect P-256 ScalarMult and ScalarBaseMult results (bsc#1209030).

- CVE-2022-41720: os, net/http: avoid escapes from os.DirFS and http.Dir on Windows (bsc#1206134).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:875-1
Released:    Wed Mar 22 19:17:54 2023
Summary:     Recommended update for sg3_utils
Type:        recommended
Severity:    moderate
References:  1207706
This update for sg3_utils fixes the following issues:

- Speed large multipath scans (bsc#1207706)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1571-1
Released:    Fri Mar 24 13:45:05 2023
Summary:     Security update for helm
Type:        security
Severity:    moderate
References:  1208084,CVE-2023-25165
This update for helm fixes the following issues:

Update to version 3.11.1 (bsc#1208084):

- CVE-2023-25165: Fixed a information disclosure problem via getHostByName injection inside a chart to get values to a malicious DNS server.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1581-1
Released:    Mon Mar 27 10:31:20 2023
Summary:     Security update for ceph
Type:        security
Severity:    important
References:  1187748,1188911,1192838,1192840,1196046,1199183,1200262,1200317,1200501,1200978,1201604,1201797,1201837,1201976,1202077,1202292,1203375,1204430,1205025,1205436,1206158,CVE-2022-0670,CVE-2022-3650,CVE-2022-3854
This update for ceph fixes the following issues:

Security issues fixed:

- CVE-2022-0670: Fixed user/tenant read/write access to an entire file system (bsc#1201837).
- CVE-2022-3650: Fixed Python script that allowed privilege escalation from ceph to root (bsc#1204430).
- CVE-2022-3854: Fixed possible DoS issue in ceph URL processing on RGW backends (bsc#1205025).

Bug fixes:

- osd, tools, kv: non-aggressive, on-line trimming of accumulated dups (bsc#1199183).
- ceph-volume: fix fast device alloc size on mulitple device  (bsc#1200262).
- cephadm: update monitoring container images (bsc#1200501).
- mgr/dashboard: prevent alert redirect (bsc#1200978).
- mgr/volumes: Add subvolumegroup resize cmd (bsc#1201797).
- monitoring/ceph-mixin: add RGW host to label info (bsc#1201976).
- mgr/dashboard: enable addition of custom Prometheus alerts (bsc#1202077).
- python-common: Add 'KB' to supported suffixes in SizeMatcher (bsc#1203375).
- mgr/dashboard: fix rgw connect when using ssl (bsc#1205436).
- ceph.spec.in: Add -DFMT_DEPRECATED_OSTREAM to CXXFLAGS (bsc#1202292).
- cephfs-shell: move source to separate subdirectory (bsc#1201604).

Fix in previous release:

- mgr/cephadm: try to get FQDN for configuration files (bsc#1196046).
- When an RBD is mapped, it is attempted to be deployed as an OSD. (bsc#1187748).
- OSD marked down causes wrong backfill_toofull (bsc#1188911).
- cephadm: Fix iscsi client caps (allow mgr <service status> calls) (bsc#1192838).
- mgr/cephadm: fix and improve osd draining (bsc#1200317).
- add iscsi and nfs to upgrade process (bsc#1206158).
- mgr/mgr_module.py: CLICommand: Fix parsing of kwargs arguments (bsc#1192840).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1582-1
Released:    Mon Mar 27 10:31:52 2023
Summary:     Security update for curl
Type:        security
Severity:    moderate
References:  1209209,1209210,1209211,1209212,1209214,CVE-2023-27533,CVE-2023-27534,CVE-2023-27535,CVE-2023-27536,CVE-2023-27538
This update for curl fixes the following issues:
  
- CVE-2023-27533: Fixed TELNET option IAC injection (bsc#1209209).
- CVE-2023-27534: Fixed SFTP path ~ resolving discrepancy (bsc#1209210).
- CVE-2023-27535: Fixed FTP too eager connection reuse (bsc#1209211).
- CVE-2023-27536: Fixed GSS delegation too eager connection reuse (bsc#1209212).
- CVE-2023-27538: Fixed SSH connection too eager reuse still (bsc#1209214).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1593-1
Released:    Mon Mar 27 20:12:54 2023
Summary:     Recommended update for certification-sles-eal4
Type:        recommended
Severity:    moderate
References:  1199905
This update for certification-sles-eal4 fixes the following issues:

- Update to version 15.2+git20230219.8d115ca:
  * fixed setenv syntax for CSH configuration script (bsc#1199905)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1617-1
Released:    Tue Mar 28 10:52:29 2023
Summary:     Recommended update for exfatprogs
Type:        recommended
Severity:    moderate
References:  1193534
This update for exfatprogs fixes the following issues:

- Fix mkfs on block devices with 4K sector sizes (bsc#1193534)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1618-1
Released:    Tue Mar 28 10:52:41 2023
Summary:     Recommended update for tgt
Type:        recommended
Severity:    moderate
References:  1206639
This update for tgt fixes the following issues:

- update to 1.0.85
  - Packaging cleanup and fixes. (bsc#1206639)
  - Remove duplicate includes.
  - Fix blank documentation line in service file.
  - Target bound initiator-name but client cannot discovery the target device.
  - Fix FMK and other flags.
  - README fixes.
  - Add LICENSE file.
  - Replace sourceforge with github.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1628-1
Released:    Tue Mar 28 12:28:51 2023
Summary:     Security update for containerd
Type:        security
Severity:    important
References:  1206235,CVE-2022-23471
This update for containerd fixes the following issues:

- CVE-2022-23471: Fixed host memory exhaustion through Terminal resize goroutine leak (bsc#1206235).

- Re-build containerd to use updated golang-packaging (jsc#1342).
- Update to containerd v1.6.16 for Docker v23.0.0-ce.
  * https://github.com/containerd/containerd/releases/tag/v1.6.16


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1632-1
Released:    Tue Mar 28 12:53:57 2023
Summary:     Recommended update for java-17-openjdk
Type:        recommended
Severity:    important
References:  1206549
This update for java-17-openjdk fixes the following issues:

- Remove the accessibility RPM sub-package because it causes problems (bsc#1206549)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1648-1
Released:    Tue Mar 28 17:35:00 2023
Summary:     Recommended update for maven-resolver
Type:        recommended
Severity:    moderate
References:  1209461

This update for maven-resolver fixes a issue on Leap 15.4.

- maven-resolver-named-locks was not shipped (bsc#1209461)


-----------------------------------------------------------------
Advisory ID: SUSE-feature-2023:1656-1
Released:    Wed Mar 29 09:18:11 2023
Summary:     Feature update for imb and munge
Type:        feature
Severity:    important
References:  
This update for imb and munge fixes the following issues:

imb:

- Version update from 2021.2 to 2021.3: (jsc#PED-2804, jsc#PED-3021):
  * Change the default value for `mem_alloc_type` from `cpu` to `device`
  * License update
  * Minor bug fixes
- New RPM packages shipped:
  * imb_2021_3-gnu-mpich-hpc
  * imb_2021_3-gnu-mvapich2-hpc
  * imb_2021_3-gnu-openmpi3-hpc 
  * imb_2021_3-gnu-openmpi4-hpc

munge:

- Version update from 0.5.14 to 0.5.15 (jsc#PED-2804, jsc#PED-3016): 
  * Added support for OpenSSL 3.0.
  * Fixed 'make install' conflict with systemd RuntimeDirectory.
  * Fixed big-endian bug causing failures on s390x architecture.
  * Fixed systemd service unit conf to wait until network is online.
  * Fixed excessive logging of 'suspended new connections'.
  * Fixed gcry_check_version(GCRYPT_VERSION) bug.
  * Fixed sending repeated SIGTERMs to signal stop.
  * Fixed failure to clean up socket or create seedfile having relative path.
  * Fixed test suite to clean up errant processes from failed tests.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1657-1
Released:    Wed Mar 29 09:38:32 2023
Summary:     Security update for rubygem-loofah
Type:        security
Severity:    important
References:  1206415,1206416,1206417,CVE-2022-23514,CVE-2022-23515,CVE-2022-23516
This update for rubygem-loofah fixes the following issues:

- CVE-2022-23514: Fixed inefficient regular expression leading to denial of service (bsc#1206415).
- CVE-2022-23515: Fixed improper neutralization of data URIs leading to Cross Site Scripting (bsc#1206417).
- CVE-2022-23516: Fixed uncontrolled Recursion leading to denial of service (bsc#1206416).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1658-1
Released:    Wed Mar 29 09:44:07 2023
Summary:     Security update for apache2
Type:        security
Severity:    important
References:  1207327,1208708,1209047,1209049,CVE-2023-25690,CVE-2023-27522
This update for apache2 fixes the following issues:

- CVE-2023-27522: Fixed HTTP response splitting in mod_proxy_uwsgi (bsc#1209049).
- CVE-2023-25690: Fixed HTTP request splitting with mod_rewrite and mod_proxy (bsc#1209047).

The following non-security bugs were fixed:

- Fixed mod_proxy handling of very long urls (bsc#1207327)
- Fixed passing health check does not recover worker from its error state (bsc#1208708).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1662-1
Released:    Wed Mar 29 10:36:23 2023
Summary:     Recommended update for patterns-base
Type:        recommended
Severity:    moderate
References:  1203537
This update for patterns-base fixes the following issues:

- change label of FIPS 140-2 to 140-3 to reflect our current certifications (bsc#1203537)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1668-1
Released:    Wed Mar 29 13:26:51 2023
Summary:     Recommended update for firewalld
Type:        recommended
Severity:    moderate
References:  1206928
This update for firewalld fixes the following issues:

- Fix `firewall-offline-cmd` command failing with error (bsc#1206928)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1671-1
Released:    Wed Mar 29 13:48:18 2023
Summary:     Recommended update for pkcs11-helper
Type:        recommended
Severity:    moderate
References:  1175219
This update for pkcs11-helper fixes the following issues:

- Fix a problem with inconsistent padding between OpenSSL and pkcs11-helper (bsc#1175219)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1673-1
Released:    Wed Mar 29 15:06:13 2023
Summary:     Security update for xstream
Type:        security
Severity:    important
References:  1203520,1206729,CVE-2022-40151,CVE-2022-41966
This update for xstream fixes the following issues:

- CVE-2022-40151: Fixed stackoverflow in XML serialization (bsc#1203520).
- CVE-2022-41966: Fixed denial of service via uncontrolled recursion during deserialization (bsc#1206729).


- Upgrade to 1.4.20.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1678-1
Released:    Wed Mar 29 15:35:26 2023
Summary:     Security update for xorg-x11-server
Type:        security
Severity:    important
References:  1209543,CVE-2023-1393
This update for xorg-x11-server fixes the following issues:

- CVE-2023-1393: Fixed use-after-free overlay window (ZDI-CAN-19866) (bsc#1209543).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1685-1
Released:    Wed Mar 29 16:40:35 2023
Summary:     Security update for rubygem-rack
Type:        security
Severity:    moderate
References:  1209503,CVE-2023-27539
This update for rubygem-rack fixes the following issues:

- CVE-2023-27539: Fixed denial of service in header parsing (bsc#1209503).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1686-1
Released:    Wed Mar 29 16:56:02 2023
Summary:     Security update for libmicrohttpd
Type:        security
Severity:    moderate
References:  1208745,CVE-2023-27371
This update for libmicrohttpd fixes the following issues:

- CVE-2023-27371: Fixed a parser bug that could be used to crash servers using the MHD_PostProcessor (bsc#1208745).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1688-1
Released:    Wed Mar 29 18:19:10 2023
Summary:     Security update for zstd
Type:        security
Severity:    moderate
References:  1209533,CVE-2022-4899
This update for zstd fixes the following issues:

- CVE-2022-4899: Fixed buffer overrun in util.c (bsc#1209533).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1690-1
Released:    Wed Mar 29 22:09:42 2023
Summary:     Security update for testng
Type:        security
Severity:    important
References:  1205628,CVE-2022-4065
This update for testng fixes the following issues:

- CVE-2022-4065: Fixed a path traversal in zip files (bsc#1205628).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1692-1
Released:    Thu Mar 30 09:52:06 2023
Summary:     Recommended update for libpulp
Type:        recommended
Severity:    moderate
References:  1208575
This update for libpulp fixes the following issues:

Update package with libpulp-0.2.8:

* Fixed a bug where libpulp rejected correct ELF files as library input.
* Fixed a file descriptor leak when -check-stack is passed to ulp.
* Fixed a bug where ulp did not shown libcrypto.so.1.1 as a livepatchable library (bsc#1208575)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1693-1
Released:    Thu Mar 30 10:16:39 2023
Summary:     Security update for python-Werkzeug
Type:        security
Severity:    important
References:  1208283,CVE-2023-25577
This update for python-Werkzeug fixes the following issues:

- CVE-2023-25577: Fixed high resource usage when parsing multipart form data with many fields (bsc#1208283).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1696-1
Released:    Thu Mar 30 11:35:32 2023
Summary:     Recommended update for cloud-regionsrv-client
Type:        recommended
Severity:    moderate
References:  1207133,1208097,1208099
This update for cloud-regionsrv-client fixes the following issues:

- Update to version 10.1.0 (bsc#1207133, bsc#1208097, bsc#1208099)
- Removes a warning about system_token entry present in the credentials file.
- Adds logrotate configuration for log rotation.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1697-1
Released:    Thu Mar 30 11:37:19 2023
Summary:     Recommended update for bind
Type:        recommended
Severity:    moderate
References:  
This update for bind fixes the following issues:

- A constant stream of zone additions and deletions via rndc reconfig could cause increased memory consumption due to
delayed cleaning of view memory.
- The speed of the message digest algorithms (MD5, SHA-1, SHA-2) and of NSEC3 hashing has been improved.
- Building BIND 9 failed when the --enable-dnsrps switch for ./configure was used. (jsc#SLE-24600)
- Updated keyring and signature

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1702-1
Released:    Thu Mar 30 15:23:23 2023
Summary:     Security update for shim
Type:        security
Severity:    important
References:  1185232,1185261,1185441,1185621,1187071,1187260,1193282,1198458,1201066,1202120,1205588,CVE-2022-28737
This update for shim fixes the following issues:

- Updated shim signature after shim 15.7 be signed back:
  signature-sles.x86_64.asc, signature-sles.aarch64.asc (bsc#1198458)

- Add POST_PROCESS_PE_FLAGS=-N to the build command in shim.spec to
  disable the NX compatibility flag when using post-process-pe because
  grub2 is not ready. (bsc#1205588)

- Enable the NX compatibility flag by default. (jsc#PED-127) 

Update to 15.7 (bsc#1198458) (jsc#PED-127):

- Make SBAT variable payload introspectable
- Reference MokListRT instead of MokList
- Add a link to the test plan in the readme.
- [V3] Enable TDX measurement to RTMR register
- Discard load-options that start with a NUL
- Fixed load_cert_file bugs
- Add -malign-double to IA32 compiler flags
- pe: Fix image section entry-point validation
- make-archive: Build reproducible tarball
- mok: remove MokListTrusted from PCR 7

Other fixes:

- Support enhance shim measurement to TD RTMR. (jsc#PED-1273) 

- shim-install: ensure grub.cfg created is not overwritten after installing grub related files
- Add logic to shim.spec to only set sbat policy when efivarfs is writeable.  (bsc#1201066)
- Add logic to shim.spec for detecting --set-sbat-policy option before using mokutil to set sbat policy. (bsc#1202120)
- Change the URL in SBAT section to mail:security@suse.de. (bsc#1193282)

Update to 15.6 (bsc#1198458):

- MokManager: removed Locate graphic output protocol fail error message
- shim: implement SBAT verification for the shim_lock protocol
- post-process-pe: Fix a missing return code check
- Update github actions matrix to be more useful
- post-process-pe: Fix format string warnings on 32-bit platforms
- Allow MokListTrusted to be enabled by default
- Re-add ARM AArch64 support
- Use ASCII as fallback if Unicode Box Drawing characters fail
- make: don't treat cert.S specially
- shim: use SHIM_DEVEL_VERBOSE when built in devel mode
- Break out of the inner sbat loop if we find the entry.
- Support loading additional certificates
- Add support for NX (W^X) mitigations.
- Fix preserve_sbat_uefi_variable() logic
- SBAT Policy latest should be a one-shot
- pe: Fix a buffer overflow when SizeOfRawData > VirtualSize
- pe: Perform image verification earlier when loading grub
- Update advertised sbat generation number for shim
- Update SBAT generation requirements for 05/24/22
- Also avoid CVE-2022-28737 in verify_image() by @vathpela

Update to 15.5 (bsc#1198458):

- Broken ia32 relocs and an unimportant submodule change.
- mok: allocate MOK config table as BootServicesData
- Don't call QueryVariableInfo() on EFI 1.10 machines (bsc#1187260)
- Relax the check for import_mok_state()  (bsc#1185261)
- SBAT.md: trivial changes
- shim: another attempt to fix load options handling
- Add tests for our load options parsing.
- arm/aa64: fix the size of .rela* sections
- mok: fix potential buffer overrun in import_mok_state
- mok: relax the maximum variable size check
- Don't unhook ExitBootServices when EBS protection is disabled
- fallback: find_boot_option() needs to return the index for the boot entry in optnum
- httpboot: Ignore case when checking HTTP headers
- Fallback allocation errors
- shim: avoid BOOTx64.EFI in message on other architectures
- str: remove duplicate parameter check
- fallback: add compile option FALLBACK_NONINTERACTIVE
- Test mok mirror
- Modify sbat.md to help with readability.
- csv: detect end of csv file correctly
- Specify that the .sbat section is ASCII not UTF-8
- tests: add 'include-fixed' GCC directory to include directories
- pe: simplify generate_hash()
- Don't make shim abort when TPM log event fails (RHBZ #2002265)
- Fallback to default loader if parsed one does not exist
- fallback: Fix for BootOrder crash when index returned
- Better console checks
- docs: update SBAT UEFI variable name
- Don't parse load options if invoked from removable media path
- fallback: fix fallback not passing arguments of the first boot option
- shim: Don't stop forever at 'Secure Boot not enabled' notification
- Allocate mokvar table in runtime memory.
- Remove post-process-pe on 'make clean'
- pe: missing perror argument


- CVE-2022-28737: Fixed a buffer overflow when SizeOfRawData > VirtualSize (bsc#1198458)

- Add mokutil command to post script for setting sbat policy to latest mode
  when the SbatPolicy-605dab50-e046-4300-abb6-3dd810dd8b23 is not created.
  (bsc#1198458)

- Updated vendor dbx binary and script (bsc#1198458)

  - Updated dbx-cert.tar.xz and vendor-dbx-sles.bin for adding
    SLES-UEFI-SIGN-Certificate-2021-05.crt to vendor dbx list.
  - Updated dbx-cert.tar.xz and vendor-dbx-opensuse.bin for adding
    openSUSE-UEFI-SIGN-Certificate-2021-05.crt to vendor dbx list.
  - Updated vendor-dbx.bin for adding SLES-UEFI-SIGN-Certificate-2021-05.crt
    and openSUSE-UEFI-SIGN-Certificate-2021-05.crt for testing environment.
  - Updated generate-vendor-dbx.sh script for generating a vendor-dbx.bin
    file which includes all .der for testing environment.

- avoid buffer overflow when copying data to the MOK config table (bsc#1185232)
- Disable exporting vendor-dbx to MokListXRT since writing a large RT variable could crash some machines (bsc#1185261)
- ignore the odd LoadOptions length (bsc#1185232)
- shim-install: reset def_shim_efi to 'shim.efi' if the given file doesn't exist
- relax the maximum variable size check for u-boot (bsc#1185621)
- handle ignore_db and user_insecure_mode correctly (bsc#1185441, bsc#1187071)

- Split the keys in vendor-dbx.bin to vendor-dbx-sles and
  vendor-dbx-opensuse for shim-sles and shim-opensuse to reduce
  the size of MokListXRT (bsc#1185261) 
  + Also update generate-vendor-dbx.sh in dbx-cert.tar.xz

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1703-1
Released:    Thu Mar 30 16:15:19 2023
Summary:     Security update for openssl-1_0_0
Type:        security
Severity:    moderate
References:  1202062,1209624,CVE-2023-0464
This update for openssl-1_0_0 fixes the following issues:

Security fixes:

- CVE-2023-0464: Fixed excessive Resource Usage Verifying X.509 Policy Constraints (bsc#1209624).

Other fixes:

- Fix DH key generation in FIPS mode, add support for constant BN for DH parameters (bsc#1202062)

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2023:1706-1
Released:    Fri Mar 31 05:31:07 2023
Summary:     Feature update for spack
Type:        feature
Severity:    important
References:  1195391,1207053,1207784,1208751
This update for spack fixes the following issues:

Version update from 0.17.1 to 0.19.1 (jsc#PED-2803, jsc#PED-3000):

- For the full list of features and upstream fixes implemented by this update please consult the release notes at:
  * https://github.com/spack/spack/releases/tag/v0.19.1
  * https://github.com/spack/spack/releases/tag/v0.19.0
  * https://github.com/spack/spack/releases/tag/v0.18.1
  * https://github.com/spack/spack/releases/tag/v0.18.0

- Bug fixes and improvements:
  * Make sure the spack environment is set up correctly in spack-generated Dockerfiles (bsc#1207784)
  * Fix MPI packages not being recognized any more (bsc#1208751)
  * Fix syntax in post scripts (bsc#1195391)
  * Fix var_path which that is set incorrectly in version 0.19.0 (bsc#1207053)
  * Move repositories to `/usr/share/spack`: `/var` is strictly for local data
  * Improve error message for requirements
  * Fix libtool filter for Fujitsu compilers
  * Fix `spack mirror create` to not change paths to urls    

- Improve `run-find-external.sh` script:
  * Extend to run `spack compiler find`
  * Separate triggers for packages and compilers
  * Better handle when search patterns match multiple directories

- Removals and Deprecations:
  * Support for Python 3.5 is dropped. Only Python 3.6+ are officially supported.
  * `LD_LIBRARY_PATH` is no longer set by default by spack load or module loads. Setting `LD_LIBRARY_PATH` in Spack 
    environments/modules can cause binaries from outside of Spack to crash, and Spack's own builds use `RPATH` and do 
    not need `LD_LIBRARY_PATH` set in order to run. If you still want the old behavior, you can run these commands to
    configure Spack to set LD_LIBRARY_PATH:
    `spack config add modules:prefix_inspections:lib64:[LD_LIBRARY_PATH]`
    `spack config add modules:prefix_inspections:lib:[LD_LIBRARY_PATH]`
  * The `spack:concretization:[together|separately]` has been deprecatred. Now use `concretizer:unify:[true|false]`
  * `config:module_roots` is no longer supported. Use configuration in module sets instead
  * `spack activate` and `spack deactivate` are no longer supported, having been deprecated in v0.18. Use an environment
    with a view instead of activating/deactivating (docs)
  * The old YAML format for buildcaches is now deprecated. If you are using an old buildcache with YAML metadata you
    will need to regenerate it with JSON metadata.
  * `spack bootstrap trust` and `spack bootstrap untrust` are deprecated in favor of `spack bootstrap enable` and
    `spack bootstrap disable`
  * The `graviton2` architecture has been renamed to `neoverse_n1`, and `graviton3`
    is now `neoverse_v1`. Buildcaches using the old architecture names will need to be rebuilt
  * The terms 'blacklist' and 'whitelist' have been replaced with 'include' and 'exclude' in all configuration files. 
    You can use `spack config update` to automatically fix your configuration files

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1707-1
Released:    Fri Mar 31 05:31:46 2023
Summary:     Recommended update for hdf5
Type:        recommended
Severity:    important
References:  1209548
This update for hdf5 fixes the following issues:

- Remove timestamp/buildhost/kernel version from libhdf5.settings (bsc#1209548)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1718-1
Released:    Fri Mar 31 15:47:34 2023
Summary:     Security update for glibc
Type:        security
Severity:    moderate
References:  1207571,1207957,1207975,1208358,CVE-2023-0687
This update for glibc fixes the following issues:

Security issue fixed:

- CVE-2023-0687: Fix allocated buffer overflow in gmon (bsc#1207975)

Other issues fixed:

- Fix avx2 strncmp offset compare condition check (bsc#1208358)
- elf: Allow dlopen of filter object to work (bsc#1207571)
- powerpc: Fix unrecognized instruction errors with recent GCC
- x86: Cache computation for AMD architecture (bsc#1207957)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1723-1
Released:    Mon Apr  3 09:51:21 2023
Summary:     Recommended update for google-cloud-sap-agent
Type:        recommended
Severity:    moderate
References:  
This update for google-cloud-sap-agent fixes the following issues:


- Initial build (jsc#PED-2879, jsc#PED-2921)
 
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1725-1
Released:    Mon Apr  3 10:12:35 2023
Summary:     Recommended update for openvpn
Type:        recommended
Severity:    moderate
References:  1202792
This update for openvpn fixes the following issues:

- Add back `--enable-iproute2` as default option (bsc#1202792)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1729-1
Released:    Mon Apr  3 10:53:10 2023
Summary:     Recommended update for python-yarl
Type:        recommended
Severity:    important
References:  
This update for python-yarl fixes the following issues:

- Skip failing tests to resolve build failures

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1732-1
Released:    Mon Apr  3 11:31:18 2023
Summary:     Recommended update for google-noto-sans-cjk-fonts
Type:        recommended
Severity:    low
References:  1203741
This update for google-noto-sans-cjk-fonts fixes the following issues:

- Solved a 'Fails to Build From Source' (FTBFS) issue. (bsc#1203741)
- Use '%license' to store OFL license text instead of '%doc'

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1733-1
Released:    Mon Apr  3 11:53:53 2023
Summary:     Security update for ImageMagick
Type:        security
Severity:    moderate
References:  1209141,CVE-2023-1289
This update for ImageMagick fixes the following issues:

- CVE-2023-1289: Fixed segmentation fault and possible DoS via specially crafted SVG. (bsc#1209141)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1736-1
Released:    Mon Apr  3 13:12:52 2023
Summary:     Security update for MozillaThunderbird
Type:        security
Severity:    important
References:  1209173,1209953,CVE-2023-25751,CVE-2023-25752,CVE-2023-28162,CVE-2023-28163,CVE-2023-28164,CVE-2023-28176,CVE-2023-28427
This update for MozillaThunderbird fixes the following issues:

MFSA 2023-12 (bsc#1209953):

- CVE-2023-28427: Matrix SDK bundled with Thunderbird vulnerable to denial-of-service attack (bmo#1822595)

MFSA 2023-11 (bsc#1209173):

- CVE-2023-25751: Incorrect code generation during JIT compilation (bmo#1814899).
- CVE-2023-28164: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation (bmo#1809122).
- CVE-2023-28162: Invalid downcast in Worklets (bmo#1811327).
- CVE-2023-25752: Potential out-of-bounds when accessing throttled streams (bmo#1811627).
- CVE-2023-28163: Windows Save As dialog resolved environment variables (bmo#1817768)
- CVE-2023-28176: Memory safety bugs fixed in Thunderbird 102.9 (bmo#1808352, bmo#1811637, bmo#1815904, bmo#1817442, bmo#1818674).
  
Mozilla Thunderbird 102.9:
  
- fixed: Notification about a sender's changed OpenPGP key was not immediately visible (bmo#1814003)
- fixed: TLS Certificate Override dialog did not appear when retrieving messages via IMAP using 'Get Messages' context menu (bmo#1816596)
- fixed: Spellcheck dictionaries were missing from localized Thunderbird builds that should have included them (bmo#1818257)
- fixed: Tooltips for 'Show/Hide' calendar toggle did not display (bmo#1809557)
- fixed: Various security fixes  
    
Mozilla Thunderbird 102.9.1:

- fixed: Thunderbird was unable to open file URLs from command line (URLs beginning with 'file://') (bmo#1816343)
- fixed: Source strings for localized builds not uploaded to FTP as expected (bmo#1817086)
- fixed: Visual and theme improvements (bmo#1821358, bmo#1822286)
- fixed: Security fixes

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1739-1
Released:    Mon Apr  3 17:14:29 2023
Summary:     Security update for pgadmin4
Type:        security
Severity:    moderate
References:  1207238,CVE-2023-22298
This update for pgadmin4 fixes the following issues:

- CVE-2023-22298: Fixed an open redirect vulnerability (bsc#1207238). 

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1741-1
Released:    Mon Apr  3 22:20:42 2023
Summary:     Recommended update for pmix
Type:        recommended
Severity:    important
References:  1209260,1209473
This update for pmix fixes the following issues:

- Move the requirement for pmix-runtime-config to libpmix2 and make it version-independent (bsc#1209473)    
- Fix for Slurm requiring pmix-devel (bsc#1209260)
- New subpackages:
  * pmix-munge-plugin: Includes the psec munge plugin, to avoid dependency issues with the main package
  * pmix-test: Test package that includes Pmix to give users the opportunity to test their setup. Test files are
    installed in `/usr/lib/pmix/tests` to avoid conflicts on 32 bits systems

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1742-1
Released:    Tue Apr  4 07:47:42 2023
Summary:     Recommended update for gdm
Type:        recommended
Severity:    moderate
References:  1205664
This update for gdm fixes the following issues:

- Update gdm-fingerprint.pamd and gdm-smartcard.pamd with correct configuration to make them work (bsc#1205664)
- Enable split authentication
- Made preparations for first boot setup for a possible implementation in a future release of
  SUSE Linux Enterprise Desktop (jsc#PED-1719)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1744-1
Released:    Tue Apr  4 07:49:48 2023
Summary:     Recommended update for patterns-gnome
Type:        recommended
Severity:    moderate
References:  1203966
This update for patterns-gnome fixes the following issues:

- Add requirement for xorg-x11-fonts to fix gnome-shell starting failure (bsc#1203966)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1751-1
Released:    Tue Apr  4 10:31:40 2023
Summary:     Recommended update for clone-master-clean-up
Type:        recommended
Severity:    moderate
References:  1207993
This update for clone-master-clean-up fixes the following issue:

- clone-master-clean-up fails when /etc/iscsi/initiatorname.iscsi doesn't exist (bsc#1207993)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1752-1
Released:    Tue Apr  4 11:51:52 2023
Summary:     Security update for terraform-provider-helm
Type:        security
Severity:    moderate
References:  1208086,CVE-2023-25165
This update for terraform-provider-helm fixes the following issues:

  Updated terraform-provider-helm to version 2.9.0:

  - CVE-2023-25165: Fixed getHostByName Function Information Disclosure in helm embedded in the package (bsc#1208086).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1757-1
Released:    Tue Apr  4 13:18:19 2023
Summary:     Recommended update for smartmontools
Type:        recommended
Severity:    important
References:  1208905
This update for smartmontools fixes the following issues:

- Fix `smartctl` issue affecting NVMe on big endian systems (bsc#1208905)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1762-1
Released:    Tue Apr  4 14:32:39 2023
Summary:     Security update for wireshark
Type:        security
Severity:    moderate
References:  1208914,CVE-2023-1161
This update for wireshark fixes the following issues:

- CVE-2023-1161: Fixed crash in ISO 15765 and ISO 10681 dissector (bsc#1208914).
  
Update to 3.6.12:
* https://www.wireshark.org/docs/relnotes/wireshark-3.6.12.html

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1765-1
Released:    Tue Apr  4 15:15:03 2023
Summary:     Recommended update for rust, rust1.68
Type:        recommended
Severity:    moderate
References:  
This update for rust, rust1.68 fixes the following issues:

Changes in rust:

- Update to version 1.68.0 - for details see the rust1.68 package

Changes in rust1.68:

- Re-add obsoletes on rust1.62 to prevent file conflicts.

Version 1.68.0 (2023-03-09)
==========================

Language
--------

- Stabilize default_alloc_error_handler
  This allows usage of `alloc` on stable without requiring the 
  definition of a handler for allocation failure. Defining custom handlers is still unstable.
- Stabilize `efiapi` calling convention.
- Remove implicit promotion for types with drop glue

Compiler
--------

- Change `bindings_with_variant_name` to deny-by-default
- Allow .. to be parsed as let initializer
- Add `armv7-sony-vita-newlibeabihf` as a tier 3 target
- Always check alignment during compile-time const evaluation
- Disable 'split dwarf inlining' by default.
- Add vendor to Fuchsia's target triple
- Enable sanitizers for s390x-linux

Libraries
---------

- Loosen the bound on the Debug implementation of Weak.
- Make `std::task::Context` !Send and !Sync
- PhantomData layout guarantees
- Don't derive Debug for `OnceWith` & `RepeatWith`
- Implement DerefMut for PathBuf
- Add O(1) `Vec -> VecDeque` conversion guarantee
- Leak amplification for peek_mut() to ensure BinaryHeap's invariant is always met

Stabilized APIs
---------------

- `{core,std}::pin::pin!`
- `impl From<bool> for {f32,f64}`
- `std::path::MAIN_SEPARATOR_STR`
- `impl DerefMut for PathBuf`

These APIs are now stable in const contexts:

- `VecDeque::new`

Cargo
-----

- Stabilize sparse registry support for crates.io
- `cargo build --verbose` tells you more about why it recompiles.
- Show progress of crates.io index update even `net.git-fetch-with-cli` option enabled
<a id='1.68.0-Misc'></a>

Misc
----

Compatibility Notes
-------------------

- Add `SEMICOLON_IN_EXPRESSIONS_FROM_MACROS` to future-incompat report
- Only specify `--target` by default for `-Zgcc-ld=lld` on wasm
- Bump `IMPLIED_BOUNDS_ENTAILMENT` to Deny + ReportNow
- `std::task::Context` no longer implements Send and Sync

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1766-1
Released:    Wed Apr  5 09:43:00 2023
Summary:     Security update for libheif
Type:        security
Severity:    moderate
References:  CVE-2023-0996
This update for libheif fixes the following issues:

- CVE-2023-0996: Fixed a buffer overflow in heif_js_decode_image (bsc#1208640).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1768-1
Released:    Wed Apr  5 10:30:50 2023
Summary:     Security update for skopeo
Type:        security
Severity:    moderate
References:  

This update for skopeo fixes the following issue:

- rebuild against the current go1.19 version to make sure bugs and security issues are fixed.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1769-1
Released:    Wed Apr  5 11:07:45 2023
Summary:     Security update for tomcat
Type:        security
Severity:    important
References:  1208513,1209622,CVE-2023-24998,CVE-2023-28708
This update for tomcat fixes the following issues:

- CVE-2023-28708: Fixed information disclosure by not including the secure attribute (bsc#1209622).
- CVE-2023-24998: Fixed FileUpload deny-of-service with excessive parts (bsc#1208513). 

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1771-1
Released:    Wed Apr  5 12:36:29 2023
Summary:     Security update for liblouis
Type:        security
Severity:    important
References:  1209429,1209432,CVE-2023-26767,CVE-2023-26769
This update for liblouis fixes the following issues:
 
- CVE-2023-26767: Fixed buffer overflow vulnerability in lou_logFile function (bsc#1209429).
- CVE-2023-26769: Fixed buffer Overflow vulnerability in resolveSubtable function (bsc#1209432).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1779-1
Released:    Thu Apr  6 08:16:58 2023
Summary:     Recommended update for systemd
Type:        recommended
Severity:    moderate
References:  1208432
This update for systemd fixes the following issues:

- Fix return non-zero value when disabling SysVinit service (bsc#1208432)
- Drop build requirement on libpci, it's not no longer needed
- Move systemd-boot and all components managing (secure) UEFI boot into udev
  sub-package, so they aren't installed in systemd based containers

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1784-1
Released:    Thu Apr  6 08:25:56 2023
Summary:     Recommended update for python-parallax
Type:        recommended
Severity:    moderate
References:  1208817
This update for python-parallax fixes the following issues:

- Fix command failure when thread is started more than once (bsc#1208817)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1788-1
Released:    Thu Apr  6 12:34:07 2023
Summary:     Security update for libgit2
Type:        security
Severity:    moderate
References:  1207364,CVE-2023-22742
This update for libgit2 fixes the following issues:

 - CVE-2023-22742: Verify ssh remote host keys (bsc#1207364)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1791-1
Released:    Thu Apr  6 15:37:30 2023
Summary:     Security update for go1.20
Type:        security
Severity:    important
References:  1206346,1210127,1210128,1210129,1210130,CVE-2023-24534,CVE-2023-24536,CVE-2023-24537,CVE-2023-24538
This update for go1.20 fixes the following issues:

Update to version 1.20.3:

* CVE-2023-24534: security: net/http, net/textproto: denial of service from excessive memory allocation (bsc#1210127)
* CVE-2023-24536: security: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption (bsc#1210128)
* CVE-2023-24537: security: go/parser: infinite loop in parsing (bsc#1210129)
* CVE-2023-24538: security: html/template: backticks not treated as string delimiters (bsc#1210130)
* x/text: building as a plugin failure on darwin/arm64
* cmd/go: timeout on darwin-amd64-race builder
* internal/testpty: fails on some Linux machines due to incorrect error handling
* cmd/link: Incorrect symbol linked in darwin/arm64
* cmd/link: linker fails on linux/amd64 when gcc's lto options are used
* cmd/link/internal/arm: off-by-one error in trampoline phase call reachability calculation
* time: time zone lookup using extend string makes wrong start time for non-DST zones
* runtime: crash on linux-ppc64le
* cmd/compile: crypto/elliptic build error under -linkshared mode
* cmd/compile: unsafe.SliceData incoherent resuilt with nil argument

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1792-1
Released:    Thu Apr  6 15:37:55 2023
Summary:     Security update for go1.19
Type:        security
Severity:    important
References:  1200441,1210127,1210128,1210129,1210130,CVE-2023-24534,CVE-2023-24536,CVE-2023-24537,CVE-2023-24538
This update for go1.19 fixes the following issues:

Update to 1.19.8

* CVE-2023-24534: security: net/http, net/textproto: denial of service from excessive memory allocation (bsc#1210127)
* CVE-2023-24536: security: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption (bsc#1210128)
* CVE-2023-24537: security: go/parser: infinite loop in parsing (bsc#1210129)
* CVE-2023-24538: security: html/template: backticks not treated as string delimiters (bsc#1210130)
* cmd/go: timeout on darwin-amd64-race builder
* runtime/pprof: TestLabelSystemstack due to sample with no location
* internal/testpty: fails on some Linux machines due to incorrect error handling
* cmd/link: linker fails on linux/amd64 when gcc's lto options are used
* cmd/link/internal/arm: off-by-one error in trampoline phase call reachability calculation
* time: time zone lookup using extend string makes wrong start time for non-DST zones
* runtime: crash on linux-ppc64le

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1799-1
Released:    Fri Apr  7 14:29:55 2023
Summary:     Security update for ghostscript
Type:        security
Severity:    important
References:  1210062,CVE-2023-28879
This update for ghostscript fixes the following issues:

- CVE-2023-28879: Fixed buffer Overflow in s_xBCPE_process (bsc#1210062).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1805-1
Released:    Tue Apr 11 10:12:41 2023
Summary:     Recommended update for timezone
Type:        recommended
Severity:    important
References:  
This update for timezone fixes the following issues:

- Version update from 2022g to 2023c:
  * Egypt now uses DST again, from April through October.
  * This year Morocco springs forward April 23, not April 30.
  * Palestine delays the start of DST this year.
  * Much of Greenland still uses DST from 2024 on.
  * America/Yellowknife now links to America/Edmonton.
  * tzselect can now use current time to help infer timezone.
  * The code now defaults to C99 or later.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1808-1
Released:    Tue Apr 11 11:33:51 2023
Summary:     Recommended update for gdb
Type:        recommended
Severity:    moderate
References:  

gdb was updated to version 12.1:

* DBX mode is deprecated, and will be removed in GDB 13.

* GDB 12 is the last release of GDB that will support building against
  Python 2.  From GDB 13, it will only be possible to build GDB itself
  with Python 3 support.

* Improved C++ template support:
  GDB now treats functions/types involving C++ templates like it does function
  overloads.  Users may omit parameter lists to set breakpoints on families of
  template functions, including types/functions composed of multiple template types:

    (gdb) break template_func(template_1, int)

  The above will set breakpoints at every function `template_func' where
  the first function parameter is any template type named `template_1' and
  the second function parameter is `int'.
  TAB completion also gains similar improvements.

* New commands:

  - maint set backtrace-on-fatal-signal on|off
  - maint show backtrace-on-fatal-signal

  This setting is 'on' by default.  When 'on' GDB will print a limited
  backtrace to stderr in the situation where GDB terminates with a
  fatal signal.  This only supported on some platforms where the
  backtrace and backtrace_symbols_fd functions are available.

  - set source open on|off
  - show source open

  This setting, which is on by default, controls whether GDB will try
  to open source code files.  Switching this off will stop GDB trying
  to open and read source code files, which can be useful if the files
  are located over a slow network connection.

  - set varsize-limit
  - show varsize-limit

  These are now deprecated aliases for 'set max-value-size' and
  'show max-value-size'.

  - task apply [all | TASK-IDS...] [FLAG]... COMMAND

  Like 'thread apply', but applies COMMAND to Ada tasks.

  - watch [...] task ID

  Watchpoints can now be restricted to a specific Ada task.

  - maint set internal-error backtrace on|off
  - maint show internal-error backtrace
  - maint set internal-warning backtrace on|off
  - maint show internal-warning backtrace

  GDB can now print a backtrace of itself when it encounters either an
  internal-error, or an internal-warning.  This is on by default for
  internal-error and off by default for internal-warning.

  - set logging on|off

  Deprecated and replaced by 'set logging enabled on|off'.

  - set logging enabled on|off
  - show logging enabled

  These commands set or show whether logging is enabled or disabled.

  - exit

  You can now exit GDB by using the new command 'exit', in addition to
  the existing 'quit' command.

  - set debug threads on|off
  - show debug threads

  Print additional debug messages about thread creation and deletion.

  - set debug linux-nat on|off
  - show debug linux-nat

  These new commands replaced the old 'set debug lin-lwp' and 'show
  debug lin-lwp' respectively.  Turning this setting on prints debug
  messages relating to GDB's handling of native Linux inferiors.

  - maint flush source-cache

  Flush the contents of the source code cache.

  - maint set gnu-source-highlight enabled on|off
  - maint show gnu-source-highlight enabled

  Whether GDB should use the GNU Source Highlight library for adding
  styling to source code.  When off, the library will not be used, even
  when available.  When GNU Source Highlight isn't used, or can't add
  styling to a particular source file, then the Python Pygments
  library will be used instead.

  - set suppress-cli-notifications (on|off)
  - show suppress-cli-notifications

  This controls whether printing the notifications is suppressed for CLI.
  CLI notifications occur when you change the selected context
  (i.e., the current inferior, thread and/or the frame), or when
  the program being debugged stops (e.g., because of hitting a
  breakpoint, completing source-stepping, an interrupt, etc.).

  - set style disassembler enabled on|off
  - show style disassembler enabled

  If GDB is compiled with Python support, and the Python Pygments
  package is available, then, when this setting is on, disassembler
  output will have styling applied.

  - set ada source-charset
  - show ada source-charset

  Set the character set encoding that is assumed for Ada symbols.  Valid
  values for this follow the values that can be passed to the GNAT
  compiler via the '-gnati' option.  The default is ISO-8859-1.

* Changed commands:

  - print

  Printing of floating-point values with base-modifying formats like
  /x has been changed to display the underlying bytes of the value in
  the desired base.  This was GDB's documented behavior, but was never
  implemented correctly.

  - maint packet

  This command can now print a reply, if the reply includes
  non-printable characters.  Any non-printable characters are printed
  as escaped hex, e.g. \x?? where '??' is replaces with the value of
  the non-printable character.

  - clone-inferior

  The clone-inferior command now ensures that the TTY, CMD and ARGS
  settings are copied from the original inferior to the new one.
  All modifications to the environment variables done using the 'set
  environment' or 'unset environment' commands are also copied to the new
  inferior.

  - set debug lin-lwp on|off
  - show debug lin-lwp

  These commands have been removed from GDB.  The new command 'set
  debug linux-nat' and 'show debug linux-nat' should be used
  instead.

  - info win

  This command now includes information about the width of the tui
  windows in its output.

* GDB's Ada parser now supports an extension for specifying the exact
  byte contents of a floating-point literal.  This can be useful for
  setting floating-point registers to a precise value without loss of
  precision.  The syntax is an extension of the based literal syntax.
  Use, e.g., '16lf#0123abcd#' -- the number of 'l's controls the width
  of the floating-point type, and the 'f' is the marker for floating
  point.

* MI changes:

 ** The '-add-inferior' with no option flags now inherits the
    connection of the current inferior, this restores the behaviour of
    GDB as it was prior to GDB 10.

 ** The '-add-inferior' command now accepts a '--no-connection'
    option, which causes the new inferior to start without a
    connection.

* Python API:

  ** New function gdb.add_history(), which takes a gdb.Value object
     and adds the value it represents to GDB's history list.  An
     integer, the index of the new item in the history list, is
     returned.

  ** New function gdb.history_count(), which returns the number of
     values in GDB's value history.

  ** New gdb.events.gdb_exiting event.  This event is called with a
     gdb.GdbExitingEvent object which has the read-only attribute
     'exit_code', which contains the value of the GDB exit code.  This
     event is triggered once GDB decides it is going to exit, but
     before GDB starts to clean up its internal state.

  ** New function gdb.architecture_names(), which returns a list
     containing all of the possible Architecture.name() values.  Each
     entry is a string.

  ** New function gdb.Architecture.integer_type(), which returns an
     integer type given a size and a signed-ness.

  ** New gdb.TargetConnection object type that represents a connection
     (as displayed by the 'info connections' command).  A sub-class,
     gdb.RemoteTargetConnection, is used to represent 'remote' and
     'extended-remote' connections.

  ** The gdb.Inferior type now has a 'connection' property which is an
     instance of gdb.TargetConnection, the connection used by this
     inferior.  This can be None if the inferior has no connection.

  ** New 'gdb.events.connection_removed' event registry, which emits a
     'gdb.ConnectionEvent' when a connection is removed from GDB.
     This event has a 'connection' property, a gdb.TargetConnection
     object for the connection being removed.

  ** New gdb.connections() function that returns a list of all
     currently active connections.

  ** New gdb.RemoteTargetConnection.send_packet(PACKET) method.  This
     is equivalent to the existing 'maint packet' CLI command; it
     allows a user specified packet to be sent to the remote target.

  ** New function gdb.host_charset(), returns a string, which is the
     name of the current host charset.

  ** New gdb.set_parameter(NAME, VALUE).  This sets the gdb parameter
     NAME to VALUE.

  ** New gdb.with_parameter(NAME, VALUE).  This returns a context
     manager that temporarily sets the gdb parameter NAME to VALUE,
     then resets it when the context is exited.

  ** The gdb.Value.format_string method now takes a 'styling'
     argument, which is a boolean.  When true, the returned string can
     include escape sequences to apply styling.  The styling will only
     be present if styling is otherwise turned on in GDB (see 'help
     set styling').  When false, which is the default if the argument
     is not given, then no styling is applied to the returned string.

  ** New read-only attribute gdb.InferiorThread.details, which is
     either a string, containing additional, target specific thread
     state information, or None, if there is no such additional
     information.

  ** New read-only attribute gdb.Type.is_scalar, which is True for
     scalar types, and False for all other types.

  ** New read-only attribute gdb.Type.is_signed.  This attribute
     should only be read when Type.is_scalar is True, and will be True
     for signed types, and False for all other types.  Attempting to
     read this attribute for non-scalar types will raise a ValueError.

  ** It is now possible to add GDB/MI commands implemented in Python.

Update libipt to v2.0.5.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1809-1
Released:    Tue Apr 11 11:47:44 2023
Summary:     Recommended update for haveged
Type:        recommended
Severity:    moderate
References:  1203079
This update for haveged fixes the following issues:

- Synchronize haveged instances during switching root (bsc#1203079)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1810-1
Released:    Tue Apr 11 12:06:13 2023
Summary:     Recommended update for cups
Type:        recommended
Severity:    moderate
References:  1191467,1191525,1198932,1200321,1201234,1203446
This update for cups fixes the following issues:

- Fix print jobs on cups.sock return with EAGAIN (Resource temporarily unavailable) (bsc#1191525)
- Fix '/usr/bin/lpr: Error - The printer or class does not exist (bsc#1203446)
- Improves logging on 'IPP_STATUS_ERROR_NOT_FOUND' error (bsc#1191467, bsc#1198932)
- Add 'After=network.target sssd.service' to the systemd unit (bsc#1201234, bsc#1200321)    

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1813-1
Released:    Tue Apr 11 13:39:36 2023
Summary:     Recommended update for open-vm-tools
Type:        recommended
Severity:    low
References:  1208880
This update for open-vm-tools fixes the following issue:

- Ship missing open-vm-tools-salt-minion package. (bsc#1208880)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1815-1
Released:    Tue Apr 11 17:19:53 2023
Summary:     Security update for amazon-ssm-agent
Type:        security
Severity:    moderate
References:  

This update for amazon-ssm-agent fixes the following issue:

- rebuilt using go1.19.7 to fix bugs and security issues.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1827-1
Released:    Thu Apr 13 10:18:16 2023
Summary:     Security update for containerd
Type:        security
Severity:    moderate
References:  1208423,1208426,CVE-2023-25153,CVE-2023-25173
This update for containerd fixes the following issues:

Update to containerd v1.6.19:

Security fixes:
    
- CVE-2023-25153: Fixed OCI image importer memory exhaustion (bnc#1208423).
- CVE-2023-25173: Fixed supplementary groups not set up properly (bnc#1208426).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1831-1
Released:    Thu Apr 13 11:06:04 2023
Summary:     Recommended update for jsr-305
Type:        recommended
Severity:    important
References:  
This update for jsr-305 provides the following fix:
    
    - Ship the correct versions of jsr-305 on SUSE Manager repositories (no source changes).
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1834-1
Released:    Thu Apr 13 14:01:17 2023
Summary:     Security update for cmark
Type:        security
Severity:    moderate
References:  1207674,CVE-2023-22486
This update for cmark fixes the following issues:

- CVE-2023-22486: Fixed quadratic complexity in handle_close_bracket may lead to a denial of service (bsc#1207674).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1835-1
Released:    Thu Apr 13 14:37:55 2023
Summary:     Recommended update for lifecycle-data-sle-module-live-patching
Type:        recommended
Severity:    moderate
References:  1020320
This update for lifecycle-data-sle-module-live-patching fixes the following issues:

- Added data for 4_12_14-150100_197_134, 5_14_21-150400_24_41,
  5_14_21-150400_24_46, 5_3_18-150200_24_142,
  5_3_18-150300_59_109, 5_3_18-150300_59_112,
  +kernel-livepatch-5_14_21-150400_15_11-rt,*,2024-02-23+kernel-livepatch-5_14_21-150400_15_8-rt,*,2024-01-26 (bsc#1020320)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1838-1
Released:    Thu Apr 13 15:32:25 2023
Summary:     Security update for python-crcmod, python-cryptography, python-cryptography-vectors
Type:        security
Severity:    moderate
References:  1177083,1181995,CVE-2020-36242
This update for python-crcmod, python-cryptography, python-cryptography-vectors contains the following fixes:

Changes in python-crcmod:

- Include in SLE-15 (bsc#1177083, jsc#PM-2730, jsc#SLE-18312)
- Include in SLE-15 (bsc#1181995, jsc#ECO-3329, jsc#PM-2475)

- Cleanup spec file
- Use fdupes
- Do not bundle html doc

- singlespec auto-conversion

- Include in SLE 12 (FATE #316168)

- Initial release

Changes in python-cryptography:
- Update in SLE-15 (bsc#1177083, jsc#PM-2730, jsc#SLE-18312)

- Refresh patches for new version

* Using the Fernet class to symmetrically encrypt multi gigabyte values. (bsc#1182066, CVE-2020-36242)
    could result in an integer overflow and buffer overflow.

- update to 2.9.2
  * 2.9.2 - 2020-04-22
    - Updated the macOS wheel to fix an issue where it would not run on macOS versions older than 10.15.
  * 2.9.1 - 2020-04-21
    - Updated Windows, macOS, and manylinux wheels to be compiled with OpenSSL 1.1.1g.
  * 2.9 - 2020-04-02
    - BACKWARDS INCOMPATIBLE: Support for Python 3.4 has been removed due to
      low usage and maintenance burden.
    - BACKWARDS INCOMPATIBLE: Support for OpenSSL 1.0.1 has been removed.
      Users on older version of OpenSSL will need to upgrade.
    - BACKWARDS INCOMPATIBLE: Support for LibreSSL 2.6.x has been removed.
    - Removed support for calling public_bytes() with no arguments, as per 
      our deprecation policy. You must now pass encoding and format.
    - BACKWARDS INCOMPATIBLE: Reversed the order in which rfc4514_string()
      returns the RDNs as required by RFC 4514.
    - Updated Windows, macOS, and manylinux wheels to be compiled with OpenSSL 1.1.1f.
    - Added support for parsing single_extensions in an OCSP response.
    - NameAttribute values can now be empty strings.

Changes in python-cryptography-vectors:
- Update in SLE-15 (bsc#1177083, jsc#PM-2730, jsc#SLE-18312)

- update to 2.9.2:
  * updated vectors for the cryptography 2.9.2 testing

  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1841-1
Released:    Fri Apr 14 06:54:36 2023
Summary:     Recommended update for drbd-utils
Type:        recommended
Severity:    important
References:  1208922
This update for drbd-utils fixes the following issues:

- Fix file conflict with `/lib/drbd` when migrating from SUSE Linux Enterprise 15 Service Pack 3 to Service Pack 4
  (bsc#1208922)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1844-1
Released:    Fri Apr 14 12:13:46 2023
Summary:     Security update for aws-nitro-enclaves-cli
Type:        security
Severity:    moderate
References:  1196972,1208555,CVE-2022-24713,CVE-2022-31394
This update for aws-nitro-enclaves-cli fixes the following issues:

Update aws-nitro-enclaves-cli to version 1.2.2~git0.4ccc639:
  * CVE-2022-31394: Fixed DoS vulnerability in hyper crate (bsc#1208555).

Update aws-nitro-enclaves-cli to version 1.2.0~git2.841ef94:
  * CVE-2022-24713: Fixed ReDoS vulnerability in regex crate (bsc#1196972).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1846-1
Released:    Fri Apr 14 12:29:16 2023
Summary:     Security update for php7
Type:        security
Severity:    moderate
References:  1205162,1208199,1209537,CVE-2022-4900
This update for php7 fixes the following issues:

- CVE-2022-4900: Fixed potential buffer overflow via PHP_CLI_SERVER_WORKERS environment variable. (bsc#1209537)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1849-1
Released:    Fri Apr 14 14:21:46 2023
Summary:     Security update for apache2-mod_auth_openidc
Type:        security
Severity:    important
References:  1210073,CVE-2023-28625
This update for apache2-mod_auth_openidc fixes the following issues:

- CVE-2023-28625: Fixed NULL pointer dereference when OIDCStripCookies was set and a crafted Cookie header was supplied (bsc#1210073).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1850-1
Released:    Fri Apr 14 15:07:06 2023
Summary:     Security update for java-1_8_0-ibm
Type:        security
Severity:    moderate
References:  1207246,1207248,1207249,1208480,CVE-2022-21426,CVE-2023-21830,CVE-2023-21835,CVE-2023-21843
This update for java-1_8_0-ibm fixes the following issues:

- Update to Java 8.0 Service Refresh 8 (bsc#1208480):

  * Security fixes:
    - CVE-2023-21830: Fixed improper restrictions in CORBA deserialization (bsc#1207249).
    - CVE-2023-21835: Fixed handshake DoS attack against DTLS connections (bsc#1207246).
    - CVE-2023-21843: Fixed soundbank URL remote loading (bsc#1207248).
  
  * New Features/Enhancements:
    - Add RSA-PSS signature to IBMJCECCA.
  * Defect Fixes:
    - IJ45437 Service, Build, Packaging and Deliver: Getting
      FIPSRUNTIMEEXCEPTION when calling java code:
      MESSAGEDIGEST.GETINSTANCE('SHA256', 'IBMJCEFIPS'); in MAC
    - IJ45272 Class Libraries: Fix security vulnerability CVE-2023-21843
    - IJ45280 Class Libraries: Update timezone information to the
      latest TZDATA2022F
    - IJ44896 Class Libraries: Update timezone information to the
      latest TZDATA2022G
    - IJ45436 Java Virtual Machine: Stack walking code gets into
      endless loop, hanging the application
    - IJ44079 Java Virtual Machine: When -DFILE.ENCODING is specified
      multiple times on the same command line the first option takes
      precedence instead of the last
    - IJ44532 JIT Compiler: Java JIT: Crash in DECREFERENCECOUNT()
      due to a NULL pointer
    - IJ44596 JIT Compiler: Java JIT: Invalid hard-coding of static
      final field object properties
    - IJ44107 JIT Compiler: JIT publishes new object reference to other
      threads without executing a memory flush
    - IX90193 ORB: Fix security vulnerability CVE-2023-21830
    - IJ44267 Security: 8273553: SSLENGINEIMPL.CLOSEINBOUND also has
      similar error of JDK-8253368
    - IJ45148 Security: code changes for tech preview
    - IJ44621 Security: Computing Diffie-Hellman secret repeatedly,
      using IBMJCEPLUS, causes a small memory leak
    - IJ44172 Security: Disable SHA-1 signed jars for EA
    - IJ44040 Security: Generating Diffie-Hellman key pairs repeatedly,
      using IBMJCEPLUS, Causes a small memory leak
    - IJ45200 Security: IBMJCEPLUS provider, during CHACHA20-POLY1305
      crypto operations, incorrectly throws an ILLEGALSTATEEXCEPTION
    - IJ45182 Security: IBMJCEPLUS provider fails in RSAPSS and ECDSA
      during signature operations resulting in Java cores
    - IJ45201 Security: IBMJCEPLUS provider failures (two) with AESGCM algorithm
    - IJ45202 Security: KEYTOOL NPE if signing certificate does not contain
      a SUBJECTKEYIDENTIFIER extension
    - IJ44075 Security: PKCS11KEYSTORE.JAVA - DOESPUBLICKEYMATCHPRIVATEKEY()
      method uses SHA1XXXX signature algorithms to match private and public keys
    - IJ45203 Security: RSAPSS multiple names for KEYTYPE
    - IJ43920 Security: The PKCS12 keystore update and the PBES2 support
    - IJ40002 XML: Fix security vulnerability CVE-2022-21426

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1851-1
Released:    Fri Apr 14 15:08:38 2023
Summary:     Security update for container-suseconnect
Type:        security
Severity:    important
References:  

This update for container-suseconnect fixes the following issue:

- rebuilt against current go version.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1852-1
Released:    Fri Apr 14 15:09:39 2023
Summary:     Security update for harfbuzz
Type:        security
Severity:    important
References:  1207922,CVE-2023-25193
This update for harfbuzz fixes the following issues:

- CVE-2023-25193: Fixed vulnerability that allowed attackers to trigger O(n^2) growth via consecutive marks (bsc#1207922).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1853-1
Released:    Fri Apr 14 15:10:51 2023
Summary:     Security update for tomcat
Type:        security
Severity:    important
References:  1206840,CVE-2022-45143
This update for tomcat fixes the following issues:

- CVE-2022-45143: Fixed JsonErrorReportValve injection (bsc#1206840).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1854-1
Released:    Fri Apr 14 16:04:56 2023
Summary:     Security update for liblouis
Type:        security
Severity:    important
References:  1209431,1209855,CVE-2023-26768
This update for liblouis fixes the following issues:

- CVE-2023-26768: Fixed buffer overflow in lou_logFile() (bsc#1209431).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1855-1
Released:    Fri Apr 14 16:06:03 2023
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    important
References:  1210212,CVE-2023-1945,CVE-2023-29531,CVE-2023-29532,CVE-2023-29533,CVE-2023-29535,CVE-2023-29536,CVE-2023-29539,CVE-2023-29541,CVE-2023-29542,CVE-2023-29545,CVE-2023-29548,CVE-2023-29550
This update for MozillaFirefox fixes the following issues:

- Firefox Extended Support Release 102.10.0 ESR (bsc#1210212)
- CVE-2023-29531: Out-of-bound memory access in WebGL on macOS
- CVE-2023-29532: Mozilla Maintenance Service Write-lock bypass
- CVE-2023-29533: Fullscreen notification obscured
- MFSA-TMP-2023-0001: Double-free in libwebp
- CVE-2023-29535: Potential Memory Corruption following Garbage Collector compaction
- CVE-2023-29536: Invalid free from JavaScript code
- CVE-2023-29539: Content-Disposition filename truncation leads to Reflected File Download
- CVE-2023-29541: Files with malicious extensions could have been downloaded unsafely on Linux
- CVE-2023-29542: Bypass of file download extension restrictions
- CVE-2023-29545: Windows Save As dialog resolved environment variables
- CVE-2023-1945: Memory Corruption in Safe Browsing Code
- CVE-2023-29548: Incorrect optimization result on ARM64
- CVE-2023-29550: Memory safety bugs fixed in Firefox 112 and Firefox ESR 102.10

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1867-1
Released:    Mon Apr 17 14:14:38 2023
Summary:     Security update for gradle
Type:        security
Severity:    important
References:  1184807,CVE-2021-29428
This update for gradle fixes the following issues:

- CVE-2021-29428: Fixed a local privilege escalation through system temporary directory. (bsc#1184807)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1868-1
Released:    Mon Apr 17 14:34:20 2023
Summary:     Recommended update for polkit-default-privs
Type:        recommended
Severity:    moderate
References:  1209378
This update for polkit-default-privs fixes the following issues:

* backport of kinfocenter5 whitelisting (bsc#1209378)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1877-1
Released:    Tue Apr 18 09:39:00 2023
Summary:     Security update for pgadmin4
Type:        security
Severity:    important
References:  1207464,CVE-2023-0241
This update for pgadmin4 fixes the following issues:

- CVE-2023-0241: Fixed a directory traversal vulnerability (bsc#1207464).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1880-1
Released:    Tue Apr 18 11:11:27 2023
Summary:     Recommended update for systemd-rpm-macros
Type:        recommended
Severity:    low
References:  1208079
This update for systemd-rpm-macros fixes the following issue:

- Don't emit a warning when the flag file in /var/lib/systemd/migrated/ is not present as it's expected (bsc#1208079).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1881-1
Released:    Tue Apr 18 11:13:03 2023
Summary:     Recommended update for Mesa
Type:        recommended
Severity:    low
References:  1208145
This update for Mesa fixes the following issues:

-Fixes blackscreen in Return To Monkey Island on Intel graphics (bsc#1208145)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1882-1
Released:    Tue Apr 18 11:13:49 2023
Summary:     Recommended update for makedumpfile
Type:        recommended
Severity:    moderate
References:  1201209
This update for makedumpfile fixes the following issues:

- Fix memory leak issue in init_xen_crash_info (bsc#1201209)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1891-1
Released:    Tue Apr 18 11:28:04 2023
Summary:     Recommended update for php8
Type:        recommended
Severity:    moderate
References:  1205162,1208199
This update for php8 fixes the following issues:

- ensure extension=mysqlnd will be called before extension=mysqli (bsc#1205162)
- fix potential buffer overflow (bsc#1208199)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1896-1
Released:    Tue Apr 18 11:56:25 2023
Summary:     Recommended update for cloud-regionsrv-client
Type:        recommended
Severity:    critical
References:  
Release update to the unrestricted channel for SLE-15:Update codestream.
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1900-1
Released:    Tue Apr 18 14:45:35 2023
Summary:     Recommended update for libdnet
Type:        recommended
Severity:    moderate
References:  
This update for libdnet fixes the following issues:

- update to 1.16.3:
  IPv6 support
  fixed some potential buffer overflows

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1901-1
Released:    Tue Apr 18 15:37:23 2023
Summary:     Security update for helm
Type:        security
Severity:    moderate
References:  1209670
This update for helm fixes the following issues:

Update to version 3.11.2:

* chore(deps): bump github.com/rubenv/sql-migrate from 1.2.0 to 1.3.1
* the linter varcheck and deadcode are deprecated (since v1.49.0)
* fix template --output-dir issue
* build against a supported go version: go1.19 (bsc#1209670)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1920-1
Released:    Wed Apr 19 16:22:58 2023
Summary:     Recommended update for hwdata
Type:        recommended
Severity:    moderate
References:  
This update for hwdata fixes the following issues:

- Update pci, usb and vendor ids

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1922-1
Released:    Wed Apr 19 19:54:44 2023
Summary:     Security update for openssl-1_0_0
Type:        security
Severity:    moderate
References:  1209873,1209878,CVE-2023-0465,CVE-2023-0466
This update for openssl-1_0_0 fixes the following issues:

- CVE-2023-0465: Invalid certificate policies in leaf certificates were silently ignored (bsc#1209878).
- CVE-2023-0466: Certificate policy check were not enabled (bsc#1209873).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1925-1
Released:    Thu Apr 20 09:01:09 2023
Summary:     Recommended update for rpmlint
Type:        recommended
Severity:    moderate
References:  1206414,1209378
This update for rpmlint fixes the following issues:

- kinfocenter5 whitelisting for D-Bus (bsc#1209378)
- usbguard whitelisting for D-Bus (bsc#1206414)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1927-1
Released:    Thu Apr 20 09:02:49 2023
Summary:     Security update for ImageMagick
Type:        security
Severity:    moderate
References:  1210308,CVE-2023-1906
This update for ImageMagick fixes the following issues:

- CVE-2023-1906: Fixed a heap-based buffer overflow in ImportMultiSpectralQuantum. (bsc#1210308)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1931-1
Released:    Thu Apr 20 16:15:54 2023
Summary:     Security update for wireshark
Type:        security
Severity:    important
References:  1210403,1210404,1210405,CVE-2023-1992,CVE-2023-1993,CVE-2023-1994
This update for wireshark fixes the following issues:
 
- CVE-2023-1992: Fixed RPCoRDMA dissector crash (bsc#1210405).
- CVE-2023-1993: Fixed LISP dissector large loop (bsc#1210404).
- CVE-2023-1994: Fixed GQUIC dissector crash (bsc#1210403).
  
Update to 3.6.13:

- Further features, bug fixes and updated protocol support as listed in:
  https://www.wireshark.org/docs/relnotes/wireshark-3.6.13.html

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1938-1
Released:    Thu Apr 20 18:44:53 2023
Summary:     Recommended update for NetworkManager
Type:        recommended
Severity:    low
References:  1194715,1204549,1205529
This update for NetworkManager fixes the following issue:

- Adds missing NetworkManager and dependencies to Micro 5.3 (bsc#1204549, bsc#1205529)
- rp-pppoe: replace deprecated ifconfig dependency with iproute2. (bsc#1194715, jsc#SLE-24004)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1939-1
Released:    Fri Apr 21 11:14:30 2023
Summary:     Recommended update for mozilla-nss
Type:        recommended
Severity:    moderate
References:  1191546,1207209,1208242,1208999
This update for mozilla-nss fixes the following issues:

- FIPS 140-3: Adjust SLI reporting for PBKDF2 parameter validation (bsc#1208999)
- FIPS 140-3: Update session->lastOpWasFIPS before destroying the key after
  derivation in the CKM_TLS12_KEY_AND_MAC_DERIVE,
  CKM_NSS_TLS_KEY_AND_MAC_DERIVE_SHA256,
  CKM_TLS_KEY_AND_MAC_DERIVE and CKM_SSL3_KEY_AND_MAC_DERIVE cases. (bsc#1191546)
- FIPS 140-3: more changes for pairwise consistency checks. (bsc#1207209)
- Add manpages to mozilla-nss-tools (bsc#1208242)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1947-1
Released:    Fri Apr 21 14:14:41 2023
Summary:     Security update for dmidecode
Type:        security
Severity:    moderate
References:  1210418,CVE-2023-30630
This update for dmidecode fixes the following issues:

- CVE-2023-30630: Fixed potential privilege escalation vulnerability via file overwrite (bsc#1210418).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1954-1
Released:    Mon Apr 24 11:10:40 2023
Summary:     Recommended update for xmlsec1
Type:        recommended
Severity:    low
References:  1201617
This update for xmlsec1 fixes the following issue:

- Ship missing xmlsec1 to synchronize its version across different products (bsc#1201617)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1955-1
Released:    Mon Apr 24 11:12:33 2023
Summary:     Recommended update for mariadb
Type:        recommended
Severity:    moderate
References:  
This update for mariadb fixes the following issues:

- Update to 10.6.12:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1957-1
Released:    Mon Apr 24 13:05:13 2023
Summary:     Recommended update for bcache-tools
Type:        recommended
Severity:    moderate
References:  1208425
This update for bcache-tools fixes the following issues:

- Improve device recognition (bsc#1208425)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1962-1
Released:    Mon Apr 24 14:07:03 2023
Summary:     Security update for indent
Type:        security
Severity:    important
References:  1209718
This update for indent fixes the following issues:

- Fixed multiple memory safety issues (bsc#1209718).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1994-1
Released:    Tue Apr 25 13:53:25 2023
Summary:     Security update for avahi
Type:        security
Severity:    moderate
References:  1210328,CVE-2023-1981
This update for avahi fixes the following issues:

- CVE-2023-1981: Fixed crash in avahi-daemon (bsc#1210328).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1999-1
Released:    Tue Apr 25 17:10:06 2023
Summary:     Security update for fwupd
Type:        security
Severity:    moderate
References:  1209188

This update of fwupd fixes the following issues:

- rebuild the package with the new secure boot key (bsc#1209188).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2003-1
Released:    Tue Apr 25 18:05:42 2023
Summary:     Security update for runc
Type:        security
Severity:    important
References:  1168481,1208962,1209884,1209888,CVE-2023-25809,CVE-2023-27561,CVE-2023-28642
This update for runc fixes the following issues:

Update to runc v1.1.5:

Security fixes:

- CVE-2023-25809: Fixed rootless `/sys/fs/cgroup` is writable when cgroupns isn't unshared (bnc#1209884).
- CVE-2023-27561: Fixed regression that reintroduced CVE-2019-19921 vulnerability (bnc#1208962).
- CVE-2023-28642: Fixed AppArmor/SELinux bypass with symlinked /proc (bnc#1209888).

Other fixes:

 - Fix the inability to use `/dev/null` when inside a container.
 - Fix changing the ownership of host's `/dev/null` caused by fd redirection (bsc#1168481).
 - Fix rare runc exec/enter unshare error on older kernels.
 - nsexec: Check for errors in `write_log()`.
 - Drop version-specific Go requirement.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2027-1
Released:    Wed Apr 26 08:28:21 2023
Summary:     Recommended update for hawk2
Type:        recommended
Severity:    important
References:  1208533
This update for hawk2 fixes the following issues:

- Fix execution issue caused by version conflicts with sass-rails (bsc#1208533) 

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2038-1
Released:    Wed Apr 26 11:06:20 2023
Summary:     Security update for git
Type:        security
Severity:    moderate
References:  1210686,CVE-2023-25652,CVE-2023-25815,CVE-2023-29007
This update for git fixes the following issues:

- CVE-2023-25652: Fixed partial overwrite of paths outside the working tree (bsc#1210686).
- CVE-2023-25815: Fixed malicious placemtn of crafted message (bsc#1210686).
- CVE-2023-29007: Fixed arbitrary configuration injection (bsc#1210686).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2039-1
Released:    Wed Apr 26 11:42:49 2023
Summary:     Recommended update for lshw
Type:        recommended
Severity:    moderate
References:  1209531
This update for lshw fixes the following issues:

- Update to version B.02.19.2+git.20230320 (bsc#1209531)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2042-1
Released:    Wed Apr 26 13:15:01 2023
Summary:     Recommended update for python-osc-tiny
Type:        recommended
Severity:    moderate
References:  1206040
This update for python-osc-tiny fixes the following issues:

- Added a comment parameter to project and package `set_meta`
- Added a link to the documentation of `HttpSignatureAuth`
- Added fix for a parameter inconsistency in the API
- Added methods to get/set the project config
- Added support for Python 3.11
- Allow `Package.exists` to raise exceptions
- Do not send the `deleted` parameter, when the `view` parameter is present
- Enhanced usability and reliability for `HttpSignatureAuth`
- Fixed packaging problem with Python dependency (bsc#1206040)
- Improved strong authentication method
- Include the original error message, when an SSH key cannot be read
- Make it possible to force setting meta
- Prevent sharing of sessions across forked processes
- Replaced `Request.cmd` with `Request.update`
- Simplified handling of SSH keys
- Support product list views honoring the `expand` parameter
- Treat `deleted` and `expand` parameters of `/source/<project>/` as boolean (not documented as such)

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2023:2049-1
Released:    Thu Apr 27 10:26:57 2023
Summary:     Feature update for bouncycastle
Type:        feature
Severity:    moderate
References:  
This update for bouncycastle fixes the following issues:

bouncycastle was updated to version 1.72:

  * Defects Fixed:

    - There were parameter errors in XMSS^MT OIDs for
      XMSSMT_SHA2_40/4_256 and XMSSMT_SHA2_60/3_256. These have
      been fixed.
    - There was an error in Merkle tree construction for the
      Evidence Records (ERS) implementation which could result in
      invalid roots been timestamped. ERS now produces an
      ArchiveTimeStamp for each data object/group with an associated
      reduced hash tree. The reduced hash tree is now calculated as
      a simple path to the root of the tree for each record.
    - OpenPGP will now ignore signatures marked as non-exportable
      on encoding.
    - A tagging calculation error in GCMSIV which could result in
      incorrect tags has been fixed.
    - Issues around Java 17 which could result in failing tests
      have been addressed.

  * Additional Features and Functionality:

    - BCJSSE: TLS 1.3 is now enabled by default where no explicit
      protocols are supplied (e.g. 'TLS' or 'Default' SSLContext
      algorithms, or SSLContext.getDefault() method).
    - BCJSSE: Rewrite SSLEngine implementation to improve compatibility
      with SunJSSE.
    - BCJSSE: Support export of keying material via extension API.
    - (D)TLS: Add support for 'tls-exporter' channel binding per RFC 9266.
    - (D)TLS (low-level API): By default, only (D)TLS 1.2 and TLS 1.3 are
      offered now. Earlier versions are still supported if explicitly
      enabled. Users may need to check they are offering suitable
      cipher suites for TLS 1.3.
    - (D)TLS (low-level API): Add support for raw public keys per RFC 7250.
    - CryptoServicesRegistrar now has a setServicesConstraints() method
      on it which can be used to selectively turn off algorithms.
    - The NIST PQC Alternate Candidate, Picnic, has been added to the low
      level API and the BCPQC provider.
    - SPHINCS+ has been upgraded to the latest submission, SPHINCS+ 3.1
      and support for Haraka has been added.
    - Evidence records now support timestamp renewal and hash renewal.
    - The SIKE Alternative Candidate NIST Post Quantum Algorithm has
      been added to the low-level PQC API.
    - The NTRU Round 3 Finalist Candidate NIST Post Quantum Algorithm
      has been added to the low-level API and the BCPQC provider.
    - The Falcon Finalist NIST Post Quantum Algorithm has been added to
      the low-level API and the BCPQC provider.
    - The CRYSTALS-Kyber Finalist NIST Post Quantum Algorithm has been
      added to the low-level API and the BCPQC provider.
    - Argon2 Support has been added to the OpenPGP API.
    - XDH IES has now been added to the BC provider.
    - The OpenPGP API now supports AEAD encryption and decryption.
    - The NTRU Prime Alternative Candidate NIST Post Quantum Algorithms
      have been added to the low-level API and the BCPQC provider.
    - The CRYSTALS-Dilithium Finalist NIST Post Quantum Algorithm has
      been added to the low-level API and the BCPQC provider.
    - The BIKE NIST Post Quantum Alternative/Round-4 Candidate has been
      added to the low-level API and the BCPQC provider.
    - The HQC NIST Post Quantum Alternative/Round-4 Candidate has been
      added to the low-level API and the BCPQC provider.
    - Grain128AEAD has been added to the lightweight API.
    - A fast version of CRC24 has been added for use with the PGP API.
    - Some additional methods and fields have been exposed in the
      PGPOnePassSignature class to (hopefully) make it easier to
      deal with nested signatures.
    - CMP support classes have been updated to reflect the latest
      editions to the the draft RFC 'Lightweight Certificate Management
      Protocol (CMP) Profile'.
    - Support has been added to the PKCS#12 implementation for the
      Oracle trusted certificate attribute.
    - Performance of our BZIP2 classes has been improved.

  * Notes:

    - Keep in mind the PQC algorithms are still under development and
      we are still at least a year and a half away from published standards.
      This means the algorithms may still change so by all means experiment,
      but do not use the PQC algoritms for anything long term.
    - The legacy 'Rainbow' and 'McEliece' implementations have been
      removed from the BCPQC provider. The underlying classes are
      still present if required. Other legacy algorithm implementations
      can be found under the org.bouncycastle.pqc.legacy package.

  * Security Notes:

    - The PQC SIKE algorithm is provided for research purposes only.
      It should now be regarded as broken. The SIKE implementation
      will be withdrawn in BC 1.73. 

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2050-1
Released:    Thu Apr 27 11:19:05 2023
Summary:     Security update for fwupd
Type:        security
Severity:    moderate
References:  1209188

This update of fwupd fixes the following issues:

- rebuild the package with the new secure boot key (bsc#1209188).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2051-1
Released:    Thu Apr 27 11:30:01 2023
Summary:     Security update for libtpms
Type:        security
Severity:    important
References:  1206022,1206023,CVE-2023-1017,CVE-2023-1018
This update for libtpms fixes the following issues:

- CVE-2023-1017: Fixed out-of-bounds write in CryptParameterDecryption (bsc#1206022).
- CVE-2023-1018: Fixed out-of-bounds read in CryptParameterDecryption (bsc#1206023).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2059-1
Released:    Thu Apr 27 16:32:18 2023
Summary:     Security update for rubygem-actionview-5_1
Type:        security
Severity:    important
References:  1172184,1176421,1199060,CVE-2020-15169,CVE-2020-8167,CVE-2022-27777
This update for rubygem-actionview-5_1 fixes the following issues:

- CVE-2022-27777: Fixed possible cross-site scripting vulnerability in Action View tag helpers (bsc#1199060).
- CVE-2020-15169: Fixed cross-site scripting in translation helpers (bsc#1176421).
- CVE-2020-8167: Fixed CSRF vulnerability in rails-ujs (bsc#1172184).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2060-1
Released:    Thu Apr 27 17:04:25 2023
Summary:     Security update for glib2
Type:        security
Severity:    moderate
References:  1209713,1209714,1210135,CVE-2023-24593,CVE-2023-25180
This update for glib2 fixes the following issues:

- CVE-2023-24593: Fixed a denial of service caused by handling a malicious text-form variant (bsc#1209714).
- CVE-2023-25180: Fixed a denial of service caused by malicious serialised variant (bsc#1209713).

The following non-security bug was fixed:

- Fixed regression on s390x (bsc#1210135, glgo#GNOME/glib!2978).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2063-1
Released:    Fri Apr 28 10:42:13 2023
Summary:     Recommended update for davfs2
Type:        recommended
Severity:    moderate
References:  1188967,1198576
This update for davfs2 fixes the following issues:

- Do not download the update_cache_file on each lookup. It is enough to get the latest file size when a file is not
open or not dirty to detect if it has been changed on the server, so next FUSE read will have the correct size.
(bsc#1198576, bsc#1188967).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2064-1
Released:    Fri Apr 28 10:47:29 2023
Summary:     Security update for MozillaThunderbird
Type:        security
Severity:    important
References:  1210212,CVE-2023-0547,CVE-2023-1945,CVE-2023-1999,CVE-2023-29479,CVE-2023-29531,CVE-2023-29532,CVE-2023-29533,CVE-2023-29535,CVE-2023-29536,CVE-2023-29539,CVE-2023-29541,CVE-2023-29542,CVE-2023-29545,CVE-2023-29548,CVE-2023-29550
This update for MozillaThunderbird fixes the following issues:

Update to Mozilla Thunderbird 102.10.1 (MFSA 2023-15) (bsc#1210212):

Security fixes:
  * CVE-2023-29531: Out-of-bound memory access in WebGL on macOS (bmo#1794292)
  * CVE-2023-29532: Mozilla Maintenance Service Write-lock bypass (bmo#1806394)
  * CVE-2023-29533: Fullscreen notification obscured (bmo#1798219, bmo#1814597)
  * CVE-2023-1999: Double-free in libwebp (bmo#1819244)
  * CVE-2023-29535: Potential Memory Corruption following Garbage Collector compaction (bmo#1820543)
  * CVE-2023-29536: Invalid free from JavaScript code (bmo#1821959)
  * CVE-2023-0547: Revocation status of S/Mime recipient certificates was not checked (bmo#1811298)
  * CVE-2023-29479: Hang when processing certain OpenPGP messages (bmo#1824978)
  * CVE-2023-29539: Content-Disposition filename truncation leads to Reflected File Download (bmo#1784348)
  * CVE-2023-29541: Files with malicious extensions could have been downloaded unsafely on Linux (bmo#1810191)
  * CVE-2023-29542: Bypass of file download extension restrictions (bmo#1810793, bmo#1815062)
  * CVE-2023-29545: Windows Save As dialog resolved environment variables (bmo#1823077)
  * CVE-2023-1945: Memory Corruption in Safe Browsing Code (bmo#1777588)
  * CVE-2023-29548: Incorrect optimization result on ARM64 (bmo#1822754)
  * CVE-2023-29550: Memory safety bugs fixed in Thunderbird 102.10 (bmo#1720594, bmo#1751945, bmo#1812498,
    bmo#1814217, bmo#1818357, bmo#1818762, bmo#1819493,
    bmo#1820389, bmo#1820602, bmo#1821448, bmo#1822413,
    bmo#1824828)
    
Other fixes:
  * fixed: Messages with missing or corrupt 'From:' header did not display message header buttons (bmo#1793918)
  * fixed: Composer repeatedly prompted for S/MIME smartcard signing/encryption password (bmo#1828366)
  * fixed: Address Book integration did not work with macOS 11.4 Bug Sur (bmo#1720257)
  * fixed: Mexico City DST fix in Thunderbird 102.10.0 (bug 1826146) was incomplete (bmo#1827503)
  * changed: New messages will automatically select S/MIME if configured and OpenPGP is not (bmo#1793278)
  * fixed: Calendar events with timezone America/Mexico_City incorrectly applied Daylight Savings Time (bmo#1826146)
  * fixed: Security fixes

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2065-1
Released:    Fri Apr 28 13:12:15 2023
Summary:     Security update for webkit2gtk3
Type:        security
Severity:    important
References:  1210295,1210731,CVE-2022-0108,CVE-2022-32885,CVE-2022-32886,CVE-2022-32912,CVE-2023-25358,CVE-2023-25360,CVE-2023-25361,CVE-2023-25362,CVE-2023-25363,CVE-2023-27932,CVE-2023-27954,CVE-2023-28205
This update for webkit2gtk3 fixes the following issues:

Update to version 2.38.6 (bsc#1210731):

- CVE-2022-0108: Fixed information leak.
- CVE-2022-32885: Fixed arbitrary code execution.
- CVE-2023-25358: Fixed use-after-free vulnerability in WebCore::RenderLayer.
- CVE-2023-27932: Fixed Same Origin Policy bypass.
- CVE-2023-27954: Fixed  sensitive user information tracking.
- CVE-2023-28205: Fixed arbitrary code execution (bsc#1210295). 

Already fixed in version 2.38.5:

- CVE-2022-32886, CVE-2022-32912, CVE-2023-25360, CVE-2023-25361, CVE-2023-25362, CVE-2023-25363.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2066-1
Released:    Fri Apr 28 13:54:17 2023
Summary:     Security update for shadow
Type:        security
Severity:    moderate
References:  1210507,CVE-2023-29383
This update for shadow fixes the following issues:

- CVE-2023-29383: Fixed apparent /etc/shadow manipulation via chfn (bsc#1210507).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2071-1
Released:    Fri Apr 28 15:26:59 2023
Summary:     Recommended update for rust
Type:        recommended
Severity:    moderate
References:  
This update for rust fixes the following issues:

- Update to version 1.69.0 - for details see the rust1.69 package

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2084-1
Released:    Tue May  2 13:31:52 2023
Summary:     Security update for shim
Type:        security
Severity:    important
References:  1210382,CVE-2022-28737
This update for shim fixes the following issues:

- CVE-2022-28737 was missing as reference previously.

- Upgrade shim-install for bsc#1210382

  After closing Leap-gap project since Leap 15.3, openSUSE Leap direct
  uses shim from SLE. So the ca_string is 'SUSE Linux Enterprise Secure Boot
  CA1', not 'openSUSE Secure Boot CA1'. It causes that the update_boot=no,
  so all files in /boot/efi/EFI/boot are not updated.

  Logic was added that is using ID field in os-release for
  checking Leap distro and set ca_string to 'SUSE Linux Enterprise Secure
  Boot CA1'. Then /boot/efi/EFI/boot/* can also be updated.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2087-1
Released:    Tue May  2 15:48:09 2023
Summary:     This update has recommended fixes for ffmpeg-4
Type:        security
Severity:    important
References:  1206067,1209934,CVE-2022-48434
This updates fixes the following issues for ffmpeg-4:

Security fixes:

- CVE-2022-48434: Fixed use after free in libavcodec/pthread_frame.c (bsc#1209934). 

Other fixes:

- Add necessary subpackages to the Packagehub. (bsc#1206067)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2088-1
Released:    Tue May  2 18:08:06 2023
Summary:     Recommended update for rust, rust1.68
Type:        recommended
Severity:    moderate
References:  1209839
This update for rust, rust1.68 fixes the following issues:

Changes in rust1.68:

- bsc#1209839 - replace leaked github keys in rust/cargo

Version 1.68.2 (2023-03-28)
===========================

- Update the GitHub RSA host key bundled within Cargo
  The key was rotated by GitHub (https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/)
  on 2023-03-24 after the old one leaked.
- Mark the old GitHub RSA host key as revoked](https://github.com/rust-lang/cargo/pull/11889).
  This will prevent Cargo from accepting the leaked key even when trusted by
  the system.
- Add support for `@revoked` and a better error message for `@cert-authority` in Cargo's SSH host key verification
- Fix miscompilation in produced Windows MSVC artifacts
  This was introduced by enabling ThinLTO for the distributed rustc which led
  to miscompilations in the resulting binary. Currently this is believed to be
  limited to the -Zdylib-lto flag used for rustc compilation, rather than a
  general bug in ThinLTO, so only rustc artifacts should be affected.
- Fix --enable-local-rust builds
- Treat `$prefix-clang` as `clang` in linker detection code
- Fix panic in compiler code

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2089-1
Released:    Wed May  3 09:11:31 2023
Summary:     Recommended update for sapconf
Type:        recommended
Severity:    moderate
References:  1207899,1209408
This update for sapconf fixes the following issues:

- version update from 5.0.5 to 5.0.6
- add parameter IGNORE_RELOAD to /etc/sysconfig/sapconf to prevent
  sapconf from changing any system tunables during package update
  (bsc#1209408)
- fix for a race condition which leads to a missing start/restart
  of sapconf, which ends up with restored kernel parameters to
  defaults
  (bsc#1207899)

  correctly. Only the DM multipath devices (mpath) will be used for
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2096-1
Released:    Thu May  4 09:09:19 2023
Summary:     Security update for netty, netty-tcnative
Type:        security
Severity:    important
References:  1199338,1206360,1206379,CVE-2022-24823,CVE-2022-41881,CVE-2022-41915
This update for netty, netty-tcnative fixes the following issues:

netty:

- Security fixes included in this version update from 4.1.75 to 4.1.90:
  * CVE-2022-24823: Local Information Disclosure Vulnerability in Netty on Unix-Like systems due temporary files for
    Java 6 and lower in io.netty:netty-codec-http (bsc#1199338)
  * CVE-2022-41881: HAProxyMessageDecoder Stack Exhaustion DoS (bsc#1206360)
  * CVE-2022-41915: HTTP Response splitting from assigning header value iterator (bsc#1206379)
    
- Other non-security bug fixes included in this version update from 4.1.75 to 4.1.90:
  * Build with Java 11 on ix86 architecture in order to avoid build failures 
  * Fix `HttpHeaders.names` for non-String headers
  * Fix `FlowControlHandler` behaviour to pass read events when auto-reading is turned off
  * Fix brotli compression
  * Fix a bug in FlowControlHandler that broke auto-read
  * Fix a potential memory leak bug has been in the pooled allocator
  * Fix a scalability issue caused by instanceof and check-cast checks that lead to false-sharing on the 
    `Klass::secondary_super_cache` field in the JVM
  * Fix a bug in our `PEMParser` when PEM files have multiple objects, and `BouncyCastle` is on the classpath
  * Fix several `NullPointerException` bugs
  * Fix a regression `SslContext` private key loading
  * Fix a bug in `SslContext` private key reading fall-back path
  * Fix a buffer leak regression in `HttpClientCodec`
  * Fix a bug where some `HttpMessage` implementations, that also implement `HttpContent`, were not handled correctly
  * Fix epoll bug when receiving zero-sized datagrams
  * Fix a bug in `SslHandler` so `handlerRemoved` works properly even if `handlerAdded` throws an exception
  * Fix an issue that allowed the multicast methods on `EpollDatagramChannel` to be called outside of an event-loop 
    thread
  * Fix a bug where an OPT record was added to DNS queries that already had such a record
  * Fix a bug that caused an error when files uploaded with HTTP POST contained a backslash in their name
  * Fix an issue in the `BlockHound` integration that could occasionally cause NetUtil to be reported as performing
    blocking operation. A similar `BlockHound` issue was fixed for the `JdkSslContext`
  * Fix a bug that prevented preface or settings frames from being flushed, when an HTTP2 connection was established
    with prior-knowledge
  * Fix a bug where Netty fails to load a shaded native library
  * Fix and relax overly strict HTTP/2 header validation check that was rejecting requests from Chrome and Firefox
  * Fix OpenSSL and BoringSSL implementations to respect the `jdk.tls.client.protocols` and `jdk.tls.server.protocols`
    system properties, making them react to these in the same way the JDK SSL provider does
  * Fix inconsitencies in how `epoll`, `kqueue`, and `NIO` handle RDHUP
  * For a more detailed list of changes please consult the official release notes:
    +  Changes from 4.1.90: https://netty.io/news/2023/03/14/4-1-90-Final.html
    +  Changes from 4.1.89: https://netty.io/news/2023/02/13/4-1-89-Final.html
    +  Changes from 4.1.88: https://netty.io/news/2023/02/12/4-1-88-Final.html
    +  Changes from 4.1.87: https://netty.io/news/2023/01/12/4-1-87-Final.html
    +  Changes from 4.1.86: https://netty.io/news/2022/12/12/4-1-86-Final.html
    +  Changes from 4.1.85: https://netty.io/news/2022/11/09/4-1-85-Final.html
    +  Changes from 4.1.84: https://netty.io/news/2022/10/11/4-1-84-Final.html
    +  Changes from 4.1.82: https://netty.io/news/2022/09/13/4-1-82-Final.html
    +  Changes from 4.1.81: https://netty.io/news/2022/09/08/4-1-81-Final.html
    +  Changes from 4.1.80: https://netty.io/news/2022/08/26/4-1-80-Final.html
    +  Changes from 4.1.79: https://netty.io/news/2022/07/11/4-1-79-Final.html
    +  Changes from 4.1.78: https://netty.io/news/2022/06/14/4-1-78-Final.html
    +  Changes from 4.1.77: https://netty.io/news/2022/05/06/2-1-77-Final.html
    +  Changes from 4.1.76: https://netty.io/news/2022/04/12/4-1-76-Final.html

netty-tcnative:
    
- New artifact named `netty-tcnative-classes`, provided by this update is required by netty 4.1.90 which contains 
  important security updates
- No formal changelog present. This artifact is closely bound to the netty releases

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2097-1
Released:    Thu May  4 09:11:06 2023
Summary:     Security update for maven and recommended update for antlr3, minlog, sbt, xmvn
Type:        security
Severity:    important
References:  1193795,CVE-2021-42550
This update for antlr3, maven, minlog, sbt, xmvn fixes the following issues:

maven:

- Version update from 3.8.5 to 3.8.6 (jsc#SLE-23217):
  * Security fixes:
    + CVE-2021-42550: Update Version of (optional) Logback (bsc#1193795)
  * Bug fixes:
    + Fix resolver session containing non-MavenWorkspaceReader
    + Fix for multiple maven instances working on same source tree that can lock each other
    + Don't ignore bin/ otherwise bin/ in apache-maven module cannot be added back
    + Fix IllegalStateException in SessionScope during guice injection in multithreaded build
    + Revert MNG-7347 (SessionScoped beans should be singletons for a given session)
    + Fix compilation failure with relocated transitive dependency
    + Fix deadlock during forked lifecycle executions
    + Fix issue with resolving dependencies between submodules
  * New features and improvements: 
    + Create a multiline message helper for boxed log messages
    + Display a warning when an aggregator mojo is locking other mojo executions
    + Align Assembly Descriptor NS versions
  * Dependency upgrades:
    + Upgrade SLF4J to 1.7.36
    + Upgrade JUnit to 4.13.2
    + Upgrade Plexus Utils to 3.3.1
- Move mvn.1 from bin to man directory
    
antlr3:

- Bug fixes in this version update from 3.5.2 to 3.5.3 (jsc#SLE-23217):
  * Change source compatibility to 1.8 and enable github workflows
  * Change Wiki URLs to theantlrguy.atlassian.net in README.txt
  * Add Bazel support
- Remove enforcer plugin as it is not needed in a controlled environment
 
minlog:

- Bug fixes in this version update from 1.3.0 to 1.3.1 (jsc#SLE-23217):
  * Use currentTimeMillis
  * Use 3-Clause BSD 
  * Use Java 7 JDK.

sbt:

- Fix build issues with maven 3.8.6 (jsc#SLE-23217)

xmvn:

- Remove RPM package build dependency on easymock (jsc#SLE-23217)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2099-1
Released:    Thu May  4 15:00:40 2023
Summary:     Recommended update for cronie
Type:        recommended
Severity:    moderate
References:  
This update for cronie fixes the following issue:

- Allow to define the logger info and warning priority.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2102-1
Released:    Thu May  4 16:44:31 2023
Summary:     Recommended update for usbguard
Type:        recommended
Severity:    moderate
References:  1196621
This update for usbguard fixes the following issues:

Update to 1.1.2

* Fixed

  - Polkit: Always allow getParameter/listDevices/listRules in active sessions
  - D-Bus: Send reply on auth failure
  - Polkit: Unreference PolkitAuthorizationResult and PolkitAuthority structs if needed

Update to 1.1.1

* Fixed/Changed

  - Use authentication instead of authentification
  - Restore support for access control filenames without a group

- Enable dbus support (bsc#1196621, jsc#PED-3789).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2104-1
Released:    Thu May  4 21:05:30 2023
Summary:     Recommended update for procps
Type:        recommended
Severity:    moderate
References:  1209122
This update for procps fixes the following issue:

- Allow - as leading character to ignore possible errors on systctl entries (bsc#1209122)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2105-1
Released:    Fri May  5 08:34:09 2023
Summary:     Security update for go1.20
Type:        security
Severity:    important
References:  1206346,1210127,1210128,1210129,1210130,1210938,1210963,1211029,1211030,1211031,CVE-2023-24534,CVE-2023-24536,CVE-2023-24537,CVE-2023-24538,CVE-2023-24539,CVE-2023-24540,CVE-2023-29400
This update for go1.20 fixes the following issues:

Update to 1.20.4 (bnc#1206346):
- CVE-2023-24539: Fixed an improper sanitization of CSS values (boo#1211029).
- CVE-2023-24540: Fixed an improper handling of JavaScript whitespace (boo#1211030).
- CVE-2023-29400: Fixed an improper handling of empty HTML attributes (boo#1211031).
- runtime: automatically bump RLIMIT_NOFILE on Unix.
- crypto/subtle: xor fails when run with race+purego.
- cmd/compile: encoding/binary.PutUint16 sometimes doesn't write.
- cmd/compile: internal compiler error: cannot call SetType(go.shape.int) on v (type int).
- cmd/compile: miscompilation in star-tex.org/x/cmd/star-tex.
- net/http: FileServer no longer serves content for POST.
- crypto/tls: TLSv1.3 connection fails with invalid PSK binder.
- cmd/compile: incorrect inline function variable.
- cmd/compile: Unified IR exports table is binary unstable in presence of generics.
- go/internal/gcimporter: lookupGorootExport should use the go command from build.Default.GOROOT.

Non-security fixes:

- Reverted go1.x Suggests go1.x-race (boo#1210963).
- Re-enabled binary stripping and debuginfo (boo#1210938).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2108-1
Released:    Fri May  5 12:26:28 2023
Summary:     Security update for ffmpeg
Type:        security
Severity:    important
References:  1209934,CVE-2022-48434
This update for ffmpeg fixes the following issues:

- CVE-2022-48434: Fixed use after free in libavcodec/pthread_frame.c (bsc#1209934).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2110-1
Released:    Fri May  5 14:10:21 2023
Summary:     Security update for java-17-openjdk
Type:        security
Severity:    important
References:  1209333,1210628,1210631,1210632,1210634,1210635,1210636,1210637,CVE-2023-21930,CVE-2023-21937,CVE-2023-21938,CVE-2023-21939,CVE-2023-21954,CVE-2023-21967,CVE-2023-21968
This update for java-17-openjdk fixes the following issues:

Update to upstrem tag jdk-17.0.7+7 (April 2023 CPU)

Security fixes:

- CVE-2023-21930: Fixed AES support (bsc#1210628).
- CVE-2023-21937: Fixed String platform support (bsc#1210631).
- CVE-2023-21938: Fixed runtime support (bsc#1210632).
- CVE-2023-21939: Fixed Swing platform support (bsc#1210634). 
- CVE-2023-21954: Fixed object reclamation process (bsc#1210635).
- CVE-2023-21967: Fixed TLS session negotiation (bsc#1210636).
- CVE-2023-21968: Fixed path handling (bsc#1210637). 

Other fixes:

- Fixed socket setTrafficClass not working for IPv4 connections when IPv6 is enabled (bsc#1209333).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2111-1
Released:    Fri May  5 14:34:00 2023
Summary:     Security update for ncurses
Type:        security
Severity:    moderate
References:  1210434,CVE-2023-29491
This update for ncurses fixes the following issues:

- CVE-2023-29491: Fixed memory corruption issues when processing malformed terminfo data (bsc#1210434).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2116-1
Released:    Fri May  5 18:44:15 2023
Summary:     Recommended update for trento-agent
Type:        recommended
Severity:    important
References:  
This update for trento-agent fixes the following issues:


- Release 2.0.0
  ### Added
  - Parse durations in cibadmin gatherer
  - Add ability to detect if running on `VMware` system 
  - Pin web api version to v1
  - Multiversion package support 
  - Pretty print fact values
  - Unhide facts service url flag 
  - Add version comparison functionality for package\_version
  - Make `corosynccmapctl` gatherer output a map structure 
  - Add initial support to verify the password for the hacluster user
  - Add argument validation for gatherers that require it
  - Hidden agent id flag 
  - Sbd dump gatherer 
  - Retrieve agent id command 
  - Port cibadmin gatherer 
  - Restructure project folders structure
  - Generic get value 
  - Refactor sbd loading
  - Corosynccmap ctl gatherer port 
  - Refactor sbd gatherer
  - Packageversion gatherer
  - Port systemd gatherer
  - Gather all hosts entries when no arg is provided
  - Add FactValue type 
  - Implement /etc/hosts file gatherer 
  - Implement saphostctrl gatherer
  ### Fixed
  - Fix getValue function when map is empty 
  - Cibadmin meta attributes to list
  - Fix broken zypper output parsing in package\_version due to `\n`
  - Handle `CorosyncCmapctlGatherer` receiving empty lines
  - Fix cluster\_property\_set parsing
  - Fix list conversion issues in the xml gatherer 
  - Fix special lists usage in corosyncconf gatherer 
  ### Removed
  - Remove ssh address references
  ### Other Changes
  - Add reviewers to dependabot
   - Trigger golang docs update in ci 
  - Disable lll linter rule for test files 


-----------------------------------------------------------------
Advisory ID: SUSE-feature-2023:2118-1
Released:    Fri May  5 22:28:26 2023
Summary:     Feature update for haproxy
Type:        feature
Severity:    moderate
References:  
This update for haproxy fixes the following issues:

Update to version 2.4.22. (jsc#PED-3821):

* BUG/CRITICAL: http: properly reject empty http header field names
* CI: github: don't warn on deprecated openssl functions on windows
* BUG/MEDIUM: stconn: Schedule a shutw on shutr if data must be sent first
* DOC: proxy-protocol: fix wrong byte in provided example
* DOC: config: 'http-send-name-header' option may be used in default section
* DOC: config: fix option spop-check proxy compatibility
* BUG/MEDIUM: cache: use the correct time reference when comparing dates
* BUG/MEDIUM: stick-table: do not leave entries in end of window during purge
* BUG/MINOR: ssl/crt-list: warn when a line is malformated
* BUG/MEDIUM: ssl: wrong eviction from the session cache tree
* BUG/MINOR: fcgi-app: prevent 'use-fcgi-app' in default section
* BUG/MINOR: sink: free the forwarding task on exit
* BUILD: hpack: include global.h for the trash that is needed in debug mode
* BUG/MINOR: mux-h2: add missing traces on failed headers decoding
* BUG/MINOR: listener: close tiny race between resume_listener() and stopping
* DOC: config: fix 'Address formats' chapter syntax
* BUG/MINOR: mux-fcgi: Correctly set pathinfo
* DOC: config: fix aliases for protocol prefixes 'udp4@' and 'udp6@'
* DOC: config: fix wrong section number for 'protocol prefixes'
* BUG/MINOR: listeners: fix suspend/resume of inherited FDs
* BUG/MINOR: http-ana: make set-status also update txn->status
* BUG/MINOR: http-fetch: Don't block HTTP sample fetch eval in HTTP_MSG_ERROR state
* BUG/MINOR: http-ana: Report SF_FINST_R flag on error waiting the request body
* BUG/MINOR: promex: Don't forget to consume the request on error
* BUG/MINOR: resolvers: Wait the resolution execution for a do_resolv action
* BUG/MINOR: h1-htx: Remove flags about protocol upgrade on non-101 responses
* CLEANUP: htx: fix a typo in an error message of http_str_to_htx
* BUG/MINOR: http: Memory leak of http redirect rules' format string
* REGTEST: fix the race conditions in hmac.vtc
* REGTEST: fix the race conditions in digest.vtc
* REGTEST: fix the race conditions in json_query.vtc
* BUG/MAJOR: buf: Fix copy of wrapping output data when a buffer is realigned
* BUG/MINOR: http-fetch: Only fill txn status during prefetch if not already set
* BUILD: makefile: sort the features list
* BUILD: makefile: build the features list dynamically
* BUG/MINOR: pool/stats: Use ullong to report total pool usage in bytes in stats
* BUG/MEDIUM: mux-h2: Refuse interim responses with end-stream flag set
* BUG/MINOR: ssl: Fix memory leak of find_chain in ssl_sock_load_cert_chain
* LICENSE: wurfl: clarify the dummy library license.
* BUG/MEDIUM: resolvers: Use tick_first() to update the resolvers task timeout
* REGTESTS: startup: check maxconn computation
* REGTESTS: fix the race conditions in iff.vtc
* BUG/MAJOR: fcgi: Fix uninitialized reserved bytes
* DOC: promex: Add missing backend metrics
* MINOR: promex: introduce haproxy_backend_agg_check_status
* BUG/MINOR: promex: create haproxy_backend_agg_server_status
* BUG/MEDIUM: mworker: fix segv in early failure of mworker mode with peers
* BUG/MINOR: ssl: Fix potential overflow
* BUG/MEDIUM: ssl: Verify error codes can exceed 63
* BUG/MINOR: resolvers: Don't wait periodic resolution on healthcheck failure
* BUILD: peers: peers-t.h depends on stick-table-t.h
* CI: github: change 'ubuntu-latest' to 'ubuntu-20.04'
* BUG/MEDIIM: stconn: Flush output data before forwarding close to write side
* BUG/MINOR: http-htx: Don't consider an URI as normalized after a set-uri action
* [RELEASE] Released version 2.4.20
* Revert 'CI: determine actual OpenSSL version dynamically'
* Revert 'CI: switch to the 'latest' LibreSSL'
* SCRIPTS: announce-release: add a link to the data plane API
* DOC: config: clarify the -m dir and -m dom pattern matching methods
* DOC: config: clarify the fact that 'retries' is not just for connections
* DOC: config: explain how default matching method for ACL works
* DOC: config: mention that a single monitor-uri rule is supported
* DOC: config: clarify the fact that SNI should not be used in HTTP scenarios
* DOC: config: provide some configuration hints for 'http-reuse'
* Revert 'BUG/MINOR: http-htx: Don't consider an URI as normalized after a set-uri action'
* BUG/MINOR: mux-h1: Fix handling of 408-Request-Time-Out
* BUILD: http-htx: Silent build error about a possible NULL start-line
* BUG/MINOR: http-htx: Don't consider an URI as normalized after a set-uri action
* BUG/MINOR: log: fix parse_log_message rfc5424 size check
* BUG/MINOR: cfgparse-listen: fix ebpt_next_dup pointer dereference on proxy 'from' inheritance
* BUILD: listener: fix build warning on global_listener_rwlock without threads
* BUG/MINOR: server/idle: at least use atomic stores when updating max_used_conns
* BUILD: peers: Remove unused variables
* BUG/MEDIUM: peers: messages about unkown tables not correctly ignored
* BUG/MINOR: ssl: don't initialize the keylog callback when not required
* BUG/MINOR: http_ana/txn: don't re-initialize txn and req var lists
* BUG/MEDIUM: listener: Fix race condition when updating the global mngmt task
* BUG/MINOR: pool/cli: use ullong to report total pool usage in bytes
* BUG/MEDIUM: ring: fix creation of server in uninitialized ring
* DOC: config: fix alphabetical ordering of global section
* REG-TESTS: cache: Remove T-E header for 304-Not-Modified responses
* BUG/MINOR: mux-h1: Do not send a last null chunk on body-less answers
* BUG/MEDIUM: mux-fcgi: Avoid value length overflow when it doesn't fit at once
* BUG/MINOR: mux-fcgi: Be sure to send empty STDING record in case of zero-copy
* BUG/MINOR: resolvers: Set port before IP address when processing SRV records
* BUG/MINOR: http-htx: Fix error handling during parsing http replies
* BUG/MEDIUM: wdt/clock: properly handle early task hangs
* CI: emit the compiler's version in the build reports
* CI: switch to the 'latest' LibreSSL
* BUG/MINOR: ssl: ocsp structure not freed properly in case of error
* BUG/MINOR: ssl: Memory leak of AUTHORITY_KEYID struct when loading issuer
* CI: add monthly gcc cross compile jobs
* BUG/MINOR: log: fixing bug in tcp syslog_io_handler Octet-Counting
* BUG/MEDIUM: stick-table: fix a race condition when updating the expiration task
* BUG/MAJOR: stick-table: don't process store-response rules for applets
* DOC: management: add forgotten 'show startup-logs'
* BUG/MINOR: stick-table: Use server_id instead of std_t_sint in process_store_rules()
* CI: SSL: temporarily stick to LibreSSL=3.5.3
* CI: SSL: use proper version generating when 'latest' semantic is used
* BUG/MINOR: sink: Set default connect/server timeout for implicit ring buffers
* BUG/MINOR: sink: Only use backend capability for the sink proxies
* BUG/MEDIUM: compression: handle rewrite errors when updating response headers
* BUG/MINOR: ring: Properly parse connect timeout
* BUG/MINOR: log: Preserve message facility when the log target is a ring buffer
* CI: Replace the deprecated `::set-output` command by writing to $GITHUB_OUTPUT in workflow definition
* CI: Replace the deprecated `::set-output` command by writing to $GITHUB_OUTPUT in matrix.py
* BUG/MINOR: server: make sure 'show servers state' hides private bits
* BUG/MAJOR: stick-tables: do not try to index a server name for applets
* DOC: configuration: missing 'if' in tcp-request content example
* BUG/MINOR: backend: only enforce turn-around state when not redispatching
* BUG/MINOR: smtpchk: SMTP Service check should gracefully close SMTP transaction
* MINOR: smtpchk: Update expect rule to fully match replies to EHLO commands
* BUG/MINOR: mux-h1: Account consumed output data on synchronous connection error
* BUILD: http_fetch: silence an uninitiialized warning with gcc-4/5/6 at -Os
* BUG/MINOR: http-fetch: Update method after a prefetch in smp_fetch_meth()
* BUILD: h1: silence an initiialized warning with gcc-4.7 and -Os
* BUG/MEDIUM: lua: handle stick table implicit arguments right.
* BUG/MEDIUM: lua: Don't crash in hlua_lua2arg_check on failure
* DOC: config: Fix pgsql-check documentation to make user param mandatory
* BUG/MINOR: checks: update pgsql regex on auth packet
* [RELEASE] Released version 2.4.19
* BUG/MEDIUM: resolvers: Remove aborted resolutions from query_ids tree
* REGTESTS: 4be_1srv_smtpchk_httpchk_layer47errors: Return valid SMTP replies
* BUG/MINOR: log: improper behavior when escaping log data
* SCRIPTS: announce-release: update some URLs to https
* BUILD: fd: fix a build warning on the DWCAS
* BUG/MEDIUM: captures: free() an error capture out of the proxy lock
* DOC: fix TOC in starter guide for subsection 3.3.8. Statistics
* REGTESTS: ssl/log: test the log-forward with SSL
* BUG/MEDIUM: sink: bad init sequence on tcp sink from a ring.
* REGTESTS: log: test the log-forward feature
* REGTESTS: healthcheckmail: Relax matching on the healthcheck log message
* BUG/MINOR: stats: fixing stat shows disabled frontend status as 'OPEN'
* MINOR: listener: small API change
* BUG/MEDIUM: proxy: ensure pause_proxy() and resume_proxy() own PROXY_LOCK
* CI: cirrus-ci: bump FreeBSD image to 13-1
* BUG/MINOR: signals/poller: ensure wakeup from signals
* BUG/MINOR: signals/poller: set the poller timeout to 0 when there are signals
* BUG/MINOR: task: always reset a new tasklet's call date
* BUG/MINOR: h1: Support headers case adjustment for TCP proxies
* BUILD: makefile: enable crypt(3) for NetBSD
* BUG/MINOR: regex: Properly handle PCRE2 lib compiled without JIT support
* BUG/MINOR: mux-fcgi: fix the 'show fd' dest buffer for the subscriber
* BUG/MINOR: mux-h1: fix the 'show fd' dest buffer for the subscriber
* BUG/MINOR: mux-h2: fix the 'show fd' dest buffer for the subscriber
* BUG/MEDIUM: mux-h1: always use RST to kill idle connections in pools
* REGTESTS: http_request_buffer: Add a barrier to not mix up log messages
* BUG/MEDIUM: mux-h1: do not refrain from signaling errors after end of input
* BUG/MINOR: tcpcheck: Disable QUICKACK for default tcp-check (with no rule)
* BUG/MINOR: hlua: Rely on CF_EOI to detect end of message in HTTP applets
* BUG/MEDIUM: peers: Don't start resync on reload if local peer is not up-to-date
* BUG/MEDIUM: peers: Don't use resync timer when local resync is in progress
* BUG/MEDIUM: peers: Add connect and server timeut to peers proxy
* BUG/MEDIUM: spoe: Properly update streams waiting for a ACK in async mode
* DOC: configuration: do-resolve doesn't work with a port in the string
* REGTESTS: Fix prometheus script to perform HTTP health-checks
* BUG/MINOR: tcpcheck: Disable QUICKACK only if data should be sent after connect
* BUG/MINOR: resolvers: return the correct value in resolvers_finalize_config()
* BUG/MAJOR: mworker: fix infinite loop on master with no proxies.
* BUG/MAJOR: log-forward: Fix log-forward proxies not fully initialized
* BUG/MEDIUM: mux-h2: do not fiddle with ->dsi to indicate demux is idle
* BUG/MEDIUM: http-ana: fix crash or wrong header deletion by http-restrict-req-hdr-names
* BUILD: http: silence an uninitialized warning affecting gcc-5
* BUG/MEDIUM: ring: fix too lax 'size' parser
* BUILD: debug: silence warning on gcc-5
* BUG/MEDIUM: task: relax one thread consistency check in task_unlink_wq()
* BUG/MEDIUM: poller: use fd_delete() to release the poller pipes
* BUILD: cfgparse: always defined _GNU_SOURCE for sched.h and crypt.h
* BUG/MINOR: sink: fix a race condition between the writer and the reader
* BUG/MINOR: ring/cli: fix a race condition between the writer and the reader
* BUG/MEDIUM: proxy: Perform a custom copy for default server settings
* REORG: server: Export srv_settings_cpy() function
* MINOR: server: Constify source server to copy its settings
* BUG/MEDIUM: dns: Properly initialize new DNS session
* BUG/MINOR: peers: Use right channel flag to consider the peer as connected
* BUG/MEDIUM: peers: limit reconnect attempts of the old process on reload
* MINOR: peers: Use a dedicated reconnect timeout when stopping the local peer
* BUG/MEDIUM: pattern: only visit equivalent nodes when skipping versions
* MINOR: ebtree: add ebmb_lookup_shorter() to pursue lookups
* MINOR: http-htx: Use new HTTP functions for the scheme based normalization
* BUG/MEDIUM: h1: Improve authority validation for CONNCET request
* MINOR: http: Add function to detect default port
* MINOR: http: Add function to get port part of a host
* BUG/MEDIUM: mworker: use default maxconn in wait mode
* [RELEASE] Released version 2.4.18
* BUG/MINOR: sockpair: wrong return value for fd_send_uxst()
* BUG/MINOR: backend: Fallback on RR algo if balance on source is impossible
* BUILD: add detection for unsupported compiler models
* BUG/MEDIUM: mworker: proc_self incorrectly set crashes upon reload
* REGTESTS: Fix some scripts to be compatible with 2.4 and prior
* BUG/MINOR: tools: fix statistical_prng_range()'s output range
* BUG/MEDIUM: tools: avoid calling dlsym() in static builds (try 2)
* BUILD: makefile: Fix install(1) handling for OpenBSD/NetBSD/Solaris/AIX
* BUG/MEDIUM: tools: avoid calling dlsym() in static builds
* MEDIUM: mworker: set the iocb of the socketpair without using fd_insert()
* BUG/MEDIUM: mux-h1: Handle connection error after a synchronous send
* BUG/MEDIUM: http-ana: Don't wait to have an empty buf to switch in TUNNEL state
* BUG/MINOR: mux-h1: Be sure to commit htx changes in the demux buffer
* REGTEESTS: filters: Fix CONNECT request in random-forwarding script
* BUG/MEDIUM: http-fetch: Don't fetch the method if there is no stream
* BUG/MINOR: http-htx: Fix scheme based normalization for URIs wih userinfo
* BUG/MINOR: peers: fix possible NULL dereferences at config parsing
* BUG/MINOR: http-act: Properly generate 103 responses when several rules are used
* BUG/MINOR: http-check: Preserve headers if not redefined by an implicit rule
* BUG/MINOR: peers/config: always fill the bind_conf's argument
* MINOR: fd: Add BUG_ON checks on fd_insert()
* CI: re-enable gcc asan builds
* BUILD: Makefile: Add Lua 5.4 autodetect
* BUG/MEDIUM: ssl/fd: unexpected fd close using async engine
* MINOR: fd: add a new FD_DISOWN flag to prevent from closing a deleted FD
* BUG/MINOR: http-fetch: Use integer value when possible in 'method' sample fetch
* BUG/MINOR: http-ana: Set method to HTTP_METH_OTHER when an HTTP txn is created
* BUG/MINOR: ssl: Do not look for key in extra files if already in pem
* MEDIUM: mux-h2: try to coalesce outgoing WINDOW_UPDATE frames
* BUG/MEDIUM: ssl/cli: crash when crt inserted into a crt-list
* BUG/MINOR: tcp-rules: Make action call final on read error and delay expiration
* BUG/MINOR: cli/stats: add missing trailing LF after 'show info json'
* BUG/MINOR: server: do not enable DNS resolution on disabled proxies
* BUG/MINOR: cli/stats: add missing trailing LF after JSON outputs
* REGTESTS: healthcheckmail: Relax health-check failure condition
* REGTESTS: healthcheckmail: Update the test to be functionnal again
* BUG/MINOR: checks: Properly handle email alerts in trace messages
* BUG/MINOR: trace: Test server existence for health-checks to get proxy
* BUG/MEDIUM: mailers: Set the object type for check attached to an email alert
* BUILD: compiler: implement unreachable for older compilers too
* REGTESTS: restrict_req_hdr_names: Extend supported versions
* REGTESTS: http_abortonclose: Extend supported versions
* BUG/MINOR: ssl_ckch: Fix possible uninitialized value in show_cert I/O handler
* BUG/MINOR: ssl_ckch: Dump cert transaction only once if show command yield
* REGTESTS: http_request_buffer: Increase client timeout to wait 'slow' clients
* REGTESTS: abortonclose: Add a barrier to not mix up log messages
* MEDIUM: http-ana: Always report rewrite failures as PRXCOND in logs
* BUG/MEDIUM: ssl/crt-list: Rework 'add ssl crt-list' to handle full buffer cases
* BUG/MEDIUM: ssl_ckch: Rework 'commit ssl cert' to handle full buffer cases
* BUG/MINOR: ssl_ckch: Don't duplicate path when replacing a cert entry
* BUG/MEDIUM: ssl_ckch: Don't delete a cert entry if it is being modified
* BUG/MINOR: ssl_ckch: Free error msg if commit changes on a cert entry fails
* DOC: intro: adjust the numbering of paragrams to keep the output ordered
* DOC: peers: fix port number and addresses on new peers section format
* DOC: peers: clarify when entry expiration date is renewed.
* DOC: peers: indicate that some server settings are not usable
* SCRIPTS: make publish-release try to launch make-releases-json
* SCRIPTS: add make-releases-json to recreate a releases.json file in download dirs
* REGTESTS: Do not use REQUIRE_VERSION for HAProxy 2.5+ (2)
* BUG/MEDIUM: sample: Fix adjusting size in word converter
* BUG/MEDIUM: peers: prevent unitialized multiple listeners on peers section
* BUG/MEDIUM: peers: fix segfault using multiple bind on peers sections
* BUG/MEDIUM: resolvers: Don't defer resolutions release in deinit function
* BUG/MEDIUM: http: Properly reject non-HTTP/1.x protocols
* BUG/MEDIUM: tools: Fix `inet_ntop` usage in sa2str
* CI: determine actual OpenSSL version dynamically
* BUILD/MINOR: cpuset fix build for FreeBSD 13.1
* BUG/MINOR: peers: fix error reporting of 'bind' lines
* BUG/MINOR: cfgparse: abort earlier in case of allocation error
* BUG/MINOR: check: Reinit the buffer wait list at the end of a check
* BUG/MEDIUM: config: Reset outline buffer size on realloc error in readcfgfile()
* REGTESTS: abortonclose: Fix some race conditions
* BUG/MINOR: ssl: Fix crash when no private key is found in pem
* MINOR: tools: add get_exec_path implementation for solaris based systems.
* BUILD: fix build warning on solaris based systems with __maybe_unused.
* MEDIUM: http-ana: Add a proxy option to restrict chars in request header names
* CI: determine actual LibreSSL version dynamically
* [RELEASE] Released version 2.4.17
* CLEANUP: mux-h1: Fix comments and error messages for global options
* BUG/MEDIUM: wdt: don't trigger the watchdog when p is unitialized
* BUG/MINOR: conn_stream: do not confirm a connection from the frontend path
* BUG/MINOR: server: Make SRV_STATE_LINE_MAXLEN value from 512 to 2kB (2000 bytes).
* DOC: install: update gcc version requirements
* BUG/MEDIUM: ssl: fix the gcc-12 broken fix :-(
* BUILD: listener: shut report of possible null-deref in listener_accept()
* BUILD: debug: work around gcc-12 excessive -Warray-bounds warnings
* BUILD: ssl: work around bogus warning in gcc 12's -Wformat-truncation
* CI: dynamically determine actual version of h2spec
* DOC: fix typo 'ant' for 'and' in INSTALL
* BUG/MINOR: map/cli: make sure patterns don't vanish under 'show map''s init
* BUG/MINOR: map/cli: protect the backref list during 'show map' errors
* BUG/MEDIUM: cli: make 'show cli sockets' really yield
* BUG/MEDIUM: resolvers: make 'show resolvers' properly yield
* BUG/MINOR: tcp/http: release the expr of set-{src,dst}[-port]
* DOC: config: Update doc for PR/PH session states to warn about rewrite failures
* MINOR: mux-h2: report a trace event when failing to create a new stream
* BUG/MINOR: mux-h2: mark the stream as open before processing it not after
* BUG/MAJOR: dns: multi-thread concurrency issue on UDP socket
* BUG/MEDIUM: mux-h1: Be able to handle trailers when C-L header was specified
* BUG/MEDIUM: mux-fcgi: Be sure to never set EOM flag on an empty HTX message
* SCRIPTS: announce-release: add URL of dev packages
* CI: github actions: update LibreSSL to 3.5.2
* [RELEASE] Released version 2.4.16
* BUILD: opentracing: Fix OT build due to misuse of var_clear()
* BUILD: proto_uxst: do not set unused flag
* BUILD: sockpair: do not set unused flag
* BUILD: fd: remove unused variable totlen in fd_write_frag_line()
* CLEANUP: acl: Remove unused variable when releasing an acl expression
* BUG/MINOR: pools: make sure to also destroy shared pools in pool_destroy_all()
* BUG/MINOR: resolvers: Fix memory leak in resolvers_deinit()
* BUILD: compiler: properly distinguish weak and global symbols
* REGTESTS: fix the race conditions in be2dec.vtc ad field.vtc
* MEDIUM: queue: use tasklet_instant_wakeup() to wake tasks
* MINOR: task: add a new task_instant_wakeup() function
* BUG/MINOR: rules: Fix check_capture() function to use the right rule arguments
* DOC: remove my name from the config doc
* BUG/MAJOR: connection: Never remove connection from idle lists outside the lock
* BUG/MINOR: cache: Disable cache if applet creation fails
* SCRIPTS: announce-release: add shortened links to pending issues
* DOC: lua: update a few doc URLs
* SCRIPTS: announce-release: update the doc's URL
* BUG/MEDIUM: compression: Don't forget to update htx_sl and http_msg flags
* BUG/MEDIUM: fcgi-app: Use http_msg flags to know if C-L header can be added
* BUG/MEDIUM: stream: do not abort connection setup too early
* BUILD: compiler: use a more portable set of asm('.weak') statements
* BUILD: sched: workaround crazy and dangerous warning in Clang 14
* BUG/MEDIUM: mux-h1: Don't request more room on partial trailers
* BUG/MINOR: mux-h2: use timeout http-request as a fallback for http-keep-alive
* BUG/MINOR: mux-h2: do not use timeout http-keep-alive on backend side
* BUILD: debug: mark the __start_mem_stats/__stop_mem_stats symbols as weak
* BUG/MINOR: cache: do not display expired entries in 'show cache'
* BUG/MINOR: mux-h2: do not send GOAWAY if SETTINGS were not sent
* CI: cirrus: switch to FreeBSD-13.0
* CI: Update to actions/cache@v3
* CI: Update to actions/checkout@v3
* DEBUG: opentracing: show return values of all functions in the debug output
* CLEANUP: opentracing: added variable to store variable length
* CLEANUP: opentracing: added flt_ot_smp_init() function
* CLEANUP: opentracing: removed unused function flt_ot_var_get()
* CLEANUP: opentracing: removed unused function flt_ot_var_unset()
* DOC: opentracing: corrected comments in function descriptions
* EXAMPLES: opentracing: refined shell scripts for testing filter performance
* BUG/MINOR: opentracing: setting the return value in function flt_ot_var_set()
* BUG/MEDIUM: http-act: Don't replace URI if path is not found or invalid
* BUG/MEDIUM: http-conv: Fix url_enc() to not crush const samples
* BUG/MEDIUM: mux-h1: Set outgoing message to DONE when payload length is reached
* BUG/MEDIUM: promex: Be sure to never set EOM flag on an empty HTX message
* BUG/MEDIUM: hlua: Don't set EOM flag on an empty HTX message in HTTP applet
* BUG/MEDIUM: stats: Be sure to never set EOM flag on an empty HTX message
* BUG/MINOR: fcgi-app: Don't add C-L header on response to HEAD requests
* CI: github actions: update OpenSSL to 3.0.2
* BUG/MAJOR: mux_pt: always report the connection error to the conn_stream
* BUG/MINOR: cli/stream: fix 'shutdown session' to iterate over all threads
* BUG/MINOR: samples: add missing context names for sample fetch functions
* DOC: reflect H2 timeout changes
* BUG/MEDIUM: mux-h2: make use of http-request and keep-alive timeouts
* MEDIUM: mux-h2: slightly relax timeout management rules
* BUG/MEDIUM: stream-int: do not rely on the connection error once established
* BUG/MEDIUM: mux-h1: Properly detect full buffer cases during message parsing
* BUG/MEDIUM: mux-fcgi: Properly handle return value of headers/trailers parsing
* BUG/MINOR: tools: url2sa reads too far when no port nor path
* DOC: config: Explictly add supported MQTT versions
* MEDIUM: mqtt: support mqtt_is_valid and mqtt_field_value converters for MQTTv3.1
* BUG/MEDIUM: trace: avoid race condition when retrieving session from conn->owner
* BUG/MEDIUM: mux-h1: only turn CO_FL_ERROR to CS_FL_ERROR with empty ibuf
* CI: github actions: switch to LibreSSL-3.5.1
* BUG/MINOR: server/ssl: free the SNI sample expression
* BUG/MINOR: tools: fix url2sa return value with IPv4
* [RELEASE] Released version 2.4.15
* BUILD: tree-wide: mark a few numeric constants as explicitly long long
* DOC: Fix usage/examples of deprecated ACLs
* BUG/MINOR: stream: make the call_rate only count the no-progress calls
* BUG/MINOR: session: fix theoretical risk of memleak in session_accept_fd()
* BUG/MAJOR: mux-pt: Always destroy the backend connection on detach
* DEBUG: stream: Fix stream trace message to print response buffer state
* DEBUG: stream: Add the missing descriptions for stream trace events
* BUG/MEDIUM: mcli: Properly handle errors and timeouts during reponse processing
* DEBUG: cache: Update underlying buffer when loading HTX message in cache applet
* BUG/MINOR: promex: Set conn-stream/channel EOI flags at the end of request
* BUG/MINOR: cache: Set conn-stream/channel EOI flags at the end of request
* BUG/MINOR: stats: Set conn-stream/channel EOI flags at the end of request
* BUG/MINOR: hlua: Set conn-stream/channel EOI flags at the end of request
* BUG/MINOR: cli: shows correct mode in 'show sess'
* BUG/MINOR: add missing modes in proxy_mode_str()
* BUILD: pools: fix backport of no-memory-trimming on non-linux OS
* MINOR: pools: add a new global option 'no-memory-trimming'
* BUG/MEDIUM: pools: fix ha_free() on area in the process of being freed
* BUG/MINOR: pool: always align pool_heads to 64 bytes
* REGTESTS: fix the race conditions in secure_memcmp.vtc
* REGTESTS: fix the race conditions in normalize_uri.vtc
* BUG/MEDIUM: htx: Fix a possible null derefs in htx_xfer_blks()
* CI: github actions: use cache for SSL libs
* CI: github actions: use cache for OpenTracing
* CI: github actions: add OpenTracing builds
* CI: github actions: add the output of $CC -dM -E-
* [RELEASE] Released version 2.4.14
* BUG/MEDIUM: stream: Abort processing if response buffer allocation fails
* CI: github: enable pool debugging by default
* REGTESTS: fix the race conditions in 40be_2srv_odd_health_checks
* BUG/MINOR: proxy: preset the error message pointer to NULL in parse_new_proxy()
* BUG/MAJOR: mux-h2: Be sure to always report HTX parsing error to the app layer
* BUG/MEDIUM: mux-h1: Don't wake h1s if mux is blocked on lack of output buffer
* BUG/MEDIUM: htx: Be sure to have a buffer to perform a raw copy of a message
* BUG/MINOR: tools: url2sa reads ipv4 too far
* BUG/MINOR: mailers: negotiate SMTP, not ESMTP
* CI: github actions: update OpenSSL to 3.0.1
* CI: github: switch to OpenSSL 3.0.0
* CI: github actions: relax OpenSSL-3.0.0 version comparision
* CI: github actions: -Wno-deprecated-declarations with OpenSSL 3.0.0
* CI: github actions: add OpenSSL-3.0.0 builds
* BUILD: adopt script/build-ssl.sh for OpenSSL-3.0.0beta2
* BUILD: fix compilation for OpenSSL-3.0.0-alpha17
* CI: ssl: keep the old method for ancient OpenSSL versions
* CI: ssl: do not needlessly build the OpenSSL docs
* CI: ssl: enable parallel builds for OpenSSL on Linux
* BUG/MAJOR: compiler: relax alignment constraints on certain structures
* BUG/MEDIUM: fd: always align fdtab[] to 64 bytes
* BUG/MEDIUM: resolvers: Really ignore trailing dot in domain names
* BUG/MINOR: sink: Use the right field in appctx context in release callback
* BUG/MINOR: mworker: fix a FD leak of a sockpair upon a failed reload
* BUG/MEDIUM: mworker: close unused transferred FDs on load failure
* MINOR: sock: move the unused socket cleaning code into its own function
* [RELEASE] Released version 2.4.13
* BUG/MINOR: mux-h2: update the session's idle delay before creating the stream
* BUG/MEDIUM: h2/hpack: fix emission of HPACK DTSU after settings change
* REGTESTS: peers: leave a bit more time to peers to synchronize
* BUG/MAJOR: spoe: properly detach all agents when releasing the applet
* BUG/MAJOR: http/htx: prevent unbounded loop in http_manage_server_side_cookies
* BUG/MEDIUM: listener: read-lock the listener during accept()
* MINOR: listener: replace the listener's spinlock with an rwlock
* BUG/MINOR: mworker: does not erase the pidfile upon reload
* BUG/MAJOR: sched: prevent rare concurrent wakeup of multi-threaded tasks
* DEBUG: pools: replace the link pointer with the caller's address on pool_free()
* DEBUG: pools: let's add reverse mapping from cache heads to thread and pool
* DEBUG: pools: add extra sanity checks when picking objects from a local cache
* BUG/MINOR: pools: always flush pools about to be destroyed
* BUG/MEDIUM: mworker: don't lose the stats socket on failed reload
* DEBUG: pools: add new build option DEBUG_POOL_INTEGRITY
* BUILD: debug/cli: condition test of O_ASYNC to its existence
* DEBUG: cli: add a new 'debug dev fd' expert command
* MEDIUM: h2/hpack: emit a Dynamic Table Size Update after settings change
* BUG/MEDIUM: mcli: always realign wrapping buffers before parsing them
* BUG/MEDIUM: mcli: do not try to parse empty buffers
* BUG/MEDIUM: cli: Never wait for more data on client shutdown
* BUG/MINOR: cli: avoid O(bufsize) parsing cost on pipelined commands
* MINOR: channel: add new function co_getdelim() to support multiple delimiters
* MEDIUM: cli: yield between each pipelined command
* BUG/MEDIUM: server: avoid changing healthcheck ctx with set server ssl
* BUILD/MINOR: fix solaris build with clang.
* BUG/MEDIUM: htx: Adjust length to add DATA block in an empty HTX buffer
* BUG/MEDIUM: connection: properly leave stopping list on error
* [RELEASE] Released version 2.4.12
* BUG/MAJOR: mux-h1: Don't decrement .curr_len for unsent data
* BUG/MEDIUM: mworker: don't use _getsocks in wait mode
* [RELEASE] Released version 2.4.11
* BUG/MEDIUM: http-ana: Preserve response's FLT_END analyser on L7 retry
* BUG/MINOR: cli: fix _getsocks with musl libc
* BUILD/MINOR: tools: solaris build fix on dladdr.
* BUILD/MINOR: cpuset FreeBSD 14 build fix.
* BUG/MEDIUM: ssl: free the ckch instance linked to a server
* BUG/MINOR: ssl: free the fields in srv->ssl_ctx
* MINOR: debug: add support for -dL to dump library names at boot
* MINOR: debug: add ability to dump loaded shared libraries
* MINOR: compat: detect support for dl_iterate_phdr()
* BUG/MINOR: mux-h1: Fix splicing for messages with unknown length
* BUG/MEDIUM: mux-h1: Fix splicing by properly detecting end of message
* BUILD: makefile: add -Wno-atomic-alignment to work around clang abusive warning
* MINOR: proxy: add option idle-close-on-response
* REGTESTS: ssl: fix ssl_default_server.vtc
* BUG/MEDIUM: ssl: initialize correctly ssl w/ default-server
* DOC: fix misspelled keyword 'resolve_retries' in resolvers
* BUILD: ssl: unbreak the build with newer libressl
* BUILD: cli: clear a maybe-unused  warning on some older compilers
* BUG/MINOR: pools: don't mark ourselves as harmless in DEBUG_UAF mode
* BUG/MEDIUM: backend: fix possible sockaddr leak on redispatch
* [RELEASE] Released version 2.4.10
* BUG/MINOR: backend: restore the SF_SRV_REUSED flag original purpose
* BUG/MINOR: backend: do not set sni on connection reuse
* MINOR: pools: work around possibly slow malloc_trim() during gc
* BUG/MEDIUM: mworker/cli: crash when trying to access an old PID in prompt mode
* DOC: config: retry-on list is space-delimited
* DOC: config: Specify %Ta is only available in HTTP mode
* DOC: spoe: Clarify use of the event directive in spoe-message section
* BUG/MINOR: cli/server: Don't crash when a server is added with a custom id
* IMPORT: slz: use the correct CRC32 instruction when running in 32-bit mode
* BUILD: tree-wide: avoid warnings caused by redundant checks of obj_types
* MINOR: cli: 'show version' displays the current process version
* CI: Github Actions: temporarily disable BoringSSL builds
* BUILD: bug: Fix error when compiling with -DDEBUG_STRICT_NOCRASH
* MINOR: mux-h1: Improve H1 traces by adding info about http parsers
* BUG/MAJOR: segfault using multiple log forward sections.
* BUG/MEDIUM: resolvers: Detach query item on response error
* BUG/MINOR: server: Don't rely on last default-server to init server SSL context
* BUG/MEDIUM: cli: Properly set stream analyzers to process one command at a time
* BUILD/MINOR: server: fix compilation without SSL
* [RELEASE] Released version 2.4.9
* BUG/MINOR: cache: Fix loop on cache entries in 'show cache'
* MINOR: promex: backend aggregated server check status
* MINOR: server: add ws keyword
* MEDIUM: server/backend: implement websocket protocol selection
* MINOR: connection: add alternative mux_ops param for conn_install_mux_be
* MINOR: connection: implement function to update ALPN
* MINOR: stream/mux: implement websocket stream flag
* BUG/MINOR: ssl: make SSL counters atomic
* MINOR: shctx: add a few BUG_ON() for consistency checks
* BUG/MINOR: shctx: do not look for available blocks when the first one is enough
* BUG/MEDIUM: shctx: leave the block allocator when enough blocks are found
* BUG/MEDIUM: cache/cli: make 'show cache' thread-safe
* BUG/MEDIUM: mux-h2: always process a pending shut read
* BUG/MEDIUM: ssl: abort with the correct SSL error when SNI not found
* CLEANUP: ssl: fix wrong #else commentary
* BUG/MINOR: ssl: free correctly the sni in the backend SSL cache
* BUG/MEDIUM: ssl: backend TLS resumption with sni and TLSv1.3
* BUILD: makefile: simplify detection of libatomic
* BUG/MEDIUM: mux-h1: Handle delayed silent shut in h1_process() to release H1C
* BUG/MINOR: stick-table/cli: Check for invalid ipv6 key
* BUG/MEDIUM: connection: make cs_shutr/cs_shutw//cs_close() idempotent
* BUG/MINOR: mux-h2: Fix H2_CF_DEM_SHORT_READ value
* BUG/MINOR: mworker: doesn't launch the program postparser
* BUG/MEDIUM: conn-stream: Don't reset CS flags on close
* MINOR: mux-h1: Slightly Improve H1 traces
* DOC: lua: Be explicit with the Reply object limits
* Revert 'BUG/MINOR: http-ana: Don't eval front after-response rules if stopped on back'
* BUG/MINOR: http-ana: Apply stop to the current section for http-response rules
* DOC: config: Fix typo in ssl_fc_unique_id description
* BUG/MINOR: cache: properly ignore unparsable max-age in quotes
* BUG/MINOR: resolvers: throw log message if trash not large enough for query
* BUG/MINOR: resolvers: fix sent messages were counted twice
* BUG/MEDIUM: mux-h2: reject upgrade if no RFC8441 support
* MINOR: mux-h2: add trace on extended connect usage
* MINOR: mux-h2: perform a full cycle shutdown+drain on close
* MINOR: connection: add a new CO_FL_WANT_DRAIN flag to force drain on close

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2122-1
Released:    Mon May  8 11:29:33 2023
Summary:     Security update for redis
Type:        security
Severity:    important
References:  1208790,1208793,1210548,CVE-2022-36021,CVE-2023-25155,CVE-2023-28856
This update for redis fixes the following issues:

- CVE-2022-36021: Fixed possible integer overflow via specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands (bsc#1208790).
- CVE-2023-28856: Fixed possible DoS when using HINCRBYFLOAT to create an hash field (bsc#1210548).
- CVE-2023-25155: Fixed integer overflow in RAND commands that can lead to assertion (bsc#1208793).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2127-1
Released:    Mon May  8 16:31:41 2023
Summary:     Security update for go1.19
Type:        security
Severity:    important
References:  1200441,1210127,1210128,1210129,1210130,1210938,1210963,1211029,1211030,1211031,1211073,CVE-2023-24534,CVE-2023-24536,CVE-2023-24537,CVE-2023-24538,CVE-2023-24539,CVE-2023-24540,CVE-2023-29400
This update for go1.19 fixes the following issues:

Update to 1.19.9 (bnc#1200441):
- CVE-2023-24539: fixed an improper sanitization of CSS values
  (bnc#1211029).
- CVE-2023-24540: fixed an improper handling of JavaScript whitespace
  (bnc#1211030).
- CVE-2023-29400: fixed an improper handling of empty HTML attributes
  (bnc#1211031).
- runtime: automatically bump RLIMIT_NOFILE on Unix
- cmd/compile: inlining function that references function literals
  generates bad code.
- cmd/compile: encoding/binary.PutUint16 sometimes doesn't write.
- crypto/tls: TLSv1.3 connection fails with invalid PSK binder.
- cmd/compile: incorrect inline function variable.

