----------------------------------------- Version 1-Build4.2.36 2020-10-07T08:04:50 ----------------------------------------- Patch: SUSE-2018-1223 Released: Tue Jun 26 11:41:00 2018 Summary: Security update for gpg2 Severity: important References: 1096745,CVE-2018-12020 Description: This update for gpg2 fixes the following security issue: - CVE-2018-12020: GnuPG mishandled the original filename during decryption and verification actions, which allowed remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the '--status-fd 2' option (bsc#1096745). ----------------------------------------- Patch: SUSE-2018-1327 Released: Tue Jul 17 08:07:24 2018 Summary: Security update for perl Severity: moderate References: 1096718,CVE-2018-12015 Description: This update for perl fixes the following issues: - CVE-2018-12015: The Archive::Tar module allowed remote attackers to bypass a directory-traversal protection mechanism and overwrite arbitrary files (bsc#1096718) ----------------------------------------- Patch: SUSE-2018-1346 Released: Thu Jul 19 09:25:08 2018 Summary: Security update for glibc Severity: moderate References: 1082318,1092877,1094150,1094154,1094161,CVE-2017-18269,CVE-2018-11236,CVE-2018-11237 Description: This update for glibc fixes the following security issues: - CVE-2017-18269: An SSE2-optimized memmove implementation for i386 did not correctly perform the overlapping memory check if the source memory range spaned the middle of the address space, resulting in corrupt data being produced by the copy operation. This may have disclosed information to context-dependent attackers, resulted in a denial of service or code execution (bsc#1094150). - CVE-2018-11236: Prevent integer overflow on 32-bit architectures when processing very long pathname arguments to the realpath function, leading to a stack-based buffer overflow (bsc#1094161). - CVE-2018-11237: An AVX-512-optimized implementation of the mempcpy function may have writen data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper (bsc#1092877, bsc#1094154). ----------------------------------------- Patch: SUSE-2018-1353 Released: Thu Jul 19 09:50:32 2018 Summary: Security update for e2fsprogs Severity: moderate References: 1009532,1038194,915402,918346,960273,CVE-2015-0247,CVE-2015-1572 Description: This update for e2fsprogs fixes the following issues: Security issues fixed: - CVE-2015-0247: Fixed couple of heap overflows in e2fsprogs (fsck, dumpe2fs, e2image...) (bsc#915402). - CVE-2015-1572: Fixed potential buffer overflow in closefs() (bsc#918346). Bug fixes: - bsc#1038194: generic/405 test fails with /dev/mapper/thin-vol is inconsistent on ext4 file system. - bsc#1009532: resize2fs hangs when trying to resize a large ext4 file system. - bsc#960273: xfsprogs does not call %{?regenerate_initrd_post}. ----------------------------------------- Patch: SUSE-2018-1409 Released: Fri Jul 27 06:45:10 2018 Summary: Recommended update for systemd Severity: moderate References: 1039099,1083158,1088052,1091265,1093851,1095096,1095973,1098569 Description: This update for systemd provides the following fixes: - systemctl: Mask always reports the same unit names when different unknown units are passed. (bsc#1095973) - systemctl: Check the existence of all units, not just the first one. - scsi_id: Fix the prefix for pre-SPC inquiry reply. (bsc#1039099) - device: Make sure to always retroactively start device dependencies. (bsc#1088052) - locale-util: On overlayfs FTW_MOUNT causes nftw(3) to not list *any* files. - Fix pattern to detect distribution. - install: The 'user' and 'global' scopes are equivalent for user presets. (bsc#1093851) - install: Search for preset files in /run (#7715) - install: Consider globally enabled units as 'enabled' for the user. (bsc#1093851) - install: Consider non-Alias=/non-DefaultInstance= symlinks as 'indirect' enablement. - install: Only consider names in Alias= as 'enabling'. - udev: Whitelist mlx4_core locally-administered MAC addresses in the persistent rule generator. (bsc#1083158) - man: Updated systemd-analyze blame description for service-units with Type=simple. (bsc#1091265) - fileio: Support writing atomic files with timestamp. - fileio.c: Fix incorrect mtime - Drop runtime dependency on dracut, otherwise systemd pulls in tools to generate the initrd even in container/chroot installations that don't have a kernel. For environments where initrd matters, dracut should be pulled via a pattern. (bsc#1098569) - An update broke booting with encrypted partitions on NVMe (bsc#1095096) ----------------------------------------- Patch: SUSE-2018-1760 Released: Fri Aug 24 17:14:53 2018 Summary: Recommended update for libtirpc Severity: moderate References: 1072183 Description: This update for libtirpc fixes the following issues: - rpcinfo: send RPC getport call as specified via parameter (bsc#1072183) ----------------------------------------- Patch: SUSE-2018-1887 Released: Wed Sep 12 12:34:28 2018 Summary: Recommended update for python-websocket-client Severity: moderate References: 1076519 Description: This update for python-websocket-client fixes the following issues: - Use systems ca bundle file by default. (bsc#1076519) ----------------------------------------- Patch: SUSE-2018-1999 Released: Tue Sep 25 08:20:35 2018 Summary: Recommended update for zlib Severity: moderate References: 1071321 Description: This update for zlib provides the following fixes: - Speedup zlib on power8. (fate#325307) - Add safeguard against negative values in uInt. (bsc#1071321) ----------------------------------------- Patch: SUSE-2018-2055 Released: Thu Sep 27 14:30:14 2018 Summary: Recommended update for openldap2 Severity: moderate References: 1089640 Description: This update for openldap2 provides the following fix: - Fix slapd segfaults in mdb_env_reader_dest. (bsc#1089640) ----------------------------------------- Patch: SUSE-2018-2155 Released: Fri Oct 5 14:41:17 2018 Summary: Recommended update for ca-certificates Severity: moderate References: 1101470 Description: This update for ca-certificates fixes the following issues: - Changed 'openssl' requirement to 'openssl(cli)' (bsc#1101470) ----------------------------------------- Patch: SUSE-2018-2170 Released: Mon Oct 8 10:31:14 2018 Summary: Recommended update for python3 Severity: moderate References: 1107030 Description: This update for python3 fixes the following issues: - Add -fwrapv to OPTS, which is default for python3 for bugs which are caused by avoiding it. (bsc#1107030) ----------------------------------------- Patch: SUSE-2018-2177 Released: Tue Oct 9 09:00:13 2018 Summary: Recommended update for bash Severity: moderate References: 1095661,1095670,1100488 Description: This update for bash provides the following fixes: - Bugfix: Parse settings in inputrc for all screen TERM variables starting with 'screen.' (bsc#1095661) - Make the generation of bash.html reproducible. (bsc#1100488) - Use initgroups(3) instead of setgroups(2) to fix the usage of suid programs. (bsc#1095670) - Fix a problem that could cause hash table bash uses to store exit statuses from asynchronous processes to develop loops in circumstances involving long-running scripts that create and reap many processes. - Fix a problem that could cause the shell to loop if a SIGINT is received inside of a SIGINT trap handler. - Fix cases where a failing readline command (e.g., delete-char at the end of a line) can cause a multi-character key sequence to 'back up' and attempt to re-read some of the characters in the sequence. - Fix a problem when sourcing a file from an interactive shell, that setting the SIGINT handler to the default and typing ^C would cause the shell to exit. ----------------------------------------- Patch: SUSE-2018-2182 Released: Tue Oct 9 11:08:36 2018 Summary: Security update for libxml2 Severity: moderate References: 1088279,1102046,1105166,CVE-2018-14404,CVE-2018-14567,CVE-2018-9251 Description: This update for libxml2 fixes the following security issues: - CVE-2018-9251: The xz_decomp function allowed remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint (bsc#1088279) - CVE-2018-14567: Prevent denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint (bsc#1105166) - CVE-2018-14404: Prevent NULL pointer dereference in the xmlXPathCompOpEval() function when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case leading to a denial of service attack (bsc#1102046) ----------------------------------------- Patch: SUSE-2018-2370 Released: Mon Oct 22 14:02:01 2018 Summary: Recommended update for aaa_base Severity: moderate References: 1102310,1104531 Description: This update for aaa_base provides the following fixes: - Let bash.bashrc work even for (m)ksh. (bsc#1104531) - Fix an error at login if java system directory is empty. (bsc#1102310) ----------------------------------------- Patch: SUSE-2018-2487 Released: Fri Oct 26 12:39:07 2018 Summary: Recommended update for glibc Severity: moderate References: 1102526 Description: This update for glibc fixes the following issues: - Fix build on aarch64 with binutils newer than 2.30. - Fix year 2039 bug for localtime with 64-bit time_t (bsc#1102526) ----------------------------------------- Patch: SUSE-2018-2569 Released: Fri Nov 2 19:00:18 2018 Summary: Recommended update for pam Severity: moderate References: 1110700 Description: This update for pam fixes the following issues: - Remove limits for nproc from /etc/security/limits.conf (bsc#1110700) ----------------------------------------- Patch: SUSE-2018-2595 Released: Wed Nov 7 11:14:42 2018 Summary: Security update for systemd Severity: important References: 1089761,1090944,1091677,1093753,1101040,1102908,1105031,1107640,1107941,1109197,1109252,1110445,1112024,1113083,1113632,1113665,1114135,991901,CVE-2018-15686,CVE-2018-15688 Description: This update for systemd fixes the following issues: Security issues fixed: - CVE-2018-15688: A buffer overflow vulnerability in the dhcp6 client of systemd allowed a malicious dhcp6 server to overwrite heap memory in systemd-networkd. (bsc#1113632) - CVE-2018-15686: A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. (bsc#1113665) Non security issues fixed: - dhcp6: split assert_return() to be more debuggable when hit - core: skip unit deserialization and move to the next one when unit_deserialize() fails - core: properly handle deserialization of unknown unit types (#6476) - core: don't create Requires for workdir if 'missing ok' (bsc#1113083) - logind: use manager_get_user_by_pid() where appropriate - logind: rework manager_get_{user|session}_by_pid() a bit - login: fix user@.service case, so we don't allow nested sessions (#8051) (bsc#1112024) - core: be more defensive if we can't determine per-connection socket peer (#7329) - core: introduce systemd.early_core_pattern= kernel cmdline option - core: add missing 'continue' statement - core/mount: fstype may be NULL - journald: don't ship systemd-journald-audit.socket (bsc#1109252) - core: make 'tmpfs' dependencies on swapfs a 'default' dep, not an 'implicit' (bsc#1110445) - mount: make sure we unmount tmpfs mounts before we deactivate swaps (#7076) - detect-virt: do not try to read all of /proc/cpuinfo (bsc#1109197) - emergency: make sure console password agents don't interfere with the emergency shell - man: document that 'nofail' also has an effect on ordering - journald: take leading spaces into account in syslog_parse_identifier - journal: do not remove multiple spaces after identifier in syslog message - syslog: fix segfault in syslog_parse_priority() - journal: fix syslog_parse_identifier() - install: drop left-over debug message (#6913) - Ship systemd-sysv-install helper via the main package This script was part of systemd-sysvinit sub-package but it was wrong since systemd-sysv-install is a script used to redirect enable/disable operations to chkconfig when the unit targets are sysv init scripts. Therefore it's never been a SySV init tool. - Add udev.no-partlabel-links kernel command-line option. This option can be used to disable the generation of the by-partlabel symlinks regardless of the name used. (bsc#1089761) - man: SystemMaxUse= clarification in journald.conf(5). (bsc#1101040) - systemctl: load unit if needed in 'systemctl is-active' (bsc#1102908) - core: don't freeze OnCalendar= timer units when the clock goes back a lot (bsc#1090944) - Enable or disable machines.target according to the presets (bsc#1107941) - cryptsetup: add support for sector-size= option (fate#325697) - nspawn: always use permission mode 555 for /sys (bsc#1107640) - Bugfix for a race condition between daemon-reload and other commands (bsc#1105031) - Fixes an issue where login with root credentials was not possible in init level 5 (bsc#1091677) - Fix an issue where services of type 'notify' harmless DENIED log entries. (bsc#991901) - Does no longer adjust qgroups on existing subvolumes (bsc#1093753) - cryptsetup: add support for sector-size= option (#9936) (fate#325697 bsc#1114135) ----------------------------------------- Patch: SUSE-2018-2607 Released: Wed Nov 7 15:42:48 2018 Summary: Optional update for gcc8 Severity: low References: 1084812,1084842,1087550,1094222,1102564 Description: The GNU Compiler GCC 8 is being added to the Development Tools Module by this update. The update also supplies gcc8 compatible libstdc++, libgcc_s1 and other gcc derived libraries for the Basesystem module of SUSE Linux Enterprise 15. Various optimizers have been improved in GCC 8, several of bugs fixed, quite some new warnings added and the error pin-pointing and fix-suggestions have been greatly improved. The GNU Compiler page for GCC 8 contains a summary of all the changes that have happened: https://gcc.gnu.org/gcc-8/changes.html Also changes needed or common pitfalls when porting software are described on: https://gcc.gnu.org/gcc-8/porting_to.html ----------------------------------------- Patch: SUSE-2018-2825 Released: Mon Dec 3 15:35:02 2018 Summary: Security update for pam Severity: important References: 1115640,CVE-2018-17953 Description: This update for pam fixes the following issue: Security issue fixed: - CVE-2018-17953: Fixed IP address and subnet handling of pam_access.so that was not honoured correctly when a single host was specified (bsc#1115640). ----------------------------------------- Patch: SUSE-2018-2861 Released: Thu Dec 6 14:32:01 2018 Summary: Security update for ncurses Severity: important References: 1103320,1115929,CVE-2018-19211 Description: This update for ncurses fixes the following issues: Security issue fixed: - CVE-2018-19211: Fixed denial of service issue that was triggered by a NULL pointer dereference at function _nc_parse_entry (bsc#1115929). Non-security issue fixed: - Remove scree.xterm from terminfo data base as with this screen uses fallback TERM=screen (bsc#1103320). ----------------------------------------- Patch: SUSE-2018-2984 Released: Wed Dec 19 11:32:39 2018 Summary: Security update for perl Severity: moderate References: 1114674,1114675,1114681,1114686,CVE-2018-18311,CVE-2018-18312,CVE-2018-18313,CVE-2018-18314 Description: This update for perl fixes the following issues: Secuirty issues fixed: - CVE-2018-18311: Fixed integer overflow with oversize environment (bsc#1114674). - CVE-2018-18312: Fixed heap-buffer-overflow write / reg_node overrun (bsc#1114675). - CVE-2018-18313: Fixed heap-buffer-overflow read if regex contains \0 chars (bsc#1114681). - CVE-2018-18314: Fixed heap-buffer-overflow in regex (bsc#1114686). ----------------------------------------- Patch: SUSE-2018-2986 Released: Wed Dec 19 13:53:22 2018 Summary: Security update for libnettle Severity: moderate References: 1118086,CVE-2018-16869 Description: This update for libnettle fixes the following issues: Security issues fixed: - CVE-2018-16869: Fixed a leaky data conversion exposing a manager oracle (bsc#1118086) ----------------------------------------- Patch: SUSE-2019-23 Released: Mon Jan 7 16:30:33 2019 Summary: Security update for gpg2 Severity: moderate References: 1120346,CVE-2018-1000858 Description: This update for gpg2 fixes the following issue: Security issue fixed: - CVE-2018-1000858: Fixed a Cross Site Request Forgery(CSRF) vulnerability in dirmngr that can result in Attacker controlled CSRF (bsc#1120346). ----------------------------------------- Patch: SUSE-2019-44 Released: Tue Jan 8 13:07:32 2019 Summary: Recommended update for acl Severity: low References: 953659 Description: This update for acl fixes the following issues: - test: Add helper library to fake passwd/group files. - quote: Escape literal backslashes. (bsc#953659) ----------------------------------------- Patch: SUSE-2019-137 Released: Mon Jan 21 15:52:45 2019 Summary: Security update for systemd Severity: important References: 1005023,1045723,1076696,1080919,1093753,1101591,1111498,1114933,1117063,1119971,1120323,CVE-2018-16864,CVE-2018-16865,CVE-2018-16866,CVE-2018-6954 Description: This update for systemd provides the following fixes: Security issues fixed: - CVE-2018-16864, CVE-2018-16865: Fixed two memory corruptions through attacker-controlled alloca()s (bsc#1120323) - CVE-2018-16866: Fixed an information leak in journald (bsc#1120323) - CVE-2018-6954: Fix mishandling of symlinks present in non-terminal path components (bsc#1080919) - Fixed an issue during system startup in relation to encrypted swap disks (bsc#1119971) Non-security issues fixed: - pam_systemd: Fix 'Cannot create session: Already running in a session' (bsc#1111498) - systemd-vconsole-setup: vconsole setup fails, fonts will not be copied to tty (bsc#1114933) - systemd-tmpfiles-setup: symlinked /tmp to /var/tmp breaking multiple units (bsc#1045723) - Fixed installation issue with /etc/machine-id during update (bsc#1117063) - btrfs: qgroups are assigned to parent qgroups after reboot (bsc#1093753) - logind: Stop managing VT switches if no sessions are registered on that VT. (bsc#1101591) - udev: Downgrade message when settting inotify watch up fails. (bsc#1005023) - udev: Ignore the exit code of systemd-detect-virt for memory hot-add. In SLE-12-SP3, 80-hotplug-cpu-mem.rules has a memory hot-add rule that uses systemd-detect-virt to detect non-zvm environment. The systemd-detect-virt returns exit failure code when it detected _none_ state. The exit failure code causes that the hot-add memory block can not be set to online. (bsc#1076696) ----------------------------------------- Patch: SUSE-2019-215 Released: Thu Jan 31 15:59:57 2019 Summary: Security update for python3 Severity: important References: 1120644,1122191,CVE-2018-20406,CVE-2019-5010 Description: This update for python3 fixes the following issues: Security issue fixed: - CVE-2019-5010: Fixed a denial-of-service vulnerability in the X509 certificate parser (bsc#1122191) - CVE-2018-20406: Fixed a integer overflow via a large LONG_BINPUT (bsc#1120644) ----------------------------------------- Patch: SUSE-2019-247 Released: Wed Feb 6 07:18:45 2019 Summary: Security update for lua53 Severity: moderate References: 1123043,CVE-2019-6706 Description: This update for lua53 fixes the following issues: Security issue fixed: - CVE-2019-6706: Fixed a use-after-free bug in the lua_upvaluejoin function of lapi.c (bsc#1123043) ----------------------------------------- Patch: SUSE-2019-369 Released: Wed Feb 13 14:01:42 2019 Summary: Recommended update for itstool Severity: moderate References: 1065270,1111019 Description: This update for itstool and python-libxml2-python fixes the following issues: Package: itstool - Updated version to support Python3. (bnc#1111019) Package: python-libxml2-python - Fix segfault when parsing invalid data. (bsc#1065270) ----------------------------------------- Patch: SUSE-2019-426 Released: Mon Feb 18 17:46:55 2019 Summary: Security update for systemd Severity: important References: 1117025,1121563,1122000,1123333,1123727,1123892,1124153,1125352,CVE-2019-6454 Description: This update for systemd fixes the following issues: - CVE-2019-6454: Overlong DBUS messages could be used to crash systemd (bsc#1125352) - units: make sure initrd-cleanup.service terminates before switching to rootfs (bsc#1123333) - logind: fix bad error propagation - login: log session state 'closing' (as well as New/Removed) - logind: fix borked r check - login: don't remove all devices from PID1 when only one was removed - login: we only allow opening character devices - login: correct comment in session_device_free() - login: remember that fds received from PID1 need to be removed eventually - login: fix FDNAME in call to sd_pid_notify_with_fds() - logind: fd 0 is a valid fd - logind: rework sd_eviocrevoke() - logind: check file is device node before using .st_rdev - logind: use the new FDSTOREREMOVE=1 sd_notify() message (bsc#1124153) - core: add a new sd_notify() message for removing fds from the FD store again - logind: make sure we don't trip up on half-initialized session devices (bsc#1123727) - fd-util: accept that kcmp might fail with EPERM/EACCES - core: Fix use after free case in load_from_path() (bsc#1121563) - core: include Found state in device dumps - device: fix serialization and deserialization of DeviceFound - fix path in btrfs rule (#6844) - assemble multidevice btrfs volumes without external tools (#6607) (bsc#1117025) - Update systemd-system.conf.xml (bsc#1122000) - units: inform user that the default target is started after exiting from rescue or emergency mode - core: free lines after reading them (bsc#1123892) - sd-bus: if we receive an invalid dbus message, ignore and proceeed - automount: don't pass non-blocking pipe to kernel. ----------------------------------------- Patch: SUSE-2019-571 Released: Thu Mar 7 18:13:46 2019 Summary: Security update for file Severity: moderate References: 1096974,1096984,1126117,1126118,1126119,CVE-2018-10360,CVE-2019-8905,CVE-2019-8906,CVE-2019-8907 Description: This update for file fixes the following issues: The following security vulnerabilities were addressed: - CVE-2018-10360: Fixed an out-of-bounds read in the function do_core_note in readelf.c, which allowed remote attackers to cause a denial of service (application crash) via a crafted ELF file (bsc#1096974) - CVE-2019-8905: Fixed a stack-based buffer over-read in do_core_note in readelf.c (bsc#1126118) - CVE-2019-8906: Fixed an out-of-bounds read in do_core_note in readelf. c (bsc#1126119) - CVE-2019-8907: Fixed a stack corruption in do_core_note in readelf.c (bsc#1126117) ----------------------------------------- Patch: SUSE-2019-641 Released: Tue Mar 19 13:17:28 2019 Summary: Recommended update for glibc Severity: moderate References: 1112570,1114984,1114993 Description: This update for glibc provides the following fixes: - Fix Haswell CPU string flags. (bsc#1114984) - Fix waiters-after-spinning case. (bsc#1114993) - Do not relocate absolute symbols. (bsc#1112570) - Add glibc-locale-base subpackage containing only C, C.UTF-8 and en_US.UTF-8 locales. (fate#326551) - Add HWCAP_ATOMICS to HWCAP_IMPORTANT (fate#325962) - Remove slow paths from math routines. (fate#325815, fate#325879, fate#325880, fate#325881, fate#325882) ----------------------------------------- Patch: SUSE-2019-700 Released: Thu Mar 21 19:54:00 2019 Summary: Recommended update for cyrus-sasl Severity: moderate References: 1044840 Description: This update for cyrus-sasl provides the following fix: - Fix a problem that was causing syslog to be polluted with messages 'GSSAPI client step 1'. By server context the connection will be sent to the log function but the client content does not have log level information, so there is no way to stop DEBUG level logs. (bsc#1044840) ----------------------------------------- Patch: SUSE-2019-713 Released: Fri Mar 22 15:55:05 2019 Summary: Recommended update for glibc Severity: moderate References: 1063675,1126590 Description: This update for glibc fixes the following issues: - Add MAP_SYNC from Linux 4.15 (bsc#1126590) - Add MAP_SHARED_VALIDATE from Linux 4.15 (bsc#1126590) - nptl: Preserve error in setxid thread broadcast in coredumps (bsc#1063675, BZ #22153) ----------------------------------------- Patch: SUSE-2019-732 Released: Mon Mar 25 14:10:04 2019 Summary: Recommended update for aaa_base Severity: moderate References: 1088524,1118364,1128246 Description: This update for aaa_base fixes the following issues: - Restore old position of ssh/sudo source of profile (bsc#1118364). - Update logic for JRE_HOME env variable (bsc#1128246) ----------------------------------------- Patch: SUSE-2019-788 Released: Thu Mar 28 11:55:06 2019 Summary: Security update for sqlite3 Severity: moderate References: 1119687,CVE-2018-20346 Description: This update for sqlite3 to version 3.27.2 fixes the following issue: Security issue fixed: - CVE-2018-20346: Fixed a remote code execution vulnerability in FTS3 (Magellan) (bsc#1119687). Release notes: https://www.sqlite.org/releaselog/3_27_2.html ----------------------------------------- Patch: SUSE-2019-791 Released: Thu Mar 28 12:06:50 2019 Summary: Security update for libnettle Severity: moderate References: 1129598 Description: This update for libnettle to version 3.4.1 fixes the following issues: Issues addressed and new features: - Updated to 3.4.1 (fate#327114 and bsc#1129598) - Fixed a missing break statements in the parsing of PEM input files in pkcs1-conv. - Fixed a link error on the pss-mgf1-test which was affecting builds without public key support. - All functions using RSA private keys are now side-channel silent. This applies both to the bignum calculations, which now use GMP's mpn_sec_* family of functions, and the processing of PKCS#1 padding needed for RSA decryption. - Changes in behavior: The functions rsa_decrypt and rsa_decrypt_tr may now clobber all of the provided message buffer, independent of the actual message length. They are side-channel silent, in that branches and memory accesses don't depend on the validity or length of the message. Side-channel leakage from the caller's use of length and return value may still provide an oracle useable for a Bleichenbacher-style chosen ciphertext attack. Which is why the new function rsa_sec_decrypt is recommended. ----------------------------------------- Patch: SUSE-2019-858 Released: Wed Apr 3 15:50:37 2019 Summary: Recommended update for libtirpc Severity: moderate References: 1120689,1126096 Description: This update for libtirpc fixes the following issues: - Fix a yp_bind_client_create_v3: RPC: Unknown host error (bsc#1126096). - add an option to enforce connection via protocol version 2 first (bsc#1120689). ----------------------------------------- Patch: SUSE-2019-903 Released: Mon Apr 8 15:41:44 2019 Summary: Security update for glibc Severity: moderate References: 1100396,1122729,1130045,CVE-2016-10739 Description: This update for glibc fixes the following issues: Security issue fixed: - CVE-2016-10739: Fixed an improper implementation of getaddrinfo function which could allow applications to incorrectly assume that had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings (bsc#1122729). Other issue fixed: - Fixed an issue where pthread_mutex_trylock did not use a correct order of instructions while maintained the robust mutex list due to missing compiler barriers (bsc#1130045). - Added new Japanese Era name support (bsc#1100396). ----------------------------------------- Patch: SUSE-2019-966 Released: Wed Apr 17 12:20:13 2019 Summary: Recommended update for python-rpm-macros Severity: moderate References: 1128323 Description: This update for python-rpm-macros fixes the following issues: The Python RPM macros were updated to version 20190408.32abece, fixing bugs (bsc#1128323) * Add missing $ expansion on the pytest call * Rewrite pytest and pytest_arch into Lua macros with multiple arguments. * We should preserve existing PYTHONPATH. * Add --ignore to pytest calls to ignore build directories. * Actually make pytest into function to capture arguments as well * Add pytest definitions. * Use upstream-recommended %{_rpmconfigdir}/macros.d directory for the rpm macros. * Fix an issue with epoch printing having too many \ * add epoch while printing 'Provides:' ----------------------------------------- Patch: SUSE-2019-971 Released: Wed Apr 17 14:43:26 2019 Summary: Security update for python3 Severity: important References: 1129346,CVE-2019-9636 Description: This update for python3 fixes the following issues: Security issue fixed: - CVE-2019-9636: Fixed an information disclosure because of incorrect handling of Unicode encoding during NFKC normalization (bsc#1129346). ----------------------------------------- Patch: SUSE-2019-1002 Released: Wed Apr 24 10:13:34 2019 Summary: Recommended update for zlib Severity: moderate References: 1110304,1129576 Description: This update for zlib fixes the following issues: - Fixes a segmentation fault error (bsc#1110304, bsc#1129576) ----------------------------------------- Patch: SUSE-2019-1040 Released: Thu Apr 25 17:09:21 2019 Summary: Security update for samba Severity: important References: 1114407,1124223,1125410,1126377,1131060,1131686,CVE-2019-3880 Description: This update for samba fixes the following issues: Security issue fixed: - CVE-2019-3880: Fixed a path/symlink traversal vulnerability, which allowed an unprivileged user to save registry files outside a share (bsc#1131060). ldb was updated to version 1.2.4 (bsc#1125410 bsc#1131686): - Out of bound read in ldb_wildcard_compare - Hold at most 10 outstanding paged result cookies - Put 'results_store' into a doubly linked list - Refuse to build Samba against a newer minor version of ldb Non-security issues fixed: - Fixed update-apparmor-samba-profile script after apparmor switched to using named profiles (bsc#1126377). - Abide to the load_printers parameter in smb.conf (bsc#1124223). - Provide the 32bit samba winbind PAM module and its dependend 32bit libraries. ----------------------------------------- Patch: SUSE-2019-1127 Released: Thu May 2 09:39:24 2019 Summary: Security update for sqlite3 Severity: moderate References: 1130325,1130326,CVE-2019-9936,CVE-2019-9937 Description: This update for sqlite3 to version 3.28.0 fixes the following issues: Security issues fixed: - CVE-2019-9936: Fixed a heap-based buffer over-read, when running fts5 prefix queries inside transaction (bsc#1130326). - CVE-2019-9937: Fixed a denial of service related to interleaving reads and writes in a single transaction with an fts5 virtual table (bsc#1130325). ----------------------------------------- Patch: SUSE-2019-1206 Released: Fri May 10 14:01:55 2019 Summary: Security update for bzip2 Severity: low References: 985657,CVE-2016-3189 Description: This update for bzip2 fixes the following issues: Security issue fixed: - CVE-2016-3189: Fixed a use-after-free in bzip2recover (bsc#985657). ----------------------------------------- Patch: SUSE-2019-1312 Released: Wed May 22 12:19:12 2019 Summary: Recommended update for aaa_base Severity: moderate References: 1096191 Description: This update for aaa_base fixes the following issue: * Shell detection in /etc/profile and /etc/bash.bashrc was broken within AppArmor-confined containers (bsc#1096191) ----------------------------------------- Patch: SUSE-2019-1352 Released: Fri May 24 14:41:44 2019 Summary: Security update for python3 Severity: moderate References: 1130840,1133452,CVE-2019-9947 Description: This update for python3 to version 3.6.8 fixes the following issues: Security issue fixed: - CVE-2019-9947: Fixed an issue in urllib2 which allowed CRLF injection if the attacker controls a url parameter (bsc#1130840). Non-security issue fixed: - Fixed broken debuginfo packages by switching off LTO and PGO optimization (bsc#1133452). ----------------------------------------- Patch: SUSE-2019-1364 Released: Tue May 28 10:51:38 2019 Summary: Security update for systemd Severity: moderate References: 1036463,1121563,1124122,1125352,1125604,1126056,1127557,1130230,1132348,1132400,1132721,1133506,1133509,CVE-2019-3842,CVE-2019-3843,CVE-2019-3844,CVE-2019-6454,SLE-5933 Description: This update for systemd fixes the following issues: Security issues fixed: - CVE-2019-3842: Fixed a privilege escalation in pam_systemd which could be exploited by a local user (bsc#1132348). - CVE-2019-6454: Fixed a denial of service via crafted D-Bus message (bsc#1125352). - CVE-2019-3843, CVE-2019-3844: Fixed a privilege escalation where services with DynamicUser could gain new privileges or create SUID/SGID binaries (bsc#1133506, bsc#1133509). Non-security issued fixed: - logind: fix killing of scopes (bsc#1125604) - namespace: make MountFlags=shared work again (bsc#1124122) - rules: load drivers only on 'add' events (bsc#1126056) - sysctl: Don't pass null directive argument to '%s' (bsc#1121563) - systemd-coredump: generate a stack trace of all core dumps and log into the journal (jsc#SLE-5933) - udevd: notify when max number value of children is reached only once per batch of events (bsc#1132400) - sd-bus: bump message queue size again (bsc#1132721) - Do not automatically online memory on s390x (bsc#1127557) - Removed sg.conf (bsc#1036463) ----------------------------------------- Patch: SUSE-2019-1368 Released: Tue May 28 13:15:38 2019 Summary: Recommended update for sles12sp3-docker-image, sles12sp4-image, system-user-root Severity: important References: 1134524,CVE-2019-5021 Description: This update for sles12sp3-docker-image, sles12sp4-image, system-user-root fixes the following issues: - CVE-2019-5021: Include an invalidated root password by default, not an empty one (bsc#1134524) ----------------------------------------- Patch: SUSE-2019-1372 Released: Tue May 28 16:53:28 2019 Summary: Security update for libtasn1 Severity: moderate References: 1105435,CVE-2018-1000654 Description: This update for libtasn1 fixes the following issues: Security issue fixed: - CVE-2018-1000654: Fixed a denial of service in the asn1 parser (bsc#1105435). ----------------------------------------- Patch: SUSE-2019-1484 Released: Thu Jun 13 07:46:46 2019 Summary: Recommended update for e2fsprogs Severity: moderate References: 1128383 Description: This update for e2fsprogs fixes the following issues: - Check and fix tails of all bitmap blocks (bsc#1128383) ----------------------------------------- Patch: SUSE-2019-1486 Released: Thu Jun 13 09:40:24 2019 Summary: Security update for elfutils Severity: moderate References: 1033084,1033085,1033086,1033087,1033088,1033089,1033090,1106390,1107066,1107067,1111973,1112723,1112726,1123685,1125007,CVE-2017-7607,CVE-2017-7608,CVE-2017-7609,CVE-2017-7610,CVE-2017-7611,CVE-2017-7612,CVE-2017-7613,CVE-2018-16062,CVE-2018-16402,CVE-2018-16403,CVE-2018-18310,CVE-2018-18520,CVE-2018-18521,CVE-2019-7150,CVE-2019-7665 Description: This update for elfutils fixes the following issues: Security issues fixed: - CVE-2017-7607: Fixed a heap-based buffer overflow in handle_gnu_hash (bsc#1033084) - CVE-2017-7608: Fixed a heap-based buffer overflow in ebl_object_note_type_name() (bsc#1033085) - CVE-2017-7609: Fixed a memory allocation failure in __libelf_decompress (bsc#1033086) - CVE-2017-7610: Fixed a heap-based buffer overflow in check_group (bsc#1033087) - CVE-2017-7611: Fixed a denial of service via a crafted ELF file (bsc#1033088) - CVE-2017-7612: Fixed a denial of service in check_sysv_hash() via a crafted ELF file (bsc#1033089) - CVE-2017-7613: Fixed denial of service caused by the missing validation of the number of sections and the number of segments in a crafted ELF file (bsc#1033090) - CVE-2018-16062: Fixed a heap-buffer overflow in /elfutils/libdw/dwarf_getaranges.c:156 (bsc#1106390) - CVE-2018-16402: Fixed a denial of service/double free on an attempt to decompress the same section twice (bsc#1107066) - CVE-2018-16403: Fixed a heap buffer overflow in readelf (bsc#1107067) - CVE-2018-18310: Fixed an invalid address read problem in dwfl_segment_report_module.c (bsc#1111973) - CVE-2018-18520: Fixed bad handling of ar files inside are files (bsc#1112726) - CVE-2018-18521: Fixed a denial of service vulnerabilities in the function arlib_add_symbols() used by eu-ranlib (bsc#1112723) - CVE-2019-7150: dwfl_segment_report_module doesn't check whether the dyn data read from core file is truncated (bsc#1123685) - CVE-2019-7665: NT_PLATFORM core file note should be a zero terminated string (bsc#1125007) ----------------------------------------- Patch: SUSE-2019-1487 Released: Thu Jun 13 09:40:56 2019 Summary: Security update for python-requests Severity: moderate References: 1111622,CVE-2018-18074 Description: This update for python-requests to version 2.20.1 fixes the following issues: Security issue fixed: - CVE-2018-18074: Fixed an information disclosure vulnerability of the HTTP Authorization header (bsc#1111622). ----------------------------------------- Patch: SUSE-2019-1595 Released: Fri Jun 21 10:17:44 2019 Summary: Security update for dbus-1 Severity: important References: 1137832,CVE-2019-12749 Description: This update for dbus-1 fixes the following issues: Security issue fixed: - CVE-2019-12749: Fixed an implementation flaw in DBUS_COOKIE_SHA1 which could have allowed local attackers to bypass authentication (bsc#1137832). ----------------------------------------- Patch: SUSE-2019-1631 Released: Fri Jun 21 11:17:21 2019 Summary: Recommended update for xz Severity: low References: 1135709 Description: This update for xz fixes the following issues: Add SUSE-Public-Domain licence as some parts of xz utils (liblzma, xz, xzdec, lzmadec, documentation, translated messages, tests, debug, extra directory) are in public domain licence [bsc#1135709] ----------------------------------------- Patch: SUSE-2019-1635 Released: Fri Jun 21 12:45:53 2019 Summary: Recommended update for krb5 Severity: moderate References: 1134217 Description: This update for krb5 provides the following fix: - Move LDAP schema files from /usr/share/doc/packages/krb5 to /usr/share/kerberos/ldap. (bsc#1134217) ----------------------------------------- Patch: SUSE-2019-1700 Released: Tue Jun 25 13:19:21 2019 Summary: Security update for libssh Severity: moderate References: 1134193 Description: This update for libssh fixes the following issue: Issue addressed: - Added support for new AES-GCM encryption types (bsc#1134193). ----------------------------------------- Patch: SUSE-2019-1808 Released: Wed Jul 10 13:16:29 2019 Summary: Recommended update for libgcrypt Severity: moderate References: 1133808 Description: This update for libgcrypt fixes the following issues: - Fixed redundant fips tests in some situations causing sudo to stop working when pam-kwallet is installed. bsc#1133808 ----------------------------------------- Patch: SUSE-2019-1835 Released: Fri Jul 12 18:06:31 2019 Summary: Security update for expat Severity: moderate References: 1139937,CVE-2018-20843 Description: This update for expat fixes the following issues: Security issue fixed: - CVE-2018-20843: Fixed a denial of service triggered by high resource consumption in the XML parser when XML names contain a large amount of colons (bsc#1139937). ----------------------------------------- Patch: SUSE-2019-1846 Released: Mon Jul 15 11:36:33 2019 Summary: Security update for bzip2 Severity: important References: 1139083,CVE-2019-12900 Description: This update for bzip2 fixes the following issues: Security issue fixed: - CVE-2019-12900: Fixed an out-of-bounds write in decompress.c with many selectors (bsc#1139083). ----------------------------------------- Patch: SUSE-2019-1853 Released: Mon Jul 15 16:03:36 2019 Summary: Recommended update for systemd Severity: moderate References: 1107617,1137053 Description: This update for systemd fixes the following issues: - conf-parse: remove 4K line length limit (bsc#1137053) - udevd: change the default value of udev.children-max (again) (bsc#1107617) - meson: stop creating enablement symlinks in /etc during installation (sequel) - Fixed build for openSUSE Leap 15+ - Make sure we don't ship any static enablement symlinks in /etc Those symlinks must only be created by the presets. There are no changes in practice since systemd/udev doesn't ship such symlinks in /etc but let's make sure no future changes will introduce new ones by mistake. ----------------------------------------- Patch: SUSE-2019-1877 Released: Thu Jul 18 11:31:46 2019 Summary: Security update for glibc Severity: moderate References: 1117993,1123710,1127223,1127308,1131330,CVE-2009-5155,CVE-2019-9169 Description: This update for glibc fixes the following issues: Security issues fixed: - CVE-2019-9169: Fixed a heap-based buffer over-read via an attempted case-insensitive regular-expression match (bsc#1127308). - CVE-2009-5155: Fixed a denial of service in parse_reg_exp() (bsc#1127223). Non-security issues fixed: - Does no longer compress debug sections in crt*.o files (bsc#1123710) - Fixes a concurrency problem in ldconfig (bsc#1117993) - Fixes a race condition in pthread_mutex_lock while promoting to PTHREAD_MUTEX_ELISION_NP (bsc#1131330) ----------------------------------------- Patch: SUSE-2019-1971 Released: Thu Jul 25 14:58:52 2019 Summary: Security update for libgcrypt Severity: moderate References: 1138939,CVE-2019-12904 Description: This update for libgcrypt fixes the following issues: Security issue fixed: - CVE-2019-12904: Fixed a flush-and-reload side-channel attack in the AES implementation (bsc#1138939). ----------------------------------------- Patch: SUSE-2019-1994 Released: Fri Jul 26 16:12:05 2019 Summary: Recommended update for libxml2 Severity: moderate References: 1135123 Description: This update for libxml2 fixes the following issues: - Added a new configurable variable XPATH_DEFAULT_MAX_NODESET_LENGTH to avoid nodeset limit when processing large XML files. (bsc#1135123) ----------------------------------------- Patch: SUSE-2019-2004 Released: Mon Jul 29 13:01:59 2019 Summary: Security update for bzip2 Severity: important References: 1139083,CVE-2019-12900 Description: This update for bzip2 fixes the following issues: - Fixed a regression with the fix for CVE-2019-12900, which caused incompatibilities with files that used many selectors (bsc#1139083). ----------------------------------------- Patch: SUSE-2019-2006 Released: Mon Jul 29 13:02:49 2019 Summary: Security update for gpg2 Severity: important References: 1124847,1141093,CVE-2019-13050 Description: This update for gpg2 fixes the following issues: Security issue fixed: - CVE-2019-13050: Fixed a denial of service attacks via big keys (bsc#1141093). Non-security issue fixed: - Allow coredumps in X11 desktop sessions (bsc#1124847) ----------------------------------------- Patch: SUSE-2019-2050 Released: Tue Aug 6 09:42:37 2019 Summary: Security update for python3 Severity: important References: 1094814,1138459,1141853,CVE-2018-20852,CVE-2019-10160 Description: This update for python3 fixes the following issues: Security issue fixed: - CVE-2019-10160: Fixed a regression in urlparse() and urlsplit() introduced by the fix for CVE-2019-9636 (bsc#1138459). - CVE-2018-20852: Fixed an information leak where cookies could be send to the wrong server because of incorrect domain validation (bsc#1141853). Non-security issue fixed: - Fixed an issue where the SIGINT signal was ignored or not handled (bsc#1094814). ----------------------------------------- Patch: SUSE-2019-2097 Released: Fri Aug 9 09:31:17 2019 Summary: Recommended update for libgcrypt Severity: important References: 1097073 Description: This update for libgcrypt fixes the following issues: - Fixed a regression where system were unable to boot in fips mode, caused by an incomplete implementation of previous change (bsc#1097073). ----------------------------------------- Patch: SUSE-2019-2134 Released: Wed Aug 14 11:54:56 2019 Summary: Recommended update for zlib Severity: moderate References: 1136717,1137624,1141059,SLE-5807 Description: This update for zlib fixes the following issues: - Update the s390 patchset. (bsc#1137624) - Tweak zlib-power8 to have type of crc32_vpmsum conform to usage. (bsc#1141059) - Use FAT LTO objects in order to provide proper static library. - Do not enable the previous patchset on s390 but just s390x. (bsc#1137624) - Add patchset for s390 improvements. (jsc#SLE-5807, bsc#1136717) ----------------------------------------- Patch: SUSE-2019-2188 Released: Wed Aug 21 10:10:29 2019 Summary: Recommended update for aaa_base Severity: moderate References: 1140647 Description: This update for aaa_base fixes the following issues: - Make systemd detection cgroup oblivious. (bsc#1140647) ----------------------------------------- Patch: SUSE-2019-2218 Released: Mon Aug 26 11:29:57 2019 Summary: Recommended update for pinentry Severity: moderate References: 1141883 Description: This update for pinentry fixes the following issues: - Fix a dangling pointer in qt/main.cpp that caused crashes. (bsc#1141883) ----------------------------------------- Patch: SUSE-2019-2307 Released: Thu Sep 5 14:45:08 2019 Summary: Security update for util-linux and shadow Severity: moderate References: 1081947,1082293,1085196,1106214,1121197,1122417,1125886,1127701,1135534,1135708,1141113,353876 Description: This update for util-linux and shadow fixes the following issues: util-linux: - Fixed an issue where PATH settings in /etc/default/su being ignored (bsc#1121197) - Prevent outdated pam files (bsc#1082293). - De-duplicate fstrim -A properly (bsc#1127701). - Do not trim read-only volumes (bsc#1106214). - Integrate pam_keyinit pam module to login (bsc#1081947). - Perform one-time reset of /etc/default/su (bsc#1121197). - Fix problems in reading of login.defs values (bsc#1121197) - libmount: To prevent incorrect behavior, recognize more pseudofs and netfs (bsc#1122417). - raw.service: Add RemainAfterExit=yes (bsc#1135534). - agetty: Return previous response of agetty for special characters (bsc#1085196, bsc#1125886) - libmount: print a blacklist hint for 'unknown filesystem type' (jsc#SUSE-4085, fate#326832) - Fix /etc/default/su comments and create /etc/default/runuser (bsc#1121197). shadow: - Fixed an issue where PATH settings in /etc/default/su being ignored (bsc#1121197) - Fix segfault in useradd during setting password inactivity period. (bsc#1141113) - Hardening for su wrappers (bsc#353876) ----------------------------------------- Patch: SUSE-2019-2332 Released: Mon Sep 9 10:17:16 2019 Summary: Security update for python-urllib3 Severity: moderate References: 1129071,1132663,1132900,CVE-2019-11236,CVE-2019-11324,CVE-2019-9740 Description: This update for python-urllib3 fixes the following issues: Security issues fixed: - CVE-2019-9740: Fixed CRLF injection issue (bsc#1129071). - CVE-2019-11324: Fixed invalid CA certificat verification (bsc#1132900). - CVE-2019-11236: Fixed CRLF injection via request parameter (bsc#1132663). ----------------------------------------- Patch: SUSE-2019-2361 Released: Thu Sep 12 07:54:54 2019 Summary: Recommended update for krb5 Severity: moderate References: 1081947,1144047 Description: This update for krb5 contains the following fixes: - Integrate pam_keyinit PAM module, ksu-pam.d. (bsc#1081947) ----------------------------------------- Patch: SUSE-2019-2395 Released: Wed Sep 18 08:31:38 2019 Summary: Security update for openldap2 Severity: moderate References: 1073313,1111388,1114845,1143194,1143273,CVE-2017-17740,CVE-2019-13057,CVE-2019-13565 Description: This update for openldap2 fixes the following issues: Security issue fixed: - CVE-2019-13565: Fixed an authentication bypass when using SASL authentication and session encryption (bsc#1143194). - CVE-2019-13057: Fixed an issue with delegated database admin privileges (bsc#1143273). - CVE-2017-17740: When both the nops module and the member of overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation. (bsc#1073313) Non-security issues fixed: - Fixed broken shebang line in openldap_update_modules_path.sh (bsc#1114845). - Create files in /var/lib/ldap/ during initial start to allow for transactional updates (bsc#1111388) - Fixed incorrect post script call causing tmpfiles creation not to be run (bsc#1111388). ----------------------------------------- Patch: SUSE-2019-2422 Released: Fri Sep 20 16:36:43 2019 Summary: Recommended update for python-urllib3 Severity: moderate References: 1150895 Description: This update for python-urllib3 fixes the following issues: - Add missing dependency on python-six (bsc#1150895) ----------------------------------------- Patch: SUSE-2019-2423 Released: Fri Sep 20 16:41:45 2019 Summary: Recommended update for aaa_base Severity: moderate References: 1146866,SLE-9132 Description: This update for aaa_base fixes the following issues: Added sysctl.d/51-network.conf to tighten network security (bsc#1146866) (jira#SLE-9132) Following settings have been tightened (and set to 0): - net.ipv4.conf.all.accept_redirects - net.ipv4.conf.default.accept_redirects - net.ipv4.conf.default.accept_source_route - net.ipv6.conf.all.accept_redirects - net.ipv6.conf.default.accept_redirects ----------------------------------------- Patch: SUSE-2019-2429 Released: Mon Sep 23 09:28:40 2019 Summary: Security update for expat Severity: moderate References: 1149429,CVE-2019-15903 Description: This update for expat fixes the following issues: Security issues fixed: - CVE-2019-15903: Fixed heap-based buffer over-read caused by crafted XML input. (bsc#1149429) ----------------------------------------- Patch: SUSE-2019-2483 Released: Fri Sep 27 14:16:23 2019 Summary: Optional update for python3-google-api-python-client, python3-httplib2, python3-oauth2client, and python3-uritemplate. Severity: low References: 1088358 Description: This update ships python3-google-api-python-client, python3-httplib2, python3-oauth2client, and python3-uritemplate for the SUSE Linux Enterprise Public Cloud 15 module. ----------------------------------------- Patch: SUSE-2019-2533 Released: Thu Oct 3 15:02:50 2019 Summary: Security update for sqlite3 Severity: moderate References: 1150137,CVE-2019-16168 Description: This update for sqlite3 fixes the following issues: Security issue fixed: - CVE-2019-16168: Fixed improper validation of sqlite_stat1 field that could lead to denial of service (bsc#1150137). ----------------------------------------- Patch: SUSE-2019-2676 Released: Tue Oct 15 21:06:54 2019 Summary: Recommended update for e2fsprogs Severity: moderate References: 1145716,1152101,CVE-2019-5094 Description: This update for e2fsprogs fixes the following issues: Security issue fixed: - CVE-2019-5094: Fixed an arbitrary code execution via specially crafted ext4 file systems. (bsc#1152101) Non-security issue fixed: - libext2fs: Call fsync(2) to clear stale errors for a new a unix I/O channel. (bsc#1145716) ----------------------------------------- Patch: SUSE-2019-2730 Released: Mon Oct 21 16:04:57 2019 Summary: Security update for procps Severity: important References: 1092100,1121753,CVE-2018-1122,CVE-2018-1123,CVE-2018-1124,CVE-2018-1125,CVE-2018-1126 Description: This update for procps fixes the following issues: procps was updated to 3.3.15. (bsc#1092100) Following security issues were fixed: - CVE-2018-1122: Prevent local privilege escalation in top. If a user ran top with HOME unset in an attacker-controlled directory, the attacker could have achieved privilege escalation by exploiting one of several vulnerabilities in the config_file() function (bsc#1092100). - CVE-2018-1123: Prevent denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maped a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporary denial of service) (bsc#1092100). - CVE-2018-1124: Prevent multiple integer overflows leading to a heap corruption in file2strvec function. This allowed a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users (bsc#1092100). - CVE-2018-1125: Prevent stack buffer overflow in pgrep. This vulnerability was mitigated by FORTIFY limiting the impact to a crash (bsc#1092100). - CVE-2018-1126: Ensure correct integer size in proc/alloc.* to prevent truncation/integer overflow issues (bsc#1092100). Also this non-security issue was fixed: - Fix CPU summary showing old data. (bsc#1121753) The update to 3.3.15 contains the following fixes: * library: Increment to 8:0:1 No removals, no new functions Changes: slab and pid structures * library: Just check for SIGLOST and don't delete it * library: Fix integer overflow and LPE in file2strvec CVE-2018-1124 * library: Use size_t for alloc functions CVE-2018-1126 * library: Increase comm size to 64 * pgrep: Fix stack-based buffer overflow CVE-2018-1125 * pgrep: Remove >15 warning as comm can be longer * ps: Fix buffer overflow in output buffer, causing DOS CVE-2018-1123 * ps: Increase command name selection field to 64 * top: Don't use cwd for location of config CVE-2018-1122 * update translations * library: build on non-glibc systems * free: fix scaling on 32-bit systems * Revert 'Support running with child namespaces' * library: Increment to 7:0:1 No changes, no removals New fuctions: numa_init, numa_max_node, numa_node_of_cpu, numa_uninit, xalloc_err_handler * doc: Document I idle state in ps.1 and top.1 * free: fix some of the SI multiples * kill: -l space between name parses correctly * library: dont use vm_min_free on non Linux * library: don't strip off wchan prefixes (ps & top) * pgrep: warn about 15+ char name only if -f not used * pgrep/pkill: only match in same namespace by default * pidof: specify separator between pids * pkill: Return 0 only if we can kill process * pmap: fix duplicate output line under '-x' option * ps: avoid eip/esp address truncations * ps: recognizes SCHED_DEADLINE as valid CPU scheduler * ps: display NUMA node under which a thread ran * ps: Add seconds display for cputime and time * ps: Add LUID field * sysctl: Permit empty string for value * sysctl: Don't segv when file not available * sysctl: Read and write large buffers * top: add config file support for XDG specification * top: eliminated minor libnuma memory leak * top: show fewer memory decimal places (configurable) * top: provide command line switch for memory scaling * top: provide command line switch for CPU States * top: provides more accurate cpu usage at startup * top: display NUMA node under which a thread ran * top: fix argument parsing quirk resulting in SEGV * top: delay interval accepts non-locale radix point * top: address a wishlist man page NLS suggestion * top: fix potential distortion in 'Mem' graph display * top: provide proper multi-byte string handling * top: startup defaults are fully customizable * watch: define HOST_NAME_MAX where not defined * vmstat: Fix alignment for disk partition format * watch: Support ANSI 39,49 reset sequences ----------------------------------------- Patch: SUSE-2019-2757 Released: Wed Oct 23 17:21:17 2019 Summary: Security update for lz4 Severity: moderate References: 1153936,CVE-2019-17543 Description: This update for lz4 fixes the following issues: - CVE-2019-17543: Fixed a heap-based buffer overflow in LZ4_write32 (bsc#1153936). ----------------------------------------- Patch: SUSE-2019-2802 Released: Tue Oct 29 11:39:05 2019 Summary: Security update for python3 Severity: moderate References: 1149121,1149792,1149955,1151490,1153238,CVE-2019-16056,CVE-2019-16935,PM-1350,SLE-9426 Description: This update for python3 to 3.6.9 fixes the following issues: Security issues fixed: - CVE-2019-16056: Fixed a parser issue in the email module. (bsc#1149955) - CVE-2019-16935: Fixed a reflected XSS in python/Lib/DocXMLRPCServer.py (bsc#1153238). Non-security issues fixed: - Fixed regression of OpenSSL 1.1.1b-1 in EVP_PBE_scrypt() with salt=NULL. (bsc#1151490) - Improved locale handling by implementing PEP 538. ----------------------------------------- Patch: SUSE-2019-2812 Released: Tue Oct 29 14:57:55 2019 Summary: Recommended update for systemd Severity: moderate References: 1139459,1140631,1145023,1150595,SLE-7687 Description: This update for systemd provides the following fixes: - Fix a problem that would cause invoking try-restart to an inactive service to hang when a daemon-reload is invoked before the try-restart returned. (bsc#1139459) - man: Add a note about _netdev usage. - units: Replace remote-cryptsetup-pre.target with remote-fs-pre.target. - units: Add [Install] section to remote-cryptsetup.target. - cryptsetup: Ignore _netdev, since it is used in generator. - cryptsetup-generator: Use remote-cryptsetup.target when _netdev is present. (jsc#SLE-7687) - cryptsetup-generator: Add a helper utility to create symlinks. - units: Add remote-cryptsetup.target and remote-cryptsetup-pre.target. - man: Add an explicit description of _netdev to systemd.mount(5). - man: Order fields alphabetically in crypttab(5). - man: Make crypttab(5) a bit easier to read. - units: Order cryptsetup-pre.target before cryptsetup.target. - Fix reporting of enabled-runtime units. - sd-bus: Deal with cookie overruns. (bsc#1150595) - rules: Add by-id symlinks for persistent memory. (bsc#1140631) - Buildrequire polkit so /usr/share/polkit-1/rules.d subdir can be only owned by polkit. (bsc#1145023) ----------------------------------------- Patch: SUSE-2019-2870 Released: Thu Oct 31 08:09:14 2019 Summary: Recommended update for aaa_base Severity: moderate References: 1051143,1138869,1151023 Description: This update for aaa_base provides the following fixes: - Check if variables can be set before modifying them to avoid warnings on login with a restricted shell. (bsc#1138869) - Add s390x compressed kernel support. (bsc#1151023) - service: Check if there is a second argument before using it. (bsc#1051143) ----------------------------------------- Patch: SUSE-2019-2891 Released: Mon Nov 4 17:47:10 2019 Summary: Security update for python-ecdsa Severity: moderate References: 1153165,1154217,CVE-2019-14853,CVE-2019-14859 Description: This update for python-ecdsa to version 0.13.3 fixes the following issues: Security issues fixed: - CVE-2019-14853: Fixed unexpected exceptions during signature decoding (bsc#1153165). - CVE-2019-14859: Fixed a signature malleability caused by insufficient checks of DER encoding (bsc#1154217). ----------------------------------------- Patch: SUSE-2019-2929 Released: Thu Nov 7 16:45:13 2019 Summary: Recommended update for python-kubernetes Severity: moderate References: 1151481 Description: This update for python-kubernetes fixes the following issues: - python-ipaddress is only required for building on Python2 (on Python3 is part of the standard library) - Backport fix for base64 padding in kubeconfig (bsc#1151481) ----------------------------------------- Patch: SUSE-2019-2418 Released: Thu Nov 14 11:53:03 2019 Summary: Recommended update for bash Severity: moderate References: 1133773,1143055 Description: This update for bash fixes the following issues: - Rework patch readline-7.0-screen (bsc#1143055): map all 'screen(-xxx)?.yyy(-zzz)?' to 'screen' as well as map 'konsole(-xxx)?' and 'gnome(-xxx)?' to 'xterm' - Add a backport from bash 5.0 to perform better with large numbers of sub processes. (bsc#1133773) ----------------------------------------- Patch: SUSE-2019-2997 Released: Mon Nov 18 15:16:38 2019 Summary: Security update for ncurses Severity: moderate References: 1103320,1154036,1154037,CVE-2019-17594,CVE-2019-17595 Description: This update for ncurses fixes the following issues: Security issues fixed: - CVE-2019-17594: Fixed a heap-based buffer over-read in the _nc_find_entry function (bsc#1154036). - CVE-2019-17595: Fixed a heap-based buffer over-read in the fmt_entry function (bsc#1154037). Non-security issue fixed: - Removed screen.xterm from terminfo database (bsc#1103320). ----------------------------------------- Patch: SUSE-2019-3059 Released: Mon Nov 25 17:33:07 2019 Summary: Security update for cpio Severity: moderate References: 1155199,CVE-2019-14866 Description: This update for cpio fixes the following issues: - CVE-2019-14866: Fixed an improper validation of the values written in the header of a TAR file through the to_oct() function which could have led to unexpected TAR generation (bsc#1155199). ----------------------------------------- Patch: SUSE-2019-3061 Released: Mon Nov 25 17:34:22 2019 Summary: Security update for gcc9 Severity: moderate References: 1114592,1135254,1141897,1142649,1142654,1148517,1149145,CVE-2019-14250,CVE-2019-15847,SLE-6533,SLE-6536 Description: This update includes the GNU Compiler Collection 9. A full changelog is provided by the GCC team on: https://www.gnu.org/software/gcc/gcc-9/changes.html The base system compiler libraries libgcc_s1, libstdc++6 and others are now built by the gcc 9 packages. To use it, install 'gcc9' or 'gcc9-c++' or other compiler brands and use CC=gcc-9 / CXX=g++-9 during configuration for using it. Security issues fixed: - CVE-2019-15847: Fixed a miscompilation in the POWER9 back end, that optimized multiple calls of the __builtin_darn intrinsic into a single call. (bsc#1149145) - CVE-2019-14250: Fixed a heap overflow in the LTO linker. (bsc#1142649) Non-security issues fixed: - Split out libstdc++ pretty-printers into a separate package supplementing gdb and the installed runtime. (bsc#1135254) - Fixed miscompilation for vector shift on s390. (bsc#1141897) ----------------------------------------- Patch: SUSE-2019-3070 Released: Tue Nov 26 12:39:29 2019 Summary: Recommended update for gpg2 Severity: low References: 1152755 Description: This update for gpg2 provides the following fix: - Remove a build requirement on self. This is causing Leap 15.2 bootstrap to fail. (bsc#1152755) ----------------------------------------- Patch: SUSE-2019-3086 Released: Thu Nov 28 10:02:24 2019 Summary: Security update for libidn2 Severity: moderate References: 1154884,1154887,CVE-2019-12290,CVE-2019-18224 Description: This update for libidn2 to version 2.2.0 fixes the following issues: - CVE-2019-12290: Fixed an improper round-trip check when converting A-labels to U-labels (bsc#1154884). - CVE-2019-18224: Fixed a heap-based buffer overflow that was caused by long domain strings (bsc#1154887). ----------------------------------------- Patch: SUSE-2019-3087 Released: Thu Nov 28 10:03:00 2019 Summary: Security update for libxml2 Severity: low References: 1123919 Description: This update for libxml2 doesn't fix any additional security issues, but correct its rpm changelog to reflect all CVEs that have been fixed over the past. ----------------------------------------- Patch: SUSE-2019-3118 Released: Fri Nov 29 14:41:35 2019 Summary: Recommended update for e2fsprogs Severity: moderate References: 1154295 Description: This update for e2fsprogs fixes the following issues: - Make minimum size estimates more reliable for mounted filesystem. (bsc#1154295) ----------------------------------------- Patch: SUSE-2019-3166 Released: Wed Dec 4 11:24:42 2019 Summary: Recommended update for aaa_base Severity: moderate References: 1007715,1084934,1157278 Description: This update for aaa_base fixes the following issues: - Use official key binding functions in inputrc that is replace up-history with previous-history, down-history with next-history and backward-delete-word with backward-kill-word. (bsc#1084934) - Add some missed key escape sequences for urxvt-unicode terminal as well. (bsc#1007715) - Clear broken ghost entry in patch which breaks 'readline'. (bsc#1157278) ----------------------------------------- Patch: SUSE-2019-3240 Released: Tue Dec 10 10:40:19 2019 Summary: Recommended update for ca-certificates-mozilla, p11-kit Severity: moderate References: 1154871 Description: This update for ca-certificates-mozilla, p11-kit fixes the following issues: Changes in ca-certificates-mozilla: - export correct p11kit trust attributes so Firefox detects built in certificates (bsc#1154871). Changes in p11-kit: - support loading NSS attribute CKA_NSS_MOZILLA_CA_POLICY so Firefox detects built in certificates (bsc#1154871) ----------------------------------------- Patch: SUSE-2019-3267 Released: Wed Dec 11 11:19:53 2019 Summary: Security update for libssh Severity: important References: 1158095,CVE-2019-14889 Description: This update for libssh fixes the following issues: - CVE-2019-14889: Fixed an arbitrary command execution (bsc#1158095). ----------------------------------------- Patch: SUSE-2019-3392 Released: Fri Dec 27 13:33:29 2019 Summary: Security update for libgcrypt Severity: moderate References: 1148987,1155338,1155339,CVE-2019-13627 Description: This update for libgcrypt fixes the following issues: Security issues fixed: - CVE-2019-13627: Mitigation against an ECDSA timing attack (bsc#1148987). Bug fixes: - Added CMAC AES self test (bsc#1155339). - Added CMAC TDES self test missing (bsc#1155338). - Fix test dsa-rfc6979 in FIPS mode. ----------------------------------------- Patch: SUSE-2020-114 Released: Thu Jan 16 10:11:52 2020 Summary: Security update for python3 Severity: important References: 1027282,1029377,1029902,1040164,1042670,1070853,1079761,1081750,1083507,1086001,1088004,1088009,1088573,1094814,1107030,1109663,1109847,1120644,1122191,1129346,1130840,1133452,1137942,1138459,1141853,1149121,1149792,1149955,1151490,1153238,1159035,1159622,637176,658604,673071,709442,743787,747125,751718,754447,754677,787526,809831,831629,834601,871152,885662,885882,917607,942751,951166,983582,984751,985177,985348,989523,CVE-2011-3389,CVE-2011-4944,CVE-2012-0845,CVE-2012-1150,CVE-2013-1752,CVE-2013-4238,CVE-2014-2667,CVE-2014-4650,CVE-2016-0772,CVE-2016-1000110,CVE-2016-5636,CVE-2016-5699,CVE-2017-18207,CVE-2018-1000802,CVE-2018-1060,CVE-2018-1061,CVE-2018-14647,CVE-2018-20406,CVE-2018-20852,CVE-2019-10160,CVE-2019-15903,CVE-2019-16056,CVE-2019-16935,CVE-2019-5010,CVE-2019-9636,CVE-2019-9947 Description: This update for python3 to version 3.6.10 fixes the following issues: - CVE-2017-18207: Fixed a denial of service in Wave_read._read_fmt_chunk() (bsc#1083507). - CVE-2019-16056: Fixed an issue where email parsing could fail for multiple @ (bsc#1149955). - CVE-2019-15903: Fixed a heap-based buffer over-read in libexpat (bsc#1149429). ----------------------------------------- Patch: SUSE-2020-129 Released: Mon Jan 20 09:21:13 2020 Summary: Security update for libssh Severity: important References: 1158095,CVE-2019-14889 Description: This update for libssh fixes the following issues: - CVE-2019-14889: Fixed an unwanted command execution in scp caused by unsanitized location (bsc#1158095). ----------------------------------------- Patch: SUSE-2020-225 Released: Fri Jan 24 06:49:07 2020 Summary: Recommended update for procps Severity: moderate References: 1158830 Description: This update for procps fixes the following issues: - Fix for 'ps -C' allowing to accept any arguments longer than 15 characters anymore. (bsc#1158830) ----------------------------------------- Patch: SUSE-2020-256 Released: Wed Jan 29 09:39:17 2020 Summary: Recommended update for aaa_base Severity: moderate References: 1157794,1160970 Description: This update for aaa_base fixes the following issues: - Improves the way how the Java path is created to fix an issue with sapjvm. (bsc#1157794) - Drop 'dev.cdrom.autoclose' = 0 from sysctl config. (bsc#1160970) ----------------------------------------- Patch: SUSE-2020-262 Released: Thu Jan 30 11:02:42 2020 Summary: Security update for glibc Severity: moderate References: 1149332,1151582,1157292,1157893,1158996,CVE-2019-19126 Description: This update for glibc fixes the following issues: Security issue fixed: - CVE-2019-19126: Fixed to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition (bsc#1157292). Bug fixes: - Fixed z15 (s390x) strstr implementation that can return incorrect results if search string cross page boundary (bsc#1157893). - Fixed Hardware support in toolchain (bsc#1151582). - Fixed syscalls during early process initialization (SLE-8348). - Fixed an array overflow in backtrace for PowerPC (bsc#1158996). - Moved to posix_spawn on popen (bsc#1149332). ----------------------------------------- Patch: SUSE-2020-265 Released: Thu Jan 30 14:05:34 2020 Summary: Security update for e2fsprogs Severity: moderate References: 1160571,CVE-2019-5188 Description: This update for e2fsprogs fixes the following issues: - CVE-2019-5188: Fixed a code execution vulnerability in the directory rehashing functionality (bsc#1160571). ----------------------------------------- Patch: SUSE-2020-279 Released: Fri Jan 31 12:01:39 2020 Summary: Recommended update for p11-kit Severity: moderate References: 1013125 Description: This update for p11-kit fixes the following issues: - Also build documentation (bsc#1013125) ----------------------------------------- Patch: SUSE-2020-335 Released: Thu Feb 6 11:37:24 2020 Summary: Security update for systemd Severity: important References: 1084671,1092920,1106383,1133495,1151377,1154256,1155207,1155574,1156213,1156482,1158485,1159814,1161436,1162108,CVE-2019-20386,CVE-2020-1712 Description: This update for systemd fixes the following issues: - CVE-2020-1712 (bsc#bsc#1162108) Fix a heap use-after-free vulnerability, when asynchronous Polkit queries were performed while handling Dbus messages. A local unprivileged attacker could have abused this flaw to crash systemd services or potentially execute code and elevate their privileges, by sending specially crafted Dbus messages. - Use suse.pool.ntp.org server pool on SLE distros (jsc#SLE-7683) - libblkid: open device in nonblock mode. (bsc#1084671) - udev/cdrom_id: Do not open CD-rom in exclusive mode. (bsc#1154256) - bus_open leak sd_event_source when udevadm trigger。 (bsc#1161436 CVE-2019-20386) - fileio: introduce read_full_virtual_file() for reading virtual files in sysfs, procfs (bsc#1133495 bsc#1159814) - fileio: initialize errno to zero before we do fread() - fileio: try to read one byte too much in read_full_stream() - logind: consider 'greeter' sessions suitable as 'display' sessions of a user (bsc#1158485) - logind: never elect a session that is stopping as display - journal: include kmsg lines from the systemd process which exec()d us (#8078) - udevd: don't use monitor after manager_exit() - udevd: capitalize log messages in on_sigchld() - udevd: merge conditions to decrease indentation - Revert 'udevd: fix crash when workers time out after exit is signal caught' - core: fragments of masked units ought not be considered for NeedDaemonReload (#7060) (bsc#1156482) - udevd: fix crash when workers time out after exit is signal caught - udevd: wait for workers to finish when exiting (bsc#1106383) - Improve bash completion support (bsc#1155207) * shell-completion: systemctl: do not list template units in {re,}start * shell-completion: systemctl: pass current word to all list_unit* * bash-completion: systemctl: pass current partial unit to list-unit* (bsc#1155207) * bash-completion: systemctl: use systemctl --no-pager * bash-completion: also suggest template unit files * bash-completion: systemctl: add missing options and verbs * bash-completion: use the first argument instead of the global variable (#6457) - networkd: VXLan Make group and remote variable separate (bsc#1156213) - networkd: vxlan require Remote= to be a non multicast address (#8117) (bsc#1156213) - fs-util: let's avoid unnecessary strerror() - fs-util: introduce inotify_add_watch_and_warn() helper - ask-password: improve log message when inotify limit is reached (bsc#1155574) - shared/install: failing with -ELOOP can be due to the use of an alias in install_error() (bsc#1151377) - man: alias names can't be used with enable command (bsc#1151377) - Add boot option to not use swap at system start (jsc#SLE-7689) - Allow YaST to select Iranian (Persian, Farsi) keyboard layout (bsc#1092920) ----------------------------------------- Patch: SUSE-2020-339 Released: Thu Feb 6 13:03:22 2020 Summary: Recommended update for openldap2 Severity: low References: 1158921 Description: This update for openldap2 provides the following fix: - Add libldap-data to the product (as it contains ldap.conf). (bsc#1158921) ----------------------------------------- Patch: SUSE-2020-340 Released: Thu Feb 6 13:03:56 2020 Summary: Recommended update for python-rpm-macros Severity: moderate References: 1161770 Description: This update for python-rpm-macros fixes the following issues: - Add macros related to the Python dist metadata dependency generator. (bsc#1161770) ----------------------------------------- Patch: SUSE-2020-451 Released: Tue Feb 25 10:50:35 2020 Summary: Recommended update for libgcrypt Severity: moderate References: 1155337,1161215,1161216,1161218,1161219,1161220 Description: This update for libgcrypt fixes the following issues: - ECDSA: Check range of coordinates (bsc#1161216) - FIPS: libgcrypt DSA PQG parameter generation: Missing value [bsc#1161219] - FIPS: libgcrypt DSA PQG verification incorrect results [bsc#1161215] - FIPS: libgcrypt RSA siggen/keygen: 4k not supported [bsc#1161220] - FIPS: keywrap gives incorrect results [bsc#1161218] - FIPS: RSA/DSA/ECDSA are missing hashing operation [bsc#1155337] ----------------------------------------- Patch: SUSE-2020-467 Released: Tue Feb 25 12:00:39 2020 Summary: Security update for python3 Severity: moderate References: 1162224,1162367,1162423,1162825,CVE-2019-9674,CVE-2020-8492 Description: This update for python3 fixes the following issues: Security issues fixed: - CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs (bsc#1162825). - CVE-2020-8492: Fixed a regular expression in urrlib that was prone to denial of service via HTTP (bsc#1162367). Non-security issue fixed: - If the locale is 'C', coerce it to C.UTF-8 (bsc#1162423). ----------------------------------------- Patch: SUSE-2020-476 Released: Tue Feb 25 14:23:14 2020 Summary: Recommended update for perl Severity: moderate References: 1102840,1160039 Description: This update for perl fixes the following issues: - Some packages make assumptions about the date and time they are built. This update will solve the issues caused by calling the perl function timelocal expressing the year with two digit only instead of four digits. (bsc#1102840) (bsc#1160039) ----------------------------------------- Patch: SUSE-2020-480 Released: Tue Feb 25 17:38:22 2020 Summary: Recommended update for aaa_base Severity: moderate References: 1160735 Description: This update for aaa_base fixes the following issues: - Change 'rp_filter' to increase the default priority to ethernet over the wifi. (bsc#1160735) ----------------------------------------- Patch: SUSE-2020-498 Released: Wed Feb 26 17:59:44 2020 Summary: Recommended update for aws-cli, python-boto3, python-botocore, python-s3transfer, python-aws-sam-translator, python-cfn-lint, python-nose2, python-parameterized Severity: moderate References: 1122669,1136184,1146853,1146854,1159018 Description: This update for aws-cli, python-aws-sam-translator, python-cfn-lint, python-nose2, python-parameterized, python-boto3, python-botocore, python-s3transfer fixes the following issues: python-aws-sam-translator was updated to 1.11.0 (bsc#1159018, jsc#PM-1507): Upgrade to 1.11.0: * Add ReservedConcurrentExecutions to globals * Fix ElasticsearchHttpPostPolicy resource reference * Support using AWS::Region in Ref and Sub * Documentation and examples updates * Add VersionDescription property to Serverless::Function * Update ServerlessRepoReadWriteAccessPolicy * Add additional template validation Upgrade to 1.10.0: * Add GSIs to DynamoDBReadPolicy and DynamoDBCrudPolicy * Add DynamoDBReconfigurePolicy * Add CostExplorerReadOnlyPolicy and OrganizationsListAccountsPolicy * Add EKSDescribePolicy * Add SESBulkTemplatedCrudPolicy * Add FilterLogEventsPolicy * Add SSMParameterReadPolicy * Add SESEmailTemplateCrudPolicy * Add s3:PutObjectAcl to S3CrudPolicy * Add allow_credentials CORS option * Add support for AccessLogSetting and CanarySetting Serverless::Api properties * Add support for X-Ray in Serverless::Api * Add support for MinimumCompressionSize in Serverless::Api * Add Auth to Serverless::Api globals * Remove trailing slashes from APIGW permissions * Add SNS FilterPolicy and an example application * Add Enabled property to Serverless::Function event sources * Add support for PermissionsBoundary in Serverless::Function * Fix boto3 client initialization * Add PublicAccessBlockConfiguration property to S3 bucket resource * Make PAY_PER_REQUEST default mode for Serverless::SimpleTable * Add limited support for resolving intrinsics in Serverless::LayerVersion * SAM now uses Flake8 * Add example application for S3 Events written in Go * Updated several example applications python-cfn-lint was added in version 0.21.4: - Add upstream patch to fix EOL dates for lambda runtimes - Add upstream patch to fix test_config_expand_paths test - Rename to python-cfn-lint. This package has a python API, which is required by python-moto. Update to version 0.21.4: + Features * Include more resource types in W3037 + CloudFormation Specifications * Add Resource Type `AWS::CDK::Metadata` + Fixes * Uncap requests dependency in setup.py * Check Join functions have lists in the correct sections * Pass a parameter value for AutoPublishAlias when doing a Transform * Show usage examples when displaying the help Update to version 0.21.3 + Fixes * Support dumping strings for datetime objects when doing a Transform Update to version 0.21.2 + CloudFormation Specifications * Update CloudFormation specs to 3.3.0 * Update instance types from pricing API as of 2019.05.23 Update to version 0.21.1 + Features * Add `Info` logging capability and set the default logging to `NotSet` + Fixes * Only do rule logging (start/stop/time) when the rule is going to be called * Update rule E1019 to allow `Fn::Transform` inside a `Fn::Sub` * Update rule W2001 to not break when `Fn::Transform` inside a `Fn::Sub` * Update rule E2503 to allow conditions to be used and to not default to `network` load balancer when an object is used for the Load Balancer type Update to version 0.21.0 + Features * New rule E3038 to check if a Serverless resource includes the appropriate Transform * New rule E2531 to validate a Lambda's runtime against the deprecated dates * New rule W2531 to validate a Lambda's runtime against the EOL dates * Update rule E2541 to include updates to Code Pipeline capabilities * Update rule E2503 to include checking of values for load balancer attributes + CloudFormation Specifications * Update CloudFormation specs to 3.2.0 * Update instance types from pricing API as of 2019.05.20 + Fixes * Include setuptools in setup.py requires Update to version 0.20.3 + CloudFormation Specifications * Update instance types from pricing API as of 2019.05.16 + Fixes * Update E7001 to allow float/doubles for mapping values * Update W1020 to check pre-transformed Fn::Sub(s) to determine if a Sub is needed * Pin requests to be below or equal to 2.21.0 to prevent issues with botocore Update to version 0.20.2 + Features * Add support for List Parameter types + CloudFormation Specifications * Add allowed values for AWS::EC2 EIP, FlowLog, CustomerGateway, DHCPOptions, EC2Fleet * Create new property type for Security Group IDs or Names * Add new Lambda runtime environment for NodeJs 10.x * Move AWS::ServiceDiscovery::Service Health checks from Only One to Exclusive * Update Glue Crawler Role to take an ARN or a name * Remove PrimitiveType from MaintenanceWindowTarget Targets * Add Min/Max values for Load Balancer Ports to be between 1-65535 + Fixes * Include License file in the pypi package to help with downstream projects * Filter out dynamic references from rule E3031 and E3030 * Convert Python linting and Code Coverage from Python 3.6 to 3.7 Update to version 0.20.1 + Fixes * Update rule E8003 to support more functions inside a Fn::Equals Update to version 0.20.0 + Features * Allow a rule's exception to be defined in a resource's metadata * Add rule configuration capabilities * Update rule E3012 to allow for non strict property checking * Add rule E8003 to test Fn::Equals structure and syntax * Add rule E8004 to test Fn::And structure and syntax * Add rule E8005 to test Fn::Not structure and syntax * Add rule E8006 to test Fn::Or structure and syntax * Include Path to error in the JSON output * Update documentation to describe how to install cfn-lint from brew + CloudFormation Specifications * Update CloudFormation specs to version 3.0.0 * Add new region ap-east-1 * Add list min/max and string min/max for CloudWatch Alarm Actions * Add allowed values for EC2::LaunchTemplate * Add allowed values for EC2::Host * Update allowed values for Amazon MQ to include 5.15.9 * Add AWS::Greengrass::ResourceDefinition to GreenGrass supported regions * Add AWS::EC2::VPCEndpointService to all regions * Update AWS::ECS::TaskDefinition ExecutionRoleArn to be a IAM Role ARN * Patch spec files for SSM MaintenanceWindow to look for Target and not Targets * Update ManagedPolicyArns list size to be 20 which is the hard limit. 10 is the soft limit. + Fixes * Fix rule E3033 to check the string size when the string is inside a list * Fix an issue in which AWS::NotificationARNs was not a list * Add AWS::EC2::Volume to rule W3010 * Fix an issue with W2001 where SAM translate would remove the Ref to a parameter causing this error to falsely trigger * Fix rule W3010 to not error when the availability zone is 'all' Update to version 0.19.1 + Fixes * Fix core Condition processing to support direct Condition in another Condition * Fix the W2030 to check numbers against string allowed values Update to version 0.19.0 + Features * Add NS and PTR Route53 record checking to rule E3020 * New rule E3050 to check if a Ref to IAM Role has a Role path of '/' * New rule E3037 to look for duplicates in a list that doesn't support duplicates * New rule I3037 to look for duplicates in a list when duplicates are allowed + CloudFormation Specifications * Add Min/Max values to AWS::ElasticLoadBalancingV2::TargetGroup HealthCheckTimeoutSeconds * Add Max JSON size to AWS::IAM::ManagedPolicy PolicyDocument * Add allowed values for AWS::EC2 SpotFleet, TransitGateway, NetworkAcl NetworkInterface, PlacementGroup, and Volume * Add Min/max values to AWS::Budgets::Budget.Notification Threshold * Update RDS Instance types by database engine and license definitions using the pricing API * Update AWS::CodeBuild::Project ServiceRole to support Role Name or ARN * Update AWS::ECS::Service Role to support Role Name or ARN + Fixes * Update E3025 to support the new structure of data in the RDS instance type json * Update E2540 to remove all nested conditions from the object * Update E3030 to not do strict type checking * Update E3020 to support conditions nested in the record sets * Update E3008 to better handle CloudFormation sub stacks with different GetAtt formats Update to version 0.18.1 + CloudFormation Specifications * Update CloudFormation Specs to 2.30.0 * Fix IAM Regex Path to support more character types * Update AWS::Batch::ComputeEnvironment.ComputeResources InstanceRole to reference an InstanceProfile or GetAtt the InstanceProfile Arn * Allow VPC IDs to Ref a Parameter of type String + Fixes * Fix E3502 to check the size of the property instead of the parent object Update to version 0.18.0 + Features * New rule E3032 to check the size of lists * New rule E3502 to check JSON Object Size using definitions in the spec file * New rule E3033 to test the minimum and maximum length of a string * New rule E3034 to validate the min and max of a number * Remove Ebs Iops check from E2504 and use rule E3034 instead * Remove rule E2509 and use rule E3033 instead * Remove rule E2508 as it replaced by E3032 and E3502 * Update rule E2503 to check that there are at least two 2 Subnets or SubnetMappings for ALBs * SAM requirement upped to minimal version of 1.10.0 + CloudFormation Specifications * Extend specs to include: > `ListMin` and `ListMax` for the minimum and maximum size of a list > `JsonMax` to check the max size of a JSON Object > `StringMin` and `StringMax` to check the minimum and maximum length of a String > `NumberMin` and `NumberMax` to check the minimum and maximum value of a Number, Float, Long * Update State and ExecutionRoleArn to be required on AWS::DLM::LifecyclePolicy * Add AllowedValues for PerformanceInsightsRetentionPeriod for AWS::RDS::Instance * Add AllowedValues for the AWS::GuardDuty Resources * Add AllowedValues for AWS::EC2 VPC and VPN Resources * Switch IAM Instance Profiles for certain resources to the type that only takes the name * Add regex pattern for IAM Instance Profile when a name (not Arn) is used * Add regex pattern for IAM Paths * Add Regex pattern for IAM Role Arn * Update OnlyOne spec to require require at least one of Subnets or SubnetMappings with ELB v2 + Fixes * Fix serverless transform to use DefinitionBody when Auth is in the API definition * Fix rule W2030 to not error when checking SSM or List Parameters Update to version 0.17.1 + Features * Update rule E2503 to make sure NLBs don't have a Security Group configured + CloudFormation Specifications * Add all the allowed values of the `AWS::Glue` Resources * Update OnlyOne check for `AWS::CloudWatch::Alarm` to only `MetricName` or `Metrics` * Update Exclusive check for `AWS::CloudWatch::Alarm` for properties mixed with `Metrics` and `Statistic` * Update CloudFormation specs to 2.29.0 * Fix type with MariaDB in the AllowedValues * Update pricing information for data available on 2018.3.29 + Fixes * Fix rule E1029 to not look for a sub is needed when looking for iot strings in policies * Fix rule E2541 to allow for ActionId Versions of length 1-9 and meets regex `[0-9A-Za-z_-]+` * Fix rule E2532 to allow for `Parameters` inside a `Pass` action * Fix an issue when getting the location of an error in which numbers are causing an attribute error Update to version 0.17.0 + Features * Add new rule E3026 to validate Redis cluster settings including AutomaticFailoverEnabled and NumCacheClusters. Status: Released * Add new rule W3037 to validate IAM resource policies. Status: Experimental * Add new parameter `-e/--include-experimental` to allow for new rules in that aren't ready to be fully released + CloudFormation Specifications * Update Spec files to 2.28.0 * Add all the allowed values of the AWS::Redshift::* Resources * Add all the allowed values of the AWS::Neptune::* Resources * Patch spec to make AWS::CloudFront::Distribution.LambdaFunctionAssociation.LambdaFunctionARN required * Patch spec to make AWS::DynamoDB::Table AttributeDefinitions required + Fixes * Remove extra blank lines when there is no errors in the output * Add exception to rule E1029 to have exceptions for EMR CloudWatchAlarmDefinition * Update rule E1029 to allow for literals in a Sub * Remove sub checks from rule E3031 as it won't match in all cases of an allowed pattern regex check * Correct typos for errors in rule W1001 * Switch from parsing a template as Yaml to Json when finding an escape character * Fix an issue with SAM related to transforming templates with Serverless Application and Lambda Layers * Fix an issue with rule E2541 when non strings were used for Stage Names Update to version 0.16.0 + Features * Add rule E3031 to look for regex patterns based on the patched spec file * Remove regex checks from rule E2509 * Add parameter `ignore-templates` to allow the ignoring of templates when doing bulk linting + CloudFormation Specifications * Update Spec files to 2.26.0 * Add all the allowed values of the AWS::DirectoryService::* Resources * Add all the allowed values of the AWS::DynamoDB::* Resources * Added AWS::Route53Resolver resources to the Spec Patches of ap-southeast-2 * Patch the spec file with regex patterns * Add all the allowed values of the AWS::DocDb::* Resources + Fixes * Update rule E2504 to have '20000' as the max value * Update rule E1016 to not allow ImportValue inside of Conditions * Update rule E2508 to check conditions when providing limit checks on managed policies * Convert unicode to strings when in Py 3.4/3.5 and updating specs * Convert from `awslabs` to `aws-cloudformation` organization * Remove suppression of logging that was removed from samtranslator >1.7.0 and incompatibility with samtranslator 1.10.0 Update to version 0.15.0 + Features * Add scaffolding for arbitrary Match attributes, adding attributes for Type checks * Add rule E3024 to validate that ProvisionedThroughput is not specified with BillingMode PAY_PER_REQUEST + CloudFormation Specifications * Update Spec files to 2.24.0 * Update OnlyOne spec to have BlockDeviceMapping to include NoDevice with Ebs and VirtualName * Add all the allowed values of the AWS::CloudFront::* Resources * Add all the allowed values of the AWS::DAX::* Resources + Fixes * Update config parsing to use the builtin Yaml decoder * Add condition support for Inclusive E2521, Exclusive E2520, and AtLeastOne E2522 rules * Update rule E1029 to better check Resource strings inside IAM Policies * Improve the line/column information of a Match with array support Update to version 0.14.1 + CloudFormation Specifications * Update CloudFormation Specs to version 2.23.0 * Add allowed values for AWS::Config::* resources * Add allowed values for AWS::ServiceDiscovery::* resources * Fix allowed values for Apache MQ + Fixes * Update rule E3008 to not error when using a list from a custom resource * Support simple types in the CloudFormation spec * Add tests for the formatters Update to version 0.14.0 + Features * Add rule E3035 to check the values of DeletionPolicy * Add rule E3036 to check the values of UpdateReplacePolicy * Add rule E2014 to check that there are no REFs in the Parameter section * Update rule E2503 to support TLS on NLBs + CloudFormation Specifications * Update CloudFormation spec to version 2.22.0 * Add allowed values for AWS::Cognito::* resources + Fixes * Update rule E3002 to allow GetAtts to Custom Resources under a Condition Update to version 0.13.2 + Features * Introducing the cfn-lint logo! * Update SAM dependency version + Fixes * Fix CloudWatchAlarmComparisonOperator allowed values. * Fix typo resoruce_type_spec in several files * Better support for nested And, Or, and Not when processing Conditions Update to version 0.13.1 + CloudFormation Specifications * Add allowed values for AWS::CloudTrail::Trail resources * Patch spec to have AWS::CodePipeline::CustomActionType Version included + Fixes * Fix conditions logic to use AllowedValues when REFing a Parameter that has AllowedValues specified Update to version 0.13.0 + Features * New rule W1011 to check if a FindInMap is using the correct map name and keys * New rule W1001 to check if a Ref/GetAtt to a resource that exists when Conditions are used * Removed logic in E1011 and moved it to W1011 for validating keys * Add property relationships for AWS::ApplicationAutoScaling::ScalingPolicy into Inclusive, Exclusive, and AtLeastOne * Update rule E2505 to check the netmask bit * Include the ability to update the CloudFormation Specs using the Pricing API + CloudFormation Specifications * Update to version 2.21.0 * Add allowed values for AWS::Budgets::Budget * Add allowed values for AWS::CertificateManager resources * Add allowed values for AWS::CodePipeline resources * Add allowed values for AWS::CodeCommit resources * Add allowed values for EC2 InstanceTypes from pricing API * Add allowed values for RedShift InstanceTypes from pricing API * Add allowed values for MQ InstanceTypes from pricing API * Add allowed values for RDS InstanceTypes from pricing API + Fixes * Fixed README indentation issue with .pre-commit-config.yaml * Fixed rule E2541 to allow for multiple inputs/outputs in a CodeBuild task * Fixed rule E3020 to allow for a period or no period at the end of a ACM registration record * Update rule E3001 to support UpdateReplacePolicy * Fix a cli issue where `--template` wouldn't be used when a .cfnlintrc was in the same folder * Update rule E3002 and E1024 to support packaging of AWS::Lambda::LayerVersion content - Initial build + Version 0.12.1 Update to 0.9.1 * the prof plugin now uses cProfile instead of hotshot for profiling * skipped tests now include the user's reason in junit XML's message field * the prettyassert plugin mishandled multi-line function definitions * Using a plugin's CLI flag when the plugin is already enabled via config no longer errors * nose2.plugins.prettyassert, enabled with --pretty-assert * Cleanup code for EOLed python versions * Dropped support for distutils. * Result reporter respects failure status set by other plugins * JUnit XML plugin now includes the skip reason in its output Upgrade to 0.8.0: - List of changes is too long to show here, see https://github.com/nose-devs/nose2/blob/master/docs/changelog.rst changes between 0.6.5 and 0.8.0 Update to 0.7.0: * Added parameterized_class feature, for parameterizing entire test classes (many thanks to @TobyLL for their suggestions and help testing!) * Fix DeprecationWarning on `inspect.getargs` (thanks @brettdh; https://github.com/wolever/parameterized/issues/67) * Make sure that `setUp` and `tearDown` methods work correctly (#40) * Raise a ValueError when input is empty (thanks @danielbradburn; https://github.com/wolever/parameterized/pull/48) * Fix the order when number of cases exceeds 10 (thanks @ntflc; https://github.com/wolever/parameterized/pull/49) aws-cli was updated to version 1.16.223: For detailed changes see the changes entries: https://github.com/aws/aws-cli/blob/1.16.223/CHANGELOG.rst https://github.com/aws/aws-cli/blob/1.16.189/CHANGELOG.rst https://github.com/aws/aws-cli/blob/1.16.182/CHANGELOG.rst https://github.com/aws/aws-cli/blob/1.16.176/CHANGELOG.rst https://github.com/aws/aws-cli/blob/1.16.103/CHANGELOG.rst https://github.com/aws/aws-cli/blob/1.16.94/CHANGELOG.rst https://github.com/aws/aws-cli/blob/1.16.84/CHANGELOG.rst python-boto3 was updated to 1.9.213, python-botocore was updated to 1.9.188, and python-s3transfer was updated to 1.12.74, fixing lots of bugs and adding features (bsc#1146853, bsc#1146854) ----------------------------------------- Patch: SUSE-2020-525 Released: Fri Feb 28 11:49:36 2020 Summary: Recommended update for pam Severity: moderate References: 1164562 Description: This update for pam fixes the following issues: - Add libdb as build-time dependency to enable pam_userdb module. Enable pam_userdb.so (jsc#sle-7258, bsc#1164562) ----------------------------------------- Patch: SUSE-2020-556 Released: Mon Mar 2 13:32:11 2020 Summary: Recommended update for 389-ds Severity: moderate References: 1155951 Description: This update for 389-ds to version 1.4.2.2 fixes the following issues: 389-ds was updated to 1.4.2.6 (fate#326677, bsc#1155951), bringing many bug and stability fixes. Issue addressed: - Enabled python lib389 installer tooling to match upstream and suse documentation. More information for this release at: https://directory.fedoraproject.org/docs/389ds/releases/release-1-4-2-1.html ----------------------------------------- Patch: SUSE-2020-572 Released: Tue Mar 3 13:25:41 2020 Summary: Recommended update for cyrus-sasl Severity: moderate References: 1162518 Description: This update for cyrus-sasl fixes the following issues: - Added support for retrieving negotiated SSF in gssapi plugin (bsc#1162518) - Fixed GSS-SPNEGO to use flags negotiated by GSSAPI for SSF (bsc#1162518) ----------------------------------------- Patch: SUSE-2020-597 Released: Thu Mar 5 15:24:09 2020 Summary: Recommended update for libgcrypt Severity: moderate References: 1164950 Description: This update for libgcrypt fixes the following issues: - FIPS: Run the self-tests from the constructor [bsc#1164950] ----------------------------------------- Patch: SUSE-2020-633 Released: Tue Mar 10 16:23:08 2020 Summary: Recommended update for aaa_base Severity: moderate References: 1139939,1151023 Description: This update for aaa_base fixes the following issues: - get_kernel_version: fix for current kernel on s390x (bsc#1151023, bsc#1139939) - added '-h'/'--help' to the command old - change feedback url from http://www.suse.de/feedback to https://github.com/openSUSE/aaa_base/issues ----------------------------------------- Patch: SUSE-2020-668 Released: Fri Mar 13 10:48:58 2020 Summary: Security update for glibc Severity: moderate References: 1163184,1164505,1165784,CVE-2020-10029 Description: This update for glibc fixes the following issues: - CVE-2020-10029: Fixed a potential overflow in on-stack buffer during range reduction (bsc#1165784). - Fixed an issue where pthread were not always locked correctly (bsc#1164505). - Document mprotect and introduce section on memory protection (bsc#1163184). ----------------------------------------- Patch: SUSE-2020-689 Released: Fri Mar 13 17:09:01 2020 Summary: Recommended update for pam Severity: moderate References: 1166510 Description: This update for PAM fixes the following issue: - The license of libdb linked against pam_userdb is not always wanted, so we temporary disabled pam_userdb again. It will be published in a different package at a later time. (bsc#1166510) ----------------------------------------- Patch: SUSE-2020-475 Released: Thu Mar 19 11:00:46 2020 Summary: Recommended update for systemd Severity: moderate References: 1160595 Description: This update for systemd fixes the following issues: - Remove TasksMax limit for both user and system slices (jsc#SLE-10123) - Backport IP filtering feature (jsc#SLE-7743 bsc#1160595) ----------------------------------------- Patch: SUSE-2020-729 Released: Thu Mar 19 14:44:22 2020 Summary: Recommended update for glibc Severity: moderate References: 1166106 Description: This update for glibc fixes the following issues: - Allow dlopen of filter object to work (bsc#1166106, BZ #16272) ----------------------------------------- Patch: SUSE-2020-777 Released: Tue Mar 24 18:07:52 2020 Summary: Recommended update for python3 Severity: moderate References: 1165894 Description: This update for python3 fixes the following issue: - Rename idle icons to idle3 in order to not conflict with python2 variant of the package (bsc#1165894) ----------------------------------------- Patch: SUSE-2020-793 Released: Wed Mar 25 15:16:00 2020 Summary: Recommended update for systemd Severity: moderate References: 1139459,1161262,1162108,1164717,1165579,CVE-2020-1712 Description: This update for systemd fixes the following issues: - manager: fix job mode when signalled to shutdown etc (bsc#1161262) - remove fallback for user/exit.target - dbus method Manager.Exit() does not start exit.target - do not install rescue.target for alt-↑ - %j/%J unit specifiers Added support for I/O scheduler selection with blk-mq (bsc#1165579, bsc#1164717). Added the udev 60-ssd-scheduler.rules: - This rules file which select the default IO scheduler for SSDs is being moved out from the git repo since this is not related to systemd or udev at all and is maintained by the kernel team. - core: coldplug possible nop_job (bsc#1139459) - Revert 'udev: use 'deadline' IO scheduler for SSD disks' - Fix typo in function name - polkit: when authorizing via PK let's re-resolve callback/userdata instead of caching it (bsc#1162108 CVE-2020-1712) - sd-bus: introduce API for re-enqueuing incoming messages - polkit: on async pk requests, re-validate action/details ----------------------------------------- Patch: SUSE-2020-820 Released: Tue Mar 31 13:02:22 2020 Summary: Security update for glibc Severity: important References: 1167631,CVE-2020-1752 Description: This update for glibc fixes the following issues: - CVE-2020-1752: Fixed a use after free in glob which could have allowed a local attacker to create a specially crafted path that, when processed by the glob function, could potentially have led to arbitrary code execution (bsc#1167631). ----------------------------------------- Patch: SUSE-2020-846 Released: Thu Apr 2 07:24:07 2020 Summary: Recommended update for libgcrypt Severity: moderate References: 1164950,1166748,1167674 Description: This update for libgcrypt fixes the following issues: - FIPS: Remove an unneeded check in _gcry_global_constructor (bsc#1164950) - FIPS: Fix drbg to be threadsafe (bsc#1167674) - FIPS: Run self-tests from constructor during power-on [bsc#1166748] * Set up global_init as the constructor function: * Relax the entropy requirements on selftest. This is especially important for virtual machines to boot properly before the RNG is available: ----------------------------------------- Patch: SUSE-2020-917 Released: Fri Apr 3 15:02:25 2020 Summary: Recommended update for pam Severity: moderate References: 1166510 Description: This update for pam fixes the following issues: - Moved pam_userdb into a separate package pam-extra. (bsc#1166510) ----------------------------------------- Patch: SUSE-2020-948 Released: Wed Apr 8 07:44:21 2020 Summary: Security update for gmp, gnutls, libnettle Severity: moderate References: 1152692,1155327,1166881,1168345,CVE-2020-11501 Description: This update for gmp, gnutls, libnettle fixes the following issues: Security issue fixed: - CVE-2020-11501: Fixed zero random value in DTLS client hello (bsc#1168345) FIPS related bugfixes: - FIPS: Install checksums for binary integrity verification which are required when running in FIPS mode (bsc#1152692, jsc#SLE-9518) - FIPS: Fixed a cfb8 decryption issue, no longer truncate output IV if input is shorter than block size. (bsc#1166881) - FIPS: Added Diffie Hellman public key verification test. (bsc#1155327) ----------------------------------------- Patch: SUSE-2020-959 Released: Wed Apr 8 12:59:50 2020 Summary: Security update for python-PyYAML Severity: important References: 1165439,CVE-2020-1747 Description: This update for python-PyYAML fixes the following issues: - CVE-2020-1747: Fixed an arbitrary code execution when YAML files are parsed by FullLoader (bsc#1165439). ----------------------------------------- Patch: SUSE-2020-961 Released: Wed Apr 8 13:34:06 2020 Summary: Recommended update for e2fsprogs Severity: moderate References: 1160979 Description: This update for e2fsprogs fixes the following issues: - e2fsck: clarify overflow link count error message (bsc#1160979) - ext2fs: update allocation info earlier in ext2fs_mkdir() (bsc#1160979) - ext2fs: implement dir entry creation in htree directories (bsc#1160979) - tests: add test to excercise indexed directories with metadata_csum (bsc#1160979) - tune2fs: update dir checksums when clearing dir_index feature (bsc#1160979) ----------------------------------------- Patch: SUSE-2020-967 Released: Thu Apr 9 11:41:53 2020 Summary: Security update for libssh Severity: moderate References: 1168699,CVE-2020-1730 Description: This update for libssh fixes the following issues: - CVE-2020-1730: Fixed a possible denial of service when using AES-CTR (bsc#1168699). ----------------------------------------- Patch: SUSE-2020-1000 Released: Wed Apr 15 14:18:57 2020 Summary: Recommended update for azure-cli tools, python-adal, python-applicationinsights, python-azure modules, python-msrest, python-msrestazure, python-pydocumentdb, python-uamqp, python-vsts-cd-manager Severity: moderate References: 1014478,1054413,1140565,982804,999200 Description: This update for azure-cli tools, python-adal, python-applicationinsights, python-azure modules, python-msrest, python-msrestazure, python-pydocumentdb, python-uamqp, python-vsts-cd-manager fixes the following issues: The Azure python modules and client tool stack was updated to the 2020 state. Various other python modules were added and updated. - python-PyYAML was updated to 5.1.2. - python-humanfriendly was updated 4.16.1. ----------------------------------------- Patch: SUSE-2020-1037 Released: Mon Apr 20 10:49:39 2020 Summary: Recommended update for python-pytest Severity: low References: 1002895,1107105,1138666,1167732 Description: This update fixes the following issues: New python-pytest versions are provided. In Basesystem: - python3-pexpect: updated to 4.8.0 - python3-py: updated to 1.8.1 - python3-zipp: shipped as dependency in version 0.6.0 In Python2: - python2-pexpect: updated to 4.8.0 - python2-py: updated to 1.8.1 ----------------------------------------- Patch: SUSE-2020-1063 Released: Wed Apr 22 10:46:50 2020 Summary: Recommended update for libgcrypt Severity: moderate References: 1165539,1169569 Description: This update for libgcrypt fixes the following issues: This update for libgcrypt fixes the following issues: - FIPS: Switch the PCT to use the new signature operation (bsc#1165539) - FIPS: Verify that the generated signature and the original input differ in test_keys function for RSA, DSA and ECC (bsc#1165539) - Add zero-padding when qx and qy have different lengths when assembling the Q point from affine coordinates. - Ship the FIPS checksum file in the shared library package and create a separate trigger file for the FIPS selftests (bsc#1169569) ----------------------------------------- Patch: SUSE-2020-1094 Released: Thu Apr 23 16:34:21 2020 Summary: Recommended update for python-google-api-python-client Severity: moderate References: 1088358,1160933 Description: This update for python-google-api-python-client fixes the following issues: - Fix dependencies to use google-auth instead of deprecated oauth2client (bsc#1160933, jsc#ECO-1148) python-cachetools 2.0.1 is shipped to the Public Cloud Module. python-google-auth 1.5.1 is shipped to the Public Cloud Module. python-google-api-python-client was updated to: - Upgrade to 1.7.4: just series of minor bugfixes - Fix check for error text on Python 3.7. (#278) - Use new Auth URIs. (#281) - Add code-of-conduct document. (#270) - Fix some typos in test_urllib3.py (#268) - Warn when using user credentials from the Cloud SDK (#266) - Add compute engine-based IDTokenCredentials (#236) - Corrected some typos (#265) Update to 1.4.2: - Raise a helpful exception when trying to refresh credentials without a refresh token. (#262) - Fix links to README and CONTRIBUTING in docs/index.rst. (#260) - Fix a typo in credentials.py. (#256) - Use pytest instead of py.test per upstream recommendation, #dropthedot. (#255) - Fix typo on exemple of jwt usage (#245) New upstream release 1.4.1 (bsc#1088358) - Added a check for the cryptography version before attempting to use it. + From version 1.4.0 - Added `cryptography`-based RSA signer and verifier. - Added `google.oauth2.service_account.IDTokenCredentials`. - Improved documentation around ID Tokens + From version 1.3.0 - Added ``google.oauth2.credentials.Credentials.from_authorized_user_file``. - Dropped direct pyasn1 dependency in favor of letting ``pyasn1-modules`` specify the right version. - ``default()`` now checks for the project ID environment var before warning about missing project ID. - Fixed the docstrings for ``has_scopes()`` and ``with_scopes()``. - Fixed example in docstring for ``ReadOnlyScoped``. - Made ``transport.requests`` use timeouts and retries to improve reliability. ----------------------------------------- Patch: SUSE-2020-1175 Released: Tue May 5 08:33:43 2020 Summary: Recommended update for systemd Severity: moderate References: 1165011,1168076 Description: This update for systemd fixes the following issues: - Fix check for address to keep interface names stable. (bsc#1168076) - Fix for checking non-normalized WHAT for network FS. (bsc#1165011) - Allow to specify an arbitrary string for when vfs is used. (bsc#1165011) ----------------------------------------- Patch: SUSE-2020-1214 Released: Thu May 7 11:20:34 2020 Summary: Recommended update for libgcrypt Severity: moderate References: 1169944 Description: This update for libgcrypt fixes the following issues: - FIPS: libgcrypt: Fixed a double free in test_keys() on failed signature verification (bsc#1169944) ----------------------------------------- Patch: SUSE-2020-1219 Released: Thu May 7 17:10:42 2020 Summary: Security update for openldap2 Severity: important References: 1170771,CVE-2020-12243 Description: This update for openldap2 fixes the following issues: - CVE-2020-12243: Fixed a denial of service related to recursive filters (bsc#1170771). ----------------------------------------- Patch: SUSE-2020-1226 Released: Fri May 8 10:51:05 2020 Summary: Recommended update for gcc9 Severity: moderate References: 1149995,1152590,1167898 Description: This update for gcc9 fixes the following issues: This update ships the GCC 9.3 release. - Includes a fix for Internal compiler error when building HepMC (bsc#1167898) - Includes fix for binutils version parsing - Add libstdc++6-pp provides and conflicts to avoid file conflicts with same minor version of libstdc++6-pp from gcc10. - Add gcc9 autodetect -g at lto link (bsc#1149995) - Install go tool buildid for bootstrapping go ----------------------------------------- Patch: SUSE-2020-1294 Released: Mon May 18 07:38:36 2020 Summary: Security update for file Severity: moderate References: 1154661,1169512,CVE-2019-18218 Description: This update for file fixes the following issues: Security issues fixed: - CVE-2019-18218: Fixed a heap-based buffer overflow in cdf_read_property_info() (bsc#1154661). Non-security issue fixed: - Fixed broken '--help' output (bsc#1169512). ----------------------------------------- Patch: SUSE-2020-1299 Released: Mon May 18 07:43:21 2020 Summary: Security update for libxml2 Severity: moderate References: 1159928,1161517,1161521,CVE-2019-19956,CVE-2019-20388,CVE-2020-7595 Description: This update for libxml2 fixes the following issues: - CVE-2019-20388: Fixed a memory leak in xmlSchemaPreRun (bsc#1161521). - CVE-2019-19956: Fixed a memory leak (bsc#1159928). - CVE-2020-7595: Fixed an infinite loop in an EOF situation (bsc#1161517). ----------------------------------------- Patch: SUSE-2020-1328 Released: Mon May 18 17:16:04 2020 Summary: Recommended update for grep Severity: moderate References: 1155271 Description: This update for grep fixes the following issues: - Update testsuite expectations, no functional changes (bsc#1155271) ----------------------------------------- Patch: SUSE-2020-1342 Released: Tue May 19 13:27:31 2020 Summary: Recommended update for python3 Severity: moderate References: 1149955,1165894,CVE-2019-16056 Description: This update for python3 fixes the following issues: - Changed the name of idle3 icons to idle3.png to avoid collision with Python 2 version (bsc#1165894). ----------------------------------------- Patch: SUSE-2020-1361 Released: Thu May 21 09:31:18 2020 Summary: Recommended update for libgcrypt Severity: moderate References: 1171872 Description: This update for libgcrypt fixes the following issues: - FIPS: RSA/DSA/ECC test_keys() print out debug messages only in debug mode (bsc#1171872) ----------------------------------------- Patch: SUSE-2020-1400 Released: Mon May 25 14:09:02 2020 Summary: Recommended update for glibc Severity: moderate References: 1162930 Description: This update for glibc fixes the following issues: - nptl: wait for pending setxid request also in detached thread. (bsc#1162930) ----------------------------------------- Patch: SUSE-2020-1404 Released: Mon May 25 15:32:34 2020 Summary: Recommended update for zlib Severity: moderate References: 1138793,1166260 Description: This update for zlib fixes the following issues: - Including the latest fixes from IBM (bsc#1166260) IBM Z mainframes starting from version z15 provide DFLTCC instruction, which implements deflate algorithm in hardware with estimated compression and decompression performance orders of magnitude faster than the current zlib and ratio comparable with that of level 1. - Add SUSE specific fix to solve bsc#1138793. The fix will avoid to test if the app was linked with exactly same version of zlib like the one that is present on the runtime. ----------------------------------------- Patch: SUSE-2020-1492 Released: Wed May 27 18:32:41 2020 Summary: Recommended update for python-rpm-macros Severity: moderate References: 1171561 Description: This update for python-rpm-macros fixes the following issue: - Update to version 20200207.5feb6c1 (bsc#1171561) * Do not write .pyc files for tests ----------------------------------------- Patch: SUSE-2020-1496 Released: Wed May 27 20:30:31 2020 Summary: Recommended update for python-requests Severity: low References: 1170175 Description: This update for python-requests fixes the following issues: - Fix for warnings 'test fails to build' for python http. (bsc#1170175) ----------------------------------------- Patch: SUSE-2020-1506 Released: Fri May 29 17:22:11 2020 Summary: Recommended update for aaa_base Severity: moderate References: 1087982,1170527 Description: This update for aaa_base fixes the following issues: - Not all XTerm based emulators do have a terminfo entry. (bsc#1087982) - Better support of Midnight Commander. (bsc#1170527) ----------------------------------------- Patch: SUSE-2020-1532 Released: Thu Jun 4 10:16:12 2020 Summary: Security update for libxml2 Severity: moderate References: 1172021,CVE-2019-19956 Description: This update for libxml2 fixes the following issues: - CVE-2019-19956: Reverted the upstream fix for this memory leak because it introduced other, more severe vulnerabilities (bsc#1172021). ----------------------------------------- Patch: SUSE-2020-1682 Released: Fri Jun 19 09:44:54 2020 Summary: Security update for perl Severity: important References: 1171863,1171864,1171866,1172348,CVE-2020-10543,CVE-2020-10878,CVE-2020-12723 Description: This update for perl fixes the following issues: - CVE-2020-10543: Fixed a heap buffer overflow in regular expression compiler which could have allowed overwriting of allocated memory with attacker's data (bsc#1171863). - CVE-2020-10878: Fixed multiple integer overflows which could have allowed the insertion of instructions into the compiled form of Perl regular expression (bsc#1171864). - CVE-2020-12723: Fixed an attacker's corruption of the intermediate language state of a compiled regular expression (bsc#1171866). - Fixed a bad warning in features.ph (bsc#1172348). ----------------------------------------- Patch: SUSE-2020-1733 Released: Wed Jun 24 09:43:36 2020 Summary: Security update for curl Severity: important References: 1173026,1173027,CVE-2020-8169,CVE-2020-8177 Description: This update for curl fixes the following issues: - CVE-2020-8177: Fixed an issue where curl could have been tricked by a malicious server to overwrite a local file when using the -J option (bsc#1173027). - CVE-2020-8169: Fixed an issue where could have led to partial password leak over DNS on HTTP redirect (bsc#1173026). ----------------------------------------- Patch: SUSE-2020-1759 Released: Thu Jun 25 18:44:37 2020 Summary: Recommended update for krb5 Severity: moderate References: 1169357 Description: This update for krb5 fixes the following issue: - Call systemd to reload the services instead of init-scripts. (bsc#1169357) ----------------------------------------- Patch: SUSE-2020-1760 Released: Thu Jun 25 18:46:13 2020 Summary: Recommended update for systemd Severity: moderate References: 1157315,1162698,1164538,1169488,1171145,1172072 Description: This update for systemd fixes the following issues: - Merge branch 'SUSE/v234' into SLE15 units: starting suspend.target should not fail when suspend is successful (bsc#1172072) core/mount: do not add Before=local-fs.target or remote-fs.target if nofail mount option is set mount: let mount_add_extras() take care of remote-fs.target deps (bsc#1169488) mount: set up local-fs.target/remote-fs.target deps in mount_add_default_dependencies() too udev: rename the persistent link for ATA devices (bsc#1164538) shared/install: try harder to find enablement symlinks when disabling a unit (bsc#1157315) tmpfiles: remove unnecessary assert (bsc#1171145) test-engine: manager_free() was called too early pid1: by default make user units inherit their umask from the user manager (bsc#1162698) ----------------------------------------- Patch: SUSE-2020-1822 Released: Thu Jul 2 11:30:42 2020 Summary: Security update for python3 Severity: important References: 1173274,CVE-2020-14422 Description: This update for python3 fixes the following issues: - CVE-2020-14422: Fixed an improper computation of hash values in the IPv4Interface and IPv6Interface could have led to denial of service (bsc#1173274). ----------------------------------------- Patch: SUSE-2020-1396 Released: Fri Jul 3 12:33:05 2020 Summary: Security update for zstd Severity: moderate References: 1082318,1133297 Description: This update for zstd fixes the following issues: - Fix for build error caused by wrong static libraries. (bsc#1133297) - Correction in spec file marking the license as documentation. (bsc#1082318) - Add new package for SLE-15. (jsc#ECO-1886) ----------------------------------------- Patch: SUSE-2020-1856 Released: Mon Jul 6 17:05:51 2020 Summary: Security update for openldap2 Severity: important References: 1172698,1172704,CVE-2020-8023 Description: This update for openldap2 fixes the following issues: - CVE-2020-8023: Fixed a potential local privilege escalation from ldap to root when OPENLDAP_CONFIG_BACKEND='ldap' was used (bsc#1172698). - Changed DB_CONFIG to root:ldap permissions (bsc#1172704). ----------------------------------------- Patch: SUSE-2020-1938 Released: Thu Jul 16 14:43:32 2020 Summary: Recommended update for libsolv, libzypp, zypper Severity: moderate References: 1169947,1170801,1172925,1173106 Description: This update for libsolv, libzypp, zypper fixes the following issues: libsolv was updated to: - Enable zstd compression support for sle15 zypper was updated to version 1.14.37: - Print switch abbrev warning to stderr (bsc#1172925) - Fix typo in man page (bsc#1169947) libzypp was updated to 17.24.0 - Fix core dump with corrupted history file (bsc#1170801) - Enable zchunk metadata download if libsolv supports it. - Better handling of the purge-kernels algorithm. (bsc#1173106) ----------------------------------------- Patch: SUSE-2020-1954 Released: Sat Jul 18 03:07:15 2020 Summary: Recommended update for cracklib Severity: moderate References: 1172396 Description: This update for cracklib fixes the following issues: - Fixed a buffer overflow when processing long words. ----------------------------------------- Patch: SUSE-2020-1987 Released: Tue Jul 21 17:02:15 2020 Summary: Recommended update for libsolv, libzypp, yast2-packager, yast2-pkg-bindings Severity: important References: 1172477,1173336,1174011 Description: This update for libsolv, libzypp, yast2-packager, yast2-pkg-bindings fixes the following issues: libsolv: - No source changes, just shipping it as an installer update (required by yast2-pkg-bindings). libzypp: - Proactively send credentials if the URL specifes '?auth=basic' and a username. (bsc#1174011) - ZYPP_MEDIA_CURL_DEBUG: Strip credentials in header log. (bsc#1174011) yast2-packager: - Handle variable expansion in repository name. (bsc#1172477) - Improve medium type detection, do not report Online medium when the /media.1/products file is missing in the repository, SMT does not mirror this file. (bsc#1173336) yast2-pkg-bindings: - Extensions to handle raw repository name. (bsc#1172477) ----------------------------------------- Patch: SUSE-2020-2083 Released: Thu Jul 30 10:27:59 2020 Summary: Recommended update for diffutils Severity: moderate References: 1156913 Description: This update for diffutils fixes the following issue: - Disable a sporadically failing test for ppc64 and ppc64le builds. (bsc#1156913) ----------------------------------------- Patch: SUSE-2020-2099 Released: Fri Jul 31 08:06:40 2020 Summary: Recommended update for systemd Severity: moderate References: 1173227,1173229,1173422 Description: This update for systemd fixes the following issues: - migrate-sysconfig-i18n.sh: fixed marker handling (bsc#1173229) The marker is used to make sure the script is run only once. Instead of storing it in /usr, use /var which is more appropriate for such file. Also make it owned by systemd package. - Fix inconsistent file modes for some ghost files (bsc#1173227) Ghost files are assumed by rpm to have mode 000 by default which is not consistent with file permissions set at runtime. Also /var/lib/systemd/random-seed was tracked wrongly as a directory. Also don't track (ghost) /etc/systemd/system/runlevel*.target aliases since we're not supposed to track units or aliases user might define/override. - Fix build of systemd on openSUSE Leap 15.2 (bsc#1173422) ----------------------------------------- Patch: SUSE-2020-2148 Released: Thu Aug 6 13:36:17 2020 Summary: Recommended update for ca-certificates-mozilla Severity: important References: 1174673 Description: This update for ca-certificates-mozilla fixes the following issues: Update to 2.42 state of the Mozilla NSS Certificate store (bsc#1174673) Removed CAs: * AddTrust External CA Root * AddTrust Class 1 CA Root * LuxTrust Global Root 2 * Staat der Nederlanden Root CA - G2 * Symantec Class 1 Public Primary Certification Authority - G4 * Symantec Class 2 Public Primary Certification Authority - G4 * VeriSign Class 3 Public Primary Certification Authority - G3 Added CAs: * certSIGN Root CA G2 * e-Szigno Root CA 2017 * Microsoft ECC Root Certificate Authority 2017 * Microsoft RSA Root Certificate Authority 2017 ----------------------------------------- Patch: SUSE-2020-2224 Released: Thu Aug 13 09:15:47 2020 Summary: Recommended update for glibc Severity: moderate References: 1171878,1172085 Description: This update for glibc fixes the following issues: - Fix concurrent changes on nscd aware files appeared by 'getent' when the NSCD cache was enabled. (bsc#1171878, BZ #23178) - Implement correct locking and cancellation cleanup in syslog functions. (bsc#1172085, BZ #26100) ----------------------------------------- Patch: SUSE-2020-2277 Released: Wed Aug 19 13:24:03 2020 Summary: Security update for python3 Severity: moderate References: 1174091,CVE-2019-20907 Description: This update for python3 fixes the following issues: - bsc#1174091, CVE-2019-20907: avoiding possible infinite loop in specifically crafted tarball. ----------------------------------------- Patch: SUSE-2020-2278 Released: Wed Aug 19 21:26:08 2020 Summary: Recommended update for util-linux Severity: moderate References: 1149911,1151708,1168235,1168389 Description: This update for util-linux fixes the following issues: - blockdev: Do not fail --report on kpartx-style partitions on multipath. (bsc#1168235) - nologin: Add support for -c to prevent error from su -c. (bsc#1151708) - Avoid triggering autofs in lookup_umount_fs_by_statfs. (bsc#1168389) - mount: Fall back to device node name if /dev/mapper link not found. (bsc#1149911) ----------------------------------------- Patch: SUSE-2020-2384 Released: Sat Aug 29 00:57:13 2020 Summary: Recommended update for e2fsprogs Severity: low References: 1170964 Description: This update for e2fsprogs fixes the following issues: - Fix for an issue when system message with placeholders are not properly replaced. (bsc#1170964) ----------------------------------------- Patch: SUSE-2020-2411 Released: Tue Sep 1 13:28:47 2020 Summary: Recommended update for systemd Severity: moderate References: 1142733,1146991,1158336,1172195,1172824,1173539 Description: This update for systemd fixes the following issues: - Improve logging when PID1 fails at setting a namespace up when spawning a command specified by 'Exec*='. (bsc#1172824, bsc#1142733) pid1: improve message when setting up namespace fails. execute: let's close glibc syslog channels too. execute: normalize logging in *execute.c*. execute: fix typo in error message. execute: drop explicit *log_open()*/*log_close()* now that it is unnecessary. execute: make use of the new logging mode in *execute.c* log: add a mode where we open the log fds for every single log message. log: let's make use of the fact that our functions return the negative error code for *log_oom()* too. execute: downgrade a log message ERR → WARNING, since we proceed ignoring its result. execute: rework logging in *setup_keyring()* to include unit info. execute: improve and augment execution log messages. - vconsole-setup: downgrade log message when setting font fails on dummy console. (bsc#1172195 bsc#1173539) - fix infinite timeout. (bsc#1158336) - bpf: mount bpffs by