SUSE Container Update Advisory: suse/manager/5.0/x86_64/server ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2024:3211-1 Container Tags : suse/manager/5.0/x86_64/server:5.0.0 , suse/manager/5.0/x86_64/server:5.0.0.5.44 , suse/manager/5.0/x86_64/server:latest Container Release : 5.44 Severity : critical Type : security References : 1187446 1188441 1192014 1195709 1197484 1204562 1205604 1208283 1209627 1211246 1216594 1216598 1216717 1217979 1218215 1218609 1218668 1218722 1218926 1219108 1219547 1220117 1221101 1221361 1221401 1221482 1221634 1221831 1222086 1222104 1222330 1222332 1222584 1222849 1223050 1223100 1223264 1223278 1223301 1223428 1223430 1223596 1223605 1223766 1223849 1223979 1223980 1224038 1224044 1224051 1224100 1224207 1224242 1224282 1224320 1224388 1224392 1224400 1224410 1224788 1224877 1225291 1225551 1225551 1225598 1225904 1225912 1225971 1225972 1226008 1226217 1226407 1226415 1226492 1226586 1226642 1227186 1227187 1227318 1227333 1227350 CVE-2021-33813 CVE-2023-25577 CVE-2023-30861 CVE-2023-3758 CVE-2023-38469 CVE-2023-38471 CVE-2023-38709 CVE-2023-51385 CVE-2024-20696 CVE-2024-20697 CVE-2024-22195 CVE-2024-24795 CVE-2024-27316 CVE-2024-28085 CVE-2024-32487 CVE-2024-34064 CVE-2024-34069 CVE-2024-34397 CVE-2024-34459 CVE-2024-35195 CVE-2024-37370 CVE-2024-37371 CVE-2024-39894 CVE-2024-4317 CVE-2024-4418 CVE-2024-4603 CVE-2024-4741 CVE-2024-4741 CVE-2024-6387 ----------------------------------------------------------------- The container suse/manager/5.0/x86_64/server was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:1693-1 Released: Thu Mar 30 10:16:39 2023 Summary: Security update for python-Werkzeug Type: security Severity: important References: 1208283,CVE-2023-25577 This update for python-Werkzeug fixes the following issues: - CVE-2023-25577: Fixed high resource usage when parsing multipart form data with many fields (bsc#1208283). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:2263-1 Released: Mon May 22 12:16:13 2023 Summary: Security update for python-Flask Type: security Severity: important References: 1211246,CVE-2023-30861 This update for python-Flask fixes the following issues: - CVE-2023-30861: Fixed a potential cookie confusion due to incorrect caching (bsc#1211246). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:1624-1 Released: Mon May 13 16:26:07 2024 Summary: Security update for python-Werkzeug Type: security Severity: important References: 1223979,CVE-2024-34069 This update for python-Werkzeug fixes the following issues: - CVE-2024-34069: Fixed a remote code execution through debugger when interacting with attacker controlled domain (bsc#1223979). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:1764-1 Released: Thu May 23 04:56:40 2024 Summary: Recommended update for jackson Type: recommended Severity: moderate References: This update for jackson fixes the following issues: jackson-annotations was upgraded to version 2.16.1: - Added new OptBoolean valued property in @JsonTypeInfo to allow per-type configuration of strict type id handling - Allow per-type configuration of strict type id handling - Added JsonTypeInfo.Value object (backport from 3.0) - Added new JsonTypeInfo.Id.SIMPLE_NAME jackson-bom was upgraded to version 2.16.1: - Added dependency for jackson-module-android-record. This new module offers support for Record type on Android platform, where Java records are supported through 'de-sugaring' jackson-core was upgraded to version 2.16.1: - NPE in Version.equals() if snapshot-info null - NPE in 'FastDoubleParser', method 'JavaBigDecimalParser.parseBigDecimal()' - JsonPointer.append(JsonPointer.tail()) includes the original pointer - Change StreamReadFeature.INCLUDE_SOURCE_IN_LOCATION default to false in Jackson 2.16 - Improve error message for StreamReadConstraints violations - JsonFactory implementations should respect CANONICALIZE_FIELD_NAMES - Root cause for failing test for testMangledIntsBytes() in ParserErrorHandlingTest - Allow all array elements in JsonPointerBasedFilter - Indicate explicitly blocked sources as 'REDACTED' instead of 'UNKNOWN' in JsonLocation - Start using AssertJ in unit tests - Allow configuring spaces before and/or after the colon in DefaultPrettyPrinter (for Canonical JSON) - Add configurable limit for the maximum number of bytes/chars of content to parse before failing - Add configurable limit for the maximum length of Object property names to parse before failing - Add configurable processing limits for JSON generator (StreamWriteConstraints) - Compare _snapshotInfo in Version - Add