Non-security fixes:

- Various packaging fixes (boo#1210963, boo#1210938, boo#1211073)
- Reduced install size (jsc#PED-1962).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2129-1
Released:    Mon May  8 20:26:56 2023
Summary:     Recommended update for HANA-Firewall
Type:        recommended
Severity:    moderate
References:  1210981
This update for HANA-Firewall fixes the following issues:

- Missing SCR Agent for reading and writing /etc/sysconfig/hana-firewall from yast2. (bsc#1210981) 

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2130-1
Released:    Mon May  8 20:27:52 2023
Summary:     Recommended update for prometheus-hanadb_exporter
Type:        recommended
Severity:    moderate
References:  1210869
This update for prometheus-hanadb_exporter fixes the following issues:

- Release 0.8.0 (bsc#1210869)
Changed
  * Use systemd notify to set correctly the READY state  * Fix daemon flag usage by @arbulu89 in https://github.com/SUSE/hanadb_exporter/pull/87
  * Implement the version flag  * Update db_manager.py by @karolyczovek in https://github.com/SUSE/hanadb_exporter/pull/90
  * Fixing empty system replication panel   * Add AWS Secrets Manager support by @elturkym in https://github.com/SUSE/hanadb_exporter/pull/97
  * Fix Boto3 dependency introduced
  * Add config option 'listen_address'
  * update spec file to python packaging best practices
  * Enable ssl connection
  * Fix the unittest fixing pytest to version 6 by now
  * Remove invalid trailing comma from example file
  * IMDSv1 and IMDSv2 abstraction for the retrieval of HANA DB Credentials from AWS Secrets Manager

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2131-1
Released:    Tue May  9 13:35:24 2023
Summary:     Recommended update for openssh
Type:        recommended
Severity:    important
References:  1207014
This update for openssh fixes the following issues:

- Remove some patches that cause invalid environment assignments (bsc#1207014).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2132-1
Released:    Tue May  9 13:36:34 2023
Summary:     Recommended update for hwloc
Type:        recommended
Severity:    moderate
References:  1210227
This update for hwloc fixes the following issue:

- Added fix to avoid crash of slurmctld when using pmix (bsc#1210227)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2134-1
Released:    Tue May  9 13:37:50 2023
Summary:     Security update for python-ujson
Type:        security
Severity:    moderate
References:  1194261,CVE-2021-45958
This update for python-ujson fixes the following issues:

- CVE-2021-45958: Fixed a stack-based buffer overflow in Buffer_AppendIndentUnchecked (bsc#1194261).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2135-1
Released:    Tue May  9 13:38:11 2023
Summary:     Security update for libfastjson
Type:        security
Severity:    important
References:  1171479,CVE-2020-12762
This update for libfastjson fixes the following issues:

- CVE-2020-12762: Fixed an integer overflow and out-of-bounds write via a large JSON file (bsc#1171479).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2142-1
Released:    Tue May  9 14:35:58 2023
Summary:     Security update for ntp
Type:        security
Severity:    moderate
References:  1210386,1210387,1210388,1210389,CVE-2023-26551,CVE-2023-26552,CVE-2023-26553,CVE-2023-26554
This update for ntp fixes the following issues:

Fixed multiple out of bound writes:
CVE-2023-26551 (bsc#1210386), CVE-2023-26552 (bsc#1210388), CVE-2023-26553 (bsc#1210387), CVE-2023-26554 (bsc#1210389).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2143-1
Released:    Tue May  9 14:49:45 2023
Summary:     Security update for protobuf-c
Type:        security
Severity:    important
References:  1210323,CVE-2022-48468
This update for protobuf-c fixes the following issues:

- CVE-2022-48468: Fixed an unsigned integer overflow. (bsc#1210323)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2154-1
Released:    Tue May  9 18:25:20 2023
Summary:     Security update for distribution
Type:        security
Severity:    important
References:  1207705,CVE-2023-2253
This update for distribution fixes the following issues:

- CVE-2023-2253: Fixed possible DoS via a crafted malicious /v2/_catalog API endpoint request (bsc#1207705).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2155-1
Released:    Wed May 10 13:07:56 2023
Summary:     Recommended update for python-rpm-macros
Type:        recommended
Severity:    moderate
References:  1209353,1209881
This update for python-rpm-macros fixes the following issues:

- Update to version 20230304.050c1a4 (bsc#1209881, bsc#1209353)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2159-1
Released:    Wed May 10 16:49:20 2023
Summary:     Recommended update for open-vm-tools
Type:        recommended
Severity:    moderate
References:  1205962,1209128
This update for open-vm-tools fixes the following issues:

- Update to 12.2.0 (bsc#1209128)
- Build the containerinfo plugin for TW/SLES15-SP5 and newer.(jsc#PED-1344)

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2023:2161-1
Released:    Wed May 10 17:54:35 2023
Summary:     Feature update for aws-cli, python-boto3, python-botocore, python-s3transfer
Type:        feature
Severity:    important
References:  1204537,1204917,1209255
This update for aws-cli, python-boto3, python-botocore, python-s3transfer fixes the following issues:

aws-cli:

- Version update from 1.23.11 to 1.27.89 (bsc#1209255, jsc#PED-3780, bsc#1204537, jsc#PED-2333)
  * For the detailed list of changes please consult upstream changelog:
    https://github.com/aws/aws-cli/blob/1.27.89/CHANGELOG.rst
  * Updated required dependencies 

python-botocore:

- Version update from 1.25.11 to 1.29.89 (bsc#1209255, jsc#PED-3780, bsc#1204537, jsc#PED-2333):
  * For the detailed list of changes please consult https://github.com/boto/botocore/blob/develop/CHANGELOG.rst
  * Updated required dependencies 

python-boto3:

- Version update from 1.22.11 to 1.26.89 (bsc#1209255, jsc#PED-3780, bsc#1204537, jsc#PED-2333):
  * For the detailed list of changes please consult https://github.com/boto/boto3/blob/develop/CHANGELOG.rst
  * Updated required dependencies 
- Add additional build dependency requirements to python-python-dateutil and python-jmespath to resolve build failures

python-s3transfer:

- Version update from 0.5.0 to 0.6.0 (bsc#1209255, jsc#PED-3780, bsc#1204537, jsc#PED-2333):
  * Dropped support for Python 3.6
  * Added support for flexible checksum when uploading or downloading objects
  * Officially add Python 3.10 support
- Add additional build dependency requirements to python-python-dateutil and python-jmespath to resolve build failures
- Drop unused python-mock build dependency

-----------------------------------------------------------------
Advisory ID: SUSE-OU-2023:2165-1
Released:    Wed May 10 20:16:54 2023
Summary:     Optional update for junit
Type:        optional
Severity:    moderate
References:  
This update for junit fixes the following issues:

- Conditionalize the build instructions so that junit can be built with both hamcrest 1.3 and 2.2 from the same sources
  (jsc#SLE-23217)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2166-1
Released:    Wed May 10 20:18:51 2023
Summary:     Recommended update for supportutils-plugin-suse-public-cloud
Type:        recommended
Severity:    moderate
References:  1209026
This update for supportutils-plugin-suse-public-cloud fixes the following issues:

- Update to version 1.0.7 (bsc#1209026)
  + Include information about the cached registration data
  + Collect the data that is sent to the update infrastructure during
    registration

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2173-1
Released:    Thu May 11 13:06:02 2023
Summary:     Security update for MozillaFirefox
Type:        security
Severity:    important
References:  1211175,CVE-2023-32205,CVE-2023-32206,CVE-2023-32207,CVE-2023-32211,CVE-2023-32212,CVE-2023-32213,CVE-2023-32214,CVE-2023-32215
This update for MozillaFirefox fixes the following issues:

Extended Support Release 102.11.0 ESR (bsc#1211175):

- CVE-2023-32205: Browser prompts could have been obscured by popups
- CVE-2023-32206: Crash in RLBox Expat driver
- CVE-2023-32207: Potential permissions request bypass via clickjacking
- CVE-2023-32211: Content process crash due to invalid wasm code
- CVE-2023-32212: Potential spoof due to obscured address bar
- CVE-2023-32213: Potential memory corruption in FileReader::DoReadData()
- CVE-2023-32214: Potential DoS via exposed protocol handlers
- CVE-2023-32215: Memory safety bugs fixed in Firefox 113 and Firefox ESR 102.11

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2174-1
Released:    Thu May 11 13:08:09 2023
Summary:     Security update for container-suseconnect
Type:        security
Severity:    important
References:  1200441

This update of container-suseconnect fixes the following issues:

- rebuild the package with the go 19.9 secure release (bsc#1200441).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2179-1
Released:    Thu May 11 14:13:44 2023
Summary:     Security update for helm
Type:        security
Severity:    important
References:  1200441

This update of helm fixes the following issues:

- rebuild the package with the go 19.9 secure release (bsc#1200441).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2180-1
Released:    Thu May 11 17:25:06 2023
Summary:     Security update for skopeo
Type:        security
Severity:    important
References:  1200441

This update of skopeo fixes the following issues:

- rebuild the package with the go 19.9 secure release (bsc#1200441).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2187-1
Released:    Thu May 11 18:59:16 2023
Summary:     Security update for Prometheus Golang clients
Type:        security
Severity:    moderate
References:  1197284,1203185,1208051,1208064,CVE-2022-27191,CVE-2022-27664,CVE-2022-46146
This update for golang-github-prometheus-alertmanager and golang-github-prometheus-node_exporter fixes the following issues:

golang-github-prometheus-alertmanager:

- Security issues fixed:
  * CVE-2022-46146: Fix authentication bypass via cache poisoning (bsc#1208051)   
    
golang-github-prometheus-node_exporter:

- Security issues fixed in this version update to version 1.5.0 (jsc#PED-3578):
  * CVE-2022-27191: Update go/x/crypto (bsc#1197284)
  * CVE-2022-27664: Update go/x/net (bsc#1203185)
  * CVE-2022-46146: Update exporter-toolkit (bsc#1208064)
- Other non-security bug fixes and changes in this version update to 1.5.0 (jsc#PED-3578):
  * NOTE: This changes the Go runtime 'GOMAXPROCS' to 1. This is done to limit the concurrency of the exporter to 1 CPU
    thread at a time in order to avoid a race condition problem in the Linux kernel and parallel IO issues on nodes with
    high numbers of CPUs/CPU threads.
  * [BUGFIX] Fix hwmon label sanitizer
  * [BUGFIX] Use native endianness when encoding InetDiagMsg
  * [BUGFIX] Fix btrfs device stats always being zero
  * [BUGFIX] Fix diskstats exclude flags
  * [BUGFIX] [node-mixin] Fix fsSpaceAvailableCriticalThreshold and fsSpaceAvailableWarning
  * [BUGFIX] Fix concurrency issue in ethtool collector
  * [BUGFIX] Fix concurrency issue in netdev collector
  * [BUGFIX] Fix diskstat reads and write metrics for disks with different sector sizes
  * [BUGFIX] Fix iostat on macos broken by deprecation warning
  * [BUGFIX] Fix NodeFileDescriptorLimit alerts
  * [BUGFIX] Sanitize rapl zone names
  * [BUGFIX] Add file descriptor close safely in test
  * [BUGFIX] Fix race condition in os_release.go
  * [BUGFIX] Skip ZFS IO metrics if their paths are missing
  * [BUGFIX] Handle nil CPU thermal power status on M1
  * [BUGFIX] bsd: Ignore filesystems flagged as MNT_IGNORE
  * [BUGFIX] Sanitize UTF-8 in dmi collector
  * [CHANGE] Merge metrics descriptions in textfile collector
  * [FEATURE] Add multiple listeners and systemd socket listener activation
  * [FEATURE] [node-mixin] Add darwin dashboard to mixin
  * [FEATURE] Add 'isolated' metric on cpu collector on linux
  * [FEATURE] Add cgroup summary collector
  * [FEATURE] Add selinux collector
  * [FEATURE] Add slab info collector
  * [FEATURE] Add sysctl collector
  * [FEATURE] Also track the CPU Spin time for OpenBSD systems
  * [FEATURE] Add support for MacOS version
  * [ENHANCEMENT] Add RTNL version of netclass collector
  * [ENHANCEMENT] [node-mixin] Add missing selectors
  * [ENHANCEMENT] [node-mixin] Change current datasource to grafana's default
  * [ENHANCEMENT] [node-mixin] Change disk graph to disk table
  * [ENHANCEMENT] [node-mixin] Change io time units to %util
  * [ENHANCEMENT] Ad user_wired_bytes and laundry_bytes on *bsd
  * [ENHANCEMENT] Add additional vm_stat memory metrics for darwin
  * [ENHANCEMENT] Add device filter flags to arp collector
  * [ENHANCEMENT] Add diskstats include and exclude device flags
  * [ENHANCEMENT] Add node_softirqs_total metric
  * [ENHANCEMENT] Add rapl zone name label option
  * [ENHANCEMENT] Add slabinfo collector
  * [ENHANCEMENT] Allow user to select port on NTP server to query
  * [ENHANCEMENT] collector/diskstats: Add labels and metrics from udev
  * [ENHANCEMENT] Enable builds against older macOS SDK
  * [ENHANCEMENT] qdisk-linux: Add exclude and include flags for interface name
  * [ENHANCEMENT] systemd: Expose systemd minor version
  * [ENHANCEMENT] Use netlink for tcpstat collector
  * [ENHANCEMENT] Use netlink to get netdev stats
  * [ENHANCEMENT] Add additional perf counters for stalled frontend/backend cycles
  * [ENHANCEMENT] Add btrfs device error stats
- Change build requirement to go1.18 or higher (previously this was fixed to version 1.14)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2188-1
Released:    Thu May 11 22:41:05 2023
Summary:     Recommended update for autofs
Type:        recommended
Severity:    important
References:  1209653
This update for autofs fixes the following issues:

-  Fix off-by-one error in recursive map handling (bsc#1209653)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2190-1
Released:    Thu May 11 22:41:39 2023
Summary:     Recommended update for python-urlgrabber
Type:        recommended
Severity:    important
References:  1208288
This update for python-urlgrabber fixes the following issues:

- Raise proper exception from urlgrab() when local file is not found (bsc#1208288)

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2023:2192-1
Released:    Fri May 12 12:49:02 2023
Summary:     Feature update for python311, python311-pip, python311-setuptools
Type:        feature
Severity:    moderate
References:  
This release of python311, python311-pip, python311-setuptools adds the following feature:

- Add Python-3.11 to SLE-15-SP4 Python Module (jsc#PED-68, jsc#PED-2634)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2193-1
Released:    Fri May 12 12:54:43 2023
Summary:     Recommended update for snapper
Type:        recommended
Severity:    moderate
References:  1210150,1210151
This update for snapper fixes the following issues:

- avoid stale btrfs qgroups on transactional systems (bsc#1210151)
- wait for existing btrfs quota rescans to finish (bsc#1210150)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2194-1
Released:    Mon May 15 10:59:08 2023
Summary:     Security update for libraw
Type:        security
Severity:    low
References:  1210720,CVE-2023-1729
This update for libraw fixes the following issues:

- CVE-2023-1729: Fixed a heap buffer overflow when converting an
  image (bsc#1210720).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2195-1
Released:    Mon May 15 10:59:30 2023
Summary:     Security update for libraw
Type:        security
Severity:    low
References:  1210720,CVE-2023-1729
This update for libraw fixes the following issues:

- CVE-2023-1729: Fixed a heap buffer overflow when converting an
  image (bsc#1210720).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2203-1
Released:    Mon May 15 12:16:13 2023
Summary:     Security update for gradle
Type:        security
Severity:    moderate
References:  1188569,CVE-2021-32751
This update for gradle fixes the following issues:

- CVE-2021-32751: Fixed arbitrary code execution in `application` plugin and the `gradlew` script (bsc#1188569).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2205-1
Released:    Mon May 15 13:15:13 2023
Summary:     Security update for postgresql14
Type:        security
Severity:    important
References:  1210303,1211228,1211229,CVE-2023-2454,CVE-2023-2455
This update for postgresql14 fixes the following issues:

Updated to version 14.8:
  - CVE-2023-2454: Fixed an issue where a user having permission to
    create a schema could hijack the privileges of a security definer
    function or extension script (bsc#1211228).
  - CVE-2023-2455: Fixed an issue that could allow a user to see or
    modify rows that should have been invisible (bsc#1211229).
  - Internal fixes (bsc#1210303).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2207-1
Released:    Mon May 15 13:20:56 2023
Summary:     Security update for postgresql15
Type:        security
Severity:    important
References:  1210303,1211228,1211229,CVE-2023-2454,CVE-2023-2455
This update for postgresql15 fixes the following issues:

Updated to version 15.3:
  - CVE-2023-2454: Fixed an issue where a user having permission to
    create a schema could hijack the privileges of a security definer
    function or extension script (bsc#1211228).
  - CVE-2023-2455: Fixed an issue that could allow a user to see or
    modify rows that should have been invisible (bsc#1211229).
  - Internal fixes (bsc#1210303).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2209-1
Released:    Tue May 16 10:34:54 2023
Summary:     Recommended update for gdb
Type:        recommended
Severity:    moderate
References:  1207712,1210081
This update for gdb fixes the following issues:

- Fix license of gdb to be GPLv3, due to a mistake the testsuite results license was used (bsc#1210081).


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2210-1
Released:    Tue May 16 10:45:54 2023
Summary:     Security update for rekor
Type:        security
Severity:    important
References:  1211210,CVE-2023-30551
This update for rekor fixes the following issues:

Updated to version 1.1.1 (jsc#SLE-23476):

  Functional Enhancements
  - Refactor Trillian client with exported methods (#1454)
  - Switch to official redis-go client (#1459)
  - Remove replace in go.mod (#1444)
  - Add Rekor OID info. (#1390)
  Quality Enhancements
  - remove legacy encrypted cosign key (#1446)
  - swap cjson dependency (#1441)
  - Update release readme (#1456)
  Security fixes:
  - CVE-2023-30551: Fixed a potential denial of service when processing 
    JAR META-INF files or .SIGN/.PKINFO files in APK files (bsc#1211210).

- updated to rekor 1.1.0 (jsc#SLE-23476):
  Functional Enhancements
  - improve validation on intoto v0.0.2 type (#1351)
  - add feature to limit HTTP request body length to process (#1334)
  - add information about the file size limit (#1313)
  - Add script to backfill Redis from Rekor (#1163)
  - Feature: add search support for sha512 (#1142)
  Quality Enhancements
  - various fuzzing fixes
  Bug Fixes
  - remove goroutine usage from SearchLogQuery (#1407)
  - drop log messages regarding attestation storage to debug (#1408)
  - fix validation for proposed vs committed log entries for intoto v0.0.1 (#1309)
  - fix: fix regex for multi-digit counts (#1321)
  - return NotFound if treesize is 0 rather than calling trillian (#1311)
  - enumerate slice to get sugared logs (#1312)
  - put a reasonable size limit on ssh key reader (#1288)
  - CLIENT: Fix Custom Host and Path Issue (#1306)
  - do not persist local state if log is empty; fail consistency proofs from 0 size (#1290)
  - correctly handle invalid or missing pki format (#1281)
  - Add Verifier to get public key/cert and identities for entry type (#1210)
  - fix goroutine leak in client; add insecure TLS option (#1238)
  - Fix - Remove the force-recreate flag (#1179)
  - trim whitespace around public keys before parsing (#1175)
  - stop inserting envelope hash for intoto:0.0.2 types into index (#1171)
  - Revert 'remove double encoding of payload and signature fields for intoto (#1150)' (#1158)
  - remove double encoding of payload and signature fields for intoto (#1150)
  - fix SearchLogQuery behavior to conform to openapi spec (#1145)
  - Remove pem-certificate-chain from client (#1138)
  - fix flag type for operator in search (#1136)
  - use sigstore/community dep review (#1132)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2211-1
Released:    Tue May 16 10:46:16 2023
Summary:     Security update for MozillaThunderbird
Type:        security
Severity:    important
References:  1211175,CVE-2023-32205,CVE-2023-32206,CVE-2023-32207,CVE-2023-32211,CVE-2023-32212,CVE-2023-32213,CVE-2023-32214,CVE-2023-32215
This update for MozillaThunderbird fixes the following issues:

Update to version 102.11:

- fixed: During Account Setup, the 'Checking password...' message was not removed after a failure (bmo#1826022)
- fixed: Miscellaneous UI fixes (bmo#1827070)
- fixed: Security fixes MFSA 2023-18 (bsc#1211175)
- CVE-2023-32205: Browser prompts could have been obscured by popups
- CVE-2023-32206: Crash in RLBox Expat driver
- CVE-2023-32207: Potential permissions request bypass via clickjacking
- CVE-2023-32211: Content process crash due to invalid wasm code
- CVE-2023-32212: Potential spoof due to obscured address bar
- CVE-2023-32213: Potential memory corruption in FileReader::DoReadData()
- CVE-2023-32214: Potential DoS via exposed protocol handlers
- CVE-2023-32215: Memory safety bugs fixed in Thunderbird 102.11

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2212-1
Released:    Tue May 16 10:46:46 2023
Summary:     Security update for prometheus-sap_host_exporter
Type:        security
Severity:    important
References:  1200441,1209658

This update of prometheus-sap_host_exporter fixes the following issues:

- rebuild the package with the go 1.19 security release (bsc#1200441 bsc#1209658).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2216-1
Released:    Tue May 16 11:27:50 2023
Summary:     Recommended update for python-packaging
Type:        recommended
Severity:    important
References:  1186870,1199282
This update for python-packaging fixes the following issues:

- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- Add patch to fix testsuite on big-endian targets
- Ignore python3.6.2 since the test doesn't support it. 
- update to 21.3:
  * Add a pp3-none-any tag
  * Replace the blank pyparsing 3 exclusion with a 3.0.5 exclusion
  * Fix a spelling mistake

- update to 21.2:
  * Update documentation entry for 21.1.
  * Update pin to pyparsing to exclude 3.0.0.
  * PEP 656: musllinux support
  * Drop support for Python 2.7, Python 3.4 and Python 3.5
  * Replace distutils usage with sysconfig
  * Add support for zip files
  * Use cached hash attribute to short-circuit tag equality comparisons
  * Specify the default value for the 'specifier' argument to 'SpecifierSet'
  * Proper keyword-only 'warn' argument in packaging.tags
  * Correctly remove prerelease suffixes from ~= check
  * Fix type hints for 'Version.post' and 'Version.dev'
  * Use typing alias 'UnparsedVersion'
  * Improve type inference
  * Tighten the return typeo

- Add Provides: for python*dist(packaging). (bsc#1186870)

- add no-legacyversion-warning.patch to restore compatibility with 20.4 

- update to 20.9:
  * Add support for the ``macosx_10_*_universal2`` platform tags 
  * Introduce ``packaging.utils.parse_wheel_filename()`` and ``parse_sdist_filename()``

- update to 20.8:
  * Revert back to setuptools for compatibility purposes for some Linux distros
  * Do not insert an underscore in wheel tags when the interpreter version number is more than 2 digits 
  * Fix flit configuration, to include LICENSE files
  * Make `intel` a recognized CPU architecture for the `universal` macOS platform tag
  * Add some missing type hints to `packaging.requirements`
  * Officially support Python 3.9
  * Deprecate the ``LegacyVersion`` and ``LegacySpecifier`` classes
  * Handle ``OSError`` on non-dynamic executables when attempting to resolve the glibc version string.

- update to 20.4:
  * Canonicalize version before comparing specifiers.
  * Change type hint for ``canonicalize_name`` to return ``packaging.utils.NormalizedName``.
  This enables the use of static typing tools (like mypy) to detect mixing of normalized and un-normalized names.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2222-1
Released:    Tue May 16 17:41:47 2023
Summary:     Security update for java-11-openjdk
Type:        security
Severity:    important
References:  1210628,1210631,1210632,1210634,1210635,1210636,1210637,CVE-2023-21930,CVE-2023-21937,CVE-2023-21938,CVE-2023-21939,CVE-2023-21954,CVE-2023-21967,CVE-2023-21968
This update for java-11-openjdk fixes the following issues:

Upgrade to upsteam tag jdk-11.0.19+7 (April 2023 CPU):

- CVE-2023-21930: Fixed AES support (bsc#1210628).
- CVE-2023-21937: Fixed String platform support (bsc#1210631).
- CVE-2023-21938: Fixed runtime support (bsc#1210632).
- CVE-2023-21939: Fixed Swing platform support (bsc#1210634). 
- CVE-2023-21954: Fixed object reclamation process (bsc#1210635).
- CVE-2023-21967: Fixed TLS session negotiation (bsc#1210636).
- CVE-2023-21968: Fixed path handling (bsc#1210637). 

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2223-1
Released:    Tue May 16 18:08:21 2023
Summary:     Security update for libheif
Type:        security
Severity:    moderate
References:  1211174,CVE-2023-29659
This update for libheif fixes the following issues:

- CVE-2023-29659: Fixed segfault caused by divide-by-zero (bsc#1211174).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2224-1
Released:    Wed May 17 09:53:54 2023
Summary:     Security update for curl
Type:        security
Severity:    important
References:  1211230,1211231,1211232,1211233,CVE-2023-28319,CVE-2023-28320,CVE-2023-28321,CVE-2023-28322
This update for curl adds the following feature:

Update to version 8.0.1 (jsc#PED-2580)

- CVE-2023-28319: use-after-free in SSH sha256 fingerprint check (bsc#1211230).
- CVE-2023-28320: siglongjmp race condition (bsc#1211231).
- CVE-2023-28321: IDN wildcard matching (bsc#1211232).
- CVE-2023-28322: POST-after-PUT confusion (bsc#1211233).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:335-1
Released:    Thu Aug 10 16:26:04 2023
Summary:     Recommended update for hyper-v
Type:        recommended
Severity:    moderate
References:  
This update for hyper-v fixes the following issues:
    
   - Provide the latest version for SLE-15-SP4.
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:57-1
Released:    Mon Jan  8 09:35:59 2024
Summary:     Security update for eclipse-jgit, jsch
Type:        security
Severity:    important
References:  1209646,1211955,1215298,CVE-2023-4759
This update for eclipse-jgit, jsch fixes the following issues:

Security fix:
- CVE-2023-4759: Fixed an arbitrary file overwrite which might have occurred with a specially crafted git repository and a case-insensitive filesystem. (bsc#1215298)

Other fixes:
jsch was updated to version 0.2.9:
- Added support for various algorithms
- Migrated from `com.jcraft:jsch` to `com.github.mwiede:jsch` fork (bsc#1211955):
  * Alias to the old artifact since the new one is drop-in
    replacement
  * Keep the old OSGi bundle symbolic name to avoid extensive
    patching of eclipse stack
- Updated to version 0.2.9:
  * For the full list of changes please consult the upstream changelogs below for each version updated:
    + https://github.com/mwiede/jsch/releases/tag/jsch-0.2.9
    + https://github.com/mwiede/jsch/releases/tag/jsch-0.2.8
    + https://github.com/mwiede/jsch/releases/tag/jsch-0.2.7
    + https://github.com/mwiede/jsch/releases/tag/jsch-0.2.6
    + https://github.com/mwiede/jsch/releases/tag/jsch-0.2.5
    + https://github.com/mwiede/jsch/releases/tag/jsch-0.2.4
    + https://github.com/mwiede/jsch/releases/tag/jsch-0.2.3
    + https://github.com/mwiede/jsch/releases/tag/jsch-0.2.2
    + https://github.com/mwiede/jsch/releases/tag/jsch-0.2.1
    + https://github.com/mwiede/jsch/releases/tag/jsch-0.2.0
    + https://github.com/mwiede/jsch/releases/tag/jsch-0.1.71
    + https://github.com/mwiede/jsch/releases/tag/jsch-0.1.70
    + https://github.com/mwiede/jsch/releases/tag/jsch-0.1.69
    + https://github.com/mwiede/jsch/releases/tag/jsch-0.1.68
    + https://github.com/mwiede/jsch/releases/tag/jsch-0.1.67
    + https://github.com/mwiede/jsch/releases/tag/jsch-0.1.66
    + https://github.com/mwiede/jsch/releases/tag/jsch-0.1.65
    + https://github.com/mwiede/jsch/releases/tag/jsch-0.1.64
    + https://github.com/mwiede/jsch/releases/tag/jsch-0.1.63
    + https://github.com/mwiede/jsch/releases/tag/jsch-0.1.62
    + https://github.com/mwiede/jsch/releases/tag/jsch-0.1.61
    + https://github.com/mwiede/jsch/releases/tag/jsch-0.1.60
    + https://github.com/mwiede/jsch/releases/tag/jsch-0.1.59
    + https://github.com/mwiede/jsch/releases/tag/jsch-0.1.58
    + https://github.com/mwiede/jsch/releases/tag/jsch-0.1.57
    + https://github.com/mwiede/jsch/releases/tag/jsch-0.1.56

eclipse-jgit:

- Craft the jgit script from the real Main class of the jar file instead of using a jar launcher (bsc#1209646)


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:79-1
Released:    Wed Jan 10 15:44:42 2024
Summary:     Recommended update for azure-cli, python-azure-mgmt-appconfiguration, python-azure-mgmt-resource
Type:        recommended
Severity:    moderate
References:  1201870,1205340
This update for azure-cli, python-azure-mgmt-appconfiguration, python-azure-mgmt-resource fixes the following issues:

- Add missing python3-azure-mgmt-resource dependency to Requires (bsc#1201870)
- Downgrade to upstream version 0.6.0
- Downgrade to upstream version 10.3.0 (bsc#1205340)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:162-1
Released:    Fri Jan 19 05:46:12 2024
Summary:     Recommended update for eclipse-jgit
Type:        recommended
Severity:    moderate
References:  
This update for eclipse-jgit fixes the following issues:

- Increase `apache-sshd` version span to resolve build issues


The following package changes have been done:

- GeoIP-data-1.6.12-6.3.1 added
- ServiceReport-2.2.3+git1.55a13db1c256-3.6.1 added
- adaptec-firmware-1.35-1.22 added
- adobe-sourcecodepro-fonts-2.030-1.30 added
- adwaita-icon-theme-41.0-150400.1.10 added
- alee-fonts-13-1.21 added
- alsa-ucm-conf-1.2.8-150500.1.1 added
- amavisd-new-2.12.1-150400.1.4 added
- amavisd-new-docs-2.12.1-150400.1.4 added
- apache-commons-codec-1.15-150200.3.6.4 added
- apache-commons-collections-3.2.2-150200.13.6.4 added
- apache-commons-httpclient-3.1-11.3.2 added
- apache-commons-io-2.11.0-150200.3.9.4 added
- apache-commons-lang-2.6-12.26 added
- apache-commons-logging-1.2-150200.11.6.4 added
- apparmor-abstractions-3.0.4-150500.9.3 added
- apparmor-docs-3.0.4-150500.9.3 added
- apparmor-parser-lang-3.0.4-150500.9.3 added
- apparmor-profiles-3.0.4-150500.9.3 added
- apparmor-rpm-macros-1.0-2.15 added
- apparmor-utils-3.0.4-150500.9.3 added
- apparmor-utils-lang-3.0.4-150500.9.3 added
- arabic-ae-fonts-2.0-1.52 added
- arabic-amiri-fonts-0.109-1.52 added
- arabic-bitmap-fonts-1.0-1.52 added
- arabic-fonts-0.20161120-1.52 added
- arabic-kacst-fonts-2.01-1.52 added
- arabic-kacstone-fonts-5.0-1.52 added
- arabic-naqsh-fonts-2.1-1.52 added
- arphic-bkai00mp-fonts-20001125-1.21 added
- arphic-bsmi00lp-fonts-20001125-1.21 added
- arphic-fonts-20001125-1.21 added
- arphic-gbsn00lp-fonts-20001125-1.21 added
- arphic-gkai00mp-fonts-20001125-1.21 added
- arphic-ukai-fonts-0.2.20080216.1-1.22 added
- arphic-uming-fonts-0.2.20080216.1-1.22 added
- arpwatch-ethercodes-2016.03.28-1.31 added
- asciidoc-9.1.0-150400.1.4 added
- at-spi2-core-lang-2.42.0-150400.2.7 added
- atk-lang-2.36.0-150400.2.9 added
- atmel-firmware-1.3-1.23 added
- autoconf-2.69-1.445 added
- automake-1.15.1-4.10.2 added
- autoyast2-4.5.13-150500.1.1 added
- autoyast2-installation-4.5.13-150500.1.1 added
- avahi-lang-0.8-150400.7.3.1 added
- axis-1.4-150200.13.6.4 added
- baekmuk-bitmap-fonts-2.1-1.22 added
- baekmuk-ttf-fonts-2.1-1.22 added
- barrel-lang-0.1.7-150500.1.4 added
- bash-completion-2.7-150400.13.3.1 added
- bash-completion-devel-2.7-150400.13.3.1 added
- bash-completion-doc-2.7-150400.13.3.1 added
- bash-doc-4.4-150400.25.22 added
- bash-lang-4.4-150400.25.22 added
- bcel-5.2-150200.11.3.1 added
- bea-stax-1.2.0-9.63 added
- bea-stax-api-1.2.0-9.63 added
- bison-lang-3.0.4-3.3.1 added
- bluez-zsh-completion-5.65-150500.1.3 added
- boost-license1_66_0-1.66.0-12.3.1 added
- branding-SLE-15-150400.38.3.1 added
- btrfsmaintenance-0.4.2-3.3.1 added
- btrfsprogs-udev-rules-5.14-150500.8.23 added
- ca-certificates-2+git20210309.21162a6-2.1 added
- ca-certificates-mozilla-2.60-150200.27.1 added
- cal10n-0.8.1.10-150200.11.6.3 added
- cantarell-fonts-0.303.1-150400.1.6 added
- cepces-0.3.4-150400.3.6.1 added
- cepces-certmonger-0.3.4-150400.3.6.1 added
- cglib-3.3.0-150200.3.6.5 added
- chrony-pool-empty-4.1-150400.19.4 added
- chrony-pool-suse-4.1-150400.19.4 added
- cm-unicode-fonts-0.7.0-1.22 added
- coreutils-doc-8.32-150400.7.5 added
- coreutils-lang-8.32-150400.7.5 added
- cpio-lang-2.13-150400.1.98 added
- cpuset-1.6-3.3.1 added
- crypto-policies-20210917.c9d86d1-150400.1.7 added
- crypto-policies-scripts-20210917.c9d86d1-150400.1.7 added
- cryptsetup-lang-2.4.3-150400.1.110 added
- dejagnu-1.6.1-3.3.2 added
- dejavu-fonts-2.37-1.21 added
- desktop-data-SLE-15-2.22 added
- dialog-lang-1.3-3.3.7 added
- diffutils-lang-3.6-4.3.1 added
- dmz-icon-theme-cursors-11.3.0-1.22 added
- docbook-xsl-stylesheets-1.79.2-1.18 added
- docbook_4-4.5-2.18 added
- dracut-sshd-0.6.1-2.34 added
- dstat-0.7.3-2.16 added
- ecj-4.18-150200.3.6.4 added
- efont-unicode-bitmap-fonts-0.4.2-1.21 added
- elfutils-lang-0.185-150400.5.3.1 added
- emacs-el-27.2-150400.3.6.1 added
- emacs-info-27.2-150400.3.6.1 added
- fail2ban-0.11.2-150400.2.4 added
- file-magic-5.32-7.14.1 added
- findutils-lang-4.8.0-1.20 added
- firewalld-0.9.3-150400.8.9.1 added
- firewalld-lang-0.9.3-150400.8.9.1 added
- firewalld-rpcbind-helper-0.1-3.6.1 added
- fonts-config-20200609+git0.42e2b1b-4.7.1 added
- gccmakedep-1.0.3-1.22 added
- gconf2-lang-3.2.6-9.26 added
- gdk-pixbuf-lang-2.42.9-150400.5.6.1 added
- geolite2legacy-0+git20200101.56d8a4f-1.3.1 added
- ghostscript-fonts-9.06-14.3.1 added
- ghostscript-fonts-other-9.06-14.3.1 added
- ghostscript-fonts-std-9.06-14.3.1 added
- ghostscript-fonts-std-converted-9.06-14.3.1 added
- gio-branding-SLE-15-150400.27.2.1 added
- glassfish-activation-api-1.2.0-150200.5.3.4 added
- glib-networking-lang-2.70.1-150400.1.6 added
- glib2-lang-2.70.5-150400.3.8.1 added
- glibc-i18ndata-2.31-150300.46.1 added
- glibc-info-2.31-150300.46.1 added
- glibc-lang-2.31-150300.46.1 added
- gnu-free-fonts-0.20120503-4.3.1 added
- gnu-unifont-legacy-bitmap-fonts-20080123-1.22 added
- google-caladea-fonts-1.002-1.22 added
- google-carlito-fonts-1.1.03.beta1-1.22 added
- google-droid-fonts-20121204-3.3.1 added
- google-noto-fonts-doc-20170919-9.9 added
- google-opensans-fonts-1.0-1.21 added
- google-poppins-fonts-4.003-6.3.1 added
- google-roboto-fonts-20161103.2.135-1.22 added
- gpg2-lang-2.2.27-150300.3.5.1 added
- grep-lang-3.1-150000.4.6.1 added
- grub2-branding-SLE-15-150400.38.3.1 added
- grub2-i386-pc-2.06-150500.27.4 added
- grub2-snapper-plugin-2.06-150500.27.4 added
- grub2-systemd-sleep-plugin-2.06-150500.27.4 added
- grub2-x86_64-efi-2.06-150500.27.4 added
- gsettings-desktop-schemas-lang-41.0-150400.1.8 added
- gstreamer-lang-1.22.0-150500.1.1 added
- gstreamer-plugins-base-lang-1.22.0-150500.1.2 added
- gstreamer-plugins-good-lang-1.22.0-150500.2.1 added
- gswrap-0.1-1.3.1 added
- gtk-doc-manual-lang-1.32-1.23 added
- gtk2-branding-SLE-15.0-150400.13.7 added
- gtk2-lang-2.24.33-150400.2.11 added
- gtk2-metatheme-adwaita-3.22.3-4.3.1 added
- gtk3-branding-SLE-15.0-150400.16.2.1 added
- gtk3-data-3.24.34-150400.3.3.1 added
- gtk3-lang-3.24.34-150400.3.3.1 added
- gtk3-metatheme-adwaita-3.22.3-4.3.1 added
- gtk3-schema-3.24.34-150400.3.3.1 added
- gtk4-branding-SLE-15.0-150400.1.9 added
- gtk4-schema-4.6.0-150400.3.3.1 added
- hicolor-icon-theme-0.17-150400.12.5 added
- hostinfo-1.0.6-1.1 added
- hwdata-0.368-150000.3.57.1 added
- hwloc-data-2.5.0-150400.3.3.1 added
- icewm-lang-1.4.2-150000.7.15.1 added
- icewm-theme-branding-1.2.5-150300.5.3.1 added
- indic-fonts-20160512-150400.12.9 added
- insserv-compat-0.1-4.6.1 added
- intel-SINIT-2.3-2.17 added
- intlfonts-1.2.1-1.21 added
- intlfonts-arabic-bitmap-fonts-1.2.1-1.21 added
- intlfonts-asian-bitmap-fonts-1.2.1-1.21 added
- intlfonts-bdf-fonts-1.2.1-1.21 added
- intlfonts-chinese-big-bitmap-fonts-1.2.1-1.21 added
- intlfonts-chinese-bitmap-fonts-1.2.1-1.21 added
- intlfonts-ethiopic-bitmap-fonts-1.2.1-1.21 added
- intlfonts-euro-bitmap-fonts-1.2.1-1.21 added
- intlfonts-japanese-big-bitmap-fonts-1.2.1-1.21 added
- intlfonts-japanese-bitmap-fonts-1.2.1-1.21 added
- intlfonts-phonetic-bitmap-fonts-1.2.1-1.21 added
- intlfonts-ttf-fonts-1.2.1-1.21 added
- intlfonts-type1-fonts-1.2.1-1.21 added
- iotop-0.6-4.3.11 added
- ipa-ex-gothic-fonts-004.01-3.3.1 added
- ipa-ex-mincho-fonts-004.01-3.3.1 added
- ipa-gothic-fonts-003.03-1.23 added
- ipa-mincho-fonts-003.03-1.23 added
- ipa-pgothic-fonts-003.03-1.23 added
- ipa-pmincho-fonts-003.03-1.23 added
- iso-codes-4.8.0-150400.1.5 added
- iso-codes-devel-4.8.0-150400.1.5 added
- iso-codes-lang-4.8.0-150400.1.5 added
- iso_ent-2000.11.03-1.22 added
- issue-generator-1.13-150500.1.2 added
- jackson-annotations-2.13.0-150200.3.6.1 added
- jackson-core-2.13.0-150200.3.6.1 added
- jackson-databind-2.13.4.2-150200.3.12.1 added
- jakarta-commons-discovery-0.4-150000.4.8.2 added
- javamail-1.5.2-150200.3.4.4 added
- json-glib-lang-1.6.6-150400.1.11 added
- kbd-legacy-2.4.0-150400.5.3.1 added
- kernel-devel-5.14.21-150500.53.2 added
- kernel-firmware-all-20230320-150500.1.1 added
- kernel-firmware-amdgpu-20230320-150500.1.1 added
- kernel-firmware-ath10k-20230320-150500.1.1 added
- kernel-firmware-ath11k-20230320-150500.1.1 added
- kernel-firmware-atheros-20230320-150500.1.1 added
- kernel-firmware-bluetooth-20230320-150500.1.1 added
- kernel-firmware-bnx2-20230320-150500.1.1 added
- kernel-firmware-brcm-20230320-150500.1.1 added
- kernel-firmware-chelsio-20230320-150500.1.1 added
- kernel-firmware-dpaa2-20230320-150500.1.1 added
- kernel-firmware-i915-20230320-150500.1.1 added
- kernel-firmware-intel-20230320-150500.1.1 added
- kernel-firmware-iwlwifi-20230320-150500.1.1 added
- kernel-firmware-liquidio-20230320-150500.1.1 added
- kernel-firmware-marvell-20230320-150500.1.1 added
- kernel-firmware-media-20230320-150500.1.1 added
- kernel-firmware-mediatek-20230320-150500.1.1 added
- kernel-firmware-mellanox-20230320-150500.1.1 added
- kernel-firmware-mwifiex-20230320-150500.1.1 added
- kernel-firmware-network-20230320-150500.1.1 added
- kernel-firmware-nfp-20230320-150500.1.1 added
- kernel-firmware-nvidia-20230320-150500.1.1 added
- kernel-firmware-platform-20230320-150500.1.1 added
- kernel-firmware-prestera-20230320-150500.1.1 added
- kernel-firmware-qcom-20230320-150500.1.1 added
- kernel-firmware-qlogic-20230320-150500.1.1 added
- kernel-firmware-radeon-20230320-150500.1.1 added
- kernel-firmware-realtek-20230320-150500.1.1 added
- kernel-firmware-serial-20230320-150500.1.1 added
- kernel-firmware-sound-20230320-150500.1.1 added
- kernel-firmware-ti-20230320-150500.1.1 added
- kernel-firmware-ueagle-20230320-150500.1.1 added
- kernel-firmware-usb-network-20230320-150500.1.1 added
- kernel-macros-5.14.21-150500.53.2 added
- keylime-agent-6.3.2-150400.4.14.1 added
- keylime-config-6.3.2-150400.4.14.1 added
- keylime-firewalld-6.3.2-150400.4.14.1 added
- keylime-logrotate-6.3.2-150400.4.14.1 added
- keylime-registrar-6.3.2-150400.4.14.1 added
- keylime-tpm_cert_store-6.3.2-150400.4.14.1 added
- keylime-verifier-6.3.2-150400.4.14.1 added
- khmeros-fonts-5.0-1.22 added
- kmod-bash-completion-29-4.15.1 added
- latex2html-pngicons-2017.2-2.41 added
- lato-fonts-2.0-1.26 added
- libQt5Core-private-headers-devel-5.15.8+kde185-150500.2.1 added
- libQt5DBus-private-headers-devel-5.15.8+kde185-150500.2.1 added
- libQt5Gui-private-headers-devel-5.15.8+kde185-150500.2.1 added
- libQt5KmsSupport-private-headers-devel-5.15.8+kde185-150500.2.1 added
- libQt5Network-private-headers-devel-5.15.8+kde185-150500.2.1 added
- libQt5OpenGL-private-headers-devel-5.15.8+kde185-150500.2.1 added
- libQt5PlatformSupport-private-headers-devel-5.15.8+kde185-150500.2.1 added
- libQt5PrintSupport-private-headers-devel-5.15.8+kde185-150500.2.1 added
- libQt5Sql-private-headers-devel-5.15.8+kde185-150500.2.1 added
- libQt5Test-private-headers-devel-5.15.8+kde185-150500.2.1 added
- libQt5Widgets-private-headers-devel-5.15.8+kde185-150500.2.1 added
- libX11-data-1.6.5-150000.3.27.1 added
- libcontainers-common-20230214-150500.2.1 added
- liberation-fonts-1.07.4-2.13 added
- libfido2-udev-1.5.0-1.30 added
- libicu65_1-ledata-65.1-150200.4.5.1 added
- libicu69-ledata-69.1-7.3.2 added
- libldap-data-2.4.46-150200.14.11.2 added
- libnl-config-3.3.0-1.29 added
- libopenssl-devel-1.1.1l-150400.1.5 added
- libosinfo-lang-1.10.0-150500.1.3 added
- libpwquality-lang-1.4.4-150400.15.4 added
- libqt5-qtbase-private-headers-devel-5.15.8+kde185-150500.2.1 added
- libsecret-lang-0.20.5-150400.4.3.1 added
- libsoup-lang-3.0.4-150400.1.6 added
- libsoup2-lang-2.74.2-150400.1.6 added
- libstorage-ng-lang-4.5.101-150500.1.1 added
- libxcb-devel-doc-1.13-150000.3.9.1 added
- lklug-fonts-0.6-1.24 added
- log4j-2.17.2-150200.4.24.13 added
- log4j-javadoc-2.17.2-150200.4.24.13 added
- log4j-jcl-2.17.2-150200.4.24.13 added
- log4j-slf4j-2.17.2-150200.4.24.13 added
- log4j12-1.2.17-4.9.1 added
- login_defs-4.8.1-150400.10.6.1 added
- lsb-release-3.1-1.16 added
- lshw-lang-B.02.19.2+git.20230320-150200.3.15.4 added
- lua-macros-20170611-1.152 added
- make-lang-4.2.1-7.3.2 added
- man-pages-4.16-13.3.1 added
- man-pages-posix-2013a-3.3.1 added
- metatheme-adwaita-common-3.22.3-4.3.1 added
- mgopen-fonts-0.20050518-1.22 added
- minicom-lang-2.7.1-1.19 added
- mlocate-lang-0.26-150400.16.3.1 added
- mutt-doc-1.10.1-150000.3.23.1 added
- mutt-lang-1.10.1-150000.3.23.1 added
- mx4j-3.0.2-150200.13.4.2 added
- myspell-de-20191219-150000.3.25.1 added
- myspell-de_AT-20191219-150000.3.25.1 added
- myspell-de_CH-20191219-150000.3.25.1 added
- myspell-de_DE-20191219-150000.3.25.1 added
- myspell-en-20191219-150000.3.25.1 added
- myspell-en_US-20191219-150000.3.25.1 added
- myspell-es-20191219-150000.3.25.1 added
- myspell-es_ES-20191219-150000.3.25.1 added
- myspell-hu_HU-20191219-150000.3.25.1 added
- myspell-nb_NO-20191219-150000.3.25.1 added
- myspell-no-20191219-150000.3.25.1 added
- myspell-pt_BR-20191219-150000.3.25.1 added
- myspell-ro-20191219-150000.3.25.1 added
- myspell-ro_RO-20191219-150000.3.25.1 added
- myspell-ru_RU-20191219-150000.3.25.1 added
- nanum-fonts-20110907-1.65 added
- nanum-gothic-coding-fonts-2.0-1.65 added
- net-tools-lang-2.0+git20170221.479bb4a-3.11 added
- netcfg-11.6-3.3.1 added
- noto-coloremoji-fonts-20191119-1.9 added
- noto-kufiarabic-fonts-20170919-9.9 added
- noto-mono-fonts-20170919-9.9 added
- noto-naskharabic-fonts-20170919-9.9 added
- noto-naskharabic-ui-fonts-20170919-9.9 added
- noto-nastaliqurdu-fonts-20170919-9.9 added
- noto-sans-arabic-fonts-20170919-9.9 added
- noto-sans-arabic-ui-fonts-20170919-9.9 added
- noto-sans-armenian-fonts-20170919-9.9 added
- noto-sans-bamum-fonts-20170919-9.9 added
- noto-sans-bengali-fonts-20170919-9.9 added
- noto-sans-bengali-ui-fonts-20170919-9.9 added
- noto-sans-cjk-fonts-20170403-150200.10.3.1 added
- noto-sans-devanagari-fonts-20170919-9.9 added
- noto-sans-display-fonts-20170919-9.9 added
- noto-sans-ethiopic-fonts-20170919-9.9 added
- noto-sans-fonts-20170919-9.9 added
- noto-sans-georgian-fonts-20170919-9.9 added
- noto-sans-gujarati-fonts-20170919-9.9 added
- noto-sans-gujarati-ui-fonts-20170919-9.9 added
- noto-sans-gurmukhi-fonts-20170919-9.9 added
- noto-sans-gurmukhi-ui-fonts-20170919-9.9 added
- noto-sans-hebrew-fonts-20170919-9.9 added
- noto-sans-jp-black-fonts-20170403-150200.10.3.1 added
- noto-sans-jp-bold-fonts-20170403-150200.10.3.1 added
- noto-sans-jp-demilight-fonts-20170403-150200.10.3.1 added
- noto-sans-jp-fonts-20170403-150200.10.3.1 added
- noto-sans-jp-fonts-full-20170403-150200.10.3.1 added
- noto-sans-jp-light-fonts-20170403-150200.10.3.1 added
- noto-sans-jp-medium-fonts-20170403-150200.10.3.1 added
- noto-sans-jp-mono-fonts-20170403-150200.10.3.1 added
- noto-sans-jp-regular-fonts-20170403-150200.10.3.1 added
- noto-sans-jp-thin-fonts-20170403-150200.10.3.1 added
- noto-sans-kannada-fonts-20170919-9.9 added
- noto-sans-kannada-ui-fonts-20170919-9.9 added
- noto-sans-kayahli-fonts-20170919-9.9 added
- noto-sans-khmer-fonts-20170919-9.9 added
- noto-sans-khmer-ui-fonts-20170919-9.9 added
- noto-sans-kr-black-fonts-20170403-150200.10.3.1 added
- noto-sans-kr-bold-fonts-20170403-150200.10.3.1 added
- noto-sans-kr-demilight-fonts-20170403-150200.10.3.1 added
- noto-sans-kr-fonts-20170403-150200.10.3.1 added
- noto-sans-kr-fonts-full-20170403-150200.10.3.1 added
- noto-sans-kr-light-fonts-20170403-150200.10.3.1 added
- noto-sans-kr-medium-fonts-20170403-150200.10.3.1 added
- noto-sans-kr-mono-fonts-20170403-150200.10.3.1 added
- noto-sans-kr-regular-fonts-20170403-150200.10.3.1 added
- noto-sans-kr-thin-fonts-20170403-150200.10.3.1 added
- noto-sans-lao-fonts-20170919-9.9 added
- noto-sans-lao-ui-fonts-20170919-9.9 added
- noto-sans-lepcha-fonts-20170919-9.9 added
- noto-sans-lisu-fonts-20170919-9.9 added
- noto-sans-malayalam-fonts-20170919-9.9 added
- noto-sans-malayalam-ui-fonts-20170919-9.9 added
- noto-sans-mongolian-fonts-20170919-9.9 added
- noto-sans-mono-fonts-20170919-9.9 added
- noto-sans-myanmar-fonts-20170919-9.9 added
- noto-sans-myanmar-ui-fonts-20170919-9.9 added
- noto-sans-newtailue-fonts-20170919-9.9 added
- noto-sans-nko-fonts-20170919-9.9 added
- noto-sans-oriya-fonts-20170919-9.9 added
- noto-sans-oriya-ui-fonts-20170919-9.9 added
- noto-sans-saurashtra-fonts-20170919-9.9 added
- noto-sans-sc-black-fonts-20170403-150200.10.3.1 added
- noto-sans-sc-bold-fonts-20170403-150200.10.3.1 added
- noto-sans-sc-demilight-fonts-20170403-150200.10.3.1 added
- noto-sans-sc-fonts-20170403-150200.10.3.1 added
- noto-sans-sc-fonts-full-20170403-150200.10.3.1 added
- noto-sans-sc-light-fonts-20170403-150200.10.3.1 added
- noto-sans-sc-medium-fonts-20170403-150200.10.3.1 added
- noto-sans-sc-mono-fonts-20170403-150200.10.3.1 added
- noto-sans-sc-regular-fonts-20170403-150200.10.3.1 added
- noto-sans-sc-thin-fonts-20170403-150200.10.3.1 added
- noto-sans-sinhala-fonts-20170919-9.9 added
- noto-sans-sinhala-ui-fonts-20170919-9.9 added
- noto-sans-symbols-fonts-20170919-9.9 added
- noto-sans-symbols2-fonts-20170919-9.9 added
- noto-sans-syriaceastern-fonts-20170919-9.9 added
- noto-sans-syriacestrangela-fonts-20170919-9.9 added
- noto-sans-syriacwestern-fonts-20170919-9.9 added
- noto-sans-taitham-fonts-20170919-9.9 added
- noto-sans-taiviet-fonts-20170919-9.9 added
- noto-sans-tamil-fonts-20170919-9.9 added
- noto-sans-tamil-ui-fonts-20170919-9.9 added
- noto-sans-tc-black-fonts-20170403-150200.10.3.1 added
- noto-sans-tc-bold-fonts-20170403-150200.10.3.1 added
- noto-sans-tc-demilight-fonts-20170403-150200.10.3.1 added
- noto-sans-tc-fonts-20170403-150200.10.3.1 added
- noto-sans-tc-fonts-full-20170403-150200.10.3.1 added
- noto-sans-tc-light-fonts-20170403-150200.10.3.1 added
- noto-sans-tc-medium-fonts-20170403-150200.10.3.1 added
- noto-sans-tc-mono-fonts-20170403-150200.10.3.1 added
- noto-sans-tc-regular-fonts-20170403-150200.10.3.1 added
- noto-sans-tc-thin-fonts-20170403-150200.10.3.1 added
- noto-sans-telugu-fonts-20170919-9.9 added
- noto-sans-telugu-ui-fonts-20170919-9.9 added
- noto-sans-thaana-fonts-20170919-9.9 added
- noto-sans-thai-fonts-20170919-9.9 added
- noto-sans-thai-ui-fonts-20170919-9.9 added
- noto-sans-tibetan-fonts-20170919-9.9 added
- noto-sans-tifinagh-fonts-20170919-9.9 added
- noto-sans-vai-fonts-20170919-9.9 added
- noto-sans-yi-fonts-20170919-9.9 added
- noto-serif-armenian-fonts-20170919-9.9 added
- noto-serif-bengali-fonts-20170919-9.9 added
- noto-serif-devanagari-fonts-20170919-9.9 added
- noto-serif-display-fonts-20170919-9.9 added
- noto-serif-ethiopic-fonts-20170919-9.9 added
- noto-serif-fonts-20170919-9.9 added
- noto-serif-georgian-fonts-20170919-9.9 added
- noto-serif-gujarati-fonts-20170919-9.9 added
- noto-serif-hebrew-fonts-20170919-9.9 added
- noto-serif-jp-black-fonts-20170403-1.9 added
- noto-serif-jp-bold-fonts-20170403-1.9 added
- noto-serif-jp-extralight-fonts-20170403-1.9 added
- noto-serif-jp-fonts-20170403-1.9 added
- noto-serif-jp-fonts-full-20170403-1.9 added
- noto-serif-jp-light-fonts-20170403-1.9 added
- noto-serif-jp-medium-fonts-20170403-1.9 added
- noto-serif-jp-regular-fonts-20170403-1.9 added
- noto-serif-jp-semibold-fonts-20170403-1.9 added
- noto-serif-kannada-fonts-20170919-9.9 added
- noto-serif-khmer-fonts-20170919-9.9 added
- noto-serif-kr-black-fonts-20170403-1.9 added
- noto-serif-kr-bold-fonts-20170403-1.9 added
- noto-serif-kr-extralight-fonts-20170403-1.9 added
- noto-serif-kr-fonts-20170403-1.9 added
- noto-serif-kr-fonts-full-20170403-1.9 added
- noto-serif-kr-light-fonts-20170403-1.9 added
- noto-serif-kr-medium-fonts-20170403-1.9 added
- noto-serif-kr-regular-fonts-20170403-1.9 added
- noto-serif-kr-semibold-fonts-20170403-1.9 added
- noto-serif-lao-fonts-20170919-9.9 added
- noto-serif-malayalam-fonts-20170919-9.9 added
- noto-serif-myanmar-fonts-20170919-9.9 added
- noto-serif-sc-black-fonts-20170403-1.9 added
- noto-serif-sc-bold-fonts-20170403-1.9 added
- noto-serif-sc-extralight-fonts-20170403-1.9 added
- noto-serif-sc-fonts-20170403-1.9 added
- noto-serif-sc-fonts-full-20170403-1.9 added
- noto-serif-sc-light-fonts-20170403-1.9 added
- noto-serif-sc-medium-fonts-20170403-1.9 added
- noto-serif-sc-regular-fonts-20170403-1.9 added
- noto-serif-sc-semibold-fonts-20170403-1.9 added
- noto-serif-sinhala-fonts-20170919-9.9 added
- noto-serif-tamil-fonts-20170919-9.9 added
- noto-serif-tc-black-fonts-20170403-1.9 added
- noto-serif-tc-bold-fonts-20170403-1.9 added
- noto-serif-tc-extralight-fonts-20170403-1.9 added
- noto-serif-tc-fonts-20170403-1.9 added
- noto-serif-tc-fonts-full-20170403-1.9 added
- noto-serif-tc-light-fonts-20170403-1.9 added
- noto-serif-tc-medium-fonts-20170403-1.9 added
- noto-serif-tc-regular-fonts-20170403-1.9 added
- noto-serif-tc-semibold-fonts-20170403-1.9 added
- noto-serif-telugu-fonts-20170919-9.9 added
- noto-serif-thai-fonts-20170919-9.9 added
- novnc-1.2.0-150100.3.6.1 added
- nvme-cli-bash-completion-2.2.1+3.gd028407-150500.2.4 added
- nvme-cli-zsh-completion-2.2.1+3.gd028407-150500.2.4 added
- oath-toolkit-xml-2.6.2-150000.3.3.1 added
- objectweb-asm-9.3-150200.3.4.4 added
- onboard-data-1.4.1-7.11 added
- onboard-lang-1.4.1-7.11 added
- openssl-1.1.1l-150400.1.5 added
- oro-2.0.8-150200.11.4.4 added
- osinfo-db-20221130-150500.1.1 added
- pam-doc-1.3.0-150000.6.61.1 added
- parted-lang-3.2-19.1 added
- patterns-wsl-base-20221221-150400.3.8.1 added
- patterns-wsl-gui-20221221-150400.3.8.1 added
- patterns-wsl-systemd-20221221-150400.3.8.1 added
- pciutils-ids-20200324-3.6.1 added
- perl-Archive-Zip-1.60-3.3.1 added
- perl-B-Hooks-EndOfScope-0.21-1.22 added
- perl-Business-ISBN-3.005-150400.1.4 added
- perl-Business-ISBN-Data-20210112.006-150400.1.4 added
- perl-Business-ISMN-1.131-1.22 added
- perl-Business-ISSN-0.91-1.24 added
- perl-CGI-4.46-3.3.1 added
- perl-CPAN-Changes-0.400002-1.24 added
- perl-Carp-Clan-6.06-1.24 added
- perl-Class-Accessor-0.51-1.19 added
- perl-Class-Data-Inheritable-0.08-59.24 added
- perl-Class-Factory-Util-1.7-1.23 added
- perl-Class-Inspector-1.32-1.22 added
- perl-Class-Singleton-1.5-1.24 added
- perl-Config-Crontab-1.45-1.25 added
- perl-Convert-ASN1-0.27-1.6.2 added
- perl-Convert-BinHex-1.125-1.24 added
- perl-Data-Compare-1.25-1.22 added
- perl-Data-Dump-1.23-1.24 added
- perl-Data-Uniqid-0.12-1.24 added
- perl-Date-Calc-6.4-1.23 added
- perl-DateTime-Calendar-Julian-0.04-1.23 added
- perl-DateTime-Format-Builder-0.81-1.23 added
- perl-DateTime-Format-Strptime-1.74-1.20 added
- perl-DateTime-Locale-1.170000-1.17 added
- perl-DateTime-TimeZone-2.15-1.17 added
- perl-Devel-StackTrace-2.03-1.19 added
- perl-Devel-Symdump-2.18-1.24 added
- perl-Digest-HMAC-1.03-1.22 added
- perl-Digest-Perl-MD5-1.9-1.20 added
- perl-Dist-CheckConflicts-0.11-1.23 added
- perl-Encode-Locale-1.05-1.24 added
- perl-Error-0.17025-1.20 added
- perl-Eval-Closure-0.14-1.22 added
- perl-Exception-Class-1.44-1.17 added
- perl-Exporter-Tiny-1.000000-2.19 added
- perl-ExtUtils-Depends-0.8001-150400.1.5 added
- perl-ExtUtils-MakeMaker-7.62-150400.1.5 added
- perl-ExtUtils-PkgConfig-1.160000-150400.1.5 added
- perl-File-Copy-Recursive-0.38-1.24 added
- perl-File-Find-Rule-0.34-1.22 added
- perl-File-HomeDir-1.002-1.18 added
- perl-File-Listing-6.04-1.23 added
- perl-File-Path-2.150000-1.22 added
- perl-File-ShareDir-1.104-1.22 added
- perl-File-Slurp-9999.19-1.24 added
- perl-File-Slurp-Unicode-0.7.1-1.22 added
- perl-File-Slurper-0.012-150400.1.4 added
- perl-File-Which-1.22-1.22 added
- perl-Gtk3-0.038-150400.1.9 added
- perl-HTML-Form-6.03-1.22 added
- perl-HTML-Format-2.11-1.22 added
- perl-HTML-Tagset-3.20-1.24 added
- perl-HTML-Tree-5.07-1.20 added
- perl-HTTP-Cookies-6.04-1.20 added
- perl-HTTP-Daemon-6.01-150000.3.5.1 added
- perl-HTTP-Date-6.02-1.24 added
- perl-HTTP-Message-6.14-1.16 added
- perl-HTTP-Negotiate-6.01-1.23 added
- perl-HTTP-Server-Simple-0.52-1.22 added
- perl-IO-HTML-1.001-1.24 added
- perl-IO-SessionData-1.03-1.16 added
- perl-IO-Socket-INET6-2.72-1.22 added
- perl-IO-Socket-SSL-2.066-150400.7.3.1 added
- perl-IO-stringy-2.111-1.26 added
- perl-IPC-Run3-0.048-1.24 added
- perl-IPC-System-Simple-1.25-1.24 added
- perl-JSON-2.97001-1.18 added
- perl-LWP-MediaTypes-6.02-1.25 added
- perl-LWP-Protocol-https-6.06-150000.3.3.1 added
- perl-List-AllUtils-0.14-1.22 added
- perl-List-MoreUtils-0.428-1.17 added
- perl-List-SomeUtils-0.56-1.20 added
- perl-List-UtilsBy-0.10-1.22 added
- perl-Log-Log4perl-1.49-1.22 added
- perl-MIME-Charset-1.012.2-1.24 added
- perl-MIME-tools-5.509-1.24 added
- perl-MRO-Compat-0.13-1.24 added
- perl-Mail-DKIM-0.40-1.23 added
- perl-Mail-SPF-2.9.0-3.3.1 added
- perl-MailTools-2.19-1.20 added
- perl-Module-Implementation-0.09-1.22 added
- perl-Module-Runtime-0.016-1.17 added
- perl-Net-DNS-1.14-1.16 added
- perl-Net-HTTP-6.17-1.20 added
- perl-Net-Server-2.009-150000.3.3.1 added
- perl-Number-Compare-0.03-1.24 added
- perl-OLE-Storage_Lite-0.19-8.26 added
- perl-Package-DeprecationManager-0.17-1.22 added
- perl-Package-Stash-0.37-1.23 added
- perl-Params-ValidationCompiler-0.26-1.17 added
- perl-Pod-Coverage-0.23-1.23 added
- perl-Regexp-Common-2017060201-1.25 added
- perl-Role-Tiny-2.000006-1.19 added
- perl-SOAP-Lite-1.27-1.20 added
- perl-Specio-0.42-1.17 added
- perl-Spreadsheet-ParseExcel-0.65-1.19 added
- perl-String-ShellQuote-1.04-2.17 added
- perl-Sub-Exporter-Progressive-0.001013-1.24 added
- perl-Sub-Install-0.928-1.24 added
- perl-Sub-Quote-2.004000-1.20 added
- perl-Sub-Uplevel-0.240.0-1.22 added
- perl-Task-Weaken-1.06-2.13 added
- perl-Test-Exception-0.430000-1.22 added
- perl-Test-Fatal-0.014-1.23 added
- perl-Test-Pod-1.51-1.24 added
- perl-Test-Pod-Coverage-1.10-1.23 added
- perl-Test-Warn-0.32-1.22 added
- perl-Text-CSV-1.95-1.24 added
- perl-Text-Glob-0.11-1.24 added
- perl-Text-Roman-3.5-1.25 added
- perl-Tie-Cycle-1.225-1.24 added
- perl-TimeDate-2.30-3.9.1 added
- perl-Try-Tiny-0.30-1.17 added
- perl-URI-1.73-1.16 added
- perl-WWW-Mechanize-1.75-1.22 added
- perl-WWW-RobotRules-6.02-1.23 added
- perl-XML-LibXML-Simple-0.99-1.17 added
- perl-XML-NamespaceSupport-1.12-1.24 added
- perl-XML-Parser-Lite-0.722-1.16 added
- perl-XML-SAX-Base-1.09-1.25 added
- perl-XML-SAX-Expat-0.51-1.22 added
- perl-XML-Simple-2.24-1.22 added
- perl-XML-Twig-3.52-3.3.1 added
- perl-XML-Writer-0.625-1.24 added
- perl-XML-XPath-1.42-1.20 added
- perl-YAML-Tiny-1.70-1.24 added
- perl-biber-2021.20210325.svn30357-150400.29.15 added
- perl-libwww-perl-6.31-1.17 added
- perl-namespace-autoclean-0.28-1.22 added
- perl-namespace-clean-0.27-1.22 added
- permissions-zypp-plugin-20201225-150400.5.16.1 added
- plymouth-branding-SLE-15-150400.38.3.1 added
- plymouth-dracut-0.9.5~git20210406.e554475-150400.3.8.1 added
- plymouth-lang-0.9.5~git20210406.e554475-150400.3.8.1 added
- plymouth-scripts-0.9.5~git20210406.e554475-150400.3.8.1 added
- policycoreutils-lang-3.1-150400.1.5 added
- policycoreutils-python-utils-3.1-150400.1.5 added
- polkit-default-privs-13.2+20230317.d2bceab-150400.3.6.1 added
- polkit-gnome-lang-0.105-150400.14.10 added
- postfix-doc-3.7.2-150500.1.19 added
- postgresql-15-150500.8.19 added
- pothana2000-fonts-1.1-1.23 added
- psmisc-lang-23.0-150000.6.22.1 added
- publicsuffix-20220903-150000.3.12.1 added
- purge-kernels-service-0-150200.8.6.1 added
- python-rpm-generators-20230304.050c1a4-150400.3.6.1 added
- python-rpm-macros-20230304.050c1a4-150400.3.6.1 added
- python-rtslib-fb-common-2.1.75-150500.1.4 added
- python-websockify-common-0.8.0-9.3.1 added
- python3-Babel-2.8.0-3.3.1 added
- python3-CherryPy-18.3.0-1.31 added
- python3-Flask-1.0.4-150400.1.6 added
- python3-Flask-Babel-2.0.0-1.9 added
- python3-Flask-BabelEx-0.9.4-1.9 added
- python3-Flask-Gravatar-0.5.0-1.38 added
- python3-Flask-HTMLmin-1.5.0-1.30 added
- python3-Flask-Login-0.4.1-1.30 added
- python3-Flask-Mail-0.9.1-1.30 added
- python3-Flask-Migrate-2.4.0-150400.10.5 added
- python3-Flask-Paranoid-0.2.0-1.30 added
- python3-Flask-Principal-0.4.0-1.30 added
- python3-Flask-SQLAlchemy-2.4.4-1.9 added
- python3-Flask-Script-2.0.6-1.30 added
- python3-Flask-Security-Too-3.4.2-150200.3.6.1 added
- python3-Flask-WTF-0.14.3-1.9 added
- python3-Jinja2-2.10.1-3.10.2 added
- python3-Mako-1.0.7-150000.3.3.1 added
- python3-PrettyTable-0.7.2-3.23 added
- python3-PyJWT-2.4.0-150200.3.6.2 added
- python3-PySocks-1.6.8-1.19 added
- python3-Pygments-2.6.1-4.3.1 added
- python3-SecretStorage-3.3.0-1.1 added
- python3-Sphinx_4_2_0-4.2.0-150400.11.6 added
- python3-WTForms-2.2.1-1.6 added
- python3-WebOb-1.7.4-1.11 added
- python3-WebTest-2.0.28-1.25 added
- python3-Werkzeug-1.0.1-150300.3.3.1 added
- python3-adal-1.2.4-7.4.1 added
- python3-alabaster-0.7.10-3.2.1 added
- python3-alembic-1.0.3-1.24 added
- python3-apipkg-2.1.0-150500.1.1 added
- python3-appdirs-1.4.3-1.21 added
- python3-argcomplete-1.9.2-3.2.14 added
- python3-asn1crypto-0.24.0-3.2.1 added
- python3-atspi-2.38.2-150400.1.9 added
- python3-attrs-19.3.0-3.4.1 added
- python3-beautifulsoup4-4.8.2-1.18 added
- python3-bind-9.16.38-150400.5.20.2 added
- python3-blinker-1.4-3.4.1 added
- python3-boto3-1.26.89-150200.23.12.1 added
- python3-botocore-1.29.89-150200.37.14.1 added
- python3-cachetools-4.1.0-150200.3.4.1 added
- python3-cepces-0.3.4-150400.3.6.1 added
- python3-certifi-2018.1.18-150000.3.3.1 added
- python3-chardet-3.0.4-3.23 added
- python3-cheroot-6.5.5-3.8 added
- python3-click-7.0-1.27 added
- python3-configobj-5.0.6-1.24 added
- python3-configshell-fb-1.1.29-3.3.1 added
- python3-construct-2.8.12-1.23 added
- python3-contextvars-2.4-150000.1.3.1 added
- python3-cssselect-1.0.3-150000.3.3.1 added
- python3-dasbus-1.6-150400.1.8 added
- python3-dataclasses-0.8-150400.1.8 added
- python3-decorator-4.4.2-7.3.13 added
- python3-defusedxml-0.6.0-1.42 added
- python3-distro-1.5.0-3.5.1 added
- python3-dnspython-1.15.0-150000.3.2.1 added
- python3-docopt-0.6.2-1.24 added
- python3-docutils-0.14-1.20 added
- python3-ecdsa-0.13.3-3.7.1 added
- python3-email_validator-1.1.0-1.6 added
- python3-entrypoints-0.3-1.12 added
- python3-extras-1.0.0-4.22 added
- python3-fasteners-0.14.1-3.2.4 added
- python3-fastimport-0.9.8-150400.1.6 added
- python3-fido2-0.5.0-1.23 added
- python3-firewall-0.9.3-150400.8.9.1 added
- python3-fixtures-3.0.0-4.22 added
- python3-future-0.18.2-150300.3.3.1 added
- python3-gedit-40.1-150400.4.3.1 added
- python3-google-auth-1.21.2-150300.3.6.1 added
- python3-html5lib-1.0.1-1.22 added
- python3-htmlmin-0.1.12-1.23 added
- python3-httplib2-0.19.0-3.3.1 added
- python3-idna-2.6-1.20 added
- python3-imagesize-0.7.1-3.2.1 added
- python3-importlib-metadata-1.5.0-3.3.5 added
- python3-iniconfig-1.1.1-150000.1.9.1 added
- python3-ipaddr-2.1.11-2.24 added
- python3-ipy-0.83-4.22 added
- python3-isodate-0.6.0-3.7.1 added
- python3-itsdangerous-1.1.0-1.6 added
- python3-javapackages-5.3.1-150200.3.4.4 added
- python3-jeepney-0.6.0-1.1 added
- python3-jmespath-0.9.3-1.21 added
- python3-jsonschema-3.2.0-9.3.1 added
- python3-keylime-6.3.2-150400.4.14.1 added
- python3-keyring-21.2.1-1.1 added
- python3-libevdev-0.9-150400.1.7 added
- python3-libstoragemgmt-1.8.5-3.3.1 added
- python3-linecache2-1.0.0-1.25 added
- python3-linux-procfs-0.6-1.26 added
- python3-logutils-0.3.5-1.24 added
- python3-monotonic-1.5-7.3.13 added
- python3-more-itertools-8.10.0-150400.1.6 added
- python3-netaddr-0.7.19-1.17 added
- python3-networkx-2.0-3.2.8 added
- python3-notify2-0.3.1-150400.1.5 added
- python3-oauth2client-4.1.3-3.2.1 added
- python3-oauthlib-2.0.6-3.4.1 added
- python3-ordered-set-4.0.2-150400.1.4 added
- python3-packaging-21.3-150200.3.3.1 added
- python3-paramiko-2.4.3-150100.6.18.1 added
- python3-passlib-1.7.4-1.10 added
- python3-pbr-4.3.0-6.22 added
- python3-pecan-1.2.1-1.27 added
- python3-pexpect-4.8.0-150400.13.6 added
- python3-pip-20.0.2-150400.20.1 added
- python3-pip-wheel-20.0.2-150400.20.1 added
- python3-pkgconfig-1.5.1-1.42 added
- python3-ply-3.10-1.27 added
- python3-policycoreutils-3.1-150400.1.5 added
- python3-portend-2.5-1.28 added
- python3-ptyprocess-0.5.2-1.54 added
- python3-py-1.10.0-150100.5.12.1 added
- python3-pyOpenSSL-21.0.0-150400.3.3.1 added
- python3-pyasn1-0.4.2-3.2.1 added
- python3-pyasn1-modules-0.2.1-3.4.12 added
- python3-pybeam-0.4.1-1.9 added
- python3-pycparser-2.17-3.2.1 added
- python3-pyinotify-0.9.6-4.5.1 added
- python3-pyparsing-2.4.7-1.24 added
- python3-python-dateutil-2.8.1-1.24 added
- python3-python-editor-1.0.4-150400.11.3.1 added
- python3-python-gnupg-0.4.7-150400.1.4 added
- python3-python-mimeparse-1.6.0-4.22 added
- python3-python3-saml-1.7.0-150400.8.4 added
- python3-pytz-2022.1-150300.3.6.1 added
- python3-pyudev-0.22.0+git.1642212208.d5630bf-150400.1.32 added
- python3-requests-2.24.0-1.24 added
- python3-requests-aws-0.1.8-6.13 added
- python3-requests-kerberos-0.12.0-3.3.1 added
- python3-requests-oauthlib-0.8.0-3.4.1 added
- python3-rsa-3.4.2-150000.3.7.1 added
- python3-rtslib-fb-2.1.75-150500.1.4 added
- python3-s3transfer-0.6.0-150200.9.7.1 added
- python3-scripttest-1.3-3.3.4 added
- python3-setuptools-44.1.1-150400.9.3.3 added
- python3-setuptools-test-44.1.1-150400.9.3.3 added
- python3-setuptools-wheel-44.1.1-150400.9.3.3 added
- python3-sip-devel-6.7.5-150500.1.3 added
- python3-six-1.14.0-12.1 added
- python3-slip-0.6.5-4.21 added
- python3-slip-dbus-0.6.5-4.21 added
- python3-snowballstemmer-1.2.1-3.2.1 added
- python3-soupsieve-1.9.5-1.17 added
- python3-speaklater-1.3-1.23 added
- python3-sphinx_rtd_theme-0.5.1-150000.3.5.1 added
- python3-sphinxcontrib-1.0.1-4.2.1 added
- python3-sphinxcontrib-applehelp-1.0.2-150400.1.6 added
- python3-sphinxcontrib-devhelp-1.0.2-150400.1.7 added
- python3-sphinxcontrib-htmlhelp-2.0.0-150400.1.7 added
- python3-sphinxcontrib-jsmath-1.0.1-150400.1.7 added
- python3-sphinxcontrib-qthelp-1.0.3-150400.1.7 added
- python3-sphinxcontrib-serializinghtml-1.1.5-150400.1.7 added
- python3-sphinxcontrib-websupport-1.0.1-4.2.1 added
- python3-sqlparse-0.4.2-3.3.1 added
- python3-sshtunnel-0.1.5-1.10 added
- python3-targetcli-fb-2.1.54-150500.6.2 added
- python3-tempora-1.8-1.27 added
- python3-testtools-2.3.0-4.27 added
- python3-toml-0.10.2-1.1 added
- python3-traceback2-1.4.0-1.25 added
- python3-unittest2-1.1.0-5.22 added
- python3-urllib3-1.25.10-4.3.1 added
- python3-usb-1.0.2-1.17 added
- python3-waitress-1.4.3-150000.3.6.1 added
- python3-webencodings-0.5.1-150000.3.3.1 added
- python3-websocket-client-0.57.0-6.4.1 added
- python3-websockify-0.8.0-9.3.1 added
- python3-wheel-0.32.3-150100.6.5.1 added
- python3-zc.lockfile-2.0-1.24 added
- python3-zipp-0.6.0-3.3.5 added
- python3-zypp-plugin-0.6.3-150000.4.2.1 added
- rage-encryption-bash-completion-0.9.0+0-150500.1.21 added
- raleway-fonts-3.0-1.22 added
- readline-doc-7.0-150400.25.22 added
- realmd-lang-0.16.3-3.6.1 added
- regexp-1.5-150200.11.4.4 added
- reload4j-1.2.20-150200.5.7.3 added
- rhino-1.7.14-150200.12.4.4 added
- rollback-helper-1.0+git20181218.5394d6e-4.3.1 added
- rpm-config-SUSE-1-150400.14.3.1 added
- ruby-common-2.1-3.15 added
- salt-bash-completion-3005.1-150500.2.13 added
- salt-zsh-completion-3005.1-150500.2.13 added
- sap-installation-start-0.9-1.19 added
- saxon9-9.4.0.7-150200.12.4.3 added
- sazanami-fonts-20040629-1.94 added
- scap-security-guide-0.1.66-150000.1.56.1 added
- scap-security-guide-debian-0.1.66-150000.1.56.1 added
- scap-security-guide-redhat-0.1.66-150000.1.56.1 added
- scap-security-guide-ubuntu-0.1.66-150000.1.56.1 added
- scout-0.2.7+20230124.b4e3468-150500.1.1 added
- scout-command-not-found-0.2.7+20230124.b4e3468-150500.1.1 added
- seccheck-3.0-10.3.1 added
- sed-lang-4.4-11.6 added
- servletapi5-5.0.18-2.39 added
- sgi-bitmap-fonts-1.0-150000.3.3.1 added
- sgml-skel-0.7.1-1.22 added
- shared-mime-info-lang-2.2-150500.1.1 added
- shared-python-startup-0.1-1.5.1 added
- sharutils-lang-4.15.2-2.21 added
- sil-charis-fonts-5.000-1.21 added
- slf4j-1.7.36-150200.3.4.3 added
- ssh-import-id-5.11-150400.1.6 added
- strongswan-doc-5.9.7-150500.3.4 added
- supportutils-3.1.21-150300.7.35.15.1 added
- supportutils-plugin-salt-1.2.2-150000.3.13.1 added
- suse-build-key-12.0-150000.8.31.1 added
- susefirewall2-to-firewalld-0.0.4-3.9.1 added
- syslog-service-2.0-11.2 added
- system-group-hardware-20170617-150400.22.33 added
- system-group-kvm-20170617-150400.22.33 added
- system-group-wheel-20170617-150400.22.33 added
- system-user-bin-20170617-150400.22.33 added
- system-user-daemon-20170617-150400.22.33 added
- system-user-games-20170617-150400.22.33 added
- system-user-lp-20170617-150400.22.33 added
- system-user-mail-20170617-150400.22.33 added
- system-user-man-20170617-150400.22.33 added
- system-user-news-20170617-150400.22.33 added
- system-user-nobody-20170617-150400.22.33 added
- system-user-root-20190513-3.3.1 added
- system-user-tftp-20170617-150400.22.33 added
- system-user-tss-20170617-150400.22.33 added
- system-user-uucp-20170617-150400.22.33 added
- system-user-vscan-2.12.1-150400.1.4 added
- system-user-wwwrun-20170617-150400.22.33 added
- systemd-default-settings-0.7-3.2.1 added
- systemd-default-settings-branding-SLE-0.7-3.2.1 added
- systemd-lang-249.16-150400.8.25.7 added
- systemd-presets-branding-SLE-15.1-150100.20.11.1 added
- systemd-presets-common-SUSE-15-150500.18.1 added
- systemd-rpm-macros-12-150000.7.30.1 added
- sysuser-shadow-3.1-150400.1.35 added
- tar-lang-1.34-150000.3.31.1 added
- targetcli-fb-common-2.1.54-150500.6.2 added
- tcsh-lang-6.20.00-4.15.1 added
- tftpboot-installation-SLE-15-SP5-aarch64-16.58.6-150500.1.6 added
- tftpboot-installation-SLE-15-SP5-ppc64le-16.58.6-150500.1.6 added
- tftpboot-installation-SLE-15-SP5-s390x-16.58.6-150500.1.6 added
- tftpboot-installation-SLE-15-SP5-x86_64-16.58.6-150500.1.6 added
- tftpboot-installation-common-1.1-3.3.1 added
- thai-fonts-0.6.1-2.39 added
- timezone-java-2023c-150000.75.23.1 added
- tpm2-tss-engine-bash-completion-1.1.0-150400.1.6 added
- ucode-amd-20230320-150500.1.1 added
- udisks2-lang-2.9.2-150400.3.3.1 added
- un-fonts-1.0.20080608-1.22 added
- unrar_wrapper-1.0.0-5.3.1 added
- util-linux-lang-2.37.4-150500.7.16 added
- vim-data-9.0.1443-150500.18.1 added
- vim-data-common-9.0.1443-150500.18.1 added
- vulkan-doc-1.2.133-1.25 added
- vulkan-headers-1.2.133-1.27 added
- wallpaper-branding-SLE-15-150400.38.3.1 added
- wireless-regdb-2019.06.03-3.14.1 added
- wol-udev-rules-0.7.1-2.5 added
- wqy-microhei-fonts-0.2.0+snapshot20150915-1.22 added
- wsdl4j-1.6.3-150000.4.8.2 added
- x11-japanese-bitmap-fonts-20020904-1.22 added
- xalan-j2-2.7.2-150200.11.4.3 added
- xbitmaps-1.1.1-1.20 added
- xbitmaps-devel-1.1.1-1.20 added
- xdg-menu-0.2-1.23 added
- xdg-utils-1.1.3+20210805-150500.1.1 added
- xerces-j2-2.12.2-150200.3.7.3 added
- xkeyboard-config-2.23.1-150000.3.12.1 added
- xkeyboard-config-lang-2.23.1-150000.3.12.1 added
- xml-commons-apis-1.4.01-150200.3.4.3 added
- xml-commons-resolver-1.2-150200.3.4.3 added
- xmlcharent-0.3-1.22 added
- xorg-cf-files-1.0.6-3.3.1 added
- xorg-sgml-doctools-1.11-1.22 added
- xorg-x11-7.6_1-1.22 added
- xorg-x11-Xvnc-novnc-1.12.0-150500.2.6 added
- xorg-x11-devel-7.6.1-1.16 added
- xorg-x11-essentials-7.6_1-1.22 added
- xorg-x11-fonts-7.6-13.6.1 added
- xorg-x11-fonts-converted-7.6-13.6.5 added
- xorg-x11-fonts-core-7.6-13.6.1 added
- xorg-x11-fonts-legacy-7.6-13.6.1 added
- xorg-x11-libs-7.6.1-1.16 added
- xorg-x11-util-devel-7.6_1-1.22 added
- xscreensaver-lang-6.03-150400.3.3.1 added
- xtrans-1.3.5-1.20 added
- xz-lang-5.2.3-150000.4.7.1 added
- yast2-add-on-4.5.4-150500.1.1 added
- yast2-apparmor-4.5.0-150500.1.1 added
- yast2-audit-laf-4.5.0-150500.1.1 added
- yast2-auth-client-4.5.4-150500.1.1 added
- yast2-auth-server-4.5.1-150500.1.1 added
- yast2-boot-server-4.5.0-150500.1.1 added
- yast2-buildtools-4.5.5-150500.1.1 added
- yast2-configuration-management-4.5.2-150500.1.1 added
- yast2-devtools-4.5.5-150500.1.1 added
- yast2-dhcp-server-4.5.0-150500.1.1 added
- yast2-dns-server-4.5.0-150500.1.1 added
- yast2-fcoe-client-4.5.1-150500.1.1 added
- yast2-firewall-4.5.0-150500.1.1 added
- yast2-firstboot-4.5.6-150500.1.1 added
- yast2-firstboot-wsl-4.5.6-150500.1.1 added
- yast2-ftp-server-4.5.0-150500.1.1 added
- yast2-http-server-4.5.1-150500.1.1 added
- yast2-installation-4.5.16-150500.1.2 added
- yast2-iscsi-client-4.5.7-150500.1.1 added
- yast2-iscsi-lio-server-4.5.1-150500.1.1 added
- yast2-journal-4.5.3-150500.1.1 added
- yast2-mail-4.5.0-150500.1.1 added
- yast2-migration-4.5.0-150500.1.1 added
- yast2-multipath-4.5.0-150500.1.1 added
- yast2-network-4.5.20-150500.1.1 added
- yast2-nfs-client-4.5.2-150500.1.1 added
- yast2-nfs-common-4.5.0-150500.1.1 added
- yast2-nfs-server-4.5.0-150500.1.1 added
- yast2-nis-server-4.5.0-150500.1.1 added
- yast2-ntp-client-4.5.3-150500.1.2 added
- yast2-online-update-4.5.3-150500.1.1 added
- yast2-online-update-configuration-4.5.1-150500.1.1 added
- yast2-online-update-frontend-4.5.3-150500.1.1 added
- yast2-pam-4.5.0-150500.1.1 added
- yast2-proxy-4.5.0-150500.1.1 added
- yast2-rdp-4.5.0-150500.1.1 added
- yast2-registration-4.5.8-150500.1.1 added
- yast2-samba-client-4.5.3-150500.1.1 added
- yast2-samba-server-4.5.0-150500.1.1 added
- yast2-security-4.5.6-150500.1.1 added
- yast2-services-manager-4.5.1-150500.1.1 added
- yast2-sudo-4.5.0-150500.1.1 added
- yast2-support-4.5.0-150500.1.1 added
- yast2-sysconfig-4.5.0-150500.1.1 added
- yast2-testsuite-4.5.0-150500.1.1 added
- yast2-tftp-server-4.5.0-150500.1.1 added
- yast2-theme-4.5.0-150500.1.1 added
- yast2-trans-af-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-ar-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-bg-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-bn-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-bs-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-ca-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-cs-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-cy-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-da-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-de-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-el-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-en_GB-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-es-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-et-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-fa-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-fi-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-fr-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-gl-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-gu-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-hi-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-hr-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-hu-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-id-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-it-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-ja-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-jv-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-ka-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-km-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-ko-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-lo-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-lt-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-mk-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-mr-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-nb-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-nl-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-pa-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-pl-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-pt-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-pt_BR-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-ro-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-ru-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-si-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-sk-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-sl-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-sr-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-stats-2.19.0-1.28 added
- yast2-trans-sv-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-ta-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-th-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-tr-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-uk-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-vi-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-wa-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-xh-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-zh_CN-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-zh_TW-84.87.20230420.b54e9530-150500.1.1 added
- yast2-trans-zu-84.87.20230420.b54e9530-150500.1.1 added
- yast2-vpn-4.5.1-150500.1.1 added
- yubikey-manager-2.1.0-1.10 added
- zypper-changelog-plugin-0.3-150500.1.1 added
- zypper-lifecycle-plugin-0.6.1601367426.843fe7a-1.60 added
- zypper-log-1.14.59-150400.3.12.2 added
- zypper-needs-restarting-1.14.59-150400.3.12.2 added
- DirectX-Headers-1.606.4-150500.1.1 added
- GeoIP-1.6.12-6.3.1 added
- Mesa-22.3.5-150500.75.2 added
- Mesa-32bit-22.3.5-150500.75.2 added
- Mesa-KHR-devel-22.3.5-150500.75.2 added
- Mesa-devel-22.3.5-150500.75.2 added
- Mesa-dri-22.3.5-150500.75.2 added
- Mesa-dri-32bit-22.3.5-150500.75.2 added
- Mesa-dri-devel-22.3.5-150500.75.2 added
- Mesa-gallium-22.3.5-150500.75.2 added
- Mesa-gallium-32bit-22.3.5-150500.75.2 added
- Mesa-libEGL-devel-22.3.5-150500.75.2 added
- Mesa-libEGL1-22.3.5-150500.75.2 added
- Mesa-libEGL1-32bit-22.3.5-150500.75.2 added
- Mesa-libGL-devel-22.3.5-150500.75.2 added
- Mesa-libGL1-22.3.5-150500.75.2 added
- Mesa-libGL1-32bit-22.3.5-150500.75.2 added
- Mesa-libGLESv1_CM-devel-22.3.5-150500.75.2 added
- Mesa-libGLESv2-devel-22.3.5-150500.75.2 added
- Mesa-libGLESv3-devel-22.3.5-150500.75.2 added
- Mesa-libVulkan-devel-21.2.4-150400.68.12.1 added
- Mesa-libd3d-22.3.5-150500.75.2 added
- Mesa-libd3d-devel-22.3.5-150500.75.2 added
- Mesa-libglapi-devel-22.3.5-150500.75.2 added
- Mesa-libglapi0-22.3.5-150500.75.2 added
- Mesa-libglapi0-32bit-22.3.5-150500.75.2 added
- Mesa-libva-22.3.5-150500.75.2 added
- Mesa-vulkan-device-select-22.3.5-150500.75.2 added
- Mesa-vulkan-overlay-22.3.5-150500.75.2 added
- OpenIPMI-2.0.31-150400.3.2.1 added
- OpenIPMI-devel-2.0.31-150400.3.2.1 added
- aaa_base-84.87+git20180409.04c9dae-150300.10.3.1 added
- aaa_base-extras-84.87+git20180409.04c9dae-150300.10.3.1 added
- acct-6.6.4-4.3.1 added
- acl-2.2.52-4.3.1 added
- acpica-20220331-150500.1.3 added
- adcli-0.8.2-150400.17.3.1 added
- adcli-doc-0.8.2-150400.17.3.1 added
- adjtimex-1.29-1.26 added
- aide-0.16-24.1 added
- alsa-1.2.8-150500.1.1 added
- alsa-devel-1.2.8-150500.1.1 added
- alsa-plugins-1.2.7.1-150500.1.1 added
- alsa-plugins-32bit-1.1.5-3.3.1 added
- alsa-plugins-speexrate-1.2.7.1-150500.1.1 added
- alsa-plugins-upmix-1.2.7.1-150500.1.1 added
- alsa-utils-1.2.8-150500.1.2 added
- amavisd-milter-1.7.2-150400.9.3.1 added
- apache2-2.4.51-150400.6.11.1 added
- apache2-prefork-2.4.51-150400.6.11.1 added
- apache2-utils-2.4.51-150400.6.11.1 added
- apparmor-parser-3.0.4-150500.9.3 added
- appres-1.0.4-1.22 added
- apr-devel-1.6.3-3.3.8 added
- apr-util-devel-1.6.1-150300.18.5.1 added
- arptables-0.0.4-8.39 added
- arpwatch-2.1a15-5.12.1 added
- aspell-0.60.8-3.3.1 added
- aspell-devel-0.60.8-3.3.1 added
- at-spi2-atk-devel-2.38.0-150400.1.9 added
- at-spi2-core-2.42.0-150400.2.7 added
- at-spi2-core-devel-2.42.0-150400.2.7 added
- atk-devel-2.36.0-150400.2.9 added
- attr-2.4.47-2.19 added
- audit-3.0.6-150400.4.6.1 added
- audit-audispd-plugins-3.0.6-150400.4.6.1 added
- audit-devel-3.0.6-150400.2.13 added
- augeas-1.12.0-150400.3.3.6 added
- augeas-devel-1.12.0-150400.3.3.6 added
- augeas-lenses-1.12.0-150400.3.3.6 added
- autocutsel-0.10.0-1.17 added
- autofs-5.1.3-150000.7.14.1 added
- avahi-0.8-150400.7.3.1 added
- avahi-compat-howl-devel-0.8-150400.7.3.1 added
- avahi-compat-mDNSResponder-devel-0.8-150400.7.3.1 added
- avahi-utils-0.8-150400.7.3.1 added
- babeltrace-1.5.8-1.30 added
- babeltrace-devel-1.5.8-1.30 added
- barrel-0.1.7-150500.1.4 added
- bash-4.4-150400.25.22 added
- bash-devel-4.4-150400.25.22 added
- bash-sh-4.4-150400.25.22 added
- bc-1.07.1-11.37 added
- bcache-tools-1.1-150400.8.3.1 added
- bdftopcf-1.1-1.16 added
- bind-devel-9.16.6-150300.22.27.1 added
- bind-utils-9.16.38-150400.5.20.2 added
- bing-1.0.5-3.3 added
- binutils-2.39-150100.7.40.1 added
- binutils-devel-2.39-150100.7.40.1 added
- biosdevname-0.7.3-5.3.1 added
- bison-3.0.4-3.3.1 added
- blas-devel-3.9.0-150000.4.13.2 added
- blog-2.26-150300.4.3.1 added
- blog-devel-2.26-150300.4.3.1 added
- blog-plymouth-2.26-150300.4.3.1 added
- bluez-5.65-150500.1.3 added
- bolt-0.9.1-150400.1.11 added
- bolt-tools-0.9.1-150400.1.11 added
- breezy-3.2.1-150400.1.6 added
- brlapi-devel-6.4-150400.2.9 added
- btrfsprogs-5.14-150500.8.23 added
- bubblewrap-0.7.0-150500.1.1 added
- bubblewrap-zsh-completion-0.7.0-150500.1.1 added
- busybox-1.35.0-150500.8.2 added
- busybox-static-1.35.0-150500.8.2 added
- bzip2-1.0.8-150400.1.122 added
- c-ares-devel-1.19.0-150000.3.20.1 added
- cairo-devel-1.16.0-150400.9.6 added
- canutils-2020.11.0-1.26 added
- celt051-devel-0.5.1.3-1.28 added
- ceph-common-16.2.11.58+g38d6afd3b78-150400.3.6.1 added
- certmonger-0.79.13-150400.3.3.1 added
- checkmedia-6.1-150400.1.5 added
- checkpolicy-3.1-150400.1.5 added
- chrony-4.1-150400.19.4 added
- cifs-utils-6.15-150400.3.9.1 added
- cifs-utils-devel-6.15-150400.3.9.1 added
- ckermit-9.0.302-150000.3.3.1 added
- clamav-0.103.8-150000.3.44.1 added
- clamav-devel-0.103.8-150000.3.44.1 added
- clang7-7.0.1-150100.3.22.2 added
- clang7-devel-7.0.1-150100.3.22.2 added
- clucene-core-devel-2.3.3.4-1.31 added
- cmake-3.20.4-150400.2.5 added
- cmake-full-3.20.4-150400.2.13 added
- collectd-5.12.0-150400.3.2.1 added
- collectd-plugin-buddyinfo-5.12.0-150400.3.2.1 added
- collectd-plugin-connectivity-5.12.0-150400.3.2.1 added
- collectd-plugin-dbi-5.12.0-150400.3.2.1 added
- collectd-plugin-ipmi-5.12.0-150400.3.2.1 added
- collectd-plugin-java-5.12.0-150400.3.2.1 added
- collectd-plugin-logparser-5.12.0-150400.3.2.1 added
- collectd-plugin-lua-5.12.0-150400.3.2.1 added
- collectd-plugin-mcelog-5.12.0-150400.3.2.1 added
- collectd-plugin-memcachec-5.12.0-150400.3.2.1 added
- collectd-plugin-mysql-5.12.0-150400.3.2.1 added
- collectd-plugin-notify-desktop-5.12.0-150400.3.2.1 added
- collectd-plugin-nut-5.12.0-150400.3.2.1 added
- collectd-plugin-openldap-5.12.0-150400.3.2.1 added
- collectd-plugin-ovs-5.12.0-150400.3.2.1 added
- collectd-plugin-pcie-5.12.0-150400.3.2.1 added
- collectd-plugin-pinba-5.12.0-150400.3.2.1 added
- collectd-plugin-postgresql-5.12.0-150400.3.2.1 added
- collectd-plugin-procevent-5.12.0-150400.3.2.1 added
- collectd-plugin-python3-5.12.0-150400.3.2.1 added
- collectd-plugin-smart-5.12.0-150400.3.2.1 added
- collectd-plugin-snmp-5.12.0-150400.3.2.1 added
- collectd-plugin-synproxy-5.12.0-150400.3.2.1 added
- collectd-plugin-sysevent-5.12.0-150400.3.2.1 added
- collectd-plugin-ubi-5.12.0-150400.3.2.1 added
- collectd-plugin-uptime-5.12.0-150400.3.2.1 added
- collectd-plugin-virt-5.12.0-150400.3.2.1 added
- collectd-plugin-write_influxdb_udp-5.12.0-150400.3.2.1 added
- collectd-plugin-write_stackdriver-5.12.0-150400.3.2.1 added
- collectd-plugin-write_syslog-5.12.0-150400.3.2.1 added
- collectd-plugins-all-5.12.0-150400.3.2.1 added
- collectd-spamassassin-5.12.0-150400.3.2.1 added
- collectd-web-5.12.0-150400.3.2.1 added
- collectd-web-js-5.12.0-150400.3.2.1 added
- compat-libpthread-nonshared-0-150300.3.6.1 added
- compat-libpthread-nonshared-32bit-0-150300.3.6.1 added
- compositeproto-devel-0.4.2-1.22 added
- conntrack-tools-1.4.5-1.46 added
- conntrackd-1.4.5-1.46 added
- coreutils-8.32-150400.7.5 added
- cosign-1.12.0-150400.3.6.1 added
- cpio-2.13-150400.1.98 added
- cpio-mt-2.13-150400.1.98 added
- cpp-7-3.9.1 added
- cpp7-7.5.0+r278197-4.30.1 added
- cpuid-20221201-150300.3.4.1 added
- cpupower-5.14-150500.7.2 added
- cpupower-devel-5.14-150500.7.2 added
- cracklib-2.9.7-11.6.1 added
- cracklib-devel-2.9.7-11.6.1 added
- cracklib-dict-full-2.8.12-1.22 added
- cracklib-dict-small-2.9.7-11.6.1 added
- crda-3.18-1.34 added
- createrepo_c-0.16.0-3.3.1 added
- cron-4.2-150400.84.3.1 added
- cronie-1.5.7-150400.84.3.1 added
- cryptctl-2.4-4.5.1 added
- cryptsetup-2.4.3-150400.1.110 added
- cryptsetup-ssh-2.4.3-150400.1.110 added
- cups-2.2.7-150000.3.40.1 added
- cups-client-2.2.7-150000.3.40.1 added
- cups-config-2.2.7-150000.3.40.1 added
- cups-devel-2.2.7-150000.3.40.1 added
- cups-filters-1.25.0-3.3.1 added
- cups-filters-devel-1.25.0-3.3.1 added
- curl-8.0.1-150400.5.23.1 added
- cyrus-sasl-2.1.28-150500.1.1 added
- cyrus-sasl-32bit-2.1.28-150500.1.1 added
- cyrus-sasl-crammd5-2.1.28-150500.1.1 added
- cyrus-sasl-crammd5-32bit-2.1.28-150500.1.1 added
- cyrus-sasl-devel-2.1.28-150500.1.1 added
- cyrus-sasl-digestmd5-2.1.28-150500.1.1 added
- cyrus-sasl-digestmd5-32bit-2.1.28-150500.1.1 added
- cyrus-sasl-gssapi-2.1.28-150500.1.1 added
- cyrus-sasl-gssapi-32bit-2.1.28-150500.1.1 added
- cyrus-sasl-otp-2.1.28-150500.1.1 added
- cyrus-sasl-plain-2.1.28-150500.1.1 added
- cyrus-sasl-plain-32bit-2.1.28-150500.1.1 added
- cyrus-sasl-saslauthd-2.1.28-150500.1.2 added
- damageproto-devel-1.2.1-1.22 added
- db48-utils-4.8.30-150000.7.6.1 added
- dbus-1-1.12.2-150400.18.5.1 added
- dbus-1-devel-1.12.2-150400.18.5.1 added
- dbus-1-glib-0.108-1.29 added
- dbus-1-glib-32bit-0.108-1.29 added
- dbus-1-glib-devel-0.108-1.29 added
- dbus-1-glib-tool-0.108-1.29 added
- dbus-1-x11-1.12.2-150400.18.5.1 added
- dbxtool-8-1.3.1 added
- dconf-0.40.0-150400.3.3.2 added
- dd_rescue-1.99.8-1.2 added
- dd_rescue-crypt-1.99.8-1.2 added
- dd_rescue-lzo-1.99.8-1.2 added
- debuginfod-client-0.185-150400.5.3.1 added
- deltarpm-3.6.1-3.19 added
- desktop-file-utils-0.26-150400.1.7 added
- device-mapper-2.03.16_1.02.185-150500.5.3 added
- device-mapper-devel-2.03.16_1.02.185-150500.5.3 added
- dhcp-4.3.6.P1-150000.6.17.1 added
- dhcp-client-4.3.6.P1-150000.6.17.1 added
- dhcp-devel-4.3.6.P1-150000.6.17.1 added
- dialog-1.3-3.3.7 added
- dialog-devel-1.3-3.3.7 added
- diffutils-3.6-4.3.1 added
- dirmngr-2.2.27-150300.3.5.1 added
- dmidecode-3.4-150400.16.8.1 added
- dmxproto-devel-2.3.1-1.22 added
- dnsmasq-2.86-150400.14.3 added
- dos2unix-7.4.0-1.19 added
- dosfstools-4.1-3.6.1 added
- double-conversion-devel-3.1.5-3.2.1 added
- dracut-055+suse.360.g076f1113-150500.1.4 added
- dracut-fips-055+suse.360.g076f1113-150500.1.4 added
- dracut-ima-055+suse.360.g076f1113-150500.1.4 added
- dracut-mkinitrd-deprecated-055+suse.360.g076f1113-150500.1.4 added
- dump-rmt-0.4b47-150400.1.10 added
- duperemove-0.11.3-3.3.1 added
- dwarves-1.22-150400.2.10 added
- e2fsprogs-1.46.4-150400.3.3.1 added
- e2fsprogs-devel-1.46.4-150400.3.3.1 added
- ebtables-2.0.11-1.1 added
- ecryptfs-utils-111-2.31 added
- ecryptfs-utils-devel-111-2.31 added
- ed-1.17-150400.1.5 added
- efibootmgr-17-150400.1.5 added
- efivar-37-6.12.1 added
- efivar-devel-37-6.12.1 added
- elfutils-0.185-150400.5.3.1 added
- elfutils-debuginfod-0.185-150400.5.3.1 added
- emacs-27.2-150400.3.6.1 added
- emacs-nox-27.2-150400.3.6.1 added
- enchant-1-backends-1.6.1-1.57 added
- enchant-2-backend-hunspell-2.2.15-150400.1.9 added
- enchant-data-2.2.15-150400.1.9 added
- enchant-devel-2.2.15-150400.1.9 added
- enscript-1.6.6-1.17 added
- etags-27.2-150400.3.6.1 added
- ethtool-5.14-150400.1.6 added
- evieproto-devel-1.1.1-1.22 added
- evmctl-1.4-150400.1.5 added
- exfatprogs-1.0.4-150300.3.6.1 added
- expat-2.4.4-150400.3.12.1 added
- expect-5.45.4-3.3.1 added
- expect-devel-5.45.4-3.3.1 added
- fbiterm-0.5.20040304-150000.5.6.1 added
- fcoe-utils-1.0.34-12.3.1 added
- fd0ssh-20170430-1.27 added
- fdupes-2.1.2-150400.1.86 added
- fetchmail-6.4.22-20.26.1 added
- fftw3-devel-3.3.9-1.6 added
- file-5.32-7.14.1 added
- file-devel-5.32-7.14.1 added
- filesystem-15.0-11.8.1 added
- fillup-1.42-2.18 added
- findutils-4.8.0-1.20 added
- fio-3.23-4.5.1 added
- fipscheck-1.4.1-3.3.1 added
- fipscheck-devel-1.4.1-3.3.1 added
- fixesproto-devel-6.0-150400.1.4 added
- flac-devel-1.3.2-150000.3.11.1 added
- flex-2.6.4-3.157 added
- font-util-1.3.1-1.22 added
- fontcacheproto-devel-0.1.3-1.22 added
- fontconfig-2.13.1-150400.1.4 added
- fontconfig-devel-2.13.1-150400.1.4 added
- fontsproto-devel-2.1.3-1.22 added
- fping-4.0-4.3.2 added
- freeipmi-1.6.8-150400.1.11 added
- freeipmi-devel-1.6.8-150400.1.11 added
- freeipmi-ipmiseld-1.6.8-150400.1.11 added
- freetype2-devel-2.10.4-150000.4.12.1 added
- fribidi-1.0.10-150400.3.3.1 added
- fribidi-devel-1.0.10-150400.3.3.1 added
- fstrm-devel-0.3.2-1.16 added
- fuse-2.9.7-3.3.1 added
- fuse-devel-2.9.7-3.3.1 added
- fuse-doc-2.9.7-3.3.1 added
- fuse3-3.10.5-150400.1.7 added
- fuse3-devel-3.10.5-150400.1.7 added
- fwupdate-12-150100.11.10.1 added
- fwupdate-devel-12-150100.11.10.1 added
- fwupdate-efi-12-150100.11.10.1 added
- g3utils-1.1.37-3.11.2 added
- gamin-devel-0.1.10-150400.12.4 added
- gamin-server-0.1.10-150400.12.5 added
- gawk-4.2.1-1.41 added
- gc-devel-7.6.4-1.16 added
- gcc-7-3.9.1 added
- gcc-c++-7-3.9.1 added
- gcc-fortran-7-3.9.1 added
- gcc7-7.5.0+r278197-4.30.1 added
- gcc7-c++-7.5.0+r278197-4.30.1 added
- gcc7-fortran-7.5.0+r278197-4.30.1 added
- gconf2-3.2.6-9.26 added
- gd-devel-2.2.5-11.3.1 added
- gdbm-devel-1.12-1.418 added
- gdk-pixbuf-devel-2.42.9-150400.5.6.1 added
- gdk-pixbuf-loader-rsvg-2.52.9-150400.3.3.1 added
- gdk-pixbuf-query-loaders-2.42.9-150400.5.6.1 added
- gdk-pixbuf-query-loaders-32bit-2.42.9-150400.5.6.1 added
- gdk-pixbuf-thumbnailer-2.42.9-150400.5.6.1 added
- gdk-pixbuf-xlib-devel-2.40.2-150400.1.7 added
- geoipupdate-4.2.2-1.8.1 added
- geoipupdate-legacy-4.2.2-1.8.1 added
- gettext-its-gtk4-4.6.0-150400.3.3.1 added
- gettext-runtime-0.20.2-1.43 added
- gettext-runtime-32bit-0.20.2-1.43 added
- gettext-tools-0.20.2-1.43 added
- ghostscript-9.52-150000.164.1 added
- ghostscript-devel-9.52-150000.164.1 added
- ghostscript-x11-9.52-150000.164.1 added
- giflib-devel-5.2.1-150000.4.8.1 added
- girepository-1_0-1.70.0-150400.2.10 added
- git-core-2.35.3-150300.10.27.1 added
- glib-networking-2.70.1-150400.1.6 added
- glib2-devel-2.70.5-150400.3.8.1 added
- glib2-tools-2.70.5-150400.3.8.1 added
- glibc-2.31-150300.46.1 added
- glibc-32bit-2.31-150300.46.1 added
- glibc-devel-2.31-150300.46.1 added
- glibc-extra-2.31-150300.46.1 added
- glibc-locale-2.31-150300.46.1 added
- glibc-locale-base-2.31-150300.46.1 added
- glibc-locale-base-32bit-2.31-150300.46.1 added
- glibc-profile-2.31-150300.46.1 added
- glibmm2_4-devel-2.66.2-150400.1.12 added
- gmmlib-devel-22.3.1-150500.1.1 added
- gmp-devel-6.1.2-4.9.1 added
- gnutls-3.7.3-150400.4.35.1 added
- gobject-introspection-1.70.0-150400.2.10 added
- gobject-introspection-devel-1.70.0-150400.2.10 added
- golang-github-prometheus-node_exporter-1.5.0-150100.3.23.2 added
- gpart-0.3-1.30 added
- gpg2-2.2.27-150300.3.5.1 added
- gpgme-1.16.0-150400.1.80 added
- gpm-1.20.7-7.3.1 added
- gpm-devel-1.20.7-7.3.1 added
- gptfdisk-1.0.8-150400.1.7 added
- graphite2-devel-1.3.11-150000.4.3.1 added
- graphviz-2.48.0-150400.1.165 added
- graphviz-devel-2.48.0-150400.1.165 added
- graphviz-plugins-core-2.48.0-150400.1.165 added
- grep-3.1-150000.4.6.1 added
- groff-1.22.4-150400.3.4 added
- groff-full-1.22.4-150400.3.41 added
- grub2-2.06-150500.27.4 added
- gsettings-backend-dconf-0.40.0-150400.3.3.2 added
- gsettings-desktop-schemas-41.0-150400.1.8 added
- gsettings-desktop-schemas-devel-41.0-150400.1.8 added
- gssproxy-0.8.2-3.9.1 added
- gstreamer-1.22.0-150500.1.1 added
- gstreamer-devel-1.22.0-150500.1.1 added
- gstreamer-plugins-base-1.22.0-150500.1.2 added
- gstreamer-plugins-base-devel-1.22.0-150500.1.2 added
- gstreamer-plugins-good-1.22.0-150500.2.1 added
- gstreamer-utils-1.22.0-150500.1.1 added
- gtk-doc-1.32-1.24 added
- gtk-doc-manual-1.32-1.23 added
- gtk2-devel-2.24.33-150400.2.11 added
- gtk2-theming-engine-adwaita-3.22.3-4.3.1 added
- gtk2-tools-2.24.33-150400.2.11 added
- gtk3-devel-3.24.34-150400.3.3.1 added
- gtk3-tools-3.24.34-150400.3.3.1 added
- gxditview-1.22.4-150400.3.41 added
- gzip-1.10-150200.10.1 added
- harfbuzz-devel-3.4.0-150400.3.6.1 added
- haveged-1.9.14-150400.3.3.1 added
- haveged-devel-1.9.14-150400.3.3.1 added
- hdparm-9.62-150400.1.7 added
- hfsutils-3.2.6-2.20 added
- hivex-devel-1.3.21-150400.2.10 added
- hmaccalc-0.9.14-3.3.1 added
- hostname-3.16-2.22 added
- hplip-devel-3.21.10-150400.3.5.1 added
- hplip-hpijs-3.21.10-150400.3.5.1 added
- hplip-sane-3.21.10-150400.3.5.1 added
- hunspell-1.6.2-150000.3.11.1 added
- hunspell-devel-1.6.2-150000.3.11.1 added
- hunspell-tools-1.6.2-150000.3.11.1 added
- hwinfo-21.84-150500.1.1 added
- hwinfo-devel-21.84-150500.1.1 added
- hyper-v-8-150200.14.8.1 added
- iceauth-1.0.7-1.23 added
- icewm-1.4.2-150000.7.15.1 added
- icewm-default-1.4.2-150000.7.15.1 added
- icewm-lite-1.4.2-150000.7.15.1 added
- icmpinfo-1.11-1.26 added
- icu.691-devel-69.1-7.3.2 added
- iftop-0.99.4-1.33 added
- imake-1.0.7-1.26 added
- infiniband-diags-42.0-150500.1.3 added
- info-6.5-4.17 added
- initviocons-0.5-1.27 added
- inotify-tools-3.21.9.6-150400.1.4 added
- inotify-tools-devel-3.21.9.6-150400.1.4 added
- inputproto-devel-2.4-150500.1.1 added
- intel-media-driver-22.6.1-150500.2.1 added
- ipmitool-1.8.18.238.gb7adc1d-150400.1.14 added
- iproute2-5.14-150400.1.8 added
- iproute2-arpd-5.14-150400.1.8 added
- iproute2-bash-completion-5.14-150400.1.8 added
- ipsec-tools-0.8.2-5.35 added
- ipset-7.15-150400.12.3.2 added
- ipset-devel-7.15-150400.12.3.2 added
- iptables-1.8.7-1.1 added
- iputils-20221126-150500.1.1 added
- ipvsadm-1.29-4.3.1 added
- irqbalance-1.9.2-150500.1.3 added
- iscsiuio-0.7.8.6-150500.44.1 added
- isl-devel-0.18-1.443 added
- iw-4.9-1.17 added
- java-11-openjdk-11.0.19.0-150000.3.96.1 added
- java-11-openjdk-demo-11.0.19.0-150000.3.96.1 added
- java-11-openjdk-devel-11.0.19.0-150000.3.96.1 added
- java-11-openjdk-headless-11.0.19.0-150000.3.96.1 added
- java-17-openjdk-17.0.7.0-150400.3.18.2 added
- java-17-openjdk-demo-17.0.7.0-150400.3.18.2 added
- java-17-openjdk-devel-17.0.7.0-150400.3.18.2 added
- java-17-openjdk-headless-17.0.7.0-150400.3.18.2 added
- javapackages-filesystem-5.3.1-150200.3.4.4 added
- javapackages-tools-5.3.1-150200.3.4.4 added
- jemalloc-devel-5.0.1-1.25 added
- jemalloc-devel-static-5.0.1-1.25 added
- jfsutils-1.1.15-1.27 added
- jitterentropy-devel-3.4.0-150000.1.9.1 added
- jitterentropy-devel-32bit-3.4.0-150000.1.9.1 added
- jitterentropy-devel-static-3.4.0-150000.1.9.1 added
- jq-1.6-3.3.1 added
- json-glib-devel-1.6.6-150400.1.11 added
- kbd-2.4.0-150400.5.3.1 added
- kbproto-devel-1.0.7-1.23 added
- kdump-1.0.2+git42.ge1e25ed-150500.1.2 added
- kdumpid-1.3-150400.1.4 added
- kernel-default-5.14.21-150500.53.2 added
- kernel-default-base-5.14.21-150500.53.2.150500.4.7 added
- kernel-default-devel-5.14.21-150500.53.2 added
- kernel-firmware-nvidia-gsp-G06-525.116.04-150500.1.1 added
- kexec-tools-2.0.20-150500.18.3 added
- keyutils-1.6.3-5.6.1 added
- keyutils-devel-1.6.3-5.6.1 added
- kmod-29-4.15.1 added
- kmscon-8.1~1536176839-1.38 added
- kpartx-0.9.4+71+suse.c648a77-150500.1.2 added
- krb5-1.20.1-150500.1.2 added
- krb5-32bit-1.20.1-150500.1.2 added
- krb5-client-1.20.1-150500.1.2 added
- krb5-devel-1.20.1-150500.1.2 added
- krb5-plugin-preauth-otp-1.20.1-150500.1.2 added
- krb5-plugin-preauth-pkinit-1.20.1-150500.1.2 added
- lapack-devel-3.9.0-150000.4.13.2 added
- ldb-tools-2.6.2-150500.1.1 added
- ldns-devel-1.7.0-150000.4.8.1 added
- ledmon-0.96-150500.3.2 added
- less-590-150400.3.3.1 added
- lftp-4.9.2-150400.1.8 added
- libFLAC++6-1.3.2-150000.3.11.1 added
- libFLAC8-1.3.2-150000.3.11.1 added
- libFS-devel-1.0.7-1.22 added
- libFS6-1.0.7-1.22 added
- libGLU1-9.0.0-8.45 added
- libGeoIP1-1.6.12-6.3.1 added
- libHBAAPI2-2.2.10-1.19 added
- libHX-devel-3.22-1.26 added
- libHX28-3.22-1.26 added
- libHX28-32bit-3.22-1.26 added
- libICE-devel-1.0.9-1.25 added
- libICE6-1.0.9-1.25 added
- libLLVM15-15.0.7-150500.2.11 added
- libLLVM15-32bit-15.0.7-150500.2.11 added
- libLLVM7-32bit-7.0.1-150100.3.22.2 added
- libLLVM7-7.0.1-150100.3.22.2 added
- libLLVM9-9.0.1-150200.3.6.1 added
- libLTO7-7.0.1-150100.3.22.2 added
- libOSMesa-devel-22.3.5-150500.75.2 added
- libOSMesa8-22.3.5-150500.75.2 added
- libOpenIPMI0-2.0.31-150400.3.2.1 added
- libQt5Concurrent-devel-5.15.8+kde185-150500.2.1 added
- libQt5Concurrent5-5.15.8+kde185-150500.2.1 added
- libQt5Core-devel-5.15.8+kde185-150500.2.1 added
- libQt5Core5-5.15.8+kde185-150500.2.1 added
- libQt5DBus-devel-5.15.8+kde185-150500.2.1 added
- libQt5DBus5-5.15.8+kde185-150500.2.1 added
- libQt5Gui-devel-5.15.8+kde185-150500.2.1 added
- libQt5Gui5-5.15.8+kde185-150500.2.1 added
- libQt5KmsSupport-devel-static-5.15.8+kde185-150500.2.1 added
- libQt5Network-devel-5.15.8+kde185-150500.2.1 added
- libQt5Network5-5.15.8+kde185-150500.2.1 added
- libQt5OpenGL-devel-5.15.8+kde185-150500.2.1 added
- libQt5OpenGL5-5.15.8+kde185-150500.2.1 added
- libQt5PlatformHeaders-devel-5.15.8+kde185-150500.2.1 added
- libQt5PlatformSupport-devel-static-5.15.8+kde185-150500.2.1 added
- libQt5PrintSupport-devel-5.15.8+kde185-150500.2.1 added
- libQt5PrintSupport5-5.15.8+kde185-150500.2.1 added
- libQt5SerialPort5-5.15.8+kde0-150500.1.4 added
- libQt5Sql-devel-5.15.8+kde185-150500.2.1 added
- libQt5Sql5-5.15.8+kde185-150500.2.1 added
- libQt5Sql5-sqlite-5.15.8+kde185-150500.2.1 added
- libQt5Svg5-5.15.8+kde8-150500.1.4 added
- libQt5Test-devel-5.15.8+kde185-150500.2.1 added
- libQt5Test5-5.15.8+kde185-150500.2.1 added
- libQt5WebChannel5-5.15.8+kde3-150500.1.2 added
- libQt5WebSockets5-5.15.8+kde3-150500.1.4 added
- libQt5Widgets-devel-5.15.8+kde185-150500.2.1 added
- libQt5Widgets5-5.15.8+kde185-150500.2.1 added
- libQt5X11Extras5-5.15.8+kde0-150500.1.4 added
- libQt5Xml-devel-5.15.8+kde185-150500.2.1 added
- libQt5Xml5-5.15.8+kde185-150500.2.1 added
- libQt5XmlPatterns5-5.15.8+kde0-150500.1.4 added
- libQtQuick5-5.15.8+kde22-150500.1.2 added
- libSM-devel-1.2.2-1.23 added
- libSM6-1.2.2-1.23 added
- libSPIRV-Tools-suse15-2020.1~git24-1.26 added
- libWPEBackend-fdo-1_0-1-1.12.0-150400.1.8 added
- libX11-6-1.6.5-150000.3.27.1 added
- libX11-6-32bit-1.6.5-150000.3.27.1 added
- libX11-devel-1.6.5-150000.3.27.1 added
- libX11-xcb1-1.6.5-150000.3.27.1 added
- libX11-xcb1-32bit-1.6.5-150000.3.27.1 added
- libXRes1-1.2.0-1.18 added
- libXTrap-devel-1.0.1-1.23 added
- libXTrap6-1.0.1-1.23 added
- libXau-devel-1.0.8-1.26 added
- libXau6-1.0.8-1.26 added
- libXau6-32bit-1.0.8-1.26 added
- libXaw-devel-1.0.13-3.3.8 added
- libXaw3d8-1.6.2-1.28 added
- libXaw6-1.0.13-3.3.8 added
- libXaw7-1.0.13-3.3.8 added
- libXaw8-1.0.13-3.3.8 added
- libXcomposite-devel-0.4.4-1.23 added
- libXcomposite1-0.4.4-1.23 added
- libXcursor-devel-1.1.15-1.18 added
- libXcursor1-1.1.15-1.18 added
- libXdamage-devel-1.1.4-1.23 added
- libXdamage1-1.1.4-1.23 added
- libXdmcp-devel-1.1.2-1.23 added
- libXdmcp6-1.1.2-1.23 added
- libXevie-devel-1.0.3-1.23 added
- libXevie1-1.0.3-1.23 added
- libXext-devel-1.3.3-1.30 added
- libXext6-1.3.3-1.30 added
- libXext6-32bit-1.3.3-1.30 added
- libXfixes-devel-6.0.0-150400.1.4 added
- libXfixes3-32bit-6.0.0-150400.1.4 added
- libXfixes3-6.0.0-150400.1.4 added
- libXfont-devel-1.5.4-1.17 added
- libXfont1-1.5.4-1.17 added
- libXfont2-2-2.0.3-1.17 added
- libXfont2-devel-2.0.3-1.17 added
- libXfontcache-devel-1.0.5-1.22 added
- libXfontcache1-1.0.5-1.22 added
- libXft-devel-2.3.2-1.33 added
- libXft2-2.3.2-1.33 added
- libXft2-32bit-2.3.2-1.33 added
- libXi-devel-1.7.9-3.2.1 added
- libXi6-1.7.9-3.2.1 added
- libXi6-32bit-1.7.9-3.2.1 added
- libXinerama-devel-1.1.3-1.22 added
- libXinerama1-1.1.3-1.22 added
- libXmu-devel-1.1.2-1.30 added
- libXmu6-1.1.2-1.30 added
- libXmuu1-1.1.2-1.30 added
- libXp-devel-1.0.3-1.24 added
- libXp6-1.0.3-1.24 added
- libXpm-devel-3.5.12-150000.3.7.2 added
- libXpm4-3.5.12-150000.3.7.2 added
- libXprintAppUtil-devel-1.0.1-1.22 added
- libXprintAppUtil1-1.0.1-1.22 added
- libXprintUtil-devel-1.0.1-1.24 added
- libXprintUtil1-1.0.1-1.24 added
- libXrandr-devel-1.5.1-2.17 added
- libXrandr2-1.5.1-2.17 added
- libXrender-devel-0.9.10-1.30 added
- libXrender1-0.9.10-1.30 added
- libXrender1-32bit-0.9.10-1.30 added
- libXres-devel-1.2.0-1.18 added
- libXss-devel-1.2.2-3.4 added
- libXss1-1.2.2-3.4 added
- libXss1-32bit-1.2.2-3.4 added
- libXt-devel-1.1.5-2.24 added
- libXt6-1.1.5-2.24 added
- libXtst-devel-1.2.3-1.24 added
- libXtst6-1.2.3-1.24 added
- libXtst6-32bit-1.2.3-1.24 added
- libXv-devel-1.0.11-1.23 added
- libXv1-1.0.11-1.23 added
- libXvMC-devel-1.0.10-1.23 added
- libXvMC1-1.0.10-1.23 added
- libXvnc1-1.12.0-150500.2.6 added
- libXxf86dga-devel-1.1.4-1.24 added
- libXxf86dga1-1.1.4-1.24 added
- libXxf86misc-devel-1.0.3-1.23 added
- libXxf86misc1-1.0.3-1.23 added
- libXxf86vm-devel-1.1.4-1.23 added
- libXxf86vm1-1.1.4-1.23 added
- libXxf86vm1-32bit-1.1.4-1.23 added
- libacl-devel-2.2.52-4.3.1 added
- libacl1-2.2.52-4.3.1 added
- libacl1-32bit-2.2.52-4.3.1 added
- libaddrxlat-devel-0.4.1-150400.1.4 added
- libaddrxlat2-0.4.1-150400.1.4 added
- libaio-devel-0.3.109-1.25 added
- libaio1-0.3.109-1.25 added
- libao-devel-1.2.0-1.48 added
- libao-plugins4-1.2.0-1.48 added
- libao4-1.2.0-1.48 added
- libaom3-3.2.0-150400.1.8 added
- libapparmor-devel-3.0.4-150500.9.1 added
- libapparmor1-3.0.4-150500.9.1 added
- libapparmor1-32bit-3.0.4-150500.9.1 added
- libappindicator3-1-12.10.1+bzr20170215-150200.3.3.1 added
- libapr-util1-1.6.1-150300.18.5.1 added
- libapr1-1.6.3-3.3.8 added
- libarchive-devel-3.5.1-150400.3.12.1 added
- libarchive13-3.5.1-150400.3.12.1 added
- libargon2-1-0.0+git20171227.670229c-2.14 added
- libargon2-1-32bit-0.0+git20171227.670229c-2.14 added
- libasan4-7.5.0+r278197-4.30.1 added
- libasan8-12.2.1+git416-150000.1.7.1 added
- libasan8-32bit-12.2.1+git416-150000.1.7.1 added
- libasm-devel-0.185-150400.5.3.1 added
- libasm1-0.185-150400.5.3.1 added
- libasound2-1.2.8-150500.1.1 added
- libasound2-32bit-1.2.8-150500.1.1 added
- libaspell15-0.60.8-3.3.1 added
- libassuan-devel-2.5.5-150000.4.3.1 added
- libassuan0-2.5.5-150000.4.3.1 added
- libatasmart-devel-0.19-2.35 added
- libatasmart-utils-0.19-2.35 added
- libatasmart4-0.19-2.35 added
- libatk-1_0-0-2.36.0-150400.2.9 added
- libatk-bridge-2_0-0-2.38.0-150400.1.9 added
- libatomic1-12.2.1+git416-150000.1.7.1 added
- libatomic1-32bit-12.2.1+git416-150000.1.7.1 added
- libatomic_ops-devel-7.4.2-1.34 added
- libatopology2-1.2.8-150500.1.1 added
- libatspi0-2.42.0-150400.2.7 added
- libattr-devel-2.4.47-2.19 added
- libattr1-2.4.47-2.19 added
- libattr1-32bit-2.4.47-2.19 added
- libaudit1-3.0.6-150400.2.13 added
- libaudit1-32bit-3.0.6-150400.2.13 added
- libaugeas0-1.12.0-150400.3.3.6 added
- libauparse0-3.0.6-150400.2.13 added
- libavahi-client3-0.8-150400.7.3.1 added
- libavahi-client3-32bit-0.8-150400.7.3.1 added
- libavahi-common3-0.8-150400.7.3.1 added
- libavahi-common3-32bit-0.8-150400.7.3.1 added
- libavahi-core7-0.8-150400.7.3.1 added
- libavahi-devel-0.8-150400.7.3.1 added
- libavahi-glib-devel-0.8-150400.7.3.1 added
- libavahi-glib1-0.8-150400.7.3.1 added
- libavahi-gobject0-0.8-150400.7.3.1 added
- libavahi-libevent1-0.8-150400.7.3.1 added
- libavahi-ui-gtk3-0-0.8-150400.7.3.1 added
- libavif13-0.9.3-150400.1.9 added
- libbasicobjects-devel-0.1.1-3.3.1 added
- libbasicobjects0-0.1.1-3.3.1 added
- libbd_crypto2-2.26-150400.1.5 added
- libbd_fs2-2.26-150400.1.5 added
- libbd_loop2-2.26-150400.1.5 added
- libbd_lvm2-2.26-150400.1.5 added
- libbd_mdraid2-2.26-150400.1.5 added
- libbd_part2-2.26-150400.1.5 added
- libbd_swap2-2.26-150400.1.5 added
- libbd_utils2-2.26-150400.1.5 added
- libbind9-1600-9.16.6-150300.22.27.1 added
- libbitstream1-1.3.2-150400.8.30 added
- libblas3-3.9.0-150000.4.13.2 added
- libblkid-devel-2.37.4-150500.7.16 added
- libblkid-devel-static-2.37.4-150500.7.16 added
- libblkid1-2.37.4-150500.7.16 added
- libblkid1-32bit-2.37.4-150500.7.16 added
- libblockdev-2.26-150400.1.5 added
- libblockdev2-2.26-150400.1.5 added
- libblogger2-2.26-150300.4.3.1 added
- libbluetooth3-5.65-150500.1.3 added
- libboost_atomic1_66_0-1.66.0-12.3.1 added
- libboost_atomic1_66_0-devel-1.66.0-12.3.1 added
- libboost_chrono1_66_0-1.66.0-12.3.1 added
- libboost_chrono1_66_0-devel-1.66.0-12.3.1 added
- libboost_container1_66_0-1.66.0-12.3.1 added
- libboost_container1_66_0-devel-1.66.0-12.3.1 added
- libboost_context1_66_0-1.66.0-12.3.1 added
- libboost_context1_66_0-devel-1.66.0-12.3.1 added
- libboost_coroutine1_66_0-1.66.0-12.3.1 added
- libboost_coroutine1_66_0-devel-1.66.0-12.3.1 added
- libboost_date_time1_66_0-1.66.0-12.3.1 added
- libboost_date_time1_66_0-devel-1.66.0-12.3.1 added
- libboost_fiber1_66_0-1.66.0-12.3.1 added
- libboost_fiber1_66_0-devel-1.66.0-12.3.1 added
- libboost_filesystem1_66_0-1.66.0-12.3.1 added
- libboost_filesystem1_66_0-devel-1.66.0-12.3.1 added
- libboost_graph1_66_0-1.66.0-12.3.1 added
- libboost_graph1_66_0-devel-1.66.0-12.3.1 added
- libboost_headers1_66_0-devel-1.66.0-12.3.1 added
- libboost_iostreams1_66_0-1.66.0-12.3.1 added
- libboost_iostreams1_66_0-devel-1.66.0-12.3.1 added
- libboost_locale1_66_0-1.66.0-12.3.1 added
- libboost_locale1_66_0-devel-1.66.0-12.3.1 added
- libboost_log1_66_0-1.66.0-12.3.1 added
- libboost_log1_66_0-devel-1.66.0-12.3.1 added
- libboost_math1_66_0-1.66.0-12.3.1 added
- libboost_math1_66_0-devel-1.66.0-12.3.1 added
- libboost_program_options1_66_0-1.66.0-12.3.1 added
- libboost_program_options1_66_0-devel-1.66.0-12.3.1 added
- libboost_python-py3-1_66_0-1.66.0-12.3.1 added
- libboost_python-py3-1_66_0-devel-1.66.0-12.3.1 added
- libboost_random1_66_0-1.66.0-12.3.1 added
- libboost_random1_66_0-devel-1.66.0-12.3.1 added
- libboost_regex1_66_0-1.66.0-12.3.1 added
- libboost_regex1_66_0-devel-1.66.0-12.3.1 added
- libboost_serialization1_66_0-1.66.0-12.3.1 added
- libboost_serialization1_66_0-devel-1.66.0-12.3.1 added
- libboost_signals1_66_0-1.66.0-12.3.1 added
- libboost_signals1_66_0-devel-1.66.0-12.3.1 added
- libboost_stacktrace1_66_0-1.66.0-12.3.1 added
- libboost_stacktrace1_66_0-devel-1.66.0-12.3.1 added
- libboost_system1_66_0-1.66.0-12.3.1 added
- libboost_system1_66_0-devel-1.66.0-12.3.1 added
- libboost_test1_66_0-1.66.0-12.3.1 added
- libboost_test1_66_0-devel-1.66.0-12.3.1 added
- libboost_thread1_66_0-1.66.0-12.3.1 added
- libboost_thread1_66_0-devel-1.66.0-12.3.1 added
- libboost_timer1_66_0-1.66.0-12.3.1 added
- libboost_timer1_66_0-devel-1.66.0-12.3.1 added
- libboost_type_erasure1_66_0-1.66.0-12.3.1 added
- libboost_type_erasure1_66_0-devel-1.66.0-12.3.1 added
- libboost_wave1_66_0-1.66.0-12.3.1 added
- libboost_wave1_66_0-devel-1.66.0-12.3.1 added
- libbpf0-0.5.0-150400.3.3.1 added
- libbpf1-1.1.0-150500.1.1 added
- libbrlapi0_8-6.4-150400.2.9 added
- libbrotli-devel-1.0.7-3.3.1 added
- libbrotlicommon1-1.0.7-3.3.1 added
- libbrotlicommon1-32bit-1.0.7-3.3.1 added
- libbrotlidec1-1.0.7-3.3.1 added
- libbrotlidec1-32bit-1.0.7-3.3.1 added
- libbrotlienc1-1.0.7-3.3.1 added
- libbsd-devel-0.8.7-3.3.17 added
- libbsd0-0.8.7-3.3.17 added
- libbtrfs-devel-5.14-150500.8.23 added
- libbtrfs0-5.14-150500.8.23 added
- libburn4-1.4.6-1.27 added
- libbytesize1-1.4-1.27 added
- libbz2-1-1.0.8-150400.1.122 added
- libbz2-1-32bit-1.0.8-150400.1.122 added
- libbz2-devel-1.0.8-150400.1.122 added
- libc++-devel-15.0.7-150500.2.11 added
- libc++1-15.0.7-150500.2.11 added
- libc++abi-devel-15.0.7-150500.2.11 added
- libc++abi1-15.0.7-150500.2.11 added
- libcaca-devel-0.99.beta19.git20171003-150200.11.9.1 added
- libcaca0-0.99.beta19.git20171003-150200.11.9.1 added
- libcaca0-plugins-0.99.beta19.git20171003-150200.11.9.1 added
- libcacard0-2.5.3-1.27 added
- libcairo-gobject2-1.16.0-150400.9.6 added
- libcairo-script-interpreter2-1.16.0-150400.9.6 added
- libcairo2-1.16.0-150400.9.6 added
- libcanberra0-0.30-150400.13.10 added
- libcap-devel-2.63-150400.1.7 added
- libcap-ng-devel-0.7.9-4.37 added
- libcap-ng-utils-0.7.9-4.37 added
- libcap-ng0-0.7.9-4.37 added
- libcap-ng0-32bit-0.7.9-4.37 added
- libcap-progs-2.63-150400.1.7 added
- libcap2-2.63-150400.1.7 added
- libcap2-32bit-2.63-150400.1.7 added
- libcares2-1.19.0-150000.3.20.1 added
- libcbor0-0.5.0-150100.4.6.1 added
- libcdda_interface0-3.10.2-1.28 added
- libcdda_paranoia0-3.10.2-1.28 added
- libcelt051-0-0.5.1.3-1.28 added
- libcephfs-devel-16.2.11.58+g38d6afd3b78-150400.3.6.1 added
- libcephfs2-16.2.11.58+g38d6afd3b78-150400.3.6.1 added
- libcheck0-0.15.2-150400.1.6 added
- libcilkrts5-7.5.0+r278197-4.30.1 added
- libclamav9-0.103.8-150000.3.44.1 added
- libclang7-7.0.1-150100.3.22.2 added
- libclang9-9.0.1-150200.3.6.1 added
- libcloudproviders0-0.3.1-150400.1.12 added
- libclucene-contribs-lib1-2.3.3.4-1.31 added
- libclucene-core1-2.3.3.4-1.31 added
- libclucene-shared1-2.3.3.4-1.31 added
- libcollectdclient-devel-5.12.0-150400.3.2.1 added
- libcollectdclient1-5.12.0-150400.3.2.1 added
- libcollection-devel-0.7.0-3.3.1 added
- libcollection4-0.7.0-3.3.1 added
- libcolord2-1.4.5-150400.4.3.1 added
- libcom_err-devel-1.46.4-150400.3.3.1 added
- libcom_err-devel-static-1.46.4-150400.3.3.1 added
- libcom_err2-1.46.4-150400.3.3.1 added
- libcom_err2-32bit-1.46.4-150400.3.3.1 added
- libconfig++-devel-1.7-2.12 added
- libconfig++11-1.7-2.12 added
- libconfig-devel-1.7-2.12 added
- libconfig11-1.7-2.12 added
- libcpupower0-5.14-150500.7.2 added
- libcrack2-2.9.7-11.6.1 added
- libcrack2-32bit-2.9.7-11.6.1 added
- libcreaterepo_c-devel-0.16.0-3.3.1 added
- libcreaterepo_c0-0.16.0-3.3.1 added
- libcroco-0.6.13-150400.9.5 added
- libcroco-0_6-3-0.6.13-150400.9.5 added
- libcroco-devel-0.6.13-150400.9.5 added
- libcrypt1-32bit-4.4.15-150300.4.4.3 added
- libcrypt1-4.4.15-150300.4.4.3 added
- libcryptmount-devel-2.16-7.22 added
- libcryptmount0-2.16-7.22 added
- libcryptmount0-32bit-2.16-7.22 added
- libcryptopp-devel-8.6.0-150400.1.6 added
- libcryptopp8_6_0-8.6.0-150400.1.6 added
- libcryptsetup-devel-2.4.3-150400.1.110 added
- libcryptsetup12-2.4.3-150400.1.110 added
- libcryptsetup12-32bit-2.4.3-150400.1.110 added
- libcryptsetup12-hmac-2.4.3-150400.1.110 added
- libcryptsetup12-hmac-32bit-2.4.3-150400.1.110 added
- libctf-nobfd0-2.39-150100.7.40.1 added
- libctf0-2.39-150100.7.40.1 added
- libcups2-2.2.7-150000.3.40.1 added
- libcupscgi1-2.2.7-150000.3.40.1 added
- libcupsimage2-2.2.7-150000.3.40.1 added
- libcupsmime1-2.2.7-150000.3.40.1 added
- libcupsppdc1-2.2.7-150000.3.40.1 added
- libcurl-devel-8.0.1-150400.5.23.1 added
- libcurl4-32bit-8.0.1-150400.5.23.1 added
- libcurl4-8.0.1-150400.5.23.1 added
- libdaemon-devel-0.14-1.23 added
- libdaemon0-0.14-1.23 added
- libdatrie-devel-0.2.9-1.25 added
- libdatrie1-0.2.9-1.25 added
- libdav1d5-0.9.2-150400.1.7 added
- libdazzle-1_0-0-3.42.0-150400.1.12 added
- libdb-4_8-32bit-4.8.30-150000.7.6.1 added
- libdb-4_8-4.8.30-150000.7.6.1 added
- libdb-4_8-devel-4.8.30-150000.7.6.1 added
- libdbi-devel-0.9.0.g33-1.48 added
- libdbi3-0.9.0.g33-1.48 added
- libdbus-1-3-1.12.2-150400.18.5.1 added
- libdbus-1-3-32bit-1.12.2-150400.18.5.1 added
- libdbusmenu-glib4-16.04.0-1.12 added
- libdbusmenu-gtk3-4-16.04.0-1.13 added
- libdconf1-0.40.0-150400.3.3.2 added
- libdebuginfod-devel-0.185-150400.5.3.1 added
- libdebuginfod1-0.185-150400.5.3.1 added
- libdevmapper-event1_03-2.03.16_1.02.185-150500.5.3 added
- libdevmapper1_03-2.03.16_1.02.185-150500.5.3 added
- libdevmapper1_03-32bit-2.03.16_1.02.185-150500.5.3 added
- libdhash-devel-0.5.0-3.3.1 added
- libdhash1-0.5.0-3.3.1 added
- libdialog14-1.3-3.3.7 added
- libdmmp-devel-0.9.4+71+suse.c648a77-150500.1.2 added
- libdmmp0_2_0-0.9.4+71+suse.c648a77-150500.1.2 added
- libdmx-devel-1.1.3-1.23 added
- libdmx1-1.1.3-1.23 added
- libdnet-devel-1.16.3-150400.3.3.1 added
- libdnet1-1.16.3-150400.3.3.1 added
- libdns1605-9.16.6-150300.22.27.1 added
- libdns_sd-0.8-150400.7.3.1 added
- libdouble-conversion3-3.1.5-3.2.1 added
- libdrm-devel-2.4.114-150500.3.2 added
- libdrm2-2.4.114-150500.3.2 added
- libdrm2-32bit-2.4.114-150500.3.2 added
- libdrm_amdgpu1-2.4.114-150500.3.2 added
- libdrm_amdgpu1-32bit-2.4.114-150500.3.2 added
- libdrm_intel1-2.4.114-150500.3.2 added
- libdrm_intel1-32bit-2.4.114-150500.3.2 added
- libdrm_nouveau2-2.4.114-150500.3.2 added
- libdrm_nouveau2-32bit-2.4.114-150500.3.2 added
- libdrm_radeon1-2.4.114-150500.3.2 added
- libdrm_radeon1-32bit-2.4.114-150500.3.2 added
- libduktape206-2.6.0-150500.2.1 added
- libdw-devel-0.185-150400.5.3.1 added
- libdw1-0.185-150400.5.3.1 added
- libdw1-32bit-0.185-150400.5.3.1 added
- libdwarves-devel-1.22-150400.2.10 added
- libdwarves1-1.22-150400.2.10 added
- libebtc0-2.0.11-1.1 added
- libeconf0-0.4.6+git20220427.3016f4e-150400.3.3.1 added
- libecryptfs1-111-2.31 added
- libedit-devel-3.1.snap20150325-2.12 added
- libedit0-3.1.snap20150325-2.12 added
- libedit0-32bit-3.1.snap20150325-2.12 added
- libefa1-42.0-150500.1.3 added
- libefivar1-37-6.12.1 added
- libelf-devel-0.185-150400.5.3.1 added
- libelf1-0.185-150400.5.3.1 added
- libelf1-32bit-0.185-150400.5.3.1 added
- libenchant-2-2-2.2.15-150400.1.9 added
- libenchant1-1.6.1-1.57 added
- libepoxy-devel-1.5.10-150500.1.2 added
- libepoxy0-1.5.10-150500.1.2 added
- libesmtp-1.0.6-150.4.1 added
- libesmtp-devel-1.0.6-150.4.1 added
- libestr-devel-0.1.10-1.25 added
- libestr0-0.1.10-1.25 added
- libevdev-devel-1.11.0-150400.1.7 added
- libevdev2-1.11.0-150400.1.7 added
- libevent-2_1-8-2.1.8-2.23 added
- libevent-devel-2.1.8-2.23 added
- libexpat-devel-2.4.4-150400.3.12.1 added
- libexpat1-2.4.4-150400.3.12.1 added
- libexpat1-32bit-2.4.4-150400.3.12.1 added
- libext2fs-devel-1.46.4-150400.3.3.1 added
- libext2fs-devel-static-1.46.4-150400.3.3.1 added
- libext2fs2-1.46.4-150400.3.3.1 added
- libfabric-1.16.1-150500.2.2 added
- libfabric-devel-1.16.1-150500.2.2 added
- libfabric1-1.16.1-150500.2.2 added
- libfam0-gamin-0.1.10-150400.12.4 added
- libfastjson-devel-0.99.9-150400.3.3.1 added
- libfastjson4-0.99.9-150400.3.3.1 added
- libfdisk-devel-2.37.4-150500.7.16 added
- libfdisk1-2.37.4-150500.7.16 added
- libfdt-devel-1.6.1-150500.1.1 added
- libfdt1-1.6.1-150500.1.1 added
- libffi-devel-3.2.1.git259-10.8 added
- libffi7-3.2.1.git259-10.8 added
- libffi7-32bit-3.2.1.git259-10.8 added
- libfftw3-3-3.3.9-1.6 added
- libfftw3_threads3-3.3.9-1.6 added
- libfido2-1-1.5.0-1.30 added
- libfido2-devel-1.5.0-1.30 added
- libfipscheck1-1.4.1-3.3.1 added
- libfl-devel-2.6.4-3.157 added
- libfl2-2.6.4-3.157 added
- libfltk1-1.3.4-5.3.1 added
- libfmt8-8.0.1-150400.1.8 added
- libfontconfig1-2.13.1-150400.1.4 added
- libfontconfig1-32bit-2.13.1-150400.1.4 added
- libfontenc-devel-1.1.3-1.22 added
- libfontenc1-1.1.3-1.22 added
- libfpgad-api1-1.3.2-150400.8.30 added
- libfreebl3-3.79.4-150400.3.29.1 added
- libfreebl3-32bit-3.79.4-150400.3.29.1 added
- libfreebl3-hmac-3.79.4-150400.3.29.1 added
- libfreebl3-hmac-32bit-3.79.4-150400.3.29.1 added
- libfreeipmi17-1.6.8-150400.1.11 added
- libfreetype6-2.10.4-150000.4.12.1 added
- libfreetype6-32bit-2.10.4-150000.4.12.1 added
- libfreshclam2-0.103.8-150000.3.44.1 added
- libfribidi0-1.0.10-150400.3.3.1 added
- libfstrm0-0.3.2-1.16 added
- libfuse2-2.9.7-3.3.1 added
- libfuse3-3-3.10.5-150400.1.7 added
- libfwup1-12-150100.11.10.1 added
- libgamin-1-0-0.1.10-150400.12.4 added
- libgbm-devel-22.3.5-150500.75.2 added
- libgbm1-22.3.5-150500.75.2 added
- libgbm1-32bit-22.3.5-150500.75.2 added
- libgc1-7.6.4-1.16 added
- libgcc_s1-12.2.1+git416-150000.1.7.1 added
- libgcc_s1-32bit-12.2.1+git416-150000.1.7.1 added
- libgcrypt-devel-1.9.4-150500.10.19 added
- libgcrypt20-1.9.4-150500.10.19 added
- libgcrypt20-32bit-1.9.4-150500.10.19 added
- libgcrypt20-hmac-1.9.4-150500.10.19 added
- libgcrypt20-hmac-32bit-1.9.4-150500.10.19 added
- libgd3-2.2.5-11.3.1 added
- libgdbm4-1.12-1.418 added
- libgdbm4-32bit-1.12-1.418 added
- libgdk_pixbuf-2_0-0-2.42.9-150400.5.6.1 added
- libgdk_pixbuf-2_0-0-32bit-2.42.9-150400.5.6.1 added
- libgdk_pixbuf_xlib-2_0-0-2.40.2-150400.1.7 added
- libgfortran4-32bit-7.5.0+r278197-4.30.1 added
- libgfortran4-7.5.0+r278197-4.30.1 added
- libgfortran5-12.2.1+git416-150000.1.7.1 added
- libgfortran5-32bit-12.2.1+git416-150000.1.7.1 added
- libgif7-5.2.1-150000.4.8.1 added
- libgio-2_0-0-2.70.5-150400.3.8.1 added
- libgio-2_0-0-32bit-2.70.5-150400.3.8.1 added
- libgiomm-2_4-1-2.66.2-150400.1.12 added
- libgirepository-1_0-1-1.70.0-150400.2.10 added
- libglib-2_0-0-2.70.5-150400.3.8.1 added
- libglib-2_0-0-32bit-2.70.5-150400.3.8.1 added
- libglibmm-2_4-1-2.66.2-150400.1.12 added
- libglslang-suse9-8.13.3559+git20-1.27 added
- libglut3-3.2.1-1.24 added
- libglvnd-1.5.0-150500.1.2 added
- libglvnd-32bit-1.5.0-150500.1.2 added
- libglvnd-devel-1.5.0-150500.1.2 added
- libgmodule-2_0-0-2.70.5-150400.3.8.1 added
- libgmodule-2_0-0-32bit-2.70.5-150400.3.8.1 added
- libgmp10-32bit-6.1.2-4.9.1 added
- libgmp10-6.1.2-4.9.1 added
- libgmpxx4-6.1.2-4.9.1 added
- libgnustep-base1_25-1.25.1-7.2 added
- libgnutls-devel-3.7.3-150400.4.35.1 added
- libgnutls30-3.7.3-150400.4.35.1 added
- libgnutls30-32bit-3.7.3-150400.4.35.1 added
- libgnutls30-hmac-3.7.3-150400.4.35.1 added
- libgnutls30-hmac-32bit-3.7.3-150400.4.35.1 added
- libgnutlsxx-devel-3.7.3-150400.4.35.1 added
- libgnutlsxx28-3.7.3-150400.4.35.1 added
- libgobject-2_0-0-2.70.5-150400.3.8.1 added
- libgobject-2_0-0-32bit-2.70.5-150400.3.8.1 added
- libgomp1-12.2.1+git416-150000.1.7.1 added
- libgomp1-32bit-12.2.1+git416-150000.1.7.1 added
- libgpg-error-devel-1.42-150400.1.101 added
- libgpg-error0-1.42-150400.1.101 added
- libgpg-error0-32bit-1.42-150400.1.101 added
- libgpgme-devel-1.16.0-150400.1.80 added
- libgpgme11-1.16.0-150400.1.80 added
- libgpgmepp-devel-1.16.0-150400.1.80 added
- libgpgmepp6-1.16.0-150400.1.80 added
- libgpiod-utils-1.4.3-1.5 added
- libgpiod2-1.4.3-1.5 added
- libgpm2-1.20.7-7.3.1 added
- libgraphene-1_0-0-1.10.6-150400.1.10 added
- libgraphite2-3-1.3.11-150000.4.3.1 added
- libgraphite2-3-32bit-1.3.11-150000.4.3.1 added
- libgraphviz6-2.48.0-150400.1.165 added
- libgstallocators-1_0-0-1.22.0-150500.1.2 added
- libgstapp-1_0-0-1.22.0-150500.1.2 added
- libgstaudio-1_0-0-1.22.0-150500.1.2 added
- libgstfft-1_0-0-1.22.0-150500.1.2 added
- libgstgl-1_0-0-1.22.0-150500.1.2 added
- libgstpbutils-1_0-0-1.22.0-150500.1.2 added
- libgstphotography-1_0-0-1.22.0-150500.1.3 added
- libgstplay-1_0-0-1.22.0-150500.1.3 added
- libgstplayer-1_0-0-1.22.0-150500.1.3 added
- libgstreamer-1_0-0-1.22.0-150500.1.1 added
- libgstriff-1_0-0-1.22.0-150500.1.2 added
- libgstrtp-1_0-0-1.22.0-150500.1.2 added
- libgstrtsp-1_0-0-1.22.0-150500.1.2 added
- libgstsdp-1_0-0-1.22.0-150500.1.2 added
- libgsttag-1_0-0-1.22.0-150500.1.2 added
- libgstvideo-1_0-0-1.22.0-150500.1.2 added
- libgthread-2_0-0-2.70.5-150400.3.8.1 added
- libgtk-2_0-0-2.24.33-150400.2.11 added
- libgtk-3-0-3.24.34-150400.3.3.1 added
- libgtk-4-1-4.6.0-150400.3.3.1 added
- libgtk-vnc-2_0-0-1.3.1-150400.3.3.1 added
- libgtksourceview-3_0-1-3.24.11-150400.10.11 added
- libgtksourceview-4-0-4.4.0-2.45 added
- libgts-0_7-5-0.7.6_p20121130-1.32 added
- libgudev-1_0-0-237-150400.1.6 added
- libgudev-1_0-devel-237-150400.1.6 added
- libgvnc-1_0-0-1.3.1-150400.3.3.1 added
- libhandle1-5.13.0-150400.3.3.1 added
- libharfbuzz-gobject0-3.4.0-150400.3.6.1 added
- libharfbuzz-icu0-3.4.0-150400.3.6.1 added
- libharfbuzz-subset0-3.4.0-150400.3.6.1 added
- libharfbuzz0-3.4.0-150400.3.6.1 added
- libharfbuzz0-32bit-3.4.0-150400.3.6.1 added
- libhavege2-1.9.14-150400.3.3.1 added
- libhidapi-devel-0.10.1-1.6 added
- libhidapi-hidraw0-0.10.1-1.6 added
- libhidapi-libusb0-0.10.1-1.6 added
- libhivex0-1.3.21-150400.2.10 added
- libhogweed6-3.8.1-150500.2.25 added
- libhogweed6-32bit-3.8.1-150500.2.25 added
- libhowl0-0.8-150400.7.3.1 added
- libhssi-io1-1.3.2-150400.8.30 added
- libhugetlbfs-2.20-3.3.1 added
- libhugetlbfs-devel-2.20-3.3.1 added
- libhunspell-1_6-0-1.6.2-150000.3.11.1 added
- libhwloc15-2.5.0-150400.3.3.1 added
- libhwloc5-2.0.0.1.11.8-1.29 added
- libhyphen0-2.8.8-1.23 added
- libibmad5-42.0-150500.1.3 added
- libibnetdisc5-42.0-150500.1.3 added
- libibumad3-42.0-150500.1.3 added
- libibverbs-42.0-150500.1.3 added
- libibverbs1-42.0-150500.1.3 added
- libicu-devel-65.1-150200.4.5.1 added
- libicu-suse65_1-65.1-150200.4.5.1 added
- libicu69-69.1-7.3.2 added
- libidn-devel-1.34-3.2.2 added
- libidn-tools-1.34-3.2.2 added
- libidn11-1.34-3.2.2 added
- libidn11-32bit-1.34-3.2.2 added
- libidn2-0-2.2.0-3.6.1 added
- libidn2-0-32bit-2.2.0-3.6.1 added
- libidn2-devel-2.2.0-3.6.1 added
- libidn2-tools-2.2.0-3.6.1 added
- libigdgmm12-22.3.1-150500.1.1 added
- libimaevm3-1.4-150400.1.5 added
- libindicator3-7-16.10.0+bzr20171205-1.12 added
- libinfinipath4-3.3-5.3.1 added
- libini_config-devel-1.3.1-3.3.1 added
- libini_config5-1.3.1-3.3.1 added
- libinih-devel-53-150400.1.7 added
- libinih0-53-150400.1.7 added
- libinotifytools0-3.21.9.6-150400.1.4 added
- libinput-devel-1.21.0-150500.1.2 added
- libinput-tools-1.21.0-150500.1.2 added
- libinput-udev-1.21.0-150500.1.2 added
- libinput10-1.21.0-150500.1.2 added
- libip4tc2-1.8.7-1.1 added
- libip6tc2-1.8.7-1.1 added
- libipa_hbac-devel-2.5.2-150500.8.3 added
- libipa_hbac0-2.5.2-150500.8.3 added
- libipmiconsole2-1.6.8-150400.1.11 added
- libipmidetect0-1.6.8-150400.1.11 added
- libipmimonitoring6-1.6.8-150400.1.11 added
- libipq-devel-1.8.7-1.1 added
- libipq0-1.8.7-1.1 added
- libipset13-7.15-150400.12.3.2 added
- libiptc-devel-1.8.7-1.1 added
- libirs-devel-9.16.6-150300.22.27.1 added
- libirs1601-9.16.6-150300.22.27.1 added
- libisc1606-9.16.6-150300.22.27.1 added
- libisccc1600-9.16.6-150300.22.27.1 added
- libisccfg1600-9.16.6-150300.22.27.1 added
- libiscsi-devel-1.18.0-4.29 added
- libiscsi8-1.18.0-4.29 added
- libisl15-0.18-1.443 added
- libisoburn1-1.4.6-1.29 added
- libisofs6-1.4.6-1.29 added
- libiterm1-0.5.20040304-150000.5.6.1 added
- libitm1-12.2.1+git416-150000.1.7.1 added
- libitm1-32bit-12.2.1+git416-150000.1.7.1 added
- libiw-devel-30.pre9-150400.13.6 added
- libiw30-30.pre9-150400.13.6 added
- libjansson-devel-2.9-1.24 added
- libjansson4-2.9-1.24 added
- libjasper4-2.0.14-150000.3.28.1 added
- libjavascriptcoregtk-4_0-18-2.38.6-150400.4.39.1 added
- libjbig-devel-2.1-3.2.1 added
- libjbig2-2.1-3.2.1 added
- libjbig2-32bit-2.1-3.2.1 added
- libjemalloc2-5.0.1-1.25 added
- libjitterentropy3-3.4.0-150000.1.9.1 added
- libjitterentropy3-32bit-3.4.0-150000.1.9.1 added
- libjpeg62-62.3.0-150400.15.7 added
- libjpeg62-devel-62.3.0-150400.15.7 added
- libjpeg8-32bit-8.2.2-150400.15.9 added
- libjpeg8-8.2.2-150400.15.9 added
- libjpeg8-devel-8.2.2-150400.15.9 added
- libjq-devel-1.6-3.3.1 added
- libjq1-1.6-3.3.1 added
- libjson-c-devel-0.13-3.3.1 added
- libjson-c3-0.13-3.3.1 added
- libjson-c3-32bit-0.13-3.3.1 added
- libjson-glib-1_0-0-1.6.6-150400.1.11 added
- libjsoncpp19-1.8.4-1.17 added
- libjte1-1.20-1.26 added
- libkate-devel-0.4.1-2.15 added
- libkate1-0.4.1-2.15 added
- libkcapi-devel-0.13.0-1.114 added
- libkcapi-tools-0.13.0-1.114 added
- libkcapi0-0.13.0-1.114 added
- libkdumpfile-devel-0.4.1-150400.1.4 added
- libkdumpfile9-0.4.1-150400.1.4 added
- libkeyutils1-1.6.3-5.6.1 added
- libkeyutils1-32bit-1.6.3-5.6.1 added
- libkmip-devel-0.2.0-150400.1.8 added
- libkmip-tools-0.2.0-150400.1.8 added
- libkmip0-0.2.0-150400.1.8 added
- libkmod-devel-29-4.15.1 added
- libkmod2-29-4.15.1 added
- libkms-devel-2.4.107-150400.1.8 added
- libkms1-2.4.107-150400.1.8 added
- libksba-devel-1.3.5-150000.4.6.1 added
- libksba8-1.3.5-150000.4.6.1 added
- libkyotocabinet-devel-1.2.77-4.3.1 added
- libkyotocabinet16-1.2.77-4.3.1 added
- liblapack3-3.9.0-150000.4.13.2 added
- liblbxutil-devel-1.1.0-1.23 added
- liblbxutil1-1.1.0-1.23 added
- liblcms2-2-2.12-150400.1.10 added
- liblcms2-devel-2.12-150400.1.10 added
- libldap-2_4-2-2.4.46-150200.14.11.2 added
- libldap-2_4-2-32bit-2.4.46-150200.14.11.2 added
- libldapcpp-devel-0.3.1-1.33 added
- libldapcpp1-0.3.1-1.33 added
- libldb-devel-2.6.2-150500.1.1 added
- libldb2-2.6.2-150500.1.1 added
- libldb2-32bit-2.6.2-150500.1.1 added
- libldns2-1.7.0-150000.4.8.1 added
- libleveldb1-1.18-150000.3.3.1 added
- liblldp_clif1-1.1+58.8ca361bab766-150500.1.3 added
- liblmdb-0_9_17-0.9.17-4.6.2 added
- liblmdb-0_9_30-0.9.30-150500.1.1 added
- liblockdev1-1.0.3_git201003141408-1.97 added
- liblogging-devel-1.0.6-3.21 added
- liblogging0-1.0.6-3.21 added
- liblognorm-devel-2.0.4-1.17 added
- liblognorm5-2.0.4-1.17 added
- liblsan0-12.2.1+git416-150000.1.7.1 added
- libltdl7-2.4.6-3.4.1 added
- liblttng-ctl0-2.12.2-1.30 added
- liblttng-ust-ctl4-2.12.0-1.30 added
- liblttng-ust-python-agent0-2.12.0-1.30 added
- liblttng-ust0-2.12.0-1.30 added
- liblua5_1-5-5.1.5-2.31 added
- liblua5_3-5-32bit-5.3.6-3.6.1 added
- liblua5_3-5-5.3.6-3.6.1 added
- liblvm2cmd2_03-2.03.16-150500.5.4 added
- liblz4-1-1.9.3-150400.1.7 added
- liblz4-1-32bit-1.9.3-150400.1.7 added
- liblz4-devel-1.9.3-150400.1.7 added
- liblzma5-32bit-5.2.3-150000.4.7.1 added
- liblzma5-5.2.3-150000.4.7.1 added
- liblzo2-2-2.10-2.22 added
- libmagic1-32bit-5.32-7.14.1 added
- libmagic1-5.32-7.14.1 added
- libmanette-0_2-0-0.2.6-150400.1.16 added
- libmariadb3-3.1.13-3.30.1 added
- libmariadbprivate-3.1.13-3.30.1 added
- libmarkdown2-2.2.4-1.41 added
- libmaxminddb-devel-1.4.3-1.6.1 added
- libmaxminddb0-1.4.3-1.6.1 added
- libmediacheck-devel-6.1-150400.1.5 added
- libmediacheck6-6.1-150400.1.5 added
- libmemcached11-1.0.18-1.40 added
- libmetalink-devel-0.1.3-1.24 added
- libmetalink3-0.1.3-1.24 added
- libmicrohttpd12-0.9.57-150000.3.3.1 added
- libmilter1_0-8.15.2-150000.8.9.1 added
- libminizip1-1.2.13-150500.2.3 added
- libmlx4-1-42.0-150500.1.3 added
- libmlx5-1-42.0-150500.1.3 added
- libmnl-devel-1.0.4-1.25 added
- libmnl0-1.0.4-1.25 added
- libmodulemd2-2.13.0-150400.1.8 added
- libmount-devel-2.37.4-150500.7.16 added
- libmount1-2.37.4-150500.7.16 added
- libmount1-32bit-2.37.4-150500.7.16 added
- libmozjs-60-60.9.0-4.40 added
- libmp3lame0-3.100-150000.3.2.1 added
- libmpath0-0.9.4+71+suse.c648a77-150500.1.2 added
- libmpc3-1.1.0-1.47 added
- libmpfr6-4.0.2-3.3.1 added
- libmpg123-0-1.26.4-1.15 added
- libmpx2-8.2.1+r264010-150000.1.6.4 added
- libmpxwrappers2-8.2.1+r264010-150000.1.6.4 added
- libmspack-devel-0.6-3.14.1 added
- libmspack0-0.6-3.14.1 added
- libmtdev1-1.1.5-1.26 added
- libncurses6-32bit-6.1-150000.5.15.1 added
- libncurses6-6.1-150000.5.15.1 added
- libndctl-devel-75-150500.2.2 added
- libndctl6-75-150500.2.2 added
- libneon-devel-0.30.2-4.5.1 added
- libneon27-0.30.2-4.5.1 added
- libnet-devel-1.2~rc3-1.29 added
- libnet9-1.2~rc3-1.29 added
- libnetcontrol-devel-0.3.2-10.5.1 added
- libnetcontrol0-0.3.2-10.5.1 added
- libnetfilter_conntrack-devel-1.0.7-1.38 added
- libnetfilter_conntrack3-1.0.7-1.38 added
- libnetfilter_cthelper-devel-1.0.0-1.21 added
- libnetfilter_cthelper0-1.0.0-1.21 added
- libnetfilter_cttimeout-devel-1.0.0-1.22 added
- libnetfilter_cttimeout1-1.0.0-1.22 added
- libnetfilter_queue-devel-1.0.3-1.16 added
- libnetfilter_queue1-1.0.3-1.16 added
- libnetlink-devel-5.14-150400.1.8 added
- libnetpbm11-10.80.1-3.11.1 added
- libnettle-devel-3.8.1-150500.2.25 added
- libnettle8-3.8.1-150500.2.25 added
- libnettle8-32bit-3.8.1-150500.2.25 added
- libnewt0_52-0.52.20-150000.7.2.3 added
- libnfnetlink-devel-1.0.1-2.11 added
- libnfnetlink0-1.0.1-2.11 added
- libnftables1-0.9.8-150300.3.3.1 added
- libnftnl-devel-1.2.0-150400.1.6 added
- libnftnl11-1.2.0-150400.1.6 added
- libnghttp2-14-1.40.0-6.1 added
- libnghttp2-14-32bit-1.40.0-6.1 added
- libnghttp2-devel-1.40.0-6.1 added
- libnghttp2_asio-devel-1.40.0-6.1 added
- libnghttp2_asio1-1.40.0-6.1 added
- libnl3-200-3.3.0-1.29 added
- libnl3-200-32bit-3.3.0-1.29 added
- libnl3-devel-3.3.0-1.29 added
- libnm0-1.38.6-150500.1.2 added
- libnotify4-0.7.12-150400.3.3.1 added
- libnpth0-1.5-2.11 added
- libns1604-9.16.6-150300.22.27.1 added
- libnscd-devel-2.0.2-3.21 added
- libnscd1-2.0.2-3.21 added
- libnscd1-32bit-2.0.2-3.21 added
- libnsl-devel-1.2.0-2.44 added
- libnsl2-1.2.0-2.44 added
- libnsl2-32bit-1.2.0-2.44 added
- libnss_nis2-3.0-150000.3.3.1 added
- libnss_nis2-32bit-3.0-150000.3.3.1 added
- libnuma-devel-2.0.14.20.g4ee5e0c-150400.1.24 added
- libnuma1-2.0.14.20.g4ee5e0c-150400.1.24 added
- libnuma1-32bit-2.0.14.20.g4ee5e0c-150400.1.24 added
- libnvme-devel-1.2+1.g41e1016-150500.2.5 added
- libnvme-mi1-1.2+1.g41e1016-150500.2.5 added
- libnvme1-1.2+1.g41e1016-150500.2.5 added
- liboath-devel-2.6.2-150000.3.3.1 added
- liboath0-2.6.2-150000.3.3.1 added
- libobjc4-12.2.1+git416-150000.1.7.1 added
- libobjc4-32bit-12.2.1+git416-150000.1.7.1 added
- libodbc2-2.3.9-150400.14.5 added
- libogg-devel-1.3.2-150000.3.4.1 added
- libogg0-1.3.2-150000.3.4.1 added
- liboggkate1-0.4.1-2.15 added
- liboldX-devel-1.0.1-1.24 added
- liboldX6-1.0.1-1.24 added
- libomp7-devel-7.0.1-150100.3.22.2 added
- libonig4-6.7.0-150000.3.3.1 added
- libopae-c1-1.3.2-150400.8.30 added
- libopenblas_openmp0-0.3.21-150500.2.6 added
- libopenblas_pthreads-devel-0.3.21-150500.2.6 added
- libopenblas_pthreads0-0.3.21-150500.2.6 added
- libopeniscsiusr0-0.2.0-150500.44.1 added
- libopenjp2-7-2.3.0-150000.3.8.1 added
- libopenscap25-1.3.6-150400.11.3.1 added
- libopenssl-1_1-devel-1.1.1l-150500.15.4 added
- libopenssl-3-devel-3.0.8-150500.3.1 added
- libopenssl1_1-1.1.1l-150500.15.4 added
- libopenssl1_1-32bit-1.1.1l-150500.15.4 added
- libopenssl1_1-hmac-1.1.1l-150500.15.4 added
- libopenssl1_1-hmac-32bit-1.1.1l-150500.15.4 added
- libopenssl3-3.0.8-150500.3.1 added
- liboping0-1.9.0-1.36 added
- libopts-devel-5.18.12-3.3.1 added
- libopts25-5.18.12-3.3.1 added
- libopus-devel-1.3.1-150000.3.8.1 added
- libopus0-1.3.1-150000.3.8.1 added
- liborc-0_4-0-0.4.28-3.3.1 added
- libosinfo-1.10.0-150500.1.3 added
- libosinfo-1_0-0-1.10.0-150500.1.3 added
- libostree-1-1-2022.7-150500.1.3 added
- libp11-3-0.4.11-150400.1.6 added
- libp11-devel-0.4.11-150400.1.6 added
- libp11-kit0-0.23.22-150500.6.1 added
- libp11-kit0-32bit-0.23.22-150500.6.1 added
- libpainter0-0.9.13.1-150200.4.18.1 added
- libpango-1_0-0-1.50.4-150400.1.5 added
- libparted0-3.2-19.1 added
- libparted0-32bit-3.2-19.1 added
- libpath_utils-devel-0.2.1-3.3.1 added
- libpath_utils1-0.2.1-3.3.1 added
- libpcap-devel-1.10.1-150400.1.7 added
- libpcap1-1.10.1-150400.1.7 added
- libpci3-3.5.6-150300.13.3.1 added
- libpci3-32bit-3.5.6-150300.13.3.1 added
- libpciaccess-devel-0.14-1.16 added
- libpciaccess0-0.14-1.16 added
- libpciaccess0-32bit-0.14-1.16 added
- libpcre1-32bit-8.45-150000.20.13.1 added
- libpcre1-8.45-150000.20.13.1 added
- libpcre16-0-8.45-150000.20.13.1 added
- libpcre2-16-0-10.39-150400.4.6.1 added
- libpcre2-32-0-10.39-150400.4.6.1 added
- libpcre2-8-0-10.39-150400.4.6.1 added
- libpcre2-posix2-10.39-150400.4.6.1 added
- libpcrecpp0-32bit-8.45-150000.20.13.1 added
- libpcrecpp0-8.45-150000.20.13.1 added
- libpcreposix0-8.45-150000.20.13.1 added
- libpcsclite1-1.9.4-150400.1.9 added
- libpcscspy0-1.9.4-150400.1.9 added
- libpfm-devel-4.12.0-150500.1.1 added
- libpfm4-4.12.0-150500.1.1 added
- libpgm-5_2-0-32bit-5.2.122-150400.15.6 added
- libpgm-5_2-0-5.2.122-150400.15.6 added
- libphodav-2_0-0-2.5-1.53 added
- libpipeline-devel-1.4.1-1.27 added
- libpipeline1-1.4.1-1.27 added
- libpixman-1-0-0.40.0-150400.3.3.1 added
- libpixman-1-0-devel-0.40.0-150400.3.3.1 added
- libpkcs11-helper1-1.25.1-150100.3.3.1 added
- libply-boot-client5-0.9.5~git20210406.e554475-150400.3.8.1 added
- libply-splash-core5-0.9.5~git20210406.e554475-150400.3.8.1 added
- libply-splash-graphics5-0.9.5~git20210406.e554475-150400.3.8.1 added
- libply5-0.9.5~git20210406.e554475-150400.3.8.1 added
- libpmem1-1.11.1-150400.1.10 added
- libpmemblk1-1.11.1-150400.1.10 added
- libpng12-0-1.2.57-2.18 added
- libpng12-devel-1.2.57-2.18 added
- libpng16-16-1.6.34-3.9.1 added
- libpng16-16-32bit-1.6.34-3.9.1 added
- libpng16-compat-devel-1.6.34-3.9.1 added
- libpng16-devel-1.6.34-3.9.1 added
- libpolkit-agent-1-0-121-150500.1.6 added
- libpolkit-gobject-1-0-121-150500.1.6 added
- libpoppler-cpp0-23.01.0-150500.1.2 added
- libpoppler-devel-23.01.0-150500.1.2 added
- libpoppler-glib-devel-23.01.0-150500.1.2 added
- libpoppler-glib8-23.01.0-150500.1.2 added
- libpoppler126-23.01.0-150500.1.2 added
- libpoppler89-0.79.0-150200.3.8.1 added
- libpopt0-1.16-3.22 added
- libpopt0-32bit-1.16-3.22 added
- libpq5-15.3-150200.5.9.1 added
- libprocps7-3.3.15-150000.7.31.1 added
- libprotobuf-c-devel-1.3.2-150200.3.3.1 added
- libprotobuf-c1-1.3.2-150200.3.3.1 added
- libprotobuf-lite20-3.9.2-150200.4.19.2 added
- libprotobuf20-3.9.2-150200.4.19.2 added
- libproxy-devel-0.4.17-150400.1.8 added
- libproxy1-0.4.17-150400.1.8 added
- libpsl-devel-0.20.1-150000.3.3.1 added
- libpsl5-0.20.1-150000.3.3.1 added
- libpsl5-32bit-0.20.1-150000.3.3.1 added
- libpsm2-2-11.2.230-150500.1.2 added
- libpsm2-devel-11.2.230-150500.1.2 added
- libpsm_infinipath1-3.3-5.3.1 added
- libpspell15-0.60.8-3.3.1 added
- libpsx2-2.63-150400.1.7 added
- libpulse-devel-15.0-150400.2.10 added
- libpulse-mainloop-glib0-15.0-150400.2.10 added
- libpulse0-15.0-150400.2.10 added
- libpwquality-devel-1.4.4-150400.15.4 added
- libpwquality-tools-1.4.4-150400.15.4 added
- libpwquality1-1.4.4-150400.15.4 added
- libpython3_6m1_0-3.6.15-150300.10.45.1 added
- libqatzip3-1.1.0-150500.1.2 added
- libqb-devel-2.0.6+20220323.758044b-150500.1.2 added
- libqb100-2.0.6+20220323.758044b-150500.1.2 added
- libqgpgme-devel-1.16.0-150400.1.10 added
- libqgpgme7-1.16.0-150400.1.10 added
- libqpdf26-9.0.2-150200.3.3.1 added
- libqpdf28-10.3.1-1.1 added
- libqrencode4-4.0.0-1.17 added
- libqt5-qtbase-common-devel-5.15.8+kde185-150500.2.1 added
- libqt5-qtbase-devel-5.15.8+kde185-150500.2.1 added
- libqt5-qtdeclarative-devel-5.15.8+kde22-150500.1.2 added
- libqt5-qtdeclarative-tools-5.15.8+kde22-150500.1.2 added
- libqt5-qtserialport-devel-5.15.8+kde0-150500.1.4 added
- libqt5-qtsvg-devel-5.15.8+kde8-150500.1.4 added
- libqt5-qttranslations-5.15.8+kde0-150500.1.1 added
- libqt5-qtwebchannel-devel-5.15.8+kde3-150500.1.2 added
- libqt5-qtwebsockets-devel-5.15.8+kde3-150500.1.4 added
- libqt5-qtx11extras-devel-5.15.8+kde0-150500.1.4 added
- libqt5-qtxmlpatterns-devel-5.15.8+kde0-150500.1.4 added
- libquadmath0-12.2.1+git416-150000.1.7.1 added
- libquadmath0-32bit-12.2.1+git416-150000.1.7.1 added
- librados-devel-16.2.11.58+g38d6afd3b78-150400.3.6.1 added
- librados2-16.2.11.58+g38d6afd3b78-150400.3.6.1 added
- libradospp-devel-16.2.11.58+g38d6afd3b78-150400.3.6.1 added
- librav1e0-0.5.1+0-150400.1.10 added
- librbd-devel-16.2.11.58+g38d6afd3b78-150400.3.6.1 added
- librbd1-16.2.11.58+g38d6afd3b78-150400.3.6.1 added
- librdkafka1-0.11.6-1.8.1 added
- librdmacm1-42.0-150500.1.3 added
- libreadline7-32bit-7.0-150400.25.22 added
- libreadline7-7.0-150400.25.22 added
- libref_array-devel-0.1.5-3.3.1 added
- libref_array1-0.1.5-3.3.1 added
- libreiserfscore-devel-3.6.27-2.24 added
- libreiserfscore0-3.6.27-2.24 added
- librfxencode0-0.9.13.1-150200.4.18.1 added
- librgw-devel-16.2.11.58+g38d6afd3b78-150400.3.6.1 added
- librgw2-16.2.11.58+g38d6afd3b78-150400.3.6.1 added
- librhash0-1.3.5-1.25 added
- librrd8-1.7.0-6.3.1 added
- librsvg-2-2-2.52.9-150400.3.3.1 added
- librsync-devel-1.0.0-1.27 added
- librsync2-1.0.0-1.27 added
- libruby2_5-2_5-2.5.9-150000.4.26.1 added
- libsamba-errors-devel-4.13.13+git.539.fdbc44a8598-3.20.2 added
- libsamba-errors0-4.13.13+git.539.fdbc44a8598-3.20.2 added
- libsamba-policy-devel-4.17.7+git.330.4057cd7a27a-150500.1.2 added
- libsamba-policy-python3-devel-4.17.7+git.330.4057cd7a27a-150500.1.2 added
- libsamba-policy0-python3-4.17.7+git.330.4057cd7a27a-150500.1.2 added
- libsamplerate-devel-0.1.9-3.22 added
- libsamplerate0-0.1.9-3.22 added
- libsasl2-3-2.1.28-150500.1.1 added
- libsasl2-3-32bit-2.1.28-150500.1.1 added
- libsbc1-1.3-3.2.1 added
- libscg-devel-3.02~a09-4.6.1 added
- libscg1_0-3.02~a09-4.6.1 added
- libschily-devel-3.02~a09-4.6.1 added
- libschily1_0-3.02~a09-4.6.1 added
- libseccomp-devel-2.5.3-150400.2.4 added
- libseccomp2-2.5.3-150400.2.4 added
- libsecret-1-0-0.20.5-150400.4.3.1 added
- libsecret-devel-0.20.5-150400.4.3.1 added
- libselinux-devel-3.1-150400.1.69 added
- libselinux1-3.1-150400.1.69 added
- libselinux1-32bit-3.1-150400.1.69 added
- libsemanage-devel-3.1-150400.1.65 added
- libsemanage1-3.1-150400.1.65 added
- libsensors4-3.5.0-4.6.1 added
- libsensors4-devel-3.5.0-4.6.1 added
- libsepol-devel-3.1-150400.1.70 added
- libsepol1-3.1-150400.1.70 added
- libserf-1-1-1.3.9-2.31 added
- libserf-devel-1.3.9-2.31 added
- libsgutils-devel-1.47+13.75d23ac-150400.3.6.1 added
- libsgutils2-1_47-2-1.47+13.75d23ac-150400.3.6.1 added
- libsha1detectcoll-devel-1.0.3-2.18 added
- libsha1detectcoll1-1.0.3-2.18 added
- libshaderc_shared1-2019.1-1.26 added
- libsigc++2-devel-2.10.7-150400.1.7 added
- libsigc-2_0-0-2.10.7-150400.1.7 added
- libslang2-2.3.1a-150000.5.2.3 added
- libslirp-devel-4.7.0+44-150500.2.1 added
- libslirp0-4.7.0+44-150500.2.1 added
- libsmartcols-devel-2.37.4-150500.7.16 added
- libsmartcols1-2.37.4-150500.7.16 added
- libsmbios-devel-2.4.1-1.14 added
- libsmbios_c2-2.4.1-1.14 added
- libsmi-0.4.8-1.29 added
- libsmi2-0.4.8-1.29 added
- libsnapper-devel-0.8.16-150300.3.3.1 added
- libsnapper5-0.8.16-150300.3.3.1 added
- libsnappy1-1.1.8-3.3.1 added
- libsndfile-devel-1.0.28-150000.5.17.1 added
- libsndfile1-1.0.28-150000.5.17.1 added
- libsnmp30-5.7.3-10.12.1 added
- libsnmp40-5.9.3-150300.15.8.1 added
- libsodium-devel-1.0.18-150000.4.6.1 added
- libsodium23-1.0.18-150000.4.6.1 added
- libsodium23-32bit-1.0.18-150000.4.6.1 added
- libsoftokn3-3.79.4-150400.3.29.1 added
- libsoftokn3-32bit-3.79.4-150400.3.29.1 added
- libsoftokn3-hmac-3.79.4-150400.3.29.1 added
- libsoftokn3-hmac-32bit-3.79.4-150400.3.29.1 added
- libsolv-devel-0.7.23-150400.3.3.1 added
- libsolv-tools-0.7.23-150400.3.3.1 added
- libsoup-2_4-1-2.74.2-150400.1.6 added
- libsoup-3_0-0-3.0.4-150400.1.6 added
- libsoup-devel-3.0.4-150400.1.6 added
- libsoup2-devel-2.74.2-150400.1.6 added
- libspandsp2-0.0.6-3.2.1 added
- libspeex1-1.2-150000.3.5.2 added
- libspeexdsp1-1.2~rc3-2.20 added
- libspice-client-glib-2_0-8-0.41-150500.1.4 added
- libspice-client-glib-helper-0.41-150500.1.4 added
- libspice-client-gtk-3_0-5-0.41-150500.1.4 added
- libspirv-cross-c-shared-devel-0.23.0-1.26 added
- libspirv-cross-c-shared0-0.23.0-1.26 added
- libsqlite3-0-3.39.3-150000.3.20.1 added
- libsqlite3-0-32bit-3.39.3-150000.3.20.1 added
- libssh-config-0.9.6-150400.1.5 added
- libssh-devel-0.9.6-150400.1.5 added
- libssh2-1-1.9.0-4.13.1 added
- libssh2-devel-1.9.0-4.13.1 added
- libssh4-0.9.6-150400.1.5 added
- libssh4-32bit-0.9.6-150400.1.5 added
- libsss_certmap-devel-2.5.2-150500.8.3 added
- libsss_certmap0-2.5.2-150500.8.3 added
- libsss_idmap-devel-2.5.2-150500.8.3 added
- libsss_idmap0-2.5.2-150500.8.3 added
- libsss_nss_idmap-devel-2.5.2-150500.8.3 added
- libsss_nss_idmap0-2.5.2-150500.8.3 added
- libsss_simpleifp-devel-2.5.2-150500.8.3 added
- libsss_simpleifp0-2.5.2-150500.8.3 added
- libstdc++-devel-7-3.9.1 added
- libstdc++6-12.2.1+git416-150000.1.7.1 added
- libstdc++6-32bit-12.2.1+git416-150000.1.7.1 added
- libstdc++6-devel-gcc12-12.2.1+git416-150000.1.7.1 added
- libstdc++6-devel-gcc7-7.5.0+r278197-4.30.1 added
- libstdc++6-locale-12.2.1+git416-150000.1.7.1 added
- libstdc++6-pp-12.2.1+git416-150000.1.7.1 added