default on boot. (bsc#1146991) - man: explain precedence for options which take a list. - man: unify titling, fix description of precedence in sysusers.d(5) - udev-event: fix timeout log messages. ----------------------------------------- Patch: SUSE-2020-2420 Released: Tue Sep 1 13:48:35 2020 Summary: Recommended update for zlib Severity: moderate References: 1174551,1174736 Description: This update for zlib provides the following fixes: - Permit a deflateParams() parameter change as soon as possible. (bsc#1174736) - Fix DFLTCC not flushing EOBS when creating raw streams. (bsc#1174551) ----------------------------------------- Patch: SUSE-2020-2445 Released: Wed Sep 2 09:33:02 2020 Summary: Security update for curl Severity: moderate References: 1175109,CVE-2020-8231 Description: This update for curl fixes the following issues: - An application that performs multiple requests with libcurl's multi API and sets the 'CURLOPT_CONNECT_ONLY' option, might in rare circumstances experience that when subsequently using the setup connect-only transfer, libcurl will pick and use the wrong connection and instead pick another one the application has created since then. [bsc#1175109, CVE-2020-8231] ----------------------------------------- Patch: SUSE-2020-2549 Released: Fri Sep 4 18:25:07 2020 Summary: Recommended update for OpenStack clients Severity: moderate References: 1121610,1174571,917818 Description: Updated OpenStack clients to the latest OpenStack release named Ussuri. ----------------------------------------- Patch: SUSE-2020-2581 Released: Wed Sep 9 13:07:07 2020 Summary: Security update for openldap2 Severity: moderate References: 1174154,CVE-2020-15719 Description: This update for openldap2 fixes the following issues: - bsc#1174154 - CVE-2020-15719 - This resolves an issue with x509 SAN's falling back to CN validation in violation of rfc6125. ----------------------------------------- Patch: SUSE-2020-2612 Released: Fri Sep 11 11:18:01 2020 Summary: Security update for libxml2 Severity: moderate References: 1176179,CVE-2020-24977 Description: This update for libxml2 fixes the following issues: - CVE-2020-24977: Fixed a global-buffer-overflow in xmlEncodeEntitiesInternal (bsc#1176179). ----------------------------------------- Patch: SUSE-2020-2651 Released: Wed Sep 16 14:42:55 2020 Summary: Recommended update for zlib Severity: moderate References: 1175811,1175830,1175831 Description: This update for zlib fixes the following issues: - Fix compression level switching (bsc#1175811, bsc#1175830, bsc#1175831) - Enable hardware compression on s390/s390x (jsc#SLE-13776) ----------------------------------------- Patch: SUSE-2020-2704 Released: Tue Sep 22 15:06:36 2020 Summary: Recommended update for krb5 Severity: moderate References: 1174079 Description: This update for krb5 fixes the following issue: - Fix prefix reported by krb5-config, libraries and headers are not installed under /usr/lib/mit prefix. (bsc#1174079) ----------------------------------------- Patch: SUSE-2020-2712 Released: Tue Sep 22 17:08:03 2020 Summary: Security update for openldap2 Severity: moderate References: 1175568,CVE-2020-8027 Description: This update for openldap2 fixes the following issues: - CVE-2020-8027: openldap_update_modules_path.sh starts daemons unconditionally and uses fixed paths in /tmp (bsc#1175568). ----------------------------------------- Patch: SUSE-2020-2819 Released: Thu Oct 1 10:39:16 2020 Summary: Recommended update for libzypp, zypper Severity: moderate References: 1165424,1173273,1173529,1174240,1174561,1174918,1175342,1175592 Description: This update for libzypp, zypper provides the following fixes: Changes in libzypp: - VendorAttr: Const-correct API and let Target provide its settings. (bsc#1174918) - Support buildnr with commit hash in purge-kernels. This adds special behaviour for when a kernel version has the rebuild counter before the kernel commit hash. (bsc#1175342) - Improve Italian translation of the 'breaking dependencies' message. (bsc#1173529) - Make sure reading from lsof does not block forever. (bsc#1174240) - Just collect details for the signatures found. Changes in zypper: - man: Enhance description of the global package cache. (bsc#1175592) - man: Point out that plain rpm packages are not downloaded to the global package cache. (bsc#1173273) - Directly list subcommands in 'zypper help'. (bsc#1165424) - Remove extern C block wrapping augeas.h as it breaks the build on Arch Linux. - Point out that plaindir repos do not follow symlinks. (bsc#1174561) - Fix help command for list-patches. ----------------------------------------- Patch: SUSE-2020-2852 Released: Fri Oct 2 16:55:39 2020 Summary: Recommended update for openssl-1_1 Severity: moderate References: 1173470,1175844 Description: This update for openssl-1_1 fixes the following issues: FIPS: * Include ECDH/DH Requirements from SP800-56Arev3 (bsc#1175844, bsc#1173470). * Add shared secret KAT to FIPS DH selftest (bsc#1175844). ----------------------------------------- Patch: SUSE-2020-2864 Released: Tue Oct 6 10:34:14 2020 Summary: Security update for gnutls Severity: moderate References: 1176086,1176181,1176671,CVE-2020-24659 Description: This update for gnutls fixes the following issues: - Fix heap buffer overflow in handshake with no_renegotiation alert sent (CVE-2020-24659 bsc#1176181) - FIPS: Implement (EC)DH requirements from SP800-56Arev3 (bsc#1176086) - FIPS: Use 2048 bit prime in DH selftest (bsc#1176086) - FIPS: Add TLS KDF selftest (bsc#1176671) ----------------------------------------- Patch: SUSE-2020-2869 Released: Tue Oct 6 16:13:20 2020 Summary: Recommended update for aaa_base Severity: moderate References: 1011548,1153943,1153946,1161239,1171762 Description: This update for aaa_base fixes the following issues: - DIR_COLORS (bug#1006973): - add screen.xterm-256color - add TERM rxvt-unicode-256color - sort and merge TERM entries in etc/DIR_COLORS - check for Packages.db and use this instead of Packages. (bsc#1171762) - Rename path() to _path() to avoid using a general name. - refresh_initrd call modprobe as /sbin/modprobe (bsc#1011548) - etc/profile add some missing ;; in case esac statements - profile and csh.login: on s390x set TERM to dumb on dumb terminal (bsc#1153946) - backup-rpmdb: exit if zypper is running (bsc#1161239) - Add color alias for ip command (jsc#sle-9880, jsc#SLE-7679, bsc#1153943) ----------------------------------------- Version 1-Build4.2.38 2020-10-13T11:21:22 ----------------------------------------- Patch: SUSE-2020-2893 Released: Mon Oct 12 14:14:55 2020 Summary: Recommended update for openssl-1_1 Severity: moderate References: 1177479 Description: This update for openssl-1_1 fixes the following issues: - Restore private key check in EC_KEY_check_key (bsc#1177479) ----------------------------------------- Version 1-Build4.2.41 2020-10-16T07:59:15 ----------------------------------------- Patch: SUSE-2020-2901 Released: Tue Oct 13 14:22:43 2020 Summary: Security update for libproxy Severity: important References: 1176410,1177143,CVE-2020-25219,CVE-2020-26154 Description: This update for libproxy fixes the following issues: - CVE-2020-25219: Rewrote url::recvline to be nonrecursive (bsc#1176410). - CVE-2020-26154: Fixed a buffer overflow when PAC is enabled (bsc#1177143). ----------------------------------------- Patch: SUSE-2020-2914 Released: Tue Oct 13 17:25:20 2020 Summary: Security update for bind Severity: moderate References: 1100369,1109160,1118367,1118368,1128220,1156205,1157051,1161168,1170667,1170713,1171313,1171740,1172958,1173307,1173311,1173983,1175443,1176092,1176674,906079,CVE-2017-3136,CVE-2018-5741,CVE-2019-6477,CVE-2020-8616,CVE-2020-8617,CVE-2020-8618,CVE-2020-8619,CVE-2020-8620,CVE-2020-8621,CVE-2020-8622,CVE-2020-8623,CVE-2020-8624 Description: This update for bind fixes the following issues: BIND was upgraded to version 9.16.6: Note: - bind is now more strict in regards to DNSSEC. If queries are not working, check for DNSSEC issues. For instance, if bind is used in a namserver forwarder chain, the forwarding DNS servers must support DNSSEC. Fixing security issues: - CVE-2020-8616: Further limit the number of queries that can be triggered from a request. Root and TLD servers are no longer exempt from max-recursion-queries. Fetches for missing name server. (bsc#1171740) Address records are limited to 4 for any domain. - CVE-2020-8617: Replaying a TSIG BADTIME response as a request could trigger an assertion failure. (bsc#1171740) - CVE-2019-6477: Fixed an issue where TCP-pipelined queries could bypass the tcp-clients limit (bsc#1157051). - CVE-2018-5741: Fixed the documentation (bsc#1109160). - CVE-2020-8618: It was possible to trigger an INSIST when determining whether a record would fit into a TCP message buffer (bsc#1172958). - CVE-2020-8619: It was possible to trigger an INSIST in lib/dns/rbtdb.c:new_reference() with a particular zone content and query patterns (bsc#1172958). - CVE-2020-8624: 'update-policy' rules of type 'subdomain' were incorrectly treated as 'zonesub' rules, which allowed keys used in 'subdomain' rules to update names outside of the specified subdomains. The problem was fixed by making sure 'subdomain' rules are again processed as described in the ARM (bsc#1175443). - CVE-2020-8623: When BIND 9 was compiled with native PKCS#11 support, it was possible to trigger an assertion failure in code determining the number of bits in the PKCS#11 RSA public key with a specially crafted packet (bsc#1175443). - CVE-2020-8621: named could crash in certain query resolution scenarios where QNAME minimization and forwarding were both enabled (bsc#1175443). - CVE-2020-8620: It was possible to trigger an assertion failure by sending a specially crafted large TCP DNS message (bsc#1175443). - CVE-2020-8622: It was possible to trigger an assertion failure when verifying the response to a TSIG-signed request (bsc#1175443). Other issues fixed: - Add engine support to OpenSSL EdDSA implementation. - Add engine support to OpenSSL ECDSA implementation. - Update PKCS#11 EdDSA implementation to PKCS#11 v3.0. - Warn about AXFR streams with inconsistent message IDs. - Make ISC rwlock implementation the default again. - Fixed issues when using cookie-secrets for AES and SHA2 (bsc#1161168) - Installed the default files in /var/lib/named and created chroot environment on systems using transactional-updates (bsc#1100369, fate#325524) - Fixed an issue where bind was not working in FIPS mode (bsc#906079). - Fixed dependency issues (bsc#1118367 and bsc#1118368). - GeoIP support is now discontinued, now GeoIP2 is used(bsc#1156205). - Fixed an issue with FIPS (bsc#1128220). - The liblwres library is discontinued upstream and is no longer included. - Added service dependency on NTP to make sure the clock is accurate when bind is starts (bsc#1170667, bsc#1170713). - Reject DS records at the zone apex when loading master files. Log but otherwise ignore attempts to add DS records at the zone apex via UPDATE. - The default value of 'max-stale-ttl' has been changed from 1 week to 12 hours. - Zone timers are now exported via statistics channel. - The 'primary' and 'secondary' keywords, when used as parameters for 'check-names', were not processed correctly and were being ignored. - 'rndc dnstap -roll ' did not limit the number of saved files to . - Add 'rndc dnssec -status' command. - Addressed a couple of situations where named could crash. - Changed /var/lib/named to owner root:named and perms rwxrwxr-t so that named, being a/the only member of the 'named' group has full r/w access yet cannot change directories owned by root in the case of a compromized named. [bsc#1173307, bind-chrootenv.conf] - Added '/etc/bind.keys' to NAMED_CONF_INCLUDE_FILES in /etc/sysconfig/named to suppress warning message re missing file (bsc#1173983). - Removed '-r /dev/urandom' from all invocations of rndc-confgen (init/named system/lwresd.init system/named.init in vendor-files) as this option is deprecated and causes rndc-confgen to fail. (bsc#1173311, bsc#1176674, bsc#1170713) - /usr/bin/genDDNSkey: Removing the use of the -r option in the call of /usr/sbin/dnssec-keygen as BIND now uses the random number functions provided by the crypto library (i.e., OpenSSL or a PKCS#11 provider) as a source of randomness rather than /dev/random. Therefore the -r command line option no longer has any effect on dnssec-keygen. Leaving the option in genDDNSkey as to not break compatibility. Patch provided by Stefan Eisenwiener. [bsc#1171313] - Put libns into a separate subpackage to avoid file conflicts in the libisc subpackage due to different sonums (bsc#1176092). - Require /sbin/start_daemon: both init scripts, the one used in systemd context as well as legacy sysv, make use of start_daemon. ----------------------------------------- Version 1-Build4.2.44 2020-10-18T07:58:55 ----------------------------------------- Patch: SUSE-2020-2947 Released: Fri Oct 16 15:23:07 2020 Summary: Security update for gcc10, nvptx-tools Severity: moderate References: 1172798,1172846,1173972,1174753,1174817,1175168,CVE-2020-13844 Description: This update for gcc10, nvptx-tools fixes the following issues: This update provides the GCC10 compiler suite and runtime libraries. The base SUSE Linux Enterprise libraries libgcc_s1, libstdc++6 are replaced by the gcc10 variants. The new compiler variants are available with '-10' suffix, you can specify them via: CC=gcc-10 CXX=g++-10 or similar commands. For a detailed changelog check out https://gcc.gnu.org/gcc-10/changes.html Changes in nvptx-tools: - Enable build on aarch64 ----------------------------------------- Version 1-Build4.2.51 2020-10-21T07:59:21 ----------------------------------------- Patch: SUSE-2020-2958 Released: Tue Oct 20 12:24:55 2020 Summary: Recommended update for procps Severity: moderate References: 1158830 Description: This update for procps fixes the following issues: - Fixes an issue when command 'ps -C' does not allow anymore an argument longer than 15 characters. (bsc#1158830) ----------------------------------------- Version 1-Build4.2.55 2020-10-26T09:41:08 ----------------------------------------- Patch: SUSE-2020-2983 Released: Wed Oct 21 15:03:03 2020 Summary: Recommended update for file Severity: moderate References: 1176123 Description: This update for file fixes the following issues: - Fixes an issue when file displays broken 'ELF' interpreter. (bsc#1176123) ----------------------------------------- Version 1-Build4.2.60 2020-10-29T07:59:05 ----------------------------------------- Patch: SUSE-2020-3048 Released: Tue Oct 27 16:04:52 2020 Summary: Recommended update for libsolv, libzypp, yaml-cpp, zypper Severity: moderate References: 1174918,1176192,1176435,1176712,1176740,1176902,1177238,935885 Description: This update for libsolv, libzypp, yaml-cpp, zypper fixes the following issues: libzypp was updated to 17.25.1: - When kernel-rt has been installed, the purge-kernels service fails during boot. (bsc#1176902) - Use package name provides as group key in purge-kernel (bsc#1176740 bsc#1176192) kernel-default-base has new packaging, where the kernel uname -r does not reflect the full package version anymore. This patch adds additional logic to use the most generic/shortest edition each package provides with %{packagename}= to group the kernel packages instead of the rpm versions. This also changes how the keep-spec for specific versions is applied, instead of matching the package versions, each of the package name provides will be matched. - RepoInfo: Return the type of the local metadata cache as fallback (bsc#1176435) - VendorAttr: Fix broken 'suse,opensuse' equivalence handling. Enhance API and testcases. (bsc#1174918) - Update docs regarding 'opensuse' namepace matching. - Link against libzstd to close libsolvs open references (as we link statically) yaml-cpp: - The libyaml-cpp0_6 library package is added the to the Basesystem module, LTSS and ESPOS channels, and the INSTALLER channels, as a new libzypp dependency. No source changes were done to yaml-cpp. zypper was updated to 1.14.40: - info: Assume descriptions starting with '

' are richtext (bsc#935885) - help: prevent 'whatis' from writing to stderr (bsc#1176712) - wp: point out that command is aliased to a search command and searches case-insensitive (jsc#SLE-16271) libsolv was updated to 0.7.15 to fix: - make testcase_mangle_repo_names deal correctly with freed repos [bsc#1177238] - fix deduceq2addedmap clearing bits outside of the map - conda: feature depriorization first - conda: fix startswith implementation - move find_update_seeds() call in cleandeps calculation - set SOLVABLE_BUILDHOST in rpm and rpmmd parsers - new testcase_mangle_repo_names() function - new solv_fmemopen() function ----------------------------------------- Version 1-Build4.2.67 2020-11-06T08:01:01 ----------------------------------------- Patch: SUSE-2020-3138 Released: Tue Nov 3 12:14:03 2020 Summary: Recommended update for systemd Severity: moderate References: 1104902,1154935,1165502,1167471,1173422,1176513,1176800 Description: This update for systemd fixes the following issues: - seccomp: shm{get,at,dt} now have their own numbers everywhere (bsc#1173422) - test-seccomp: log function names - test-seccomp: add log messages when skipping tests - basic/virt: Detect PowerVM hypervisor (bsc#1176800) - fs-util: suppress world-writable warnings if we read /dev/null - udevadm: rename option '--log-priority' into '--log-level' - udev: rename kernel option 'log_priority' into 'log_level' - fstab-generator: add 'nofail' when NFS 'bg' option is used (bsc#1176513) - Fix memory protection default (bsc#1167471) - cgroup: Support 0-value for memory protection directives and accepts MemorySwapMax=0 (bsc#1154935) - Improve latency and reliability when users log in/out (bsc#1104902, bsc#1165502) ----------------------------------------- Patch: SUSE-2020-3157 Released: Wed Nov 4 15:37:05 2020 Summary: Recommended update for ca-certificates-mozilla Severity: moderate References: 1177864 Description: This update for ca-certificates-mozilla fixes the following issues: The SSL Root CA store was updated to the 2.44 state of the Mozilla NSS Certificate store (bsc#1177864) - Removed CAs: - EE Certification Centre Root CA - Taiwan GRCA - Added CAs: - Trustwave Global Certification Authority - Trustwave Global ECC P256 Certification Authority - Trustwave Global ECC P384 Certification Authority ----------------------------------------- Version 1-Build4.2.70 2020-11-14T08:01:57 ----------------------------------------- Patch: SUSE-2020-3290 Released: Wed Nov 11 12:25:32 2020 Summary: Recommended update for findutils Severity: moderate References: 1174232 Description: This update for findutils fixes the following issues: - Do not unconditionally use leaf optimization for NFS. (bsc#1174232) NFS st_nlink are not accurate on all implementations, leading to aborts() if that assumption is made. ----------------------------------------- Patch: SUSE-2020-3313 Released: Thu Nov 12 16:07:37 2020 Summary: Security update for openldap2 Severity: important References: 1178387,CVE-2020-25692 Description: This update for openldap2 fixes the following issues: - CVE-2020-25692: Fixed an unauthenticated remote denial of service due to incorrect validation of modrdn equality rules (bsc#1178387). ----------------------------------------- Version 1-Build4.2.77 2020-11-20T08:02:49 ----------------------------------------- Patch: SUSE-2020-3377 Released: Thu Nov 19 09:29:32 2020 Summary: Security update for krb5 Severity: moderate References: 1178512,CVE-2020-28196 Description: This update for krb5 fixes the following security issue: - CVE-2020-28196: Fixed an unbounded recursion via an ASN.1-encoded Kerberos message (bsc#1178512). ----------------------------------------- Patch: SUSE-2020-3381 Released: Thu Nov 19 10:53:38 2020 Summary: Recommended update for systemd Severity: moderate References: 1177458,1177490,1177510 Description: This update for systemd fixes the following issues: - build-sys: optionally disable support of journal over the network (bsc#1177458) - ask-password: prevent buffer overflow when reading from keyring (bsc#1177510) - mount: don't propagate errors from mount_setup_unit() further up - Rely on the new build option --disable-remote for journal_remote This allows to drop the workaround that consisted in cleaning journal-upload files and {sysusers.d,tmpfiles.d}/systemd-remote.conf manually when 'journal_remote' support was disabled. - Move journal-{remote,upload}.conf.5.gz man pages into systemd-journal_remote sub package - Make sure {sysusers.d,tmpfiles.d}/systemd-remote.conf are not shipped with --without=journal_remote (bsc#1177458) These files were incorrectly packaged in the main package when systemd-journal_remote was disabled. - Make use of %{_unitdir} and %{_sysusersdir} - Remove mq-deadline selection from 60-io-scheduler.rules (bsc#1177490) ----------------------------------------- Version 1-Build4.2.80 2020-11-21T08:01:55 ----------------------------------------- Patch: SUSE-2020-3462 Released: Fri Nov 20 13:14:35 2020 Summary: Recommended update for pam and sudo Severity: moderate References: 1174593,1177858,1178727 Description: This update for pam and sudo fixes the following issue: pam: - pam_xauth: do not *free* a string which has been successfully passed to *putenv*. (bsc#1177858) - Initialize the local variable *daysleft* to avoid a misleading warning for password expire days. (bsc#1178727) - Run /usr/bin/xauth using the old user's and group's identifiers. (bsc#1174593) sudo: - Fix a problem with pam_xauth which checks effective and real uids to get the real identity of the user. (bsc#1174593) ----------------------------------------- Version 1-Build4.2.86 2020-12-02T07:57:54 ----------------------------------------- Patch: SUSE-2020-3566 Released: Mon Nov 30 16:56:52 2020 Summary: Security update for python-setuptools Severity: important References: 1176262,CVE-2019-20916 Description: This update for python-setuptools fixes the following issues: - Fixed a directory traversal in _download_http_url() (bsc#1176262 CVE-2019-20916) ----------------------------------------- Patch: SUSE-2020-3581 Released: Tue Dec 1 14:40:22 2020 Summary: Recommended update for libusb-1_0 Severity: moderate References: 1178376 Description: This update for libusb-1_0 fixes the following issues: - Fixes a build failure for libusb for the inclusion of 'sys/time.h' on PowerPC. (bsc#1178376) ----------------------------------------- Version 1-Build4.2.89 2020-12-04T08:50:12 ----------------------------------------- Patch: SUSE-2020-3592 Released: Wed Dec 2 10:31:34 2020 Summary: Security update for python-cryptography Severity: moderate References: 1178168,CVE-2020-25659 Description: This update for python-cryptography fixes the following issues: - CVE-2020-25659: Attempted to mitigate Bleichenbacher attacks on RSA decryption (bsc#1178168). ----------------------------------------- Patch: SUSE-2020-3593 Released: Wed Dec 2 10:33:49 2020 Summary: Security update for python3 Severity: important References: 1176262,1179193,CVE-2019-20916 Description: This update for python3 fixes the following issues: Update to 3.6.12 (bsc#1179193), including: - Fixed a directory traversal in _download_http_url() (bsc#1176262 CVE-2019-20916) ----------------------------------------- Patch: SUSE-2020-3620 Released: Thu Dec 3 17:03:55 2020 Summary: Recommended update for pam Severity: moderate References: Description: This update for pam fixes the following issues: - Check if the password is part of the username. (jsc#SLE-16719, jsc#SLE-16720) - Check whether the password contains a substring of of the user's name of at least `` characters length in some form. This is enabled by the new parameter `usersubstr=` ----------------------------------------- Version 1-Build4.2.90 2020-12-07T07:46:58 ----------------------------------------- Patch: SUSE-2020-3626 Released: Fri Dec 4 13:51:46 2020 Summary: Recommended update for audit Severity: moderate References: 1179515 Description: This update for audit fixes the following issues: - Enable Aarch64 processor support. (bsc#1179515) ----------------------------------------- Version 1-Build4.2.94 2020-12-08T13:36:26 ----------------------------------------- Patch: SUSE-2020-3703 Released: Mon Dec 7 20:17:32 2020 Summary: Recommended update for aaa_base Severity: moderate References: 1179431 Description: This update for aaa_base fixes the following issue: - Avoid semicolon within (t)csh login script on S/390. (bsc#1179431) ----------------------------------------- Version 1-Build4.2.96 2020-12-09T18:06:15 ----------------------------------------- Patch: SUSE-2020-3721 Released: Wed Dec 9 13:36:46 2020 Summary: Security update for openssl-1_1 Severity: important References: 1179491,CVE-2020-1971 Description: This update for openssl-1_1 fixes the following issues: - CVE-2020-1971: Fixed a null pointer dereference in EDIPARTYNAME (bsc#1179491). ----------------------------------------- Patch: SUSE-2020-3723 Released: Wed Dec 9 13:37:55 2020 Summary: Security update for python-urllib3 Severity: moderate References: 1177120,CVE-2020-26137 Description: This update for python-urllib3 fixes the following issues: - CVE-2020-26137: Fixed a CRLF injection via HTTP request method (bsc#1177120). ----------------------------------------- Version 1-Build4.2.97 2020-12-10T07:41:00 ----------------------------------------- Patch: SUSE-2020-3735 Released: Wed Dec 9 18:19:24 2020 Summary: Security update for curl Severity: moderate References: 1179398,1179399,1179593,CVE-2020-8284,CVE-2020-8285,CVE-2020-8286 Description: This update for curl fixes the following issues: - CVE-2020-8286: Fixed improper OSCP verification in the client side (bsc#1179593). - CVE-2020-8285: Fixed a stack overflow due to FTP wildcard (bsc#1179399). - CVE-2020-8284: Fixed an issue where a malicius FTP server could make curl connect to a different IP (bsc#1179398). ----------------------------------------- Version 2-Build5.5.5 2020-12-16T07:40:20 ----------------------------------------- Patch: SUSE-2020-3809 Released: Tue Dec 15 13:46:05 2020 Summary: Recommended update for glib2 Severity: moderate References: 1178346 Description: This update for glib2 fixes the following issues: Update from version 2.62.5 to version 2.62.6: - Support for slim format of timezone. (bsc#1178346) - Fix DST incorrect end day when using slim format. (bsc#1178346) - Fix SOCKS5 username/password authentication. - Updated translations. ----------------------------------------- Version 2-Build5.5.8 2020-12-17T07:41:10 ----------------------------------------- Patch: SUSE-2020-3853 Released: Wed Dec 16 12:27:27 2020 Summary: Recommended update for util-linux Severity: moderate References: 1084671,1169006,1174942,1175514,1175623,1178554,1178825 Description: This update for util-linux fixes the following issue: - Do not trigger the automatic close of CDROM. (bsc#1084671) - Try to automatically configure broken serial lines. (bsc#1175514) - Avoid `sulogin` failing on not existing or not functional console devices. (bsc#1175514) - Build with `libudev` support to support non-root users. (bsc#1169006) - Avoid memory errors on PowerPC systems with valid hardware configurations. (bsc#1175623, bsc#1178554, bsc#1178825) - Fix warning on mounts to `CIFS` with mount –a. (bsc#1174942) ----------------------------------------- Version 2-Build5.5.13 2020-12-30T07:39:39 ----------------------------------------- Patch: SUSE-2020-3930 Released: Wed Dec 23 18:19:39 2020 Summary: Security update for python3 Severity: important References: 1155094,1174091,1174571,1174701,1177211,1178009,1179193,1179630,CVE-2019-16935,CVE-2019-18348,CVE-2019-20907,CVE-2019-5010,CVE-2020-14422,CVE-2020-26116,CVE-2020-27619,CVE-2020-8492 Description: This update for python3 fixes the following issues: - Fixed CVE-2020-27619 (bsc#1178009), where Lib/test/multibytecodec_support calls eval() on content retrieved via HTTP. - Change setuptools and pip version numbers according to new wheels - Handful of changes to make python36 compatible with SLE15 and SLE12 (jsc#ECO-2799, jsc#SLE-13738) - add triplets for mips-r6 and riscv - RISC-V needs CTYPES_PASS_BY_REF_HACK Update to 3.6.12 (bsc#1179193) * Ensure python3.dll is loaded from correct locations when Python is embedded * The __hash__() methods of ipaddress.IPv4Interface and ipaddress.IPv6Interface incorrectly generated constant hash values of 32 and 128 respectively. This resulted in always causing hash collisions. The fix uses hash() to generate hash values for the tuple of (address, mask length, network address). * Prevent http header injection by rejecting control characters in http.client.putrequest(…). * Unpickling invalid NEWOBJ_EX opcode with the C implementation raises now UnpicklingError instead of crashing. * Avoid infinite loop when reading specially crafted TAR files using the tarfile module - This release also fixes CVE-2020-26116 (bsc#1177211) and CVE-2019-20907 (bsc#1174091). Update to 3.6.11: - Disallow CR or LF in email.headerregistry. Address arguments to guard against header injection attacks. - Disallow control characters in hostnames in http.client, addressing CVE-2019-18348. Such potentially malicious header injection URLs now cause a InvalidURL to be raised. (bsc#1155094) - CVE-2020-8492: The AbstractBasicAuthHandler class of the urllib.request module uses an inefficient regular expression which can be exploited by an attacker to cause a denial of service. Fix the regex to prevent the catastrophic backtracking. Vulnerability reported by Ben Caller and Matt Schwager. ----------------------------------------- Patch: SUSE-2020-3942 Released: Tue Dec 29 12:22:01 2020 Summary: Recommended update for libidn2 Severity: moderate References: 1180138 Description: This update for libidn2 fixes the following issues: - The library is actually dual licensed, GPL-2.0-or-later or LGPL-3.0-or-later, adjusted the RPM license tags (bsc#1180138) ----------------------------------------- Patch: SUSE-2020-3943 Released: Tue Dec 29 12:24:45 2020 Summary: Recommended update for libxml2 Severity: moderate References: 1178823 Description: This update for libxml2 fixes the following issues: Avoid quadratic checking of identity-constraints, speeding up XML validation (bsc#1178823) * key/unique/keyref schema attributes currently use quadratic loops to check their various constraints (that keys are unique and that keyrefs refer to existing keys). * This fix uses a hash table to avoid the quadratic behaviour. ----------------------------------------- Patch: SUSE-2020-3946 Released: Tue Dec 29 17:39:54 2020 Summary: Recommended update for python3 Severity: important References: 1180377 Description: This update for python3 fixes the following issues: - A previous update inadvertently removed the 'PyFPE_jbuf' symbol from Python3, which caused regressions in several applications. (bsc#1180377) ----------------------------------------- Version 2-Build5.5.20 2021-01-14T07:42:46 ----------------------------------------- Patch: SUSE-2021-109 Released: Wed Jan 13 10:13:24 2021 Summary: Security update for libzypp, zypper Severity: moderate References: 1050625,1174016,1177238,1177275,1177427,1177583,1178910,1178966,1179083,1179222,1179415,1179909,CVE-2017-9271 Description: This update for libzypp, zypper fixes the following issues: Update zypper to version 1.14.41 Update libzypp to 17.25.4 - CVE-2017-9271: Fixed information leak in the log file (bsc#1050625 bsc#1177583) - RepoManager: Force refresh if repo url has changed (bsc#1174016) - RepoManager: Carefully tidy up the caches. Remove non-directory entries. (bsc#1178966) - RepoInfo: ignore legacy type= in a .repo file and let RepoManager probe (bsc#1177427). - RpmDb: If no database exists use the _dbpath configured in rpm. Still makes sure a compat symlink at /var/lib/rpm exists in case the configures _dbpath is elsewhere. (bsc#1178910) - Fixed update of gpg keys with elongated expire date (bsc#179222) - needreboot: remove udev from the list (bsc#1179083) - Fix lsof monitoring (bsc#1179909) yast-installation was updated to 4.2.48: - Do not cleanup the libzypp cache when the system has low memory, incomplete cache confuses libzypp later (bsc#1179415) ----------------------------------------- Version 2-Build5.5.21 2021-01-15T11:43:25 ----------------------------------------- Patch: SUSE-2021-129 Released: Thu Jan 14 12:26:15 2021 Summary: Security update for openldap2 Severity: moderate References: 1178909,1179503,CVE-2020-25709,CVE-2020-25710 Description: This update for openldap2 fixes the following issues: Security issues fixed: - CVE-2020-25709: Fixed a crash caused by specially crafted network traffic (bsc#1178909). - CVE-2020-25710: Fixed a crash caused by specially crafted network traffic (bsc#1178909). Non-security issue fixed: - Retry binds in the LDAP backend when the remote LDAP server disconnected the (idle) LDAP connection. (bsc#1179503) ----------------------------------------- Version 2-Build5.5.29 2021-01-23T09:27:52 ----------------------------------------- Patch: SUSE-2021-169 Released: Tue Jan 19 16:18:46 2021 Summary: Recommended update for libsolv, libzypp, zypper Severity: moderate References: 1179816,1180077,1180663,1180721 Description: This update for libsolv, libzypp, zypper fixes the following issues: libzypp was updated to 17.25.6: - Rephrase solver problem descriptions (jsc#SLE-8482) - Adapt to changed gpg2/libgpgme behavior (bsc#1180721) - Multicurl backend breaks with with unknown filesize (fixes #277) zypper was updated to 1.14.42: - Fix source-download commnds help (bsc#1180663) - man: Recommend to use the --non-interactive global option rather than the command option -y (bsc#1179816) - Extend apt packagemap (fixes #366) - --quiet: Fix install summary to write nothing if there's nothing todo (bsc#1180077) libsolv was updated to 0.7.16; - do not ask the namespace callback for splitprovides when writing a testcase - fix add_complex_recommends() selecting conflicted packages in rare cases leading to crashes - improve choicerule generation so that package updates are prefered in more cases ----------------------------------------- Patch: SUSE-2021-174 Released: Wed Jan 20 07:55:23 2021 Summary: Recommended update for gnutls Severity: moderate References: 1172695 Description: This update for gnutls fixes the following issue: - Avoid spurious audit messages about incompatible signature algorithms (bsc#1172695) ----------------------------------------- Patch: SUSE-2021-197 Released: Fri Jan 22 15:17:42 2021 Summary: Security update for permissions Severity: moderate References: 1171883,CVE-2020-8025 Description: This update for permissions fixes the following issues: - Update to version 20181224: * pcp: remove no longer needed / conflicting entries (bsc#1171883, CVE-2020-8025) ----------------------------------------- Version 2-Build5.5.35 2021-01-27T07:39:55 ----------------------------------------- Patch: SUSE-2021-220 Released: Tue Jan 26 14:00:51 2021 Summary: Recommended update for keyutils Severity: moderate References: 1180603 Description: This update for keyutils fixes the following issues: - Adjust the library license to be LPGL-2.1+ only (the tools are GPL2+, the library is just LGPL-2.1+) (bsc#1180603) ----------------------------------------- Version 2-Build5.5.37 2021-01-28T07:39:37 ----------------------------------------- Patch: SUSE-2021-233 Released: Wed Jan 27 12:15:33 2021 Summary: Recommended update for systemd Severity: moderate References: 1141597,1174436,1175458,1177490,1179363,1179824,1180225 Description: This update for systemd fixes the following issues: - Added a timestamp to the output of the busctl monitor command (bsc#1180225) - Fixed a NULL pointer dereference bug when attempting to close the journal file handle (bsc#1179824) - Improved the caching of cgroups member mask (bsc#1175458) - Fixed the dependency definition of sound.target (bsc#1179363) - Fixed a bug that could lead to a potential error, when daemon-reload is called between StartTransientUnit and scope_start() (bsc#1174436) - time-util: treat /etc/localtime missing as UTC (bsc#1141597) - Removed mq-deadline selection from 60-io-scheduler.rules (bsc#1177490) ----------------------------------------- Version 2-Build5.5.41 2021-02-02T07:40:18 ----------------------------------------- Patch: SUSE-2021-265 Released: Mon Feb 1 15:06:45 2021 Summary: Recommended update for systemd Severity: important References: 1178775,1180885 Description: This update for systemd fixes the following issues: - Fix for udev creating '/dev/disk/by-label' symlink for 'LUKS2' to avoid mount issues. (bsc#1180885, #8998)) - Fix for an issue when container start causes interference in other containers. (bsc#1178775) ----------------------------------------- Version 2-Build5.5.48 2021-02-04T07:39:31 ----------------------------------------- Patch: SUSE-2021-293 Released: Wed Feb 3 12:52:34 2021 Summary: Recommended update for gmp Severity: moderate References: 1180603 Description: This update for gmp fixes the following issues: - correct license statements of packages (library itself is no GPL-3.0) (bsc#1180603) ----------------------------------------- Version 2-Build5.5.53 2021-02-09T07:40:23 ----------------------------------------- Patch: SUSE-2021-339 Released: Mon Feb 8 13:16:07 2021 Summary: Optional update for pam Severity: low References: Description: This update for pam fixes the following issues: - Added rpm macros for this package, so that other packages can make use of it This patch is optional to be installed - it doesn't fix any bugs. ----------------------------------------- Version 2-Build5.5.59 2021-02-20T07:39:33 ----------------------------------------- Patch: SUSE-2021-529 Released: Fri Feb 19 14:53:47 2021 Summary: Security update for python3 Severity: moderate References: 1176262,1179756,1180686,1181126,CVE-2019-20916,CVE-2021-3177 Description: This update for python3 fixes the following issues: - CVE-2021-3177: Fixed buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution (bsc#1181126). - Provide the newest setuptools wheel (bsc#1176262, CVE-2019-20916) in their correct form (bsc#1180686). ----------------------------------------- Version 2-Build5.5.60 2021-02-26T08:47:15 ----------------------------------------- Patch: SUSE-2020-1989 Released: Tue Jul 21 17:58:58 2020 Summary: Recommended update to SLES-releases Severity: important References: 1173582 Description: This update of SLES-release provides the following fix: - Obsolete Leap 15.2 as well to allow migration from Leap to SLE. (bsc#1173582) ----------------------------------------- Patch: SUSE-2020-3294 Released: Wed Nov 11 12:28:46 2020 Summary: Recommended update for SLES-release Severity: moderate References: 1177998 Description: This update for SLES-release fixes the following issue: - Obsolete Leap 15.2.1 (jump) to allow migration from Jump/Leap 15.2.1 to SLE 15 SP2. (bsc#1177998) ----------------------------------------- Patch: SUSE-2021-594 Released: Thu Feb 25 09:29:35 2021 Summary: Security update for python-cryptography Severity: important References: 1182066,CVE-2020-36242 Description: This update for python-cryptography fixes the following issues: - CVE-2020-36242: Using the Fernet class to symmetrically encrypt multi gigabyte values could result in an integer overflow and buffer overflow (bsc#1182066). ----------------------------------------- Version 2-Build5.5.61 2021-02-27T07:42:33 ----------------------------------------- Patch: SUSE-2021-653 Released: Fri Feb 26 19:53:43 2021 Summary: Security update for glibc Severity: important References: 1178386,1179694,1179721,1180038,1181505,1182117,CVE-2019-25013,CVE-2020-27618,CVE-2020-29562,CVE-2020-29573,CVE-2021-3326 Description: This update for glibc fixes the following issues: - Fix buffer overrun in EUC-KR conversion module (CVE-2019-25013, bsc#1182117, BZ #24973) - x86: Harden printf against non-normal long double values (CVE-2020-29573, bsc#1179721, BZ #26649) - gconv: Fix assertion failure in ISO-2022-JP-3 module (CVE-2021-3326, bsc#1181505, BZ #27256) - iconv: Accept redundant shift sequences in IBM1364 (CVE-2020-27618, bsc#1178386, BZ #26224) - iconv: Fix incorrect UCS4 inner loop bounds (CVE-2020-29562, bsc#1179694, BZ #26923) - Fix parsing of /sys/devices/system/cpu/online (bsc#1180038, BZ #25859) ----------------------------------------- Version 2-Build5.5.62 2021-03-02T07:42:17 ----------------------------------------- Patch: SUSE-2021-656 Released: Mon Mar 1 09:34:21 2021 Summary: Recommended update for protobuf Severity: moderate References: 1177127 Description: This update for protobuf fixes the following issues: - Add missing dependency of python subpackages on python-six. (bsc#1177127) ----------------------------------------- Version 2-Build5.5.68 2021-03-09T07:42:32 ----------------------------------------- Patch: SUSE-2021-723 Released: Mon Mar 8 16:45:27 2021 Summary: Security update for openldap2 Severity: important References: 1182279,1182408,1182411,1182412,1182413,1182415,1182416,1182417,1182418,1182419,1182420,CVE-2020-36221,CVE-2020-36222,CVE-2020-36223,CVE-2020-36224,CVE-2020-36225,CVE-2020-36226,CVE-2020-36227,CVE-2020-36228,CVE-2020-36229,CVE-2020-36230,CVE-2021-27212 Description: This update for openldap2 fixes the following issues: - bsc#1182408 CVE-2020-36230 - an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service. - bsc#1182411 CVE-2020-36229 - ldap_X509dn2bv crash in the X.509 DN parsing in ad_keystring, resulting in denial of service. - bsc#1182412 CVE-2020-36228 - integer underflow leading to crash in the Certificate List Exact Assertion processing, resulting in denial of service. - bsc#1182413 CVE-2020-36227 - infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service. - bsc#1182416 CVE-2020-36225 - double free and slapd crash in the saslAuthzTo processing, resulting in denial of service. - bsc#1182417 CVE-2020-36224 - invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service. - bsc#1182415 CVE-2020-36226 - memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service. - bsc#1182419 CVE-2020-36222 - assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service. - bsc#1182420 CVE-2020-36221 - slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck). - bsc#1182418 CVE-2020-36223 - slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read). - bsc#1182279 CVE-2021-27212 - an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime. ----------------------------------------- Version 2-Build5.5.70 2021-03-10T07:41:42 ----------------------------------------- Patch: SUSE-2021-754 Released: Tue Mar 9 17:10:49 2021 Summary: Security update for openssl-1_1 Severity: moderate References: 1182331,1182333,1182959,CVE-2021-23840,CVE-2021-23841 Description: This update for openssl-1_1 fixes the following issues: - CVE-2021-23840: Fixed an Integer overflow in CipherUpdate (bsc#1182333) - CVE-2021-23841: Fixed a Null pointer dereference in X509_issuer_and_serial_hash() (bsc#1182331) - Fixed unresolved error codes in FIPS (bsc#1182959). ----------------------------------------- Version 2-Build5.5.72 2021-03-13T07:43:27 ----------------------------------------- Patch: SUSE-2021-778 Released: Fri Mar 12 17:42:25 2021 Summary: Security update for glib2 Severity: important References: 1182328,1182362,CVE-2021-27218,CVE-2021-27219 Description: This update for glib2 fixes the following issues: - CVE-2021-27218: g_byte_array_new_take takes a gsize as length but stores in a guint, this patch will refuse if the length is larger than guint. (bsc#1182328) - CVE-2021-27219: g_memdup takes a guint as parameter and sometimes leads into an integer overflow, so add a g_memdup2 function which uses gsize to replace it. (bsc#1182362) ----------------------------------------- Version 2-Build5.5.74 2021-03-16T07:43:19 ----------------------------------------- Patch: SUSE-2021-786 Released: Mon Mar 15 11:19:23 2021 Summary: Recommended update for zlib Severity: moderate References: 1176201 Description: This update for zlib fixes the following issues: - Fixed hw compression on z15 (bsc#1176201) ----------------------------------------- Version 2-Build5.5.78 2021-03-19T07:45:36 ----------------------------------------- Patch: SUSE-2021-874 Released: Thu Mar 18 09:41:54 2021 Summary: Recommended update for libsolv, libzypp, zypper Severity: moderate References: 1179847,1181328,1181622,1182629 Description: This update for libsolv, libzypp, zypper fixes the following issues: - support multiple collections in updateinfo parser - Fixed an issue when some 'systemd' tools require '/proc' to be mounted and fail if it's not there. (bsc#1181328) - Enable release packages to request a releaxed suse/opensuse vendorcheck in dup when migrating. (bsc#1182629) - Patch: Identify well-known category names to allow to use the RH and SUSE patch category names synonymously. (bsc#1179847) - Fix '%posttrans' script execution. (fixes #265) - Repo: Allow multiple baseurls specified on one line (fixes #285) - Regex: Fix memory leak and undefined behavior. - Add rpm buildrequires for test suite (fixes #279) - Use rpmdb2solv new -D switch to tell the location of the rpmdatabase to use. - doc: give more details about creating versioned package locks. (bsc#1181622) - man: Document synonymously used patch categories (bsc#1179847) ----------------------------------------- Version 2-Build5.5.81 2021-03-24T07:41:51 ----------------------------------------- Patch: SUSE-2021-924 Released: Tue Mar 23 10:00:49 2021 Summary: Recommended update for filesystem Severity: moderate References: 1078466,1146705,1175519,1178775,1180020,1180083,1180596,1181011,1181831,1183094 Description: This update for filesystem the following issues: - Remove duplicate line due to merge error - Add fix for 'mesa' creating cache with perm 0700. (bsc#1181011) - Fixed an issue causing failure during installation/upgrade a failure. (rh#1548403) (bsc#1146705) - Allows to override config to add cleanup options of '/var/tmp'. (bsc#1078466) - Create config to cleanup '/tmp' regular required with 'tmpfs'. (bsc#1175519) This update for systemd fixes the following issues: - Fix for a possible memory leak. (bsc#1180020) - Fix for a case when to a bind mounted directory results inactive mount units. (#7811) (bsc#1180596) - Fixed an issue when starting a container conflicts with another one. (bsc#1178775) - Drop most of the tmpfiles that deal with generic paths and avoid warnings. (bsc#1078466, bsc#1181831) - Don't use shell redirections when calling a rpm macro. (bsc#1183094) - 'systemd' requires 'aaa_base' >= 13.2. (bsc#1180083) ----------------------------------------- Version 2-Build5.5.82 2021-03-25T07:41:22 ----------------------------------------- Patch: SUSE-2021-935 Released: Wed Mar 24 12:19:10 2021 Summary: Security update for gnutls Severity: important References: 1183456,1183457,CVE-2021-20231,CVE-2021-20232 Description: This update for gnutls fixes the following issues: - CVE-2021-20232: Fixed a use after free issue which could have led to memory corruption and other potential consequences (bsc#1183456). - CVE-2021-20231: Fixed a use after free issue which could have led to memory corruption and other potential consequences (bsc#1183457). ----------------------------------------- Patch: SUSE-2021-947 Released: Wed Mar 24 14:30:58 2021 Summary: Security update for python3 Severity: moderate References: 1182379,CVE-2021-23336 Description: This update for python3 fixes the following issues: - python36 was updated to 3.6.13 - CVE-2021-23336: Fixed a potential web cache poisoning by using a semicolon in query parameters use of semicolon as a query string separator (bsc#1182379). ----------------------------------------- Patch: SUSE-2021-948 Released: Wed Mar 24 14:31:34 2021 Summary: Security update for zstd Severity: moderate References: 1183370,1183371,CVE-2021-24031,CVE-2021-24032 Description: This update for zstd fixes the following issues: - CVE-2021-24031: Added read permissions to files while being compressed or uncompressed (bsc#1183371). - CVE-2021-24032: Fixed a race condition which could have allowed an attacker to access world-readable destination file (bsc#1183370). ----------------------------------------- Version 2-Build5.5.83 2021-03-26T13:21:15 ----------------------------------------- Patch: SUSE-2021-955 Released: Thu Mar 25 16:11:48 2021 Summary: Security update for openssl-1_1 Severity: important References: 1183852,CVE-2021-3449 Description: This update for openssl-1_1 fixes the security issue: * CVE-2021-3449: An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension but includes a signature_algorithms_cert extension, then a NULL pointer dereference will result, leading to a crash and a denial of service attack. OpenSSL TLS clients are not impacted by this issue. [bsc#1183852] ----------------------------------------- Version 2-Build5.5.86 2021-03-31T07:43:06 ----------------------------------------- Patch: SUSE-2021-985 Released: Tue Mar 30 14:42:46 2021 Summary: Recommended update for the Azure SDK and CLI Severity: moderate References: 1125671,1140565,1154393,1174514,1175289,1176784,1176785,1178168,CVE-2020-14343,CVE-2020-25659 Description: This update for the Azure SDK and CLI adds support for the AHB (Azure Hybrid Benefit). (bsc#1176784, jsc#ECO=3105) ----------------------------------------- Version 2-Build5.5.89 2021-04-02T07:43:41 ----------------------------------------- Patch: SUSE-2021-1004 Released: Thu Apr 1 15:07:09 2021 Summary: Recommended update for libcap Severity: moderate References: 1180073 Description: This update for libcap fixes the following issues: - Added support for the ambient capabilities (jsc#SLE-17092, jsc#ECO-3460) - Changed the license tag from 'BSD-3-Clause and GPL-2.0' to 'BSD-3-Clause OR GPL-2.0-only' (bsc#1180073) ----------------------------------------- Patch: SUSE-2021-1006 Released: Thu Apr 1 17:44:57 2021 Summary: Security update for curl Severity: moderate References: 1183933,1183934,CVE-2021-22876,CVE-2021-22890 Description: This update for curl fixes the following issues: - CVE-2021-22890: TLS 1.3 session ticket proxy host mixup (bsc#1183934) - CVE-2021-22876: Automatic referer leaks credentials (bsc#1183933) ----------------------------------------- Version 2-Build5.5.93 2021-04-13T07:42:38 ----------------------------------------- Patch: SUSE-2021-1141 Released: Mon Apr 12 13:13:36 2021 Summary: Recommended update for openldap2 Severity: low References: 1182791 Description: This update for openldap2 fixes the following issues: - Improved the proxy connection timeout options to prune connections properly (bsc#1182791) ----------------------------------------- Version 2-Build5.5.95 2021-04-14T07:42:01 ----------------------------------------- Patch: SUSE-2021-1169 Released: Tue Apr 13 15:01:42 2021 Summary: Recommended update for procps Severity: low References: 1181976 Description: This update for procps fixes the following issues: - Corrected a statement in the man page about processor pinning via taskset (bsc#1181976) ----------------------------------------- Version 2-Build5.5.99 2021-04-21T07:42:26 ----------------------------------------- Patch: SUSE-2021-1286 Released: Tue Apr 20 20:10:21 2021 Summary: Recommended update for SLES-release Severity: moderate References: 1180836 Description: This recommended update for SLES-release provides the following fix: - Revert the problematic changes previously released and make sure the version is high enough to obsolete the package on containers and images. (bsc#1180836) ----------------------------------------- Version 2-Build5.5.100 2021-04-22T07:42:44 ----------------------------------------- Patch: SUSE-2021-1296 Released: Wed Apr 21 14:09:28 2021 Summary: Optional update for e2fsprogs Severity: low References: 1183791 Description: This update for e2fsprogs fixes the following issues: - Fixed an issue when building e2fsprogs (bsc#1183791) This patch does not fix any user visible issues and is therefore optional to install. ----------------------------------------- Patch: SUSE-2021-1297 Released: Wed Apr 21 14:10:10 2021 Summary: Recommended update for systemd Severity: moderate References: 1178219 Description: This update for systemd fixes the following issues: - Improved the logs emitted by systemd-shutdown during the shutdown process, when applications cannot be stopped properly and would leave mount points mounted. ----------------------------------------- Patch: SUSE-2021-1299 Released: Wed Apr 21 14:11:41 2021 Summary: Optional update for gpgme Severity: low References: 1183801 Description: This update for gpgme fixes the following issues: - Fixed a bug in test cases (bsc#1183801) This patch is optional to install and does not provide any user visible bug fixes. ----------------------------------------- Version 2-Build5.5.106 2021-04-29T07:43:23 ----------------------------------------- Patch: SUSE-2021-1407 Released: Wed Apr 28 15:49:02 2021 Summary: Recommended update for libcap Severity: important References: 1184690 Description: This update for libcap fixes the following issues: - Add explicit dependency on 'libcap2' with version to 'libcap-progs' and 'pam_cap'. (bsc#1184690) ----------------------------------------- Patch: SUSE-2021-1412 Released: Wed Apr 28 17:09:28 2021 Summary: Security update for libnettle Severity: important References: 1184401,CVE-2021-20305 Description: This update for libnettle fixes the following issues: - CVE-2021-20305: Fixed the multiply function which was being called with out-of-range scalars (bsc#1184401). ----------------------------------------- Patch: SUSE-2021-1426 Released: Thu Apr 29 06:23:13 2021 Summary: Recommended update for libsolv Severity: moderate References: Description: This update for libsolv fixes the following issues: - Fix rare segfault in resolve_jobrules() that could happen if new rules are learnt. - Fix a couple of memory leaks in error cases. - Fix error handling in solv_xfopen_fd() - Fixed 'regex' code on win32. - Fixed memory leak in choice rule generation ----------------------------------------- Version 2-Build5.5.111 2021-05-05T07:42:43 ----------------------------------------- Patch: SUSE-2021-1466 Released: Tue May 4 08:30:57 2021 Summary: Security update for permissions Severity: important References: 1182899 Description: This update for permissions fixes the following issues: - etc/permissions: remove unnecessary entries (bsc#1182899) ----------------------------------------- Version 2-Build5.5.112 2021-05-06T07:43:25 ----------------------------------------- Patch: SUSE-2021-1523 Released: Wed May 5 18:24:20 2021 Summary: Security update for libxml2 Severity: moderate References: 1185408,1185409,1185410,CVE-2021-3516,CVE-2021-3517,CVE-2021-3518 Description: This update for libxml2 fixes the following issues: - CVE-2021-3518: Fixed a use after free in xinclude.c:xmlXIncludeDoProcess (bsc#1185408). - CVE-2021-3517: Fixed a heap based buffer overflow in entities.c:xmlEncodeEntitiesInternal (bsc#1185410). - CVE-2021-3516: Fixed a use after free in entities.c:xmlEncodeEntitiesInternal (bsc#1185409). ----------------------------------------- Version 2-Build5.5.114 2021-05-07T07:43:04 ----------------------------------------- Patch: SUSE-2021-1527 Released: Thu May 6 08:58:53 2021 Summary: Recommended update for bash Severity: important References: 1183064 Description: This update for bash fixes the following issues: - Fixed a segmentation fault that used to occur when bash read a history file that was malformed in a very specific way. (bsc#1183064) ----------------------------------------- Patch: SUSE-2021-1528 Released: Thu May 6 15:31:23 2021 Summary: Recommended update for openssl-1_1 Severity: moderate References: 1161276 Description: This update for openssl-1_1 fixes the following issues: - Do not list disapproved cipher algorithms while in 'FIPS' mode. (bsc#1161276) ----------------------------------------- Version 2-Build5.5.116 2021-05-08T07:42:42 ----------------------------------------- Patch: SUSE-2021-1543 Released: Fri May 7 15:16:32 2021 Summary: Recommended update for patterns-microos Severity: moderate References: 1184435 Description: This update for patterns-microos provides the following fix: - Require the libvirt-daemon-qemu package and include the needed dependencies in the product. (bsc#1184435) ----------------------------------------- Patch: SUSE-2021-1544 Released: Fri May 7 16:34:41 2021 Summary: Recommended update for libzypp Severity: moderate References: 1180851,1181874,1182936,1183628,1184997,1185239 Description: This update for libzypp fixes the following issues: Upgrade from version 17.25.8 to version 17.25.10 - Properly handle permission denied when providing optional files. (bsc#1185239) - Fix service detection with `cgroupv2`. (bsc#1184997) - Add missing includes for GCC 11. (bsc#1181874) - Fix unsafe usage of static in media verifier. - `Solver`: Avoid segfault if no system is loaded. (bsc#1183628) - `MediaVerifier`: Relax media set verification in case of a single not-volatile medium. (bsc#1180851) - Do no cleanup in custom cache dirs. (bsc#1182936) - `ZConfig`: let `pubkeyCachePath` follow `repoCachePath`. ----------------------------------------- Version 2-Build5.5.117 2021-05-11T07:43:09 ----------------------------------------- Patch: SUSE-2021-1549 Released: Mon May 10 13:48:00 2021 Summary: Recommended update for procps Severity: moderate References: 1185417 Description: This update for procps fixes the following issues: - Support up to 2048 CPU as well. (bsc#1185417) ----------------------------------------- Version 2-Build5.5.119 2021-05-12T07:42:55 ----------------------------------------- Patch: SUSE-2021-1557 Released: Tue May 11 09:50:00 2021 Summary: Security update for python3 Severity: moderate References: 1183374,CVE-2021-3426 Description: This update for python3 fixes the following issues: - CVE-2021-3426: Fixed an information disclosure via pydoc (bsc#1183374) ----------------------------------------- Patch: SUSE-2021-1565 Released: Tue May 11 14:20:04 2021 Summary: Recommended update for krb5 Severity: moderate References: 1185163 Description: This update for krb5 fixes the following issues: - Use '/run' instead of '/var/run' for daemon PID files. (bsc#1185163); ----------------------------------------- Version 2-Build5.5.120 2021-05-13T07:42:55 ----------------------------------------- Patch: SUSE-2021-1592 Released: Wed May 12 13:47:41 2021 Summary: Optional update for sed Severity: low References: 1183797 Description: This update for sed fixes the following issues: - Fixed a building issue with glibc-2.31 (bsc#1183797). This patch is optional to install. ----------------------------------------- Version 2-Build5.5.122 2021-05-15T07:43:02 ----------------------------------------- Patch: SUSE-2021-1612 Released: Fri May 14 17:09:39 2021 Summary: Recommended update for openldap2 Severity: moderate References: 1184614 Description: This update for openldap2 fixes the following issue: - Provide `openldap2-contrib` to the modules SUSE Linux Enterprise Legacy 15-SP2 and 15-SP3. (bsc#1184614) ----------------------------------------- Version 2-Build5.5.126 2021-05-20T07:43:14 ----------------------------------------- Patch: SUSE-2021-1643 Released: Wed May 19 13:51:48 2021 Summary: Recommended update for pam Severity: important References: 1181443,1184358,1185562 Description: This update for pam fixes the following issues: - Fixed a bug, where the 'unlimited'/'-1' value was not interpreted correctly (bsc#1181443) - Fixed a bug, where pam_access interpreted the keyword 'LOCAL' incorrectly, leading to an attempt to resolve it as a hostname (bsc#1184358) - In the 32-bit compatibility package for 64-bit architectures, require 'systemd-32bit' to be also installed as it contains pam_systemd.so for 32 bit applications. (bsc#1185562) ----------------------------------------- Patch: SUSE-2021-1647 Released: Wed May 19 13:59:12 2021 Summary: Security update for lz4 Severity: important References: 1185438,CVE-2021-3520 Description: This update for lz4 fixes the following issues: - CVE-2021-3520: Fixed memory corruption due to an integer overflow bug caused by memmove argument (bsc#1185438). ----------------------------------------- Patch: SUSE-2021-1654 Released: Wed May 19 16:43:36 2021 Summary: Security update for libxml2 Severity: important References: 1185408,1185409,1185410,1185698,CVE-2021-3516,CVE-2021-3517,CVE-2021-3518,CVE-2021-3537 Description: This update for libxml2 fixes the following issues: - CVE-2021-3537: NULL pointer dereference in valid.c:xmlValidBuildAContentModel (bsc#1185698) - CVE-2021-3518: Fixed a use after free in xinclude.c:xmlXIncludeDoProcess (bsc#1185408). - CVE-2021-3517: Fixed a heap based buffer overflow in entities.c:xmlEncodeEntitiesInternal (bsc#1185410). - CVE-2021-3516: Fixed a use after free in entities.c:xmlEncodeEntitiesInternal (bsc#1185409). ----------------------------------------- Version 3-Build5.8.6 2021-05-28T07:43:45 ----------------------------------------- Patch: SUSE-2021-1762 Released: Wed May 26 12:30:01 2021 Summary: Security update for curl Severity: moderate References: 1186114,CVE-2021-22898 Description: This update for curl fixes the following issues: - CVE-2021-22898: Fixed curl TELNET stack contents disclosure (bsc#1186114). - Allow partial chain verification [jsc#SLE-17956] * Have intermediate certificates in the trust store be treated as trust-anchors, in the same way as self-signed root CA certificates are. This allows users to verify servers using the intermediate cert only, instead of needing the whole chain. * Set FLAG_TRUSTED_FIRST unconditionally. * Do not check partial chains with CRL check. ----------------------------------------- Patch: SUSE-2021-1773 Released: Wed May 26 17:22:21 2021 Summary: Recommended update for python3 Severity: low References: Description: This update for python3 fixes the following issues: - Make sure to close the import_failed.map file after the exception has been raised in order to avoid ResourceWarnings when the failing import is part of a try...except block. ----------------------------------------- Version 3-Build5.8.7 2021-06-01T07:43:12 ----------------------------------------- Patch: SUSE-2021-1806 Released: Mon May 31 16:23:04 2021 Summary: Security update for python-httplib2 Severity: moderate References: 1171998,1182053,CVE-2020-11078,CVE-2021-21240 Description: This update for python-httplib2 fixes the following issues: - Update to version 0.19.0 (bsc#1182053). - CVE-2021-21240: Fixed regular expression denial of service via malicious header (bsc#1182053). - CVE-2020-11078: Fixed unescaped part of uri where an attacker could change request headers and body (bsc#1182053). ----------------------------------------- Version 3-Build5.8.9 2021-06-03T07:43:51 ----------------------------------------- Patch: SUSE-2021-1833 Released: Wed Jun 2 15:32:28 2021 Summary: Recommended update for zypper Severity: moderate References: 1153687,1180851,1181874,1182372,1182936,1183268,1183589,1183628,1184997,1185239 Description: This update for zypper fixes the following issues: zypper was upgraded to 1.14.44: - man page: Recommend the needs-rebooting command to test whether a system reboot is suggested. - patch: Let a patch's reboot-needed flag overrule included packages. (bsc#1183268) - Quickfix setting 'openSUSE_Tumbleweed' as default platform for 'MicroOS'. (bsc#1153687) - Protect against strict/relaxed user umask via sudo. (bsc#1183589) - xml summary: Add solvables repository alias. (bsc#1182372) libzypp was upgraded from version 17.25.8 to version 17.25.10 - Properly handle permission denied when providing optional files. (bsc#1185239) - Fix service detection with `cgroupv2`. (bsc#1184997) - Add missing includes for GCC 11. (bsc#1181874) - Fix unsafe usage of static in media verifier. - `Solver`: Avoid segfault if no system is loaded. (bsc#1183628) - `MediaVerifier`: Relax media set verification in case of a single not-volatile medium. (bsc#1180851) - Do no cleanup in custom cache dirs. (bsc#1182936) - `ZConfig`: let `pubkeyCachePath` follow `repoCachePath`. ----------------------------------------- Version 3-Build5.8.11 2021-06-06T07:44:27 ----------------------------------------- Patch: SUSE-2021-1859 Released: Fri Jun 4 09:02:38 2021 Summary: Security update for python-py Severity: moderate References: 1179805,1184505,CVE-2020-29651 Description: This update for python-py fixes the following issues: - CVE-2020-29651: Fixed regular expression denial of service in svnwc.py (bsc#1179805, bsc#1184505). ----------------------------------------- Patch: SUSE-2021-1861 Released: Fri Jun 4 09:59:40 2021 Summary: Recommended update for gcc10 Severity: moderate References: 1029961,1106014,1178577,1178624,1178675,1182016 Description: This update for gcc10 fixes the following issues: - Disable nvptx offloading for aarch64 again since it doesn't work - Fixed a build failure issue. (bsc#1182016) - Fix for memory miscompilation on 'aarch64'. (bsc#1178624, bsc#1178577) - Fix 32bit 'libgnat.so' link. (bsc#1178675) - prepare usrmerge: Install libgcc_s into %_libdir. ABI wise it stays /%lib. (bsc#1029961) - Build complete set of multilibs for arm-none target. (bsc#1106014) ----------------------------------------- Version 3-Build5.8.13 2021-06-09T07:43:32 ----------------------------------------- Patch: SUSE-2021-1879 Released: Tue Jun 8 09:16:09 2021 Summary: Recommended update for libzypp, zypper Severity: important References: 1184326,1184399,1184997,1185325 Description: This update for libzypp, zypper fixes the following issues: libzypp was updated to 17.26.0: - Work around download.o.o broken https redirects. - Allow trusted repos to add additional signing keys (bsc#1184326) Repositories signed with a trusted gpg key may import additional package signing keys. This is needed if different keys were used to sign the the packages shipped by the repository. - MediaCurl: Fix logging of redirects. - Use 15.3 resolver problem and solution texts on all distros. - $ZYPP_LOCK_TIMEOUT: Let negative values wait forever for the zypp lock (bsc#1184399) Helps boot time services like 'zypper purge-kernels' to wait for the zypp lock until other services using zypper have completed. - Fix purge-kernels is broken in Leap 15.3 (bsc#1185325) Leap 15.3 introduces a new kernel package called kernel-flavour-extra, which contain kmp's. Currently kmp's are detected by name '.