JsonGeneratorDecorator to allow decorating JsonGenerators - Add full set of BufferRecyclerPool implementations - Add configurable error report behavior via ErrorReportConfiguration - Make ByteSourceJsonBootstrapper use StringReader for < 8KiB byte[] inputs - Allow pluggable buffer recycling via new RecyclerPool extension point - Change parsing error message to mention -INF jackson-databind was upgraded to version 2.16.1: - JsonSetter(contentNulls = FAIL) is ignored in delegating @JsonCreator argument - Primitive array deserializer not being captured by DeserializerModifier - JsonNode.findValues() and findParents() missing expected values in 2.16.0 - Incorrect deserialization for BigDecimal numbers - Add a way to configure caches Jackson uses - Mix-ins do not work for Enums - Map deserialization results in different numeric classes based on json ordering (BigDecimal / Double) when used in combination with @JsonSubTypes - Generic class with generic field of runtime type Double is deserialized as BigDecimal when used with @JsonTypeInfo and JsonTypeInfo.As.EXISTING_PROPERTY - Combination of @JsonUnwrapped and @JsonAnySetter results in BigDecimal instead of Double - @JsonIgnoreProperties not working with @JsonValue - Deprecated JsonNode.with(String) suggests using JsonNode.withObject(String) but it is not the same thing - Difference in the handling of ObjectId-property inJsonIdentityInfo depending on the deserialization route - Add new OptBoolean valued property in @JsonTypeInfo, handling, to allow per-polymorphic type loose Type Id handling - Fixed regression in 2.15.0 that reaks deserialization for records when mapper.setVisibility(PropertyAccessor.ALL, Visibility.NONE) - Incorrect target type when disabling coercion, trying to deserialize String from Array/Object - @JsonProperty on constructor parameter changes default field serialization order - Create new JavaType subtype IterationType (extending SimpleType) - Use JsonTypeInfo.Value for annotation handling - Add JsonNodeFeature.WRITE_PROPERTIES_SORTED for sorting ObjectNode properties on serialization (for Canonical JSON) - Optimize ObjectNode findValue(s) and findParent(s) fast paths - Locale '' is deserialised as null if ACCEPT_EMPTY_STRING_AS_NULL_OBJECT is enabled - Add guardrail setting for TypeParser handling of type parameters - Use @JsonProperty for Enum values also when READ_ENUMS USING_TO_STRING enabled - Fix Enum deserialization to use @JsonProperty, @JsonAlias even if EnumNamingStrategy used - Use @JsonProperty and lowercase feature when serializing Enums despite using toString() - Use @JsonProperty over EnumNamingStrategy for Enum serialization - Actually cache EnumValues#internalMap - ObjectMapper.valueToTree() will ignore the configuration SerializationFeature.WRAP_ROOT_VALUE - Provide the 'ObjectMapper.treeToValue(TreeNode, TypeReference)' method - Expose NativeImageUtil.isRunningInNativeImage() method - Add JsonTypeInfo.Id.SIMPLE_NAME which defaults type id to Class.getSimpleName() - Impossible to deserialize custom Throwable sub-classes that do not have single-String constructors - java.desktop module is no longer optional - ClassUtil fails with java.lang.reflect.InaccessibleObjectException trying to setAccessible on OptionalInt with JDK 17+ - Support sequenced collections (JDK 21) - Add withObjectProperty(String), withArrayProperty(String) in JsonNode - Change JsonNode.withObject(String) to work similar to withArray() wrt argument - Log WARN if deprecated subclasses of PropertyNamingStrategy is used - NPE when transforming a tree to a model class object, at ArrayNode.elements() - Deprecated ObjectReader.withType(Type) has no direct replacement; need forType(Type) - Add new DefaultTyping.NON_FINAL_AND_ENUMS to allow Default Typing for Enums - Do not rewind position when serializing direct ByteBuffer - Exception when deserialization of private record with default constructor - BeanDeserializer updates currentValue incorrectly when deserialising empty Object jackson-dataformats-binary was upgraded to version 2.16.1: - (ion) NullPointerException in IonParser.nextToken() - (smile) Remove Smile-specific buffer-recycling jackson-modules-base was upgraded to version 2.16.1: - (afterburner) Disable when running in native-image - (afterburner) IncompatibleClassChangeError when deserializing a class implementing an interface with default get/set implementations - (blackbird) BlackBird proxy object error in Java 17 - (blackbird) Disable when running in native-image - (guice) Add guice7 (jakarta.inject) module jackson-parent was upgraded