SUSE Container Update Advisory: suse/manager/5.0/x86_64/server ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2024:1690-1 Container Tags : suse/manager/5.0/x86_64/server:5.0.0-beta2 , suse/manager/5.0/x86_64/server:5.0.0-beta2.3.64 , suse/manager/5.0/x86_64/server:latest Container Release : 3.64 Severity : critical Type : security References : 1059627 1173034 1176932 1177039 1178481 1179020 1182661 1183012 1183051 1186282 1187332 1190495 1198533 1198880 1200551 1208079 1210959 1211272 1213418 1214169 1214691 1214934 1215005 1215377 1216296 1217316 1217320 1217321 1217324 1217326 1217329 1217330 1217390 1217432 1217450 1217608 1217667 1217964 1218232 1218252 1218492 1218952 1219031 1219321 1219520 1219530 1219559 1219581 1219666 1220061 1220068 1220070 1220644 1220724 1221239 1221289 1221813 1222045 1222109 1222259 CVE-2021-40633 CVE-2022-28506 CVE-2022-48566 CVE-2023-45918 CVE-2023-4750 CVE-2023-48161 CVE-2023-48231 CVE-2023-48232 CVE-2023-48233 CVE-2023-48234 CVE-2023-48235 CVE-2023-48236 CVE-2023-48237 CVE-2023-48706 CVE-2023-52425 CVE-2023-6597 CVE-2024-1597 CVE-2024-22667 CVE-2024-25710 CVE-2024-26308 CVE-2024-28757 CVE-2024-29025 ----------------------------------------------------------------- The container suse/manager/5.0/x86_64/server was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2020:2735-1 Released: Thu Sep 24 13:32:25 2020 Summary: Recommended update for systemd-rpm-macros Type: recommended Severity: moderate References: 1173034 This update for systemd-rpm-macros fixes the following issues: - Introduce macro '%service_del_postun_without_restart' to resolve blocking new releases based on this. (bsc#1173034) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2020:2782-1 Released: Tue Sep 29 11:40:22 2020 Summary: Recommended update for systemd-rpm-macros Type: recommended Severity: important References: 1176932 This update for systemd-rpm-macros fixes the following issues: - Backport missing macros of directory paths from upstream + %_environmentdir + %_modulesloaddir + %_modprobedir - Make sure %_restart_on_update_never and %_stop_on_removal_never don't expand to the empty string. (bsc#1176932) Otherwise sequences like the following code: if [ ... ]; then %_restart_on_update_never fi would result in the following incorrect shell syntax: if [ ... ]; then fi ----------------------------------------------------------------- Advisory ID: SUSE-OU-2020:3795-1 Released: Mon Dec 14 17:43:26 2020 Summary: Optional update for systemd-rpm-macros Type: optional Severity: low References: 1059627,1178481,1179020 This update for systemd-rpm-macros fixes the following issues: - Deprecate '-f'/'-n' options When used with %service_del_preun, support for these options will be dropped as DISABLE_STOP_ON_REMOVAL support will be removed on the next version of SLE (jsc#SLE-8968) When used with %service_del_postun, they should be replaced with their counterpart %service_del_postun_with_restart/%service_del_postun_without_restart - Introduced %service_del_postun_with_restart() It's the counterpart of %service_del_postun_without_restart() and replaces the '-f' option of %service_del_postun(). - Does no longer apply presets when migrating from a disabled initscript (bsc#1178481) - Fix importing of %{_unitdir} ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:707-1 Released: Thu Mar 4 09:19:36 2021 Summary: Recommended update for systemd-rpm-macros Type: recommended Severity: moderate References: 1177039 This update for systemd-rpm-macros fixes the following issues: - Bump to version 6 - Make upstream '%systemd_{pre,post,preun,postun}' aliases to their SUSE counterparts. Packagers can now choose to use the upstream or the SUSE variants indifferently. For consistency the SUSE variants should be preferred since almost all SUSE packages already use them but the upstream versions might be usefull in certain cases where packages need to support multiple distros based on RPM. - Improve the logic used to apply the presets. (bsc#1177039) Before presests were applied at a) package installation b) new units introduced via a package update (but after making sure that it was not a SysV initscript being converted). The problem is that a) didn't handle package a renaming or split properly since the package with the new name is installed rather being updated and therefore the presets were applied even if they were already with the old name. We now cover this case (and the other ones) by applying presets only if the units are new and the services are not being migrated. This regardless of whether this happens during an install or an update. ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:795-1 Released: Tue Mar 16 10:28:02 2021 Summary: Recommended update for systemd-rpm-macros Type: recommended Severity: low References: 1182661,1183012,1183051 This update for systemd-rpm-macros fixes the following issues: - Added a %systemd_user_pre macro (bsc#1183051, bsc#1183012) - Fixed an issue with %systemd_user_post, where the --global parameter was treated like if it was another service (bsc#1183051, bsc#1182661) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:2899-1 Released: Wed Sep 1 08:30:58 2021 Summary: Recommended update for systemd-rpm-macros Type: recommended Severity: moderate References: 1186282,1187332 This update for systemd-rpm-macros fixes the following issues: - Fixed an issue whe zypper ignores the ordering constraints. (bsc#1187332) - Introduce '%sysusers_create_package': '%sysusers_create' and '%sysusers_create_inline' are now deprecated and the new macro should be used instead. - %sysusers_create_inline: use here-docs instead of echo (bsc#1186282) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:4009-1 Released: Mon Dec 13 11:24:43 2021 Summary: Recommended update for systemd-rpm-macros Type: recommended Severity: low References: This update for systemd-rpm-macros fixes the following issues: - Introduce rpm macro %_systemd_util_dir ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:353-1 Released: Tue Feb 8 17:41:48 2022 Summary: Recommended update for systemd-rpm-macros Type: recommended Severity: moderate References: This update for systemd-rpm-macros fixes the following issues: - Bump version to 10 - %sysusers_create_inline was wrongly marked as deprecated - %sysusers_create can be useful in certain cases and won't go away until we'll move to file triggers. So don't mark it as deprecated too ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:1880-1 Released: Tue Apr 18 11:11:27 2023 Summary: Recommended update for systemd-rpm-macros Type: recommended Severity: low References: 1208079 This update for systemd-rpm-macros fixes the following issue: - Don't emit a warning when the flag file in /var/lib/systemd/migrated/ is not present as it's expected (bsc#1208079). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:2482-1 Released: Mon Jun 12 07:19:53 2023 Summary: Recommended update for systemd-rpm-macros Type: recommended Severity: moderate References: 1211272 This update for systemd-rpm-macros fixes the following issues: - Adjust functions so they are disabled when called from a chroot (bsc#1211272) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:4138-1 Released: Thu Oct 19 17:15:38 2023 Summary: Recommended update for systemd-rpm-macros Type: recommended Severity: moderate References: This update for systemd-rpm-macros fixes the following issues: - Switch to `systemd-hwdb` tool when updating the HW database. It's been introduced in systemd v219 and replaces the deprecated command `udevadm hwdb`. ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:4973-1 Released: Tue Dec 26 04:44:10 2023 Summary: Recommended update for duktape Type: recommended Severity: moderate References: 1216296 This update of duktape fixes the following issue: - duktape-devel is shipped to Basesystem module (bsc#1216296). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:561-1 Released: Wed Feb 21 05:35:13 2024 Summary: Recommended update for openblas Type: recommended Severity: important References: 1217608 This update for openblas contains the following fixes: - Added `libopenblas_pthreads0` to Package Hub SLE-15-SP5 for architecture s390 (no source changes) (bsc#1217608) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:637-1 Released: Tue Feb 27 10:06:55 2024 Summary: Recommended update for duktape Type: recommended Severity: moderate References: This update for duktape fixes the following issues: - Ship libduktape206-32bit: needed by libproxy since version 0.5. ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:726-1 Released: Thu Feb 29 12:12:44 2024 Summary: Security update for Java Type: security Severity: important References: 1220068,1220070,CVE-2024-25710,CVE-2024-26308 This update for Java fixes the following issues: apache-commons-codec was updated to version 1.16.1: - Changes in version 1.16.1: * New features: + Added Maven property project.build.outputTimestamp for build reproducibility * Bugs fixed: + Correct error in Base64 Javadoc + Added minimum Java version in changes.xml + Documentation update for the org.apache.commons.codec.digest.* package + Precompile regular expression in UnixCrypt.crypt(byte[], String) + Fixed possible IndexOutOfBoundException in PhoneticEngine.encode method + Fixed possible ArrayIndexOutOfBoundsException in QuotedPrintableCodec.encodeQuotedPrintable() method + Fixed possible StringIndexOutOfBoundException in MatchRatingApproachEncoder.encode() method + Fixed possible ArrayIndexOutOfBoundException in RefinedSoundex.getMappingCode() + Fixed possible IndexOutOfBoundsException in PercentCodec.insertAlwaysEncodeChars() method + Deprecated UnixCrypt 0-argument constructor + Deprecated Md5Crypt 0-argument constructor + Deprecated Crypt 0-argument constructor + Deprecated StringUtils 0-argument constructor + Deprecated Resources 0-argument constructor + Deprecated Charsets 0-argument constructor + Deprecated CharEncoding 0-argument constructor - Changes in version 1.16.0: * Remove duplicated words from Javadocs * Use Standard Charset object * Use String.contains() functions * Avoid use toString() or substring() in favor of a simplified expression * Fixed byte-skipping in Base16 decoding * Fixed several typos, improve writing in some javadocs * BaseNCodecOutputStream.eof() should not throw IOException. * Javadoc improvements and cleanups. * Deprecated BaseNCodec.isWhiteSpace(byte) and use Character.isWhitespace(int). * Added support for Blake3 family of hashes * Added github/codeql-action * Bump actions/cache from v2 to v3.0.10 * Bump actions/setup-java from v1.4.1 to 3.5.1 * Bump actions/checkout from 2.3.2 to 3.1.0 * Bump commons-parent from 52 to 58 * Bump junit from 4.13.1 to 5.9.1 * Bump Java 7 to 8. * Bump japicmp-maven-plugin from 0.14.3 to 0.17.1. * Bump jacoco-maven-plugin from 0.8.5 to 0.8.8 (Fixes Java 15 builds). * Bump maven-surefire-plugin from 2.22.2 to 3.0.0-M7 * Bump maven-javadoc-plugin from 3.2.0 to 3.4.1. * Bump animal-sniffer-maven-plugin from 1.19 to 1.22. * Bump maven-pmd-plugin from 3.13.0 to 3.19.0 * Bump pmd from 6.47.0 to 6.52.0. * Bump maven-checkstyle-plugin from 2.17 to 3.2.0 * Bump checkstyle from 8.45.1 to 9.3 * Bump taglist-maven-plugin from 2.4 to 3.0.0 * Bump jacoco-maven-plugin from 0.8.7 to 0.8.8. apache-commons-compress was updated to version 1.26: - Changes in version 1.26: * Security issues fixed: + CVE-2024-26308: Fixed allocation of Resources Without Limits or Throttling vulnerability in Apache Commons Compress (bsc#1220068) + CVE-2024-25710: Fixed loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache Commons Compress (bsc#1220070) * New Features: + Added and use ZipFile.builder(), ZipFile.Builder, and deprecate constructors + Added and use SevenZFile.builder(), SevenZFile.Builder, and deprecate constructors + Added and use ArchiveInputStream.getCharset() + Added and use ArchiveEntry.resolveIn(Path) + Added Maven property project.build.outputTimestamp for build reproducibility * Bugs fixed: + Check for invalid PAX values in TarArchiveEntry + Fixed zero size headers in ArjInputStream + Fixes and tests for ArInputStream + Fixes for dump file parsing + Improved CPIO exception detection and handling + Deprecated SkipShieldingInputStream without replacement (nolonger used) + Reuse commons-codec, don't duplicate class PureJavaCrc32C (removed package-private class) + Reuse commons-codec, don't duplicate class XXHash32 (deprecated class) + Reuse commons-io, don't duplicate class Charsets (deprecated class) + Reuse commons-io, don't duplicate class IOUtils (deprecated methods) + Reuse commons-io, don't duplicate class BoundedInputStream (deprecated class) + Reuse commons-io, don't duplicate class FileTimes (deprecated TimeUtils methods) + Reuse Arrays.equals(byte[], byte[]) and deprecate ArchiveUtils.isEqual(byte[], byte[]) + Added a null-check for the class loader of OsgiUtils + Added a null-check in Pack200.newInstance(String, String) + Deprecated ChecksumCalculatingInputStream in favor of java.util.zip.CheckedInputStream + Deprecated CRC32VerifyingInputStream.CRC32VerifyingInputStream(InputStream, long, int) + FramedSnappyCompressorOutputStream produces incorrect output when writing a large buffer + Fixed TAR directory entries being misinterpreted as files + Deprecated unused method FileNameUtils.getBaseName(String) + Deprecated unused method FileNameUtils.getExtension(String) + ArchiveInputStream.BoundedInputStream.read() incorrectly adds 1 for EOF to the bytes read count + Deprecated IOUtils.read(File, byte[]) + Deprecated IOUtils.copyRange(InputStream, long, OutputStream, int) + ZipArchiveOutputStream multi archive updates metadata in incorrect file + Deprecated ByteUtils.InputStreamByteSupplier + Deprecated ByteUtils.fromLittleEndian(InputStream, int) + Deprecated ByteUtils.toLittleEndian(DataOutput, long, int) + Reduce duplication by having ArchiveInputStream extend FilterInputStream + Support preamble garbage in ZipArchiveInputStream + Fixed formatting the lowest expressable DOS time + Dropped reflection from ExtraFieldUtils static initialization + Preserve exception causation in ExtraFieldUtils.register(Class) - Changes in version 1.25: * For the full list of changes please consult: https://commons.apache.org/proper/commons-compress/changes-report.html#a1.25.0 - Changes in version 1.24: * For the full list of changes please consult: https://commons.apache.org/proper/commons-compress/changes-report.html#a1.24.0 - Changes in version 1.23: * For