*-kmp(-.*)?' but this does not work which those new packages. This patch fixes the problem by checking packages for kmod(*) and ksym(*) provides and only falls back to name checking if the package in question does not provide one of those. - Introduce zypp-runpurge, a tool to run purge-kernels on testcases. zypper was updated to 1.14.45: - Fix service detection with cgroupv2 (bsc#1184997) - Add hints to 'trust GPG key' prompt. - Add report when receiving new package signing keys from a trusted repo (bsc#1184326) - Added translation using Weblate (Kabyle) ----------------------------------------- Version 3-Build5.8.19 2021-06-11T07:43:47 ----------------------------------------- Patch: SUSE-2021-1917 Released: Wed Jun 9 14:48:05 2021 Summary: Security update for libxml2 Severity: moderate References: 1186015,CVE-2021-3541 Description: This update for libxml2 fixes the following issues: - CVE-2021-3541: Fixed exponential entity expansion attack bypasses all existing protection mechanisms. (bsc#1186015) ----------------------------------------- Patch: SUSE-2021-1953 Released: Thu Jun 10 16:18:50 2021 Summary: Recommended update for gpg2 Severity: moderate References: 1161268,1172308 Description: This update for gpg2 fixes the following issues: - Fixed an issue where the gpg-agent's ssh-agent does not handle flags in signing requests properly (bsc#1161268 and bsc#1172308). ----------------------------------------- Version 3-Build5.8.23 2021-06-18T07:43:20 ----------------------------------------- Patch: SUSE-2021-2001 Released: Thu Jun 17 16:54:07 2021 Summary: Recommended update for python-pycryptodome Severity: moderate References: 1186642 Description: This update for python-pycryptodome fixes the following issue: - python-pycryptodome had a lower release number in 15 sp2 and sp3 than in 15 sp1, which could lead to migration issues. (bsc#1186642) ----------------------------------------- Patch: SUSE-2021-2008 Released: Thu Jun 17 18:07:45 2021 Summary: Security update for python-rsa Severity: important References: 1172389,CVE-2020-13757 Description: This update for python-rsa fixes the following issues: - CVE-2020-13757: Proper handling of leading '\0' bytes during decryption of ciphertext (bsc#1172389) ----------------------------------------- Version 3-Build5.8.26 2021-06-22T07:43:58 ----------------------------------------- Patch: SUSE-2021-2096 Released: Mon Jun 21 13:35:38 2021 Summary: Recommended update for python-six Severity: moderate References: 1186642 Description: This update for python-six fixes the following issue: - python-six had a lower release number in 15 sp2 and sp3 than in 15 sp1, which could lead to migration issues. (bsc#1186642) ----------------------------------------- Version 3-Build5.8.27 2021-06-24T07:43:50 ----------------------------------------- Patch: SUSE-2021-2143 Released: Wed Jun 23 16:27:04 2021 Summary: Security update for libnettle Severity: important References: 1187060,CVE-2021-3580 Description: This update for libnettle fixes the following issues: - CVE-2021-3580: Fixed a remote denial of service in the RSA decryption via manipulated ciphertext (bsc#1187060). ----------------------------------------- Version 3-Build5.8.28 2021-06-25T07:44:20 ----------------------------------------- Patch: SUSE-2021-2157 Released: Thu Jun 24 15:40:14 2021 Summary: Security update for libgcrypt Severity: important References: 1187212,CVE-2021-33560 Description: This update for libgcrypt fixes the following issues: - CVE-2021-33560: Fixed a side-channel against ElGamal encryption, caused by missing exponent blinding (bsc#1187212). ----------------------------------------- Version 3-Build5.8.35 2021-06-29T07:43:22 ----------------------------------------- Patch: SUSE-2021-2173 Released: Mon Jun 28 14:59:45 2021 Summary: Recommended update for automake Severity: moderate References: 1040589,1047218,1182604,1185540,1186049 Description: This update for automake fixes the following issues: - Implement generated autoconf makefiles reproducible (bsc#1182604) - Add fix to avoid date variations in docs. (bsc#1047218, jsc#SLE-17848) - Avoid bashisms in test-driver script. (bsc#1185540) This update for pcre fixes the following issues: - Do not run profiling 'check' in parallel to make package build reproducible. (bsc#1040589) This update for brp-check-suse fixes the following issues: - Add fixes to support reproducible builds. (bsc#1186049) ----------------------------------------- Version 3-Build5.8.36 2021-06-30T07:44:47 ----------------------------------------- Patch: SUSE-2021-2196 Released: Tue Jun 29 09:41:39 2021 Summary: Security update for lua53 Severity: moderate References: 1175448,1175449,CVE-2020-24370,CVE-2020-24371 Description: This update for lua53 fixes the following issues: Update to version 5.3.6: - CVE-2020-24371: lgc.c mishandles the interaction between barriers and the sweep phase, leading to a memory access violation involving collectgarbage (bsc#1175449) - CVE-2020-24370: ldebug.c allows a negation overflow and segmentation fault in getlocal and setlocal (bsc#1175448) - Long brackets with a huge number of '=' overflow some internal buffer arithmetic. ----------------------------------------- Version 3-Build5.8.38 2021-07-01T07:43:42 ----------------------------------------- Patch: SUSE-2021-2205 Released: Wed Jun 30 09:17:41 2021 Summary: Recommended update for openldap2 Severity: important References: 1187210 Description: This update for openldap2 fixes the following issues: - Resolve issues in the idle / connection 'TTL' timeout implementation in OpenLDAP. (bsc#1187210) ----------------------------------------- Version 3-Build5.8.39 2021-07-02T07:44:29 ----------------------------------------- Patch: SUSE-2021-2229 Released: Thu Jul 1 20:40:37 2021 Summary: Recommended update for release packages Severity: moderate References: 1099521,1185221 Description: This update for the release packages provides the following fix: - Fix grub menu entries after migration from SLE-12*. (bsc#1099521) - Adjust the sles-release changelog to include an entry for the previous release that was reverting a broken change. (bsc#1185221) ----------------------------------------- Version 3-Build5.8.41 2021-07-06T07:43:48 ----------------------------------------- Patch: SUSE-2021-2246 Released: Mon Jul 5 15:17:49 2021 Summary: Recommended update for systemd Severity: moderate References: 1154935,1167471,1178561,1184761,1184967,1185046,1185331,1185807,1185958,1187292,1187400 Description: This update for systemd fixes the following issues: cgroup: Parse infinity properly for memory protections. (bsc#1167471) cgroup: Make empty assignments reset to default. (bsc#1167471) cgroup: Support 0-value for memory protection directives. (bsc#1167471) core/cgroup: Fixed an issue with ignored parameter of 'MemorySwapMax=0'. (bsc#1154935) bus-unit-util: Add proper 'MemorySwapMax' serialization. core: Accept MemorySwapMax= properties that are scaled. execute: Make sure to call into PAM after initializing resource limits. (bsc#1184967) core: Rename 'ShutdownWatchdogSec' to 'RebootWatchdogSec'. (bsc#1185331) Return -EAGAIN instead of -EALREADY from unit_reload. (bsc#1185046) rules: Don't ignore Xen virtual interfaces anymore. (bsc#1178561) write_net_rules: Set execute bits. (bsc#1178561) udev: Rework network device renaming. Revert 'Revert 'udev: Network device renaming - immediately give up if the target name isn't available'' mount-util: tape over name_to_handle_at() flakiness (#7517) (bsc#1184761) core: fix output (logging) for mount units (#7603) (bsc#1187400) udev requires systemd in its %post (bsc#1185958) cgroup: Parse infinity properly for memory protections (bsc#1167471) cgroup: Make empty assignments reset to default (bsc#1167471) cgroup: Support 0-value for memory protection directives (bsc#1167471) Create /run/lock/subsys again (bsc#1187292) The creation of this directory was mistakenly dropped when 'filesystem' package took the initialization of the generic paths over. Expect 644 permissions for /usr/lib/udev/compat-symlink-generation (bsc#1185807) ----------------------------------------- Patch: SUSE-2021-2249 Released: Mon Jul 5 15:40:46 2021 Summary: Optional update for gnutls Severity: low References: 1047218,1186579 Description: This update for gnutls does not fix any user visible issues. It is therefore optional to install. ----------------------------------------- Version 3-Build5.8.43 2021-07-08T12:06:26 ----------------------------------------- Patch: SUSE-2021-2273 Released: Thu Jul 8 09:48:48 2021 Summary: Recommended update for libzypp, zypper Severity: moderate References: 1186447,1186503 Description: This update for libzypp, zypper fixes the following issues: - Enhance XML output of repo GPG options - Add optional attributes showing the raw values actually present in the '.repo' file. - Link all executables with -PIE (bsc#1186447) - Ship an empty '/etc/zypp/needreboot' per default (jsc#PM-2645) - Add 'Solvable::isBlacklisted' as superset of retracted and ptf packages (bsc#1186503) - Fix segv if 'ZYPP_FULLOG' is set. ----------------------------------------- Version 3-Build5.8.46 2021-07-13T07:43:54 ----------------------------------------- Patch: SUSE-2021-2292 Released: Mon Jul 12 08:25:20 2021 Summary: Security update for dbus-1 Severity: important References: 1187105,CVE-2020-35512 Description: This update for dbus-1 fixes the following issues: - CVE-2020-35512: Fixed a use-after-free or potential undefined behaviour caused by shared UID's (bsc#1187105) ----------------------------------------- Version 3-Build5.8.47 2021-07-15T07:44:32 ----------------------------------------- Patch: SUSE-2021-2320 Released: Wed Jul 14 17:01:06 2021 Summary: Security update for sqlite3 Severity: important References: 1157818,1158812,1158958,1158959,1158960,1159491,1159715,1159847,1159850,1160309,1160438,1160439,1164719,1172091,1172115,1172234,1172236,1172240,1173641,928700,928701,CVE-2015-3414,CVE-2015-3415,CVE-2019-19244,CVE-2019-19317,CVE-2019-19603,CVE-2019-19645,CVE-2019-19646,CVE-2019-19880,CVE-2019-19923,CVE-2019-19924,CVE-2019-19925,CVE-2019-19926,CVE-2019-19959,CVE-2019-20218,CVE-2020-13434,CVE-2020-13435,CVE-2020-13630,CVE-2020-13631,CVE-2020-13632,CVE-2020-15358,CVE-2020-9327 Description: This update for sqlite3 fixes the following issues: - Update to version 3.36.0 - CVE-2020-15358: heap-based buffer overflow in multiSelectOrderBy due to mishandling of query-flattener optimization (bsc#1173641) - CVE-2020-9327: NULL pointer dereference and segmentation fault because of generated column optimizations in isAuxiliaryVtabOperator (bsc#1164719) - CVE-2019-20218: selectExpander in select.c proceeds with WITH stack unwinding even after a parsing error (bsc#1160439) - CVE-2019-19959: memory-management error via ext/misc/zipfile.c involving embedded '\0' input (bsc#1160438) - CVE-2019-19923: improper handling of certain uses of SELECT DISTINCT in flattenSubquery may lead to null pointer dereference (bsc#1160309) - CVE-2019-19924: improper error handling in sqlite3WindowRewrite() (bsc#1159850) - CVE-2019-19925: improper handling of NULL pathname during an update of a ZIP archive (bsc#1159847) - CVE-2019-19926: improper handling of certain errors during parsing multiSelect in select.c (bsc#1159715) - CVE-2019-19880: exprListAppendList in window.c allows attackers to trigger an invalid pointer dereference (bsc#1159491) - CVE-2019-19603: during handling of CREATE TABLE and CREATE VIEW statements, does not consider confusion with a shadow table name (bsc#1158960) - CVE-2019-19646: pragma.c mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns (bsc#1158959) - CVE-2019-19645: alter.c allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements (bsc#1158958) - CVE-2019-19317: lookupName in resolve.c omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service (bsc#1158812) - CVE-2019-19244: sqlite3,sqlite2,sqlite: The function sqlite3Select in select.c allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage (bsc#1157818) - CVE-2015-3415: sqlite3VdbeExec comparison operator vulnerability (bsc#928701) - CVE-2015-3414: sqlite3,sqlite2: dequoting of collation-sequence names (bsc#928700) - CVE-2020-13434: integer overflow in sqlite3_str_vappendf (bsc#1172115) - CVE-2020-13630: (bsc#1172234: use-after-free in fts3EvalNextRow - CVE-2020-13631: virtual table allowed to be renamed to one of its shadow tables (bsc#1172236) - CVE-2020-13632: NULL pointer dereference via crafted matchinfo() query (bsc#1172240) - CVE-2020-13435: Malicious SQL statements could have crashed the process that is running SQLite (bsc#1172091) ----------------------------------------- Version 3-Build5.8.49 2021-07-21T07:44:06 ----------------------------------------- Patch: SUSE-2021-2404 Released: Tue Jul 20 14:21:30 2021 Summary: Security update for systemd Severity: moderate References: 1184994,1188063,CVE-2021-33910 Description: This update for systemd fixes the following issues: - CVE-2021-33910: Fixed a denial of service in systemd via unit_name_path_escape() (bsc#1188063) - Skip udev rules if 'elevator=' is used (bsc#1184994) ----------------------------------------- Version 3-Build5.8.50 2021-07-22T07:43:56 ----------------------------------------- Patch: SUSE-2021-2439 Released: Wed Jul 21 13:46:48 2021 Summary: Security update for curl Severity: moderate References: 1188217,1188218,1188219,1188220,CVE-2021-22922,CVE-2021-22923,CVE-2021-22924,CVE-2021-22925 Description: This update for curl fixes the following issues: - CVE-2021-22925: TELNET stack contents disclosure again. (bsc#1188220) - CVE-2021-22924: Bad connection reuse due to flawed path name checks. (bsc#1188219) - CVE-2021-22923: Insufficiently Protected Credentials. (bsc#1188218) - CVE-2021-22922: Wrong content via metalink not discarded. (bsc#1188217) ----------------------------------------- Version 3-Build5.8.61 2021-08-18T07:47:13 ----------------------------------------- Patch: SUSE-2021-2689 Released: Mon Aug 16 10:54:52 2021 Summary: Security update for cpio Severity: important References: 1189206,CVE-2021-38185 Description: This update for cpio fixes the following issues: It was possible to trigger Remote code execution due to a integer overflow (CVE-2021-38185, bsc#1189206) ----------------------------------------- Patch: SUSE-2021-2763 Released: Tue Aug 17 17:16:22 2021 Summary: Recommended update for cpio Severity: critical References: 1189465 Description: This update for cpio fixes the following issues: - A regression in last update would cause builds to hang on various architectures(bsc#1189465) ----------------------------------------- Version 3-Build5.8.62 2021-08-20T07:46:44 ----------------------------------------- Patch: SUSE-2021-2780 Released: Thu Aug 19 16:09:15 2021 Summary: Recommended update for cpio Severity: critical References: 1189465,CVE-2021-38185 Description: This update for cpio fixes the following issues: - A regression in the previous update could lead to crashes (bsc#1189465) ----------------------------------------- Version 3-Build5.8.64 2021-08-22T07:44:00 ----------------------------------------- Patch: SUSE-2021-2800 Released: Fri Aug 20 10:43:04 2021 Summary: Security update for krb5 Severity: important References: 1188571,CVE-2021-36222 Description: This update for krb5 fixes the following issues: - CVE-2021-36222: Fixed KDC null deref on bad encrypted challenge. (bsc#1188571) ----------------------------------------- Version 3-Build5.8.67 2021-08-24T07:44:54 ----------------------------------------- Patch: SUSE-2021-2810 Released: Mon Aug 23 12:14:30 2021 Summary: Security update for dbus-1 Severity: moderate References: 1172505,CVE-2020-12049 Description: This update for dbus-1 fixes the following issues: - CVE-2020-12049: truncated messages lead to resource exhaustion. (bsc#1172505) ----------------------------------------- Patch: SUSE-2021-2816 Released: Mon Aug 23 14:16:58 2021 Summary: Optional update for python-kubernetes Severity: low References: Description: This patch provides the python3-kubernetes package to the following modules: - Container Module for SUSE Linux Enterprise 15 SP2 - Container Module for SUSE Linux Enterprise 15 SP3 ----------------------------------------- Patch: SUSE-2021-2817 Released: Mon Aug 23 15:05:36 2021 Summary: Security update for aws-cli, python-boto3, python-botocore, python-service_identity, python-trustme, python-urllib3 Severity: moderate References: 1102408,1138715,1138746,1176389,1177120,1182421,1182422,CVE-2020-26137 Description: This patch updates the Python AWS SDK stack in SLE 15: General: # aws-cli - Version updated to upstream release v1.19.9 For a detailed list of all changes, please refer to the changelog file of this package. # python-boto3 - Version updated to upstream release 1.17.9 For a detailed list of all changes, please refer to the changelog file of this package. # python-botocore - Version updated to upstream release 1.20.9 For a detailed list of all changes, please refer to the changelog file of this package. # python-urllib3 - Version updated to upstream release 1.25.10 For a detailed list of all changes, please refer to the changelog file of this package. # python-service_identity - Added this new package to resolve runtime dependencies for other packages. Version: 18.1.0 # python-trustme - Added this new package to resolve runtime dependencies for other packages. Version: 0.6.0 Security fixes: # python-urllib3: - CVE-2020-26137: urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest() (bsc#1177120) ----------------------------------------- Version 3-Build5.8.68 2021-08-26T07:46:06 ----------------------------------------- Patch: SUSE-2021-2830 Released: Tue Aug 24 16:20:18 2021 Summary: Security update for openssl-1_1 Severity: important References: 1189520,1189521,CVE-2021-3711,CVE-2021-3712 Description: This update for openssl-1_1 fixes the following security issues: - CVE-2021-3711: A bug in the implementation of the SM2 decryption code could lead to buffer overflows. [bsc#1189520] - CVE-2021-3712: a bug in the code for printing certificate details could lead to a buffer overrun that a malicious actor could exploit to crash the application, causing a denial-of-service attack. [bsc#1189521] ----------------------------------------- Version 3-Build5.8.69 2021-08-31T07:43:57 ----------------------------------------- Patch: SUSE-2021-2863 Released: Mon Aug 30 08:18:50 2021 Summary: Recommended update for python-dbus-python Severity: moderate References: 1183818 Description: This update for python-dbus-python fixes the following issues: - Update to latest version from tumbleweed. (jsc#ECO-3589, bsc#1183818) - update to 1.2.16: * All tests are run even if the 'tap.py' module is not available, althoug diagnostics for failing tests will be better if it is present. - Support builds with more than one python3 flavor - Clean duplicate python flavor variables for configure - Version update to version 1.2.14: * Ensure that the numeric types from dbus.types get the same str() under Python 3.8 that they did under previous versions. * Disable -Winline. * Add clearer license information using SPDX-License-Identifier. * Include inherited methods and properties when documenting objects, which regressed when migrating from epydoc to sphinx. * Add missing variant_level member to UnixFd type, for parity with the other dbus.types types * Don't reply to method calls if they have the NO_REPLY_EXPECTED flag * Silence '-Wcast-function-type' with gcc 8. * Fix distcheck with python3.7 by deleting '__pycache__' during uninstall. * Consistently save and restore the exception indicator when called from C code. - Add missing dependency for pkg-config files - Version update to version 1.2.8: * Python 2.7 required or 3.4 respectively * Upstream dropped epydoc completely - Add dbus-1-python3 package - Make BusConnection.list_activatable_names actually call struct entries than the signature allows with libdbus 1.4 imports dbus, is finalized, is re-initialized, and re-imports - When removing signal matches, clean up internal state, avoiding a memory leak in long-lived Python processes that connect to - When setting the sender of a message, allow it to be org.freedesktop.DBus so you can implement a D-Bus daemon - New package: dbus-1-python-devel ----------------------------------------- Version 3-Build5.8.76 2021-09-04T07:43:42 ----------------------------------------- Patch: SUSE-2021-2938 Released: Fri Sep 3 09:19:36 2021 Summary: Recommended update for openldap2 Severity: moderate References: 1184614 Description: This update for openldap2 fixes the following issue: - openldap2-contrib is shipped to the Legacy Module. (bsc#1184614) ----------------------------------------- Version 3-Build5.8.77 2021-09-08T07:44:09 ----------------------------------------- Patch: SUSE-2021-2966 Released: Tue Sep 7 09:49:14 2021 Summary: Security update for openssl-1_1 Severity: low References: 1189521,CVE-2021-3712 Description: This update for openssl-1_1 fixes the following issues: - CVE-2021-3712: This is an update for the incomplete fix for CVE-2021-3712. Read buffer overruns processing ASN.1 strings (bsc#1189521). ----------------------------------------- Version 3-Build5.8.78 2021-09-10T07:44:33 ----------------------------------------- Patch: SUSE-2021-3001 Released: Thu Sep 9 15:08:13 2021 Summary: Recommended update for netcfg Severity: moderate References: 1189683 Description: This update for netcfg fixes the following issues: - add submissions port/protocol to services file for message submission over TLS protocol [bsc#1189683] ----------------------------------------- Version 3-Build5.8.80 2021-09-15T07:45:08 ----------------------------------------- Patch: SUSE-2021-3030 Released: Tue Sep 14 09:27:45 2021 Summary: Recommended update for patterns-base Severity: moderate References: 1189534,1189554 Description: This update of patterns-base fixes the following issue: - The fips pattern should also install 'openssh-fips' if 'openssh' is installed (bsc#1189554 bsc#1189534) ----------------------------------------- Version 3-Build5.8.84 2021-09-23T07:44:41 ----------------------------------------- Patch: SUSE-2021-3182 Released: Tue Sep 21 17:04:26 2021 Summary: Recommended update for file Severity: moderate References: 1189996 Description: This update for file fixes the following issues: - Fixes exception thrown by memory allocation problem (bsc#1189996) ----------------------------------------- Version 3-Build5.8.87 2021-10-02T12:11:11 ----------------------------------------- Patch: SUSE-2021-3274 Released: Fri Oct 1 10:34:17 2021 Summary: Recommended update for ca-certificates-mozilla Severity: important References: 1190858 Description: This update for ca-certificates-mozilla fixes the following issues: - remove one of the Letsencrypt CAs DST_Root_CA_X3.pem, as it expires September 30th 2021 and openssl certificate chain handling does not handle this correctly in openssl 1.0.2 and older. (bsc#1190858) ----------------------------------------- Version 3-Build5.8.89 2021-10-09T10:13:37 ----------------------------------------- Patch: SUSE-2021-3298 Released: Wed Oct 6 16:54:52 2021 Summary: Security update for curl Severity: moderate References: 1190373,1190374,CVE-2021-22946,CVE-2021-22947 Description: This update for curl fixes the following issues: - CVE-2021-22947: Fixed STARTTLS protocol injection via MITM (bsc#1190374). - CVE-2021-22946: Fixed protocol downgrade required TLS bypassed (bsc#1190373). ----------------------------------------- Version 3-Build5.8.90 2021-10-13T08:25:20 ----------------------------------------- Patch: SUSE-2021-3348 Released: Tue Oct 12 13:08:06 2021 Summary: Security update for systemd Severity: moderate References: 1134353,1171962,1184994,1188018,1188063,1188291,1188713,1189480,1190234,CVE-2021-33910 Description: This update for systemd fixes the following issues: - CVE-2021-33910: Fixed use of strdupa() on a path (bsc#1188063). - logind: terminate cleanly on SIGTERM/SIGINT (bsc#1188018). - Adopting BFQ to control I/O (jsc#SLE-21032, bsc#1134353). - Rules weren't applied to dm devices (multipath) (bsc#1188713). - Ignore obsolete 'elevator' kernel parameter (bsc#1184994, bsc#1190234). - Make sure the versions of both udev and systemd packages are always the same (bsc#1189480). - Avoid error message when udev is updated due to udev being already active when the sockets are started again (bsc#1188291). - Allow the systemd sysusers config files to be overriden during system installation (bsc#1171962). ----------------------------------------- Patch: SUSE-2021-3382 Released: Tue Oct 12 14:30:17 2021 Summary: Recommended update for ca-certificates-mozilla Severity: moderate References: Description: This update for ca-certificates-mozilla fixes the following issues: - A new sub-package for minimal base containers (jsc#SLE-22162) ----------------------------------------- Patch: SUSE-2021-3385 Released: Tue Oct 12 15:54:31 2021 Summary: Security update for glibc Severity: moderate References: 1186489,1187911,CVE-2021-33574,CVE-2021-35942 Description: This update for glibc fixes the following issues: - CVE-2021-35942: wordexp: handle overflow in positional parameter number (bsc#1187911) - CVE-2021-33574: Use __pthread_attr_copy in mq_notify (bsc#1186489) ----------------------------------------- Version 3-Build5.8.93 2021-10-16T08:25:37 ----------------------------------------- Patch: SUSE-2021-3444 Released: Fri Oct 15 09:03:07 2021 Summary: Security update for rpm Severity: important References: 1179416,1183543,1183545,1183632,1183659,1185299,1187670,1188548,CVE-2021-20266,CVE-2021-20271,CVE-2021-3421 Description: This update for rpm fixes the following issues: Security issues fixed: - CVE-2021-3421, CVE-2021-20271, CVE-2021-20266: Multiple header check improvements (bsc#1183543, bsc#1183545, bsc#1183632) - PGP hardening changes (bsc#1185299) - Fixed potential access of freed mem in ndb's glue code (bsc#1179416) Maintaince issues fixed: - Fixed zstd detection (bsc#1187670) - Added ndb rofs support (bsc#1188548) - Fixed deadlock when multiple rpm processes try tp acquire the database lock (bsc#1183659) ----------------------------------------- Version 3-Build5.8.96 2021-10-19T08:24:13 ----------------------------------------- Patch: SUSE-2021-3454 Released: Mon Oct 18 09:29:26 2021 Summary: Security update for krb5 Severity: moderate References: 1189929,CVE-2021-37750 Description: This update for krb5 fixes the following issues: - CVE-2021-37750: Fixed KDC null pointer dereference via a FAST inner body that lacks a server field (bsc#1189929). ----------------------------------------- Version 3-Build5.8.98 2021-10-21T08:31:48 ----------------------------------------- Patch: SUSE-2021-3480 Released: Wed Oct 20 11:24:10 2021 Summary: Recommended update for yast2-network Severity: moderate References: 1185016,1185524,1186910,1187270,1187512,1188344,1190645,1190739,1190915,1190933 Description: This update for yast2-network fixes the following issues: - Don't crash when the interfaces table contains a not configured one (bnc#1190645, bsc#1190915). - Fix the shown description using the interface friendly name when it is empty (bsc#1190933). - Consider aliases sections as case insensitive (bsc#1190739). - Display user defined device name in the devices overview (bnc#1190645). - Don't crash when defined aliases in AutoYaST profile are not defined as a map (bsc#1188344). - Support 'boot' and 'on' as aliases for the 'auto' startmode (bsc#1186910). - Fix desktop file so the control center tooltip is translated (bsc#1187270). - Use the linuxrc proxy settings for the HTTPS and FTP proxies (bsc#1185016). - Don't crash at the end of installation when storing wifi configuration for NetworkManager (bsc#1185524, bsc#1187512). ----------------------------------------- Patch: SUSE-2021-3490 Released: Wed Oct 20 16:31:55 2021 Summary: Security update for ncurses Severity: moderate References: 1190793,CVE-2021-39537 Description: This update for ncurses fixes the following issues: - CVE-2021-39537: Fixed an heap-based buffer overflow in _nc_captoinfo. (bsc#1190793) ----------------------------------------- Patch: SUSE-2021-3494 Released: Wed Oct 20 16:48:46 2021 Summary: Recommended update for pam Severity: moderate References: 1190052 Description: This update for pam fixes the following issues: - Added pam_faillock to the set of available PAM modules. (jsc#SLE-20638) - Added new file macros.pam on request of systemd. (bsc#1190052) ----------------------------------------- Version 3-Build5.8.100 2021-10-23T08:25:56 ----------------------------------------- Patch: SUSE-2020-3026 Released: Fri Oct 23 15:35:49 2020 Summary: Optional update for the Public Cloud Module Severity: moderate References: Description: This update adds the Google Cloud Storage packages to the Public Cloud module (jsc#ECO-2398). The following packages were included: - python3-grpcio - python3-protobuf - python3-google-api-core - python3-google-cloud-core - python3-google-cloud-storage - python3-google-resumable-media - python3-googleapis-common-protos - python3-grpcio-gcp - python3-mock (updated to version 3.0.5) ----------------------------------------- Patch: SUSE-2021-294 Released: Wed Feb 3 12:54:28 2021 Summary: Recommended update for libprotobuf Severity: moderate References: Description: libprotobuf was updated to fix: - ship the libprotobuf-lite15 on the basesystem module and the INSTALLER channel. (jsc#ECO-2911) ----------------------------------------- Patch: SUSE-2021-3501 Released: Fri Oct 22 10:42:46 2021 Summary: Recommended update for libzypp, zypper, libsolv, protobuf Severity: moderate References: 1186503,1186602,1187224,1187425,1187466,1187738,1187760,1188156,1188435,1189031,1190059,1190199,1190465,1190712,1190815 Description: This update for libzypp, zypper, libsolv and protobuf fixes the following issues: - Choice rules: treat orphaned packages as newest (bsc#1190465) - Avoid calling 'su' to detect a too restrictive sudo user umask (bsc#1186602) - Do not check of signatures and keys two times(redundant) (bsc#1190059) - Rephrase vendor conflict message in case 2 packages are involved (bsc#1187760) - Show key fpr from signature when signature check fails (bsc#1187224) - Fix solver jobs for PTFs (bsc#1186503) - Fix purge-kernels fails (bsc#1187738) - Fix obs:// platform guessing for Leap (bsc#1187425) - Make sure to keep states alives while transitioning. (bsc#1190199) - Manpage: Improve description about patch updates(bsc#1187466) - Manpage: Recommend the needs-rebooting command to test whether a system reboot is suggested. - Fix kernel-*-livepatch removal in purge-kernels. (bsc#1190815) - Fix crashes in logging code when shutting down (bsc#1189031) - Do not download full files even if the checkExistsOnly flag is set. (bsc#1190712) - Add need reboot/restart hint to XML install summary (bsc#1188435) - Prompt: choose exact match if prompt options are not prefix free (bsc#1188156) - Include libprotobuf-lite20 in products to enable parallel downloads. (jsc#ECO-2911, jsc#SLE-16862) ----------------------------------------- Version 3-Build5.8.103 2021-10-27T08:23:29 ----------------------------------------- Patch: SUSE-2021-3510 Released: Tue Oct 26 11:22:15 2021 Summary: Recommended update for pam Severity: important References: 1191987 Description: This update for pam fixes the following issues: - Fixed a bad directive file which resulted in the 'securetty' file to be installed as 'macros.pam'. (bsc#1191987) ----------------------------------------- Patch: SUSE-2021-3523 Released: Tue Oct 26 15:40:13 2021 Summary: Security update for util-linux Severity: moderate References: 1122417,1125886,1178236,1188921,CVE-2021-37600 Description: This update for util-linux fixes the following issues: Update to version 2.33.2 to provide seamless update from SLE12 SP5 to SLE15 SP2: - CVE-2021-37600: Fixed an integer overflow which could lead to a buffer overflow in get_sem_elements() in sys-utils/ipcutils.c (bsc#1188921). - agetty: Fix 8-bit processing in get_logname() (bsc#1125886). - mount: Fix 'mount' output for net file systems (bsc#1122417). - ipcs: Avoid overflows (bsc#1178236) ----------------------------------------- Version 3-Build5.8.107 2021-10-28T08:25:01 ----------------------------------------- Patch: SUSE-2021-3529 Released: Wed Oct 27 09:23:32 2021 Summary: Security update for pcre Severity: moderate References: 1172973,1172974,CVE-2019-20838,CVE-2020-14155 Description: This update for pcre fixes the following issues: Update pcre to version 8.45: - CVE-2020-14155: Fixed integer overflow via a large number after a '(?C' substring (bsc#1172974). - CVE-2019-20838: Fixed buffer over-read in JIT compiler (bsc#1172973) ----------------------------------------- Version 3-Build5.8.119 2021-11-25T08:24:35 ----------------------------------------- Patch: SUSE-2021-3799 Released: Wed Nov 24 18:07:54 2021 Summary: Recommended update for gcc11 Severity: moderate References: 1187153,1187273,1188623 Description: This update for gcc11 fixes the following issues: The additional GNU compiler collection GCC 11 is provided: To select these compilers install the packages: - gcc11 - gcc-c++11 - and others with 11 prefix. to select them for building: - CC='gcc-11' - CXX='g++-11' The compiler baselibraries (libgcc_s1, libstdc++6 and others) are being replaced by the GCC 11 variants. ----------------------------------------- Version 3-Build5.8.120 2021-11-26T08:24:17 ----------------------------------------- Patch: SUSE-2021-3809 Released: Fri Nov 26 00:31:59 2021 Summary: Recommended update for systemd Severity: moderate References: 1189803,1190325,1190440,1190984,1191252,1192161 Description: This update for systemd fixes the following issues: - Add timestamp to D-Bus events to improve traceability (jsc#SLE-21862, jsc#SLE-18102, jsc#SLE-18103) - Fix IO scheduler udev rules to address performance issues (jsc#SLE-21032, bsc#1192161) - shutdown: Reduce log level of unmounts (bsc#1191252) - pid1: make use of new 'prohibit_ipc' logging flag in PID 1 (bsc#1189803) - core: rework how we connect to the bus (bsc#1190325) - mount-util: fix fd_is_mount_point() when both the parent and directory are network fs (bsc#1190984) - virt: detect Amazon EC2 Nitro instance (bsc#1190440) - Several fixes for umount - busctl: use usec granularity for the timestamp printed by the busctl monitor command - fix unitialized fields in MountPoint in dm_list_get() - shutdown: explicitly set a log target - mount-util: add mount_option_mangle() - dissect: automatically mark partitions read-only that have a read-only file system - build-sys: require proper libmount version - systemd-shutdown: use log_set_prohibit_ipc(true) - rationalize interface for opening/closing logging - pid1: when we can't log to journal, remember our fallback log target - log: remove LOG_TARGET_SAFE pseudo log target - log: add brief comment for log_set_open_when_needed() and log_set_always_reopen_console() - log: add new 'prohibit_ipc' flag to logging system - log: make log_set_upgrade_syslog_to_journal() take effect immediately - dbus: split up bus_done() into seperate functions - machine-id-setup: generate machine-id from DMI product ID on Amazon EC2 - virt: if we detect Xen by DMI, trust that over CPUID ----------------------------------------- Version 3-Build5.8.124 2021-12-02T08:24:36 ----------------------------------------- Patch: SUSE-2021-3830 Released: Wed Dec 1 13:45:46 2021 Summary: Security update for glibc Severity: moderate References: 1027496,1183085,CVE-2016-10228 Description: This update for glibc fixes the following issues: - libio: do not attempt to free wide buffers of legacy streams (bsc#1183085) - CVE-2016-10228: Rewrite iconv option parsing to fix security issue (bsc#1027496) ----------------------------------------- Patch: SUSE-2021-3870 Released: Thu Dec 2 07:11:50 2021 Summary: Recommended update for libzypp, zypper Severity: moderate References: 1190356,1191286,1191324,1191370,1191609,1192337,1192436 Description: This update for libzypp, zypper fixes the following issues: libzypp: - Check log writer before accessing it (bsc#1192337) - Zypper should keep cached files if transaction is aborted (bsc#1190356) - Require a minimum number of mirrors for multicurl (bsc#1191609) - Fixed slowdowns when rlimit is too high by using procfs to detect niumber of open file descriptors (bsc#1191324) - Fixed zypper incomplete messages when using non English localization (bsc#1191370) - RepoManager: Don't probe for plaindir repository if the URL schema is a plugin (bsc#1191286) - Disable logger in the child process after fork (bsc#1192436) zypper: - Fixed Zypper removing a kernel explicitely pinned that uses uname -r output format as name (openSUSE/zypper#418) ----------------------------------------- Patch: SUSE-2021-3872 Released: Thu Dec 2 07:25:55 2021 Summary: Recommended update for cracklib Severity: moderate References: 1191736 Description: This update for cracklib fixes the following issues: - Enable build time tests (bsc#1191736) ----------------------------------------- Version 3-Build5.8.127 2021-12-05T08:22:29 ----------------------------------------- Patch: SUSE-2021-3891 Released: Fri Dec 3 10:21:49 2021 Summary: Recommended update for keyutils Severity: moderate References: 1029961,1113013,1187654 Description: This update for keyutils fixes the following issues: - Add /etc/keys/ and /usr/etc/keys/ directory (bsc#1187654) keyutils was updated to 1.6.3 (jsc#SLE-20016): * Revert the change notifications that were using /dev/watch_queue. * Apply the change notifications that use pipe2(O_NOTIFICATION_PIPE). * Allow 'keyctl supports' to retrieve raw capability data. * Allow 'keyctl id' to turn a symbolic key ID into a numeric ID. * Allow 'keyctl new_session' to name the keyring. * Allow 'keyctl add/padd/etc.' to take hex-encoded data. * Add 'keyctl watch*' to expose kernel change notifications on keys. * Add caps for namespacing and notifications. * Set a default TTL on keys that upcall for name resolution. * Explicitly clear memory after it's held sensitive information. * Various manual page fixes. * Fix C++-related errors. * Add support for keyctl_move(). * Add support for keyctl_capabilities(). * Make key=val list optional for various public-key ops. * Fix system call signature for KEYCTL_PKEY_QUERY. * Fix 'keyctl pkey_query' argument passing. * Use keyctl_read_alloc() in dump_key_tree_aux(). * Various manual page fixes. Updated to 1.6: * Apply various specfile cleanups from Fedora. * request-key: Provide a command line option to suppress helper execution. * request-key: Find least-wildcard match rather than first match. * Remove the dependency on MIT Kerberos. * Fix some error messages * keyctl_dh_compute.3: Suggest /proc/crypto for list of available hashes. * Fix doc and comment typos. * Add public key ops for encrypt, decrypt, sign and verify (needs linux-4.20). * Add pkg-config support for finding libkeyutils. * upstream isn't offering PGP signatures for the source tarballs anymore Updated to 1.5.11 (bsc#1113013) * Add keyring restriction support. * Add KDF support to the Diffie-Helman function. * DNS: Add support for AFS config files and SRV records ----------------------------------------- Patch: SUSE-2021-3899 Released: Fri Dec 3 11:27:41 2021 Summary: Security update for aaa_base Severity: moderate References: 1162581,1174504,1191563,1192248 Description: This update for aaa_base fixes the following issues: - Allowed ping and ICMP commands without CAP_NET_RAW (bsc#1174504). - Add $HOME/.local/bin to PATH, if it exists (bsc#1192248). - Fixed get_kernel_version.c to work also for recent kernels on the s390/X platform (bsc#1191563). - Support xz compressed kernel (bsc#1162581) ----------------------------------------- Version 3-Build5.8.128 2021-12-07T08:23:54 ----------------------------------------- Patch: SUSE-2021-3946 Released: Mon Dec 6 14:57:42 2021 Summary: Security update for gmp Severity: moderate References: 1192717,CVE-2021-43618 Description: This update for gmp fixes the following issues: - CVE-2021-43618: Fixed buffer overflow via crafted input in mpz/inp_raw.c (bsc#1192717). ----------------------------------------- Version 3-Build5.8.133 2021-12-14T08:28:26 ----------------------------------------- Patch: SUSE-2021-4015 Released: Mon Dec 13 17:16:00 2021 Summary: Security update for python3 Severity: moderate References: 1180125,1183374,1183858,1185588,1187338,1187668,1189241,1189287,CVE-2021-3426,CVE-2021-3733,CVE-2021-3737 Description: This update for python3 fixes the following issues: - CVE-2021-3737: Fixed http client infinite line reading (DoS) after a http 100. (bsc#1189241) - CVE-2021-3733: Fixed ReDoS in urllib.request. (bsc#1189287) - CVE-2021-3426: Fixed an information disclosure via pydoc. (bsc#1183374) - Rebuild to get new headers, avoid building in support for stropts.h (bsc#1187338). ----------------------------------------- Version 3-Build5.8.139 2021-12-26T08:28:05 ----------------------------------------- Patch: SUSE-2021-4139 Released: Tue Dec 21 17:02:44 2021 Summary: Recommended update for systemd Severity: critical References: 1193481,1193521 Description: This update for systemd fixes the following issues: - Revert 'core: rework how we connect to the bus' (bsc#1193521 bsc#1193481) sleep-config: partitions can't be deleted, only files can shared/sleep-config: exclude zram devices from hibernation candidates ----------------------------------------- Patch: SUSE-2021-4145 Released: Wed Dec 22 05:27:48 2021 Summary: Recommended update for openssl-1_1 Severity: moderate References: 1161276 Description: This update for openssl-1_1 fixes the following issues: - Remove previously applied patch because it interferes with FIPS validation (bsc#1161276) ----------------------------------------- Patch: SUSE-2021-4154 Released: Wed Dec 22 11:02:38 2021 Summary: Security update for p11-kit Severity: important References: 1180064,1187993,CVE-2020-29361 Description: This update for p11-kit fixes the following issues: - CVE-2020-29361: Fixed multiple integer overflows in rpc code (bsc#1180064) - Add support for CKA_NSS_{SERVER,EMAIL}_DISTRUST_AFTER (bsc#1187993). ----------------------------------------- Patch: SUSE-2021-4182 Released: Thu Dec 23 11:51:51 2021 Summary: Recommended update for zlib Severity: moderate References: 1192688 Description: This update for zlib fixes the following issues: - Fix hardware compression incorrect result on z15 hardware (bsc#1192688) ----------------------------------------- Version 3-Build5.8.141 2021-12-29T08:29:55 ----------------------------------------- Patch: SUSE-2021-4192 Released: Tue Dec 28 10:39:50 2021 Summary: Security update for permissions Severity: moderate References: 1174504 Description: This update for permissions fixes the following issues: - Update to version 20181225: * drop ping capabilities in favor of ICMP_PROTO sockets (bsc#1174504) ----------------------------------------- Version 3-Build5.8.144 2022-01-04T08:21:51 ----------------------------------------- Patch: SUSE-2022-4 Released: Mon Jan 3 08:28:54 2022 Summary: Recommended update for libgcrypt Severity: moderate References: 1193480 Description: This update for libgcrypt fixes the following issues: - Fix function gcry_mpi_sub_ui subtracting from negative value (bsc#1193480) ----------------------------------------- Version 3-Build5.8.149 2022-01-18T08:23:00 ----------------------------------------- Patch: SUSE-2022-93 Released: Tue Jan 18 05:11:58 2022 Summary: Recommended update for openssl-1_1 Severity: important References: 1192489 Description: This update for openssl-1_1 fixes the following issues: - Add RSA_get0_pss_params() accessor that is used by nodejs16 and provide openssl-has-RSA_get0_pss_params (bsc#1192489) ----------------------------------------- Patch: SUSE-2022-94 Released: Tue Jan 18 05:13:24 2022 Summary: Recommended update for rpm Severity: important References: 1180125,1193711 Description: This update for rpm fixes the following issues: - Add explicit requirement on python-rpm-macros (bsc#1180125, bsc#1193711) ----------------------------------------- Version 3-Build5.8.150 2022-01-19T08:22:54 ----------------------------------------- Patch: SUSE-2022-124 Released: Wed Jan 19 05:03:04 2022 Summary: Recommended update for shared-mime-info Severity: moderate References: 1191630 Description: This update for shared-mime-info fixes the following issues: - Fix nautilus not launching applications because all applications are not detected as executable program but as shared library (bsc#1191630) ----------------------------------------- Version 3-Build5.8.151 2022-01-20T16:32:47 ----------------------------------------- Patch: SUSE-2022-141 Released: Thu Jan 20 13:47:16 2022 Summary: Security update for permissions Severity: moderate References: 1169614 Description: This update for permissions fixes the following issues: - Update to version 20181225: setuid bit for cockpit session binary (bsc#1169614). ----------------------------------------- Version 3-Build5.8.158 2022-01-26T12:25:01 ----------------------------------------- Patch: SUSE-2022-178 Released: Tue Jan 25 14:16:23 2022 Summary: Security update for expat Severity: important References: 1194251,1194362,1194474,1194476,1194477,1194478,1194479,1194480,CVE-2021-45960,CVE-2021-46143,CVE-2022-22822,CVE-2022-22823,CVE-2022-22824,CVE-2022-22825,CVE-2022-22826,CVE-2022-22827 Description: This update for expat fixes the following issues: - CVE-2021-45960: Fixed left shift in the storeAtts function in xmlparse.c that can lead to realloc misbehavior (bsc#1194251). - CVE-2021-46143: Fixed integer overflow in m_groupSize in doProlog (bsc#1194362). - CVE-2022-22822: Fixed integer overflow in addBinding in xmlparse.c (bsc#1194474). - CVE-2022-22823: Fixed integer overflow in build_model in xmlparse.c (bsc#1194476). - CVE-2022-22824: Fixed integer overflow in defineAttribute in xmlparse.c (bsc#1194477). - CVE-2022-22825: Fixed integer overflow in lookup in xmlparse.c (bsc#1194478). - CVE-2022-22826: Fixed integer overflow in nextScaffoldPart in xmlparse.c (bsc#1194479). - CVE-2022-22827: Fixed integer overflow in storeAtts in xmlparse.c (bsc#1194480). ----------------------------------------- Version 3-Build5.8.163 2022-02-01T08:23:29 ----------------------------------------- Patch: SUSE-2022-228 Released: Mon Jan 31 06:07:52 2022 Summary: Recommended update for boost Severity: moderate References: 1194522 Description: This update for boost fixes the following issues: - Fix compilation errors (bsc#1194522) ----------------------------------------- Version 3-Build5.8.168 2022-02-09T08:26:01 ----------------------------------------- Patch: SUSE-2022-348 Released: Tue Feb 8 13:02:20 2022 Summary: Recommended update for libzypp Severity: important References: 1193007,1193488,1194597,1194898,954813 Description: This update for libzypp fixes the following issues: - RepoManager: remember execution errors in exception history (bsc#1193007) - Fix exception handling when reading or writing credentials (bsc#1194898) - Fix install path for parser (bsc#1194597) - Fix Legacy include (bsc#1194597) - Public header files on older distros must use c++11 (bsc#1194597) - Use the default zypp.conf settings if no zypp.conf exists (bsc#1193488) - Fix wrong encoding of URI compontents of ISO images (bsc#954813) - When invoking 32bit mode in userland of an aarch64 kernel, handle armv8l as armv7hl compatible - Introduce zypp-curl as a sublibrary for CURL related code - zypp-rpm: Increase rpm loglevel if ZYPP_RPM_DEBUG is set - Save all signatures associated with a public key in its PublicKeyData ----------------------------------------- Version 3-Build5.8.170 2022-02-21T08:23:26 ----------------------------------------- Patch: SUSE-2022-498 Released: Fri Feb 18 10:46:56 2022 Summary: Security update for expat Severity: important References: 1195054,1195217,CVE-2022-23852,CVE-2022-23990 Description: This update for expat fixes the following issues: - CVE-2022-23852: Fixed signed integer overflow in XML_GetBuffer (bsc#1195054). - CVE-2022-23990: Fixed integer overflow in the doProlog function (bsc#1195217). ----------------------------------------- Patch: SUSE-2022-511 Released: Fri Feb 18 12:41:53 2022 Summary: Recommended update for coreutils Severity: moderate References: 1082318,1189152 Description: This update for coreutils fixes the following issues: - Add 'fuse.portal' as a dummy file system (used in flatpak implementations) (bsc#1189152). - Properly sort docs and license files (bsc#1082318). ----------------------------------------- Patch: SUSE-2022-523 Released: Fri Feb 18 12:49:09 2022 Summary: Recommended update for systemd Severity: moderate References: 1193759,1193841 Description: This update for systemd fixes the following issues: - systemctl: exit with 1 if no unit files found (bsc#1193841). - add rules for virtual devices (bsc#1193759). - enforce 'none' for loop devices (bsc#1193759). ----------------------------------------- Version 3-Build5.8.183 2022-03-06T08:24:13 ----------------------------------------- Patch: SUSE-2022-674 Released: Wed Mar 2 13:24:38 2022 Summary: Recommended update for yast2-network Severity: moderate References: 1187512 Description: This update for yast2-network fixes the following issues: - Don't crash at the end of installation when storing wifi configuration for NetworkManager. (bsc#1187512) ----------------------------------------- Patch: SUSE-2022-692 Released: Thu Mar 3 15:46:47 2022 Summary: Recommended update for filesystem Severity: moderate References: 1190447 Description: This update for filesystem fixes the following issues: - Release ported filesystem to LTSS channels (bsc#1190447). ----------------------------------------- Patch: SUSE-2022-702 Released: Thu Mar 3 18:22:59 2022 Summary: Security update for cyrus-sasl Severity: important References: 1196036,CVE-2022-24407 Description: This update for cyrus-sasl fixes the following issues: - CVE-2022-24407: Fixed SQL injection in sql_auxprop_store in plugins/sql.c (bsc#1196036). ----------------------------------------- Patch: SUSE-2022-713 Released: Fri Mar 4 09:34:17 2022 Summary: Security update for expat Severity: important References: 1196025,1196026,1196168,1196169,1196171,CVE-2022-25235,CVE-2022-25236,CVE-2022-25313,CVE-2022-25314,CVE-2022-25315 Description: This update for expat fixes the following issues: - CVE-2022-25236: Fixed possible namespace-separator characters insertion into namespace URIs (bsc#1196025). - CVE-2022-25235: Fixed UTF-8 character validation in a certain context (bsc#1196026). - CVE-2022-25313: Fixed stack exhaustion in build_model() via uncontrolled recursion (bsc#1196168). - CVE-2022-25314: Fixed integer overflow in copyString (bsc#1196169). - CVE-2022-25315: Fixed integer overflow in storeRawNames (bsc#1196171). ----------------------------------------- Patch: SUSE-2022-717 Released: Fri Mar 4 09:45:20 2022 Summary: Security update for gnutls Severity: moderate References: 1196167,CVE-2021-4209 Description: This update for gnutls fixes the following issues: - CVE-2021-4209: Fixed null pointer dereference in MD_UPDATE (bsc#1196167). ----------------------------------------- Version 3-Build5.8.195 2022-03-18T16:43:26 ----------------------------------------- Patch: SUSE-2022-787 Released: Thu Mar 10 11:20:13 2022 Summary: Recommended update for openldap2 Severity: moderate References: Description: This update for openldap2 fixes the following issue: - restore CLDAP functionality in CLI tools (jsc#PM-3288) ----------------------------------------- Patch: SUSE-2022-788 Released: Thu Mar 10 11:21:04 2022 Summary: Recommended update for libzypp, zypper Severity: moderate References: 1195326 Description: This update for libzypp, zypper fixes the following issues: - Fix handling of redirected command in-/output (bsc#1195326) This fixes delays at the end of zypper operations, where zypper unintentionally waits for appdata plugin scripts to complete. ----------------------------------------- Patch: SUSE-2022-789 Released: Thu Mar 10 11:22:05 2022 Summary: Recommended update for update-alternatives Severity: moderate References: 1195654 Description: This update for update-alternatives fixes the following issues: - Break bash - update-alternatives cycle rewrite of '%post' in 'lua'. (bsc#1195654) ----------------------------------------- Patch: SUSE-2022-808 Released: Fri Mar 11 06:07:58 2022 Summary: Recommended update for procps Severity: moderate References: 1195468 Description: This update for procps fixes the following issues: - Stop registering signal handler for SIGURG, to avoid `ps` failure if someone sends such signal. Without the signal handler, SIGURG will just be ignored. (bsc#1195468) ----------------------------------------- Patch: SUSE-2022-832 Released: Mon Mar 14 17:27:03 2022 Summary: Security update for glibc Severity: important References: 1193625,1194640,1194768,1194770,1195560,CVE-2015-8985,CVE-2021-3999,CVE-2022-23218,CVE-2022-23219 Description: glibc was updated to fix the following issues: Security issues fixed: - CVE-2022-23219: Fixed Buffer overflow in sunrpc clnt_create for 'unix' (bsc#1194768) - CVE-2022-23218: Buffer overflow in sunrpc svcunix_create (bsc#1194770) - CVE-2021-3999: Fixed getcwd to set errno to ERANGE for size == 1 (bsc#1194640) - CVE-2015-8985: Fixed Assertion failure in pop_fail_stack when executing a malformed regexp (bsc#1193625) Also the following bug was fixed: - Fix pthread_rwlock_try*lock stalls (bsc#1195560) ----------------------------------------- Patch: SUSE-2022-844 Released: Tue Mar 15 11:33:57 2022 Summary: Security update for expat Severity: important References: 1196025,1196784,CVE-2022-25236 Description: This update for expat fixes the following issues: - Fixed a regression caused by the patch for CVE-2022-25236 (bsc#1196784). ----------------------------------------- Patch: SUSE-2022-845 Released: Tue Mar 15 11:40:52 2022 Summary: Security update for chrony Severity: moderate References: 1099272,1115529,1128846,1162964,1172113,1173277,1174075,1174911,1180689,1181826,1187906,1190926,1194229,CVE-2020-14367 Description: This update for chrony fixes the following issues: Chrony was updated to 4.1, bringing features and bugfixes. Update to 4.1 * Add support for NTS servers specified by IP address (matching Subject Alternative Name in server certificate) * Add source-specific configuration of trusted certificates * Allow multiple files and directories with trusted certificates * Allow multiple pairs of server keys and certificates * Add copy option to server/pool directive * Increase PPS lock limit to 40% of pulse interval * Perform source selection immediately after loading dump files * Reload dump files for addresses negotiated by NTS-KE server * Update seccomp filter and add less restrictive level * Restart ongoing name resolution on online command * Fix dump files to not include uncorrected offset * Fix initstepslew to accept time from own NTP clients * Reset NTP address and port when no longer negotiated by NTS-KE server - Ensure the correct pool packages are installed for openSUSE and SLE (bsc#1180689). - Fix pool package dependencies, so that SLE prefers chrony-pool-suse over chrony-pool-empty. (bsc#1194229) - Enable syscallfilter unconditionally [bsc#1181826]. Update to 4.0 - Enhancements - Add support for Network Time Security (NTS) authentication - Add support for AES-CMAC keys (AES128, AES256) with Nettle - Add authselectmode directive to control selection of unauthenticated sources - Add binddevice, bindacqdevice, bindcmddevice directives - Add confdir directive to better support fragmented configuration - Add sourcedir directive and 'reload sources' command to support dynamic NTP sources specified in files - Add clockprecision directive - Add dscp directive to set Differentiated Services Code Point (DSCP) - Add -L option to limit log messages by severity - Add -p option to print whole configuration with included files - Add -U option to allow start under non-root user - Allow maxsamples to be set to 1 for faster update with -q/-Q option - Avoid replacing NTP sources with sources that have unreachable address - Improve pools to repeat name resolution to get 'maxsources' sources - Improve source selection with trusted sources - Improve NTP loop test to prevent synchronisation to itself - Repeat iburst when NTP source is switched from offline state to online - Update clock synchronisation status and leap status more frequently - Update seccomp filter - Add 'add pool' command - Add 'reset sources' command to drop all measurements - Add authdata command to print details about NTP authentication - Add selectdata command to print details about source selection - Add -N option and sourcename command to print original names of sources - Add -a option to some commands to print also unresolved sources - Add -k, -p, -r options to clients command to select, limit, reset data - Bug fixes - Don’t set interface for NTP responses to allow asymmetric routing - Handle RTCs that don’t support interrupts - Respond to command requests with correct address on multihomed hosts - Removed features - Drop support for RIPEMD keys (RMD128, RMD160, RMD256, RMD320) - Drop support for long (non-standard) MACs in NTPv4 packets (chrony 2.x clients using non-MD5/SHA1 keys need to use option 'version 3') - Drop support for line editing with GNU Readline - By default we don't write