to version 2.16: - Upgrade to oss-parent 56 (tons of plugin updates to resolve Maven warnings, new Moditect plugin) jackson-parent, fasterxml-oss-parent: - Added to SUSE Manager 4.3 as it is needed by `jackson-modules-base` ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:1850-1 Released: Thu May 30 13:46:58 2024 Summary: Recommended update for sg3_utils Type: recommended Severity: moderate References: 1219547 This update for sg3_utils fixes the following issue: - sg_inq: re-add Unit serial number field (bsc#1219547) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:1851-1 Released: Thu May 30 13:53:44 2024 Summary: Recommended update for dwz Type: recommended Severity: low References: 1221634 This update for dwz fixes the following issues: - Clean up leftover temporary file (bsc#1221634) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:1852-1 Released: Thu May 30 14:02:02 2024 Summary: Recommended update for wicked Type: recommended Severity: moderate References: 1205604,1218926,1219108,1224100 This update for wicked fixes the following issues: - client: fix ifreload to pull UP ports/links again when the config of their master/lower changed (bsc#1224100, gh#openSUSE/wicked#1014) - cleanup: fix ni_fsm_state_t enum-int-mismatch warnings - cleanup: fix overflow warnings in a socket testcase on i586 - ifcheck: report new and deleted configs as changed (bsc#1218926) - man: improve ARP configuration options in the wicked-config.5 - bond: add ports when master is UP to avoid port MTU revert (bsc#1219108) - cleanup: fix interface dependencies and shutdown order (bsc#1205604) - removed patches included in the source archive ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:1863-1 Released: Thu May 30 14:18:27 2024 Summary: Security update for python-Jinja2 Type: security Severity: moderate References: 1218722,1223980,CVE-2024-22195,CVE-2024-34064 This update for python-Jinja2 fixes the following issues: - Fixed HTML attribute injection when passing user input as keys to xmlattr filter (CVE-2024-34064, bsc#1223980, CVE-2024-22195, bsc#1218722) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:1874-1 Released: Fri May 31 05:05:25 2024 Summary: Security update for Java Type: security Severity: important References: 1187446,1224410,CVE-2021-33813 This update for Java fixes thefollowing issues: apiguardian was updated to vesion 1.1.2: - Added LICENSE/NOTICE to the generated jar - Allow @API to be declared at the package level - Explain usage of Status.DEPRECATED - Include OSGi metadata in manifest assertj-core was implemented at version 3.25.3: - New package implementation needed by Junit5 byte-buddy was updated to version v1.14.16: - `byte-buddy` is required by `assertj-core` - Changes in version v1.14.16: * Update ASM and introduce support for Java 23. - Changes in version v1.14.15: * Allow attaching from root on J9. - Changes of v1.14.14: * Adjust type validation to accept additional names that are legal in the class file format. * Fix dynamic attach on Windows when a service user is active. * Avoid failure when using Android's strict mode. dom4j was updated to version 2.1.4: - Improvements and potentially breaking changes: * Added new factory method org.dom4j.io.SAXReader.createDefault(). It has more secure defaults than new SAXReader(), which uses system XMLReaderFactory.createXMLReader() or SAXParserFactory.newInstance().newSAXParser(). * If you use some optional dependency of dom4j (for example Jaxen, xsdlib etc.), you need to specify an explicit dependency on it in your project. They are no longer marked as a mandatory transitive dependency by dom4j. * Following SAX parser features are disabled by default in DocumentHelper.parse() for security reasons (they were enabled in previous versions): + http://xml.org/sax/properties/external-general-entities + http://xml.org/sax/properties/external-parameter-entities - Other changes: * Do not depend on jtidy, since it is not used during build * Fixed license to Plexus * JPMS: Add the Automatic-Module-Name attribute to the manifest. * Make a separate flavour for a minimal `dom4j-bootstrap` package used to build `jaxen` and full `dom4j` * Updated pull-parser version * Reuse the writeAttribute method in writeAttributes * Support build on OS with non-UTF8 as default charset * Gradle: add an automatic module name * Use Correct License Name 'Plexus' * Possible vulnerability of DocumentHelper.parseText() to XML injection * CVS directories left in the source tree * XMLWriter does not escape supplementary unicode characters correctly * writer.writeOpen(x) doesn't