the full list of changes please consult: https://commons.apache.org/proper/commons-compress/changes-report.html#a1.23.0 - Changes in version 1.22: * For the full list of changes please consult: https://commons.apache.org/proper/commons-compress/changes-report.html#a1.22 apache-commons-io was updated to version 2.15.1: - Changes in version 2.15.1: * For the full list of changes please consult: https://commons.apache.org/proper/commons-io/changes-report.html#a2.15.1 - Changes in version 2.15.0: * For the full list of changes please consult: https://commons.apache.org/proper/commons-io/changes-report.html#a2.15.0 - Changes in version 2.14.0: * For the full list of changes please consult: https://commons.apache.org/proper/commons-io/changes-report.html#a2.14.0 javapackages-meta: - Syncing the version with javapackages-tools 6.2.0 - Remove unnecessary dependencies maven was updated to version 3.9.6: - Changes in version 3.9.6: * Bugs fixed: + Error message when modelVersion is 4.0 is confusing * Improvements: + Colorize transfer messages + Support ${project.basedir} in file profile activation + Allow to exclude plugins from validation * Tasks: + Maven Resolver Provider classes ctor change + Undeprecate wrongly deprecated repository metadata + Deprecated `org.apache.maven.repository.internal.MavenResolverModule` + maven-resolver-provider: introduce NAME constants. * Dependency upgrade: + Updated to Resolver 1.9.16 + Upgraded Sisu version to 0.9.0.M2 + Upgraded Resolver version to 1.9.18 + Upgraded to parent POM 41 + Upgraded default plugin bindings maven-assembly-plugin: - Explicitely require commons-io:commons-io and commons-codec:common-codes artifacts that are optional in apache-commons-compress maven-doxia was updated to version 1.12.0: * Changes in version 1.12.0: + Upgraded to FOP 2.2 + Fixed rendering links and paragraphs inside tables + Rewrite .md and .markdown links to .html + Upgraded HttpComponents: httpclient to 4.5.8 and httpcore to 4.4.11 + Escape links to xml based figureGraphics image elements + SECURITY: Use HTTPS to resolve dependencies in Maven Build + Removed old Maven 1 and 2 info + Updated commons-lang to 3.8.1 + Dropped dependency to outdated Log4j + Fixed Java 7 compatibility that was broken + Import tests from maven-site-plugin + Fixed crosslinks starting with a dot in markdown files + Replace deprecated class from commons-lang + Fill in some generic types maven-doxia-sitetools was updated to version 1.11.1: - Changes in version 1.11.1: * Bugs fixed: + CLIRR can't find previous version * Improvements: + Removed all   in default-site-macros.vm and replace by a space + Improved documentation on site.xml inheritance vs interpolation * Tasks: + Deprecated Doxia Sitetools Doc Renderer * Dependency upgrade: + Fixed javadoc issues with JDK 8 when generating documentation + Wrong coordinates for jai_core: hyphen should be underscore + Use latest JUnit version 4.13.2 + Upgraded Plexus Utils to 3.3.0 + Upgraded Plexus Interpolation to 1.26 + Upgraded Maven Doxia to 1.10 + Upgraded Maven Doxia to 1.11.1 maven-jar-plugin was updated to version 3.3.0: - Changes in version 3.3.0: * Bugs fixed: + outputTimestamp not applied to module-info; breaks reproducible builds * Task: + Updated plugin (requires Maven 3.2.5+) + Java 8 as minimum * Dependency upgrade: + Upgraded Plexus Utils to 3.3.1 + Removed override for Plexus Archiver to fix order of META-INF/ and META-INF/MANIFEST.MF entries + Upgraded Parent to 36 + Updated Plexus Utils to 3.4.2 + Upgraded Parent to 37 maven-jar-plugin was updated to version 3.6.0: - Changes from version 3.6.0: * Bugs fixed: + Setting maven.javadoc.isoffline seems to have no effect + javadoc site is broken for projects that contain modules + Alternative doclet page points to an SEO spammy page + [REGRESSION] Transitive dependencies of docletArtifact missing + Unresolvable link in javadoc tag with value ResourcesBundleMojo#getAttachmentClassifier() found in ResourcesBundleMojo + IOException --> NullPointerException in JavadocUtil.copyResource + JavadocReportTest.testExceptions is broken + javadoc creates invalid --patch-module statements + javadoc plugin can not deal with transitive filename based modules * Improvements: + Clean up deprecated and unpreferred methods in JavadocUtil + Cleanup dependency declarations as best possible + Allow building javadoc 'the old fashioned way' after Java 8 * Tasks: + Dropped use of deprecated localRepository mojo parameter + Make build pass with Java 20 + Refresh download page * Dependency upgrade: + Updated to commons-io 2.13.0 + Updated plexus-archiver from 4.7.1 to 4.8.0 + Upgraded Parent to 40 - Changes from version 3.5.0: * Bugs fixed: + Invalid anchors in Javadoc and plugin mojo + Plugin duplicates classes in Java 8 all-classes lists + javadoc site creation ignores configuration parameters * Improvements: + Deprecated parameter 'stylesheet' + Parse stderr output and suppress informational lines + Link to Javadoc references from JDK 17 + Migrate components to JSR 330, get rid of maven-artifact-transfer, update to parent 37 * Tasks: + Removed remains of org.codehaus.doxia.sink.Sink * Dependency upgrades: + Upgraded plugins in ITs + Upgraded to Maven 3.2.5 + Updated Maven Archiver to 3.6.0 + Upgraded Maven Reporting API to 3.1.1/Complete with Maven Reporting Impl 3.2.0 + Upgraded commons-text to 1.10.0 + Upgraded Parent to 39 + Upgraded plugins and components maven-reporting-api was updated to version 3.1.1: - Restore binary compat for MavenReport maven-reporting-impl was updated to version 3.2.0: - Changes in version 3.2.0: * Improvement: + Render with a skin when report is run in standalone mode * Dependency upgrades: + Upgraded Maven Reporting API to 3.1.1 + Upgraded plugins and components in project and ITs maven-resolver was updated to version 1.9.18: - Changes in version 1.9.18: * Bugs fixed: + Sporadic AccessDeniedEx on Windows + Undo FileUtils changes that altered non-Windows execution path * Improvements: + Native transport should retry on HTTP 429 (Retry-After) * Task: + Deprecated Guice modules + Get rid of component name string literals, make them constants and reusable + Expose configuration for inhibiting Expect-Continue handshake in 1.x + Refresh download page + Resolver should not override given HTTP transport default use of expect-continue handshake maven-resources-plugin was updated to version 3.3.1: - Changes in version 3.3.1: * Bugs fixed: + Resource plugin's handling of symbolic links changed in 3.0.x, broke existing behavior + Resource copying not using specified encoding + java.nio.charset.MalformedInputException: Input length = 1 + Filtering of Maven properties with long names is not working after transition from 2.6 to 3.2.0 + Valid location for directory parameter is always required + Symlinks cause copying resources to fail + FileUtils.copyFile() fails with source file having `lastModified = 0` * New Features: + Added ability to flatten folder structure into target directory when copying resources * Improvements: + Make tests jar reproducible + Describe from and to in 'Copying xresources' info message * Task: + Dropped plexus legacy + Updated to parent POM 39, reformat sources + Updated plugin (requires Maven 3.2.5+) + Require