log files but log to journald, so only recommend logrotate. - Adjust and rename the sysconfig file, so that it matches the expectations of chronyd.service (bsc#1173277). Update to 3.5.1: * Create new file when writing pidfile (CVE-2020-14367, bsc#1174911) - Fixes for %_libexecdir changing to /usr/libexec (bsc#1174075) - Use iburst in the default pool statements to speed up initial synchronisation (bsc#1172113). Update to 3.5: + Add support for more accurate reading of PHC on Linux 5.0 + Add support for hardware timestamping on interfaces with read-only timestamping configuration + Add support for memory locking and real-time priority on FreeBSD, NetBSD, Solaris + Update seccomp filter to work on more architectures + Validate refclock driver options + Fix bindaddress directive on FreeBSD + Fix transposition of hardware RX timestamp on Linux 4.13 and later + Fix building on non-glibc systems - Fix location of helper script in chrony-dnssrv@.service (bsc#1128846). - Read runtime servers from /var/run/netconfig/chrony.servers to fix bsc#1099272. - Move chrony-helper to /usr/lib/chrony/helper, because there should be no executables in /usr/share. Update to version 3.4 * Enhancements + Add filter option to server/pool/peer directive + Add minsamples and maxsamples options to hwtimestamp directive + Add support for faster frequency adjustments in Linux 4.19 + Change default pidfile to /var/run/chrony/chronyd.pid to allow chronyd without root privileges to remove it on exit + Disable sub-second polling intervals for distant NTP sources + Extend range of supported sub-second polling intervals + Get/set IPv4 destination/source address of NTP packets on FreeBSD + Make burst options and command useful with short polling intervals + Modify auto_offline option to activate when sending request failed + Respond from interface that received NTP request if possible + Add onoffline command to switch between online and offline state according to current system network configuration + Improve example NetworkManager dispatcher script * Bug fixes + Avoid waiting in Linux getrandom system call + Fix PPS support on FreeBSD and NetBSD Update to version 3.3 * Enhancements: + Add burst option to server/pool directive + Add stratum and tai options to refclock directive + Add support for Nettle crypto library + Add workaround for missing kernel receive timestamps on Linux + Wait for late hardware transmit timestamps + Improve source selection with unreachable sources + Improve protection against replay attacks on symmetric mode + Allow PHC refclock to use socket in /var/run/chrony + Add shutdown command to stop chronyd + Simplify format of response to manual list command + Improve handling of unknown responses in chronyc * Bug fixes: + Respond to NTPv1 client requests with zero mode + Fix -x option to not require CAP_SYS_TIME under non-root user + Fix acquisitionport directive to work with privilege separation + Fix handling of socket errors on Linux to avoid high CPU usage + Fix chronyc to not get stuck in infinite loop after clock step ----------------------------------------- Patch: SUSE-2022-861 Released: Tue Mar 15 23:30:48 2022 Summary: Recommended update for openssl-1_1 Severity: moderate References: 1182959,1195149,1195792,1195856 Description: This update for openssl-1_1 fixes the following issues: openssl-1_1: - Fix PAC pointer authentication in ARM (bsc#1195856) - Pull libopenssl-1_1 when updating openssl-1_1 with the same version (bsc#1195792) - FIPS: Fix function and reason error codes (bsc#1182959) - Enable zlib compression support (bsc#1195149) glibc: - Resolve installation issue of `glibc-devel` in SUSE Linux Enterprise Micro 5.1 linux-glibc-devel: - Resolve installation issue of `linux-kernel-headers` in SUSE Linux Enterprise Micro 5.1 libxcrypt: - Resolve installation issue of `libxcrypt-devel` in SUSE Linux Enterprise Micro 5.1 zlib: - Resolve installation issue of `zlib-devel` in SUSE Linux Enterprise Micro 5.1 ----------------------------------------- Patch: SUSE-2022-867 Released: Wed Mar 16 07:14:44 2022 Summary: Recommended update for libtirpc Severity: moderate References: 1193805 Description: This update for libtirpc fixes the following issues: - Fix memory leak in client protocol version 2 code (bsc#1193805) ----------------------------------------- Patch: SUSE-2022-874 Released: Wed Mar 16 10:40:52 2022 Summary: Recommended update for openldap2 Severity: moderate References: 1197004 Description: This update for openldap2 fixes the following issue: - Revert jsc#PM-3288 - CLDAP ( -DLDAP_CONNECTIONLESS ) due to regression (bsc#1197004) ----------------------------------------- Patch: SUSE-2022-884 Released: Thu Mar 17 09:47:43 2022 Summary: Recommended update for python-jsonschema, python-rfc3987, python-strict-rfc3339 Severity: moderate References: 1082318 Description: This update for python-jsonschema, python-rfc3987, python-strict-rfc3339 fixes the following issues: - Add patch to fix build with new webcolors. - update to version 3.2.0 (jsc#SLE-18756): * Added a format_nongpl setuptools extra, which installs only format dependencies that are non-GPL (#619). - specfile: * require python-importlib-metadata - update to version 3.1.1: * Temporarily revert the switch to js-regex until #611 and #612 are resolved. - changes from version 3.1.0: - Regular expressions throughout schemas now respect the ECMA 262 dialect, as recommended by the specification (#609). - Activate more of the test suite - Remove tests and benchmarking from the runtime package - Update to v3.0.2 - Fixed a bug where 0 and False were considered equal by const and enum - from v3.0.1 - Fixed a bug where extending validators did not preserve their notion of which validator property contains $id information. - Update to 3.0.1: - Support for Draft 6 and Draft 7 - Draft 7 is now the default - New TypeChecker object for more complex type definitions (and overrides) - Falling back to isodate for the date-time format checker is no longer attempted, in accordance with the specification - Use %license instead of %doc (bsc#1082318) - Remove hashbang from runtime module - Replace PyPI URL with https://github.com/dgerber/rfc3987 - Activate doctests - Add missing runtime dependency on timezone - Replace dead link with GitHub URL - Activate test suite - Trim bias from descriptions. - Initial commit, needed by flex ----------------------------------------- Version 3-Build5.8.199 2022-03-26T17:37:10 ----------------------------------------- Patch: SUSE-2022-936 Released: Tue Mar 22 18:10:17 2022 Summary: Recommended update for filesystem and systemd-rpm-macros Severity: moderate References: 1196275,1196406 Description: This update for filesystem and systemd-rpm-macros fixes the following issues: filesystem: - Add path /lib/modprobe.d (bsc#1196275, jsc#SLE-20639) systemd-rpm-macros: - Make %_modprobedir point to /lib/modprobe.d (bsc#1196275, bsc#1196406) ----------------------------------------- Version 3-Build5.8.204 2022-03-30T09:00:22 ----------------------------------------- Patch: SUSE-2022-1021 Released: Tue Mar 29 13:24:21 2022 Summary: Recommended update for systemd Severity: moderate References: 1195899 Description: This update for systemd fixes the following issues: - allow setting external core size to infinity (bsc#1195899 jsc#SLE-23868 jsc#SLE-23870) ----------------------------------------- Version 3-Build5.8.207 2022-04-01T09:00:25 ----------------------------------------- Patch: SUSE-2022-1040 Released: Wed Mar 30 09:40:58 2022 Summary: Security update for protobuf Severity: moderate References: 1195258,CVE-2021-22570 Description: This update for protobuf fixes the following issues: - CVE-2021-22570: Fix incorrect parsing of nullchar in the proto symbol (bsc#1195258). ----------------------------------------- Patch: SUSE-2022-1047 Released: Wed Mar 30 16:20:56 2022 Summary: Recommended update for pam Severity: moderate References: 1196093,1197024 Description: This update for pam fixes the following issues: - Define _pam_vendordir as the variable is needed by systemd and others. (bsc#1196093) - Between allocating the variable 'ai' and free'ing them, there are two 'return NO' were we don't free this variable. This patch inserts freaddrinfo() calls before the 'return NO;'s. (bsc#1197024) ----------------------------------------- Patch: SUSE-2022-1061 Released: Wed Mar 30 18:27:06 2022 Summary: Security update for zlib Severity: important References: 1197459,CVE-2018-25032 Description: This update for zlib fixes the following issues: - CVE-2018-25032: Fixed memory corruption on deflate (bsc#1197459). ----------------------------------------- Version 3-Build5.8.210 2022-04-02T09:00:21 ----------------------------------------- Patch: SUSE-2022-1073 Released: Fri Apr 1 11:45:01 2022 Summary: Security update for yaml-cpp Severity: moderate References: 1121227,1121230,1122004,1122021,CVE-2018-20573,CVE-2018-20574,CVE-2019-6285,CVE-2019-6292 Description: This update for yaml-cpp fixes the following issues: - CVE-2018-20573: Fixed remote DOS via a crafted YAML file in function Scanner:EnsureTokensInQueue (bsc#1121227). - CVE-2018-20574: Fixed remote DOS via a crafted YAML file in function SingleDocParser:HandleFlowMap (bsc#1121230). - CVE-2019-6285: Fixed remote DOS via a crafted YAML file in function SingleDocParser::HandleFlowSequence (bsc#1122004). - CVE-2019-6292: Fixed DOS by stack consumption in singledocparser.cpp (bsc#1122021). ----------------------------------------- Version 3-Build5.8.216 2022-04-05T09:00:20 ----------------------------------------- Patch: SUSE-2022-1099 Released: Mon Apr 4 12:53:05 2022 Summary: Recommended update for aaa_base Severity: moderate References: 1194883 Description: This update for aaa_base fixes the following issues: - Set net.ipv4.ping_group_range to allow ICMP ping (bsc#1194883) - Include all fixes and changes for systemwide inputrc to remove the 8 bit escape sequence which interfere with UTF-8 multi byte characters as well as support the vi mode of readline library ----------------------------------------- Patch: SUSE-2022-1109 Released: Mon Apr 4 17:50:01 2022 Summary: Recommended update for util-linux Severity: important References: 1172427,1194642 Description: This update for util-linux fixes the following issues: - Improve throughput and reduce clock sequence increments for high load situation with time based version 1 uuids. (bsc#1194642) - Prevent root owning of `/var/lib/libuuid/clock.txt`. (bsc#1194642) - Warn if uuidd lock state is not usable. (bsc#1194642) - Fix 'su -s' bash completion. (bsc#1172427) ----------------------------------------- Version 3-Build5.8.225 2022-04-13T09:00:23 ----------------------------------------- Patch: SUSE-2022-1157 Released: Tue Apr 12 13:26:19 2022 Summary: Security update for libsolv, libzypp, zypper Severity: important References: 1184501,1194848,1195999,1196061,1196317,1196368,1196514,1196925,1197134 Description: This update for libsolv, libzypp, zypper fixes the following issues: Security relevant fix: - Harden package signature checks (bsc#1184501). libsolv update to 0.7.22: - reworked choice rule generation to cover more usecases - support SOLVABLE_PREREQ_IGNOREINST in the ordering code (bsc#1196514) - support parsing of Debian's Multi-Arch indicator - fix segfault on conflict resolution when using bindings - fix split provides not working if the update includes a forbidden vendor change - support strict repository priorities new solver flag: SOLVER_FLAG_STRICT_REPO_PRIORITY - support zstd compressed control files in debian packages - add an ifdef allowing to rename Solvable dependency members ('requires' is a keyword in C++20) - support setting/reading userdata in solv files new functions: repowriter_set_userdata, solv_read_userdata - support queying of the custom vendor check function new function: pool_get_custom_vendorcheck - support solv files with an idarray block - allow accessing the toolversion at runtime libzypp update to 17.30.0: - ZConfig: Update solver settings if target changes (bsc#1196368) - Fix possible hang in singletrans mode (bsc#1197134) - Do 2 retries if mount is still busy. - Fix package signature check (bsc#1184501) Pay attention that header and payload are secured by a valid signature and report more detailed which signature is missing. - Retry umount if device is busy (bsc#1196061, closes #381) A previously released ISO image may need a bit more time to release it's loop device. So we wait a bit and retry. - Fix serializing/deserializing type mismatch in zypp-rpm protocol (bsc#1196925) - Fix handling of ISO media in releaseAll (bsc#1196061) - Hint on common ptf resolver conflicts (bsc#1194848) - Hint on ptf<>patch resolver conflicts (bsc#1194848) zypper update to 1.14.52: - info: print the packages upstream URL if available (fixes #426) - info: Fix SEGV with not installed PTFs (bsc#1196317) - Don't prevent less restrictive umasks (bsc#1195999) ----------------------------------------- Patch: SUSE-2022-1158 Released: Tue Apr 12 14:44:43 2022 Summary: Security update for xz Severity: important References: 1198062,CVE-2022-1271 Description: This update for xz fixes the following issues: - CVE-2022-1271: Fixed an incorrect escaping of malicious filenames (ZDI-CAN-16587). (bsc#1198062) ----------------------------------------- Version 3-Build5.8.230 2022-04-24T09:00:24 ----------------------------------------- Patch: SUSE-2022-1302 Released: Fri Apr 22 10:04:46 2022 Summary: Recommended update for e2fsprogs Severity: moderate References: 1196939 Description: This update for e2fsprogs fixes the following issues: - Add support for 'libreadline7' for Leap. (bsc#1196939) ----------------------------------------- Version 3-Build5.8.233 2022-04-26T09:00:24 ----------------------------------------- Patch: SUSE-2022-1374 Released: Mon Apr 25 15:02:13 2022 Summary: Recommended update for openldap2 Severity: moderate References: 1191157,1197004 Description: This update for openldap2 fixes the following issues: - allow specification of max/min TLS version with TLS1.3 (bsc#1191157) - libldap was able to be out of step with openldap in some cases which could cause incorrect installations and symbol resolution failures. openldap2 and libldap now are locked to their related release versions. (bsc#1197004) - restore CLDAP functionality in CLI tools (jsc#PM-3288) ----------------------------------------- Version 3-Build5.8.235 2022-04-27T09:00:25 ----------------------------------------- Patch: SUSE-2022-1409 Released: Tue Apr 26 12:54:57 2022 Summary: Recommended update for gcc11 Severity: moderate References: 1195628,1196107 Description: This update for gcc11 fixes the following issues: - Add a list of Obsoletes to libstdc++6-pp-gcc11 so updates from packages provided by older GCC work. Add a requires from that package to the corresponding libstc++6 package to keep those at the same version. [bsc#1196107] - Fixed memory corruption when creating dependences with the D language frontend. - Add gcc11-PIE, similar to gcc-PIE but affecting gcc11 [bsc#1195628] - Put libstdc++6-pp Requires on the shared library and drop to Recommends. ----------------------------------------- Version 3-Build5.8.239 2022-04-29T13:01:42 ----------------------------------------- Patch: SUSE-2022-1452 Released: Thu Apr 28 10:48:06 2022 Summary: Recommended update for perl Severity: moderate References: 1193489 Description: This update for perl fixes the following issues: - Fix Socket::VERSION evaluation and stabilize Socket:VERSION comparisons (bsc#1193489) ----------------------------------------- Patch: SUSE-2022-1455 Released: Thu Apr 28 11:31:51 2022 Summary: Security update for glib2 Severity: low References: 1183533,CVE-2021-28153 Description: This update for glib2 fixes the following issues: - CVE-2021-28153: Fixed an issue where symlink targets would be incorrectly created as empty files (bsc#1183533). ----------------------------------------- Version 3-Build5.8.251 2022-05-14T09:00:25 ----------------------------------------- Patch: SUSE-2022-1655 Released: Fri May 13 15:36:10 2022 Summary: Recommended update for pam Severity: moderate References: 1197794 Description: This update for pam fixes the following issue: - Do not include obsolete header files (bsc#1197794) ----------------------------------------- Patch: SUSE-2022-1657 Released: Fri May 13 15:39:07 2022 Summary: Security update for curl Severity: moderate References: 1198614,1198723,1198766,CVE-2022-22576,CVE-2022-27775,CVE-2022-27776 Description: This update for curl fixes the following issues: - CVE-2022-27776: Fixed auth/cookie leak on redirect (bsc#1198766) - CVE-2022-27775: Fixed bad local IPv6 connection reuse (bsc#1198723) - CVE-2022-22576: Fixed OAUTH2 bearer bypass in connection re-use (bsc#1198614) ----------------------------------------- Patch: SUSE-2022-1658 Released: Fri May 13 15:40:20 2022 Summary: Recommended update for libpsl Severity: important References: 1197771 Description: This update for libpsl fixes the following issues: - Fix libpsl compilation issues (bsc#1197771) ----------------------------------------- Version 3-Build5.8.256 2022-05-17T09:00:23 ----------------------------------------- Patch: SUSE-2022-1670 Released: Mon May 16 10:06:30 2022 Summary: Security update for openldap2 Severity: important References: 1199240,CVE-2022-29155 Description: This update for openldap2 fixes the following issues: - CVE-2022-29155: Fixed SQL injection in back-sql (bsc#1199240). ----------------------------------------- Patch: SUSE-2022-1688 Released: Mon May 16 14:02:49 2022 Summary: Security update for e2fsprogs Severity: important References: 1198446,CVE-2022-1304 Description: This update for e2fsprogs fixes the following issues: - CVE-2022-1304: Fixed out-of-bounds read/write leading to segmentation fault and possibly arbitrary code execution. (bsc#1198446) ----------------------------------------- Patch: SUSE-2022-1691 Released: Mon May 16 15:13:39 2022 Summary: Recommended update for augeas Severity: moderate References: 1197443 Description: This update for augeas fixes the following issue: - Sysctl keys can contain some more non-alphanumeric characters. (bsc#1197443) ----------------------------------------- Version 3-Build5.8.259 2022-05-20T09:00:21 ----------------------------------------- Patch: SUSE-2022-1750 Released: Thu May 19 15:28:20 2022 Summary: Security update for libxml2 Severity: important References: 1196490,1199132,CVE-2022-23308,CVE-2022-29824 Description: This update for libxml2 fixes the following issues: - CVE-2022-23308: Fixed a use-after-free of ID and IDREF attributes (bsc#1196490). - CVE-2022-29824: Fixed integer overflow that could have led to an out-of-bounds write in buf.c (xmlBuf*) and tree.c (xmlBuffer*) (bsc#1199132). ----------------------------------------- Version 3-Build5.8.266 2022-05-28T09:00:22 ----------------------------------------- Patch: SUSE-2022-1870 Released: Fri May 27 10:03:40 2022 Summary: Security update for curl Severity: important References: 1199223,1199224,CVE-2022-27781,CVE-2022-27782 Description: This update for curl fixes the following issues: - CVE-2022-27781: Fixed CERTINFO never-ending busy-loop (bsc#1199223) - CVE-2022-27782: Fixed TLS and SSH connection too eager reuse (bsc#1199224) ----------------------------------------- Version 3-Build5.8.271 2022-06-01T15:54:02 ----------------------------------------- Patch: SUSE-2022-1887 Released: Tue May 31 09:24:18 2022 Summary: Recommended update for grep Severity: moderate References: 1040589 Description: This update for grep fixes the following issues: - Make profiling deterministic. (bsc#1040589, SLE-24115) ----------------------------------------- Version 3-Build5.8.278 2022-06-09T09:00:23 ----------------------------------------- Patch: SUSE-2022-2019 Released: Wed Jun 8 16:50:07 2022 Summary: Recommended update for gcc11 Severity: moderate References: 1192951,1193659,1195283,1196861,1197065 Description: This update for gcc11 fixes the following issues: Update to the GCC 11.3.0 release. * includes SLS hardening backport on x86_64. [bsc#1195283] * includes change to adjust gnats idea of the target, fixing the build of gprbuild. [bsc#1196861] * fixed miscompile of embedded premake in 0ad on i586. [bsc#1197065] * use --with-cpu rather than specifying --with-arch/--with-tune * Fix D memory corruption in -M output. * Fix ICE in is_this_parameter with coroutines. [bsc#1193659] * fixes issue with debug dumping together with -o /dev/null * fixes libgccjit issue showing up in emacs build [bsc#1192951] * Package mwaitintrin.h ----------------------------------------- Version 3-Build5.8.290 2022-07-05T09:00:22 ----------------------------------------- Patch: SUSE-2022-2251 Released: Mon Jul 4 09:52:25 2022 Summary: Security update for openssl-1_1 Severity: moderate References: 1185637,1199166,1200550,CVE-2022-1292,CVE-2022-2068 Description: This update for openssl-1_1 fixes the following issues: - CVE-2022-1292: Fixed command injection in c_rehash (bsc#1199166). - CVE-2022-2068: Fixed more shell code injection issues in c_rehash. (bsc#1200550) ----------------------------------------- Version 3-Build5.8.294 2022-07-08T09:00:22 ----------------------------------------- Patch: SUSE-2022-2327 Released: Thu Jul 7 15:06:13 2022 Summary: Security update for curl Severity: important References: 1200735,1200737,CVE-2022-32206,CVE-2022-32208 Description: This update for curl fixes the following issues: - CVE-2022-32206: HTTP compression denial of service (bsc#1200735) - CVE-2022-32208: FTP-KRB bad message verification (bsc#1200737) ----------------------------------------- Patch: SUSE-2022-2328 Released: Thu Jul 7 15:07:35 2022 Summary: Security update for openssl-1_1 Severity: important References: 1201099,CVE-2022-2097 Description: This update for openssl-1_1 fixes the following issues: - CVE-2022-2097: Fixed partial missing encryption in AES OCB mode (bsc#1201099). ----------------------------------------- Version 3-Build5.8.297 2022-07-12T09:19:35 ----------------------------------------- Patch: SUSE-2022-2351 Released: Mon Jul 11 10:50:12 2022 Summary: Security update for python3 Severity: important References: 1186819,1190566,1192249,1193179,1198511,CVE-2015-20107,CVE-2021-3572 Description: This update for python3 fixes the following issues: Security issues fixed: - CVE-2021-3572: Update bundled pip wheel to the latest SLE version (bsc#1186819) - CVE-2015-20107: avoid command injection in the mailcap module (bsc#1198511). Other bugs fixed: - Remove shebangs from from python-base libraries in _libdir (bsc#1193179, bsc#1192249). ----------------------------------------- Version 3-Build5.8.299 2022-07-13T09:00:21 ----------------------------------------- Patch: SUSE-2022-2361 Released: Tue Jul 12 12:05:01 2022 Summary: Security update for pcre Severity: important References: 1199232,CVE-2022-1586 Description: This update for pcre fixes the following issues: - CVE-2022-1586: Fixed unicode property matching issue. (bsc#1199232) ----------------------------------------- Version 3-Build5.8.300 2022-07-15T09:00:23 ----------------------------------------- Patch: SUSE-2022-2402 Released: Thu Jul 14 16:58:22 2022 Summary: Security update for python-PyJWT Severity: important References: 1199756,CVE-2022-29217 Description: This update for python-PyJWT fixes the following issues: - CVE-2022-29217: Fixed key confusion through non-blocklisted public key format (bsc#1199756). ----------------------------------------- Version 3-Build5.8.302 2022-07-16T09:00:23 ----------------------------------------- Patch: SUSE-2022-2405 Released: Fri Jul 15 11:47:57 2022 Summary: Security update for p11-kit Severity: moderate References: 1180065,CVE-2020-29362 Description: This update for p11-kit fixes the following issues: - CVE-2020-29362: Fixed a 4 byte overread in p11_rpc_buffer_get_byte_array which could lead to crashes (bsc#1180065) ----------------------------------------- Version 3-Build5.8.306 2022-07-22T10:25:10 ----------------------------------------- Patch: SUSE-2022-2471 Released: Thu Jul 21 04:42:58 2022 Summary: Recommended update for systemd Severity: important References: 1148309,1191502,1195529,1200170 Description: This update for systemd fixes the following issues: - Allow control characters in environment variable values (bsc#1200170) - basic/env-util: Allow newlines in values of environment variables - man: tweak description of auto/noauto (bsc#1191502) - shared/install: avoid overwriting 'r' counter with a partial result (bsc#1148309) - shared/install: fix error codes returned by install_context_apply() - shared/install: ignore failures for auxiliary files - systemctl: suppress enable/disable messages when `-q` is given - test-env-util: Verify that \r is disallowed in env var values - test-env-util: print function headers - udev: 60-persistent-storage-tape.rules: handle duplicate device ID (bsc#1195529) ----------------------------------------- Version 3-Build5.8.310 2022-07-29T09:00:23 ----------------------------------------- Patch: SUSE-2022-2572 Released: Thu Jul 28 04:22:33 2022 Summary: Recommended update for libzypp, zypper Severity: moderate References: 1194550,1197684,1199042 Description: This update for libzypp, zypper fixes the following issues: libzypp: - appdata plugin: Pass path to the repodata/ directory inside the cache (bsc#1197684) - zypp-rpm: flush rpm script output buffer before sending endOfScriptTag - PluginRepoverification: initial version hooked into repo::Downloader and repo refresh - Immediately start monitoring the download.transfer_timeout. Do not wait until the first data arrived (bsc#1199042) - singletrans: no dry-run commit if doing just download-only - Work around cases where sat repo.start points to an invalid solvable. May happen if (wrong arch) solvables were removed at the beginning of the repo. - Fix misplaced #endif SINGLE_RPMTRANS_AS_DEFAULT_FOR_ZYPPER zypper: - Basic JobReport for 'cmdout/monitor' - versioncmp: if verbose, also print the edition 'parts' which are compared - Make sure MediaAccess is closed on exception (bsc#1194550) - Display plus-content hint conditionally - Honor the NO_COLOR environment variable when auto-detecting whether to use color - Define table columns which should be sorted natural [case insensitive] - lr/ls: Use highlight color on name and alias as well ----------------------------------------- Version 3-Build5.8.319 2022-08-10T15:34:36 ----------------------------------------- Patch: SUSE-2022-2717 Released: Tue Aug 9 12:54:16 2022 Summary: Security update for ncurses Severity: moderate References: 1198627,CVE-2022-29458 Description: This update for ncurses fixes the following issues: - CVE-2022-29458: Fixed segfaulting out-of-bounds read in convert_strings in tinfo/read_entry.c (bsc#1198627). ----------------------------------------- Version 3-Build5.8.324 2022-08-18T09:00:23 ----------------------------------------- Patch: SUSE-2022-2831 Released: Wed Aug 17 14:41:07 2022 Summary: Recommended update for aws-efs-utils, python-ansi2html, python-py, python-pytest-html, python-pytest-metadata, python-pytest-rerunfailures, python-coverage, python-oniconfig, python-unittest-mixins Severity: moderate References: 1195916,1196696,CVE-2020-29651 Description: This update for aws-efs-utils, python-ansi2html, python-py, python-pytest-html, python-pytest-metadata, python-pytest-rerunfailures fixes the following issues: - Update in SLE-15 (bsc#1196696, bsc#1195916, jsc#SLE-23972) - Remove redundant python3 dependency from Requires - Update regular expression to fix python shebang - Style is enforced upstream and triggers unnecessary build version requirements - Allow specifying fs_id in cloudwatch log group name - Includes fix for stunnel path - Added hardening to systemd service(s). - Raise minimal pytest version - Fix typo in the ansi2html Requires - Cleanup with spec-cleaner - Make sure the tests are really executed - Remove useless devel dependency - Multiprocessing support in Python 3.8 was broken, but is now fixed - Bumpy the URL to point to github rather than to docs ----------------------------------------- Version 3-Build5.8.326 2022-08-19T16:58:55 ----------------------------------------- Patch: SUSE-2022-2853 Released: Fri Aug 19 15:59:42 2022 Summary: Recommended update for sle-module-legacy-release Severity: low References: 1202498 Description: This update for python-iniconfig provides the following fix: - Ship python3-iniconfig also to openSUSE 15.3 and 15.4 (bsc#1202498) ----------------------------------------- Version 3-Build5.8.331 2022-08-25T09:00:28 ----------------------------------------- Patch: SUSE-2022-2882 Released: Wed Aug 24 10:34:31 2022 Summary: Security update for gnutls Severity: important References: 1202020,CVE-2022-2509 Description: This update for gnutls fixes the following issues: - CVE-2022-2509: Fixed a double free issue during PKCS7 verification (bsc#1202020). ----------------------------------------- Version 3-Build5.8.333 2022-08-27T14:04:35 ----------------------------------------- Patch: SUSE-2022-2904 Released: Fri Aug 26 05:28:34 2022 Summary: Recommended update for openldap2 Severity: moderate References: 1198341 Description: This update for openldap2 fixes the following issues: - Prevent memory reuse which may lead to instability (bsc#1198341) ----------------------------------------- Version 3-Build5.8.340 2022-08-31T09:00:25 ----------------------------------------- Patch: SUSE-2022-2943 Released: Tue Aug 30 15:42:16 2022 Summary: Recommended update for python-iniconfig Severity: low References: 1202498 Description: This update for python-iniconfig provides the following fix: - Ship missing python2-iniconfig to openSUSE 15.3 (bsc#1202498) ----------------------------------------- Patch: SUSE-2022-2944 Released: Wed Aug 31 05:39:14 2022 Summary: Recommended update for procps Severity: important References: 1181475 Description: This update for procps fixes the following issues: - Fix 'free' command reporting misleading 'used' value (bsc#1181475) ----------------------------------------- Version 3-Build5.8.342 2022-09-01T09:00:24 ----------------------------------------- Patch: SUSE-2022-2947 Released: Wed Aug 31 09:16:21 2022 Summary: Security update for zlib Severity: important References: 1202175,CVE-2022-37434 Description: This update for zlib fixes the following issues: - CVE-2022-37434: Fixed heap-based buffer over-read or buffer overflow via large gzip header extra field (bsc#1202175). ----------------------------------------- Version 3-Build5.8.345 2022-09-02T09:00:24 ----------------------------------------- Patch: SUSE-2022-2972 Released: Thu Sep 1 11:08:16 2022 Summary: Feature update for python-kubernetes Severity: moderate References: Description: This feature update for python-kubernetes provides: - Deliver python3-kubernetes to the Containers Module 15 SP4. (jsc#SLE-17904, MSC-443) * Deliver python3-google-auth to Basesystem Module 15 SP4 as dependency of python3-kubernetes. * Deliver python3-cachetools to Basesystem Module 15 SP4 as dependency of python3-google-auth. - There are no visible changes for the final user. ----------------------------------------- Patch: SUSE-2022-2991 Released: Thu Sep 1 16:04:30 2022 Summary: Security update for libtirpc Severity: important References: 1198752,1200800,1201680,CVE-2021-46828 Description: This update for libtirpc fixes the following issues: - CVE-2021-46828: Fixed an uncontrolled file descriptor consumption, which could be exploited by remote attackers to prevent applications using the library from accepting new connections (bsc#1201680). Non-security fixes: - Exclude ipv6 addresses in client protocol version 2 code (bsc#1200800) - Fix memory leak in params.r_addr assignement (bsc#1198752) ----------------------------------------- Version 3-Build5.8.348 2022-09-03T09:00:27 ----------------------------------------- Patch: SUSE-2022-2994 Released: Fri Sep 2 10:44:54 2022 Summary: Recommended update for lame, libass, libcdio-paranoia, libdc1394, libgsm, libva, libvdpau, libvorbis, libvpx, libwebp, openjpeg, opus, speex, twolame Severity: moderate References: 1198925 Description: This update for lame, libass, libcdio-paranoia, libdc1394, libgsm, libva, libvdpau, libvorbis, libvpx, libwebp, openjpeg, opus, speex, twolame adds some missing 32bit libraries to some products. (bsc#1198925) No codechanges were done in this update. ----------------------------------------- Patch: SUSE-2022-3004 Released: Fri Sep 2 15:02:14 2022 Summary: Security update for curl Severity: low References: 1202593,CVE-2022-35252 Description: This update for curl fixes the following issues: - CVE-2022-35252: Fixed a potential injection of control characters into cookies, which could be exploited by sister sites to cause a denial of service (bsc#1202593). ----------------------------------------- Version 3-Build5.8.352 2022-09-07T14:06:53 ----------------------------------------- Patch: SUSE-2022-3129 Released: Wed Sep 7 04:42:53 2022 Summary: Recommended update for util-linux Severity: moderate References: 1197178,1198731,1200842 Description: This update for util-linux fixes the following issues: - su: Change owner and mode for pty (bsc#1200842) - agetty: Resolve tty name even if stdin is specified (bsc#1197178) - libmount: When moving a mount point, update all sub mount entries in utab (bsc#1198731) - mesg: use only stat() to get the current terminal status (bsc#1200842) ----------------------------------------- Version 3-Build5.8.353 2022-09-08T09:01:55 ----------------------------------------- Patch: SUSE-2022-3144 Released: Wed Sep 7 11:04:23 2022 Summary: Security update for gpg2 Severity: important References: 1201225,CVE-2022-34903 Description: This update for gpg2 fixes the following issues: - CVE-2022-34903: Fixed a potential signature forgery via injection into the status line when certain unusual conditions are met (bsc#1201225). ----------------------------------------- Version 3-Build5.8.355 2022-09-09T09:53:37 ----------------------------------------- Patch: SUSE-2022-3223 Released: Fri Sep 9 04:33:35 2022 Summary: Recommended update for libzypp, zypper Severity: moderate References: 1199895,1200993,1201092,1201576,1201638 Description: This update for libzypp, zypper fixes the following issues: libzypp: - Improve handling of package locks, allowing to reset the status of its initial state (bsc#1199895) - Fix issues when receiving exceptions from curl_easy_cleanup (bsc#1201092) - Don't auto-flag kernel-firmware as 'reboot-needed' (bsc#1200993) - Remove Medianetwork and its dependent code. First reason for this is that MediaNetwork was just meant as a way to test the new CURL based downloaded. Second the Provide API is going to completely replace the current media backend. zypper: - Truncate the 'Name' column when using `zypper lr`, if the table is wider than the terminal (bsc#1201638) - Reject install/remove modifier without argument (bsc#1201576) - zypper-download: Handle unresolvable arguments as errors - Put signing key supplying repository name in quotes ----------------------------------------- Version 3-Build5.8.363 2022-09-14T10:42:25 ----------------------------------------- Patch: SUSE-2022-3262 Released: Tue Sep 13 15:34:29 2022 Summary: Recommended update for gcc11 Severity: moderate References: 1199140 Description: This update for gcc11 ships some missing 32bit libraries for s390x. (bsc#1199140) ----------------------------------------- Version 3-Build5.8.366 2022-09-20T09:00:26 ----------------------------------------- Patch: SUSE-2022-3304 Released: Mon Sep 19 11:43:25 2022 Summary: Recommended update for libassuan Severity: moderate References: Description: This update for libassuan fixes the following issues: - Add a timeout for writing to a SOCKS5 proxy - Add workaround for a problem with LD_LIBRARY_PATH on newer systems - Fix issue in the logging code - Fix some build trivialities - Upgrade autoconf ----------------------------------------- Patch: SUSE-2022-3307 Released: Mon Sep 19 13:26:51 2022 Summary: Security update for sqlite3 Severity: moderate References: 1189802,1195773,1201783,CVE-2021-36690,CVE-2022-35737 Description: This update for sqlite3 fixes the following issues: - CVE-2022-35737: Fixed an array-bounds overflow if billions of bytes are used in a string argument to a C API (bnc#1201783). - CVE-2021-36690: Fixed an issue with the SQLite Expert extension when a column has no collating sequence (bsc#1189802). - Package the Tcl bindings here again so that we only ship one copy of SQLite (bsc#1195773). ----------------------------------------- Version 3-Build5.8.370 2022-09-27T09:00:23 ----------------------------------------- Patch: SUSE-2022-3394 Released: Mon Sep 26 16:05:19 2022 Summary: Security update for permissions Severity: moderate References: 1203018,CVE-2022-31252 Description: This update for permissions fixes the following issues: - CVE-2022-31252: Fixed chkstat group controlled paths (bsc#1203018). ----------------------------------------- Patch: SUSE-2022-3395 Released: Mon Sep 26 16:35:18 2022 Summary: Recommended update for ca-certificates-mozilla Severity: moderate References: 1181994,1188006,1199079,1202868 Description: This update for ca-certificates-mozilla fixes the following issues: Updated to 2.56 state of Mozilla SSL root CAs (bsc#1202868) - Added: - Certainly Root E1 - Certainly Root R1 - DigiCert SMIME ECC P384 Root G5 - DigiCert SMIME RSA4096 Root G5 - DigiCert TLS ECC P384 Root G5 - DigiCert TLS RSA4096 Root G5 - E-Tugra Global Root CA ECC v3 - E-Tugra Global Root CA RSA v3 - Removed: - Hellenic Academic and Research Institutions RootCA 2011 Updated to 2.54 state of Mozilla SSL root CAs (bsc#1199079) - Added: - Autoridad de Certificacion Firmaprofesional CIF A62634068 - D-TRUST BR Root CA 1 2020 - D-TRUST EV Root CA 1 2020 - GlobalSign ECC Root CA R4 - GTS Root R1 - GTS Root R2 - GTS Root R3 - GTS Root R4 - HiPKI Root CA - G1 - ISRG Root X2 - Telia Root CA v2 - vTrus ECC Root CA - vTrus Root CA - Removed: - Cybertrust Global Root - DST Root CA X3 - DigiNotar PKIoverheid CA Organisatie - G2 - GlobalSign ECC Root CA R4 - GlobalSign Root CA R2 - GTS Root R1 - GTS Root R2 - GTS Root R3 - GTS Root R4 Updated to 2.50 state of the Mozilla NSS Certificate store (bsc#1188006) - Added: - HARICA Client ECC Root CA 2021 - HARICA Client RSA Root CA 2021 - HARICA TLS ECC Root CA 2021 - HARICA TLS RSA Root CA 2021 - TunTrust Root CA Updated to 2.46 state of the Mozilla NSS Certificate store (bsc#1181994) - Added new root CAs: - NAVER Global Root Certification Authority - Removed old root CAs: - GeoTrust Global CA - GeoTrust Primary Certification Authority - GeoTrust Primary Certification Authority - G3 - GeoTrust Universal CA - GeoTrust Universal CA 2 - thawte Primary Root CA - thawte Primary Root CA - G2 - thawte Primary Root CA - G3 - VeriSign Class 3 Public Primary Certification Authority - G4 - VeriSign Class 3 Public Primary Certification Authority - G5 ----------------------------------------- Version 3-Build5.8.373 2022-10-08T09:40:01 ----------------------------------------- Patch: SUSE-2022-3549 Released: Fri Oct 7 14:39:40 2022 Summary: Security update for cyrus-sasl Severity: important References: 1159635,CVE-2019-19906 Description: This update for cyrus-sasl fixes the following issues: - CVE-2019-19906: Fixed an out-of-bounds write that could lead to unauthenticated remote denial of service in OpenLDAP via a malformed LDAP packet (bsc#1159635). ----------------------------------------- Version 3-Build5.8.377 2022-10-12T09:00:23 ----------------------------------------- Patch: SUSE-2022-3565 Released: Tue Oct 11 16:17:38 2022 Summary: Recommended update for libzypp, zypper Severity: critical References: 1189282,1201972,1203649 Description: This update for libzypp, zypper fixes the following issues: libzypp: - Enable 'zck' support for SUSE Linux Enterprise 15 Service Pack 4 and newer (bsc#1189282) - Fix regression leading to `-allow-vendor-change` and `no-allow-vendor-change` options being ignored (bsc#1201972) - Remove migration code that is no longer needed (bsc#1203649) - Store logrotate files in vendor specif directory '/usr/etc/logrotate.d' if so defined zypper: - Fix contradiction in the man page: `--download-in-advance` option is the default behavior - Fix regression leading to `-allow-vendor-change` and `no-allow-vendor-change` options being ignored (bsc#1201972) - Fix tests to use locale 'C.UTF-8' rather than 'en_US' - Make sure 'up' respects solver related CLI options (bsc#1201972) - Remove unneeded code to compute the PPP status because it is now auto established - Store logrotate files in vendor specif directory '/usr/etc/logrotate.d' if so defined ----------------------------------------- Version 3-Build5.8.378 2022-10-15T09:00:25 ----------------------------------------- Patch: SUSE-2022-3593 Released: Fri Oct 14 13:35:50 2022 Summary: Security update for python3 Severity: important References: 1202624,CVE-2021-28861 Description: This update for python3 fixes the following issues: - CVE-2021-28861: Fixed an open redirection vulnerability in the HTTP server when an URI path starts with // (bsc#1202624). ----------------------------------------- Version 3-Build5.8.380 2022-10-18T09:00:24 ----------------------------------------- Patch: SUSE-2022-3597 Released: Mon Oct 17 13:13:16 2022 Summary: Security update for expat Severity: important References: 1203438,CVE-2022-40674 Description: This update for expat fixes the following issues: - CVE-2022-40674: Fixed use-after-free in the doContent function in xmlparse.c (bsc#1203438). ----------------------------------------- Version 3-Build5.8.385 2022-10-22T09:00:22 ----------------------------------------- Patch: SUSE-2022-3683 Released: Fri Oct 21 11:48:39 2022 Summary: Security update for libksba Severity: critical References: 1204357,CVE-2022-3515 Description: This update for libksba fixes the following issues: - CVE-2022-3515: Fixed a possible overflow in the TLV parser (bsc#1204357). ----------------------------------------- Patch: SUSE-2022-3689 Released: Fri Oct 21 14:19:56 2022 Summary: Feature update for rpm Severity: moderate References: Description: This feature update for rpm provides: - Support Ed25519 RPM signatures (jsc#SLE-24714, jsc#SLE-24715) ----------------------------------------- Version 3-Build5.8.391 2022-10-27T09:00:26 ----------------------------------------- Patch: SUSE-2022-3773 Released: Wed Oct 26 12:19:29 2022 Summary: Security update for curl Severity: important References: 1204383,CVE-2022-32221 Description: This update for curl fixes the following issues: - CVE-2022-32221: Fixed POST following PUT confusion (bsc#1204383). ----------------------------------------- Patch: SUSE-2022-3776 Released: Wed Oct 26 14:06:43 2022 Summary: Recommended update for permissions Severity: important References: 1203911,1204137 Description: This update for permissions fixes the following issues: - Revert changes that replaced ping capabilities with ICMP_PROTO sockets. Older SUSE Linux Enterprise versions don't properly support ICMP_PROTO sockets feature yet (bsc#1204137) - Fix regression introduced by backport of security fix (bsc#1203911) ----------------------------------------- Patch: SUSE-2022-3784 Released: Wed Oct 26 18:03:28 2022 Summary: Security update for libtasn1 Severity: critical References: 1204690,CVE-2021-46848 Description: This update for libtasn1 fixes the following issues: - CVE-2021-46848: Fixed off-by-one array size check that affects asn1_encode_simple_der (bsc#1204690) ----------------------------------------- Version 3-Build5.8.392 2022-10-28T11:51:02 ----------------------------------------- Patch: SUSE-2022-3805 Released: Thu Oct 27 17:19:46 2022 Summary: Security update for dbus-1 Severity: important References: 1087072,1204111,1204112,1204113,CVE-2022-42010,CVE-2022-42011,CVE-2022-42012 Description: This update for dbus-1 fixes the following issues: - CVE-2022-42010: Fixed potential crash that could be triggered by an invalid signature (bsc#1204111). - CVE-2022-42011: Fixed an out of bounds read caused by a fixed length array (bsc#1204112). - CVE-2022-42012: Fixed a use-after-free that could be trigged by a message in non-native endianness with out-of-band Unix file descriptor (bsc#1204113). Bugfixes: - Disable asserts (bsc#1087072). ----------------------------------------- Version 3-Build5.8.398 2022-11-06T09:00:26 ----------------------------------------- Patch: SUSE-2022-3871 Released: Fri Nov 4 13:26:29 2022 Summary: Security update for libxml2 Severity: important References: 1201978,1204366,1204367,CVE-2016-3709,CVE-2022-40303,CVE-2022-40304 Description: This update for libxml2 fixes the following issues: - CVE-2016-3709: Fixed possible XSS vulnerability (bsc#1201978). - CVE-2022-40303: Fixed integer overflows with XML_PARSE_HUGE (bsc#1204366). - CVE-2022-40304: Fixed dict corruption caused by entity reference cycles (bsc#1204367). ----------------------------------------- Version 3-Build5.8.404 2022-11-12T09:00:26 ----------------------------------------- Patch: SUSE-2022-3901 Released: Tue Nov 8 10:50:06 2022 Summary: Recommended update for openssl-1_1 Severity: moderate References: 1180995,1203046 Description: This update for openssl-1_1 fixes the following issues: - Default to RFC7919 groups when generating ECDH parameters using 'genpkey' or 'dhparam' in FIPS mode (bsc#1180995) - Fix memory leaks (bsc#1203046) ----------------------------------------- Patch: SUSE-2022-3905 Released: Tue Nov 8 12:23:17 2022 Summary: Recommended update for aaa_base Severity: important References: 1196840,1199492,1199918,1199926,1199927 Description: This update for aaa_base and iputils fixes the following issues: aaa_base: - Failures in ping for SUSE Linux Enterprise 15 and 15 SP1 due to sysctl setting for ping_group_range (bsc#1199926, bsc#1199927) - The wrapper rootsh is not a restricted shell (bsc#1199492) iputils: - Fix device binding on ping6 for ICMP datagram socket. (bsc#1196840, bsc#1199918, bsc#1199926, bsc#1199927) ----------------------------------------- Patch: SUSE-2022-3910 Released: Tue Nov 8 13:05:04 2022 Summary: Recommended update for pam Severity: moderate References: Description: This update for pam fixes the following issue: - Update pam_motd to the most current version. (PED-1712) ----------------------------------------- Patch: SUSE-2022-3912 Released: Tue Nov 8 13:38:11 2022 Summary: Security update for expat Severity: important References: 1204708,CVE-2022-43680 Description: This update for expat fixes the following issues: - CVE-2022-43680: Fixed use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate (bsc#1204708). ----------------------------------------- Patch: SUSE-2022-3922 Released: Wed Nov 9 09:03:33 2022 Summary: Security update for protobuf Severity: important References: 1194530,1203681,1204256,CVE-2021-22569,CVE-2022-1941,CVE-2022-3171 Description: This update for protobuf fixes the following issues: - CVE-2021-22569: Fixed Denial of Service in protobuf-java in the parsing procedure for binary data (bsc#1194530). - CVE-2022-1941: Fix a potential DoS issue in protobuf-cpp and protobuf-python (bsc#1203681) - CVE-2022-3171: Fix a potential DoS issue when parsing with binary data in protobuf-java (bsc#1204256) ----------------------------------------- Patch: SUSE-2022-3924 Released: Wed Nov 9 13:20:05 2022 Summary: Security update for python3 Severity: important References: 1203125,1204577,CVE-2020-10735,CVE-2022-37454 Description: This update for python3 fixes the following issues: - CVE-2022-37454: Fixed a buffer overflow in hashlib.sha3_* implementations. (bsc#1204577) - CVE-2020-10735: Fixed a bug to limit amount of digits converting text to int and vice vera. (bsc#1203125) ----------------------------------------- Patch: SUSE-2022-3932 Released: Thu Nov 10 11:55:12 2022 Summary: Security update for python-rsa Severity: moderate References: 1178676,CVE-2020-25658 Description: This update for python-rsa fixes the following issues: - CVE-2020-25658: Fixed bleichenbacher timing oracle attack against RSA decryption (bsc#1178676). ----------------------------------------- Version 3-Build5.8.409 2022-11-16T09:00:24 ----------------------------------------- Patch: SUSE-2022-3961 Released: Mon Nov 14 07:33:50 2022 Summary: Recommended update for zlib Severity: important References: 1203652 Description: This update for zlib fixes the following issues: - Fix updating strm.adler with inflate() if DFLTCC is used (bsc#1203652) ----------------------------------------- Patch: SUSE-2022-3975 Released: Mon Nov 14 15:41:13 2022 Summary: Recommended update for util-linux Severity: moderate References: 1201959 Description: This update for util-linux fixes the following issues: - libuuid improvements (bsc#1201959, PED-1150): libuuid: Fix range when parsing UUIDs. Improve cache handling for short running applications-increment the cache size over runtime. Implement continuous clock handling for time based UUIDs. Check clock value from clock file to provide seamless libuuid. ----------------------------------------- Patch: SUSE-2022-3985 Released: Tue Nov 15 12:54:11 2022 Summary: Recommended update for python-apipkg Severity: moderate References: 1204145 Description: This update fixes for python3-apipkg the following issues: ----------------------------------------- Version 3-Build5.8.412 2022-11-19T09:00:22 ----------------------------------------- Patch: SUSE-2022-4044 Released: Thu Nov 17 09:07:24 2022 Summary: Security update for python-cryptography, python-cryptography-vectors Severity: important References: 1101820,1149792,1176785,1177083,CVE-2018-10903 Description: This update for python-cryptography, python-cryptography-vectors fixes the following issues: - Update in SLE-15 (bsc#1177083, jsc#PM-2730, jsc#SLE-18312) - Refresh patches for new version - Update in SLE-15 (bsc#1176785, jsc#ECO-3105, jsc#PM-2352) - update to 2.9.2 * 2.9.2 - 2020-04-22 - Updated the macOS wheel to fix an issue where it would not run on macOS versions older than 10.15. * 2.9.1 - 2020-04-21 - Updated Windows, macOS, and manylinux wheels to be compiled with OpenSSL 1.1.1g. * 2.9 - 2020-04-02 - BACKWARDS INCOMPATIBLE: Support for Python 3.4 has been removed due to low usage and maintenance burden. - BACKWARDS INCOMPATIBLE: Support for OpenSSL 1.0.1 has been removed. Users on older version of OpenSSL will need to upgrade. - BACKWARDS INCOMPATIBLE: Support for LibreSSL 2.6.x has been removed. - Removed support for calling public_bytes() with no arguments, as per our deprecation policy. You must now pass encoding and format. - BACKWARDS INCOMPATIBLE: Reversed the order in which rfc4514_string() returns the RDNs as required by RFC 4514. - Updated Windows, macOS, and manylinux wheels to be compiled with OpenSSL 1.1.1f. - Added support for parsing single_extensions in an OCSP response. - NameAttribute values can now be empty strings. - Add openSSL_111d.patch to make this version of the package compatible with OpenSSL 1.1.1d, thus fixing bsc#1149792. - bsc#1101820 CVE-2018-10903 GCM tag forgery via truncated tag in finalize_with_tag API - Update in SLE-15 (bsc#1177083, jsc#PM-2730, jsc#SLE-18312) - Include in SLE-15 (bsc#1176785, jsc#ECO-3105, jsc#PM-2352) - update to 2.9.2: * updated vectors for the cryptography 2.9.2 testing ----------------------------------------- Patch: SUSE-2022-4081 Released: Fri Nov 18 15:40:46 2022 Summary: Security update for dpkg Severity: low References: 1199944,CVE-2022-1664 Description: This update for dpkg fixes the following issues: - CVE-2022-1664: Fixed a directory traversal vulnerability in Dpkg::Source::Archive (bsc#1199944). ----------------------------------------- Version 3-Build5.8.414 2022-11-22T09:00:23 ----------------------------------------- Patch: SUSE-2022-4155 Released: Mon Nov 21 14:36:17 2022 Summary: Security update for krb5 Severity: important References: 1205126,CVE-2022-42898 Description: This update for krb5 fixes the following issues: - CVE-2022-42898: Fixed integer overflow in PAC parsing (bsc#1205126). ----------------------------------------- Version 3-Build5.8.420 2022-11-27T09:00:22 ----------------------------------------- Patch: SUSE-2022-4199 Released: Wed Nov 23 13:17:17 2022 Summary: Recommended update for rpm Severity: moderate References: 1202750 Description: This update for rpm fixes the following issues: - Strip critical bit in signature subpackage parsing - No longer deadlock DNF after pubkey import (bsc#1202750) ----------------------------------------- Version 3-Build5.8.424 2022-11-30T11:16:41 ----------------------------------------- Patch: SUSE-2022-4256 Released: Mon Nov 28 12:36:32 2022 Summary: Recommended update for gcc12 Severity: moderate References: Description: This update for gcc12 fixes the following issues: This update ship the GCC 12 compiler suite and its base libraries. The compiler baselibraries are provided for all SUSE Linux Enterprise 15 versions and replace the same named GCC 11 ones. The new compilers for C, C++, and Fortran are provided for SUSE Linux Enterprise 15 SP3 and SP4, and provided in the 'Development Tools' module. The Go, D and Ada language compiler parts are available unsupported via the PackageHub repositories. To use gcc12 compilers use: - install 'gcc12' or 'gcc12-c++' or one of the other 'gcc12-COMPILER' frontend packages. - override your Makefile to use CC=gcc12, CXX=g++12 and similar overrides for the other languages. For a full changelog with all new GCC12 features, check out https://gcc.gnu.org/gcc-12/changes.html ----------------------------------------- Patch: SUSE-2022-4258 Released: Mon Nov 28 15:37:25 2022 Summary: Security update for python3 Severity: important References: 1205244,CVE-2022-45061 Description: This update for python3 fixes the following issues: - CVE-2022-45061: Fixed possible DoS when IDNA decoding extremely long domain names (bsc#1205244). ----------------------------------------- Version 3-Build5.8.430 2022-12-09T09:00:23 ----------------------------------------- Patch: SUSE-2022-4388 Released: Fri Dec 9 04:07:21 2022 Summary: Recommended update for gnutls Severity: moderate References: 1204511 Description: This update for gnutls fixes the following issues: - Fix potential to free an invalid pointer (bsc#1204511) ----------------------------------------- Version 3-Build5.8.446 2022-12-30T09:00:23 ----------------------------------------- Patch: SUSE-2022-4628 Released: Wed Dec 28 09:23:13 2022 Summary: Security update for sqlite3 Severity: moderate References: 1206337,CVE-2022-46908 Description: This update for sqlite3 fixes the following issues: - CVE-2022-46908: Properly implement the azProhibitedFunctions protection mechanism, when relying on --safe for execution of an untrusted CLI script (bsc#1206337). ----------------------------------------- Patch: SUSE-2022-4633 Released: Wed Dec 28 09:32:15 2022 Summary: Security update for curl Severity: moderate References: 1206309,CVE-2022-43552 Description: This update for curl fixes the following issues: - CVE-2022-43552: HTTP Proxy deny use-after-free (bsc#1206309). ----------------------------------------- Version 3-Build5.8.453 2023-01-07T09:00:23 ----------------------------------------- Patch: SUSE-2023-37 Released: Fri Jan 6 15:35:49 2023 Summary: Security update for ca-certificates-mozilla Severity: important References: 1206212,1206622 Description: This update for ca-certificates-mozilla fixes the following issues: - Updated to 2.60 state of Mozilla SSL root CAs (bsc#1206622) Removed CAs: - Global Chambersign Root - EC-ACC - Network Solutions Certificate Authority - Staat der Nederlanden EV Root CA - SwissSign Platinum CA - G2 Added CAs: - DIGITALSIGN GLOBAL ROOT ECDSA CA - DIGITALSIGN GLOBAL ROOT RSA CA - Security Communication ECC RootCA1 - Security Communication RootCA3 Changed trust: - TrustCor certificates only trusted up to Nov 30 (bsc#1206212) - Removed CAs (bsc#1206212) as most code does not handle 'valid before nov 30 2022' and it is not clear how many certs were issued for SSL middleware by TrustCor: - TrustCor RootCert CA-1 - TrustCor RootCert CA-2 - TrustCor ECA-1 ----------------------------------------- Version 3-Build5.8.455 2023-01-11T09:00:27 ----------------------------------------- Patch: SUSE-2023-56 Released: Mon Jan 9 11:13:43 2023 Summary: Security update for libksba Severity: moderate References: 1206579,CVE-2022-47629 Description: This update for libksba fixes the following issues: - CVE-2022-47629: Fixed an integer overflow vulnerability in the CRL signature parser (bsc#1206579). ----------------------------------------- Version 3-Build5.8.462 2023-01-26T09:00:27 ----------------------------------------- Patch: SUSE-2023-139 Released: Wed Jan 25 14:41:55 2023 Summary: Security update for python-certifi Severity: important References: 1206212,CVE-2022-23491 Description: This update for python-certifi fixes the following issues: - remove all TrustCor CAs, as TrustCor issued multiple man-in-the-middle certs (bsc#1206212 CVE-2022-23491) - TrustCor RootCert CA-1 - TrustCor RootCert CA-2 - TrustCor ECA-1 - Add removeTrustCor.patch ----------------------------------------- Version 3-Build5.8.465 2023-01-27T09:00:25 ----------------------------------------- Patch: SUSE-2023-161 Released: Thu Jan 26 18:23:16 2023 Summary: Security update for python-py Severity: moderate References: 1204364,CVE-2022-42969 Description: This update for python-py fixes the following issues: - CVE-2022-42969: Fixed an excessive resource consumption that could be triggered when interacting with a Subversion repository containing crated data (bsc#1204364). ----------------------------------------- Patch: SUSE-2023-174 Released: Thu Jan 26 20:52:38 2023 Summary: Security update for glib2 Severity: low References: 1183533,CVE-2021-28153 Description: This update for glib2 fixes the following issues: - CVE-2021-28153: Fixed an issue where symlink targets would be incorrectly created as empty files (bsc#1183533). ----------------------------------------- Patch: SUSE-2023-176 Released: Thu Jan 26 20:56:20 2023 Summary: Recommended update for permissions Severity: moderate References: 1206738 Description: This update for permissions fixes the following issues: Update to version 20181225: * Backport postfix permissions to SLE 15 SP2 (bsc#1206738) ----------------------------------------- Patch: SUSE-2023-181 Released: Thu Jan 26 21:55:43 2023 Summary: Recommended update for procps Severity: low References: 1206412 Description: This update for procps fixes the following issues: - Improve memory handling/usage (bsc#1206412) - Make sure that correct library version is installed (bsc#1206412) ----------------------------------------- Version 3-Build5.8.467 2023-01-30T09:00:25 ----------------------------------------- Patch: SUSE-2023-188 Released: Fri Jan 27 12:07:19 2023 Summary: Recommended update for zlib Severity: important References: 1203652 Description: This update for zlib fixes the following issues: - Follow up fix for bug bsc#1203652 due to libxml2 issues ----------------------------------------- Version 3-Build5.8.469 2023-02-02T09:00:26 ----------------------------------------- Patch: SUSE-2023-223 Released: Wed Feb 1 09:36:03 2023 Summary: Security update for python-setuptools Severity: moderate References: 1206667,CVE-2022-40897 Description: This update for python-setuptools fixes the following issues: - CVE-2022-40897: Fixed an excessive CPU usage that could be triggered by fetching a malicious HTML document (bsc#1206667). ----------------------------------------- Version 3-Build5.8.473 2023-02-08T09:00:25 ----------------------------------------- Patch: SUSE-2023-310 Released: Tue Feb 7 17:35:34 2023 Summary: Security update for openssl-1_1 Severity: important References: 1121365,1198472,1207533,1207534,1207536,1207538,CVE-2022-4304,CVE-2022-4450,CVE-2023-0215,CVE-2023-0286 Description: This update for openssl-1_1 fixes the following issues: - CVE-2023-0286: Fixed X.400 address type confusion in X.509 GENERAL_NAME_cmp for x400Address (bsc#1207533). - CVE-2023-0215: Fixed use-after-free following BIO_new_NDEF() (bsc#1207536). - CVE-2022-4450: Fixed double free after calling PEM_read_bio_ex() (bsc#1207538). - CVE-2022-4304: Fixed timing Oracle in RSA Decryption (bsc#1207534). - FIPS: list only FIPS approved public key algorithms (bsc#1121365, bsc#1198472) ----------------------------------------- Version 3-Build5.8.476 2023-02-18T09:00:24 ----------------------------------------- Patch: SUSE-2023-446 Released: Fri Feb 17 09:52:43 2023 Summary: Recommended update for util-linux Severity: moderate References: 1194038,1205646 Description: This update for util-linux fixes the following issues: - Fix tests not passing when '@' character is in build path: Fixes rpmbuild %checks fail when @ in the directory path (bsc#1194038). - libuuid continuous clock handling for time based UUIDs: Prevent use of the new libuuid ABI by uuidd %post before update of libuuid1 (bsc#1205646). ----------------------------------------- Version 3-Build5.8.484 2023-03-03T09:00:24 ----------------------------------------- Patch: SUSE-2023-604 Released: Thu Mar 2 15:51:55 2023 Summary: Security update for python-cryptography, python-cryptography-vectors Severity: important References: 1178168,1182066,1198331,1199282,CVE-2020-25659,CVE-2020-36242 Description: This update for python-cryptography, python-cryptography-vectors fixes the following issues: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - CVE-2020-36242: Fixed a bug where certain sequences of update() calls could result in integer overflow (bsc#1182066). - CVE-2020-25659: Fixed Bleichenbacher vulnerabilities (bsc#1178168). - update to 3.3.2 (bsc#1198331) ----------------------------------------- Version 3-Build5.8.485 2023-03-04T09:00:22 ----------------------------------------- Patch: SUSE-2023-610 Released: Fri Mar 3 12:06:49 2023 Summary: Security update for gnutls Severity: moderate References: 1208143,CVE-2023-0361 Description: This update for gnutls fixes the following issues: - CVE-2023-0361: Fixed a Bleichenbacher oracle in the TLS RSA key exchange (bsc#1208143). ----------------------------------------- Version 3-Build5.8.490 2023-03-09T09:00:22 ----------------------------------------- Patch: SUSE-2023-676 Released: Wed Mar 8 14:33:23 2023 Summary: Recommended update for libxml2 Severity: moderate References: 1204585 Description: This update for libxml2 fixes the following issues: - Add W3C conformance tests to the testsuite (bsc#1204585): * Added file xmlts20080827.tar.gz ----------------------------------------- Version 3-Build5.8.493 2023-03-15T09:00:28 ----------------------------------------- Patch: SUSE-2023-736 Released: Tue Mar 14 19:05:34 2023 Summary: Security update for python3 Severity: important References: 1188607,1208443,1208471,CVE-2023-24329 Description: This update for python3 fixes the following issues: - CVE-2023-24329: Fixed blocklist bypass via the urllib.parse component when supplying a URL that starts with blank characters (bsc#1208471). The following non-security bugs were fixed: - Fixed a crash in the garbage collection (bsc#1188607) - Fixed email.generator.py to not replace a non-existent header (bsc#1208443, gh#python/cpython#71508). ----------------------------------------- Version 3-Build5.8.495 2023-03-17T09:00:26 ----------------------------------------- Patch: SUSE-2023-776 Released: Thu Mar 16 17:29:23 2023 Summary: Recommended update for gcc12 Severity: moderate References: Description: This update for gcc12 fixes the following issues: This update ships gcc12 also to the SUSE Linux Enterprise 15 SP1 LTSS and 15 SP2 LTSS products. SUSE Linux Enterprise 15 SP3 and SP4 get only refreshed builds without changes This update ship the GCC 12 compiler suite and its base libraries. The compiler baselibraries are provided for all SUSE Linux Enterprise 15 versions and replace the same named GCC 11 ones. The new compilers for C, C++, and Fortran are provided in the SUSE Linux Enterprise Module for Development Tools. To use gcc12 compilers use: - install 'gcc12' or 'gcc12-c++' or one of the other 'gcc12-COMPILER' frontend packages. - override your makefile to use CC=gcc12, CXX=g++12 and similar overrides for the other languages. For a full changelog with all new GCC12 features, check out https://gcc.gnu.org/gcc-12/changes.html ----------------------------------------- Patch: SUSE-2023-786 Released: Thu Mar 16 19:36:09 2023 Summary: Recommended update for libsolv, libzypp, zypper Severity: important References: 1178233,1203248,1203249,1203715,1204548,1204956,1205570,1205636,1206949 Description: This update for libsolv, libzypp, zypper fixes the following issues: libsolv: - Do not autouninstall SUSE PTF packages - Ensure 'duplinvolvedmap_all' is reset when a solver is reused - Fix 'keep installed' jobs not disabling 'best update' rules - New '-P' and '-W' options for `testsolv` - New introspection interface for weak dependencies similar to ruleinfos - Ensure special case file dependencies are written correctly in the testcase writer - Support better info about alternatives - Support decision reason queries - Support merging of related decisions - Support stringification of multiple solvables - Support stringification of ruleinfo, decisioninfo and decision reasons libzypp: - Avoid calling getsockopt when we know the info already. This patch should fix logging on WSL, getsockopt seems to not be fully supported but the code required it when accepting new socket connections (bsc#1178233) - Avoid redirecting 'history.logfile=/dev/null' into the target - Create '.no_auto_prune' in the package cache dir to prevent auto cleanup of orphaned repositories (bsc#1204956) - Enhance yaml-cpp detection - Improve download of optional files - MultiCurl: Make sure to reset the progress function when falling back. - Properly reset range requests (bsc#1204548) - Removing a PTF without enabled repos should always fail (bsc#1203248) Without enabled repos, the dependent PTF-packages would be removed (not replaced!) as well. To remove a PTF `zypper install -- -PTF` or a dedicated `zypper removeptf PTF` should be used. This will update the installed PTF packages to theit latest version. - Skip media.1/media download for http repo status calc. This patch allows zypp to skip a extra media.1/media download to calculate if a repository needs to be refreshed. This optimisation only takes place if the repo does specify only downloading base urls. - Use a dynamic fallback for BLKSIZE in downloads. When not receiving a blocklist via metalink file from the server MediaMultiCurl used to fallback to a fixed, relatively small BLKSIZE. This patch changes the fallback into a dynamic value based on the filesize using a similar metric as the MirrorCache implementation on the server side. - ProgressData: enforce reporting the INIT||END state (bsc#1206949) - ps: fix service detection on newer Tumbleweed systems (bsc#1205636) zypper: - Allow to (re)add a service with the same URL (bsc#1203715) - Bump dependency requirement to libzypp-devel 17.31.7 or greater - Explain outdatedness of repositories - patterns: Avoid dispylaing superfluous @System entries (bsc#1205570) - Provide `removeptf` command (bsc#1203249) A remove command which prefers replacing dependant packages to removing them as well. A PTF is typically removed as soon as the fix it provides is applied to the latest official update of the dependant packages. However it is not desired for the dependant packages to be removed together with the PTF, which is what the remove command would do. The `removeptf` command however will aim to replace the dependant packages by their official update versions. - Update man page and explain '.no_auto_prune' (bsc#1204956) ----------------------------------------- Version 3-Build5.8.496 2023-03-18T09:00:24 ----------------------------------------- Patch: SUSE-2023-794 Released: Fri Mar 17 08:42:12 2023 Summary: Security update for python-PyJWT Severity: critical References: 1176785,1199282,1199756,CVE-2022-29217 Description: This update for python-PyJWT fixes the following issues: - CVE-2022-29217: Fixed Key confusion through non-blocklisted public key formats (bsc#1199756). - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Update to 2.4.0 (bsc#1199756) - Explicit check the key for ECAlgorithm - Don't use implicit optionals - documentation fix: show correct scope - fix: Update copyright information - Don't mutate options dictionary in .decode_complete() - Add support for Python 3.10 - api_jwk: Add PyJWKSet.