write namespaces * Fixed concurrency problem with QNameCache * All dependencies are optional * SAXReader: hardcoded namespace features * Validate QNames * StringIndexOutOfBoundsException in XMLWriter.writeElementContent() * TreeNode has grown some generics * QName serialization fix * DocumentException initialize with nested exception * Accidentally occurring error in a multi-threaded test * Added compatibility with W3C DOM Level 3 * Use Java generics hamcrest: - `hamcrest-core` has been replaced by `hamcrest` (no source changes) junit had the following change: - Require hamcrest >= 2.2 junit5 was updated to version 5.10.2: - Conditional execution based on OS architectures - Configurable cleanup mode for @TempDir - Configurable thread mode for @Timeout - Custom class loader support for class/method selectors, @MethodSource, @EnabledIf, and @DisabledIf - Dry-run mode for test execution - Failure threshold for @RepeatedTest - Fixed build with the latest open-test-reporting milestone - Fixed dependencies in module-info.java files - Fixed unreported exception error that is fatal with JDK 21 - Improved configurability of parallel execution - New @SelectMethod support in test @Suite classes. - New ConsoleLauncher subcommand for test discovery without execution - New convenience base classes for implementing ArgumentsProvider and ArgumentConverter - New IterationSelector - New LauncherInterceptor SPI - New NamespacedHierarchicalStore for use in third-party test engines - New TempDirFactory SPI for customizing how temporary directories are created - New testfeed details mode for ConsoleLauncher - New TestInstancePreConstructCallback extension API - Numerous bug fixes and minor improvements - Parameter injection for @MethodSource methods - Promotion of various experimental APIs to stable - Reusable parameter resolution for custom extension methods via ExecutableInvoker - Stacktrace pruning to hide internal JUnit calls - The binaries are compatible with java 1.8 - Various improvements to ConsoleLauncher - XML reports in new Open Test Reporting format jdom: - Security issues fixed: * CVE-2021-33813: Fixed an XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request (bsc#1187446) - Other changes and bugs fixed: * Fixed wrong entries in changelog (bsc#1224410) * The packages `jaxen`, `saxpath` and `xom` are now separate standalone packages instead of being part of `jdom` jaxen was implemented at version 2.0.0: - New standalone RPM package implementation, originally part of `jdom` source package - Classpaths are much smaller and less complex, and will suppress a lot of noise from static analysis tools. - The Jaxen core code is also a little smaller and has fixed a few minor bugs in XPath evaluation - Despite the major version bump, this should be a drop in replacement for almost every project. The two major possible incompatibilities are: * The minimum supported Java version is now 1.5, up from 1.4 in 1.2.0 and 1.3 in 1.1.6. * dom4j, XOM, and JDOM are now optional dependencies so if a project was depending on them to be loaded transitively it will need to add explicit dependencies to build. jopt-simple: - Included jopt-simple to Package Hub 15 SP5 (no source changes) objectweb-asm was updated to version 9.7: - New Opcodes.V23 constant for Java 23 - Bugs fixed * Fixed unit test regression in dex2jar. * Fixed 'ClassNode#outerClass' with incorrect JavaDocs. * asm-bom packaging should be 'pom'. * The Textifier prints a supplementary space at the end of each method that throws at least one exception. open-test-reporting: - Included `open-test-reporting-events` and `open-test-reporting-schema` to the channels as they are runtime dependencies of Junit5 (no source changes) saxpath was implemented at version 1.0 FCS: - New standalone RPM package implementation, originally part of `jdom` source package (openSUSE Leap 15.5 package only) xom was implemented at version 1.3.9: - New standalone RPM package implementation, originally part of `jdom` source package - The Nodes and Elements classes are iterable so you can use the enhanced for loop syntax on instances of these classes. - The copy() method is now covariant. - Adds Automatic-Moduole-Name to jar - Remove direct dependency on xml-apis:xml-apis artifact since these classes are now available in the core runtime. - Eliminate usage of com.sun classes to make XOM compatible with JDK 16. - Replace remaining usages of StringBuffer with StringBuilder to slightly improve performance. ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:1876-1 Released: Fri May 31 06:47:32 2024 Summary: Recommended update for aaa_base Type: recommended Severity: moderate References: 1221361 This update for aaa_base fixes the following issues: - Fix the typo to set JAVA_BINDIR in the csh variant of the alljava profile script (bsc#1221361) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:1877-1 Released: Fri May 31 06:48:40 2024 Summary: Recommended update for fdupes Type: recommended Severity: moderate References: 1195709,1197484 This update for fdupes fixes the following issues: - Do not use sqlite, as this pulls sqlite into Ring0 at no real benefit performance wise - Update to 2.3.0: * Add --cache option to speed up file comparisons * Use nanosecond precision for file times, if available * Fix compilation issue on OpenBSD * Other changes like fixing typos, wording, etc. - update to 2.2.1: * Fix bug in code meant to skip over the current log file when --log option is given * Updates to copyright notices in source code * Add --deferconfirmation option * Check that files marked as duplicates haven't changed during program execution before deleting them * Update documentation to indicate units for SIZE in command-line options * Move some configuration settings to configure.ac file - Fixes for the new wrapper: * Order duplicates by name, to get a reproducible file set (bsc#1197484) * Remove redundant order parameter from fdupes invocation * Modernize code, significantly reduce allocations * Exit immediately when mandatory parameters are missing * Remove obsolete buildroot parameter * Add some tests for the wrapper - Do not link the files as given by fdupes, but turn them into relative links - Support multiple directories given (as glob to the macro) - Handle symlinks (-s argument) correctly - Simplify macros.fdupes to speed up the process (bsc#1195709) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:1880-1 Released: Fri May 31 08:45:12 2024 Summary: Security update for python-requests Type: security Severity: moderate References: 1224788,CVE-2024-35195 This update for python-requests fixes the following issues: - CVE-2024-35195: Fixed cert verification regardless of changes to the value of `verify` (bsc#1224788). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:1883-1 Released: Fri May 31 09:31:11 2024 Summary: Recommended update for iputils Type: recommended Severity: moderate References: 1224877 This update for iputils fixes the following issue: - 'arping: Fix 1s delay on exit for unsolicited arpings', backport upstream fix (bsc#1224877) - Backport proposed fix for regression in upstream commit 4db1de6 (bsc#1224877) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:1887-1 Released: Fri May 31 19:08:38 2024 Summary: Recommended update for suse-module-tools Type: recommended Severity: moderate References: 1192014,1216717,1217979,1223278,1224320 This update for suse-module-tools fixes the following issues: - Include unblacklist in initramfs (bsc#1224320) - regenerate-initrd-posttrans: run update-bootloader --refresh for XEN (bsc#1223278) - 60-io-scheduler.rules: test for 'scheduler' sysfs attribute (bsc#1216717) - README: Update blacklist description (gh#openSUSE/suse-module-tools#71) - macros.initrd: %regenerate_initrd_post: don't fail if mkdir is unavailable (bsc#1217979) - Don't rebuild existing initramfs images if the environment variable SKIP_REGENERATE_ALL=1 is set (bsc#1192014) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:1897-1 Released: Mon Jun 3 10:45:08 2024 Summary: Recommended update for postfix Type: recommended Severity: moderate References: 1223264,1224207 This update for postfix fixes the following issues: - config.postfix needs updating (bsc#1224207) * chkconfig to systemctl * Link Cyrus lmtp only if this exsists * /usr/lib64/sasl2 does not need to exist * Fetch timezone via readlink from /etc/localtime - Set inet_interfaces to loopback-only instead of localhost as proposed in man 5 postconf (bsc#1223264) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:1941-1 Released: Fri Jun 7 16:33:38 2024 Summary: Security update for sssd Type: security Severity: important References: 1223050,1223100,CVE-2023-3758 This update for sssd fixes the following issues: - CVE-2023-3758: Fixed race condition during authorization leads to GPO policies functioning inconsistently (bsc#1223100). The following non-security bugs were fixed: - Use the name from the cached entries when updating them to avoid capitalization problems (bsc#1223050). - Extend sssctl command line tool to manage the cached GPOs; (jsc#PED-7677). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:1943-1 Released: Fri Jun 7 17:04:06 2024 Summary: Security update for util-linux Type: security Severity: important References: 1218609,1220117,1221831,1223605,CVE-2024-28085 This update for util-linux fixes the following issues: - CVE-2024-28085: Properly neutralize escape sequences in wall to avoid potential account takeover. (bsc#1221831) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:1950-1 Released: Fri Jun 7 17:20:14 2024 Summary: Security update for glib2 Type: security Severity: moderate References: 1224044,CVE-2024-34397 This update for glib2 fixes the following issues: Update to version 2.78.6: + Fix a regression with IBus caused by the fix for CVE-2024-34397 Changes in version 2.78.5: + Fix CVE-2024-34397: GDBus signal subscriptions for well-known names are vulnerable to unicast spoofing. (bsc#1224044) + Bugs fixed: - gvfs-udisks2-volume-monitor SIGSEGV in g_content_type_guess_for_tree() due to filename with bad encoding - gcontenttype: Make filename valid utf-8 string before processing. - gdbusconnection: Don't deliver signals if the sender doesn't match. Changes in version 2.78.4: + Bugs fixed: - Fix generated RST anchors for methods, signals and properties. - docs/reference: depend on a native gtk-doc. - gobject_gdb.py: Do not break bt on optimized build. - gregex: clean up usage of _GRegex.jit_status. ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:1951-1 Released: Fri Jun 7 17:27:16 2024 Summary: Recommended update for libbpf Type: recommended Severity: moderate References: 1221101 This update for libbpf fixes the following issues: - Fixed potential null pointer dereference in bpf_object__collect_prog_relos() (bsc#1221101) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:1954-1 Released: Fri Jun 7 18:01:06 2024 Summary: Recommended update for glibc Type: recommended Severity: moderate References: 1221482 This update for glibc fixes the following issues: - Also include stat64 in the 32-bit libc_nonshared.a workaround (bsc#1221482) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:1956-1 Released: Mon Jun 10 04:50:39 2024 Summary: Recommended update for google-errorprone, guava Type: recommended Severity: moderate References: This update for google-errorprone, guava fixes the following issues: guava: - guava was updated to version 33.1.0: * Changes of version 33.1.0: + Updated our Error Prone dependency to 2.26.1, which includes a JPMS-ready jar of annotations. If you use the Error Prone annotations in a modular build of your own code, you may need to add a requires line for them. + base: Added a Duration overload for Suppliers.memoizeWithExpiration. + base: Deprecated the remaining two overloads of Throwables.propagateIfPossible. They won't be deleted, but we recommend migrating off them. + cache: Fixed a bug that could cause false 'recursive load' reports during refresh. + graph: Changed the return types of transitiveClosure() and reachableNodes() to Immutable* types. reachableNodes() already returned an immutable object (even though that was not reflected in the declared return type); transitiveClosure() used to return a mutable object. The old signatures remain available, so this change does not break binary compatibility. + graph: Changed the behavior of views returned by graph accessor methods that take a graph element as input: They now throw IllegalStateException when that element is removed from the graph. + hash: Optimized Checksum-based hash functions for Java 9+. + testing: Exposed FakeTicker Duration methods to Android users. + util.concurrent: Deprecated the constructors of UncheckedExecutionException and ExecutionError that don't accept a cause. We won't remove these constructors, but we recommend migrating off them, as users of those classes often assume that instances will contain a cause. + util.concurrent: Improved the correctness of racy accesses for J2ObjC users. * Changes of version 33.0.0: + This version of guava-android contains some package-private methods whose signature includes the Java 8 Collector API. This is a test to identify any problems before we expose those methods publicly to users. Please report any problems that you encounter. + Changed various classes to catch Exception instead of RuntimeException even when only RuntimeException is theoretically possible. This can help code that throws undeclared exceptions, as some bytecode rewriters (e.g., Robolectric) and languages (e.g., Kotlin) do. + Added an Automatic-Module-Name to failureaccess, Guava's one strong runtime dependency. + reflect: In guava-android