- libstdc++6-pp-32bit-12.2.1+git416-150000.1.7.1 added
- libstorage-ng-devel-4.5.101-150500.1.1 added
- libstorage-ng-ruby-4.5.101-150500.1.1 added
- libstorage-ng1-4.5.101-150500.1.1 added
- libstoragemgmt-1.8.5-3.3.1 added
- libstoragemgmt-devel-1.8.5-3.3.1 added
- libstoragemgmt-udev-1.8.5-3.3.1 added
- libstoragemgmt1-1.8.5-3.3.1 added
- libsuseconnect-1.1.0~git0.e3c41e60892e-150500.1.3 added
- libsystemd0-249.16-150400.8.25.7 added
- libsystemd0-32bit-249.16-150400.8.25.7 added
- libtag1-1.11.1-4.9.1 added
- libtalloc-devel-2.3.4-150500.1.1 added
- libtalloc2-2.3.4-150500.1.1 added
- libtalloc2-32bit-2.3.4-150500.1.1 added
- libtasn1-4.13-150000.4.8.1 added
- libtasn1-6-32bit-4.13-150000.4.8.1 added
- libtasn1-6-4.13-150000.4.8.1 added
- libtasn1-devel-4.13-150000.4.8.1 added
- libtcmalloc4-2.5-4.12 added
- libtcnative-1-0-1.2.23-150100.3.6.1 added
- libtdb-devel-1.4.7-150500.1.1 added
- libtdb1-1.4.7-150500.1.1 added
- libtdb1-32bit-1.4.7-150500.1.1 added
- libteam-devel-1.27-150000.4.6.1 added
- libteam5-1.27-150000.4.6.1 added
- libteamdctl0-1.27-150000.4.6.1 added
- libtevent-devel-0.13.0-150500.1.1 added
- libtevent0-0.13.0-150500.1.1 added
- libtevent0-32bit-0.13.0-150500.1.1 added
- libtextstyle0-0.20.2-1.43 added
- libtextstyle0-32bit-0.20.2-1.43 added
- libthai-data-0.1.29-150400.1.4 added
- libthai-devel-0.1.29-150400.1.4 added
- libthai0-0.1.29-150400.1.4 added
- libtheoradec1-1.1.1-150000.3.3.1 added
- libtheoraenc1-1.1.1-150000.3.3.1 added
- libtidy5-5.4.0-3.2.1 added
- libtiff-devel-4.0.9-150000.45.25.1 added
- libtiff5-32bit-4.0.9-150000.45.25.1 added
- libtiff5-4.0.9-150000.45.25.1 added
- libtirpc-devel-1.2.6-150300.3.17.1 added
- libtirpc-netconfig-1.2.6-150300.3.17.1 added
- libtirpc3-1.2.6-150300.3.17.1 added
- libtirpc3-32bit-1.2.6-150300.3.17.1 added
- libtool-2.4.6-3.4.1 added
- libtpm2_pkcs11-0-1.6.0-150400.1.11 added
- libtpm_unseal1-1.3.9.2-150400.1.9 added
- libtracker-sparql-3_0-0-3.2.1-150400.1.12 added
- libts0-1.13-1.18 added
- libtsan0-11.3.0+git1637-150000.1.11.2 added
- libtsan2-12.2.1+git416-150000.1.7.1 added
- libtsm4-4.0.0-1.30 added
- libtspi1-0.3.15-150400.1.10 added
- libtss2-esys0-3.1.0-150400.3.3.1 added
- libtss2-fapi1-3.1.0-150400.3.3.1 added
- libtss2-mu0-3.1.0-150400.3.3.1 added
- libtss2-rc0-3.1.0-150400.3.3.1 added
- libtss2-sys1-3.1.0-150400.3.3.1 added
- libtss2-tcti-cmd0-3.1.0-150400.3.3.1 added
- libtss2-tcti-device0-3.1.0-150400.3.3.1 added
- libtss2-tcti-mssim0-3.1.0-150400.3.3.1 added
- libtss2-tcti-pcap0-3.1.0-150400.3.3.1 added
- libtss2-tcti-swtpm0-3.1.0-150400.3.3.1 added
- libtss2-tcti-tabrmd0-2.4.0-150400.1.6 added
- libtss2-tctildr0-3.1.0-150400.3.3.1 added
- libturbojpeg0-8.2.2-150400.15.9 added
- libtwolame0-0.3.13-150000.3.2.2 added
- libu2f-host-devel-1.1.10-3.9.1 added
- libu2f-host0-1.1.10-3.9.1 added
- libu2f-server-devel-1.1.0-5.22 added
- libu2f-server0-1.1.0-5.22 added
- libubsan0-7.5.0+r278197-4.30.1 added
- libubsan1-12.2.1+git416-150000.1.7.1 added
- libubsan1-32bit-12.2.1+git416-150000.1.7.1 added
- libucm-devel-1.13.1-150500.2.17 added
- libucm0-1.13.1-150500.2.17 added
- libucp-devel-1.13.1-150500.2.17 added
- libucp0-1.13.1-150500.2.17 added
- libucs-devel-1.13.1-150500.2.17 added
- libucs0-1.13.1-150500.2.17 added
- libuct-devel-1.13.1-150500.2.17 added
- libuct0-1.13.1-150500.2.17 added
- libudev1-249.16-150400.8.25.7 added
- libudev1-32bit-249.16-150400.8.25.7 added
- libudisks2-0-2.9.2-150400.3.3.1 added
- libudisks2-0-devel-2.9.2-150400.3.3.1 added
- libulockmgr1-2.9.7-3.3.1 added
- libunbound2-1.6.8-150100.10.8.1 added
- libunistring-devel-0.9.10-1.1 added
- libunistring2-0.9.10-1.1 added
- libunistring2-32bit-0.9.10-1.1 added
- libunwind-1.5.0-4.5.1 added
- libunwind-devel-1.5.0-4.5.1 added
- libupsclient1-2.7.4-150400.15.2.1 added
- liburcu-devel-0.12.1-1.30 added
- liburcu6-0.12.1-1.30 added
- liburing1-0.6-2.1 added
- liburing2-2.1-150400.2.4 added
- libusb-1_0-0-1.0.24-150400.3.3.1 added
- libusb-1_0-devel-1.0.24-150400.3.3.1 added
- libusbguard1-1.1.2-150400.3.3.1 added
- libusbgx-devel-0.2.0-1.4 added
- libusbgx-tools-0.2.0-1.4 added
- libusbgx1-0.1.0-1.27 added
- libusbgx2-0.2.0-1.4 added
- libusbredirhost1-0.7.1-1.29 added
- libusbredirparser1-0.7.1-1.29 added
- libustr-1_0-1-1.0.4-2.20 added
- libustr-devel-1.0.4-2.20 added
- libutempter0-1.1.6-3.42 added
- libutf8proc2-2.6.1-150400.1.4 added
- libuuid-devel-2.37.4-150500.7.16 added
- libuuid-devel-static-2.37.4-150500.7.16 added
- libuuid1-2.37.4-150500.7.16 added
- libuuid1-32bit-2.37.4-150500.7.16 added
- libuv-devel-1.44.2-150500.1.1 added
- libuv1-1.44.2-150500.1.1 added
- libv4l-1.14.1-150000.3.3.1 added
- libv4l1-0-1.14.1-150000.3.3.1 added
- libv4l2-0-1.14.1-150000.3.3.1 added
- libv4lconvert0-1.14.1-150000.3.3.1 added
- libvdeplug3-2.3.2+svn587-3.23 added
- libvdpau_r300-22.3.5-150500.75.2 added
- libvdpau_r600-22.3.5-150500.75.2 added
- libvdpau_radeonsi-22.3.5-150500.75.2 added
- libvdpau_virtio_gpu-22.3.5-150500.75.2 added
- libverto-devel-0.2.6-3.20 added
- libverto1-0.2.6-3.20 added
- libverto1-32bit-0.2.6-3.20 added
- libvirt-glib-1_0-0-4.0.0-150400.1.10 added
- libvirt-libs-9.0.0-150500.4.3 added
- libvisual-0.4.0-1.34 added
- libvma-9.7.0-150500.1.3 added
- libvma-devel-9.7.0-150500.1.3 added
- libvma9-9.7.0-150500.1.3 added
- libvmtools-devel-12.2.0-150300.26.1 added
- libvmtools0-12.2.0-150300.26.1 added
- libvorbis-devel-1.3.6-150000.4.5.2 added
- libvorbis0-1.3.6-150000.4.5.2 added
- libvorbisenc2-1.3.6-150000.4.5.2 added
- libvorbisfile3-1.3.6-150000.4.5.2 added
- libvpd-2_2-3-2.2.9-150200.5.3.1 added
- libvpd-base-2.2.9-150200.5.3.1 added
- libvpd-devel-2.2.9-150200.5.3.1 added
- libvpx-devel-1.11.0-150400.1.5 added
- libvpx7-1.11.0-150400.1.5 added
- libvte-2_91-0-0.66.2-150400.1.10 added
- libvulkan1-1.2.133-1.26 added
- libvulkan_intel-22.3.5-150500.75.2 added
- libvulkan_lvp-22.3.5-150500.75.2 added
- libvulkan_radeon-22.3.5-150500.75.2 added
- libwacom-data-2.5.0-150500.1.1 added
- libwacom-devel-2.5.0-150500.1.1 added
- libwacom9-2.5.0-150500.1.1 added
- libwavpack1-5.4.0-150000.4.15.1 added
- libwayland-client0-1.21.0-150500.1.1 added
- libwayland-client0-32bit-1.21.0-150500.1.1 added
- libwayland-cursor0-1.21.0-150500.1.1 added
- libwayland-egl1-99~1.21.0-150500.1.1 added
- libwayland-server0-1.21.0-150500.1.1 added
- libwayland-server0-32bit-1.21.0-150500.1.1 added
- libwebkit2gtk-4_0-37-2.38.6-150400.4.39.1 added
- libwebp-devel-1.0.3-3.2.1 added
- libwebp7-1.0.3-3.2.1 added
- libwebpdecoder3-1.0.3-3.2.1 added
- libwebpdemux2-1.0.3-3.2.1 added
- libwebpmux3-1.0.3-3.2.1 added
- libwireshark15-3.6.13-150000.3.89.1 added
- libwiretap12-3.6.13-150000.3.89.1 added
- libwoff2common1_0_2-1.0.2-3.2.1 added
- libwoff2dec1_0_2-1.0.2-3.2.1 added
- libwpe-1_0-1-1.12.0-150400.1.8 added
- libwrap0-32bit-7.6-1.433 added
- libwrap0-7.6-1.433 added
- libwscodecs1-2.4.16-3.31.1 added
- libwsutil13-3.6.13-150000.3.89.1 added
- libwsutil8-2.4.16-3.31.1 added
- libx86emu-devel-3.1-1.23 added
- libx86emu3-3.1-1.23 added
- libxalan-c-devel-1.11-9.27 added
- libxalan-c111-1.11-9.27 added
- libxatracker-devel-1.0.0-150500.75.2 added
- libxatracker2-1.0.0-150500.75.2 added
- libxcb-composite0-1.13-150000.3.9.1 added
- libxcb-damage0-1.13-150000.3.9.1 added
- libxcb-devel-1.13-150000.3.9.1 added
- libxcb-dpms0-1.13-150000.3.9.1 added
- libxcb-dri2-0-1.13-150000.3.9.1 added
- libxcb-dri2-0-32bit-1.13-150000.3.9.1 added
- libxcb-dri3-0-1.13-150000.3.9.1 added
- libxcb-dri3-0-32bit-1.13-150000.3.9.1 added
- libxcb-ewmh2-0.4.1-1.24 added
- libxcb-glx0-1.13-150000.3.9.1 added
- libxcb-glx0-32bit-1.13-150000.3.9.1 added
- libxcb-icccm4-0.4.1-1.24 added
- libxcb-image0-0.4.0-1.23 added
- libxcb-keysyms1-0.4.0-1.23 added
- libxcb-present0-1.13-150000.3.9.1 added
- libxcb-present0-32bit-1.13-150000.3.9.1 added
- libxcb-randr0-1.13-150000.3.9.1 added
- libxcb-randr0-32bit-1.13-150000.3.9.1 added
- libxcb-record0-1.13-150000.3.9.1 added
- libxcb-render-util0-0.3.9-1.23 added
- libxcb-render0-1.13-150000.3.9.1 added
- libxcb-res0-1.13-150000.3.9.1 added
- libxcb-screensaver0-1.13-150000.3.9.1 added
- libxcb-shape0-1.13-150000.3.9.1 added
- libxcb-shm0-1.13-150000.3.9.1 added
- libxcb-shm0-32bit-1.13-150000.3.9.1 added
- libxcb-sync1-1.13-150000.3.9.1 added
- libxcb-sync1-32bit-1.13-150000.3.9.1 added
- libxcb-util1-0.4.0-1.23 added
- libxcb-xf86dri0-1.13-150000.3.9.1 added
- libxcb-xfixes0-1.13-150000.3.9.1 added
- libxcb-xfixes0-32bit-1.13-150000.3.9.1 added
- libxcb-xinerama0-1.13-150000.3.9.1 added
- libxcb-xinput0-1.13-150000.3.9.1 added
- libxcb-xkb1-1.13-150000.3.9.1 added
- libxcb-xtest0-1.13-150000.3.9.1 added
- libxcb-xv0-1.13-150000.3.9.1 added
- libxcb-xvmc0-1.13-150000.3.9.1 added
- libxcb1-1.13-150000.3.9.1 added
- libxcb1-32bit-1.13-150000.3.9.1 added
- libxcrypt-devel-4.4.15-150300.4.4.3 added
- libxcvt-0.1.2-150500.1.2 added
- libxcvt0-0.1.2-150500.1.2 added
- libxerces-c-3_2-3.2.3-1.28 added
- libxerces-c-devel-3.2.3-1.28 added
- libxkbcommon-devel-1.3.0-150400.1.13 added
- libxkbcommon-x11-0-1.3.0-150400.1.13 added
- libxkbcommon-x11-devel-1.3.0-150400.1.13 added
- libxkbcommon0-1.3.0-150400.1.13 added
- libxkbfile-devel-1.0.9-1.26 added
- libxkbfile1-1.0.9-1.26 added
- libxkbui-devel-1.0.2-1.24 added
- libxkbui1-1.0.2-1.24 added
- libxml++-3_0-1-3.2.0-1.25 added
- libxml++-devel-3.2.0-1.25 added
- libxml-security-c-devel-2.0.2-2.3 added
- libxml-security-c20-2.0.2-2.3 added
- libxml2-2-2.10.3-150500.3.1 added
- libxml2-2-32bit-2.10.3-150500.3.1 added
- libxml2-devel-2.10.3-150500.3.1 added
- libxml2-tools-2.10.3-150500.3.1 added
- libxmlrpc3-1.51.07-150400.1.11 added
- libxmlrpc_client3-1.51.07-150400.1.11 added
- libxmlrpc_util4-1.51.07-150400.1.11 added
- libxmlsec1-1-1.2.28-150100.7.13.4 added
- libxmlsec1-gcrypt1-1.2.28-150100.7.13.4 added
- libxmlsec1-gnutls1-1.2.28-150100.7.13.4 added
- libxmlsec1-nss1-1.2.28-150100.7.13.4 added
- libxmlsec1-openssl1-1.2.28-150100.7.13.4 added
- libxshmfence-devel-1.2-1.23 added
- libxshmfence1-1.2-1.23 added
- libxshmfence1-32bit-1.2-1.23 added
- libxslt-devel-1.1.34-150400.3.3.1 added
- libxslt-tools-1.1.34-150400.3.3.1 added
- libxslt1-1.1.34-150400.3.3.1 added
- libxtables-devel-1.8.7-1.1 added
- libxtables12-1.8.7-1.1 added
- libyajl-devel-2.1.0-150000.4.3.1 added
- libyajl2-2.1.0-150000.4.3.1 added
- libyaml-0-2-0.1.7-1.17 added
- libyaml-cpp0_6-0.6.3-150400.4.3.1 added
- libyaml-devel-0.1.7-1.17 added
- libykclient-devel-2.15-1.29 added
- libykclient3-2.15-1.29 added
- libykcs11-1-1.6.2-4.30 added
- libykcs11-devel-1.6.2-4.30 added
- libykpers-1-1-1.19.0-4.19 added
- libykpers-devel-1.19.0-4.19 added
- libykpiv-devel-1.6.2-4.30 added
- libykpiv1-1.6.2-4.30 added
- libyubikey-devel-1.13-1.19 added
- libyubikey-tools-1.13-1.19 added
- libyubikey0-1.13-1.19 added
- libyui-devel-4.5.2-150500.1.1 added
- libyui-ncurses-devel-4.5.2-150500.1.1 added
- libyui-ncurses-pkg-devel-4.5.2-150500.1.1 added
- libyui-ncurses-pkg16-4.5.2-150500.1.1 added
- libyui-ncurses-tools-4.5.2-150500.1.1 added
- libyui-ncurses16-4.5.2-150500.1.1 added
- libyui-qt-devel-4.5.2-150500.1.1 added
- libyui-qt-graph-devel-4.5.2-150500.1.1 added
- libyui-qt-graph16-4.5.2-150500.1.1 added
- libyui-qt16-4.5.2-150500.1.1 added
- libyui16-4.5.2-150500.1.1 added
- libz1-1.2.13-150500.2.3 added
- libz1-32bit-1.2.13-150500.2.3 added
- libzck1-1.1.16-150400.3.2.1 added
- libzio-devel-1.06-2.20 added
- libzio1-1.06-2.20 added
- libzip-devel-1.8.0-150400.1.7 added
- libzip5-1.8.0-150400.1.7 added
- libzmq5-4.2.3-3.15.4 added
- libzstd-devel-1.5.0-150400.3.3.1 added
- libzstd1-1.5.0-150400.3.3.1 added
- libzstd1-32bit-1.5.0-150400.3.3.1 added
- libzypp-17.31.8-150400.3.14.1 added
- libzypp-devel-17.31.8-150400.3.14.1 added
- libzzip-0-13-0.13.69-3.10.1 added
- lifecycle-data-sle-module-basesystem-2-8.4.1 added
- linux-glibc-devel-5.14-150500.10.15 added
- lksctp-tools-1.0.17-150000.3.3.1 added
- lksctp-tools-devel-1.0.17-150000.3.3.1 added
- llvm7-7.0.1-150100.3.22.2 added
- llvm7-LTO-devel-7.0.1-150100.3.22.2 added
- llvm7-devel-7.0.1-150100.3.22.2 added
- llvm7-gold-7.0.1-150100.3.22.2 added
- llvm7-polly-7.0.1-150100.3.22.2 added
- llvm7-polly-devel-7.0.1-150100.3.22.2 added
- lndir-1.0.3-1.23 added
- lockdev-1.0.3_git201003141408-1.97 added
- lockdev-devel-1.0.3_git201003141408-1.97 added
- logrotate-3.18.1-150400.3.7.1 added
- lshw-B.02.19.2+git.20230320-150200.3.15.4 added
- lsof-4.91-1.11 added
- lsscsi-0.28-1.24 added
- lttng-ust-devel-2.12.0-1.30 added
- lua53-5.3.6-3.6.1 added
- lua53-devel-5.3.6-3.6.1 added
- luit-20150706-1.26 added
- lvm2-2.03.16-150500.5.4 added
- lvm2-devel-2.03.16-150500.5.4 added
- lz4-1.9.3-150400.1.7 added
- lzo-devel-2.10-2.22 added
- lzo-devel-static-2.10-2.22 added
- m4-1.4.18-4.3.1 added
- mailx-12.5-3.3.1 added
- make-4.2.1-7.3.2 added
- makedepend-1.0.5-1.25 added
- makedumpfile-1.7.0-150400.4.3.1 added
- man-2.7.6-6.22 added
- mariadb-connector-odbc-3.0.2-3.23 added
- master-boot-code-1.22-1.26 added
- mcelog-189-150500.1.3 added
- mcstrans-3.1-150400.1.6 added
- mdadm-4.2-150500.4.4 added
- mercurial-5.9.1-150400.1.8 added
- mgetty-1.1.37-3.11.2 added
- minicom-2.7.1-1.19 added
- minizip-devel-1.2.13-150500.2.3 added
- mkfontdir-1.0.7-1.20 added
- mkfontscale-1.1.2-1.23 added
- mkisofs-3.02~a09-4.6.1 added
- mksh-56c-1.10 added
- mlocate-0.26-150400.16.3.1 added
- mmdblookup-1.4.3-1.6.1 added
- mokutil-0.5.0-150400.3.3.1 added
- mozilla-nspr-32bit-4.34.1-150000.3.26.1 added
- mozilla-nspr-4.34.1-150000.3.26.1 added
- mozilla-nspr-devel-4.34.1-150000.3.26.1 added
- mozilla-nss-3.79.4-150400.3.29.1 added
- mozilla-nss-32bit-3.79.4-150400.3.29.1 added
- mozilla-nss-certs-3.79.4-150400.3.29.1 added
- mozilla-nss-certs-32bit-3.79.4-150400.3.29.1 added
- mozilla-nss-devel-3.79.4-150400.3.29.1 added
- mozilla-nss-sysinit-3.79.4-150400.3.29.1 added
- mozilla-nss-tools-3.79.4-150400.3.29.1 added
- mpc-devel-1.1.0-1.47 added
- mpfr-devel-4.0.2-3.3.1 added
- mtdev-devel-1.1.5-1.26 added
- mtools-4.0.35-150400.1.11 added
- multipath-tools-0.9.4+71+suse.c648a77-150500.1.2 added
- multipath-tools-devel-0.9.4+71+suse.c648a77-150500.1.2 added
- mutt-1.10.1-150000.3.23.1 added
- myspell-dictionaries-20191219-150000.3.25.1 added
- myspell-lightproof-en-20191219-150000.3.25.1 added
- myspell-lightproof-hu_HU-20191219-150000.3.25.1 added
- myspell-lightproof-pt_BR-20191219-150000.3.25.1 added
- myspell-lightproof-ru_RU-20191219-150000.3.25.1 added
- ncurses-devel-6.1-150000.5.15.1 added
- ncurses-utils-6.1-150000.5.15.1 added
- net-snmp-5.9.3-150300.15.8.1 added
- net-snmp-devel-5.9.3-150300.15.8.1 added
- net-tools-2.0+git20170221.479bb4a-3.11 added
- netcat-openbsd-1.203-150400.1.5 added
- nethogs-0.8.5-1.34 added
- netlabel-tools-0.21-1.25 added
- netpbm-10.80.1-3.11.1 added
- newt-0.52.20-150000.7.2.3 added
- nfs-client-2.1.1-150500.20.2 added
- nfs-doc-2.1.1-150500.20.2 added
- nfs-kernel-server-2.1.1-150500.20.2 added
- nfs4-acl-tools-0.3.3-3.3.1 added
- nfsidmap-0.26-150000.3.7.1 added
- nfsidmap-devel-0.26-150000.3.7.1 added
- nftables-0.9.8-150300.3.3.1 added
- nmap-7.92-150400.1.8 added
- npth-devel-1.5-2.11 added
- nscd-2.31-150300.46.1 added
- nss-mdns-0.14.1-150400.8.6 added
- nss_synth-0.1.0~git0.7c23049-150400.9.5.1 added
- numactl-2.0.14.20.g4ee5e0c-150400.1.24 added
- numad-0.5.20130522-3.2.1 added
- numatop-2.3-150100.3.6.1 added
- nvidia-open-driver-G06-signed-kmp-default-525.116.04_k5.14.21_150500.53-150500.1.3 added
- nvme-cli-2.2.1+3.gd028407-150500.2.4 added
- nvme-stas-2.1.2-150500.1.5 added
- ofl-20170430-1.27 added
- onboard-1.4.1-7.11 added
- oniguruma-devel-6.7.0-150000.3.3.1 added
- opae-1.3.2-150400.8.30 added
- opae-devel-1.3.2-150400.8.30 added
- open-iscsi-2.1.8-150500.44.1 added
- open-iscsi-devel-2.1.8-150500.44.1 added
- open-lldp-1.1+58.8ca361bab766-150500.1.3 added
- open-lldp-devel-1.1+58.8ca361bab766-150500.1.3 added
- open-vm-tools-12.2.0-150300.26.1 added
- open-vm-tools-salt-minion-12.2.0-150300.26.1 added
- open-vm-tools-sdmp-12.2.0-150300.26.1 added
- openblas-common-devel-0.3.21-150500.2.6 added
- openjade-1.3.2-2.19 added
- openjade-devel-1.3.2-2.19 added
- openjpeg2-2.3.0-150000.3.8.1 added
- openjpeg2-devel-2.3.0-150000.3.8.1 added
- openldap2-client-2.4.46-150200.14.11.2 added
- openldap2-devel-2.4.46-150200.14.11.2 added
- openldap2-devel-static-2.4.46-150200.14.11.2 added
- openpgm-devel-5.2.122-150400.15.6 added
- opensc-0.22.0-150400.1.7 added
- openscap-1.3.6-150400.11.3.1 added
- openscap-containers-1.3.6-150400.11.3.1 added
- openscap-content-1.3.6-150400.11.3.1 added
- openscap-devel-1.3.6-150400.11.3.1 added
- openscap-utils-1.3.6-150400.11.3.1 added
- openslp-2.0.0-6.15.1 added
- openslp-32bit-2.0.0-6.15.1 added
- openslp-devel-2.0.0-6.15.1 added
- opensp-1.5.2-1.32 added
- opensp-devel-1.5.2-1.32 added
- openssh-8.4p1-150300.3.18.2 added
- openssh-clients-8.4p1-150300.3.18.2 added
- openssh-common-8.4p1-150300.3.18.2 added
- openssh-fips-8.4p1-150300.3.18.2 added
- openssh-helpers-8.4p1-150300.3.18.2 added
- openssh-server-8.4p1-150300.3.18.2 added
- openssl-1_1-1.1.1l-150500.15.4 added
- openssl-3-3.0.8-150500.3.1 added
- openssl-engine-libp11-0.4.11-150400.1.6 added
- openucx-tools-1.13.1-150500.2.17 added
- openvpn-2.5.6-150400.3.6.1 added
- openvpn-auth-pam-plugin-2.5.6-150400.3.6.1 added
- openvpn-devel-2.5.6-150400.3.6.1 added
- opie-32bit-2.4-1.96 added
- orc-0.4.28-3.3.1 added
- osinfo-db-tools-1.10.0-150500.1.1 added
- p11-kit-0.23.22-150500.6.1 added
- p11-kit-devel-0.23.22-150500.6.1 added
- p11-kit-nss-trust-0.23.22-150500.6.1 added
- p11-kit-server-0.23.22-150500.6.1 added
- p11-kit-tools-0.23.22-150500.6.1 added
- p7zip-16.02-150200.14.9.2 added
- p7zip-full-16.02-150200.14.9.2 added
- pam-1.3.0-150000.6.61.1 added
- pam-32bit-1.3.0-150000.6.61.1 added
- pam-config-1.1-3.3.1 added
- pam-devel-1.3.0-150000.6.61.1 added
- pam-extra-1.3.0-150000.6.61.1 added
- pam-extra-32bit-1.3.0-150000.6.61.1 added
- pam_apparmor-3.0.4-150500.9.3 added
- pam_apparmor-32bit-3.0.4-150500.9.3 added
- pam_krb5-2.4.13-1.36 added
- pam_krb5-32bit-2.4.13-1.36 added
- pam_mount-2.16-7.22 added
- pam_mount-32bit-2.16-7.22 added
- pam_pkcs11-0.6.10-1.17 added
- pam_pkcs11-32bit-0.6.10-1.17 added
- pam_saslauthd-0.1.0~3-150400.9.9.1 added
- pam_snapper-0.8.16-150300.3.3.1 added
- pam_ssh-2.1-2.27 added
- pam_ssh-32bit-2.1-2.27 added
- pam_u2f-1.2.0-150400.2.4 added
- pam_yubico-2.26-1.7 added
- pango-devel-1.50.4-150400.1.5 added
- parted-3.2-19.1 added
- parted-devel-3.2-19.1 added
- patch-2.7.6-150000.5.3.1 added
- patterns-base-32bit-20200124-150400.20.4.1 added
- patterns-base-apparmor-20200124-150400.20.4.1 added
- patterns-base-apparmor-32bit-20200124-150400.20.4.1 added
- patterns-base-base-20200124-150400.20.4.1 added
- patterns-base-base-32bit-20200124-150400.20.4.1 added
- patterns-base-basesystem-20200124-150400.20.4.1 added
- patterns-base-basic_desktop-20200124-150400.20.4.1 added
- patterns-base-bootloader-20200124-150400.20.4.1 added
- patterns-base-documentation-20200124-150400.20.4.1 added
- patterns-base-enhanced_base-20200124-150400.20.4.1 added
- patterns-base-enhanced_base-32bit-20200124-150400.20.4.1 added
- patterns-base-fips-20200124-150400.20.4.1 added
- patterns-base-minimal_base-20200124-150400.20.4.1 added
- patterns-base-minimal_base-32bit-20200124-150400.20.4.1 added
- patterns-base-sw_management-20200124-150400.20.4.1 added
- patterns-base-sw_management-32bit-20200124-150400.20.4.1 added
- patterns-base-x11-20200124-150400.20.4.1 added
- patterns-base-x11-32bit-20200124-150400.20.4.1 added
- patterns-base-x11_enhanced-20200124-150400.20.4.1 added
- patterns-base-x11_enhanced-32bit-20200124-150400.20.4.1 added
- patterns-fonts-fonts-20190130-1.15 added
- patterns-yast-x11_yast-20220411-150400.1.4 added
- patterns-yast-yast2_basis-20220411-150400.1.4 added
- patterns-yast-yast2_desktop-20220411-150400.1.4 added
- patterns-yast-yast2_server-20220411-150400.1.4 added
- pciutils-3.5.6-150300.13.3.1 added
- pciutils-devel-3.5.6-150300.13.3.1 added
- pcre-devel-8.45-150000.20.13.1 added
- pcre-tools-8.45-150000.20.13.1 added
- pcre2-devel-10.39-150400.4.6.1 added
- pcsc-ccid-1.4.36-150400.1.5 added
- pcsc-lite-1.9.4-150400.1.9 added
- pcsc-lite-devel-1.9.4-150400.1.9 added
- pcsc-tools-1.5.8-150400.1.6 added
- perl-5.26.1-150300.17.11.1 added
- perl-Bit-Vector-7.4-1.28 added
- perl-Bootloader-0.939-150400.3.3.1 added
- perl-Cairo-1.109-150400.1.10 added
- perl-Cairo-GObject-1.005-150400.1.5 added
- perl-Config-General-2.63-1.25 added
- perl-Crypt-OpenSSL-RSA-0.28-2.26 added
- perl-Crypt-OpenSSL-Random-0.11-1.24 added
- perl-Crypt-RC4-2.02-1.20 added
- perl-Crypt-SmbHash-0.12-1.24 added
- perl-DBD-SQLite-1.66-150300.3.6.1 added
- perl-DBD-mysql-4.046-3.3.1 added
- perl-DBI-1.642-3.9.1 added
- perl-Date-Simple-3.03-1.28 added
- perl-DateTime-1.45-1.16 added
- perl-Digest-MD4-1.9-1.28 added
- perl-Digest-SHA1-2.13-1.27 added
- perl-Encode-Detect-1.01-4.27 added
- perl-Encode-EUCJPASCII-0.03-1.26 added
- perl-Encode-HanExtra-0.23-2.20 added
- perl-Encode-JIS2K-0.02-1.26 added
- perl-Font-AFM-1.20-1.24 added
- perl-Glib-1.3293-150400.1.12 added
- perl-Glib-Object-Introspection-0.049-150400.1.5 added
- perl-Gtk2-1.24993-150400.2.7 added
- perl-HTML-Parser-3.72-1.26 added
- perl-List-MoreUtils-XS-0.428-1.18 added
- perl-List-SomeUtils-XS-0.56-1.17 added
- perl-Mail-SpamAssassin-3.4.5-12.13.1 added
- perl-Net-DBus-1.1.0-1.30 added
- perl-Net-IP-1.26-1.16 added
- perl-Net-LibIDN-0.12-1.26 added
- perl-Net-SSLeay-1.88-1.44 added
- perl-NetAddr-IP-4.079-1.27 added
- perl-Package-Stash-XS-0.28-1.26 added
- perl-Pango-1.227-150400.1.10 added
- perl-Params-Util-1.07-1.26 added
- perl-Params-Validate-1.29-1.25 added
- perl-Parse-RecDescent-1.967015-1.22 added
- perl-SNMP-5.9.3-150300.15.8.1 added
- perl-Socket6-0.28-1.17 added
- perl-Sort-Key-1.33-1.28 added
- perl-Sub-Identify-0.14-1.26 added
- perl-Sub-Name-0.21-1.26 added
- perl-Sys-Virt-9.0.0-150500.1.1 added
- perl-Term-ReadKey-2.37-1.20 added
- perl-Text-BibTeX-0.88-150400.1.4 added
- perl-Text-BibTeX-devel-0.88-150400.1.4 added
- perl-Tk-804.034-3.3.1 added
- perl-Unicode-Collate-1.31-150400.1.4 added
- perl-Unicode-LineBreak-2019.001-150400.1.4 added
- perl-Unix-Syslog-1.1-4.27 added
- perl-Variable-Magic-0.62-1.19 added
- perl-Win-Hivex-1.3.21-150400.2.10 added
- perl-X11-Protocol-0.56-1.24 added
- perl-X500-DN-0.29-1.22 added
- perl-XML-LibXML-2.0132-150000.3.3.1 added
- perl-XML-LibXSLT-1.95-1.20 added
- perl-XML-Parser-2.44-1.443 added
- perl-XML-SAX-0.99-1.22 added
- perl-autovivification-0.18-1.20 added
- perl-base-32bit-5.26.1-150300.17.11.1 added
- perl-base-5.26.1-150300.17.11.1 added
- perl-core-DB_File-5.26.1-150300.17.11.1 added
- perl-gettext-1.07-1.442 added
- perl-ldap-0.65-1.3.1 added
- perl-libintl-perl-1.29-1.17 added
- perl-pcsc-1.4.14-1.32 added
- perl-rrdtool-1.7.0-6.3.1 added
- permissions-20201225-150400.5.16.1 added
- pesign-0.112-150000.4.15.1 added
- pesign-obs-integration-10.2+git20210804.ff18da1-150400.3.5.1 added
- pigz-2.3.3-1.28 added
- pinentry-1.1.0-4.3.1 added
- pixz-1.0.6-1.13 added
- pkcs11-helper-1.25.1-150100.3.3.1 added
- pkcs11-helper-devel-1.25.1-150100.3.3.1 added
- pkexec-121-150500.1.6 added
- pkg-config-0.29.2-1.436 added
- plymouth-0.9.5~git20210406.e554475-150400.3.8.1 added
- plymouth-devel-0.9.5~git20210406.e554475-150400.3.8.1 added
- plymouth-plugin-label-0.9.5~git20210406.e554475-150400.3.8.1 added
- plymouth-plugin-label-ft-0.9.5~git20210406.e554475-150400.3.8.1 added
- plymouth-plugin-script-0.9.5~git20210406.e554475-150400.3.8.1 added
- policycoreutils-3.1-150400.1.5 added
- policycoreutils-newrole-3.1-150400.1.5 added
- polkit-121-150500.1.6 added
- polkit-devel-121-150500.1.6 added
- polkit-gnome-0.105-150400.14.10 added
- poppler-tools-23.01.0-150500.1.2 added
- popt-devel-1.16-3.22 added
- postfix-3.7.2-150500.1.19 added
- postfix-devel-3.7.2-150500.1.19 added
- postfix-ldap-3.7.2-150500.1.19 added
- postgresql15-15.3-150200.5.9.1 added
- printproto-devel-1.0.5-1.22 added
- procinfo-18-1.30 added
- procmail-3.22-2.34 added
- procps-3.3.15-150000.7.31.1 added
- procps-devel-3.3.15-150000.7.31.1 added
- psmisc-23.0-150000.6.22.1 added
- psqlODBC-13.01.0000-3.9.1 added
- psutils-p17-1.26 added
- pthread-stubs-devel-0.4-1.25 added
- python-smbios-2.4.1-1.14 added
- python3-3.6.15-150300.10.45.1 added
- python3-Cython-0.29.14-102.1 added
- python3-M2Crypto-0.38.0-150400.3.6.1 added
- python3-MarkupSafe-1.0-1.29 added
- python3-PyNaCl-1.4.0-150000.3.6.6 added
- python3-PyYAML-5.4.1-1.1 added
- python3-SQLAlchemy-1.3.22-2.1 added
- python3-apparmor-3.0.4-150500.9.3 added
- python3-audit-3.0.6-150400.4.6.1 added
- python3-base-3.6.15-150300.10.45.1 added
- python3-bcrypt-3.2.0-1.10 added
- python3-blist-1.3.6-1.41 added
- python3-brlapi-6.4-150400.2.9 added
- python3-cairo-1.15.1-150000.3.8.1 added
- python3-ceph-argparse-16.2.11.58+g38d6afd3b78-150400.3.6.1 added
- python3-ceph-common-16.2.11.58+g38d6afd3b78-150400.3.6.1 added
- python3-cephfs-16.2.11.58+g38d6afd3b78-150400.3.6.1 added
- python3-cffi-1.13.2-3.2.5 added
- python3-cryptography-3.3.2-150400.16.6.1 added
- python3-curses-3.6.15-150300.10.45.1 added
- python3-dbm-3.6.15-150300.10.45.1 added
- python3-dbus-python-1.2.16-6.3.1 added
- python3-devel-3.6.15-150300.10.45.1 added
- python3-dmidecode-3.12.2-150400.14.3.1 added
- python3-dulwich-0.20.24-150400.1.4 added
- python3-gevent-1.2.2-3.26 added
- python3-gobject-3.42.2-150400.3.3.2 added
- python3-gobject-Gdk-3.42.2-150400.3.3.2 added
- python3-gobject-cairo-3.42.2-150400.3.3.2 added
- python3-gobject2-2.28.7-150400.12.11 added
- python3-gobject2-devel-2.28.7-150400.12.11 added
- python3-gpgme-0.3-2.38 added
- python3-greenlet-0.4.13-2.25 added
- python3-idle-3.6.15-150300.10.45.1 added
- python3-immutables-0.11-150000.1.3.1 added
- python3-kerberos-1.3.0-1.31 added
- python3-ldap-3.4.0-150400.1.4 added
- python3-ldb-2.6.2-150500.1.1 added
- python3-ldb-devel-2.6.2-150500.1.1 added
- python3-libnvme-1.2+1.g41e1016-150500.2.5 added
- python3-libstoragemgmt-clibs-1.8.5-3.3.1 added
- python3-libvirt-python-9.0.0-150500.1.4 added
- python3-libxml2-2.10.3-150500.3.1 added
- python3-lxml-4.9.1-150500.1.2 added
- python3-lxml-devel-4.9.1-150500.1.2 added
- python3-msgpack-0.5.6-150100.3.3.1 added
- python3-netifaces-0.10.6-1.31 added
- python3-newt-0.52.20-150000.7.2.3 added
- python3-nftables-0.9.8-150300.3.3.1 added
- python3-numpy-1.17.3-150400.23.3.1 added
- python3-numpy-devel-1.17.3-150400.23.3.1 added
- python3-patiencediff-0.2.0-150400.1.6 added
- python3-psutil-5.8.0-150300.3.3.2 added
- python3-psycopg2-2.8.5-5.7.1 added
- python3-pycairo-1.20.1-150400.1.11 added
- python3-pycryptodome-3.9.0-6.1 added
- python3-pycurl-7.43.0.2-4.3.1 added
- python3-pykerberos-1.2.1-3.5.1 added
- python3-pyrsistent-0.14.4-3.2.1 added
- python3-pyscard-1.9.6-1.29 added
- python3-pyzmq-17.1.2-3.3.1 added
- python3-rados-16.2.11.58+g38d6afd3b78-150400.3.6.1 added
- python3-rbd-16.2.11.58+g38d6afd3b78-150400.3.6.1 added
- python3-rgw-16.2.11.58+g38d6afd3b78-150400.3.6.1 added
- python3-rpm-4.14.3-150300.55.1 added
- python3-salt-3005.1-150500.2.13 added
- python3-selinux-3.1-150400.1.5 added
- python3-semanage-3.1-150400.1.4 added
- python3-setools-4.3.0-150400.3.3.1 added
- python3-simplejson-3.17.2-1.10 added
- python3-sip6-devel-6.7.5-150500.1.2 added
- python3-solv-0.7.23-150400.3.3.1 added
- python3-sssd-config-2.5.2-150500.8.3 added
- python3-systemd-234-5.3.5 added
- python3-talloc-2.3.4-150500.1.1 added
- python3-talloc-devel-2.3.4-150500.1.1 added
- python3-tdb-1.4.7-150500.1.1 added
- python3-tevent-0.13.0-150500.1.1 added
- python3-tk-3.6.15-150300.10.45.1 added
- python3-tornado-4.5.3-3.3.1 added
- python3-urwid-2.0.1-1.15 added
- python3-wrapt-1.10.10-2.27 added
- python3-xattr-0.9.7-1.21 added
- python3-xcb-proto-devel-7.6_1.13-1.10 added
- python3-xmlsec-1.3.6-1.45 added
- qatengine-0.6.18-150500.1.1 added
- qatlib-22.07.2-150500.1.1 added
- qatlib-devel-22.07.2-150500.1.1 added
- qatzip-1.1.0-150500.1.2 added
- qatzip-devel-1.1.0-150500.1.2 added
- qemu-tools-7.1.0-150500.47.15 added
- qpdf-10.3.1-1.1 added
- qpdf-devel-10.3.1-1.1 added
- qrencode-devel-4.0.0-1.17 added
- quota-4.05-3.9.1 added
- quota-nfs-4.05-3.9.1 added
- rados-objclass-devel-16.2.11.58+g38d6afd3b78-150400.3.6.1 added
- radvd-2.17-5.5.1 added
- rage-encryption-0.9.0+0-150500.1.21 added
- randrproto-devel-1.6.0-4.17 added
- rbd-nbd-16.2.11.58+g38d6afd3b78-150400.3.6.1 added
- rdma-core-42.0-150500.1.3 added
- rdma-core-devel-42.0-150500.1.3 added
- re2c-1.0.3-1.18 added
- readline-devel-7.0-150400.25.22 added
- realmd-0.16.3-3.6.1 added
- recordproto-devel-1.14.2-1.22 added
- rekor-1.1.1-150400.4.9.1 added
- renderproto-devel-0.11.1-1.22 added
- restorecond-3.1-150400.1.5 added
- rgb-1.0.6-1.22 added
- rhash-devel-1.3.5-1.25 added
- rpcbind-0.2.3-5.9.2 added
- rpcgen-1.4.2-1.46 added
- rpm-32bit-4.14.3-150300.55.1 added
- rpm-4.14.3-150300.55.1 added
- rpm-devel-4.14.3-150300.55.1 added
- rpmemd-1.11.1-150400.1.10 added
- rrdtool-1.7.0-6.3.1 added
- rrdtool-devel-1.7.0-6.3.1 added
- rsocket-42.0-150500.1.3 added
- rsync-3.2.3-150400.3.8.1 added
- rsyslog-8.2106.0-150400.5.11.1 added
- ruby-2.5-1.21 added
- ruby-devel-2.5-1.21 added
- ruby-solv-0.7.23-150400.3.3.1 added
- ruby2.5-2.5.9-150000.4.26.1 added
- ruby2.5-devel-2.5.9-150000.4.26.1 added
- ruby2.5-devel-extra-2.5.9-150000.4.26.1 added
- ruby2.5-rubygem-abstract_method-1.2.1-1.28 added
- ruby2.5-rubygem-builder-3.2.3-1.29 added
- ruby2.5-rubygem-bundler-1.16.1-3.3.1 added
- ruby2.5-rubygem-byebug-9.1.0-1.28 added
- ruby2.5-rubygem-cfa-1.0.2-1.33 added
- ruby2.5-rubygem-cfa_grub2-2.0.0-1.55 added
- ruby2.5-rubygem-cheetah-0.5.2-1.33 added
- ruby2.5-rubygem-fast_gettext-1.6.0-1.18 added
- ruby2.5-rubygem-gem2rpm-0.10.1-3.45 added
- ruby2.5-rubygem-mini_portile2-2.3.0-1.27 added
- ruby2.5-rubygem-nokogiri-1.8.5-150400.14.3.1 added
- ruby2.5-rubygem-ruby-augeas-0.5.0-1.31 added
- ruby2.5-rubygem-ruby-dbus-0.14.0-1.27 added
- ruby2.5-rubygem-simpleidn-0.0.9-1.17 added
- ruby2.5-stdlib-2.5.9-150000.4.26.1 added
- rzsz-0.12.21~rc-150000.3.3.2 added
- salt-3005.1-150500.2.13 added
- salt-doc-3005.1-150500.2.13 added
- salt-minion-3005.1-150500.2.13 added
- samba-4.17.7+git.330.4057cd7a27a-150500.1.2 added
- samba-ceph-4.17.7+git.330.4057cd7a27a-150500.1.2 added
- samba-client-4.17.7+git.330.4057cd7a27a-150500.1.2 added
- samba-client-libs-32bit-4.17.7+git.330.4057cd7a27a-150500.1.2 added
- samba-client-libs-4.17.7+git.330.4057cd7a27a-150500.1.2 added
- samba-devel-4.17.7+git.330.4057cd7a27a-150500.1.2 added
- samba-gpupdate-4.17.7+git.330.4057cd7a27a-150500.1.2 added
- samba-ldb-ldap-4.17.7+git.330.4057cd7a27a-150500.1.2 added
- samba-libs-32bit-4.17.7+git.330.4057cd7a27a-150500.1.2 added
- samba-libs-4.17.7+git.330.4057cd7a27a-150500.1.2 added
- samba-libs-python3-4.17.7+git.330.4057cd7a27a-150500.1.2 added
- samba-python3-4.17.7+git.330.4057cd7a27a-150500.1.2 added
- samba-winbind-4.17.7+git.330.4057cd7a27a-150500.1.2 added
- samba-winbind-libs-32bit-4.17.7+git.330.4057cd7a27a-150500.1.2 added
- samba-winbind-libs-4.17.7+git.330.4057cd7a27a-150500.1.2 added
- sbl-3.5.0.20130317.git7a75bc29-2.46 added
- scap-workbench-1.2.1+git20210604.1fc6def-150400.1.5 added
- screen-4.6.2-5.3.1 added
- scrnsaverproto-devel-1.2.2-1.22 added
- sdparm-1.10-150400.11.5 added
- sed-4.4-11.6 added
- selinux-tools-3.1-150400.1.69 added
- sensors-3.5.0-4.6.1 added
- sessreg-1.1.1-1.23 added
- setools-console-4.3.0-150400.3.3.1 added
- setools-devel-3.3.8-4.7.1 added
- setools-java-3.3.8-4.7.1 added
- setools-libs-3.3.8-4.7.1 added
- setserial-2.17-1.23 added
- setxkbmap-1.3.1-1.24 added
- sg3_utils-1.47+13.75d23ac-150400.3.6.1 added
- shaderc-2019.1-1.26 added
- shaderc-devel-2019.1-1.26 added
- shadow-4.8.1-150400.10.6.1 added
- shared-mime-info-2.2-150500.1.1 added
- sharutils-4.15.2-2.21 added
- shim-15.7-150300.4.16.1 added
- shim-susesigned-15.4-3.10.1 added
- skopeo-0.1.41-150000.4.16.1 added
- sle-module-basesystem-release-15.5-150500.43.2 added
- sle15-desktop-migration-15-1.36 added
- sles-installer-sap-bone-release-15.2-5.3.2 added
- smartmontools-7.2-150300.8.8.1 added
- smbios-utils-bin-2.4.1-1.14 added
- smbios-utils-python-2.4.1-1.14 added
- snapper-0.8.16-150300.3.3.1 added
- snapper-zypp-plugin-0.8.16-150300.3.3.1 added
- snappy-devel-1.1.8-3.3.1 added
- snmp-mibs-5.9.3-150300.15.8.1 added
- socat-1.7.3.2-4.10 added
- socket_wrapper-1.2.3-3.3.3 added
- spamassassin-3.4.5-12.13.1 added
- spax-1.5.3-3.3.1 added
- spectre-meltdown-checker-0.44-3.6.1 added
- speex-devel-1.2-150000.3.5.2 added
- speexdsp-devel-1.2~rc3-2.20 added
- spirv-cross-20200116-1.26 added
- spirv-tools-devel-2020.1~git24-1.26 added
- sqlite3-3.39.3-150000.3.20.1 added
- sqlite3-devel-3.39.3-150000.3.20.1 added
- sqlite3-tcl-3.39.3-150000.3.20.1 added
- squashfs-4.4-1.1 added
- sscep-0.9.0-150400.1.8 added
- ssg-apply-1.0-150000.1.3.1 added
- sssd-2.5.2-150500.8.3 added
- sssd-ad-2.5.2-150500.8.3 added
- sssd-common-2.5.2-150500.8.3 added
- sssd-common-32bit-2.5.2-150500.8.3 added
- sssd-dbus-2.5.2-150500.8.3 added
- sssd-ipa-2.5.2-150500.8.3 added
- sssd-kcm-2.5.2-150500.8.3 added
- sssd-krb5-2.5.2-150500.8.3 added
- sssd-krb5-common-2.5.2-150500.8.3 added
- sssd-ldap-2.5.2-150500.8.3 added
- sssd-proxy-2.5.2-150500.8.3 added
- sssd-tools-2.5.2-150500.8.3 added
- sssd-winbind-idmap-2.5.2-150500.8.3 added
- star-1.5.3-3.3.1 added
- strongswan-5.9.7-150500.3.4 added
- strongswan-hmac-5.9.7-150500.3.4 added
- strongswan-ipsec-5.9.7-150500.3.4 added
- strongswan-libs0-5.9.7-150500.3.4 added
- subversion-1.14.1-150400.3.8 added
- subversion-devel-1.14.1-150400.3.8 added
- sudo-1.9.12p1-150500.5.1 added
- sudo-devel-1.9.12p1-150500.5.1 added
- sudo-plugin-python-1.9.12p1-150500.5.1 added
- suse-module-tools-15.5.1-150500.1.2 added
- suseconnect-ng-1.1.0~git0.e3c41e60892e-150500.1.3 added
- suseconnect-ruby-bindings-1.1.0~git0.e3c41e60892e-150500.1.3 added
- sysconfig-0.85.9-150200.12.1 added
- sysconfig-netconfig-0.85.9-150200.12.1 added
- sysfsutils-2.1.0-3.3.1 added
- sysfsutils-32bit-2.1.0-3.3.1 added
- sysfsutils-devel-2.1.0-3.3.1 added
- syslinux-4.04-15.1 added
- sysstat-12.0.2-3.33.1 added
- system-group-audit-3.0.6-150400.4.6.1 added
- system-role-text-mode-15.5.0-150500.1.1 added
- systemd-249.16-150400.8.25.7 added
- systemd-32bit-249.16-150400.8.25.7 added
- systemd-container-249.16-150400.8.25.7 added
- systemd-coredump-249.16-150400.8.25.7 added
- systemd-devel-249.16-150400.8.25.7 added
- systemd-doc-249.16-150400.8.25.7 added
- systemd-sysvinit-249.16-150400.8.25.7 added
- sysvinit-tools-2.99-1.1 added
- tack-6.1-150000.5.15.1 added
- talloc-man-2.3.4-150500.1.1 added
- tar-1.34-150000.3.31.1 added
- tar-rmt-1.34-150000.3.31.1 added
- target-isns-0.6.8-1.13 added
- tboot-20170711_1.10.2-150400.1.7 added
- tcl-32bit-8.6.12-150300.14.9.1 added
- tcl-8.6.12-150300.14.9.1 added
- tcl-devel-8.6.12-150300.14.9.1 added
- tcpd-7.6-1.433 added
- tcpd-devel-7.6-1.433 added
- tcpdump-4.99.1-150400.1.8 added
- tcsh-6.20.00-4.15.1 added
- tdb-tools-1.4.7-150500.1.1 added
- telnet-1.2-150000.3.6.1 added
- termcap-2.0.8-150400.1037.4 added
- terminfo-6.1-150000.5.15.1 added
- terminfo-base-6.1-150000.5.15.1 added
- terminfo-iterm-6.1-150000.5.15.1 added
- terminfo-screen-6.1-150000.5.15.1 added
- tevent-man-0.13.0-150500.1.1 added
- tftp-5.2-5.3.1 added
- tgt-1.0.85-150400.3.3.1 added
- thin-provisioning-tools-0.7.5-3.3.1 added
- tigervnc-1.12.0-150500.2.6 added
- time-1.9-1.15 added
- timezone-2023c-150000.75.23.1 added
- tk-32bit-8.6.12-150300.10.3.1 added
- tk-8.6.12-150300.10.3.1 added
- tpm-quote-tools-1.0.4-1.27 added
- tpm-tools-1.3.9.2-150400.1.9 added
- tpm-tools-devel-1.3.9.2-150400.1.9 added
- tpm-tools-pkcs11-1.3.9.2-150400.1.9 added
- tpm2-0-tss-3.1.0-150400.3.3.1 added
- tpm2-0-tss-devel-3.1.0-150400.3.3.1 added
- tpm2-pkcs11-1.6.0-150400.1.11 added
- tpm2-pkcs11-devel-1.6.0-150400.1.11 added
- tpm2-tss-engine-1.1.0-150400.1.6 added
- tpm2-tss-engine-devel-1.1.0-150400.1.6 added
- tpm2.0-abrmd-2.4.0-150400.1.6 added
- tpm2.0-abrmd-devel-2.4.0-150400.1.6 added
- tpm2.0-tools-5.2-150400.4.6 added
- traceroute-2.0.21-1.29 added
- trapproto-devel-3.4.3-2.21 added
- trousers-0.3.15-150400.1.10 added
- trousers-devel-0.3.15-150400.1.10 added
- tslib-1.13-1.18 added
- tslib-devel-1.13-1.18 added
- tslib-plugins-1.13-1.18 added
- typelib-1_0-AppIndicator3-0_1-12.10.1+bzr20170215-150200.3.3.1 added
- typelib-1_0-Atk-1_0-2.36.0-150400.2.9 added
- typelib-1_0-Atspi-2_0-2.42.0-150400.2.7 added
- typelib-1_0-Avahi-0_6-0.8-150400.7.3.1 added
- typelib-1_0-GUdev-1_0-237-150400.1.6 added
- typelib-1_0-GdkPixbuf-2_0-2.42.9-150400.5.6.1 added
- typelib-1_0-GdkPixdata-2_0-2.42.9-150400.5.6.1 added
- typelib-1_0-Graphene-1_0-1.10.6-150400.1.10 added
- typelib-1_0-Gst-1_0-1.22.0-150500.1.1 added
- typelib-1_0-GstAllocators-1_0-1.22.0-150500.1.2 added
- typelib-1_0-GstApp-1_0-1.22.0-150500.1.2 added
- typelib-1_0-GstAudio-1_0-1.22.0-150500.1.2 added
- typelib-1_0-GstGL-1_0-1.22.0-150500.1.2 added
- typelib-1_0-GstGLEGL-1_0-1.22.0-150500.1.2 added
- typelib-1_0-GstGLWayland-1_0-1.22.0-150500.1.2 added
- typelib-1_0-GstGLX11-1_0-1.22.0-150500.1.2 added
- typelib-1_0-GstPbutils-1_0-1.22.0-150500.1.2 added
- typelib-1_0-GstRtp-1_0-1.22.0-150500.1.2 added
- typelib-1_0-GstRtsp-1_0-1.22.0-150500.1.2 added
- typelib-1_0-GstSdp-1_0-1.22.0-150500.1.2 added
- typelib-1_0-GstTag-1_0-1.22.0-150500.1.2 added
- typelib-1_0-GstVideo-1_0-1.22.0-150500.1.2 added
- typelib-1_0-Gtk-2_0-2.24.33-150400.2.11 added
- typelib-1_0-Gtk-3_0-3.24.34-150400.3.3.1 added
- typelib-1_0-Gtk-4_0-4.6.0-150400.3.3.1 added
- typelib-1_0-GtkSource-3_0-3.24.11-150400.10.11 added
- typelib-1_0-GtkSource-4-4.4.0-2.45 added
- typelib-1_0-HarfBuzz-0_0-3.4.0-150400.3.6.1 added
- typelib-1_0-JavaScriptCore-4_0-2.38.6-150400.4.39.1 added
- typelib-1_0-Json-1_0-1.6.6-150400.1.11 added
- typelib-1_0-NM-1_0-1.38.6-150500.1.2 added
- typelib-1_0-Pango-1_0-1.50.4-150400.1.5 added
- typelib-1_0-Polkit-1_0-121-150500.1.6 added
- typelib-1_0-Poppler-0_18-23.01.0-150500.1.2 added
- typelib-1_0-Secret-1-0.20.5-150400.4.3.1 added
- typelib-1_0-Soup-2_4-2.74.2-150400.1.6 added
- typelib-1_0-Soup-3_0-3.0.4-150400.1.6 added
- typelib-1_0-UDisks-2_0-2.9.2-150400.3.3.1 added
- typelib-1_0-Vte-2.91-0.66.2-150400.1.10 added
- typelib-1_0-WebKit2-4_0-2.38.6-150400.4.39.1 added
- typelib-1_0-WebKit2WebExtension-4_0-2.38.6-150400.4.39.1 added
- typelib-1_0-libdazzle-1_0-3.42.0-150400.1.12 added
- u-boot-tools-2021.10-150400.4.11.1 added
- ucode-intel-20230214-150200.21.1 added
- udev-249.16-150400.8.25.7 added
- udftools-1.3-1.21 added
- udisks2-2.9.2-150400.3.3.1 added
- umoci-0.4.7-3.12.1 added
- unar-1.10.7-1.13 added
- unbound-anchor-1.6.8-150100.10.8.1 added
- unbound-devel-1.6.8-150100.10.8.1 added
- unixODBC-2.3.9-150400.14.5 added
- unixODBC-devel-2.3.9-150400.14.5 added
- unzip-6.00-150000.4.11.1 added
- update-alternatives-1.19.0.4-150000.4.4.1 added
- usbguard-1.1.2-150400.3.3.1 added
- usbguard-devel-1.1.2-150400.3.3.1 added
- usbguard-tools-1.1.2-150400.3.3.1 added
- usbutils-014-3.3.1 added
- utempter-devel-1.1.6-3.42 added
- utf8proc-devel-2.6.1-150400.1.4 added
- util-linux-2.37.4-150500.7.16 added
- util-linux-systemd-2.37.4-150500.7.2 added
- videoproto-devel-2.3.3-1.22 added
- vim-9.0.1443-150500.18.1 added
- vim-small-9.0.1443-150500.18.1 added
- virt-viewer-11.0-150400.1.8 added
- vulkan-1.0.65.0-150000.5.3.1 added
- vulkan-devel-1.2.133-1.26 added
- vulkan-tools-1.2.133-1.26 added
- vulkan-validationlayers-1.2.133-1.26 added
- w3m-0.5.3+git20180125-150000.3.3.1 added
- wayland-devel-1.21.0-150500.1.1 added
- webkit2gtk-4_0-injected-bundles-2.38.6-150400.4.39.1 added
- webkit2gtk3-soup2-devel-2.38.6-150400.4.39.1 added
- wget-1.20.3-150000.3.15.1 added
- which-2.21-2.20 added
- whois-5.5.10-150400.1.7 added
- wicked-0.6.72-150500.1.2 added
- wicked-nbft-0.6.72-150500.1.2 added
- wicked-service-0.6.72-150500.1.2 added
- wireguard-tools-1.0.20200827-5.9.1 added
- wireless-tools-30.pre9-150400.13.6 added
- wireshark-3.6.13-150000.3.89.1 added
- wol-0.7.1-2.5 added
- wpa_supplicant-2.10-150500.1.3 added
- x3270-3.6-6.1 added
- xalan-c-1.11-9.27 added
- xauth-1.0.10-1.24 added
- xcb-proto-devel-7.6_1.13-1.10 added
- xcb-util-devel-0.4.0-1.23 added
- xcb-util-image-devel-0.4.0-1.23 added
- xcb-util-keysyms-devel-0.4.0-1.23 added
- xcb-util-renderutil-devel-0.3.9-1.23 added
- xcb-util-wm-devel-0.4.1-1.24 added
- xconsole-1.0.7-1.24 added
- xdelta3-3.1.0-1.15 added
- xdg-dbus-proxy-0.1.4-150500.1.1 added
- xdm-1.1.11-150400.23.6 added
- xdmbgrd-0.6-1.34 added
- xdpyinfo-1.3.2-1.24 added
- xen-libs-4.17.0_06-150500.1.10 added
- xen-tools-domU-4.17.0_06-150500.1.10 added
- xextproto-devel-7.3.0-1.22 added
- xf86-input-evdev-2.10.6-150500.15.2 added
- xf86-input-evdev-devel-2.10.6-150500.15.2 added
- xf86-input-libinput-1.2.1-150500.1.2 added
- xf86-input-libinput-devel-1.2.1-150500.1.2 added
- xf86-video-amdgpu-22.0.0-150500.2.1 added
- xf86-video-ati-19.1.0-150500.1.3 added
- xf86-video-dummy-0.3.8-150500.14.1 added
- xf86-video-fbdev-0.5.0-150500.15.1 added
- xf86-video-intel-2.99.917.916_g31486f40-150500.1.2 added
- xf86-video-qxl-0.1.5-150500.14.2 added
- xf86-video-vesa-2.6.0-150500.1.1 added
- xf86-video-vmware-13.3.0+12-150500.1.2 added
- xf86dgaproto-devel-2.1-1.22 added
- xf86miscproto-devel-0.9.3-1.22 added
- xf86vidmodeproto-devel-2.3.1-1.22 added
- xfsdump-3.1.6-1.30 added
- xfsprogs-5.13.0-150400.3.3.1 added
- xfsprogs-devel-5.13.0-150400.3.3.1 added
- xhost-1.0.7-1.29 added
- xineramaproto-devel-1.2.1-2.22 added
- xinit-1.4.0-6.17 added
- xkbcomp-1.4.1-1.9 added
- xkbcomp-devel-1.4.1-1.9 added
- xli-1.17+git20170726.0bb4fb4-1.26 added
- xmessage-1.0.4-1.25 added
- xmlsec1-1.2.28-150100.7.13.4 added
- xmlsec1-devel-1.2.28-150100.7.13.4 added
- xmlsec1-gcrypt-devel-1.2.28-150100.7.13.4 added
- xmlsec1-gnutls-devel-1.2.28-150100.7.13.4 added
- xmlsec1-nss-devel-1.2.28-150100.7.13.4 added
- xmlsec1-openssl-devel-1.2.28-150100.7.13.4 added
- xmodmap-1.0.9-1.24 added
- xorg-x11-Xvnc-1.12.0-150500.2.6 added
- xorg-x11-Xvnc-module-1.12.0-150500.2.6 added
- xorg-x11-driver-video-7.6_1-9.10 added
- xorg-x11-server-21.1.4-150500.5.1 added
- xorg-x11-server-Xvfb-21.1.4-150500.5.1 added
- xorg-x11-server-extra-21.1.4-150500.5.1 added
- xorriso-1.4.6-1.29 added
- xprop-1.2.2-1.24 added
- xproto-devel-7.0.31-1.22 added
- xrandr-1.5.0-2.19 added
- xrdb-1.1.0-3.4.1 added
- xrdp-0.9.13.1-150200.4.18.1 added
- xrdp-devel-0.9.13.1-150200.4.18.1 added
- xrefresh-1.0.5-1.23 added
- xscreensaver-6.03-150400.3.3.1 added
- xscreensaver-data-6.03-150400.3.3.1 added
- xset-1.2.3-2.17 added
- xsetroot-1.1.1-1.24 added
- xtables-plugins-1.8.7-1.1 added
- xterm-330-150200.11.9.1 added
- xterm-bin-330-150200.11.9.1 added
- xtermset-0.5.2-1.27 added
- xz-5.2.3-150000.4.7.1 added
- xz-devel-5.2.3-150000.4.7.1 added
- xz-static-devel-5.2.3-150000.4.7.1 added
- yast2-4.5.25-150500.1.1 added
- yast2-bootloader-4.5.9-150500.1.1 added
- yast2-control-center-4.5.0-150500.1.5 added
- yast2-control-center-qt-4.5.0-150500.1.5 added
- yast2-core-4.5.4-150500.1.3 added
- yast2-core-devel-4.5.4-150500.1.3 added
- yast2-country-4.5.5-150500.1.1 added
- yast2-country-data-4.5.5-150500.1.1 added
- yast2-hardware-detection-4.5.1-150500.1.2 added
- yast2-kdump-4.5.7-150500.1.1 added
- yast2-ldap-4.5.0-150500.1.3 added
- yast2-logs-4.5.25-150500.1.1 added
- yast2-nis-client-4.5.0-150500.1.2 added
- yast2-packager-4.5.16-150500.1.1 added
- yast2-perl-bindings-4.5.1-150500.1.2 added
- yast2-pkg-bindings-4.5.2-150500.1.1 added
- yast2-printer-4.5.2-150500.1.2 added
- yast2-python3-bindings-4.5.2-150500.1.1 added
- yast2-ruby-bindings-4.5.4-150500.1.2 added
- yast2-schema-default-4.5.9-150500.1.1 added
- yast2-slp-4.5.0-150500.1.2 added
- yast2-snapper-4.5.1-150500.1.1 added
- yast2-sound-4.5.0-150500.1.5 added
- yast2-squid-4.5.0-150500.1.2 added
- yast2-storage-ng-4.5.22-150500.1.1 added
- yast2-transfer-4.5.1-150500.1.1 added
- yast2-tune-4.5.1-150500.1.1 added
- yast2-update-4.5.3-150500.1.1 added
- yast2-users-4.5.4-150500.1.1 added
- yast2-vm-4.5.0-150500.1.1 added
- yast2-x11-4.5.1-150500.1.2 added
- yast2-xml-4.5.0-150500.1.2 added
- yast2-ycp-ui-bindings-4.5.0-150500.1.4 added
- yast2-ycp-ui-bindings-devel-4.5.0-150500.1.4 added
- ykclient-2.15-1.29 added
- ykpers-1.19.0-4.19 added
- yp-tools-4.2.2-3.16 added
- ypbind-2.6-7.6.1 added
- yubico-piv-tool-1.6.2-4.30 added
- zchunk-1.1.16-150400.3.2.1 added
- zeromq-devel-4.2.3-3.15.4 added
- zip-3.0-2.22 added
- zisofs-tools-1.0.8-1.27 added
- zlib-devel-1.2.13-150500.2.3 added
- zlib-devel-static-1.2.13-150500.2.3 added
- zram-generator-1.1.1~git5.8612dbb-150400.1.9 added
- zsh-5.6-7.5.1 added
- zstd-1.5.0-150400.3.3.1 added
- zypper-1.14.59-150400.3.12.2 added
- zziplib-devel-0.13.69-3.10.1 added
- docker-bash-completion-20.10.23_ce-150000.175.1 added
- helm-bash-completion-3.11.2-150000.1.21.1 added
- helm-zsh-completion-3.11.2-150000.1.21.1 added
- obs-service-docker_label_helper-0.0-5.6.1 added
- podman-cni-config-4.4.4-150500.1.4 added
- podman-docker-4.4.4-150500.1.4 added
- python3-arrow-0.15.5-1.1 added
- python3-geomet-0.2.1-1.31 added
- python3-kubernetes-8.0.1-150100.3.7.1 added
- aardvark-dns-1.5.0-150500.1.2 added
- bmake-20200606-150400.1.4 added
- buildah-1.29.1-150500.1.13 added
- catatonit-0.1.7-150500.1.3 added
- cni-1.1.2-150500.1.20 added
- cni-plugins-1.1.1-150500.1.19 added
- conmon-2.1.5-150500.7.1 added
- container-diff-0.15.0-1.4.2 added
- container-suseconnect-2.4.0-150000.4.28.1 added
- containerd-1.6.19-150000.87.1 added
- containerd-ctr-1.6.19-150000.87.1 added
- containerd-devel-1.6.19-150000.87.1 added
- containerized-data-importer-manifests-1.55.0-150500.4.4 added
- distribution-registry-2.8.1-150400.9.18.1 added
- docker-20.10.23_ce-150000.175.1 added
- docker-libnetwork-0.7.0.1+gitr2908_55e924b8a842-4.31.1 added
- docker-runc-1.0.0rc10+gitr3981_dc9208a3303f-6.45.3 added
- fuse-overlayfs-1.1.2-3.9.1 added
- helm-3.11.2-150000.1.21.1 added
- helm-mirror-0.3.1-150000.1.13.1 added
- kubernetes1.23-client-1.23.17-150500.1.3 added
- kubernetes1.23-client-common-1.23.17-150500.1.3 added
- kubernetes1.24-client-1.24.13-150500.1.3 added
- kubernetes1.24-client-common-1.24.13-150500.1.3 added
- kubevirt-manifests-0.58.0-150500.6.3 added
- kubevirt-virtctl-0.58.0-150500.6.3 added
- libnvidia-container-devel-1.11.0-150200.5.6.1 added
- libnvidia-container-static-1.11.0-150200.5.6.1 added
- libnvidia-container-tools-1.11.0-150200.5.6.1 added
- libnvidia-container1-1.11.0-150200.5.6.1 added
- netavark-1.5.0-150500.1.4 added
- nvidia-container-runtime-3.5.0-5.3.1 added
- nvidia-container-toolkit-1.11.0-150200.5.6.1 added
- podman-4.4.4-150500.1.4 added
- podman-remote-4.4.4-150500.1.4 added
- python3-cassandra-driver-3.23.0-2.1 added
- python3-seccomp-2.5.3-150400.2.4 added
- runc-1.1.5-150000.41.1 added
- sle-module-containers-release-15.5-150500.43.2 added
- slirp4netns-1.2.0-150500.1.1 added
- zypper-docker-2.0.0-3.5.1 added
- NetworkManager-branding-SLE-42.1-150500.12.2 added
- PackageKit-branding-SLE-12.0-150400.13.9 added
- PackageKit-lang-1.2.4-150400.3.6.1 added
- accountsservice-lang-0.6.55-150400.12.8 added
- alacarte-3.42.0-150400.1.5 added
- alacarte-lang-3.42.0-150400.1.5 added
- appstream-glib-lang-0.7.18+30-150400.1.6 added
- brasero-lang-3.12.3-150400.1.19 added
- brltty-lang-6.4-150400.2.9 added
- caribou-lang-0.4.21-150400.19.6 added
- clutter-gtk-lang-1.8.4-150400.13.9 added
- clutter-lang-1.26.4-150400.2.7 added
- cogl-lang-1.22.8-150400.2.8 added
- cups-pk-helper-lang-0.2.6-150400.12.12 added
- dasher-lang-4.11-150400.13.9 added
- dconf-editor-lang-3.38.3-150400.1.14 added
- ddskk-20150816-1.50 added
- desktop-translations-84.87.20230128.350400f-150500.1.1 added
- devilspie2-lang-0.43-1.39 added
- emacs-apel-10.8-150000.3.3.1 added
- eog-lang-41.2-150400.3.3.2 added
- evince-lang-41.4-150400.3.3.3 added
- file-roller-lang-3.40.0-150400.3.13 added
- firewall-applet-0.9.3-150400.8.9.1 added
- firewall-config-0.9.3-150400.8.9.1 added
- flatpak-zsh-completion-1.14.4-150500.1.3 added
- fontawesome-fonts-5.15.4-150400.1.4 added
- fwupd-bash-completion-1.8.6-150500.2.2 added
- fwupd-lang-1.8.6-150500.2.2 added
- gcab-lang-1.1-1.15 added
- gconf-editor-lang-3.0.1-1.52 added
- gcr-lang-3.41.1-150400.3.3.1 added
- gdm-branding-SLE-15-150400.38.3.1 added
- gdm-lang-41.3-150400.4.6.1 added
- gdm-schema-41.3-150400.4.6.1 added
- gdm-systemd-41.3-150400.4.6.1 added
- gdmflexiserver-41.3-150400.4.6.1 added
- gedit-lang-40.1-150400.4.3.1 added
- gnome-bluetooth-lang-3.34.5-150400.12.9 added
- gnome-calculator-lang-41.1-150400.1.9 added
- gnome-characters-lang-41.0-150400.1.11 added
- gnome-control-center-lang-41.4-150500.1.3 added
- gnome-desktop-lang-41.8-150400.3.3.1 added
- gnome-icon-theme-3.12.0-150400.12.5 added
- gnome-keyring-lang-40.0-150400.2.13 added
- gnome-menus-branding-SLE-15-150400.10.6 added
- gnome-menus-lang-3.36.0-150400.2.9 added
- gnome-packagekit-lang-3.32.0-150400.12.3.1 added
- gnome-power-manager-lang-3.32.0+58-150400.1.14 added
- gnome-screenshot-lang-41.0-150400.1.8 added
- gnome-session-lang-41.3-150400.3.3.1 added
- gnome-settings-daemon-lang-41.0-150500.2.1 added
- gnome-shell-classic-41.2-150400.2.7 added
- gnome-shell-extension-desktop-icons-20.10.0-150400.4.5.1 added
- gnome-shell-extension-onboard-1.4.1-7.11 added
- gnome-shell-extension-user-theme-41.2-150400.2.7 added
- gnome-shell-extensions-common-41.2-150400.2.7 added
- gnome-shell-extensions-common-lang-41.2-150400.2.7 added
- gnome-shell-lang-41.9-150400.3.8.1 added
- gnome-software-lang-41.5-150400.3.3.2 added
- gnome-system-monitor-lang-41.0-150400.1.11 added
- gnome-terminal-lang-3.42.3-150400.3.3.1 added
- gnome-themes-3.0.0-150400.13.10 added
- gnome-themes-accessibility-3.22.3-4.3.1 added
- gnome-themes-accessibility-gtk2-3.22.3-4.3.1 added
- gnome-themes-lang-3.0.0-150400.13.10 added
- gnome-tweaks-40.0-150400.2.8 added
- gnome-tweaks-lang-40.0-150400.2.8 added
- gnome-user-docs-41.5-150400.3.3.1 added
- gnome-user-docs-lang-41.5-150400.3.3.1 added
- gnome-vfs2-lang-2.24.4-150400.14.7 added
- gspell-lang-1.10.0-150400.3.3.1 added
- gstreamer-plugins-bad-lang-1.22.0-150500.1.3 added
- gtk2-data-2.24.33-150400.2.11 added
- gtk2-theme-clearlooks-2.20.2-150400.13.8 added
- gtk2-theme-crux-2.20.2-150400.13.8 added
- gtk2-theme-industrial-2.20.2-150400.13.8 added
- gtk2-theme-mist-2.20.2-150400.13.8 added
- gtk2-theme-redmond95-2.20.2-150400.13.8 added
- gtk2-theme-thinice-2.20.2-150400.13.8 added
- gtksourceview-lang-3.24.11-150400.10.11 added
- gtkspell3-lang-3.0.10-150400.9.11 added
- gvfs-lang-1.48.2-150400.4.6.1 added
- ibus-cangjie-2.4-1.52 added
- ibus-dict-emoji-1.5.25-150400.1.13 added
- ibus-lang-1.5.25-150400.1.13 added
- ibus-table-chinese-array-1.8.3-150400.1.6 added
- ibus-table-chinese-cangjie-1.8.3-150400.1.6 added
- ibus-table-chinese-cantonese-1.8.3-150400.1.6 added
- ibus-table-chinese-easy-1.8.3-150400.1.6 added
- ibus-table-chinese-erbi-1.8.3-150400.1.6 added
- ibus-table-chinese-jyutping-1.8.3-150400.1.6 added
- ibus-table-chinese-quick-1.8.3-150400.1.6 added
- ibus-table-chinese-scj-1.8.3-150400.1.6 added
- ibus-table-chinese-stroke5-1.8.3-150400.1.6 added
- ibus-table-chinese-wu-1.8.3-150400.1.6 added
- ibus-table-chinese-wubi-haifeng-1.8.3-150400.1.6 added
- ibus-table-chinese-wubi-jidian-1.8.3-150400.1.6 added
- ibus-table-chinese-yong-1.8.3-150400.1.6 added
- ibus-table-cns11643-1.3.12-150400.1.6 added
- ibus-table-compose-1.3.12-150400.1.6 added
- ibus-table-emoji-1.3.12-150400.1.6 added
- ibus-table-extraphrase-1.3.9.20110826-150400.12.6 added
- ibus-table-extraphrase-devel-1.3.9.20110826-150400.12.6 added
- ibus-table-hu-old-hungarian-rovas-1.3.12-150400.1.6 added
- ibus-table-latex-1.3.12-150400.1.6 added
- ibus-table-mathwriter-1.3.12-150400.1.6 added
- ibus-table-others-1.3.12-150400.1.6 added
- ibus-table-rusle-1.3.12-150400.1.6 added
- ibus-table-rustrad-1.3.12-150400.1.6 added
- ibus-table-thai-1.3.12-150400.1.6 added
- ibus-table-translit-1.3.12-150400.1.6 added
- ibus-table-translit-ua-1.3.12-150400.1.6 added
- ibus-table-yawerty-1.3.12-150400.1.6 added
- libadwaita-lang-1.1.0-150400.1.7 added
- libbonobo-lang-2.32.1-1.37 added
- libbonoboui-lang-2.24.5-1.57 added
- libgnome-keyring-lang-3.12.0-150400.16.9 added
- libgnome-lang-2.32.2+20170910.8487c2b4-1.36 added
- libgnomecanvas-lang-2.30.3-150400.13.8 added
- libgnomekbd-lang-3.26.1-150400.11.15 added
- libgnomesu-lang-2.0.7-150400.1.9 added
- libgnomeui-lang-2.24.6+20170807.30334c28-2.36 added
- libgphoto2-6-lang-2.5.27-3.4.1 added
- liblouis-data-3.20.0-150400.3.13.1 added
- libpeas-lang-1.32.0-150400.4.3.2 added
- libqt5-qt3d-private-headers-devel-5.15.8+kde0-150500.1.4 added
- libqt5-qtconnectivity-private-headers-devel-5.15.8+kde8-150500.1.3 added
- libqt5-qtdeclarative-private-headers-devel-5.15.8+kde22-150500.1.2 added
- libqt5-qtlocation-private-headers-devel-5.15.8+kde4-150500.1.2 added
- libqt5-qtmultimedia-private-headers-devel-5.15.8+kde3-150500.1.2 added
- libqt5-qtscript-private-headers-devel-5.15.12-150500.1.4 added
- libqt5-qtsensors-private-headers-devel-5.15.8+kde0-150500.1.4 added
- libqt5-qtserialport-private-headers-devel-5.15.8+kde0-150500.1.4 added
- libqt5-qtsvg-private-headers-devel-5.15.8+kde8-150500.1.4 added
- libqt5-qttools-private-headers-devel-5.15.8+kde1-150500.1.4 added
- libqt5-qtwayland-private-headers-devel-5.15.8+kde63-150500.1.3 added
- libqt5-qtwebchannel-private-headers-devel-5.15.8+kde3-150500.1.2 added
- libqt5-qtwebsockets-private-headers-devel-5.15.8+kde3-150500.1.4 added
- libqt5-qtxmlpatterns-private-headers-devel-5.15.8+kde0-150500.1.4 added
- libwnck-lang-40.0-150400.2.12 added
- libzypp-plugin-appdata-1.0.1+git.20230117-150500.1.2 added
- m17n-db-1.7.0-1.24 added
- m17n-db-lang-1.7.0-1.24 added
- mobile-broadband-provider-info-20210805-150400.1.5 added
- mousetweaks-lang-3.32.0-150400.8.12 added
- mutter-lang-41.9-150500.1.2 added
- nautilus-lang-41.5-150400.3.6.1 added
- nautilus-share-lang-0.7.3-150500.15.1 added
- orca-41.3-150400.3.3.1 added
- orca-lang-41.3-150400.3.3.1 added
- pavucontrol-lang-5.0-150400.1.8 added
- pipewire-lang-0.3.64-150500.1.2 added
- pulseaudio-lang-15.0-150400.2.10 added
- python3-bottle-0.12.13-150000.3.6.1 added
- python3-cmdln-2.0.0-1.15 added
- python3-cupshelpers-1.5.15-150400.2.7 added
- python3-pyxdg-0.26-1.21 added
- pyzy-db-android-1.0git20120805-3.5.5 added
- pyzy-db-open-phrase-1.0git20120805-3.5.5 added
- skkdic-20150816-1.50 added
- skkdic-extra-20150816-1.50 added
- sof-firmware-2.2.4-150500.1.1 added
- sound-theme-freedesktop-0.8-150400.12.7 added
- system-config-printer-common-1.5.15-150400.2.7 added
- system-config-printer-common-lang-1.5.15-150400.2.7 added
- system-config-printer-dbus-service-1.5.15-150400.2.7 added
- system-user-flatpak-1.14.4-150500.1.3 added
- system-user-mktex-1.0.0-150400.1.4 added
- system-user-pulse-15.0-150400.2.10 added
- texlive-12many-2021.189.0.0.3svn15878-150400.18.1 added
- texlive-2up-2021.189.1.3asvn55076-150400.18.1 added
- texlive-Asana-Math-2021.189.0.000.958svn50999-150400.18.1 added
- texlive-Asana-Math-fonts-2021.189.0.000.958svn50999-150400.18.1 added
- texlive-ESIEEcv-2021.189.svn15878-150400.18.1 added
- texlive-GS1-2021.189.22svn44822-150400.18.1 added
- texlive-HA-prosper-2021.189.4.21svn15878-150400.18.1 added
- texlive-IEEEconf-2021.189.1.4svn15878-150400.18.1 added
- texlive-IEEEtran-2021.189.1.8bsvn51065-150400.18.1 added
- texlive-MemoirChapStyles-2021.189.1.7esvn25918-150400.18.1 added
- texlive-SIstyle-2021.189.2.3asvn54080-150400.18.1 added
- texlive-SIunits-2021.189.1.36svn15878-150400.18.1 added
- texlive-Tabbing-2021.189.svn17022-150400.18.1 added
- texlive-Type1fonts-2021.189.2.14svn19603-150400.18.1 added
- texlive-a0poster-2021.189.1.22bsvn54071-150400.18.1 added
- texlive-a2ping-2021.189.2.84psvn52964-150400.18.1 added
- texlive-a4wide-2021.189.svn20943-150400.18.1 added
- texlive-a5comb-2021.189.4svn17020-150400.18.1 added
- texlive-aaai-named-2021.189.svn52470-150400.18.1 added
- texlive-aalok-2021.189.0.0.2svn57728-150400.18.1 added
- texlive-aastex-2021.189.6.3.1svn58057-150400.18.1 added
- texlive-abbr-2021.189.svn15878-150400.18.1 added
- texlive-abc-2021.189.2.0bsvn41157-150400.18.1 added
- texlive-abnt-2021.189.svn55471-150400.18.1 added
- texlive-abntex2-2021.189.1.9.7svn49248-150400.18.1 added
- texlive-abraces-2021.189.2.0svn58761-150400.18.1 added
- texlive-abstract-2021.189.1.2asvn15878-150400.18.1 added
- texlive-abstyles-2021.189.svn15878-150400.18.1 added
- texlive-academicons-2021.189.1.9.0svn56119-150400.18.1 added
- texlive-academicons-fonts-2021.189.1.9.0svn56119-150400.18.1 added
- texlive-accanthis-2021.189.svn32089-150400.18.1 added
- texlive-accanthis-fonts-2021.189.svn32089-150400.18.1 added
- texlive-accents-2021.189.1.4svn51497-150400.18.1 added
- texlive-accessibility-2021.189.2.0.3svn55777-150400.18.1 added
- texlive-accfonts-2021.189.0.0.25svn18835-150400.18.1 added
- texlive-accsupp-2021.189.0.0.6svn53052-150400.18.1 added
- texlive-achemso-2021.189.3.13csvn57479-150400.18.1 added
- texlive-acmart-2021.189.1.75svn56946-150400.18.1 added
- texlive-acmconf-2021.189.1.3svn15878-150400.18.1 added
- texlive-acro-2021.189.3.5svn57447-150400.18.1 added
- texlive-acronym-2021.189.1.47svn54758-150400.18.1 added
- texlive-acroterm-2021.189.0.0.1svn20498-150400.18.1 added
- texlive-active-conf-2021.189.0.0.3asvn15878-150400.18.1 added
- texlive-actuarialangle-2021.189.2.1svn51376-150400.18.1 added
- texlive-actuarialsymbol-2021.189.1.1svn54080-150400.18.1 added
- texlive-addfont-2021.189.1.1svn58559-150400.18.1 added
- texlive-addliga-2021.189.1.0svn50912-150400.18.1 added
- texlive-addlines-2021.189.0.0.3svn49326-150400.18.1 added
- texlive-adfathesis-2021.189.2.42svn26048-150400.18.1 added
- texlive-adforn-2021.189.1.1bsvn54512-150400.18.1 added
- texlive-adforn-fonts-2021.189.1.1bsvn54512-150400.18.1 added
- texlive-adfsymbols-2021.189.1.2bsvn54512-150400.18.1 added
- texlive-adfsymbols-fonts-2021.189.1.2bsvn54512-150400.18.1 added
- texlive-adhocfilelist-2021.189.svn29349-150400.18.1 added
- texlive-adigraph-2021.189.1.7.1svn49862-150400.18.1 added
- texlive-adjmulticol-2021.189.1.2svn54157-150400.18.1 added
- texlive-adjustbox-2021.189.1.3svn56291-150400.18.1 added
- texlive-adobemapping-2021.189.svn51787-150400.18.1 added
- texlive-adrconv-2021.189.1.4svn46817-150400.18.1 added
- texlive-adtrees-2021.189.1.1svn51618-150400.18.1 added
- texlive-advdate-2021.189.svn20538-150400.18.1 added
- texlive-ae-2021.189.1.4svn15878-150400.18.1 added
- texlive-aeguill-2021.189.svn15878-150400.18.1 added
- texlive-aesupp-2021.189.1svn58253-150400.18.1 added
- texlive-aesupp-fonts-2021.189.1svn58253-150400.18.1 added
- texlive-afm2pl-2021.189.svn54074-150400.18.1 added
- texlive-afparticle-2021.189.1.3svn35900-150400.18.1 added
- texlive-afthesis-2021.189.2.7svn15878-150400.18.1 added
- texlive-aguplus-2021.189.1.6bsvn17156-150400.18.1 added
- texlive-aiaa-2021.189.3.6svn15878-150400.18.1 added
- texlive-aichej-2021.189.svn15878-150400.18.1 added
- texlive-ajl-2021.189.svn34016-150400.18.1 added
- texlive-akktex-2021.189.0.0.3.2svn26055-150400.18.1 added
- texlive-akletter-2021.189.1.5isvn15878-150400.18.1 added
- texlive-akshar-2021.189.0.0.2svn56277-150400.18.1 added
- texlive-albatross-2021.189.0.0.3.0svn57416-150400.18.1 added
- texlive-alegreya-2021.189.svn54512-150400.18.1 added
- texlive-alegreya-fonts-2021.189.svn54512-150400.18.1 added
- texlive-aleph-2021.189.svn57972-150400.18.1 added
- texlive-alertmessage-2021.189.1.1svn38055-150400.18.1 added
- texlive-alfaslabone-2021.189.0.0.0.1svn57452-150400.18.1 added
- texlive-alfaslabone-fonts-2021.189.0.0.0.1svn57452-150400.18.1 added
- texlive-alg-2021.189.svn15878-150400.18.1 added
- texlive-algobox-2021.189.1.3svn52204-150400.18.1 added
- texlive-algolrevived-2021.189.1.052svn56864-150400.18.1 added
- texlive-algolrevived-fonts-2021.189.1.052svn56864-150400.18.1 added
- texlive-algorithm2e-2021.189.5.2svn44846-150400.18.1 added
- texlive-algorithmicx-2021.189.svn15878-150400.18.1 added
- texlive-algorithms-2021.189.0.0.1svn42428-150400.18.1 added
- texlive-algpseudocodex-2021.189.1.0svn56125-150400.18.1 added
- texlive-algxpar-2021.189.0.0.91svn56006-150400.18.1 added
- texlive-aligned-overset-2021.189.0.0.1.0svn47290-150400.18.1 added
- texlive-alkalami-2021.189.1.000svn44497-150400.18.1 added
- texlive-alkalami-fonts-2021.189.1.000svn44497-150400.18.1 added
- texlive-allrunes-2021.189.2.1.1svn42221-150400.18.1 added
- texlive-allrunes-fonts-2021.189.2.1.1svn42221-150400.18.1 added
- texlive-almendra-2021.189.svn56035-150400.18.1 added
- texlive-almendra-fonts-2021.189.svn56035-150400.18.1 added
- texlive-almfixed-2021.189.0.0.92svn35065-150400.18.1 added
- texlive-almfixed-fonts-2021.189.0.0.92svn35065-150400.18.1 added
- texlive-alnumsec-2021.189.0.0.03svn15878-150400.18.1 added
- texlive-alpha-persian-2021.189.1.3svn50316-150400.18.1 added
- texlive-alphalph-2021.189.2.6svn53087-150400.18.1 added
- texlive-altfont-2021.189.1.1svn15878-150400.18.1 added
- texlive-ametsoc-2021.189.4.3.2svn36030-150400.18.1 added
- texlive-amiri-2021.189.0.0.113svn55403-150400.18.1 added
- texlive-amiri-fonts-2021.189.0.0.113svn55403-150400.18.1 added
- texlive-amiweb2c-guide-2021.189.1.0svn56878-150400.18.1 added
- texlive-amsaddr-2021.189.1.1svn29630-150400.18.1 added
- texlive-amscdx-2021.189.2.2xsvn51532-150400.18.1 added
- texlive-amscls-2021.189.2.20.6svn55378-150400.18.1 added
- texlive-amscls-doc-2021.189.svn46110-150400.18.1 added
- texlive-amsfonts-2021.189.3.04svn29208-150400.18.1 added
- texlive-amsfonts-fonts-2021.189.3.04svn29208-150400.18.1 added
- texlive-amslatex-primer-2021.189.2.3svn28980-150400.18.1 added
- texlive-amsldoc-it-2021.189.svn45662-150400.18.1 added
- texlive-amsldoc-vn-2021.189.2.0svn21855-150400.18.1 added
- texlive-amsmath-2021.189.svn56514-150400.18.1 added
- texlive-amsmath-it-2021.189.svn22930-150400.18.1 added
- texlive-amsrefs-2021.189.2.14svn30646-150400.18.1 added
- texlive-amstex-2021.189.svn57972-150400.18.1 added
- texlive-amsthdoc-it-2021.189.svn45662-150400.18.1 added
- texlive-animate-2021.189.svn56583-150400.18.1 added
- texlive-annee-scolaire-2021.189.1.6svn55988-150400.18.1 added
- texlive-annotate-2021.189.svn52824-150400.18.1 added
- texlive-anonchap-2021.189.1.1asvn17049-150400.18.1 added
- texlive-anonymous-acm-2021.189.1.0svn55121-150400.18.1 added
- texlive-anonymouspro-2021.189.2.2svn51631-150400.18.1 added
- texlive-anonymouspro-fonts-2021.189.2.2svn51631-150400.18.1 added
- texlive-answers-2021.189.2.16svn35032-150400.18.1 added
- texlive-antanilipsum-2021.189.0.0.8.1svn55250-150400.18.1 added
- texlive-antiqua-2021.189.001.003svn24266-150400.18.1 added
- texlive-antiqua-fonts-2021.189.001.003svn24266-150400.18.1 added
- texlive-antomega-2021.189.0.0.8svn21933-150400.18.1 added
- texlive-antt-2021.189.2.08svn18651-150400.18.1 added
- texlive-antt-fonts-2021.189.2.08svn18651-150400.18.1 added
- texlive-anufinalexam-2021.189.svn26053-150400.18.1 added
- texlive-anyfontsize-2021.189.svn17050-150400.18.1 added
- texlive-anysize-2021.189.svn15878-150400.18.1 added
- texlive-aobs-tikz-2021.189.1.0svn32662-150400.18.1 added
- texlive-aomart-2021.189.1.24svn56102-150400.18.1 added
- texlive-apa-2021.189.1.3.4svn54080-150400.18.1 added
- texlive-apa6-2021.189.2.34svn53406-150400.18.1 added
- texlive-apa6e-2021.189.0.0.3svn23350-150400.18.1 added
- texlive-apa7-2021.189.2.10svn58121-150400.18.1 added
- texlive-apacite-2021.189.6.03svn54080-150400.18.1 added
- texlive-apalike-german-2021.189.svn54080-150400.18.1 added
- texlive-apalike2-2021.189.svn54080-150400.18.1 added
- texlive-apnum-2021.189.1.7svn47510-150400.18.1 added
- texlive-appendix-2021.189.1.2csvn53718-150400.18.1 added
- texlive-appendixnumberbeamer-2021.189.1.2svn46317-150400.18.1 added
- texlive-apprendre-a-programmer-en-tex-2021.189.svn57179-150400.18.1 added
- texlive-apprends-latex-2021.189.4.02svn19306-150400.18.1 added
- texlive-apptools-2021.189.1.0svn28400-150400.18.1 added
- texlive-apxproof-2021.189.1.2.1svn56673-150400.18.1 added
- texlive-arabi-2021.189.1.1svn44662-150400.18.1 added
- texlive-arabi-add-2021.189.1.0svn37709-150400.18.1 added
- texlive-arabi-fonts-2021.189.1.1svn44662-150400.18.1 added
- texlive-arabicfront-2021.189.1.1svn51474-150400.18.1 added
- texlive-arabluatex-2021.189.1.20svn54512-150400.18.1 added
- texlive-arabtex-2021.189.3.17svn25711-150400.18.1 added
- texlive-arabtex-fonts-2021.189.3.17svn25711-150400.18.1 added
- texlive-arabxetex-2021.189.1.2.1svn38299-150400.18.1 added
- texlive-aramaic-serto-2021.189.1.0svn30042-150400.18.1 added
- texlive-aramaic-serto-fonts-2021.189.1.0svn30042-150400.18.1 added
- texlive-arara-2021.189.6.1.0svn58764-150400.18.1 added
- texlive-archaeologie-2021.189.2.4.5svn57090-150400.18.1 added
- texlive-archaic-2021.189.svn38005-150400.18.1 added
- texlive-archaic-fonts-2021.189.svn38005-150400.18.1 added
- texlive-archivo-2021.189.0.0.0.2svn57283-150400.18.1 added
- texlive-archivo-fonts-2021.189.0.0.0.2svn57283-150400.18.1 added
- texlive-arcs-2021.189.1svn15878-150400.18.1 added
- texlive-arev-2021.189.svn15878-150400.18.1 added
- texlive-arev-fonts-2021.189.svn15878-150400.18.1 added
- texlive-arimo-2021.189.svn42880-150400.18.1 added
- texlive-arimo-fonts-2021.189.svn42880-150400.18.1 added
- texlive-armtex-2021.189.3.0_beta3svn33894-150400.18.1 added
- texlive-armtex-fonts-2021.189.3.0_beta3svn33894-150400.18.1 added
- texlive-around-the-bend-2021.189.svn15878-150400.18.1 added
- texlive-arphic-2021.189.svn15878-150400.18.1 added
- texlive-arphic-fonts-2021.189.svn15878-150400.18.1 added
- texlive-arphic-ttf-2021.189.svn42675-150400.18.1 added
- texlive-arphic-ttf-fonts-2021.189.svn42675-150400.18.1 added
- texlive-arraycols-2021.189.1.1svn56997-150400.18.1 added
- texlive-arrayjobx-2021.189.1.04svn18125-150400.18.1 added
- texlive-arraysort-2021.189.1.0svn31576-150400.18.1 added
- texlive-arsclassica-2021.189.svn45656-150400.18.1 added
- texlive-articleingud-2021.189.0.0.3svn38741-150400.18.1 added
- texlive-arvo-2021.189.svn57213-150400.18.1 added
- texlive-arvo-fonts-2021.189.svn57213-150400.18.1 added
- texlive-arydshln-2021.189.1.76svn50084-150400.18.1 added
- texlive-asaetr-2021.189.1.0asvn15878-150400.18.1 added
- texlive-asapsym-2021.189.1.0svn40201-150400.18.1 added
- texlive-asapsym-fonts-2021.189.1.0svn40201-150400.18.1 added
- texlive-ascelike-2021.189.2.3svn29129-150400.18.1 added
- texlive-ascii-chart-2021.189.svn20536-150400.18.1 added
- texlive-ascii-font-2021.189.2.0svn29989-150400.18.1 added
- texlive-ascii-font-fonts-2021.189.2.0svn29989-150400.18.1 added
- texlive-asciilist-2021.189.2.2bsvn49060-150400.18.1 added
- texlive-ascmac-2021.189.2.1svn53411-150400.18.1 added
- texlive-ascmac-fonts-2021.189.2.1svn53411-150400.18.1 added
- texlive-askinclude-2021.189.2.7svn54725-150400.18.1 added
- texlive-askmaps-2021.189.0.0.2svn56730-150400.18.1 added
- texlive-asmeconf-2021.189.1.26svn57833-150400.18.1 added
- texlive-asmejour-2021.189.1.15svn57598-150400.18.1 added
- texlive-aspectratio-2021.189.2.0svn25243-150400.18.1 added
- texlive-aspectratio-fonts-2021.189.2.0svn25243-150400.18.1 added
- texlive-assignment-2021.189.svn20431-150400.18.1 added
- texlive-assoccnt-2021.189.0.0.8svn38497-150400.18.1 added
- texlive-association-matrix-2021.189.1.0svn56759-150400.18.1 added
- texlive-astro-2021.189.2.20svn15878-150400.18.1 added
- texlive-asyfig-2021.189.0.0.1csvn17512-150400.18.1 added
- texlive-asymptote-2021.189.2.70svn58569-150400.18.1 added
- texlive-asymptote-by-example-zh-cn-2021.189.svn15878-150400.18.1 added
- texlive-asymptote-faq-zh-cn-2021.189.svn15878-150400.18.1 added
- texlive-asymptote-manual-zh-cn-2021.189.svn15878-150400.18.1 added
- texlive-asypictureb-2021.189.0.0.3svn33490-150400.18.1 added
- texlive-atbegshi-2021.189.1.19svn53051-150400.18.1 added
- texlive-atenddvi-2021.189.1.5svn56922-150400.18.1 added
- texlive-atkinson-2021.189.svn57624-150400.18.1 added
- texlive-atkinson-fonts-2021.189.svn57624-150400.18.1 added
- texlive-attachfile-2021.189.1.9svn42099-150400.18.1 added
- texlive-attachfile2-2021.189.2.11svn57959-150400.18.1 added
- texlive-atveryend-2021.189.1.11svn53108-150400.18.1 added
- texlive-aucklandthesis-2021.189.svn51323-150400.18.1 added
- texlive-augie-2021.189.svn18948-150400.18.1 added
- texlive-augie-fonts-2021.189.svn18948-150400.18.1 added
- texlive-auncial-new-2021.189.2.0svn15878-150400.18.1 added
- texlive-auncial-new-fonts-2021.189.2.0svn15878-150400.18.1 added
- texlive-aurical-2021.189.1.5svn15878-150400.18.1 added
- texlive-aurical-fonts-2021.189.1.5svn15878-150400.18.1 added
- texlive-aurl-2021.189.svn41853-150400.18.1 added
- texlive-authoraftertitle-2021.189.1.0svn55889-150400.18.1 added
- texlive-authorarchive-2021.189.1.1.1svn54512-150400.18.1 added
- texlive-authordate-2021.189.svn52564-150400.18.1 added
- texlive-authorindex-2021.189.svn51757-150400.18.1 added
- texlive-auto-pst-pdf-2021.189.0.0.7svn56596-150400.18.1 added
- texlive-auto-pst-pdf-lua-2021.189.0.0.03svn54779-150400.18.1 added
- texlive-autoaligne-2021.189.1.5svn56966-150400.18.1 added
- texlive-autoarea-2021.189.0.0.3asvn15878-150400.18.1 added
- texlive-autobreak-2021.189.0.0.3svn43337-150400.18.1 added
- texlive-autofancyhdr-2021.189.0.0.1svn54049-150400.18.1 added
- texlive-automata-2021.189.0.0.3svn19717-150400.18.1 added
- texlive-autonum-2021.189.0.0.3.11svn36084-150400.18.1 added
- texlive-autopdf-2021.189.1.1svn32377-150400.18.1 added
- texlive-autosp-2021.189.svn58211-150400.18.1 added
- texlive-auxhook-2021.189.1.6svn53173-150400.18.1 added
- texlive-avantgar-2021.189.svn31835-150400.18.1 added
- texlive-avantgar-fonts-2021.189.svn31835-150400.18.1 added
- texlive-avremu-2021.189.0.0.1svn35373-150400.18.1 added
- texlive-awesomebox-2021.189.0.0.6svn57349-150400.18.1 added
- texlive-axessibility-2021.189.3.0svn57105-150400.18.1 added
- texlive-axodraw2-2021.189.2.1.1csvn58155-150400.18.1 added
- texlive-b1encoding-2021.189.1.0svn21271-150400.18.1 added
- texlive-babel-2021.189.3.56svn58684-150400.18.1 added
- texlive-babel-albanian-2021.189.1.0dsvn57005-150400.18.1 added
- texlive-babel-azerbaijani-2021.189.1.0asvn44197-150400.18.1 added
- texlive-babel-basque-2021.189.1.0fsvn30256-150400.18.1 added
- texlive-babel-belarusian-2021.189.1.5svn49022-150400.18.1 added
- texlive-babel-bosnian-2021.189.1.1svn38174-150400.18.1 added
- texlive-babel-breton-2021.189.1.0hsvn30257-150400.18.1 added
- texlive-babel-bulgarian-2021.189.1.2gsvn31902-150400.18.1 added
- texlive-babel-catalan-2021.189.2.2psvn30259-150400.18.1 added
- texlive-babel-croatian-2021.189.1.3lsvn35198-150400.18.1 added
- texlive-babel-czech-2021.189.3.1asvn30261-150400.18.1 added
- texlive-babel-danish-2021.189.1.3ssvn57642-150400.18.1 added
- texlive-babel-dutch-2021.189.3.8jsvn56827-150400.18.1 added
- texlive-babel-english-2021.189.3.3rsvn44495-150400.18.1 added
- texlive-babel-esperanto-2021.189.1.4tsvn30265-150400.18.1 added
- texlive-babel-estonian-2021.189.1.1asvn38064-150400.18.1 added
- texlive-babel-finnish-2021.189.1.3ssvn57643-150400.18.1 added
- texlive-babel-french-2021.189.3.5lsvn56607-150400.18.1 added
- texlive-babel-friulan-2021.189.1.3svn39861-150400.18.1 added
- texlive-babel-galician-2021.189.4.3csvn30270-150400.18.1 added
- texlive-babel-georgian-2021.189.2.2svn45864-150400.18.1 added
- texlive-babel-german-2021.189.2.13svn57978-150400.18.1 added
- texlive-babel-greek-2021.189.1.10svn56904-150400.18.1 added
- texlive-babel-hebrew-2021.189.2.3hsvn30273-150400.18.1 added
- texlive-babel-hungarian-2021.189.1.5csvn49701-150400.18.1 added
- texlive-babel-icelandic-2021.189.1.3svn51551-150400.18.1 added
- texlive-babel-indonesian-2021.189.1.0msvn43235-150400.18.1 added
- texlive-babel-interlingua-2021.189.1.6svn30276-150400.18.1 added
- texlive-babel-irish-2021.189.1.0hsvn30277-150400.18.1 added
- texlive-babel-italian-2021.189.1.4.04svn55232-150400.18.1 added
- texlive-babel-japanese-2021.189.svn57733-150400.18.1 added
- texlive-babel-kurmanji-2021.189.1.1svn30279-150400.18.1 added
- texlive-babel-latin-2021.189.3.5svn38173-150400.18.1 added
- texlive-babel-latvian-2021.189.2.0bsvn46681-150400.18.1 added
- texlive-babel-macedonian-2021.189.svn39587-150400.18.1 added
- texlive-babel-malay-2021.189.1.0msvn43234-150400.18.1 added
- texlive-babel-norsk-2021.189.2.0isvn30281-150400.18.1 added
- texlive-babel-occitan-2021.189.0.0.2svn39608-150400.18.1 added
- texlive-babel-piedmontese-2021.189.1.0svn30282-150400.18.1 added
- texlive-babel-polish-2021.189.1.2lsvn30283-150400.18.1 added
- texlive-babel-portuges-2021.189.1.2ssvn57644-150400.18.1 added
- texlive-babel-romanian-2021.189.1.2lsvn30285-150400.18.1 added
- texlive-babel-romansh-2021.189.svn30286-150400.18.1 added
- texlive-babel-russian-2021.189.1.3msvn57376-150400.18.1 added
- texlive-babel-samin-2021.189.1.0csvn30288-150400.18.1 added
- texlive-babel-scottish-2021.189.1.0gsvn30289-150400.18.1 added
- texlive-babel-serbian-2021.189.2.0asvn53140-150400.18.1 added
- texlive-babel-serbianc-2021.189.3.0asvn53139-150400.18.1 added
- texlive-babel-slovak-2021.189.3.1asvn30292-150400.18.1 added
- texlive-babel-slovenian-2021.189.1.2nsvn57666-150400.18.1 added
- texlive-babel-sorbian-2021.189.1.0isvn57646-150400.18.1 added
- texlive-babel-spanish-2021.189.5.0psvn54080-150400.18.1 added
- texlive-babel-swedish-2021.189.2.3esvn57647-150400.18.1 added
- texlive-babel-thai-2021.189.1.0.0svn30564-150400.18.1 added
- texlive-babel-turkish-2021.189.1.4svn51560-150400.18.1 added
- texlive-babel-ukrainian-2021.189.1.4esvn56674-150400.18.1 added
- texlive-babel-vietnamese-2021.189.1.4svn39246-150400.18.1 added
- texlive-babel-welsh-2021.189.1.1asvn38372-150400.18.1 added
- texlive-babelbib-2021.189.1.34svn57349-150400.18.1 added
- texlive-background-2021.189.2.1svn42428-150400.18.1 added
- texlive-backnaur-2021.189.3.1svn54080-150400.18.1 added
- texlive-baekmuk-2021.189.2.2.1svn56915-150400.18.1 added
- texlive-baekmuk-fonts-2021.189.2.2.1svn56915-150400.18.1 added
- texlive-bagpipe-2021.189.3.02svn34393-150400.18.1 added
- texlive-bangorcsthesis-2021.189.1.5.3svn48834-150400.18.1 added
- texlive-bangorexam-2021.189.1.4.0svn46626-150400.18.1 added
- texlive-bangtex-2021.189.svn55475-150400.18.1 added
- texlive-bankstatement-2021.189.0.0.9.2svn38857-150400.18.1 added
- texlive-barcodes-2021.189.svn15878-150400.18.1 added
- texlive-bardiag-2021.189.0.0.4asvn22013-150400.18.1 added
- texlive-barr-2021.189.svn38479-150400.18.1 added
- texlive-barracuda-2021.189.0.0.0.10svn53683-150400.18.1 added
- texlive-bartel-chess-fonts-2021.189.svn20619-150400.18.1 added
- texlive-bashful-2021.189.0.0.93svn25597-150400.18.1 added
- texlive-basicarith-2021.189.1.1svn35460-150400.18.1 added
- texlive-baskervald-2021.189.1.016svn19490-150400.18.1 added
- texlive-baskervald-fonts-2021.189.1.016svn19490-150400.18.1 added
- texlive-baskervaldx-2021.189.1.076svn57080-150400.18.1 added
- texlive-baskervaldx-fonts-2021.189.1.076svn57080-150400.18.1 added
- texlive-baskervillef-2021.189.1.051svn55475-150400.18.1 added
- texlive-baskervillef-fonts-2021.189.1.051svn55475-150400.18.1 added
- texlive-basque-book-2021.189.1.20svn32924-150400.18.1 added
- texlive-basque-date-2021.189.1.05svn26477-150400.18.1 added
- texlive-bath-bst-2021.189.4.0svn57925-150400.18.1 added
- texlive-bbcard-2021.189.svn19440-150400.18.1 added
- texlive-bbding-2021.189.1.01svn17186-150400.17.1 added
- texlive-bbm-2021.189.svn15878-150400.17.1 added
- texlive-bbm-macros-2021.189.svn17224-150400.17.1 added
- texlive-bbold-2021.189.1.01svn17187-150400.17.1 added
- texlive-bbold-type1-2021.189.svn33143-150400.17.1 added
- texlive-bbold-type1-fonts-2021.189.svn33143-150400.17.1 added
- texlive-bchart-2021.189.0.0.1.3svn43928-150400.17.1 added
- texlive-bclogo-2021.189.3.1svn39364-150400.17.1 added
- texlive-beamer-2021.189.3.62svn58537-150400.17.1 added
- texlive-beamer-FUBerlin-2021.189.0.0.02bsvn38159-150400.17.1 added
- texlive-beamer-rl-2021.189.1.4bsvn58513-150400.17.1 added
- texlive-beamer-tut-pt-2021.189.svn15878-150400.17.1 added
- texlive-beamer-verona-2021.189.0.0.2svn39180-150400.17.1 added
- texlive-beamer2thesis-2021.189.2.2svn27539-150400.17.1 added
- texlive-beamerappendixnote-2021.189.1.2.0svn55732-150400.17.1 added
- texlive-beameraudience-2021.189.0.0.1svn23427-150400.17.1 added
- texlive-beamerauxtheme-2021.189.1.02asvn56087-150400.17.1 added
- texlive-beamercolorthemeowl-2021.189.0.0.1.1svn40105-150400.17.1 added
- texlive-beamerdarkthemes-2021.189.0.0.5.1svn55117-150400.17.1 added
- texlive-beamerposter-2021.189.1.13svn54512-150400.17.1 added
- texlive-beamersubframe-2021.189.0.0.2svn23510-150400.17.1 added
- texlive-beamerswitch-2021.189.1.7svn55441-150400.17.1 added
- texlive-beamertheme-cuerna-2021.189.svn42161-150400.17.1 added
- texlive-beamertheme-detlevcm-2021.189.1.02svn39048-150400.17.1 added
- texlive-beamertheme-epyt-2021.189.1.0svn41404-150400.17.1 added
- texlive-beamertheme-focus-2021.189.2.8.1svn56967-150400.17.1 added
- texlive-beamertheme-light-2021.189.1.0svn49867-150400.17.1 added
- texlive-beamertheme-metropolis-2021.189.1.2svn43031-150400.17.1 added
- texlive-beamertheme-npbt-2021.189.4.1svn54512-150400.17.1 added
- texlive-beamertheme-phnompenh-2021.189.1.0svn39100-150400.17.1 added
- texlive-beamertheme-pure-minimalistic-2021.189.2.0.0svn56934-150400.17.1 added
- texlive-beamertheme-saintpetersburg-2021.189.svn45877-150400.17.1 added
- texlive-beamertheme-upenn-bc-2021.189.1.0svn29937-150400.17.1 added
- texlive-beamerthemejltree-2021.189.1.1svn21977-150400.17.1 added
- texlive-beamerthemenirma-2021.189.0.0.1svn20765-150400.17.1 added
- texlive-beamerthemenord-2021.189.0.0.2.0svn56180-150400.17.1 added
- texlive-bearwear-2021.189.0.0.2svn54826-150400.17.1 added
- texlive-beaulivre-2021.189.svn58503-150400.17.1 added
- texlive-beebe-2021.189.svn58697-150400.17.1 added
- texlive-begingreek-2021.189.1.5svn36294-150400.17.1 added
- texlive-begriff-2021.189.1.6svn15878-150400.17.1 added
- texlive-beilstein-2021.189.2.1svn56193-150400.17.1 added
- texlive-belleek-2021.189.svn18651-150400.17.1 added
- texlive-belleek-fonts-2021.189.svn18651-150400.17.1 added
- texlive-bengali-2021.189.svn55475-150400.17.1 added
- texlive-bera-2021.189.svn20031-150400.17.1 added
- texlive-bera-fonts-2021.189.svn20031-150400.17.1 added
- texlive-berenisadf-2021.189.1.004svn32215-150400.17.1 added
- texlive-berenisadf-fonts-2021.189.1.004svn32215-150400.17.1 added
- texlive-besjournals-2021.189.svn45662-150400.17.1 added
- texlive-bestpapers-2021.189.1.0svn38708-150400.17.1 added
- texlive-betababel-2021.189.0.0.5svn15878-150400.17.1 added
- texlive-beton-2021.189.svn15878-150400.17.1 added
- texlive-beuron-2021.189.1.3svn46374-150400.17.1 added
- texlive-beuron-fonts-2021.189.1.3svn46374-150400.17.1 added
- texlive-bewerbung-2021.189.1.2svn56998-150400.17.1 added
- texlive-bez123-2021.189.1.1bsvn15878-150400.17.1 added
- texlive-bezierplot-2021.189.1.4svn51398-150400.17.1 added
- texlive-bezos-2017.133.svn25507-5.18 added
- texlive-bgteubner-2021.189.2.11svn54080-150400.17.1 added
- texlive-bguq-2021.189.0.0.4svn27401-150400.17.1 added
- texlive-bguq-fonts-2021.189.0.0.4svn27401-150400.17.1 added
- texlive-bhcexam-2021.189.0.0.4svn39041-150400.17.1 added
- texlive-bib-fr-2021.189.1.5svn15878-150400.17.1 added
- texlive-bib2gls-2021.189.2.7svn55811-150400.17.1 added
- texlive-bibarts-2021.189.2.2svn54080-150400.17.1 added
- texlive-biber-2021.189.2.16svn57273-150400.17.1 added
- texlive-biber-bin-2021.20210325.svn57273-150400.29.15 added
- texlive-bibexport-2021.189.3.03svn50677-150400.17.1 added
- texlive-bibhtml-2021.189.2.0.2svn31607-150400.17.1 added
- texlive-biblatex-2021.189.3.16svn57272-150400.17.1 added
- texlive-biblatex-abnt-2021.189.3.4svn49179-150400.17.1 added
- texlive-biblatex-ajc2020unofficial-2021.189.0.0.2.0svn54401-150400.17.1 added
- texlive-biblatex-anonymous-2021.189.2.6.2svn48548-150400.17.1 added
- texlive-biblatex-apa-2021.189.9.14svn56208-150400.17.1 added
- texlive-biblatex-apa6-2021.189.8.5svn56209-150400.17.1 added
- texlive-biblatex-archaeology-2021.189.2.2svn53281-150400.17.1 added
- texlive-biblatex-arthistory-bonn-2021.189.1.2svn46637-150400.17.1 added
- texlive-biblatex-bath-2021.189.4.0svn57924-150400.17.1 added
- texlive-biblatex-bookinarticle-2021.189.1.3.1asvn40323-150400.17.1 added
- texlive-biblatex-bookinother-2021.189.2.3.3svn54015-150400.17.1 added
- texlive-biblatex-bwl-2021.189.0.0.02svn26556-150400.17.1 added
- texlive-biblatex-caspervector-2021.189.0.0.3.5svn56837-150400.17.1 added
- texlive-biblatex-cheatsheet-2021.189.svn44685-150400.17.1 added
- texlive-biblatex-chem-2021.189.1.1zsvn57904-150400.17.1 added
- texlive-biblatex-chicago-2021.189.2.1svn58715-150400.17.1 added
- texlive-biblatex-claves-2021.189.1.2.1svn43723-150400.17.1 added
- texlive-biblatex-dw-2021.189.1.7svn42649-150400.17.1 added
- texlive-biblatex-enc-2021.189.1.0svn44627-150400.17.1 added
- texlive-biblatex-ext-2021.189.0.0.12svn57979-150400.17.1 added
- texlive-biblatex-fiwi-2021.189.1.7svn45876-150400.17.1 added
- texlive-biblatex-gb7714-2015-2021.189.1.0xsvn58753-150400.17.1 added
- texlive-biblatex-german-legal-2021.189.002svn56939-150400.17.1 added
- texlive-biblatex-gost-2021.189.1.21svn56790-150400.17.1 added
- texlive-biblatex-historian-2021.189.0.0.4svn19787-150400.17.1 added
- texlive-biblatex-ieee-2021.189.1.3esvn58716-150400.17.1 added
- texlive-biblatex-ijsra-2021.189.0.0.1svn41634-150400.17.1 added
- texlive-biblatex-iso690-2021.189.0.0.4svn54561-150400.17.1 added
- texlive-biblatex-jura2-2021.189.0.0.4svn56133-150400.17.1 added
- texlive-biblatex-juradiss-2021.189.0.0.23svn56502-150400.17.1 added
- texlive-biblatex-license-2021.189.0.0.1svn58437-150400.17.1 added
- texlive-biblatex-lni-2021.189.0.0.5svn49935-150400.17.1 added
- texlive-biblatex-luh-ipw-2021.189.0.0.3svn32180-150400.17.1 added
- texlive-biblatex-manuscripts-philology-2021.189.2.1.2svn53344-150400.17.1 added
- texlive-biblatex-mla-2021.189.1.9svn42445-150400.17.1 added
- texlive-biblatex-morenames-2021.189.1.3.1svn43049-150400.17.1 added
- texlive-biblatex-multiple-dm-2021.189.1.0.1svn37081-150400.17.1 added
- texlive-biblatex-musuos-2021.189.1.0svn24097-150400.17.1 added
- texlive-biblatex-nature-2021.189.1.3dsvn57262-150400.17.1 added
- texlive-biblatex-nejm-2021.189.0.0.5.0svn49839-150400.17.1 added
- texlive-biblatex-nottsclassic-2021.189.0.0.1svn41596-150400.17.1 added
- texlive-biblatex-opcit-booktitle-2021.189.1.9.0svn48983-150400.17.1 added
- texlive-biblatex-oxref-2021.189.2.2svn57513-150400.17.1 added
- texlive-biblatex-philosophy-2021.189.1.9.8csvn56493-150400.17.1 added
- texlive-biblatex-phys-2021.189.1.1bsvn55643-150400.17.1 added
- texlive-biblatex-publist-2021.189.1.21svn56392-150400.17.1 added
- texlive-biblatex-realauthor-2021.189.2.7.1asvn45865-150400.17.1 added
- texlive-biblatex-sbl-2021.189.0.0.12svn56853-150400.17.1 added
- texlive-biblatex-science-2021.189.1.2svn48945-150400.17.1 added
- texlive-biblatex-shortfields-2021.189.1.0.1svn45858-150400.17.1 added
- texlive-biblatex-socialscienceshuberlin-2021.189.0.0.0.1svn47839-150400.17.1 added
- texlive-biblatex-software-2021.189.1.2_3svn57366-150400.17.1 added
- texlive-biblatex-source-division-2021.189.2.4.2svn45379-150400.17.1 added
- texlive-biblatex-subseries-2021.189.1.2.0svn43330-150400.17.1 added
- texlive-biblatex-swiss-legal-2021.189.1.1.2asvn58661-150400.17.1 added
- texlive-biblatex-trad-2021.189.0.0.5svn58169-150400.17.1 added
- texlive-biblatex-true-citepages-omit-2021.189.2.0.0svn44653-150400.17.1 added
- texlive-biblatex-unified-2021.189.1.00svn55290-150400.17.1 added
- texlive-biblatex-vancouver-2021.189.0.0.1svn55339-150400.17.1 added
- texlive-biblatex2bibitem-2021.189.0.0.2.0svn54030-150400.17.1 added
- texlive-bibleref-2021.189.1.25svn55626-150400.17.1 added
- texlive-bibleref-french-2021.189.2.3.3svn53138-150400.17.1 added
- texlive-bibleref-german-2021.189.1.0asvn21923-150400.17.1 added
- texlive-bibleref-lds-2021.189.1.0svn25526-150400.17.1 added
- texlive-bibleref-mouth-2021.189.1.0svn25527-150400.17.1 added
- texlive-bibleref-parse-2021.189.1.1svn22054-150400.17.1 added
- texlive-bibletext-2021.189.0.0.1.2svn45196-150400.17.1 added
- texlive-biblist-2021.189.svn17116-150400.17.1 added
- texlive-bibtex-2021.189.0.0.99dsvn57972-150400.17.1 added
- texlive-bibtex8-2021.189.3.71svn52851-150400.17.1 added
- texlive-bibtexperllibs-2021.189.1.6svn57137-150400.17.1 added
- texlive-bibtexu-2021.189.svn52851-150400.17.1 added
- texlive-bibtopic-2021.189.1.1asvn15878-150400.17.1 added
- texlive-bibtopicprefix-2021.189.1.10svn15878-150400.17.1 added
- texlive-bibunits-2021.189.2.2svn15878-150400.17.1 added
- texlive-bidi-2021.189.36.3svn55193-150400.17.1 added
- texlive-bidi-atbegshi-2021.189.0.0.1svn35154-150400.17.1 added
- texlive-bidicontour-2021.189.0.0.2svn34631-150400.17.1 added
- texlive-bidihl-2021.189.0.0.1csvn37795-150400.17.1 added
- texlive-bidipagegrid-2021.189.0.0.2svn34632-150400.17.1 added
- texlive-bidipresentation-2021.189.0.0.3svn35267-150400.17.1 added
- texlive-bidishadowtext-2021.189.0.0.1svn34633-150400.17.1 added
- texlive-bigfoot-2021.189.2.1svn38248-150400.17.1 added
- texlive-bigintcalc-2021.189.1.5svn53172-150400.17.1 added
- texlive-bigints-2021.189.svn29803-150400.17.1 added
- texlive-binarytree-2021.189.1.01svn41777-150400.17.1 added
- texlive-binomexp-2021.189.1.0svn15878-150400.17.1 added
- texlive-biochemistry-colors-2021.189.1.00svn54512-150400.17.1 added
- texlive-biocon-2021.189.svn15878-150400.17.1 added
- texlive-biolett-bst-2021.189.svn42217-150400.17.1 added
- texlive-bitelist-2021.189.0.0.1svn25779-150400.17.1 added
- texlive-bithesis-2021.189.1.0.1svn57388-150400.17.1 added
- texlive-bitpattern-2021.189.svn39073-150400.17.1 added
- texlive-bitset-2021.189.1.3svn53837-150400.17.1 added
- texlive-bitter-2021.189.svn56026-150400.17.1 added
- texlive-bitter-fonts-2021.189.svn56026-150400.17.1 added
- texlive-bizcard-2021.189.1.1svn15878-150400.17.1 added
- texlive-blacklettert1-2021.189.svn15878-150400.17.1 added
- texlive-blindtext-2021.189.2.0svn25039-150400.17.1 added
- texlive-blkarray-2021.189.0.0.07svn36406-150400.17.1 added
- texlive-blochsphere-2021.189.1.1svn38388-150400.17.1 added
- texlive-block-2021.189.svn17209-150400.17.1 added
- texlive-blockdraw_mp-2021.189.svn15878-150400.17.1 added
- texlive-bloques-2021.189.1.0svn22490-150400.17.1 added
- texlive-blowup-2021.189.1.0svn46213-150400.17.1 added
- texlive-blox-2021.189.2.51svn57949-150400.17.1 added
- texlive-bnumexpr-2021.189.1.2dsvn49643-150400.17.1 added
- texlive-bodegraph-2021.189.1.4svn20047-150400.17.1 added
- texlive-bohr-2021.189.1.0svn54512-150400.17.1 added
- texlive-boisik-2021.189.0.0.5svn15878-150400.17.1 added
- texlive-boites-2021.189.1.1svn32235-150400.17.1 added
- texlive-bold-extra-2021.189.0.0.1svn17076-150400.17.1 added
- texlive-boldtensors-2021.189.svn15878-150400.17.1 added
- texlive-bondgraph-2021.189.1.0svn21670-150400.17.1 added
- texlive-bondgraphs-2021.189.1.0.1svn36605-150400.17.1 added
- texlive-bookcover-2021.189.3.3svn57326-150400.17.1 added
- texlive-bookdb-2021.189.0.0.2svn37536-150400.17.1 added
- texlive-bookest-2021.189.1.1svn15878-150400.17.1 added
- texlive-bookhands-2021.189.svn46480-150400.17.1 added
- texlive-bookhands-fonts-2021.189.svn46480-150400.17.1 added
- texlive-booklet-2021.189.0.0.7bsvn15878-150400.17.1 added
- texlive-bookman-2021.189.svn31835-150400.17.1 added
- texlive-bookman-fonts-2021.189.svn31835-150400.17.1 added
- texlive-bookmark-2021.189.1.29svn56885-150400.17.1 added
- texlive-bookshelf-2021.189.0.0.5svn55475-150400.17.1 added
- texlive-booktabs-2021.189.1.61803398svn53402-150400.17.1 added
- texlive-booktabs-de-2021.189.1.61803svn21907-150400.17.1 added
- texlive-booktabs-fr-2021.189.1.00svn21948-150400.17.1 added
- texlive-boolexpr-2021.189.3.14svn17830-150400.17.1 added
- texlive-boondox-2021.189.1.02dsvn54512-150400.17.1 added
- texlive-boondox-fonts-2021.189.1.02dsvn54512-150400.17.1 added
- texlive-bophook-2021.189.0.0.02svn17062-150400.17.1 added
- texlive-borceux-2021.189.svn21047-150400.17.1 added
- texlive-bosisio-2021.189.svn16989-150400.17.1 added
- texlive-boxedminipage-2021.189.1.1svn54827-150400.17.1 added
- texlive-boxhandler-2021.189.1.30svn28031-150400.17.1 added
- texlive-bpchem-2021.189.1.1svn45120-150400.17.1 added
- texlive-bpolynomial-2021.189.0.0.5svn15878-150400.17.1 added
- texlive-br-lex-2021.189.svn44939-150400.17.1 added
- texlive-bracketkey-2021.189.1.0svn17129-150400.17.1 added
- texlive-braids-2021.189.2.0svn54080-150400.17.1 added
- texlive-braille-2021.189.svn20655-150400.17.1 added
- texlive-braket-2021.189.svn17127-150400.17.1 added
- texlive-brandeis-dissertation-2021.189.3.11svn54758-150400.17.1 added
- texlive-brandeis-problemset-2021.189.0.0.5.5svn50991-150400.17.1 added
- texlive-brandeis-thesis-2021.189.3.1svn54758-150400.17.1 added
- texlive-breakcites-2021.189.svn21014-150400.17.1 added
- texlive-breakurl-2021.189.1.40svn29901-150400.17.1 added
- texlive-bredzenie-2021.189.1.0svn44371-150400.17.1 added
- texlive-breqn-2021.189.0.0.98ksvn56422-150400.17.1 added
- texlive-bropd-2021.189.1.2svn35383-150400.17.1 added
- texlive-brushscr-2021.189.svn28363-150400.17.1 added
- texlive-brushscr-fonts-2021.189.svn28363-150400.17.1 added
- texlive-bubblesort-2021.189.1.0svn56070-150400.17.1 added
- texlive-bullcntr-2021.189.0.0.04svn15878-150400.17.1 added
- texlive-bundledoc-2021.189.3.4svn55064-150400.17.1 added
- texlive-burmese-2021.189.svn25185-150400.17.1 added
- texlive-burmese-fonts-2021.189.svn25185-150400.17.1 added
- texlive-businesscard-qrcode-2021.189.1.2svn54080-150400.17.1 added
- texlive-bussproofs-2021.189.1.1svn54080-150400.17.1 added
- texlive-bussproofs-extra-2021.189.0.0.4svn51299-150400.17.1 added
- texlive-bxbase-2021.189.1.2svn56528-150400.17.1 added
- texlive-bxcalc-2021.189.1.1svn56431-150400.17.1 added
- texlive-bxcjkjatype-2021.189.0.0.3svn54080-150400.17.1 added
- texlive-bxdpx-beamer-2021.189.0.0.3svn41813-150400.17.1 added
- texlive-bxdvidriver-2021.189.0.0.2asvn43219-150400.17.1 added
- texlive-bxeepic-2021.189.0.0.2svn30559-150400.17.1 added
- texlive-bxenclose-2021.189.0.0.2svn40213-150400.17.1 added
- texlive-bxghost-2021.189.0.0.3.0svn53606-150400.17.1 added
- texlive-bxjaholiday-2021.189.1.1.0svn57025-150400.17.1 added
- texlive-bxjalipsum-2021.189.0.0.3asvn43369-150400.17.1 added
- texlive-bxjaprnind-2021.189.0.0.3bsvn45291-150400.17.1 added
- texlive-bxjatoucs-2021.189.0.0.2svn52509-150400.17.1 added
- texlive-bxjscls-2021.189.2.5svn57625-150400.17.1 added
- texlive-bxnewfont-2021.189.0.0.2bsvn44173-150400.17.1 added
- texlive-bxorigcapt-2021.189.0.0.3svn48606-150400.17.1 added
- texlive-bxpapersize-2021.189.0.0.5svn56491-150400.17.1 added
- texlive-bxpdfver-2021.189.0.0.5asvn57755-150400.17.1 added
- texlive-bxtexlogo-2021.189.0.0.4svn47230-150400.17.1 added
- texlive-bxwareki-2021.189.0.0.6svn51286-150400.17.1 added
- texlive-bytefield-2021.189.2.6svn56821-150400.17.1 added
- texlive-c-pascal-2021.189.1.2svn18337-150400.17.1 added
- texlive-c90-2021.189.svn54074-150400.17.1 added
- texlive-cabin-2021.189.svn55907-150400.17.1 added
- texlive-cabin-fonts-2021.189.svn55907-150400.17.1 added
- texlive-cachepic-2021.189.1.0svn26313-150400.17.1 added
- texlive-caladea-2021.189.svn34991-150400.17.1 added
- texlive-caladea-fonts-2021.189.svn34991-150400.17.1 added
- texlive-calcage-2021.189.0.0.90svn27725-150400.17.1 added
- texlive-calctab-2021.189.0.0.6.1svn15878-150400.17.1 added
- texlive-calculation-2021.189.1.0svn35973-150400.17.1 added
- texlive-calculator-2021.189.2.0svn33041-150400.17.1 added
- texlive-calligra-2021.189.svn15878-150400.17.1 added
- texlive-calligra-type1-2021.189.001.000svn24302-150400.17.1 added
- texlive-calligra-type1-fonts-2021.189.001.000svn24302-150400.17.1 added
- texlive-callouts-2021.189.svn44899-150400.17.1 added
- texlive-calrsfs-2021.189.svn17125-150400.17.1 added
- texlive-cals-2021.189.2.4.2svn43003-150400.17.1 added
- texlive-calxxxx-yyyy-2021.189.20.21asvn57282-150400.17.1 added
- texlive-cancel-2021.189.2.2svn32508-150400.17.1 added
- texlive-canoniclayout-2021.189.0.0.5svn54758-150400.17.1 added
- texlive-cantarell-2021.189.3.2svn54512-150400.17.1 added
- texlive-cantarell-fonts-2021.189.3.2svn54512-150400.17.1 added
- texlive-capt-of-2021.189.svn29803-150400.17.1 added
- texlive-captcont-2021.189.2.0svn15878-150400.17.1 added
- texlive-captdef-2021.189.svn17353-150400.17.1 added
- texlive-caption-2021.189.svn56771-150400.17.1 added
- texlive-carbohydrates-2021.189.0.0.1svn39000-150400.17.1 added
- texlive-carlisle-2021.189.svn56753-150400.17.1 added
- texlive-carlito-2021.189.svn35002-150400.17.1 added
- texlive-carlito-fonts-2021.189.svn35002-150400.17.1 added
- texlive-carolmin-ps-2021.189.svn15878-150400.17.1 added
- texlive-carolmin-ps-fonts-2021.189.svn15878-150400.17.1 added
- texlive-cascade-2021.189.1.1svn55759-150400.17.1 added
- texlive-cascadia-code-2021.189.0.0.0.1svn57478-150400.17.1 added
- texlive-cascadia-code-fonts-2021.189.0.0.0.1svn57478-150400.17.1 added
- texlive-cascadilla-2021.189.1.8.2svn25144-150400.17.1 added
- texlive-cases-2021.189.3.2svn54682-150400.17.1 added
- texlive-casyl-2021.189.2.0svn15878-150400.17.1 added
- texlive-catchfile-2021.189.1.8svn53084-150400.17.1 added
- texlive-catchfilebetweentags-2021.189.1.1svn21476-150400.17.1 added
- texlive-catcodes-2021.189.r0.2svn38859-150400.17.1 added
- texlive-catechis-2021.189.2.5svn49061-150400.17.1 added
- texlive-catoptions-2021.189.0.0.2.7hsvn35069-150400.17.1 added
- texlive-causets-2021.189.1.1svn57139-150400.17.1 added
- texlive-cbcoptic-2021.189.0.0.2svn16666-150400.17.1 added
- texlive-cbcoptic-fonts-2021.189.0.0.2svn16666-150400.17.1 added
- texlive-cbfonts-2021.189.svn54080-150400.17.1 added
- texlive-cbfonts-fd-2021.189.1.2svn54080-150400.17.1 added
- texlive-cbfonts-fonts-2021.189.svn54080-150400.17.1 added
- texlive-cc-pl-2021.189.1.02.3svn58602-150400.17.1 added
- texlive-cc-pl-fonts-2021.189.1.02.3svn58602-150400.17.1 added
- texlive-ccaption-2021.189.3.2csvn23443-150400.17.1 added
- texlive-ccfonts-2021.189.1.2svn54686-150400.17.1 added
- texlive-ccicons-2021.189.1.6svn54512-150400.17.1 added
- texlive-ccicons-fonts-2021.189.1.6svn54512-150400.17.1 added
- texlive-cclicenses-2021.189.svn15878-150400.17.1 added
- texlive-ccool-2021.189.3.1svn56636-150400.17.1 added
- texlive-cd-2021.189.1.4svn34452-150400.17.1 added
- texlive-cd-cover-2021.189.1.0svn17121-150400.17.1 added
- texlive-cdpbundl-2021.189.0.0.36dsvn46613-150400.17.1 added
- texlive-cell-2021.189.svn42428-150400.17.1 added
- texlive-cellprops-2021.189.2.0svn57599-150400.17.1 added
- texlive-cellspace-2021.189.1.8.1svn50374-150400.17.1 added
- texlive-celtic-2021.189.1.1svn39797-150400.17.1 added
- texlive-censor-2021.189.3.22svn49168-150400.17.1 added
- texlive-centeredline-2021.189.1.1svn50971-150400.17.1 added
- texlive-centerlastline-2021.189.1.0svn56644-150400.17.1 added
- texlive-cesenaexam-2021.189.0.0.2svn44960-150400.17.1 added
- texlive-cfr-initials-2021.189.1.01svn36728-150400.17.1 added
- texlive-cfr-lm-2021.189.1.5svn36195-150400.17.1 added
- texlive-changebar-2021.189.3.6csvn46919-150400.17.1 added
- texlive-changelayout-2021.189.1.0svn16094-150400.17.1 added
- texlive-changelog-2021.189.2.4.0svn56338-150400.17.1 added
- texlive-changepage-2021.189.1.0csvn15878-150400.17.1 added
- texlive-changes-2021.189.4.0.1svn57756-150400.17.1 added
- texlive-chappg-2021.189.2.1bsvn15878-150400.17.1 added
- texlive-chapterfolder-2021.189.2.0.1svn15878-150400.17.1 added
- texlive-charissil-2021.189.5.0svn55920-150400.17.1 added
- texlive-charissil-fonts-2021.189.5.0svn55920-150400.17.1 added
- texlive-charter-2021.189.svn15878-150400.17.1 added
- texlive-charter-fonts-2021.189.svn15878-150400.17.1 added
- texlive-chbibref-2021.189.1.0svn17120-150400.17.1 added
- texlive-cheatsheet-2021.189.0.0.8svn45069-150400.17.1 added
- texlive-checkcites-2021.189.2.4svn52022-150400.17.1 added
- texlive-checkend-2021.189.1.0svn51475-150400.17.1 added
- texlive-checklistings-2021.189.1.0svn38300-150400.17.1 added
- texlive-chem-journal-2021.189.svn15878-150400.17.1 added
- texlive-chemarrow-2021.189.0.0.9svn17146-150400.17.1 added
- texlive-chemarrow-fonts-2021.189.0.0.9svn17146-150400.17.1 added
- texlive-chembst-2021.189.0.0.2.5svn15878-150400.17.1 added
- texlive-chemcompounds-2021.189.svn15878-150400.17.1 added
- texlive-chemcono-2021.189.1.3svn17119-150400.17.1 added
- texlive-chemexec-2021.189.1.0svn21632-150400.17.1 added
- texlive-chemfig-2021.189.1.6asvn58014-150400.17.1 added
- texlive-chemformula-2021.189.4.16svn57206-150400.17.1 added
- texlive-chemgreek-2021.189.1.1asvn53437-150400.17.1 added
- texlive-chemmacros-2021.189.5.11asvn56983-150400.17.1 added
- texlive-chemnum-2021.189.1.3asvn57490-150400.17.1 added
- texlive-chemplants-2021.189.0.0.9.8svn52863-150400.17.1 added
- texlive-chemschemex-2021.189.1.2svn46723-150400.17.1 added
- texlive-chemsec-2021.189.1.12asvn46972-150400.17.1 added
- texlive-chemstyle-2021.189.2.0msvn31096-150400.17.1 added
- texlive-cherokee-2021.189.svn21046-150400.17.1 added
- texlive-chess-2021.189.1.2svn20582-150400.17.1 added
- texlive-chess-problem-diagrams-2021.189.1.15svn53302-150400.17.1 added
- texlive-chessboard-2021.189.1.9svn56833-150400.17.1 added
- texlive-chessfss-2021.189.1.2asvn19440-150400.17.1 added
- texlive-chet-2021.189.2.2svn45081-150400.17.1 added
- texlive-chextras-2021.189.1.01svn27118-150400.17.1 added
- texlive-chhaya-2021.189.0.0.2svn57508-150400.17.1 added
- texlive-chicago-2021.189.svn15878-150400.17.1 added
- texlive-chicago-annote-2021.189.svn15878-150400.17.1 added
- texlive-chicagoa-2021.189.svn52567-150400.17.1 added
- texlive-chickenize-2021.189.0.0.3svn57325-150400.17.1 added
- texlive-chifoot-2021.189.1.0svn57312-150400.17.1 added
- texlive-childdoc-2021.189.2.0svn49543-150400.17.1 added
- texlive-chinese-jfm-2021.189.1.1.1svn57758-150400.17.1 added
- texlive-chivo-2021.189.2.1svn54512-150400.17.1 added
- texlive-chivo-fonts-2021.189.2.1svn54512-150400.17.1 added
- texlive-chkfloat-2021.189.0.0.1svn27473-150400.17.1 added
- texlive-chklref-2021.189.3.1.2svn52649-150400.17.1 added
- texlive-chktex-2021.189.1.7.6svn52851-150400.17.1 added
- texlive-chletter-2021.189.2.0svn20060-150400.17.1 added
- texlive-chngcntr-2021.189.1.1asvn47577-150400.17.1 added
- texlive-chordbars-2021.189.1.1svn49569-150400.17.1 added
- texlive-chordbox-2021.189.1.0svn51000-150400.17.1 added
- texlive-chronology-2021.189.1.1.1svn37934-150400.17.1 added
- texlive-chronosys-2021.189.1.2svn26700-150400.17.1 added
- texlive-chs-physics-report-2021.189.svn54512-150400.17.1 added
- texlive-chscite-2021.189.2.9999svn28552-150400.17.1 added
- texlive-churchslavonic-2021.189.0.0.2.1svn42751-150400.17.1 added
- texlive-cinzel-2021.189.svn54512-150400.17.1 added
- texlive-cinzel-fonts-2021.189.svn54512-150400.17.1 added
- texlive-circ-2021.189.1.1svn15878-150400.17.1 added
- texlive-circledsteps-2021.189.1.3svn53382-150400.17.1 added
- texlive-circuit-macros-2021.189.9.5svn57308-150400.17.1 added
- texlive-circuitikz-2021.189.1.3.3svn58757-150400.17.1 added
- texlive-cite-2021.189.5.5svn36428-150400.17.1 added
- texlive-citeall-2021.189.1.4svn45975-150400.17.1 added
- texlive-citeref-2021.189.1.1svn47407-150400.17.1 added
- texlive-cje-2021.189.1.06svn46721-150400.17.1 added
- texlive-cjhebrew-2021.189.0.0.2asvn43444-150400.17.1 added
- texlive-cjhebrew-fonts-2021.189.0.0.2asvn43444-150400.17.1 added
- texlive-cjk-2021.189.4.8.4svn36951-150400.17.1 added
- texlive-cjk-gs-integrate-2021.189.20201206.0svn57081-150400.17.1 added
- texlive-cjk-ko-2021.189.1.9svn58081-150400.17.1 added
- texlive-cjkpunct-2021.189.4.8.4svn41119-150400.17.1 added
- texlive-cjkutils-2021.189.4.8.4svn52851-150400.17.1 added
- texlive-clara-2021.189.svn54512-150400.17.1 added
- texlive-clara-fonts-2021.189.svn54512-150400.17.1 added
- texlive-classics-2021.189.0.0.1asvn53671-150400.17.1 added
- texlive-classicthesis-2021.189.4.6svn48041-150400.17.1 added
- texlive-classpack-2021.189.1.19svn55218-150400.17.1 added
- texlive-cleanthesis-2021.189.0.0.4.0svn51472-150400.17.1 added
- texlive-clearsans-2021.189.svn54512-150400.17.1 added
- texlive-clearsans-fonts-2021.189.svn54512-150400.17.1 added
- texlive-clefval-2021.189.0.0.1svn55985-150400.17.1 added
- texlive-cleveref-2021.189.0.0.21.4svn47525-150400.17.1 added
- texlive-clipboard-2021.189.0.0.3svn47747-150400.17.1 added
- texlive-clock-2021.189.svn15878-150400.17.1 added
- texlive-clojure-pamphlet-2021.189.1.3svn52082-150400.17.1 added
- texlive-cloze-2021.189.1.6svn55763-150400.17.1 added
- texlive-clrdblpg-2021.189.1.0svn47511-150400.17.1 added
- texlive-clrscode-2021.189.1.7svn51136-150400.17.1 added
- texlive-clrscode3e-2021.189.svn51137-150400.17.1 added
- texlive-clrstrip-2021.189.svn53537-150400.17.1 added
- texlive-cluttex-2021.189.0.0.5svn53698-150400.17.1 added
- texlive-cm-2021.189.svn57963-150400.17.1 added
- texlive-cm-lgc-2021.189.0.0.5svn28250-150400.17.1 added
- texlive-cm-lgc-fonts-2021.189.0.0.5svn28250-150400.17.1 added
- texlive-cm-mf-extra-bold-2021.189.svn54512-150400.17.1 added
- texlive-cm-super-2021.189.svn15878-150400.17.1 added
- texlive-cm-super-fonts-2021.189.svn15878-150400.17.1 added
- texlive-cm-unicode-2021.189.0.0.7.0svn58661-150400.17.1 added
- texlive-cm-unicode-fonts-2021.189.0.0.7.0svn58661-150400.17.1 added
- texlive-cmap-2021.189.1.0jsvn57640-150400.17.1 added
- texlive-cmarrows-2021.189.0.0.9svn24378-150400.17.1 added
- texlive-cmathbb-2021.189.1.0svn56414-150400.17.1 added
- texlive-cmathbb-fonts-2021.189.1.0svn56414-150400.17.1 added
- texlive-cmbright-2021.189.8.1svn21107-150400.17.1 added
- texlive-cmcyr-2021.189.svn39273-150400.17.1 added
- texlive-cmcyr-fonts-2021.189.svn39273-150400.17.1 added
- texlive-cmdstring-2021.189.1.1svn15878-150400.17.1 added
- texlive-cmdtrack-2021.189.svn28910-150400.17.1 added
- texlive-cmexb-2021.189.svn54074-150400.17.1 added
- texlive-cmexb-fonts-2021.189.svn54074-150400.17.1 added
- texlive-cmextra-2021.189.svn57866-150400.17.1 added
- texlive-cmll-2021.189.svn17964-150400.17.1 added
- texlive-cmll-fonts-2021.189.svn17964-150400.17.1 added
- texlive-cmpica-2021.189.svn15878-150400.17.1 added
- texlive-cmpj-2021.189.3.03svn58506-150400.17.1 added
- texlive-cmsd-2021.189.svn18787-150400.17.1 added
- texlive-cmsrb-2021.189.4.0svn54706-150400.17.1 added
- texlive-cmsrb-fonts-2021.189.4.0svn54706-150400.17.1 added
- texlive-cmtiup-2021.189.2.1svn39728-150400.17.1 added
- texlive-cmupint-2021.189.1.1svn54735-150400.17.1 added
- texlive-cmupint-fonts-2021.189.1.1svn54735-150400.17.1 added
- texlive-cnbwp-2021.189.svn32550-150400.17.1 added
- texlive-cnltx-2021.189.0.0.15svn55265-150400.17.1 added
- texlive-cns-2021.189.4.2.0svn45677-150400.17.1 added
- texlive-cntformats-2021.189.0.0.7svn34668-150400.17.1 added
- texlive-cntperchap-2021.189.0.0.3svn37572-150400.17.1 added
- texlive-cochineal-2021.189.1.066svn58717-150400.17.1 added
- texlive-cochineal-fonts-2021.189.1.066svn58717-150400.17.1 added
- texlive-codeanatomy-2021.189.0.0.4_alphasvn51627-150400.17.1 added
- texlive-codedoc-2021.189.0.0.3svn17630-150400.17.1 added
- texlive-codepage-2021.189.svn51502-150400.17.1 added
- texlive-codesection-2021.189.0.0.1svn34481-150400.17.1 added
- texlive-codicefiscaleitaliano-2021.189.1.2svn29803-150400.17.1 added
- texlive-coelacanth-2021.189.0.0.005svn54736-150400.17.1 added
- texlive-coelacanth-fonts-2021.189.0.0.005svn54736-150400.17.1 added
- texlive-collcell-2021.189.0.0.5svn56291-150400.17.1 added
- texlive-collectbox-2021.189.0.0.4bsvn56291-150400.17.1 added
- texlive-collection-basic-2021.185.svn56569-150400.19.4 added
- texlive-collection-bibtexextra-2021.185.svn58437-150400.19.4 added
- texlive-collection-binextra-2021.185.svn56352-150400.19.4 added
- texlive-collection-context-2021.185.svn54074-150400.19.4 added
- texlive-collection-fontsextra-2021.185.svn58253-150400.19.4 added
- texlive-collection-fontsrecommended-2021.185.svn54074-150400.19.4 added
- texlive-collection-fontutils-2021.185.svn57089-150400.19.4 added
- texlive-collection-formatsextra-2021.185.svn54074-150400.19.4 added
- texlive-collection-games-2021.185.svn56623-150400.19.4 added
- texlive-collection-humanities-2021.185.svn56575-150400.19.4 added
- texlive-collection-langarabic-2021.185.svn56215-150400.19.4 added
- texlive-collection-langchinese-2021.185.svn56196-150400.19.4 added
- texlive-collection-langcjk-2021.185.svn54191-150400.19.4 added
- texlive-collection-langcyrillic-2021.185.svn54074-150400.19.4 added
- texlive-collection-langczechslovak-2021.185.svn54074-150400.19.4 added
- texlive-collection-langenglish-2021.185.svn58290-150400.19.4 added
- texlive-collection-langeuropean-2021.185.svn58626-150400.19.4 added
- texlive-collection-langfrench-2021.185.svn57491-150400.19.4 added
- texlive-collection-langgerman-2021.185.svn55706-150400.19.4 added
- texlive-collection-langgreek-2021.185.svn54139-150400.19.4 added
- texlive-collection-langitalian-2021.185.svn55129-150400.19.4 added
- texlive-collection-langjapanese-2021.185.svn58754-150400.19.4 added
- texlive-collection-langkorean-2021.185.svn54074-150400.19.4 added
- texlive-collection-langother-2021.185.svn57757-150400.19.4 added
- texlive-collection-langpolish-2021.185.svn54074-150400.19.4 added
- texlive-collection-langportuguese-2021.185.svn54074-150400.19.4 added
- texlive-collection-langspanish-2021.185.svn54141-150400.19.4 added
- texlive-collection-latex-2021.185.svn57048-150400.19.4 added
- texlive-collection-latexextra-2021.185.svn58593-150400.19.4 added
- texlive-collection-latexrecommended-2021.185.svn57862-150400.19.4 added
- texlive-collection-luatex-2021.185.svn58124-150400.19.4 added
- texlive-collection-mathscience-2021.185.svn57759-150400.19.4 added
- texlive-collection-metapost-2021.185.svn50293-150400.19.4 added
- texlive-collection-music-2021.185.svn57878-150400.19.4 added
- texlive-collection-pictures-2021.185.svn58759-150400.19.4 added
- texlive-collection-plaingeneric-2021.185.svn56496-150400.19.4 added
- texlive-collection-pstricks-2021.185.svn54455-150400.19.4 added
- texlive-collection-publishers-2021.185.svn57312-150400.19.4 added
- texlive-collection-xetex-2021.185.svn58543-150400.19.4 added
- texlive-collref-2021.189.2.0csvn46358-150400.17.1 added
- texlive-colophon-2021.189.1.1svn47913-150400.17.1 added
- texlive-color-edits-2021.189.1.1svn56707-150400.17.1 added
- texlive-colordoc-2021.189.svn18270-150400.17.1 added
- texlive-colorinfo-2021.189.0.0.3csvn15878-150400.17.1 added
- texlive-coloring-2021.189.0.0.2svn41042-150400.17.1 added
- texlive-colorist-2021.189.svn58434-150400.17.1 added
- texlive-colorprofiles-2021.189.20181105svn49086-150400.17.1 added
- texlive-colorsep-2021.189.svn13293-150400.17.1 added