__getitem__ - Update usage.rst - Docs: mention performance reasons for reusing RSAPrivateKey when encoding - Fixed typo in usage.rst - Add detached payload support for JWS encoding and decoding - Replace various string interpolations with f-strings by ----------------------------------------- Version 3-Build5.8.500 2023-04-01T09:00:26 ----------------------------------------- Patch: SUSE-2023-1711 Released: Fri Mar 31 13:33:04 2023 Summary: Security update for curl Severity: moderate References: 1207992,1209209,1209210,1209211,1209212,1209214,CVE-2023-23916,CVE-2023-27533,CVE-2023-27534,CVE-2023-27535,CVE-2023-27536,CVE-2023-27538 Description: This update for curl fixes the following issues: - CVE-2023-27533: Fixed TELNET option IAC injection (bsc#1209209). - CVE-2023-27534: Fixed SFTP path ~ resolving discrepancy (bsc#1209210). - CVE-2023-27535: Fixed FTP too eager connection reuse (bsc#1209211). - CVE-2023-27536: Fixed GSS delegation too eager connection reuse (bsc#1209212). - CVE-2023-27538: Fixed SSH connection too eager reuse still (bsc#1209214). - CVE-2023-23916: Fixed HTTP multi-header compression denial of service (bsc#1207992). ----------------------------------------- Version 3-Build5.8.503 2023-04-05T09:00:24 ----------------------------------------- Patch: SUSE-2023-1763 Released: Tue Apr 4 14:35:52 2023 Summary: Security update for python-cryptography Severity: moderate References: 1208036,CVE-2023-23931 Description: This update for python-cryptography fixes the following issues: - CVE-2023-23931: Fixed memory corruption in Cipher.update_into (bsc#1208036). ----------------------------------------- Version 3-Build5.8.505 2023-04-08T09:00:22 ----------------------------------------- Patch: SUSE-2023-1783 Released: Thu Apr 6 08:24:57 2023 Summary: Recommended update for python3 Severity: important References: 1203355 Description: This update for python3 fixes the following issues: - Fix unnecessary and dangerous calls to PyThread_exit_thread() (bsc#1203355) ----------------------------------------- Patch: SUSE-2023-1790 Released: Thu Apr 6 15:36:15 2023 Summary: Security update for openssl-1_1 Severity: moderate References: 1209624,1209873,1209878,CVE-2023-0464,CVE-2023-0465,CVE-2023-0466 Description: This update for openssl-1_1 fixes the following issues: - CVE-2023-0464: Fixed excessive Resource Usage Verifying X.509 Policy Constraints (bsc#1209624). - CVE-2023-0465: Invalid certificate policies in leaf certificates were silently ignored (bsc#1209878). - CVE-2023-0466: Certificate policy check were not enabled (bsc#1209873). ----------------------------------------- Version 3-Build5.8.515 2023-04-27T09:00:24 ----------------------------------------- Patch: SUSE-2023-2048 Released: Wed Apr 26 21:05:45 2023 Summary: Security update for libxml2 Severity: important References: 1065270,1199132,1204585,1210411,1210412,CVE-2021-3541,CVE-2022-29824,CVE-2023-28484,CVE-2023-29469 Description: This update for libxml2 fixes the following issues: - CVE-2023-29469: Fixed inconsistent result when hashing empty strings (bsc#1210412). - CVE-2023-28484: Fixed NULL pointer dereference in xmlSchemaFixupComplexType (bsc#1210411). - CVE-2022-29824: Fixed integer overflow leading to out-of-bounds write in buf.c (bsc#1199132). The following non-security bugs were fixed: - Added W3C conformance tests to the testsuite (bsc#1204585). - Fixed NULL pointer dereference when parsing invalid data (glgo#libxml2!15) (bsc#1065270) . ----------------------------------------- Version 3-Build5.8.516 2023-04-29T09:00:24 ----------------------------------------- Patch: SUSE-2023-2068 Released: Fri Apr 28 13:55:00 2023 Summary: Security update for shadow Severity: moderate References: 1210507,CVE-2023-29383 Description: This update for shadow fixes the following issues: - CVE-2023-29383: Fixed apparent /etc/shadow manipulation via chfn (bsc#1210507). ----------------------------------------- Patch: SUSE-2023-2074 Released: Fri Apr 28 17:02:25 2023 Summary: Security update for zstd Severity: moderate References: 1209533,CVE-2022-4899 Description: This update for zstd fixes the following issues: - CVE-2022-4899: Fixed buffer overrun in util.c (bsc#1209533). ----------------------------------------- Patch: SUSE-2023-2076 Released: Fri Apr 28 17:35:05 2023 Summary: Security update for glib2 Severity: moderate References: 1209713,1209714,1210135,CVE-2023-24593,CVE-2023-25180 Description: This update for glib2 fixes the following issues: - CVE-2023-24593: Fixed a denial of service caused by handling a malicious text-form variant (bsc#1209714). - CVE-2023-25180: Fixed a denial of service caused by malicious serialised variant (bsc#1209713). The following non-security bug was fixed: - Fixed regression on s390x (bsc#1210135, glgo#GNOME/glib!2978). ----------------------------------------- Version 3-Build5.8.518 2023-05-05T09:00:25 ----------------------------------------- Patch: SUSE-2023-2104 Released: Thu May 4 21:05:30 2023 Summary: Recommended update for procps Severity: moderate References: 1209122 Description: This update for procps fixes the following issue: - Allow - as leading character to ignore possible errors on systctl entries (bsc#1209122) ----------------------------------------- Version 3-Build5.8.520 2023-05-06T09:00:26 ----------------------------------------- Patch: SUSE-2023-2111 Released: Fri May 5 14:34:00 2023 Summary: Security update for ncurses Severity: moderate References: 1210434,CVE-2023-29491 Description: This update for ncurses fixes the following issues: - CVE-2023-29491: Fixed memory corruption issues when processing malformed terminfo data (bsc#1210434). ----------------------------------------- Version 3-Build5.8.522 2023-05-09T18:05:26 ----------------------------------------- Patch: SUSE-2023-2133 Released: Tue May 9 13:37:10 2023 Summary: Recommended update for zlib Severity: moderate References: 1206513 Description: This update for zlib fixes the following issues: - Add DFLTCC support for using inflate() with a small window (bsc#1206513) ----------------------------------------- Version 3-Build5.8.525 2023-05-17T09:00:26 ----------------------------------------- Patch: SUSE-2023-2216 Released: Tue May 16 11:27:50 2023 Summary: Recommended update for python-packaging Severity: important References: 1186870,1199282 Description: This update for python-packaging fixes the following issues: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Add patch to fix testsuite on big-endian targets - Ignore python3.6.2 since the test doesn't support it. - update to 21.3: * Add a pp3-none-any tag * Replace the blank pyparsing 3 exclusion with a 3.0.5 exclusion * Fix a spelling mistake - update to 21.2: * Update documentation entry for 21.1. * Update pin to pyparsing to exclude 3.0.0. * PEP 656: musllinux support * Drop support for Python 2.7, Python 3.4 and Python 3.5 * Replace distutils usage with sysconfig * Add support for zip files * Use cached hash attribute to short-circuit tag equality comparisons * Specify the default value for the 'specifier' argument to 'SpecifierSet' * Proper keyword-only 'warn' argument in packaging.tags * Correctly remove prerelease suffixes from ~= check * Fix type hints for 'Version.post' and 'Version.dev' * Use typing alias 'UnparsedVersion' * Improve type inference * Tighten the return typeo - Add Provides: for python*dist(packaging). (bsc#1186870) - add no-legacyversion-warning.patch to restore compatibility with 20.4 - update to 20.9: * Add support for the ``macosx_10_*_universal2`` platform tags * Introduce ``packaging.utils.parse_wheel_filename()`` and ``parse_sdist_filename()`` - update to 20.8: * Revert back to setuptools for compatibility purposes for some Linux distros * Do not insert an underscore in wheel tags when the interpreter version number is more than 2 digits * Fix flit configuration, to include LICENSE files * Make `intel` a recognized CPU architecture for the `universal` macOS platform tag * Add some missing type hints to `packaging.requirements` * Officially support Python 3.9 * Deprecate the ``LegacyVersion`` and ``LegacySpecifier`` classes * Handle ``OSError`` on non-dynamic executables when attempting to resolve the glibc version string. - update to 20.4: * Canonicalize version before comparing specifiers. * Change type hint for ``canonicalize_name`` to return ``packaging.utils.NormalizedName``. This enables the use of static typing tools (like mypy) to detect mixing of normalized and un-normalized names. ----------------------------------------- Version 3-Build5.8.527 2023-05-18T09:00:25 ----------------------------------------- Patch: SUSE-2023-2227 Released: Wed May 17 09:57:41 2023 Summary: Security update for curl Severity: important References: 1211231,1211232,1211233,1211339,CVE-2023-28320,CVE-2023-28321,CVE-2023-28322 Description: This update for curl fixes the following issues: - CVE-2023-28320: Fixed siglongjmp race condition (bsc#1211231). - CVE-2023-28321: Fixed IDN wildcard matching (bsc#1211232). - CVE-2023-28322: Fixed POST-after-PUT confusion (bsc#1211233). ----------------------------------------- Version 3-Build5.8.528 2023-05-19T09:00:25 ----------------------------------------- Patch: SUSE-2023-2247 Released: Thu May 18 17:04:38 2023 Summary: Recommended update for libzypp, zypper Severity: moderate References: 1127591,1195633,1208329,1209406,1210870 Description: This update for libzypp, zypper fixes the following issues: - Installing local RPM packages fails if /usr/bin/find is not installed (bsc#1195633) - multicurl: propagate ssl settings stored in repo url (bsc#1127591) - MediaCurl: Fix endless loop if wrong credentials are stored in credentials.cat (bsc#1210870) - zypp.conf: Introduce 'download.connect_timeout' [60 sec.] (bsc#1208329) - Teach MediaNetwork to retry on HTTP2 errors. - Fix selecting installed patterns from picklist (bsc#1209406) - man: better explanation of --priority ----------------------------------------- Version 3-Build5.8.531 2023-06-01T11:02:16 ----------------------------------------- Patch: SUSE-2023-2333 Released: Wed May 31 09:01:28 2023 Summary: Recommended update for zlib Severity: moderate References: 1210593 Description: This update for zlib fixes the following issue: - Fix function calling order to avoid crashes (bsc#1210593) ----------------------------------------- Version 3-Build5.8.532 2023-06-02T09:00:27 ----------------------------------------- Patch: SUSE-2023-2343 Released: Thu Jun 1 11:35:28 2023 Summary: Security update for openssl-1_1 Severity: important References: 1211430,CVE-2023-2650 Description: This update for openssl-1_1 fixes the following issues: - CVE-2023-2650: Fixed possible denial of service translating ASN.1 object identifiers (bsc#1211430). ----------------------------------------- Version 3-Build5.8.534 2023-06-12T14:56:54 ----------------------------------------- Patch: SUSE-2023-2484 Released: Mon Jun 12 08:49:58 2023 Summary: Security update for openldap2 Severity: moderate References: 1211795,CVE-2023-2953 Description: This update for openldap2 fixes the following issues: - CVE-2023-2953: Fixed null pointer deref in ber_memalloc_x (bsc#1211795). ----------------------------------------- Version 3-Build5.8.535 2023-06-14T09:23:29 ----------------------------------------- Patch: SUSE-2023-2497 Released: Tue Jun 13 15:37:25 2023 Summary: Recommended update for libzypp Severity: important References: 1211661,1212187 Description: This update for libzypp fixes the following issues: - Fix 'Curl error 92' when synchronizing SUSE Manager repositories. [bsc#1212187] - Do not unconditionally release a medium if provideFile failed. [bsc#1211661] ----------------------------------------- Version 3-Build5.8.536 2023-06-15T09:00:25 ----------------------------------------- Patch: SUSE-2023-2509 Released: Wed Jun 14 14:44:28 2023 Summary: Security update for python3 Severity: moderate References: 1203750,1211158,CVE-2007-4559 Description: This update for python3 fixes the following issues: - CVE-2007-4559: Fixed filter for tarfile.extractall (bsc#1203750). - Fixed unittest.mock.patch.dict returns function when applied to coroutines (bsc#1211158). ----------------------------------------- Version 3-Build5.8.540 2023-06-24T09:00:25 ----------------------------------------- Patch: SUSE-2023-2625 Released: Fri Jun 23 17:16:11 2023 Summary: Recommended update for gcc12 Severity: moderate References: Description: This update for gcc12 fixes the following issues: - Update to GCC 12.3 release, 0c61aa720e62f1baf0bfd178e283, git1204 * includes regression and other bug fixes - Speed up builds with --enable-link-serialization. - Update embedded newlib to version 4.2.0 ----------------------------------------- Version 3-Build5.8.542 2023-07-01T09:00:24 ----------------------------------------- Patch: SUSE-2023-2742 Released: Fri Jun 30 11:40:56 2023 Summary: Recommended update for autoyast2, libzypp, yast2-pkg-bindings, yast2-update, zypper Severity: moderate References: 1202234,1209565,1211261,1212187,1212222 Description: This update for yast2-pkg-bindings fixes the following issues: libzypp was updated to version 17.31.14 (22): - Curl: trim all custom headers (bsc#1212187) HTTP/2 RFC 9113 forbids fields ending with a space. So we make sure all custom headers are trimmed. This also includes headers returned by URL-Resolver plugins. - build: honor libproxy.pc's includedir (bsc#1212222) zypper was updated to version 1.14.61: - targetos: Add an error note if XPath:/product/register/target is not defined in /etc/products.d/baseproduct (bsc#1211261) - targetos: Update help and man page (bsc#1211261) yast2-pkg-bindings, autoyast: - Added a new option for rebuilding the RPM database (--rebuilddb) (bsc#1209565) - Selected products are not installed after resetting the package manager internally (bsc#1202234) yast2-update: - Rebuild the RPM database during upgrade (--rebuilddb) (bsc#1209565) ----------------------------------------- Version 3-Build5.8.544 2023-07-05T09:14:39 ----------------------------------------- Patch: SUSE-2023-2783 Released: Tue Jul 4 22:08:19 2023 Summary: Security update for grpc, protobuf, python-Deprecated, python-PyGithub, python-aiocontextvars, python-avro, python-bcrypt, python-cryptography, python-cryptography-vectors, python-google-api-core, python-googleapis-common-protos, python-grpcio-gcp, python-humanfriendly, python-jsondiff, python-knack, python-opencensus, python-opencensus-context, python-opencensus-ext-threading, python-opentelemetry-api, python-psutil, python-pytest-asyncio, python-requests, python-websocket-client, python-websockets Severity: important References: 1099269,1133277,1144068,1162343,1177127,1178168,1182066,1184753,1194530,1197726,1198331,1199282,1203681,1204256,CVE-2018-1000518,CVE-2020-25659,CVE-2020-36242,CVE-2021-22569,CVE-2021-22570,CVE-2022-1941,CVE-2022-3171 Description: This update for grpc, protobuf, python-Deprecated, python-PyGithub, python-aiocontextvars, python-avro, python-bcrypt, python-cryptography, python-cryptography-vectors, python-google-api-core, python-googleapis-common-protos, python-grpcio-gcp, python-humanfriendly, python-jsondiff, python-knack, python-opencensus, python-opencensus-context, python-opencensus-ext-threading, python-opentelemetry-api, python-psutil, python-pytest-asyncio, python-requests, python-websocket-client, python-websockets fixes the following issues: grpc: - Update in SLE-15 (bsc#1197726, bsc#1144068) protobuf: - Fix a potential DoS issue in protobuf-cpp and protobuf-python, CVE-2022-1941, bsc#1203681 - Fix a potential DoS issue when parsing with binary data in protobuf-java, CVE-2022-3171, bsc#1204256 - Fix potential Denial of Service in protobuf-java in the parsing procedure for binary data, CVE-2021-22569, bsc#1194530 - Add missing dependency of python subpackages on python-six (bsc#1177127) - Updated to version 3.9.2 (bsc#1162343) * Remove OSReadLittle* due to alignment requirements. * Don't use unions and instead use memcpy for the type swaps. - Disable LTO (bsc#1133277) python-aiocontextvars: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) python-avro: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) python-cryptography: - update to 3.3.2 (bsc#1182066, CVE-2020-36242, bsc#1198331) * SECURITY ISSUE: Fixed a bug where certain sequences of update() calls when symmetrically encrypting very large payloads (>2GB) could result in an integer overflow, leading to buffer overflows. CVE-2020-36242 python-cryptography-vectors: - update to 3.2 (bsc#1178168, CVE-2020-25659): * CVE-2020-25659: Attempted to make RSA PKCS#1v1.5 decryption more constant time, to protect against Bleichenbacher vulnerabilities. Due to limitations imposed by our API, we cannot completely mitigate this vulnerability. * Support for OpenSSL 1.0.2 has been removed. * Added basic support for PKCS7 signing (including SMIME) via PKCS7SignatureBuilder. - update to 3.3.2 (bsc#1198331) python-Deprecated: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - update to 1.2.13: python-google-api-core: - Update to 1.14.2 python-googleapis-common-protos: - Update to 1.6.0 python-grpcio-gcp: - Initial spec for v0.2.2 python-humanfriendly: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Update to 10.0 python-jsondiff: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Update to version 1.3.0 python-knack: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Update to version 0.9.0 python-opencensus: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Disable Python2 build - Update to 0.8.0 python-opencensus-context: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) python-opencensus-ext-threading: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build version 0.1.2 python-opentelemetry-api: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Version update to 1.5.0 python-psutil: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - update to 5.9.1 - remove the dependency on net-tools, since it conflicts with busybox-hostnmame which is default on MicroOS. (bsc#1184753) - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) python-PyGithub: - Update to 1.43.5: python-pytest-asyncio: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial release of python-pytest-asyncio 0.8.0 python-requests: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) python-websocket-client: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Update to version 1.3.2 python-websockets: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - update to 9.1: ----------------------------------------- Version 3-Build5.8.547 2023-07-18T09:00:24 ----------------------------------------- Patch: SUSE-2023-2855 Released: Mon Jul 17 16:35:21 2023 Summary: Recommended update for openldap2 Severity: moderate References: 1212260 Description: This update for openldap2 fixes the following issues: - libldap2 crashes on ldap_sasl_bind_s (bsc#1212260) ----------------------------------------- Version 3-Build5.8.548 2023-07-20T09:00:24 ----------------------------------------- Patch: SUSE-2023-2879 Released: Wed Jul 19 09:45:34 2023 Summary: Security update for dbus-1 Severity: moderate References: 1212126,CVE-2023-34969 Description: This update for dbus-1 fixes the following issues: - CVE-2023-34969: Fixed a possible dbus-daemon crash by an unprivileged users (bsc#1212126). ----------------------------------------- Version 3-Build5.8.551 2023-07-21T09:26:56 ----------------------------------------- Patch: SUSE-2023-2918 Released: Thu Jul 20 12:00:17 2023 Summary: Recommended update for gpgme Severity: moderate References: 1089497 Description: This update for gpgme fixes the following issues: gpgme: - Address failure handling issues when using gpg 2.2.6 via gpgme, as used by libzypp (bsc#1089497) libassuan: - Version upgrade to 2.5.5 in LTSS to address gpgme new requirements ----------------------------------------- Version 3-Build5.8.556 2023-07-25T09:00:25 ----------------------------------------- Patch: SUSE-2023-2955 Released: Tue Jul 25 05:22:54 2023 Summary: Recommended update for util-linux Severity: moderate References: 1193015 Description: This update for util-linux fixes the following issues: - Fix memory leak on parse errors in libmount. (bsc#1193015) ----------------------------------------- Version 3-Build5.8.557 2023-07-25T17:24:34 ----------------------------------------- Patch: SUSE-2023-2956 Released: Tue Jul 25 08:33:38 2023 Summary: Security update for libcap Severity: moderate References: 1211419,CVE-2023-2603 Description: This update for libcap fixes the following issues: - CVE-2023-2603: Fixed an integer overflow or wraparound in libcap/cap_alloc.c:_libcap_strdup() (bsc#1211419). ----------------------------------------- Version 3-Build5.8.559 2023-08-01T18:56:25 ----------------------------------------- Patch: SUSE-2023-3094 Released: Tue Aug 1 13:12:49 2023 Summary: Security update for python-requests Severity: moderate References: 1211674,CVE-2023-32681 Description: This update for python-requests fixes the following issues: - CVE-2023-32681: fixed unintended leak of Proxy-Authorization header (bsc#1211674). ----------------------------------------- Version 3-Build5.8.561 2023-08-04T09:00:25 ----------------------------------------- Patch: SUSE-2023-3179 Released: Thu Aug 3 13:59:38 2023 Summary: Security update for openssl-1_1 Severity: moderate References: 1201627,1207534,1213487,CVE-2022-4304,CVE-2023-3446 Description: This update for openssl-1_1 fixes the following issues: - CVE-2022-4304: Reworked the fix for the Timing-Oracle in RSA decryption. The previous fix for this timing side channel turned out to cause a severe 2-3x performance regression in the typical use case (bsc#1207534). - CVE-2023-3446: Fixed DH_check() excessive time with over sized modulus (bsc#1213487). - Update further expiring certificates that affect tests [bsc#1201627] ----------------------------------------- Version 3-Build5.8.566 2023-08-12T09:00:25 ----------------------------------------- Patch: SUSE-2023-3288 Released: Fri Aug 11 12:30:14 2023 Summary: Recommended update for python-apipkg Severity: moderate References: 1213582 Description: This update for python-apipkg provides python3-apipkg to SUSE Linux Enterprise Micro 5.2. ----------------------------------------- Patch: SUSE-2023-3291 Released: Fri Aug 11 12:51:21 2023 Summary: Security update for openssl-1_1 Severity: moderate References: 1213517,1213853,CVE-2023-3817 Description: This update for openssl-1_1 fixes the following issues: - CVE-2023-3817: Fixed a potential DoS due to excessive time spent checking DH q parameter value. (bsc#1213853) ----------------------------------------- Version 3-Build5.8.568 2023-08-16T17:36:25 ----------------------------------------- Patch: SUSE-2023-3330 Released: Wed Aug 16 08:59:33 2023 Summary: Recommended update for python-pyasn1 Severity: important References: 1207805 Description: This update for python-pyasn1 fixes the following issues: - To avoid users of this package having to recompile bytecode files, change the mtime of any __init__.py. (bsc#1207805) ----------------------------------------- Version 3-Build5.8.573 2023-08-26T09:03:40 ----------------------------------------- Patch: SUSE-2023-3434 Released: Thu Aug 24 15:05:22 2023 Summary: Security update for krb5 Severity: important References: 1214054,CVE-2023-36054 Description: This update for krb5 fixes the following issues: - CVE-2023-36054: Fixed a DoS that could be triggered by an authenticated remote user. (bsc#1214054) ----------------------------------------- Version 3-Build5.8.577 2023-08-29T09:00:25 ----------------------------------------- Patch: SUSE-2023-3454 Released: Mon Aug 28 13:43:18 2023 Summary: Security update for ca-certificates-mozilla Severity: important References: 1214248 Description: This update for ca-certificates-mozilla fixes the following issues: - Updated to 2.62 state of Mozilla SSL root CAs (bsc#1214248) Added: - Atos TrustedRoot Root CA ECC G2 2020 - Atos TrustedRoot Root CA ECC TLS 2021 - Atos TrustedRoot Root CA RSA G2 2020 - Atos TrustedRoot Root CA RSA TLS 2021 - BJCA Global Root CA1 - BJCA Global Root CA2 - LAWtrust Root CA2 (4096) - Sectigo Public Email Protection Root E46 - Sectigo Public Email Protection Root R46 - Sectigo Public Server Authentication Root E46 - Sectigo Public Server Authentication Root R46 - SSL.com Client ECC Root CA 2022 - SSL.com Client RSA Root CA 2022 - SSL.com TLS ECC Root CA 2022 - SSL.com TLS RSA Root CA 2022 Removed CAs: - Chambers of Commerce Root - E-Tugra Certification Authority - E-Tugra Global Root CA ECC v3 - E-Tugra Global Root CA RSA v3 - Hongkong Post Root CA 1 ----------------------------------------- Version 3-Build5.8.580 2023-08-30T09:00:25 ----------------------------------------- Patch: SUSE-2023-3472 Released: Tue Aug 29 10:55:16 2023 Summary: Security update for procps Severity: low References: 1214290,CVE-2023-4016 Description: This update for procps fixes the following issues: - CVE-2023-4016: Fixed ps buffer overflow (bsc#1214290). ----------------------------------------- Version 3-Build5.8.582 2023-09-02T09:00:26 ----------------------------------------- Patch: SUSE-2023-3515 Released: Fri Sep 1 15:54:25 2023 Summary: Recommended update for libzypp, zypper Severity: moderate References: 1158763,1210740,1213231,1213557,1213673 Description: This update for libzypp, zypper fixes the following issues: - Fix occasional isue with downloading very small files (bsc#1213673) - Fix negative ZYPP_LOCK_TIMEOUT not waiting forever (bsc#1213231) - Fix OES synchronization issues when cookie file has mode 0600 (bsc#1158763) - Don't cleanup orphaned dirs if read-only mode was promised (bsc#1210740) - Revised explanation of --force-resolution in man page (bsc#1213557) - Print summary hint if policies were violated due to --force-resolution (bsc#1213557) ----------------------------------------- Version 3-Build5.8.585 2023-09-06T09:00:29 ----------------------------------------- Patch: SUSE-2023-3521 Released: Tue Sep 5 08:56:45 2023 Summary: Recommended update for python-iniconfig Severity: moderate References: 1213582 Description: This update for python-iniconfig provides python3-iniconfig to SUSE Linux Enterprise Micro 5.2. ----------------------------------------- Version 3-Build5.8.590 2023-09-19T09:00:32 ----------------------------------------- Patch: SUSE-2023-3661 Released: Mon Sep 18 21:44:09 2023 Summary: Security update for gcc12 Severity: important References: 1214052,CVE-2023-4039 Description: This update for gcc12 fixes the following issues: - CVE-2023-4039: Fixed incorrect stack protector for C99 VLAs on Aarch64 (bsc#1214052). ----------------------------------------- Version 3-Build5.8.593 2023-09-20T13:31:18 ----------------------------------------- Patch: SUSE-2023-3698 Released: Wed Sep 20 11:01:15 2023 Summary: Security update for libxml2 Severity: important References: 1214768,CVE-2023-39615 Description: This update for libxml2 fixes the following issues: - CVE-2023-39615: Fixed crafted xml can cause global buffer overflow (bsc#1214768). ----------------------------------------- Version 3-Build5.8.599 2023-09-28T09:00:30 ----------------------------------------- Patch: SUSE-2023-3804 Released: Wed Sep 27 14:36:04 2023 Summary: Security update for python3 Severity: important References: 1214692,CVE-2023-40217 Description: This update for python3 fixes the following issues: - CVE-2023-40217: Fixed TLS handshake bypass on closed sockets (bsc#1214692). ----------------------------------------- Version 3-Build5.8.602 2023-10-10T09:00:31 ----------------------------------------- Patch: SUSE-2023-4006 Released: Mon Oct 9 08:35:50 2023 Summary: Recommended update for zypper Severity: moderate References: 1213854,1214292,1214395,1215007 Description: This update for zypper fixes the following issues: - Fix name of the bash completion script (bsc#1215007) - Update notes about failing signature checks (bsc#1214395) - Improve the SIGINT handler to be signal safe (bsc#1214292) - Update to version 1.14.64 - Changed location of bash completion script (bsc#1213854). ----------------------------------------- Version 3-Build5.8.603 2023-10-11T13:41:56 ----------------------------------------- Patch: SUSE-2023-4025 Released: Tue Oct 10 13:41:02 2023 Summary: Security update for shadow Severity: low References: 1214806,CVE-2023-4641 Description: This update for shadow fixes the following issues: - CVE-2023-4641: Fixed potential password leak (bsc#1214806). ----------------------------------------- Version 3-Build5.8.604 2023-10-11T18:02:38 ----------------------------------------- Patch: SUSE-2023-4045 Released: Wed Oct 11 09:10:43 2023 Summary: Security update for curl Severity: moderate References: 1215889,CVE-2023-38546 Description: This update for curl fixes the following issues: - CVE-2023-38546: Fixed a cookie injection with none file (bsc#1215889). ----------------------------------------- Patch: SUSE-2023-4047 Released: Wed Oct 11 10:40:26 2023 Summary: Security update for glibc Severity: moderate References: 1215286,1215505,CVE-2023-4813 Description: This update for glibc fixes the following issues: Security issue fixed: - CVE-2023-4813: Fixed a potential use-after-free in gaih_inet() (bsc#1215286, BZ #28931) Other changes: - Added GB18030-2022 charmap (jsc#PED-4908, BZ #30243) - Run vismain only if linker supports protected data symbol (bsc#1215505) ----------------------------------------- Version 3-Build5.8.611 2023-10-24T09:00:14 ----------------------------------------- Patch: SUSE-2023-4162 Released: Mon Oct 23 15:33:03 2023 Summary: Security update for gcc13 Severity: important References: 1206480,1206684,1210557,1211427,1212101,1213915,1214052,1214460,CVE-2023-4039 Description: This update for gcc13 fixes the following issues: This update ship the GCC 13.2 compiler suite and its base libraries. The compiler base libraries are provided for all SUSE Linux Enterprise 15 versions and replace the same named GCC 12 ones. The new compilers for C, C++, and Fortran are provided for SUSE Linux Enterprise 15 SP4 and SP5, and provided in the 'Development Tools' module. The Go, D, Ada and Modula 2 language compiler parts are available unsupported via the PackageHub repositories. To use gcc13 compilers use: - install 'gcc13' or 'gcc13-c++' or one of the other 'gcc13-COMPILER' frontend packages. - override your Makefile to use CC=gcc13, CXX=g++13 and similar overrides for the other languages. For a full changelog with all new GCC13 features, check out https://gcc.gnu.org/gcc-13/changes.html Detailed changes: * CVE-2023-4039: Fixed -fstack-protector issues on aarch64 with variable length stack allocations. (bsc#1214052) - Turn cross compiler to s390x to a glibc cross. [bsc#1214460] - Also handle -static-pie in the default-PIE specs - Fixed missed optimization in Skia resulting in Firefox crashes when building with LTO. [bsc#1212101] - Make libstdc++6-devel packages own their directories since they can be installed standalone. [bsc#1211427] - Add new x86-related intrinsics (amxcomplexintrin.h). - RISC-V: Add support for inlining subword atomic operations - Use --enable-link-serialization rather that --enable-link-mutex, the benefit of the former one is that the linker jobs are not holding tokens of the make's jobserver. - Add cross-bpf packages. See https://gcc.gnu.org/wiki/BPFBackEnd for the general state of BPF with GCC. - Add bootstrap conditional to allow --without=bootstrap to be specified to speed up local builds for testing. - Bump included newlib to version 4.3.0. - Also package libhwasan_preinit.o on aarch64. - Configure external timezone database provided by the timezone package. Make libstdc++6 recommend timezone to get a fully working std::chrono. Install timezone when running the testsuite. - Package libhwasan_preinit.o on x86_64. - Fixed unwinding on aarch64 with pointer signing. [bsc#1206684] - Enable PRU flavour for gcc13 - update floatn fixinclude pickup to check each header separately (bsc#1206480) - Redo floatn fixinclude pick-up to simply keep what is there. - Bump libgo SONAME to libgo22. - Do not package libhwasan for biarch (32-bit architecture) as the extension depends on 64-bit pointers. - Adjust floatn fixincludes guard to work with SLE12 and earlier SLE15. - Depend on at least LLVM 13 for GCN cross compiler. - Update embedded newlib to version 4.2.0 - Allow cross-pru-gcc12-bootstrap for armv7l architecture. PRU architecture is used for real-time MCUs embedded into TI armv7l and aarch64 SoCs. We need to have cross-pru-gcc12 for armv7l in order to build both host applications and PRU firmware during the same build. ----------------------------------------- Version 3-Build5.8.614 2023-10-26T15:32:54 ----------------------------------------- Patch: SUSE-2023-4217 Released: Thu Oct 26 12:20:27 2023 Summary: Security update for zlib Severity: moderate References: 1216378,CVE-2023-45853 Description: This update for zlib fixes the following issues: - CVE-2023-45853: Fixed an integer overflow that would lead to a buffer overflow in the minizip subcomponent (bsc#1216378). ----------------------------------------- Version 3-Build5.8.616 2023-10-27T15:00:36 ----------------------------------------- Patch: SUSE-2023-4226 Released: Fri Oct 27 11:14:10 2023 Summary: Recommended update for openssl-1_1 Severity: moderate References: 1215215 Description: This update for openssl-1_1 fixes the following issues: - Displays 'fips' in the version string (bsc#1215215) ----------------------------------------- Version 3-Build5.8.621 2023-11-02T12:35:40 ----------------------------------------- Patch: SUSE-2023-4323 Released: Tue Oct 31 18:07:08 2023 Summary: Security update for python-urllib3 Severity: moderate References: 1215968,1216377,CVE-2023-43804,CVE-2023-45803 Description: This update for python-urllib3 fixes the following issues: - CVE-2023-45803: Fix a request body leak that could occur when receiving a 303 HTTP response (bsc#1216377). - CVE-2023-43804: Fixed a potential cookie leak via HTTP redirect if the user manually set the corresponding header (bsc#1215968). ----------------------------------------- Version 3-Build5.8.626 2023-11-16T17:54:18 ----------------------------------------- Patch: SUSE-2023-4458 Released: Thu Nov 16 14:38:48 2023 Summary: Security update for gcc13 Severity: important References: 1206480,1206684,1210557,1211427,1212101,1213915,1214052,1214460,1215427,1216664,CVE-2023-4039 Description: This update for gcc13 fixes the following issues: This update ship the GCC 13.2 compiler suite and its base libraries. The compiler base libraries are provided for all SUSE Linux Enterprise 15 versions and replace the same named GCC 12 ones. The new compilers for C, C++, and Fortran are provided for SUSE Linux Enterprise 15 SP4 and SP5, and provided in the 'Development Tools' module. The Go, D, Ada and Modula 2 language compiler parts are available unsupported via the PackageHub repositories. To use gcc13 compilers use: - install 'gcc13' or 'gcc13-c++' or one of the other 'gcc13-COMPILER' frontend packages. - override your Makefile to use CC=gcc-13, CXX=g++-13 and similar overrides for the other languages. For a full changelog with all new GCC13 features, check out https://gcc.gnu.org/gcc-13/changes.html Detailed changes: * CVE-2023-4039: Fixed -fstack-protector issues on aarch64 with variable length stack allocations. (bsc#1214052) - Work around third party app crash during C++ standard library initialization. [bsc#1216664] - Fixed that GCC13 fails to compile some packages with error: unrecognizable insn (bsc#1215427) - Bump included newlib to version 4.3.0. - Update to GCC trunk head (r13-5254-g05b9868b182bb9) - Redo floatn fixinclude pick-up to simply keep what is there. - Turn cross compiler to s390x to a glibc cross. [bsc#1214460] - Also handle -static-pie in the default-PIE specs - Fixed missed optimization in Skia resulting in Firefox crashes when building with LTO. [bsc#1212101] - Make libstdc++6-devel packages own their directories since they can be installed standalone. [bsc#1211427] - Add new x86-related intrinsics (amxcomplexintrin.h). - RISC-V: Add support for inlining subword atomic operations - Use --enable-link-serialization rather that --enable-link-mutex, the benefit of the former one is that the linker jobs are not holding tokens of the make's jobserver. - Add cross-bpf packages. See https://gcc.gnu.org/wiki/BPFBackEnd for the general state of BPF with GCC. - Add bootstrap conditional to allow --without=bootstrap to be specified to speed up local builds for testing. - Bump included newlib to version 4.3.0. - Also package libhwasan_preinit.o on aarch64. - Configure external timezone database provided by the timezone package. Make libstdc++6 recommend timezone to get a fully working std::chrono. Install timezone when running the testsuite. - Package libhwasan_preinit.o on x86_64. - Fixed unwinding on aarch64 with pointer signing. [bsc#1206684] - Enable PRU flavour for gcc13 - update floatn fixinclude pickup to check each header separately (bsc#1206480) - Redo floatn fixinclude pick-up to simply keep what is there. - Bump libgo SONAME to libgo22. - Do not package libhwasan for biarch (32-bit architecture) as the extension depends on 64-bit pointers. - Adjust floatn fixincludes guard to work with SLE12 and earlier SLE15. - Depend on at least LLVM 13 for GCN cross compiler. - Update embedded newlib to version 4.2.0 - Allow cross-pru-gcc12-bootstrap for armv7l architecture. PRU architecture is used for real-time MCUs embedded into TI armv7l and aarch64 SoCs. We need to have cross-pru-gcc12 for armv7l in order to build both host applications and PRU firmware during the same build. ----------------------------------------- Version 3-Build5.8.627 2023-11-17T09:00:14 ----------------------------------------- Patch: SUSE-2023-4464 Released: Thu Nov 16 17:56:12 2023 Summary: Security update for libxml2 Severity: moderate References: 1216129,CVE-2023-45322 Description: This update for libxml2 fixes the following issues: - CVE-2023-45322: Fixed a use-after-free in xmlUnlinkNode() in tree.c (bsc#1216129). ----------------------------------------- Version 3-Build5.8.630 2023-11-22T09:00:15 ----------------------------------------- Patch: SUSE-2023-4512 Released: Tue Nov 21 17:25:02 2023 Summary: Security update for util-linux Severity: important References: 1213865,CVE-2018-7738 Description: This update for util-linux fixes the following issues: - CVE-2018-7738: Fixed shell code injection in umount bash-completions (bsc#1213865). ----------------------------------------- Patch: SUSE-2023-4519 Released: Tue Nov 21 17:39:58 2023 Summary: Security update for openssl-1_1 Severity: important References: 1216922,CVE-2023-5678 Description: This update for openssl-1_1 fixes the following issues: - CVE-2023-5678: Fixed generating and checking of excessively long X9.42 DH keys that resulted in a possible Denial of Service (bsc#1216922). ----------------------------------------- Version 3-Build5.8.631 2023-11-23T16:01:35 ----------------------------------------- Patch: SUSE-2023-4535 Released: Thu Nov 23 08:17:40 2023 Summary: Recommended update for libzypp, zypper Severity: moderate References: 1041742,1203760,1212422,1215979,1216091 Description: This update for libzypp, zypper fixes the following issues: - Preliminary disable 'rpm --runposttrans' usage for chrooted systems (bsc#1216091) - Fix comment typo on zypp.conf (bsc#1215979) - Attempt to delay %transfiletrigger(postun|in) execution if rpm supports it (bsc#1041742) - Make sure the old target is deleted before a new one is created (bsc#1203760) - Return 104 also if info suggests near matches - Rephrase upgrade message for openSUSE Tumbleweed (bsc#1212422) - commit: Insert a headline to separate output of different rpm scripts (bsc#1041742) ----------------------------------------- Version 3-Build5.8.636 2023-12-01T09:00:15 ----------------------------------------- Patch: SUSE-2023-4619 Released: Thu Nov 30 10:13:52 2023 Summary: Security update for sqlite3 Severity: important References: 1210660,CVE-2023-2137 Description: This update for sqlite3 fixes the following issues: - CVE-2023-2137: Fixed heap buffer overflow (bsc#1210660). ----------------------------------------- Version 3-Build5.8.641 2023-12-11T16:20:28 ----------------------------------------- Patch: SUSE-2023-4713 Released: Mon Dec 11 13:23:12 2023 Summary: Security update for curl Severity: moderate References: 1217573,CVE-2023-46218 Description: This update for curl fixes the following issues: - CVE-2023-46218: Fixed cookie mixed case PSL bypass (bsc#1217573). ----------------------------------------- Version 3-Build5.8.644 2023-12-19T09:00:15 ----------------------------------------- Patch: SUSE-2023-4890 Released: Mon Dec 18 13:00:52 2023 Summary: Recommended update for python-websocket-client Severity: moderate References: 1215314 Description: This update for python-websocket-client fixes the following issues: - Re-enable Python 3.6 to fix pip3 install (bsc#1215314) ----------------------------------------- Patch: SUSE-2023-4891 Released: Mon Dec 18 16:31:49 2023 Summary: Security update for ncurses Severity: moderate References: 1201384,1218014,CVE-2023-50495 Description: This update for ncurses fixes the following issues: - CVE-2023-50495: Fixed a segmentation fault via _nc_wrap_entry() (bsc#1218014) - Modify reset command to avoid altering clocal if the terminal uses a modem (bsc#1201384) ----------------------------------------- Version 3-Build5.8.646 2023-12-20T17:31:51 ----------------------------------------- Patch: SUSE-2023-4921 Released: Wed Dec 20 09:51:31 2023 Summary: Security update for python-cryptography Severity: moderate References: 1217592,CVE-2023-49083 Description: This update for python-cryptography fixes the following issues: - CVE-2023-49083: Fixed a NULL pointer dereference when loading certificates from a PKCS#7 bundle (bsc#1217592). ----------------------------------------- Version 3-Build5.8.647 2023-12-25T09:00:15 ----------------------------------------- Patch: SUSE-2023-4963 Released: Fri Dec 22 14:37:08 2023 Summary: Recommended update for curl Severity: important References: 1216987 Description: This update for curl fixes the following issues: - libssh: Implement SFTP packet size limit (bsc#1216987) ----------------------------------------- Version 3-Build5.8.649 2023-12-29T09:00:16 ----------------------------------------- Patch: SUSE-2023-4986 Released: Thu Dec 28 16:05:33 2023 Summary: Security update for gnutls Severity: moderate References: 1217277,CVE-2023-5981 Description: This update for gnutls fixes the following issues: - CVE-2023-5981: Fixed timing side-channel inside RSA-PSK key exchange (bsc#1217277). ----------------------------------------- Version 3-Build5.8.650 2024-01-03T09:00:14 ----------------------------------------- Patch: SUSE-2024-11 Released: Tue Jan 2 13:24:52 2024 Summary: Recommended update for procps Severity: moderate References: 1029961,1158830,1206798,1209122 Description: This update for procps fixes the following issues: - Update procps to 3.3.17 (jsc#PED-3244 jsc#PED-6369) - For support up to 2048 CPU as well (bsc#1185417) - Allow `-´ as leading character to ignore possible errors on systctl entries (bsc#1209122) - Get the first CPU summary correct (bsc#1121753) - Enable pidof for SLE-15 as this is provided by sysvinit-tools - Use a check on syscall __NR_pidfd_open to decide if the pwait tool and its manual page will be build - Do not truncate output of w with option -n - Prefer logind over utmp (jsc#PED-3144) - Don't install translated man pages for non-installed binaries (uptime, kill). - Fix directory for Ukrainian man pages translations. - Move localized man pages to lang package. - Update to procps-ng-3.3.17 * library: Incremented to 8:3:0 (no removals or additions, internal changes only) * all: properly handle utf8 cmdline translations * kill: Pass int to signalled process * pgrep: Pass int to signalled process * pgrep: Check sanity of SG_ARG_MAX * pgrep: Add older than selection * pidof: Quiet mode * pidof: show worker threads * ps.1: Mention stime alias * ps: check also match on truncated 16 char comm names * ps: Add exe output option * ps: A lot more sorting available * pwait: New command waits for a process * sysctl: Match systemd directory order * sysctl: Document directory order * top: ensure config file backward compatibility * top: add command line 'e' for symmetry with 'E' * top: add '4' toggle for two abreast cpu display * top: add '!' toggle for combining multiple cpus * top: fix potential SEGV involving -p switch * vmstat: Wide mode gives wider proc columns * watch: Add environment variable for interval * watch: Add no linewrap option * watch: Support more colors * free,uptime,slabtop: complain about extra ops - Package translations in procps-lang. - Fix pgrep: cannot allocate 4611686018427387903 bytes when ulimit -s is unlimited. - Enable pidof by default - Update to procps-ng-3.3.16 * library: Increment to 8:2:0 No removals or functions Internal changes only, so revision is incremented. Previous version should have been 8:1:0 not 8:0:1 * docs: Use correct symbols for -h option in free.1 * docs: ps.1 now warns about command name length * docs: install translated man pages * pgrep: Match on runstate * snice: Fix matching on pid * top: can now exploit 256-color terminals * top: preserves 'other filters' in configuration file * top: can now collapse/expand forest view children * top: parent %CPU time includes collapsed children * top: improve xterm support for vim navigation keys * top: avoid segmentation fault at program termination * 'ps -C' does not allow anymore an argument longer than 15 characters (bsc#1158830) ----------------------------------------- Version 3-Build5.8.657 2024-01-21T09:00:18 ----------------------------------------- Patch: SUSE-2024-136 Released: Thu Jan 18 09:53:47 2024 Summary: Security update for pam Severity: moderate References: 1217000,1218475,CVE-2024-22365 Description: This update for pam fixes the following issues: - CVE-2024-22365: Fixed a local denial of service during PAM login due to a missing check during path manipulation (bsc#1218475). - Check localtime_r() return value to fix crashing (bsc#1217000) ----------------------------------------- Version 3-Build5.8.660 2024-01-24T09:00:15 ----------------------------------------- Patch: SUSE-2024-187 Released: Tue Jan 23 13:38:00 2024 Summary: Recommended update for python-chardet Severity: moderate References: 1218765 Description: This update for python-chardet fixes the following issues: - Fix update-alternative in %postun (bsc#1218765) ----------------------------------------- Version 3-Build5.8.670 2024-02-14T09:00:14 ----------------------------------------- Patch: SUSE-2024-461 Released: Tue Feb 13 15:30:06 2024 Summary: Security update for libxml2 Severity: moderate References: 1219576,CVE-2024-25062 Description: This update for libxml2 fixes the following issues: - CVE-2024-25062: Fixed use-after-free in XMLReader (bsc#1219576). ----------------------------------------- Version 3-Build5.8.672 2024-02-15T09:00:14 ----------------------------------------- Patch: SUSE-2024-464 Released: Wed Feb 14 09:21:25 2024 Summary: Security update for python3 Severity: moderate References: 1210638,1214691,CVE-2022-48566,CVE-2023-27043 Description: This update for python3 fixes the following issues: - CVE-2023-27043: Fixed incorrectly parses e-mail addresses which contain a special character (bsc#1210638). - CVE-2022-48566: Use CRYPTO_memcmp() for compare_digest (bsc#1214691). ----------------------------------------- Version 3-Build5.8.674 2024-02-22T09:00:15 ----------------------------------------- Patch: SUSE-2024-43 Released: Fri Jan 5 14:49:13 2024 Summary: Recommended update for libsolv, zypper, libzypp Severity: moderate References: 1212160,1215294,1216412,1217593,1217873,1218291 Description: This update for libsolv, zypper, libzypp fixes the following issues: - Expand RepoVars in URLs downloading a .repo file (bsc#1212160) - Fix search/info commands ignoring --ignore-unknown (bsc#1217593) - CheckAccessDeleted: fix 'running in container' filter (bsc#1218291) - Open rpmdb just once during execution of %posttrans scripts (bsc#1216412) - Make sure reboot-needed is remembered until next boot (bsc#1217873) - Stop using boost version 1 timer library (bsc#1215294) - Updated to version 0.7.27 - Add zstd support for the installcheck tool - Add putinowndirpool cache to make file list handling in repo_write much faster - Do not use deprecated headerUnload with newer rpm versions - Support complex deps in SOLVABLE_PREREQ_IGNOREINST - Fix minimization not prefering installed packages in some cases - Reduce memory usage in repo_updateinfoxml - Fix lock-step interfering with architecture selection - Fix choice rule handing for package downgrades - Fix complex dependencies with an 'else' part sometimes leading to unsolved dependencies ----------------------------------------- Patch: SUSE-2024-475 Released: Wed Feb 14 19:08:44 2024 Summary: Recommended update for libsolv Severity: important References: 1215698,1218782,1218831,1219442 Description: This update for libsolv, libzypp fixes the following issues: - build for multiple python versions [jsc#PED-6218] - applydeltaprm: Create target directory if it does not exist (bsc#1219442) - Fix problems with EINTR in ExternalDataSource::getline (bsc#1215698) - CheckAccessDeleted: fix running_in_container detection (bsc#1218782) - Detect CURLOPT_REDIR_PROTOCOLS_STR availability at runtime (bsc#1218831) ----------------------------------------- Patch: SUSE-2024-525 Released: Mon Feb 19 08:03:59 2024 Summary: Security update for libssh Severity: important References: 1158095,1168699,1174713,1189608,1211188,1211190,1218126,1218186,1218209,CVE-2019-14889,CVE-2020-16135,CVE-2020-1730,CVE-2021-3634,CVE-2023-1667,CVE-2023-2283,CVE-2023-48795,CVE-2023-6004,CVE-2023-6918 Description: This update for libssh fixes the following issues: Update to version 0.9.8 (jsc#PED-7719): * Fix CVE-2023-6004: Command injection using proxycommand (bsc#1218209) * Fix CVE-2023-48795: Potential downgrade attack using strict kex (bsc#1218126) * Fix CVE-2023-6918: Missing checks for return values of MD functions (bsc#1218186) * Allow @ in usernames when parsing from URI composes Update to version 0.9.7: * Fix CVE-2023-1667: a NULL dereference during rekeying with algorithm guessing (bsc#1211188) * Fix CVE-2023-2283: a possible authorization bypass in pki_verify_data_signature under low-memory conditions (bsc#1211190) * Fix several memory leaks in GSSAPI handling code Update to version 0.9.6 (bsc#1189608, CVE-2021-3634): * https://git.libssh.org/projects/libssh.git/tag/?h=libssh-0.9.6 Update to 0.9.5 (bsc#1174713, CVE-2020-16135): * CVE-2020-16135: Avoid null pointer dereference in sftpserver (T232) * Improve handling of library initialization (T222) * Fix parsing of subsecond times in SFTP (T219) * Make the documentation reproducible * Remove deprecated API usage in OpenSSL * Fix regression of ssh_channel_poll_timeout() returning SSH_AGAIN * Define version in one place (T226) * Prevent invalid free when using different C runtimes than OpenSSL (T229) * Compatibility improvements to testsuite Update to version 0.9.4 * https://www.libssh.org/2020/04/09/libssh-0-9-4-and-libssh-0-8-9-security-release/ * Fix possible Denial of Service attack when using AES-CTR-ciphers CVE-2020-1730 (bsc#1168699) Update to version 0.9.3 * Fixed CVE-2019-14889 - SCP: Unsanitized location leads to command execution (bsc#1158095) * SSH-01-003 Client: Missing NULL check leads to crash in erroneous state * SSH-01-006 General: Various unchecked Null-derefs cause DOS * SSH-01-007 PKI Gcrypt: Potential UAF/double free with RSA pubkeys * SSH-01-010 SSH: Deprecated hash function in fingerprinting * SSH-01-013 Conf-Parsing: Recursive wildcards in hostnames lead to DOS * SSH-01-014 Conf-Parsing: Integer underflow leads to OOB array access * SSH-01-001 State Machine: Initial machine states should be set explicitly * SSH-01-002 Kex: Differently bound macros used to iterate same array * SSH-01-005 Code-Quality: Integer sign confusion during assignments * SSH-01-008 SCP: Protocol Injection via unescaped File Names * SSH-01-009 SSH: Update documentation which RFCs are implemented * SSH-01-012 PKI: Information leak via uninitialized stack buffer Update to version 0.9.2 * Fixed libssh-config.cmake * Fixed issues with rsa algorithm negotiation (T191) * Fixed detection of OpenSSL ed25519 support (T197) Update to version 0.9.1 * Added support for Ed25519 via OpenSSL * Added support for X25519 via OpenSSL * Added support for localuser in Match keyword * Fixed Match keyword to be case sensitive * Fixed compilation with LibreSSL * Fixed error report of channel open (T75) * Fixed sftp documentation (T137) * Fixed known_hosts parsing (T156) * Fixed build issue with MinGW (T157) * Fixed build with gcc 9 (T164) * Fixed deprecation issues (T165) * Fixed known_hosts directory creation (T166) - Split out configuration to separate package to not mess up the library packaging and coinstallation Update to verion 0.9.0 * Added support for AES-GCM * Added improved rekeying support * Added performance improvements * Disabled blowfish support by default * Fixed several ssh config parsing issues * Added support for DH Group Exchange KEX * Added support for Encrypt-then-MAC mode * Added support for parsing server side configuration file * Added support for ECDSA/Ed25519 certificates * Added FIPS 140-2 compatibility * Improved known_hosts parsing * Improved documentation * Improved OpenSSL API usage for KEX, DH, and signatures - Add libssh client and server config files ----------------------------------------- Version 3-Build5.8.675 2024-02-23T17:16:35 ----------------------------------------- Patch: SUSE-2024-601 Released: Fri Feb 23 09:26:44 2024 Summary: Security update for python-pycryptodome Severity: moderate References: 1218564,CVE-2023-52323 Description: This update for python-pycryptodome fixes the following issues: - CVE-2023-52323: Fixed side-channel leakage in RSA decryption by using constant-time (faster) padding decoding for OAEP (bsc#1218564). ----------------------------------------- Version 3-Build5.8.678 2024-02-27T09:50:42 ----------------------------------------- Patch: SUSE-2024-615 Released: Mon Feb 26 11:32:32 2024 Summary: Recommended update for netcfg Severity: moderate References: 1211886 Description: This update for netcfg fixes the following issues: - Add krb-prop entry (bsc#1211886) ----------------------------------------- Version 3-Build5.8.688 2024-03-09T09:00:15 ----------------------------------------- Patch: SUSE-2024-824 Released: Fri Mar 8 17:34:36 2024 Summary: Security update for cpio Severity: moderate References: 1218571,1219238,CVE-2023-7207 Description: This update for cpio fixes the following issues: - CVE-2023-7207: Fixed path traversal vulnerability (bsc#1218571, bsc#1219238) ----------------------------------------- Version 3-Build5.8.691 2024-03-11T16:55:22 ----------------------------------------- Patch: SUSE-2024-832 Released: Mon Mar 11 10:30:30 2024 Summary: Security update for openssl-1_1 Severity: moderate References: 1219243,CVE-2024-0727 Description: This update for openssl-1_1 fixes the following issues: - CVE-2024-0727: Denial of service when processing a maliciously formatted