only, removed Invokable.getAnnotatedReturnType() and Parameter.getAnnotatedType(). These methods never worked in an Android VM, and to reflect that, they were born @Deprecated, @Beta, and @DoNotCall. They're now preventing us from rolling out some new Android compatibility testing. This is the only binary-incompatible change in this release, and it should have no effect in practice. Still, we bump the major version number to follow Semantic Versioning. + util.concurrent: Changed our implementations to avoid eagerly initializing loggers during class loading. This can help performance, especially under Android. * Changes of version 32.1.3: + Changed Gradle Metadata to include dependency versions directly. This may address 'Could not find some-dependency' errors that some users have reported (which might be a result of users' excluding guava-parent). + collect: Changed Multisets.unmodifiableMultiset(set) .removeIf(predicate) to throw an exception always, even if nothing matches predicate. + graph: Fixed the behavior of Graph/ValueGraph views for a node when that node is removed from the graph. + io: Fixed Files.createTempDir and FileBackedOutputStream under Windows services, a rare use case. (The fix actually covers only Java 9+ because Java 8 would require an additional approach. Let us know if you need support under Java 8.) + net: Made MediaType.parse allow and skip over whitespace around the / and = separator tokens in addition to the ; separator, for which it was already being allowed. + util.concurrent: Tweaked Futures.getChecked constructor-selection behavior: The method continues to prefer to call constructors with a String parameter, but now it breaks ties based on whether the constructor has a Throwable parameter. Beyond that, the choice of constructor remains undefined. (For this and other reasons, we discourage the use of getChecked.) * Changes of version 32.1.2: + Removed the section of our Gradle metadata that caused Gradle to report conflicts with listenablefuture. + Changed our Maven project to avoid affecting which version of Mockito our Gradle users see. + collect: Under J2CL, exposed ImmutableList and ImmutableSet methods copyOf and of for JavaScript usage. + net: Optimized InternetDomainName construction. * Changes of version 32.1.1: + Fixed our broken Gradle metadata from 32.1.0. Sorry again for the trouble. If you use Gradle, please still read the release notes from that version: You may still see errors from the new checking that the metadata enables, and the release notes discuss how to fix those errors. * Changes of version 32.1.0: + collect: Tweaked more nullness annotations. + hash: Enhanced crc32c() to use Java's hardware-accelerated implementation where available. + util.concurrent: Added Duration-based default methods to ListeningExecutorService. + Began updating Javadoc to focus less on APIs that have been superseded by additions to the JDK. We're also looking to add more documentation that directs users to JDK equivalents for our APIs. Further PRs welcome! + Fixed some problems with using Guava from a Java Agent. (But we don't test that configuration, and we don't know how well we'll be able to keep it working.) + Fixed BootstrapMethodError when using CacheBuilder from a custom system class loader. (As with the previous item, we're not sure how well we'll be able to keep this use case working.) + Suppressed a harmless unusable-by-js warning seen by users of guava-gwt. - Fix version mismatch in the ant build files. - The binaries are compatible with java 1.8 google-errorprone, google-errorprone-annotations: - google-errorprone and google-errorprone-annotations were updated to version 2.26.1: * Changes of version 2.26.1: + Fixes the module name: from 'com.google.errorprone.annotation' to 'com.google.errorprone.annotations'. Amends the OSGi build not to include 'Automatic-Module-Name' in the MANIFEST.MF for the 'annotations' project. * Changes of version 2.26.0: + The 'annotations' artifact now includes a module-info.java for Java Platform Module System support. + Disabled checks passed to -XepPatchChecks are now ignored, instead of causing a crash. + New checks: - SystemConsoleNull: Null-checking System.console() is not a reliable way to detect if the console is connected to a terminal. - EnumOrdinal: Discourage uses of Enum.ordinal() + Closed issues: - Add module-info.java - 2.19.x: Exception thrown when a disabled check is passed to -XepPatchChecks - Ignore disabled checks passed to -XepPatchChecks - feat: add jpms definition for annotations - Add the 'compile' goal for 