Java 8 * Dependency upgrade: + Upgraded maven-plugin parent to 36 + Upgraded Maven Filtering to 3.3.0 + Upgraded plexus-utils to 3.5.1 + Upgraded to maven-filtering 3.3.1 sbt: - Fixed RPM package build with maven 3.9.6 and maven-resolver 1.9.18 xmvn: - Modify the xmvn-install script to work with new apache-commons-compress - Recompiling RPM package to resolve package building issues with maven-lib ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:737-1 Released: Fri Mar 1 09:04:30 2024 Summary: Recommended update for system-user-prometheus Type: recommended Severity: important References: 1218252 This update for system-user-prometheus contains the following fixes: - Added `system-user-prometheus` to Package Hub SLE-15-SP5 to resolve dependency issue with prometheus (bsc#1218252) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:773-1 Released: Tue Mar 5 20:33:45 2024 Summary: Security update for postgresql-jdbc Type: security Severity: critical References: 1220644,CVE-2024-1597 This update for postgresql-jdbc fixes the following issues: - CVE-2024-1597: Fixed SQL Injection via line comment generation (bsc#1220644). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:786-1 Released: Wed Mar 6 21:07:20 2024 Summary: Security update for giflib Type: security Severity: important References: 1198880,1200551,1217390,CVE-2021-40633,CVE-2022-28506,CVE-2023-48161 This update for giflib fixes the following issues: Update to version 5.2.2 * Fixes for CVE-2023-48161 (bsc#1217390), CVE-2022-28506 (bsc#1198880) * #138 Documentation for obsolete utilities still installed * #139: Typo in 'LZW image data' page ('110_2 = 4_10') * #140: Typo in 'LZW image data' page ('LWZ') * #141: Typo in 'Bits and bytes' page ('filed') * Note as already fixed SF issue #143: cannot compile under mingw * #144: giflib-5.2.1 cannot be build on windows and other platforms using c89 * #145: Remove manual pages installation for binaries that are not installed too * #146: [PATCH] Limit installed man pages to binaries, move giflib to section 7 * #147 [PATCH] Fixes to doc/whatsinagif/ content * #148: heap Out of Bound Read in gif2rgb.c:298 DumpScreen2RGB * Declared no-info on SF issue #150: There is a denial of service vulnerability in GIFLIB 5.2.1 * Declared Won't-fix on SF issue 149: Out of source builds no longer possible * #151: A heap-buffer-overflow in gif2rgb.c:294:45 * #152: Fix some typos on the html documentation and man pages * #153: Fix segmentation faults due to non correct checking for args * #154: Recover the giffilter manual page * #155: Add gifsponge docs * #157: An OutofMemory-Exception or Memory Leak in gif2rgb * #158: There is a null pointer problem in gif2rgb * #159 A heap-buffer-overflow in GIFLIB5.2.1 DumpScreen2RGB() in gif2rgb.c:298:45 * #163: detected memory leaks in openbsd_reallocarray giflib/openbsd-reallocarray.c * #164: detected memory leaks in GifMakeMapObject giflib/gifalloc.c * #166: a read zero page leads segment fault in getarg.c and memory leaks in gif2rgb.c and gifmalloc.c * #167: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function at Line 321 of gif2rgb.c ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:827-1 Released: Mon Mar 11 03:55:54 2024 Summary: Recommended update for tomcat Type: recommended Severity: moderate References: 1219530 This update for tomcat fixes the following issues: - Added dependencies on tomcat `user` and `group`, required by RPM 4.19 (bsc#1219530) - Link ecj.jar into the install instead of copying it ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:849-1 Released: Tue Mar 12 15:38:03 2024 Summary: Recommended update for cloud-init Type: recommended Severity: important References: 1198533,1214169,1218952 This update for cloud-init contains the following fixes: - Skip tests with empty config. - Support reboot on package update/upgrade via the cloud-init config. (bsc#1198533, bsc#1218952, jsc#SMO-326) - Switch build dependency to the generic distribution-release package. - Move fdupes call back to %install. (bsc#1214169) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:861-1 Released: Wed Mar 13 09:12:30 2024 Summary: Recommended update for aaa_base Type: recommended Severity: moderate References: 1218232 This update for aaa_base fixes the following issues: - Silence the output in the case of broken symlinks (bsc#1218232) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:901-1 Released: Thu Mar 14 17:49:10 2024 Summary: Security update for python3 Type: security Severity: important References: 1214691,1219666,CVE-2022-48566,CVE-2023-6597 This update for python3 fixes the following issues: - CVE-2023-6597: Fixed symlink bug in cleanup of tempfile.TemporaryDirectory (bsc#1219666). - CVE-2022-48566: Make compare_digest more constant-time (bsc#1214691). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:907-1 Released: Fri Mar 15 08:57:38 2024 Summary: Recommended update for audit Type: recommended Severity: moderate References: 1215377 This update for audit fixes the following issue: - Fix plugin termination when using systemd service units (bsc#1215377) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:929-1 Released: Tue Mar 19 06:36:24 2024 Summary: Recommended update for coreutils Type: recommended Severity: moderate References: 1219321 This update for coreutils fixes the following issues: - tail: fix tailing sysfs files where PAGE_SIZE > BUFSIZ (bsc#1219321) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:982-1 Released: Mon Mar 25 12:56:33 2024 Summary: Recommended update for systemd-rpm-macros Type: recommended Severity: moderate References: 1217964 This update for systemd-rpm-macros fixes the following issue: - Order packages that requires systemd after systemd-sysvcompat if needed. (bsc#1217964) ----------------------------------------------------------------- Advisory ID: SUSE-feature-2024:1075-1 Released: Mon Apr 1 10:50:53 2024 Summary: Feature update for openblas Type: feature Severity: important References: 1221813 This update for openblas fixes the following issues: openblas was updated from version 0.3.21 to version 0.3.25 (jsc#PED-7926, jsc#PED-7927, bsc#1221813): - Changes in version 0.3.25: * General: + Improved the error message shown on exceeding the maximum thread count + Improved the code to add supplementary thread buffers in case of overflow + Fixed a potential division by zero in `?ROTG` + Improved the `?MATCOPY` functions to accept zero-sized rows or columns + Corrected empty prototypes in function declarations + cleaned up unused declarations in the f2c-converted versions of the LAPACK sources + Improved link line rewriting to avoid mixed libgomp/libomp builds with clang&gfortran + imported the following changes from the upcoming release 3.12 of Reference-LAPACK: LAPACK PR 900, LAPACK PR 904, LAPACK PR 907, LAPACK PR 909, LAPACK PR 926, LAPACK PR 927, LAPACK PR 928 & 930 * Architecture x86-64: + Fixed capability-based fallback selection for unknown cpus in `DYNAMIC_ARCH` + Added AVX512 optimizations for `?ASUM` on Intel Sapphire Rapids and Cooper Lake * Architecture ARM64: + Fixed building with XCODE 15 + Fixed building on A64FX and Cortex A710/X1/X2 + increased the default buffer size for recent arm server cpus * Architecture POWER