- texlive-colorspace-2021.189.1.3svn50585-150400.17.1 added
- texlive-colortab-2021.189.1.0svn22155-150400.17.1 added
- texlive-colortbl-2021.189.1.0esvn53545-150400.17.1 added
- texlive-colorwav-2021.189.1.0svn15878-150400.17.1 added
- texlive-colorweb-2021.189.1.3svn31490-150400.17.1 added
- texlive-colourchange-2021.189.1.22svn21741-150400.17.1 added
- texlive-combelow-2021.189.0.0.99fsvn18462-150400.17.1 added
- texlive-combine-2021.189.0.0.7asvn19361-150400.17.1 added
- texlive-combinedgraphics-2021.189.0.0.2.2svn27198-150400.17.1 added
- texlive-combofont-2021.189.0.0.3svn51348-150400.17.1 added
- texlive-comfortaa-2021.189.3.2svn54512-150400.17.1 added
- texlive-comfortaa-fonts-2021.189.3.2svn54512-150400.17.1 added
- texlive-comicneue-2021.189.1.2svn54891-150400.17.1 added
- texlive-comicneue-fonts-2021.189.1.2svn54891-150400.17.1 added
- texlive-comma-2021.189.1.2svn18259-150400.17.1 added
- texlive-commado-2021.189.r0.11asvn38875-150400.17.1 added
- texlive-commath-2021.189.0.0.3svn15878-150400.17.1 added
- texlive-commedit-2021.189.1.02svn50116-150400.17.1 added
- texlive-comment-2021.189.3.8svn41927-150400.17.1 added
- texlive-commutative-diagrams-2021.189.1.0.1svn55526-150400.17.1 added
- texlive-compactbib-2021.189.svn15878-150400.17.1 added
- texlive-compare-2021.189.svn54265-150400.17.1 added
- texlive-competences-2021.189.1.0svn47573-150400.17.1 added
- texlive-complexity-2021.189.0.0.81asvn45322-150400.17.1 added
- texlive-components-of-TeX-2021.189.svn15878-150400.17.1 added
- texlive-comprehensive-2021.189.13.0svn55667-150400.17.1 added
- texlive-computational-complexity-2021.189.2.25fsvn44847-150400.17.1 added
- texlive-concepts-2021.189.0.0.0.5_r1svn29020-150400.17.1 added
- texlive-concmath-2021.189.svn17219-150400.17.1 added
- texlive-concmath-fonts-2021.189.svn17218-150400.17.1 added
- texlive-concprog-2021.189.svn18791-150400.17.1 added
- texlive-concrete-2021.189.svn57963-150400.17.1 added
- texlive-conditext-2021.189.1.5svn55387-150400.17.1 added
- texlive-confproc-2021.189.0.0.8svn29349-150400.17.1 added
- texlive-constants-2021.189.1.0svn15878-150400.17.1 added
- texlive-conteq-2021.189.0.0.1.1svn37868-150400.17.1 added
- texlive-context-2021.189.svn58167-150400.17.1 added
- texlive-context-account-2021.189.svn47085-150400.17.1 added
- texlive-context-algorithmic-2021.189.svn47085-150400.17.1 added
- texlive-context-animation-2021.189.svn47085-150400.17.1 added
- texlive-context-annotation-2021.189.svn47085-150400.17.1 added
- texlive-context-bnf-2021.189.svn47085-150400.17.1 added
- texlive-context-chromato-2021.189.svn47085-150400.17.1 added
- texlive-context-cmscbf-2021.189.svn47085-150400.17.1 added
- texlive-context-cmttbf-2021.189.svn47085-150400.17.1 added
- texlive-context-construction-plan-2021.189.svn47085-150400.17.1 added
- texlive-context-cyrillicnumbers-2021.189.svn47085-150400.17.1 added
- texlive-context-degrade-2021.189.svn47085-150400.17.1 added
- texlive-context-fancybreak-2021.189.svn47085-150400.17.1 added
- texlive-context-filter-2021.189.svn55718-150400.17.1 added
- texlive-context-fonts-2021.189.svn58167-150400.17.1 added
- texlive-context-french-2021.189.svn54215-150400.17.1 added
- texlive-context-fullpage-2021.189.svn47085-150400.17.1 added
- texlive-context-gantt-2021.189.svn47085-150400.17.1 added
- texlive-context-gnuplot-2021.189.svn47085-150400.17.1 added
- texlive-context-handlecsv-2021.189.svn51306-150400.17.1 added
- texlive-context-inifile-2021.189.svn47085-150400.17.1 added
- texlive-context-layout-2021.189.svn47085-150400.17.1 added
- texlive-context-letter-2021.189.svn56073-150400.17.1 added
- texlive-context-lettrine-2021.189.svn47085-150400.17.1 added
- texlive-context-mathsets-2021.189.svn47085-150400.17.1 added
- texlive-context-notes-zh-cn-2021.189.svn23171-150400.17.1 added
- texlive-context-rst-2021.189.svn47085-150400.17.1 added
- texlive-context-ruby-2021.189.svn47085-150400.17.1 added
- texlive-context-simplefonts-2021.189.svn47085-150400.17.1 added
- texlive-context-simpleslides-2021.189.svn47085-150400.17.1 added
- texlive-context-title-2021.189.svn47085-150400.17.1 added
- texlive-context-transliterator-2021.189.svn47085-150400.17.1 added
- texlive-context-typearea-2021.189.svn47085-150400.17.1 added
- texlive-context-typescripts-2021.189.svn47085-150400.17.1 added
- texlive-context-vim-2021.189.svn58082-150400.17.1 added
- texlive-context-visualcounter-2021.189.svn47085-150400.17.1 added
- texlive-continue-2021.189.0.0.2svn49449-150400.17.1 added
- texlive-contour-2021.189.2.14svn18950-150400.17.1 added
- texlive-contracard-2021.189.2.0.0svn50217-150400.17.1 added
- texlive-conv-xkv-2021.189.svn43558-150400.17.1 added
- texlive-convbkmk-2021.189.0.0.30svn49252-150400.17.1 added
- texlive-cooking-2021.189.0.0.9bsvn15878-150400.17.1 added
- texlive-cooking-units-2021.189.1.46svn53403-150400.17.1 added
- texlive-cookingsymbols-2021.189.1.1svn35929-150400.17.1 added
- texlive-cool-2021.189.1.35svn15878-150400.17.1 added
- texlive-coollist-2021.189.1.4svn15878-150400.17.1 added
- texlive-coolstr-2021.189.2.2svn15878-150400.17.1 added
- texlive-coolthms-2021.189.1.2svn29062-150400.17.1 added
- texlive-cooltooltips-2021.189.1.0svn15878-150400.17.1 added
- texlive-coordsys-2021.189.1.4svn15878-150400.17.1 added
- texlive-copyedit-2021.189.1.6svn37928-150400.17.1 added
- texlive-copyrightbox-2021.189.0.0.1svn24829-150400.17.1 added
- texlive-cormorantgaramond-2021.189.3.601svn54696-150400.17.1 added
- texlive-cormorantgaramond-fonts-2021.189.3.601svn54696-150400.17.1 added
- texlive-correctmathalign-2021.189.1.1svn44131-150400.17.1 added
- texlive-coseoul-2021.189.1.1svn23862-150400.17.1 added
- texlive-countriesofeurope-2021.189.0.0.23svn54512-150400.17.1 added
- texlive-countriesofeurope-fonts-2021.189.0.0.23svn54512-150400.17.1 added
- texlive-counttexruns-2021.189.1.00asvn27576-150400.17.1 added
- texlive-courier-2021.189.svn35058-150400.17.1 added
- texlive-courier-fonts-2021.189.svn35058-150400.17.1 added
- texlive-courier-scaled-2021.189.svn24940-150400.17.1 added
- texlive-courierten-2021.189.svn55436-150400.17.1 added
- texlive-courierten-fonts-2021.189.svn55436-150400.17.1 added
- texlive-courseoutline-2021.189.1.0svn15878-150400.17.1 added
- texlive-coursepaper-2021.189.2.0svn15878-150400.17.1 added
- texlive-coverpage-2021.189.1.01svn15878-150400.17.1 added
- texlive-covington-2021.189.2.5svn58589-150400.17.1 added
- texlive-cprotect-2021.189.1.0esvn21209-150400.17.1 added
- texlive-cqubeamer-2021.189.1.0svn54512-150400.17.1 added
- texlive-cquthesis-2021.189.1.50svn55643-150400.17.1 added
- texlive-crbox-2021.189.0.0.1svn29803-150400.17.1 added
- texlive-crimson-2021.189.svn54512-150400.17.1 added
- texlive-crimson-fonts-2021.189.svn54512-150400.17.1 added
- texlive-crimsonpro-2021.189.svn54512-150400.17.1 added
- texlive-crimsonpro-fonts-2021.189.svn54512-150400.17.1 added
- texlive-crop-2021.189.1.10.2svn55424-150400.17.1 added
- texlive-crossreference-2021.189.svn15878-150400.17.1 added
- texlive-crossreftools-2021.189.1.0svn55879-150400.17.1 added
- texlive-crossrefware-2021.189.svn47861-150400.17.1 added
- texlive-crossword-2021.189.1.10svn55271-150400.17.1 added
- texlive-crosswrd-2021.189.3.0svn16896-150400.17.1 added
- texlive-cryptocode-2021.189.0.0.40svn55920-150400.17.1 added
- texlive-cryst-2021.189.svn15878-150400.17.1 added
- texlive-cryst-fonts-2021.189.svn15878-150400.17.1 added
- texlive-cs-2021.189.svn41553-150400.17.1 added
- texlive-cs-fonts-2021.189.svn41553-150400.17.1 added
- texlive-csbulletin-2021.189.svn54433-150400.17.1 added
- texlive-cslatex-2021.189.svn57972-150400.17.1 added
- texlive-csplain-2021.189.mar._2021svn58353-150400.17.1 added
- texlive-csquotes-2021.189.5.2lsvn57844-150400.17.1 added
- texlive-csquotes-de-2021.189.1.01svn23371-150400.17.1 added
- texlive-css-colors-2021.189.1.02svn54512-150400.17.1 added
- texlive-cstex-2021.189.svn58354-150400.17.1 added
- texlive-cstypo-2021.189.0.0.03svn41986-150400.17.1 added
- texlive-csvmerge-2021.189.1.0svn51857-150400.17.1 added
- texlive-csvsimple-2021.189.1.21svn51010-150400.17.1 added
- texlive-ctable-2021.189.1.31svn38672-150400.17.1 added
- texlive-ctablestack-2021.189.1.0svn38514-150400.17.1 added
- texlive-ctan-o-mat-2021.189.1.2svn51578-150400.17.1 added
- texlive-ctan_chk-2021.189.1.0svn36304-150400.17.1 added
- texlive-ctanbib-2021.189.0.0.1dsvn52145-150400.17.1 added
- texlive-ctanify-2021.189.1.9.1svn44129-150400.17.1 added
- texlive-ctanupload-2021.189.1.2csvn26313-150400.17.1 added
- texlive-ctex-2021.189.2.5.6svn58583-150400.17.1 added
- texlive-ctex-faq-2021.189.svn15878-150400.17.1 added
- texlive-ctib-2021.189.svn15878-150400.17.1 added
- texlive-ctie-2021.189.1.1svn57972-150400.17.1 added
- texlive-cuisine-2021.189.0.0.7svn34453-150400.17.1 added
- texlive-cuprum-2021.189.svn49909-150400.17.1 added
- texlive-cuprum-fonts-2021.189.svn49909-150400.17.1 added
- texlive-currency-2021.189.0.0.4svn48990-150400.17.1 added
- texlive-currfile-2021.189.0.0.7dsvn56478-150400.17.1 added
- texlive-currvita-2021.189.svn15878-150400.17.1 added
- texlive-cursolatex-2021.189.svn24139-150400.17.1 added
- texlive-curve-2021.189.1.16svn20745-150400.17.1 added
- texlive-curve2e-2021.189.2.2.15svn57402-150400.17.1 added
- texlive-curves-2021.189.1.55svn45255-150400.17.1 added
- texlive-custom-bib-2021.189.4.33svn24729-150400.17.1 added
- texlive-cutwin-2021.189.0.0.1svn29803-150400.17.1 added
- texlive-cv-2021.189.svn15878-150400.17.1 added
- texlive-cv4tw-2021.189.0.0.2svn34577-150400.17.1 added
- texlive-cweb-2021.189.svn57972-150400.17.1 added
- texlive-cweb-latex-2021.189.svn28878-150400.17.1 added
- texlive-cweb-old-2021.189.svn49271-150400.17.1 added
- texlive-cyber-2021.189.2.2svn46776-150400.17.1 added
- texlive-cybercic-2021.189.2.1svn37659-150400.17.1 added
- texlive-cyklop-2021.189.0.0.915svn18651-150400.17.1 added
- texlive-cyklop-fonts-2021.189.0.0.915svn18651-150400.17.1 added
- texlive-cyrillic-2021.189.svn47350-150400.17.1 added
- texlive-cyrillic-bin-2021.189.svn53559-150400.17.1 added
- texlive-cyrplain-2021.189.svn45692-150400.17.1 added
- texlive-dad-2021.189.1.2svn54191-150400.17.1 added
- texlive-dad-fonts-2021.189.1.2svn54191-150400.17.1 added
- texlive-dancers-2021.189.svn13293-150400.17.1 added
- texlive-dantelogo-2021.189.0.0.03svn38599-150400.17.1 added
- texlive-dantelogo-fonts-2021.189.0.0.03svn38599-150400.17.1 added
- texlive-dashbox-2021.189.1.14svn23425-150400.17.1 added
- texlive-dashrule-2021.189.1.3svn29579-150400.17.1 added
- texlive-dashundergaps-2021.189.2.0hsvn58150-150400.17.1 added
- texlive-dataref-2021.189.0.0.6svn42883-150400.17.1 added
- texlive-datatool-2021.189.2.32svn52663-150400.17.1 added
- texlive-datax-2021.189.1.1.1svn57033-150400.17.1 added
- texlive-dateiliste-2021.189.0.0.6svn27974-150400.17.1 added
- texlive-datenumber-2021.189.0.0.02svn18951-150400.17.1 added
- texlive-datetime-2021.189.2.60svn36650-150400.17.1 added
- texlive-datetime2-2021.189.1.5.7svn58590-150400.17.1 added
- texlive-datetime2-bahasai-2021.189.1.01svn46287-150400.17.1 added
- texlive-datetime2-basque-2021.189.1.2asvn47064-150400.17.1 added
- texlive-datetime2-breton-2021.189.1.2svn52647-150400.17.1 added
- texlive-datetime2-bulgarian-2021.189.1.1svn47031-150400.17.1 added
- texlive-datetime2-catalan-2021.189.1.1svn47032-150400.17.1 added
- texlive-datetime2-croatian-2021.189.1.0svn36682-150400.17.1 added
- texlive-datetime2-czech-2021.189.1.1svn47033-150400.17.1 added
- texlive-datetime2-danish-2021.189.1.1svn47034-150400.17.1 added
- texlive-datetime2-dutch-2021.189.1.1svn47355-150400.17.1 added
- texlive-datetime2-en-fulltext-2021.189.1.0svn36705-150400.17.1 added
- texlive-datetime2-english-2021.189.1.05svn52479-150400.17.1 added
- texlive-datetime2-esperanto-2021.189.1.1svn47356-150400.17.1 added
- texlive-datetime2-estonian-2021.189.1.1svn47565-150400.17.1 added
- texlive-datetime2-finnish-2021.189.1.2svn47047-150400.17.1 added
- texlive-datetime2-french-2021.189.1.03svn56393-150400.17.1 added
- texlive-datetime2-galician-2021.189.1.0svn47631-150400.17.1 added
- texlive-datetime2-german-2021.189.3.0svn53125-150400.17.1 added
- texlive-datetime2-greek-2021.189.1.1svn47533-150400.17.1 added
- texlive-datetime2-hebrew-2021.189.1.1svn47534-150400.17.1 added
- texlive-datetime2-icelandic-2021.189.1.1svn47501-150400.17.1 added
- texlive-datetime2-irish-2021.189.1.1svn47632-150400.17.1 added
- texlive-datetime2-it-fulltext-2021.189.1.6svn54779-150400.17.1 added
- texlive-datetime2-italian-2021.189.1.3svn37146-150400.17.1 added
- texlive-datetime2-latin-2021.189.1.0svn47748-150400.17.1 added
- texlive-datetime2-lsorbian-2021.189.1.1svn47749-150400.17.1 added
- texlive-datetime2-magyar-2021.189.1.1svn48266-150400.17.1 added
- texlive-datetime2-norsk-2021.189.1.1svn48267-150400.17.1 added
- texlive-datetime2-polish-2021.189.1.1svn48456-150400.17.1 added
- texlive-datetime2-portuges-2021.189.1.1svn48457-150400.17.1 added
- texlive-datetime2-romanian-2021.189.1.02svn56394-150400.17.1 added
- texlive-datetime2-russian-2021.189.1.1svn49345-150400.17.1 added
- texlive-datetime2-samin-2021.189.1.1svn49346-150400.17.1 added
- texlive-datetime2-scottish-2021.189.1.1svn52101-150400.17.1 added
- texlive-datetime2-serbian-2021.189.2.1.0svn52893-150400.17.1 added
- texlive-datetime2-slovak-2021.189.1.1svn52281-150400.17.1 added
- texlive-datetime2-slovene-2021.189.1.1svn52282-150400.17.1 added
- texlive-datetime2-spanish-2021.189.1.1svn45785-150400.17.1 added
- texlive-datetime2-swedish-2021.189.1.0svn36700-150400.17.1 added
- texlive-datetime2-turkish-2021.189.1.1svn52331-150400.17.1 added
- texlive-datetime2-ukrainian-2021.189.1.2asvn47552-150400.17.1 added
- texlive-datetime2-usorbian-2021.189.1.1svn52375-150400.17.1 added
- texlive-datetime2-welsh-2021.189.1.1svn52553-150400.17.1 added
- texlive-dblfloatfix-2021.189.1.0asvn28983-150400.17.1 added
- texlive-dccpaper-2021.189.2.1svn57522-150400.17.1 added
- texlive-dcpic-2021.189.5.0.0svn30206-150400.17.1 added
- texlive-ddphonism-2021.189.0.0.2svn52009-150400.17.1 added
- texlive-de-macro-2021.189.1.4svn57349-150400.17.1 added
- texlive-decimal-2021.189.svn23374-150400.17.1 added
- texlive-decision-table-2021.189.0.0.0.3svn57094-150400.17.1 added
- texlive-decorule-2021.189.0.0.7svn55230-150400.17.1 added
- texlive-dehyph-2021.189.svn48599-150400.17.1 added
- texlive-dehyph-exptl-2021.189.0.0.7svn58212-150400.17.1 added
- texlive-dejavu-2021.189.2.34svn31771-150400.17.1 added
- texlive-dejavu-fonts-2021.189.2.34svn31771-150400.17.1 added
- texlive-dejavu-otf-2021.189.0.0.04svn45991-150400.17.1 added
- texlive-delim-2021.189.1.0svn23974-150400.17.1 added
- texlive-delimseasy-2021.189.2.0svn39589-150400.17.1 added
- texlive-delimset-2021.189.1.1svn49544-150400.17.1 added
- texlive-delimtxt-2021.189.svn16549-150400.17.1 added
- texlive-denisbdoc-2021.189.0.0.9.1svn56664-150400.17.1 added
- texlive-derivative-2021.189.0.0.98svn55890-150400.17.1 added
- texlive-detex-2021.189.svn57972-150400.17.1 added
- texlive-devel-2021.185-150400.19.4 added
- texlive-dhua-2021.189.0.0.11svn24035-150400.17.1 added
- texlive-diabetes-logbook-2021.189.svn54810-150400.17.1 added
- texlive-diadia-2021.189.1.1svn37656-150400.17.1 added
- texlive-diadia-bin-2021.20210325.svn37645-150400.29.15 added
- texlive-diagbox-2021.189.2.4svn54080-150400.17.1 added
- texlive-diagmac2-2021.189.2.1svn15878-150400.17.1 added
- texlive-diagnose-2021.189.0.0.2svn19387-150400.17.1 added
- texlive-dialogl-2021.189.svn28946-150400.17.1 added
- texlive-dice-2021.189.svn28501-150400.17.1 added
- texlive-dichokey-2021.189.svn17192-150400.17.1 added
- texlive-dickimaw-2021.189.svn32925-150400.17.1 added
- texlive-dictsym-2021.189.svn20031-150400.17.1 added
- texlive-dictsym-fonts-2021.189.svn20031-150400.17.1 added
- texlive-diffcoeff-2021.189.3.2svn53244-150400.17.1 added
- texlive-digiconfigs-2021.189.0.0.5svn15878-150400.17.1 added
- texlive-dijkstra-2021.189.0.0.12svn55661-150400.17.1 added
- texlive-din1505-2021.189.svn19441-150400.17.1 added
- texlive-dinat-2021.189.2.5svn15878-150400.17.1 added
- texlive-dinbrief-2021.189.svn15878-150400.17.1 added
- texlive-dingbat-2021.189.1.0svn27918-150400.17.1 added
- texlive-directory-2021.189.1.20svn15878-150400.17.1 added
- texlive-dirtree-2021.189.0.0.32svn42428-150400.17.1 added
- texlive-dirtytalk-2021.189.1.0svn20520-150400.17.1 added
- texlive-disser-2021.189.1.5.0svn43417-150400.17.1 added
- texlive-ditaa-2021.189.0.0.9svn48932-150400.17.1 added
- texlive-dithesis-2021.189.0.0.2svn34295-150400.17.1 added
- texlive-dk-bib-2021.189.0.0.6svn15878-150400.17.1 added
- texlive-dlfltxb-2021.189.svn17337-150400.17.1 added
- texlive-dnaseq-2021.189.0.0.01svn17194-150400.17.1 added
- texlive-dnp-2021.189.svn54074-150400.17.1 added
- texlive-doc-pictex-2021.189.svn24927-150400.17.1 added
- texlive-docbytex-2021.189.svn34294-150400.17.1 added
- texlive-doclicense-2021.189.2.3.0svn58350-150400.17.1 added
- texlive-docmfp-2021.189.1.2dsvn15878-150400.17.1 added
- texlive-docmute-2021.189.1.4svn25741-150400.17.1 added
- texlive-docsurvey-2021.189.svn57362-150400.17.1 added
- texlive-doctools-2021.189.0.0.1svn34474-150400.17.1 added
- texlive-documentation-2021.189.0.0.1svn34521-150400.17.1 added
- texlive-docutils-2021.189.svn56594-150400.17.1 added
- texlive-doi-2021.189.svn48634-150400.17.1 added
- texlive-doipubmed-2021.189.1.01svn15878-150400.17.1 added
- texlive-domitian-2021.189.1.0.1svn55286-150400.17.1 added
- texlive-domitian-fonts-2021.189.1.0.1svn55286-150400.17.1 added
- texlive-dosepsbin-2021.189.1.2svn29752-150400.17.1 added
- texlive-dot2texi-2021.189.3.0svn26237-150400.17.1 added
- texlive-dotarrow-2021.189.0.0.01asvn15878-150400.17.1 added
- texlive-dotlessi-2021.189.1.1svn51476-150400.17.1 added
- texlive-dotseqn-2021.189.1.1svn17195-150400.17.1 added
- texlive-dottex-2021.189.0.0.6svn15878-150400.17.1 added
- texlive-doublestroke-2021.189.1.111svn15878-150400.17.1 added
- texlive-doublestroke-fonts-2021.189.1.111svn15878-150400.17.1 added
- texlive-doulossil-2021.189.0.0.1svn56407-150400.17.1 added
- texlive-doulossil-fonts-2021.189.0.0.1svn56407-150400.17.1 added
- texlive-dowith-2021.189.r0.32svn38860-150400.17.1 added
- texlive-download-2021.189.1.2svn52257-150400.17.1 added
- texlive-dox-2021.189.2.4svn46011-150400.17.1 added
- texlive-dozenal-2021.189.7.2svn47680-150400.17.1 added
- texlive-dozenal-fonts-2021.189.7.2svn47680-150400.17.1 added
- texlive-dpcircling-2021.189.1.0svn54994-150400.17.1 added
- texlive-dpfloat-2021.189.svn17196-150400.17.1 added
- texlive-dprogress-2021.189.0.0.1svn15878-150400.17.1 added
- texlive-drac-2021.189.1svn15878-150400.17.1 added
- texlive-draftcopy-2021.189.2.16svn15878-150400.17.1 added
- texlive-draftfigure-2021.189.0.0.2svn44854-150400.17.1 added
- texlive-draftwatermark-2021.189.3.0svn57099-150400.17.1 added
- texlive-dramatist-2021.189.1.2esvn35866-150400.17.1 added
- texlive-dratex-2021.189.svn15878-150400.17.1 added
- texlive-drawmatrix-2021.189.1.5.0svn44471-150400.17.1 added
- texlive-drawstack-2021.189.svn28582-150400.17.1 added
- texlive-drm-2021.189.4.4svn38157-150400.17.1 added
- texlive-drm-fonts-2021.189.4.4svn38157-150400.17.1 added
- texlive-droid-2021.189.3.2svn54512-150400.17.1 added
- texlive-droid-fonts-2021.189.3.2svn54512-150400.17.1 added
- texlive-droit-fr-2021.189.1.2svn39802-150400.17.1 added
- texlive-drs-2021.189.1.1bsvn19232-150400.17.1 added
- texlive-drv-2021.189.0.0.97svn29349-150400.17.1 added
- texlive-dsptricks-2021.189.1.0svn34724-150400.17.1 added
- texlive-dsserif-2021.189.1.01svn54512-150400.17.1 added
- texlive-dsserif-fonts-2021.189.1.01svn54512-150400.17.1 added
- texlive-dtk-2021.189.2.08hsvn56696-150400.17.1 added
- texlive-dtk-bibliography-2021.189.2021_01svn58212-150400.17.1 added
- texlive-dtl-2021.189.0.0.6.1svn52851-150400.17.1 added
- texlive-dtxdescribe-2021.189.1.02svn51652-150400.17.1 added
- texlive-dtxgallery-2021.189.1svn49504-150400.17.1 added
- texlive-dtxgen-2021.189.1.08svn51663-150400.17.1 added
- texlive-dtxtut-2021.189.2.1svn38375-150400.17.1 added
- texlive-ducksay-2021.189.2.5asvn56800-150400.17.1 added
- texlive-duckuments-2021.189.0.0.5svn52271-150400.17.1 added
- texlive-duerer-2021.189.svn20741-150400.17.1 added
- texlive-duerer-latex-2021.189.1.1svn15878-150400.17.1 added
- texlive-duotenzor-2021.189.1.00svn18728-150400.17.1 added
- texlive-dutchcal-2021.189.1.0svn54080-150400.17.1 added
- texlive-dutchcal-fonts-2021.189.1.0svn54080-150400.17.1 added
- texlive-dvdcoll-2021.189.1.1asvn15878-150400.17.1 added
- texlive-dvgloss-2021.189.0.0.1svn29103-150400.17.1 added
- texlive-dviasm-2021.189.svn56373-150400.17.1 added
- texlive-dvicopy-2021.189.1.5svn57972-150400.17.1 added
- texlive-dvidvi-2021.189.svn52851-150400.17.1 added
- texlive-dviincl-2021.189.1.00svn29349-150400.17.1 added
- texlive-dviinfox-2021.189.1.04svn44515-150400.17.1 added
- texlive-dviljk-2021.189.svn52851-150400.17.1 added
- texlive-dviout-util-2021.189.svn52851-150400.17.1 added
- texlive-dvipdfmx-2021.189.svn58645-150400.17.1 added
- texlive-dvipng-2021.189.1.17svn57972-150400.17.1 added
- texlive-dvipos-2021.189.svn52851-150400.17.1 added
- texlive-dvips-2021.189.svn57972-150400.17.1 added
- texlive-dvipsconfig-2021.189.1.6svn13293-150400.17.1 added
- texlive-dvisvgm-2021.189.2.11svn57972-150400.17.1 added
- texlive-dynamicnumber-2021.189.0.0.1.3svn38726-150400.17.1 added
- texlive-dynblocks-2021.189.0.0.2bsvn35193-150400.17.1 added
- texlive-dynkin-diagrams-2021.189.3.1415926535897932svn58758-150400.17.1 added
- texlive-dyntree-2021.189.1.0svn15878-150400.17.1 added
- texlive-e-french-2021.189.6.11svn52027-150400.17.1 added
- texlive-ean-2021.189.svn20851-150400.17.1 added
- texlive-ean13isbn-2021.189.svn57514-150400.17.1 added
- texlive-easy-2021.189.0.0.99svn19440-150400.17.1 added
- texlive-easy-todo-2021.189.svn32677-150400.17.1 added
- texlive-easybook-2021.189.1.24esvn58762-150400.17.1 added
- texlive-easyfig-2021.189.1.2asvn56291-150400.17.1 added
- texlive-easyfloats-2021.189.1.0.0svn57204-150400.17.1 added
- texlive-easyformat-2021.189.1.4.0svn44543-150400.17.1 added
- texlive-easylist-2021.189.1.3svn32661-150400.17.1 added
- texlive-easyreview-2021.189.1.0svn38352-150400.17.1 added
- texlive-ebezier-2021.189.4svn15878-150400.17.1 added
- texlive-ebgaramond-2021.189.svn54721-150400.17.1 added
- texlive-ebgaramond-fonts-2021.189.svn54721-150400.17.1 added
- texlive-ebgaramond-maths-2021.189.1.2svn52168-150400.17.1 added
- texlive-ebook-2021.189.svn29466-150400.17.1 added
- texlive-ebproof-2021.189.2.1.1svn57544-150400.17.1 added
- texlive-ebsthesis-2021.189.1.0svn15878-150400.17.1 added
- texlive-ec-2021.189.1.0svn25033-150400.17.1 added
- texlive-ecc-2021.189.svn15878-150400.17.1 added
- texlive-ecclesiastic-2021.189.0.0.3svn38172-150400.17.1 added
- texlive-ecgdraw-2021.189.0.0.1svn41617-150400.17.1 added
- texlive-ecltree-2021.189.1.1asvn15878-150400.17.1 added
- texlive-eco-2021.189.1.3svn29349-150400.17.1 added
- texlive-ecobiblatex-2021.189.1.0svn39233-150400.17.1 added
- texlive-econ-bst-2021.189.2.8svn54191-150400.17.1 added
- texlive-econlipsum-2021.189.0.0.8.2svn58390-150400.17.1 added
- texlive-econometrics-2021.189.1.0svn39396-150400.17.1 added
- texlive-economic-2021.189.svn32639-150400.17.1 added
- texlive-ecothesis-2021.189.1.2svn48007-150400.17.1 added
- texlive-ecv-2021.189.0.0.3svn24928-150400.17.1 added
- texlive-eczar-2021.189.0.0.1svn57716-150400.17.1 added
- texlive-eczar-fonts-2021.189.0.0.1svn57716-150400.17.1 added
- texlive-ed-2021.189.1.8svn25231-150400.17.1 added
- texlive-edfnotes-2021.189.0.0.6bsvn21540-150400.17.1 added
- texlive-edichokey-2021.189.2.01ysvn56223-150400.17.1 added
- texlive-edmac-2021.189.3.17svn15878-150400.17.1 added
- texlive-edmargin-2021.189.1.2svn27599-150400.17.1 added
- texlive-ednotes-2021.189.1.3asvn35829-150400.17.1 added
- texlive-eemeir-2021.189.1.1bsvn15878-150400.17.1 added
- texlive-eepic-2021.189.1.1esvn15878-150400.17.1 added
- texlive-efbox-2021.189.1.0svn33236-150400.17.1 added
- texlive-egameps-2021.189.1.1svn15878-150400.17.1 added
- texlive-egplot-2021.189.1.02asvn20617-150400.17.1 added
- texlive-ehhline-2021.189.1.1svn54676-150400.17.1 added
- texlive-eiad-2021.189.svn15878-150400.17.1 added
- texlive-eiad-ltx-2021.189.1.0svn15878-150400.17.1 added
- texlive-eijkhout-2021.189.svn15878-150400.17.1 added
- texlive-einfart-2021.189.svn58414-150400.17.1 added
- texlive-ejpecp-2021.189.1.9.0svn56728-150400.17.1 added
- texlive-ekaia-2021.189.1.06svn49594-150400.17.1 added
- texlive-ekdosis-2021.189.1.2svn58721-150400.17.1 added
- texlive-ektype-tanka-2021.189.0.0.2svn56070-150400.17.1 added
- texlive-ektype-tanka-fonts-2021.189.0.0.2svn56070-150400.17.1 added
- texlive-elbioimp-2021.189.1.2svn21758-150400.17.1 added
- texlive-electrum-2021.189.1.005_bsvn19705-150400.17.1 added
- texlive-electrum-fonts-2021.189.1.005_bsvn19705-150400.17.1 added
- texlive-eledform-2021.189.1.1asvn38114-150400.17.1 added
- texlive-eledmac-2021.189.1.24.12svn45418-150400.17.1 added
- texlive-elegantbook-2021.189.3.11svn54758-150400.17.1 added
- texlive-elegantnote-2021.189.2.30svn54758-150400.17.1 added
- texlive-elegantpaper-2021.189.0.0.09svn54758-150400.17.1 added
- texlive-elements-2021.189.0.0.3svn52398-150400.17.1 added
- texlive-ellipse-2021.189.1.0svn39025-150400.17.1 added
- texlive-ellipsis-2021.189.1.8svn55418-150400.17.1 added
- texlive-elmath-2021.189.1.2svn15878-150400.17.1 added
- texlive-elocalloc-2021.189.0.0.03svn42712-150400.17.1 added
- texlive-elpres-2021.189.0.0.8svn58015-150400.17.1 added
- texlive-els-cas-templates-2021.189.2.1svn54317-150400.17.1 added
- texlive-elsarticle-2021.189.3.3svn56999-150400.17.1 added
- texlive-elteikthesis-2021.189.2.1svn55928-150400.17.1 added
- texlive-eltex-2021.189.2.0svn15878-150400.17.1 added
- texlive-elvish-2021.189.svn15878-150400.17.1 added
- texlive-elzcards-2021.189.1.60svn51894-150400.17.1 added
- texlive-emarks-2021.189.1.0svn24504-150400.17.1 added
- texlive-embedall-2021.189.2.0svn51177-150400.17.1 added
- texlive-embedfile-2021.189.2.11svn54865-150400.17.1 added
- texlive-embrac-2021.189.0.0.9asvn57814-150400.17.1 added
- texlive-emf-2021.189.1svn42023-150400.17.1 added
- texlive-emisa-2021.189.2.3.0svn57013-150400.17.1 added
- texlive-emoji-2021.189.0.0.2.1svn55678-150400.17.1 added
- texlive-emojicite-2021.189.0.0.3svn55131-150400.17.1 added
- texlive-emp-2021.189.svn23483-150400.17.1 added
- texlive-emptypage-2021.189.1.2svn18064-150400.17.1 added
- texlive-emulateapj-2021.189.svn28469-150400.17.1 added
- texlive-enctex-2021.189.svn34957-150400.17.1 added
- texlive-encxvlna-2021.189.1.1svn34087-150400.17.1 added
- texlive-endfloat-2021.189.2.7svn57090-150400.17.1 added
- texlive-endheads-2021.189.1.6svn43750-150400.17.1 added
- texlive-endiagram-2021.189.0.0.1dsvn34486-150400.17.1 added
- texlive-endnotes-2021.189.svn53319-150400.17.1 added
- texlive-endnotes-hy-2021.189.svn54758-150400.17.1 added
- texlive-endnotesj-2021.189.3.0svn47703-150400.17.1 added
- texlive-endofproofwd-2021.189.svn55643-150400.17.1 added
- texlive-engpron-2021.189.2svn16558-150400.17.1 added
- texlive-engrec-2021.189.1.1svn15878-150400.17.1 added
- texlive-engtlc-2021.189.3.2svn28571-150400.17.1 added
- texlive-enigma-2021.189.0.0.1svn29802-150400.17.1 added
- texlive-enotez-2021.189.0.0.10csvn57130-150400.17.1 added
- texlive-enumitem-2021.189.3.9svn51423-150400.17.1 added
- texlive-enumitem-zref-2021.189.1.8svn21472-150400.17.1 added
- texlive-envbig-2021.189.svn15878-150400.17.1 added
- texlive-environ-2021.189.0.0.3svn56615-150400.17.1 added
- texlive-envlab-2021.189.1.2svn15878-150400.17.1 added
- texlive-epigrafica-2021.189.1.01svn17210-150400.17.1 added
- texlive-epigrafica-fonts-2021.189.1.01svn17210-150400.17.1 added
- texlive-epigram-2021.189.svn20513-150400.17.1 added
- texlive-epigraph-2021.189.1.5esvn54857-150400.17.1 added
- texlive-epigraph-keys-2021.189.1.0svn54851-150400.17.1 added
- texlive-epiolmec-2021.189.svn15878-150400.17.1 added
- texlive-epiolmec-fonts-2021.189.svn15878-150400.17.1 added
- texlive-eplain-2021.189.3.11svn57186-150400.17.1 added
- texlive-epsdice-2021.189.2.1svn15878-150400.17.1 added
- texlive-epsf-2021.189.2.7.4svn21461-150400.17.1 added
- texlive-epsf-dvipdfmx-2021.189.2014svn35575-150400.17.1 added
- texlive-epsincl-2021.189.0.0.2svn29349-150400.17.1 added
- texlive-epslatex-fr-2021.189.svn19440-150400.17.1 added
- texlive-epspdf-2021.189.0.0.6.5svn53472-150400.17.1 added
- texlive-epspdfconversion-2021.189.0.0.61svn18703-150400.17.1 added
- texlive-epstopdf-2021.189.2.28svn48684-150400.17.1 added
- texlive-epstopdf-pkg-2021.189.2.11svn53546-150400.17.1 added
- texlive-eq-pin2corr-2021.189.1.0svn57815-150400.17.1 added
- texlive-eqell-2021.189.svn22931-150400.17.1 added
- texlive-eqexpl-2021.189.1.1svn54080-150400.17.1 added
- texlive-eqlist-2021.189.2.1svn32257-150400.17.1 added
- texlive-eqnalign-2021.189.1.0asvn43278-150400.17.1 added
- texlive-eqname-2021.189.svn20678-150400.17.1 added
- texlive-eqnarray-2021.189.1.3svn20641-150400.17.1 added
- texlive-eqnnumwarn-2021.189.1.0svn45511-150400.17.1 added
- texlive-eqparbox-2021.189.4.1svn45215-150400.17.1 added
- texlive-erdc-2021.189.1.1svn15878-150400.17.1 added
- texlive-erewhon-2021.189.1.115svn58722-150400.17.1 added
- texlive-erewhon-fonts-2021.189.1.115svn58722-150400.17.1 added
- texlive-erewhon-math-2021.189.0.0.45svn56703-150400.17.1 added
- texlive-erewhon-math-fonts-2021.189.0.0.45svn56703-150400.17.1 added
- texlive-errata-2021.189.0.0.3svn42428-150400.17.1 added
- texlive-erw-l3-2021.189.3.1svn55414-150400.17.1 added
- texlive-es-tex-faq-2021.189.1.97svn15878-150400.17.1 added
- texlive-esami-2021.189.2.5svn47639-150400.17.1 added
- texlive-esdiff-2021.189.1.2svn21385-150400.17.1 added
- texlive-esindex-2021.189.1.7svn52342-150400.17.1 added
- texlive-esint-2021.189.1.2dsvn52240-150400.17.1 added
- texlive-esint-type1-2021.189.svn15878-150400.17.1 added
- texlive-esint-type1-fonts-2021.189.svn15878-150400.17.1 added
- texlive-esk-2021.189.1.0svn18115-150400.17.1 added
- texlive-eskd-2021.189.svn15878-150400.18.1 added
- texlive-eskdx-2021.189.0.0.98svn29235-150400.18.1 added
- texlive-eso-pic-2021.189.3.0asvn56658-150400.18.1 added
- texlive-esrelation-2021.189.svn37236-150400.18.1 added
- texlive-esrelation-fonts-2021.189.svn37236-150400.18.1 added
- texlive-esstix-2021.189.1.0svn22426-150400.18.1 added
- texlive-esstix-fonts-2021.189.1.0svn22426-150400.18.1 added
- texlive-estcpmm-2021.189.0.0.4svn17335-150400.18.1 added
- texlive-esvect-2021.189.1.3svn32098-150400.18.1 added
- texlive-esvect-fonts-2021.189.1.3svn32098-150400.18.1 added
- texlive-etaremune-2021.189.1.2svn15878-150400.18.1 added
- texlive-etbb-2021.189.1.051svn56390-150400.18.1 added
- texlive-etbb-fonts-2021.189.1.051svn56390-150400.18.1 added
- texlive-etdipa-2021.189.2.6svn36354-150400.18.1 added
- texlive-etex-2021.189.svn56291-150400.18.1 added
- texlive-etex-pkg-2021.189.2.7svn41784-150400.18.1 added
- texlive-etexcmds-2021.189.1.7svn53171-150400.18.1 added
- texlive-etextools-2021.189.3.1415926svn20694-150400.18.1 added
- texlive-ethiop-2021.189.0.0.7svn15878-150400.18.1 added
- texlive-ethiop-t1-2021.189.svn15878-150400.18.1 added
- texlive-ethiop-t1-fonts-2021.189.svn15878-150400.18.1 added
- texlive-etoc-2021.189.1.09csvn55156-150400.18.1 added
- texlive-etoolbox-2021.189.2.5ksvn56554-150400.18.1 added
- texlive-etoolbox-de-2021.189.1svn21906-150400.18.1 added
- texlive-etsvthor-2021.189.1.0svn48186-150400.18.1 added
- texlive-euclideangeometry-2021.189.0.0.1.8svn54897-150400.18.1 added
- texlive-euenc-2021.189.0.0.1hsvn19795-150400.18.1 added
- texlive-euflag-2021.189.0.0.8svn55265-150400.18.1 added
- texlive-eukdate-2021.189.1.04svn15878-150400.18.1 added
- texlive-euler-2021.189.2.5svn42428-150400.18.1 added
- texlive-eulerpx-2021.189.0.0.2.1svn43735-150400.18.1 added
- texlive-eulervm-2021.189.4.0svn15878-150400.18.1 added
- texlive-euro-2021.189.1.1svn22191-150400.18.1 added
- texlive-euro-ce-2021.189.3.0bsvn25714-150400.18.1 added
- texlive-europasscv-2021.189.svn56829-150400.18.1 added
- texlive-europecv-2021.189.svn57641-150400.18.1 added
- texlive-eurosym-2021.189.1.4_subrfixsvn17265-150400.18.1 added
- texlive-eurosym-fonts-2021.189.1.4_subrfixsvn17265-150400.18.1 added
- texlive-euxm-2021.189.svn54074-150400.18.1 added
- texlive-everyhook-2021.189.1.2svn35675-150400.18.1 added
- texlive-everypage-2021.189.2.0bsvn56694-150400.18.1 added
- texlive-everysel-2021.189.2.1svn57489-150400.18.1 added
- texlive-everyshi-2021.189.4.00svn57001-150400.18.1 added
- texlive-exam-2021.189.2.7svn58023-150400.18.1 added
- texlive-exam-n-2021.189.1.1.4svn42755-150400.18.1 added
- texlive-exam-randomizechoices-2021.189.0.0.1svn49662-150400.18.1 added
- texlive-examdesign-2021.189.1.101svn15878-150400.18.1 added
- texlive-example-2021.189.svn33398-150400.18.1 added
- texlive-examplep-2021.189.0.0.04svn55265-150400.18.1 added
- texlive-exceltex-2021.189.0.0.5.1svn26313-150400.18.1 added
- texlive-excludeonly-2021.189.1.0svn17262-150400.18.1 added
- texlive-exercise-2021.189.1.6svn35417-150400.18.1 added
- texlive-exercisebank-2021.189.0.0.3.0svn50448-150400.18.1 added
- texlive-exercisepoints-2021.189.1.2.3svn49590-150400.18.1 added
- texlive-exercises-2021.189.1.1svn55188-150400.18.1 added
- texlive-exesheet-2021.189.1.0svn55916-150400.18.1 added
- texlive-exframe-2021.189.3.4svn53911-150400.18.1 added
- texlive-exp-testopt-2021.189.0.0.3svn15878-150400.18.1 added
- texlive-expdlist-2021.189.2.4svn15878-150400.18.1 added
- texlive-expex-2021.189.5.1bsvn44499-150400.18.1 added
- texlive-expkv-2021.189.1.6svn57247-150400.18.1 added
- texlive-expkv-cs-2021.189.0.0.6svn56693-150400.18.1 added
- texlive-expkv-def-2021.189.0.0.7svn57246-150400.18.1 added
- texlive-expkv-opt-2021.189.0.0.1bsvn56633-150400.18.1 added
- texlive-export-2021.189.1.8svn27206-150400.18.1 added
- texlive-expose-expl3-dunkerque-2019-2021.189.1.2svn54451-150400.18.1 added
- texlive-expressg-2021.189.1.5svn29349-150400.18.1 added
- texlive-exsheets-2021.189.0.0.21ksvn52227-150400.18.1 added
- texlive-exsol-2021.189.1.4svn48977-150400.18.1 added
- texlive-extarrows-2021.189.1.2.0svn54400-150400.18.1 added
- texlive-exteps-2021.189.0.0.41svn19859-150400.18.1 added
- texlive-extpfeil-2021.189.0.0.4svn16243-150400.18.1 added
- texlive-extract-2021.189.1.9asvn52117-150400.18.1 added
- texlive-extratools-2021.185-150400.19.4 added
- texlive-extsizes-2021.189.1.4asvn17263-150400.18.1 added
- texlive-facsimile-2021.189.1.0svn21328-150400.18.1 added
- texlive-factura-2021.189.4.00svn56948-150400.18.1 added
- texlive-facture-2021.189.1.2.2svn43865-150400.18.1 added
- texlive-facture-belge-simple-sans-tva-2021.189.2.1svn49004-150400.18.1 added
- texlive-faktor-2021.189.0.0.1bsvn15878-150400.18.1 added
- texlive-fancybox-2021.189.1.4svn18304-150400.18.1 added
- texlive-fancyhandout-2021.189.svn46411-150400.18.1 added
- texlive-fancyhdr-2021.189.4.0.1svn57672-150400.18.1 added
- texlive-fancyhdr-it-2021.189.svn21912-150400.18.1 added
- texlive-fancylabel-2021.189.1.1svn46736-150400.18.1 added
- texlive-fancynum-2021.189.0.0.92svn15878-150400.18.1 added
- texlive-fancypar-2021.189.1.2svn49801-150400.18.1 added
- texlive-fancyref-2021.189.0.0.9csvn15878-150400.18.1 added
- texlive-fancyslides-2021.189.1.0svn36263-150400.18.1 added
- texlive-fancytabs-2021.189.1.9svn41549-150400.18.1 added
- texlive-fancytooltips-2021.189.1.8svn56291-150400.18.1 added
- texlive-fancyvrb-2021.189.3.7svn57488-150400.18.1 added
- texlive-fandol-2021.189.0.0.3svn37889-150400.18.1 added
- texlive-fandol-fonts-2021.189.0.0.3svn37889-150400.18.1 added
- texlive-fascicules-2021.189.1svn54080-150400.18.1 added
- texlive-fast-diagram-2021.189.1.1svn29264-150400.18.1 added
- texlive-fbb-2021.189.1.16svn55728-150400.18.1 added
- texlive-fbb-fonts-2021.189.1.16svn55728-150400.18.1 added
- texlive-fbithesis-2021.189.1.2msvn21340-150400.18.1 added
- texlive-fbox-2021.189.0.0.05svn55627-150400.18.1 added
- texlive-fbs-2021.189.svn15878-150400.18.1 added
- texlive-fc-2021.189.1.4svn32796-150400.18.1 added
- texlive-fcavtex-2021.189.1.1svn38074-150400.18.1 added
- texlive-fcltxdoc-2021.189.1.0svn24500-150400.18.1 added
- texlive-fcolumn-2021.189.1.3svn57428-150400.18.1 added
- texlive-fdsymbol-2021.189.0.0.8svn26722-150400.18.1 added
- texlive-fdsymbol-fonts-2021.189.0.0.8svn26722-150400.18.1 added
- texlive-fduthesis-2021.189.0.0.7esvn56216-150400.18.1 added
- texlive-featpost-2021.189.0.0.8.8svn35346-150400.18.1 added
- texlive-fei-2021.189.4.10.1svn55960-150400.18.1 added
- texlive-fenixpar-2021.189.0.0.92svn24730-150400.18.1 added
- texlive-fetamont-2021.189.svn43812-150400.18.1 added
- texlive-fetamont-fonts-2021.189.svn43812-150400.18.1 added
- texlive-fetchcls-2021.189.1.0svn45245-150400.18.1 added
- texlive-feupphdteses-2021.189.4.0svn30962-150400.18.1 added
- texlive-fewerfloatpages-2021.189.1.0bsvn58058-150400.18.1 added
- texlive-feyn-2021.189.0.0.4.1svn55777-150400.18.1 added
- texlive-feynmf-2021.189.1.08svn17259-150400.18.1 added
- texlive-feynmp-auto-2021.189.1.1svn30223-150400.18.1 added
- texlive-ffslides-2021.189.svn38895-150400.18.1 added
- texlive-fge-2021.189.1.25svn37628-150400.18.1 added
- texlive-fge-fonts-2021.189.1.25svn37628-150400.18.1 added
- texlive-fgruler-2021.189.1.3svn56854-150400.18.1 added
- texlive-fibeamer-2021.189.1.1.8svn53146-150400.18.1 added
- texlive-fifinddo-info-2021.189.1.1bsvn29349-150400.18.1 added
- texlive-fifo-stack-2021.189.1.0svn33288-150400.18.1 added
- texlive-fig4latex-2021.189.0.0.2svn26313-150400.18.1 added
- texlive-figbas-2021.189.1.0.3svn28943-150400.18.1 added
- texlive-figbas-fonts-2021.189.1.0.3svn28943-150400.18.1 added
- texlive-figbib-2021.189.svn19388-150400.18.1 added
- texlive-figchild-2021.189.1.0.0svn58759-150400.18.1 added
- texlive-figflow-2021.189.svn21462-150400.18.1 added
- texlive-figsize-2021.189.0.0.1svn18784-150400.18.1 added
- texlive-filecontents-2021.189.1.5svn52142-150400.18.1 added
- texlive-filecontentsdef-2021.189.1.5svn52208-150400.18.1 added
- texlive-filedate-2021.189.svn29529-150400.18.1 added
- texlive-filehook-2021.189.0.0.8asvn56479-150400.18.1 added
- texlive-fileinfo-2021.189.0.0.81asvn28421-150400.18.1 added
- texlive-filemod-2021.189.1.2svn56291-150400.18.1 added
- texlive-filesystem-2021.185-150400.19.4 added
- texlive-finbib-2021.189.svn15878-150400.18.1 added
- texlive-findhyph-2021.189.3.4svn47444-150400.18.1 added
- texlive-fink-2021.189.2.2.1svn24329-150400.18.1 added
- texlive-finstrut-2021.189.0.0.5svn21719-150400.18.1 added
- texlive-fira-2021.189.4.3svn55437-150400.18.1 added
- texlive-fira-fonts-2021.189.4.3svn55437-150400.18.1 added
- texlive-firamath-2021.189.0.0.3.4svn56672-150400.18.1 added
- texlive-firamath-fonts-2021.189.0.0.3.4svn56672-150400.18.1 added
- texlive-firamath-otf-2021.189.0.0.02asvn50732-150400.18.1 added
- texlive-first-latex-doc-2021.189.svn15878-150400.18.1 added
- texlive-firstaid-2021.189.1.0jsvn58440-150400.18.1 added
- texlive-fitbox-2021.189.1.02svn50088-150400.18.1 added
- texlive-fithesis-2021.189.0.0.3.51svn54483-150400.18.1 added
- texlive-fix2col-2021.189.0.0.04svn38770-150400.18.1 added
- texlive-fixcmex-2021.189.1.1svn51825-150400.18.1 added
- texlive-fixfoot-2021.189.0.0.3asvn17131-150400.18.1 added
- texlive-fixjfm-2021.189.0.0.8svn47113-150400.18.1 added
- texlive-fixlatvian-2021.189.1asvn21631-150400.18.1 added
- texlive-fixltxhyph-2021.189.0.0.4svn25832-150400.18.1 added
- texlive-fixme-2021.189.4.5svn49591-150400.18.1 added
- texlive-fixmetodonotes-2021.189.0.0.2.2svn30168-150400.18.1 added
- texlive-fixpdfmag-2021.189.svn15878-150400.18.1 added
- texlive-fiziko-2021.189.0.0.1.3svn54512-150400.18.1 added
- texlive-fjodor-2021.189.svn53207-150400.18.1 added
- texlive-flabels-2021.189.1.0svn17272-150400.18.1 added
- texlive-flacards-2021.189.0.0.1.1bsvn19440-150400.18.1 added
- texlive-flagderiv-2021.189.0.0.10svn15878-150400.18.1 added
- texlive-flashcards-2021.189.1.0.1svn19667-150400.18.1 added
- texlive-flashmovie-2021.189.0.0.4svn25768-150400.18.1 added
- texlive-flipbook-2021.189.0.0.2svn25584-150400.18.1 added
- texlive-flippdf-2021.189.2.0bsvn56782-150400.18.1 added
- texlive-float-2021.189.1.3dsvn15878-150400.17.1 added
- texlive-floatrow-2021.189.0.0.3bsvn15878-150400.17.1 added
- texlive-flowchart-2021.189.3.3svn36572-150400.17.1 added
- texlive-flowfram-2021.189.1.17svn35291-150400.17.1 added
- texlive-fltpoint-2021.189.1.1bsvn56594-150400.17.1 added
- texlive-fmp-2021.189.svn15878-150400.17.1 added
- texlive-fmtcount-2021.189.3.07svn53912-150400.17.1 added
- texlive-fn2end-2021.189.1.1svn15878-150400.17.1 added
- texlive-fnbreak-2021.189.1.30svn25003-150400.17.1 added
- texlive-fncychap-2021.189.1.34svn20710-150400.17.1 added
- texlive-fncylab-2021.189.1.1svn52090-150400.17.1 added
- texlive-fnpara-2021.189.svn25607-150400.17.1 added
- texlive-fnpct-2021.189.1.0svn57508-150400.17.1 added
- texlive-fnspe-2021.189.1.2asvn45360-150400.17.1 added
- texlive-fntproof-2021.189.svn20638-150400.17.1 added
- texlive-fnumprint-2021.189.1.1asvn29173-150400.17.1 added
- texlive-foekfont-2021.189.svn15878-150400.17.1 added
- texlive-foekfont-fonts-2021.189.svn15878-150400.17.1 added
- texlive-foilhtml-2021.189.1.2svn21855-150400.17.1 added
- texlive-fonetika-2021.189.svn21326-150400.17.1 added
- texlive-fonetika-fonts-2021.189.svn21326-150400.17.1 added
- texlive-font-change-2021.189.2015.2svn40403-150400.17.1 added
- texlive-font-change-xetex-2021.189.2016.1svn40404-150400.17.1 added
- texlive-fontawesome-2021.189.4.6.3.2svn48145-150400.17.1 added
- texlive-fontawesome-fonts-2021.189.4.6.3.2svn48145-150400.17.1 added
- texlive-fontawesome5-2021.189.5.13.0svn54517-150400.17.1 added
- texlive-fontawesome5-fonts-2021.189.5.13.0svn54517-150400.17.1 added
- texlive-fontaxes-2021.189.1.0esvn55920-150400.17.1 added
- texlive-fontbook-2021.189.0.0.2svn23608-150400.17.1 added
- texlive-fontch-2021.189.2.2svn17859-150400.17.1 added
- texlive-fontinst-2021.189.1.933svn53562-150400.17.1 added
- texlive-fontmfizz-2021.189.svn43546-150400.17.1 added
- texlive-fontmfizz-fonts-2021.189.svn43546-150400.17.1 added
- texlive-fontname-2021.189.svn53228-150400.17.1 added
- texlive-fontools-2021.189.svn58747-150400.17.1 added
- texlive-fonts-churchslavonic-2021.189.2.2svn56350-150400.17.1 added
- texlive-fonts-churchslavonic-fonts-2021.189.2.2svn56350-150400.17.1 added
- texlive-fonts-tlwg-2021.189.0.0.7.2svn54994-150400.17.1 added
- texlive-fonts-tlwg-fonts-2021.189.0.0.7.2svn54994-150400.17.1 added
- texlive-fontsetup-2021.189.1.009svn57553-150400.17.1 added
- texlive-fontsize-2021.189.0.0.8.1svn58508-150400.17.1 added
- texlive-fontspec-2021.189.2.7isvn56594-150400.17.1 added
- texlive-fonttable-2021.189.1.6csvn44799-150400.17.1 added
- texlive-fontware-2021.189.svn57972-150400.17.1 added
- texlive-fontwrap-2021.189.svn15878-150400.17.1 added
- texlive-footbib-2021.189.2.0.7svn17115-150400.17.1 added
- texlive-footmisc-2021.189.5.5bsvn23330-150400.17.1 added
- texlive-footmisx-2021.189.20161201svn42621-150400.17.1 added
- texlive-footnotebackref-2021.189.1.0svn27034-150400.17.1 added
- texlive-footnotehyper-2021.189.1.1dsvn57618-150400.17.1 added
- texlive-footnoterange-2021.189.1.0csvn52910-150400.17.1 added
- texlive-footnpag-2021.189.svn15878-150400.17.1 added
- texlive-forarray-2021.189.1.01svn15878-150400.17.1 added
- texlive-foreign-2021.189.2.7svn27819-150400.17.1 added
- texlive-forest-2021.189.2.1.5svn57398-150400.17.1 added
- texlive-forest-quickstart-2021.189.svn55688-150400.17.1 added
- texlive-forloop-2021.189.3.0svn15878-150400.17.1 added
- texlive-formation-latex-ul-2021.189.2020.10svn56714-150400.17.1 added
- texlive-formlett-2021.189.2.3svn21480-150400.17.1 added
- texlive-forms16be-2021.189.1.3svn51305-150400.17.1 added
- texlive-formular-2021.189.1.0asvn15878-150400.17.1 added
- texlive-forum-2021.189.svn56025-150400.17.1 added
- texlive-forum-fonts-2021.189.svn56025-150400.17.1 added
- texlive-fouridx-2021.189.2.00svn32214-150400.17.1 added
- texlive-fourier-2021.189.2.2svn54090-150400.17.1 added
- texlive-fourier-fonts-2021.189.2.2svn54090-150400.17.1 added
- texlive-fouriernc-2021.189.svn29646-150400.17.1 added
- texlive-fp-2021.189.2.1dsvn49719-150400.17.1 added
- texlive-fpl-2021.189.1.003svn54512-150400.17.1 added
- texlive-fpl-fonts-2021.189.1.003svn54512-150400.17.1 added
- texlive-fragmaster-2021.189.1.6svn26313-150400.17.1 added
- texlive-fragments-2021.189.svn15878-150400.17.1 added
- texlive-frame-2021.189.1.0svn18312-150400.17.1 added
- texlive-framed-2021.189.0.0.96svn26789-150400.17.1 added
- texlive-francais-bst-2021.189.1.1svn38922-150400.17.1 added
- texlive-frankenstein-2021.189.svn15878-150400.17.1 added
- texlive-frcursive-2021.189.svn24559-150400.17.1 added
- texlive-frcursive-fonts-2021.189.svn24559-150400.17.1 added
- texlive-frederika2016-2021.189.1.000_2016_initial_releasesvn42157-150400.17.1 added
- texlive-frederika2016-fonts-2021.189.1.000_2016_initial_releasesvn42157-150400.17.1 added
- texlive-frege-2021.189.1.3svn27417-150400.17.1 added
- texlive-frenchmath-2021.189.1.5svn56847-150400.17.1 added
- texlive-frimurer-2021.189.1svn56704-150400.17.1 added
- texlive-frimurer-fonts-2021.189.1svn56704-150400.17.1 added
- texlive-frletter-2021.189.svn15878-150400.17.1 added
- texlive-frontespizio-2021.189.1.4asvn24054-150400.17.1 added
- texlive-froufrou-2021.189.1.2svn57248-150400.17.1 added
- texlive-frpseudocode-2021.189.0.0.3.0svn56088-150400.17.1 added
- texlive-ftc-notebook-2021.189.1.1svn50043-150400.17.1 added
- texlive-ftcap-2021.189.1.4svn17275-150400.17.1 added
- texlive-ftnxtra-2021.189.0.0.1svn29652-150400.17.1 added
- texlive-fullblck-2021.189.1.03svn25434-150400.17.1 added
- texlive-fullminipage-2021.189.0.0.1.1svn34545-150400.17.1 added
- texlive-fullwidth-2021.189.0.0.1svn24684-150400.17.1 added
- texlive-functan-2021.189.svn15878-150400.17.1 added
- texlive-fundus-calligra-2021.189.1.2svn26018-150400.17.1 added
- texlive-fundus-cyr-2021.189.svn26019-150400.17.1 added
- texlive-fundus-sueterlin-2021.189.1.2svn26030-150400.17.1 added
- texlive-fvextra-2021.189.1.4svn49947-150400.17.1 added
- texlive-fwlw-2021.189.svn29803-150400.17.1 added
- texlive-g-brief-2021.189.4.0.3svn50415-150400.17.1 added
- texlive-gaceta-2021.189.1.06svn15878-150400.17.1 added
- texlive-galois-2021.189.1.5svn15878-150400.17.1 added
- texlive-gamebook-2021.189.1.0svn24714-150400.17.1 added
- texlive-gammas-2021.189.1.1svn56403-150400.17.1 added
- texlive-garamond-libre-2021.189.1.4svn55166-150400.17.1 added
- texlive-garamond-libre-fonts-2021.189.1.4svn55166-150400.17.1 added
- texlive-garamond-math-2021.189.svn52820-150400.17.1 added
- texlive-garamond-math-fonts-2021.189.svn52820-150400.17.1 added
- texlive-garrigues-2021.189.svn15878-150400.17.1 added
- texlive-garuda-c90-2021.189.svn37677-150400.17.1 added
- texlive-gastex-2021.189.3.0svn58505-150400.17.1 added
- texlive-gatech-thesis-2021.189.1.8svn19886-150400.17.1 added
- texlive-gates-2021.189.0.0.2svn29803-150400.17.1 added
- texlive-gatherenum-2021.189.1.8svn52209-150400.17.1 added
- texlive-gauss-2021.189.svn32934-150400.17.1 added
- texlive-gb4e-2021.189.svn19216-150400.17.1 added
- texlive-gbt7714-2021.189.2.1svn57157-150400.17.1 added
- texlive-gcard-2021.189.svn15878-150400.17.1 added
- texlive-gchords-2021.189.1.20svn29803-150400.17.1 added
- texlive-gcite-2021.189.1.0.1svn15878-150400.17.1 added
- texlive-gckanbun-2021.189.1.2svn58754-150400.17.1 added
- texlive-gender-2021.189.1.0svn36464-150400.17.1 added
- texlive-gene-logic-2021.189.1.4svn15878-150400.17.1 added
- texlive-genealogy-2021.189.svn25112-150400.17.1 added
- texlive-genealogytree-2021.189.2.01svn55978-150400.17.1 added
- texlive-genmpage-2021.189.0.0.3.1svn15878-150400.17.1 added
- texlive-gentium-tug-2021.189.1.1.1svn54512-150400.17.1 added
- texlive-gentium-tug-fonts-2021.189.1.1.1svn54512-150400.17.1 added
- texlive-gentle-2021.189.svn15878-150400.17.1 added
- texlive-gentombow-2021.189.svn56665-150400.17.1 added
- texlive-geometry-2021.189.5.9svn54080-150400.17.1 added
- texlive-german-2021.189.2.5esvn42428-150400.17.1 added
- texlive-germbib-2021.189.svn15878-150400.17.1 added
- texlive-germkorr-2021.189.1.0svn15878-150400.17.1 added
- texlive-geschichtsfrkl-2021.189.1.4svn42121-150400.17.1 added
- texlive-getfiledate-2021.189.1.2svn16189-150400.17.1 added
- texlive-getitems-2021.189.1.0svn39365-150400.17.1 added
- texlive-getmap-2021.189.1.11svn50589-150400.17.1 added
- texlive-getoptk-2021.189.1.0svn23567-150400.17.1 added
- texlive-gettitlestring-2021.189.1.6svn53170-150400.17.1 added
- texlive-gfnotation-2021.189.2.9svn37156-150400.17.1 added
- texlive-gfsartemisia-2021.189.1.0svn19469-150400.17.1 added
- texlive-gfsartemisia-fonts-2021.189.1.0svn19469-150400.17.1 added
- texlive-gfsbaskerville-2021.189.1.0svn19440-150400.17.1 added
- texlive-gfsbaskerville-fonts-2021.189.1.0svn19440-150400.17.1 added
- texlive-gfsbodoni-2021.189.1.01svn28484-150400.17.1 added
- texlive-gfsbodoni-fonts-2021.189.1.01svn28484-150400.17.1 added
- texlive-gfscomplutum-2021.189.1.0svn19469-150400.17.1 added
- texlive-gfscomplutum-fonts-2021.189.1.0svn19469-150400.17.1 added
- texlive-gfsdidot-2021.189.svn54080-150400.17.1 added
- texlive-gfsdidot-fonts-2021.189.svn54080-150400.17.1 added
- texlive-gfsdidotclassic-2021.189.001.001svn52778-150400.17.1 added
- texlive-gfsdidotclassic-fonts-2021.189.001.001svn52778-150400.17.1 added
- texlive-gfsneohellenic-2021.189.svn54080-150400.17.1 added
- texlive-gfsneohellenic-fonts-2021.189.svn54080-150400.17.1 added
- texlive-gfsneohellenicmath-2021.189.1.0.1svn52570-150400.17.1 added
- texlive-gfsneohellenicmath-fonts-2021.189.1.0.1svn52570-150400.17.1 added
- texlive-gfsporson-2021.189.1.01svn18651-150400.17.1 added
- texlive-gfsporson-fonts-2021.189.1.01svn18651-150400.17.1 added
- texlive-gfssolomos-2021.189.1.0svn18651-150400.17.1 added
- texlive-gfssolomos-fonts-2021.189.1.0svn18651-150400.17.1 added
- texlive-ghab-2021.189.0.0.5svn29803-150400.17.1 added
- texlive-ghsystem-2021.189.4.8csvn53822-150400.17.1 added
- texlive-gillcm-2021.189.1.1svn19878-150400.17.1 added
- texlive-gillius-2021.189.svn32068-150400.17.1 added
- texlive-gillius-fonts-2021.189.svn32068-150400.17.1 added
- texlive-gincltex-2021.189.0.0.3svn56291-150400.17.1 added
- texlive-gindex-2021.189.0.0.2svn52311-150400.17.1 added
- texlive-ginpenc-2021.189.1.0svn24980-150400.17.1 added
- texlive-git-latexdiff-2021.189.1.6.0svn54732-150400.17.1 added
- texlive-gitfile-info-2021.189.0.0.5svn51928-150400.17.1 added
- texlive-gitinfo-2021.189.1.0svn34049-150400.17.1 added
- texlive-gitinfo2-2021.189.2.0.7svn38913-150400.17.1 added
- texlive-gitlog-2021.189.0.0.0.betasvn38932-150400.17.1 added
- texlive-gitver-2021.189.1.3svn56810-150400.17.1 added
- texlive-globalvals-2021.189.1.1svn49962-150400.17.1 added
- texlive-glosmathtools-2021.189.1.0.0svn55920-150400.17.1 added
- texlive-gloss-2021.189.1.5.2svn15878-150400.17.1 added
- texlive-gloss-occitan-2021.189.0.0.1svn52593-150400.17.1 added
- texlive-glossaries-2021.189.4.46svn54402-150400.17.1 added
- texlive-glossaries-danish-2021.189.1.0svn35665-150400.17.1 added
- texlive-glossaries-dutch-2021.189.1.1svn35685-150400.17.1 added
- texlive-glossaries-english-2021.189.1.0svn35665-150400.17.1 added
- texlive-glossaries-estonian-2021.189.1.0svn49928-150400.17.1 added
- texlive-glossaries-extra-2021.189.1.45svn54688-150400.17.1 added
- texlive-glossaries-finnish-2021.189.1.0svn54080-150400.17.1 added
- texlive-glossaries-french-2021.189.1.1svn42873-150400.17.1 added
- texlive-glossaries-german-2021.189.1.0svn35665-150400.17.1 added
- texlive-glossaries-irish-2021.189.1.0svn35665-150400.17.1 added
- texlive-glossaries-italian-2021.189.1.0svn35665-150400.17.1 added
- texlive-glossaries-magyar-2021.189.1.0svn35665-150400.17.1 added
- texlive-glossaries-nynorsk-2021.189.1.0svn55189-150400.17.1 added
- texlive-glossaries-polish-2021.189.1.0svn35665-150400.17.1 added
- texlive-glossaries-portuges-2021.189.1.1svn36064-150400.17.1 added
- texlive-glossaries-serbian-2021.189.1.0svn35665-150400.17.1 added
- texlive-glossaries-slovene-2021.189.1.0svn51211-150400.17.1 added
- texlive-glossaries-spanish-2021.189.1.0svn35665-150400.17.1 added
- texlive-glyphlist-2021.189.svn54074-150400.17.1 added
- texlive-gmdoc-2021.189.0.0.993svn21292-150400.17.1 added
- texlive-gmdoc-enhance-2021.189.0.0.2svn15878-150400.17.1 added
- texlive-gmiflink-2021.189.0.0.97svn15878-150400.17.1 added
- texlive-gmp-2021.189.1.0svn21691-150400.17.1 added
- texlive-gmutils-2021.189.0.0.996svn24287-150400.17.1 added
- texlive-gmverb-2021.189.0.0.98svn24288-150400.17.1 added
- texlive-gmverse-2021.189.0.0.73svn29803-150400.17.1 added
- texlive-gnu-freefont-2021.189.svn29349-150400.17.1 added
- texlive-gnu-freefont-fonts-2021.189.svn29349-150400.17.1 added
- texlive-gnuplottex-2021.189.0.0.9.5svn54758-150400.17.1 added
- texlive-go-2021.189.svn28628-150400.17.1 added
- texlive-gobble-2021.189.0.0.2svn56291-150400.17.1 added
- texlive-gofonts-2021.189.svn54512-150400.17.1 added
- texlive-gofonts-fonts-2021.189.svn54512-150400.17.1 added
- texlive-gost-2021.189.1.2lsvn57616-150400.17.1 added
- texlive-gothic-2021.189.svn49869-150400.17.1 added
- texlive-gotoh-2021.189.1.1svn44764-150400.17.1 added
- texlive-grabbox-2021.189.1.4svn51052-150400.17.1 added
- texlive-gradientframe-2021.189.0.0.2svn21387-150400.17.1 added
- texlive-gradstudentresume-2021.189.svn38832-150400.17.1 added
- texlive-grafcet-2021.189.1.3.5svn22509-150400.17.1 added
- texlive-grant-2021.189.0.0.0.5svn56852-150400.17.1 added
- texlive-graph35-2021.189.0.0.1.1svn47522-150400.17.1 added
- texlive-graphbox-2021.189.1.1svn46360-150400.17.1 added
- texlive-graphics-2021.189.svn56514-150400.17.1 added
- texlive-graphics-cfg-2021.189.svn41448-150400.17.1 added
- texlive-graphics-def-2021.189.svn58539-150400.17.1 added
- texlive-graphics-pln-2021.189.svn56823-150400.17.1 added
- texlive-graphicx-psmin-2021.189.1.2svn56931-150400.17.1 added
- texlive-graphicxbox-2021.189.1.0svn32630-150400.17.1 added
- texlive-graphicxpsd-2021.189.1.2svn57341-150400.17.1 added
- texlive-graphpaper-2021.189.1.0svn58661-150400.17.1 added
- texlive-graphviz-2021.189.0.0.94svn31517-150400.17.1 added
- texlive-grayhints-2021.189.svn49052-150400.17.1 added
- texlive-greek-fontenc-2021.189.2.0svn56851-150400.17.1 added
- texlive-greek-inputenc-2021.189.1.7svn51612-150400.17.1 added
- texlive-greekdates-2021.189.1.0svn15878-150400.17.1 added
- texlive-greektex-2021.189.svn28327-150400.17.1 added
- texlive-greektonoi-2021.189.svn39419-150400.17.1 added
- texlive-greenpoint-2021.189.svn15878-150400.17.1 added
- texlive-gregoriotex-2021.189.6.0.0svn58331-150400.17.1 added
- texlive-gregoriotex-fonts-2021.189.6.0.0svn58331-150400.17.1 added
- texlive-grfext-2021.189.1.3svn53024-150400.17.1 added
- texlive-grffile-2021.189.2.1svn52756-150400.17.1 added
- texlive-grfpaste-2021.189.0.0.2svn17354-150400.17.1 added
- texlive-grid-2021.189.1.0svn15878-150400.17.1 added
- texlive-grid-system-2021.189.0.0.3.0svn32981-150400.17.1 added
- texlive-gridpapers-2021.189.1.0.2svn58723-150400.17.1 added
- texlive-gridset-2021.189.0.0.3svn53762-150400.17.1 added
- texlive-gridslides-2021.189.0.0.1.1svn54512-150400.17.1 added
- texlive-grotesq-2021.189.svn35859-150400.17.1 added
- texlive-grotesq-fonts-2021.189.svn35859-150400.17.1 added
- texlive-grundgesetze-2021.189.1.02svn34439-150400.17.1 added
- texlive-gsemthesis-2021.189.0.0.9.4svn56291-150400.17.1 added
- texlive-gsftopk-2021.189.1.19.2svn52851-150400.17.1 added
- texlive-gtl-2021.189.0.0.5svn49527-150400.17.1 added
- texlive-gtrcrd-2021.189.1.1svn32484-150400.17.1 added
- texlive-gtrlib-largetrees-2021.189.1.2bsvn49062-150400.17.1 added
- texlive-gu-2021.189.svn15878-150400.17.1 added
- texlive-gudea-2021.189.0.0.0.1svn57359-150400.17.1 added
- texlive-gudea-fonts-2021.189.0.0.0.1svn57359-150400.17.1 added
- texlive-guide-to-latex-2021.189.svn45712-150400.17.1 added
- texlive-guitar-2021.189.1.6svn32258-150400.17.1 added
- texlive-guitarchordschemes-2021.189.0.0.7svn54512-150400.17.1 added
- texlive-guitartabs-2021.189.svn48102-150400.17.1 added
- texlive-guitlogo-2021.189.1.0.0_alpha.4svn55741-150400.17.1 added
- texlive-gustlib-2021.189.svn54074-150400.17.1 added
- texlive-gustprog-2021.189.svn54074-150400.17.1 added
- texlive-gzt-2021.189.1.0.1svn57765-150400.17.1 added
- texlive-h2020proposal-2021.189.1.0svn38428-150400.17.1 added
- texlive-hackthefootline-2021.189.svn46494-150400.17.1 added
- texlive-hacm-2021.189.0.0.1svn27671-150400.17.1 added
- texlive-hacm-fonts-2021.189.0.0.1svn27671-150400.17.1 added
- texlive-hagenberg-thesis-2021.189.svn56798-150400.17.1 added
- texlive-halloweenmath-2021.189.0.0.11svn52602-150400.17.1 added
- texlive-handin-2021.189.0.0.1.1svn48255-150400.17.1 added
- texlive-handout-2021.189.1.6.0svn43962-150400.17.1 added
- texlive-hands-2021.189.svn13293-150400.17.1 added
- texlive-hang-2021.189.2.1svn43280-150400.17.1 added
- texlive-hanging-2021.189.1.2bsvn15878-150400.17.1 added
- texlive-hanoi-2021.189.20120101svn25019-150400.17.1 added
- texlive-happy4th-2021.189.20120102svn25020-150400.17.1 added
- texlive-har2nat-2021.189.1.0svn54080-150400.17.1 added
- texlive-haranoaji-2021.189.20210130svn57574-150400.17.1 added
- texlive-haranoaji-extra-2021.189.20210130svn57573-150400.17.1 added
- texlive-haranoaji-extra-fonts-2021.189.20210130svn57573-150400.17.1 added
- texlive-haranoaji-fonts-2021.189.20210130svn57574-150400.17.1 added
- texlive-hardwrap-2021.189.0.0.2svn21396-150400.17.1 added
- texlive-harmony-2021.189.svn15878-150400.17.1 added
- texlive-harnon-cv-2021.189.1.0svn26543-150400.17.1 added
- texlive-harpoon-2021.189.1.0svn21327-150400.17.1 added
- texlive-harvard-2021.189.2.0.5svn15878-150400.17.1 added
- texlive-harveyballs-2021.189.1.1svn32003-150400.17.1 added
- texlive-harvmac-2021.189.svn15878-150400.17.1 added
- texlive-hatching-2021.189.0.0.11svn23818-150400.17.1 added
- texlive-hausarbeit-jura-2021.189.2.1.0svn56070-150400.17.1 added
- texlive-havannah-2021.189.svn36348-150400.17.1 added
- texlive-hc-2021.189.svn15878-150400.17.1 added
- texlive-he-she-2021.189.1.3svn41359-150400.17.1 added
- texlive-hecthese-2021.189.1.4svn56181-150400.17.1 added
- texlive-helmholtz-ellis-ji-notation-2021.189.1.1svn55213-150400.17.1 added
- texlive-helmholtz-ellis-ji-notation-fonts-2021.189.1.1svn55213-150400.17.1 added
- texlive-helvetic-2021.189.svn31835-150400.17.1 added
- texlive-helvetic-fonts-2021.189.svn31835-150400.17.1 added
- texlive-hep-2021.189.1.0svn15878-150400.17.1 added
- texlive-hep-paper-2021.189.1.6svn57045-150400.17.1 added
- texlive-hepnames-2021.189.2.0svn35722-150400.17.1 added
- texlive-hepparticles-2021.189.2.0svn35723-150400.17.1 added
- texlive-hepthesis-2021.189.1.5.2svn46054-150400.17.1 added
- texlive-hepunits-2021.189.2.0.0svn54758-150400.17.1 added
- texlive-here-2021.189.svn16135-150400.17.1 added
- texlive-heuristica-2021.189.1.092svn51362-150400.17.1 added
- texlive-heuristica-fonts-2021.189.1.092svn51362-150400.17.1 added
- texlive-hexgame-2021.189.1.0svn15878-150400.17.1 added
- texlive-hf-tikz-2021.189.0.0.3asvn34733-150400.17.1 added
- texlive-hfbright-2021.189.svn29349-150400.17.1 added
- texlive-hfbright-fonts-2021.189.svn29349-150400.17.1 added
- texlive-hfoldsty-2021.189.1.15svn29349-150400.17.1 added
- texlive-hhtensor-2021.189.0.0.61svn54080-150400.17.1 added
- texlive-highlightlatex-2021.189.svn58392-150400.17.1 added
- texlive-hindawi-latex-template-2021.189.1.0svn57757-150400.17.1 added
- texlive-hindmadurai-2021.189.0.0.0.1svn57360-150400.17.1 added
- texlive-hindmadurai-fonts-2021.189.0.0.0.1svn57360-150400.17.1 added
- texlive-histogr-2021.189.1.01svn15878-150400.17.1 added
- texlive-historische-zeitschrift-2021.189.1.2svn42635-150400.17.1 added
- texlive-hitec-2021.189.0.0.0betasvn15878-150400.17.1 added
- texlive-hithesis-2021.189.2.0.11svn53362-150400.17.1 added
- texlive-hitreport-2021.189.1.0.0svn58357-150400.17.1 added
- texlive-hitszbeamer-2021.189.1.0.0svn54381-150400.17.1 added
- texlive-hitszthesis-2021.189.3.2svn55643-150400.17.1 added
- texlive-hletter-2021.189.4.2svn30002-150400.17.1 added
- texlive-hlist-2021.189.0.0.11svn44983-150400.17.1 added
- texlive-hmtrump-2021.189.1.2asvn54512-150400.17.1 added
- texlive-hmtrump-fonts-2021.189.1.2asvn54512-150400.17.1 added
- texlive-hobby-2021.189.1.8svn44474-150400.17.1 added
- texlive-hobete-2021.189.svn27036-150400.17.1 added
- texlive-hobsub-2021.189.svn52810-150400.17.1 added
- texlive-hologo-2021.189.1.14svn53048-150400.17.1 added
- texlive-hook-pre-commit-pkg-2021.189.1.1.2svn41378-150400.17.1 added
- texlive-hopatch-2021.189.1.4svn56106-150400.17.1 added
- texlive-horoscop-2021.189.1.01svn56021-150400.17.1 added
- texlive-hpsdiss-2021.189.1.0svn15878-150400.17.1 added
- texlive-hrefhide-2021.189.1.0fsvn22255-150400.17.1 added
- texlive-hrlatex-2021.189.0.0.23svn18020-150400.17.1 added
- texlive-hu-berlin-bundle-2021.189.1.1.1svn57580-150400.17.1 added
- texlive-hulipsum-2021.189.1.1svn56848-150400.17.1 added
- texlive-hustthesis-2021.189.1.4svn42547-150400.17.1 added
- texlive-hvarabic-2021.189.0.0.01svn55643-150400.17.1 added
- texlive-hvfloat-2021.189.2.19svn58411-150400.17.1 added
- texlive-hvindex-2021.189.0.0.04svn46051-150400.17.1 added
- texlive-hvqrurl-2021.189.0.0.01asvn52993-150400.17.1 added
- texlive-hycolor-2021.189.1.10svn53584-150400.17.1 added
- texlive-hypdestopt-2021.189.2.7svn56253-150400.17.1 added
- texlive-hypdvips-2021.189.3.03svn53197-150400.17.1 added
- texlive-hyper-2021.189.4.2dsvn17357-150400.17.1 added
- texlive-hyperbar-2021.189.0.0.1svn48147-150400.17.1 added
- texlive-hypernat-2021.189.1.0bsvn17358-150400.17.1 added
- texlive-hyperref-2021.189.7.00ksvn58024-150400.17.1 added
- texlive-hyperxmp-2021.189.5.9svn57004-150400.17.1 added
- texlive-hyph-utf8-2021.189.svn58619-150400.17.1 added
- texlive-hyphen-afrikaans-2021.189.svn58609-150400.17.1 added
- texlive-hyphen-ancientgreek-2021.189.svn58652-150400.17.1 added
- texlive-hyphen-arabic-2021.189.svn54568-150400.17.1 added
- texlive-hyphen-armenian-2021.189.svn58652-150400.17.1 added
- texlive-hyphen-base-2021.189.svn58630-150400.17.1 added
- texlive-hyphen-basque-2021.189.svn58652-150400.17.1 added
- texlive-hyphen-belarusian-2021.189.svn58652-150400.17.1 added
- texlive-hyphen-bulgarian-2021.189.svn58685-150400.17.1 added
- texlive-hyphen-catalan-2021.189.svn58609-150400.17.1 added
- texlive-hyphen-chinese-2021.189.svn58652-150400.17.1 added
- texlive-hyphen-churchslavonic-2021.189.svn58609-150400.17.1 added
- texlive-hyphen-coptic-2021.189.svn58652-150400.17.1 added
- texlive-hyphen-croatian-2021.189.svn58652-150400.17.1 added
- texlive-hyphen-czech-2021.189.svn58609-150400.17.1 added
- texlive-hyphen-danish-2021.189.svn58652-150400.17.1 added
- texlive-hyphen-dutch-2021.189.1.1svn58609-150400.17.1 added
- texlive-hyphen-english-2021.189.svn58609-150400.17.1 added
- texlive-hyphen-esperanto-2021.189.svn58652-150400.17.1 added
- texlive-hyphen-estonian-2021.189.svn58652-150400.17.1 added
- texlive-hyphen-ethiopic-2021.189.svn58652-150400.17.1 added
- texlive-hyphen-farsi-2021.189.svn54568-150400.17.1 added
- texlive-hyphen-finnish-2021.189.svn58652-150400.17.1 added
- texlive-hyphen-french-2021.189.svn58652-150400.17.1 added
- texlive-hyphen-friulan-2021.189.svn58652-150400.17.1 added
- texlive-hyphen-galician-2021.189.svn58652-150400.17.1 added
- texlive-hyphen-georgian-2021.189.svn58652-150400.17.1 added
- texlive-hyphen-german-2021.189.svn58652-150400.17.1 added
- texlive-hyphen-greek-2021.189.5svn58652-150400.17.1 added
- texlive-hyphen-hungarian-2021.189.svn58652-150400.17.1 added
- texlive-hyphen-icelandic-2021.189.svn58652-150400.17.1 added
- texlive-hyphen-indic-2021.189.svn58652-150400.17.1 added
- texlive-hyphen-indonesian-2021.189.svn58609-150400.17.1 added
- texlive-hyphen-interlingua-2021.189.svn58609-150400.17.1 added
- texlive-hyphen-irish-2021.189.svn58609-150400.17.1 added
- texlive-hyphen-italian-2021.189.4.8gsvn58652-150400.17.1 added
- texlive-hyphen-kurmanji-2021.189.svn58652-150400.17.1 added
- texlive-hyphen-latin-2021.189.3.1svn58652-150400.17.1 added
- texlive-hyphen-latvian-2021.189.svn58652-150400.17.1 added
- texlive-hyphen-lithuanian-2021.189.svn58652-150400.17.1 added
- texlive-hyphen-macedonian-2021.189.svn58652-150400.17.1 added
- texlive-hyphen-mongolian-2021.189.svn58652-150400.17.1 added
- texlive-hyphen-norwegian-2021.189.svn58609-150400.17.1 added
- texlive-hyphen-occitan-2021.189.svn58652-150400.17.1 added
- texlive-hyphen-piedmontese-2021.189.svn58652-150400.17.1 added
- texlive-hyphen-polish-2021.189.3.0bsvn58609-150400.17.1 added
- texlive-hyphen-portuguese-2021.189.svn58609-150400.17.1 added
- texlive-hyphen-romanian-2021.189.svn58652-150400.17.1 added
- texlive-hyphen-romansh-2021.189.svn58652-150400.17.1 added
- texlive-hyphen-russian-2021.189.svn58609-150400.17.1 added
- texlive-hyphen-sanskrit-2021.189.svn58652-150400.17.1 added
- texlive-hyphen-serbian-2021.189.1.0asvn58609-150400.17.1 added
- texlive-hyphen-slovak-2021.189.svn58609-150400.17.1 added
- texlive-hyphen-slovenian-2021.189.svn58652-150400.17.1 added
- texlive-hyphen-spanish-2021.189.5.0svn58652-150400.17.1 added
- texlive-hyphen-swedish-2021.189.svn58652-150400.17.1 added
- texlive-hyphen-thai-2021.189.svn58652-150400.17.1 added
- texlive-hyphen-turkish-2021.189.svn58652-150400.17.1 added
- texlive-hyphen-turkmen-2021.189.svn58652-150400.17.1 added
- texlive-hyphen-ukrainian-2021.189.svn58652-150400.17.1 added
- texlive-hyphen-uppersorbian-2021.189.svn58609-150400.17.1 added
- texlive-hyphen-welsh-2021.189.svn58652-150400.17.1 added
- texlive-hyphenat-2021.189.2.3csvn15878-150400.17.1 added
- texlive-hyphenex-2021.189.svn57387-150400.17.1 added
- texlive-hyplain-2021.189.1.0svn15878-150400.17.1 added
- texlive-ibarra-2021.189.svn55820-150400.17.1 added
- texlive-ibarra-fonts-2021.189.svn55820-150400.17.1 added
- texlive-ibycus-babel-2021.189.3.0svn15878-150400.17.1 added
- texlive-ibygrk-2021.189.4.5svn15878-150400.17.1 added
- texlive-ibygrk-fonts-2021.189.4.5svn15878-150400.17.1 added
- texlive-icite-2021.189.1.3asvn54512-150400.17.1 added
- texlive-icsv-2021.189.0.0.2svn15878-150400.17.1 added
- texlive-identkey-2021.189.0.0.1.0svn49018-150400.17.1 added
- texlive-idxcmds-2021.189.0.0.2csvn54554-150400.17.1 added
- texlive-idxlayout-2021.189.0.0.4dsvn25821-150400.17.1 added
- texlive-ieeepes-2021.189.4.0svn17359-150400.17.1 added
- texlive-ietfbibs-2021.189.1.0.0svn41332-150400.17.1 added
- texlive-iffont-2021.189.1.0.0svn38823-150400.17.1 added
- texlive-ifmslide-2021.189.0.0.47svn20727-150400.17.1 added
- texlive-ifmtarg-2021.189.1.2bsvn47544-150400.17.1 added
- texlive-ifnextok-2021.189.0.0.3svn23379-150400.17.1 added
- texlive-ifoddpage-2021.189.1.1svn56291-150400.17.1 added
- texlive-ifplatform-2021.189.0.0.4asvn45533-150400.17.1 added
- texlive-ifptex-2021.189.2.0svn52626-150400.17.1 added
- texlive-ifsym-2021.189.svn24868-150400.17.1 added
- texlive-iftex-2021.189.1.0dsvn56594-150400.17.1 added
- texlive-ifthenx-2021.189.0.0.1asvn25819-150400.17.1 added
- texlive-ifxptex-2021.189.0.0.2svn46153-150400.17.1 added
- texlive-iitem-2021.189.1.0svn29613-150400.17.1 added
- texlive-ijmart-2021.189.1.7svn30958-150400.17.1 added
- texlive-ijqc-2021.189.1.2svn15878-150400.17.1 added
- texlive-ijsra-2021.189.1.1svn44886-150400.17.1 added
- texlive-imac-2021.189.svn17347-150400.17.1 added
- texlive-image-gallery-2021.189.1.0jsvn15878-150400.17.1 added
- texlive-imakeidx-2021.189.1.3esvn42287-150400.17.1 added
- texlive-imfellenglish-2021.189.svn38547-150400.17.1 added
- texlive-imfellenglish-fonts-2021.189.svn38547-150400.17.1 added
- texlive-impatient-2021.189.2020svn54080-150400.17.1 added
- texlive-impatient-cn-2021.189.2020svn54080-150400.17.1 added
- texlive-impatient-fr-2021.189.2020svn54080-150400.17.1 added
- texlive-impnattypo-2021.189.1.5svn50227-150400.17.1 added
- texlive-import-2021.189.6.2svn54683-150400.17.1 added
- texlive-imsproc-2021.189.0.0.1svn29803-150400.17.1 added
- texlive-imtekda-2021.189.1.7svn17667-150400.17.1 added
- texlive-incgraph-2021.189.1.12svn36500-150400.17.1 added
- texlive-includernw-2021.189.0.0.1.0svn47557-150400.17.1 added
- texlive-inconsolata-2021.189.1.121svn54512-150400.17.1 added
- texlive-inconsolata-fonts-2021.189.1.121svn54512-150400.17.1 added
- texlive-index-2021.189.4.1betasvn24099-150400.17.1 added
- texlive-indextools-2021.189.1.5.1svn38931-150400.17.1 added
- texlive-infwarerr-2021.189.1.5svn53023-150400.17.1 added
- texlive-initials-2021.189.svn54080-150400.17.1 added
- texlive-initials-fonts-2021.189.svn54080-150400.17.1 added
- texlive-inkpaper-2021.189.1.0svn54080-150400.17.1 added
- texlive-inline-images-2021.189.1.0svn54080-150400.17.1 added
- texlive-inlinebib-2021.189.svn22018-150400.17.1 added
- texlive-inlinedef-2021.189.1.0svn15878-150400.17.1 added
- texlive-innerscript-2021.189.1.1svn57672-150400.17.1 added
- texlive-inputenx-2021.189.1.12svn52986-150400.17.1 added
- texlive-inputtrc-2021.189.0.0.3svn28019-150400.17.1 added
- texlive-inriafonts-2021.189.1.0svn54512-150400.17.1 added
- texlive-inriafonts-fonts-2021.189.1.0svn54512-150400.17.1 added
- texlive-insbox-2021.189.2.2svn34299-150400.17.1 added
- texlive-install-latex-guide-zh-cn-2021.189.2021.2.1svn57590-150400.17.1 added
- texlive-intcalc-2021.189.1.3svn53168-150400.17.1 added
- texlive-inter-2021.189.svn57213-150400.17.1 added
- texlive-inter-fonts-2021.189.svn57213-150400.17.1 added
- texlive-interactiveworkbook-2021.189.svn15878-150400.17.1 added
- texlive-interchar-2021.189.0.0.2svn36312-150400.17.1 added
- texlive-interfaces-2021.189.3.1svn21474-150400.17.1 added
- texlive-interpreter-2021.189.1.2svn27232-150400.17.1 added
- texlive-interval-2021.189.0.0.4svn50265-150400.17.1 added
- texlive-intopdf-2021.189.0.0.4.0svn58743-150400.17.1 added
- texlive-intro-scientific-2021.189.5th_editionsvn15878-150400.17.1 added
- texlive-inversepath-2021.189.0.0.2svn15878-150400.17.1 added
- texlive-invoice-2021.189.svn48359-150400.17.1 added
- texlive-invoice-class-2021.189.1.0svn49749-150400.17.1 added
- texlive-invoice2-2021.189.svn46364-150400.17.1 added
- texlive-iodhbwm-2021.189.1.2.2svn57773-150400.17.1 added
- texlive-ionumbers-2021.189.0.0.3.3svn33457-150400.17.1 added
- texlive-iopart-num-2021.189.2.1svn15878-150400.17.1 added
- texlive-ipaex-2021.189.svn52032-150400.17.1 added
- texlive-ipaex-fonts-2021.189.svn52032-150400.17.1 added
- texlive-ipaex-type1-2021.189.0.0.5svn47700-150400.17.1 added
- texlive-ipaex-type1-fonts-2021.189.0.0.5svn47700-150400.17.1 added
- texlive-is-bst-2021.189.2.03svn52623-150400.17.1 added
- texlive-iscram-2021.189.1.1svn45801-150400.17.1 added
- texlive-iso-2021.189.2.4svn15878-150400.17.1 added
- texlive-iso10303-2021.189.1.5svn15878-150400.17.1 added
- texlive-isodate-2021.189.2.28svn16613-150400.17.1 added
- texlive-isodoc-2021.189.1.12svn57811-150400.17.1 added
- texlive-isomath-2021.189.0.0.6.1svn27654-150400.17.1 added
- texlive-isonums-2021.189.1.0svn17362-150400.17.1 added
- texlive-isopt-2021.189.0.0.01svn45509-150400.17.1 added
- texlive-isorot-2021.189.svn15878-150400.17.1 added
- texlive-isotope-2021.189.0.0.3svn23711-150400.17.1 added
- texlive-issuulinks-2021.189.1.1svn25742-150400.17.1 added
- texlive-istgame-2021.189.2.0svn49848-150400.17.1 added
- texlive-itnumpar-2021.189.1.0svn15878-150400.17.1 added
- texlive-iwhdp-2021.189.0.0.50svn37552-150400.17.1 added
- texlive-iwona-2021.189.0.0.995bsvn19611-150400.17.1 added
- texlive-iwona-fonts-2021.189.0.0.995bsvn19611-150400.17.1 added
- texlive-jablantile-2021.189.svn16364-150400.17.1 added
- texlive-jacow-2021.189.2.4svn50870-150400.17.1 added
- texlive-jadetex-2021.189.3.13svn57186-150400.17.1 added
- texlive-jamtimes-2021.189.1.12svn20408-150400.17.1 added
- texlive-japanese-otf-2021.189.1.7b8svn57826-150400.17.1 added
- texlive-japanese-otf-uptex-2021.189.0.0.26svn56932-150400.17.1 added
- texlive-jbact-2021.189.1.30svn52717-150400.17.1 added
- texlive-jfmutil-2021.189.1.3.1svn55044-150400.17.1 added
- texlive-jigsaw-2021.189.0.0.1asvn49111-150400.17.1 added
- texlive-jkmath-2021.189.0.0.1svn47109-150400.17.1 added
- texlive-jknapltx-2021.189.svn19440-150400.17.1 added
- texlive-jlabels-2021.189.svn24858-150400.17.1 added
- texlive-jlreq-2021.189.svn58472-150400.17.1 added
- texlive-jlreq-deluxe-2021.189.0.0.4.0svn58329-150400.17.1 added
- texlive-jmb-2021.189.1.21svn52718-150400.17.1 added
- texlive-jmlr-2021.189.1.28svn56395-150400.17.1 added
- texlive-jmn-2021.189.svn45751-150400.17.1 added
- texlive-jmn-fonts-2021.189.svn45751-150400.17.1 added
- texlive-jneurosci-2021.189.1.00svn17346-150400.17.1 added
- texlive-jnuexam-2021.189.1.0svn56867-150400.17.1 added
- texlive-josefin-2021.189.svn57152-150400.17.1 added
- texlive-josefin-fonts-2021.189.svn57152-150400.17.1 added
- texlive-jpsj-2021.189.1.2.2svn15878-150400.17.1 added
- texlive-js-misc-2021.189.svn16211-150400.17.1 added
- texlive-jsclasses-2021.189.svn56608-150400.17.1 added
- texlive-jslectureplanner-2021.189.1.12svn57095-150400.17.1 added
- texlive-jumplines-2021.189.0.0.2svn37553-150400.17.1 added
- texlive-junicode-2021.189.1.0.2svn53954-150400.17.1 added
- texlive-junicode-fonts-2021.189.1.0.2svn53954-150400.17.1 added
- texlive-jupynotex-2021.189.0.0.1svn56715-150400.17.1 added
- texlive-jura-2021.189.4.3svn15878-150400.17.1 added
- texlive-juraabbrev-2021.189.svn15878-150400.17.1 added
- texlive-jurabib-2021.189.0.0.6svn15878-150400.17.1 added
- texlive-juramisc-2021.189.0.0.91svn15878-150400.17.1 added
- texlive-jurarsp-2021.189.0.0.52svn15878-150400.17.1 added
- texlive-jvlisting-2021.189.0.0.7svn24638-150400.17.1 added
- texlive-kalendarium-2021.189.1.0svn48744-150400.17.1 added
- texlive-kanaparser-2021.189.1.0svn48052-150400.17.1 added
- texlive-kantlipsum-2021.189.0.0.8asvn51727-150400.17.1 added
- texlive-karnaugh-2021.189.svn21338-150400.17.1 added
- texlive-karnaugh-map-2021.189.1.1svn44131-150400.17.1 added
- texlive-karnaughmap-2021.189.2.0svn36989-150400.17.1 added
- texlive-kastrup-2021.189.svn15878-150400.17.1 added
- texlive-kblocks-2021.189.2.0svn57617-150400.17.1 added
- texlive-kdgdocs-2021.189.1.0svn24498-150400.17.1 added
- texlive-kerkis-2021.189.1.11svn56271-150400.17.1 added
- texlive-kerkis-fonts-2021.189.1.11svn56271-150400.17.1 added
- texlive-kerntest-2021.189.1.32svn15878-150400.17.1 added
- texlive-ketcindy-2021.189.20191225.0svn58661-150400.17.1 added
- texlive-keycommand-2021.189.3.1415svn18042-150400.17.1 added
- texlive-keyfloat-2021.189.2.01svn52160-150400.17.1 added
- texlive-keyindex-2021.189.1.0svn50828-150400.17.1 added
- texlive-keyreader-2021.189.0.0.5bsvn28195-150400.17.1 added
- texlive-keystroke-2021.189.1.6svn17992-150400.17.1 added
- texlive-keyval2e-2021.189.0.0.0.2svn23698-150400.17.1 added
- texlive-keyvaltable-2021.189.2.2svn54677-150400.17.1 added
- texlive-kix-2021.189.svn21606-150400.17.1 added
- texlive-kixfont-2021.189.svn18488-150400.17.1 added
- texlive-kluwer-2021.189.svn54074-150400.17.1 added
- texlive-knitting-2021.189.3.0svn50782-150400.17.1 added
- texlive-knitting-fonts-2021.189.3.0svn50782-150400.17.1 added
- texlive-knittingpattern-2021.189.svn17205-150400.17.1 added
- texlive-knowledge-2021.189.1.25svn58724-150400.17.1 added
- texlive-knuth-errata-2021.189.svn58682-150400.17.1 added
- texlive-knuth-lib-2021.189.svn57963-150400.17.1 added
- texlive-knuth-local-2021.189.svn57963-150400.17.1 added
- texlive-knuth-pdf-2021.189.1.1svn58470-150400.17.1 added
- texlive-koma-moderncvclassic-2021.189.0.0.5svn25025-150400.17.1 added
- texlive-koma-script-2021.189.3.33svn58585-150400.17.1 added
- texlive-koma-script-examples-2021.189.svn47523-150400.17.1 added
- texlive-koma-script-sfs-2021.189.1.0svn26137-150400.17.1 added
- texlive-komacv-2021.189.1.1.2svn57721-150400.17.1 added
- texlive-komacv-rg-2021.189.0.0.9.2svn49064-150400.17.1 added
- texlive-kotex-oblivoir-2021.189.3.0.1svn58436-150400.17.1 added
- texlive-kotex-plain-2021.189.2.1.1asvn38630-150400.17.1 added
- texlive-kotex-utf-2021.189.2.1.2svn38558-150400.17.1 added
- texlive-kotex-utils-2021.189.2.1.0svn38727-150400.17.1 added
- texlive-kpathsea-2021.189.svn58622-150400.17.1 added
- texlive-kpfonts-2021.189.3.33svn55643-150400.17.1 added
- texlive-kpfonts-fonts-2021.189.3.33svn55643-150400.17.1 added
- texlive-kpfonts-otf-2021.189.0.0.35svn58435-150400.17.1 added
- texlive-kpfonts-otf-fonts-2021.189.0.0.35svn58435-150400.17.1 added
- texlive-ksfh_nat-2021.189.1.1svn24825-150400.17.1 added
- texlive-ksp-thesis-2021.189.1.0.2svn39080-150400.17.1 added
- texlive-ktv-texdata-2021.189.05.34svn27369-150400.17.1 added
- texlive-ku-template-2021.189.0.0.02svn45935-150400.17.1 added
- texlive-kurdishlipsum-2021.189.1.1svn47518-150400.17.1 added
- texlive-kurier-2021.189.0.0.995bsvn19612-150400.17.1 added
- texlive-kurier-fonts-2021.189.0.0.995bsvn19612-150400.17.1 added
- texlive-kvdefinekeys-2021.189.1.6svn53193-150400.17.1 added
- texlive-kvmap-2021.189.0.0.3.5svn56361-150400.17.1 added
- texlive-kvoptions-2021.189.3.14svn56609-150400.17.1 added
- texlive-kvsetkeys-2021.189.1.18svn53166-150400.17.1 added
- texlive-l2picfaq-2021.189.1.50svn19601-150400.17.1 added
- texlive-l2tabu-2021.189.2.4svn39597-150400.17.1 added
- texlive-l2tabu-english-2021.189.1.8.5.7svn15878-150400.17.1 added
- texlive-l2tabu-french-2021.189.2.3svn31315-150400.17.1 added
- texlive-l2tabu-italian-2021.189.2.3svn25218-150400.17.1 added
- texlive-l2tabu-spanish-2021.189.1.1svn15878-150400.17.1 added
- texlive-l3backend-2021.189.svn58509-150400.17.1 added
- texlive-l3build-2021.189.svn55426-150400.17.1 added
- texlive-l3experimental-2021.189.svn57789-150400.17.1 added
- texlive-l3kernel-2021.189.svn57789-150400.17.1 added
- texlive-l3packages-2021.189.svn58296-150400.17.1 added
- texlive-labbook-2021.189.svn15878-150400.17.1 added
- texlive-labels-2021.189.0.0.13svn15878-150400.17.1 added
- texlive-labels4easylist-2021.189.1.0svn51124-150400.17.1 added
- texlive-labelschanged-2021.189.1.0svn46040-150400.17.1 added
- texlive-labyrinth-2021.189.1.0svn33454-150400.17.1 added
- texlive-lacheck-2021.189.svn54070-150400.17.1 added
- texlive-ladder-2021.189.svn44394-150400.17.1 added
- texlive-lambda-2021.189.svn45756-150400.17.1 added
- texlive-lambda-lists-2021.189.svn31402-150400.17.1 added
- texlive-langcode-2021.189.0.0.2svn27764-150400.17.1 added
- texlive-langsci-2021.189.svn58476-150400.17.1 added
- texlive-langsci-avm-2021.189.0.0.2.1svn55846-150400.17.1 added
- texlive-lapdf-2021.189.1.1svn23806-150400.17.1 added
- texlive-lastpackage-2021.189.0.0.1svn34481-150400.17.1 added
- texlive-lastpage-2021.189.1.2msvn36680-150400.17.1 added
- texlive-latex-2021.189.20201001_pl4svn57354-150400.17.1 added
- texlive-latex-amsmath-dev-2021.189.20210501_pre_release_0svn56791-150400.17.1 added
- texlive-latex-base-dev-2021.189.20210501_pre_release_2svn57982-150400.17.1 added
- texlive-latex-bin-2021.189.svn57972-150400.17.1 added
- texlive-latex-bin-dev-2021.189.svn57981-150400.17.1 added
- texlive-latex-brochure-2021.189.svn40612-150400.17.1 added
- texlive-latex-course-2021.189.2svn25505-150400.17.1 added
- texlive-latex-doc-ptr-2021.189.svn57311-150400.17.1 added
- texlive-latex-firstaid-dev-2021.189.1.0ksvn57981-150400.17.1 added
- texlive-latex-fonts-2021.189.svn28888-150400.17.1 added
- texlive-latex-git-log-2021.189.1.0.0svn54010-150400.17.1 added
- texlive-latex-graphics-companion-2021.189.svn29235-150400.17.1 added
- texlive-latex-graphics-dev-2021.189.20210501_pre_release_0svn56791-150400.17.1 added
- texlive-latex-make-2021.189.2.4.2svn57349-150400.17.1 added
- texlive-latex-mr-2021.189.1.0svn55475-150400.17.1 added
- texlive-latex-notes-zh-cn-2021.189.1.20svn15878-150400.17.1 added
- texlive-latex-papersize-2021.189.1.63svn53131-150400.17.1 added
- texlive-latex-refsheet-2021.189.1.2svn45076-150400.17.1 added
- texlive-latex-tools-dev-2021.189.20210501_pre_release_1svn57982-150400.17.1 added
- texlive-latex-uni8-2021.189.0.0.03svn49729-150400.17.1 added
- texlive-latex-veryshortguide-2021.189.0.0.7svn55228-150400.17.1 added
- texlive-latex-via-exemplos-2021.189.0.0.5.6svn53248-150400.17.1 added
- texlive-latex-web-companion-2021.189.svn29349-150400.18.1 added
- texlive-latex2e-help-texinfo-2021.189.svn57213-150400.18.1 added
- texlive-latex2e-help-texinfo-fr-2021.189.svn57275-150400.18.1 added
- texlive-latex2e-help-texinfo-spanish-2021.189.svn57213-150400.18.1 added
- texlive-latex2man-2021.189.1.29svn49249-150400.18.1 added
- texlive-latex2nemeth-2021.189.1.0.2svn54389-150400.18.1 added
- texlive-latex4musicians-2021.189.1.0.1svn49759-150400.18.1 added
- texlive-latex4wp-2021.189.1.0.10svn35999-150400.18.1 added
- texlive-latex4wp-it-2021.189.1.0.10svn36000-150400.18.1 added
- texlive-latexbangla-2021.189.0.0.2svn55475-150400.18.1 added
- texlive-latexbug-2021.189.1.0jsvn58151-150400.18.1 added
- texlive-latexcheat-2021.189.1.13svn15878-150400.18.1 added
- texlive-latexcheat-de-2021.189.svn35702-150400.18.1 added
- texlive-latexcheat-esmx-2021.189.2.00svn36866-150400.18.1 added
- texlive-latexcheat-ptbr-2021.189.1.13svn15878-150400.18.1 added
- texlive-latexcolors-2021.189.0.0.1asvn49888-150400.18.1 added
- texlive-latexconfig-2021.189.svn53525-150400.18.1 added
- texlive-latexcourse-rug-2021.189.1.1svn39026-150400.18.1 added
- texlive-latexdemo-2021.189.0.0.1svn55265-150400.18.1 added
- texlive-latexdiff-2021.189.1.3.1.1svn55540-150400.18.1 added
- texlive-latexfileinfo-pkgs-2021.189.0.0.22svn26760-150400.18.1 added
- texlive-latexfileversion-2021.189.0.0.3svn29349-150400.18.1 added
- texlive-latexgit-2021.189.svn54811-150400.18.1 added
- texlive-latexindent-2021.189.3.9.1svn58595-150400.18.1 added
- texlive-latexmk-2021.189.4.70bsvn57213-150400.18.1 added
- texlive-latexmp-2021.189.1.2.1svn55643-150400.18.1 added
- texlive-latexpand-2021.189.1.6svn53109-150400.18.1 added
- texlive-latino-sine-flexione-2021.189.1.2svn53485-150400.18.1 added
- texlive-lato-2021.189.3.3svn54512-150400.18.1 added
- texlive-lato-fonts-2021.189.3.3svn54512-150400.18.1 added
- texlive-layaureo-2021.189.0.0.2svn19087-150400.18.1 added
- texlive-layouts-2021.189.2.6dsvn42428-150400.18.1 added
- texlive-lazylist-2021.189.1.0asvn17691-150400.18.1 added
- texlive-lccaps-2021.189.1.0svn46432-150400.18.1 added
- texlive-lcd-2021.189.0.0.3svn16549-150400.18.1 added
- texlive-lcdftypetools-2021.189.svn52851-150400.18.1 added
- texlive-lcg-2021.189.1.3svn31474-150400.18.1 added
- texlive-lcyw-2021.189.1.1svn15878-150400.18.1 added
- texlive-leading-2021.189.0.0.3svn15878-150400.18.1 added
- texlive-leadsheets-2021.189.0.0.6svn52275-150400.18.1 added
- texlive-leaflet-2021.189.2.1asvn56878-150400.18.1 added
- texlive-lebhart-2021.189.svn58503-150400.18.1 added
- texlive-lecturer-2021.189.svn23916-150400.18.1 added
- texlive-lectures-2021.189.1.0.5svn53642-150400.18.1 added
- texlive-lectureslides-2021.189.0.0.1svn58393-150400.18.1 added
- texlive-ledmac-2021.189.0.0.19.4svn41811-150400.18.1 added
- texlive-leftidx-2021.189.svn15878-150400.18.1 added
- texlive-leftindex-2021.189.0.0.1betasvn56182-150400.18.1 added
- texlive-leipzig-2021.189.2.3svn52450-150400.18.1 added
- texlive-lengthconvert-2021.189.1.0asvn55064-150400.18.1 added
- texlive-letltxmacro-2021.189.1.6svn53022-150400.18.1 added
- texlive-letterspacing-2021.189.svn54266-150400.18.1 added
- texlive-letterswitharrows-2021.189.svn53709-150400.18.1 added
- texlive-lettre-2021.189.3.002svn54722-150400.18.1 added
- texlive-lettrine-2021.189.2.23svn54560-150400.18.1 added
- texlive-levy-2021.189.svn21750-150400.18.1 added
- texlive-lewis-2021.189.0.0.1svn15878-150400.18.1 added
- texlive-lexend-2021.189.1.1.0.70svn57564-150400.18.1 added
- texlive-lexend-fonts-2021.189.1.1.0.70svn57564-150400.18.1 added
- texlive-lexikon-2021.189.1.0csvn17364-150400.18.1 added
- texlive-lexref-2021.189.1.1asvn36026-150400.18.1 added
- texlive-lfb-2021.189.1.0svn15878-150400.18.1 added
- texlive-lgreek-2021.189.svn21818-150400.18.1 added
- texlive-lh-2021.189.3.5gsvn15878-150400.18.1 added
- texlive-lhcyr-2021.189.svn31795-150400.18.1 added
- texlive-lhelp-2021.189.2.0svn23638-150400.18.1 added
- texlive-libertine-2021.189.5.3.0svn54583-150400.18.1 added
- texlive-libertine-fonts-2021.189.5.3.0svn54583-150400.18.1 added
- texlive-libertinegc-2021.189.1.01svn44616-150400.18.1 added
- texlive-libertinus-2021.189.0.0.02svn55064-150400.18.1 added
- texlive-libertinus-fonts-2021.189.7.040svn57948-150400.18.1 added
- texlive-libertinus-fonts-fonts-2021.189.7.040svn57948-150400.18.1 added
- texlive-libertinus-otf-2021.189.0.0.28svn57398-150400.18.1 added
- texlive-libertinus-type1-2021.189.svn57754-150400.18.1 added
- texlive-libertinus-type1-fonts-2021.189.svn57754-150400.18.1 added
- texlive-libertinust1math-2021.189.1.2.2svn56861-150400.18.1 added
- texlive-libertinust1math-fonts-2021.189.1.2.2svn56861-150400.18.1 added
- texlive-libgreek-2021.189.1.0svn27789-150400.18.1 added
- texlive-librarian-2021.189.1.0svn19880-150400.18.1 added
- texlive-librebaskerville-2021.189.svn56018-150400.18.1 added
- texlive-librebaskerville-fonts-2021.189.svn56018-150400.18.1 added
- texlive-librebodoni-2021.189.svn39375-150400.18.1 added
- texlive-librebodoni-fonts-2021.189.svn39375-150400.18.1 added
- texlive-librecaslon-2021.189.svn56003-150400.18.1 added
- texlive-librecaslon-fonts-2021.189.svn56003-150400.18.1 added
- texlive-librefranklin-2021.189.svn54512-150400.18.1 added
- texlive-librefranklin-fonts-2021.189.svn54512-150400.18.1 added
- texlive-libris-2021.189.1.007svn19409-150400.18.1 added
- texlive-libris-fonts-2021.189.1.007svn19409-150400.18.1 added
- texlive-lie-hasse-2021.189.1.0svn53653-150400.18.1 added
- texlive-light-latex-make-2021.189.0.0.2.0svn56513-150400.18.1 added
- texlive-lilyglyphs-2021.189.0.0.2.4svn56473-150400.18.1 added
- texlive-lilyglyphs-fonts-2021.189.0.0.2.4svn56473-150400.18.1 added
- texlive-limap-2021.189.2.2svn44863-150400.18.1 added
- texlive-limecv-2021.189.0.0.1.8svn54329-150400.18.1 added
- texlive-linearA-2021.189.svn15878-150400.18.1 added
- texlive-linearA-fonts-2021.189.svn15878-150400.18.1 added
- texlive-linegoal-2021.189.2.9svn21523-150400.18.1 added
- texlive-lineno-2021.189.4.41svn57866-150400.18.1 added
- texlive-ling-macros-2021.189.svn42268-150400.18.1 added
- texlive-linguex-2021.189.4.3svn30815-150400.18.1 added
- texlive-linguisticspro-2021.189.svn54512-150400.18.1 added
- texlive-linguisticspro-fonts-2021.189.svn54512-150400.18.1 added
- texlive-linop-2021.189.0.0.1svn41304-150400.18.1 added
- texlive-lion-msc-2021.189.0.0.30svn55415-150400.18.1 added
- texlive-lipsum-2021.189.2.3svn58123-150400.18.1 added
- texlive-lisp-on-tex-2021.189.2.0svn38722-150400.18.1 added
- texlive-listbib-2021.189.2.2svn29349-150400.18.1 added
- texlive-listing-2021.189.1.2svn17373-150400.18.1 added
- texlive-listings-2021.189.1.8dsvn55265-150400.18.1 added
- texlive-listings-ext-2021.189.67svn29349-150400.18.1 added
- texlive-listingsutf8-2021.189.1.5svn53097-150400.18.1 added
- texlive-listlbls-2021.189.1.03svn34893-150400.18.1 added
- texlive-listliketab-2021.189.svn15878-150400.18.1 added
- texlive-listofitems-2021.189.1.63svn51923-150400.18.1 added
- texlive-listofsymbols-2021.189.0.0.2svn16134-150400.18.1 added
- texlive-lithuanian-2021.189.svn46039-150400.18.1 added
- texlive-liturg-2021.189.1.0svn15878-150400.18.1 added
- texlive-lkproof-2021.189.3.1svn20021-150400.18.1 added
- texlive-llncsconf-2021.189.1.1.0svn55117-150400.18.1 added
- texlive-lm-2021.189.2.005svn58637-150400.18.1 added
- texlive-lm-fonts-2021.189.2.005svn58637-150400.18.1 added
- texlive-lm-math-2021.189.1.959svn36915-150400.18.1 added
- texlive-lm-math-fonts-2021.189.1.959svn36915-150400.18.1 added
- texlive-lmake-2021.189.1.0svn25552-150400.18.1 added
- texlive-lni-2021.189.1.7svn58061-150400.18.1 added
- texlive-lobster2-2021.189.svn56019-150400.18.1 added
- texlive-lobster2-fonts-2021.189.svn56019-150400.18.1 added
- texlive-locality-2021.189.0.0.2svn20422-150400.18.1 added
- texlive-localloc-2021.189.svn56496-150400.18.1 added
- texlive-logbox-2021.189.1.0svn24499-150400.18.1 added
- texlive-logical-markup-utils-2021.189.svn15878-150400.18.1 added
- texlive-logicproof-2021.189.svn33254-150400.18.1 added
- texlive-logicpuzzle-2021.189.2.5svn34491-150400.18.1 added
- texlive-logix-2021.189.1.08svn57457-150400.18.1 added
- texlive-logix-fonts-2021.189.1.08svn57457-150400.18.1 added
- texlive-logpap-2021.189.0.0.6svn15878-150400.18.1 added
- texlive-logreq-2021.189.1.0svn53003-150400.18.1 added
- texlive-lollipop-2021.189.1.07svn45678-150400.18.1 added
- texlive-longdivision-2021.189.1.2.0svn55117-150400.18.1 added
- texlive-longfbox-2021.189.1.0svn39028-150400.18.1 added
- texlive-longfigure-2021.189.1.0svn34302-150400.18.1 added
- texlive-longnamefilelist-2021.189.0.0.2svn27889-150400.18.1 added
- texlive-loops-2021.189.1.3svn30704-150400.18.1 added
- texlive-lpform-2021.189.svn36918-150400.18.1 added
- texlive-lpic-2021.189.0.0.8svn20843-150400.18.1 added
- texlive-lplfitch-2021.189.0.0.9svn31077-150400.18.1 added
- texlive-lps-2021.189.0.0.7svn21322-150400.18.1 added
- texlive-lroundrect-2021.189.1.0svn39804-150400.18.1 added
- texlive-lsc-2021.189.svn15878-150400.18.1 added
- texlive-lshort-bulgarian-2021.189.svn15878-150400.18.1 added
- texlive-lshort-chinese-2021.189.6.02svn56036-150400.18.1 added
- texlive-lshort-czech-2021.189.4.27svn55643-150400.18.1 added
- texlive-lshort-dutch-2021.189.1.3svn15878-150400.18.1 added
- texlive-lshort-english-2021.189.6.4svn58309-150400.18.1 added
- texlive-lshort-estonian-2021.189.5.05svn39323-150400.18.1 added
- texlive-lshort-finnish-2021.189.svn15878-150400.18.1 added
- texlive-lshort-french-2021.189.5.01fr_0svn23332-150400.18.1 added
- texlive-lshort-german-2021.189.3.0csvn55643-150400.18.1 added
- texlive-lshort-italian-2021.189.6.2svn57038-150400.18.1 added
- texlive-lshort-japanese-2021.189.svn36207-150400.18.1 added
- texlive-lshort-korean-2021.189.svn58468-150400.18.1 added
- texlive-lshort-mongol-2021.189.4.26svn15878-150400.18.1 added
- texlive-lshort-persian-2021.189.5.01svn31296-150400.18.1 added
- texlive-lshort-polish-2021.189.svn55643-150400.18.1 added
- texlive-lshort-portuguese-2021.189.5.01.0svn55643-150400.18.1 added
- texlive-lshort-russian-2021.189.svn55643-150400.18.1 added
- texlive-lshort-slovak-2021.189.svn15878-150400.17.1 added
- texlive-lshort-slovenian-2021.189.4.20svn55643-150400.17.1 added
- texlive-lshort-spanish-2021.189.0.0.5svn35050-150400.17.1 added
- texlive-lshort-thai-2021.189.1.32svn55643-150400.17.1 added
- texlive-lshort-turkish-2021.189.4.20svn15878-150400.17.1 added
- texlive-lshort-ukr-2021.189.4.00svn55643-150400.17.1 added
- texlive-lshort-vietnamese-2021.189.4.00svn55643-150400.17.1 added
- texlive-lstaddons-2021.189.0.0.1svn56291-150400.17.1 added
- texlive-lstbayes-2021.189.svn48160-150400.17.1 added
- texlive-lstfiracode-2021.189.0.0.1csvn49503-150400.17.1 added
- texlive-lt3graph-2021.189.0.0.1.9svn45913-150400.17.1 added
- texlive-ltablex-2021.189.1.1svn34923-150400.17.1 added
- texlive-ltabptch-2021.189.1.74dsvn17533-150400.17.1 added
- texlive-ltb2bib-2021.189.0.0.01svn43746-150400.17.1 added
- texlive-ltxcmds-2021.189.1.25svn56421-150400.17.1 added
- texlive-ltxdockit-2021.189.1.2dsvn21869-150400.17.1 added
- texlive-ltxfileinfo-2021.189.2.04svn38663-150400.17.1 added
- texlive-ltxguidex-2021.189.0.0.2.0svn50992-150400.17.1 added
- texlive-ltximg-2021.189.2.0svn57521-150400.17.1 added
- texlive-ltxkeys-2021.189.0.0.0.3csvn28332-150400.17.1 added
- texlive-ltxmisc-2021.189.svn21927-150400.17.1 added
- texlive-ltxnew-2021.189.1.3svn21586-150400.17.1 added
- texlive-ltxtools-2021.189.0.0.0.1asvn24897-150400.17.1 added
- texlive-lua-alt-getopt-2021.189.0.0.7.0svn56414-150400.17.1 added
- texlive-lua-check-hyphen-2021.189.0.0.7asvn47527-150400.17.1 added
- texlive-lua-physical-2021.189.1.0.3svn56306-150400.17.1 added
- texlive-lua-typo-2021.189.0.0.32svn58744-150400.17.1 added
- texlive-lua-uca-2021.189.0.0.1svn56414-150400.17.1 added
- texlive-lua-ul-2021.189.0.0.1.2svn58745-150400.17.1 added
- texlive-lua-uni-algos-2021.189.0.0.2svn55206-150400.17.1 added
- texlive-lua-visual-debug-2021.189.0.0.8svn57349-150400.17.1 added
- texlive-luabibentry-2021.189.0.0.1asvn55777-150400.17.1 added
- texlive-luabidi-2021.189.0.0.5svn54512-150400.17.1 added
- texlive-luacode-2021.189.1.2asvn25193-150400.17.1 added
- texlive-luacolor-2021.189.1.17svn57829-150400.17.1 added
- texlive-luahbtex-2021.189.svn57972-150400.17.1 added
- texlive-luahyphenrules-2021.189.1.1svn56200-150400.17.1 added
- texlive-luaimageembed-2021.189.0.0.1svn50788-150400.17.1 added
- texlive-luaindex-2021.189.0.0.1bsvn25882-150400.17.1 added
- texlive-luainputenc-2021.189.0.0.973svn20491-150400.17.1 added
- texlive-luaintro-2021.189.0.0.03svn35490-150400.17.1 added
- texlive-luajittex-2021.189.svn57972-150400.17.1 added
- texlive-luakeys-2021.189.0.0.1svn57463-150400.17.1 added
- texlive-lualatex-doc-2021.189.svn30473-150400.17.1 added
- texlive-lualatex-doc-de-2021.189.1.0svn30474-150400.17.1 added
- texlive-lualatex-math-2021.189.1.9svn56541-150400.17.1 added
- texlive-lualatex-truncate-2021.189.1.1svn48469-150400.17.1 added
- texlive-lualibs-2021.189.2.73svn57277-150400.17.1 added
- texlive-luamesh-2021.189.0.0.6svn55475-150400.17.1 added
- texlive-luamplib-2021.189.2.20.7svn58279-150400.17.1 added
- texlive-luaotfload-2021.189.3.17svn57443-150400.17.1 added
- texlive-luapackageloader-2021.189.0.0.2svn54779-150400.17.1 added
- texlive-luaprogtable-2021.189.1.0svn56113-150400.17.1 added
- texlive-luarandom-2021.189.0.0.01svn49419-150400.17.1 added
- texlive-luasseq-2021.189.svn37877-150400.17.1 added
- texlive-luatex-2021.189.svn58702-150400.17.1 added
- texlive-luatex-doc-2021.189.svn58702-150400.17.1 added
- texlive-luatex85-2021.189.1.4svn41456-150400.17.1 added
- texlive-luatexbase-2021.189.1.3svn52663-150400.17.1 added
- texlive-luatexja-2021.189.20210319.0svn58542-150400.17.1 added
- texlive-luatexko-2021.189.3.0svn58085-150400.17.1 added
- texlive-luatextra-2021.189.1.0.1svn20747-150400.17.1 added
- texlive-luatodonotes-2021.189.0.0.5svn53825-150400.17.1 added
- texlive-luavlna-2021.189.0.0.1isvn58087-150400.17.1 added
- texlive-luaxml-2021.189.0.0.1nsvn57183-150400.17.1 added
- texlive-lwarp-2021.189.0.0.895svn57836-150400.17.1 added
- texlive-lxfonts-2021.189.2.0bsvn32354-150400.17.1 added
- texlive-lxfonts-fonts-2021.189.2.0bsvn32354-150400.17.1 added
- texlive-ly1-2021.189.svn47848-150400.17.1 added
- texlive-lyluatex-2021.189.1.0fsvn51252-150400.17.1 added
- texlive-m-tx-2021.189.0.0.63csvn52851-150400.17.1 added
- texlive-macros2e-2021.189.0.0.4asvn56291-150400.17.1 added
- texlive-macroswap-2021.189.1.1svn31498-150400.17.1 added
- texlive-mafr-2021.189.1.0svn15878-150400.17.1 added
- texlive-magaz-2021.189.0.0.4svn24694-150400.17.1 added
- texlive-magicnum-2021.189.1.7svn52983-150400.17.1 added
- texlive-magra-2021.189.0.0.0.1svn57373-150400.17.1 added
- texlive-magra-fonts-2021.189.0.0.0.1svn57373-150400.17.1 added
- texlive-mailing-2021.189.svn15878-150400.17.1 added
- texlive-mailmerge-2021.189.1.0svn15878-150400.17.1 added
- texlive-make4ht-2021.189.0.0.3gsvn58563-150400.17.1 added
- texlive-makebarcode-2021.189.1.0svn15878-150400.17.1 added
- texlive-makebase-2021.189.0.0.2svn41012-150400.17.1 added
- texlive-makebox-2021.189.0.0.1svn15878-150400.17.1 added
- texlive-makecell-2021.189.0.0.1esvn15878-150400.17.1 added
- texlive-makecirc-2021.189.svn15878-150400.17.1 added
- texlive-makecmds-2021.189.svn15878-150400.17.1 added
- texlive-makecookbook-2021.189.0.0.85svn49311-150400.17.1 added
- texlive-makedtx-2021.189.1.2svn46702-150400.17.1 added
- texlive-makeglos-2021.189.svn15878-150400.17.1 added
- texlive-makeindex-2021.189.svn52851-150400.17.1 added
- texlive-makeplot-2021.189.1.0.6svn15878-150400.17.1 added
- texlive-maker-2021.189.1.0svn44823-150400.17.1 added
- texlive-makerobust-2021.189.2.0svn52811-150400.17.1 added
- texlive-makeshape-2021.189.2.1svn28973-150400.17.1 added
- texlive-mandi-2021.189.2.7.5svn49720-150400.17.1 added
- texlive-manfnt-2021.189.svn54684-150400.17.1 added
- texlive-manfnt-font-2021.189.svn45777-150400.17.1 added
- texlive-manfnt-font-fonts-2021.189.svn45777-150400.17.1 added
- texlive-manuscript-2021.189.1.7svn36110-150400.17.1 added
- texlive-manyind-2021.189.svn49874-150400.17.1 added
- texlive-marathi-2021.189.1.6.2svn58760-150400.17.1 added
- texlive-marcellus-2021.189.svn56016-150400.17.1 added
- texlive-marcellus-fonts-2021.189.svn56016-150400.17.1 added
- texlive-margbib-2021.189.1.0csvn15878-150400.17.1 added
- texlive-marginfit-2021.189.1.1svn48281-150400.17.1 added
- texlive-marginfix-2021.189.1.2svn55064-150400.17.1 added
- texlive-marginnote-2021.189.1.4bsvn48383-150400.17.1 added
- texlive-markdown-2021.189.2.9.0svn56414-150400.17.1 added
- texlive-marvosym-2021.189.2.2asvn29349-150400.17.1 added
- texlive-marvosym-fonts-2021.189.2.2asvn29349-150400.17.1 added
- texlive-matapli-2021.189.1.1svn58635-150400.17.1 added
- texlive-matc3-2021.189.1.0.1svn29845-150400.17.1 added
- texlive-matc3mem-2021.189.1.1svn35773-150400.17.1 added
- texlive-match_parens-2021.189.1.43svn36270-150400.17.1 added
- texlive-math-into-latex-4-2021.189.svn44131-150400.17.1 added
- texlive-mathabx-2021.189.svn15878-150400.17.1 added
- texlive-mathabx-type1-2021.189.svn21129-150400.17.1 added
- texlive-mathabx-type1-fonts-2021.189.svn21129-150400.17.1 added
- texlive-mathalpha-2021.189.1.13svn52305-150400.17.1 added
- texlive-mathastext-2021.189.1.3wsvn52840-150400.17.1 added
- texlive-mathcommand-2021.189.1.03svn53044-150400.17.1 added
- texlive-mathcomp-2021.189.0.0.1fsvn15878-150400.17.1 added
- texlive-mathdesign-2021.189.2.31svn31639-150400.17.1 added
- texlive-mathdesign-fonts-2021.189.2.31svn31639-150400.17.1 added
- texlive-mathdots-2021.189.0.0.9svn34301-150400.17.1 added
- texlive-mathexam-2021.189.1.00svn15878-150400.17.1 added
- texlive-mathfam256-2021.189.0.0.5svn53519-150400.17.1 added
- texlive-mathfixs-2021.189.1.01svn49547-150400.17.1 added
- texlive-mathfont-2021.189.1.6svn53035-150400.17.1 added
- texlive-mathlig-2021.189.1.0svn54244-150400.17.1 added
- texlive-mathpartir-2021.189.1.3.2svn39864-150400.17.1 added
- texlive-mathpazo-2021.189.1.003svn52663-150400.17.1 added
- texlive-mathpazo-fonts-2021.189.1.003svn52663-150400.17.1 added
- texlive-mathpunctspace-2021.189.1.1svn46754-150400.17.1 added
- texlive-maths-symbols-2021.189.3.4svn37763-150400.17.1 added
- texlive-mathspec-2021.189.0.0.2bsvn42773-150400.17.1 added
- texlive-mathspic-2021.189.1.13svn31957-150400.17.1 added
- texlive-mathtools-2021.189.1.26svn58725-150400.17.1 added
- texlive-matlab-prettifier-2021.189.0.0.3svn34323-150400.17.1 added
- texlive-matrix-skeleton-2021.189.1.0svn54080-150400.17.1 added
- texlive-mattens-2021.189.1.3svn17582-150400.17.1 added
- texlive-maybemath-2021.189.svn15878-150400.17.1 added
- texlive-mcaption-2021.189.3.0svn15878-150400.17.1 added
- texlive-mceinleger-2021.189.svn15878-150400.17.1 added
- texlive-mcexam-2021.189.0.0.4svn46155-150400.17.1 added
- texlive-mcf2graph-2021.189.4.62svn58756-150400.17.1 added
- texlive-mcite-2021.189.1.6svn18173-150400.17.1 added
- texlive-mciteplus-2021.189.1.2svn31648-150400.17.1 added
- texlive-mcmthesis-2021.189.6.3.1svn57333-150400.17.1 added
- texlive-mdframed-2021.189.1.9bsvn31075-150400.17.1 added
- texlive-mdputu-2021.189.1.2svn20298-150400.17.1 added
- texlive-mdsymbol-2021.189.0.0.5svn28399-150400.17.1 added
- texlive-mdsymbol-fonts-2021.189.0.0.5svn28399-150400.17.1 added
- texlive-mdwtools-2021.189.1.05.4svn15878-150400.17.1 added
- texlive-media4svg-2021.189.0.0.5svn57528-150400.17.1 added
- texlive-media9-2021.189.1.15svn58025-150400.17.1 added
- texlive-medstarbeamer-2021.189.svn38828-150400.17.1 added
- texlive-meetingmins-2021.189.1.6svn31878-150400.17.1 added
- texlive-membranecomputing-2021.189.0.0.1svn55918-150400.17.1 added
- texlive-memdesign-2021.189.svn48664-150400.17.1 added
- texlive-memexsupp-2021.189.0.0.1svn15878-150400.17.1 added
- texlive-memoir-2021.189.3.7osvn58666-150400.17.1 added
- texlive-memory-2021.189.1.2svn30452-150400.17.1 added
- texlive-memorygraphs-2021.189.0.0.1.1svn49631-150400.17.1 added
- texlive-mendex-doc-2021.189.svn50268-150400.17.1 added
- texlive-mensa-tex-2021.189.svn45997-150400.17.1 added
- texlive-mentis-2021.189.1.5svn15878-150400.17.1 added
- texlive-menu-2021.189.0.0.994svn15878-150400.17.1 added
- texlive-menucard-2021.189.0.0.1svn55643-150400.17.1 added
- texlive-menukeys-2021.189.1.6.1svn57172-150400.17.1 added
- texlive-mercatormap-2021.189.1.02svn56060-150400.17.1 added
- texlive-merriweather-2021.189.svn56365-150400.17.1 added
- texlive-merriweather-fonts-2021.189.svn56365-150400.17.1 added
- texlive-metafont-2021.189.2.71828182svn57972-150400.17.1 added
- texlive-metafont-beginners-2021.189.svn29803-150400.17.1 added
- texlive-metago-2021.189.0.0.9svn15878-150400.17.1 added
- texlive-metalogo-2021.189.0.0.12svn18611-150400.17.1 added
- texlive-metalogox-2021.189.1.00svn49774-150400.17.1 added
- texlive-metanorma-2021.189.0.0.5.0svn55010-150400.17.1 added
- texlive-metaobj-2021.189.0.0.93svn15878-150400.17.1 added
- texlive-metaplot-2021.189.0.0.91svn15878-150400.17.1 added
- texlive-metapost-2021.189.svn57972-150400.17.1 added
- texlive-metapost-colorbrewer-2021.189.svn48753-150400.17.1 added
- texlive-metapost-examples-2021.189.svn15878-150400.17.1 added
- texlive-metapost-fonts-2021.189.svn57972-150400.17.1 added
- texlive-metastr-2021.189.1.1.2svn56246-150400.17.1 added
- texlive-metatex-2021.189.1.1svn15878-150400.17.1 added
- texlive-metatype1-2021.189.0.0.56svn37105-150400.17.1 added
- texlive-metauml-2021.189.0.0.2.6svn49923-150400.17.1 added
- texlive-method-2021.189.2.0bsvn17485-150400.17.1 added
- texlive-metre-2021.189.1.0svn18489-150400.17.1 added
- texlive-metrix-2021.189.1.5svn52323-150400.17.1 added
- texlive-mex-2021.189.1.05asvn58661-150400.17.1 added
- texlive-mf2pt1-2021.189.2.6svn57018-150400.17.1 added
- texlive-mfirstuc-2021.189.2.06svn45803-150400.17.1 added
- texlive-mflogo-2021.189.2.0svn42428-150400.17.1 added
- texlive-mflogo-font-2021.189.1.002svn54512-150400.17.1 added
- texlive-mflogo-font-fonts-2021.189.1.002svn54512-150400.17.1 added
- texlive-mflua-2021.189.svn54074-150400.17.1 added
- texlive-mfnfss-2021.189.svn46036-150400.17.1 added
- texlive-mfpic-2021.189.1.10svn28444-150400.17.1 added
- texlive-mfpic4ode-2021.189.0.0.4svn17745-150400.17.1 added
- texlive-mftinc-2021.189.1.0asvn15878-150400.17.1 added
- texlive-mfware-2021.189.svn57972-150400.17.1 added
- texlive-mgltex-2021.189.4.2svn41676-150400.17.1 added
- texlive-mhchem-2021.189.svn52662-150400.17.1 added
- texlive-mhequ-2021.189.1.7svn38224-150400.17.1 added
- texlive-mi-solns-2021.189.0.0.6svn49651-150400.17.1 added
- texlive-miama-2021.189.1.1svn54512-150400.17.1 added
- texlive-miama-fonts-2021.189.1.1svn54512-150400.17.1 added
- texlive-microtype-2021.189.2.8csvn58394-150400.17.1 added
- texlive-microtype-de-2021.189.2.4svn54080-150400.17.1 added
- texlive-midnight-2021.189.svn15878-150400.17.1 added
- texlive-midpage-2021.189.1.1asvn17484-150400.17.1 added
- texlive-miller-2021.189.1.2svn18789-150400.17.1 added
- texlive-milog-2021.189.1.0svn41610-150400.17.1 added
- texlive-milsymb-2021.189.1.02svn54361-150400.17.1 added
- texlive-mindflow-2021.189.svn58475-150400.17.1 added
- texlive-minibox-2021.189.0.0.2asvn30914-150400.17.1 added
- texlive-minidocument-2021.189.1.0svn43752-150400.17.1 added
- texlive-minifp-2021.189.0.0.96svn32559-150400.17.1 added
- texlive-minimalist-2021.189.svn58395-150400.17.1 added
- texlive-minipage-marginpar-2021.189.0.0.2svn15878-150400.17.1 added
- texlive-miniplot-2021.189.svn17483-150400.17.1 added
- texlive-minitoc-2021.189.62svn48196-150400.17.1 added
- texlive-minorrevision-2021.189.1.1svn32165-150400.17.1 added
- texlive-minted-2021.189.2.5svn44855-150400.17.1 added
- texlive-mintspirit-2021.189.svn32069-150400.17.1 added
- texlive-mintspirit-fonts-2021.189.svn32069-150400.17.1 added
- texlive-minutes-2021.189.1.8fsvn42186-150400.17.1 added
- texlive-mismath-2021.189.1.8svn56949-150400.17.1 added
- texlive-missaali-2021.189.1.004svn54512-150400.17.1 added
- texlive-missaali-fonts-2021.189.1.004svn54512-150400.17.1 added
- texlive-mkgrkindex-2021.189.2.0svn26313-150400.17.1 added
- texlive-mkjobtexmf-2021.189.0.0.8svn29725-150400.17.1 added
- texlive-mkpattern-2021.189.1.2svn15878-150400.17.1 added
- texlive-mkpic-2021.189.1.02svn33700-150400.17.1 added
- texlive-mla-paper-2021.189.svn54080-150400.17.1 added
- texlive-mlacls-2021.189.0.0.9svn56878-150400.17.1 added
- texlive-mleftright-2021.189.1.2svn53021-150400.17.1 added
- texlive-mlist-2021.189.0.0.6asvn15878-150400.17.1 added
- texlive-mlmodern-2021.189.1.2svn57458-150400.17.1 added
- texlive-mlmodern-fonts-2021.189.1.2svn57458-150400.17.1 added
- texlive-mltex-2021.189.2.2svn57186-150400.17.1 added
- texlive-mluexercise-2021.189.2.0svn56927-150400.17.1 added
- texlive-mmap-2021.189.1.03svn15878-150400.17.1 added
- texlive-mnotes-2021.189.0.0.8svn35521-150400.17.1 added
- texlive-mnras-2021.189.3.1svn55729-150400.17.1 added
- texlive-mnsymbol-2021.189.1.4svn18651-150400.17.1 added
- texlive-mnsymbol-fonts-2021.189.1.4svn18651-150400.17.1 added
- texlive-modeles-factures-belges-assocs-2021.189.1.0.1svn50010-150400.17.1 added
- texlive-moderncv-2021.189.2.1.0svn57496-150400.17.1 added
- texlive-modernposter-2021.189.1.03.1svn47269-150400.17.1 added
- texlive-moderntimeline-2021.189.0.0.11svn55518-150400.17.1 added
- texlive-modes-2021.189.4.2svn56303-150400.17.1 added
- texlive-modiagram-2021.189.0.0.3asvn56886-150400.17.1 added
- texlive-modref-2021.189.1.0svn15878-150400.17.1 added
- texlive-modroman-2021.189.1svn29803-150400.17.1 added
- texlive-modular-2021.189.svn44142-150400.17.1 added
- texlive-modulus-2021.189.1.0svn47599-150400.17.1 added
- texlive-mongolian-babel-2021.189.1.2svn15878-150400.17.1 added
- texlive-monofill-2021.189.0.0.2svn28140-150400.17.1 added
- texlive-montex-2021.189.ivu.04.092svn29349-150400.17.1 added
- texlive-montex-fonts-2021.189.ivu.04.092svn29349-150400.17.1 added
- texlive-montserrat-2021.189.1.03svn54512-150400.17.1 added
- texlive-montserrat-fonts-2021.189.1.03svn54512-150400.17.1 added
- texlive-moodle-2021.189.0.0.9svn57683-150400.17.1 added
- texlive-moreenum-2021.189.1.03svn24479-150400.17.1 added
- texlive-morefloats-2021.189.1.0hsvn37927-150400.17.1 added
- texlive-morehype-2021.189.r0.83svn38815-150400.17.1 added
- texlive-moresize-2021.189.1.9svn17513-150400.17.1 added
- texlive-moreverb-2021.189.2.3asvn22126-150400.17.1 added
- texlive-morewrites-2021.189.svn49531-150400.17.1 added
- texlive-morisawa-2021.189.svn46946-150400.17.1 added
- texlive-movie15-2021.189.svn26473-150400.17.1 added
- texlive-mp3d-2021.189.1.34svn29349-150400.17.1 added