PKCS12 file (bsc#1219243). ----------------------------------------- Version 3-Build5.8.693 2024-03-13T09:00:15 ----------------------------------------- Patch: SUSE-2024-849 Released: Tue Mar 12 15:38:03 2024 Summary: Recommended update for cloud-init Severity: important References: 1198533,1214169,1218952 Description: This update for cloud-init contains the following fixes: - Skip tests with empty config. - Support reboot on package update/upgrade via the cloud-init config. (bsc#1198533, bsc#1218952, jsc#SMO-326) - Switch build dependency to the generic distribution-release package. - Move fdupes call back to %install. (bsc#1214169) ----------------------------------------- Patch: SUSE-2024-850 Released: Tue Mar 12 16:18:02 2024 Summary: Security update for python3 Severity: important References: 1219666,CVE-2023-6597 Description: This update for python3 fixes the following issues: - CVE-2023-6597: Fixed symlink bug in cleanup of tempfile.TemporaryDirectory (bsc#1219666). ----------------------------------------- Version 3-Build5.8.694 2024-03-14T09:00:14 ----------------------------------------- Patch: SUSE-2024-860 Released: Wed Mar 13 08:45:21 2024 Summary: Security update for gnutls Severity: moderate References: 1218865,CVE-2023-5981,CVE-2024-0553 Description: This update for gnutls fixes the following issues: - CVE-2024-0553: Fixed insufficient mitigation for side channel attack in RSA-PSK, aka CVE-2023-5981 (bsc#1218865). ----------------------------------------- Version 3-Build5.8.702 2024-03-27T09:00:19 ----------------------------------------- Patch: SUSE-2024-999 Released: Tue Mar 26 14:03:42 2024 Summary: Security update for krb5 Severity: important References: 1220770,1220771,CVE-2024-26458,CVE-2024-26461 Description: This update for krb5 fixes the following issues: - CVE-2024-26458: Fixed memory leak at /krb5/src/lib/rpc/pmap_rmt.c (bsc#1220770). - CVE-2024-26461: Fixed memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c (bsc#1220771). ----------------------------------------- Version 3-Build5.8.708 2024-04-04T09:00:18 ----------------------------------------- Patch: SUSE-2024-1106 Released: Wed Apr 3 15:33:00 2024 Summary: Security update for util-linux Severity: important References: 1194642,1207987,1221831,CVE-2024-28085 Description: This update for util-linux fixes the following issues: - CVE-2024-28085: Properly neutralize escape sequences in wall. (bsc#1221831) - Prevent error message if `/var/lib/libuuid/clock.txt` does not exist (bsc#1194642) - Fixed performance degradation (bsc#1207987) ----------------------------------------- Version 3-Build5.8.710 2024-04-06T09:00:19 ----------------------------------------- Patch: SUSE-2024-1120 Released: Fri Apr 5 14:03:46 2024 Summary: Security update for curl Severity: moderate References: 1221665,1221667,CVE-2024-2004,CVE-2024-2398 Description: This update for curl fixes the following issues: - CVE-2024-2004: Fix the uUsage of disabled protocol logic. (bsc#1221665) - CVE-2024-2398: Fix HTTP/2 push headers memory-leak. (bsc#1221667) ----------------------------------------- Version 3-Build5.8.714 2024-04-09T09:00:18 ----------------------------------------- Patch: SUSE-2024-1133 Released: Mon Apr 8 11:29:02 2024 Summary: Security update for ncurses Severity: moderate References: 1220061,CVE-2023-45918 Description: This update for ncurses fixes the following issues: - CVE-2023-45918: Fixed NULL pointer dereference via corrupted xterm-256color file (bsc#1220061). ----------------------------------------- Version 3-Build5.8.716 2024-04-11T15:42:09 ----------------------------------------- Patch: SUSE-2024-1202 Released: Thu Apr 11 10:49:34 2024 Summary: Recommended update for libzypp, zypper, PackageKit Severity: moderate References: 1175678,1218171,1218544,1221525,CVE-2024-0217 Description: This update for libzypp, zypper, PackageKit fixes the following issues: - Fixup New VendorSupportOption flag VendorSupportSuperseded (jsc#OBS-301, jsc#PED-8014) - CVE-2024-0217: Check that Finished signal is emitted at most once (bsc#1218544) - Add resolver option 'removeOrphaned' for distupgrade (bsc#1221525) - New VendorSupportOption flag VendorSupportSuperseded (jsc#OBS-301, jsc#PED-8014) - Add default stripe minimum - Don't expose std::optional where YAST/PK explicitly use c++11. - Digest: Avoid using the deprecated OPENSSL_config - version 17.32.0 - ProblemSolution::skipsPatchesOnly overload to handout the patches - Show active dry-run/download-only at the commit propmpt - Add --skip-not-applicable-patches option - Fix printing detailed solver problem description - Fix bash-completion to work with right adjusted numbers in the 1st column too - Set libzypp shutdown request signal on Ctrl+C - In the detailed view show all baseurls not just the first one (bsc#1218171) ----------------------------------------- Version 3-Build5.8.720 2024-04-16T09:00:18 ----------------------------------------- Patch: SUSE-2024-1253 Released: Fri Apr 12 08:15:18 2024 Summary: Recommended update for gcc13 Severity: moderate References: 1210959,1214934,1217450,1217667,1218492,1219031,1219520,1220724,1221239 Description: This update for gcc13 fixes the following issues: - Fix unwinding for JIT code. [bsc#1221239] - Revert libgccjit dependency change. [bsc#1220724] - Remove crypt and crypt_r interceptors. The crypt API change in SLE15 SP3 breaks them. [bsc#1219520] - Add support for -fmin-function-alignment. [bsc#1214934] - Use %{_target_cpu} to determine host and build. - Fix for building TVM. [bsc#1218492] - Add cross-X-newlib-devel requires to newlib cross compilers. [bsc#1219031] - Package m2rte.so plugin in the gcc13-m2 sub-package rather than in gcc13-devel. [bsc#1210959] - Require libstdc++6-devel-gcc13 from gcc13-m2 as m2 programs are linked against libstdc++6. - Fixed building mariadb on i686. [bsc#1217667] - Avoid update-alternatives dependency for accelerator crosses. - Package tool links to llvm in cross-amdgcn-gcc13 rather than in cross-amdgcn-newlib13-devel since that also has the dependence. - Depend on llvmVER instead of llvm with VER equal to %product_libs_llvm_ver where available and adjust tool discovery accordingly. This should also properly trigger re-builds when the patchlevel version of llvmVER changes, possibly changing the binary names we link to. [bsc#1217450] ----------------------------------------- Patch: SUSE-2024-1254 Released: Fri Apr 12 08:18:48 2024 Summary: Recommended update for python3 Severity: moderate References: 1222109 Description: This update for python3 fixes the following issue: - Fix syslog making default 'ident' from sys.argv (bsc#1222109) ----------------------------------------- Version 3-Build5.8.721 2024-04-17T09:00:18 ----------------------------------------- Patch: SUSE-2024-1314 Released: Tue Apr 16 14:45:55 2024 Summary: Recommended update for azure-cli, azure-cli-core, python-adal, python-applicationinsights, python-azure-agrifood-farming, python-azure-agrifood-nspkg, python-azure-ai-anomalydetector, python-azure-ai-formrecognizer, python-azure-ai-language-nspkg, python-azure-ai-language-questionanswering, python-azure-ai-metricsadvisor, python-azure-ai-nspkg, python-azure-ai-textanalytics, python-azure-ai-translation-document, python-azure-ai-translation-nspkg, python-azure-appconfiguration, python-azure-applicationinsights, python-azure-batch, python-azure-cognitiveservices-anomalydetector, python-azure-cognitiveservices-formrecognizer, python-azure-cognitiveservices-inkrecognizer, python-azure-cognitiveservices-knowledge-nspkg, python-azure-cognitiveservices-knowledge-qnamaker, python-azure-cognitiveservices-language-luis, python-azure-cognitiveservices-language-nspkg, python-azure-cognitiveservices-language-spellcheck, python-azure-cognitiveservices-language-textanalytics, python-azure-cognitiveservices-nspkg, python-azure-cognitiveservices-personalizer, python-azure-cognitiveservices-search-autosuggest, python-azure-cognitiveservices-search-customimagesearch, python-azure-cognitiveservices-search-customsearch, python-azure-cognitiveservices-search-entitysearch, python-azure-cognitiveservices-search-imagesearch, python-azure-cognitiveservices-search-newssearch, python-azure-cognitiveservices-search-nspkg, python-azure-cognitiveservices-search-videosearch, python-azure-cognitiveservices-search-visualsearch, python-azure-cognitiveservices-search-websearch, python-azure-cognitiveservices-vision-computervision, python-azure-cognitiveservices-vision-contentmoderator, python-azure-cognitiveservices-vision-customvision, python-azure-cognitiveservices-vision-face, python-azure-cognitiveservices-vision-nspkg, python-azure-common, python-azure-communication-administration, python-azure-communication-chat, python-azure-communication-identity, python-azure-communication-networktraversal, python-azure-communication-nspkg, python-azure-communication-phonenumbers, python-azure-communication-sms, python-azure-confidentialledger, python-azure-containerregistry, python-azure-core, python-azure-core-tracing-opencensus, python-azure-core-tracing-opentelemetry, python-azure-cosmos, python-azure-data-nspkg, python-azure-data-tables, python-azure-datalake-store, python-azure-devops, python-azure-digitaltwins-core, python-azure-digitaltwins-nspkg, python-azure-eventgrid, python-azure-eventhub, python-azure-eventhub-checkpointstoreblob, python-azure-eventhub-checkpointstoreblob-aio, python-azure-functions-devops-build, python-azure-graphrbac, python-azure-identity, python-azure-keyvault, python-azure-keyvault-administration, python-azure-keyvault-certificates, python-azure-keyvault-keys, python-azure-keyvault-nspkg, python-azure-keyvault-secrets, python-azure-loganalytics, python-azure-media-nspkg, python-azure-media-videoanalyzer-edge, python-azure-messaging-nspkg, python-azure-messaging-webpubsubservice, python-azure-mgmt, python-azure-mgmt-advisor, python-azure-mgmt-agfood, python-azure-mgmt-agrifood, python-azure-mgmt-alertsmanagement, python-azure-mgmt-apimanagement, python-azure-mgmt-app, python-azure-mgmt-appconfiguration, python-azure-mgmt-applicationinsights, python-azure-mgmt-appplatform, python-azure-mgmt-attestation, python-azure-mgmt-authorization, python-azure-mgmt-automanage, python-azure-mgmt-automation, python-azure-mgmt-avs, python-azure-mgmt-azureadb2c, python-azure-mgmt-azurestack, python-azure-mgmt-azurestackhci, python-azure-mgmt-batch, python-azure-mgmt-batchai, python-azure-mgmt-billing, python-azure-mgmt-botservice, python-azure-mgmt-cdn, python-azure-mgmt-chaos, python-azure-mgmt-cognitiveservices, python-azure-mgmt-commerce, python-azure-mgmt-communication, python-azure-mgmt-compute, python-azure-mgmt-confluent, python-azure-mgmt-connectedvmware, python-azure-mgmt-consumption, python-azure-mgmt-containerinstance, python-azure-mgmt-containerregistry, python-azure-mgmt-containerservice, python-azure-mgmt-core, python-azure-mgmt-cosmosdb, python-azure-mgmt-costmanagement, python-azure-mgmt-customproviders, python-azure-mgmt-databox, python-azure-mgmt-databoxedge, python-azure-mgmt-databricks, python-azure-mgmt-datadog, python-azure-mgmt-datafactory, python-azure-mgmt-datalake-analytics, python-azure-mgmt-datalake-nspkg, python-azure-mgmt-datalake-store, python-azure-mgmt-datamigration, python-azure-mgmt-dataprotection, python-azure-mgmt-datashare, python-azure-mgmt-deploymentmanager, python-azure-mgmt-deviceupdate, python-azure-mgmt-devspaces, python-azure-mgmt-devtestlabs, python-azure-mgmt-digitaltwins, python-azure-mgmt-dns, python-azure-mgmt-documentdb, python-azure-mgmt-edgegateway, python-azure-mgmt-edgeorder, python-azure-mgmt-elastic, python-azure-mgmt-eventgrid, python-azure-mgmt-eventhub, python-azure-mgmt-extendedlocation, python-azure-mgmt-fluidrelay, python-azure-mgmt-frontdoor, python-azure-mgmt-guestconfig, python-azure-mgmt-hanaonazure, python-azure-mgmt-hdinsight, python-azure-mgmt-healthcareapis, python-azure-mgmt-hybridcompute, python-azure-mgmt-hybridkubernetes, python-azure-mgmt-hybridnetwork, python-azure-mgmt-imagebuilder, python-azure-mgmt-iotcentral, python-azure-mgmt-iothub, python-azure-mgmt-iothubprovisioningservices, python-azure-mgmt-keyvault, python-azure-mgmt-kubernetesconfiguration, python-azure-mgmt-kusto, python-azure-mgmt-labservices, python-azure-mgmt-loadtestservice, python-azure-mgmt-loganalytics, python-azure-mgmt-logic, python-azure-mgmt-logz, python-azure-mgmt-machinelearningcompute, python-azure-mgmt-machinelearningservices, python-azure-mgmt-maintenance, python-azure-mgmt-managedservices, python-azure-mgmt-managementgroups, python-azure-mgmt-managementpartner, python-azure-mgmt-maps, python-azure-mgmt-marketplaceordering, python-azure-mgmt-media, python-azure-mgmt-mixedreality, python-azure-mgmt-mobilenetwork, python-azure-mgmt-monitor, python-azure-mgmt-msi, python-azure-mgmt-netapp, python-azure-mgmt-network, python-azure-mgmt-notificationhubs, python-azure-mgmt-nspkg, python-azure-mgmt-oep, python-azure-mgmt-orbital, python-azure-mgmt-peering, python-azure-mgmt-policyinsights, python-azure-mgmt-portal, python-azure-mgmt-powerbidedicated, python-azure-mgmt-powerbiembedded, python-azure-mgmt-privatedns, python-azure-mgmt-purview, python-azure-mgmt-quantum, python-azure-mgmt-quota, python-azure-mgmt-rdbms, python-azure-mgmt-recoveryservices, python-azure-mgmt-recoveryservicesbackup, python-azure-mgmt-recoveryservicessiterecovery, python-azure-mgmt-redhatopenshift, python-azure-mgmt-redis, python-azure-mgmt-regionmove, python-azure-mgmt-relay, python-azure-mgmt-reservations, python-azure-mgmt-resource, python-azure-mgmt-resourceconnector, python-azure-mgmt-resourcegraph, python-azure-mgmt-resourcehealth, python-azure-mgmt-resourcemover, python-azure-mgmt-scheduler, python-azure-mgmt-search, python-azure-mgmt-security, python-azure-mgmt-serialconsole, python-azure-mgmt-servermanager, python-azure-mgmt-servicebus, python-azure-mgmt-servicefabric, python-azure-mgmt-servicefabricmanagedclusters, python-azure-mgmt-servicelinker, python-azure-mgmt-signalr, python-azure-mgmt-sql, python-azure-mgmt-sqlvirtualmachine, python-azure-mgmt-storage, python-azure-mgmt-storagecache, python-azure-mgmt-storageimportexport, python-azure-mgmt-storagepool, python-azure-mgmt-storagesync, python-azure-mgmt-streamanalytics, python-azure-mgmt-subscription, python-azure-mgmt-support, python-azure-mgmt-synapse, python-azure-mgmt-testbase, python-azure-mgmt-timeseriesinsights, python-azure-mgmt-trafficmanager, python-azure-mgmt-videoanalyzer, python-azure-mgmt-vmwarecloudsimple, python-azure-mgmt-web, python-azure-mgmt-webpubsub, python-azure-mixedreality-authentication, python-azure-mixedreality-nspkg, python-azure-monitor, python-azure-monitor-nspkg, python-azure-monitor-query, python-azure-multiapi-storage, python-azure-nspkg, python-azure-purview-account, python-azure-purview-administration, python-azure-purview-catalog, python-azure-purview-nspkg, python-azure-purview-scanning, python-azure-schemaregistry, python-azure-schemaregistry-avroserializer, python-azure-sdk, python-azure-search-documents, python-azure-search-nspkg, python-azure-security-attestation, python-azure-security-nspkg, python-azure-servicebus, python-azure-servicefabric, python-azure-servicemanagement-legacy, python-azure-storage-blob, python-azure-storage-common, python-azure-storage-file, python-azure-storage-file-datalake, python-azure-storage-file-share, python-azure-storage-nspkg, python-azure-storage-queue, python-azure-synapse-accesscontrol, python-azure-synapse-artifacts, python-azure-synapse-monitoring, python-azure-synapse-nspkg, python-azure-synapse-spark, python-azure-template, python-msal, python-msal-extensions, python-msrest, python-msrestazure, python-opencensus-ext-azure, python-pydocumentdb, python-vsts, python-vsts-cd-manager Severity: moderate References: 1180930,1183865,1187881,1193394,1199282 Description: This update for azure-cli, azure-cli-core, python-adal, python-applicationinsights, python-azure-agrifood-farming, python-azure-agrifood-nspkg, python-azure-ai-anomalydetector, python-azure-ai-formrecognizer, python-azure-ai-language-nspkg, python-azure-ai-language-questionanswering, python-azure-ai-metricsadvisor, python-azure-ai-nspkg, python-azure-ai-textanalytics, python-azure-ai-translation-document, python-azure-ai-translation-nspkg, python-azure-appconfiguration, python-azure-applicationinsights, python-azure-batch, python-azure-cognitiveservices-anomalydetector, python-azure-cognitiveservices-formrecognizer, python-azure-cognitiveservices-inkrecognizer, python-azure-cognitiveservices-knowledge-nspkg, python-azure-cognitiveservices-knowledge-qnamaker, python-azure-cognitiveservices-language-luis, python-azure-cognitiveservices-language-nspkg, python-azure-cognitiveservices-language-spellcheck, python-azure-cognitiveservices-language-textanalytics, python-azure-cognitiveservices-nspkg, python-azure-cognitiveservices-personalizer, python-azure-cognitiveservices-search-autosuggest, python-azure-cognitiveservices-search-customimagesearch, python-azure-cognitiveservices-search-customsearch, python-azure-cognitiveservices-search-entitysearch, python-azure-cognitiveservices-search-imagesearch, python-azure-cognitiveservices-search-newssearch, python-azure-cognitiveservices-search-nspkg, python-azure-cognitiveservices-search-videosearch, python-azure-cognitiveservices-search-visualsearch, python-azure-cognitiveservices-search-websearch, python-azure-cognitiveservices-vision-computervision, python-azure-cognitiveservices-vision-contentmoderator, python-azure-cognitiveservices-vision-customvision, python-azure-cognitiveservices-vision-face, python-azure-cognitiveservices-vision-nspkg, python-azure-common, python-azure-communication-administration, python-azure-communication-chat, python-azure-communication-identity, python-azure-communication-networktraversal, python-azure-communication-nspkg, python-azure-communication-phonenumbers, python-azure-communication-sms, python-azure-confidentialledger, python-azure-containerregistry, python-azure-core, python-azure-core-tracing-opencensus, python-azure-core-tracing-opentelemetry, python-azure-cosmos, python-azure-data-nspkg, python-azure-data-tables, python-azure-datalake-store, python-azure-devops, python-azure-digitaltwins-core, python-azure-digitaltwins-nspkg, python-azure-eventgrid, python-azure-eventhub, python-azure-eventhub-checkpointstoreblob, python-azure-eventhub-checkpointstoreblob-aio, python-azure-functions-devops-build, python-azure-graphrbac, python-azure-identity, python-azure-keyvault, python-azure-keyvault-administration, python-azure-keyvault-certificates, python-azure-keyvault-keys, python-azure-keyvault-nspkg, python-azure-keyvault-secrets, python-azure-loganalytics, python-azure-media-nspkg, python-azure-media-videoanalyzer-edge, python-azure-messaging-nspkg, python-azure-messaging-webpubsubservice, python-azure-mgmt, python-azure-mgmt-advisor, python-azure-mgmt-agfood, python-azure-mgmt-agrifood, python-azure-mgmt-alertsmanagement, python-azure-mgmt-apimanagement, python-azure-mgmt-app, python-azure-mgmt-appconfiguration, python-azure-mgmt-applicationinsights, python-azure-mgmt-appplatform, python-azure-mgmt-attestation, python-azure-mgmt-authorization, python-azure-mgmt-automanage, python-azure-mgmt-automation, python-azure-mgmt-avs, python-azure-mgmt-azureadb2c, python-azure-mgmt-azurestack, python-azure-mgmt-azurestackhci, python-azure-mgmt-batch, python-azure-mgmt-batchai, python-azure-mgmt-billing, python-azure-mgmt-botservice, python-azure-mgmt-cdn, python-azure-mgmt-chaos, python-azure-mgmt-cognitiveservices, python-azure-mgmt-commerce, python-azure-mgmt-communication, python-azure-mgmt-compute, python-azure-mgmt-confluent, python-azure-mgmt-connectedvmware, python-azure-mgmt-consumption, python-azure-mgmt-containerinstance, python-azure-mgmt-containerregistry, python-azure-mgmt-containerservice, python-azure-mgmt-core, python-azure-mgmt-cosmosdb, python-azure-mgmt-costmanagement, python-azure-mgmt-customproviders, python-azure-mgmt-databox, python-azure-mgmt-databoxedge, python-azure-mgmt-databricks, python-azure-mgmt-datadog, python-azure-mgmt-datafactory, python-azure-mgmt-datalake-analytics, python-azure-mgmt-datalake-nspkg, python-azure-mgmt-datalake-store, python-azure-mgmt-datamigration, python-azure-mgmt-dataprotection, python-azure-mgmt-datashare, python-azure-mgmt-deploymentmanager, python-azure-mgmt-deviceupdate, python-azure-mgmt-devspaces, python-azure-mgmt-devtestlabs, python-azure-mgmt-digitaltwins, python-azure-mgmt-dns, python-azure-mgmt-documentdb, python-azure-mgmt-edgegateway, python-azure-mgmt-edgeorder, python-azure-mgmt-elastic, python-azure-mgmt-eventgrid, python-azure-mgmt-eventhub, python-azure-mgmt-extendedlocation, python-azure-mgmt-fluidrelay, python-azure-mgmt-frontdoor, python-azure-mgmt-guestconfig, python-azure-mgmt-hanaonazure, python-azure-mgmt-hdinsight, python-azure-mgmt-healthcareapis, python-azure-mgmt-hybridcompute, python-azure-mgmt-hybridkubernetes, python-azure-mgmt-hybridnetwork, python-azure-mgmt-imagebuilder, python-azure-mgmt-iotcentral, python-azure-mgmt-iothub, python-azure-mgmt-iothubprovisioningservices, python-azure-mgmt-keyvault, python-azure-mgmt-kubernetesconfiguration, python-azure-mgmt-kusto, python-azure-mgmt-labservices, python-azure-mgmt-loadtestservice, python-azure-mgmt-loganalytics, python-azure-mgmt-logic, python-azure-mgmt-logz, python-azure-mgmt-machinelearningcompute, python-azure-mgmt-machinelearningservices, python-azure-mgmt-maintenance, python-azure-mgmt-managedservices, python-azure-mgmt-managementgroups, python-azure-mgmt-managementpartner, python-azure-mgmt-maps, python-azure-mgmt-marketplaceordering, python-azure-mgmt-media, python-azure-mgmt-mixedreality, python-azure-mgmt-mobilenetwork, python-azure-mgmt-monitor, python-azure-mgmt-msi, python-azure-mgmt-netapp, python-azure-mgmt-network, python-azure-mgmt-notificationhubs, python-azure-mgmt-nspkg, python-azure-mgmt-oep, python-azure-mgmt-orbital, python-azure-mgmt-peering, python-azure-mgmt-policyinsights, python-azure-mgmt-portal, python-azure-mgmt-powerbidedicated, python-azure-mgmt-powerbiembedded, python-azure-mgmt-privatedns, python-azure-mgmt-purview, python-azure-mgmt-quantum, python-azure-mgmt-quota, python-azure-mgmt-rdbms, python-azure-mgmt-recoveryservices, python-azure-mgmt-recoveryservicesbackup, python-azure-mgmt-recoveryservicessiterecovery, python-azure-mgmt-redhatopenshift, python-azure-mgmt-redis, python-azure-mgmt-regionmove, python-azure-mgmt-relay, python-azure-mgmt-reservations, python-azure-mgmt-resource, python-azure-mgmt-resourceconnector, python-azure-mgmt-resourcegraph, python-azure-mgmt-resourcehealth, python-azure-mgmt-resourcemover, python-azure-mgmt-scheduler, python-azure-mgmt-search, python-azure-mgmt-security, python-azure-mgmt-serialconsole, python-azure-mgmt-servermanager, python-azure-mgmt-servicebus, python-azure-mgmt-servicefabric, python-azure-mgmt-servicefabricmanagedclusters, python-azure-mgmt-servicelinker, python-azure-mgmt-signalr, python-azure-mgmt-sql, python-azure-mgmt-sqlvirtualmachine, python-azure-mgmt-storage, python-azure-mgmt-storagecache, python-azure-mgmt-storageimportexport, python-azure-mgmt-storagepool, python-azure-mgmt-storagesync, python-azure-mgmt-streamanalytics, python-azure-mgmt-subscription, python-azure-mgmt-support, python-azure-mgmt-synapse, python-azure-mgmt-testbase, python-azure-mgmt-timeseriesinsights, python-azure-mgmt-trafficmanager, python-azure-mgmt-videoanalyzer, python-azure-mgmt-vmwarecloudsimple, python-azure-mgmt-web, python-azure-mgmt-webpubsub, python-azure-mixedreality-authentication, python-azure-mixedreality-nspkg, python-azure-monitor, python-azure-monitor-nspkg, python-azure-monitor-query, python-azure-multiapi-storage, python-azure-nspkg, python-azure-purview-account, python-azure-purview-administration, python-azure-purview-catalog, python-azure-purview-nspkg, python-azure-purview-scanning, python-azure-schemaregistry, python-azure-schemaregistry-avroserializer, python-azure-sdk, python-azure-search-documents, python-azure-search-nspkg, python-azure-security-attestation, python-azure-security-nspkg, python-azure-servicebus, python-azure-servicefabric, python-azure-servicemanagement-legacy, python-azure-storage-blob, python-azure-storage-common, python-azure-storage-file, python-azure-storage-file-datalake, python-azure-storage-file-share, python-azure-storage-nspkg, python-azure-storage-queue, python-azure-synapse-accesscontrol, python-azure-synapse-artifacts, python-azure-synapse-monitoring, python-azure-synapse-nspkg, python-azure-synapse-spark, python-azure-template, python-msal, python-msal-extensions, python-msrest, python-msrestazure, python-opencensus-ext-azure, python-pydocumentdb, python-vsts, python-vsts-cd-manager contains the following fixes: Changes in azure-cli: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 2.36.0 + For detailed information about changes see the HISTORY.rst file provided with this package - Update Requires from setup.py - New upstream release + Version 2.35.0 + For detailed information about changes see the HISTORY.rst file provided with this package - Update Requires from setup.py - New upstream release + Version 2.34.1 + For detailed information about changes see the HISTORY.rst file provided with this package - Update Requires from setup.py - New upstream release + Version 2.33.1 + For detailed information about changes see the HISTORY.rst file provided with this package - New upstream release + Version 2.33.0 + For detailed information about changes see the HISTORY.rst file provided with this package - Add missing python-rpm-macros to BuildRequires - Update Requires from setup.py - New upstream release + Version 2.32.0 + For detailed information about changes see the HISTORY.rst file provided with this package - Update Requires from setup.py - New upstream release + Version 2.31.0 + For detailed information about changes see the HISTORY.rst file provided with this package - Update Requires from setup.py - New upstream release + Version 2.30.0 + For detailed information about changes see the HISTORY.rst file provided with this package - Update Requires from setup.py - New upstream release + Version 2.29.0 + For detailed information about changes see the HISTORY.rst file provided with this package - Update Requires from setup.py - New upstream release + Version 2.28.1 + For detailed information about changes see the HISTORY.rst file provided with this package - Update Requires from setup.py - New upstream release + Version 2.27.2 + For detailed information about changes see the HISTORY.rst file provided with this package - Update Requires from setup.py - New upstream release + Version 2.27.0 + For detailed information about changes see the HISTORY.rst file provided with this package - Update Requires from setup.py - New upstream release + Version 2.26.0 + For detailed information about changes see the HISTORY.rst file provided with this package - Update Requires from setup.py - New upstream release (bsc#1187881) + Version 2.25.0 + For detailed information about changes see the HISTORY.rst file provided with this package - Update Requires from setup.py - New upstream release + Version 2.24.2 + For detailed information about changes see the HISTORY.rst file provided with this package - Update Requires from setup.py - New upstream release + Version 2.23.0 + For detailed information about changes see the HISTORY.rst file provided with this package - Update Requires from setup.py - New upstream release + Version 2.21.0 + For detailed information about changes see the HISTORY.rst file provided with this package - Update Requires from setup.py - New upstream release + Version 2.18.0 + For detailed information about changes see the HISTORY.rst file provided with this package - Update Requires from setup.py Changes in azure-cli-core: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 2.36.0 + For detailed information about changes see the HISTORY.rst file provided with this package - Update Requires from setup.py - New upstream release + Version 2.35.0 + For detailed information about changes see the HISTORY.rst file provided with this package - Update Requires from setup.py - New upstream release + Version 2.34.1 + For detailed information about changes see the HISTORY.rst file provided with this package - New upstream release + Version 2.33.1 + For detailed information about changes see the HISTORY.rst file provided with this package - New upstream release + Version 2.33.0 + For detailed information about changes see the HISTORY.rst file provided with this package - New upstream release + Version 2.32.0 + For detailed information about changes see the HISTORY.rst file provided with this package - Update Requires from setup.py - New upstream release + Version 2.31.0 + For detailed information about changes see the HISTORY.rst file provided with this package - Remove bogus python-PyYAML dependency from Requires (bsc#1193394) - Update Requires from setup.py - New upstream release + Version 2.30.0 + For detailed information about changes see the HISTORY.rst file provided with this package - Update Requires from setup.py - New upstream release + Version 2.29.0 + For detailed information about changes see the HISTORY.rst file provided with this package - Update Requires from setup.py - New upstream release + Version 2.28.1 + For detailed information about changes see the HISTORY.rst file provided with this package - New upstream release + Version 2.27.2 + For detailed information about changes see the HISTORY.rst file provided with this package - New upstream release + Version 2.27.0 + For detailed information about changes see the HISTORY.rst file provided with this package - New upstream release + Version 2.26.0 + For detailed information about changes see the HISTORY.rst file provided with this package - Update Requires from setup.py - New upstream release (bsc#1187881) + Version 2.25.0 + For detailed information about changes see the HISTORY.rst file provided with this package - Update Requires from setup.py - New upstream release + Version 2.24.2 + For detailed information about changes see the HISTORY.rst file provided with this package - Update Requires from setup.py - New upstream release + Version 2.23.0 + For detailed information about changes see the HISTORY.rst file provided with this package - Update Requires from setup.py - New upstream release + Version 2.21.0 + For detailed information about changes see the HISTORY.rst file provided with this package - Update Requires from setup.py - New upstream release + Version 2.18.0 + For detailed information about changes see the HISTORY.rst file provided with this package - Rework patch to disable automatic check for updates to fix a crash when calling 'az --version' (bsc#1180930) + acc_disable-update-check.patch - Update Requires from setup.py Changes in python-adal: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.2.7 + For detailed information about changes see the HISTORY.txt file provided with this package - New upstream release + Version 1.2.6 + For detailed information about changes see the HISTORY.txt file provided with this package - Only build Python3 flavors for distributions 15 and greater - New upstream release + Version 1.2.5 + For detailed information about changes see the HISTORY.txt file provided with this package - Update HISTORY.txt from github releases page Changes in python-applicationinsights: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 0.11.10 + For detailed information about changes see the CHANGELOG.md file provided with this package - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-agrifood-farming: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0b1 Changes in python-azure-agrifood-nspkg: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0 Changes in python-azure-ai-anomalydetector: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 3.0.0b3 + For detailed information about changes see the CHANGELOG.md file provided with this package - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-ai-formrecognizer: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-ai-language-nspkg: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0 Changes in python-azure-ai-language-questionanswering: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0b2 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Initial build + Version 1.0.0b1 Changes in python-azure-ai-metricsadvisor: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b4 - New upstream release + Version 1.0.0b4 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 1.0.0b3 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater - New upstream release + Version 1.0.0b2 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py Changes in python-azure-ai-nspkg: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Fix issues with Python multi-flavor builds + Create directories using %pythond_expand in %install section + Use canonical %{python_sitelib} path in %files section - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-ai-textanalytics: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 5.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 5.1.0.0 to ensure proper upgrade from previous version 5.1.0b7 - Update Requires from setup.py - New upstream release + Version 5.1.0b7 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 5.1.0b6 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 5.1.0b3 + For detailed information about changes see the CHANGELOG.md file provided with this package - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-ai-translation-document: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0b6 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 1.0.0b5 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 1.0.0b4 + For detailed information about changes see the CHANGELOG.md file provided with this package - Initial build + Version 1.0.0b3 Changes in python-azure-ai-translation-nspkg: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0 Changes in python-azure-appconfiguration: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.3.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Remove temporary version override - New upstream release + Version 1.2.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.2.0.0 to ensure proper upgrade from previous version 1.2.0b2 - New upstream release + Version 1.2.0b2 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 1.2.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-applicationinsights: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 0.1.1 - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-batch: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 12.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 11.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-cognitiveservices-anomalydetector: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-cognitiveservices-formrecognizer: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-cognitiveservices-inkrecognizer: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-cognitiveservices-knowledge-nspkg: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Fix issues with Python multi-flavor builds + Create directories using %pythond_expand in %install section + Use canonical %{python_sitelib} path in %files section - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-cognitiveservices-knowledge-qnamaker: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater - New upstream release + Version 0.3.0 + For detailed information about changes see the CHANGELOG.md file provided with this package Changes in python-azure-cognitiveservices-language-luis: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-cognitiveservices-language-nspkg: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Fix issues with Python multi-flavor builds + Create directories using %pythond_expand in %install section + Use canonical %{python_sitelib} path in %files section - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-cognitiveservices-language-spellcheck: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-cognitiveservices-language-textanalytics: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 0.2.1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater + Version 0.2.0 Changes in python-azure-cognitiveservices-nspkg: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Fix issues with Python multi-flavor builds + Create directories using %pythond_expand in %install section + Use canonical %{python_sitelib} path in %files section - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-cognitiveservices-personalizer: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-cognitiveservices-search-autosuggest: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-cognitiveservices-search-customimagesearch: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-cognitiveservices-search-customsearch: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-cognitiveservices-search-entitysearch: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-cognitiveservices-search-imagesearch: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-cognitiveservices-search-newssearch: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-cognitiveservices-search-nspkg: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Fix issues with Python multi-flavor builds + Create directories using %pythond_expand in %install section + Use canonical %{python_sitelib} path in %files section - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-cognitiveservices-search-videosearch: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-cognitiveservices-search-visualsearch: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-cognitiveservices-search-websearch: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-cognitiveservices-vision-computervision: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 0.9.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 0.8.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-cognitiveservices-vision-contentmoderator: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-cognitiveservices-vision-customvision: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater - New upstream release + Version 3.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package Changes in python-azure-cognitiveservices-vision-face: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 0.6.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 0.5.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-cognitiveservices-vision-nspkg: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Fix issues with Python multi-flavor builds + Create directories using %pythond_expand in %install section + Use canonical %{python_sitelib} path in %files section - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-common: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.1.28 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 1.1.27 + For detailed information about changes see the CHANGELOG.md file provided with this package - Only build Python3 flavors for distributions 15 and greater - New upstream release + Version 1.1.26 + For detailed information about changes see the CHANGELOG.md file provided with this package Changes in python-azure-communication-administration: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0b4 + For detailed information about changes see the CHANGELOG.md file provided with this package - Only build Python3 flavors for distributions 15 and greater - New upstream release + Version 1.0.0b3 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py Changes in python-azure-communication-chat: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Remove temporary version override - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Temporarily override package version to 1.0.0.0 to allow upgrades from the previous 1.0.0b5 version - Update Requires from setup.py - New upstream release + Version 1.0.0b5 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 1.0.0b4 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater - New upstream release + Version 1.0.0b3 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py Changes in python-azure-communication-identity: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.1 Changes in python-azure-communication-networktraversal: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b2 - New upstream release + Version 1.0.0b2 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Initial build + Version 1.0.0b1 Changes in python-azure-communication-nspkg: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-communication-phonenumbers: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.1 Changes in python-azure-communication-sms: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Remove temporary version override - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Temporarily override package version to 1.0.0.0 to allow upgrades from the previous 1.0.0b6 version - Update Requires from setup.py - New upstream release + Version 1.0.0b6 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater - New upstream release + Version 1.0.0b4 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py Changes in python-azure-confidentialledger: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0b1 Changes in python-azure-containerregistry: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b7 - New upstream release + Version 1.0.0b7 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 1.0.0b6 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 1.0.0b5 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 1.0.0b4 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 1.0.0b3 + For detailed information about changes see the CHANGELOG.md file provided with this package - Initial build + Version 1.0.0b2 Changes in python-azure-core: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Add patch to lower typing-extensions version requirement in setup.py + ac_lower-typing-extensions-version.patch - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-core-tracing-opencensus: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0b8 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 1.0.0b7 + For detailed information about changes see the CHANGELOG.md file provided with this package - Only build Python3 flavors for distributions 15 and greater - New upstream release + Version 1.0.0b6 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.md to CHANGELOG.md in %files section - Initial build + Version 1.0.0b5 Changes in python-azure-core-tracing-opentelemetry: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0b9 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update BuildRequires and Requires from setup.py - New upstream release + Version 1.0.0b8 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 1.0.0b7 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.md to CHANGELOG.md in %files section - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater - Initial build + Version 1.0.0b1 Changes in python-azure-cosmos: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-data-nspkg: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-data-tables: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 12.3.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename LICENSE.txt to LICENSE in %files section - Update Requires from setup.py - New upstream release + Version 12.2.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 12.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Remove temporary version override - New upstream release + Version 12.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 12.0.0.0 to ensure proper upgrade from previous version 12.0.0b7 - New upstream release + Version 12.0.0b7 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 12.0.0b6 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 12.0.0b5 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 12.0.0b4 + For detailed information about changes see the CHANGELOG.md file provided with this package - Only build Python3 flavors for distributions 15 and greater - New upstream release + Version 12.0.0b3 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py Changes in python-azure-datalake-store: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 0.0.52 + For detailed information about changes see the HISTORY.rst file provided with this package - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-devops: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Revert previous change use to %pyunittest to invoke testsuite - %check: use %pyunittest rpm macro - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-digitaltwins-core: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0 Changes in python-azure-digitaltwins-nspkg: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0 Changes in python-azure-eventgrid: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 4.7.1 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 4.7.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 4.6.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 4.5.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 4.4.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 4.3.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 4.2.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 4.1.1 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 4.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-eventhub: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 5.7.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 5.6.1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 5.6.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 5.5.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 5.4.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 5.3.1 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 5.3.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-eventhub-checkpointstoreblob: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.1.4 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 1.1.3 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update BuildRequires and Requires from setup.py - New upstream release + Version 1.1.2 + For detailed information about changes see the CHANGELOG.md file provided with this package - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-eventhub-checkpointstoreblob-aio: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.1.4 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 1.1.3 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 1.1.2 + For detailed information about changes see the CHANGELOG.md file provided with this package - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-functions-devops-build: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-graphrbac: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-identity: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.10.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Drop patches for issues fixed upstream + ai_relax-python-depends.patch - Override upstream version with 1.10.0.0 to ensure proper upgrade from previous version 1.10.0b1 - Update Requires from setup.py - New upstream release + Version 1.10.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Add patch to relax Python dependencies in setup.py + ai_relax-python-depends.patch - Update Requires from setup.py - New upstream release + Version 1.9.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 1.8.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 1.7.1 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 1.7.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 1.6.1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Remove temporary version override - New upstream release + Version 1.6.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.6.0.0 to ensure proper upgrade from previous version 1.6.0b3 - New upstream release + Version 1.6.0b3 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 1.6.0b2 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-keyvault: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-keyvault-administration: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 4.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 4.0.0.0 to ensure proper upgrade from previous version 4.0.0b3 - Update Requires from setup.py - New upstream release + Version 4.0.0b3 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-keyvault-certificates: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 4.3.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-keyvault-keys: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 4.5.1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Remove temporary version override - New upstream release + Version 4.5.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 4.5.0.0 to ensure proper upgrade from previous version 4.5.0b6 - New upstream release + Version 4.5.0b6 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 4.5.0b5 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 4.5.0b4 + For detailed information about changes see the CHANGELOG.md file provided with this package - Remove temporary version override - New upstream release + Version 4.4.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 4.4.0.0 to ensure proper upgrade from previous version 4.4.0b4 - New upstream release + Version 4.4.0b4 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 4.4.0b3 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 4.3.1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-keyvault-nspkg: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Fix issues with Python multi-flavor builds + Switch to explicit namespace packages on Python 3 (PEP 420) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-keyvault-secrets: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 4.3.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-loganalytics: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 0.1.1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-media-nspkg: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0 Changes in python-azure-media-videoanalyzer-edge: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0b4 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 1.0.0b3 + For detailed information about changes see the CHANGELOG.md file provided with this package - Initial build + Version 1.0.0b2 Changes in python-azure-messaging-nspkg: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0 Changes in python-azure-messaging-webpubsubservice: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Remove temporary version override - Update Requires from setup.py - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b2 - Update Requires from setup.py - Initial build + Version 1.0.0b2 Changes in python-azure-mgmt: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Add additional packages from the Azure SDK to Requires + python-azure-mgmt-app - Add additional packages from the Azure SDK to Requires + python-azure-mgmt-agfood + python-azure-mgmt-agrifood + python-azure-mgmt-avs + python-azure-mgmt-chaos + python-azure-mgmt-connectedvmware + python-azure-mgmt-dataprotection + python-azure-mgmt-deviceupdate + python-azure-mgmt-digitaltwins + python-azure-mgmt-edgeorder + python-azure-mgmt-elastic + python-azure-mgmt-extendedlocation + python-azure-mgmt-fluidrelay + python-azure-mgmt-guestconfig + python-azure-mgmt-hybridnetwork + python-azure-mgmt-loadtestservice + python-azure-mgmt-logz + python-azure-mgmt-mobilenetwork + python-azure-mgmt-oep + python-azure-mgmt-orbital + python-azure-mgmt-purview + python-azure-mgmt-quantum + python-azure-mgmt-quota + python-azure-mgmt-recoveryservicessiterecovery + python-azure-mgmt-resourceconnector + python-azure-mgmt-resourcehealth + python-azure-mgmt-servicefabricmanagedclusters + python-azure-mgmt-servicelinker + python-azure-mgmt-storagepool + python-azure-mgmt-testbase + python-azure-mgmt-videoanalyzer + python-azure-mgmt-webpubsub - Add additional packages from the Azure SDK to Requires + python-azure-mgmt-azureadb2c + python-azure-mgmt-confluent + python-azure-mgmt-customproviders + python-azure-mgmt-databox + python-azure-mgmt-datadog + python-azure-mgmt-hybridkubernetes + python-azure-mgmt-maintenance + python-azure-mgmt-portal + python-azure-mgmt-powerbidedicated + python-azure-mgmt-support + python-azure-mgmt-timeseriesinsights - Remove all version constraints in Requires - Only build Python3 flavors for distributions 15 and greater - Add additional packages from the Azure SDK to Requires + python-azure-mgmt-databoxedge - Update version numbers for component packages in Requires + python-azure-mgmt-attestation >= 0.2.0 + python-azure-mgmt-billing >= 1.0.0 + python-azure-mgmt-communication >= 1.0.0b4 + python-azure-mgmt-compute >= 18.0.0 + python-azure-mgmt-containerservice >= 10.1.0 + python-azure-mgmt-datafactory >= 0.14.0 + python-azure-mgmt-datamigration >= 4.1.0 + python-azure-mgmt-hdinsight >= 2.0.0 + python-azure-mgmt-healthcareapis >= 0.2.0 + python-azure-mgmt-kusto >= 0.10.0 + python-azure-mgmt-loganalytics >= 2.0.0 + python-azure-mgmt-media >= 3.0.0 + python-azure-mgmt-netapp >= 0.14.0 + python-azure-mgmt-policyinsights >= 0.6.0 + python-azure-mgmt-security >= 0.6.0 - Update version numbers for component packages in Requires Changes in python-azure-mgmt-advisor: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 9.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-agfood: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0b1 Changes in python-azure-mgmt-agrifood: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0b1 Changes in python-azure-mgmt-alertsmanagement: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b1 - New upstream release + Version 1.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-apimanagement: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 3.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 2.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 2.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-app: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0b1 Changes in python-azure-mgmt-appconfiguration: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 2.1.0b2 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 2.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-applicationinsights: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 3.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 2.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 2.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Remove temporary version override - Update Requires from setup.py - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b1 - New upstream release + Version 1.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-appplatform: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 7.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 6.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Remove temporary version override - New upstream release + Version 6.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 6.0.0.0 to ensure proper upgrade from previous version 6.0.0b1 - Update Requires from setup.py - New upstream release + Version 6.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-attestation: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b1 - New upstream release + Version 1.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater - New upstream release + Version 0.2.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Remove temporary version override - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section Changes in python-azure-mgmt-authorization: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-automanage: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0b2 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-automation: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.1.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-avs: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 7.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Initial build + Version 2.0.0 Changes in python-azure-mgmt-azureadb2c: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0b1 Changes in python-azure-mgmt-azurestack: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b1 - Update Requires from setup.py - New upstream release + Version 1.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-azurestackhci: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 6.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Remove temporary version override - Update Requires from setup.py - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0rc1 - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-batch: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 16.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 16.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 15.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 14.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-batchai: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 7.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-billing: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 6.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-botservice: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 0.3.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-cdn: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 12.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 11.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 10.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 6.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-chaos: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0b2 + For detailed information about changes see the CHANGELOG.md file provided with this package - Initial build + Version 1.0.0b1 Changes in python-azure-mgmt-cognitiveservices: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 13.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 13.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 12.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 11.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-commerce: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 6.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-communication: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b4 - Only build Python3 flavors for distributions 15 and greater - New upstream release + Version 1.0.0b4 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py Changes in python-azure-mgmt-compute: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 26.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 26.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 25.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 24.0.1 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 24.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 23.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 23.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 22.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 22.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 21.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 20.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 19.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-confluent: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b1 - Initial build + Version 1.0.0b1 Changes in python-azure-mgmt-connectedvmware: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0b1 Changes in python-azure-mgmt-consumption: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 9.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 8.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-containerinstance: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 9.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 9.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 8.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Downgrade to previous upstream release + Version 2.0.0 + Required to unbreak Azure CLI packages (bsc#1183865) + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 7.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-containerregistry: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 9.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 9.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 8.2.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 8.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Remove temporary version override - New upstream release + Version 8.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 8.0.0.0 to ensure proper upgrade from previous version 8.0.0b1 - Update Requires from setup.py - New upstream release + Version 8.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-containerservice: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 19.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 19.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 18.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 17.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 16.4.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 16.3.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 16.2.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 16.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 16.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 15.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 15.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 14.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater - New upstream release + Version 10.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package Changes in python-azure-mgmt-core: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.3.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.3.0.0 to ensure proper upgrade from previous version 1.3.0b3 - New upstream release + Version 1.3.0b3 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 1.3.