PC: + Added support for `DYNAMIC_ARCH` builds with clang + Fixed union declaration in the `BFLOAT16` test case - Changes in version 0.3.24: * General: + Declared the arguments of `cblas_xerbla` as `const` (in accordance with the reference implementation and others, the previous discrepancy appears to have dated back to GotoBLAS) + Fixed the implementation of `?GEMMT` that was added in 0.3.23 + made cpu-specific `SWITCH_RATIO` parameters for GEMM available to `DYNAMIC_ARCH` builds + Fixed missing `SSYCONVF` function in the shared library + Fixed parallel build logic used with gmake + Fixed several issues with the handling of runtime limits on the number of OPENMP threads + Corrected the error code returned by `SGEADD`/`DGEADD` when LDA is too small + Corrected the error code returned by `IMATCOPY` when LDB is too small + Updated `?NRM2` to support negative increment values (as introduced in release 3.10.0 of the Reference BLAS) + Updated `?ROTG` to use the safe scaling algorithm introduced in release 3.10.0 of the Reference BLAS + Fixed OpenMP builds with CLANG for the case where libomp is not in a standard location + Fixed a potential overwrite of unrelated memory during thread initialisation on startup + Fixed a potential integer overflow in the multithreading threshold for `?SYMM`/`?SYRK` + Fixed build of the LAPACKE interfaces for the LAPACK 3.11.0 `?TRSYL` functions added in 0.3.22 + Applied additions and corrections from the development branch of Reference-LAPACK: - Fixed actual arguments passed to a number of LAPACK functions (from Reference-LAPACK PR 885) - Fixed workspace query results in LAPACK `?SYTRF`/`?TRECV3` (from Reference-LAPACK PR 883) - Fixed derivation of the UPLO parameter in `LAPACKE_?larfb` (from Reference-LAPACK PR 878) - Fixed a crash in LAPACK `?GELSDD` on `NRHS=0` (from Reference-LAPACK PR 876) - Added new LAPACK utility functions `CRSCL` and `ZRSCL` (from Reference-LAPACK PR 839) - Corrected the order of eigenvalues for 2x2 matrices in `?STEMR` (Reference-LAPACK PR 867) - Removed spurious reference to OpenMP variables outside OpenMP contexts (Reference-LAPACK PR 860) - Updated file comments on use of `LAMBDA` variable in LAPACK (Reference-LAPACK PR 852) - Fixed documentation of LAPACK `SLASD0`/`DLASD0` (Reference-LAPACK PR 855) - Fixed confusing use of 'minor' in LAPACK documentation (Reference-LAPACK PR 849) - Added new LAPACK functions ?GEDMD for dynamic mode decomposition (Reference-LAPACK PR 736) - Fixed potential stack overflows in the `EIG` part of the LAPACK testsuite (Reference-LAPACK PR 854) - Applied small improvements to the variants of Cholesky and QR functions (Reference-LAPACK PR 847) - Removed unused variables from LAPACK `?BDSQR` (Reference-LAPACK PR 832) - Fixed a potential crash on allocation failure in LAPACKE `SGEESX`/`DGEESX` (Reference-LAPACK PR 836) - Added a quick return from `SLARUV`/`DLARUV` for N < 1 (Reference-LAPACK PR 837) - Updated function descriptions in LAPACK `?GEGS`/`?GEGV` (Reference-LAPACK PR 831) - Improved algorithm description in `?GELSY` (Reference-LAPACK PR 833) - Fixed scaling in LAPACK `STGSNA`/`DTGSNA` (Reference-LAPACK PR 830) - Fixed crash in `LAPACKE_?geqrt` with row-major data (Reference-LAPACK PR 768) - Added LAPACKE interfaces for `C/ZUNHR_COL` and `S/DORHR_COL` (Reference-LAPACK PR 827) - Added error exit tests for `SYSV`/`SYTD2`/`GEHD2` to the testsuite (Reference-LAPACK PR 795) - Fixed typos in LAPACK source and comments (Reference-LAPACK PRs 809,811,812,814,820) - Adopt refactored `?GEBAL` implementation (Reference-LAPACK PR 808) * Architecture x86_64: + Added cpu model autodetection for Intel Alder Lake N + Added activation of the AMX tile to the Sapphire Rapids `SBGEMM` kernel + worked around miscompilations of GEMV/SYMV kernels by gcc's tree-vectorizer + Fixed runtime detection of Cooperlake and Sapphire Rapids in `DYNAMIC_ARCH` + Fixed feature-based cputype fallback in `DYNAMIC_ARCH` + Corrected `ZAXPY` result on old pre-AVX hardware for the `INCX=0` case + Fixed a potential use of uninitialized variables in ZTRSM * Architecture ARMV8: + implemented SWITCH_RATIO parameter for improved GEMM performance on Neoverse + activated SVE SGEMM and DGEMM kernels for Neoverse V1 + Improved performance of the SVE CGEMM and ZGEMM kernels on Neoverse V1 + Improved kernel selection for the ARMV8SVE target and added it to `DYNAMIC_ARCH` + Fixed runtime check for SVE availability in `DYNAMIC_ARCH` builds to take OS or container restrictions into account + Fixed a potential use of uninitialized variables in ZTRSM * Architecture POWER PC: + Fixed compiler warnings in the POWER10 SBGEMM kernel - Changes in version 0.3.23: * General: + Fixed a serious regression in `GETRF`/`GETF2` and `ZGETRF`/`ZGETF2` where subnormal but nonzero data elements triggered the singularity flag + Fixed a long-standing bug in `CSPR`/`ZSPR` in single-threaded operation + for cases where elements of the X vector are real numbers (or complex with only the real part zero) * Architecture x86_64: + Added further CPUID values for Intel Raptor Lake - Changes in version 0.3.22: * General: + Updated the included LAPACK to Reference-LAPACK release 3.11.0 plus post-release corrections and improvements + Added a threshold for multithreading in `SYMM`, `SYMV` and `SYR2K` + Increased the threshold for multithreading in `SYRK` + OpenBLAS no longer decreases the global `OMP_NUM_THREADS` when it exceeds the maximum thread count the library was compiled for. + Fixed `?GETF2` potentially returning `NaN` with tiny matrix elements + Fixed `openblas_set_num_threads` to work in `USE_OPENMP` builds. + Fixed cpu core counting in `USE_OPENMP` builds returning the number of OMP 'places' rather than cores + Fixed stride calculation in the optimized small-matrix path of complex `SYR` + Fixed building of Reference-LAPACK with recent gfortran + Added new environment variable `OPENBLAS_DEFAULT_NUM_THREADS` + Added a GEMV-based implementation of `GEMMT` * Architecture x86_64: + Added autodetection of Intel Raptor Lake cpu models + Added SSCAL microkernels for Haswell and newer targets + Improved the performance of the Haswell DSCAL microkernel + Added CSCAL and ZSCAL microkernels for SkylakeX targets + Fixed detection of gfortran and Cray CCE compilers + Fixed runtime selection of COOPERLAKE in `DYNAMIC_ARCH` builds + Worked around gcc/llvm using risky FMA operations in CSCAL/ZSCAL * Architecture ARMV8: + Fixed cross-compilation to CortexA53 with CMAKE + Fixed compilation with CMAKE and 'Arm Compiler for Linux 22.1' + Added cpu autodetection for Cortex X3 and A715 + Fixed conditional compilation of SVE-capable targets in `DYNAMIC_ARCH` + sped up SVE kernels by removing unnecessary prefetches + Improved the GEMM performance of Neoverse V1 + Added SVE kernels for SDOT and DDOT + Added an SBGEMM kernel for Neoverse N2 + Improved cpu-specific compiler option selection for Neoverse cpus + Added support for setting `CONSISTENT_FPCSR` ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:1079-1 Released: Tue Apr 2 05:52:07 2024 Summary: Security update for netty, netty-tcnative Type: security Severity: important References: 1222045,CVE-2024-29025 This update for netty, netty-tcnative fixes the following issues: - CVE-2024-29025: Fixed out of memory due to large number of form fields (bsc#1222045). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:1091-1 Released: Tue Apr 2 12:18:46 2024 Summary: Recommended update for rpm Type: recommended Severity: moderate References: This update for rpm fixes the following issues: - Turn on IMA/EVM file signature support, move the imaevm code that needs the libiamevm library into a plugin, and install this plugin as part of a new 'rpm-imaevmsign' subpackage (jsc#PED-7246). - Backport signature reserved space handling from upstream. ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:1129-1 Released: Mon Apr 8 09:12:08 2024 Summary: Security update for expat Type: security Severity: important References: 1219559,1221289,CVE-2023-52425,CVE-2024-28757 This update for expat fixes the following issues: - CVE-2023-52425: Fixed a DoS caused by processing large tokens. (bsc#1219559) - CVE-2024-28757: Fixed an XML Entity Expansion. (bsc#1221289) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:1133-1 Released: Mon Apr 8 11:29:02 2024 Summary: Security update for ncurses Type: security Severity: moderate References: 1220061,CVE-2023-45918 This update for ncurses fixes the following issues: - CVE-2023-45918: Fixed NULL pointer dereference via corrupted xterm-256color file (bsc#1220061). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:1176-1 Released: Tue Apr 9 10:43:33 2024 Summary: Recommended update for hwdata Type: recommended Severity: moderate References: This update for hwdata fixes the following issues: - Update to 0.380 - Update pci, usb and vendor ids ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:1201-1 Released: Thu Apr 11 10:47:59 2024 Summary: Recommended update for xfsprogs-scrub and jctools Type: recommended Severity: low References: 1190495,1213418 This update for xfsprogs-scrub fixes the following issues: - Added missing xfsprogs-scrub to Package Hub for SLE-15-SP5 (bsc#1190495) - Added missing jctools to Package Hub for SLE-15-SP5 (bsc#1213418) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:1206-1 Released: Thu Apr 11 12:56:24 2024 Summary: Recommended update for rpm Type: recommended Severity: moderate References: 1222259 This update for rpm fixes the following issues: - remove imaevmsign plugin from rpm-ndb [bsc#1222259] ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:1253-1 Released: Fri Apr 12 08:15:18 2024 Summary: Recommended update for gcc13 Type: recommended Severity: moderate References: 1210959,1214934,1217450,1217667,1218492,1219031,1219520,1220724,1221239 This update for gcc13 fixes the following issues: - Fix unwinding for JIT code. [bsc#1221239] - Revert libgccjit dependency change. [bsc#1220724] - Remove crypt and crypt_r interceptors. The crypt API change in SLE15 SP3 breaks them. [bsc#1219520] - Add support for -fmin-function-alignment. [bsc#1214934] - Use %{_target_cpu} to determine host and build. - Fix for building TVM. [bsc#1218492] - Add cross-X-newlib-devel requires to newlib cross compilers. [bsc#1219031] - Package m2rte.so plugin in the gcc13-m2 sub-package rather than in gcc13-devel. [bsc#1210959] - Require libstdc++6-devel-gcc13 from gcc13-m2 as m2 programs are linked against libstdc++6. - Fixed building mariadb on i686. [bsc#1217667] - Avoid update-alternatives dependency for accelerator crosses. - Package tool links to llvm in cross-amdgcn-gcc13 rather than in cross-amdgcn-newlib13-devel since that also has the dependence. - Depend on llvmVER instead of llvm with VER equal to %product_libs_llvm_ver where available and adjust tool discovery accordingly. This should also properly trigger re-builds when the patchlevel version of llvmVER changes, possibly changing the binary names we link to. [bsc#1217450] ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:1279-1 Released: Fri Apr 12 21:35:09 2024 Summary: Recommended update for python3 Type: recommended Severity: moderate References: 1222109 This update for python3 fixes the following issue: - Fix syslog making default 'ident' from sys.argv (bsc#1222109) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:1287-1 Released: Mon Apr 15 15:03:40 2024 Summary: Security update for vim Type: security Severity: important References: 1215005,1217316,1217320,1217321,1217324,1217326,1217329,1217330,1217432,1219581,CVE-2023-4750,CVE-2023-48231,CVE-2023-48232,CVE-2023-48233,CVE-2023-48234,CVE-2023-48235,CVE-2023-48236,CVE-2023-48237,CVE-2023-48706,CVE-2024-22667 This update for vim fixes the following issues: Updated to version 9.1.0111, fixes the following security problems - CVE-2023-48231: Use-After-Free in win_close() (bsc#1217316). - CVE-2023-48232: Floating point Exception in adjust_plines_for_skipcol() (bsc#1217320). - CVE-2023-48233: overflow with count for :s command (bsc#1217321). - CVE-2023-48234: overflow in nv_z_get_count (bsc#1217324). - CVE-2023-48235: overflow in ex address parsing (CVE-2023-48235). - CVE-2023-48236: overflow in get_number (bsc#1217329). - CVE-2023-48237: overflow in shift_line (bsc#1217330). - CVE-2023-48706: heap-use-after-free in ex_substitute (bsc#1217432). - CVE-2024-22667: stack-based buffer overflow in did_set_langmap function in map.c (bsc#1219581). - CVE-2023-4750: Heap use-after-free in function bt_quickfix (bsc#1215005). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:1398-1 Released: Tue Apr 23 13:58:22 2024 Summary: Recommended update for systemd-default-settings Type: recommended Severity: moderate References: This update for systemd-default-settings fixes the following issues: - Disable pids controller limit under user instances (jsc#SLE-10123) - Disable controllers by default (jsc#PED-2276) - The usage of drop-ins is now the official way for configuring systemd and its various daemons on Factory/ALP, hence the early drop-ins SUSE specific 'feature' has been abandoned. - User priority '26' for SLE-Micro - Convert more drop-ins into early ones The following package changes have been done: - cracklib-dict-small-2.9.11-150600.1.89 updated - crypto-policies-20230920.570ea89-150600.1.9 updated - libldap-data-2.4.46-150600.23.15 updated - libsemanage-conf-3.5-150600.1.48 updated - libssh-config-0.9.8-150600.9.1 updated - glibc-2.38-150600.9.2 updated - libzstd1-1.5.5-150600.1.2 updated - libuuid1-2.39.3-150600.1.15 updated - libsmartcols1-2.39.3-150600.1.15 updated - libsepol2-3.5-150600.1.48 updated - libsasl2-3-2.1.28-150600.5.2 updated - libpcre2-8-0-10.42-150600.1.25 updated - libnghttp2-14-1.40.0-150600.23.1 updated - liblzma5-5.4.1-150600.1.1 updated - liblz4-1-1.9.4-150600.1.3 updated - libgpg-error0-1.47-150600.1.2 updated - libfa1-1.14.1-150600.1.2 updated - libcom_err2-1.47.0-150600.2.25 updated - libblkid1-2.39.3-150600.1.15 updated - libselinux1-3.5-150600.1.45 updated - libglib-2_0-0-2.78.3-150600.1.6 updated - libksba8-1.6.4-150600.1.2 updated - libgcrypt20-1.10.3-150600.1.18 updated - libfdisk1-2.39.3-150600.1.15 updated - libmount1-2.39.3-150600.1.15 updated - libgmodule-2_0-0-2.78.3-150600.1.6 updated - libgcc_s1-13.2.1+git8285-150000.1.9.1 updated - libstdc++6-13.2.1+git8285-150000.1.9.1 updated - libncurses6-6.1-150000.5.24.1 updated - terminfo-base-6.1-150000.5.24.1 updated - ncurses-utils-6.1-150000.5.24.1 updated - libduktape206-2.6.0-150500.4.5.1 added - libexpat1-2.4.4-150400.3.17.1 updated - libaudit1-3.0.6-150400.4.16.1 updated - libsigc-2_0-0-2.12.1-150600.1.2 updated - libabsl2401_0_0-20240116.1-150600.17.3 added - libgobject-2_0-0-2.78.3-150600.1.6 updated - libopenssl3-3.1.4-150600.2.18 updated - libaugeas0-1.14.1-150600.1.2 updated - libudev1-254.10-150600.1.3 updated - libsystemd0-254.10-150600.1.3 updated - libsemanage2-3.5-150600.1.48 updated - libprotobuf-lite25_1_0-25.1-150600.14.1 updated - libzck1-1.1.16-150600.9.2 updated - libopenssl-3-fips-provider-3.1.4-150600.2.18 updated - libldap-2_4-2-2.4.46-150600.23.15 updated - krb5-1.20.1-150600.9.1 updated - patterns-base-fips-20200124-150600.29.2 updated - libssh4-0.9.8-150600.9.1 updated - coreutils-8.32-150400.9.3.1 updated - shared-mime-info-2.4-150600.1.2 updated - login_defs-4.8.1-150600.15.44 updated - libcrack2-2.9.11-150600.1.89 updated - cracklib-2.9.11-150600.1.89 updated - sed-4.9-150600.1.3 updated - libcurl4-8.6.0-150600.2.1 updated - sles-release-15.6-150600.33.2 updated - gpg2-2.4.4-150600.1.3 updated - libgpgme11-1.23.0-150600.1.35 updated - shadow-4.8.1-150600.15.44 updated - gio-branding-SLE-15-150600.33.2 updated - libgio-2_0-0-2.78.3-150600.1.6 updated - glib2-tools-2.78.3-150600.1.6 updated - libpxbackend-1_0-0.5.3-150600.1.1 added - libproxy1-0.5.3-150600.1.1 updated - libzypp-17.31.31-150600.8.7 updated - util-linux-2.39.3-150600.1.15 updated - aaa_base-84.87+git20180409.04c9dae-150300.10.12.1 updated - curl-8.6.0-150600.2.1 updated - openssl-3.1.4-150600.2.1 updated - openssl-3-3.1.4-150600.2.18 updated - timezone-2024a-150600.89.1 updated - libapparmor1-3.1.7-150600.3.1 updated - libkmod2-29-150600.11.3 updated - pam-config-1.1-150600.14.2 updated - systemd-default-settings-branding-SLE-0.10-150300.3.7.1 updated - systemd-default-settings-0.10-150300.3.7.1 updated - systemd-presets-common-SUSE-15-150600.25.2 updated - systemd-presets-branding-SLE-15.1-150600.32.2 updated - systemd-254.10-150600.1.3 updated - augeas-lenses-1.14.1-150600.1.2 updated - augeas-1.14.1-150600.1.2 updated - dwz-0.12-150000.3.4.1 updated - girepository-1_0-1.78.1-150600.2.2 updated - libgirepository-1_0-1-1.78.1-150600.2.2 updated - glibc-locale-base-2.38-150600.9.2 updated - image-sync-formula-0.1.1711646883.4a44375-150600.1.1 updated - jose4j-0.9.5-150600.1.1 updated - libX11-data-1.8.7-150600.1.2 updated - libarchive13-3.7.2-150600.1.6 updated - libargon2-1-20190702-150600.1.3 updated - libasound2-1.2.10-150600.2.3 updated - libatomic1-13.2.1+git8285-150000.1.9.1 updated - libburn4-1.5.6-150600.1.5 updated - libdevmapper1_03-2.03.22_1.02.196-150600.1.2 updated - libgif7-5.2.2-150000.4.13.1 updated - libgomp1-13.2.1+git8285-150000.1.9.1 updated - libgraphite2-3-1.3.14-150600.1.4 updated - libisofs6-1.5.6-150600.1.5 updated - libitm1-13.2.1+git8285-150000.1.9.1 updated - libjpeg8-8.2.2-150600.22.4 updated - libjson-c5-0.16-150600.1.4 updated - liblcms2-2-2.15-150600.1.4 updated - liblsan0-13.2.1+git8285-150000.1.9.1 updated - libmaxminddb0-1.4.3-150000.1.8.1 updated - libnettle8-3.9.1-150600.1.41 updated - libpng16-16-1.6.40-150600.1.2 updated - libpq5-16.2-150600.14.10 updated - libprotobuf-c1-1.5.0-150600.1.3 updated - libquadmath0-13.2.1+git8285-150000.1.9.1 updated - librdkafka1-0.11.6-150600.14.2 updated - libsgutils2-1_48-2-1.48+10.1532339-150600.1.2 updated - libssh2-1-1.11.0-150600.18.1 updated - libtextstyle0-0.21.1-150600.1.6 updated - libuv1-1.44.2-150500.3.2.1 updated - linux-glibc-devel-6.4-150600.2.17 updated - lsof-4.99.0-150600.1.12 updated - openslp-2.0.0-150600.19.4 updated - openssh-common-9.6p1-150600.2.2 updated - perl-Bootloader-1.8.1-150600.1.1 updated - release-notes-susemanager-5.0.0~beta2-150600.12.2 updated - selinux-tools-3.5-150600.1.45 updated - sitemesh-2.1-0.150600.8.55 updated - skelcd-EULA-suse-manager-server-container-2023.03.06-150600.8.1 added - snmp-mibs-5.9.4-150600.22.3 updated - sudo-1.9.15p5-150600.1.1 updated - susemanager-schema-utility-5.0.6-150600.1.8 updated - system-user-prometheus-1.0.0-150000.12.1 updated - systemd-rpm-macros-15-150000.7.39.1 updated - util-linux-systemd-2.39.3-150600.1.9 updated - uyuni-config-modules-5.0.6-150600.1.1 updated - vim-data-common-9.1.0111-150500.20.9.1 updated - woodstox-4.4.2-150600.1.81 updated - xz-5.4.1-150600.1.1 updated - yast2-logs-4.6.7-150600.1.2 updated - zstd-1.5.5-150600.1.2 updated - suseconnect-ng-1.8.0-150600.1.2 updated - mtools-4.0.43-150600.1.5 updated - glibc-locale-2.38-150600.9.2 updated - libdevmapper-event1_03-2.03.22_1.02.196-150600.1.2 updated - mokutil-0.5.0-150600.8.2 updated - ipmitool-1.8.18.238.gb7adc1d-150600.8.2 updated - libapr-util1-1.6.1-150600.25.2 updated - cyrus-sasl-2.1.28-150600.5.2 updated - libfido2-1-1.13.0-150600.10.2 updated - libisoburn1-1.5.6-150600.1.5 updated - libopenssl1_1-1.1.1w-150600.2.11 updated - libcryptsetup12-2.7.0-150600.1.3 updated - libipset13-7.21-150600.1.2 updated - libhogweed6-3.9.1-150600.1.41 updated - postgresql-16-150600.15.19 updated - postgresql14-14.11-150600.14.3 updated - sg3_utils-1.48+10.1532339-150600.1.2 updated - gettext-runtime-0.21.1-150600.1.6 updated - bind-utils-9.18.24-150600.1.4 updated - glibc-devel-2.38-150600.9.2 updated - openssh-fips-9.6p1-150600.2.2 updated - susemanager-docs_en-5.0-150600.2.1 updated - policycoreutils-3.5-150600.1.42 updated - susemanager-branding-oss-5.0.4-150600.1.1 updated - spacewalk-java-lib-5.0.6-150600.1.12 updated - uyuni-reportdb-schema-5.0.4-150600.1.40 updated - uyuni-base-common-5.0.2-150600.1.15.1 updated - suse-module-tools-15.6.7-150600.1.24 updated - kmod-29-150600.11.3 updated - less-643-150600.1.33 updated - reprepro-5.4.0-150600.1.6 updated - libsuseconnect-1.8.0-150600.1.2 updated - libX11-6-1.8.7-150600.1.2 updated - device-mapper-2.03.22_1.02.196-150600.1.2 updated - yast2-core-4.6.0-150600.1.6 updated - vim-9.1.0111-150500.20.9.1 updated - perl-Term-Size-0.207-150600.1.3 updated - libsnmp40-5.9.4-150600.22.3 updated - hwdata-0.380-150000.3.68.1 updated - apache2-prefork-2.4.58-150600.3.1 updated - cyrus-sasl-digestmd5-2.1.28-150600.5.2 updated - openssh-server-9.6p1-150600.2.2 updated - openssh-clients-9.6p1-150600.2.2 updated - xorriso-1.5.6-150600.1.5 updated - libtcnative-1-0-1.2.38-150600.14.2 updated - libpython3_6m1_0-3.6.15-150300.10.60.1 updated - python3-base-3.6.15-150300.10.60.1 updated - python3-3.6.15-150300.10.60.1 updated - python3-curses-3.6.15-150300.10.60.1 updated - ipset-7.21-150600.1.2 updated - libgnutls30-3.8.3-150600.2.7 updated - wicked-0.6.74-150600.9.1 updated - wicked-service-0.6.74-150600.9.1 updated - libharfbuzz0-8.3.0-150600.1.2 updated - fontconfig-2.14.2-150600.1.2 updated - libfontconfig1-2.14.2-150600.1.2 updated - postgresql-server-16-150600.15.19 updated - postgresql14-server-14.11-150600.14.3 updated - libopenblas_pthreads0-0.3.25-150500.4.5.2 updated - gettext-tools-0.21.1-150600.1.6 updated - supportutils-3.1.30-150600.1.1 updated - postfix-3.8.4-150600.1.4 updated - libcreaterepo_c0-0.16.0-150600.12.3 updated - susemanager-docs_en-pdf-5.0-150600.2.1 updated - susemanager-schema-5.0.6-150600.1.8 updated - susemanager-sync-data-5.0.3-150600.1.1 updated - udev-254.10-150600.1.3 updated - rsync-3.2.7-150600.1.4 updated - openslp-server-2.0.0-150600.19.4 updated - suseconnect-ruby-bindings-1.8.0-150600.1.2 updated - yast2-ycp-ui-bindings-4.6.0-150600.1.5 updated - yast2-xml-4.6.0-150600.1.5 updated - yast2-pkg-bindings-4.6.5-150600.1.2 updated - perl-DBD-Pg-3.10.4-150600.12.2 updated - perl-SNMP-5.9.4-150600.22.3 updated - net-snmp-5.9.4-150600.22.3 updated - apache2-2.4.58-150600.3.1 updated - openssh-9.6p1-150600.2.2 updated - grub2-2.12-150600.6.6 updated - grub2-i386-pc-2.12-150600.6.6 updated - smdba-1.7.13-0.150600.1.1 updated - python3-rpm-4.14.3-150400.59.13.1 updated - python3-netifaces-0.10.6-150000.3.2.1 updated - python3-more-itertools-8.10.0-150400.7.1 updated - python3-M2Crypto-0.38.0-150600.17.2 updated - libvirt-libs-10.0.0-150600.6.1 updated - rsyslog-8.2306.0-150600.10.5 updated - postgresql-contrib-16-150600.15.19 updated - postgresql14-contrib-14.11-150600.14.3 updated - createrepo_c-0.16.0-150600.12.3 updated - libnm0-1.44.2-150600.1.6 updated - libstorage-ng1-4.5.201-150600.1.1 updated - yast2-perl-bindings-4.6.0-150600.1.5 updated - susemanager-build-keys-15.5.1-150600.2.1 updated - apache2-mod_xsendfile-0.12-150600.1.2 updated - grub2-x86_64-efi-2.12-150600.6.6 updated - yast2-ruby-bindings-4.6.2-150600.1.5 updated - python3-cheroot-6.5.5-150600.1.2 updated - python3-dbus-python-1.2.16-150600.3.2 updated - python3-libvirt-python-10.0.0-150600.1.2 updated - inter-server-sync-0.3.2-150600.1.8 updated - spacewalk-backend-sql-postgresql-5.0.5-150600.3.41.7 updated - typelib-1_0-NM-1_0-1.44.2-150600.1.6 updated - tomcat-servlet-4_0-api-9.0.85-150200.60.1 updated - tomcat-el-3_0-api-9.0.85-150200.60.1 updated - jctools-3.3.0-150200.3.6.1 updated - glassfish-activation-1.2.0-150200.5.3.4 added - apache-commons-io-2.15.1-150200.3.12.1 updated - libstorage-ng-ruby-4.5.201-150600.1.1 updated - spacewalk-base-minimal-5.0.6-150600.1.11 updated - susemanager-build-keys-web-15.5.1-150600.2.1 updated - spacewalk-config-5.0.2-150600.1.1 updated - yast2-transfer-4.6.0-150600.1.5 updated - yast2-hardware-detection-4.6.0-150600.1.5 updated - yast2-country-data-4.6.6-150600.1.2 updated - spacecmd-5.0.5-150600.3.115.1 updated - rpm-build-4.14.3-150400.59.13.1 updated - python3-firewall-2.0.1-150600.1.3 updated - tomcat-jsp-2_3-api-9.0.85-150200.60.1 updated - byte-buddy-dep-1.11.12-150600.1.5 updated - netty-4.1.108-150200.4.23.1 updated - apache-commons-compress-1.26.0-150200.3.16.1 updated - tomcat-taglibs-standard-1_2_5-1.2.5-150600.1.78 updated - quartz-2.3.0-150600.1.81 updated - protobuf-java-25.1-150600.14.1 updated - prometheus-client-java-0.3.0-150600.1.77 updated - mvel2-2.2.6.Final-150600.1.79 updated - lucene-2.4.1-150600.1.81 updated - kie-soup-7.17.0.Final-150600.1.72 updated - kie-api-7.17.0-150600.1.71 updated - ical4j-3.0.18-150600.1.67 updated - hibernate-commons-annotations-5.0.4-150600.1.78 updated - ehcache-2.10.1-150600.1.82 updated - drools-7.17.0-150600.1.68 updated - apache-commons-codec-1.16.1-150200.3.9.1 updated - spacewalk-base-minimal-config-5.0.6-150600.1.11 updated - yast2-4.6.7-150600.1.2 updated - firewalld-2.0.1-150600.1.3 updated - tomcat-lib-9.0.85-150200.60.1 updated - byte-buddy-1.11.12-150600.1.5 updated - pgjdbc-ng-0.8.7-150600.1.74 updated - optaplanner-7.17.0-150600.1.69 updated - yast2-slp-4.6.0-150600.1.5 updated - yast2-services-manager-4.6.1-150600.1.2 updated - yast2-proxy-4.6.0-150600.1.2 updated - yast2-pam-4.6.0-150600.1.2 updated - yast2-packager-4.6.9-150600.1.1 updated - yast2-storage-ng-4.6.17-150600.1.1 updated - python3-PyJWT-2.4.0-150200.3.8.1 updated - hibernate-types-2.16.2-150600.1.3 updated - xmlsec-2.0.7-150600.1.73 updated - statistics-1.0.2-150600.1.77 updated - spark-core-2.9.3-150600.1.105 updated - jade4j-1.2.7-150600.2.1 updated - yast2-network-4.6.9-150600.1.1 updated - yast2-country-4.6.6-150600.1.2 updated - yast2-bootloader-4.6.7-150600.1.1 updated - postgresql-jdbc-42.2.25-150400.3.12.1 updated - tomcat-9.0.85-150200.60.1 updated - spacewalk-search-5.0.2-150600.1.1 updated - subscription-matcher-0.36-150600.1.1 updated - spark-template-jade-2.7.1-150600.1.3 updated - jakarta-commons-validator-1.1.4-21.150600.19.92 updated - salt-netapi-client-0.21.0-150600.1.3 updated - yast2-ntp-client-4.6.0-150600.1.3 updated - yast2-ldap-4.6.0-150600.1.5 updated - yast2-security-4.6.0-150600.1.2 updated - spacewalk-backend-5.0.5-150600.3.41.7 updated - python3-spacewalk-client-tools-5.0.4-150600.3.88.11 updated - spacewalk-client-tools-5.0.4-150600.3.88.11 updated - spacewalk-base-5.0.6-150600.1.11 updated - spacewalk-java-postgresql-5.0.6-150600.1.12 updated - spacewalk-branding-5.0.2-150600.1.1 updated - hibernate5-core-5.3.25-150600.1.64 updated - yast2-users-4.6.4-150600.1.5 updated - fence-agents-4.13.1+git.1704296072.32469f29-150600.1.2 updated - spacewalk-backend-sql-5.0.5-150600.3.41.7 updated - spacewalk-admin-5.0.5-150600.1.1 updated - spacewalk-html-5.0.6-150600.1.11 updated - hibernate5-ehcache-5.3.25-150600.1.64 updated - hibernate5-c3p0-5.3.25-150600.1.64 updated - yast2-installation-4.6.12-150600.1.1 updated - yast2-update-4.6.3-150600.1.2 updated - autoyast2-installation-4.6.6-150600.1.2 updated - yast2-add-on-4.6.2-150600.1.2 updated - uyuni-base-server-5.0.2-150600.1.15.1 updated - cobbler-3.3.3-150600.2.1 updated - spacewalk-backend-server-5.0.5-150600.3.41.7 updated - susemanager-sls-5.0.6-150600.1.1 updated - yast2-registration-4.6.1-150600.1.1 updated - spacewalk-java-config-5.0.6-150600.1.12 updated - spacewalk-backend-xmlrpc-5.0.5-150600.3.41.7 updated - spacewalk-backend-xml-export-libs-5.0.5-150600.3.41.7 updated - spacewalk-backend-package-push-server-5.0.5-150600.3.41.7 updated - spacewalk-backend-iss-5.0.5-150600.3.41.7 updated - spacewalk-backend-config-files-common-5.0.5-150600.3.41.7 updated - spacewalk-backend-applet-5.0.5-150600.3.41.7 updated - spacewalk-backend-app-5.0.5-150600.3.41.7 updated - yast2-migration-4.6.0-150600.1.2 updated - spacewalk-taskomatic-5.0.6-150600.1.12 updated - spacewalk-java-5.0.6-150600.1.12 updated - spacewalk-backend-iss-export-5.0.5-150600.3.41.7 updated - spacewalk-backend-config-files-5.0.5-150600.3.41.7 updated - spacewalk-backend-config-files-tool-5.0.5-150600.3.41.7 updated - patterns-suma_retail-5.0-150600.4.1 updated - susemanager-tools-5.0.5-150600.1.1 updated - spacewalk-backend-tools-5.0.5-150600.3.41.7 updated - spacewalk-setup-5.0.4-150600.1.1 updated - spacewalk-utils-5.0.3-150600.1.1 updated - spacewalk-utils-extras-5.0.3-150600.1.1 updated - susemanager-5.0.5-150600.1.1 updated - patterns-suma_server-5.0-150600.4.1 updated - container:suse-manager-5.0-init-5.0.0-beta2-5.0.0-beta2-3.74 added - apache-commons-lang-2.6-12.26 removed - apache2-utils-2.4.51-150600.12.2 removed - container:suse-manager-5.0-init-latest-5.0.0-beta1-2.177 removed - libabsl2308_0_0-20230802.1-150400.10.4.1 removed - python3-blinker-1.4-3.4.1 removed - python3-cachetools-4.1.0-150200.3.4.1 removed - python3-google-auth-1.21.2-150300.3.6.1 removed - python3-kubernetes-26.1.0-150400.16.2 removed - python3-oauthlib-2.0.6-3.4.1 removed - python3-requests-oauthlib-0.8.0-3.4.1 removed - python3-rsa-3.4.2-150000.3.7.1 removed - python3-websocket-client-1.3.2-150100.6.10.5 removed - virtual-host-gatherer-Kubernetes-1.0.26-150600.7.6.1 removed