- texlive-mparhack-2021.189.1.4svn15878-150400.17.1 added
- texlive-mparrows-2021.189.0.0.1svn39729-150400.17.1 added
- texlive-mpattern-2021.189.svn15878-150400.17.1 added
- texlive-mpcolornames-2021.189.0.0.20svn23252-150400.17.1 added
- texlive-mpfonts-2021.189.svn54512-150400.17.1 added
- texlive-mpgraphics-2021.189.0.0.3svn29776-150400.17.1 added
- texlive-mpman-ru-2021.189.1.004svn15878-150400.17.1 added
- texlive-mpostinl-2021.189.1.5svn49559-150400.17.1 added
- texlive-mptopdf-2021.189.svn57347-150400.17.1 added
- texlive-mptrees-2021.189.17.06svn44453-150400.17.1 added
- texlive-ms-2021.189.svn57473-150400.17.1 added
- texlive-msc-2021.189.1.16svn15878-150400.17.1 added
- texlive-msg-2021.189.0.0.51svn49578-150400.17.1 added
- texlive-mslapa-2021.189.svn54080-150400.17.1 added
- texlive-msu-thesis-2021.189.2.8svn46106-150400.17.1 added
- texlive-mtgreek-2021.189.1.1+svn17967-150400.17.1 added
- texlive-mucproc-2021.189.1.02svn43445-150400.17.1 added
- texlive-mugsthesis-2021.189.svn34878-150400.17.1 added
- texlive-muling-2021.189.0.0.2svn56991-150400.17.1 added
- texlive-multenum-2021.189.svn21775-150400.17.1 added
- texlive-multiaudience-2021.189.1.03svn38035-150400.17.1 added
- texlive-multibbl-2021.189.1.1svn15878-150400.17.1 added
- texlive-multibib-2021.189.1.4svn15878-150400.17.1 added
- texlive-multibibliography-2021.189.1.03svn30939-150400.17.1 added
- texlive-multicap-2021.189.svn15878-150400.17.1 added
- texlive-multicolrule-2021.189.1.3asvn56366-150400.17.1 added
- texlive-multidef-2021.189.1.10svn40637-150400.17.1 added
- texlive-multido-2021.189.1.42svn18302-150400.17.1 added
- texlive-multienv-2021.189.1.0svn56291-150400.17.1 added
- texlive-multiexpand-2021.189.1.5svn45943-150400.17.1 added
- texlive-multilang-2021.189.0.0.9bsvn49065-150400.17.1 added
- texlive-multiobjective-2021.189.1.0svn15878-150400.17.1 added
- texlive-multirow-2021.189.2.8svn58396-150400.17.1 added
- texlive-munich-2021.189.svn15878-150400.17.1 added
- texlive-musical-2021.189.3.1svn54758-150400.17.1 added
- texlive-musicography-2021.189.svn53596-150400.17.1 added
- texlive-musikui-2021.189.1svn47472-150400.17.1 added
- texlive-musixguit-2021.189.1.2.2svn21649-150400.17.1 added
- texlive-musixtex-2021.189.1.31svn57353-150400.17.1 added
- texlive-musixtex-fonts-2021.189.svn37762-150400.17.1 added
- texlive-musixtex-fonts-fonts-2021.189.svn37762-150400.17.1 added
- texlive-musixtnt-2021.189.svn40307-150400.17.1 added
- texlive-musuos-2021.189.1.1dsvn24857-150400.17.1 added
- texlive-muthesis-2021.189.svn23861-150400.17.1 added
- texlive-mversion-2021.189.1.0.1svn29370-150400.17.1 added
- texlive-mwcls-2021.189.0.0.75svn44352-150400.17.1 added
- texlive-mwe-2021.189.0.0.5svn56291-150400.17.1 added
- texlive-mweights-2021.189.svn53520-150400.17.1 added
- texlive-mxedruli-2021.189.3.3csvn30021-150400.17.1 added
- texlive-mxedruli-fonts-2021.189.3.3csvn30021-150400.17.1 added
- texlive-mycv-2021.189.1.5.6svn26807-150400.17.1 added
- texlive-mylatex-2021.189.svn56751-150400.17.1 added
- texlive-mylatexformat-2021.189.3.4svn21392-150400.17.1 added
- texlive-mynsfc-2021.189.1.01svn41996-150400.17.1 added
- texlive-na-box-2021.189.1.0svn45130-150400.17.1 added
- texlive-na-position-2021.189.1.2svn55559-150400.17.1 added
- texlive-nag-2021.189.0.0.7svn24741-150400.17.1 added
- texlive-nameauth-2021.189.3.6svn58026-150400.17.1 added
- texlive-namedef-2021.189.1.0svn55881-150400.17.1 added
- texlive-namespc-2021.189.svn15878-150400.17.1 added
- texlive-nanicolle-2021.189.2.03ysvn56224-150400.17.1 added
- texlive-nanumtype1-2021.189.3.0svn29558-150400.17.1 added
- texlive-nanumtype1-fonts-2021.189.3.0svn29558-150400.17.1 added
- texlive-nar-2021.189.3.19svn38100-150400.17.1 added
- texlive-natbib-2021.189.8.31bsvn20668-150400.17.1 added
- texlive-natded-2021.189.0.0.1svn32693-150400.17.1 added
- texlive-nath-2021.189.svn15878-150400.17.1 added
- texlive-nature-2021.189.1.0svn21819-150400.17.1 added
- texlive-navigator-2021.189.1.1svn41413-150400.17.1 added
- texlive-navydocs-2021.189.1.1svn41643-150400.17.1 added
- texlive-ncclatex-2021.189.1.5svn15878-150400.17.1 added
- texlive-ncctools-2021.189.3.5.3svn51810-150400.17.1 added
- texlive-ncntrsbk-2021.189.svn31835-150400.17.1 added
- texlive-ncntrsbk-fonts-2021.189.svn31835-150400.17.1 added
- texlive-nddiss-2021.189.3.2017.2svn45107-150400.17.1 added
- texlive-ndsu-thesis-2021.189.svn46639-150400.17.1 added
- texlive-needspace-2021.189.1.3dsvn29601-150400.17.1 added
- texlive-nestquot-2021.189.svn27323-150400.17.1 added
- texlive-neuralnetwork-2021.189.1.0svn31500-150400.17.1 added
- texlive-nevelok-2021.189.1.03svn39029-150400.17.1 added
- texlive-newcommand-2021.189.2.0svn18704-150400.17.1 added
- texlive-newcomputermodern-2021.189.3.02svn57801-150400.17.1 added
- texlive-newcomputermodern-fonts-2021.189.3.02svn57801-150400.17.1 added
- texlive-newenviron-2021.189.1.0svn29331-150400.17.1 added
- texlive-newfile-2021.189.1.0csvn15878-150400.17.1 added
- texlive-newfloat-2021.189.1.1lsvn52906-150400.17.1 added
- texlive-newlfm-2021.189.9.4svn15878-150400.17.1 added
- texlive-newpax-2021.189.0.0.51svn58212-150400.17.1 added
- texlive-newpx-2021.189.1.414svn56845-150400.17.1 added
- texlive-newpx-fonts-2021.189.1.414svn56845-150400.17.1 added
- texlive-newsletr-2021.189.svn15878-150400.17.1 added
- texlive-newspaper-2021.189.1.0svn15878-150400.17.1 added
- texlive-newtx-2021.189.1.642svn58748-150400.17.1 added
- texlive-newtx-fonts-2021.189.1.642svn58748-150400.17.1 added
- texlive-newtxsf-2021.189.1.053svn56527-150400.17.1 added
- texlive-newtxsf-fonts-2021.189.1.053svn56527-150400.17.1 added
- texlive-newtxtt-2021.189.1.056svn54512-150400.17.1 added
- texlive-newtxtt-fonts-2021.189.1.056svn54512-150400.17.1 added
- texlive-newunicodechar-2021.189.1.2svn47382-150400.17.1 added
- texlive-newvbtm-2021.189.1.1svn23996-150400.17.1 added
- texlive-newverbs-2021.189.1.6svn58256-150400.17.1 added
- texlive-nextpage-2021.189.1.1asvn15878-150400.17.1 added
- texlive-nfssext-cfr-2021.189.svn43640-150400.17.1 added
- texlive-nicefilelist-2021.189.0.0.7asvn28527-150400.17.1 added
- texlive-niceframe-2021.189.1.1csvn36086-150400.17.1 added
- texlive-niceframe-type1-2021.189.svn44671-150400.17.1 added
- texlive-niceframe-type1-fonts-2021.189.svn44671-150400.17.1 added
- texlive-nicematrix-2021.189.5.13svn58667-150400.17.1 added
- texlive-nicetext-2021.189.r0.67svn38914-150400.17.1 added
- texlive-nidanfloat-2021.189.svn48295-150400.17.1 added
- texlive-nih-2021.189.svn15878-150400.17.1 added
- texlive-nihbiosketch-2021.189.svn54191-150400.17.1 added
- texlive-nimbus15-2021.189.1.013svn54512-150400.17.1 added
- texlive-nimbus15-fonts-2021.189.1.013svn54512-150400.17.1 added
- texlive-nimsticks-2021.189.1.1svn55877-150400.17.1 added
- texlive-njurepo-2021.189.1.1.2svn50492-150400.17.1 added
- texlive-nkarta-2021.189.0.0.2svn16437-150400.17.1 added
- texlive-nl-interval-2021.189.1.0svn58328-150400.17.1 added
- texlive-nlctdoc-2021.189.1.07svn53768-150400.17.1 added
- texlive-nmbib-2021.189.1.04svn37984-150400.17.1 added
- texlive-nnext-2021.189.0.0.0svn56575-150400.17.1 added
- texlive-noconflict-2021.189.1.0svn30140-150400.17.1 added
- texlive-nodetree-2021.189.2.2svn56742-150400.17.1 added
- texlive-noindentafter-2021.189.0.0.2.2svn35709-150400.17.1 added
- texlive-noitcrul-2021.189.0.0.2svn15878-150400.17.1 added
- texlive-nolbreaks-2021.189.1.2svn26786-150400.17.1 added
- texlive-nomencl-2021.189.5.5svn57263-150400.17.1 added
- texlive-nomentbl-2021.189.0.0.4svn16549-150400.17.1 added
- texlive-nonfloat-2021.189.1.0svn17598-150400.17.1 added
- texlive-nonumonpart-2021.189.1svn22114-150400.17.1 added
- texlive-nopageno-2021.189.svn18128-150400.17.1 added
- texlive-norasi-c90-2021.189.svn37675-150400.17.1 added
- texlive-normalcolor-2021.189.r11svn40125-150400.17.1 added
- texlive-nostarch-2021.189.1.3svn15878-150400.17.1 added
- texlive-notes-2021.189.1.0.1svn42428-150400.17.1 added
- texlive-notes2bib-2021.189.2.0msvn52231-150400.17.1 added
- texlive-notespages-2021.189.0.0.8.1svn41906-150400.17.1 added
- texlive-notestex-2021.189.1.0svn45396-150400.17.1 added
- texlive-notex-bst-2021.189.svn42361-150400.17.1 added
- texlive-noto-2021.189.svn54512-150400.17.1 added
- texlive-noto-emoji-2021.189.20191119_unicode12svn53968-150400.17.1 added
- texlive-noto-emoji-fonts-2021.189.20191119_unicode12svn53968-150400.17.1 added
- texlive-noto-fonts-2021.189.svn54512-150400.17.1 added
- texlive-notoccite-2021.189.svn18129-150400.17.1 added
- texlive-notomath-2021.189.1.02svn58726-150400.17.1 added
- texlive-notomath-fonts-2021.189.1.02svn58726-150400.17.1 added
- texlive-novel-2021.189.1.52svn54512-150400.17.1 added
- texlive-novel-fonts-2021.189.1.52svn54512-150400.17.1 added
- texlive-nowidow-2021.189.1.0svn24066-150400.17.1 added
- texlive-nox-2021.189.1.0svn30991-150400.17.1 added
- texlive-npp-for-context-2021.189.0.0.98svn51389-150400.17.1 added
- texlive-nrc-2021.189.2.01asvn29027-150400.17.1 added
- texlive-ntgclass-2021.189.2.1esvn56959-150400.17.1 added
- texlive-nth-2021.189.svn54252-150400.17.1 added
- texlive-ntheorem-2021.189.1.33svn27609-150400.17.1 added
- texlive-ntheorem-vn-2021.189.1.203svn15878-150400.17.1 added
- texlive-nuc-2021.189.0.0.1svn22256-150400.17.1 added
- texlive-nucleardata-2021.189.1.1svn47307-150400.17.1 added
- texlive-numberedblock-2021.189.1.10svn33109-150400.17.1 added
- texlive-numberpt-2021.189.1.0svn51640-150400.17.1 added
- texlive-numerica-2021.189.1.0.0svn57759-150400.17.1 added
- texlive-numericplots-2021.189.2.0.2svn31729-150400.17.1 added
- texlive-numname-2021.189.svn18130-150400.17.1 added
- texlive-numnameru-2021.189.svn44895-150400.17.1 added
- texlive-numprint-2021.189.1.39svn27498-150400.17.1 added
- texlive-numspell-2021.189.1.4svn56912-150400.17.1 added
- texlive-nunito-2021.189.0.0.0.1svn57429-150400.17.1 added
- texlive-nunito-fonts-2021.189.0.0.0.1svn57429-150400.17.1 added
- texlive-nwejm-2021.189.1.0.1svn54392-150400.17.1 added
- texlive-oberdiek-2021.189.svn56291-150400.17.1 added
- texlive-objectz-2021.189.svn19389-150400.17.1 added
- texlive-obnov-2021.189.0.0.11svn33355-150400.17.1 added
- texlive-ocg-p-2021.189.0.0.4svn28803-150400.17.1 added
- texlive-ocgx-2021.189.0.0.5svn54512-150400.17.1 added
- texlive-ocgx2-2021.189.0.0.50svn57531-150400.17.1 added
- texlive-ocherokee-2021.189.svn25689-150400.17.1 added
- texlive-ocherokee-fonts-2021.189.svn25689-150400.17.1 added
- texlive-ocr-b-2021.189.svn20852-150400.17.1 added
- texlive-ocr-b-outline-2021.189.svn20969-150400.17.1 added
- texlive-ocr-b-outline-fonts-2021.189.svn20969-150400.17.1 added
- texlive-ocr-latex-2021.189.svn15878-150400.17.1 added
- texlive-octave-2021.189.svn45674-150400.17.1 added
- texlive-octavo-2021.189.1.2svn15878-150400.17.1 added
- texlive-odsfile-2021.189.0.0.6svn38449-150400.17.1 added
- texlive-ofs-2021.189.svn16991-150400.17.1 added
- texlive-ogham-2021.189.svn24876-150400.17.1 added
- texlive-oinuit-2021.189.svn28668-150400.17.1 added
- texlive-oinuit-fonts-2021.189.svn28668-150400.17.1 added
- texlive-old-arrows-2021.189.2.0svn42872-150400.17.1 added
- texlive-old-arrows-fonts-2021.189.2.0svn42872-150400.17.1 added
- texlive-oldlatin-2021.189.1.00svn17932-150400.17.1 added
- texlive-oldstandard-2021.189.2.6svn57213-150400.17.1 added
- texlive-oldstandard-fonts-2021.189.2.6svn57213-150400.17.1 added
- texlive-oldstyle-2021.189.0.0.2svn15878-150400.17.1 added
- texlive-olsak-misc-2021.189.may_2019svn54080-150400.17.1 added
- texlive-omega-2021.189.svn33046-150400.17.1 added
- texlive-omega-fonts-2021.189.svn33046-150400.17.1 added
- texlive-omegaware-2021.189.svn57972-150400.17.1 added
- texlive-onedown-2021.189.1.4svn52525-150400.17.1 added
- texlive-onlyamsmath-2021.189.0.0.20svn42927-150400.17.1 added
- texlive-onrannual-2021.189.1.1svn17474-150400.17.1 added
- texlive-opcit-2021.189.1.1svn15878-150400.17.1 added
- texlive-opensans-2021.189.2.2svn54512-150400.17.1 added
- texlive-opensans-fonts-2021.189.2.2svn54512-150400.17.1 added
- texlive-oplotsymbl-2021.189.1.4svn44951-150400.17.1 added
- texlive-opteng-2021.189.1.0svn27331-150400.17.1 added
- texlive-optex-2021.189.1.01svn58515-150400.17.1 added
- texlive-optidef-2021.189.3.1svn50941-150400.17.1 added
- texlive-optional-2021.189.2.2bsvn18131-150400.17.1 added
- texlive-options-2021.189.1.0svn39030-150400.17.1 added
- texlive-orcidlink-2021.189.1.0.3svn58432-150400.17.1 added
- texlive-ordinalpt-2021.189.2.1svn15878-150400.17.1 added
- texlive-orientation-2021.189.1.0svn57390-150400.17.1 added
- texlive-orkhun-2021.189.svn15878-150400.17.1 added
- texlive-oscola-2021.189.1.7svn54328-150400.17.1 added
- texlive-oswald-2021.189.svn57253-150400.17.1 added
- texlive-oswald-fonts-2021.189.svn57253-150400.17.1 added
- texlive-ot-tableau-2021.189.svn44889-150400.17.1 added
- texlive-othello-2021.189.svn15878-150400.17.1 added
- texlive-othelloboard-2021.189.1.2svn23714-150400.17.1 added
- texlive-otibet-2021.189.svn45777-150400.17.1 added
- texlive-oubraces-2021.189.svn21833-150400.17.1 added
- texlive-oup-authoring-template-2021.189.1.0svn58661-150400.17.1 added
- texlive-outerhbox-2021.189.1.2svn54254-150400.17.1 added
- texlive-outline-2021.189.svn18360-150400.17.1 added
- texlive-outliner-2021.189.0.0.94svn21095-150400.17.1 added
- texlive-outlines-2021.189.1.1svn25192-150400.17.1 added
- texlive-outlining-2021.189.0.0.1svn45601-150400.17.1 added
- texlive-overlays-2021.189.2.12svn57866-150400.17.1 added
- texlive-overlock-2021.189.svn56079-150400.17.1 added
- texlive-overlock-fonts-2021.189.svn56079-150400.17.1 added
- texlive-overpic-2021.189.1.3svn53889-150400.17.1 added
- texlive-pacioli-2021.189.svn24947-150400.17.1 added
- texlive-padauk-2021.189.3.002svn42617-150400.17.1 added
- texlive-padauk-fonts-2021.189.3.002svn42617-150400.17.1 added
- texlive-padcount-2021.189.1.0svn47621-150400.17.1 added
- texlive-pagecolor-2021.189.1.0isvn44487-150400.17.1 added
- texlive-pagecont-2021.189.1.0svn15878-150400.17.1 added
- texlive-pagenote-2021.189.1.1asvn15878-150400.17.1 added
- texlive-pagerange-2021.189.0.0.5svn16915-150400.17.1 added
- texlive-pagesel-2021.189.1.10svn56105-150400.17.1 added
- texlive-pageslts-2021.189.1.2fsvn39164-150400.17.1 added
- texlive-palatino-2021.189.svn31835-150400.17.1 added
- texlive-palatino-fonts-2021.189.svn31835-150400.17.1 added
- texlive-paper-2021.189.1.0lsvn34521-150400.17.1 added
- texlive-papercdcase-2021.189.svn15878-150400.17.1 added
- texlive-papermas-2021.189.1.0hsvn23667-150400.17.1 added
- texlive-papertex-2021.189.1.2bsvn19230-150400.17.1 added
- texlive-paracol-2021.189.1.35svn49560-150400.17.1 added
- texlive-parades-2021.189.svn40042-150400.17.1 added
- texlive-paralist-2021.189.2.7svn43021-150400.17.1 added
- texlive-parallel-2021.189.svn15878-150400.17.1 added
- texlive-paratype-2021.189.svn32859-150400.17.1 added
- texlive-paratype-fonts-2021.189.svn32859-150400.17.1 added
- texlive-paresse-2021.189.5.0.1svn56621-150400.17.1 added
- texlive-parnotes-2021.189.3bsvn51720-150400.17.1 added
- texlive-parrun-2021.189.svn15878-150400.17.1 added
- texlive-parsa-2021.189.1.3svn54840-150400.17.1 added
- texlive-parselines-2021.189.1.4svn21475-150400.17.1 added
- texlive-parskip-2021.189.2.0hsvn58358-150400.17.1 added
- texlive-pas-cours-2021.189.1.9svn55859-150400.17.1 added
- texlive-pas-crosswords-2021.189.1.03svn32313-150400.17.1 added
- texlive-pas-cv-2021.189.2.01svn32263-150400.17.1 added
- texlive-pas-tableur-2021.189.2.01svn39542-150400.17.1 added
- texlive-passivetex-2021.189.svn15878-150400.17.1 added
- texlive-patch-2021.189.svn42428-150400.17.1 added
- texlive-patchcmd-2021.189.1.05svn41379-150400.17.1 added
- texlive-patgen-2021.189.2.4svn57972-150400.17.1 added
- texlive-patgen2-tutorial-2021.189.svn16490-150400.17.1 added
- texlive-path-2021.189.3.05svn22045-150400.17.1 added
- texlive-pauldoc-2021.189.0.0.5svn16005-150400.17.1 added
- texlive-pawpict-2021.189.1.0svn21629-150400.17.1 added
- texlive-pax-2021.189.0.0.1lsvn54512-150400.17.1 added
- texlive-pb-diagram-2021.189.5.0svn15878-150400.17.1 added
- texlive-pbalance-2021.189.1.0.1svn57161-150400.17.1 added
- texlive-pbibtex-base-2021.189.svn40986-150400.17.1 added
- texlive-pbox-2021.189.1.2svn24807-150400.17.1 added
- texlive-pbsheet-2021.189.0.0.1svn24830-150400.17.1 added
- texlive-pdf-trans-2021.189.2.4svn32809-150400.17.1 added
- texlive-pdf14-2021.189.0.0.1svn17583-150400.17.1 added
- texlive-pdfarticle-2021.189.1.0svn51127-150400.17.1 added
- texlive-pdfbook2-2021.189.1.4svn53521-150400.17.1 added
- texlive-pdfcolmk-2021.189.2.0svn52912-150400.17.1 added
- texlive-pdfcomment-2021.189.2.4asvn49047-150400.17.1 added
- texlive-pdfcprot-2021.189.1.7asvn18735-150400.17.1 added
- texlive-pdfcrop-2021.189.1.40svn55435-150400.17.1 added
- texlive-pdfescape-2021.189.1.15svn53082-150400.17.1 added
- texlive-pdfjam-2021.189.3.03svn56991-150400.17.1 added
- texlive-pdflatexpicscale-2021.189.0.0.32svn46617-150400.17.1 added
- texlive-pdflscape-2021.189.0.0.12svn53047-150400.17.1 added
- texlive-pdfmanagement-testphase-2021.189.0.0.95csvn58511-150400.17.1 added
- texlive-pdfmarginpar-2021.189.0.0.92svn23492-150400.17.1 added
- texlive-pdfoverlay-2021.189.1.2asvn57923-150400.17.1 added
- texlive-pdfpagediff-2021.189.1.4svn37946-150400.17.1 added
- texlive-pdfpages-2021.189.0.0.5tsvn58212-150400.17.1 added
- texlive-pdfpc-2021.189.0.0.6.0svn57735-150400.17.1 added
- texlive-pdfpc-movie-2021.189.1.0svn48245-150400.17.1 added
- texlive-pdfprivacy-2021.189.1.0svn45985-150400.17.1 added
- texlive-pdfreview-2021.189.1.2svn50100-150400.17.1 added
- texlive-pdfscreen-2021.189.1.5svn42428-150400.17.1 added
- texlive-pdfslide-2021.189.svn15878-150400.17.1 added
- texlive-pdfsync-2021.189.svn20373-150400.17.1 added
- texlive-pdftex-2021.189.svn57973-150400.17.1 added
- texlive-pdftex-doc-2021.189.svn57973-150400.17.1 added
- texlive-pdftex-fonts-2021.189.svn57973-150400.17.1 added
- texlive-pdftex-quiet-2021.189.1.1.0svn49169-150400.17.1 added
- texlive-pdftexcmds-2021.189.0.0.33svn55777-150400.17.1 added
- texlive-pdftosrc-2021.189.svn57972-150400.17.1 added
- texlive-pdftricks-2021.189.1.16svn15878-150400.17.1 added
- texlive-pdftricks2-2021.189.1.01svn31016-150400.17.1 added
- texlive-pdfwin-2021.189.svn54074-150400.17.1 added
- texlive-pdfx-2021.189.1.6.3svn50338-150400.17.1 added
- texlive-pdfxup-2021.189.2.00svn57166-150400.17.1 added
- texlive-pecha-2021.189.0.0.1svn15878-150400.17.1 added
- texlive-pedigree-perl-2021.189.1.0svn31990-150400.17.1 added
- texlive-penrose-2021.189.1.4svn57508-150400.17.1 added
- texlive-perception-2021.189.svn48861-150400.17.1 added
- texlive-perfectcut-2021.189.2.3svn54080-150400.17.1 added
- texlive-perltex-2021.189.2.2svn52162-150400.17.1 added
- texlive-permute-2021.189.svn15878-150400.17.1 added
- texlive-persian-bib-2021.189.0.0.9svn37297-150400.17.1 added
- texlive-petiteannonce-2021.189.1.0001svn25915-150400.17.1 added
- texlive-petri-nets-2021.189.svn39165-150400.17.1 added
- texlive-pfarrei-2021.189.r36svn31934-150400.17.1 added
- texlive-pgf-2021.189.3.1.8bsvn57240-150400.17.1 added
- texlive-pgf-blur-2021.189.1.02svn54512-150400.17.1 added
- texlive-pgf-cmykshadings-2021.189.1.2svn52635-150400.17.1 added
- texlive-pgf-pie-2021.189.0.0.3svn55342-150400.17.1 added
- texlive-pgf-soroban-2021.189.1.1svn32269-150400.17.1 added
- texlive-pgf-spectra-2021.189.2.0.0svn58467-150400.17.1 added
- texlive-pgf-umlcd-2021.189.0.0.2.1.1svn55342-150400.17.1 added
- texlive-pgf-umlsd-2021.189.0.0.7svn55342-150400.17.1 added
- texlive-pgfgantt-2021.189.5.0svn52662-150400.17.1 added
- texlive-pgfkeyx-2021.189.0.0.0.1svn26093-150400.17.1 added
- texlive-pgfmolbio-2021.189.0.0.21svn35152-150400.17.1 added
- texlive-pgfmorepages-2021.189.1.20svn54770-150400.17.1 added
- texlive-pgfopts-2021.189.2.1asvn56615-150400.17.1 added
- texlive-pgfornament-2021.189.1.2svn55326-150400.17.1 added
- texlive-pgfornament-han-2021.189.svn54191-150400.17.1 added
- texlive-pgfplots-2021.189.1.17svn54080-150400.17.1 added
- texlive-phaistos-2021.189.1.0svn18651-150400.17.1 added
- texlive-phaistos-fonts-2021.189.1.0svn18651-150400.17.1 added
- texlive-phffullpagefigure-2021.189.1.0svn41857-150400.17.1 added
- texlive-phfnote-2021.189.1.0svn41858-150400.17.1 added
- texlive-phfparen-2021.189.1.0svn41859-150400.17.1 added
- texlive-phfqit-2021.189.2.0svn45084-150400.17.1 added
- texlive-phfquotetext-2021.189.1.0svn41869-150400.17.1 added
- texlive-phfsvnwatermark-2021.189.1.0svn41870-150400.17.1 added
- texlive-phfthm-2021.189.1.0svn41871-150400.17.1 added
- texlive-philex-2021.189.1.3svn36396-150400.17.1 added
- texlive-philokalia-2021.189.1.2svn45356-150400.17.1 added
- texlive-philokalia-fonts-2021.189.1.2svn45356-150400.17.1 added
- texlive-philosophersimprint-2021.189.1.5svn56954-150400.17.1 added
- texlive-phonenumbers-2021.189.2.2svn51933-150400.17.1 added
- texlive-phonetic-2021.189.svn56468-150400.17.1 added
- texlive-phonrule-2021.189.1.3.2svn43963-150400.17.1 added
- texlive-photo-2021.189.svn18739-150400.17.1 added
- texlive-physconst-2021.189.1.1.2svn58727-150400.17.1 added
- texlive-physics-2021.189.1.3svn28590-150400.17.1 added
- texlive-physunits-2021.189.1.2.0svn58728-150400.17.1 added
- texlive-piano-2021.189.1.0svn21574-150400.17.1 added
- texlive-picinpar-2021.189.1.2asvn57349-150400.17.1 added
- texlive-pict2e-2021.189.0.0.4bsvn56504-150400.17.1 added
- texlive-pictex-2021.189.1.1svn21943-150400.17.1 added
- texlive-pictex2-2021.189.svn15878-150400.17.1 added
- texlive-pictexsum-2021.189.svn24965-150400.17.1 added
- texlive-picture-2021.189.1.6svn54867-150400.17.1 added
- texlive-piechartmp-2021.189.0.0.3.0svn19440-150400.17.1 added
- texlive-piff-2021.189.svn21894-150400.17.1 added
- texlive-pigpen-2021.189.0.0.2svn15878-150400.17.1 added
- texlive-pigpen-fonts-2021.189.0.0.2svn15878-150400.17.1 added
- texlive-pinlabel-2021.189.1.2svn24769-150400.17.1 added
- texlive-pinoutikz-2021.189.1.1.2svn55966-150400.17.1 added
- texlive-pitex-2021.189.svn24731-150400.17.1 added
- texlive-pittetd-2021.189.1.618svn15878-150400.17.1 added
- texlive-pixelart-2021.189.0.0.2.0svn57508-150400.17.1 added
- texlive-pkfix-2021.189.1.7svn26032-150400.17.1 added
- texlive-pkfix-helper-2021.189.1.6svn56061-150400.17.1 added
- texlive-pkgloader-2021.189.0.0.7.0svn47486-150400.17.1 added
- texlive-pkuthss-2021.189.1.9.0svn58729-150400.17.1 added
- texlive-pl-2021.189.1.09asvn58661-150400.17.1 added
- texlive-pl-fonts-2021.189.1.09asvn58661-150400.17.1 added
- texlive-placeat-2021.189.0.0.1d1svn45145-150400.17.1 added
- texlive-placeins-2021.189.2.2svn19848-150400.17.1 added
- texlive-placeins-plain-2021.189.2.0svn15878-150400.17.1 added
- texlive-plain-2021.189.3.141592653svn57963-150400.17.1 added
- texlive-plain-doc-2021.189.svn28424-150400.17.1 added
- texlive-plainpkg-2021.189.0.0.4asvn27765-150400.17.1 added
- texlive-plainyr-2021.189.svn52783-150400.17.1 added
- texlive-plantslabels-2021.189.1.0svn29803-150400.17.1 added
- texlive-plantuml-2021.189.0.0.3.1svn55214-150400.17.1 added
- texlive-plari-2021.189.svn15878-150400.17.1 added
- texlive-plates-2021.189.0.0.1svn15878-150400.17.1 added
- texlive-platex-2021.189.svn57972-150400.17.1 added
- texlive-platex-tools-2021.189.svn57729-150400.17.1 added
- texlive-platexcheat-2021.189.3.1svn49557-150400.17.1 added
- texlive-plautopatch-2021.189.0.0.9nsvn57731-150400.17.1 added
- texlive-play-2021.189.svn15878-150400.17.1 added
- texlive-playfair-2021.189.svn56005-150400.17.1 added
- texlive-playfair-fonts-2021.189.svn56005-150400.17.1 added
- texlive-plex-2021.189.svn54512-150400.17.1 added
- texlive-plex-fonts-2021.189.svn54512-150400.17.1 added
- texlive-plex-otf-2021.189.0.0.07asvn47562-150400.17.1 added
- texlive-plimsoll-2021.189.1svn56605-150400.17.1 added
- texlive-plimsoll-fonts-2021.189.1svn56605-150400.17.1 added
- texlive-plipsum-2021.189.4.3svn30353-150400.17.1 added
- texlive-plnfss-2021.189.1.1svn15878-150400.17.1 added
- texlive-plstmary-2021.189.0.0.5csvn31088-150400.17.1 added
- texlive-plweb-2021.189.3.0svn15878-150400.17.1 added
- texlive-pm-isomath-2021.189.1.0.07svn56868-150400.17.1 added
- texlive-pmboxdraw-2021.189.1.4svn53046-150400.17.1 added
- texlive-pmgraph-2021.189.1.0svn15878-150400.17.1 added
- texlive-pmhanguljamo-2021.189.0.0.3.4svn54378-150400.17.1 added
- texlive-pmx-2021.189.2.94asvn57672-150400.17.1 added
- texlive-pmxchords-2021.189.2.0.2svn39249-150400.17.1 added
- texlive-pnas2009-2021.189.1.0svn16287-150400.17.1 added
- texlive-poemscol-2021.189.3.1415926svn56082-150400.17.1 added
- texlive-poetry-2021.189.2.2svn53129-150400.17.1 added
- texlive-poetrytex-2021.189.3.0.1svn39921-150400.17.1 added
- texlive-poiretone-2021.189.svn56070-150400.17.1 added
- texlive-poiretone-fonts-2021.189.svn56070-150400.17.1 added
- texlive-polexpr-2021.189.0.0.7.5svn53633-150400.17.1 added
- texlive-polski-2021.189.1.3.4svn44213-150400.17.1 added
- texlive-poltawski-2021.189.1.101svn20075-150400.17.1 added
- texlive-poltawski-fonts-2021.189.1.101svn20075-150400.17.1 added
- texlive-polyglossia-2021.189.1.52svn58444-150400.17.1 added
- texlive-polynom-2021.189.0.0.19svn44832-150400.17.1 added
- texlive-polynomial-2021.189.1.0svn15878-150400.17.1 added
- texlive-polytable-2021.189.0.0.8.6svn55837-150400.17.1 added
- texlive-poormanlog-2021.189.0.0.05svn52080-150400.17.1 added
- texlive-postage-2021.189.1.0svn55920-150400.17.1 added
- texlive-postcards-2021.189.svn21641-150400.17.1 added
- texlive-poster-mac-2021.189.1.1svn18305-150400.17.1 added
- texlive-powerdot-2021.189.1.6svn58730-150400.17.1 added
- texlive-powerdot-fuberlin-2021.189.0.0.02asvn52922-150400.17.1 added
- texlive-powerdot-tuliplab-2021.189.1.0.0svn47963-150400.17.1 added
- texlive-ppr-prv-2021.189.0.0.13csvn15878-150400.17.1 added
- texlive-pracjourn-2021.189.0.0.4nsvn15878-150400.17.1 added
- texlive-practicalreports-2021.189.2.0.3svn52312-150400.17.1 added
- texlive-prelim2e-2021.189.2.00svn57000-150400.17.1 added
- texlive-preprint-2021.189.2011svn30447-150400.17.1 added
- texlive-prerex-2021.189.svn54512-150400.17.1 added
- texlive-present-2021.189.2.2.1svn50048-150400.17.1 added
- texlive-pressrelease-2021.189.1.0svn35147-150400.17.1 added
- texlive-prettyref-2021.189.3.0svn15878-150400.17.1 added
- texlive-preview-2021.189.12.3svn56708-150400.17.1 added
- texlive-prftree-2021.189.1.6svn54080-150400.17.1 added
- texlive-principia-2021.189.1.2svn57902-150400.17.1 added
- texlive-printlen-2021.189.1.1asvn19847-150400.17.1 added
- texlive-proba-2021.189.svn15878-150400.17.1 added
- texlive-probsoln-2021.189.3.05svn44783-150400.17.1 added
- texlive-procIAGssymp-2021.189.svn51771-150400.17.1 added
- texlive-prodint-2021.189.svn21893-150400.17.1 added
- texlive-prodint-fonts-2021.189.svn21893-150400.17.1 added
- texlive-productbox-2021.189.1.1svn20886-150400.17.1 added
- texlive-profcollege-2021.189.0.0.98svn58710-150400.17.1 added
- texlive-program-2021.189.3.3.14svn44214-150400.17.1 added
- texlive-progress-2021.189.1.10svn19519-150400.17.1 added
- texlive-progressbar-2021.189.1.0b_4svn33822-150400.17.1 added
- texlive-proof-at-the-end-2021.189.svn51194-150400.17.1 added
- texlive-proofread-2021.189.1.04svn50938-150400.17.1 added
- texlive-prooftrees-2021.189.0.0.7_svn_8641svn52221-150400.17.1 added
- texlive-properties-2021.189.0.0.2svn15878-150400.17.1 added
- texlive-proposal-2021.189.svn40538-150400.17.1 added
- texlive-prosper-2021.189.1.0hsvn33033-150400.17.1 added
- texlive-protex-2021.189.svn41633-150400.17.1 added
- texlive-protocol-2021.189.1.13svn25562-150400.17.1 added
- texlive-prtec-2021.189.1.06svn51919-150400.17.1 added
- texlive-przechlewski-book-2021.189.svn23552-150400.17.1 added
- texlive-ps2eps-2021.189.1.68svn53559-150400.17.1 added
- texlive-ps2pk-2021.189.svn52851-150400.17.1 added
- texlive-psbao-2021.189.1.0svn55013-150400.17.1 added
- texlive-pseudo-2021.189.1.1.3svn52582-150400.17.1 added
- texlive-pseudocode-2021.189.svn54080-150400.17.1 added
- texlive-psfrag-2021.189.3.04svn15878-150400.17.1 added
- texlive-psfrag-italian-2021.189.svn15878-150400.17.1 added
- texlive-psfragx-2021.189.1.1svn26243-150400.17.1 added
- texlive-psgo-2021.189.0.0.17svn15878-150400.17.1 added
- texlive-psizzl-2021.189.0.0.35svn15878-150400.17.1 added
- texlive-pslatex-2021.189.1.3svn57434-150400.17.1 added
- texlive-psnfss-2021.189.9.3svn54694-150400.17.1 added
- texlive-pspicture-2021.189.svn15878-150400.17.1 added
- texlive-pst-2dplot-2021.189.1.5svn15878-150400.17.1 added
- texlive-pst-3d-2021.189.1.10svn17257-150400.17.1 added
- texlive-pst-3dplot-2021.189.2.06svn56758-150400.17.1 added
- texlive-pst-abspos-2021.189.0.0.2svn15878-150400.17.1 added
- texlive-pst-am-2021.189.1.02svn19591-150400.17.1 added
- texlive-pst-antiprism-2021.189.0.0.02svn46643-150400.17.1 added
- texlive-pst-arrow-2021.189.0.0.01svn41980-150400.17.1 added
- texlive-pst-asr-2021.189.1.3svn22138-150400.17.1 added
- texlive-pst-bar-2021.189.0.0.92svn18734-150400.17.1 added
- texlive-pst-barcode-2021.189.0.0.18svn45096-150400.17.1 added
- texlive-pst-bezier-2021.189.0.0.03svn41981-150400.17.1 added
- texlive-pst-blur-2021.189.2.0svn15878-150400.17.1 added
- texlive-pst-bspline-2021.189.1.62svn40685-150400.17.1 added
- texlive-pst-calculate-2021.189.0.0.02svn49817-150400.17.1 added
- texlive-pst-calendar-2021.189.0.0.47svn15878-150400.17.1 added
- texlive-pst-cie-2021.189.1.06asvn49422-150400.17.1 added
- texlive-pst-circ-2021.189.2.17svn55289-150400.17.1 added
- texlive-pst-coil-2021.189.1.07svn37377-150400.17.1 added
- texlive-pst-contourplot-2021.189.0.0.6svn48230-150400.17.1 added
- texlive-pst-cox-2021.189.0.0.98_betasvn15878-150400.17.1 added
- texlive-pst-dart-2021.189.0.0.02svn46579-150400.17.1 added
- texlive-pst-dbicons-2021.189.0.0.16svn17556-150400.17.1 added
- texlive-pst-diffraction-2021.189.2.03svn15878-150400.17.1 added
- texlive-pst-electricfield-2021.189.0.0.14svn29803-150400.17.1 added
- texlive-pst-eps-2021.189.1.0svn15878-150400.17.1 added
- texlive-pst-eucl-2021.189.1.75svn56474-150400.17.1 added
- texlive-pst-eucl-translation-bg-2021.189.1.3.2svn19296-150400.17.1 added
- texlive-pst-exa-2021.189.0.0.06svn45289-150400.17.1 added
- texlive-pst-feyn-2021.189.0.0.01svn48781-150400.17.1 added
- texlive-pst-fill-2021.189.1.01svn15878-150400.17.1 added
- texlive-pst-fit-2021.189.0.0.02svn45109-150400.17.1 added
- texlive-pst-fr3d-2021.189.1.10svn15878-150400.17.1 added
- texlive-pst-fractal-2021.189.0.0.11asvn54376-150400.17.1 added
- texlive-pst-fun-2021.189.0.0.04svn17909-150400.17.1 added
- texlive-pst-func-2021.189.0.0.95svn55439-150400.17.1 added
- texlive-pst-gantt-2021.189.0.0.22asvn35832-150400.17.1 added
- texlive-pst-geo-2021.189.0.0.06svn46273-150400.17.1 added
- texlive-pst-geometrictools-2021.189.1.1svn45319-150400.17.1 added
- texlive-pst-ghsb-2021.189.svn54074-150400.17.1 added
- texlive-pst-gr3d-2021.189.1.34svn15878-150400.17.1 added
- texlive-pst-grad-2021.189.1.06svn15878-150400.17.1 added
- texlive-pst-graphicx-2021.189.0.0.02svn21717-150400.17.1 added
- texlive-pst-infixplot-2021.189.0.0.11svn15878-150400.17.1 added
- texlive-pst-intersect-2021.189.0.0.4svn33210-150400.17.1 added
- texlive-pst-jtree-2021.189.2.6svn20946-150400.17.1 added
- texlive-pst-knot-2021.189.0.0.2svn16033-150400.17.1 added
- texlive-pst-labo-2021.189.2.04svn39077-150400.17.1 added
- texlive-pst-layout-2021.189.0.0.95svn29803-150400.17.1 added
- texlive-pst-lens-2021.189.1.02svn15878-150400.17.1 added
- texlive-pst-light3d-2021.189.0.0.12svn15878-150400.17.1 added
- texlive-pst-lsystem-2021.189.0.0.02svn49556-150400.17.1 added
- texlive-pst-magneticfield-2021.189.1.16svn49780-150400.17.1 added
- texlive-pst-marble-2021.189.1.6svn50925-150400.17.1 added
- texlive-pst-math-2021.189.0.0.65svn49425-150400.17.1 added
- texlive-pst-mirror-2021.189.1.01svn32997-150400.17.1 added
- texlive-pst-moire-2021.189.2.1svn49223-150400.17.1 added
- texlive-pst-node-2021.189.1.42asvn54687-150400.17.1 added
- texlive-pst-ob3d-2021.189.0.0.22svn54514-150400.17.1 added
- texlive-pst-ode-2021.189.0.0.15svn58293-150400.17.1 added
- texlive-pst-optexp-2021.189.6.0svn57977-150400.17.1 added
- texlive-pst-optic-2021.189.1.02svn41999-150400.17.1 added
- texlive-pst-osci-2021.189.2.82svn15878-150400.17.1 added
- texlive-pst-ovl-2021.189.0.0.07bsvn54963-150400.17.1 added
- texlive-pst-pad-2021.189.0.0.3bsvn15878-150400.17.1 added
- texlive-pst-pdf-2021.189.1.2fsvn56622-150400.17.1 added
- texlive-pst-pdgr-2021.189.0.0.4svn45875-150400.17.1 added
- texlive-pst-perspective-2021.189.1.05svn39585-150400.17.1 added
- texlive-pst-platon-2021.189.0.0.01svn16538-150400.17.1 added
- texlive-pst-plot-2021.189.1.92svn54080-150400.17.1 added
- texlive-pst-poker-2021.189.0.0.03asvn53482-150400.17.1 added
- texlive-pst-poly-2021.189.1.63svn35062-150400.17.1 added
- texlive-pst-pulley-2021.189.0.0.02svn45316-150400.17.1 added
- texlive-pst-qtree-2021.189.svn15878-150400.17.1 added
- texlive-pst-rputover-2021.189.1.0svn44724-150400.17.1 added
- texlive-pst-rubans-2021.189.1.2svn23464-150400.17.1 added
- texlive-pst-shell-2021.189.0.0.03svn56070-150400.17.1 added
- texlive-pst-sigsys-2021.189.1.4svn21667-150400.17.1 added
- texlive-pst-slpe-2021.189.1.31svn24391-150400.17.1 added
- texlive-pst-solarsystem-2021.189.0.0.13svn45097-150400.17.1 added
- texlive-pst-solides3d-2021.189.4.34asvn49520-150400.17.1 added
- texlive-pst-soroban-2021.189.1.0svn15878-150400.17.1 added
- texlive-pst-spectra-2021.189.0.0.91svn15878-150400.17.1 added
- texlive-pst-spinner-2021.189.1.02svn54080-150400.17.1 added
- texlive-pst-stru-2021.189.0.0.13svn38613-150400.17.1 added
- texlive-pst-support-2021.189.svn15878-150400.17.1 added
- texlive-pst-text-2021.189.1.02svn49542-150400.17.1 added
- texlive-pst-thick-2021.189.1.0svn16369-150400.17.1 added
- texlive-pst-tools-2021.189.0.0.10svn54518-150400.17.1 added
- texlive-pst-tree-2021.189.1.13svn43272-150400.17.1 added
- texlive-pst-turtle-2021.189.0.0.02svn52261-150400.17.1 added
- texlive-pst-tvz-2021.189.1.01svn23451-150400.17.1 added
- texlive-pst-uml-2021.189.0.0.83svn15878-150400.17.1 added
- texlive-pst-vectorian-2021.189.0.0.4svn28801-150400.17.1 added
- texlive-pst-vehicle-2021.189.1.2svn45320-150400.17.1 added
- texlive-pst-venn-2021.189.0.0.01svn49316-150400.17.1 added
- texlive-pst-vowel-2021.189.1.0svn25228-150400.17.1 added
- texlive-pst2pdf-2021.189.0.0.20svn56172-150400.17.1 added
- texlive-pstool-2021.189.1.5esvn46393-150400.17.1 added
- texlive-pstricks-2021.189.3.01asvn58731-150400.17.1 added
- texlive-pstricks-add-2021.189.3.89asvn53763-150400.17.1 added
- texlive-pstricks_calcnotes-2021.189.1.2svn34363-150400.17.1 added
- texlive-pstring-2021.189.svn42857-150400.17.1 added
- texlive-ptex-2021.189.svn57972-150400.17.1 added
- texlive-ptex-base-2021.189.svn56487-150400.17.1 added
- texlive-ptex-fontmaps-2021.189.20201227.0svn57239-150400.17.1 added
- texlive-ptex-fonts-2021.189.svn46940-150400.17.1 added
- texlive-ptex-manual-2021.189.svn57128-150400.17.1 added
- texlive-ptex2pdf-2021.189.20200520.0svn58632-150400.17.1 added
- texlive-ptext-2021.189.1.1svn30171-150400.17.1 added
- texlive-ptolemaicastronomy-2021.189.1.0svn50810-150400.17.1 added
- texlive-ptptex-2021.189.0.0.91svn19440-150400.17.1 added
- texlive-punk-2021.189.svn27388-150400.17.1 added
- texlive-punk-latex-2021.189.1.1svn27389-150400.17.1 added
- texlive-punknova-2021.189.1.003svn24649-150400.17.1 added
- texlive-punknova-fonts-2021.189.1.003svn24649-150400.17.1 added
- texlive-purifyeps-2021.189.1.1svn29725-150400.17.1 added
- texlive-puyotikz-2021.189.1.0.1svn57254-150400.17.1 added
- texlive-pwebmac-2021.189.4.6.2svn58478-150400.17.1 added
- texlive-pxbase-2021.189.1.1bsvn44756-150400.17.1 added
- texlive-pxchfon-2021.189.1.7esvn56537-150400.17.1 added
- texlive-pxcjkcat-2021.189.1.1svn47266-150400.17.1 added
- texlive-pxfonts-2021.189.svn15878-150400.17.1 added
- texlive-pxfonts-fonts-2021.189.svn15878-150400.17.1 added
- texlive-pxgreeks-2021.189.1.0svn21838-150400.17.1 added
- texlive-pxjahyper-2021.189.0.0.7bsvn57950-150400.17.1 added
- texlive-pxjodel-2021.189.0.0.3svn55006-150400.17.1 added
- texlive-pxpgfmark-2021.189.0.0.2svn30212-150400.17.1 added
- texlive-pxpic-2021.189.1.2svn57445-150400.17.1 added
- texlive-pxrubrica-2021.189.1.3dsvn58168-150400.17.1 added
- texlive-pxtatescale-2021.189.0.0.4svn43009-150400.17.1 added
- texlive-pxtxalfa-2021.189.1svn54080-150400.17.1 added
- texlive-pxufont-2021.189.0.0.6svn53733-150400.17.1 added
- texlive-pygmentex-2021.189.0.0.10svn57190-150400.17.1 added
- texlive-python-2021.189.0.0.21svn27064-150400.17.1 added
- texlive-pythonhighlight-2021.189.svn43191-150400.17.1 added
- texlive-pythontex-2021.189.0.0.17svn52174-150400.17.1 added
- texlive-qcircuit-2021.189.2.6.0svn48400-150400.17.1 added
- texlive-qcm-2021.189.2.1svn15878-150400.17.1 added
- texlive-qobitree-2021.189.svn15878-150400.17.1 added
- texlive-qpxqtx-2021.189.svn45797-150400.17.1 added
- texlive-qrbill-2021.189.1.02svn56190-150400.17.1 added
- texlive-qrcode-2021.189.1.51svn36065-150400.17.1 added
- texlive-qsharp-2021.189.0.0.3.1901.1401svn49722-150400.17.1 added
- texlive-qstest-2021.189.svn15878-150400.17.1 added
- texlive-qsymbols-2021.189.svn15878-150400.17.1 added
- texlive-qtree-2021.189.3.1bsvn15878-150400.17.1 added
- texlive-qualitype-2021.189.svn54512-150400.17.1 added
- texlive-qualitype-fonts-2021.189.svn54512-150400.17.1 added
- texlive-quantikz-2021.189.0.0.9.6svn54911-150400.17.1 added
- texlive-quantumarticle-2021.189.5.1svn56862-150400.17.1 added
- texlive-quattrocento-2021.189.svn56020-150400.17.1 added
- texlive-quattrocento-fonts-2021.189.svn56020-150400.17.1 added
- texlive-quicktype-2021.189.0.0.1svn42183-150400.17.1 added
- texlive-quiz2socrative-2021.189.1.0svn52276-150400.17.1 added
- texlive-quotchap-2021.189.1.3svn56926-150400.17.1 added
- texlive-quoting-2021.189.0.0.1csvn32818-150400.17.1 added
- texlive-quotmark-2021.189.1.0svn15878-150400.17.1 added
- texlive-quran-2021.189.1.81svn57601-150400.17.1 added
- texlive-quran-bn-2021.189.0.0.1svn57602-150400.17.1 added
- texlive-quran-de-2021.189.0.0.2svn54191-150400.17.1 added
- texlive-quran-ur-2021.189.0.0.21svn57597-150400.17.1 added
- texlive-qyxf-book-2021.189.3.1.0svn56319-150400.17.1 added
- texlive-r_und_s-2021.189.1.3isvn15878-150400.17.1 added
- texlive-ragged2e-2021.189.3.0svn57638-150400.17.1 added
- texlive-raleway-2021.189.1.4svn42629-150400.17.1 added
- texlive-raleway-fonts-2021.189.1.4svn42629-150400.17.1 added
- texlive-ran_toks-2021.189.svn57520-150400.17.1 added
- texlive-randbild-2021.189.0.0.2svn15878-150400.17.1 added
- texlive-random-2021.189.0.0.2svn54723-150400.17.1 added
- texlive-randomlist-2021.189.1.3svn45281-150400.17.1 added
- texlive-randomwalk-2021.189.0.0.6svn49513-150400.17.1 added
- texlive-randtext-2021.189.svn15878-150400.17.1 added
- texlive-rank-2-roots-2021.189.1.0svn48515-150400.17.1 added
- texlive-rccol-2021.189.1.2csvn15878-150400.17.1 added
- texlive-rcs-2021.189.svn15878-150400.17.1 added
- texlive-rcs-multi-2021.189.0.0.1asvn56291-150400.17.1 added
- texlive-rcsinfo-2021.189.1.11svn15878-150400.17.1 added
- texlive-readablecv-2021.189.3.0svn57433-150400.17.1 added
- texlive-readarray-2021.189.2.0svn42467-150400.17.1 added
- texlive-realboxes-2021.189.0.0.2svn56291-150400.17.1 added
- texlive-realhats-2021.189.5.0svn52865-150400.17.1 added
- texlive-realscripts-2021.189.0.0.3dsvn56594-150400.17.1 added
- texlive-realtranspose-2021.189.1.1svn56623-150400.17.1 added
- texlive-rec-thy-2021.189.3.7svn58732-150400.17.1 added
- texlive-recipe-2021.189.0.0.9svn54080-150400.17.1 added
- texlive-recipebook-2021.189.svn37026-150400.17.1 added
- texlive-recipecard-2021.189.2.0svn15878-150400.17.1 added
- texlive-rectopma-2021.189.svn19980-150400.17.1 added
- texlive-recycle-2021.189.svn15878-150400.17.1 added
- texlive-recycle-fonts-2021.189.svn15878-150400.17.1 added
- texlive-refcheck-2021.189.1.9.1svn29128-150400.17.1 added
- texlive-refcount-2021.189.3.6svn53164-150400.17.1 added
- texlive-refenums-2021.189.1.1.2svn44131-150400.17.1 added
- texlive-reflectgraphics-2021.189.0.0.2csvn40612-150400.17.1 added
- texlive-refman-2021.189.2.0esvn15878-150400.17.1 added
- texlive-refstyle-2021.189.0.0.5svn20318-150400.17.1 added
- texlive-regcount-2021.189.1.0svn19979-150400.17.1 added
- texlive-regexpatch-2021.189.0.0.2fsvn58668-150400.17.1 added
- texlive-register-2021.189.2.0svn54485-150400.17.1 added
- texlive-regstats-2021.189.1.0hsvn25050-150400.17.1 added
- texlive-reledmac-2021.189.2.37.2svn58763-150400.17.1 added
- texlive-relenc-2021.189.svn22050-150400.17.1 added
- texlive-relsize-2021.189.4.1svn30707-150400.17.1 added
- texlive-reotex-2021.189.1.1svn34924-150400.17.1 added
- texlive-repeatindex-2021.189.0.0.01svn24305-150400.17.1 added
- texlive-repere-2021.189.19.06svn51363-150400.17.1 added
- texlive-repltext-2021.189.1.1svn56433-150400.17.1 added
- texlive-rerunfilecheck-2021.189.1.9svn54841-150400.17.1 added
- texlive-resphilosophica-2021.189.1.35svn50935-150400.17.1 added
- texlive-rest-api-2021.189.1.4svn57068-150400.17.1 added
- texlive-resumecls-2021.189.0.0.4.1svn54815-150400.17.1 added
- texlive-resumemac-2021.189.svn15878-150400.17.1 added
- texlive-returntogrid-2021.189.0.0.2svn48485-150400.17.1 added
- texlive-reverxii-2021.189.svn24976-150400.17.1 added
- texlive-revquantum-2021.189.0.0.11svn43505-150400.17.1 added
- texlive-revtex-2021.189.4.2esvn56591-150400.17.1 added
- texlive-revtex4-1-2021.189.4.1ssvn56590-150400.17.1 added
- texlive-revtex4-2021.189.4.0asvn56589-150400.17.1 added
- texlive-rgltxdoc-2021.189.1.3svn53858-150400.17.1 added
- texlive-ribbonproofs-2021.189.1.0svn31137-150400.17.1 added
- texlive-rjlparshap-2021.189.1.0svn15878-150400.17.1 added
- texlive-rlepsf-2021.189.svn19082-150400.17.1 added
- texlive-rmathbr-2021.189.1.1.1svn57173-150400.17.1 added
- texlive-rmpage-2021.189.0.0.92svn54080-150400.17.1 added
- texlive-roboto-2021.189.svn54512-150400.17.1 added
- texlive-roboto-fonts-2021.189.svn54512-150400.17.1 added
- texlive-robustcommand-2021.189.0.0.1svn15878-150400.17.1 added
- texlive-robustindex-2021.189.svn49877-150400.17.1 added
- texlive-roex-2021.189.svn45818-150400.17.1 added
- texlive-rojud-2021.189.1.2svn56895-150400.17.1 added
- texlive-rojud-fonts-2021.189.1.2svn56895-150400.17.1 added
- texlive-romanbar-2021.189.1.0fsvn25005-150400.17.1 added
- texlive-romanbarpagenumber-2021.189.1.0svn36236-150400.17.1 added
- texlive-romande-2021.189.1.008_v7_scsvn19537-150400.17.1 added
- texlive-romande-fonts-2021.189.1.008_v7_scsvn19537-150400.17.1 added
- texlive-romanneg-2021.189.svn20087-150400.17.1 added
- texlive-romannum-2021.189.1.0bsvn15878-150400.17.1 added
- texlive-rosario-2021.189.2.1svn51688-150400.17.1 added
- texlive-rosario-fonts-2021.189.2.1svn51688-150400.17.1 added
- texlive-rotfloat-2021.189.1.2svn18292-150400.17.1 added
- texlive-rotpages-2021.189.3.0svn18740-150400.17.1 added
- texlive-roundbox-2021.189.0.0.2svn29675-150400.17.1 added
- texlive-roundrect-2021.189.2.2svn39796-150400.17.1 added
- texlive-rrgtrees-2021.189.1.1svn27322-150400.17.1 added
- texlive-rsc-2021.189.3.1fsvn41923-150400.17.1 added
- texlive-rsfs-2021.189.svn15878-150400.17.1 added
- texlive-rsfs-fonts-2021.189.svn15878-150400.17.1 added
- texlive-rsfso-2021.189.1.02svn37965-150400.17.1 added
- texlive-rterface-2021.189.svn30084-150400.17.1 added
- texlive-rtkinenc-2021.189.1.0svn20003-150400.17.1 added
- texlive-rtklage-2021.189.svn15878-150400.17.1 added
- texlive-rubik-2021.189.5.0svn46791-150400.17.1 added
- texlive-ruhyphen-2021.189.1.6svn21081-150400.17.1 added
- texlive-ruler-2021.189.1.1svn54251-150400.17.1 added
- texlive-rulerbox-2021.189.1.01svn50984-150400.17.1 added
- texlive-rulercompass-2021.189.1svn32392-150400.17.1 added
- texlive-runcode-2021.189.1.0svn56594-150400.17.1 added
- texlive-russ-2021.189.svn25209-150400.17.1 added
- texlive-rutitlepage-2021.189.2.3svn51073-150400.17.1 added
- texlive-rviewport-2021.189.1.0svn23739-150400.17.1 added
- texlive-rvwrite-2021.189.1.2svn19614-150400.17.1 added
- texlive-ryersonsgsthesis-2021.189.1.0.3svn50119-150400.17.1 added
- texlive-ryethesis-2021.189.1.36svn33945-150400.17.1 added
- texlive-sa-tikz-2021.189.0.0.7asvn32815-150400.17.1 added
- texlive-sageep-2021.189.1.0svn15878-150400.17.1 added
- texlive-sanitize-umlaut-2021.189.1.10svn53292-150400.17.1 added
- texlive-sankey-2021.189.3.0svn58661-150400.17.1 added
- texlive-sanskrit-2021.189.2.2.1svn55475-150400.17.1 added
- texlive-sanskrit-t1-2021.189.svn55475-150400.17.1 added
- texlive-sanskrit-t1-fonts-2021.189.svn55475-150400.17.1 added
- texlive-sansmath-2021.189.1.1svn17997-150400.17.1 added
- texlive-sansmathaccent-2021.189.svn53628-150400.17.1 added
- texlive-sansmathfonts-2021.189.svn51356-150400.17.1 added
- texlive-sansmathfonts-fonts-2021.189.svn51356-150400.17.1 added
- texlive-sapthesis-2021.189.4.1svn48365-150400.17.1 added
- texlive-sasnrdisplay-2021.189.0.0.95svn45963-150400.17.1 added
- texlive-sauerj-2021.189.svn15878-150400.17.1 added
- texlive-sauter-2021.189.2.4svn13293-150400.17.1 added
- texlive-sauterfonts-2021.189.svn15878-150400.17.1 added
- texlive-savefnmark-2021.189.1.0svn15878-150400.17.1 added
- texlive-savesym-2021.189.1.2svn31565-150400.17.1 added
- texlive-savetrees-2021.189.2.4svn40525-150400.17.1 added
- texlive-scale-2021.189.1.1.2svn15878-150400.17.1 added
- texlive-scalebar-2021.189.1.0svn15878-150400.17.1 added
- texlive-scalerel-2021.189.1.8svn42809-150400.17.1 added
- texlive-scanpages-2021.189.1.05asvn42633-150400.17.1 added
- texlive-scanpages-fonts-2021.189.1.05asvn42633-150400.17.1 added
- texlive-schedule-2021.189.1.20svn51805-150400.17.1 added
- texlive-schemabloc-2021.189.1.5svn58212-150400.17.1 added
- texlive-schemata-2021.189.1.4svn58020-150400.17.1 added
- texlive-scheme-basic-2021.185.svn54191-150400.19.4 added
- texlive-scheme-context-2021.185.svn54074-150400.19.4 added
- texlive-scheme-full-2021.185.svn54074-150400.19.4 added
- texlive-scheme-gust-2021.185.svn54074-150400.19.4 added
- texlive-scheme-infraonly-2021.185.svn54191-150400.19.4 added
- texlive-scheme-medium-2021.185.svn54074-150400.19.4 added
- texlive-scheme-minimal-2021.185.svn54191-150400.19.4 added
- texlive-scheme-small-2021.185.svn54191-150400.19.4 added
- texlive-scheme-tetex-2021.185.svn54074-150400.19.4 added
- texlive-scholax-2021.189.1.030svn58733-150400.17.1 added
- texlive-scholax-fonts-2021.189.1.030svn58733-150400.17.1 added
- texlive-schooldocs-2021.189.1.0svn55838-150400.17.1 added
- texlive-schule-2021.189.0.0.8.2svn56683-150400.17.1 added
- texlive-schulmathematik-2021.189.1.1svn58359-150400.17.1 added
- texlive-schulschriften-2021.189.4svn35730-150400.17.1 added
- texlive-schwalbe-chess-2021.189.2.7svn53305-150400.17.1 added
- texlive-scientific-thesis-cover-2021.189.4.0.2svn47923-150400.17.1 added
- texlive-sciposter-2021.189.1.18svn15878-150400.17.1 added
- texlive-sclang-prettifier-2021.189.0.0.1svn35087-150400.17.1 added
- texlive-scontents-2021.189.1.9svn53504-150400.17.1 added
- texlive-scratch-2021.189.0.0.41svn50073-150400.17.1 added
- texlive-scratch3-2021.189.0.0.18svn56258-150400.17.1 added
- texlive-scratchx-2021.189.1.1svn44906-150400.17.1 added
- texlive-screenplay-2021.189.1.6svn27223-150400.17.1 added
- texlive-screenplay-pkg-2021.189.1.1svn44965-150400.17.1 added
- texlive-scripts-2021.189.svn58742-150400.18.1 added
- texlive-scripts-extra-2021.189.svn54744-150400.18.1 added
- texlive-scrjrnl-2021.189.0.0.1svn27810-150400.17.1 added
- texlive-scrlayer-fancyhdr-2021.189.0.0.2.1svn58746-150400.17.1 added
- texlive-scrlttr2copy-2021.189.0.0.3asvn56733-150400.17.1 added
- texlive-scsnowman-2021.189.1.2dsvn54080-150400.17.1 added
- texlive-sdaps-2021.189.1.9.8svn54678-150400.17.1 added
- texlive-sdrt-2021.189.1.0svn15878-150400.17.1 added
- texlive-sduthesis-2021.189.1.2.1svn41401-150400.17.1 added
- texlive-secdot-2021.189.1.0svn20208-150400.17.1 added
- texlive-secnum-2021.189.svn53657-150400.17.1 added
- texlive-section-2021.189.svn20180-150400.17.1 added
- texlive-sectionbox-2021.189.1.01svn37749-150400.17.1 added
- texlive-sectionbreak-2021.189.0.0.1dsvn50339-150400.17.1 added
- texlive-sectsty-2021.189.2.0.2svn15878-150400.17.1 added
- texlive-seealso-2021.189.1.2svn43595-150400.17.1 added
- texlive-seetexk-2021.189.svn57972-150400.17.1 added
- texlive-selectp-2021.189.1.0svn20185-150400.17.1 added
- texlive-selinput-2021.189.1.6svn53098-150400.17.1 added
- texlive-selnolig-2021.189.0.0.302svn38721-150400.17.1 added
- texlive-semantex-2021.189.0.0.463svn56863-150400.17.1 added
- texlive-semantic-2021.189.2.0svn15878-150400.17.1 added
- texlive-semantic-markup-2021.189.svn53607-150400.17.1 added
- texlive-semaphor-2021.189.svn18651-150400.17.1 added
- texlive-semaphor-fonts-2021.189.svn18651-150400.17.1 added
- texlive-semesterplanner-2021.189.1.0svn56841-150400.17.1 added
- texlive-seminar-2021.189.1.62svn34011-150400.17.1 added
- texlive-semioneside-2021.189.0.0.41svn15878-150400.17.1 added
- texlive-semproc-2021.189.0.0.1svn37568-150400.17.1 added
- texlive-semtex-2021.189.0.0.45svn56530-150400.17.1 added
- texlive-sepfootnotes-2021.189.0.0.3csvn41732-150400.17.1 added
- texlive-sepnum-2021.189.2.0svn20186-150400.17.1 added
- texlive-seqsplit-2021.189.0.0.1svn15878-150400.17.1 added
- texlive-serbian-apostrophe-2021.189.svn23799-150400.17.1 added
- texlive-serbian-date-lat-2021.189.svn23446-150400.17.1 added
- texlive-serbian-def-cyr-2021.189.svn23734-150400.17.1 added
- texlive-serbian-lig-2021.189.svn53127-150400.17.1 added
- texlive-sesamanuel-2021.189.0.0.6svn36613-150400.17.1 added
- texlive-sesstime-2021.189.1.12svn49750-150400.17.1 added
- texlive-setdeck-2021.189.0.0.1svn40613-150400.17.1 added
- texlive-setspace-2021.189.6.7asvn24881-150400.17.1 added
- texlive-seuthesis-2021.189.2.1.2svn33042-150400.17.1 added
- texlive-seuthesix-2021.189.1.0.1svn40088-150400.17.1 added
- texlive-sexam-2021.189.1svn46628-150400.17.1 added
- texlive-sf298-2021.189.1.3svn41653-150400.17.1 added
- texlive-sffms-2021.189.2.0svn15878-150400.17.1 added
- texlive-sfg-2021.189.0.0.91svn20209-150400.17.1 added
- texlive-sfmath-2021.189.0.0.8svn15878-150400.17.1 added
- texlive-sgame-2021.189.2.15svn30959-150400.17.1 added
- texlive-shade-2021.189.1svn22212-150400.17.1 added
- texlive-shadethm-2021.189.svn53350-150400.17.1 added
- texlive-shadow-2021.189.svn20312-150400.17.1 added
- texlive-shadowtext-2021.189.0.0.3svn26522-150400.17.1 added
- texlive-shapepar-2021.189.2.2svn30708-150400.17.1 added
- texlive-shapes-2021.189.1.1svn42428-150400.17.1 added
- texlive-shdoc-2021.189.2.1bsvn41991-150400.17.1 added
- texlive-shipunov-2021.189.1.2svn52334-150400.17.1 added
- texlive-shobhika-2021.189.1.05svn50555-150400.17.1 added
- texlive-shobhika-fonts-2021.189.1.05svn50555-150400.17.1 added
- texlive-short-math-guide-2021.189.2.0svn46126-150400.17.1 added
- texlive-shortmathj-2021.189.0.0.5.0svn54407-150400.17.1 added
- texlive-shorttoc-2021.189.1.3svn15878-150400.17.1 added
- texlive-show2e-2021.189.1.0svn15878-150400.17.1 added
- texlive-showcharinbox-2021.189.0.0.1svn29803-150400.17.1 added
- texlive-showdim-2021.189.1.2svn28918-150400.17.1 added
- texlive-showexpl-2021.189.0.0.3ssvn57414-150400.17.1 added
- texlive-showhyphens-2021.189.0.0.5csvn39787-150400.17.1 added
- texlive-showlabels-2021.189.1.8svn41322-150400.17.1 added
- texlive-showtags-2021.189.1.05svn20336-150400.17.1 added
- texlive-shtthesis-2021.189.0.0.3.2svn57740-150400.17.1 added
- texlive-shuffle-2021.189.1.0svn15878-150400.17.1 added
- texlive-sidecap-2021.189.1.6fsvn15878-150400.17.1 added
- texlive-sidenotes-2021.189.1.00asvn54524-150400.17.1 added
- texlive-sides-2021.189.svn15878-150400.17.1 added
- texlive-signchart-2021.189.1.01svn39707-150400.17.1 added
- texlive-silence-2021.189.1.5bsvn27028-150400.17.1 added
- texlive-simple-resume-cv-2021.189.svn43057-150400.17.1 added
- texlive-simple-thesis-dissertation-2021.189.svn43058-150400.17.1 added
- texlive-simplebnf-2021.189.0.0.2.0svn56761-150400.17.1 added
- texlive-simplecd-2021.189.1.4svn29260-150400.17.1 added
- texlive-simplecv-2021.189.1.6asvn35537-150400.17.1 added
- texlive-simpleinvoice-2021.189.svn45673-150400.17.1 added
- texlive-simplekv-2021.189.0.0.2svn54915-150400.17.1 added
- texlive-simpleoptics-2021.189.1.1.1svn54080-150400.17.1 added
- texlive-simpler-wick-2021.189.1.0.0svn39074-150400.17.1 added
- texlive-simplewick-2021.189.1.2asvn15878-150400.17.1 added
- texlive-simplified-latex-2021.189.svn20620-150400.16.1 added
- texlive-simplivre-2021.189.svn58414-150400.16.1 added
- texlive-simurgh-2021.189.0.0.01bsvn31719-150400.16.1 added
- texlive-sitem-2021.189.1.0svn22136-150400.16.1 added
- texlive-siunitx-2021.189.2.8csvn58714-150400.16.1 added
- texlive-skak-2021.189.1.5.3svn46259-150400.16.1 added
- texlive-skaknew-2021.189.svn20031-150400.16.1 added
- texlive-skaknew-fonts-2021.189.svn20031-150400.16.1 added
- texlive-skb-2021.189.0.0.52svn22781-150400.16.1 added
- texlive-skdoc-2021.189.1.5dsvn56950-150400.16.1 added
- texlive-skeldoc-2021.189.0.0.1.2svn57922-150400.16.1 added
- texlive-skeycommand-2021.189.0.0.4svn24652-150400.16.1 added
- texlive-skeyval-2021.189.1.3svn30560-150400.16.1 added
- texlive-skills-2021.189.1.0.0svn56734-150400.16.1 added
- texlive-skmath-2021.189.0.0.5asvn52411-150400.16.1 added
- texlive-skrapport-2021.189.0.0.12ksvn52412-150400.16.1 added
- texlive-skull-2021.189.0.0.1svn51907-150400.16.1 added
- texlive-slantsc-2021.189.2.11svn25007-150400.16.1 added
- texlive-slideshow-2021.189.1.0svn15878-150400.16.1 added
- texlive-smalltableof-2021.189.svn20333-150400.16.1 added
- texlive-smartdiagram-2021.189.0.0.3bsvn42781-150400.16.1 added
- texlive-smartref-2021.189.1.9svn20311-150400.16.1 added
- texlive-smartunits-2021.189.1.2svn39592-150400.16.1 added
- texlive-snapshot-2021.189.2.14svn56735-150400.16.1 added
- texlive-snotez-2021.189.0.0.5asvn57147-150400.16.1 added
- texlive-songbook-2021.189.4.5svn18136-150400.16.1 added
- texlive-songs-2021.189.3.1svn51494-150400.16.1 added
- texlive-sort-by-letters-2021.189.svn27128-150400.16.1 added
- texlive-soton-2021.189.0.0.1svn16215-150400.16.1 added
- texlive-soul-2021.189.2.4svn56495-150400.16.1 added
- texlive-soulpos-2021.189.1.1svn52663-150400.16.1 added
- texlive-soulutf8-2021.189.1.2svn53163-150400.16.1 added
- texlive-soup-2021.189.1.0.2svn50815-150400.16.1 added
- texlive-sourcecodepro-2021.189.2.7svn54512-150400.16.1 added
- texlive-sourcecodepro-fonts-2021.189.2.7svn54512-150400.16.1 added
- texlive-sourcesanspro-2021.189.2.8svn54892-150400.16.1 added
- texlive-sourcesanspro-fonts-2021.189.2.8svn54892-150400.16.1 added
- texlive-sourceserifpro-2021.189.1.4svn54512-150400.16.1 added
- texlive-sourceserifpro-fonts-2021.189.1.4svn54512-150400.16.1 added
- texlive-spacingtricks-2021.189.1.3svn56840-150400.16.1 added
- texlive-spalign-2021.189.svn42225-150400.16.1 added
- texlive-spark-otf-2021.189.0.0.05svn51005-150400.16.1 added
- texlive-sparklines-2021.189.1.7svn42821-150400.16.1 added
- texlive-spath3-2021.189.2.4svn57842-150400.16.1 added
- texlive-spectral-2021.189.svn57296-150400.16.1 added
- texlive-spectral-fonts-2021.189.svn57296-150400.16.1 added
- texlive-spectralsequences-2021.189.1.2.2svn50072-150400.16.1 added
- texlive-spelling-2021.189.0.0.41svn30715-150400.16.1 added
- texlive-sphdthesis-2021.189.1.0svn34374-150400.16.1 added
- texlive-spie-2021.189.3.25svn15878-150400.16.1 added
- texlive-spix-2021.189.1.1.0svn55933-150400.16.1 added
- texlive-splines-2021.189.0.0.2svn15878-150400.16.1 added
- texlive-splitbib-2021.189.1.17svn15878-150400.16.1 added
- texlive-splitindex-2021.189.1.2csvn39766-150400.16.1 added
- texlive-spot-2021.189.1.1svn22408-150400.16.1 added
- texlive-spotcolor-2021.189.1.2svn15878-150400.16.1 added
- texlive-spreadtab-2021.189.0.0.5svn50147-150400.16.1 added
- texlive-spverbatim-2021.189.1.0svn15878-150400.16.1 added
- texlive-sr-vorl-2021.189.1.1svn39529-150400.16.1 added
- texlive-srbook-mem-2021.189.svn45818-150400.16.1 added
- texlive-srcltx-2021.189.1.6svn15878-150400.16.1 added
- texlive-srcredact-2021.189.1.0svn38710-150400.16.1 added
- texlive-srdp-mathematik-2021.189.1.9.0svn58734-150400.16.1 added
- texlive-sseq-2021.189.2.01svn31585-150400.16.1 added
- texlive-sslides-2021.189.svn32293-150400.16.1 added
- texlive-stack-2021.189.1.00svn15878-150400.16.1 added
- texlive-stackengine-2021.189.4.01svn53843-150400.16.1 added
- texlive-stage-2021.189.1.01svn53915-150400.16.1 added
- texlive-standalone-2021.189.1.3asvn56291-150400.16.1 added
- texlive-stanli-2021.189.3.0svn54512-150400.16.1 added
- texlive-starfont-2021.189.1.2svn19982-150400.16.1 added
- texlive-starfont-fonts-2021.189.1.2svn19982-150400.16.1 added
- texlive-startex-2021.189.1.04svn35718-150400.16.1 added
- texlive-startlatex2e-2021.189.svn56809-150400.16.1 added
- texlive-statex-2021.189.1.6svn20306-150400.16.1 added
- texlive-statex2-2021.189.2.1svn23961-150400.16.1 added
- texlive-statistics-2021.189.2.2svn52212-150400.16.1 added
- texlive-statistik-2021.189.0.0.03svn20334-150400.16.1 added
- texlive-statmath-2021.189.0.0.1svn46925-150400.16.1 added
- texlive-staves-2021.189.svn15878-150400.16.1 added
- texlive-staves-fonts-2021.189.svn15878-150400.16.1 added
- texlive-stdclsdv-2021.189.1.1asvn15878-150400.16.1 added
- texlive-stdpage-2021.189.0.0.6svn15878-150400.16.1 added
- texlive-stealcaps-2021.189.1.0svn46434-150400.16.1 added
- texlive-steinmetz-2021.189.1.0svn15878-150400.16.1 added
- texlive-stellenbosch-2021.189.11asvn36696-150400.16.1 added
- texlive-step-2021.189.2.0.5svn57307-150400.16.1 added
- texlive-step-fonts-2021.189.2.0.5svn57307-150400.16.1 added
- texlive-stepgreek-2021.189.3.0b1svn57074-150400.16.1 added
- texlive-stepgreek-fonts-2021.189.3.0b1svn57074-150400.16.1 added
- texlive-stex-2021.189.svn50489-150400.16.1 added
- texlive-stickstoo-2021.189.1.034svn57193-150400.16.1 added
- texlive-stickstoo-fonts-2021.189.1.034svn57193-150400.16.1 added
- texlive-stix-2021.189.1.1.3svn54512-150400.16.1 added
- texlive-stix-fonts-2021.189.1.1.3svn54512-150400.16.1 added
- texlive-stix2-otf-2021.189.2.12svn58735-150400.16.1 added
- texlive-stix2-otf-fonts-2021.189.2.12svn58735-150400.16.1 added
- texlive-stix2-type1-2021.189.2.0.2svn57448-150400.16.1 added
- texlive-stix2-type1-fonts-2021.189.2.0.2svn57448-150400.16.1 added
- texlive-stmaryrd-2021.189.svn22027-150400.16.1 added
- texlive-stmaryrd-fonts-2021.189.svn22027-150400.16.1 added
- texlive-storebox-2021.189.1.3asvn56291-150400.16.1 added
- texlive-storecmd-2021.189.0.0.0.2svn24431-150400.16.1 added
- texlive-stricttex-2021.189.0.0.2betasvn56320-150400.16.1 added
- texlive-stringenc-2021.189.1.12svn52982-150400.16.1 added
- texlive-stringstrings-2021.189.1.24svn57097-150400.16.1 added
- texlive-structmech-2021.189.1.0svn47859-150400.16.1 added
- texlive-struktex-2021.189.2.3c_0_g7d3fc5bsvn47931-150400.16.1 added
- texlive-sttools-2021.189.2.1svn56774-150400.16.1 added
- texlive-stubs-2021.189.0.0.1.1svn19440-150400.16.1 added
- texlive-studenthandouts-2021.189.1.0svn43516-150400.16.1 added
- texlive-sty2dtx-2021.189.2.3svn56291-150400.16.1 added
- texlive-suanpan-2021.189.svn15878-150400.16.1 added
- texlive-subdepth-2021.189.0.0.1svn15878-150400.16.1 added
- texlive-subdocs-2021.189.0.0.1svn51480-150400.16.1 added
- texlive-subeqn-2021.189.2.0bsvn15878-150400.16.1 added
- texlive-subeqnarray-2021.189.2.1csvn15878-150400.16.1 added
- texlive-subfig-2021.189.1.3svn15878-150400.16.1 added
- texlive-subfigmat-2021.189.1.0svn20308-150400.16.1 added
- texlive-subfigure-2021.189.2.1.5svn15878-150400.16.1 added
- texlive-subfiles-2021.189.2.2svn56977-150400.16.1 added
- texlive-subfloat-2021.189.2.14svn29349-150400.16.1 added
- texlive-substances-2021.189.0.0.2asvn40989-150400.16.1 added
- texlive-substitutefont-2021.189.0.0.1.4svn32066-150400.16.1 added
- texlive-substr-2021.189.1.2svn16117-150400.16.1 added
- texlive-subsupscripts-2021.189.1.0svn16080-150400.16.1 added
- texlive-subtext-2021.189.1.1svn51273-150400.16.1 added
- texlive-sudoku-2021.189.1.0svn15878-150400.16.1 added
- texlive-sudokubundle-2021.189.1.0asvn15878-150400.16.1 added
- texlive-suftesi-2021.189.3.0.2svn57650-150400.16.1 added
- texlive-sugconf-2021.189.svn58752-150400.16.1 added
- texlive-superiors-2021.189.1.06svn51909-150400.16.1 added
- texlive-superiors-fonts-2021.189.1.06svn51909-150400.16.1 added
- texlive-supertabular-2021.189.4.1gsvn53658-150400.16.1 added
- texlive-suppose-2021.189.1.2svn58736-150400.16.1 added
- texlive-susy-2021.189.svn19440-150400.16.1 added
- texlive-svg-2021.189.2.02ksvn57010-150400.16.1 added
- texlive-svg-inkscape-2021.189.svn32199-150400.16.1 added
- texlive-svgcolor-2021.189.1.0svn15878-150400.16.1 added
- texlive-svn-2021.189.43svn15878-150400.16.1 added
- texlive-svn-multi-2021.189.2.4dsvn56291-150400.16.1 added
- texlive-svn-prov-2021.189.3.1862svn56291-150400.16.1 added
- texlive-svninfo-2021.189.0.0.7.4svn17554-150400.16.1 added
- texlive-svrsymbols-2021.189.2.0bsvn50019-150400.16.1 added
- texlive-svrsymbols-fonts-2021.189.2.0bsvn50019-150400.16.1 added
- texlive-swebib-2021.189.svn15878-150400.16.1 added
- texlive-swfigure-2021.189.0.0.9.18svn57213-150400.16.1 added
- texlive-swimgraf-2021.189.svn25446-150400.16.1 added
- texlive-swrule-2021.189.svn54267-150400.16.1 added
- texlive-syllogism-2021.189.1.2svn15878-150400.16.1 added
- texlive-symbol-2021.189.svn31835-150400.16.1 added
- texlive-symbol-fonts-2021.189.svn31835-150400.16.1 added
- texlive-synctex-2021.189.svn54074-150400.16.1 added
- texlive-synproof-2021.189.1.0svn15878-150400.16.1 added
- texlive-syntax-2021.189.svn15878-150400.16.1 added
- texlive-syntaxdi-2021.189.0.0.8.2svn56685-150400.16.1 added
- texlive-syntrace-2021.189.1.1svn15878-150400.16.1 added
- texlive-synttree-2021.189.1.4.2svn16252-150400.16.1 added
- texlive-systeme-2021.189.0.0.34svn55015-150400.16.1 added
- texlive-t-angles-2021.189.svn15878-150400.16.1 added
- texlive-t2-2021.189.svn47870-150400.16.1 added
- texlive-tabfigures-2021.189.1.1svn25202-150400.16.1 added
- texlive-table-fct-2021.189.1.1svn41849-150400.16.1 added
- texlive-tableaux-2021.189.svn42413-150400.16.1 added
- texlive-tablefootnote-2021.189.1.1csvn32804-150400.16.1 added
- texlive-tableof-2021.189.1.4bsvn48815-150400.16.1 added
- texlive-tablestyles-2021.189.0.0.1svn34495-150400.16.1 added
- texlive-tablists-2021.189.0.0.0esvn15878-150400.18.1 added
- texlive-tablor-2021.189.4.07_gsvn31855-150400.18.1 added
- texlive-tabls-2021.189.3.5svn17255-150400.18.1 added
- texlive-tablvar-2021.189.1.2svn51543-150400.18.1 added
- texlive-tabriz-thesis-2021.189.1.1svn51729-150400.18.1 added
- texlive-tabstackengine-2021.189.2.10svn46848-150400.18.1 added
- texlive-tabto-generic-2021.189.svn15878-150400.18.1 added
- texlive-tabto-ltx-2021.189.1.4svn54080-150400.18.1 added
- texlive-tabu-2021.189.2.9svn56615-150400.18.1 added
- texlive-tabularborder-2021.189.1.0asvn17885-150400.18.1 added
- texlive-tabularcalc-2021.189.0.0.2svn15878-150400.18.1 added
- texlive-tabularew-2021.189.0.0.1svn15878-150400.18.1 added
- texlive-tabulary-2021.189.0.0.10svn34368-150400.18.1 added
- texlive-tabvar-2021.189.1.7svn28908-150400.18.1 added
- texlive-tabvar-fonts-2021.189.1.7svn28908-150400.18.1 added
- texlive-tagging-2021.189.1.1.0.1svn52064-150400.18.1 added
- texlive-tagpair-2021.189.1.1svn42138-150400.18.1 added
- texlive-tagpdf-2021.189.0.0.80svn57954-150400.18.1 added
- texlive-talk-2021.189.1.1svn42428-150400.18.1 added
- texlive-tamefloats-2021.189.0.0.42svn27345-150400.18.1 added
- texlive-tamethebeast-2021.189.1.4svn15878-150400.18.1 added
- texlive-tap-2021.189.0.0.77svn31731-150400.18.1 added
- texlive-tapir-2021.189.0.0.2svn20484-150400.18.1 added
- texlive-tapir-fonts-2021.189.0.0.2svn20484-150400.18.1 added
- texlive-tasks-2021.189.1.3asvn57835-150400.18.1 added
- texlive-tcldoc-2021.189.2.40svn22018-150400.18.1 added
- texlive-tcolorbox-2021.189.4.42svn56610-150400.18.1 added
- texlive-tdclock-2021.189.2.5svn33043-150400.18.1 added
- texlive-tds-2021.189.1.1svn15878-150400.18.1 added
- texlive-tdsfrmath-2021.189.1.3svn15878-150400.18.1 added
- texlive-technics-2021.189.1.0svn29349-150400.18.1 added
- texlive-technion-thesis-template-2021.189.1.0svn49889-150400.18.1 added
- texlive-ted-2021.189.1.06svn15878-150400.18.1 added
- texlive-templates-fenn-2021.189.svn15878-150400.18.1 added
- texlive-templates-sommer-2021.189.svn15878-150400.18.1 added
- texlive-templatetools-2021.189.svn34495-150400.18.1 added
- texlive-tempora-2021.189.1.05svn39596-150400.18.1 added
- texlive-tempora-fonts-2021.189.1.05svn39596-150400.18.1 added
- texlive-tengwarscript-2021.189.1.3.1svn34594-150400.18.1 added
- texlive-tensind-2021.189.1.1svn51481-150400.18.1 added
- texlive-tensor-2021.189.2.1svn15878-150400.18.1 added
- texlive-termcal-2021.189.1.8svn22514-150400.18.1 added
- texlive-termcal-de-2021.189.2.0svn47111-150400.18.1 added
- texlive-termlist-2021.189.1.1svn18923-150400.18.1 added
- texlive-termmenu-2021.189.svn37700-150400.18.1 added
- texlive-testhyphens-2021.189.0.0.7svn38928-150400.18.1 added
- texlive-testidx-2021.189.1.2svn52213-150400.18.1 added
- texlive-tetragonos-2021.189.1svn49732-150400.18.1 added
- texlive-teubner-2021.189.5.4svn57684-150400.18.1 added
- texlive-tex-2021.189.3.141592653svn57972-150400.18.1 added
- texlive-tex-ewd-2021.189.svn15878-150400.18.1 added
- texlive-tex-font-errors-cheatsheet-2021.189.0.0.1svn18314-150400.18.1 added
- texlive-tex-gyre-2021.189.2.501svn48058-150400.18.1 added
- texlive-tex-gyre-fonts-2021.189.2.501svn48058-150400.18.1 added
- texlive-tex-gyre-math-2021.189.svn41264-150400.18.1 added
- texlive-tex-gyre-math-fonts-2021.189.svn41264-150400.18.1 added
- texlive-tex-ini-files-2021.189.svn40533-150400.18.1 added
- texlive-tex-label-2021.189.svn16372-150400.18.1 added
- texlive-tex-locale-2021.189.1.0svn48500-150400.18.1 added
- texlive-tex-nutshell-2021.189.0.0.6svn58471-150400.18.1 added
- texlive-tex-overview-2021.189.0.0.2svn41403-150400.18.1 added
- texlive-tex-ps-2021.189.svn15878-150400.18.1 added
- texlive-tex-refs-2021.189.0.0.4.8svn57349-150400.18.1 added
- texlive-tex-virtual-academy-pl-2021.189.svn34177-150400.18.1 added
- texlive-tex4ebook-2021.189.0.0.3csvn56878-150400.18.1 added
- texlive-tex4ht-2021.189.svn58348-150400.18.1 added
- texlive-texapi-2021.189.1.04svn54080-150400.18.1 added
- texlive-texbytopic-2021.189.svn15878-150400.18.1 added
- texlive-texcount-2021.189.3.1.1svn49013-150400.18.1 added
- texlive-texdate-2021.189.2.0svn49362-150400.18.1 added
- texlive-texdef-2021.189.1.9svn56466-150400.18.1 added
- texlive-texdiff-2021.189.0.0.4svn29752-150400.18.1 added
- texlive-texdirflatten-2021.189.1.3svn55064-150400.18.1 added
- texlive-texdoc-2021.189.3.3svn58477-150400.18.1 added
- texlive-texdoctk-2021.189.0.0.6.0svn54557-150400.18.1 added
- texlive-texdraw-2021.189.v2r3svn51030-150400.18.1 added
- texlive-texfot-2021.189.1.40svn54246-150400.18.1 added
- texlive-texilikechaps-2021.189.1.0asvn28553-150400.18.1 added
- texlive-texilikecover-2021.189.0.0.1svn15878-150400.18.1 added
- texlive-texinfo-2021.189.5.1svn57911-150400.18.1 added
- texlive-texlive-common-2021.189.svn58055-150400.18.1 added
- texlive-texlive-cz-2021.189.svn54496-150400.18.1 added
- texlive-texlive-de-2021.189.svn58648-150400.18.1 added
- texlive-texlive-en-2021.189.svn58572-150400.18.1 added
- texlive-texlive-es-2021.189.svn58221-150400.18.1 added
- texlive-texlive-fr-2021.189.svn58579-150400.18.1 added
- texlive-texlive-it-2021.189.svn58653-150400.18.1 added
- texlive-texlive-ja-2021.189.svn58581-150400.18.1 added
- texlive-texlive-pl-2021.189.svn58649-150400.18.1 added
- texlive-texlive-ru-2021.189.svn58426-150400.18.1 added
- texlive-texlive-sr-2021.189.svn54594-150400.18.1 added
- texlive-texlive-zh-cn-2021.189.svn54490-150400.18.1 added
- texlive-texlive.infra-2021.189.svn58646-150400.18.1 added
- texlive-texlive.infra-doc-2021.189.svn58646-150400.18.1 added
- texlive-texliveonfly-2021.189.svn55777-150400.18.1 added
- texlive-texloganalyser-2021.189.0.0.11svn54526-150400.18.1 added
- texlive-texlogos-2021.189.1.3.1svn19083-150400.18.1 added
- texlive-texmate-2021.189.2svn15878-150400.18.1 added
- texlive-texments-2021.189.0.0.2.0svn15878-150400.18.1 added
- texlive-texnegar-2021.189.0.0.1esvn57692-150400.18.1 added
- texlive-texonly-2021.189.2svn50985-150400.18.1 added
- texlive-texosquery-2021.189.1.7svn53676-150400.18.1 added
- texlive-texplate-2021.189.1.0.3svn56083-150400.18.1 added
- texlive-texpower-2021.189.0.0.2svn29349-150400.18.1 added
- texlive-texproposal-2021.189.1.4svn43151-150400.18.1 added
- texlive-texshade-2021.189.1.25svn46559-150400.18.1 added
- texlive-texsis-2021.189.2.18svn45678-150400.18.1 added
- texlive-textcase-2021.189.1.00svn52092-150400.18.1 added
- texlive-textfit-2021.189.5svn20591-150400.18.1 added
- texlive-textglos-2021.189.1.0svn30788-150400.18.1 added
- texlive-textgreek-2021.189.0.0.7svn44192-150400.18.1 added
- texlive-textmerg-2021.189.2.01svn20677-150400.18.1 added
- texlive-textopo-2021.189.1.5svn23796-150400.18.1 added
- texlive-textpath-2021.189.1.6svn15878-150400.18.1 added
- texlive-textpos-2021.189.1.10svn56441-150400.18.1 added
- texlive-textualicomma-2021.189.1.1svn48474-150400.18.1 added
- texlive-texvc-2021.189.1.1svn46844-150400.18.1 added
- texlive-texware-2021.189.svn57972-150400.18.1 added
- texlive-tfrupee-2021.189.1.02svn20770-150400.18.1 added
- texlive-tfrupee-fonts-2021.189.1.02svn20770-150400.18.1 added
- texlive-thaienum-2021.189.0.0.2svn44140-150400.18.1 added
- texlive-thaispec-2021.189.2021.03.01svn58019-150400.18.1 added
- texlive-thalie-2021.189.0.0.10bsvn51789-150400.18.1 added
- texlive-theanodidot-2021.189.svn54512-150400.18.1 added
- texlive-theanodidot-fonts-2021.189.svn54512-150400.18.1 added
- texlive-theanomodern-2021.189.svn54512-150400.18.1 added
- texlive-theanomodern-fonts-2021.189.svn54512-150400.18.1 added
- texlive-theanooldstyle-2021.189.svn54512-150400.18.1 added
- texlive-theanooldstyle-fonts-2021.189.svn54512-150400.18.1 added
- texlive-theatre-2021.189.0.0.1svn45363-150400.18.1 added
- texlive-theoremref-2021.189.svn54512-150400.18.1 added
- texlive-thesis-ekf-2021.189.4.1svn57207-150400.18.1 added
- texlive-thesis-gwu-2021.189.1.7.0svn54287-150400.18.1 added
- texlive-thesis-qom-2021.189.0.0.42svn49124-150400.18.1 added
- texlive-thesis-titlepage-fhac-2021.189.0.0.1svn15878-150400.18.1 added
- texlive-thinsp-2021.189.0.0.2svn39669-150400.18.1 added
- texlive-thmbox-2021.189.svn15878-150400.18.1 added
- texlive-thmtools-2021.189.72svn56070-150400.18.1 added
- texlive-threadcol-2021.189.1.0svn28754-150400.18.1 added
- texlive-threeddice-2021.189.1.0svn20675-150400.18.1 added
- texlive-threeparttable-2021.189.svn17383-150400.18.1 added
- texlive-threeparttablex-2021.189.0.0.3svn34206-150400.18.1 added
- texlive-thuaslogos-2021.189.1.2svn51347-150400.18.1 added
- texlive-thucoursework-2021.189.2.6svn56435-150400.18.1 added
- texlive-thumb-2021.189.1.0svn16549-150400.18.1 added
- texlive-thumbpdf-2021.189.3.17svn48625-150400.18.1 added
- texlive-thumbs-2021.189.1.0qsvn33134-150400.18.1 added
- texlive-thumby-2021.189.0.0.1svn16736-150400.18.1 added
- texlive-thuthesis-2021.189.7.2.2svn58750-150400.18.1 added
- texlive-ticket-2021.189.0.0.4dsvn42280-150400.18.1 added
- texlive-ticollege-2021.189.1.0svn36306-150400.18.1 added
- texlive-tie-2021.189.2.4svn57972-150400.18.1 added
- texlive-tikz-3dplot-2021.189.svn25087-150400.18.1 added
- texlive-tikz-among-us-2021.189.1.1.0svn56820-150400.18.1 added
- texlive-tikz-bayesnet-2021.189.0.0.1svn38295-150400.18.1 added
- texlive-tikz-bbox-2021.189.0.0.1svn57444-150400.18.1 added
- texlive-tikz-cd-2021.189.0.0.9fsvn49201-150400.18.1 added
- texlive-tikz-dependency-2021.189.1.2svn54512-150400.18.1 added
- texlive-tikz-dimline-2021.189.1.0svn35805-150400.17.1 added
- texlive-tikz-feynhand-2021.189.1.1.0svn51915-150400.17.1 added
- texlive-tikz-feynman-2021.189.1.1.0svn56615-150400.17.1 added
- texlive-tikz-imagelabels-2021.189.0.0.2svn51490-150400.17.1 added
- texlive-tikz-inet-2021.189.0.0.1svn15878-150400.17.1 added
- texlive-tikz-kalender-2021.189.0.0.4fsvn52890-150400.17.1 added
- texlive-tikz-karnaugh-2021.189.1.2svn47026-150400.17.1 added
- texlive-tikz-ladder-2021.189.1.1svn46555-150400.17.1 added
- texlive-tikz-lake-fig-2021.189.1.0svn55288-150400.17.1 added
- texlive-tikz-layers-2021.189.0.0.9svn46660-150400.17.1 added
- texlive-tikz-nef-2021.189.0.0.1svn55920-150400.17.1 added
- texlive-tikz-network-2021.189.1.1svn51884-150400.17.1 added
- texlive-tikz-opm-2021.189.0.0.1.1svn32769-150400.17.1 added
- texlive-tikz-optics-2021.189.0.0.2.3svn43466-150400.17.1 added
- texlive-tikz-page-2021.189.1.0svn42039-150400.17.1 added
- texlive-tikz-palattice-2021.189.2.3svn43442-150400.17.1 added
- texlive-tikz-planets-2021.189.1.0.2svn55002-150400.17.1 added
- texlive-tikz-qtree-2021.189.1.2svn26108-150400.17.1 added
- texlive-tikz-relay-2021.189.1.2svn51355-150400.17.1 added
- texlive-tikz-sfc-2021.189.1.0.1svn49424-150400.17.1 added
- texlive-tikz-timing-2021.189.0.0.7fsvn56291-150400.17.1 added
- texlive-tikz-trackschematic-2021.189.0.0.6svn57300-150400.17.1 added
- texlive-tikz-truchet-2021.189.svn50020-150400.17.1 added
- texlive-tikzcodeblocks-2021.189.0.0.13svn54758-150400.17.1 added
- texlive-tikzducks-2021.189.1.5svn55713-150400.17.1 added
- texlive-tikzinclude-2021.189.1.0svn28715-150400.17.1 added
- texlive-tikzlings-2021.189.0.0.5svn58469-150400.17.1 added
- texlive-tikzmark-2021.189.1.10svn57843-150400.17.1 added
- texlive-tikzmarmots-2021.189.1.0svn54080-150400.17.1 added
- texlive-tikzorbital-2021.189.svn36439-150400.17.1 added
- texlive-tikzpackets-2021.189.1.0svn55827-150400.17.1 added
- texlive-tikzpagenodes-2021.189.1.1svn56291-150400.17.1 added
- texlive-tikzpeople-2021.189.0.0.4svn43978-150400.17.1 added
- texlive-tikzpfeile-2021.189.1.0svn25777-150400.17.1 added
- texlive-tikzposter-2021.189.2.0svn32732-150400.17.1 added
- texlive-tikzscale-2021.189.0.0.2.6svn30637-150400.17.1 added
- texlive-tikzsymbols-2021.189.4.10csvn49975-150400.17.1 added
- texlive-tikztosvg-2021.189.0.0.2.0svn58737-150400.17.1 added
- texlive-tile-graphic-2021.189.svn55325-150400.17.1 added
- texlive-timbreicmc-2021.189.2.0svn49740-150400.17.1 added
- texlive-times-2021.189.svn35058-150400.17.1 added
- texlive-times-fonts-2021.189.svn35058-150400.17.1 added
- texlive-timetable-2021.189.svn15878-150400.17.1 added
- texlive-timing-diagrams-2021.189.svn31491-150400.17.1 added
- texlive-tinos-2021.189.svn42882-150400.17.1 added
- texlive-tinos-fonts-2021.189.svn42882-150400.17.1 added
- texlive-tipa-2021.189.1.3svn29349-150400.17.1 added
- texlive-tipa-de-2021.189.1.3svn22005-150400.17.1 added
- texlive-tipa-fonts-2021.189.1.3svn29349-150400.17.1 added
- texlive-tipfr-2021.189.1.5svn38646-150400.17.1 added
- texlive-titlecaps-2021.189.1.2svn36170-150400.17.1 added
- texlive-titlefoot-2021.189.svn15878-150400.17.1 added
- texlive-titlepages-2021.189.svn19457-150400.17.1 added
- texlive-titlepic-2021.189.1.2svn43497-150400.17.1 added
- texlive-titleref-2021.189.3.1svn18729-150400.17.1 added
- texlive-titlesec-2021.189.2.13svn52413-150400.17.1 added
- texlive-titling-2021.189.2.1dsvn15878-150400.17.1 added
- texlive-tkz-base-2021.189.3.06csvn54758-150400.17.1 added
- texlive-tkz-berge-2021.189.2.0svn57485-150400.17.1 added
- texlive-tkz-doc-2021.189.1.43csvn55265-150400.17.1 added
- texlive-tkz-euclide-2021.189.3.06csvn54758-150400.17.1 added
- texlive-tkz-fct-2021.189.1.3csvn55031-150400.17.1 added
- texlive-tkz-graph-2021.189.2.0svn57484-150400.17.1 added
- texlive-tkz-orm-2021.189.0.0.1.4svn54512-150400.17.1 added
- texlive-tkz-tab-2021.189.2.12csvn54940-150400.17.1 added
- texlive-tlc-article-2021.189.1.0.17svn51431-150400.17.1 added
- texlive-tlc2-2021.189.svn26096-150400.17.1 added
- texlive-tlmgrbasics-2021.189.svn56221-150400.17.1 added
- texlive-tocbibind-2021.189.1.5ksvn20085-150400.17.1 added
- texlive-tocdata-2021.189.2.04svn55852-150400.17.1 added
- texlive-tocloft-2021.189.2.3jsvn53364-150400.17.1 added
- texlive-tocvsec2-2021.189.1.3asvn33146-150400.17.1 added
- texlive-todo-2021.189.2.142svn17746-150400.17.1 added
- texlive-todonotes-2021.189.1.1.3svn56166-150400.17.1 added
- texlive-tokcycle-2021.189.1.3svn58254-150400.17.1 added
- texlive-tokenizer-2021.189.1.1.0svn15878-150400.17.1 added
- texlive-toolbox-2021.189.5.1svn32260-150400.17.1 added
- texlive-tools-2021.189.svn56514-150400.17.1 added
- texlive-topfloat-2021.189.svn19084-150400.17.1 added
- texlive-topiclongtable-2021.189.1.3.2svn54758-150400.17.1 added
- texlive-topletter-2021.189.0.0.3.0svn48182-150400.17.1 added
- texlive-toptesi-2021.189.6.4.06svn56276-150400.17.1 added
- texlive-totalcount-2021.189.1.0asvn56214-150400.17.1 added
- texlive-totcount-2021.189.1.2svn21178-150400.17.1 added
- texlive-totpages-2021.189.2.00svn15878-150400.17.1 added
- texlive-tpic2pdftex-2021.189.svn52851-150400.17.1 added
- texlive-tpslifonts-2021.189.0.0.6svn42428-150400.17.1 added
- texlive-tqft-2021.189.2.1svn44455-150400.17.1 added
- texlive-tracklang-2021.189.1.4svn55707-150400.17.1 added
- texlive-trajan-2021.189.1.1svn15878-150400.17.1 added
- texlive-trajan-fonts-2021.189.1.1svn15878-150400.17.1 added
- texlive-tram-2021.189.0.0.2svn29803-150400.17.1 added
- texlive-translation-array-fr-2021.189.svn24344-150400.17.1 added
- texlive-translation-arsclassica-de-2021.189.svn23803-150400.17.1 added
- texlive-translation-biblatex-de-2021.189.3.15asvn57508-150400.17.1 added
- texlive-translation-chemsym-de-2021.189.svn23804-150400.17.1 added
- texlive-translation-dcolumn-fr-2021.189.svn24345-150400.17.1 added
- texlive-translation-ecv-de-2021.189.svn24754-150400.17.1 added
- texlive-translation-enumitem-de-2021.189.svn24196-150400.17.1 added
- texlive-translation-europecv-de-2021.189.svn23840-150400.17.1 added
- texlive-translation-filecontents-de-2021.189.svn24010-150400.17.1 added
- texlive-translation-moreverb-de-2021.189.svn23957-150400.17.1 added
- texlive-translation-natbib-fr-2021.189.svn25105-150400.17.1 added
- texlive-translation-tabbing-fr-2021.189.svn24228-150400.17.1 added
- texlive-translations-2021.189.1.10asvn57461-150400.17.1 added
- texlive-translator-2021.189.1.12csvn56052-150400.17.1 added
- texlive-transparent-2021.189.1.4svn52981-150400.17.1 added
- texlive-tree-dvips-2021.189.0.0.91svn21751-150400.17.1 added
- texlive-treetex-2021.189.svn28176-150400.17.1 added
- texlive-trfsigns-2021.189.1.01svn15878-150400.17.1 added
- texlive-trigonometry-2021.189.svn43006-150400.17.1 added
- texlive-trimspaces-2021.189.1.1svn15878-150400.17.1 added
- texlive-trivfloat-2021.189.1.3bsvn15878-150400.17.1 added
- texlive-trsym-2021.189.1.0svn18732-150400.17.1 added
- texlive-truncate-2021.189.3.6svn18921-150400.17.1 added
- texlive-tsemlines-2021.189.1.0svn23440-150400.17.1 added
- texlive-ttfutils-2021.189.svn57972-150400.17.1 added
- texlive-tucv-2021.189.1.0svn20680-150400.17.1 added
- texlive-tuda-ci-2021.189.3.13asvn58661-150400.17.1 added
- texlive-tudscr-2021.189.2.06lsvn58713-150400.17.1 added
- texlive-tufte-latex-2021.189.3.5.2svn37649-150400.17.1 added
- texlive-tugboat-2021.189.2.24svn56942-150400.17.1 added
- texlive-tugboat-plain-2021.189.1.25svn51373-150400.17.1 added
- texlive-tui-2021.189.1.9svn27253-150400.17.1 added
- texlive-turabian-2021.189.0.0.1.0svn36298-150400.17.1 added
- texlive-turabian-formatting-2021.189.svn58561-150400.17.1 added
- texlive-turkmen-2021.189.0.0.2svn17748-150400.17.1 added
- texlive-turnstile-2021.189.1.0svn15878-150400.17.1 added
- texlive-turnthepage-2021.189.1.3asvn29803-150400.17.1 added
- texlive-twemoji-colr-2021.189.0.0.5.1svn55675-150400.17.1 added
- texlive-twemoji-colr-fonts-2021.189.0.0.5.1svn55675-150400.17.1 added
- texlive-twoinone-2021.189.svn17024-150400.17.1 added
- texlive-twoup-2021.189.1.3svn15878-150400.17.1 added
- texlive-txfonts-2021.189.svn15878-150400.17.1 added
- texlive-txfonts-fonts-2021.189.svn15878-150400.17.1 added
- texlive-txfontsb-2021.189.1.1.1svn54512-150400.17.1 added
- texlive-txfontsb-fonts-2021.189.1.1.1svn54512-150400.17.1 added
- texlive-txgreeks-2021.189.1.0svn21839-150400.17.1 added
- texlive-txuprcal-2021.189.1.00svn43327-150400.17.1 added
- texlive-txuprcal-fonts-2021.189.1.00svn43327-150400.17.1 added
- texlive-type1cm-2021.189.svn21820-150400.17.1 added
- texlive-typed-checklist-2021.189.2.0svn49731-150400.17.1 added
- texlive-typeface-2021.189.0.0.1svn27046-150400.17.1 added
- texlive-typehtml-2021.189.svn17134-150400.17.1 added
- texlive-typeoutfileinfo-2021.189.0.0.31svn29349-150400.17.1 added
- texlive-typewriter-2021.189.1.1svn46641-150400.17.1 added
- texlive-typicons-2021.189.2.0.7svn37623-150400.17.1 added
- texlive-typicons-fonts-2021.189.2.0.7svn37623-150400.17.1 added
- texlive-typoaid-2021.189.0.0.4.7svn44238-150400.17.1 added
- texlive-typogrid-2021.189.0.0.21svn24994-150400.17.1 added
- texlive-tzplot-2021.189.1.0.1svn58558-150400.17.1 added
- texlive-uaclasses-2021.189.svn15878-150400.17.1 added
- texlive-uafthesis-2021.189.12.12svn57349-150400.17.1 added
- texlive-uantwerpendocs-2021.189.3.2svn58669-150400.17.1 added
- texlive-uassign-2021.189.1.01svn38459-150400.17.1 added
- texlive-ucalgmthesis-2021.189.svn52527-150400.17.1 added
- texlive-ucbthesis-2021.189.3.6svn51690-150400.17.1 added
- texlive-ucdavisthesis-2021.189.1.3svn40772-150400.17.1 added
- texlive-ucharcat-2021.189.0.0.03svn38907-150400.20.1 added
- texlive-ucharclasses-2021.189.2.4svn58029-150400.20.1 added
- texlive-ucs-2021.189.2.2svn35853-150400.20.1 added
- texlive-ucsmonograph-2021.189.1.3.0svn52698-150400.20.1 added
- texlive-ucthesis-2021.189.3.2svn15878-150400.20.1 added
- texlive-udesoftec-2021.189.1.7.1svn57866-150400.20.1 added
- texlive-uebungsblatt-2021.189.1.5.0svn15878-150400.20.1 added
- texlive-uestcthesis-2021.189.1.1.0svn36371-150400.20.1 added
- texlive-uhc-2021.189.svn16791-150400.20.1 added
- texlive-uhc-fonts-2021.189.svn16791-150400.20.1 added
- texlive-uhhassignment-2021.189.1.0svn44026-150400.20.1 added
- texlive-uhrzeit-2021.189.0.0.2csvn39570-150400.20.1 added
- texlive-uiucredborder-2021.189.1.00svn29974-150400.20.1 added
- texlive-uiucthesis-2021.189.2.25svn15878-150400.20.1 added
- texlive-ukrhyph-2021.189.svn21081-150400.20.1 added
- texlive-ulem-2021.189.svn53365-150400.20.1 added
- texlive-ulqda-2021.189.1.1svn26313-150400.20.1 added
- texlive-ulthese-2021.189.5.3svn52972-150400.20.1 added
- texlive-umbclegislation-2021.189.2016_6_8svn41348-150400.20.1 added
- texlive-umich-thesis-2021.189.1.20svn15878-150400.20.1 added
- texlive-uml-2021.189.0.0.11svn17476-150400.20.1 added
- texlive-umlaute-2021.189.2.1svn15878-150400.20.1 added
- texlive-umoline-2021.189.svn19085-150400.20.1 added
- texlive-umthesis-2021.189.0.0.2svn15878-150400.20.1 added
- texlive-umtypewriter-2021.189.001.002svn18651-150400.20.1 added
- texlive-umtypewriter-fonts-2021.189.001.002svn18651-150400.20.1 added
- texlive-unam-thesis-2021.189.0.0.5svn51207-150400.20.1 added
- texlive-unamth-template-2021.189.2.0svn33625-150400.20.1 added
- texlive-unamthesis-2021.189.2.1svn43639-150400.20.1 added
- texlive-undergradmath-2021.189.svn57286-150400.20.1 added
- texlive-underlin-2021.189.1.01svn15878-150400.20.1 added
- texlive-underoverlap-2021.189.0.0.0.1_r1svn29019-150400.20.1 added
- texlive-underscore-2021.189.svn18261-150400.20.1 added
- texlive-undolabl-2021.189.1.0lsvn36681-150400.20.1 added
- texlive-unfonts-core-2021.189.svn56291-150400.20.1 added
- texlive-unfonts-core-fonts-2021.189.svn56291-150400.20.1 added
- texlive-unfonts-extra-2021.189.svn56291-150400.20.1 added
- texlive-unfonts-extra-fonts-2021.189.svn56291-150400.20.1 added
- texlive-uni-wtal-ger-2021.189.0.0.2svn31541-150400.20.1 added
- texlive-uni-wtal-lin-2021.189.0.0.2svn31409-150400.20.1 added
- texlive-unicode-alphabets-2021.189.svn54236-150400.20.1 added
- texlive-unicode-bidi-2021.189.0.0.01svn42482-150400.20.1 added
- texlive-unicode-data-2021.189.1.14svn56768-150400.20.1 added
- texlive-unicode-math-2021.189.0.0.8qsvn56594-150400.20.1 added
- texlive-unifith-2021.189.1.2svn51968-150400.20.1 added
- texlive-uninormalize-2021.189.0.0.1svn57257-150400.20.1 added
- texlive-uniquecounter-2021.189.1.4svn53162-150400.20.1 added
- texlive-unisugar-2021.189.0.0.92svn22357-150400.20.1 added
- texlive-unitconv-2021.189.0.0.01svn55060-150400.20.1 added
- texlive-unitipa-2021.189.0.0.3svn58749-150400.20.1 added
- texlive-unitn-bimrep-2021.189.svn45581-150400.20.1 added
- texlive-units-2021.189.0.0.9bsvn42428-150400.20.1 added
- texlive-unitsdef-2021.189.0.0.2svn15878-150400.20.1 added
- texlive-universa-2021.189.2.1svn51984-150400.20.1 added
- texlive-universalis-2021.189.svn33860-150400.20.1 added
- texlive-universalis-fonts-2021.189.svn33860-150400.20.1 added
- texlive-univie-ling-2021.189.1.13svn56913-150400.20.1 added
- texlive-unizgklasa-2021.189.1.0svn51647-150400.20.1 added
- texlive-unravel-2021.189.0.0.2hsvn52822-150400.20.1 added
- texlive-unswcover-2021.189.1.0svn29476-150400.20.1 added
- texlive-uothesis-2021.189.2.5.6svn25355-150400.20.1 added
- texlive-uowthesis-2021.189.1.0asvn19700-150400.20.1 added
- texlive-uowthesistitlepage-2021.189.3.0.1svn54512-150400.20.1 added
- texlive-upca-2021.189.svn22511-150400.20.1 added
- texlive-updmap-map-2021.185.svn54495-150400.19.4 added
- texlive-uplatex-2021.189.svn57972-150400.20.1 added
- texlive-upmethodology-2021.189.20200406svn54758-150400.20.1 added
- texlive-uppunctlm-2021.189.0.0.1svn42334-150400.20.1 added
- texlive-upquote-2021.189.1.3svn26059-150400.20.1 added
- texlive-uptex-2021.189.svn57972-150400.20.1 added
- texlive-uptex-base-2021.189.svn56832-150400.20.1 added
- texlive-uptex-fonts-2021.189.svn54045-150400.20.1 added
- texlive-upzhkinsoku-2021.189.0.0.5svn47354-150400.20.1 added
- texlive-urcls-2021.189.2.1svn49903-150400.20.1 added
- texlive-uri-2021.189.2.0bsvn48602-150400.20.1 added
- texlive-url-2021.189.3.4svn32528-150400.20.1 added
- texlive-urlbst-2021.189.0.0.8svn55777-150400.20.1 added
- texlive-urwchancal-2021.189.1svn21701-150400.20.1 added
- texlive-usebib-2021.189.1.0asvn25969-150400.20.1 added
- texlive-ushort-2021.189.2.2svn32261-150400.20.1 added
- texlive-uspace-2021.189.0.0.04svn42456-150400.20.1 added
- texlive-uspatent-2021.189.1.0svn27744-150400.20.1 added
- texlive-ut-thesis-2021.189.3.0.1svn58661-150400.20.1 added
- texlive-utexasthesis-2021.189.1.0svn48648-150400.20.1 added
- texlive-utf8add-2021.189.svn55291-150400.20.1 added
- texlive-utf8mex-2021.189.svn15878-150400.20.1 added
- texlive-utfsym-2021.189.0.0.8.3svn56729-150400.20.1 added
- texlive-utopia-2021.189.svn15878-150400.20.1 added
- texlive-utopia-fonts-2021.189.svn15878-150400.20.1 added
- texlive-uwmslide-2021.189.svn27354-150400.20.1 added
- texlive-uwthesis-2021.189.6.13svn15878-150400.20.1 added
- texlive-vak-2021.189.svn23431-150400.20.1 added
- texlive-vancouver-2021.189.0.0.8svn55423-150400.20.1 added
- texlive-variablelm-2021.189.1.1.2svn46611-150400.20.1 added
- texlive-variations-2021.189.0.0.3svn15878-150400.20.1 added
- texlive-varindex-2021.189.2.3svn32262-150400.20.1 added
- texlive-varisize-2021.189.svn15878-150400.20.1 added
- texlive-varsfromjobname-2021.189.1.0svn44154-150400.20.1 added
- texlive-varwidth-2021.189.0.0.92svn24104-150400.20.1 added
- texlive-vaucanson-g-2021.189.0.0.4svn15878-150400.20.1 added
- texlive-vcell-2021.189.1.0.1svn55191-150400.20.1 added
- texlive-vdmlisting-2021.189.1.1svn56905-150400.20.1 added
- texlive-velthuis-2021.189.2.17.1svn55475-150400.20.1 added
- texlive-velthuis-fonts-2021.189.2.17.1svn55475-150400.20.1 added
- texlive-venn-2021.189.svn15878-150400.20.1 added
- texlive-venndiagram-2021.189.1.2svn47952-150400.20.1 added
- texlive-venturisadf-2021.189.1.005svn19444-150400.20.1 added
- texlive-venturisadf-fonts-2021.189.1.005svn19444-150400.20.1 added
- texlive-verbasef-2021.189.1.1svn21922-150400.20.1 added
- texlive-verbatimbox-2021.189.3.13svn33197-150400.20.1 added
- texlive-verbatimcopy-2021.189.0.0.06svn15878-150400.20.1 added
- texlive-verbdef-2021.189.0.0.2svn17177-150400.20.1 added
- texlive-verbments-2021.189.1.2svn23670-150400.20.1 added
- texlive-verifica-2021.189.1.3svn56625-150400.20.1 added
- texlive-verifiche-2021.189.4.1svn57766-150400.20.1 added
- texlive-verse-2021.189.2.4bsvn34017-150400.20.1 added
- texlive-version-2021.189.2.0svn21920-150400.20.1 added
- texlive-versions-2021.189.0.0.55svn21921-150400.20.1 added
- texlive-versonotes-2021.189.0.0.4svn55777-150400.20.1 added
- texlive-vertbars-2021.189.1.0csvn49429-150400.20.1 added
- texlive-vgrid-2021.189.0.0.1svn32457-150400.20.1 added
- texlive-vhistory-2021.189.1.6.1svn30080-150400.20.1 added
- texlive-visualfaq-2021.189.svn38647-150400.20.1 added
- texlive-visualpstricks-2021.189.2.3svn39799-150400.20.1 added
- texlive-visualtikz-2021.189.0.0.65svn54080-150400.20.1 added
- texlive-vlna-2021.189.svn54074-150400.20.1 added
- texlive-vmargin-2021.189.2.5svn15878-150400.20.1 added
- texlive-vntex-2021.189.3.2svn30579-150400.20.1 added
- texlive-vntex-fonts-2021.189.3.2svn30579-150400.20.1 added
- texlive-vocaltract-2021.189.1svn25629-150400.20.1 added
- texlive-volumes-2021.189.1.0svn15878-150400.20.1 added
- texlive-voss-mathcol-2021.189.0.0.1svn32954-150400.20.1 added
- texlive-vpe-2021.189.0.0.2svn26039-150400.20.1 added
- texlive-vruler-2021.189.2.3svn21598-150400.20.1 added
- texlive-vtable-2021.189.1.0svn51126-150400.20.1 added
- texlive-vwcol-2021.189.0.0.2svn36254-150400.20.1 added
- texlive-wadalab-2021.189.svn42428-150400.20.1 added
- texlive-wadalab-fonts-2021.189.svn42428-150400.20.1 added
- texlive-wallcalendar-2021.189.1.3.1svn45568-150400.20.1 added
- texlive-wallpaper-2021.189.1.10svn15878-150400.20.1 added
- texlive-warning-2021.189.0.0.01svn22028-150400.20.1 added
- texlive-warpcol-2021.189.1.0csvn15878-150400.20.1 added
- texlive-was-2021.189.svn21439-150400.20.1 added
- texlive-wasy-2021.189.2.5svn53533-150400.20.1 added
- texlive-wasy-type1-2021.189.001.002svn53534-150400.20.1 added
- texlive-wasy-type1-fonts-2021.189.001.002svn53534-150400.20.1 added
- texlive-wasysym-2021.189.2.4svn54080-150400.20.1 added
- texlive-web-2021.189.4.5svn57972-150400.20.1 added
- texlive-webguide-2021.189.svn25813-150400.20.1 added
- texlive-webquiz-2021.189.5.2svn50694-150400.20.1 added
- texlive-widetable-2021.189.2.1svn53409-150400.20.1 added
- texlive-widows-and-orphans-2021.189.1.0dsvn58172-150400.20.1 added
- texlive-williams-2021.189.svn15878-150400.20.1 added
- texlive-willowtreebook-2021.189.1.01svn54866-150400.20.1 added
- texlive-windycity-2021.189.svn57577-150400.20.1 added
- texlive-withargs-2021.189.0.0.3.1svn52641-150400.20.1 added
- texlive-witharrows-2021.189.2.6csvn58120-150400.20.1 added
- texlive-wnri-2021.189.svn22459-150400.20.1 added
- texlive-wnri-latex-2021.189.1.0bsvn22338-150400.20.1 added
- texlive-wordcount-2021.189.1.7svn46165-150400.20.1 added
- texlive-wordlike-2021.189.1.2bsvn15878-150400.20.1 added
- texlive-worksheet-2021.189.1.1svn48423-150400.20.1 added
- texlive-wrapfig-2021.189.3.6svn22048-150400.17.1 added
- texlive-wsemclassic-2021.189.1.0.1svn31532-150400.17.1 added
- texlive-wsuipa-2021.189.svn25469-150400.17.1 added
- texlive-wtref-2021.189.0.0.4.0svn55558-150400.17.1 added
- texlive-xargs-2021.189.1.1svn15878-150400.17.1 added
- texlive-xassoccnt-2021.189.1.8svn55876-150400.17.1 added
- texlive-xbmks-2021.189.svn53448-150400.17.1 added
- texlive-xcharter-2021.189.1.216svn58755-150400.17.1 added
- texlive-xcharter-fonts-2021.189.1.216svn58755-150400.17.1 added
- texlive-xcite-2021.189.16383.99998svn53486-150400.17.1 added
- texlive-xcjk2uni-2021.189.1.0svn54958-150400.17.1 added
- texlive-xcntperchap-2021.189.0.0.5svn54080-150400.17.1 added
- texlive-xcolor-2021.189.2.12svn41044-150400.17.1 added
- texlive-xcolor-material-2021.189.0.0.1svn42289-150400.17.1 added
- texlive-xcolor-solarized-2021.189.0.0.4svn41809-150400.17.1 added
- texlive-xcomment-2021.189.1.3svn20031-150400.17.1 added
- texlive-xcookybooky-2021.189.1.5svn36435-150400.17.1 added
- texlive-xcpdftips-2021.189.1.1svn50449-150400.17.1 added
- texlive-xdoc-2021.189.prot2.5svn15878-150400.17.1 added
- texlive-xduthesis-2021.189.1.00svn39694-150400.17.1 added
- texlive-xdvi-2021.189.svn54338-150400.17.1 added
- texlive-xebaposter-2021.189.2.51svn42046-150400.17.1 added
- texlive-xechangebar-2021.189.1.0svn54080-150400.17.1 added
- texlive-xecjk-2021.189.3.8.6svn56711-150400.17.1 added
- texlive-xecolor-2021.189.0.0.1svn29660-150400.17.1 added
- texlive-xecyr-2021.189.1.2svn54308-150400.17.1 added
- texlive-xecyrmongolian-2021.189.1.0svn53160-150400.17.1 added
- texlive-xeindex-2021.189.0.0.3svn35756-150400.17.1 added
- texlive-xelatex-dev-2021.189.svn57186-150400.17.1 added
- texlive-xellipsis-2021.189.2.0svn47546-150400.17.1 added
- texlive-xepersian-2021.189.23.1svn55194-150400.17.1 added
- texlive-xepersian-hm-2021.189.1.1asvn56272-150400.17.1 added
- texlive-xesearch-2021.189.0.0.2svn51908-150400.17.1 added
- texlive-xespotcolor-2021.189.2.1svn58212-150400.17.1 added
- texlive-xetex-2021.189.svn57972-150400.17.1 added
- texlive-xetex-devanagari-2021.189.0.0.5svn34296-150400.17.1 added
- texlive-xetex-itrans-2021.189.4.2svn55475-150400.17.1 added
- texlive-xetex-pstricks-2021.189.svn17055-150400.17.1 added
- texlive-xetex-tibetan-2021.189.0.0.1svn28847-150400.17.1 added
- texlive-xetexconfig-2021.189.svn45845-150400.17.1 added
- texlive-xetexfontinfo-2021.189.svn15878-150400.17.1 added
- texlive-xetexko-2021.189.3.1svn58633-150400.17.1 added
- texlive-xetexref-2021.189.svn56291-150400.17.1 added
- texlive-xevlna-2021.189.1.1svn43864-150400.17.1 added
- texlive-xfakebold-2021.189.0.0.08svn55654-150400.17.1 added
- texlive-xfor-2021.189.1.05svn15878-150400.17.1 added
- texlive-xgreek-2021.189.3.0.1svn46662-150400.17.1 added
- texlive-xhfill-2021.189.1.01svn22575-150400.17.1 added
- texlive-xifthen-2021.189.1.4.0svn38929-150400.17.1 added
- texlive-xii-2021.189.svn45804-150400.17.1 added
- texlive-xii-lat-2021.189.svn45805-150400.17.1 added
- texlive-xindex-2021.189.0.0.28svn56295-150400.17.1 added
- texlive-xint-2021.189.1.4dsvn58738-150400.17.1 added
- texlive-xits-2021.189.1.302svn55730-150400.17.1 added
- texlive-xits-fonts-2021.189.1.302svn55730-150400.17.1 added
- texlive-xkcdcolors-2021.189.1.0.1svn54512-150400.17.1 added
- texlive-xkeyval-2021.189.2.8svn57006-150400.17.1 added
- texlive-xlop-2021.189.0.0.28svn56910-150400.17.1 added
- texlive-xltabular-2021.189.0.0.2esvn56855-150400.17.1 added
- texlive-xltxtra-2021.189.0.0.7svn56594-150400.17.1 added
- texlive-xml2pmx-2021.189.svn57972-150400.17.1 added
- texlive-xmltex-2021.189.0.0.8svn57186-150400.17.1 added
- texlive-xmltexconfig-2021.189.svn45845-150400.17.1 added
- texlive-xmpincl-2021.189.2.2svn15878-150400.17.1 added
- texlive-xmuthesis-2021.189.0.0.4.1svn56614-150400.17.1 added
- texlive-xnewcommand-2021.189.1.2svn15878-150400.17.1 added
- texlive-xoptarg-2021.189.1.0svn15878-150400.17.1 added
- texlive-xpatch-2021.189.0.0.3svn54563-150400.17.1 added
- texlive-xpdfopen-2021.189.0.0.86svn53998-150400.17.1 added
- texlive-xpeek-2021.189.0.0.2svn27442-150400.17.1 added
- texlive-xpiano-2021.189.1.0svn37604-150400.17.1 added
- texlive-xpicture-2021.189.1.2asvn28770-150400.17.1 added
- texlive-xpinyin-2021.189.2.9svn56709-150400.17.1 added
- texlive-xprintlen-2021.189.1.0svn35928-150400.17.1 added
- texlive-xpunctuate-2021.189.1.0svn26641-150400.17.1 added
- texlive-xq-2021.189.0.0.4svn35211-150400.17.1 added
- texlive-xsavebox-2021.189.0.0.16svn54097-150400.17.1 added
- texlive-xsim-2021.189.0.0.20csvn57619-150400.17.1 added
- texlive-xskak-2021.189.1.5svn51432-150400.17.1 added
- texlive-xstring-2021.189.1.83svn49946-150400.17.1 added
- texlive-xtab-2021.189.2.3fsvn23347-150400.17.1 added
- texlive-xtuthesis-2021.189.1.0svn47049-150400.17.1 added
- texlive-xunicode-2021.189.0.0.981svn30466-150400.17.1 added
- texlive-xurl-2021.189.0.0.09asvn57265-150400.17.1 added
- texlive-xwatermark-2021.189.1.5.2dsvn28090-150400.17.1 added
- texlive-xyling-2021.189.1.1svn15878-150400.17.1 added
- texlive-xymtex-2021.189.5.06svn32182-150400.17.1 added
- texlive-xypic-2021.189.3.8.9svn31859-150400.17.1 added
- texlive-xypic-fonts-2021.189.3.8.9svn31859-150400.17.1 added
- texlive-xypic-tut-pt-2021.189.svn15878-150400.17.1 added
- texlive-xytree-2021.189.1.5svn15878-150400.17.1 added
- texlive-yafoot-2021.189.1.1svn48568-150400.17.1 added
- texlive-yagusylo-2021.189.1.2svn29803-150400.17.1 added
- texlive-yaletter-2021.189.1.1svn42830-150400.17.1 added
- texlive-yannisgr-2021.189.svn22613-150400.17.1 added
- texlive-yathesis-2021.189.1.0.7svn58683-150400.17.1 added
- texlive-yax-2021.189.1.03svn54080-150400.17.1 added
- texlive-yazd-thesis-2021.189.0.0.3svn51725-150400.17.1 added
- texlive-ycbook-2021.189.svn46201-150400.17.1 added
- texlive-ydoc-2021.189.0.0.6alphasvn56291-150400.17.1 added
- texlive-yfonts-2021.189.1.4svn50755-150400.17.1 added
- texlive-yfonts-t1-2021.189.1.0svn36013-150400.17.1 added
- texlive-yfonts-t1-fonts-2021.189.1.0svn36013-150400.17.1 added
- texlive-yhmath-2021.189.1.6svn54377-150400.17.1 added
- texlive-yhmath-fonts-2021.189.1.6svn54377-150400.17.1 added
- texlive-yinit-otf-2021.189.1.0svn40207-150400.17.1 added
- texlive-yinit-otf-fonts-2021.189.1.0svn40207-150400.17.1 added
- texlive-york-thesis-2021.189.3.6svn23348-150400.17.1 added
- texlive-youngtab-2021.189.1.1svn56500-150400.17.1 added
- texlive-yplan-2021.189.svn34398-150400.17.1 added
- texlive-yquant-2021.189.0.0.4svn58712-150400.17.1 added
- texlive-ytableau-2021.189.1.3svn27430-150400.17.1 added
- texlive-zapfchan-2021.189.svn31835-150400.17.1 added
- texlive-zapfchan-fonts-2021.189.svn31835-150400.17.1 added
- texlive-zapfding-2021.189.svn31835-150400.17.1 added
- texlive-zapfding-fonts-2021.189.svn31835-150400.17.1 added
- texlive-zbmath-review-template-2021.189.1.0svn58543-150400.17.1 added
- texlive-zebra-goodies-2021.189.0.0.8.0svn51554-150400.17.1 added
- texlive-zed-csp-2021.189.svn17258-150400.17.1 added
- texlive-zhlineskip-2021.189.1.0esvn51142-150400.17.1 added
- texlive-zhlipsum-2021.189.1.2.0svn54994-150400.17.1 added
- texlive-zhmetrics-2021.189.r206svn22207-150400.17.1 added
- texlive-zhmetrics-uptex-2021.189.1.0svn40728-150400.17.1 added
- texlive-zhnumber-2021.189.2.8svn54960-150400.17.1 added
- texlive-zhspacing-2021.189.svn41145-150400.17.1 added
- texlive-ziffer-2021.189.2.1svn32279-150400.17.1 added
- texlive-zlmtt-2021.189.1.02svn51368-150400.17.1 added
- texlive-zootaxa-bst-2021.189.1.0svn50619-150400.17.1 added
- texlive-zref-2021.189.2.32svn56611-150400.17.1 added
- texlive-zwgetfdate-2021.189.svn15878-150400.17.1 added
- texlive-zwpagelayout-2021.189.1.4dsvn53965-150400.17.1 added
- texlive-zxjafbfont-2021.189.0.0.2svn28539-150400.17.1 added
- texlive-zxjafont-2021.189.1.2svn53884-150400.17.1 added
- texlive-zxjatype-2021.189.0.0.7svn53500-150400.17.1 added
- texlive-zztex-2021.189.17.7svn55862-150400.17.1 added
- totem-pl-parser-lang-3.26.6-150400.2.9 added
- translation-update-15.2-1.1 added
- ttf-converter-1.0.6-3.3.1 added
- upower-lang-0.99.13-150400.1.8 added
- usb_modeswitch-data-2.6.1-150400.1.5 added
- vino-lang-3.22.0-150400.16.11 added
- vorbis-tools-lang-1.4.0-1.53 added
- vte-lang-0.66.2-150400.1.10 added
- wayland-protocols-devel-1.31-150500.1.1 added
- x11-tools-0.1-2.18 added
- xcursor-themes-1.0.4-1.18 added
- xdg-desktop-portal-gnome-lang-41.2-150400.3.3.1 added
- xdg-desktop-portal-gtk-lang-1.14.1-150500.1.1 added
- xdg-desktop-portal-lang-1.16.0-150500.1.1 added
- xdg-user-dirs-gtk-lang-0.11-150500.1.1 added
- xdg-user-dirs-lang-0.18-150500.1.1 added
- yelp-lang-41.2-150400.1.9 added
- yelp-xsl-41.1-150400.1.5 added
- zenity-lang-3.41.0-150400.1.10 added
- AppStream-0.15.6-150500.1.1 added
- AppStream-devel-0.15.6-150500.1.1 added
- ImageMagick-7.1.0.9-150400.6.18.1 added
- ImageMagick-config-7-SUSE-7.1.0.9-150400.6.18.1 added
- ImageMagick-config-7-upstream-7.1.0.9-150400.6.18.1 added
- ImageMagick-devel-7.1.0.9-150400.6.18.1 added
- Mesa-demo-x-8.3.0-1.33 added
- ModemManager-1.18.10-150500.1.2 added
- ModemManager-devel-1.18.10-150500.1.2 added
- MozillaFirefox-102.11.0-150200.152.87.1 added
- MozillaFirefox-branding-SLE-102-150200.9.10.1 added
- MozillaFirefox-devel-102.11.0-150200.152.87.1 added
- MozillaFirefox-translations-common-102.11.0-150200.152.87.1 added
- MozillaFirefox-translations-other-102.11.0-150200.152.87.1 added
- NetworkManager-1.38.6-150500.1.2 added
- PackageKit-1.2.4-150400.3.6.1 added
- PackageKit-backend-zypp-1.2.4-150400.3.6.1 added
- PackageKit-devel-1.2.4-150400.3.6.1 added
- QGnomePlatform-qt6-0.9.0-150500.1.1 added
- accountsservice-0.6.55-150400.12.8 added
- accountsservice-devel-0.6.55-150400.12.8 added
- adwaita-qt6-1.4.2-150500.1.2 added
- alsa-plugins-pulse-1.2.7.1-150500.1.1 added
- amtk-devel-5.3.1-150400.1.14 added
- anthy-9100h-150400.12.9 added
- appstream-glib-0.7.18+30-150400.1.6 added
- appstream-glib-devel-0.7.18+30-150400.1.6 added
- at-spi2-atk-common-2.38.0-150400.1.9 added
- at-spi2-atk-gtk2-2.38.0-150400.1.9 added
- atkmm1_6-devel-2.28.3-150400.4.3.1 added
- audiofile-devel-0.3.6-3.7.10 added
- avahi-autoipd-0.8-150400.7.3.1 added
- avahi-utils-gtk-0.8-150400.7.3.1 added
- bluez-devel-5.65-150500.1.3 added
- brasero-3.12.3-150400.1.19 added
- brasero-devel-3.12.3-150400.1.19 added
- brasero-nautilus-3.12.3-150400.1.19 added
- brltty-6.4-150400.2.9 added
- brltty-driver-at-spi2-6.4-150400.2.9 added
- brltty-driver-brlapi-6.4-150400.2.9 added
- brltty-driver-speech-dispatcher-6.4-150400.2.9 added
- cairomm1_0-devel-1.12.2-150400.12.9 added
- canberra-gtk-play-0.30-150400.13.10 added
- caribou-0.4.21-150400.19.6 added
- caribou-common-0.4.21-150400.19.6 added
- caribou-devel-0.4.21-150400.19.6 added
- caribou-gtk-module-common-0.4.21-150400.19.6 added
- caribou-gtk2-module-0.4.21-150400.19.6 added
- caribou-gtk3-module-0.4.21-150400.19.6 added
- cdda2wav-3.02~a09-4.6.1 added
- cdparanoia-devel-3.10.2-1.28 added
- cdrdao-1.2.3-2.51 added
- cdrecord-3.02~a09-4.6.1 added
- celt-0.11.3-150000.3.3.1 added
- cheese-devel-41.1-150400.1.9 added
- chewing-data-0.5.1+git20200627.452f622-150400.1.10 added
- chrome-gnome-shell-10.1-1.56 added
- clutter-devel-1.26.4-150400.2.7 added
- clutter-gst-devel-3.0.27-150400.1.11 added
- clutter-gtk-devel-1.8.4-150400.13.9 added
- cogl-devel-1.22.8-150400.2.8 added
- colord-color-profiles-1.4.5-150400.4.3.1 added
- conky-1.11.5-1.20 added
- conky-doc-1.11.5-1.20 added
- cups-pk-helper-0.2.6-150400.12.12 added
- dasher-4.11-150400.13.9 added
- dav1d-devel-1.0.0-150500.1.1 added
- dconf-devel-0.40.0-150400.3.3.2 added
- dconf-editor-3.38.3-150400.1.14 added
- devilspie2-0.43-1.39 added
- dotconf-devel-1.3-1.26 added
- dvd+rw-tools-7.1-150000.3.3.1 added
- editres-1.0.6-1.17 added
- emacs-x11-27.2-150400.3.6.1 added
- enca-devel-1.19-1.18 added
- eog-41.2-150400.3.3.2 added
- eog-devel-41.2-150400.3.3.2 added
- espeak-1.48.04-1.50 added
- espeak-devel-1.48.04-1.50 added
- espeak-ng-1.50-1.15 added
- espeak-ng-compat-1.50-1.15 added
- espeak-ng-compat-devel-1.50-1.15 added
- espeak-ng-devel-1.50-1.15 added
- evince-41.4-150400.3.3.3 added
- evince-devel-41.4-150400.3.3.3 added
- evince-plugin-djvudocument-41.4-150400.3.3.3 added
- evince-plugin-dvidocument-41.4-150400.3.3.3 added
- evince-plugin-pdfdocument-41.4-150400.3.3.3 added
- evince-plugin-psdocument-41.4-150400.3.3.3 added
- evince-plugin-tiffdocument-41.4-150400.3.3.3 added
- evince-plugin-xpsdocument-41.4-150400.3.3.3 added
- fetchmailconf-6.4.22-20.26.1 added
- file-roller-3.40.0-150400.3.13 added
- flatpak-1.14.4-150500.1.3 added
- flatpak-devel-1.14.4-150500.1.3 added
- flatpak-remote-flathub-1.14.4-150500.1.3 added
- fltk-devel-1.3.4-5.3.1 added
- fontforge-20200314-3.3.1 added
- fonttosfnt-1.1.0-3.3.1 added
- freeglut-devel-3.2.1-1.24 added
- ftdump-2.10.4-150000.4.12.1 added
- fwupd-1.8.6-150500.2.2 added
- fwupd-devel-1.8.6-150500.2.2 added
- fwupd-efi-1.2-150400.1.14 added
- fwupdtpmevlog-1.5.8-150300.3.7.1 added
- gcab-1.1-1.15 added
- gcab-devel-1.1-1.15 added
- gconf-editor-3.0.1-1.52 added
- gconf-polkit-3.2.6-9.26 added
- gconf2-devel-3.2.6-9.26 added
- gcr-data-3.41.1-150400.3.3.1 added
- gcr-prompter-3.41.1-150400.3.3.1 added
- gcr-ssh-agent-3.41.1-150400.3.3.1 added
- gcr-ssh-askpass-3.41.1-150400.3.3.1 added
- gcr-viewer-3.41.1-150400.3.3.1 added
- gd-2.2.5-11.3.1 added
- gdm-41.3-150400.4.6.1 added
- gdm-devel-41.3-150400.4.6.1 added
- gedit-40.1-150400.4.3.1 added
- gedit-devel-40.1-150400.4.3.1 added
- geoclue2-2.5.7-150400.2.10 added
- geoclue2-devel-2.5.7-150400.2.10 added
- geocode-glib-3.26.4-150400.3.3.2 added
- geocode-glib-devel-3.26.4-150400.3.3.2 added
- gjs-1.70.2-150400.3.3.1 added
- glibmm2-devel-2.68.2-150400.1.3 added
- glog-devel-0.3.5-1.25 added
- glu-devel-9.0.0-8.45 added
- gmime-devel-3.2.7-150400.1.12 added
- gnome-autoar-devel-0.4.1-150400.1.10 added
- gnome-bluetooth-3.34.5-150400.12.9 added
- gnome-bluetooth-devel-3.34.5-150400.12.9 added
- gnome-calculator-41.1-150400.1.9 added
- gnome-characters-41.0-150400.1.11 added
- gnome-control-center-41.4-150500.1.3 added
- gnome-control-center-devel-41.4-150500.1.3 added
- gnome-extensions-41.9-150400.3.8.1 added
- gnome-keyring-32bit-40.0-150400.2.13 added
- gnome-keyring-40.0-150400.2.13 added
- gnome-keyring-pam-32bit-40.0-150400.2.13 added
- gnome-keyring-pam-40.0-150400.2.13 added
- gnome-menus-3.36.0-150400.2.9 added
- gnome-menus-devel-3.36.0-150400.2.9 added
- gnome-online-accounts-devel-3.40.1-150400.1.16 added
- gnome-packagekit-3.32.0-150400.12.3.1 added
- gnome-power-manager-3.32.0+58-150400.1.14 added
- gnome-screenshot-41.0-150400.1.8 added
- gnome-session-41.3-150400.3.3.1 added
- gnome-session-core-41.3-150400.3.3.1 added
- gnome-session-default-session-41.3-150400.3.3.1 added
- gnome-settings-daemon-41.0-150500.2.1 added
- gnome-settings-daemon-devel-41.0-150500.2.1 added
- gnome-shell-41.9-150400.3.8.1 added
- gnome-shell-devel-41.9-150400.3.8.1 added
- gnome-shell-search-provider-gnome-characters-41.0-150400.1.11 added
- gnome-shell-search-provider-gnome-terminal-3.42.3-150400.3.3.1 added
- gnome-shell-search-provider-nautilus-41.5-150400.3.6.1 added
- gnome-software-41.5-150400.3.3.2 added
- gnome-software-devel-41.5-150400.3.3.2 added
- gnome-system-monitor-41.0-150400.1.11 added
- gnome-terminal-3.42.3-150400.3.3.1 added
- gnome-version-41.8-150400.3.3.1 added
- gnome-vfs2-2.24.4-150400.14.7 added
- gnome-vfs2-devel-2.24.4-150400.14.7 added
- gnomekbd-tools-3.26.1-150400.11.15 added
- grilo-devel-0.3.14-150400.1.11 added
- gsl-devel-2.6-1.28 added
- gspell-devel-1.10.0-150400.3.3.1 added
- gstreamer-libnice-0.1.21-150500.1.1 added
- gstreamer-plugin-cluttergst3-3.0.27-150400.1.11 added
- gstreamer-plugin-pipewire-0.3.64-150500.1.2 added
- gstreamer-plugins-bad-1.22.0-150500.1.3 added
- gstreamer-plugins-bad-chromaprint-1.22.0-150500.1.3 added
- gstreamer-plugins-bad-devel-1.22.0-150500.1.3 added