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-cosmosdb: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 7.0.0b2 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 6.4.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 6.3.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 6.2.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 6.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 6.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-costmanagement: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 3.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 2.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Remove temporary version override - Update Requires from setup.py - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b1 - New upstream release + Version 1.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-customproviders: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b1 - Update Requires from setup.py - Initial build + Version 1.0.0b1 Changes in python-azure-mgmt-databox: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b1 - Initial build + Version 1.0.0b1 Changes in python-azure-mgmt-databoxedge: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b1 - Update file list in %files section - Update Requires from setup.py - New upstream release + Version 1.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-databricks: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b1 - New upstream release + Version 1.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-datadog: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 2.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Remove temporary version override - Update Requires from setup.py - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b3 - New upstream release + Version 1.0.0b3 + For detailed information about changes see the CHANGELOG.md file provided with this package - Initial build + Version 1.0.0b2 Changes in python-azure-mgmt-datafactory: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 2.3.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 2.2.1 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 2.2.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 2.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 2.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 1.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section - Update Requires from setup.py - New upstream release + Version 0.15.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Only build Python3 flavors for distributions 15 and greater - New upstream release + Version 0.14.0 + For detailed information about changes see the CHANGELOG.md file provided with this package Changes in python-azure-mgmt-datalake-analytics: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-datalake-nspkg: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Fix issues with Python multi-flavor builds + Create directories using %pythond_expand in %install section + Use canonical %{python_sitelib} path in %files section - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-datalake-store: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-datamigration: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 10.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 9.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater - New upstream release + Version 4.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section Changes in python-azure-mgmt-dataprotection: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0b1 Changes in python-azure-mgmt-datashare: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b1 - Update Requires from setup.py - New upstream release + Version 1.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-deploymentmanager: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b1 - Update Requires from setup.py - New upstream release + Version 1.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-deviceupdate: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0b3 Changes in python-azure-mgmt-devspaces: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-devtestlabs: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-digitaltwins: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 6.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Initial build + Version 6.0.0 Changes in python-azure-mgmt-dns: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 8.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-documentdb: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-edgegateway: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-edgeorder: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b1 - Initial build + Version 1.0.0b1 Changes in python-azure-mgmt-elastic: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0 Changes in python-azure-mgmt-eventgrid: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 10.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 10.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 9.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 8.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-eventhub: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 10.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 9.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 9.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-extendedlocation: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b2 - Initial build + Version 1.0.0b2 Changes in python-azure-mgmt-fluidrelay: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0b1 Changes in python-azure-mgmt-frontdoor: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b1 - New upstream release + Version 1.0.0b1 + For detailed information about changes see the HISTORY.txt file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-guestconfig: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0b1 Changes in python-azure-mgmt-hanaonazure: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b1 - Update Requires from setup.py - New upstream release + Version 1.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-hdinsight: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 9.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 8.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 7.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-healthcareapis: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b1 - Update Requires from setup.py - New upstream release + Version 1.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater - New upstream release + Version 0.2.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section Changes in python-azure-mgmt-hybridcompute: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 7.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 7.0.0.0 to ensure proper upgrade from previous version 7.0.0b1 - Update Requires from setup.py - New upstream release + Version 7.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-hybridkubernetes: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Remove temporary version override - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b1 - Update Requires from setup.py - Initial build + Version 1.0.0b1 Changes in python-azure-mgmt-hybridnetwork: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0 Changes in python-azure-mgmt-imagebuilder: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b1 - New upstream release + Version 1.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-iotcentral: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 9.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 9.0.0.0 to ensure proper upgrade from previous version 9.0.0b1 - New upstream release + Version 9.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 4.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 4.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-iothub: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 2.2.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 2.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 2.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-iothubprovisioningservices: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-keyvault: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 9.3.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 9.2.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 9.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 9.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-kubernetesconfiguration: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b1 - Update Requires from setup.py - New upstream release + Version 1.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-kusto: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 2.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 2.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Remove temporary version override - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b1 - New upstream release + Version 1.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater - New upstream release + Version 0.10.0 + For detailed information about changes see the CHANGELOG.md file provided with this package Changes in python-azure-mgmt-labservices: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b1 - Update Requires from setup.py - New upstream release + Version 1.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-loadtestservice: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0b1 Changes in python-azure-mgmt-loganalytics: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 13.0.0b2 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 12.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 11.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 10.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 9.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 8.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 7.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater - New upstream release + Version 2.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package Changes in python-azure-mgmt-logic: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 9.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-logz: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b1 - Initial build + Version 1.0.0b1 Changes in python-azure-mgmt-machinelearningcompute: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-machinelearningservices: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-maintenance: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 2.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Remove temporary version override - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b1 - Update Requires from setup.py - Initial build + Version 1.0.0b1 Changes in python-azure-mgmt-managedservices: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 6.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 6.0.0.0 to ensure proper upgrade from previous version 6.0.0b1 - Update Requires from setup.py - New upstream release + Version 6.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-managementgroups: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b1 - Update Requires from setup.py - New upstream release + Version 1.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-managementpartner: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b1 - Update Requires from setup.py - New upstream release + Version 1.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-maps: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 2.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Remove temporary version override - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b1 - Update Requires from setup.py - New upstream release + Version 1.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-marketplaceordering: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-media: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 9.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 8.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Remove temporary version override - New upstream release + Version 7.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 7.0.0.0 to ensure proper upgrade from previous version 7.0.0b1 - Update Requires from setup.py - New upstream release + Version 7.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater - New upstream release + Version 3.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package CHANGELOG.md file provided with this package Changes in python-azure-mgmt-mixedreality: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b1 - Update Requires from setup.py - New upstream release + Version 1.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-mobilenetwork: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0b1 Changes in python-azure-mgmt-monitor: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 3.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 3.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 2.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-msi: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 6.0.1 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 6.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section - Updates Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-netapp: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 7.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 6.0.1 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 6.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 5.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 5.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 4.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 2.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 0.15.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-network: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 19.3.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 19.2.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 19.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 19.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 18.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-notificationhubs: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 8.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 7.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-nspkg: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Fix issues with Python multi-flavor builds + Create directories using %pythond_expand in %install section + Use canonical %{python_sitelib} path in %files section - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-oep: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0b1 Changes in python-azure-mgmt-orbital: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0b1 Changes in python-azure-mgmt-peering: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b1 - Update Requires from setup.py - New upstream release + Version 1.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-policyinsights: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater - New upstream release + Version 0.6.0 + For detailed information about changes see the CHANGELOG.md file provided with this package Changes in python-azure-mgmt-portal: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0b1 Changes in python-azure-mgmt-powerbidedicated: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b1 - Initial build + Version 1.0.0b1 Changes in python-azure-mgmt-powerbiembedded: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-privatedns: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b1 - New upstream release + Version 1.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-purview: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0 Changes in python-azure-mgmt-quantum: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0b2 Changes in python-azure-mgmt-quota: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0b2 + For detailed information about changes see the CHANGELOG.md file provided with this package - Initial build + Version 1.0.0b1 Changes in python-azure-mgmt-rdbms: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 10.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 10.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Remove temporary version override - New upstream release + Version 9.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 9.1.0.0 to ensure proper upgrade from previous version 9.1.0b1 - New upstream release + Version 9.1.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 9.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Remove temporary version override - New upstream release + Version 8.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 8.1.0.0 to ensure proper upgrade from previous version 8.1.0b4 - New upstream release + Version 8.1.0b4 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 8.1.0b2 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 8.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-recoveryservices: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 2.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-recoveryservicesbackup: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 5.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 4.2.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 4.1.1 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 4.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 4.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 3.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 1.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 0.11.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 0.10.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-recoveryservicessiterecovery: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0b1 Changes in python-azure-mgmt-redhatopenshift: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b1 - Update Requires from setup.py - New upstream release + Version 1.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-redis: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 13.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 13.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 12.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-regionmove: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-relay: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-reservations: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-resource: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 20.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 20.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 19.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 18.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 16.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Downgrade to previous upstream release + Version 12.0.0 + Required to unbreak Azure CLI packages + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-resourceconnector: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0b1 Changes in python-azure-mgmt-resourcegraph: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 8.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 7.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-resourcehealth: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0b1 Changes in python-azure-mgmt-resourcemover: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.1.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-scheduler: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-search: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 8.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-security: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 2.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-serialconsole: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-servermanager: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-servicebus: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 7.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 7.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 6.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-servicefabric: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 2.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Remove temporary version override - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b1 - Update Requires from setup.py - New upstream release + Version 1.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-servicefabricmanagedclusters: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0 Changes in python-azure-mgmt-servicelinker: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b2 - New upstream release + Version 1.0.0b2 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Initial build + Version 1.0.0b1 Changes in python-azure-mgmt-signalr: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b2 - New upstream release + Version 1.0.0b2 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 1.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-sql: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 4.0.0b2 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 3.0.1 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 3.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-sqlvirtualmachine: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0b2 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 1.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-storage: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 20.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 19.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 19.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 18.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 17.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 17.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-storagecache: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.2.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 1.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 0.5.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Summary and %description from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-storageimportexport: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-storagepool: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0 Changes in python-azure-mgmt-storagesync: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b1 - Update Requires from setup.py - New upstream release + Version 1.0.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-streamanalytics: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0rc1 - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-subscription: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 2.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-support: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 6.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 6.0.0.0 to ensure proper upgrade from previous version 6.0.0b1 - Initial build + Version 6.0.0b1 Changes in python-azure-mgmt-synapse: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 2.1.0b2 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 2.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 0.6.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-testbase: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0b1 Changes in python-azure-mgmt-timeseriesinsights: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b1 - Initial build + Version 1.0.0b1 Changes in python-azure-mgmt-trafficmanager: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename HISTORY.rst to CHANGELOG.md in %files section - Rename README.rst to README.md in %files section - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-videoanalyzer: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0b3 Changes in python-azure-mgmt-vmwarecloudsimple: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-web: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 6.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 6.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 5.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 2.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-mgmt-webpubsub: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0 Changes in python-azure-mixedreality-authentication: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0b1 Changes in python-azure-mixedreality-nspkg: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0 Changes in python-azure-monitor: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-monitor-nspkg: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0 Changes in python-azure-monitor-query: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Remove temporary version override - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b3 - New upstream release + Version 1.0.0b3 + For detailed information about changes see the CHANGELOG.md file provided with this package - Initial build + Version 1.0.0b2 Changes in python-azure-multiapi-storage: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 0.9.0 + For detailed information about changes see the README.rst file provided with this package - New upstream release + Version 0.8.0 + For detailed information about changes see the README.rst file provided with this package - New upstream release + Version 0.7.0 + For detailed information about changes see the README.rst file provided with this package - New upstream release + Version 0.6.2 + For detailed information about changes see the README.rst file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-nspkg: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Fix issues with Python multi-flavor builds + Create directories using %pythond_expand in %install section + Use canonical %{python_sitelib} path in %files section - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-purview-account: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0b1 Changes in python-azure-purview-administration: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0b1 Changes in python-azure-purview-catalog: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0b3 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Initial build + Version 1.0.0b2 Changes in python-azure-purview-nspkg: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 2.0.0 Changes in python-azure-purview-scanning: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0b2 Changes in python-azure-schemaregistry: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 1.0.0.0 to ensure proper upgrade from previous version 1.0.0b3 - Update Requires from setup.py - Initial build + Version 1.0.0b3 Changes in python-azure-schemaregistry-avroserializer: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 1.0.0b4 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update file paths in %files section - Update Requires from setup.py - Initial build + Version 1.0.0b3 Changes in python-azure-sdk: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Add additional packages from the Azure SDK to Requires + python-azure-agrifood-farming + python-azure-agrifood-nspkg + python-azure-ai-formrecognizer + python-azure-ai-language-nspkg + python-azure-ai-language-questionanswering + python-azure-ai-translation-document + python-azure-ai-translation-nspkg + python-azure-communication-identity + python-azure-communication-networktraversal + python-azure-communication-phonenumbers + python-azure-confidentialledger + python-azure-containerregistry + python-azure-core-tracing-opencensus + python-azure-core-tracing-opentelemetry + python-azure-data-tables + python-azure-digitaltwins-core + python-azure-digitaltwins-nspkg + python-azure-eventhub-checkpointstoreblob-aio + python-azure-media-nspkg + python-azure-media-videoanalyzer-edge + python-azure-messaging-nspkg + python-azure-messaging-webpubsubservice + python-azure-mixedreality-authentication + python-azure-mixedreality-nspkg + python-azure-monitor-nspkg + python-azure-monitor-query + python-azure-purview-account + python-azure-purview-administration + python-azure-purview-catalog + python-azure-purview-nspkg + python-azure-purview-scanning + python-azure-schemaregistry + python-azure-schemaregistry-avroserializer + python-azure-security-attestation + python-azure-security-nspkg + python-azure-storage-file-datalake + python-azure-storage-file-share + python-azure-storage-queue + python-azure-synapse-managedprivateendpoints + python-azure-synapse-monitoring + python-azure-template - Remove packages that are included via python-azure-mgmt from Requires + python-azure-mgmt-commerce + python-azure-mgmt-documentdb + python-azure-mgmt-iothubprovisioningservices + python-azure-mgmt-servermanager + python-azure-mgmt-web Changes in python-azure-search-documents: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 11.2.1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Remove temporary version override - New upstream release + Version 11.2.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Override upstream version with 11.2.0.0 to ensure proper upgrade from previous version 11.2.0b2 - Update Requires from setup.py - New upstream release + Version 11.2.0b2 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 11.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-search-nspkg: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Fix issues with Python multi-flavor builds + Create directories using %pythond_expand in %install section + Use canonical %{python_sitelib} path in %files section - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-security-attestation: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0 Changes in python-azure-security-nspkg: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build + Version 1.0.0 Changes in python-azure-servicebus: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 7.6.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 7.5.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 7.4.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 7.3.4 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 7.3.3 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 7.3.1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 7.3.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 7.1.1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 7.1.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 7.0.1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-servicefabric: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 8.2.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 8.0.0.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater - New upstream release + Version 7.2.0.46 + For detailed information about changes see the CHANGELOG.md file provided with this package Changes in python-azure-servicemanagement-legacy: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-storage-blob: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-storage-common: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-storage-file: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-storage-file-datalake: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 12.6.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename LICENSE.txt to LICENSE in %files section - Update Requires from setup.py - New upstream release + Version 12.5.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 12.4.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 12.3.1 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 12.3.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - Only build Python3 flavors for distributions 15 and greater - New upstream release + Version 12.2.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py Changes in python-azure-storage-file-share: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 12.7.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Rename LICENSE.txt to LICENSE in %files section - Update Requires from setup.py - New upstream release + Version 12.6.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 12.5.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 12.4.1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 12.4.0b1 + For detailed information about changes see the CHANGELOG.md file provided with this package - Only build Python3 flavors for distributions 15 and greater - New upstream release + Version 12.3.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py Changes in python-azure-storage-nspkg: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-storage-queue: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-synapse-accesscontrol: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 0.7.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 0.6.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 0.4.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-synapse-artifacts: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 0.12.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 0.11.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 0.10.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Update Requires from setup.py - New upstream release + Version 0.9.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 0.8.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 0.6.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 0.5.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 0.4.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-synapse-monitoring: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-synapse-nspkg: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-synapse-spark: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - New upstream release + Version 0.7.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 0.6.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 0.5.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - New upstream release + Version 0.4.0 + For detailed information about changes see the CHANGELOG.md file provided with this package - Only build Python3 flavors for distributions 15 and greater Changes in python-azure-template: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater - New upstream release + Version 0.1.0b1438905 + For detailed information about changes see the CHANGELOG.md file provided with this package Changes in python-msal: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Update to version 1.17.0 + New: Define some Cloud Instance constants and the usage pattern of using them (#221, #433) + Enhancement: Lazy-load dependencies so that the start-up and run time will usually be faster. (#423, #454) + Enhancement: Bubble up token refresh exceptions (#431, #434) + Enhancement: Documents a simpler http_cache usage pattern (#439) + Enhancement: Expose authority discovery error for troubleshooting (#443) + Enhancement: Actionable exception message when local machine time error is detected (#446, #449, #453) + Enhancement: Actionable exception message when username password flow encounters errors with ADFS (#456, #458) - Update to version 1.16.0 + New feature: Introducing a new http_cache parameter, whose documentation is available by searching http_cache (dict) from our API Reference Doc (Implementation #407). If an app utilizes this feature, it will also address #80 & #334. + Improvement: Prevent concurrent interactive flows listening on same port when running on Windows (#427) + Improvement: Detecting Regional Endpoint from env var. Also ensure the entire regional endpoint behavior needs to opt in. (#425) - from version 1.15.0 + New feature: Now both initiate_auth_code_flow() and acquire_token_interactive() accept a new optional parameter max_age which is the allowable elapsed time in seconds since the last time the End-User was actively authenticated. If the elapsed time is greater than this value, Microsoft identity platform will actively re-authenticate the End-User. (#381, #389) + Improvement: MSAL will now automatically utilize a backup authentication system, to provide better resiliency. (#376, #395, #409) + Improvement: Previously, acquire_token_interactive() was not able to be aborted by CTRL+C when running on Windows. It is now fixed. (#393, #404) + Bugfix: The http cache feature shipped in #379 came with an unexpected side effect to slow down the Device Code Flow. Now fixed. (#408, #410) + Change: Adopting cryptography 35.0.0 (#414) - from version 1.14.0 UPDATE: There was a bug in this version, being fixed in subsequent 1.15.0. We recommend everyone to upgrade to msal>=1.15.0,<2. There is no API-level change in this MSAL release. So, all existing apps do not need any code changes. Just upgrade, and your app will gain the following behaviors. + Behavior Change: By default, MSAL Python will launch Edge browser when running on Linux, when Edge is installed on current desktop. (#388) + Behavior Change: MSAL Python will use an in-memory http-level cache. This would improve the latency in normal cases, and improve responsiveness for invalid requests and outage. (#159, #379) + Behavior Change: MSAL Python will no longer use env var REGION_NAME as the Azure region name. (#394, #382) + Bugfix: MSAL Python will no longer throw exception when your app excludes the profile scope. (#387, #390) - from version 1.13.0 + New feature: MSAL supports a confidential client being authenticated by a pre-signed assertion. Usage: cca = ConfidentialClientApplication( ..., client_credential={'client_assertion': '...a JWT with claims aud, exp, iss, jti, nbf, and sub...'}, ...) This can be useful for where the signing takes place externally for example using Azure Key Vault (AKV). AKV sample included (#161, #271). + Improvement: Skip unnecessary and repetitive region detection. (#372, #373) - Update to version 1.12.0 + New feature: MSAL Python supports ConfidentialClientApplication(..., azure_region=...). If your app is deployed in Azure, you can use this new feature to pin a region. (#295, #358) + New feature: Historically MSAL Python attempts to acquire a Refresh Token (RT) by default. Since this version, MSAL Python supports ConfidentialClientApplication(..., excluse_scopes=['offline_access']) to opt out of RT (#207, #361) + Improvement: acquire_token_interactive(...) can also trigger browser when running inside WSL (8d86917) + Adjustment: get_accounts(...) would automatically combine equivalent accounts, so that your account selector widget could be easier to use (#349) + Document: MSAL Python has long been accepting acquire_token_interactive(..., prompt='create'), now we officially documented it. (#356, #360) - from version 1.11.0 + Enhancement: ConfidentialClientApplication also supports acquire_token_by_username_password() now. (#294, #344) + Enhancement: PublicClientApplication's acquire_token_interactive() also supports WSL Ubuntu 18.04 (#332, #333) + Enhancement: Enable a retry once behavior on connection error. (But this is only available from the default http client. If your app supplies your customized http_client via MSAL constructors, it is your http_client's job to decide whether retry.) (#326) + Enhancement: MSAL improves the internal telemetry mechanism. (#137, #175, #329, #345) + Bugfix: Better compatibility on handling SAML token when using acquire_token_by_username_password() with ADFS. (#336) - Update to version 1.10.0 + Enhancement: Proactive access token (AT) refreshing. Previously, an AT is either valid or expired. If an AT expires and your network happens to have a glitch, your app wouldn't be able to auth. Now, MSAL Python attempts to refresh some AT (typically long-lived AT) half way towards their expiration, and silently ignores the error and retries next time, so that your app would be more resilient. All these happen automatically, without any code change to your app. (#176, #312, #320) + Adjustment: MSAL Python will keep RT in token cache even when its usage encounters an 'invalid_grant' error, so that the RT would likely still be used by other requests. (#314, #315) - from version 1.9.0 + Enhancement: Starting from this version, MSAL will be compatible with both PyJWT 1.x and PyJWT 2.x (#293, #296) + Enhancement: Better support for upcoming Azure CLI's SSH extension (#300, #298) + Enhancement: Better deprecation message for get_authorization_request_url() and acquire_token_by_authorization_code(). (#301, #303) + Enhancement: Better exception message when using incorrect case in client_id. (#304, #307) + Other improvements. - Update to version 1.8.0 + New feature: A new extra_scopes_to_consent parameter is introduced to the acquire_token_interactive(...) API (#212, #286) + Adjustment to previous version 1.7.0: Lazy import webbrowser module only when necessary (#287, #288) - from version 1.7.0 + New feature: A new initiate_auth_code_flow() & acquire_token_by_auth_code_flow() API, which automatically provides PKCE protection for you (#276, #255). (You are recommended to use these 2 new APIs to replace the previous get_authorization_request_url() and acquire_token_by_authorization_code().) + New feature: A new acquire_token_interactive() (#138, #260, #282), comes with a sample (#283) + Bugfix: Now MSAL Python can properly access those Refresh Tokens which were keyed slightly differently by different apps. (#279, #280) - Only build Python3 flavors for distributions 15 and greater Changes in python-msal-extensions: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Update to version 1.0.0 + New: Add a new platform-independent build_encrypted_persistence() API. (#87, #110) + Remove: Old TokenCache API which has been deprecated for 2 years. (#110) + Enhancement: Make all platform-dependent parameters optional (#103) + Enhancement: Provide PersistenceEncryptError and PersistenceDecryptError, currently raised when encryption on Windows fails. (#108) + Enhancement: The data file will be created with 600 permission when running in Unix-like systems. (#107) - Update to version 0.3.1 + Enhancement: Better concurrency (#61, #63, #100) + Bugfix: Now supports user home dir in drive root on Windows (#83, #84) + Enhancement: This package can now be run inside container + Enhancement: Improvement compatibility with PyInstaller 3.5 on Python 2.7 (#85, #91) + Enhancement: Catchable exception when persistence is unavailable (#92, #93) + Enhancement: Support dependency portalocker 2.0+ (#94, #97) + Enhancement: Improve documentation (#77, #102) + Including license in release package (#76) - Only build Python3 flavors for distributions 15 and greater Changes in python-msrest: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-msrestazure: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-opencensus-ext-azure: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Update to 1.1.0 * Enable AAD authorization via TokenCredential (#1021) * Implement attach rate metrics via Statsbeat (#1053) * Implement network metrics via Statsbeat - Success count (#1059) * Implement network metrics via Statsbeat - Others (#1062) * Implement feature and instrumentation metrics via Statsbeat (#1076) * Support stamp specific redirect in exporters (#1078) - Release 1.0.8 * Fix logger.exception with no exception info throwing error (#1006) * Add enable_local_storage to turn on/off local storage + retry + flushing logic (#1016) - Release 1.0.7 * Hotfix (#1004) - Release 1.0.6 * Disable heartbeat metrics in exporters (#984) * Loosen instrumentation key validation to GUID (#986) - Release 1.0.5 * Attach rate metrics via Heartbeat for Web and Function apps (#930) * Attach rate metrics for VM (#935) * Add links in properties for trace exporter envelopes (#936) * Fix attach rate metrics for VM to only ping data service on retry (#946) * Added queue capacity configuration for exporters (#949) - Release 1.0.4 * Remove dependency rate from standard metrics (#903) * Implement customEvents using AzureEventHandler (#925) - Release 1.0.3 * Change default path of local storage (#903) * Add support to initialize azure exporters with proxies (#902) - Remove mock * opencensus-pr1002-remove-mock.patch * gh#census-instrumentation/opencensus-python#1002 - Avoid extensions namespace clash - Initial build + Version 1.0.2 Changes in python-pydocumentdb: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-vsts: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Only build Python3 flavors for distributions 15 and greater Changes in python-vsts-cd-manager: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Remove unnecessary python-mock dependency from Requires - python-mock is not required for build - Only build Python3 flavors for distributions 15 and greater ----------------------------------------- Version 3-Build5.8.728 2024-04-25T09:00:18 ----------------------------------------- Patch: SUSE-2024-1433 Released: Wed Apr 24 21:41:41 2024 Summary: Recommended update for libzypp, zypper Severity: moderate References: 1221525,1221963,1222086,1222398,1223094 Description: This update for libzypp, zypper fixes the following issues: - Fix creation of sibling cache dirs with too restrictive mode (bsc#1222398) - Don't try to refresh volatile media as long as raw metadata are present (bsc#1223094) - Update RepoStatus fromCookieFile according to the files mtime (bsc#1222086) - TmpFile: Don't call chmod if makeSibling failed - Do not try to refresh repo metadata as non-root user (bsc#1222086) - man: Explain how to protect orphaned packages by collecting them in a plaindir repo - packages: Add --autoinstalled and --userinstalled options to list them - Don't print 'reboot required' message if download-only or dry-run - Resepect zypper.conf option `showAlias` search commands (bsc#1221963) - dup: New option --remove-orphaned to remove all orphaned packages in dup (bsc#1221525) ----------------------------------------- Version 3-Build5.8.730 2024-04-26T09:00:19 ----------------------------------------- Patch: SUSE-2024-1439 Released: Thu Apr 25 23:41:12 2024 Summary: Security update for python-idna Severity: moderate References: 1222842,CVE-2024-3651 Description: This update for python-idna fixes the following issues: - CVE-2024-3651: Fixed potential DoS via resource consumption via specially crafted inputs to idna.encode() (bsc#1222842). ----------------------------------------- Version 3-Build5.8.739 2024-05-15T09:00:19 ----------------------------------------- Patch: SUSE-2024-1630 Released: Tue May 14 09:20:44 2024 Summary: Security update for perl Severity: important References: 1047178,1082216,1082233,1210999,CVE-2017-6512,CVE-2018-6798,CVE-2018-6913,CVE-2023-31484 Description: This update for perl fixes the following issues: Security issues fixed: - CVE-2018-6913: Fixed space calculation issues in pp_pack.c (bsc#1082216) - CVE-2018-6798: Fixed heap buffer overflow in regexec.c (bsc#1082233) - CVE-2023-31484: Enabled TLS certificate verification in CPAN (bsc#1210999) - CVE-2017-6512: Fixed File::Path rmtree/remove_tree race condition (bsc#1047178) ----------------------------------------- Patch: SUSE-2024-1633 Released: Tue May 14 11:35:56 2024 Summary: Security update for openssl-1_1 Severity: moderate References: 1222548,CVE-2024-2511 Description: This update for openssl-1_1 fixes the following issues: - CVE-2024-2511: Fixed unconstrained session cache growth in TLSv1.3 (bsc#1222548). ----------------------------------------- Version 3-Build5.8.742 2024-05-25T09:00:18 ----------------------------------------- Patch: SUSE-2024-1774 Released: Fri May 24 15:20:34 2024 Summary: Security update for python3 Severity: important References: 1219559,1220664,1221563,1221854,1222075,CVE-2023-52425,CVE-2024-0450 Description: This update for python3 fixes the following issues: - CVE-2023-52425: Fixed backport so it uses features sniffing, not just comparing version number (bsc#1219559). - CVE-2024-0450: Fixed detecting the vulnerability of 'quoted-overlap' zipbomb (bsc#1221854). ----------------------------------------- Version 3-Build5.8.751 2024-06-12T09:00:19 ----------------------------------------- Patch: SUSE-2024-1977 Released: Tue Jun 11 09:40:51 2024 Summary: Security update for glibc Severity: important References: 1222992,1223423,1223424,1223425,CVE-2024-2961,CVE-2024-33599,CVE-2024-33600,CVE-2024-33601,CVE-2024-33602 Description: This update for glibc fixes the following issues: - nscd: Release read lock after resetting timeout - nscd: Fix use-after-free in addgetnetgrentX (BZ #23520) - CVE-2024-33599; nscd: Stack-based buffer overflow in netgroup cache (bsc#1223423, BZ #31677) - CVE-2024-33600; nscd: Avoid null pointer crashes after notfound response (bsc#1223424, BZ #31678) - CVE-2024-33600: nscd: Do not send missing not-found response in addgetnetgrentX (bsc#1223424, BZ #31678) - CVE-2024-33601, CVE-2024-33602: netgroup: Use two buffers in addgetnetgrentX (bsc#1223425, BZ #31680) - CVE-2024-33602: Use time_t for return type of addgetnetgrentX (bsc#1223425) - CVE-2024-2961: iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (bsc#1222992) ----------------------------------------- Version 3-Build5.8.752 2024-06-13T09:00:21 ----------------------------------------- Patch: SUSE-2024-2009 Released: Wed Jun 12 13:47:43 2024 Summary: Security update for curl Severity: moderate References: 1219273,CVE-2023-27534 Description: This update for curl fixes the following issues: - CVE-2023-27534: Properly resolve ~ when used in a SFTP path. (bsc#1219273) ----------------------------------------- Version 3-Build5.8.753 2024-06-18T09:00:21 ----------------------------------------- Patch: SUSE-2024-2035 Released: Mon Jun 17 09:29:26 2024 Summary: Security update for openssl-1_1 Severity: important References: 1225551,CVE-2024-4741 Description: This update for openssl-1_1 fixes the following issues: - CVE-2024-4741: Fixed a use-after-free with SSL_free_buffers. (bsc#1225551) ----------------------------------------- Version 3-Build5.8.755 2024-06-19T11:23:36 ----------------------------------------- Patch: 33666 Released: Wed Jun 19 08:36:51 2024 Summary: Recommended update for libsolv, libzypp, zypper Severity: important References: 1222086,1223430,1223766 Description: This update for libsolv, libzypp, zypper fixes the following issues: - Improve updating of installed multiversion packages - Fix decision introspection going into an endless loop in some cases - Split libsolv-tools into libsolv-tools-base [jsc#PED-8153] - Improve checks against corrupt rpm - Fixed check for outdated repo metadata as non-root user (bsc#1222086) - Add ZYPP_API for exported functions and switch to visibility=hidden (jsc#PED-8153) - Dynamically resolve libproxy (jsc#PED-8153) - Fix download from gpgkey URL (bsc#1223430) - Delay zypp lock until command options are parsed (bsc#1223766) - Unify message format ----------------------------------------- Version 3-Build5.8.757 2024-06-19T15:33:39 ----------------------------------------- Patch: SUSE-2024-2086 Released: Wed Jun 19 11:48:24 2024 Summary: Recommended update for gcc13 Severity: moderate References: 1188441 Description: This update for gcc13 fixes the following issues: Update to GCC 13.3 release - Removed Fiji support from the GCN offload compiler as that is requiring Code Object version 3 which is no longer supported by llvm18. - Avoid combine spending too much compile-time and memory doing nothing on s390x. [bsc#1188441] - Make requirement to lld version specific to avoid requiring the meta-package. ----------------------------------------- Version 3-Build5.8.760 2024-07-01T09:00:21 ----------------------------------------- Patch: SUSE-2024-2247 Released: Sun Jun 30 15:21:38 2024 Summary: Security update for glib2 Severity: low References: 1224044,CVE-2024-34397 Description: This update for glib2 fixes the following issues: - CVE-2024-34397: Fixed signal subscription unicast spoofing vulnerability (bsc#1224044). ----------------------------------------- Version 3-Build5.8.761 2024-07-02T09:00:21 ----------------------------------------- Patch: SUSE-2024-2249 Released: Mon Jul 1 14:04:23 2024 Summary: Security update for python39 Severity: moderate References: 1226447,1226448,CVE-2024-0397,CVE-2024-4032 Description: This update for python39 fixes the following issues: - CVE-2024-4032: Rearranging definition of private v global IP. (bsc#1226448) - CVE-2024-0397: Remove a memory race condition in ssl.SSLContext certificate store methods. (bsc#1226447) ----------------------------------------- Version 3-Build5.8.762 2024-07-02T12:45:50 ----------------------------------------- Patch: SUSE-2024-2267 Released: Tue Jul 2 10:33:36 2024 Summary: Security update for libxml2 Severity: low References: 1224282,CVE-2024-34459 Description: This update for libxml2 fixes the following issues: - CVE-2024-34459: Fixed buffer over-read in xmlHTMLPrintFileContext in xmllint.c (bsc#1224282). ----------------------------------------- Version 3-Build5.8.765 2024-07-05T09:00:22 ----------------------------------------- Patch: SUSE-2024-2305 Released: Fri Jul 5 00:13:02 2024 Summary: Security update for krb5 Severity: important References: 1227186,1227187,CVE-2024-37370,CVE-2024-37371 Description: This update for krb5 fixes the following issues: - CVE-2024-37370: Fixed confidential GSS krb5 wrap tokens with invalid fields were errouneously accepted (bsc#1227186). - CVE-2024-37371: Fixed invalid memory read when processing message tokens with invalid length fields (bsc#1227187). ----------------------------------------- Version 3-Build5.8.767 2024-07-09T09:00:22 ----------------------------------------- Patch: SUSE-2024-2310 Released: Mon Jul 8 09:15:35 2024 Summary: Recommended update for libssh Severity: moderate References: 1227396 Description: This update for libssh fixes the following issue: - Fix regression parsing IPv6 addresses provided as hostname (bsc#1227396) ----------------------------------------- Version 3-Build5.8.776 2024-08-06T09:00:22 ----------------------------------------- Patch: SUSE-2024-2754 Released: Mon Aug 5 21:03:51 2024 Summary: Security update for skopeo Severity: important References: 1224123,CVE-2024-28180 Description: This update for skopeo fixes the following issues: Update to version 1.14.4: - CVE-2024-3727: Fixed a vulnerability that allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, resource exhaustion, local path traversal and other attacks. (bsc#1224123) ----------------------------------------- Version 3-Build5.8.777 2024-08-07T09:00:23 ----------------------------------------- Patch: SUSE-2024-2791 Released: Tue Aug 6 16:35:06 2024 Summary: Recommended update for various 32bit packages Severity: moderate References: 1228322 Description: This update of various packages delivers 32bit variants to allow running Wine on SLE PackageHub 15 SP6. ----------------------------------------- Version 3-Build5.8.779 2024-08-11T09:00:23 ----------------------------------------- Patch: SUSE-2024-2869 Released: Fri Aug 9 15:59:29 2024 Summary: Security update for ca-certificates-mozilla Severity: important References: 1220356,1227525 Description: This update for ca-certificates-mozilla fixes the following issues: - Updated to 2.68 state of Mozilla SSL root CAs (bsc#1227525) - Added: FIRMAPROFESIONAL CA ROOT-A WEB - Distrust: GLOBALTRUST 2020 - Updated to 2.66 state of Mozilla SSL root CAs (bsc#1220356) Added: - CommScope Public Trust ECC Root-01 - CommScope Public Trust ECC Root-02 - CommScope Public Trust RSA Root-01 - CommScope Public Trust RSA Root-02 - D-Trust SBR Root CA 1 2022 - D-Trust SBR Root CA 2 2022 - Telekom Security SMIME ECC Root 2021 - Telekom Security SMIME RSA Root 2023 - Telekom Security TLS ECC Root 2020 - Telekom Security TLS RSA Root 2023 - TrustAsia Global Root CA G3 - TrustAsia Global Root CA G4 Removed: - Autoridad de Certificacion Firmaprofesional CIF A62634068 - Chambers of Commerce Root - 2008 - Global Chambersign Root - 2008 - Security Communication Root CA - Symantec Class 1 Public Primary Certification Authority - G6 - Symantec Class 2 Public Primary Certification Authority - G6 - TrustCor ECA-1 - TrustCor RootCert CA-1 - TrustCor RootCert CA-2 - VeriSign Class 1 Public Primary Certification Authority - G3 - VeriSign Class 2 Public Primary Certification Authority - G3 ----------------------------------------- Version 3-Build5.8.780 2024-08-12T09:00:23 ----------------------------------------- Patch: SUSE-2024-2870 Released: Mon Aug 12 06:52:03 2024 Summary: Recommended update for libzypp, zypper, libsolv, zypp-plugin Severity: important References: 1081596,1223094,1224771,1225267,1226014,1226030,1226493,1227205,1227625,1227793,1228138,1228206,1228208,1228420,1228787,222971 Description: This update for libzypp, zypper, libsolv, zypp-plugin fixes the following issues: - Make sure not to statically linked installed tools (bsc#1228787) - MediaPluginType must be resolved to a valid MediaHandler (bsc#1228208) - Export asSolvable for YAST (bsc#1228420) - Export CredentialManager for legacy YAST versions (bsc#1228420) - Fix 4 typos in zypp.conf - Fix typo in the geoip update pipeline (bsc#1228206) - Export RepoVariablesStringReplacer for yast2 (bsc#1228138) - Removed dependency on external find program in the repo2solv tool - Fix return value of repodata.add_solv() - New SOLVER_FLAG_FOCUS_NEW flag - Report unsupported compression in solv_xfopen() with errno - Fix return value of repodata.add_solv() in the bindings - Fix SHA-224 oid in solv_pgpvrfy - Translation: updated .pot file. - Conflict with python zypp-plugin < 0.6.4 (bsc#1227793) - Fix int overflow in Provider - Fix error reporting on repoindex.xml parse error (bsc#1227625) - Keep UrlResolverPlugin API public - Blacklist /snap executables for 'zypper ps' (bsc#1226014) - Fix handling of buddies when applying locks (bsc#1225267) - Fix readline setup to handle Ctrl-C and Ctrl-D correctly (bsc#1227205) - Show rpm install size before installing (bsc#1224771) - Install zypp/APIConfig.h legacy include - Update soname due to RepoManager refactoring and cleanup - Workaround broken libsolv-tools-base requirements - Strip ssl_clientkey from repo urls (bsc#1226030) - Remove protobuf build dependency - Lazily attach medium during refresh workflows (bsc#1223094) - Refactor RepoManager and add Service workflows - Let_readline_abort_on_Ctrl-C (bsc#1226493) - packages: add '--system' to show @System packages (bsc#222971) ----------------------------------------- Version 3-Build5.8.784 2024-08-14T13:01:13 ----------------------------------------- Patch: SUSE-2024-2899 Released: Wed Aug 14 02:37:38 2024 Summary: Security update for python-setuptools Severity: important References: 1228105,CVE-2024-6345 Description: This update for python-setuptools fixes the following issues: - CVE-2024-6345: Fixed code execution via download functions in the package_index module (bsc#1228105) ----------------------------------------- Version 3-Build5.8.785 2024-08-14T18:50:20 ----------------------------------------- Patch: SUSE-2024-2909 Released: Wed Aug 14 14:47:44 2024 Summary: Security update for openssl-1_1 Severity: moderate References: 1227138,CVE-2024-5535 Description: This update for openssl-1_1 fixes the following issues: - CVE-2024-5535: Fixed a buffer overread in function SSL_select_next_proto() with an empty supported client protocols buffer (bsc#1227138) ----------------------------------------- Version 3-Build5.8.786 2024-08-15T09:00:24 ----------------------------------------- Patch: SUSE-2024-2912 Released: Wed Aug 14 20:20:13 2024 Summary: Recommended update for cloud-regionsrv-client Severity: important References: 1222985,1223571,1224014,1224016,1227308 Description: This update for cloud-regionsrv-client contains the following fixes: - Update to version 10.3.0 (bsc#1227308, bsc#1222985) + Add support for sidecar registry Podman and rootless Docker support to set up the necessary configuration for the container engines to run as defined + Add running command as root through sudoers file - Update to version 10.2.0 (bsc#1223571, bsc#1224014, bsc#1224016) + In addition to logging, write message to stderr when registration fails + Detect transactional-update system with read only setup and use the transactional-update command to register + Handle operation in a different target root directory for credentials checking ----------------------------------------- Version 3-Build5.8.787 2024-08-16T15:13:01 ----------------------------------------- Patch: SUSE-2024-2930 Released: Thu Aug 15 11:35:03 2024 Summary: Security update for curl Severity: moderate References: 1228535,CVE-2024-7264 Description: This update for curl fixes the following issues: - CVE-2024-7264: Fixed out-of-bounds read in ASN.1 date parser GTime2str() (bsc#1228535) ----------------------------------------- Version 3-Build5.8.789 2024-08-20T09:00:23 ----------------------------------------- Patch: SUSE-2024-2967 Released: Mon Aug 19 15:41:29 2024 Summary: Recommended update for pam Severity: moderate References: 1194818 Description: This update for pam fixes the following issue: - Prevent cursor escape from the login prompt (bsc#1194818). ----------------------------------------- Version 3-Build5.8.790 2024-08-23T09:00:23 ----------------------------------------- Patch: SUSE-2024-2998 Released: Thu Aug 22 12:52:17 2024 Summary: Security update for glib2 Severity: low References: 1224044,CVE-2024-34397 Description: This update for glib2 fixes the following issues: - Fixed a possible use after free regression introduced by CVE-2024-34397 patch (bsc#1224044). ----------------------------------------- Version 3-Build5.8.794 2024-09-03T09:00:24 ----------------------------------------- Patch: SUSE-2024-3068 Released: Mon Sep 2 14:25:15 2024 Summary: Recommended update for util-linux Severity: moderate References: 1194818 Description: This update for util-linux fixes the following issue: - agetty: Prevent login cursor escape (bsc#1194818). ----------------------------------------- Version 3-Build5.8.797 2024-09-11T14:35:40 ----------------------------------------- Patch: SUSE-2024-3202 Released: Wed Sep 11 10:54:47 2024 Summary: Security update for curl Severity: moderate References: 1228535,1230093,CVE-2024-7264,CVE-2024-8096 Description: This update for curl fixes the following issues: - CVE-2024-8096: OCSP stapling bypass with GnuTLS. (bsc#1230093) - CVE-2024-7264: ASN.1 date parser overread. (bsc#1228535)