- gstreamer-plugins-rs-0.10.1+git20230213.9cd68ff-150500.2.16 added
- gstreamer-plugins-rs-devel-0.10.1+git20230213.9cd68ff-150500.2.16 added
- gtk2-engine-clearlooks-2.20.2-150400.13.8 added
- gtk2-engine-crux-2.20.2-150400.13.8 added
- gtk2-engine-glide-2.20.2-150400.13.8 added
- gtk2-engine-hcengine-2.20.2-150400.13.8 added
- gtk2-engine-industrial-2.20.2-150400.13.8 added
- gtk2-engine-mist-2.20.2-150400.13.8 added
- gtk2-engine-redmond95-2.20.2-150400.13.8 added
- gtk2-engine-thinice-2.20.2-150400.13.8 added
- gtk2-engines-2.20.2-150400.13.8 added
- gtk2-engines-devel-2.20.2-150400.13.8 added
- gtk2-theming-engine-adwaita-32bit-3.22.3-4.3.1 added
- gtk2-tools-32bit-2.24.33-150400.2.11 added
- gtk3-devel-doc-3.24.34-150400.3.3.1 added
- gtk4-devel-4.6.0-150400.3.3.1 added
- gtkmm3-devel-3.24.6-150400.3.3.1 added
- gtksourceview-devel-3.24.11-150400.10.11 added
- gtksourceview4-devel-4.4.0-2.45 added
- gtkspell3-devel-3.0.10-150400.9.11 added
- gvfs-1.48.2-150400.4.6.1 added
- gvfs-backend-afc-1.48.2-150400.4.6.1 added
- gvfs-backend-samba-1.48.2-150400.4.6.1 added
- gvfs-backends-1.48.2-150400.4.6.1 added
- gvfs-devel-1.48.2-150400.4.6.1 added
- gvfs-fuse-1.48.2-150400.4.6.1 added
- gvim-9.0.1443-150500.18.1 added
- gweather-data-40.0-150400.1.11 added
- hplip-3.21.10-150400.3.5.1 added
- hyphen-devel-2.8.8-1.23 added
- ibus-1.5.25-150400.1.13 added
- ibus-anthy-1.5.12-150400.1.8 added
- ibus-chewing-1.6.1-1.53 added
- ibus-devel-1.5.25-150400.1.13 added
- ibus-gtk-1.5.25-150400.1.13 added
- ibus-gtk3-1.5.25-150400.1.13 added
- ibus-hangul-1.5.4-150400.1.7 added
- ibus-kkc-1.5.22-150400.1.7 added
- ibus-libpinyin-1.12.1-150400.1.7 added
- ibus-libzhuyin-1.10.0-150400.1.53 added
- ibus-m17n-1.4.6-150400.1.7 added
- ibus-mozc-2.26.4276.102-150400.1.7 added
- ibus-pinyin-1.5.0-4.37 added
- ibus-rime-1.5.0-150400.1.7 added
- ibus-skk-1.4.3-1.53 added
- ibus-table-1.13.3-150400.1.6 added
- ibus-table-devel-1.13.3-150400.1.6 added
- ibus-unikey-0.6.1-8.53 added
- iio-sensor-proxy-3.3-150400.9.3.1 added
- ilmbase-devel-2.2.1-1.17 added
- imlib2-loaders-1.4.10-1.28 added
- intel-vaapi-driver-2.4.1-150400.6.9 added
- jcat-tool-0.1.12-150500.1.1 added
- kkc-data-0.3.5+git20190809.b2e5a15-1.28 added
- leveldb-devel-1.18-150000.3.3.1 added
- libGeoIP-devel-1.6.12-6.3.1 added
- libHalf23-2.2.1-1.17 added
- libICE6-32bit-1.0.9-1.25 added
- libIDL-2-0-0.8.14-150400.13.9 added
- libIex-2_2-23-2.2.1-1.17 added
- libIexMath-2_2-23-2.2.1-1.17 added
- libIlmImf-2_2-23-2.2.1-3.41.1 added
- libIlmImfUtil-2_2-23-2.2.1-3.41.1 added
- libIlmThread-2_2-23-2.2.1-1.17 added
- libImath-2_2-23-2.2.1-1.17 added
- libImlib2-1-1.4.10-1.28 added
- libMagick++-7_Q16HDRI5-7.1.0.9-150400.6.18.1 added
- libMagick++-devel-7.1.0.9-150400.6.18.1 added
- libMagickCore-7_Q16HDRI10-7.1.0.9-150400.6.18.1 added
- libMagickWand-7_Q16HDRI10-7.1.0.9-150400.6.18.1 added
- libMrm4-2.3.4-150000.3.8.1 added
- libMrm4-32bit-2.3.4-150000.3.8.1 added
- libQt53DAnimation-devel-5.15.8+kde0-150500.1.4 added
- libQt53DAnimation5-5.15.8+kde0-150500.1.4 added
- libQt53DCore-devel-5.15.8+kde0-150500.1.4 added
- libQt53DCore5-5.15.8+kde0-150500.1.4 added
- libQt53DExtras-devel-5.15.8+kde0-150500.1.4 added
- libQt53DExtras5-5.15.8+kde0-150500.1.4 added
- libQt53DInput-devel-5.15.8+kde0-150500.1.4 added
- libQt53DInput5-5.15.8+kde0-150500.1.4 added
- libQt53DLogic-devel-5.15.8+kde0-150500.1.4 added
- libQt53DLogic5-5.15.8+kde0-150500.1.4 added
- libQt53DQuick-devel-5.15.8+kde0-150500.1.4 added
- libQt53DQuick5-5.15.8+kde0-150500.1.4 added
- libQt53DQuickAnimation-devel-5.15.8+kde0-150500.1.4 added
- libQt53DQuickAnimation5-5.15.8+kde0-150500.1.4 added
- libQt53DQuickExtras-devel-5.15.8+kde0-150500.1.4 added
- libQt53DQuickExtras5-5.15.8+kde0-150500.1.4 added
- libQt53DQuickInput-devel-5.15.8+kde0-150500.1.4 added
- libQt53DQuickInput5-5.15.8+kde0-150500.1.4 added
- libQt53DQuickRender-devel-5.15.8+kde0-150500.1.4 added
- libQt53DQuickRender5-5.15.8+kde0-150500.1.4 added
- libQt53DQuickScene2D-devel-5.15.8+kde0-150500.1.4 added
- libQt53DQuickScene2D5-5.15.8+kde0-150500.1.4 added
- libQt53DRender-devel-5.15.8+kde0-150500.1.4 added
- libQt53DRender5-5.15.8+kde0-150500.1.4 added
- libQt5Bluetooth5-5.15.8+kde8-150500.1.3 added
- libQt5Bluetooth5-imports-5.15.8+kde8-150500.1.3 added
- libQt5Designer5-5.15.8+kde1-150500.1.4 added
- libQt5DesignerComponents5-5.15.8+kde1-150500.1.4 added
- libQt5Help5-5.15.8+kde1-150500.1.4 added
- libQt5Location5-5.15.8+kde4-150500.1.2 added
- libQt5Multimedia5-5.15.8+kde3-150500.1.2 added
- libQt5Nfc5-5.15.8+kde8-150500.1.3 added
- libQt5Nfc5-imports-5.15.8+kde8-150500.1.3 added
- libQt5OpenGLExtensions-devel-static-5.15.8+kde185-150500.2.1 added
- libQt5Positioning5-5.15.8+kde4-150500.1.2 added
- libQt5PositioningQuick5-5.15.8+kde4-150500.1.2 added
- libQt5QuickControls2-5-5.15.8+kde7-150500.1.4 added
- libQt5QuickControls2-devel-5.15.8+kde7-150500.1.4 added
- libQt5QuickTemplates2-5-5.15.8+kde7-150500.1.4 added
- libQt5QuickTemplates2-devel-5.15.8+kde7-150500.1.4 added
- libQt5Script5-5.15.12-150500.1.4 added
- libQt5Sensors5-5.15.8+kde0-150500.1.4 added
- libQt5Sensors5-imports-5.15.8+kde0-150500.1.4 added
- libQt5Sql5-mysql-5.15.8+kde185-150500.2.1 added
- libQt5Sql5-postgresql-5.15.8+kde185-150500.2.1 added
- libQt5Sql5-unixODBC-5.15.8+kde185-150500.2.1 added
- libQt5TextToSpeech5-5.15.8+kde1-150500.1.4 added
- libQt5WaylandClient5-5.15.8+kde63-150500.1.3 added
- libQt5WaylandCompositor5-5.15.8+kde63-150500.1.3 added
- libQt5WebChannel5-imports-5.15.8+kde3-150500.1.2 added
- libQt5WebSockets5-imports-5.15.8+kde3-150500.1.4 added
- libQt5Xdg3-3.10.0-150500.1.2 added
- libQt5XdgIconLoader-devel-3.10.0-150500.1.2 added
- libQt5XdgIconLoader3-3.10.0-150500.1.2 added
- libQt6Core6-6.4.2-150500.1.14 added
- libQt6DBus6-6.4.2-150500.1.14 added
- libQt6Gui6-6.4.2-150500.1.14 added
- libQt6Network6-6.4.2-150500.1.14 added
- libQt6OpenGL6-6.4.2-150500.1.14 added
- libQt6WaylandClient6-6.4.2-150500.1.14 added
- libQt6Widgets6-6.4.2-150500.1.14 added
- libSDL-1_2-0-1.2.15-150000.3.19.1 added
- libSDL-devel-1.2.15-150000.3.19.1 added
- libSDL2-2_0-0-2.0.8-150200.11.9.1 added
- libSDL2-devel-2.0.8-150200.11.9.1 added
- libSM6-32bit-1.2.2-1.23 added
- libSoundTouch0-1.8.0-3.11.1 added
- libUil4-2.3.4-150000.3.8.1 added
- libUil4-32bit-2.3.4-150000.3.8.1 added
- libXaw3d-devel-1.6.2-1.28 added
- libXaw3d6-1.6.2-1.28 added
- libXaw3d7-1.6.2-1.28 added
- libXcomposite1-32bit-0.4.4-1.23 added
- libXcursor1-32bit-1.1.15-1.18 added
- libXdamage1-32bit-1.1.4-1.23 added
- libXinerama1-32bit-1.1.3-1.22 added
- libXm4-2.3.4-150000.3.8.1 added
- libXm4-32bit-2.3.4-150000.3.8.1 added
- libXmu6-32bit-1.1.2-1.30 added
- libXp6-32bit-1.0.3-1.24 added
- libXrandr2-32bit-1.5.1-2.17 added
- libXt6-32bit-1.1.5-2.24 added
- libXvnc-devel-1.12.0-150500.2.6 added
- libaccountsservice0-0.6.55-150400.12.8 added
- libadwaita-1-0-1.1.0-150400.1.7 added
- libadwaita-devel-1.1.0-150400.1.7 added
- libadwaitaqt6-1-1.4.2-150500.1.2 added
- libamd2-2.4.6-7.9 added
- libamtk-5-0-5.3.1-150400.1.14 added
- libanthy0-9100h-150400.12.9 added
- libappstream-glib8-0.7.18+30-150400.1.6 added
- libappstream4-0.15.6-150500.1.1 added
- libart_lgpl-devel-2.3.21-150400.12.6 added
- libart_lgpl_2-2-2.3.21-150400.12.6 added
- libass-devel-0.14.0-150000.3.11.1 added
- libass9-0.14.0-150000.3.11.1 added
- libatk-1_0-0-32bit-2.36.0-150400.2.9 added
- libatkmm-1_6-1-2.28.3-150400.4.3.1 added
- libatm1-2.5.2-150400.14.2.3 added
- libaudiofile1-0.3.6-3.7.10 added
- libavahi-gobject-devel-0.8-150400.7.3.1 added
- libavcodec57-3.4.2-150200.11.28.1 added
- libavtp0-0.1.0+git20200527.9482c11-150400.1.5 added
- libavutil-devel-3.4.2-150200.11.28.1 added
- libavutil55-3.4.2-150200.11.28.1 added
- libb2-1-0.98.1-150400.1.4 added
- libbluray-devel-1.3.0-150300.10.7.1 added
- libbluray2-1.3.0-150300.10.7.1 added
- libbonobo-2.32.1-1.37 added
- libbonobo-devel-2.32.1-1.37 added
- libbonoboui-2.24.5-1.57 added
- libbonoboui-devel-2.24.5-1.57 added
- libbrasero-burn3-1-3.12.3-150400.1.19 added
- libbrasero-media3-1-3.12.3-150400.1.19 added
- libbrasero-utils3-1-3.12.3-150400.1.19 added
- libbs2b0-3.1.0-150400.1.7 added
- libburn-devel-1.4.6-1.27 added
- libcairo2-32bit-1.16.0-150400.9.6 added
- libcairomm-1_0-1-1.12.2-150400.12.9 added
- libcamd2-2.4.6-7.9 added
- libcanberra-devel-0.30-150400.13.10 added
- libcanberra-gtk-devel-0.30-150400.13.10 added
- libcanberra-gtk-module-common-0.30-150400.13.10 added
- libcanberra-gtk0-0.30-150400.13.10 added
- libcanberra-gtk2-module-0.30-150400.13.10 added
- libcanberra-gtk3-0-0.30-150400.13.10 added
- libcanberra-gtk3-devel-0.30-150400.13.10 added
- libcanberra-gtk3-module-0.30-150400.13.10 added
- libcangjie2-1.3-1.25 added
- libcapnp-0_9-0.9.1-150400.3.4.1 added
- libcaribou0-0.4.21-150400.19.6 added
- libcbor0_10-0.10.1-150500.1.1 added
- libccolamd2-2.9.6-7.9 added
- libcdio++0-2.1.0-1.27 added
- libcdio-devel-2.1.0-1.27 added
- libcdio-paranoia-devel-10.2+0.93+1-150000.3.2.1 added
- libcdio16-0.94-150000.6.11.1 added
- libcdio19-2.1.0-1.27 added
- libcdio_cdda2-10.2+0.93+1-150000.3.2.1 added
- libcdio_paranoia2-10.2+0.93+1-150000.3.2.1 added
- libcelt-devel-0.11.3-150000.3.3.1 added
- libcelt0-2-0.11.3-150000.3.3.1 added
- libcheese-common-41.1-150400.1.9 added
- libcheese-gtk25-41.1-150400.1.9 added
- libcheese8-41.1-150400.1.9 added
- libchewing-devel-0.5.1+git20200627.452f622-150400.1.10 added
- libchewing3-0.5.1+git20200627.452f622-150400.1.10 added
- libcholmod3-3.0.12-7.9 added
- libchromaprint1-1.4.3-1.20 added
- libclutter-1_0-0-1.26.4-150400.2.7 added
- libclutter-gst-3_0-0-3.0.27-150400.1.11 added
- libclutter-gtk-1_0-0-1.8.4-150400.13.9 added
- libcogl-gles2-20-1.22.8-150400.2.8 added
- libcogl-pango20-1.22.8-150400.2.8 added
- libcogl20-1.22.8-150400.2.8 added
- libcolamd2-2.9.6-7.9 added
- libcolord-devel-1.4.5-150400.4.3.1 added
- libcolord-gtk-devel-0.2.0-150400.1.12 added
- libcolord-gtk1-0.2.0-150400.1.12 added
- libcolorhug2-1.4.5-150400.4.3.1 added
- libcryptui-data-3.12.2-150400.14.10 added
- libcryptui-devel-3.12.2-150400.14.10 added
- libcryptui0-3.12.2-150400.14.10 added
- libcue2-2.1.0-1.26 added
- libcups2-32bit-2.2.7-150000.3.40.1 added
- libdatrie1-32bit-0.2.9-1.25 added
- libdav1d6-1.0.0-150500.1.1 added
- libdc1394-22-2.2.5-150000.3.2.1 added
- libdc1394-devel-2.2.5-150000.3.2.1 added
- libdc1394-tools-2.2.5-150000.3.2.1 added
- libdjvulibre-devel-3.5.27-11.11.1 added
- libdjvulibre21-3.5.27-11.11.1 added
- libdotconf0-1.3-1.26 added
- libdv-devel-1.0.0-1.52 added
- libdv4-1.0.0-1.52 added
- libdvbv5-0-1.14.1-150000.3.3.1 added
- libdvbv5-devel-1.14.1-150000.3.3.1 added
- libenca0-1.19-1.18 added
- libespeak-ng1-1.50-1.15 added
- libevdocument3-4-41.4-150400.3.3.3 added
- libevview3-3-41.4-150400.3.3.3 added
- libexempi-devel-2.4.5-3.3.2 added
- libexempi3-2.4.5-3.3.2 added
- libexif-devel-0.6.22-150000.5.9.1 added
- libexif12-0.6.22-150000.5.9.1 added
- libexiv2-27-0.27.5-150400.15.4.1 added
- libexiv2-devel-0.27.5-150400.15.4.1 added
- libexiv2-xmp-static-0.27.5-150400.15.4.1 added
- libfdk-aac2-2.0.0-150400.1.4 added
- libflashrom1-1.2-150500.1.1 added
- libflatpak0-1.14.4-150500.1.3 added
- libfribidi0-32bit-1.0.10-150400.3.3.1 added
- libftdi1-2-1.5.12+git.0684c1b-150400.1.5 added
- libfwupd2-1.8.6-150500.2.2 added
- libfwupdplugin1-1.5.8-150300.3.7.1 added
- libgcab-1_0-0-1.1-1.15 added
- libgck-1-0-3.41.1-150400.3.3.1 added
- libgck-devel-3.41.1-150400.3.3.1 added
- libgck-modules-gnome-keyring-40.0-150400.2.13 added
- libgcr-3-1-3.41.1-150400.3.3.1 added
- libgcr-devel-3.41.1-150400.3.3.1 added
- libgdata-devel-0.18.1-150400.2.10 added
- libgdata22-0.18.1-150400.2.10 added
- libgdm1-41.3-150400.4.6.1 added
- libgee-0_8-2-0.20.4-150400.1.12 added
- libgee-devel-0.20.4-150400.1.12 added
- libgeocode-glib0-3.26.4-150400.3.3.2 added
- libgexiv2-2-0.14.0-150400.4.2.1 added
- libgiomm-2_68-1-2.68.2-150400.1.3 added
- libgjs-devel-1.70.2-150400.3.3.1 added
- libgjs0-1.70.2-150400.3.3.1 added
- libglade-2_0-0-2.6.4-150400.13.10 added
- libglade2-devel-2.6.4-150400.13.10 added
- libglibmm-2_68-1-2.68.2-150400.1.3 added
- libglog0-0.3.5-1.25 added
- libgme-devel-0.6.2-1.17 added
- libgme0-0.6.2-1.17 added
- libgmime-3_0-0-3.2.7-150400.1.12 added
- libgnome-2.32.2+20170910.8487c2b4-1.36 added
- libgnome-autoar-0-0-0.4.1-150400.1.10 added
- libgnome-autoar-gtk-0-0-0.4.1-150400.1.10 added
- libgnome-bluetooth13-3.34.5-150400.12.9 added
- libgnome-desktop-3-19-41.8-150400.3.3.1 added
- libgnome-desktop-3-devel-41.8-150400.3.3.1 added
- libgnome-desktop-3_0-common-41.8-150400.3.3.1 added
- libgnome-devel-2.32.2+20170910.8487c2b4-1.36 added
- libgnome-keyring-devel-3.12.0-150400.16.9 added
- libgnome-keyring0-3.12.0-150400.16.9 added
- libgnome-menu-3-0-3.36.0-150400.2.9 added
- libgnomecanvas-2-0-2.30.3-150400.13.8 added
- libgnomecanvas-devel-2.30.3-150400.13.8 added
- libgnomekbd-devel-3.26.1-150400.11.15 added
- libgnomekbd8-3.26.1-150400.11.15 added
- libgnomesu-2.0.7-150400.1.9 added
- libgnomesu-devel-2.0.7-150400.1.9 added
- libgnomesu0-2.0.7-150400.1.9 added
- libgnomeui-2.24.6+20170807.30334c28-2.36 added
- libgnomeui-devel-2.24.6+20170807.30334c28-2.36 added
- libgoa-1_0-0-3.40.1-150400.1.16 added
- libgoa-backend-1_0-1-3.40.1-150400.1.16 added
- libgphoto2-6-2.5.27-3.4.1 added
- libgphoto2-devel-2.5.27-3.4.1 added
- libgraphene-devel-1.10.6-150400.1.10 added
- libgrilo-0_3-0-0.3.14-150400.1.11 added
- libgrlnet-0_3-0-0.3.14-150400.1.11 added
- libgrlpls-0_3-0-0.3.14-150400.1.11 added
- libgsf-1-114-1.14.50-150400.3.3.1 added
- libgsl25-2.6-1.28 added
- libgslcblas0-2.6-1.28 added
- libgsm-devel-1.0.14-150000.3.4.1 added
- libgsm1-1.0.14-150000.3.4.1 added
- libgsound0-1.0.3-150400.2.10 added
- libgspell-1-2-1.10.0-150400.3.3.1 added
- libgssdp-1_2-0-1.4.0.1-150400.1.6 added
- libgssdp-devel-1.4.0.1-150400.1.6 added
- libgstadaptivedemux-1_0-0-1.22.0-150500.1.3 added
- libgstbadaudio-1_0-0-1.22.0-150500.1.3 added
- libgstbasecamerabinsrc-1_0-0-1.22.0-150500.1.3 added
- libgstcodecparsers-1_0-0-1.22.0-150500.1.3 added
- libgstcodecs-1_0-0-1.22.0-150500.1.3 added
- libgstcuda-1_0-0-1.22.0-150500.1.3 added
- libgstinsertbin-1_0-0-1.22.0-150500.1.3 added
- libgstisoff-1_0-0-1.22.0-150500.1.3 added
- libgstmpegts-1_0-0-1.22.0-150500.1.3 added
- libgstsctp-1_0-0-1.22.0-150500.1.3 added
- libgsttranscoder-1_0-0-1.22.0-150500.1.3 added
- libgsturidownloader-1_0-0-1.22.0-150500.1.3 added
- libgstva-1_0-0-1.22.0-150500.1.3 added
- libgstvulkan-1_0-0-1.22.0-150500.1.3 added
- libgstwayland-1_0-0-1.22.0-150500.1.3 added
- libgstwebrtc-1_0-0-1.22.0-150500.1.3 added
- libgstwebrtcnice-1_0-0-1.22.0-150500.1.3 added
- libgtk-2_0-0-32bit-2.24.33-150400.2.11 added
- libgtkmm-3_0-1-3.24.6-150400.3.3.1 added
- libgtkspell3-3-0-3.0.10-150400.9.11 added
- libgtop-2_0-11-2.40.0-150400.9.30 added
- libgtop-devel-2.40.0-150400.9.30 added
- libgupnp-1_2-1-1.4.3-150400.1.6 added
- libgupnp-devel-1.4.3-150400.1.6 added
- libgupnp-igd-1_0-4-1.2.0-150400.1.10 added
- libgupnp-igd-devel-1.2.0-150400.1.10 added
- libgusb-devel-0.3.9-150400.1.10 added
- libgusb2-0.3.9-150400.1.10 added
- libgweather-3-16-40.0-150400.1.11 added
- libgweather-devel-40.0-150400.1.11 added
- libgxps-devel-0.3.0-4.3.29 added
- libgxps2-0.3.0-4.3.29 added
- libgypsy-devel-0.9-2.30 added
- libgypsy0-0.9-2.30 added
- libhandy-1-0-1.5.0-150400.1.7 added
- libhangul-devel-0.1.0+git20150224.78e9d89-1.25 added
- libhangul1-0.1.0+git20150224.78e9d89-1.25 added
- libheif1-1.12.0-150400.3.11.1 added
- libibus-1_0-5-1.5.25-150400.1.13 added
- libical-devel-3.0.10-150400.1.8 added
- libical3-3.0.10-150400.1.8 added
- libid3tag0-0.15.1b-3.14 added
- libidl-devel-0.8.14-150400.13.9 added
- libimagequant0-2.11.3-1.11 added
- libimobiledevice-1_0-6-1.3.0+git.20210921-150400.1.15 added
- libimobiledevice-devel-1.3.0+git.20210921-150400.1.15 added
- libimobiledevice-glue-1_0-0-0~git.20210925-150400.1.10 added
- libimobiledevice-glue-devel-0~git.20210925-150400.1.10 added
- libiptcdata-1.0.5-150400.1.7 added
- libiptcdata-devel-1.0.5-150400.1.7 added
- libiptcdata0-1.0.5-150400.1.7 added
- libiso9660-11-2.1.0-1.27 added
- libisoburn-devel-1.4.6-1.29 added
- libisofs-devel-1.4.6-1.29 added
- libjack-devel-1.9.12-150000.3.3.1 added
- libjack0-1.9.12-150000.3.3.1 added
- libjacknet0-1.9.12-150000.3.3.1 added
- libjackserver0-1.9.12-150000.3.3.1 added
- libjasper-devel-2.0.14-150000.3.28.1 added
- libjavascriptcoregtk-4_1-0-2.38.6-150400.4.39.1 added
- libjaylink0-0.2.0-150500.1.1 added
- libjcat-devel-0.1.12-150500.1.1 added
- libjcat1-0.1.12-150500.1.1 added
- libjte-devel-1.20-1.26 added
- libkkc-devel-0.3.5+git20190809.b2e5a15-1.28 added
- libkkc2-0.3.5+git20190809.b2e5a15-1.28 added
- libkpathsea6-6.3.3-150400.29.15 added
- liblavfile-2_0-0-2.0.0-6.36 added
- liblavjpeg-2_0-0-2.0.0-6.36 added
- liblavplay-2_0-0-2.0.0-6.36 added
- liblavrec-2_0-0-2.0.0-6.36 added
- libldac2-2.0.2.3-1.1 added
- liblilv-0-0-0.24.10-1.10 added
- liblilv-0-devel-0.24.10-1.10 added
- liblouis-devel-3.20.0-150400.3.13.1 added
- liblouis20-3.20.0-150400.3.13.1 added
- liblqr-1-0-0.4.2-1.27 added
- liblqr-devel-0.4.2-1.27 added
- liblrdf-devel-0.5.0-1.41 added
- liblrdf2-0.5.0-1.41 added
- libm17n0-1.7.0-2.31 added
- libmad-devel-0.15.1b-150000.5.3.1 added
- libmad0-0.15.1b-150000.5.3.1 added
- libmalcontent-0-0-0.10.3-150400.1.9 added
- libmarisa0-0.2.6-150400.1.7 added
- libmbim-devel-1.26.4-150500.1.2 added
- libmbim-glib4-1.26.4-150500.1.2 added
- libmetis5-5.1.0-9.3.4 added
- libmfx1-22.6.1-150500.1.16 added
- libmicrohttpd-devel-0.9.57-150000.3.3.1 added
- libmjpegutils-2_0-0-2.0.0-6.36 added
- libmjpegutils-devel-2.0.0-6.36 added
- libmm-glib0-1.18.10-150500.1.2 added
- libmms-devel-0.6.4-1.24 added
- libmms0-0.6.4-1.24 added
- libmng-devel-2.0.3-1.39 added
- libmng2-2.0.3-1.39 added
- libmodplug-devel-0.3.28-2.13.1 added
- libmodplug1-0.3.28-2.13.1 added
- libmozjs-78-0-78.15.0-150400.1.10 added
- libmp3lame-devel-3.100-150000.3.2.1 added
- libmpcdec-devel-1.2.6-1.29 added
- libmpcdec5-1.2.6-1.29 added
- libmpcdec6-r475-1.43 added
- libmpeg2encpp-2_0-0-2.0.0-6.36 added
- libmplex2-2_0-0-2.0.0-6.36 added
- libmtp-devel-1.1.16-3.3.1 added
- libmtp-udev-1.1.16-3.3.1 added
- libmtp9-1.1.16-3.3.1 added
- libnautilus-extension1-41.5-150400.3.6.1 added
- libndp-devel-1.6-1.26 added
- libndp0-1.6-1.26 added
- libnetpbm-devel-10.80.1-3.11.1 added
- libnfs-devel-1.11.0-1.28 added
- libnfs8-1.11.0-1.28 added
- libnice-devel-0.1.21-150500.1.1 added
- libnice10-0.1.21-150500.1.1 added
- libnma-gtk4-0-1.8.40-150400.3.3.1 added
- libnma0-1.8.40-150400.3.3.1 added
- libnotify-devel-0.7.12-150400.3.3.1 added
- libnotify-tools-0.7.12-150400.3.3.1 added
- libnsssharedhelper0-1.0.10-1.24 added
- liboauth-devel-1.0.3-3.34 added
- liboauth0-1.0.3-3.34 added
- libofa-devel-0.9.3-2.35 added
- libofa0-0.9.3-2.35 added
- libopenal1-1.17.2-3.7.41 added
- libopencc2-1.0.5-3.19 added
- libopenjpeg1-1.5.2-150000.4.10.1 added
- libopenmpt-devel-0.3.28-2.13.1 added
- libopenmpt0-0.3.28-2.13.1 added
- libopenmpt_modplug1-0.3.28-2.13.1 added
- libostree-2022.7-150500.1.3 added
- libostree-devel-2022.7-150500.1.3 added
- libotf-0.9.13-2.25 added
- libotf-devel-0.9.13-2.25 added
- libotf0-0.9.13-2.25 added
- libout123-0-1.26.4-1.15 added
- libpackagekit-glib2-18-1.2.4-150400.3.6.1 added
- libpackagekit-glib2-devel-1.2.4-150400.3.6.1 added
- libpango-1_0-0-32bit-1.50.4-150400.1.5 added
- libpangomm-1_4-1-2.46.2-150400.1.6 added
- libpaper1-1.1.24-1.25 added
- libpcaudio0-1.1-1.70 added
- libpeas-1_0-0-1.32.0-150400.4.3.2 added
- libpeas-devel-1.32.0-150400.4.3.2 added
- libpeas-gtk-1_0-0-1.32.0-150400.4.3.2 added
- libpeas-loader-python3-1.32.0-150400.4.3.2 added
- libpinyin-data-2.6.1-150400.1.35 added
- libpinyin13-2.6.1-150400.1.35 added
- libpipewire-0_3-0-0.3.64-150500.1.2 added
- libpixman-1-0-32bit-0.40.0-150400.3.3.1 added
- libplist++-devel-2.0.0-1.31 added
- libplist++3-2.0.0-1.31 added
- libplist-2_0-3-2.2.0-150400.5.4 added
- libplist-2_0-devel-2.2.0-150400.5.4 added
- libplist-devel-2.0.0-1.31 added
- libplist3-2.0.0-1.31 added
- libportal0-0.4-150400.1.9 added
- libportaudio2-190600_20161030-2.39 added
- libportaudiocpp0-190600_20161030-2.39 added
- libpostproc-devel-3.4.2-150200.11.28.1 added
- libpostproc54-3.4.2-150200.11.28.1 added
- libptexenc1-1.3.9-150400.29.15 added
- libpyzy-1_0-0-1.0git20120805-3.5.5 added
- libqmi-devel-1.30.8-150500.1.1 added
- libqmi-glib5-1.30.8-150500.1.1 added
- libqmi-tools-1.30.8-150500.1.1 added
- libqrtr-glib-devel-1.2.2-150500.1.2 added
- libqrtr-glib0-1.2.2-150500.1.2 added
- libqt5-linguist-5.15.8+kde1-150500.1.4 added
- libqt5-linguist-devel-5.15.8+kde1-150500.1.4 added
- libqt5-qt3d-devel-5.15.8+kde0-150500.1.4 added
- libqt5-qt3d-imports-5.15.8+kde0-150500.1.4 added
- libqt5-qt3d-tools-5.15.8+kde0-150500.1.4 added
- libqt5-qtbase-platformtheme-gtk3-5.15.8+kde185-150500.2.1 added
- libqt5-qtconnectivity-devel-5.15.8+kde8-150500.1.3 added
- libqt5-qtconnectivity-tools-5.15.8+kde8-150500.1.3 added
- libqt5-qtgraphicaleffects-5.15.8+kde0-150500.1.2 added
- libqt5-qtimageformats-5.15.8+kde9-150500.1.3 added
- libqt5-qtimageformats-devel-5.15.8+kde9-150500.1.3 added
- libqt5-qtlocation-devel-5.15.8+kde4-150500.1.2 added
- libqt5-qtmultimedia-devel-5.15.8+kde3-150500.1.2 added
- libqt5-qtquickcontrols-5.15.8+kde0-150500.1.4 added
- libqt5-qtquickcontrols2-5.15.8+kde7-150500.1.4 added
- libqt5-qtscript-devel-5.15.12-150500.1.4 added
- libqt5-qtsensors-devel-5.15.8+kde0-150500.1.4 added
- libqt5-qtspeech-devel-5.15.8+kde1-150500.1.4 added
- libqt5-qttools-devel-5.15.8+kde1-150500.1.4 added
- libqt5-qttools-qhelpgenerator-5.15.8+kde1-150500.1.4 added
- libqt5-qtwayland-5.15.8+kde63-150500.1.3 added
- libqt5-qtwayland-devel-5.15.8+kde63-150500.1.3 added
- libqt5xdg-devel-3.10.0-150500.1.2 added
- libquicktime-1.2.4+git20180804.fff99cd-1.19 added
- libquicktime-devel-1.2.4+git20180804.fff99cd-1.19 added
- libquicktime0-1.2.4+git20180804.fff99cd-1.19 added
- libquvi-0_9-0_9_4-0.9.4-1.43 added
- libquvi-devel-0.9.4-1.43 added
- libquvi-scripts-0.9.20131130-2.21 added
- libquvi-scripts-devel-0.9.20131130-2.21 added
- libraptor-devel-2.0.15-150200.9.12.1 added
- libraptor2-0-2.0.15-150200.9.12.1 added
- libraw1394-11-2.1.1-150000.3.2.1 added
- libraw1394-devel-2.1.1-150000.3.2.1 added
- libraw20-0.20.2-150400.3.6.1 added
- librest-0_7-0-0.8.1-3.2.1 added
- librest-devel-0.8.1-3.2.1 added
- librime-devel-1.7.3-150400.1.5 added
- librime1-1.7.3-150400.1.5 added
- librsvg-devel-2.52.9-150400.3.3.1 added
- libschroedinger-1_0-0-1.0.11-1.31 added
- libserd-0-0-0.30.6-1.11 added
- libsigc++3-devel-3.0.2-1.25 added
- libsigc-3_0-0-3.0.2-1.25 added
- libsigsegv2-2.11-1.34 added
- libskk-devel-1.2.0+git20171110+1.0.3-150400.1.10 added
- libskk0-1.2.0+git20171110+1.0.3-150400.1.10 added
- libsmi-devel-0.4.8-1.29 added
- libsord-0-0-0.16.0-1.22 added
- libsoxr-lsr0-0.1.2-1.28 added
- libsoxr0-0.1.2-1.28 added
- libspectre-devel-0.2.8-3.12.1 added
- libspectre1-0.2.8-3.12.1 added
- libspeechd-devel-0.8.8-3.6.3 added
- libspeechd2-0.8.8-3.6.3 added
- libspiro0-0.5.20150702-1.25 added
- libsratom-0-0-0.6.0-1.41 added
- libsrt1-1.3.4-1.45 added
- libsrtp-devel-1.6.0-2.19 added
- libsrtp1-1.6.0-2.19 added
- libsrtp2-1-2.2.0-1.34 added
- libstartup-notification-1-0-0.12-150400.13.6 added
- libsuitesparseconfig5-5.2.0-7.9 added
- libswresample-devel-3.4.2-150200.11.28.1 added
- libswresample2-3.4.2-150200.11.28.1 added
- libswscale-devel-3.4.2-150200.11.28.1 added
- libswscale4-3.4.2-150200.11.28.1 added
- libsyn123-0-1.26.4-1.15 added
- libsynctex2-1.21-150400.29.15 added
- libtag-devel-1.11.1-4.9.1 added
- libtag_c0-1.11.1-4.9.1 added
- libtelepathy-glib0-0.24.2-150400.1.11 added
- libtelepathy-logger3-0.8.2-150400.13.11 added
- libtepl-6-0-6.00.0-150400.1.12 added
- libtexlua53-5-5.3.6-150400.29.15 added
- libtexluajit2-2.1.0beta3-150400.29.15 added
- libthai0-32bit-0.1.29-150400.1.4 added
- libtheora-devel-1.1.1-150000.3.3.1 added
- libtheora0-1.1.1-150000.3.3.1 added
- libtotem-plparser-mini18-3.26.6-150400.2.9 added
- libtotem-plparser18-3.26.6-150400.2.9 added
- libtpl-extensions3-0.8.2-150400.13.11 added
- libtwolame-devel-0.3.13-150000.3.2.2 added
- libudf0-2.1.0-1.27 added
- libumfpack5-5.7.6-7.9 added
- libuninameslist0-20140731-2.19 added
- libupower-glib-devel-0.99.13-150400.1.8 added
- libupower-glib3-0.99.13-150400.1.8 added
- libusbmuxd-2_0-6-2.0.2-150400.1.6 added
- libusbmuxd-devel-2.0.2-150400.1.6 added
- libv4l-devel-1.14.1-150000.3.3.1 added
- libv4l2rds0-1.14.1-150000.3.3.1 added
- libva-devel-2.16.0-150500.1.2 added
- libva-drm2-2.16.0-150500.1.2 added
- libva-x11-2-2.16.0-150500.1.2 added
- libva2-2.16.0-150500.1.2 added
- libvdehist-devel-2.3.2+svn587-3.23 added
- libvdehist0-2.3.2+svn587-3.23 added
- libvdemgmt-devel-2.3.2+svn587-3.23 added
- libvdemgmt0-2.3.2+svn587-3.23 added
- libvdeplug-devel-2.3.2+svn587-3.23 added
- libvdesnmp-devel-2.3.2+svn587-3.23 added
- libvdesnmp0-2.3.2+svn587-3.23 added
- libvdpau-devel-1.1.1-150000.3.2.1 added
- libvdpau1-1.1.1-150000.3.2.1 added
- libvisual-devel-0.4.0-1.34 added
- libvpx4-1.6.1-150000.6.8.1 added
- libwebkit2gtk-4_1-0-2.38.6-150400.4.39.1 added
- libwebrtc_audio_processing-devel-0.3-1.35 added
- libwebrtc_audio_processing1-0.3-1.35 added
- libwireplumber-0_4-0-0.4.13-150500.1.2 added
- libwnck-3-0-40.0-150400.2.12 added
- libwnck-devel-40.0-150400.2.12 added
- libwoff2enc1_0_2-1.0.2-3.2.1 added
- libxcb-render0-32bit-1.13-150000.3.9.1 added
- libxkbregistry-devel-1.3.0-150400.1.13 added
- libxkbregistry0-1.3.0-150400.1.13 added
- libxklavier-devel-5.3-150400.12.12 added
- libxklavier16-5.3-150400.12.12 added
- libxmlb-devel-0.3.6-150400.1.5 added
- libxmlb2-0.3.6-150400.1.5 added
- libyelp0-41.2-150400.1.9 added
- libyui-qt-pkg-devel-4.5.2-150500.1.1 added
- libyui-qt-pkg16-4.5.2-150500.1.1 added
- libzbar0-0.23.1-1.12 added
- libzhuyin13-2.6.1-150400.1.35 added
- libzinnia0-0.07-150400.2.5 added
- libzvbi0-0.2.35-2.22 added
- lifecycle-data-sle-module-desktop-applications-1-5.4.1 added
- linux-atm-devel-2.5.2-150400.14.2.3 added
- lua51-5.1.5-2.31 added
- lua51-devel-5.1.5-2.31 added
- lua53-luasocket-3.0~rc1+git20170515.5a17f79-3.20 added
- lv2-1.18.2-1.9 added
- lv2-devel-1.18.2-1.9 added
- m17n-lib-1.7.0-2.31 added
- m17n-lib-devel-1.7.0-2.31 added
- malcontent-0.10.3-150400.1.9 added
- motif-2.3.4-150000.3.8.1 added
- motif-devel-2.3.4-150000.3.8.1 added
- mousetweaks-3.32.0-150400.8.12 added
- mozc-2.26.4276.102-150400.1.7 added
- mozc-gui-tools-2.26.4276.102-150400.1.7 added
- mozjs60-devel-60.9.0-4.40 added
- mozjs78-devel-78.15.0-150400.1.10 added
- mpg123-1.26.4-1.15 added
- mpg123-devel-1.26.4-1.15 added
- mpg123-pulse-1.26.4-1.15 added
- mutter-41.9-150500.1.2 added
- mutter-devel-41.9-150500.1.2 added
- nautilus-41.5-150400.3.6.1 added
- nautilus-devel-41.5-150400.3.6.1 added
- nautilus-evince-41.4-150400.3.3.3 added
- nautilus-extension-terminal-3.42.3-150400.3.3.1 added
- nautilus-share-0.7.3-150500.15.1 added
- newt-devel-0.52.20-150000.7.2.3 added
- nss-shared-helper-devel-1.0.10-1.24 added
- open-vm-tools-desktop-12.2.0-150300.26.1 added
- openal-soft-devel-1.17.2-3.7.41 added
- opencc-1.0.5-3.19 added
- opencc-data-1.0.5-3.19 added
- opencc-devel-1.0.5-3.19 added
- openexr-devel-2.2.1-3.41.1 added
- openjpeg-devel-1.5.2-150000.4.10.1 added
- openssh-askpass-gnome-8.4p1-150300.3.18.2 added
- orbit2-2.14.19-9.45 added
- orbit2-devel-2.14.19-9.45 added
- pangomm1_4-devel-2.46.2-150400.1.6 added
- patterns-gnome-gnome_basic-20201210-150400.7.3.1 added
- patterns-gnome-gnome_basis-20201210-150400.7.3.1 added
- pavucontrol-5.0-150400.1.8 added
- pinentry-gnome3-1.1.0-4.3.1 added
- pipewire-0.3.64-150500.1.2 added
- pipewire-modules-0_3-0.3.64-150500.1.2 added
- pipewire-spa-plugins-0_2-0.3.64-150500.1.2 added
- pipewire-spa-tools-0.3.64-150500.1.2 added
- pipewire-tools-0.3.64-150500.1.2 added
- pngquant-2.11.2-1.11 added
- portaudio-devel-190600_20161030-2.39 added
- ppp-2.4.7-150000.5.10.3 added
- ppp-devel-2.4.7-150000.5.10.3 added
- pulseaudio-15.0-150400.2.10 added
- pulseaudio-bash-completion-15.0-150400.2.10 added
- pulseaudio-gdm-hooks-15.0-150400.2.10 added
- pulseaudio-module-gsettings-15.0-150400.2.10 added
- pulseaudio-module-x11-15.0-150400.2.10 added
- pulseaudio-module-zeroconf-15.0-150400.2.10 added
- pulseaudio-setup-15.0-150400.2.10 added
- pulseaudio-utils-15.0-150400.2.10 added
- pulseaudio-zsh-completion-15.0-150400.2.10 added
- python-cairo-common-devel-1.15.1-150000.3.8.1 added
- python-chewing-0.5.1+git20200627.452f622-150400.1.10 added
- python-dbus-python-common-devel-1.2.16-6.3.1 added
- python3-cairo-devel-1.15.1-150000.3.8.1 added
- python3-cangjie-1.2-1.36 added
- python3-createrepo_c-0.16.0-3.3.1 added
- python3-dbus-python-devel-1.2.16-6.3.1 added
- python3-louis-3.20.0-150400.3.13.1 added
- python3-pycups-1.9.74-3.3.2 added
- python3-pyotherside-1.5.3-150500.1.2 added
- python3-pysmbc-1.0.23-150400.2.5 added
- python3-qt5-5.15.7-150500.1.3 added
- python3-qt5-devel-5.15.7-150500.1.3 added
- python3-qt5-sip-12.11.0-150500.1.1 added
- python3-speechd-0.8.8-3.6.3 added
- qt6-network-tls-6.4.2-150500.1.14 added
- qtdeclarative-imports-provides-qt5-1.0-150500.5.1 added
- raptor-2.0.15-150200.9.12.1 added
- rendercheck-1.5-1.19 added
- rime-1.7.3-150400.1.5 added
- rtkit-0.11+git.20130926-1.34 added
- sane-backends-1.0.32-150400.15.2.1 added
- sane-backends-autoconfig-1.0.32-150400.15.2.1 added
- sane-backends-devel-1.0.32-150400.15.2.1 added
- sbc-devel-1.3-3.2.1 added
- schroedinger-devel-1.0.11-1.31 added
- serd-devel-0.30.6-1.11 added
- slang-devel-2.3.1a-150000.5.2.3 added
- sle-module-desktop-applications-release-15.5-150500.43.2 added
- sord-devel-0.16.0-1.22 added
- soundtouch-devel-1.8.0-3.11.1 added
- soxr-devel-0.1.2-1.28 added
- spandsp-devel-0.0.6-3.2.1 added
- speech-dispatcher-0.8.8-3.6.3 added
- speech-dispatcher-module-espeak-0.8.8-3.6.3 added
- spice-vdagent-0.22.1-150500.2.2 added
- sratom-devel-0.6.0-1.41 added
- startup-notification-devel-0.12-150400.13.6 added
- sysprof-capture-devel-static-3.42.1-150400.2.6 added
- system-role-basic-desktop-15.5.0-150500.1.1 added
- system-role-server-default-15.5.0-150500.1.1 added
- system-user-srvGeoClue-2.5.7-150400.2.10 added
- telepathy-glib-devel-0.24.2-150400.1.11 added
- telepathy-logger-devel-0.8.2-150400.13.11 added
- tepl-devel-6.00.0-150400.1.12 added
- texlive-2021.20210325-150400.29.15 added
- texlive-a2ping-bin-2021.20210325.svn27321-150400.29.15 added
- texlive-accfonts-bin-2021.20210325.svn12688-150400.29.15 added
- texlive-adhocfilelist-bin-2021.20210325.svn28038-150400.29.15 added
- texlive-afm2pl-bin-2021.20210325.svn57878-150400.29.15 added
- texlive-albatross-bin-2021.20210325.svn57089-150400.29.15 added
- texlive-aleph-bin-2021.20210325.svn58378-150400.29.15 added
- texlive-amstex-bin-2021.20210325.svn3006-150400.29.15 added
- texlive-arara-bin-2021.20210325.svn29036-150400.29.15 added
- texlive-asymptote-bin-2021.20210325.svn57890-150400.29.15 added
- texlive-attachfile2-bin-2021.20210325.svn52909-150400.29.15 added
- texlive-authorindex-bin-2021.20210325.svn18790-150400.29.15 added
- texlive-autosp-bin-2021.20210325.svn57878-150400.29.15 added
- texlive-axodraw2-bin-2021.20210325.svn58378-150400.29.15 added
- texlive-bib2gls-bin-2021.20210325.svn45266-150400.29.15 added
- texlive-bibexport-bin-2021.20210325.svn16219-150400.29.15 added
- texlive-bibtex-bin-2021.20210325.svn57878-150400.29.15 added
- texlive-bibtex8-bin-2021.20210325.svn57878-150400.29.15 added
- texlive-bibtexu-bin-2021.20210325.svn57878-150400.29.15 added
- texlive-bin-devel-2021.20210325-150400.29.15 added
- texlive-bundledoc-bin-2021.20210325.svn17794-150400.29.15 added
- texlive-cachepic-bin-2021.20210325.svn15543-150400.29.15 added
- texlive-checkcites-bin-2021.20210325.svn25623-150400.29.15 added
- texlive-checklistings-bin-2021.20210325.svn38300-150400.29.15 added
- texlive-chklref-bin-2021.20210325.svn52631-150400.29.15 added
- texlive-chktex-bin-2021.20210325.svn57878-150400.29.15 added
- texlive-cjk-gs-integrate-bin-2021.20210325.svn37223-150400.29.15 added
- texlive-cjkutils-bin-2021.20210325.svn57878-150400.29.15 added
- texlive-clojure-pamphlet-bin-2021.20210325.svn51944-150400.29.15 added
- texlive-cluttex-bin-2021.20210325.svn48871-150400.29.15 added
- texlive-context-bin-2021.20210325.svn34112-150400.29.15 added
- texlive-convbkmk-bin-2021.20210325.svn30408-150400.29.15 added
- texlive-crossrefware-bin-2021.20210325.svn45927-150400.29.15 added
- texlive-cslatex-bin-2021.20210325.svn3006-150400.29.15 added
- texlive-csplain-bin-2021.20210325.svn50528-150400.29.15 added
- texlive-ctan-o-mat-bin-2021.20210325.svn46996-150400.29.15 added
- texlive-ctanbib-bin-2021.20210325.svn48478-150400.29.15 added
- texlive-ctanify-bin-2021.20210325.svn24061-150400.29.15 added
- texlive-ctanupload-bin-2021.20210325.svn23866-150400.29.15 added
- texlive-ctie-bin-2021.20210325.svn57878-150400.29.15 added
- texlive-cweb-bin-2021.20210325.svn58136-150400.29.15 added
- texlive-cyrillic-bin-bin-2021.20210325.svn53554-150400.29.15 added
- texlive-de-macro-bin-2021.20210325.svn17399-150400.29.15 added
- texlive-detex-bin-2021.20210325.svn57878-150400.29.15 added
- texlive-dosepsbin-bin-2021.20210325.svn24759-150400.29.15 added
- texlive-dtl-bin-2021.20210325.svn57878-150400.29.15 added
- texlive-dtxgen-bin-2021.20210325.svn29031-150400.29.15 added
- texlive-dviasm-bin-2021.20210325.svn8329-150400.29.15 added
- texlive-dvicopy-bin-2021.20210325.svn57878-150400.29.15 added
- texlive-dvidvi-bin-2021.20210325.svn57878-150400.29.15 added
- texlive-dviinfox-bin-2021.20210325.svn44515-150400.29.15 added
- texlive-dviljk-bin-2021.20210325.svn57878-150400.29.15 added
- texlive-dviout-util-bin-2021.20210325.svn57878-150400.29.15 added
- texlive-dvipdfmx-bin-2021.20210325.svn58535-150400.29.15 added
- texlive-dvipng-bin-2021.20210325.svn57878-150400.29.15 added
- texlive-dvipos-bin-2021.20210325.svn57878-150400.29.15 added
- texlive-dvips-bin-2021.20210325.svn57878-150400.29.15 added
- texlive-dvisvgm-bin-2021.20210325.svn57878-150400.29.15 added
- texlive-eplain-bin-2021.20210325.svn3006-150400.29.15 added
- texlive-epspdf-bin-2021.20210325.svn29050-150400.29.15 added
- texlive-epstopdf-bin-2021.20210325.svn18336-150400.29.15 added
- texlive-exceltex-bin-2021.20210325.svn25860-150400.29.15 added
- texlive-fig4latex-bin-2021.20210325.svn14752-150400.29.15 added
- texlive-findhyph-bin-2021.20210325.svn14758-150400.29.15 added
- texlive-fontinst-bin-2021.20210325.svn53554-150400.29.15 added
- texlive-fontools-bin-2021.20210325.svn25997-150400.29.15 added
- texlive-fontware-bin-2021.20210325.svn57878-150400.29.15 added
- texlive-fragmaster-bin-2021.20210325.svn13663-150400.29.15 added
- texlive-getmap-bin-2021.20210325.svn34971-150400.29.15 added
- texlive-git-latexdiff-bin-2021.20210325.svn54732-150400.29.15 added
- texlive-glossaries-bin-2021.20210325.svn37813-150400.29.15 added
- texlive-gregoriotex-bin-2021.20210325.svn58378-150400.29.15 added
- texlive-gsftopk-bin-2021.20210325.svn57878-150400.29.15 added
- texlive-hyperxmp-bin-2021.20210325.svn56984-150400.29.15 added
- texlive-jadetex-bin-2021.20210325.svn3006-150400.29.15 added
- texlive-jfmutil-bin-2021.20210325.svn44835-150400.29.15 added
- texlive-ketcindy-bin-2021.20210325.svn49033-150400.29.15 added
- texlive-kotex-utils-bin-2021.20210325.svn32101-150400.29.15 added
- texlive-kpathsea-bin-2021.20210325.svn57878-150400.29.15 added
- texlive-kpathsea-devel-6.3.3-150400.29.15 added
- texlive-l3build-bin-2021.20210325.svn46894-150400.29.15 added
- texlive-lacheck-bin-2021.20210325.svn53999-150400.29.15 added
- texlive-latex-bin-bin-2021.20210325.svn54358-150400.29.15 added
- texlive-latex-bin-dev-bin-2021.20210325.svn53999-150400.29.15 added
- texlive-latex-git-log-bin-2021.20210325.svn30983-150400.29.15 added
- texlive-latex-papersize-bin-2021.20210325.svn42296-150400.29.15 added
- texlive-latex2man-bin-2021.20210325.svn13663-150400.29.15 added
- texlive-latex2nemeth-bin-2021.20210325.svn42300-150400.29.15 added
- texlive-latexdiff-bin-2021.20210325.svn16420-150400.29.15 added
- texlive-latexfileversion-bin-2021.20210325.svn25012-150400.29.15 added
- texlive-latexindent-bin-2021.20210325.svn32150-150400.29.15 added
- texlive-latexmk-bin-2021.20210325.svn10937-150400.29.15 added
- texlive-latexpand-bin-2021.20210325.svn27025-150400.29.15 added
- texlive-lcdftypetools-bin-2021.20210325.svn57878-150400.29.15 added
- texlive-light-latex-make-bin-2021.20210325.svn56352-150400.29.15 added
- texlive-lilyglyphs-bin-2021.20210325.svn31696-150400.29.15 added
- texlive-listbib-bin-2021.20210325.svn26126-150400.29.15 added
- texlive-listings-ext-bin-2021.20210325.svn15093-150400.29.15 added
- texlive-lollipop-bin-2021.20210325.svn41465-150400.29.15 added
- texlive-ltxfileinfo-bin-2021.20210325.svn29005-150400.29.15 added
- texlive-ltximg-bin-2021.20210325.svn32346-150400.29.15 added
- texlive-luahbtex-bin-2021.20210325.svn58535-150400.29.15 added
- texlive-luajittex-bin-2021.20210325.svn58535-150400.29.15 added
- texlive-luaotfload-bin-2021.20210325.svn34647-150400.29.15 added
- texlive-luatex-bin-2021.20210325.svn58535-150400.29.15 added
- texlive-lwarp-bin-2021.20210325.svn43292-150400.29.15 added
- texlive-m-tx-bin-2021.20210325.svn50281-150400.29.15 added
- texlive-make4ht-bin-2021.20210325.svn37750-150400.29.15 added
- texlive-makedtx-bin-2021.20210325.svn38769-150400.29.15 added
- texlive-makeindex-bin-2021.20210325.svn57878-150400.29.15 added
- texlive-match_parens-bin-2021.20210325.svn23500-150400.29.15 added
- texlive-mathspic-bin-2021.20210325.svn23661-150400.29.15 added
- texlive-metafont-bin-2021.20210325.svn58378-150400.29.15 added
- texlive-metapost-bin-2021.20210325.svn57878-150400.29.15 added
- texlive-mex-bin-2021.20210325.svn3006-150400.29.15 added
- texlive-mf2pt1-bin-2021.20210325.svn23406-150400.29.15 added
- texlive-mflua-bin-2021.20210325.svn58535-150400.29.15 added
- texlive-mfware-bin-2021.20210325.svn57878-150400.29.15 added
- texlive-mkgrkindex-bin-2021.20210325.svn14428-150400.29.15 added
- texlive-mkjobtexmf-bin-2021.20210325.svn8457-150400.29.15 added
- texlive-mkpic-bin-2021.20210325.svn33688-150400.29.15 added
- texlive-mltex-bin-2021.20210325.svn3006-150400.29.15 added
- texlive-mptopdf-bin-2021.20210325.svn18674-150400.29.15 added
- texlive-multibibliography-bin-2021.20210325.svn30534-150400.29.15 added
- texlive-musixtex-bin-2021.20210325.svn37026-150400.29.15 added
- texlive-musixtnt-bin-2021.20210325.svn50281-150400.29.15 added
- texlive-omegaware-bin-2021.20210325.svn57878-150400.29.15 added
- texlive-optex-bin-2021.20210325.svn53804-150400.29.15 added
- texlive-patgen-bin-2021.20210325.svn57878-150400.29.15 added
- texlive-pax-bin-2021.20210325.svn10843-150400.29.15 added
- texlive-pdfbook2-bin-2021.20210325.svn37537-150400.29.15 added
- texlive-pdfcrop-bin-2021.20210325.svn14387-150400.29.15 added
- texlive-pdfjam-bin-2021.20210325.svn52858-150400.29.15 added
- texlive-pdflatexpicscale-bin-2021.20210325.svn41779-150400.29.15 added
- texlive-pdftex-bin-2021.20210325.svn58535-150400.29.15 added
- texlive-pdftex-quiet-bin-2021.20210325.svn49140-150400.29.15 added
- texlive-pdftosrc-bin-2021.20210325.svn57878-150400.29.15 added
- texlive-pdfxup-bin-2021.20210325.svn40690-150400.29.15 added
- texlive-pedigree-perl-bin-2021.20210325.svn25962-150400.29.15 added
- texlive-perltex-bin-2021.20210325.svn16181-150400.29.15 added
- texlive-petri-nets-bin-2021.20210325.svn39165-150400.29.15 added
- texlive-pfarrei-bin-2021.20210325.svn29348-150400.29.15 added
- texlive-pkfix-bin-2021.20210325.svn13364-150400.29.15 added
- texlive-pkfix-helper-bin-2021.20210325.svn13663-150400.29.15 added
- texlive-platex-bin-2021.20210325.svn52800-150400.29.15 added
- texlive-pmx-bin-2021.20210325.svn57878-150400.29.15 added
- texlive-pmxchords-bin-2021.20210325.svn32405-150400.29.15 added
- texlive-ps2eps-bin-2021.20210325.svn50281-150400.29.15 added
- texlive-ps2pk-bin-2021.20210325.svn57878-150400.29.15 added
- texlive-pst-pdf-bin-2021.20210325.svn7838-150400.29.15 added
- texlive-pst2pdf-bin-2021.20210325.svn29333-150400.29.15 added
- texlive-ptex-bin-2021.20210325.svn58378-150400.29.15 added
- texlive-ptex-fontmaps-bin-2021.20210325.svn44206-150400.29.15 added
- texlive-ptex2pdf-bin-2021.20210325.svn29335-150400.29.15 added
- texlive-ptexenc-devel-1.3.9-150400.29.15 added
- texlive-purifyeps-bin-2021.20210325.svn13663-150400.29.15 added
- texlive-pygmentex-bin-2021.20210325.svn34996-150400.29.15 added
- texlive-pythontex-bin-2021.20210325.svn31638-150400.29.15 added
- texlive-rubik-bin-2021.20210325.svn32919-150400.29.15 added
- texlive-scripts-bin-2021.20210325.svn55172-150400.29.15 added
- texlive-scripts-extra-bin-2021.20210325.svn53577-150400.29.15 added
- texlive-seetexk-bin-2021.20210325.svn57878-150400.29.15 added
- texlive-spix-bin-2021.20210325.svn55933-150400.29.15 added
- texlive-splitindex-bin-2021.20210325.svn29688-150400.29.15 added
- texlive-srcredact-bin-2021.20210325.svn38710-150400.29.15 added
- texlive-sty2dtx-bin-2021.20210325.svn21215-150400.29.15 added
- texlive-svn-multi-bin-2021.20210325.svn13663-150400.29.15 added
- texlive-synctex-bin-2021.20210325.svn58136-150400.29.15 added
- texlive-synctex-devel-1.21-150400.29.15 added
- texlive-tex-bin-2021.20210325.svn58378-150400.29.15 added
- texlive-tex4ebook-bin-2021.20210325.svn37771-150400.29.15 added
- texlive-tex4ht-bin-2021.20210325.svn57878-150400.29.15 added
- texlive-texcount-bin-2021.20210325.svn13013-150400.29.15 added
- texlive-texdef-bin-2021.20210325.svn45011-150400.29.15 added
- texlive-texdiff-bin-2021.20210325.svn15506-150400.29.15 added
- texlive-texdirflatten-bin-2021.20210325.svn12782-150400.29.15 added
- texlive-texdoc-bin-2021.20210325.svn47948-150400.29.15 added
- texlive-texdoctk-bin-2021.20210325.svn29741-150400.29.15 added
- texlive-texfot-bin-2021.20210325.svn33155-150400.29.15 added
- texlive-texliveonfly-bin-2021.20210325.svn24062-150400.29.15 added
- texlive-texloganalyser-bin-2021.20210325.svn13663-150400.29.15 added
- texlive-texlua-devel-5.3.6-150400.29.15 added
- texlive-texluajit-devel-2.1.0beta3-150400.29.15 added
- texlive-texosquery-bin-2021.20210325.svn43596-150400.29.15 added
- texlive-texplate-bin-2021.20210325.svn53444-150400.29.15 added
- texlive-texsis-bin-2021.20210325.svn3006-150400.29.15 added
- texlive-texware-bin-2021.20210325.svn57878-150400.29.15 added
- texlive-thumbpdf-bin-2021.20210325.svn6898-150400.29.15 added
- texlive-tie-bin-2021.20210325.svn57878-150400.29.15 added
- texlive-tikztosvg-bin-2021.20210325.svn55132-150400.29.15 added
- texlive-tpic2pdftex-bin-2021.20210325.svn50281-150400.29.15 added
- texlive-ttfutils-bin-2021.20210325.svn57878-150400.29.15 added
- texlive-typeoutfileinfo-bin-2021.20210325.svn25648-150400.29.15 added
- texlive-ulqda-bin-2021.20210325.svn13663-150400.29.15 added
- texlive-uplatex-bin-2021.20210325.svn52800-150400.29.15 added
- texlive-uptex-bin-2021.20210325.svn58378-150400.29.15 added
- texlive-urlbst-bin-2021.20210325.svn23262-150400.29.15 added
- texlive-velthuis-bin-2021.20210325.svn50281-150400.29.15 added
- texlive-vlna-bin-2021.20210325.svn50281-150400.29.15 added
- texlive-vpe-bin-2021.20210325.svn6897-150400.29.15 added
- texlive-web-bin-2021.20210325.svn57878-150400.29.15 added
- texlive-webquiz-bin-2021.20210325.svn50419-150400.29.15 added
- texlive-wordcount-bin-2021.20210325.svn46165-150400.29.15 added
- texlive-xdvi-bin-2021.20210325.svn58378-150400.29.15 added
- texlive-xelatex-dev-bin-2021.20210325.svn53999-150400.29.15 added
- texlive-xetex-bin-2021.20210325.svn58378-150400.29.15 added
- texlive-xindex-bin-2021.20210325.svn49312-150400.29.15 added
- texlive-xml2pmx-bin-2021.20210325.svn57878-150400.29.15 added
- texlive-xmltex-bin-2021.20210325.svn3006-150400.29.15 added
- texlive-xpdfopen-bin-2021.20210325.svn52917-150400.29.15 added
- texlive-yplan-bin-2021.20210325.svn34398-150400.29.15 added
- tk-devel-8.6.12-150300.10.3.1 added
- totem-pl-parser-3.26.6-150400.2.9 added
- totem-pl-parser-devel-3.26.6-150400.2.9 added
- tracker-data-files-3.2.1-150400.1.12 added
- tracker-devel-3.2.1-150400.1.12 added
- tracker-miner-files-3.2.2-150400.3.3.1 added
- tracker-miners-3.2.2-150400.3.3.1 added
- typelib-1_0-AccountsService-1_0-0.6.55-150400.12.8 added
- typelib-1_0-Adw-1-1.1.0-150400.1.7 added
- typelib-1_0-Amtk-5-5.3.1-150400.1.14 added
- typelib-1_0-AppStreamGlib-1_0-0.7.18+30-150400.1.6 added
- typelib-1_0-BraseroBurn-3_2_0-3.12.3-150400.1.19 added
- typelib-1_0-BraseroMedia-3_2_0-3.12.3-150400.1.19 added
- typelib-1_0-Caribou-1_0-0.4.21-150400.19.6 added
- typelib-1_0-Cheese-3_0-41.1-150400.1.9 added
- typelib-1_0-Clutter-1_0-1.26.4-150400.2.7 added
- typelib-1_0-ClutterGst-3_0-3.0.27-150400.1.11 added
- typelib-1_0-Cogl-1_0-1.22.8-150400.2.8 added
- typelib-1_0-Cogl-2_0-1.22.8-150400.2.8 added
- typelib-1_0-CoglPango-1_0-1.22.8-150400.2.8 added
- typelib-1_0-CoglPango-2_0-1.22.8-150400.2.8 added
- typelib-1_0-Colord-1_0-1.4.5-150400.4.3.1 added
- typelib-1_0-ColordGtk-1_0-0.2.0-150400.1.12 added
- typelib-1_0-Colorhug-1_0-1.4.5-150400.4.3.1 added
- typelib-1_0-CryptUI-0_0-3.12.2-150400.14.10 added
- typelib-1_0-CudaGst-1_0-1.22.0-150500.1.3 added
- typelib-1_0-EvinceDocument-3_0-41.4-150400.3.3.3 added
- typelib-1_0-EvinceView-3_0-41.4-150400.3.3.3 added
- typelib-1_0-Flatpak-1_0-1.14.4-150500.1.3 added
- typelib-1_0-Fwupd-2_0-1.8.6-150500.2.2 added
- typelib-1_0-FwupdPlugin-1_0-1.7.3-150400.3.5.1 added
- typelib-1_0-GCab-1_0-1.1-1.15 added
- typelib-1_0-GData-0_0-0.18.1-150400.2.10 added
- typelib-1_0-GMenu-3_0-3.36.0-150400.2.9 added
- typelib-1_0-GMime-3_0-3.2.7-150400.1.12 added
- typelib-1_0-GSSDP-1_0-1.4.0.1-150400.1.6 added
- typelib-1_0-GTop-2_0-2.40.0-150400.9.30 added
- typelib-1_0-GUPnP-1_0-1.4.3-150400.1.6 added
- typelib-1_0-GUPnPIgd-1_0-1.2.0-150400.1.10 added
- typelib-1_0-GUsb-1_0-0.3.9-150400.1.10 added
- typelib-1_0-GWeather-3_0-40.0-150400.1.11 added
- typelib-1_0-GXPS-0_1-0.3.0-4.3.29 added
- typelib-1_0-Gck-1-3.41.1-150400.3.3.1 added
- typelib-1_0-Gcr-3-3.41.1-150400.3.3.1 added
- typelib-1_0-GcrUi-3-3.41.1-150400.3.3.1 added
- typelib-1_0-Gdm-1_0-41.3-150400.4.6.1 added
- typelib-1_0-Gee-0_8-0.20.4-150400.1.12 added
- typelib-1_0-Geoclue-2_0-2.5.7-150400.2.10 added
- typelib-1_0-GeocodeGlib-1_0-3.26.4-150400.3.3.2 added
- typelib-1_0-GjsPrivate-1_0-1.70.2-150400.3.3.1 added
- typelib-1_0-Gkbd-3_0-3.26.1-150400.11.15 added
- typelib-1_0-GnomeAutoar-0_1-0.4.1-150400.1.10 added
- typelib-1_0-GnomeAutoarGtk-0_1-0.4.1-150400.1.10 added
- typelib-1_0-GnomeBluetooth-1_0-3.34.5-150400.12.9 added
- typelib-1_0-GnomeDesktop-3_0-41.8-150400.3.3.1 added
- typelib-1_0-GnomeKeyring-1_0-3.12.0-150400.16.9 added
- typelib-1_0-Goa-1_0-3.40.1-150400.1.16 added
- typelib-1_0-Grl-0_3-0.3.14-150400.1.11 added
- typelib-1_0-GrlNet-0_3-0.3.14-150400.1.11 added
- typelib-1_0-GrlPls-0_3-0.3.14-150400.1.11 added
- typelib-1_0-Gspell-1-1.10.0-150400.3.3.1 added
- typelib-1_0-GstBadAudio-1_0-1.22.0-150500.1.3 added
- typelib-1_0-GstCodecs-1_0-1.22.0-150500.1.3 added
- typelib-1_0-GstCuda-1_0-1.22.0-150500.1.3 added
- typelib-1_0-GstInsertBin-1_0-1.22.0-150500.1.3 added
- typelib-1_0-GstMpegts-1_0-1.22.0-150500.1.3 added
- typelib-1_0-GstPlay-1_0-1.22.0-150500.1.3 added
- typelib-1_0-GstPlayer-1_0-1.22.0-150500.1.3 added
- typelib-1_0-GstVa-1_0-1.22.0-150500.1.3 added
- typelib-1_0-GstWebRTC-1_0-1.22.0-150500.1.3 added
- typelib-1_0-GtkClutter-1_0-1.8.4-150400.13.9 added
- typelib-1_0-GtkSpell-3_0-3.0.10-150400.9.11 added
- typelib-1_0-Handy-1_0-1.5.0-150400.1.7 added
- typelib-1_0-IBus-1_0-1.5.25-150400.1.13 added
- typelib-1_0-JavaScriptCore-4_1-2.38.6-150400.4.39.1 added
- typelib-1_0-Malcontent-0-0.10.3-150400.1.9 added
- typelib-1_0-ModemManager-1_0-1.18.10-150500.1.2 added
- typelib-1_0-NMA-1_0-1.8.40-150400.3.3.1 added
- typelib-1_0-NMA4-1_0-1.8.40-150400.3.3.1 added
- typelib-1_0-Nautilus-3_0-41.5-150400.3.6.1 added
- typelib-1_0-Nice-0_1-0.1.21-150500.1.1 added
- typelib-1_0-Notify-0_7-0.7.12-150400.3.3.1 added
- typelib-1_0-OSTree-1_0-2022.7-150500.1.3 added
- typelib-1_0-PackageKitGlib-1_0-1.2.4-150400.3.6.1 added
- typelib-1_0-Peas-1_0-1.32.0-150400.4.3.2 added
- typelib-1_0-PeasGtk-1_0-1.32.0-150400.4.3.2 added
- typelib-1_0-Qrtr-1_0-1.2.2-150500.1.2 added
- typelib-1_0-Rest-0_7-0.8.1-3.2.1 added
- typelib-1_0-Rsvg-2_0-2.52.9-150400.3.3.1 added
- typelib-1_0-TelepathyGlib-0_12-0.24.2-150400.1.11 added
- typelib-1_0-TelepathyLogger-0_2-0.8.2-150400.13.11 added
- typelib-1_0-Tepl-6-6.00.0-150400.1.12 added
- typelib-1_0-TotemPlParser-1_0-3.26.6-150400.2.9 added
- typelib-1_0-Tracker-3_0-3.2.1-150400.1.12 added
- typelib-1_0-UpowerGlib-1_0-0.99.13-150400.1.8 added
- typelib-1_0-WebKit2-4_1-2.38.6-150400.4.39.1 added
- typelib-1_0-WebKit2WebExtension-4_1-2.38.6-150400.4.39.1 added
- typelib-1_0-Wnck-3_0-40.0-150400.2.12 added
- typelib-1_0-Xkl-1_0-5.3-150400.12.12 added
- typelib-1_0-Xmlb-1_0-0.3.6-150400.1.5 added
- typelib-1_0-kkc-1_0-0.3.5+git20190809.b2e5a15-1.28 added
- udev-configure-printer-1.5.15-150400.2.7 added
- upower-0.99.13-150400.1.8 added
- usb_modeswitch-2.6.1-150400.1.5 added
- vde2-2.3.2+svn587-3.23 added
- viewres-1.0.4-1.18 added
- vim-plugin-conky-1.11.5-1.20 added
- vino-3.22.0-150400.16.11 added
- vncmanager-1.0.2-150000.4.9.3 added
- vncmanager-controller-1.0.1-3.3.1 added
- vncmanager-controller-gnome-1.0.1-3.3.1 added
- vncmanager-greeter-1.0.0-1.48 added
- vorbis-tools-1.4.0-1.53 added
- vte-devel-0.66.2-150400.1.10 added
- wavpack-5.4.0-150000.4.15.1 added
- wavpack-devel-5.4.0-150000.4.15.1 added
- webkit2gtk-4_1-injected-bundles-2.38.6-150400.4.39.1 added
- webkit2gtk3-devel-2.38.6-150400.4.39.1 added
- wireplumber-0.4.13-150500.1.2 added
- wireshark-devel-3.6.13-150000.3.89.1 added
- wireshark-ui-qt-3.6.13-150000.3.89.1 added
- x11perf-1.6.0-1.20 added
- xbacklight-1.2.1-1.19 added
- xclock-1.0.7-1.18 added
- xcursorgen-1.0.6-1.23 added
- xdg-desktop-portal-1.16.0-150500.1.1 added
- xdg-desktop-portal-devel-1.16.0-150500.1.1 added
- xdg-desktop-portal-gnome-41.2-150400.3.3.1 added
- xdg-desktop-portal-gtk-1.14.1-150500.1.1 added
- xdg-user-dirs-0.18-150500.1.1 added
- xdg-user-dirs-gtk-0.11-150500.1.1 added
- xev-1.2.2-1.21 added
- xeyes-1.1.1-1.18 added
- xf86-input-wacom-0.40.0-150500.1.3 added
- xf86-input-wacom-devel-0.40.0-150500.1.3 added
- xfd-1.1.2-1.18 added
- xfontsel-1.0.5-1.18 added
- xgamma-1.0.6-1.24 added
- xinput-1.6.2-1.24 added
- xkbevd-1.1.4-1.18 added
- xkbprint-1.0.4-1.18 added
- xkbutils-1.0.4-1.18 added
- xkill-1.0.4-1.18 added
- xlogo-1.0.4-1.18 added
- xlsatoms-1.1.2-1.18 added
- xlsclients-1.1.3-1.18 added
- xlsfonts-1.0.5-1.18 added
- xmag-1.0.6-1.26 added
- xmlb-tool-0.3.6-150400.1.5 added
- xorgxrdp-0.2.11-150500.9.2 added
- xrestop-0.4-1.20 added
- xscope-1.4.1-1.17 added
- xsetmode-1.0.0-1.18 added
- xsetpointer-1.0.1-1.18 added
- xvinfo-1.1.3-1.18 added
- xwd-1.0.6-1.18 added
- xwininfo-1.1.3-1.24 added
- yaml-cpp-devel-0.6.3-150400.4.3.1 added
- yelp-41.2-150400.1.9 added
- yelp-devel-41.2-150400.1.9 added
- yubikey-manager-qt-1.1.1-1.12 added
- zenity-3.41.0-150400.1.10 added
- zinnia-devel-0.07-150400.2.5 added
- OpenCSD-doc-1.0.0-1.4 added
- ant-1.10.12-150200.4.12.5 added
- ant-antlr-1.10.12-150200.4.12.4 added
- ant-apache-bcel-1.10.12-150200.4.12.4 added
- ant-apache-bsf-1.10.12-150200.4.12.4 added
- ant-apache-log4j-1.10.12-150200.4.12.4 added
- ant-apache-oro-1.10.12-150200.4.12.4 added
- ant-apache-regexp-1.10.12-150200.4.12.4 added
- ant-apache-resolver-1.10.12-150200.4.12.4 added
- ant-commons-logging-1.10.12-150200.4.12.4 added
- ant-contrib-1.0b3-150200.11.8.3 added
- ant-javamail-1.10.12-150200.4.12.4 added
- ant-jdepend-1.10.12-150200.4.12.4 added
- ant-jmf-1.10.12-150200.4.12.5 added
- ant-junit-1.10.12-150200.4.12.4 added
- ant-manual-1.10.12-150200.4.12.4 added
- ant-scripts-1.10.12-150200.4.12.5 added
- ant-swing-1.10.12-150200.4.12.5 added
- antlr-java-2.7.7-150200.18.7.5 added
- antlr-manual-2.7.7-150200.18.7.5 added
- apache-commons-cli-1.5.0-150200.3.6.4 added
- apache-commons-compress-1.21-150200.3.13.4 added
- apache-commons-configuration-1.10-150200.3.6.3 added
- apache-commons-lang3-3.12.0-150200.3.6.4 added
- apache-commons-text-1.10.0-150200.5.5.4 added
- apache-ivy-2.5.1-150200.3.6.3 added
- apache-pdfbox-2.0.23-150200.3.6.3 added
- apache-sshd-2.7.0-150200.5.5.3 added
- aqute-bndlib-5.2.0-150200.3.6.3 added
- args4j-2.33-150200.3.6.5 added
- atinject-1+20160610git1f74ea7-150200.3.6.4 added
- autoconf-archive-2017.09.28-1.18 added
- avalon-logkit-2.1-150200.11.6.4 added
- aws-sdk-java-core-1.11.3-150200.3.6.3 added
- aws-sdk-java-kms-1.11.3-150200.3.6.3 added
- aws-sdk-java-s3-1.11.3-150200.3.6.3 added
- base64coder-20101219-150200.3.6.4 added
- bcc-docs-0.26.0-150500.1.1 added
- bcc-examples-0.26.0-150500.1.1 added
- beust-jcommander-1.71-150200.3.6.4 added
- bouncycastle-1.72-150200.3.12.1 added
- bouncycastle-pg-1.72-150200.3.12.1 added
- bouncycastle-pkix-1.72-150200.3.12.1 added
- bouncycastle-util-1.72-150200.3.12.1 added
- bpftrace-tools-0.17.0-150500.1.2 added
- brp-extract-appdata-2016.05.04-1.23 added
- bsf-2.4.0-150200.13.6.4 added
- bsh2-2.0.0.b6-150200.12.6.4 added
- bsh2-classgen-2.0.0.b6-150200.12.6.4 added
- build-20230215-150200.15.1 added
- build-compare-20221206T204012.bb70754-150500.1.7 added
- build-mkbaselibs-20230215-150200.15.1 added
- ca-certificates-mozilla-prebuilt-2.60-150200.27.1 added
- cargo1.43-doc-1.43.1-7.3.1 added
- cdi-api-2.0.2-150200.3.6.4 added
- checkbashisms-2.19.5-3.3.1 added
- cppunit-devel-doc-1.14.0-2.17 added
- devhelp-lang-41.2-150400.1.9 added
- docbook-dsssl-stylesheets-1.79-2.18 added
- docbook-utils-0.6.14-1.24 added
- docbook-utils-minimal-0.6.14-1.24 added
- docbook_3-3.1-1.24 added
- dom4j-1.6.1-150200.12.6.3 added
- ed25519-java-0.3.0-150200.5.3.3 added
- extra166y-1.7.0-150200.3.4.15 added
- firewall-macros-0.9.3-150400.8.9.1 added
- gcc12-info-12.2.1+git416-150000.1.7.1 added
- gcc7-info-7.5.0+r278197-4.30.1 added
- geronimo-annotation-1_0-api-1.2-150200.15.6.4 added
- geronimo-jms-1_1-api-1.2-150200.15.6.4 added
- geronimo-stax-1_0-api-1.2-150200.15.6.4 added
- git-doc-2.35.3-150300.10.27.1 added
- glade-lang-3.38.2-150400.2.8 added
- glassfish-annotation-api-1.3.2-150200.3.4.4 added
- glassfish-jaxb-api-2.4.0-150200.5.3.4 added
- glassfish-servlet-api-3.1.0-150200.3.4.4 added
- gnome-builder-lang-41.3-150400.1.10 added
- google-gson-2.8.9-150200.3.10.3 added
- google-guice-4.1-150200.3.4.3 added
- gpars-1.2.1-150200.3.4.4 added
- gradle-local-5.3.0-150200.3.4.4 added
- groovy-lib-2.4.21-150200.3.7.4 added
- guava-30.1.1-150200.3.4.4 added
- hamcrest-core-1.3-150200.12.10.4 added
- httpcomponents-client-4.5.12-150200.3.6.4 added
- httpcomponents-core-4.4.13-150200.3.6.4 added
- icu4j-71.1-150200.3.4.4 added
- intltool-0.51.0-9.19 added
- isorelax-0.1-150200.11.4.4 added
- itstool-2.0.7-150400.1.9 added
- ivy-local-5.3.0-150200.3.4.4 added
- jackson-dataformat-cbor-2.13.0-150200.3.3.3 added
- jatl-0.2.2-150200.3.4.3 added
- javaewah-1.1.6-150200.3.4.3 added
- javapackages-gradle-5.3.1-150200.3.4.4 added
- javapackages-ivy-5.3.1-150200.3.4.4 added
- javapackages-local-5.3.1-150200.3.4.4 added
- jaxen-1.1.6-150200.12.4.4 added
- jboss-interceptors-1.2-api-1.0.0-150200.3.4.4 added
- jcifs-1.3.19-150200.3.4.4 added
- jcip-annotations-1.0-150000.4.8.2 added
- jcl-over-slf4j-1.7.36-150200.3.4.3 added
- jcsp-1.1~rc5-150200.3.4.3 added
- jdepend-2.10-150200.11.4.4 added
- jdom-1.1.3-150200.12.4.4 added
- jdom2-2.0.6.1-150200.3.7.3 added
- jeos-firstboot-1.2.0.5-150500.1.2 added
- jeos-firstboot-rpiwifi-1.2.0.5-150500.1.2 added
- jetty-http-9.4.48-150200.3.16.3 added
- jetty-io-9.4.48-150200.3.16.3 added
- jetty-security-9.4.48-150200.3.16.3 added
- jetty-server-9.4.48-150200.3.16.3 added
- jetty-servlet-9.4.48-150200.3.16.3 added
- jetty-util-9.4.48-150200.3.16.3 added
- jetty-util-ajax-9.4.48-150200.3.16.3 added
- jgit-5.11.0-150200.5.3.3 added
- jing-20181222-150200.10.4.4 added
- jlex-1.2.6-2.39 added
- joda-time-2.10.1-150200.3.4.4 added
- jsch-0.1.55-150200.11.7.4 added
- jsoup-1.15.3-150200.3.11.1 added
- jsr-305-3.0.2-150200.3.7.5 added
- jtidy-8.0-150200.11.4.4 added
- jul-to-slf4j-1.7.36-150200.3.4.3 added
- junit-4.13.2-150200.3.8.1 added
- junitperf-1.9.1-2.46 added
- jython-2.2.1-150400.18.8 added
- jzlib-1.1.3-150200.11.4.4 added
- kernel-docs-5.14.21-150500.53.2 added
- kernel-source-5.14.21-150500.53.2 added
- kiwi-templates-Minimal-15.5-150500.3.1 added
- kryo-4.0.2-150200.3.4.3 added
- latex2html-2017.2-2.41 added
- libqt5-qtdoc-5.15.8-150500.1.16 added
- libqt5-qtdoc-html-5.15.8-150500.1.16 added
- libqt5-qtdoc-qch-5.15.8-150500.1.16 added
- lifecycle-data-sle-module-development-tools-1-3.13.1 added
- live-langset-data-2.0-150300.13.3.1 added
- log4j-over-slf4j-1.7.36-150200.3.4.3 added
- log4j12-javadoc-1.2.17-4.9.1 added
- log4j12-manual-1.2.17-4.9.1 added
- maven-archiver-3.5.0-150200.3.4.4 added
- maven-artifact-2.2.1-150200.3.4.4 added
- maven-artifact-transfer-0.13.1-150200.3.4.3 added
- maven-common-artifact-filters-3.0.1-150200.3.4.4 added
- maven-compiler-plugin-3.10.1-150200.3.4.3 added
- maven-doxia-core-1.9.1-150200.4.4.3 added
- maven-doxia-logging-api-1.9.1-150200.4.4.3 added
- maven-doxia-module-apt-1.9.1-150200.4.4.3 added
- maven-doxia-module-fml-1.9.1-150200.4.4.3 added
- maven-doxia-module-fo-1.9.1-150200.4.4.3 added
- maven-doxia-module-xdoc-1.9.1-150200.4.4.3 added
- maven-doxia-module-xhtml-1.9.1-150200.4.4.3 added
- maven-doxia-module-xhtml5-1.9.1-150200.4.4.3 added
- maven-doxia-sink-api-1.9.1-150200.4.4.3 added
- maven-doxia-sitetools-1.9.2-150200.3.4.3 added
- maven-file-management-3.0.0-150200.3.4.3 added
- maven-filtering-3.2.0-150200.3.4.3 added
- maven-invoker-3.1.0-150200.3.4.3 added
- maven-jar-plugin-3.2.2-150200.3.4.3 added
- maven-javadoc-plugin-3.3.2-150200.4.4.3 added
- maven-local-5.3.0-150200.3.4.4 added
- maven-plugin-annotations-3.6.0-150200.3.4.3 added
- maven-reporting-api-3.1.0-150200.3.4.13 added
- maven-resolver-api-1.7.3-150200.3.6.1 added
- maven-resolver-connector-basic-1.7.3-150200.3.6.1 added
- maven-resolver-impl-1.7.3-150200.3.6.1 added
- maven-resolver-named-locks-1.7.3-150200.3.6.1 added
- maven-resolver-spi-1.7.3-150200.3.6.1 added
- maven-resolver-transport-wagon-1.7.3-150200.3.6.1 added
- maven-resolver-util-1.7.3-150200.3.6.1 added
- maven-resources-plugin-3.2.0-150200.3.4.3 added
- maven-shared-incremental-1.1-150200.3.4.4 added
- maven-shared-io-3.0.0-150200.3.4.4 added
- maven-shared-utils-3.3.3-150200.3.4.3 added
- maven-surefire-2.22.0-150200.3.4.3 added
- maven-surefire-plugin-2.22.0-150200.3.4.3 added
- maven-surefire-provider-junit-2.22.0-150200.3.4.3 added
- maven-surefire-provider-testng-2.22.0-150200.3.4.3 added
- maven-wagon-file-3.2.0-150200.3.4.3 added
- maven-wagon-http-3.2.0-150200.3.4.3 added
- maven-wagon-http-shared-3.2.0-150200.3.4.3 added
- maven-wagon-provider-api-3.2.0-150200.3.4.3 added
- meld-3.21.0-150400.2.10 added
- meld-lang-3.21.0-150400.2.10 added
- meson-0.61.4-150500.1.7 added
- minlog-1.3.1-150200.3.7.8 added
- multiverse-0.7.0-150200.3.4.3 added
- nekohtml-1.9.22.noko2-150200.3.4.4 added
- netty3-3.10.6-150200.3.7.3 added
- objenesis-3.1-150200.3.4.4 added
- obs-scm-bridge-0.2-150100.3.3.1 added
- osc-0.182.0-150100.3.32.1 added
- osgi-annotation-7.0.0-150200.3.4.4 added
- osgi-compendium-7.0.0-150200.3.4.4 added
- osgi-core-7.0.0-150200.3.4.4 added
- pcp-doc-5.2.5-150400.5.3.11 added
- perl-Algorithm-Diff-1.1903-1.25 added
- perl-Alien-Tidyp-1.4.7-1.22 added
- perl-Archive-Extract-0.80-1.24 added
- perl-Authen-SASL-2.16-1.3.1 added
- perl-CPAN-Meta-Check-0.014-1.22 added
- perl-CPAN-Meta-Requirements-2.140000-1.24 added
- perl-Capture-Tiny-0.48-150500.1.1 added
- perl-Class-Tiny-1.006-1.24 added
- perl-Config-AutoConf-0.315-1.20 added
- perl-Config-IniFiles-2.94-1.23 added
- perl-Convert-TNEF-0.18-1.23 added
- perl-Date-Manip-6.70-2.13 added
- perl-Devel-CheckBin-0.04-1.24 added
- perl-Expect-1.35-1.23 added
- perl-ExtUtils-Config-0.008-1.24 added
- perl-ExtUtils-Helpers-0.026-1.24 added
- perl-ExtUtils-InstallPaths-0.011-1.22 added
- perl-ExtUtils-LibBuilder-0.08-1.22 added
- perl-File-ShareDir-Install-0.11-1.22 added
- perl-File-Slurp-Tiny-0.004-1.25 added
- perl-File-Temp-0.2304-1.25 added
- perl-Geography-Countries-2009041301-1.26 added
- perl-IO-CaptureOutput-1.1104-1.24 added
- perl-IP-Country-2.28-1.24 added
- perl-Importer-0.024-1.24 added
- perl-Lingua-Translit-0.28-1.19 added
- perl-Mock-Config-0.03-1.19 added
- perl-Module-Build-0.422400-1.24 added
- perl-Module-Build-Tiny-0.039-1.22 added
- perl-Module-Find-0.13-1.25 added
- perl-Module-Load-Conditional-0.68-1.25 added
- perl-Module-Pluggable-5.2-1.24 added
- perl-Net-CIDR-Lite-0.21-4.11 added
- perl-Net-DNS-Resolver-Programmable-0.009-1.20 added
- perl-Net-Ident-1.24-1.25 added
- perl-Net-SMTP-SSL-1.04-1.3.1 added
- perl-Net-SNMP-6.0.1-150000.3.4.1 added
- perl-Path-Class-0.37-1.23 added
- perl-Path-Tiny-0.104-1.22 added
- perl-Pod-Usage-1.69-1.25 added
- perl-RPC-XML-0.79-1.22 added
- perl-Readonly-2.05-1.22 added
- perl-SUPER-1.20141117-1.22 added
- perl-Scope-Guard-0.21-1.24 added
- perl-Spiffy-0.46-1.24 added
- perl-Sub-Info-0.002-1.22 added
- perl-Switch-2.17-3.2.1 added
- perl-Term-ProgressBar-2.21-1.21 added
- perl-Term-Table-0.012-1.17 added
- perl-Test-Base-0.88-1.22 added
- perl-Test-Deep-1.127-1.24 added
- perl-Test-Differences-0.64-1.22 added
- perl-Test-File-ShareDir-1.001002-1.22 added
- perl-Test-Inter-1.07-1.5 added
- perl-Test-MockModule-0.13-1.17 added
- perl-Test-Most-0.35-1.23 added
- perl-Test-Needs-0.002005-1.24 added
- perl-Test-NoWarnings-1.04-1.25 added
- perl-Test-Requires-0.10-1.24 added
- perl-Test-RequiresInternet-0.05-1.24 added
- perl-Test-Simple-1.302120-1.19 added
- perl-Test-Strict-0.40-1.16 added
- perl-Test-Warnings-0.030-3.3.1 added
- perl-Test-Without-Module-0.20-1.24 added
- perl-Test-YAML-1.06-1.23 added
- perl-Test2-Plugin-NoWarnings-0.06-1.22 added
- perl-Test2-Suite-0.000097-1.17 added
- perl-Text-Diff-1.45-1.20 added
- perl-Text-Unidecode-1.30-1.443 added
- perl-Text-WrapI18N-0.06-1.22 added
- perl-Text-Wrapper-1.05-1.24 added
- perl-Tie-IxHash-1.23-1.23 added
- perl-XML-DOM-1.45-1.23 added
- perl-XML-DOM-XPath-0.14-2.21 added
- perl-XML-Filter-BufferText-1.01-1.22 added
- perl-XML-Handler-YAWriter-0.23-1.23 added
- perl-XML-RegExp-0.04-1.24 added
- perl-XML-SAX-Writer-0.57-1.20 added
- perl-XML-XPathEngine-0.14-1.24 added
- perl-YAML-1.24-1.17 added
- perl-doc-5.26.1-150300.17.11.1 added
- plexus-archiver-4.2.1-150200.3.4.3 added
- plexus-build-api-0.0.7-150200.3.4.3 added
- plexus-cipher-2.0-150200.3.4.16 added
- plexus-classworlds-2.6.0-150200.3.4.3 added
- plexus-compiler-2.11.1-150200.3.4.3 added
- plexus-component-api-1.0~alpha15-150200.3.4.4 added
- plexus-component-metadata-2.1.1-150200.3.4.4 added
- plexus-containers-component-annotations-2.1.1-150200.3.4.4 added
- plexus-containers-container-default-2.1.1-150200.3.4.4 added
- plexus-i18n-1.0~beta10-150200.3.4.3 added
- plexus-interactivity-api-1.0~alpha6-150200.3.4.4 added
- plexus-interpolation-1.26-150200.3.4.4 added
- plexus-io-3.2.0-150200.3.4.3 added
- plexus-languages-1.1.1-150200.3.4.3 added
- plexus-sec-dispatcher-2.0-150200.3.4.3 added
- plexus-utils-3.3.1-150200.3.4.3 added
- plexus-velocity-1.2-150200.3.4.3 added
- post-build-checks-84.87+git20220325.f46ef3c-150500.1.1 added
- powertop-lang-2.15-150500.1.4 added
- python3-Sphinx-2.3.1-150400.1.7 added
- python3-bcc-0.26.0-150500.1.1 added
- python3-breathe-4.7.2-1.50 added
- python3-cached-property-1.5.2-150300.7.3.1 added
- python3-nose-1.3.7-7.4.1 added
- python3-osc-tiny-0.7.12-150400.10.3.2 added
- python3-pluggy-0.13.1-7.3.5 added
- python3-progressbar-2.3+hg20121105.3c94a3a1ebe1-1.17 added
- python3-pyfakefs-3.4.3-150400.10.6 added
- python3-tox-2.9.1-150400.13.4 added
- python3-virtualenv-16.1.0-1.13 added
- qdox-2.0.1-150200.3.4.4 added
- qml-autoreqprov-1.1-150400.1.4 added
- quilt-0.65-3.35 added
- reflectasm-1.11.0-150200.3.4.3 added
- relaxngDatatype-2011.1-150200.10.4.4 added
- rpmlint-1.10-150000.7.67.1 added
- rpmlint-Factory-1.0-3.19 added
- rust1.43-src-1.43.1-7.3.1 added
- saxon9-scripts-9.4.0.7-150200.12.4.3 added
- servletapi4-4.0.4-150000.5.8.2 added
- sisu-inject-0.3.5-150200.3.4.3 added
- sisu-plexus-0.3.5-150200.3.4.3 added
- snakeyaml-1.33-150200.3.12.4 added
- subversion-bash-completion-1.14.1-150400.3.8 added
- systemtap-docs-4.6-150400.1.7 added
- systemtap-dtrace-4.6-150400.1.4 added
- sysuser-tools-3.1-150400.1.35 added
- tesla-polyglot-common-0.4.5-150200.3.4.3 added
- tesla-polyglot-groovy-0.4.5-150200.3.4.4 added
- testng-7.4.0-150200.3.7.1 added
- update-desktop-files-84.87-1.16 added
- valgrind-client-headers-3.20.0-150500.2.1 added
- velocity-1.7-150200.3.7.3 added
- werken-xpath-0.9.4-150200.3.4.3 added
- ws-jaxme-0.5.2-150200.12.4.3 added
- xbean-4.20-150200.4.4.3 added
- xmlgraphics-batik-1.15-150200.4.4.3 added
- xmlgraphics-batik-css-1.15-150200.4.4.3 added
- xmlgraphics-commons-2.6-150200.3.4.3 added
- xmlgraphics-fop-2.7-150200.13.4.3 added
- xmvn-api-4.0.0-150200.3.14.3 added
- xmvn-bisect-3.1.0-1.102 added
- xmvn-connector-4.0.0-150200.5.3.3 added
- xmvn-connector-gradle-4.0.0~20220507.11a6169-150200.3.16.3 added
- xmvn-connector-ivy-4.0.0~20220302.6a60be3-150200.2.17.3 added
- xmvn-core-4.0.0-150200.3.14.3 added
- xmvn-install-4.0.0-150200.3.14.3 added
- xmvn-mojo-4.0.0-150200.3.7.8 added
- xmvn-resolve-4.0.0-150200.3.14.3 added
- xmvn-subst-4.0.0-150200.3.14.3 added
- xom-1.2b1-150200.12.4.4 added
- xpp2-2.1.10-150200.11.4.3 added
- xpp3-1.1.4c-150200.11.6.3 added
- xpp3-minimal-1.1.4c-150200.11.6.3 added
- xstream-1.4.20-150200.3.25.1 added
- xz-java-1.8-150200.3.4.3 added
- yast2-widget-demo-0.9.1-150400.1.10 added
- FastCGI-2.4.0-2.23 added
- FastCGI-devel-2.4.0-2.23 added
- Modules-3.2.10-1.29 added
- OpenCSD-1.0.0-1.4 added
- OpenCSD-devel-1.0.0-1.4 added
- aaa_base-malloccheck-84.87+git20180409.04c9dae-150300.10.3.1 added
- antlr-2.7.7-150200.18.7.5 added
- antlr-devel-2.7.7-150200.18.7.5 added
- autogen-5.18.12-3.3.1 added
- bcc-devel-0.26.0-150500.1.1 added
- bcc-tools-0.26.0-150500.1.1 added
- bdfresize-1.5-2.18 added
- bin86-0.16.21-1.28 added
- binutils-devel-32bit-2.39-150100.7.40.1 added
- bison-32bit-3.0.4-3.3.1 added
- blktrace-1.1.0+git.20170126-3.6.1 added
- bonnie-1.6-150400.1.5 added
- bpftrace-0.17.0-150500.1.2 added
- brp-check-suse-84.87+git20181106.224b37d-3.18.2 added
- bsdtar-3.5.1-150400.3.12.1 added
- cabextract-1.6-1.23 added
- cargo-1.69.0-150400.24.15.1 added
- cargo-auditable-0.5.2~0-150300.7.3.1 added
- cargo1.43-1.43.1-7.3.1 added
- cargo1.68-1.68.2-150400.9.10.2 added
- cargo1.69-1.69.0-150400.9.3.1 added
- cblas-devel-3.9.0-150000.4.13.2 added
- ccache-3.4.2-1.9 added
- check-devel-0.15.2-150400.1.6 added
- chrpath-0.16-1.25 added
- clang7-checker-7.0.1-150100.3.22.2 added
- coccinelle-1.1.0-150400.1.4 added
- compface-1.5.2-1.25 added
- compface-devel-1.5.2-1.25 added
- cpp11-11.3.0+git1637-150000.1.11.2 added
- cpp12-12.2.1+git416-150000.1.7.1 added
- cppunit-devel-1.14.0-2.17 added
- crash-7.3.1-150500.3.4 added
- crash-devel-7.3.1-150500.3.4 added
- crash-kmp-default-7.3.1_k5.14.21_150500.53-150500.3.4 added
- crash-trace-7.3.1-150500.3.4 added
- cross-nvptx-gcc12-12.2.1+git416-150000.1.7.1 added
- cross-nvptx-gcc7-7.5.0+r278197-4.30.1 added
- cross-nvptx-newlib11-devel-11.3.0+git1637-150000.1.11.1 added
- cross-nvptx-newlib12-devel-12.2.1+git416-150000.1.7.1 added
- cross-nvptx-newlib7-devel-7.5.0+r278197-4.30.1 added
- cscope-15.8b-1.16 added
- ctags-5.8-150000.3.3.1 added
- cunit-devel-2.1.3-1.28 added
- cunit-doc-2.1.3-1.28 added
- cups-ddk-2.2.7-150000.3.40.1 added
- cvs-1.12.13-150400.1.10 added
- cvsps-2.1-1.19 added
- dash-0.5.11.2-3.6.1 added
- dev86-0.16.21-1.28 added
- devhelp-41.2-150400.1.9 added
- devhelp-devel-41.2-150400.1.9 added
- diffstat-1.61-1.26 added
- docbook2x-0.8.8-2.20 added
- doxygen-1.8.14-3.3.1 added
- dpkg-1.19.0.4-150000.4.4.1 added
- dpkg-devel-1.19.0.4-150000.4.4.1 added
- dracut-kiwi-lib-9.24.43-150100.3.56.3 added
- dracut-kiwi-live-9.24.43-150100.3.56.3 added
- dracut-kiwi-oem-dump-9.24.43-150100.3.56.3 added
- dracut-kiwi-oem-repart-9.24.43-150100.3.56.3 added
- dracut-kiwi-overlay-9.24.43-150100.3.56.3 added
- dri2proto-devel-2.8-1.22 added
- dri3proto-devel-1.2-4.17 added
- dtc-1.6.1-150500.1.1 added
- dwz-0.12-150000.3.2.1 added
- emacs-plugin-devhelp-41.2-150400.1.9 added
- evtest-1.33-1.19 added
- fabtests-1.16.1-150500.2.2 added
- flatpak-builder-1.2.2-150400.1.9 added
- gcc-32bit-7-3.9.1 added
- gcc-PIE-7-3.9.1 added
- gcc-ada-7-3.9.1 added
- gcc-c++-32bit-7-3.9.1 added
- gcc-fortran-32bit-7-3.9.1 added
- gcc-info-7-3.9.1 added
- gcc-locale-7-3.9.1 added
- gcc-objc-7-3.9.1 added
- gcc11-11.3.0+git1637-150000.1.11.2 added
- gcc12-12.2.1+git416-150000.1.7.1 added
- gcc12-32bit-12.2.1+git416-150000.1.7.1 added
- gcc12-PIE-12.2.1+git416-150000.1.7.1 added
- gcc12-c++-12.2.1+git416-150000.1.7.1 added
- gcc12-c++-32bit-12.2.1+git416-150000.1.7.1 added
- gcc12-fortran-12.2.1+git416-150000.1.7.1 added
- gcc12-fortran-32bit-12.2.1+git416-150000.1.7.1 added
- gcc12-locale-12.2.1+git416-150000.1.7.1 added
- gcc7-32bit-7.5.0+r278197-4.30.1 added
- gcc7-ada-7.5.0+r278197-4.30.1 added
- gcc7-c++-32bit-7.5.0+r278197-4.30.1 added
- gcc7-fortran-32bit-7.5.0+r278197-4.30.1 added
- gcc7-locale-7.5.0+r278197-4.30.1 added
- gcc7-objc-7.5.0+r278197-4.30.1 added
- gdb-12.1-150400.15.9.1 added
- gdbm-devel-32bit-1.12-1.418 added
- gdbserver-12.1-150400.15.9.1 added
- gedit-plugin-devhelp-41.2-150400.1.9 added
- git-2.35.3-150300.10.27.1 added
- git-arch-2.35.3-150300.10.27.1 added
- git-cvs-2.35.3-150300.10.27.1 added
- git-daemon-2.35.3-150300.10.27.1 added
- git-email-2.35.3-150300.10.27.1 added
- git-gui-2.35.3-150300.10.27.1 added
- git-svn-2.35.3-150300.10.27.1 added
- git-web-2.35.3-150300.10.27.1 added
- gitk-2.35.3-150300.10.27.1 added
- glade-3.38.2-150400.2.8 added
- glade-catalog-gtksourceview-3.24.11-150400.10.11 added
- glade-catalog-libpeas-1.32.0-150400.4.3.2 added
- glade-docs-3.38.2-150400.2.8 added
- glibc-devel-32bit-2.31-150300.46.1 added
- glibc-devel-static-2.31-150300.46.1 added
- glibc-utils-2.31-150300.46.1 added
- glm-devel-0.9.9.8-150000.3.6.1 added
- glproto-devel-1.4.17-1.22 added
- gmp-devel-32bit-6.1.2-4.9.1 added
- gnome-builder-41.3-150400.1.10 added
- gnu-efi-3.0.13-1.1 added
- go-1.19-150000.3.26.1 added
- go1.19-1.19.9-150000.1.31.1 added
- go1.19-doc-1.19.9-150000.1.31.1 added
- go1.19-race-1.19.9-150000.1.31.1 added
- go1.20-1.20.4-150000.1.11.1 added
- go1.20-doc-1.20.4-150000.1.11.1 added
- go1.20-race-1.20.4-150000.1.11.1 added
- gperf-3.1-1.27 added
- gperftools-2.5-4.12 added
- gperftools-devel-2.5-4.12 added
- gradle-4.4.1-150200.3.10.1 added
- graphviz-perl-2.48.0-150400.1.8 added
- gts-0.7.6_p20121130-1.32 added
- gts-devel-0.7.6_p20121130-1.32 added
- guile-2.0.14-5.3.1 added
- guile-devel-2.0.14-5.3.1 added
- guile-modules-2_0-2.0.14-5.3.1 added
- help2man-1.47.5-1.141 added
- indent-2.2.11-150000.3.3.1 added
- intel-gpu-tools-1.24-150400.1.4 added
- intel-opencl-21.39.21127-150500.5.3 added
- intel-opencl-devel-21.39.21127-150500.5.3 added
- jansi-2.4.0-150200.3.4.4 added
- jemalloc-5.0.1-1.25 added
- jeos-licenses-3.0-4.84 added
- jline1-1.0-150200.3.4.4 added
- jsoncpp-devel-1.8.4-1.17 added
- kernel-install-tools-0.3.0-150400.1.4 added
- kernel-obs-build-5.14.21-150500.53.2 added
- kernel-syms-5.14.21-150500.53.1 added
- kernelshark-2.6.1-2.37 added
- kiwi-boot-descriptions-1.2.0-2.51 added
- kiwi-man-pages-9.24.43-150100.3.56.3 added
- kiwi-pxeboot-9.24.43-150100.3.56.3 added
- kiwi-systemdeps-9.24.43-150100.3.56.3 added
- kiwi-systemdeps-bootloaders-9.24.43-150100.3.56.3 added
- kiwi-systemdeps-containers-9.24.43-150100.3.56.3 added
- kiwi-systemdeps-core-9.24.43-150100.3.56.3 added
- kiwi-systemdeps-disk-images-9.24.43-150100.3.56.3 added
- kiwi-systemdeps-filesystems-9.24.43-150100.3.56.3 added
- kiwi-systemdeps-image-validation-9.24.43-150100.3.56.3 added
- kiwi-systemdeps-iso-media-9.24.43-150100.3.56.3 added
- kiwi-tools-9.24.43-150100.3.56.3 added
- lapacke-devel-3.9.0-150000.4.13.2 added
- libada7-7.5.0+r278197-4.30.1 added
- libaio-devel-32bit-0.3.109-1.25 added
- libaio1-32bit-0.3.109-1.25 added
- libappindicator3-devel-12.10.1+bzr20170215-150200.3.3.1 added
- libasan4-32bit-7.5.0+r278197-4.30.1 added
- libasan6-11.3.0+git1637-150000.1.11.2 added
- libbcc0-0.26.0-150500.1.1 added
- libcblas3-3.9.0-150000.4.13.2 added
- libcbor-devel-0.10.1-150500.1.1 added
- libcilkrts5-32bit-7.5.0+r278197-4.30.1 added
- libclang-cpp15-15.0.7-150500.2.11 added
- libclang13-15.0.7-150500.2.11 added
- libcmark0_30_2-0.30.2-150400.3.3.1 added
- libcmocka-devel-1.1.5-150400.3.2.3 added
- libcmocka0-1.1.5-150400.3.2.3 added
- libcppunit-1_14-0-1.14.0-2.17 added
- libcunit1-2.1.3-1.28 added
- libdbusmenu-glib-devel-16.04.0-1.12 added
- libdbusmenu-gtk3-devel-16.04.0-1.13 added
- libfcgi0-2.4.0-2.23 added
- libgit2-1_3-1.3.0-150400.3.6.1 added
- libgit2-devel-1.3.0-150400.3.6.1 added
- libgit2-glib-1_0-0-1.0.0.1-150400.1.7 added
- libgladeui-2-13-3.38.2-150400.2.8 added
- libgladeui-2-devel-3.38.2-150400.2.8 added
- libgmpxx4-32bit-6.1.2-4.9.1 added
- libgpiod-devel-1.4.3-1.5 added
- libgpiodcxx1-1.4.3-1.5 added
- libguile-2_0-22-2.0.14-5.3.1 added
- libguilereadline-v-18-18-2.0.14-5.3.1 added
- libiterm-devel-0.5.20040304-150000.5.6.1 added
- libjavascriptcoregtk-5_0-0-2.38.6-150400.4.39.1 added
- libjsonrpc-glib-1_0-1-3.40.0-150400.1.9 added
- libjsonrpc_glib-1_0-0-3.26.1-1.31 added
- liblapacke3-3.9.0-150000.4.13.2 added
- libmd-devel-1.0.0-1.16 added
- libmd0-1.0.0-1.16 added
- libmpx2-32bit-8.2.1+r264010-150000.1.6.4 added
- libmpxwrappers2-32bit-8.2.1+r264010-150000.1.6.4 added
- libopagent1-1.3.0-150100.8.3.1 added
- libopagent1-32bit-1.3.0-150100.8.3.1 added
- libopamgt-devel-10.11.1.3.1-150500.1.5 added
- libopamgt0-10.11.1.3.1-150500.1.5 added
- libopencsd1-1.0.0-1.4 added
- libopencsd_c_api1-1.0.0-1.4 added
- libpapi-7.0.0-150500.1.1 added
- libpcp-devel-5.2.5-150400.5.3.11 added
- libpcp3-5.2.5-150400.5.3.11 added
- libpcp_gui2-5.2.5-150400.5.3.11 added
- libpcp_import1-5.2.5-150400.5.3.11 added
- libpcp_mmv1-5.2.5-150400.5.3.11 added
- libpcp_trace2-5.2.5-150400.5.3.11 added
- libpcp_web1-5.2.5-150400.5.3.11 added
- libpfm-devel-static-4.12.0-150500.1.1 added
- libprofiler0-2.5-4.12 added
- libprotoc20-3.9.2-150200.4.19.2 added
- libpsm2-compat-11.2.230-150500.1.2 added
- libqt5-qdbus-5.15.8+kde1-150500.1.4 added
- libqt5-qtpaths-5.15.8+kde1-150500.1.4 added
- libqt5-qttools-5.15.8+kde1-150500.1.4 added
- libreadline-java-0.8.0-150000.6.8.2 added
- libsource-highlight-devel-3.1.8-150000.3.4.1 added
- libsource-highlight4-3.1.8-150000.3.4.1 added
- libstdc++-devel-32bit-7-3.9.1 added
- libstdc++6-devel-gcc12-32bit-12.2.1+git416-150000.1.7.1 added
- libstdc++6-devel-gcc7-32bit-7.5.0+r278197-4.30.1 added
- libstorage-ng-utils-4.5.101-150500.1.1 added
- libtdsodbc0-1.1.36-150400.12.3 added
- libtemplate_glib-1_0-0-3.34.0-1.56 added
- libtidy-devel-5.4.0-3.2.1 added
- libtidyp-1_04-0-1.04-1.29 added
- libtidyp-devel-1.04-1.29 added
- libtool-32bit-2.4.6-3.4.1 added
- libubsan0-32bit-7.5.0+r278197-4.30.1 added
- libucpp13-1.3.4-150000.3.6.1 added
- liburing-devel-0.6-2.1 added
- liburing2-devel-2.1-150400.2.4 added
- libvala-0_38-0-0.38.8-1.16 added
- libvala-0_38-devel-0.38.8-1.16 added
- libvala-0_54-0-0.54.8-150400.3.3.1 added
- libwebkit2gtk-5_0-0-2.38.6-150400.4.39.1 added
- libxcrypt-devel-static-4.4.15-150300.4.4.3 added
- libxcvt-devel-0.1.2-150500.1.2 added
- libyui-ncurses-rest-api-devel-4.5.2-150500.1.1 added
- libyui-ncurses-rest-api16-4.5.2-150500.1.1 added
- libyui-qt-rest-api-devel-4.5.2-150500.1.1 added
- libyui-qt-rest-api16-4.5.2-150500.1.1 added
- libyui-rest-api-devel-4.5.2-150500.1.1 added
- libyui-rest-api16-4.5.2-150500.1.1 added
- linuxrc-7.0.32.4-150500.1.1 added
- ltrace-0.7.91-150500.18.1 added
- ltrace-32bit-0.7.91-150500.18.1 added
- lttng-modules-2.13.7-150500.3.27 added
- lttng-modules-kmp-default-2.13.7_k5.14.21_150500.53-150500.3.27 added
- lttng-tools-2.12.2-1.30 added
- lttng-tools-devel-2.12.2-1.30 added
- lttng-ust-doc-2.12.0-1.30 added
- makeinfo-6.5-4.17 added
- maven-3.8.6-150200.4.9.8 added
- maven-lib-3.8.6-150200.4.9.8 added
- mksusecd-2.10-150500.1.1 added
- nasm-2.15.05-150500.1.2 added
- native-platform-0.14-150200.3.4.21 added
- ncurses-devel-32bit-6.1-150000.5.15.1 added
- netty-tcnative-2.0.59-150200.3.10.1 added
- ninja-1.10.0-1.24 added
- nvptx-tools-1.0-150000.4.6.1 added
- ocaml-4.05.0-13.5 added
- ocaml-compiler-libs-4.05.0-13.5 added
- ocaml-compiler-libs-devel-4.05.0-13.5 added
- ocaml-findlib-1.8.1-1.18 added
- ocaml-findlib-devel-1.8.1-1.18 added
- ocaml-hivex-1.3.21-150400.2.10 added
- ocaml-hivex-devel-1.3.21-150400.2.10 added
- ocaml-ocamldoc-4.05.0-13.5 added
- ocaml-rpm-macros-20211027-150400.1.4 added
- ocaml-runtime-4.05.0-13.5 added
- openldap2-devel-32bit-2.4.46-150200.14.11.2 added
- oprofile-1.3.0-150100.8.3.1 added
- oprofile-32bit-1.3.0-150100.8.3.1 added
- oprofile-devel-1.3.0-150100.8.3.1 added
- pam-devel-32bit-1.3.0-150000.6.61.1 added
- papi-7.0.0-150500.1.1 added
- papi-devel-7.0.0-150500.1.1 added
- patchutils-0.3.4-1.29 added
- patterns-devel-base-devel_basis-20170319-6.17 added
- patterns-devel-base-devel_basis-32bit-20170319-6.17 added
- patterns-devel-base-devel_kernel-20170319-6.17 added
- patterns-devel-base-devel_kernel-32bit-20170319-6.17 added
- patterns-yast-devel_yast-20220411-150400.1.4 added
- pcp-5.2.5-150400.5.3.11 added
- pcp-conf-5.2.5-150400.5.3.11 added
- pcp-devel-5.2.5-150400.5.3.11 added
- pcp-import-iostat2pcp-5.2.5-150400.5.3.11 added
- pcp-import-mrtg2pcp-5.2.5-150400.5.3.11 added
- pcp-import-sar2pcp-5.2.5-150400.5.3.11 added
- pcp-system-tools-5.2.5-150400.5.3.11 added
- perf-5.14.21-150500.50.44 added
- perf-devel-5.14.21-150500.50.44 added
- perftest-4.5-150500.6.2 added
- perl-BSD-Resource-1.2911-1.26 added
- perl-BerkeleyDB-0.55-1.29 added
- perl-Bootloader-YAML-0.939-150400.3.3.1 added
- perl-Class-MethodMaker-2.24-1.27 added
- perl-Convert-UUlib-1.4-1.32 added
- perl-Crypt-DES-2.07-150000.3.4.1 added
- perl-Crypt-Rijndael-1.13-150000.3.4.1 added
- perl-Crypt-SSLeay-0.72-150000.5.5.1 added
- perl-DBD-Pg-3.10.4-150200.3.3.1 added
- perl-DNS-LDNS-1.7.0-150000.4.8.1 added
- perl-Devel-CheckLib-1.11-1.17 added
- perl-Devel-Cover-1.29-1.17 added
- perl-FastCGI-2.4.0-2.23 added
- perl-Git-2.35.3-150300.10.27.1 added
- perl-HTML-Tidy-1.60-1.19 added
- perl-IO-String-1.08-152.24 added
- perl-IO-Tty-1.12-1.28 added
- perl-Linux-Pid-0.04-1.27 added
- perl-Mail-SpamAssassin-Plugin-iXhash2-2.05-12.13.1 added
- perl-Net-Libproxy-0.4.17-150400.1.21 added
- perl-Net-Oping-1.9.0-1.36 added
- perl-Net-Patricia-1.22-1.11 added
- perl-PCP-LogImport-5.2.5-150400.5.3.11 added
- perl-PCP-LogSummary-5.2.5-150400.5.3.11 added
- perl-PCP-MMV-5.2.5-150400.5.3.11 added
- perl-PCP-PMDA-5.2.5-150400.5.3.11 added
- perl-PerlMagick-7.1.0.9-150400.6.18.1 added
- perl-Readonly-XS-1.05-7.23 added
- perl-SGMLS-1.03ii-1.25 added
- perl-Scalar-List-Utils-1.49-1.23 added
- perl-Test-LeakTrace-0.16-1.26 added
- perl-Text-CSV_XS-1.34-1.19 added
- perl-Text-CharWidth-0.04-83.27 added
- perl-Tk-devel-804.034-3.3.1 added
- perl-XML-Bare-0.53-1.28 added
- perl-XML-Structured-1.2-1.25 added
- perl-XML-Writer-String-0.1-1.24 added
- perl-YAML-LibYAML-0.69-150000.3.5.1 added
- perl-apparmor-3.0.4-150500.9.3 added
- perl-libxml-perl-0.08-1.25 added
- perl-solv-0.7.23-150400.3.3.1 added
- policycoreutils-devel-3.1-150400.1.5 added
- powertop-2.15-150500.1.4 added
- presentproto-devel-1.2-4.17 added
- protobuf-devel-3.9.2-150200.4.19.2 added
- pv-1.6.6-3.4.1 added
- python3-capng-0.7.9-4.22 added
- python3-coverage-4.5.4-150000.3.3.2 added
- python3-gpiod-1.4.3-1.5 added
- python3-kiwi-9.24.43-150100.3.56.3 added
- python3-magic-5.32-150000.7.16.1 added
- python3-pcp-5.2.5-150400.5.3.11 added
- python3-python-prctl-1.7-2.15 added
- python3-tools-3.6.15-150300.10.45.1 added
- python3-ujson-1.35-150100.3.8.1 added
- rcs-5.9.4-1.27 added
- resourceproto-devel-1.2.0-1.22 added
- rls1.43-1.43.1-7.3.1 added
- rpcsvc-proto-devel-1.4.2-1.46 added
- rpm-build-4.14.3-150300.55.1 added
- rpmlint-mini-1.10-150400.23.10.2 added
- ruby2.5-rubygem-asciidoctor-2.0.10-1.22 added
- ruby2.5-rubygem-diff-lcs-1.3-1.30 added
- ruby2.5-rubygem-packaging_rake_tasks-1.4.3-1.21 added
- ruby2.5-rubygem-parallel-1.12.1-1.40 added
- ruby2.5-rubygem-parallel_tests-2.21.3-1.40 added
- ruby2.5-rubygem-rspec-3.10.0-150400.1.5 added
- ruby2.5-rubygem-rspec-core-3.10.1-150400.1.5 added
- ruby2.5-rubygem-rspec-expectations-3.10.1-150400.1.6 added
- ruby2.5-rubygem-rspec-mocks-3.10.2-150400.1.5 added
- ruby2.5-rubygem-rspec-support-3.10.2-150400.1.5 added
- ruby2.5-rubygem-yast-rake-0.2.45-150400.1.4 added
- rust-1.69.0-150400.24.15.1 added
- rust1.43-1.43.1-7.3.1 added
- rust1.43-analysis-1.43.1-7.3.1 added
- rust1.43-doc-1.43.1-7.3.1 added
- rust1.43-gdb-1.43.1-7.3.1 added
- rust1.68-1.68.2-150400.9.10.2 added
- rust1.69-1.69.0-150400.9.3.1 added
- rustup-1.24.3~git1.0a74fef5-150400.3.4.1 added
- sccache-0.2.15~git0.6b6d2f7-150400.1.49 added
- sle-module-development-tools-release-15.5-150500.43.2 added
- strace-5.14-150400.1.7 added
- subversion-perl-1.14.1-150400.3.8 added
- subversion-python-1.14.1-150400.3.8 added
- subversion-tools-1.14.1-150400.3.8 added
- swig-3.0.12-4.18 added
- sysprof-3.42.1-150400.2.6 added
- sysprof-devel-3.42.1-150400.2.6 added
- sysprof-ui-3.42.1-150400.2.7 added
- systemtap-4.6-150400.1.7 added
- systemtap-headers-4.6-150400.1.4 added
- systemtap-runtime-4.6-150400.1.7 added
- systemtap-sdt-devel-4.6-150400.1.7 added
- systemtap-server-4.6-150400.1.7 added
- texinfo-6.5-4.17 added
- tidy-5.4.0-3.2.1 added
- trace-cmd-2.6.1-2.37 added
- typelib-1_0-Dbusmenu-0_4-16.04.0-1.12 added
- typelib-1_0-DbusmenuGtk3-0_4-16.04.0-1.13 added
- typelib-1_0-Devhelp-3_0-41.2-150400.1.9 added
- typelib-1_0-Ggit-1_0-1.0.0.1-150400.1.7 added
- typelib-1_0-Gladeui-2_0-3.38.2-150400.2.8 added
- typelib-1_0-JavaScriptCore-5_0-2.38.6-150400.4.39.1 added
- typelib-1_0-Jsonrpc-1.0-3.26.1-1.31 added
- typelib-1_0-Jsonrpc-1_0-3.40.0-150400.1.9 added
- typelib-1_0-Template-1_0-3.34.0-1.56 added
- typelib-1_0-WebKit2-5_0-2.38.6-150400.4.39.1 added
- ucpp-1.3.4-150000.3.6.1 added
- util-macros-devel-1.19.1-1.22 added
- vala-0.54.8-150400.3.3.1 added
- valgrind-3.20.0-150500.2.1 added
- valgrind-devel-3.20.0-150500.2.1 added
- vim-plugin-devhelp-41.2-150400.1.9 added
- webkit2gtk-5_0-injected-bundles-2.38.6-150400.4.39.1 added
- xf86driproto-devel-2.1.1-1.22 added
- xmlto-0.0.26-1.24 added
- xmvn-4.0.0-150200.3.7.1 added
- xmvn-minimal-4.0.0-150200.3.7.1 added
- xorg-x11-server-sdk-21.1.4-150500.5.1 added
- yasm-1.3.0-2.21 added
- yasm-devel-1.3.0-2.21 added
- zlib-devel-32bit-1.2.13-150500.2.3 added
- gnu-compilers-hpc-1.4-150100.3.19.2 added
- gnu-compilers-hpc-devel-1.4-150100.3.19.2 added
- gnu-compilers-hpc-macros-devel-1.4-150100.3.19.2 added
- gnu12-compilers-hpc-1.4-150100.3.19.2 added
- gnu12-compilers-hpc-devel-1.4-150100.3.19.2 added
- gnu12-compilers-hpc-macros-devel-1.4-150100.3.19.2 added
- hdf5-gnu-hpc-1.10.8-150400.3.9.2 added
- hdf5-gnu-hpc-devel-1.10.8-150400.3.9.2 added
- hdf5-gnu-mpich-hpc-1.10.8-150400.3.9.3 added
- hdf5-gnu-mpich-hpc-devel-1.10.8-150400.3.9.3 added
- hdf5-gnu-mvapich2-hpc-1.10.8-150400.3.9.3 added
- hdf5-gnu-mvapich2-hpc-devel-1.10.8-150400.3.9.3 added
- hdf5-gnu-openmpi3-hpc-1.10.8-150400.3.9.3 added
- hdf5-gnu-openmpi3-hpc-devel-1.10.8-150400.3.9.3 added
- hdf5-gnu-openmpi4-hpc-1.10.8-150400.3.9.3 added
- hdf5-gnu-openmpi4-hpc-devel-1.10.8-150400.3.9.3 added
- hdf5-hpc-examples-1.10.8-150400.3.9.2 added
- hwloc-doc-2.5.0-150400.3.3.1 added
- imb-gnu-mpich-hpc-2021.3-150400.3.3.1 added
- imb-gnu-mvapich2-hpc-2021.3-150400.3.3.1 added
- imb-gnu-openmpi3-hpc-2021.3-150400.3.3.1 added
- imb-gnu-openmpi4-hpc-2021.3-150400.3.3.1 added
- lua-lmod-doc-8.7.17-150500.2.1 added
- luaposix-doc-34.1.1-3.2.3 added
- mpiP-gnu-mpich-hpc-3.5-1.39 added
- mpiP-gnu-mpich-hpc-devel-3.5-1.39 added
- mpiP-gnu-mpich-hpc-doc-3.5-1.39 added
- mpiP-gnu-mvapich2-hpc-3.5-1.192 added
- mpiP-gnu-mvapich2-hpc-devel-3.5-1.192 added
- mpiP-gnu-mvapich2-hpc-doc-3.5-1.192 added
- mpiP-gnu-openmpi3-hpc-3.5-1.53 added
- mpiP-gnu-openmpi3-hpc-devel-3.5-1.53 added
- mpiP-gnu-openmpi3-hpc-doc-3.5-1.53 added
- mpiP-gnu-openmpi4-hpc-3.5-1.51 added
- mpiP-gnu-openmpi4-hpc-devel-3.5-1.51 added
- mpiP-gnu-openmpi4-hpc-doc-3.5-1.51 added
- mpich-gnu-hpc-macros-devel-4.0.2-150500.1.2 added
- mvapich2-gnu-hpc-doc-2.3.7-150500.1.37 added
- mvapich2-gnu-hpc-macros-devel-2.3.7-150500.1.37 added
- mvapich2-psm-gnu-hpc-doc-2.3.7-150500.1.31 added
- mvapich2-psm-gnu-hpc-macros-devel-2.3.7-150500.1.31 added
- mvapich2-psm2-gnu-hpc-doc-2.3.7-150500.1.31 added
- mvapich2-psm2-gnu-hpc-macros-devel-2.3.7-150500.1.31 added
- openmpi3-gnu-hpc-devel-3.1.6-150500.12.4 added
- openmpi3-gnu-hpc-docs-3.1.6-150500.12.4 added
- openmpi3-gnu-hpc-macros-devel-3.1.6-150500.12.4 added
- openmpi4-gnu-hpc-devel-4.1.4-150500.1.7 added
- openmpi4-gnu-hpc-docs-4.1.4-150500.1.7 added
- openmpi4-gnu-hpc-macros-devel-4.1.4-150500.1.7 added
- papi-hpc-7.0.0-150500.1.1 added
- pmix-headers-3.2.3-150300.3.5.1 added
- pmix-mca-params-3.2.3-150300.3.5.1 added
- prun-ohpc-1.0-1.20 added
- release-notes-sle_hpc-15.500000000.20230412-150500.1.8 added
- slurm-config-23.02.0-150500.3.2 added
- slurm-config-man-23.02.0-150500.3.2 added
- slurm-doc-23.02.0-150500.3.2 added
- slurm-webdoc-23.02.0-150500.3.2 added
- spack-0.19.1-150400.12.5.1 added
- spack-info-0.19.1-150400.12.5.3 added
- spack-man-0.19.1-150400.12.5.3 added
- spack-recipes-0.19.1-150400.12.5.1 added
- warewulf4-ipxe-4.4.0-150500.4.6 added
- clingo-5.5.0-150400.2.5 added
- clustduct-0.0.6-1.5 added
- conman-0.3.1-150500.1.2 added
- dolly-0.64.2-150500.1.2 added
- eth-basic-tools-11.3.0.0-150500.1.3 added
- eth-fastfabric-11.3.0.0-150500.1.3 added
- genders-1.27.3-150400.8.7 added
- genders-base-1.27.3-150400.8.7 added
- genders-devel-1.27.3-150400.8.7 added
- genders-perl-compat-1.27.3-150400.8.7 added
- golang-github-vpenso-prometheus_slurm_exporter-0.19-3.3.1 added
- hdf5_1_10_8-gnu-hpc-1.10.8-150400.3.9.2 added
- hdf5_1_10_8-gnu-hpc-devel-1.10.8-150400.3.9.2 added
- hdf5_1_10_8-gnu-hpc-devel-static-1.10.8-150400.3.9.2 added
- hdf5_1_10_8-gnu-hpc-module-1.10.8-150400.3.9.2 added
- hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150400.3.9.3 added
- hdf5_1_10_8-gnu-mpich-hpc-devel-1.10.8-150400.3.9.3 added
- hdf5_1_10_8-gnu-mpich-hpc-devel-static-1.10.8-150400.3.9.3 added
- hdf5_1_10_8-gnu-mpich-hpc-module-1.10.8-150400.3.9.3 added
- hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150400.3.9.3 added
- hdf5_1_10_8-gnu-mvapich2-hpc-devel-1.10.8-150400.3.9.3 added
- hdf5_1_10_8-gnu-mvapich2-hpc-devel-static-1.10.8-150400.3.9.3 added
- hdf5_1_10_8-gnu-mvapich2-hpc-module-1.10.8-150400.3.9.3 added
- hdf5_1_10_8-gnu-openmpi3-hpc-1.10.8-150400.3.9.3 added
- hdf5_1_10_8-gnu-openmpi3-hpc-devel-1.10.8-150400.3.9.3 added
- hdf5_1_10_8-gnu-openmpi3-hpc-devel-static-1.10.8-150400.3.9.3 added
- hdf5_1_10_8-gnu-openmpi3-hpc-module-1.10.8-150400.3.9.3 added
- hdf5_1_10_8-gnu-openmpi4-hpc-1.10.8-150400.3.9.3 added
- hdf5_1_10_8-gnu-openmpi4-hpc-devel-1.10.8-150400.3.9.3 added
- hdf5_1_10_8-gnu-openmpi4-hpc-devel-static-1.10.8-150400.3.9.3 added
- hdf5_1_10_8-gnu-openmpi4-hpc-module-1.10.8-150400.3.9.3 added
- hdf5_1_10_8-hpc-examples-1.10.8-150400.3.9.2 added
- hwloc-2.5.0-150400.3.3.1 added
- hwloc-devel-2.5.0-150400.3.3.1 added
- imb_2021_3-gnu-mpich-hpc-2021.3-150400.3.3.1 added
- imb_2021_3-gnu-mvapich2-hpc-2021.3-150400.3.3.1 added
- imb_2021_3-gnu-openmpi3-hpc-2021.3-150400.3.3.1 added
- imb_2021_3-gnu-openmpi4-hpc-2021.3-150400.3.3.1 added
- ipxe-bootimgs-1.21.1+git20230120.a99e435c-150500.1.1 added
- libclingo4-5.5.0-150400.2.5 added
- libgenders0-1.27.3-150400.8.7 added
- libgendersplusplus2-1.27.3-150400.8.7 added
- libhdf5-gnu-hpc-1.10.8-150400.3.9.2 added
- libhdf5-gnu-mpich-hpc-1.10.8-150400.3.9.3 added
- libhdf5-gnu-mvapich2-hpc-1.10.8-150400.3.9.3 added
- libhdf5-gnu-openmpi3-hpc-1.10.8-150400.3.9.3 added
- libhdf5-gnu-openmpi4-hpc-1.10.8-150400.3.9.3 added
- libhdf5_1_10_8-gnu-hpc-1.10.8-150400.3.9.2 added
- libhdf5_1_10_8-gnu-mpich-hpc-1.10.8-150400.3.9.3 added
- libhdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150400.3.9.3 added
- libhdf5_1_10_8-gnu-openmpi3-hpc-1.10.8-150400.3.9.3 added
- libhdf5_1_10_8-gnu-openmpi4-hpc-1.10.8-150400.3.9.3 added
- libhdf5_cpp-gnu-hpc-1.10.8-150400.3.9.2 added
- libhdf5_cpp-gnu-mpich-hpc-1.10.8-150400.3.9.3 added
- libhdf5_cpp-gnu-mvapich2-hpc-1.10.8-150400.3.9.3 added
- libhdf5_cpp-gnu-openmpi3-hpc-1.10.8-150400.3.9.3 added
- libhdf5_cpp-gnu-openmpi4-hpc-1.10.8-150400.3.9.3 added
- libhdf5_cpp_1_10_8-gnu-hpc-1.10.8-150400.3.9.2 added
- libhdf5_cpp_1_10_8-gnu-mpich-hpc-1.10.8-150400.3.9.3 added
- libhdf5_cpp_1_10_8-gnu-mvapich2-hpc-1.10.8-150400.3.9.3 added
- libhdf5_cpp_1_10_8-gnu-openmpi3-hpc-1.10.8-150400.3.9.3 added
- libhdf5_cpp_1_10_8-gnu-openmpi4-hpc-1.10.8-150400.3.9.3 added
- libhdf5_fortran-gnu-hpc-1.10.8-150400.3.9.2 added
- libhdf5_fortran-gnu-mpich-hpc-1.10.8-150400.3.9.3 added
- libhdf5_fortran-gnu-mvapich2-hpc-1.10.8-150400.3.9.3 added
- libhdf5_fortran-gnu-openmpi3-hpc-1.10.8-150400.3.9.3 added
- libhdf5_fortran-gnu-openmpi4-hpc-1.10.8-150400.3.9.3 added
- libhdf5_fortran_1_10_8-gnu-hpc-1.10.8-150400.3.9.2 added
- libhdf5_fortran_1_10_8-gnu-mpich-hpc-1.10.8-150400.3.9.3 added
- libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-1.10.8-150400.3.9.3 added
- libhdf5_fortran_1_10_8-gnu-openmpi3-hpc-1.10.8-150400.3.9.3 added
- libhdf5_fortran_1_10_8-gnu-openmpi4-hpc-1.10.8-150400.3.9.3 added
- libhdf5_hl-gnu-hpc-1.10.8-150400.3.9.2 added
- libhdf5_hl-gnu-mpich-hpc-1.10.8-150400.3.9.3 added
- libhdf5_hl-gnu-mvapich2-hpc-1.10.8-150400.3.9.3 added
- libhdf5_hl-gnu-openmpi3-hpc-1.10.8-150400.3.9.3 added
- libhdf5_hl-gnu-openmpi4-hpc-1.10.8-150400.3.9.3 added
- libhdf5_hl_1_10_8-gnu-hpc-1.10.8-150400.3.9.2 added
- libhdf5_hl_1_10_8-gnu-mpich-hpc-1.10.8-150400.3.9.3 added
- libhdf5_hl_1_10_8-gnu-mvapich2-hpc-1.10.8-150400.3.9.3 added
- libhdf5_hl_1_10_8-gnu-openmpi3-hpc-1.10.8-150400.3.9.3 added
- libhdf5_hl_1_10_8-gnu-openmpi4-hpc-1.10.8-150400.3.9.3 added
- libhdf5_hl_cpp-gnu-hpc-1.10.8-150400.3.9.2 added
- libhdf5_hl_cpp-gnu-mpich-hpc-1.10.8-150400.3.9.3 added
- libhdf5_hl_cpp-gnu-mvapich2-hpc-1.10.8-150400.3.9.3 added
- libhdf5_hl_cpp-gnu-openmpi3-hpc-1.10.8-150400.3.9.3 added
- libhdf5_hl_cpp-gnu-openmpi4-hpc-1.10.8-150400.3.9.3 added
- libhdf5_hl_cpp_1_10_8-gnu-hpc-1.10.8-150400.3.9.2 added
- libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc-1.10.8-150400.3.9.3 added
- libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc-1.10.8-150400.3.9.3 added
- libhdf5_hl_cpp_1_10_8-gnu-openmpi3-hpc-1.10.8-150400.3.9.3 added
- libhdf5_hl_cpp_1_10_8-gnu-openmpi4-hpc-1.10.8-150400.3.9.3 added
- libhdf5_hl_fortran-gnu-hpc-1.10.8-150400.3.9.2 added
- libhdf5_hl_fortran-gnu-mpich-hpc-1.10.8-150400.3.9.3 added
- libhdf5_hl_fortran-gnu-mvapich2-hpc-1.10.8-150400.3.9.3 added
- libhdf5_hl_fortran-gnu-openmpi3-hpc-1.10.8-150400.3.9.3 added
- libhdf5_hl_fortran-gnu-openmpi4-hpc-1.10.8-150400.3.9.3 added
- libhdf5hl_fortran_1_10_8-gnu-hpc-1.10.8-150400.3.9.2 added
- libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-1.10.8-150400.3.9.3 added
- libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-1.10.8-150400.3.9.3 added
- libhdf5hl_fortran_1_10_8-gnu-openmpi3-hpc-1.10.8-150400.3.9.3 added
- libhdf5hl_fortran_1_10_8-gnu-openmpi4-hpc-1.10.8-150400.3.9.3 added
- libhttp_parser2_7_1-2.7.1-4.2.2 added
- libmca_common_dstore1-3.2.3-150300.3.5.1 added
- libmunge2-0.5.15-150400.18.3.6 added
- libnss_slurm2-23.02.0-150500.3.2 added
- libopenblas-gnu-hpc-0.3.21-150500.2.1 added
- libopenblas-gnu-hpc-devel-0.3.21-150500.2.1 added
- libopenblas-gnu12-hpc-0.3.21-150500.2.1 added
- libopenblas-gnu12-hpc-devel-0.3.21-150500.2.1 added
- libopenblas-pthreads-gnu-hpc-0.3.21-150500.2.1 added
- libopenblas-pthreads-gnu-hpc-devel-0.3.21-150500.2.1 added
- libopenblas-pthreads-gnu12-hpc-0.3.21-150500.2.1 added
- libopenblas-pthreads-gnu12-hpc-devel-0.3.21-150500.2.1 added
- libopenblas-pthreads_0_3_21-gnu-hpc-0.3.21-150500.2.1 added
- libopenblas-pthreads_0_3_21-gnu-hpc-devel-0.3.21-150500.2.1 added
- libopenblas-pthreads_0_3_21-gnu12-hpc-0.3.21-150500.2.1 added
- libopenblas-pthreads_0_3_21-gnu12-hpc-devel-0.3.21-150500.2.1 added
- libopenblas_0_3_21-gnu-hpc-0.3.21-150500.2.1 added
- libopenblas_0_3_21-gnu-hpc-devel-0.3.21-150500.2.1 added
- libopenblas_0_3_21-gnu12-hpc-0.3.21-150500.2.1 added
- libopenblas_0_3_21-gnu12-hpc-devel-0.3.21-150500.2.1 added
- libopenmpi3-gnu-hpc-3.1.6-150500.12.4 added
- libopenmpi4-gnu-hpc-4.1.4-150500.1.7 added
- libopenmpi_3_1_6-gnu-hpc-3.1.6-150500.12.4 added
- libopenmpi_4_1_4-gnu-hpc-4.1.4-150500.1.7 added
- libpapi-hpc-7.0.0-150500.1.1 added
- libpapi_7_0_0-hpc-7.0.0-150500.1.1 added
- libpmi0-23.02.0-150500.3.2 added
- libpmix2-3.2.3-150300.3.5.1 added
- libslurm39-23.02.0-150500.3.2 added
- lifecycle-data-sle-module-hpc-1-5.4.1 added
- lua-genders-1.27.3-150400.8.7 added
- lua-lmod-8.7.17-150500.2.1 added
- lua53-luafilesystem-1.8.0-150500.1.1 added
- lua53-luaposix-34.1.1-3.2.3 added
- lua53-luaterm-0.07-5.2.3 added
- memkind-1.14.0-150500.1.1 added
- mpiP_3_5-gnu-mpich-hpc-3.5-1.39 added
- mpiP_3_5-gnu-mpich-hpc-devel-3.5-1.39 added
- mpiP_3_5-gnu-mpich-hpc-devel-static-3.5-1.39 added
- mpiP_3_5-gnu-mpich-hpc-doc-3.5-1.39 added
- mpiP_3_5-gnu-mvapich2-hpc-3.5-1.192 added
- mpiP_3_5-gnu-mvapich2-hpc-devel-3.5-1.192 added
- mpiP_3_5-gnu-mvapich2-hpc-devel-static-3.5-1.192 added
- mpiP_3_5-gnu-mvapich2-hpc-doc-3.5-1.192 added
- mpiP_3_5-gnu-openmpi3-hpc-3.5-1.53 added
- mpiP_3_5-gnu-openmpi3-hpc-devel-3.5-1.53 added
- mpiP_3_5-gnu-openmpi3-hpc-devel-static-3.5-1.53 added
- mpiP_3_5-gnu-openmpi3-hpc-doc-3.5-1.53 added
- mpiP_3_5-gnu-openmpi4-hpc-3.5-1.51 added
- mpiP_3_5-gnu-openmpi4-hpc-devel-3.5-1.51 added
- mpiP_3_5-gnu-openmpi4-hpc-devel-static-3.5-1.51 added
- mpiP_3_5-gnu-openmpi4-hpc-doc-3.5-1.51 added
- mpich-gnu-hpc-4.0.2-150500.1.2 added
- mpich-gnu-hpc-devel-4.0.2-150500.1.2 added
- mpich-gnu-hpc-devel-static-4.0.2-150500.1.2 added
- mpich-ofi-gnu-hpc-4.0.2-150500.1.2 added
- mpich-ofi-gnu-hpc-devel-4.0.2-150500.1.2 added
- mpich-ofi-gnu-hpc-devel-static-4.0.2-150500.1.2 added
- mpich-ofi_4_0_2-gnu-hpc-4.0.2-150500.1.2 added
- mpich-ofi_4_0_2-gnu-hpc-devel-4.0.2-150500.1.2 added
- mpich-ofi_4_0_2-gnu-hpc-devel-static-4.0.2-150500.1.2 added
- mpich_4_0_2-gnu-hpc-4.0.2-150500.1.2 added
- mpich_4_0_2-gnu-hpc-devel-4.0.2-150500.1.2 added
- mpich_4_0_2-gnu-hpc-devel-static-4.0.2-150500.1.2 added
- mpich_4_0_2-gnu-hpc-macros-devel-4.0.2-150500.1.2 added
- mrsh-2.12-4.3.1 added
- mrsh-rsh-compat-2.12-4.3.1 added
- mrsh-rsh-server-compat-2.12-4.3.1 added
- mrsh-server-2.12-4.3.1 added
- munge-0.5.15-150400.18.3.6 added
- munge-devel-0.5.15-150400.18.3.6 added
- mvapich2-gnu-hpc-2.3.7-150500.1.37 added
- mvapich2-gnu-hpc-devel-2.3.7-150500.1.37 added
- mvapich2-psm-gnu-hpc-2.3.7-150500.1.31 added
- mvapich2-psm-gnu-hpc-devel-2.3.7-150500.1.31 added
- mvapich2-psm2-gnu-hpc-2.3.7-150500.1.31 added
- mvapich2-psm2-gnu-hpc-devel-2.3.7-150500.1.31 added
- mvapich2-psm2_2_3_7-gnu-hpc-2.3.7-150500.1.31 added
- mvapich2-psm2_2_3_7-gnu-hpc-devel-2.3.7-150500.1.31 added
- mvapich2-psm2_2_3_7-gnu-hpc-devel-static-2.3.7-150500.1.31 added
- mvapich2-psm2_2_3_7-gnu-hpc-doc-2.3.7-150500.1.31 added
- mvapich2-psm2_2_3_7-gnu-hpc-macros-devel-2.3.7-150500.1.31 added
- mvapich2-psm_2_3_7-gnu-hpc-2.3.7-150500.1.31 added
- mvapich2-psm_2_3_7-gnu-hpc-devel-2.3.7-150500.1.31 added
- mvapich2-psm_2_3_7-gnu-hpc-devel-static-2.3.7-150500.1.31 added
- mvapich2-psm_2_3_7-gnu-hpc-doc-2.3.7-150500.1.31 added
- mvapich2-psm_2_3_7-gnu-hpc-macros-devel-2.3.7-150500.1.31 added
- mvapich2_2_3_7-gnu-hpc-2.3.7-150500.1.37 added
- mvapich2_2_3_7-gnu-hpc-devel-2.3.7-150500.1.37 added
- mvapich2_2_3_7-gnu-hpc-devel-static-2.3.7-150500.1.37 added
- mvapich2_2_3_7-gnu-hpc-doc-2.3.7-150500.1.37 added
- mvapich2_2_3_7-gnu-hpc-macros-devel-2.3.7-150500.1.37 added
- openmpi3-gnu-hpc-3.1.6-150500.12.4 added
- openmpi3-gnu-hpc-devel-static-3.1.6-150500.12.4 added
- openmpi4-gnu-hpc-4.1.4-150500.1.7 added
- openmpi4-gnu-hpc-devel-static-4.1.4-150500.1.7 added
- openmpi_3_1_6-gnu-hpc-3.1.6-150500.12.4 added
- openmpi_3_1_6-gnu-hpc-devel-3.1.6-150500.12.4 added
- openmpi_3_1_6-gnu-hpc-devel-static-3.1.6-150500.12.4 added
- openmpi_3_1_6-gnu-hpc-docs-3.1.6-150500.12.4 added
- openmpi_3_1_6-gnu-hpc-macros-devel-3.1.6-150500.12.4 added
- openmpi_4_1_4-gnu-hpc-4.1.4-150500.1.7 added
- openmpi_4_1_4-gnu-hpc-devel-4.1.4-150500.1.7 added
- openmpi_4_1_4-gnu-hpc-devel-static-4.1.4-150500.1.7 added
- openmpi_4_1_4-gnu-hpc-docs-4.1.4-150500.1.7 added
- openmpi_4_1_4-gnu-hpc-macros-devel-4.1.4-150500.1.7 added
- papi-hpc-devel-7.0.0-150500.1.1 added
- papi_7_0_0-hpc-7.0.0-150500.1.1 added
- papi_7_0_0-hpc-devel-7.0.0-150500.1.1 added
- patterns-hpc-compute_node-20190218-150400.15.4 added
- patterns-hpc-development_node-20190218-150400.15.4 added
- patterns-hpc-libraries-20190218-150400.15.4 added
- patterns-hpc-workload_server-20190218-150400.15.4 added
- pdsh-2.34-150500.44.1 added
- pdsh-dshgroup-2.34-150500.44.1 added
- pdsh-genders-2.34-150500.44.1 added
- pdsh-machines-2.34-150500.44.1 added
- pdsh-netgroup-2.34-150500.44.1 added
- pdsh-slurm-2.34-150500.44.1 added
- perl-genders-1.27.3-150400.8.7 added
- perl-slurm-23.02.0-150500.3.2 added
- pmix-3.2.3-150300.3.5.1 added
- pmix-devel-3.2.3-150300.3.5.1 added
- pmix-plugin-munge-3.2.3-150300.3.5.1 added
- pmix-plugins-3.2.3-150300.3.5.1 added
- pmix-test-3.2.3-150300.3.5.1 added
- python3-clingo-5.5.0-150400.2.5 added
- python3-genders-1.27.3-150400.8.7 added
- python3-numpy-gnu-hpc-1.17.3-150400.23.3.1 added
- python3-numpy-gnu-hpc-devel-1.17.3-150400.23.3.1 added
- python3-numpy_1_17_3-gnu-hpc-1.17.3-150400.23.3.1 added
- python3-numpy_1_17_3-gnu-hpc-devel-1.17.3-150400.23.3.1 added
- python3-scipy-gnu-hpc-1.3.3-3.31 added
- python3-scipy_1_3_3-gnu-hpc-1.3.3-3.31 added
- sle-module-hpc-release-15.5-150500.43.2 added
- slurm-23.02.0-150500.3.2 added
- slurm-auth-none-23.02.0-150500.3.2 added
- slurm-cray-23.02.0-150500.3.2 added
- slurm-devel-23.02.0-150500.3.2 added
- slurm-lua-23.02.0-150500.3.2 added
- slurm-munge-23.02.0-150500.3.2 added
- slurm-node-23.02.0-150500.3.2 added
- slurm-pam_slurm-23.02.0-150500.3.2 added
- slurm-plugin-ext-sensors-rrd-23.02.0-150500.3.2 added
- slurm-plugins-23.02.0-150500.3.2 added
- slurm-rest-23.02.0-150500.3.2 added
- slurm-slurmdbd-23.02.0-150500.3.2 added
- slurm-sql-23.02.0-150500.3.2 added
- slurm-sview-23.02.0-150500.3.2 added
- slurm-torque-23.02.0-150500.3.2 added
- suse-hpc-0.5.20220206.0c6b168-150300.6.3.1 added
- system-role-hpc-compute-15.5.0-150500.1.1 added
- system-role-hpc-server-15.5.0-150500.1.1 added
- warewulf4-4.4.0-150500.4.6 added
- warewulf4-api-4.4.0-150500.4.6 added
- warewulf4-overlay-4.4.0-150500.4.6 added
- warewulf4-slurm-4.4.0-150500.4.6 added
- convmv-2.04-1.18 added
- libicu60_2-ledata-60.2-150000.3.12.1 added
- netconsole-tools-20030909-134.24 added
- opa-fmgui-10.1.0.0.115-150500.19.4 added
- php7-pear-1.10.21-3.6.1 added
- php7-pecl-1.10.21-3.6.1 added
- postgresql-llvmjit-15-150500.8.19 added
- postgresql-llvmjit-devel-15-150500.8.19 added
- postgresql14-docs-14.8-150200.5.26.1 added
- python3-urlgrabber-4.1.0-150400.4.9.1 added
- system-group-obsolete-20170617-150400.22.33 added
- apache2-mod_php7-7.4.33-150400.4.22.1 added
- bridge-utils-1.6-1.33 added
- bridge-utils-devel-1.6-1.33 added
- clang5-5.0.1-8.5.1 added
- clang5-checker-5.0.1-8.5.1 added
- clang5-devel-5.0.1-8.5.1 added
- compartm-1.1-1.26 added
- cyrus-sasl-bdb-2.1.28-150500.1.1 added
- cyrus-sasl-bdb-crammd5-2.1.28-150500.1.1 added
- cyrus-sasl-bdb-digestmd5-2.1.28-150500.1.1 added
- cyrus-sasl-bdb-gs2-2.1.28-150500.1.1 added
- cyrus-sasl-bdb-gssapi-2.1.28-150500.1.1 added
- cyrus-sasl-bdb-ntlm-2.1.28-150500.1.1 added
- cyrus-sasl-bdb-otp-2.1.28-150500.1.1 added
- cyrus-sasl-bdb-plain-2.1.28-150500.1.1 added
- cyrus-sasl-bdb-scram-2.1.28-150500.1.1 added
- cyrus-sasl-saslauthd-bdb-2.1.28-150500.1.2 added
- cyrus-sasl-sqlauxprop-bdb-2.1.28-150500.1.2 added
- dmraid-1.0.0.rc16-3.26 added
- dmraid-devel-1.0.0.rc16-3.26 added
- dpdk-19.11.10-150500.3.37 added
- dpdk-devel-19.11.10-150500.3.37 added
- dpdk-kmp-default-19.11.10_k5.14.21_150500.53-150500.3.37 added
- dpdk-tools-19.11.10-150500.3.37 added
- fftw3-mpi-devel-3.3.9-1.6 added
- gv-3.7.4-1.41 added
- iptables-backend-nft-1.8.7-1.1 added
- java-1_8_0-ibm-1.8.0_sr8.0-150000.3.71.1 added
- java-1_8_0-ibm-alsa-1.8.0_sr8.0-150000.3.71.1 added
- java-1_8_0-ibm-devel-1.8.0_sr8.0-150000.3.71.1 added
- java-1_8_0-ibm-plugin-1.8.0_sr8.0-150000.3.71.1 added
- java-1_8_0-openjdk-1.8.0.362-150000.3.76.1 added
- java-1_8_0-openjdk-demo-1.8.0.362-150000.3.76.1 added
- java-1_8_0-openjdk-devel-1.8.0.362-150000.3.76.1 added
- java-1_8_0-openjdk-headless-1.8.0.362-150000.3.76.1 added
- libLLVM5-32bit-5.0.1-8.5.1 added
- libLLVM5-5.0.1-8.5.1 added
- libLTO5-5.0.1-8.5.1 added
- libboost_locale_legacy-1.66.0-1.4.1 added
- libboost_numpy-py3-1_66_0-1.66.0-12.3.1 added
- libboost_numpy-py3-1_66_0-devel-1.66.0-12.3.1 added
- libboost_regex_legacy-1.66.0-1.4.1 added
- libcap1-1.97-1.15 added
- libcap1-32bit-1.97-1.15 added
- libcgroup-devel-0.41.rc1-1.10.1 added
- libcgroup-tools-0.41.rc1-1.10.1 added
- libcgroup1-0.41.rc1-1.10.1 added
- libcgroup1-32bit-0.41.rc1-1.10.1 added
- libclang5-5.0.1-8.5.1 added
- libdpdk-20_0-19.11.10-150500.3.37 added
- libfftw3_mpi3-3.3.9-1.6 added
- libicu60_2-60.2-150000.3.12.1 added
- libldap-legacy-2.4.46-1.1 added
- libncurses5-32bit-6.1-150000.5.15.1 added
- libncurses5-6.1-150000.5.15.1 added
- libomp5-devel-5.0.1-8.5.1 added
- libopeniscsiusr0_1_0-2.0.876-11.16 added
- libopenssl-1_0_0-devel-1.0.2p-150000.3.73.1 added
- libopenssl10-1.0.2p-150000.3.73.1 added
- libopenssl1_0_0-1.0.2p-150000.3.73.1 added
- libopenssl1_0_0-hmac-1.0.2p-150000.3.73.1 added
- libopenvswitch-2_14-0-2.14.2-150400.24.3.1 added
- libovn-20_06-0-20.06.2-150400.24.3.1 added
- libwacom2-1.12-150400.1.10 added
- llvm5-5.0.1-8.5.1 added
- llvm5-LTO-devel-5.0.1-8.5.1 added
- llvm5-devel-5.0.1-8.5.1 added
- llvm5-gold-5.0.1-8.5.1 added
- ncurses5-devel-6.1-150000.5.15.1 added
- net-tools-deprecated-2.0+git20170221.479bb4a-3.11 added
- ntp-4.2.8p15-150000.4.22.1 added
- openmpi-1.10.7-20.9 added
- openmpi-config-1.10.7-20.9 added
- openmpi-devel-1.10.7-20.9 added
- openmpi-libs-1.10.7-20.9 added
- openssl-1_0_0-1.0.2p-150000.3.73.1 added
- openvswitch-2.14.2-150400.24.3.1 added
- openvswitch-devel-2.14.2-150400.24.3.1 added
- openvswitch-ipsec-2.14.2-150400.24.3.1 added
- openvswitch-pki-2.14.2-150400.24.3.1 added
- openvswitch-test-2.14.2-150400.24.3.1 added
- openvswitch-vtep-2.14.2-150400.24.3.1 added
- ovn-20.06.2-150400.24.3.1 added
- ovn-central-20.06.2-150400.24.3.1 added
- ovn-devel-20.06.2-150400.24.3.1 added
- ovn-docker-20.06.2-150400.24.3.1 added
- ovn-host-20.06.2-150400.24.3.1 added
- ovn-vtep-20.06.2-150400.24.3.1 added
- pam-modules-12.1-150000.5.3.2 added
- pam-modules-32bit-12.1-150000.5.3.2 added
- php7-7.4.33-150400.4.22.1 added
- php7-bcmath-7.4.33-150400.4.22.1 added
- php7-bz2-7.4.33-150400.4.22.1 added
- php7-calendar-7.4.33-150400.4.22.1 added
- php7-cli-7.4.33-150400.4.22.1 added
- php7-ctype-7.4.33-150400.4.22.1 added
- php7-curl-7.4.33-150400.4.22.1 added
- php7-dba-7.4.33-150400.4.22.1 added
- php7-devel-7.4.33-150400.4.22.1 added
- php7-dom-7.4.33-150400.4.22.1 added
- php7-enchant-7.4.33-150400.4.22.1 added
- php7-exif-7.4.33-150400.4.22.1 added
- php7-fastcgi-7.4.33-150400.4.22.1 added
- php7-fileinfo-7.4.33-150400.4.22.1 added
- php7-fpm-7.4.33-150400.4.22.1 added
- php7-ftp-7.4.33-150400.4.22.1 added
- php7-gd-7.4.33-150400.4.22.1 added
- php7-gettext-7.4.33-150400.4.22.1 added
- php7-gmp-7.4.33-150400.4.22.1 added
- php7-iconv-7.4.33-150400.4.22.1 added
- php7-intl-7.4.33-150400.4.22.1 added
- php7-json-7.4.33-150400.4.22.1 added
- php7-ldap-7.4.33-150400.4.22.1 added
- php7-mbstring-7.4.33-150400.4.22.1 added
- php7-mysql-7.4.33-150400.4.22.1 added
- php7-odbc-7.4.33-150400.4.22.1 added
- php7-opcache-7.4.33-150400.4.22.1 added
- php7-openssl-7.4.33-150400.4.22.1 added
- php7-pcntl-7.4.33-150400.4.22.1 added
- php7-pdo-7.4.33-150400.4.22.1 added
- php7-pgsql-7.4.33-150400.4.22.1 added
- php7-phar-7.4.33-150400.4.22.1 added
- php7-posix-7.4.33-150400.4.22.1 added
- php7-readline-7.4.33-150400.4.22.1 added
- php7-shmop-7.4.33-150400.4.22.1 added
- php7-snmp-7.4.33-150400.4.22.1 added
- php7-soap-7.4.33-150400.4.22.1 added
- php7-sockets-7.4.33-150400.4.22.1 added
- php7-sodium-7.4.33-150400.4.22.1 added
- php7-sqlite-7.4.33-150400.4.22.1 added
- php7-sysvmsg-7.4.33-150400.4.22.1 added
- php7-sysvsem-7.4.33-150400.4.22.1 added
- php7-sysvshm-7.4.33-150400.4.22.1 added
- php7-tidy-7.4.33-150400.4.22.1 added
- php7-tokenizer-7.4.33-150400.4.22.1 added
- php7-xmlreader-7.4.33-150400.4.22.1 added
- php7-xmlrpc-7.4.33-150400.4.22.1 added
- php7-xmlwriter-7.4.33-150400.4.22.1 added
- php7-xsl-7.4.33-150400.4.22.1 added
- php7-zip-7.4.33-150400.4.22.1 added
- php7-zlib-7.4.33-150400.4.22.1 added
- postfix-bdb-3.7.2-150500.1.20 added
- postfix-bdb-lmdb-3.7.2-150500.1.20 added
- postgresql14-14.8-150200.5.26.1 added
- postgresql14-contrib-14.8-150200.5.26.1 added
- postgresql14-devel-14.8-150200.5.26.1 added
- postgresql14-llvmjit-14.8-150200.5.26.1 added
- postgresql14-llvmjit-devel-14.8-150200.5.26.1 added
- postgresql14-pgagent-4.0.0-150400.15.4 added
- postgresql14-plperl-14.8-150200.5.26.1 added
- postgresql14-plpython-14.8-150200.5.26.1 added
- postgresql14-pltcl-14.8-150200.5.26.1 added
- postgresql14-server-14.8-150200.5.26.1 added
- postgresql14-server-devel-14.8-150200.5.26.1 added
- python3-ovs-2.14.2-150400.24.3.1 added
- reiserfs-kmp-default-5.14.21-150500.53.2 added
- sle-module-legacy-release-15.5-150500.43.2 added
- talk-0.17-1.29 added
- talk-server-0.17-1.29 added
- telnet-server-1.2-150000.3.6.1 added
- tunctl-1.5-1.26 added
- vlan-1.9-1.27 added
- yudit-2.9.6-1.93 added
- libpulp-load-default-0.1-150500.1.1 added
- lifecycle-data-sle-module-live-patching-15-150000.4.90.1 added
- glibc-livepatches-0-150400.1.4 added
- kernel-default-livepatch-5.14.21-150500.53.2 added
- kernel-default-livepatch-devel-5.14.21-150500.53.2 added
- kernel-livepatch-5_14_21-150500_53-default-1-150500.1.62 added
- kernel-livepatch-tools-1.2-150400.15.3.1 added
- kernel-livepatch-tools-devel-1.2-150400.15.3.1 added
- libpulp-tools-0.2.8-150400.3.12.1 added
- libpulp0-0.2.8-150400.3.12.1 added
- openssl-1_1-livepatches-0.1-150400.3.3.1 added
- patterns-lp-lp_sles-15.1.0-5.18 added
- sle-module-live-patching-release-15.5-150500.43.2 added
- aws-cli-1.27.89-150200.30.11.1 added
- aws-efs-utils-1.34.5-150100.4.11.1 added
- azure-cli-2.17.1-150100.6.11.2 added
- azure-cli-acr-2.1.4-4.22 added
- azure-cli-acs-2.3.2-4.22 added
- azure-cli-advisor-0.6.0-1.32 added
- azure-cli-ams-0.2.3-1.32 added
- azure-cli-appservice-0.2.3-4.22 added
- azure-cli-backup-1.2.1-4.22 added
- azure-cli-batch-3.3.3-4.22 added
- azure-cli-batchai-0.4.2-1.32 added
- azure-cli-billing-0.2.0-4.22 added
- azure-cli-cdn-0.1.1-4.22 added
- azure-cli-cloud-2.1.0-4.22 added
- azure-cli-cognitiveservices-0.2.1-4.22 added
- azure-cli-command-modules-nspkg-2.0.3-6.4.1 added
- azure-cli-component-2.0.7-3.3.3 added
- azure-cli-configure-2.0.18-4.22 added
- azure-cli-consumption-0.4.0-4.22 added
- azure-cli-container-0.3.3-4.22 added
- azure-cli-core-2.17.1-150100.6.14.2 added
- azure-cli-cosmosdb-0.2.1-4.22 added
- azure-cli-dla-0.2.2-4.22 added
- azure-cli-dls-0.1.1-4.22 added
- azure-cli-dms-0.1.0-1.32 added
- azure-cli-eventgrid-0.2.0-4.22 added
- azure-cli-eventhubs-0.2.3-1.32 added
- azure-cli-extension-0.2.1-4.22 added
- azure-cli-feedback-2.1.4-4.22 added
- azure-cli-find-0.2.12-4.22 added
- azure-cli-interactive-0.3.28-6.3.3 added
- azure-cli-iot-0.3.1-4.22 added
- azure-cli-keyvault-2.2.2-4.22 added
- azure-cli-lab-0.1.1-4.22 added
- azure-cli-monitor-0.2.3-4.22 added
- azure-cli-network-2.2.4-4.22 added
- azure-cli-nspkg-3.0.4-6.4.1 added
- azure-cli-profile-2.1.1-4.22 added
- azure-cli-rdbms-0.3.1-4.22 added
- azure-cli-redis-0.3.2-4.22 added
- azure-cli-reservations-0.3.2-1.31 added
- azure-cli-resource-2.1.3-4.22 added
- azure-cli-role-2.1.4-4.22 added
- azure-cli-search-0.1.1-1.31 added
- azure-cli-servicebus-0.2.2-1.31 added
- azure-cli-servicefabric-0.1.2-4.22 added
- azure-cli-sql-2.1.3-4.22 added
- azure-cli-storage-2.2.1-4.22 added
- azure-cli-taskhelp-0.1.7-3.3.3 added
- azure-cli-telemetry-1.0.6-3.4.1 added
- azure-cli-vm-2.2.2-4.22 added
- azure-li-services-1.2.8-1.23.1 added
- azuremetadata-4.0.1-1.17 added
- cfn-lint-0.21.4-3.3.9 added
- cloud-netconfig-azure-1.7-150000.25.8.1 added
- cloud-netconfig-ec2-1.7-150000.25.8.1 added
- cloud-netconfig-gce-1.7-150000.25.8.1 added
- cloud-regionsrv-8.1.3-150300.11.9.1 added
- cloud-regionsrv-client-10.1.0-150000.6.91.1 added
- cloud-regionsrv-client-addon-azure-1.0.5-150000.6.91.1 added
- cloud-regionsrv-client-generic-config-1.0.0-150000.6.91.1 added
- cloud-regionsrv-client-plugin-azure-2.0.0-150000.6.91.1 added
- cloud-regionsrv-client-plugin-ec2-1.0.2-150000.6.91.1 added
- cloud-regionsrv-client-plugin-gce-1.0.0-150000.6.91.1 added
- cloud-regionsrv-generic-config-1.0.0-150300.11.9.1 added
- docker-img-store-setup-1.0.1-3.3.1 added
- ec2-instance-connect-1.1.12-1.3.1 added
- google-guest-configs-20220211.00-150400.13.3.1 added
- growpart-0.31-5.9.3 added
- growpart-rootgrow-1.0.5-1.9.1 added
- kernel-devel-azure-5.14.21-150500.31.4 added
- kernel-source-azure-5.14.21-150500.31.4 added
- python-azure-agent-2.8.0.11-150100.3.26.1 added
- python3-Cerberus-1.3.2-7.9.1 added
- python3-Fabric-2.5.0-3.3.1 added
- python3-Whoosh-2.7.4-150100.3.3.2 added
- python3-aliyun-python-sdk-1.0.0-150100.3.7.4 added
- python3-aliyun-python-sdk-aas-2.1.1-150100.3.5.5 added
- python3-aliyun-python-sdk-acm-1.0.1-150100.3.7.5 added
- python3-aliyun-python-sdk-acms-open-1.0.0-150100.3.7.5 added
- python3-aliyun-python-sdk-actiontrail-2.0.3-150100.3.7.5 added
- python3-aliyun-python-sdk-adb-1.0.5-150100.3.7.5 added
- python3-aliyun-python-sdk-address-purification-1.0.0-150100.3.7.5 added
- python3-aliyun-python-sdk-aegis-1.0.6-150100.3.7.5 added
- python3-aliyun-python-sdk-afs-1.0.1-150100.3.7.5 added
- python3-aliyun-python-sdk-airec-2.0.0-150100.3.7.5 added
- python3-aliyun-python-sdk-alidns-2.6.20-150100.3.7.5 added
- python3-aliyun-python-sdk-aligreen-console-1.0.3-150100.3.7.5 added
- python3-aliyun-python-sdk-alimt-3.0.30-150100.3.7.5 added
- python3-aliyun-python-sdk-alinlp-1.0.16-150100.3.7.5 added
- python3-aliyun-python-sdk-aliyuncvc-1.0.10.2-150100.3.7.5 added
- python3-aliyun-python-sdk-amqp-open-1.1.1-150100.3.5.5 added
- python3-aliyun-python-sdk-appmallsservice-1.1.1-150100.3.7.5 added
- python3-aliyun-python-sdk-arms-2.5.22-150100.3.7.5 added
- python3-aliyun-python-sdk-arms4finance-2.0.2-150100.3.7.5 added
- python3-aliyun-python-sdk-baas-1.0.1-150100.3.7.5 added
- python3-aliyun-python-sdk-brinekingdom-1.0.1-150100.3.7.5 added
- python3-aliyun-python-sdk-bss-0.0.4-150100.3.7.5 added
- python3-aliyun-python-sdk-bssopenapi-1.6.2-150100.3.7.5 added
- python3-aliyun-python-sdk-cams-1.0.3-150100.3.7.5 added
- python3-aliyun-python-sdk-cas-20180713_0114-150100.3.7.5 added
- python3-aliyun-python-sdk-cassandra-1.0.6-150100.3.7.5 added
- python3-aliyun-python-sdk-cbn-1.0.7-150100.3.7.5 added
- python3-aliyun-python-sdk-ccc-2.0.4-150100.3.7.5 added
- python3-aliyun-python-sdk-ccs-1.0.1-150100.3.7.5 added
- python3-aliyun-python-sdk-cdn-3.6.1-150100.3.7.5 added
- python3-aliyun-python-sdk-cdrs-1.0.9-150100.3.3.5 added
- python3-aliyun-python-sdk-chatbot-1.2.1-150100.3.7.5 added
- python3-aliyun-python-sdk-clickhouse-2.0.0-150100.3.7.5 added
- python3-aliyun-python-sdk-cloudapi-4.9.2-150100.3.7.5 added
- python3-aliyun-python-sdk-cloudauth-2.0.26-150100.3.7.5 added
- python3-aliyun-python-sdk-cloudesl-2.0.4-150100.3.7.5 added
- python3-aliyun-python-sdk-cloudgame-1.0.0-150100.3.7.5 added
- python3-aliyun-python-sdk-cloudmarketing-2.7.16-150100.3.7.5 added
- python3-aliyun-python-sdk-cloudphoto-1.1.19-150100.3.7.5 added
- python3-aliyun-python-sdk-cloudwf-1.0.3-150100.3.7.5 added
- python3-aliyun-python-sdk-cms-7.0.18-150100.3.7.5 added
- python3-aliyun-python-sdk-codeup-0.0.8-150100.3.7.5 added
- python3-aliyun-python-sdk-companyreg-1.0.2-150100.3.7.5 added
- python3-aliyun-python-sdk-config-1.0.3-150100.3.3.5 added
- python3-aliyun-python-sdk-core-2.13.30-150100.3.7.5 added
- python3-aliyun-python-sdk-cr-4.1.2-150100.3.7.5 added
- python3-aliyun-python-sdk-crm-2.2.1-150100.3.7.5 added
- python3-aliyun-python-sdk-cs-4.8.1-150100.3.7.5 added
- python3-aliyun-python-sdk-csb-1.2.9-150100.3.7.5 added
- python3-aliyun-python-sdk-cspro-1.3.9-150100.3.7.5 added
- python3-aliyun-python-sdk-cusanalytic_sc_online-1.0.2-150100.3.7.5 added
- python3-aliyun-python-sdk-das-1.0.5-150100.3.7.5 added
- python3-aliyun-python-sdk-dataworks-public-3.2.6-150100.3.7.5 added
- python3-aliyun-python-sdk-dbfs-1.0.2-150100.3.7.5 added
- python3-aliyun-python-sdk-dbs-1.0.29-150100.3.7.5 added
- python3-aliyun-python-sdk-dcdn-2.1.2-150100.3.7.5 added
- python3-aliyun-python-sdk-ddoscoo-1.0.1-150100.3.3.5 added
- python3-aliyun-python-sdk-dds-3.5.0-150100.3.7.5 added
- python3-aliyun-python-sdk-democenter-1.1.0-150100.3.7.5 added
- python3-aliyun-python-sdk-devops-rdc-1.9.0-150100.3.7.5 added
- python3-aliyun-python-sdk-dg-1.0.9-150100.3.3.5 added
- python3-aliyun-python-sdk-dms-enterprise-1.12.0-150100.3.7.5 added
- python3-aliyun-python-sdk-domain-3.14.4-150100.3.7.5 added
- python3-aliyun-python-sdk-domain-intl-1.6.0-150100.3.7.5 added
- python3-aliyun-python-sdk-drds-20201028-150100.3.7.5 added
- python3-aliyun-python-sdk-dts-5.1.9-150100.3.7.5 added
- python3-aliyun-python-sdk-dybaseapi-1.0.6-150100.3.7.5 added
- python3-aliyun-python-sdk-dyplsapi-1.3.0-150100.3.7.5 added
- python3-aliyun-python-sdk-dypnsapi-1.1.3-150100.3.7.5 added
- python3-aliyun-python-sdk-dysmsapi-2.1.1-150100.3.7.5 added
- python3-aliyun-python-sdk-dyvmsapi-3.0.2-150100.3.7.5 added
- python3-aliyun-python-sdk-eais-2.0.0-150100.3.3.5 added
- python3-aliyun-python-sdk-eas-0.0.3-150100.3.7.5 added
- python3-aliyun-python-sdk-eci-1.1.3-150100.3.7.5 added
- python3-aliyun-python-sdk-ecs-4.23.9-150100.3.7.5 added
- python3-aliyun-python-sdk-edas-3.15.2-150100.3.7.5 added
- python3-aliyun-python-sdk-ehpc-1.14.1-150100.3.7.5 added
- python3-aliyun-python-sdk-elasticsearch-3.0.20-150100.3.7.5 added
- python3-aliyun-python-sdk-emap-1.0-150100.3.3.5 added
- python3-aliyun-python-sdk-emas-appmonitor-1.2.0-150100.3.3.5 added
- python3-aliyun-python-sdk-emr-3.3.2-150100.3.7.5 added
- python3-aliyun-python-sdk-ens-1.3.3-150100.3.7.5 added
- python3-aliyun-python-sdk-ess-2.3.3-150100.3.7.5 added
- python3-aliyun-python-sdk-et-industry-openapi-3.6-150100.3.3.5 added
- python3-aliyun-python-sdk-faas-2.7.11-150100.3.7.5 added
- python3-aliyun-python-sdk-facebody-1.2.15-150100.3.7.5 added
- python3-aliyun-python-sdk-fnf-1.8.0-150100.3.7.5 added
- python3-aliyun-python-sdk-foas-2.3.3-150100.3.7.5 added
- python3-aliyun-python-sdk-ft-5.6.7-150100.3.7.5 added
- python3-aliyun-python-sdk-gdb-1.0.0-150100.3.3.5 added
- python3-aliyun-python-sdk-geoip-1.0.3-150100.3.7.5 added
- python3-aliyun-python-sdk-goodstech-1.0.2-150100.3.7.5 added
- python3-aliyun-python-sdk-gpdb-1.0.5-150100.3.7.5 added
- python3-aliyun-python-sdk-green-3.6.3-150100.3.7.5 added
- python3-aliyun-python-sdk-gts-phd-1-150100.3.7.5 added
- python3-aliyun-python-sdk-hbase-2.9.2-150100.3.7.5 added
- python3-aliyun-python-sdk-hbr-0.0.2-150100.3.7.5 added
- python3-aliyun-python-sdk-highddos-2.1.2-150100.3.7.5 added
- python3-aliyun-python-sdk-hiknoengine-0.0.2-150100.3.7.5 added
- python3-aliyun-python-sdk-hitsdb-1.0.1-150100.3.3.5 added
- python3-aliyun-python-sdk-hivisengine-0.0.2-150100.3.7.5 added
- python3-aliyun-python-sdk-hpc-2.0.3-150100.3.7.5 added
- python3-aliyun-python-sdk-hsm-1.0.1-150100.3.7.5 added
- python3-aliyun-python-sdk-httpdns-2.1.1-150100.3.7.5 added
- python3-aliyun-python-sdk-idrsservice-3.7.3-150100.3.3.5 added
- python3-aliyun-python-sdk-idsp-1.4-150100.3.3.5 added
- python3-aliyun-python-sdk-imageaudit-1.0.7-150100.3.7.5 added
- python3-aliyun-python-sdk-imageenhan-1.1.2-150100.3.7.5 added
- python3-aliyun-python-sdk-imageprocess-1.0.10-150100.3.7.5 added
- python3-aliyun-python-sdk-imagerecog-1.0.13-150100.3.7.5 added
- python3-aliyun-python-sdk-imagesearch-2.0.0-150100.3.7.5 added
- python3-aliyun-python-sdk-imageseg-1.1.8-150100.3.7.5 added
- python3-aliyun-python-sdk-imgsearch-1.1.6-150100.3.7.5 added
- python3-aliyun-python-sdk-imm-1.23.0-150100.3.7.5 added
- python3-aliyun-python-sdk-industry-brain-5.0.52-150100.3.7.5 added
- python3-aliyun-python-sdk-iot-8.21.1-150100.3.7.5 added
- python3-aliyun-python-sdk-iqa-1.0.0-150100.3.7.5 added
- python3-aliyun-python-sdk-ivision-1.2.0-150100.3.7.5 added
- python3-aliyun-python-sdk-ivpd-1.0.6.1-150100.3.7.5 added
- python3-aliyun-python-sdk-jaq-2.0.7-150100.3.7.5 added
- python3-aliyun-python-sdk-jarvis-1.2.4-150100.3.7.5 added
- python3-aliyun-python-sdk-jarvis-public-1.0.1-150100.3.7.5 added
- python3-aliyun-python-sdk-kms-2.14.0-150100.3.7.5 added
- python3-aliyun-python-sdk-ledgerdb-0.7.0-150100.3.7.5 added
- python3-aliyun-python-sdk-linkedmall-1.0.0-150100.3.7.5 added
- python3-aliyun-python-sdk-linkface-1.2.0-150100.3.7.5 added
- python3-aliyun-python-sdk-linkwan-1.0.3-150100.3.7.5 added
- python3-aliyun-python-sdk-live-3.9.5-150100.3.7.5 added
- python3-aliyun-python-sdk-lubancloud-1.0.1-150100.3.7.5 added
- python3-aliyun-python-sdk-market-2.0.24-150100.3.7.5 added
- python3-aliyun-python-sdk-metering-1.0.0-150100.3.3.5 added
- python3-aliyun-python-sdk-mopen-1.1.1-150100.3.7.5 added
- python3-aliyun-python-sdk-mpaas-1.0.0-150100.3.3.5 added
- python3-aliyun-python-sdk-mts-2.7.6-150100.3.7.5 added
- python3-aliyun-python-sdk-multimediaai-1.1.3-150100.3.7.5 added
- python3-aliyun-python-sdk-nas-3.10.0-150100.3.7.5 added
- python3-aliyun-python-sdk-netana-1.0.0-150100.3.7.5 added
- python3-aliyun-python-sdk-nlp-automl-0.0.9-150100.3.7.5 added
- python3-aliyun-python-sdk-nls-cloud-meta-1.0.1-150100.3.7.5 added
- python3-aliyun-python-sdk-objectdet-1.0.10-150100.3.7.4 added
- python3-aliyun-python-sdk-ocr-1.0.9-150100.3.7.4 added
- python3-aliyun-python-sdk-ocs-0.0.4-150100.3.7.4 added
- python3-aliyun-python-sdk-oms-0.0.3-150100.3.7.4 added
- python3-aliyun-python-sdk-ons-3.1.6-150100.3.7.4 added
- python3-aliyun-python-sdk-onsmqtt-1.0.5-150100.3.7.4 added
- python3-aliyun-python-sdk-oos-1.4.0-150100.3.7.4 added
- python3-aliyun-python-sdk-openanalytics-1.0.1-150100.3.7.4 added
- python3-aliyun-python-sdk-openanalytics-open-2.0.2-150100.3.7.4 added
- python3-aliyun-python-sdk-opensearch-0.9.0-150100.3.7.4 added
- python3-aliyun-python-sdk-ossadmin-0.0.3-150100.3.7.4 added
- python3-aliyun-python-sdk-ots-4.0.1-150100.3.7.4 added
- python3-aliyun-python-sdk-outboundbot-1.0.5-150100.3.7.4 added
- python3-aliyun-python-sdk-paistudio-1.0.0-150100.3.7.4 added
- python3-aliyun-python-sdk-petadata-1.2.1-150100.3.7.4 added
- python3-aliyun-python-sdk-polardb-1.8.3-150100.3.7.4 added
- python3-aliyun-python-sdk-polardbx-20201028-150100.3.3.4 added
- python3-aliyun-python-sdk-privatelink-1.0.2-150100.3.3.4 added
- python3-aliyun-python-sdk-productcatalog-1.0.1-150100.3.7.4 added
- python3-aliyun-python-sdk-pts-2.1.0-150100.3.7.4 added
- python3-aliyun-python-sdk-push-3.13.6-150100.3.7.4 added
- python3-aliyun-python-sdk-pvtz-1.0.5-150100.3.7.4 added
- python3-aliyun-python-sdk-qualitycheck-3.0.9-150100.3.7.4 added
- python3-aliyun-python-sdk-quickbi-public-1.4.0-150100.3.7.4 added
- python3-aliyun-python-sdk-r-kvstore-2.13.0-150100.3.7.4 added
- python3-aliyun-python-sdk-ram-3.2.0-150100.3.7.4 added
- python3-aliyun-python-sdk-rdc-1.1-150100.3.7.4 added
- python3-aliyun-python-sdk-rds-2.5.8-150100.3.7.4 added
- python3-aliyun-python-sdk-reid-1.1.8.5-150100.3.7.4 added
- python3-aliyun-python-sdk-resourcemanager-1.0.0-150100.3.7.4 added
- python3-aliyun-python-sdk-retailcloud-2.0.12-150100.3.7.4 added
- python3-aliyun-python-sdk-risk-0.0.3-150100.3.7.4 added
- python3-aliyun-python-sdk-ros-3.6.0-150100.3.7.4 added
- python3-aliyun-python-sdk-rtc-1.2.5-150100.3.7.4 added
- python3-aliyun-python-sdk-sae-1.5.0.0-150100.3.7.4 added
- python3-aliyun-python-sdk-saf-3.0.2-150100.3.7.4 added
- python3-aliyun-python-sdk-safconsole-1.0.1-150100.3.3.4 added
- python3-aliyun-python-sdk-sas-1.1.3-150100.3.7.4 added
- python3-aliyun-python-sdk-sas-api-2.1.1-150100.3.7.4 added
- python3-aliyun-python-sdk-scdn-2.2.3-150100.3.7.4 added
- python3-aliyun-python-sdk-schedulerx2-1.0.3-150100.3.7.4 added
- python3-aliyun-python-sdk-sddp-1.0.1-150100.3.7.4 added
- python3-aliyun-python-sdk-servicemesh-1.0.5-150100.3.3.4 added
- python3-aliyun-python-sdk-sgw-1.0.0-150100.3.3.4 added
- python3-aliyun-python-sdk-slb-3.3.3-150100.3.7.4 added
- python3-aliyun-python-sdk-sls-1.0.8-150100.3.3.4 added
- python3-aliyun-python-sdk-smartag-1.5.4-150100.3.7.4 added
- python3-aliyun-python-sdk-smarthosting-1.0.1-150100.3.3.4 added
- python3-aliyun-python-sdk-smc-1.0.2-150100.3.7.4 added
- python3-aliyun-python-sdk-snsuapi-1.7.1-150100.3.7.4 added
- python3-aliyun-python-sdk-status-3.7-150100.3.7.4 added
- python3-aliyun-python-sdk-sts-3.0.2-150100.3.7.4 added
- python3-aliyun-python-sdk-tag-1.0.1-150100.3.7.4 added
- python3-aliyun-python-sdk-tdsr-0.9.2-150100.3.3.4 added
- python3-aliyun-python-sdk-teambition-aliyun-1.0.8-150100.3.3.4 added
- python3-aliyun-python-sdk-tesladam-1.0.2-150100.3.7.4 added
- python3-aliyun-python-sdk-teslamaxcompute-1.5.5-150100.3.7.4 added
- python3-aliyun-python-sdk-teslastream-1.0.1-150100.3.7.4 added
- python3-aliyun-python-sdk-trademark-1.2.1-150100.3.7.4 added
- python3-aliyun-python-sdk-ubsms-2.0.5-150100.3.7.4 added
- python3-aliyun-python-sdk-uis-1.0.1-150100.3.7.4 added
- python3-aliyun-python-sdk-unimkt-1.0.24-150100.3.7.4 added
- python3-aliyun-python-sdk-vcs-2.0.4-150100.3.7.4 added
- python3-aliyun-python-sdk-viapiutils-1.0-150100.3.7.4 added
- python3-aliyun-python-sdk-videoenhan-1.0.7-150100.3.7.4 added
- python3-aliyun-python-sdk-videorecog-1.0.2-150100.3.7.4 added
- python3-aliyun-python-sdk-videosearch-1.1.0-150100.3.7.4 added
- python3-aliyun-python-sdk-videoseg-1.0.3-150100.3.7.4 added
- python3-aliyun-python-sdk-visionai-1.0.1-150100.3.7.4 added
- python3-aliyun-python-sdk-visionai-poc-1.0.1-150100.3.7.4 added
- python3-aliyun-python-sdk-vod-2.15.12-150100.3.7.4 added
- python3-aliyun-python-sdk-voicenavigator-1.1.1-150100.3.7.4 added
- python3-aliyun-python-sdk-vpc-3.0.12-150100.3.7.4 added
- python3-aliyun-python-sdk-vs-1.10.2-150100.3.7.4 added
- python3-aliyun-python-sdk-waf-openapi-1.1.4-150100.3.7.4 added
- python3-aliyun-python-sdk-webplus-1.0.0-150100.3.7.4 added
- python3-aliyun-python-sdk-welfare-inner-1.1.0-150100.3.7.4 added
- python3-aliyun-python-sdk-workorder-3.0.0-150100.3.7.4 added
- python3-aliyun-python-sdk-xspace-1.2.1-150100.3.7.4 added
- python3-aliyun-python-sdk-xtrace-0.2.2-150100.3.7.4 added
- python3-aliyun-python-sdk-yundun-2.1.4-150100.3.7.4 added
- python3-aliyun-python-sdk-yundun-ds-1.0.0-150100.3.7.4 added
- python3-antlr4-python3-runtime-4.8-3.3.1 added
- python3-applicationinsights-0.11.9-6.4.1 added
- python3-async_timeout-3.0.0-3.3.1 added
- python3-atomicwrites-1.1.5-150000.3.2.1 added
- python3-aws-sam-translator-1.11.0-4.3.8 added
- python3-azure-ai-anomalydetector-3.0.0b2-3.3.1 added
- python3-azure-ai-formrecognizer-3.1.2-150100.3.3.2 added
- python3-azure-ai-metricsadvisor-1.0.0b1-3.3.1 added
- python3-azure-ai-nspkg-1.0.0-3.3.1 added
- python3-azure-ai-textanalytics-5.0.0-3.3.1 added
- python3-azure-appconfiguration-1.1.1-3.3.1 added
- python3-azure-applicationinsights-0.1.0-3.4.1 added
- python3-azure-batch-10.0.0-150100.7.8.2 added
- python3-azure-cognitiveservices-anomalydetector-0.3.0-3.3.1 added
- python3-azure-cognitiveservices-formrecognizer-0.1.1-3.3.1 added
- python3-azure-cognitiveservices-inkrecognizer-1.0.0b1-3.3.1 added
- python3-azure-cognitiveservices-knowledge-nspkg-3.0.0-3.3.1 added
- python3-azure-cognitiveservices-knowledge-qnamaker-0.2.0-3.3.1 added
- python3-azure-cognitiveservices-language-luis-0.7.0-3.4.1 added
- python3-azure-cognitiveservices-language-nspkg-3.0.1-3.4.1 added
- python3-azure-cognitiveservices-language-spellcheck-2.0.0-3.4.1 added
- python3-azure-cognitiveservices-language-textanalytics-0.2.0-3.4.1 added
- python3-azure-cognitiveservices-nspkg-3.0.1-3.4.1 added
- python3-azure-cognitiveservices-personalizer-0.1.0-3.3.1 added
- python3-azure-cognitiveservices-search-autosuggest-0.2.0-3.4.1 added
- python3-azure-cognitiveservices-search-customimagesearch-0.2.0-3.3.1 added
- python3-azure-cognitiveservices-search-customsearch-0.3.0-3.4.1 added
- python3-azure-cognitiveservices-search-entitysearch-2.0.0-3.4.1 added
- python3-azure-cognitiveservices-search-imagesearch-2.0.0-3.4.1 added
- python3-azure-cognitiveservices-search-newssearch-2.0.0-3.4.1 added
- python3-azure-cognitiveservices-search-nspkg-3.0.1-3.4.1 added
- python3-azure-cognitiveservices-search-videosearch-2.0.0-3.4.1 added
- python3-azure-cognitiveservices-search-visualsearch-0.2.0-3.4.1 added
- python3-azure-cognitiveservices-search-websearch-2.0.0-3.4.1 added
- python3-azure-cognitiveservices-vision-computervision-0.7.0-3.4.1 added
- python3-azure-cognitiveservices-vision-contentmoderator-1.0.0-3.4.1 added
- python3-azure-cognitiveservices-vision-customvision-3.0.0-3.4.1 added
- python3-azure-cognitiveservices-vision-face-0.4.1-3.3.1 added
- python3-azure-cognitiveservices-vision-nspkg-3.0.1-3.4.1 added
- python3-azure-common-1.1.25-6.4.1 added
- python3-azure-communication-administration-1.0.0b2-3.3.1 added
- python3-azure-communication-chat-1.0.0b2-3.3.1 added
- python3-azure-communication-nspkg-0.0.0b1-3.3.1 added
- python3-azure-communication-sms-1.0.0b3-3.3.1 added
- python3-azure-core-1.22.1-150100.3.7.2 added
- python3-azure-cosmos-4.2.0-3.3.1 added
- python3-azure-data-nspkg-1.0.0-3.3.1 added
- python3-azure-data-tables-12.0.0b2-3.3.1 added
- python3-azure-datalake-store-0.0.51-6.4.1 added
- python3-azure-devops-6.0.0b4-3.3.1 added
- python3-azure-eventgrid-1.3.0-3.4.1 added
- python3-azure-eventhub-5.2.0-3.3.1 added
- python3-azure-eventhub-checkpointstoreblob-1.1.1-3.3.1 added
- python3-azure-eventhub-checkpointstoreblob-aio-1.1.1-3.3.1 added
- python3-azure-functions-devops-build-0.0.22-3.3.1 added
- python3-azure-graphrbac-0.61.1-6.4.1 added
- python3-azure-identity-1.5.0-3.3.1 added
- python3-azure-keyvault-4.1.0-6.4.1 added
- python3-azure-keyvault-administration-4.0.0b2-3.3.1 added
- python3-azure-keyvault-certificates-4.2.1-3.3.1 added
- python3-azure-keyvault-keys-4.3.0-3.3.1 added
- python3-azure-keyvault-nspkg-1.0.0-3.3.1 added
- python3-azure-keyvault-secrets-4.2.0-3.3.1 added
- python3-azure-loganalytics-0.1.0-3.4.1 added
- python3-azure-mgmt-4.0.0-6.7.1 added
- python3-azure-mgmt-advisor-4.0.0-3.4.1 added
- python3-azure-mgmt-alertsmanagement-0.2.0rc2-3.3.1 added
- python3-azure-mgmt-apimanagement-0.2.0-3.3.1 added
- python3-azure-mgmt-appconfiguration-1.0.1-3.3.1 added
- python3-azure-mgmt-applicationinsights-0.3.0-3.4.1 added
- python3-azure-mgmt-appplatform-1.0.0-3.3.1 added
- python3-azure-mgmt-attestation-0.1.0.0-3.3.1 added
- python3-azure-mgmt-authorization-0.61.0-6.4.1 added
- python3-azure-mgmt-automanage-1.0.0b1-3.3.1 added
- python3-azure-mgmt-automation-0.1.1-3.3.1 added
- python3-azure-mgmt-azurestack-0.1.0-3.3.1 added
- python3-azure-mgmt-azurestackhci-1.0.0rc1-3.3.1 added
- python3-azure-mgmt-baremetalinfrastructure-1.0.0b1-3.3.1 added
- python3-azure-mgmt-batch-9.0.0-6.4.1 added
- python3-azure-mgmt-batchai-2.0.0-3.4.1 added
- python3-azure-mgmt-billing-1.0.0-6.7.1 added
- python3-azure-mgmt-botservice-0.2.0-3.4.1 added
- python3-azure-mgmt-cdn-5.2.0-6.7.1 added
- python3-azure-mgmt-cognitiveservices-6.3.0-6.4.1 added
- python3-azure-mgmt-commerce-1.0.1-6.4.1 added
- python3-azure-mgmt-communication-1.0.0b2-3.3.1 added
- python3-azure-mgmt-compute-18.0.0-150100.6.11.2 added
- python3-azure-mgmt-consumption-3.0.0-6.4.1 added
- python3-azure-mgmt-containerinstance-2.0.0-6.4.1 added
- python3-azure-mgmt-containerregistry-3.0.0rc16-150100.6.8.2 added
- python3-azure-mgmt-containerservice-9.4.0-6.4.1 added
- python3-azure-mgmt-core-1.2.2-3.3.1 added
- python3-azure-mgmt-cosmosdb-1.0.0-6.4.1 added
- python3-azure-mgmt-costmanagement-0.2.0-3.3.1 added
- python3-azure-mgmt-databoxedge-0.2.0-150100.3.7.2 added
- python3-azure-mgmt-databricks-0.1.0-3.3.1 added
- python3-azure-mgmt-datafactory-0.13.0-3.4.1 added
- python3-azure-mgmt-datalake-analytics-0.6.0-6.4.1 added
- python3-azure-mgmt-datalake-nspkg-3.0.1-6.4.1 added
- python3-azure-mgmt-datalake-store-0.5.0-6.4.1 added
- python3-azure-mgmt-datamigration-4.0.0-3.4.1 added
- python3-azure-mgmt-datashare-0.2.0-3.3.1 added
- python3-azure-mgmt-deploymentmanager-0.2.0-3.3.1 added
- python3-azure-mgmt-devspaces-0.2.0-3.4.1 added
- python3-azure-mgmt-devtestlabs-4.0.0-6.4.1 added
- python3-azure-mgmt-dns-3.0.0-6.4.1 added
- python3-azure-mgmt-documentdb-0.1.3-6.4.1 added
- python3-azure-mgmt-edgegateway-0.1.0-3.3.1 added
- python3-azure-mgmt-eventgrid-3.0.0rc8-6.4.1 added
- python3-azure-mgmt-eventhub-8.0.0-6.4.1 added
- python3-azure-mgmt-frontdoor-0.3.0-3.3.1 added
- python3-azure-mgmt-hanaonazure-0.14.0-3.4.1 added
- python3-azure-mgmt-hdinsight-2.0.0-3.7.1 added
- python3-azure-mgmt-healthcareapis-0.1.0-3.3.1 added
- python3-azure-mgmt-hybridcompute-2.0.0-3.3.1 added
- python3-azure-mgmt-imagebuilder-0.4.0-3.3.1 added
- python3-azure-mgmt-iotcentral-3.1.0-3.4.1 added
- python3-azure-mgmt-iothub-0.12.0-6.4.1 added
- python3-azure-mgmt-iothubprovisioningservices-0.2.0-3.4.1 added
- python3-azure-mgmt-keyvault-8.0.0-7.4.1 added
- python3-azure-mgmt-kubernetesconfiguration-0.2.0-3.3.1 added
- python3-azure-mgmt-kusto-0.9.0-3.4.1 added
- python3-azure-mgmt-labservices-0.1.1-3.3.1 added
- python3-azure-mgmt-loganalytics-1.0.0-3.4.1 added
- python3-azure-mgmt-logic-4.0.0rc2-7.4.1 added
- python3-azure-mgmt-machinelearningcompute-0.4.1-3.4.1 added
- python3-azure-mgmt-machinelearningservices-0.1.0-3.3.1 added
- python3-azure-mgmt-managedservices-1.0.0-3.3.1 added
- python3-azure-mgmt-managementgroups-0.2.0-3.4.1 added
- python3-azure-mgmt-managementpartner-0.1.1-3.4.1 added
- python3-azure-mgmt-maps-0.1.0-3.4.1 added
- python3-azure-mgmt-marketplaceordering-0.2.1-3.4.1 added
- python3-azure-mgmt-media-2.2.0-7.4.1 added
- python3-azure-mgmt-mixedreality-0.2.0-3.3.1 added
- python3-azure-mgmt-monitor-1.0.1-6.4.1 added
- python3-azure-mgmt-msi-1.0.0-3.4.1 added
- python3-azure-mgmt-netapp-0.14.0-3.6.1 added
- python3-azure-mgmt-network-17.0.0-150100.6.8.2 added
- python3-azure-mgmt-notificationhubs-2.1.0-7.4.1 added
- python3-azure-mgmt-nspkg-3.0.2-6.4.1 added
- python3-azure-mgmt-peering-0.2.0-3.3.1 added
- python3-azure-mgmt-policyinsights-0.5.0-3.4.1 added
- python3-azure-mgmt-powerbiembedded-2.0.0-7.4.1 added
- python3-azure-mgmt-privatedns-0.1.0-3.3.1 added
- python3-azure-mgmt-rdbms-3.1.0rc1-6.4.1 added
- python3-azure-mgmt-recoveryservices-0.5.0-6.4.1 added
- python3-azure-mgmt-recoveryservicesbackup-0.8.0-7.4.1 added
- python3-azure-mgmt-redhatopenshift-0.1.0-3.3.1 added
- python3-azure-mgmt-redis-7.0.0rc1-6.4.1 added
- python3-azure-mgmt-regionmove-1.0.0b1-3.3.1 added
- python3-azure-mgmt-relay-0.2.0-3.4.1 added
- python3-azure-mgmt-reservations-0.8.0-3.4.1 added
- python3-azure-mgmt-resource-15.0.0-6.7.1 added
- python3-azure-mgmt-resourcegraph-2.0.0-3.3.1 added
- python3-azure-mgmt-resourcemover-1.0.1b1-3.3.1 added
- python3-azure-mgmt-scheduler-2.0.0-7.4.1 added
- python3-azure-mgmt-search-3.0.0-6.4.1 added
- python3-azure-mgmt-security-0.6.0-150100.3.7.2 added
- python3-azure-mgmt-serialconsole-0.1.0-3.3.1 added
- python3-azure-mgmt-servermanager-2.0.0-6.4.1 added
- python3-azure-mgmt-servicebus-1.0.0-6.4.1 added
- python3-azure-mgmt-servicefabric-0.5.0-6.4.1 added
- python3-azure-mgmt-signalr-0.4.0-3.4.1 added
- python3-azure-mgmt-sql-0.24.0-6.4.1 added
- python3-azure-mgmt-sqlvirtualmachine-0.5.0-3.3.1 added
- python3-azure-mgmt-storage-16.0.0-6.4.1 added
- python3-azure-mgmt-storagecache-0.3.0-3.3.1 added
- python3-azure-mgmt-storageimportexport-0.1.0-3.3.1 added
- python3-azure-mgmt-storagesync-0.2.0-3.3.1 added
- python3-azure-mgmt-streamanalytics-1.0.0rc1-3.3.1 added
- python3-azure-mgmt-subscription-0.7.0-3.4.1 added
- python3-azure-mgmt-synapse-0.5.0-3.6.1 added
- python3-azure-mgmt-trafficmanager-0.51.0-7.4.1 added
- python3-azure-mgmt-vmwarecloudsimple-0.2.0-3.3.1 added
- python3-azure-mgmt-web-0.48.0-6.4.1 added
- python3-azure-monitor-0.3.1-7.4.1 added
- python3-azure-multiapi-storage-0.5.2-6.4.1 added
- python3-azure-nspkg-3.0.2-6.4.1 added
- python3-azure-sdk-4.0.0-150100.3.10.2 added
- python3-azure-search-documents-11.0.0-3.3.1 added
- python3-azure-search-nspkg-1.0.0-3.3.1 added
- python3-azure-servicebus-0.50.3-7.4.1 added
- python3-azure-servicefabric-7.1.0.45-6.4.1 added
- python3-azure-servicemanagement-legacy-0.20.7-7.4.1 added
- python3-azure-storage-0.36.0-4.22 added
- python3-azure-storage-blob-12.5.0-3.4.1 added
- python3-azure-storage-common-2.1.0-3.4.1 added
- python3-azure-storage-file-2.1.0-3.4.1 added
- python3-azure-storage-file-datalake-12.1.2-3.3.1 added
- python3-azure-storage-file-share-12.2.0-3.3.1 added
- python3-azure-storage-nspkg-3.1.0-3.4.1 added
- python3-azure-storage-queue-12.1.3-3.4.1 added
- python3-azure-synapse-accesscontrol-0.3.0-3.3.1 added
- python3-azure-synapse-artifacts-0.3.0-3.3.1 added
- python3-azure-synapse-managedprivateendpoints-0.4.0-150100.3.3.2 added
- python3-azure-synapse-monitoring-0.2.0-150100.3.3.2 added
- python3-azure-synapse-nspkg-1.0.0-3.3.1 added
- python3-azure-synapse-spark-0.3.0-3.3.1 added
- python3-azure-template-0.1.0b1293622-150100.3.3.2 added
- python3-azuremetadata-5.1.5-1.23.1 added
- python3-barbicanclient-4.10.0-5.3.5 added
- python3-boto-2.49.0-8.7.2 added
- python3-capturer-2.4-1.31 added
- python3-cfn-lint-0.21.4-3.3.9 added
- python3-cinderclient-7.0.0-8.4.5 added
- python3-click-man-0.4.1-5.3.2 added
- python3-cliff-3.1.0-7.4.6 added
- python3-cmd2-0.8.9-7.4.3 added
- python3-colorama-0.4.4-1.1 added
- python3-coloredlogs-10.0-1.33 added
- python3-debtcollector-2.0.1-8.4.6 added
- python3-designateclient-4.0.0-5.3.5 added
- python3-dogpile.cache-0.6.5-2.9 added
- python3-ec2imgutils-10.0.1-150200.6.7.1 added
- python3-ec2metadata-4.0.0-150000.3.9.1 added
- python3-fluidity-sm-0.2.0-3.3.1 added
- python3-gcemetadata-1.0.4-3.9.1 added
- python3-glanceclient-3.1.1-8.3.5 added
- python3-google-api-core-1.17.0-1.25 added
- python3-google-api-python-client-1.7.4-3.3.1 added
- python3-google-auth-httplib2-0.0.3-1.3.2 added
- python3-google-cloud-core-1.3.0-1.25 added
- python3-google-cloud-storage-1.23.0-5.3.2 added
- python3-google-resumable-media-0.5.0-150200.5.6.1 added
- python3-googleapis-common-protos-1.6.0-5.3.2 added
- python3-gunicorn-19.7.1-3.4.1 added
- python3-heat-cfntools-1.4.2-1.21 added
- python3-heatclient-2.1.0-8.3.6 added
- python3-humanfriendly-4.16.1-4.22 added
- python3-humanfriendly-test-4.16.1-4.24 added
- python3-idna_ssl-1.0.0-3.3.1 added
- python3-invoke-1.3.0-3.3.1 added
- python3-ironicclient-4.1.0-5.3.6 added
- python3-iso8601-0.1.12-1.20 added
- python3-javaproperties-0.7.0-3.3.1 added
- python3-jsmin-2.2.2-3.3.1 added
- python3-jsondiff-1.2.0-3.3.1 added
- python3-jsonpatch-1.23-3.3.1 added
- python3-jsonpointer-1.14-1.20 added
- python3-keystoneauth1-4.0.0-9.3.6 added
- python3-keystoneclient-4.0.0-9.4.5 added
- python3-knack-0.7.2-3.4.2 added
- python3-lexicon-1.0.0-3.3.1 added
- python3-mock-3.0.5-13.24 added
- python3-monascaclient-2.1.0-5.3.6 added
- python3-msal-1.6.0-3.3.1 added
- python3-msal-extensions-0.3.0-3.3.1 added
- python3-msrest-0.6.21-150100.6.8.2 added
- python3-msrestazure-0.6.4-6.4.1 added
- python3-munch-2.2.0-1.17 added
- python3-neutronclient-7.1.1-7.3.6 added
- python3-novaclient-17.0.0-8.4.6 added
- python3-oauth2client-flask-4.1.3-3.2.1 added
- python3-oauth2client-gce-4.1.3-3.2.1 added
- python3-octaviaclient-2.0.1-5.3.6 added
- python3-openstackclient-5.2.0-8.3.2 added
- python3-openstacksdk-0.46.0-7.4.5 added
- python3-os-client-config-2.1.0-8.4.7 added
- python3-os-service-types-1.7.0-8.4.5 added
- python3-osc-lib-2.0.0-8.4.6 added
- python3-oslo.config-8.0.2-8.4.5 added
- python3-oslo.i18n-4.0.1-8.4.5 added
- python3-oslo.serialization-3.1.1-8.4.5 added
- python3-oslo.utils-4.1.1-8.4.4 added
- python3-oss2-2.14.0-5.3.2 added
- python3-pathlib2-2.3.2-3.8.1 added
- python3-pkginfo-1.5.0.1-1.26 added
- python3-portalocker-1.4.0-3.6.1 added
- python3-pydocumentdb-2.3.5-3.4.1 added
- python3-pyperclip-1.6.0-150000.3.3.1 added
- python3-pyroute2-0.5.10-3.3.1 added
- python3-requestsexceptions-1.3.0-1.17 added
- python3-rfc3986-1.4.0-7.4.4 added
- python3-scp-0.13.2-5.4.1 added
- python3-sphinxcontrib-apidoc-0.3.0-5.3.3 added
- python3-sphinxcontrib-svg2pdfconverter-1.0.1-5.3.15 added
- python3-statsd-3.3.0-5.3.13 added
- python3-stevedore-1.32.0-7.4.4 added
- python3-susepubliccloudinfo-1.2.2-3.12.1 added
- python3-swiftclient-3.9.0-7.4.5 added
- python3-tabulate-0.7.7-1.18 added
- python3-uritemplate-3.0.0-1.38 added
- python3-verboselogs-1.7-1.34 added
- python3-vsts-0.1.25-3.3.2 added
- python3-vsts-cd-manager-1.0.2-4.4.1 added
- python3-warlock-1.3.0-1.17 added
- python3-wcwidth-0.1.8-3.5.11 added
- python3-xmltodict-0.12.0-5.4.1 added
- regionServiceClientConfigAzure-2.0.0-150000.3.16.1 added
- regionServiceClientConfigEC2-4.1.0-150000.3.24.1 added
- regionServiceClientConfigGCE-4.0.0-150000.4.9.1 added
- regionServiceClientConfigSAPAzure-1.0.3-3.6.1 added
- regionServiceClientConfigSAPEC2-1.0.1-1.15 added
- regionServiceClientConfigSAPGCE-1.0.1-2.19 added
- supportutils-plugin-cloud-init-1.1-150400.1.5 added
- supportutils-plugin-suse-public-cloud-1.0.7-150000.3.12.1 added
- susemanager-cloud-setup-proxy-1.6-3.12.1 added
- susemanager-cloud-setup-server-1.6-3.12.1 added
- amazon-ecs-init-1.53.0-150100.4.13.1 added
- amazon-ssm-agent-3.1.1260.0-150000.5.11.1 added
- apache2-mod_wsgi-4.7.1-150400.3.3.1 added
- aws-iam-authenticator-0.5.3-150000.1.9.1 added
- aws-nitro-enclaves-binaryblobs-upstream-1.2.2~git0.4ccc639-150400.3.3.1 added
- aws-nitro-enclaves-cli-1.2.2~git0.4ccc639-150400.3.3.1 added
- cloud-init-21.4-150100.8.58.1 added
- cloud-init-config-suse-21.4-150100.8.58.1 added
- google-cloud-sap-agent-1.0-150100.3.3.1 added
- google-compute-engine-oslogin-20190801-4.38.1 added
- google-guest-agent-20230221.00-150000.1.34.1 added
- google-guest-oslogin-20220721.00-150000.1.30.1 added
- google-osconfig-agent-20230222.00-150000.1.27.1 added
- kernel-azure-5.14.21-150500.31.4 added
- kernel-azure-devel-5.14.21-150500.31.4 added
- kernel-syms-azure-5.14.21-150500.31.1 added
- libgrpc8-1.25.0-150200.3.5.1 added
- nvidia-open-driver-G06-signed-kmp-azure-525.116.04_k5.14.21_150500.31-150500.1.3 added
- patterns-public-cloud-15-Amazon-Web-Services-15.1-150100.8.3.1 added
- patterns-public-cloud-15-Amazon-Web-Services-Instance-Init-15.1-150100.8.3.1 added
- patterns-public-cloud-15-Amazon-Web-Services-Instance-Tools-15.1-150100.8.3.1 added
- patterns-public-cloud-15-Amazon-Web-Services-Tools-15.1-150100.8.3.1 added
- patterns-public-cloud-15-Google-Cloud-Platform-15.1-150100.8.3.1 added
- patterns-public-cloud-15-Google-Cloud-Platform-Instance-Init-15.1-150100.8.3.1 added
- patterns-public-cloud-15-Google-Cloud-Platform-Instance-Tools-15.1-150100.8.3.1 added
- patterns-public-cloud-15-Google-Cloud-Platform-Tools-15.1-150100.8.3.1 added
- patterns-public-cloud-15-Microsoft-Azure-15.1-150100.8.3.1 added
- patterns-public-cloud-15-Microsoft-Azure-Instance-Init-15.1-150100.8.3.1 added
- patterns-public-cloud-15-Microsoft-Azure-Instance-Tools-15.1-150100.8.3.1 added
- patterns-public-cloud-15-Microsoft-Azure-Tools-15.1-150100.8.3.1 added
- patterns-public-cloud-15-OpenStack-15.1-150100.8.3.1 added
- patterns-public-cloud-15-OpenStack-Instance-Init-15.1-150100.8.3.1 added
- patterns-public-cloud-15-OpenStack-Instance-Tools-15.1-150100.8.3.1 added
- patterns-public-cloud-15-OpenStack-Tools-15.1-150100.8.3.1 added
- python3-aiohttp-3.6.0-150100.3.9.1 added
- python3-aliyun-img-utils-1.1.0-5.4.2 added
- python3-brotlipy-0.7.0-1.24 added
- python3-crcmod-1.7-150200.5.6.1 added
- python3-grpcio-1.25.0-150200.3.5.1 added
- python3-multidict-4.5.2-1.24 added
- python3-protobuf-3.9.2-150200.4.19.2 added
- python3-pytricia-1.0.0-3.2.2 added
- python3-uamqp-1.5.3-150100.4.7.1 added
- python3-yarl-1.3.0-150200.3.6.1 added
- rmt-server-pubcloud-2.9-150500.1.4 added
- rpm-ndb-4.14.3-150300.55.1 added
- s3fs-1.91-150000.3.9.1 added
- sle-module-public-cloud-release-15.5-150500.43.2 added
- system-group-ne-1.2.2~git0.4ccc639-150400.3.3.1 added
- terraform-0.13.4-6.3.1 added
- terraform-provider-aws-3.11.0-6.3.1 added
- terraform-provider-azurerm-2.32.0-6.3.1 added
- terraform-provider-external-2.0.0-6.3.1 added
- terraform-provider-google-3.43.0-6.3.1 added
- terraform-provider-helm-2.9.0-150200.6.8.1 added
- terraform-provider-kubernetes-1.13.2-6.3.1 added
- terraform-provider-local-2.0.0-6.3.1 added
- terraform-provider-null-3.0.0-6.3.1 added
- terraform-provider-random-3.0.0-6.3.1 added
- terraform-provider-susepubliccloud-0.0.1-3.8.1 added
- terraform-provider-tls-3.0.0-5.3.2 added
- python311-pip-22.3.1-150400.17.3.1 added
- python311-setuptools-67.7.2-150400.3.6.1 added
- libpython3_11-1_0-3.11.2-150400.9.5.6 added
- python311-3.11.2-150400.9.5.3 added
- python311-base-3.11.2-150400.9.5.6 added
- python311-curses-3.11.2-150400.9.5.3 added
- python311-dbm-3.11.2-150400.9.5.3 added
- python311-devel-3.11.2-150400.9.5.6 added
- python311-idle-3.11.2-150400.9.5.3 added
- python311-tk-3.11.2-150400.9.5.3 added
- python311-tools-3.11.2-150400.9.5.6 added
- sle-module-python3-release-15.5-150500.43.2 added
- kernel-devel-rt-5.14.21-150500.11.2 added
- kernel-source-rt-5.14.21-150500.11.2 added
- release-notes-sle_rt-15.5.20230507-150500.1.2 added
- sle-rt-hw_en-15.5-150500.2.25 added
- sle-rt-quick_en-15.5-150500.1.25 added
- sle-rt-shielding_en-15.5-150500.2.25 added
- sle-rt-virtguide_en-15.5-150500.2.25 added
- cluster-md-kmp-rt-5.14.21-150500.11.2 added
- crash-kmp-rt-7.3.1_k5.14.21_150500.11-150500.3.4 added
- dlm-kmp-rt-5.14.21-150500.11.2 added
- gfs2-kmp-rt-5.14.21-150500.11.2 added
- ibmrtpkgs-2-6.38.5.1 added
- kernel-rt-5.14.21-150500.11.2 added
- kernel-rt-devel-5.14.21-150500.11.2 added
- kernel-rt-vdso-5.14.21-150500.11.2 added
- kernel-rt_debug-5.14.21-150500.11.2 added
- kernel-rt_debug-devel-5.14.21-150500.11.2 added
- kernel-rt_debug-vdso-5.14.21-150500.11.2 added
- kernel-syms-rt-5.14.21-150500.11.1 added
- lttng-modules-kmp-rt-2.13.7_k5.14.21_150500.11-150500.3.27 added
- ocfs2-kmp-rt-5.14.21-150500.11.2 added
- oracleasm-kmp-rt-2.0.8_k5.14.21_150500.11-150500.5.9 added
- patterns-rt-rt_sles-15.5.0-150500.1.1 added
- rt-tests-2.4-150500.1.1 added
- sle-module-rt-release-15.5-150500.43.2 added
- system-role-real-time-text-mode-15.5.0-150500.1.1 added
- ClusterTools2-3.1.2-150100.8.9.1 added
- SAPHanaSR-0.162.1-150000.4.31.1 added
- SAPHanaSR-ScaleOut-0.184.1-150000.33.1 added
- SAPHanaSR-ScaleOut-doc-0.184.1-150000.33.1 added
- SAPHanaSR-angi-1.001.4-150500.1.1 added
- SAPHanaSR-doc-0.162.1-150000.4.31.1 added
- drbd-formula-0.4.2+git.1616116365.1e3ab34-3.6.1 added
- grafana-ha-cluster-dashboards-1.1.0+git.1605027022.a84d536-1.11.1 added
- grafana-sap-hana-dashboards-1.0.2+git.1600361067.f7c00d1-1.8.2 added
- grafana-sap-netweaver-dashboards-1.0.3+git.1601889366.9f71957-1.11.2 added
- grafana-sap-providers-1.1-1.8.1 added
- grafana-sleha-provider-1.1.0+git.1605027022.a84d536-1.11.1 added
- habootstrap-formula-0.4.4+git.1632747498.2caa677-3.20.1 added
- iscsi-formula-1.1.1-1.6.1 added
- prometheus-hanadb_exporter-0.8.0+git.1681379025.bf6cd7c-150200.3.9.1 added
- python3-prometheus_client-0.7.1-2.24 added
- python3-shaptools-0.3.13+git.1673855974.f208fad-150200.3.12.1 added
- release-notes-sles-for-sap-15.5.20230510-150500.1.2 added
- salt-shaptools-0.3.17+git.1651504665.6e49c5b-150200.3.9.1 added
- sap-netscape-link-0.1-2.26 added
- sap-suse-cluster-connector-3.1.2-7.6.1 added
- sapcontrol-bash-completion-0.3.0-150500.1.1 added
- saphanabootstrap-formula-0.13.1+git.1667812208.4db963e-150200.3.15.1 added
- sapnwbootstrap-formula-0.6.4+git.1621842068.a86c37c-10.1 added
- saprouter-systemd-0.2-2.16 added
- sapstartsrv-resource-agents-0.9.1+git.1663751963.e0ef8a2-150000.1.15.1 added
- supportutils-plugin-ha-sap-0.0.4+git.1663763480.2bbd713-150000.1.12.1 added
- yast2-sap-ha-4.5.6-150500.1.1 added
- HANA-Firewall-2.0.3-150000.3.6.1 added
- clamsap-0.104.3-150000.4.12.1 added
- kiwi-template-sap-1.2.1-3.14 added
- patterns-sap-hana-15.5-150500.3.1 added
- patterns-sap-nw-15.5-150500.3.1 added
- pcm-202212-150500.1.1 added
- perl-Term-ReadLine-Gnu-1.42-150500.1.2 added
- prometheus-sap_host_exporter-0.5.1+git.1593777035.a5d05f8-150200.4.5.1 added
- sap-installation-wizard-4.5.5-150500.3.1 added
- saptune-3.0.2-8.22.2 added
- sle-module-sap-applications-release-15.5-150500.43.2 added
- trento-agent-2.0.0-150100.3.3.2 added
- yast2-hana-firewall-2.0.4-1.62 added
- yast2-hana-update-1.2.2-150500.1.1 added
- yast2-sap-scp-1.0.4-1.62 added
- yast2-sap-scp-prodlist-1.0.4-1.49 added
- bone-installation-wizard-4.5.5-150500.3.1 added
- patterns-sap-bone-15.5-150500.3.1 added
- sle-module-sap-business-one-release-15.5-150500.43.2 added
- system-role-sap-business-one-15.5.0-150500.1.1 added
- apache-rex-20210108-150400.1.4 added
- apache2-doc-2.4.51-150400.6.11.1 added
- bind-doc-9.16.38-150400.5.20.2 added
- cim-schema-2.50.0-1.15 added
- clone-master-clean-up-1.11-150100.3.20.1 added
- cmpi-provider-register-1.1.0-2.15 added
- ddclient-3.8.3-3.7.1 added
- dehydrated-0.7.0-11.6.1 added
- dehydrated-apache2-0.7.0-11.6.1 added
- dehydrated-nginx-0.7.0-11.6.1 added
- dovecot-2.3-3.3.1 added
- gnuplot-doc-5.4.3-150400.1.9 added
- grub2-x86_64-xen-2.06-150500.27.4 added
- guestfs-tools-bash-completion-1.48.2-150500.1.1 added
- guestfs-tools-man-pages-ja-1.48.2-150500.1.1 added
- guestfs-tools-man-pages-uk-1.48.2-150500.1.1 added
- ibmtss-base-1.6.0-150400.2.5 added
- ipmitool-bmc-snmp-proxy-1.8.18.238.gb7adc1d-150400.1.14 added
- kvm_stat-5.14.21-150400.22.5 added
- libguestfs-bash-completion-1.48.4-150500.1.13 added
- libguestfs-inspect-icons-1.48.4-150500.1.13 added
- libguestfs-man-pages-ja-1.48.4-150500.1.13 added
- libguestfs-man-pages-uk-1.48.4-150500.1.13 added
- libstoragemgmt-arcconf-plugin-1.8.5-3.3.1 added
- libstoragemgmt-hpsa-plugin-1.8.5-3.3.1 added
- libstoragemgmt-local-plugin-1.8.5-3.3.1 added
- libstoragemgmt-megaraid-plugin-1.8.5-3.3.1 added
- libstoragemgmt-netapp-plugin-1.8.5-3.3.1 added
- libstoragemgmt-nfs-plugin-1.8.5-3.3.1 added
- libstoragemgmt-smis-plugin-1.8.5-3.3.1 added
- libvirt-bash-completion-7.1.0-150300.6.35.2 added
- libvirt-doc-9.0.0-150500.4.3 added
- mariadb-errormessages-10.6.12-150400.3.20.5 added
- migrate-sles-to-sles4sap-15.1.2-150100.3.12.1 added
- mirror-2.9-3.6.1 added
- mpi-selector-1.0.3-1.25 added
- nginx-macros-0.0.1-1.1 added
- nginx-source-1.21.5-150400.3.3.1 added
- nvmetcli-0.7-5.6.1 added
- ongres-scram-2.1-150400.6.24 added
- ongres-scram-client-2.1-150400.6.24 added
- ongres-stringprep-1.1-150400.1.24 added
- ongres-stringprep-saslprep-1.1-150400.1.24 added
- patterns-rpm-macros-1.0-150400.16.4 added
- pgadmin4-doc-4.30-150300.3.9.1 added
- pgadmin4-web-4.30-150300.3.9.1 added
- postgresql-contrib-15-150500.8.19 added
- postgresql-devel-15-150500.8.19 added
- postgresql-docs-15-150500.8.19 added
- postgresql-jdbc-42.2.25-150400.3.9.2 added
- postgresql-plperl-15-150500.8.19 added
- postgresql-plpython-15-150500.8.19 added
- postgresql-pltcl-15-150500.8.19 added
- postgresql-server-15-150500.8.19 added
- postgresql-server-devel-15-150500.8.19 added
- postgresql15-docs-15.3-150200.5.9.1 added
- python3-Automat-20.2.0-150400.1.7 added
- python3-Flask-Compress-1.5.0-2.1 added
- python3-PyHamcrest-1.9.0-3.2.2 added
- python3-apache-libcloud-3.3.1-1.15 added
- python3-constantly-15.1.0-3.2.1 added
- python3-h2-3.2.0-3.2.2 added
- python3-hpack-3.0.0-3.2.1 added
- python3-hyperframe-5.2.0-3.2.1 added
- python3-hyperlink-17.2.1-3.2.1 added
- python3-incremental-21.3.0-150400.1.7 added
- python3-ldap3-2.6.1-1.1 added
- python3-pyserial-3.4-3.2.1 added
- python3-python-slugify-5.0.2-150400.1.4 added
- python3-pywbem-0.11.0-2.21 added
- python3-service_identity-18.1.0-150200.3.5.1 added
- python3-sortedcontainers-2.1.0-3.2.4 added
- python3-text-unidecode-1.3-150400.1.6 added
- python3-typing_extensions-3.10.0.0-150400.3.2.1 added
- python3-virt-tuner-0.0.3-150400.2.7 added
- qemu-ipxe-1.0.0+-150500.47.15 added
- qemu-ovmf-x86_64-202208-150500.4.1 added
- qemu-seabios-1.16.0_0_gd239552-150500.47.15 added
- qemu-sgabios-8-150500.47.15 added
- qemu-vgabios-1.16.0_0_gd239552-150500.47.15 added
- salt-fish-completion-3005.1-150500.2.13 added
- sapconf-5.0.6-150000.7.27.1 added
- sca-appliance-agent-1.3.1-1.1 added
- sca-appliance-broker-1.3.2-150300.3.3.1 added
- sca-appliance-common-1.3-10.1 added
- sca-appliance-patdev-1.3.1-1.1 added
- sca-patterns-base-1.5.0-150400.1.6 added
- sca-patterns-hae-1.5.0-150400.1.4 added
- sca-patterns-sle11-1.5.0-150400.1.4 added
- sca-patterns-sle12-1.5.0-150400.1.4 added
- sca-patterns-sle15-1.5.0-150400.1.4 added
- sca-patterns-suma-1.5.0-150400.1.4 added
- sca-server-report-1.5.0-150400.1.6 added
- spice-protocol-devel-0.14.4-150500.1.1 added
- system-group-libvirt-20170617-150400.22.33 added
- system-user-ftp-20170617-150400.22.33 added
- system-user-qemu-20170617-150400.22.33 added
- system-user-upsd-20170617-150400.22.33 added
- system-user-uuidd-20170617-150400.22.33 added
- tuned-2.10.0-150400.19.10 added
- virt-install-4.1.0-150500.1.1 added
- virt-manager-4.1.0-150500.1.1 added
- virt-manager-common-4.1.0-150500.1.1 added
- virt-v2v-bash-completion-1.44.2-150400.3.3.1 added
- virt-v2v-man-pages-ja-1.44.2-150400.3.3.1 added
- virt-v2v-man-pages-uk-1.44.2-150400.3.3.1 added
- virt-win-reg-1.48.2-150500.1.1 added
- xen-tools-xendomains-wait-disk-4.17.0_06-150500.1.10 added
- yast2-gpmc-1.4.1+git.10.c580bd9-1.63 added
- yast2-instserver-4.5.0-150500.1.1 added
- yast2-isns-4.5.0-150500.1.1 added
- yast2-samba-provision-1.0.5-150400.9.3.3 added
- zramcfg-0.2-150400.12.4 added
- 389-ds-2.2.6~git40.002a0ca-150500.1.2 added
- 389-ds-devel-2.2.6~git40.002a0ca-150500.1.2 added
- FirmwareUpdateKit-1.6-2.15 added
- accel-config-3.4.7-150500.1.2 added
- accel-config-devel-3.4.7-150500.1.2 added
- apache-rpm-macros-control-20151110-1.22 added
- apache2-devel-2.4.51-150400.6.11.1 added
- apache2-mod_apparmor-3.0.4-150500.9.3 added
- apache2-mod_auth_mellon-0.17.0-150200.5.7.1 added
- apache2-mod_auth_mellon-diagnostics-0.17.0-150200.5.7.1 added
- apache2-mod_auth_mellon-doc-0.17.0-150200.5.7.1 added
- apache2-mod_auth_openidc-2.3.8-150100.3.25.1 added
- apache2-mod_jk-1.2.43-6.3.1 added
- apache2-mod_nss-1.0.17-3.3.1 added
- apache2-mod_security2-2.9.4-150400.3.6.1 added
- apache2-mod_wsgi-python3-4.5.18-150000.4.6.1 added
- apache2-worker-2.4.51-150400.6.11.1 added
- apcupsd-3.14.14-5.37 added
- at-3.2.2-150400.4.3.10 added
- bind-9.16.38-150400.5.20.2 added
- cachefilesd-0.10.5-1.26 added
- certification-sles-eal4-15.2+git20230219.8d115ca-150200.5.18.1 added
- cyrus-sasl-bdb-devel-2.1.28-150500.1.1 added
- cyrus-sasl-sqlauxprop-2.1.28-150500.1.2 added
- dapl-2.1.10-3.6.1 added
- dapl-debug-2.1.10-3.6.1 added
- dapl-debug-devel-2.1.10-3.6.1 added
- dapl-debug-libs-2.1.10-3.6.1 added
- dapl-devel-2.1.10-3.6.1 added
- dapl-utils-2.1.10-3.6.1 added
- davfs2-1.5.4-150000.3.11.1 added
- delayacct-utils-4.12.14-1.20 added
- dhcp-relay-4.3.6.P1-150000.6.17.1 added
- dhcp-server-4.3.6.P1-150000.6.17.1 added
- dhcp-tools-1.6-1.27 added
- dovecot23-2.3.15-150200.62.1 added
- dovecot23-backend-mysql-2.3.15-150200.62.1 added
- dovecot23-backend-pgsql-2.3.15-150200.62.1 added
- dovecot23-backend-sqlite-2.3.15-150200.62.1 added
- dovecot23-devel-2.3.15-150200.62.1 added
- dovecot23-fts-2.3.15-150200.62.1 added
- dovecot23-fts-lucene-2.3.15-150200.62.1 added
- dovecot23-fts-solr-2.3.15-150200.62.1 added
- dovecot23-fts-squat-2.3.15-150200.62.1 added
- dpdk22-22.11.1-150500.3.7 added
- dpdk22-devel-22.11.1-150500.3.7 added
- dpdk22-kmp-default-22.11.1_k5.14.21_150500.53-150500.3.7 added
- dpdk22-tools-22.11.1-150500.3.7 added
- dump-0.4b47-150400.1.10 added
- erlang-22.3-150300.3.3.1 added
- erlang-epmd-22.3-150300.3.3.1 added
- erlang-rabbitmq-client-3.8.11-150300.3.11.1 added
- fftw3-openmp-devel-3.3.9-1.6 added
- fftw3-threads-devel-3.3.9-1.6 added
- freeradius-client-1.1.7-150400.14.2.1 added
- freeradius-client-devel-1.1.7-150400.14.2.1 added
- freeradius-client-libs-1.1.7-150400.14.2.1 added
- freeradius-server-3.0.25-150400.4.4.1 added
- freeradius-server-devel-3.0.25-150400.4.4.1 added
- freeradius-server-krb5-3.0.25-150400.4.4.1 added
- freeradius-server-ldap-3.0.25-150400.4.4.1 added
- freeradius-server-libs-3.0.25-150400.4.4.1 added
- freeradius-server-mysql-3.0.25-150400.4.4.1 added
- freeradius-server-perl-3.0.25-150400.4.4.1 added
- freeradius-server-postgresql-3.0.25-150400.4.4.1 added
- freeradius-server-python3-3.0.25-150400.4.4.1 added
- freeradius-server-sqlite-3.0.25-150400.4.4.1 added
- freeradius-server-utils-3.0.25-150400.4.4.1 added
- frr-8.4-150500.2.2 added
- frr-devel-8.4-150500.2.2 added
- gnuplot-5.4.3-150400.1.6 added
- graphviz-tcl-2.48.0-150400.1.8 added
- gtk-vnc-devel-1.3.1-150400.3.3.1 added
- guestfs-tools-1.48.2-150500.1.1 added
- ibacm-42.0-150500.1.3 added
- ibmswtpm2-1637-1.49 added
- ibmtss-1.6.0-150400.2.5 added
- ibmtss-devel-1.6.0-150400.2.5 added
- ibsim-0.11-150400.1.12 added
- ibutils-1.5.7.0.2-150400.16.10 added
- ibutils-devel-1.5.7.0.2-150400.16.10 added
- ibutils-ui-1.5.7.0.2-150400.16.6 added
- ima-evm-utils-devel-1.4-150400.1.5 added
- ima-inspect-0.14-150400.1.4 added
- infinipath-psm-devel-3.3-5.3.1 added
- intel-cmt-cat-2.0.0-5.17 added
- ipmctl-03.00.00.0423-150400.1.5 added
- ipmctl-devel-03.00.00.0423-150400.1.5 added
- iwpmd-42.0-150500.1.3 added
- krb5-plugin-kdb-ldap-1.20.1-150500.1.2 added
- krb5-server-1.20.1-150500.1.2 added
- ldmtool-0.2.4-1.31 added
- lib389-2.2.6~git40.002a0ca-150500.1.2 added
- libHBAAPI2-devel-2.2.10-1.19 added
- libJudy1-1.0.5-1.2 added
- libaccel-config1-3.4.7-150500.1.2 added
- libapr-util1-dbd-mysql-1.6.1-150300.18.5.1 added
- libapr-util1-dbd-pgsql-1.6.1-150300.18.5.1 added
- libapr-util1-dbd-sqlite3-1.6.1-150300.18.5.1 added
- libbitmask1-2.0-1.24 added
- libcacard-devel-2.5.3-1.27 added
- libcapstone-devel-4.0.2-150500.1.3 added
- libcapstone4-4.0.2-150500.1.3 added
- libcerf1-1.5-1.19 added
- libcimcClientXML0-2.2.8-2.29 added
- libcimcclient0-2.2.8-2.29 added
- libcjose-devel-0.6.1-4.3.1 added
- libcjose0-0.6.1-4.3.1 added
- libcmpiCppImpl0-2.0.3-1.25 added
- libcmpisfcc1-2.2.8-2.29 added
- libcpuset-devel-1.0-1.24 added
- libcpuset1-1.0-1.24 added
- libct4-1.1.36-150400.12.3 added
- libdat2-2-2.1.10-3.6.1 added
- libdpdk-23-22.11.1-150500.3.7 added
- libecpg6-15.3-150200.5.9.1 added
- libev-devel-4.24-2.19 added
- libev4-4.24-2.19 added
- libfftw3_omp3-3.3.9-1.6 added
- libfpm_pb0-1.1.1-150400.12.2.1 added
- libfrr0-8.4-150500.2.2 added
- libfrr_pb0-8.4-150500.2.2 added
- libfrrcares0-8.4-150500.2.2 added
- libfrrfpm_pb0-8.4-150500.2.2 added
- libfrrospfapiclient0-8.4-150500.2.2 added
- libfrrsnmp0-8.4-150500.2.2 added
- libfrrzmq0-8.4-150500.2.2 added
- libguestfs-1.48.4-150500.1.13 added
- libguestfs-appliance-1.48.4-150500.1.13 added
- libguestfs-devel-1.48.4-150500.1.13 added
- libguestfs-gobject-1_0-1.48.4-150500.1.13 added
- libguestfs-gobject-devel-1.48.4-150500.1.13 added
- libguestfs-rescue-1.48.4-150500.1.13 added
- libguestfs-rsync-1.48.4-150500.1.13 added
- libguestfs-typelib-Guestfs-1_0-1.48.4-150500.1.13 added
- libguestfs-winsupport-1.48.4-150500.1.13 added
- libguestfs-xfs-1.48.4-150500.1.13 added
- libguestfs0-1.48.4-150500.1.13 added
- libguestfsd-1.48.4-150500.1.13 added
- libgvncpulse-1_0-0-1.3.1-150400.3.3.1 added
- libibdm1-1.5.7.0.2-150400.16.10 added
- libibmtss1-1.6.0-150400.2.5 added
- libibverbs-utils-42.0-150500.1.3 added
- libiniparser1-4.1-150500.2.2 added
- libiscsi-utils-1.18.0-4.29 added
- liblasso3-2.6.1-16.2 added
- libldm-1_0-0-0.2.4-1.31 added
- libldm-1_0-0-devel-0.2.4-1.31 added
- liblog4shib-devel-2.0.0-1.25 added
- liblog4shib2-2.0.0-1.25 added
- libmariadb-devel-3.1.13-3.30.1 added
- libmariadb_plugins-3.1.13-3.30.1 added
- libmariadbd-devel-10.6.12-150400.3.20.5 added
- libmariadbd19-10.6.12-150400.3.20.5 added
- libmemcached-1.0.18-1.40 added
- libmemcached-devel-1.0.18-1.40 added
- libmemcachedutil2-1.0.18-1.40 added
- libmemkind0-1.14.0-150500.1.1 added
- libmlag_pb0-8.4-150500.2.2 added
- libopasadb1_0_0-10.11.1.3.1-150500.1.5 added
- libopenhpi4-3.8.0-150400.10.2.1 added
- libopensm9-3.3.24-150500.6.3 added
- libopenvswitch-3_1-0-3.1.0-150500.1.3 added
- libosinfo-devel-1.10.0-150500.1.3 added
- libosmcomp5-3.3.24-150500.6.3 added
- libosmvendor5-3.3.24-150500.6.3 added
- libospf0-1.1.1-150400.12.2.1 added
- libospfapiclient0-1.1.1-150400.12.2.1 added
- libovn-23_03-0-23.03.0-150500.1.3 added
- libpmem-devel-1.11.1-150400.1.10 added
- libpmemblk-devel-1.11.1-150400.1.10 added
- libpmemkv1-1.3-1.39 added
- libpmemkv_json_config1-1.3-1.39 added
- libpmemlog-devel-1.11.1-150400.1.10 added
- libpmemlog1-1.11.1-150400.1.10 added
- libpmemobj-cpp-devel-1.11-1.40 added
- libpmemobj-devel-1.11.1-150400.1.10 added
- libpmemobj1-1.11.1-150400.1.10 added
- libpmempool-devel-1.11.1-150400.1.10 added
- libpmempool1-1.11.1-150400.1.10 added
- libpowerman0-2.3.26-150400.3.2.1 added
- libpqos-devel-2.0.0-5.17 added
- libpqos2-2.0.0-5.17 added
- libquagga_pb0-1.1.1-150400.12.2.1 added
- librabbitmq-devel-0.10.0-150300.5.3.1 added
- librabbitmq4-0.10.0-150300.5.3.1 added
- librdkafka-devel-0.11.6-1.8.1 added
- librdmacm-utils-42.0-150500.1.3 added
- librelp-devel-1.2.15-1.15 added
- librelp0-1.2.15-1.15 added
- librpma0-0.9.0-1.43 added
- librpmem-devel-1.11.1-150400.1.10 added
- librpmem1-1.11.1-150400.1.10 added
- librtr0-0.8.0-150500.1.1 added
- libsaml-devel-3.1.0-1.27 added
- libsaml11-3.1.0-1.27 added
- libsanlock1-3.6.0-150000.4.3.1 added
- libsfcUtil0-1.0.1-1.18 added
- libshibsp-lite8-3.1.0-3.3.1 added
- libshibsp9-3.1.0-3.3.1 added
- libsmputils-devel-0.98-1.27 added
- libsmputils1-1-0.98-1.27 added
- libspice-server-devel-0.15.0-150400.2.8 added
- libspice-server1-0.15.0-150400.2.8 added
- libstoragemgmt-nfs-plugin-clibs-1.8.5-3.3.1 added
- libsvrcore0-2.2.6~git40.002a0ca-150500.1.2 added
- libtcmu2-1.5.4-150400.1.5 added
- libteam-tools-1.27-150000.4.6.1 added
- libtpms-devel-0.8.2-150300.3.9.1 added
- libtpms0-0.8.2-150300.3.9.1 added
- libusb-0_1-4-0.1.13-150400.12.4 added
- libusb-compat-devel-0.1.7-150400.12.4 added
- libverto-libev1-0.2.6-3.20 added
- libvirglrenderer0-0.6.0-4.9.1 added
- libvirglrenderer1-0.9.1-150400.3.3.1 added
- libvirt-9.0.0-150500.4.3 added
- libvirt-client-9.0.0-150500.4.3 added
- libvirt-client-qemu-9.0.0-150500.4.3 added
- libvirt-daemon-9.0.0-150500.4.3 added
- libvirt-daemon-config-network-9.0.0-150500.4.3 added
- libvirt-daemon-config-nwfilter-9.0.0-150500.4.3 added
- libvirt-daemon-driver-interface-9.0.0-150500.4.3 added
- libvirt-daemon-driver-libxl-9.0.0-150500.4.3 added
- libvirt-daemon-driver-network-9.0.0-150500.4.3 added
- libvirt-daemon-driver-nodedev-9.0.0-150500.4.3 added
- libvirt-daemon-driver-nwfilter-9.0.0-150500.4.3 added
- libvirt-daemon-driver-qemu-9.0.0-150500.4.3 added
- libvirt-daemon-driver-secret-9.0.0-150500.4.3 added
- libvirt-daemon-driver-storage-9.0.0-150500.4.3 added
- libvirt-daemon-driver-storage-core-9.0.0-150500.4.3 added
- libvirt-daemon-driver-storage-disk-9.0.0-150500.4.3 added
- libvirt-daemon-driver-storage-iscsi-9.0.0-150500.4.3 added
- libvirt-daemon-driver-storage-iscsi-direct-9.0.0-150500.4.3 added
- libvirt-daemon-driver-storage-logical-9.0.0-150500.4.3 added
- libvirt-daemon-driver-storage-mpath-9.0.0-150500.4.3 added
- libvirt-daemon-driver-storage-rbd-9.0.0-150500.4.3 added
- libvirt-daemon-driver-storage-scsi-9.0.0-150500.4.3 added
- libvirt-daemon-hooks-9.0.0-150500.4.3 added
- libvirt-daemon-qemu-9.0.0-150500.4.3 added
- libvirt-daemon-xen-9.0.0-150500.4.3 added
- libvirt-devel-9.0.0-150500.4.3 added
- libvirt-glib-devel-4.0.0-150400.1.10 added
- libvirt-lock-sanlock-9.0.0-150500.4.3 added
- libvirt-nss-9.0.0-150500.4.3 added
- libvmem-devel-1.7-1.67 added
- libvmem1-1.7-1.67 added
- libvmmalloc-devel-1.7-1.67 added
- libvmmalloc1-1.7-1.67 added
- libwsman-devel-2.6.7-150000.3.12.2 added
- libwsman3-2.6.7-150000.3.12.2 added
- libwx_baseu-suse3_0_5-3.0.5.1-11.3.2 added
- libwx_gtk2u_core-suse3_0_5-3.0.5.1-11.3.2 added
- libxmltooling-devel-3.1.0-1.26 added
- libxmltooling-lite9-3.1.0-1.26 added
- libxmltooling9-3.1.0-1.26 added
- libyang2-2.1.55-150500.1.1 added
- libzebra1-1.1.1-150400.12.2.1 added
- lifecycle-data-sle-module-server-applications-1-5.4.1 added
- linuxptp-3.1.1-150400.1.11 added
- lua-libguestfs-1.48.4-150500.1.13 added
- lzop-1.04-3.2.1 added
- mariadb-10.6.12-150400.3.20.5 added
- mariadb-client-10.6.12-150400.3.20.5 added
- mariadb-tools-10.6.12-150400.3.20.5 added
- md_monitor-6.6-3.3.1 added
- mdevctl-1.1.0-150400.1.7 added
- memcached-1.5.6-4.7.1 added
- memcached-devel-1.5.6-4.7.1 added
- memkind-devel-1.14.0-150500.1.1 added
- mpich-4.0.2-150500.1.2 added
- mpich-devel-4.0.2-150500.1.2 added
- mpich-ofi-4.0.2-150500.1.2 added
- mpich-ofi-devel-4.0.2-150500.1.2 added
- mpitests-3.2-150500.20.1 added
- mpitests-mpich-3.2-150500.20.4 added
- mpitests-mvapich2-3.2-150500.20.3 added
- mpitests-mvapich2-psm-3.2-150500.20.3 added
- mpitests-mvapich2-psm2-3.2-150500.20.2 added
- mpitests-openmpi2-3.2-150500.20.3 added
- mpitests-openmpi3-3.2-150500.20.3 added
- mpitests-openmpi4-3.2-150500.20.3 added
- mstflint-4.21.0-150500.1.3 added
- mvapich2-2.3.7-150500.1.33 added
- mvapich2-devel-2.3.7-150500.1.33 added
- mvapich2-devel-static-2.3.7-150500.1.33 added
- mvapich2-doc-2.3.7-150500.1.33 added
- mvapich2-psm-2.3.7-150500.1.22 added
- mvapich2-psm-devel-2.3.7-150500.1.22 added
- mvapich2-psm2-2.3.7-150500.1.22 added
- mvapich2-psm2-devel-2.3.7-150500.1.22 added
- ndctl-75-150500.2.2 added
- nginx-1.21.5-150400.3.3.1 added
- nut-2.7.4-150400.15.2.1 added
- nut-devel-2.7.4-150400.15.2.1 added
- nut-drivers-net-2.7.4-150400.15.2.1 added
- ocaml-libguestfs-1.48.4-150500.1.13 added
- ocaml-libguestfs-devel-1.48.4-150500.1.13 added
- opa-address-resolution-10.11.1.3.1-150500.1.5 added
- opa-address-resolution-devel-10.11.1.3.1-150500.1.5 added
- opa-basic-tools-10.11.1.3.1-150500.1.5 added
- opa-fastfabric-10.11.1.3.1-150500.1.5 added
- opa-fm-10.11.2.0.3-150500.1.6 added
- opa-snapconfig-10.11.1.3.1-150500.1.5 added
- open-isns-0.100-6.25 added
- open-isns-devel-0.100-6.25 added
- openCryptoki-3.20.0-150500.1.14 added
- openCryptoki-devel-3.20.0-150500.1.14 added
- openhpi-3.8.0-150400.10.2.1 added
- openhpi-clients-3.8.0-150400.10.2.1 added
- openhpi-daemon-3.8.0-150400.10.2.1 added
- openhpi-devel-3.8.0-150400.10.2.1 added
- openmpi2-2.1.6-150500.22.3 added
- openmpi2-config-2.1.6-150500.22.3 added
- openmpi2-devel-2.1.6-150500.22.3 added
- openmpi2-docs-2.1.6-150500.22.3 added
- openmpi2-libs-2.1.6-150500.22.3 added
- openmpi3-3.1.6-150500.12.2 added
- openmpi3-config-3.1.6-150500.12.2 added
- openmpi3-devel-3.1.6-150500.12.2 added
- openmpi3-docs-3.1.6-150500.12.2 added
- openmpi3-libs-3.1.6-150500.12.2 added
- openmpi4-4.1.4-150500.1.4 added
- openmpi4-config-4.1.4-150500.1.4 added
- openmpi4-devel-4.1.4-150500.1.4 added
- openmpi4-docs-4.1.4-150500.1.4 added
- openmpi4-libs-4.1.4-150500.1.4 added
- opensaml-schemas-3.1.0-1.27 added
- openslp-server-2.0.0-6.15.1 added
- opensm-3.3.24-150500.6.3 added
- opensm-devel-3.3.24-150500.6.3 added
- openssl-ibmpkcs11-1.0.1-1.19 added
- openssl_tpm_engine-0.4.2-2.26 added
- openvswitch3-3.1.0-150500.1.3 added
- openvswitch3-devel-3.1.0-150500.1.3 added
- openvswitch3-ipsec-3.1.0-150500.1.3 added
- openvswitch3-pki-3.1.0-150500.1.3 added
- openvswitch3-test-3.1.0-150500.1.3 added
- openvswitch3-vtep-3.1.0-150500.1.3 added
- openwsman-server-2.6.7-150000.3.12.2 added
- oracleasm-kmp-default-2.0.8_k5.14.21_150500.53-150500.5.9 added
- orarun-2.1-150400.20.5 added
- ovmf-202208-150500.4.1 added
- ovmf-tools-202208-150500.4.1 added
- ovn3-23.03.0-150500.1.3 added
- ovn3-central-23.03.0-150500.1.3 added
- ovn3-devel-23.03.0-150500.1.3 added
- ovn3-docker-23.03.0-150500.1.3 added
- ovn3-host-23.03.0-150500.1.3 added
- ovn3-vtep-23.03.0-150500.1.3 added
- pam_radius-1.4.0-3.3.1 added
- patterns-certification-common-criteria-15-5.4.1 added
- patterns-ofed-ofed-20181212-9.42 added
- patterns-ofed-ofed-32bit-20181212-9.42 added
- patterns-server-dhcp_dns_server-20180302-11.1 added
- patterns-server-dhcp_dns_server-32bit-20180302-11.1 added
- patterns-server-directory_server-20180302-11.1 added
- patterns-server-directory_server-32bit-20180302-11.1 added
- patterns-server-enterprise-fips-20171206-12.3.1 added
- patterns-server-enterprise-fips-32bit-20171206-12.3.1 added
- patterns-server-enterprise-oracle_server-20171206-12.6.1 added
- patterns-server-enterprise-oracle_server-32bit-20171206-12.6.1 added
- patterns-server-enterprise-sap_server-20171206-12.6.1 added
- patterns-server-enterprise-sap_server-32bit-20171206-12.6.1 added
- patterns-server-file_server-20180302-11.1 added
- patterns-server-file_server-32bit-20180302-11.1 added
- patterns-server-gateway_server-20180302-11.1 added
- patterns-server-gateway_server-32bit-20180302-11.1 added
- patterns-server-kvm_server-20180302-11.1 added
- patterns-server-kvm_tools-20180302-11.1 added
- patterns-server-lamp_server-20180302-11.1 added
- patterns-server-lamp_server-32bit-20180302-11.1 added
- patterns-server-mail_server-20180302-11.1 added
- patterns-server-mail_server-32bit-20180302-11.1 added
- patterns-server-printing-20180302-11.1 added
- patterns-server-printing-32bit-20180302-11.1 added
- patterns-server-xen_server-20180302-11.1 added
- patterns-server-xen_tools-20180302-11.1 added
- patterns-wbem-WBEM-32bit-20171206-2.8 added
- patterns-yast-yast2_install_wf-20220411-150400.1.4 added
- perl-Sys-Guestfs-1.48.4-150500.1.13 added
- pgadmin4-4.30-150300.3.9.1 added
- phodav-devel-2.5-1.53 added
- pidentd-3.0.19-3.6.1 added
- pmdk-1.11.1-150400.1.10 added
- pmdk-convert-1.7-1.52 added
- pmdk-tools-1.11.1-150400.1.10 added
- pmemkv-devel-1.3-1.39 added
- pmemkv-python-1.0-1.61 added
- postfix-mysql-3.7.2-150500.1.19 added
- postgresql15-contrib-15.3-150200.5.9.1 added
- postgresql15-devel-15.3-150200.5.9.1 added
- postgresql15-plperl-15.3-150200.5.9.1 added
- postgresql15-plpython-15.3-150200.5.9.1 added
- postgresql15-pltcl-15.3-150200.5.9.1 added
- postgresql15-server-15.3-150200.5.9.1 added
- postgresql15-server-devel-15.3-150200.5.9.1 added
- powerman-2.3.26-150400.3.2.1 added
- prctl-1.6-1.15 added
- python3-Brotli-1.0.7-1.6 added
- python3-Twisted-22.2.0-150400.5.7.1 added
- python3-argparse-manpage-1.3-3.3.2 added
- python3-gssapi-1.6.12-1.10 added
- python3-kmod-0.9.1-2.15 added
- python3-libguestfs-1.48.4-150500.1.13 added
- python3-mysqlclient-1.4.6-2.21 added
- python3-ovs3-3.1.0-150500.1.3 added
- python3-zope.interface-4.4.2-3.2.1 added
- qemu-7.1.0-150500.47.15 added
- qemu-accel-tcg-x86-7.1.0-150500.47.15 added
- qemu-audio-alsa-7.1.0-150500.47.15 added
- qemu-audio-dbus-7.1.0-150500.47.15 added
- qemu-audio-pa-7.1.0-150500.47.15 added
- qemu-audio-spice-7.1.0-150500.47.15 added
- qemu-block-curl-7.1.0-150500.47.15 added
- qemu-block-iscsi-7.1.0-150500.47.15 added
- qemu-block-rbd-7.1.0-150500.47.15 added
- qemu-block-ssh-7.1.0-150500.47.15 added
- qemu-chardev-baum-7.1.0-150500.47.15 added
- qemu-chardev-spice-7.1.0-150500.47.15 added
- qemu-guest-agent-7.1.0-150500.47.15 added
- qemu-hw-display-qxl-7.1.0-150500.47.15 added
- qemu-hw-display-virtio-gpu-7.1.0-150500.47.15 added
- qemu-hw-display-virtio-gpu-pci-7.1.0-150500.47.15 added
- qemu-hw-display-virtio-vga-7.1.0-150500.47.15 added
- qemu-hw-usb-host-7.1.0-150500.47.15 added
- qemu-hw-usb-redirect-7.1.0-150500.47.15 added
- qemu-ksm-7.1.0-150500.47.15 added
- qemu-kvm-7.1.0-150500.47.15 added
- qemu-lang-7.1.0-150500.47.15 added
- qemu-ui-curses-7.1.0-150500.47.15 added
- qemu-ui-dbus-7.1.0-150500.47.15 added
- qemu-ui-gtk-7.1.0-150500.47.15 added
- qemu-ui-opengl-7.1.0-150500.47.15 added
- qemu-ui-spice-app-7.1.0-150500.47.15 added
- qemu-ui-spice-core-7.1.0-150500.47.15 added
- qemu-x86-7.1.0-150500.47.15 added
- qperf-0.4.11-150500.1.2 added
- quagga-1.1.1-150400.12.2.1 added
- quagga-devel-1.1.1-150400.12.2.1 added
- rabbitmq-server-3.8.11-150300.3.11.1 added
- rabbitmq-server-plugins-3.8.11-150300.3.11.1 added
- rapidjson-devel-1.1.0+git20190517.4b3d7c2f-1.38 added
- rarpd-20211215-150400.3.3.2 added
- rasdaemon-0.6.7.18.git+7ccf12f-150400.2.7 added
- rdma-ndd-42.0-150500.1.3 added
- rds-tools-2.0.7-1.29 added
- redis-6.2.6-150400.3.19.1 added
- redis7-7.0.8-150500.1.2 added
- rmt-server-2.9-150500.1.4 added
- rmt-server-config-2.9-150500.1.4 added
- rpma-devel-0.9.0-1.43 added
- rsyslog-module-gssapi-8.2106.0-150400.5.11.1 added
- rsyslog-module-gtls-8.2106.0-150400.5.11.1 added
- rsyslog-module-mmnormalize-8.2106.0-150400.5.11.1 added
- rsyslog-module-mysql-8.2106.0-150400.5.11.1 added
- rsyslog-module-pgsql-8.2106.0-150400.5.11.1 added
- rsyslog-module-relp-8.2106.0-150400.5.11.1 added
- rsyslog-module-snmp-8.2106.0-150400.5.11.1 added
- rsyslog-module-udpspoof-8.2106.0-150400.5.11.1 added
- rubygem-libguestfs-1.48.4-150500.1.13 added
- salt-api-3005.1-150500.2.13 added
- salt-cloud-3005.1-150500.2.13 added
- salt-master-3005.1-150500.2.13 added
- salt-proxy-3005.1-150500.2.13 added
- salt-ssh-3005.1-150500.2.13 added
- salt-standalone-formulas-configuration-3005.1-150500.2.13 added
- salt-syndic-3005.1-150500.2.13 added
- sanlock-3.6.0-150000.4.3.1 added
- sanlock-devel-3.6.0-150000.4.3.1 added
- sblim-cmpi-base-1.6.4-1.37 added
- sblim-cmpi-base-devel-1.6.4-1.37 added
- sblim-cmpi-c++-devel-2.0.3-1.25 added
- sblim-cmpi-devel-2.0.3-1.25 added
- sblim-indication_helper-0.5.0-1.18 added
- sblim-indication_helper-devel-0.5.0-1.18 added
- sblim-sfcCommon-devel-1.0.1-1.18 added
- sblim-sfcb-1.4.9-150000.5.9.4 added
- sblim-sfcc-devel-2.2.8-2.29 added
- sblim-wbemcli-1.6.3-1.32 added
- setools-tcl-3.3.8-4.7.1 added
- sevctl-0.3.2+git.e37c4d6-150500.1.4 added
- shibboleth-sp-3.1.0-3.3.1 added
- shibboleth-sp-devel-3.1.0-3.3.1 added
- sle-module-server-applications-release-15.5-150500.43.2 added
- smp_utils-0.98-1.27 added
- spice-gtk-devel-0.41-150500.1.4 added
- squid-5.7-150400.3.6.1 added
- srp_daemon-42.0-150500.1.3 added
- star-rmt-1.5.3-3.3.1 added
- stunnel-5.62-3.14.1 added
- subversion-server-1.14.1-150400.3.8 added
- supermin-5.2.2-150500.1.2 added
- swtpm-0.7.3-150500.2.1 added
- swtpm-devel-0.7.3-150500.2.1 added
- sysstat-isag-12.0.2-3.33.1 added
- system-role-common-criteria-15.5.1-150500.1.1 added
- system-role-kvm-15.5.0-150500.1.1 added
- system-role-xen-15.5.0-150500.1.1 added
- tcmu-runner-1.5.4-150400.1.5 added
- tree-1.7.0-1.30 added
- typelib-1_0-GVnc-1_0-1.3.1-150400.3.3.1 added
- typelib-1_0-GVncPulse-1_0-1.3.1-150400.3.3.1 added
- typelib-1_0-GtkVnc-1_0-0.7.2-1.32 added
- typelib-1_0-GtkVnc-2_0-1.3.1-150400.3.3.1 added
- typelib-1_0-Libosinfo-1_0-1.10.0-150500.1.3 added
- typelib-1_0-LibvirtGConfig-1_0-4.0.0-150400.1.10 added
- typelib-1_0-LibvirtGLib-1_0-4.0.0-150400.1.10 added
- typelib-1_0-LibvirtGObject-1_0-4.0.0-150400.1.10 added
- typelib-1_0-SpiceClientGlib-2_0-0.41-150500.1.4 added
- typelib-1_0-SpiceClientGtk-3_0-0.41-150500.1.4 added
- usbredir-devel-0.7.1-1.29 added
- uuidd-2.37.4-150500.7.2 added
- vacation-1.2.7.1-1.26 added
- vhostmd-1.0-5.65 added
- virglrenderer-devel-0.9.1-150400.3.3.1 added
- virt-p2v-1.42.2-150500.1.2 added
- virt-top-1.0.8-1.56 added
- virt-v2v-1.44.2-150400.3.3.1 added
- virt-what-1.21-3.3.1 added
- vm-dump-metrics-1.0-5.65 added
- vm-install-0.10.11-1.14 added
- vsftpd-3.0.5-150400.3.6.1 added
- wsmancli-2.6.0-7.3.1 added
- xca-2.3.0-1.79 added
- xen-4.17.0_06-150500.1.10 added
- xen-devel-4.17.0_06-150500.1.10 added
- xen-tools-4.17.0_06-150500.1.10 added
- xmlstarlet-1.6.1-1.30 added
- xmltooling-schemas-3.1.0-1.26 added
- yast2-rmt-1.3.4-150200.3.8.1 added
- ypserv-4.0-4.19 added
- dracut-transactional-update-4.1.0-150500.1.4 added
- health-checker-1.3.1-1.18 added
- health-checker-plugins-MicroOS-1.3.1-1.18 added
- health-checker-plugins-caasp-1.3.1-1.18 added
- health-checker-plugins-kubic-1.3.1-1.18 added
- health-checker-testing-1.3.1-1.18 added
- read-only-root-fs-1.0+git20190206.586e9f1-150100.3.3.1 added
- read-only-root-fs-volatile-1.0+git20190206.586e9f1-150100.3.3.1 added
- systemd-presets-branding-transactional-server-15.0-2.20 added
- transactional-update-zypp-config-4.1.0-150500.1.4 added
- cetcd-devel-0.0.5_b79a7a2-1.51 added
- libcetcd0-0.0.5_b79a7a2-1.51 added
- libtukit4-4.1.0-150500.1.4 added
- patterns-base-transactional_base-20200124-150400.20.4.1 added
- rebootmgr-0.17-1.58 added
- salt-transactional-update-3005.1-150500.2.13 added
- sle-module-transactional-server-release-15.5-150500.43.2 added
- system-role-transactional-server-15.5.0-150500.1.1 added
- transactional-update-4.1.0-150500.1.4 added
- tukit-4.1.0-150500.1.4 added
- apache-commons-beanutils-1.9.4-150200.3.6.4 added
- apache-commons-dbcp-2.1.1-150200.10.6.3 added
- apache-commons-digester-2.1-150200.3.6.3 added
- apache-commons-fileupload-1.4-150200.3.6.4 added
- apache-commons-pool2-2.4.2-150200.11.6.4 added
- geronimo-jta-1_1-api-1.2-150200.15.6.4 added
- jakarta-commons-launcher-1.1-12.42 added
- jakarta-commons-modeler-2.0.1-150200.10.4.4 added
- jakarta-taglibs-standard-1.1.1-150000.4.8.2 added
- nodejs18-docs-18.14.2-150400.9.6.2 added
- php-composer2-2.2.3-150400.3.3.1 added
- php8-pear-1.10.21-150400.9.3.1 added
- php8-pecl-1.10.21-150400.9.3.1 added
- tomcat-9.0.43-150200.38.1 added
- tomcat-admin-webapps-9.0.43-150200.38.1 added
- tomcat-el-3_0-api-9.0.43-150200.38.1 added
- tomcat-jsp-2_3-api-9.0.43-150200.38.1 added
- tomcat-lib-9.0.43-150200.38.1 added
- tomcat-servlet-4_0-api-9.0.43-150200.38.1 added
- tomcat-webapps-9.0.43-150200.38.1 added
- apache-commons-daemon-1.2.4-150200.11.6.4 added
- apache2-mod_php8-8.0.28-150400.4.31.1 added
- libtcnative-1-0-devel-1.2.23-150100.3.6.1 added
- nodejs-common-5.1-150500.1.1 added
- nodejs-default-5.1-150500.1.1 added
- nodejs-devel-default-5.1-150500.1.1 added
- nodejs18-18.14.2-150400.9.6.2 added
- nodejs18-devel-18.14.2-150400.9.6.2 added
- npm-default-5.1-150500.1.1 added
- npm18-18.14.2-150400.9.6.2 added
- php8-8.0.28-150400.4.31.1 added
- php8-bcmath-8.0.28-150400.4.31.1 added
- php8-bz2-8.0.28-150400.4.31.1 added
- php8-calendar-8.0.28-150400.4.31.1 added
- php8-cli-8.0.28-150400.4.31.1 added
- php8-ctype-8.0.28-150400.4.31.1 added
- php8-curl-8.0.28-150400.4.31.1 added
- php8-dba-8.0.28-150400.4.31.1 added
- php8-devel-8.0.28-150400.4.31.1 added
- php8-dom-8.0.28-150400.4.31.1 added
- php8-embed-8.0.28-150400.4.31.1 added
- php8-enchant-8.0.28-150400.4.31.1 added
- php8-exif-8.0.28-150400.4.31.1 added
- php8-fastcgi-8.0.28-150400.4.31.1 added
- php8-fileinfo-8.0.28-150400.4.31.1 added
- php8-fpm-8.0.28-150400.4.31.1 added
- php8-ftp-8.0.28-150400.4.31.1 added
- php8-gd-8.0.28-150400.4.31.1 added
- php8-gettext-8.0.28-150400.4.31.1 added
- php8-gmp-8.0.28-150400.4.31.1 added
- php8-iconv-8.0.28-150400.4.31.1 added
- php8-intl-8.0.28-150400.4.31.1 added
- php8-ldap-8.0.28-150400.4.31.1 added
- php8-mbstring-8.0.28-150400.4.31.1 added
- php8-mysql-8.0.28-150400.4.31.1 added
- php8-odbc-8.0.28-150400.4.31.1 added
- php8-opcache-8.0.28-150400.4.31.1 added
- php8-openssl-8.0.28-150400.4.31.1 added
- php8-pcntl-8.0.28-150400.4.31.1 added
- php8-pdo-8.0.28-150400.4.31.1 added
- php8-pgsql-8.0.28-150400.4.31.1 added
- php8-phar-8.0.28-150400.4.31.1 added
- php8-posix-8.0.28-150400.4.31.1 added
- php8-readline-8.0.28-150400.4.31.1 added
- php8-shmop-8.0.28-150400.4.31.1 added
- php8-snmp-8.0.28-150400.4.31.1 added
- php8-soap-8.0.28-150400.4.31.1 added
- php8-sockets-8.0.28-150400.4.31.1 added
- php8-sodium-8.0.28-150400.4.31.1 added
- php8-sqlite-8.0.28-150400.4.31.1 added
- php8-sysvmsg-8.0.28-150400.4.31.1 added
- php8-sysvsem-8.0.28-150400.4.31.1 added
- php8-sysvshm-8.0.28-150400.4.31.1 added
- php8-test-8.0.28-150400.4.31.1 added
- php8-tidy-8.0.28-150400.4.31.1 added
- php8-tokenizer-8.0.28-150400.4.31.1 added
- php8-xmlreader-8.0.28-150400.4.31.1 added
- php8-xmlwriter-8.0.28-150400.4.31.1 added
- php8-xsl-8.0.28-150400.4.31.1 added
- php8-zip-8.0.28-150400.4.31.1 added
- php8-zlib-8.0.28-150400.4.31.1 added
- sle-module-web-scripting-release-15.5-150500.43.2 added
- crmsh-4.5.0+20230510.847a251-150500.1.1 added
- crmsh-scripts-4.5.0+20230510.847a251-150500.1.1 added
- ha-cluster-bootstrap-0.5-13.3.1 added
- monitoring-plugins-metadata-4.12.0+git30.7fd7c8fa-150500.1.2 added
- pacemaker-cts-2.1.5+20221208.a3f44794f-150500.4.9 added
- perl-Net-INET6Glue-0.603-1.25 added
- perl-Net-Telnet-3.04-1.25 added
- python3-cluster-preflight-check-0.0.34-1.18 added
- python3-parallax-1.0.8-150200.4.12.1 added
- release-notes-ha-15.5.20230510-150500.1.2 added
- yast2-cluster-4.5.2-150500.1.1 added
- yast2-geo-cluster-4.5.0-150500.1.1 added
- yast2-iplb-4.5.0-150500.1.1 added
- booth-1.0+20220815.f40c2d5-150500.1.4 added
- cluster-glue-1.0.12+v1.git.1650454062.1fbde71c-150500.2.3 added
- cluster-glue-devel-1.0.12+v1.git.1650454062.1fbde71c-150500.2.3 added
- cluster-glue-libs-1.0.12+v1.git.1650454062.1fbde71c-150500.2.3 added
- cluster-md-kmp-default-5.14.21-150500.53.2 added
- corosync-2.4.6-150300.12.10.1 added
- corosync-qdevice-2.4.6-150300.12.10.1 added
- corosync-qnetd-2.4.6-150300.12.10.1 added
- corosync-testagents-2.4.6-150300.12.10.1 added
- csync2-2.0+git.1600444747.83b3644-3.3.1 added
- ctdb-4.17.7+git.330.4057cd7a27a-150500.1.2 added
- dlm-kmp-default-5.14.21-150500.53.2 added
- doxygen2man-2.0.6+20220323.758044b-150500.1.2 added
- drbd-9.0.30~1+git.8e9c0812-150500.2.24 added
- drbd-kmp-default-9.0.30~1+git.8e9c0812_k5.14.21_150500.53-150500.2.24 added
- drbd-utils-9.19.0-150400.3.14.1 added
- ebiso-0.2.5-1.43 added
- fence-agents-4.12.1+git.1677142927.bf55c675-150500.2.1 added
- fence-agents-devel-4.12.1+git.1677142927.bf55c675-150500.2.1 added
- gfs2-kmp-default-5.14.21-150500.53.2 added
- gfs2-utils-3.4.1-150400.1.5 added
- graphviz-gd-2.48.0-150400.1.8 added
- haproxy-2.4.22+git0.f8e3218e2-150400.3.13.1 added
- hawk-apiserver-0.0.4+git.1604696958.cd5cdf1-5.6.1 added
- hawk2-2.6.4+git.1667244108.7a0cffe-150000.3.36.1 added
- keepalived-2.2.2-150500.6.2 added
- ldirectord-4.12.0+git30.7fd7c8fa-150500.1.2 added
- libcfg6-2.4.6-150300.12.10.1 added
- libcmap4-2.4.6-150300.12.10.1 added
- libcorosync-devel-2.4.6-150300.12.10.1 added
- libcorosync_common4-2.4.6-150300.12.10.1 added
- libcpg4-2.4.6-150300.12.10.1 added
- libdlm-4.1.0-150400.1.7 added
- libdlm3-4.1.0-150400.1.7 added
- libqb-tests-2.0.6+20220323.758044b-150500.1.2 added
- libqb-tools-2.0.6+20220323.758044b-150500.1.2 added
- libquorum5-2.4.6-150300.12.10.1 added
- libsam4-2.4.6-150300.12.10.1 added
- libtotem_pg5-2.4.6-150300.12.10.1 added
- libvotequorum8-2.4.6-150300.12.10.1 added
- lvm2-lockd-2.03.16-150500.5.3 added
- monitoring-plugins-fping-2.3.1-150000.3.11.1 added
- monitoring-plugins-http-2.3.1-150000.3.11.1 added
- monitoring-plugins-ldap-2.3.1-150000.3.11.1 added
- monitoring-plugins-mysql-2.3.1-150000.3.11.1 added
- monitoring-plugins-pgsql-2.3.1-150000.3.11.1 added
- monitoring-plugins-tcp-2.3.1-150000.3.11.1 added
- ocfs2-kmp-default-5.14.21-150500.53.2 added
- ocfs2-tools-1.8.7-150500.10.3 added
- ocfs2-tools-o2cb-1.8.7-150500.10.3 added
- omping-0.0.5-1.24 added
- pacemaker-2.1.5+20221208.a3f44794f-150500.4.9 added
- pacemaker-cli-2.1.5+20221208.a3f44794f-150500.4.9 added
- pacemaker-devel-2.1.5+20221208.a3f44794f-150500.4.9 added
- pacemaker-libs-2.1.5+20221208.a3f44794f-150500.4.9 added
- pacemaker-remote-2.1.5+20221208.a3f44794f-150500.4.9 added
- patterns-ha-geo-ha_geo-15.1.0-5.18 added
- patterns-ha-ha_sles-15.1.0-11.1 added
- prometheus-ha_cluster_exporter-1.3.1+git.1676027782.ad3c0e9-150200.3.21.1 added
- python3-gv-2.48.0-150400.1.8 added
- rear23a-2.3.a-19.9 added
- rear27a-2.7-150500.1.1 added
- resource-agents-4.12.0+git30.7fd7c8fa-150500.1.2 added
- ruby2.5-rubygem-actioncable-5_1-5.1.4-1.26 added
- ruby2.5-rubygem-actionmailer-5_1-5.1.4-1.26 added
- ruby2.5-rubygem-actionpack-5_1-5.1.4-150000.3.15.1 added
- ruby2.5-rubygem-actionview-5_1-5.1.4-150000.3.6.1 added
- ruby2.5-rubygem-activejob-5_1-5.1.4-3.3.1 added
- ruby2.5-rubygem-activemodel-5_1-5.1.4-1.26 added
- ruby2.5-rubygem-activerecord-5_1-5.1.4-150000.5.6.1 added
- ruby2.5-rubygem-activesupport-5_1-5.1.4-150000.3.12.1 added
- ruby2.5-rubygem-arel-8.0.0-1.26 added
- ruby2.5-rubygem-axiom-types-0.1.1-1.28 added
- ruby2.5-rubygem-coercible-1.0.0-1.28 added
- ruby2.5-rubygem-concurrent-ruby-1.0.5-1.28 added
- ruby2.5-rubygem-crass-1.0.3-1.19 added
- ruby2.5-rubygem-descendants_tracker-0.0.4-1.28 added
- ruby2.5-rubygem-equalizer-0.0.11-1.28 added
- ruby2.5-rubygem-erubi-1.10.0-150400.1.5 added
- ruby2.5-rubygem-ffi-1.9.18-1.31 added
- ruby2.5-rubygem-gettext-3.2.5-1.17 added
- ruby2.5-rubygem-gettext_i18n_rails-1.8.0-1.28 added
- ruby2.5-rubygem-gettext_i18n_rails_js-1.3.0-1.28 added
- ruby2.5-rubygem-globalid-0.4.1-150000.3.3.1 added
- ruby2.5-rubygem-i18n-0.9.1-1.21 added
- ruby2.5-rubygem-ice_nine-0.11.2-1.29 added
- ruby2.5-rubygem-js-routes-1.4.1-1.26 added
- ruby2.5-rubygem-kramdown-1.15.0-150000.3.3.1 added
- ruby2.5-rubygem-locale-2.1.2-1.28 added
- ruby2.5-rubygem-loofah-2.2.2-150000.4.9.1 added
- ruby2.5-rubygem-mail-2.7.1-3.3.1 added
- ruby2.5-rubygem-method_source-0.9.0-1.26 added
- ruby2.5-rubygem-mini_mime-1.0.0-1.17 added
- ruby2.5-rubygem-nio4r-2.1.0-1.28 added
- ruby2.5-rubygem-po_to_json-1.0.1-1.28 added
- ruby2.5-rubygem-puma-4.3.12-150000.3.9.1 added
- ruby2.5-rubygem-rack-2.0.8-150000.3.18.1 added
- ruby2.5-rubygem-rack-test-0_6-0.6.3-1.28 added
- ruby2.5-rubygem-rails-5_1-5.1.4-1.26 added
- ruby2.5-rubygem-rails-dom-testing-2.0.3-1.28 added
- ruby2.5-rubygem-rails-html-sanitizer-1.0.4-150000.4.3.1 added
- ruby2.5-rubygem-railties-5_1-5.1.4-3.3.1 added
- ruby2.5-rubygem-rb-fsevent-0.11.0-150400.1.5 added
- ruby2.5-rubygem-rb-inotify-0.9.10-1.26 added
- ruby2.5-rubygem-sass-3.5.3-1.19 added
- ruby2.5-rubygem-sass-listen-4.0.0-1.26 added
- ruby2.5-rubygem-sass-rails-5.0.7-1.21 added
- ruby2.5-rubygem-sprockets-3.7.2-3.3.1 added
- ruby2.5-rubygem-sprockets-rails-3.2.1-1.26 added
- ruby2.5-rubygem-text-1.3.1-1.28 added
- ruby2.5-rubygem-thor-0.20.0-1.27 added
- ruby2.5-rubygem-thread_safe-0.3.6-1.28 added
- ruby2.5-rubygem-tilt-2.0.8-1.27 added
- ruby2.5-rubygem-tzinfo-1.2.4-150000.3.3.1 added
- ruby2.5-rubygem-virtus-1.0.5-1.28 added
- ruby2.5-rubygem-websocket-driver-0_6-0.6.5-1.25 added
- ruby2.5-rubygem-websocket-extensions-0.1.3-150000.3.4.1 added
- sbd-1.5.1+20221128.8ec8e01-150500.1.2 added
- scsires-0.7-2.26 added
- sle-ha-release-15.5-150500.43.2 added
- system-role-ha-15.5.0-150500.1.1 added
- yast2-drbd-4.5.1-150500.1.1 added
- yast2-rear-4.5.0-150500.1.1 added
- release-notes-sle_hpc-15.500000000.20230412-150500.1.8 added
- SLE_HPC-release-15.5-150500.43.2 added
- skelcd-control-SLE_HPC-15.5.0-150500.1.1 added
- release-notes-sle_rt-15.5.20230507-150500.1.2 added
- SLE_RT-release-15.5-150500.43.2 added
- skelcd-control-SLE_RT-15.5.0-150500.1.1 added
- release-notes-sled-15.5.20230301-150500.1.18 added
- skelcd-control-SLED-15.5.0-150500.1.1 added
- sled-release-15.5-150500.43.2 added
- system-role-minimal-desktop-15.5.0-150500.1.1 added
- release-notes-sles-15.5.20230515-150500.1.2 added
- skelcd-control-SLES-15.5.0-150500.1.1 added
- sles-release-15.5-150500.43.4 added
- SLES_SAP-release-15.5-150500.43.2 added
- skelcd-control-SLES4SAP-15.5.0-150500.1.1 added
- ModemManager-bash-completion-1.18.10-150500.1.2 added
- ModemManager-lang-1.18.10-150500.1.2 added
- NetworkManager-applet-lang-1.24.0-150400.4.3.1 added
- NetworkManager-lang-1.38.6-150500.1.2 added
- NetworkManager-openconnect-lang-1.2.6-150400.9.11 added
- NetworkManager-openvpn-lang-1.8.16-150400.1.9 added
- NetworkManager-pptp-lang-1.2.8-150400.8.11 added
- NetworkManager-strongswan-lang-1.4.5-1.29 added
- OpenPrintingPPDs-4.0.0.2-1.33 added
- OpenPrintingPPDs-ghostscript-4.0.0.2-1.33 added
- OpenPrintingPPDs-hpijs-4.0.0.2-1.33 added
- OpenPrintingPPDs-postscript-4.0.0.2-1.33 added
- alsa-firmware-1.2.4-1.41 added
- baobab-lang-41.0-150400.1.13 added
- bijiben-lang-40.1-150400.3.9 added
- bogofilter-common-1.2.4-1.40 added
- cheese-lang-41.1-150400.1.9 added
- color-filesystem-1-1.20 added
- colord-gtk-lang-0.2.0-150400.1.12 added
- colord-lang-1.4.5-150400.4.3.1 added
- deja-dup-lang-40.6-150400.8.11 added
- desktop-data-SLE-extra-15-2.22 added
- dia-lang-0.97.3-4.3.3 added
- duplicity-lang-0.8.21-150400.1.7 added
- eiciel-lang-0.9.12.1-3.3.1 added
- ekiga-lang-4.0.1-8.3 added
- evolution-data-server-lang-3.42.5-150400.3.3.2 added
- evolution-ews-lang-3.42.4-150400.1.6 added
- evolution-lang-3.42.4-150400.3.3.1 added
- farstream-data-0.2.9+4-150400.1.12 added
- flute-1.3.0-2.46 added
- folks-lang-0.15.5-150400.5.3.2 added
- gegl-0_4-lang-0.4.34-150400.3.2.1 added
- ghex-lang-3.18.3-1.44 added
- gimp-help-2.10.0-150400.16.5 added
- gimp-help-ca-2.10.0-150400.16.5 added
- gimp-help-da-2.10.0-150400.16.5 added
- gimp-help-de-2.10.0-150400.16.5 added
- gimp-help-el-2.10.0-150400.16.5 added
- gimp-help-en_GB-2.10.0-150400.16.5 added
- gimp-help-es-2.10.0-150400.16.5 added
- gimp-help-fi-2.10.0-150400.16.5 added
- gimp-help-fr-2.10.0-150400.16.5 added
- gimp-help-hr-2.10.0-150400.16.5 added
- gimp-help-it-2.10.0-150400.16.5 added
- gimp-help-ja-2.10.0-150400.16.5 added
- gimp-help-ko-2.10.0-150400.16.5 added
- gimp-help-lt-2.10.0-150400.16.5 added
- gimp-help-nl-2.10.0-150400.16.5 added
- gimp-help-nn-2.10.0-150400.16.5 added
- gimp-help-pl-2.10.0-150400.16.5 added
- gimp-help-pt_BR-2.10.0-150400.16.5 added
- gimp-help-ro-2.10.0-150400.16.5 added
- gimp-help-ru-2.10.0-150400.16.5 added
- gimp-help-sl-2.10.0-150400.16.5 added
- gimp-help-sv-2.10.0-150400.16.5 added
- gimp-help-zh-2.10.0-150400.16.5 added
- gimp-lang-2.10.30-150400.3.8.2 added
- gnome-backgrounds-41.0-150400.1.5 added
- gnome-clocks-lang-41.0-150400.1.13 added
- gnome-color-manager-lang-3.36.0-150400.2.10 added
- gnome-contacts-lang-41.0-150400.1.14 added
- gnome-disk-utility-lang-41.0-150400.2.9 added
- gnome-documents-lang-3.34.0+37-150400.1.7 added
- gnome-initial-setup-lang-41.4-150400.1.9 added
- gnome-logs-lang-3.36.0-150400.1.13 added
- gnome-music-lang-41.1-150400.3.6.1 added
- gnome-online-accounts-lang-3.40.1-150400.1.16 added
- gnome-photos-lang-40.0-150400.4.2.1 added
- gnome-remote-desktop-lang-41.3-150400.3.3.1 added
- gnome-shell-search-provider-gnome-weather-41.0-150400.1.8 added
- gnome-video-effects-0.5.0-150400.8.5 added
- gnome-weather-41.0-150400.1.8 added
- gnome-weather-lang-41.0-150400.1.8 added
- gnote-lang-42.0-150400.1.6 added
- grilo-lang-0.3.14-150400.1.11 added
- grilo-plugins-lang-0.3.14-150400.1.11 added
- gstreamer-plugins-ugly-lang-1.22.0-150500.1.1 added
- gtkspell-lang-2.0.16-150400.15.8 added
- hexchat-lang-2.12.4-3.3.1 added
- inkscape-lang-1.0.1-150400.9.3.2 added
- ipw-firmware-9-1.23 added
- lensfun-data-0.3.2-150400.1.8 added
- libbase-1.1.3-2.85 added
- libfonts-1.1.3-3.69 added
- libformula-1.1.3-2.84 added
- libgdata-lang-0.18.1-150400.2.10 added
- libgsf-lang-1.14.50-150400.3.3.1 added
- libgtop-lang-2.40.0-150400.9.30 added
- libgweather-lang-40.0-150400.1.11 added
- liblayout-0.2.10-8.2 added
- libloader-1.1.3-2.84 added
- libnma-lang-1.8.40-150400.3.3.1 added
- libpurple-branding-upstream-2.14.8-150400.3.3.1 added
- libpurple-lang-2.14.8-150400.3.3.1 added
- libpurple-plugin-sipe-lang-1.25.0-150400.1.11 added
- libreoffice-branding-upstream-7.4.3.2-150400.17.3.8 added
- libreoffice-icon-themes-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-af-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-ar-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-as-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-bg-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-bn-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-br-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-ca-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-ckb-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-cs-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-cy-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-da-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-de-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-dz-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-el-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-en-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-eo-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-es-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-et-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-eu-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-fa-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-fi-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-fr-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-fur-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-ga-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-gl-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-gu-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-he-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-hi-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-hr-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-hu-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-it-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-ja-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-kk-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-kn-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-ko-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-lt-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-lv-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-mai-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-ml-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-mr-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-nb-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-nl-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-nn-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-nr-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-nso-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-or-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-pa-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-pl-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-pt_BR-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-pt_PT-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-ro-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-ru-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-si-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-sk-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-sl-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-sr-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-ss-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-st-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-sv-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-ta-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-te-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-th-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-tn-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-tr-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-ts-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-uk-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-ve-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-xh-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-zh_CN-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-zh_TW-7.4.3.2-150400.17.3.8 added
- libreoffice-l10n-zu-7.4.3.2-150400.17.3.8 added
- libreoffice-share-linker-1-3.3.1 added
- librepository-1.1.3-2.84 added
- libserializer-1.1.2-2.46 added
- malaga-suomi-2.1-1.22 added
- mdds-2_0-devel-2.0.2-150300.7.3.1 added
- myspell-af_ZA-20191219-150000.3.25.1 added
- myspell-ar-20191219-150000.3.25.1 added
- myspell-bg_BG-20191219-150000.3.25.1 added
- myspell-bn_BD-20191219-150000.3.25.1 added
- myspell-br_FR-20191219-150000.3.25.1 added
- myspell-ca-20191219-150000.3.25.1 added
- myspell-cs_CZ-20191219-150000.3.25.1 added
- myspell-da_DK-20191219-150000.3.25.1 added
- myspell-el_GR-20191219-150000.3.25.1 added
- myspell-et_EE-20191219-150000.3.25.1 added
- myspell-fr_FR-20191219-150000.3.25.1 added
- myspell-gl-20191219-150000.3.25.1 added
- myspell-gu_IN-20191219-150000.3.25.1 added
- myspell-he_IL-20191219-150000.3.25.1 added
- myspell-hi_IN-20191219-150000.3.25.1 added
- myspell-hr_HR-20191219-150000.3.25.1 added
- myspell-it_IT-20191219-150000.3.25.1 added
- myspell-lt_LT-20191219-150000.3.25.1 added
- myspell-lv_LV-20191219-150000.3.25.1 added
- myspell-nl_NL-20191219-150000.3.25.1 added
- myspell-nn_NO-20191219-150000.3.25.1 added
- myspell-pl_PL-20191219-150000.3.25.1 added
- myspell-pt_PT-20191219-150000.3.25.1 added
- myspell-si_LK-20191219-150000.3.25.1 added
- myspell-sk_SK-20191219-150000.3.25.1 added
- myspell-sl_SI-20191219-150000.3.25.1 added
- myspell-sr-20191219-150000.3.25.1 added
- myspell-sv_SE-20191219-150000.3.25.1 added
- myspell-te_IN-20191219-150000.3.25.1 added
- myspell-th_TH-20191219-150000.3.25.1 added
- myspell-tr_TR-20191219-150000.3.25.1 added
- myspell-uk_UA-20191219-150000.3.25.1 added
- myspell-zu_ZA-20191219-150000.3.25.1 added
- opencl-headers-2.2+git.20211214-3.3.1 added
- openconnect-lang-7.08-6.9.1 added
- opencv4-cascades-data-4.5.5-150400.1.28 added
- pentaho-libxml-1.1.3-2.64 added
- pentaho-reporting-flow-engine-0.9.4-2.43 added
- pidgin-plugin-otr-lang-4.0.2-1.61 added
- pidgin-plugin-rocketchat-0.0+hg20200403-1.5 added
- pidgin-plugin-sipe-1.25.0-150400.1.11 added
- python3-libvoikko-4.1.1-2.20 added
- python3-lockfile-0.10.2-2.24 added
- python3-scour-0.37-1.45 added
- remmina-lang-1.4.8-150400.5.22 added
- sac-1.3-2.47 added
- seahorse-lang-41.0-150400.1.13 added
- simple-scan-lang-3.34.2-1.82 added
- suse-prime-0.8.10-150500.1.2 added
- tagsoup-1.2.1-150200.10.4.3 added
- totem-lang-3.38.2-150400.2.12 added
- tracker-lang-3.2.1-150400.1.12 added
- tracker-miners-lang-3.2.2-150400.3.3.1 added
- Mesa-dri-nouveau-22.3.5-150500.75.2 added
- MozillaThunderbird-102.11.0-150200.8.116.1 added
- MozillaThunderbird-translations-common-102.11.0-150200.8.116.1 added
- MozillaThunderbird-translations-other-102.11.0-150200.8.116.1 added
- NetworkManager-applet-1.24.0-150400.4.3.1 added
- NetworkManager-bluetooth-1.38.6-150500.1.2 added
- NetworkManager-cloud-setup-1.38.6-150500.1.2 added
- NetworkManager-connection-editor-1.24.0-150400.4.3.1 added
- NetworkManager-devel-1.38.6-150500.1.2 added
- NetworkManager-openconnect-1.2.6-150400.9.11 added
- NetworkManager-openconnect-gnome-1.2.6-150400.9.11 added
- NetworkManager-openvpn-1.8.16-150400.1.9 added
- NetworkManager-openvpn-gnome-1.8.16-150400.1.9 added
- NetworkManager-pppoe-1.38.6-150500.1.2 added
- NetworkManager-pptp-1.2.8-150400.8.11 added
- NetworkManager-pptp-gnome-1.2.8-150400.8.11 added
- NetworkManager-strongswan-1.4.5-1.29 added
- NetworkManager-strongswan-gnome-1.4.5-1.29 added
- NetworkManager-tui-1.38.6-150500.1.2 added
- NetworkManager-wwan-1.38.6-150500.1.2 added
- PackageKit-gstreamer-plugin-1.2.4-150400.3.6.1 added
- PackageKit-gtk3-module-1.2.4-150400.3.6.1 added
- QR-Code-generator-devel-1.5.0-1.3.2 added
- abseil-cpp-20211102.0-150300.7.6.1 added
- alsa-oss-1.1.8-150300.12.3.2 added
- argyllcms-2.2.0-150400.1.10 added
- babl-devel-0.1.88-150400.1.10 added
- baobab-41.0-150400.1.13 added
- beignet-1.3.2-6.27 added
- beignet-devel-1.3.2-6.27 added
- bijiben-40.1-150400.3.9 added
- bluez-cups-5.65-150500.1.3 added
- bluez-firmware-1.2-1.23 added
- bogofilter-db-1.2.4-1.40 added
- cheese-41.1-150400.1.9 added
- colord-1.4.5-150400.4.3.1 added
- csync-0.50.0-150000.3.8.1 added
- deja-dup-40.6-150400.8.11 added
- dia-0.97.3-4.3.3 added
- dragonbox-devel-1.1.3-150400.9.3.2 added
- duplicity-0.8.21-150400.1.7 added
- eiciel-0.9.12.1-3.3.1 added
- ekiga-4.0.1-8.3 added
- ekiga-plugins-evolution-4.0.1-8.3 added
- enigmail-2.2.4-3.27.1 added
- evolution-3.42.4-150400.3.3.1 added
- evolution-data-server-3.42.5-150400.3.3.2 added
- evolution-data-server-devel-3.42.5-150400.3.3.2 added
- evolution-devel-3.42.4-150400.3.3.1 added
- evolution-ews-3.42.4-150400.1.6 added
- evolution-plugin-bogofilter-3.42.4-150400.3.3.1 added
- evolution-plugin-pst-import-3.42.4-150400.3.3.1 added
- evolution-plugin-spamassassin-3.42.4-150400.3.3.1 added
- evolution-plugin-text-highlight-3.42.4-150400.3.3.1 added
- farstream-devel-0.2.9+4-150400.1.12 added
- fixmath-devel-2022.07.20-150400.9.3.2 added
- folks-data-0.15.5-150400.5.3.2 added
- folks-devel-0.15.5-150400.5.3.2 added
- freerdp-2.4.0-150400.3.18.1 added
- freerdp-devel-2.4.0-150400.3.18.1 added
- freerdp-proxy-2.4.0-150400.3.18.1 added
- gegl-0_3-0.3.34-3.3.1 added
- gegl-0_4-0.4.34-150400.3.2.1 added
- gegl-devel-0.4.34-150400.3.2.1 added
- gfbgraph-devel-0.2.5-150400.1.8 added
- ghex-3.18.3-1.44 added
- gimp-2.10.30-150400.3.8.2 added
- gimp-devel-2.10.30-150400.3.8.2 added
- glew-devel-2.2.0-150400.1.8 added
- gnome-clocks-41.0-150400.1.13 added
- gnome-color-manager-3.36.0-150400.2.10 added
- gnome-contacts-41.0-150400.1.14 added
- gnome-control-center-color-41.4-150500.1.3 added
- gnome-control-center-goa-41.4-150500.1.3 added
- gnome-control-center-user-faces-41.4-150500.1.3 added
- gnome-disk-utility-41.0-150400.2.9 added
- gnome-documents-3.34.0+37-150400.1.7 added
- gnome-initial-setup-41.4-150400.1.9 added
- gnome-logs-3.36.0-150400.1.13 added
- gnome-music-41.1-150400.3.6.1 added
- gnome-online-accounts-3.40.1-150400.1.16 added
- gnome-online-miners-3.34.0-150400.8.16 added
- gnome-photos-40.0-150400.4.2.1 added
- gnome-remote-desktop-41.3-150400.3.3.1 added
- gnome-session-wayland-41.3-150400.3.3.1 added
- gnome-shell-calendar-41.9-150400.3.8.1 added
- gnome-shell-search-provider-contacts-41.0-150400.1.14 added
- gnome-shell-search-provider-documents-3.34.0+37-150400.1.7 added
- gnome-shell-search-provider-gnome-calculator-41.1-150400.1.9 added
- gnome-shell-search-provider-gnome-clocks-41.0-150400.1.13 added
- gnome-shell-search-provider-gnome-photos-40.0-150400.4.2.1 added
- gnome-shell-search-provider-gnote-42.0-150400.1.6 added
- gnome-shell-search-provider-seahorse-41.0-150400.1.13 added
- gnote-42.0-150400.1.6 added
- grilo-plugin-tracker-0.3.14-150400.1.11 added
- grilo-plugins-0.3.14-150400.1.11 added
- grilo-tools-0.3.14-150400.1.11 added
- gsound-1.0.3-150400.2.10 added
- gsound-devel-1.0.3-150400.2.10 added
- gstreamer-plugins-farstream-0.2.9+4-150400.1.12 added
- gstreamer-plugins-ugly-1.22.0-150500.1.1 added
- gtkmm2-devel-2.24.5-150400.12.9 added
- gutenprint-5.2.14-150000.3.2.2 added
- gutenprint-devel-5.2.14-150000.3.2.2 added
- hexchat-2.12.4-3.3.1 added
- hexchat-devel-2.12.4-3.3.1 added
- hexchat-plugins-lua-2.12.4-3.3.1 added
- hexchat-plugins-perl-2.12.4-3.3.1 added
- hexchat-plugins-python3-2.12.4-3.3.1 added
- highlight-3.59-3.4.1 added
- hp-drive-guard-0.3.12-150000.4.2.1 added
- icedtea-web-1.7.2-150100.7.3.1 added
- imobiledevice-tools-1.3.0+git.20210921-150400.1.15 added
- inkscape-1.0.1-150400.9.3.2 added
- inkscape-extensions-extra-1.0.1-150400.9.3.2 added
- inkscape-extensions-fig-1.0.1-150400.9.3.2 added
- inkscape-extensions-gimp-1.0.1-150400.9.3.2 added
- kernel-default-extra-5.14.21-150500.53.2 added
- libEMF1-1.0.13-150400.1.5 added
- libGLEW2_1-2.1.0-1.28 added
- libGLEW2_2-2.2.0-150400.1.8 added
- libGLw-devel-8.0.0-150000.3.6.1 added
- libGLw1-8.0.0-150000.3.6.1 added
- libGLwM1-8.0.0-150000.3.6.1 added
- libLLVM11-11.0.1-150300.3.6.1 added
- libOpenCL1-2.2.11-8.3.1 added
- libXpm-tools-3.5.12-150000.3.7.2 added
- libXvMC_nouveau-21.2.4-150400.68.12.1 added
- libZXing1-1.2.0-9.7.1 added
- liba52-0-0.7.5+svn613-150000.3.2.1 added
- liba52-devel-0.7.5+svn613-150000.3.2.1 added
- libabw-0_1-1-0.1.2-1.19 added
- libabw-devel-0.1.2-1.19 added
- libamd-2_4_6-2.4.6-2.42 added
- libavcodec-devel-3.4.2-150200.11.28.1 added
- libavcodec58_134-4.4-150400.3.15.1 added
- libavformat-devel-3.4.2-150200.11.28.1 added
- libavformat57-3.4.2-150200.11.28.1 added
- libavformat58_76-4.4-150400.3.15.1 added
- libavresample-devel-3.4.2-150200.11.28.1 added
- libavresample3-3.4.2-150200.11.28.1 added
- libavutil56_70-4.4-150400.3.15.1 added
- libbabl-0_1-0-0.1.88-150400.1.10 added
- libbox2d2-2.4.1-5.3.1 added
- libcamd-2_4_6-2.4.6-2.42 added
- libcamel-1_2-62-3.34.4-3.3.1 added
- libcamel-1_2-63-3.42.5-150400.3.3.2 added
- libccolamd-2_9_6-2.9.6-2.42 added
- libcdr-0_1-1-0.1.4-7.1 added
- libcdr-devel-0.1.4-7.1 added
- libchamplain-0_12-0-0.12.20-150200.3.2.1 added
- libcholmod-3_0_11-3.0.11-2.42 added
- libcmis-0_5-5-0.5.2-3.3.1 added
- libcmis-devel-0.5.2-3.3.1 added
- libcolamd-2_9_6-2.9.6-2.42 added
- libcsync-plugin-sftp-0.50.0-150000.3.8.1 added
- libcsync-plugin-smb-0.50.0-150000.3.8.1 added
- libcsync0-0.50.0-150000.3.8.1 added
- libcuckoo-devel-0.3-150300.7.3.1 added
- libcue-devel-2.1.0-1.26 added
- libdmapsharing-4_0-3-3.9.10-150400.1.10 added
- libdvdread-devel-6.0.0-150000.3.2.1 added
- libdvdread4-6.0.0-150000.3.2.1 added
- libe-book-0_1-1-0.1.3-7.1 added
- libe-book-devel-0.1.3-7.1 added
- libebackend-1_2-10-3.42.5-150400.3.3.2 added
- libebook-1_2-20-3.42.5-150400.3.3.2 added
- libebook-contacts-1_2-3-3.42.5-150400.3.3.2 added
- libecal-2_0-1-3.42.5-150400.3.3.2 added
- libedata-book-1_2-26-3.42.5-150400.3.3.2 added
- libedata-cal-2_0-1-3.42.5-150400.3.3.2 added
- libedataserver-1_2-24-3.34.4-3.3.1 added
- libedataserver-1_2-26-3.42.5-150400.3.3.2 added
- libedataserverui-1_2-3-3.42.5-150400.3.3.2 added
- libeot-devel-0.01-1.27 added
- libeot0-0.01-1.27 added
- libepc-1_0-2-0.4.6-1.45 added
- libepc-devel-0.4.6-1.45 added
- libepubgen-0_1-1-0.1.1-3.3.1 added
- libepubgen-devel-0.1.1-3.3.1 added
- libetonyek-0_1-1-0.1.10-3.3.1 added
- libexttextcat-2_0-0-3.4.5-3.2.1 added
- libexttextcat-3.4.5-3.2.1 added
- libexttextcat-devel-3.4.5-3.2.1 added
- libfarstream-0_2-5-0.2.9+4-150400.1.12 added
- libfolks-eds26-0.15.5-150400.5.3.2 added
- libfolks-telepathy26-0.15.5-150400.5.3.2 added
- libfolks26-0.15.5-150400.5.3.2 added
- libfreehand-0_1-1-0.1.2-3.3.1 added
- libfreehand-devel-0.1.2-3.3.1 added
- libfreerdp2-2.4.0-150400.3.18.1 added
- libgadu-devel-1.12.2-150000.3.2.1 added
- libgadu3-1.12.2-150000.3.2.1 added
- libgdl-3-5-3.34.0-1.65 added
- libgegl-0_3-0-0.3.34-3.3.1 added
- libgegl-0_4-0-0.4.34-150400.3.2.1 added
- libgexiv2-devel-0.14.0-150400.4.2.1 added
- libgfbgraph-0_2-0-0.2.5-150400.1.8 added
- libgimp-2_0-0-2.10.30-150400.3.8.2 added
- libgimpui-2_0-0-2.10.30-150400.3.8.2 added
- libgom-1_0-0-0.4-150200.3.2.1 added
- libgrss-devel-0.7.0-150400.14.9 added
- libgrss0-0.7.0-150400.14.9 added
- libgsf-devel-1.14.50-150400.3.3.1 added
- libgsl23-2.4-7.11 added
- libgtkhex-3-0-3.18.3-1.44 added
- libgtkmm-2_4-1-2.24.5-150400.12.9 added
- libgtkspell0-2.0.16-150400.15.8 added
- libgtop-2.40.0-150400.9.30 added
- libhfstospell10-0.4.5-4.3.1 added
- libical-glib-devel-3.0.10-150400.1.12 added
- libical-glib3-3.0.10-150400.1.12 added
- libirrecord0-0.10.1-150400.1.8 added
- libiso9660-10-0.94-150000.6.11.1 added
- libixion-0_14-0-0.14.1-4.3.8 added
- libixion-0_17-0-0.17.0-150300.11.3.1 added
- liblangtag-devel-0.6.2-150000.3.6.1 added
- liblangtag1-0.6.2-150000.3.6.1 added
- liblensfun1-0.3.2-150400.1.8 added
- liblirc0-0.10.1-150400.1.8 added
- liblirc_client0-0.10.1-150400.1.8 added
- liblirc_driver0-0.10.1-150400.1.8 added
- liblpsolve55-0-5.5.2.0-150000.3.2.1 added
- libluajit-5_1-2-2.1.0~beta3+git.1624618403.e9577376-150400.2.8 added
- libmeanwhile1-1.0.2-150000.3.2.1 added
- libmediaart-2_0-0-1.9.6-150400.3.3.1 added
- libmpeg2-0-0.5.1-150000.3.2.1 added
- libmspub-0_1-1-0.1.4-7.1 added
- libmspub-devel-0.1.4-7.1 added
- libmwaw-0_3-3-0.3.21-150000.4.17.7 added
- libmypaint-1_5-1-1.5.1-1.12 added
- libmysqlcppconn-devel-1.1.9-150000.4.5.1 added
- libmysqlcppconn7-1.1.9-150000.4.5.1 added
- libmythes-1_2-0-1.2.4-1.24 added
- libnma-devel-1.8.40-150400.3.3.1 added
- libntfs-3g-devel-2022.5.17-150000.3.16.1 added
- libntfs-3g87-2022.5.17-150000.3.16.1 added
- libnumbertext-1_0-0-1.0.6-5.3.2 added
- libnumbertext-data-1.0.6-5.3.2 added
- libnumbertext-devel-1.0.6-5.3.2 added
- libnumbertext-tools-1.0.6-5.3.2 added
- libodfgen-0_1-1-0.1.6-1.28 added
- libodfgen-devel-0.1.6-1.28 added
- libopal-devel-3.10.10-10.46 added
- libopal3_10_10-3.10.10-10.46 added
- libopencv3_4-3.4.16-150400.1.9 added
- libopencv405-4.5.5-150400.1.28 added
- libopencv_aruco405-4.5.5-150400.1.28 added
- libopencv_face405-4.5.5-150400.1.28 added
- libopencv_highgui405-4.5.5-150400.1.28 added
- libopencv_imgcodecs405-4.5.5-150400.1.28 added
- libopencv_objdetect405-4.5.5-150400.1.28 added
- libopencv_superres405-4.5.5-150400.1.28 added
- libopencv_videoio405-4.5.5-150400.1.28 added
- libopencv_videostab405-4.5.5-150400.1.28 added
- libopencv_ximgproc405-4.5.5-150400.1.28 added
- liborcus-0_14-0-0.14.1-3.3.8 added
- liborcus-0_17-0-0.17.2-150300.10.3.1 added
- liborcus-devel-0.17.2-150300.10.3.1 added
- libotr-devel-4.1.1-150000.4.2.1 added
- libotr5-4.1.1-150000.4.2.1 added
- libpagemaker-0_0-0-0.0.4-1.17 added
- libpagemaker-devel-0.0.4-1.17 added
- libphonenumber8-8.12.23-150400.1.9 added
- libpoppler117-22.01.0-150400.3.3.1 added
- libpotrace0-1.16-150400.1.5 added
- libproxy1-config-gnome3-0.4.17-150400.1.21 added
- libproxy1-networkmanager-0.4.17-150400.1.21 added
- libpskc-devel-2.6.2-150000.3.3.1 added
- libpskc0-2.6.2-150000.3.3.1 added
- libpst-devel-0.6.75-150400.1.10 added
- libpst4-0.6.75-150400.1.10 added
- libpt-devel-2.10.11-4.90 added
- libpt2_10_11-2.10.11-4.90 added
- libpurple-2.14.8-150400.3.3.1 added
- libpurple-client0-2.14.8-150400.3.3.1 added
- libpurple-devel-2.14.8-150400.3.3.1 added
- libpurple-plugin-import-empathy-0.1.0-1.51 added
- libpurple-plugin-rocketchat-0.0+hg20200403-1.5 added
- libpurple-plugin-sametime-2.14.8-150400.3.3.1 added
- libpurple-plugin-sipe-1.25.0-150400.1.11 added
- libpurple0-2.14.8-150400.3.3.1 added
- libqrcodegen1-1.5.0-1.3.2 added
- libqrcodegencpp1-1.5.0-1.3.2 added
- libqxp-0_0-0-0.0.1-8.1 added
- libqxp-devel-0.0.1-8.1 added
- librasqal-devel-0.9.33-150000.3.2.1 added
- librasqal3-0.9.33-150000.3.2.1 added
- libraw-devel-0.20.2-150400.3.6.1 added
- libraw16-0.18.9-150000.3.20.1 added
- librdf0-1.0.17-150200.10.3.1 added
- libredland-devel-1.0.17-150200.10.3.1 added
- libreoffice-7.4.3.2-150400.17.3.8 added
- libreoffice-base-7.4.3.2-150400.17.3.8 added
- libreoffice-base-drivers-postgresql-7.4.3.2-150400.17.3.8 added
- libreoffice-calc-7.4.3.2-150400.17.3.8 added
- libreoffice-calc-extensions-7.4.3.2-150400.17.3.8 added
- libreoffice-draw-7.4.3.2-150400.17.3.8 added
- libreoffice-filters-optional-7.4.3.2-150400.17.3.8 added
- libreoffice-gnome-7.4.3.2-150400.17.3.8 added
- libreoffice-gtk3-7.4.3.2-150400.17.3.8 added
- libreoffice-impress-7.4.3.2-150400.17.3.8 added
- libreoffice-mailmerge-7.4.3.2-150400.17.3.8 added
- libreoffice-math-7.4.3.2-150400.17.3.8 added
- libreoffice-officebean-7.4.3.2-150400.17.3.8 added
- libreoffice-pyuno-7.4.3.2-150400.17.3.8 added
- libreoffice-voikko-5.0-5.38 added
- libreoffice-writer-7.4.3.2-150400.17.3.8 added
- libreoffice-writer-extensions-7.4.3.2-150400.17.3.8 added
- libreofficekit-7.4.3.2-150400.17.3.8 added
- librevenge-0_0-0-0.0.4-1.30 added
- librevenge-devel-0.0.4-1.30 added
- librevenge-generators-0_0-0-0.0.4-1.30 added
- librevenge-stream-0_0-0-0.0.4-1.30 added
- libstaroffice-0_0-0-0.0.7-7.3.2 added
- libstoken1-0.81-150400.11.7 added
- libsuitesparseconfig-4_5_5-4.5.5-2.42 added
- libswresample3_9-4.4-150400.3.15.1 added
- libswscale5_9-4.4-150400.3.15.1 added
- libtbb2-2019_20190605-150200.3.2.1 added
- libtbbmalloc2-2019_20190605-150200.3.2.1 added
- libumfpack-5_7_6-5.7.6-2.42 added
- libvdpau_nouveau-22.3.5-150500.75.2 added
- libvisio-0_1-1-0.1.6-7.1 added
- libvisio-devel-0.1.6-7.1 added
- libvncclient1-0.9.13-150400.3.3.1 added
- libvncserver1-0.9.13-150400.3.3.1 added
- libvoikko-devel-4.1.1-2.20 added
- libvoikko1-4.1.1-2.20 added
- libwebp6-0.5.0-150000.3.7.1 added
- libwinpr2-2.4.0-150400.3.18.1 added
- libwmf-0_2-7-0.2.12-150000.4.4.1 added
- libwmf-devel-0.2.12-150000.4.4.1 added
- libwmf-gnome-0.2.12-150000.4.4.1 added
- libwpd-0_10-10-0.10.2-3.3.1 added
- libwpd-devel-0.10.2-3.3.1 added
- libwpg-0_3-3-0.3.2-1.27 added
- libwpg-devel-0.3.2-1.27 added
- libwps-0_4-4-0.4.11-7.6.2 added
- libwps-devel-0.4.11-7.6.2 added
- libxcam-devel-1.5.0-150400.2.5 added
- libxcam1-1.5.0-150400.2.5 added
- libyami-devel-1.3.0-2.33 added
- libyami1-1.3.0-2.33 added
- libzapojit-0_0-0-0.0.3-150400.13.8 added
- libzmf-0_0-0-0.0.2-7.1 added
- libzmf-devel-0.0.2-7.1 added
- lifecycle-data-sle-module-desktop-productivity-1-9.4.1 added
- lirc-devel-0.10.1-150400.1.8 added
- lpsolve-devel-5.5.2.0-150000.3.2.1 added
- meanwhile-devel-1.0.2-150000.3.2.1 added
- metis-devel-5.1.0-9.3.4 added
- mythes-devel-1.2.4-1.24 added
- nautilus-deja-dup-40.6-150400.8.11 added
- nautilus-eiciel-0.9.12.1-3.3.1 added
- ntfs-3g-2022.5.17-150000.3.16.1 added
- ntfsprogs-2022.5.17-150000.3.16.1 added
- openconnect-7.08-6.9.1 added
- openconnect-devel-7.08-6.9.1 added
- opencv-4.5.5-150400.1.28 added
- opencv-devel-4.5.5-150400.1.28 added
- opencv3-3.4.16-150400.1.9 added
- opencv3-devel-3.4.16-150400.1.9 added
- os-prober-1.76-150100.4.2.1 added
- patterns-desktop-books-20201106-1.34 added
- patterns-desktop-imaging-20201106-1.34 added
- patterns-desktop-imaging_opt-20170319-5.17 added
- patterns-desktop-mobile-20201106-1.34 added
- patterns-desktop-multimedia-20201106-1.34 added
- patterns-desktop-multimedia_opt-20170319-5.17 added
- patterns-desktop-technical_writing-20201106-1.34 added
- patterns-gnome-gnome-20201210-150400.7.3.1 added
- patterns-gnome-gnome_imaging-20201210-150400.7.3.1 added
- patterns-gnome-gnome_multimedia-20201210-150400.7.3.1 added
- patterns-gnome-gnome_x11-20201210-150400.7.3.1 added
- patterns-office-office-20170506-4.17 added
- pidgin-2.14.8-150400.3.3.1 added
- pidgin-devel-2.14.8-150400.3.3.1 added
- pidgin-plugin-otr-4.0.2-1.61 added
- pinentry-emacs-1.1.0-4.3.1 added
- pptp-1.10.0-3.3.1 added
- pulseaudio-module-bluetooth-15.0-150400.2.10 added
- pulseaudio-module-lirc-15.0-150400.2.10 added
- python3-QR-Code-generator-1.5.0-1.3.2 added
- remmina-1.4.8-150400.5.22 added
- remmina-devel-1.4.8-150400.5.22 added
- remmina-kiosk-1.4.8-150400.5.22 added
- remmina-plugin-exec-1.4.8-150400.5.22 added
- remmina-plugin-rdp-1.4.8-150400.5.22 added
- remmina-plugin-secret-1.4.8-150400.5.22 added
- remmina-plugin-spice-1.4.8-150400.5.22 added
- remmina-plugin-st-1.4.8-150400.5.22 added
- remmina-plugin-vnc-1.4.8-150400.5.22 added
- remmina-plugin-xdmcp-1.4.8-150400.5.22 added
- rp-pppoe-3.12-150000.6.6.2 added
- seahorse-41.0-150400.1.13 added
- seahorse-daemon-3.12.2-150400.14.10 added
- simple-scan-3.34.2-1.82 added
- sle-we-release-15.5-150500.43.2 added
- stoken-devel-0.81-150400.11.7 added
- strongswan-nm-5.9.7-150500.3.4 added
- system-role-gnome-15.5.0-150500.1.1 added
- system-role-gnome-x11-15.5.0-150500.1.1 added
- tbb-devel-2019_20190605-150200.3.2.1 added
- totem-3.38.2-150400.2.12 added
- totem-devel-3.38.2-150400.2.12 added
- totem-plugins-3.38.2-150400.2.12 added
- tracker-3.2.1-150400.1.12 added
- transfig-3.2.8b-4.15.1 added
- typelib-1_0-Babl-0_1-0.1.88-150400.1.10 added
- typelib-1_0-Camel-1_2-3.42.5-150400.3.3.2 added
- typelib-1_0-Champlain-0_12-0.12.20-150200.3.2.1 added
- typelib-1_0-EBook-1_2-3.42.5-150400.3.3.2 added
- typelib-1_0-EBookContacts-1_2-3.42.5-150400.3.3.2 added
- typelib-1_0-ECal-2_0-3.42.5-150400.3.3.2 added
- typelib-1_0-EDataServer-1_2-3.42.5-150400.3.3.2 added
- typelib-1_0-EDataServerUI-1_2-3.42.5-150400.3.3.2 added
- typelib-1_0-Farstream-0_2-0.2.9+4-150400.1.12 added
- typelib-1_0-Folks-0_7-0.15.5-150400.5.3.2 added
- typelib-1_0-FolksEds-0_7-0.15.5-150400.5.3.2 added
- typelib-1_0-FolksTelepathy-0_7-0.15.5-150400.5.3.2 added
- typelib-1_0-GExiv2-0_10-0.14.0-150400.4.2.1 added
- typelib-1_0-GFBGraph-0_2-0.2.5-150400.1.8 added
- typelib-1_0-GSound-1_0-1.0.3-150400.2.10 added
- typelib-1_0-Gegl-0_3-0.3.34-3.3.1 added
- typelib-1_0-Gegl-0_4-0.4.34-150400.3.2.1 added
- typelib-1_0-Gom-1_0-0.4-150200.3.2.1 added
- typelib-1_0-Grss-0_7-0.7.0-150400.14.9 added
- typelib-1_0-Gsf-1-1.14.50-150400.3.3.1 added
- typelib-1_0-ICal-3_0-3.0.10-150400.1.12 added
- typelib-1_0-ICalGLib-3_0-3.0.10-150400.1.12 added
- typelib-1_0-MediaArt-2_0-1.9.6-150400.3.3.1 added
- typelib-1_0-Zpj-0_0-0.0.3-150400.13.8 added
- usbmuxd-1.1.1-150400.1.7 added
- winpr2-devel-2.4.0-150400.3.18.1 added
- xf86-video-nouveau-1.0.17-150500.1.2 added
- xorg-x11-server-wayland-1.20.3-150200.22.5.72.1 added
- xwayland-22.1.5-150500.5.1 added
- yast2-scanner-4.5.1-150500.1.2 added