'compile-java9' * Changes of version 2.25.0: + New checks: - JUnitIncompatibleType: Detects incompatible types passed to an assertion, similar to TruthIncompatibleType - RedundantSetterCall: Detects fields set twice in the same chained expression. Generalization of previous ProtoRedundantSet check to also handle AutoValue. + Closed issues: - Crash in UnnecessaryStringBuilder - Fix typos - Add support for specifying badEnclosingTypes for BadImport via flags - Some BugPattern docs are missing code examples - Remove incorrect statement from BugPattern index doc - Do not report NonFinalStaticField findings for fields modified in @BeforeAll methods * Changes of version 2.24.1: + Add an assertion to try to help debug * Changes of version 2.24.0: + New checks: - MultipleNullnessAnnotations: Discourage multiple nullness annotations - NullableTypeParameter: Discourage nullness annotations on type parameters - NullableWildcard: Discourage nullness annotations on wildcards - SuperCallToObjectMethod: Generalization of SuperEqualsIsObjectEquals, now covers hashCode * Changes of version 2.23.0: + New checks: DuplicateDateFormatField, NonFinalStaticField, StringCharset, StringFormatWithLiteral, SuperEqualsIsObjectEquals + Bug fixes and improvements * Changes of version 2.22.0: + New checks: - ClosingStandardOutputStreams: Prevents accidentally closing System.{out,err} with try-with-resources - TruthContainsExactlyElementsInUsage: containsExactly is preferred over containsExactlyElementsIn when creating new iterables - UnnecessaryAsync: detects unnecessary use of async primitives in local (and hence single-threaded) scopes - ReturnAtTheEndOfVoidFunction: detects unnecessary return statements at the end of void functions - MultimapKeys: Suggests using keySet() instead of iterating over Multimap.keys(), which does not collapse duplicates + Bug fixes and improvements: - Don't complain about literal IP addresses in AddressSelection - Prevent SuggestedFixes#renameMethod from modifying return type declaration - Fix UnusedVariable false positives for private record parameters - When running in conservative mode, no longer assume that implementations of Map.get, etc. return null - CanIgnoreReturnValueSuggester: Support additional exempting method annotations - UnusedVariable: exclude junit5's @RegisterExtension - Support running all available patch checks - Upgrade java-diff-utils 4.0 -> 4.12 - Flag unused Refaster template parameters - Support @SuppressWarnings('all') - Prevent Refaster UMemberSelect from matching method parameters - MissingDefault : Don't require // fall out comments on expression switches - Skip UnnecessaryLambda findings for usages in enhanced for loops - Fix bug where nested MissingBraces violations' suggested fixes result in broken code - Add support for specifying exemptPrefixes/exemptNames for UnusedVariable via flags - UnusedMethod: Added exempting variable annotations * Changes of version 2.21.1: + Handle overlapping ranges in suppressedRegions + Add AddressSelection to discourage APIs that convert a hostname to a single address * Changes of version 2.21.0: + New Checkers: - AttemptedNegativeZero: Prevents accidental use of -0, which is the same as 0. The floating-point negative zero is -0.0. - ICCProfileGetInstance: Warns on uses of ICC_Profile.getInstance(String), due to JDK-8191622. - MutableGuiceModule: Fields in Guice modules should be final. - NullableOptional: Discourages @Nullable-annotated Optionals. - OverridingMethodInconsistentArgumentNamesChecker: Arguments of overriding method are inconsistent with overridden method. + Fixed issues: - Avoid MemberName IOOBE on lambda parameters inside overriding methods - Improve LockOnNonEnclosingClassLiteral documentation - Security scan reported high CVE for com.google.guava:guava:31.1-jre - Upgrade guava to 32.0.1 - Proposal: checker to prevent other checkers from calling javac methods that changed across JDKs - Add support in ASTHelpersSuggestions for getEnclosedElements * Changes of version 2.20.0: + This release is compatible with early-access builds of JDK 21. + New Checkers: InlineTrivialConstant, UnnecessaryStringBuilder, BanClassLoader, DereferenceWithNullBranch, DoNotUseRuleChain, LockOnNonEnclosingClassLiteral, MissingRefasterAnnotation, NamedLikeContextualKeyword, NonApiType + Fixes issues: - Introduce MissingRefasterAnnotation checker - Fix minor typo in URepeated - Drop unused constant Template#AUTOBOXING_DEFAULT - Introduce command-line flag -XepAllSuggestionsAsWarnings - JDK21 compatibility - Add OSGi runtime metadata to error-prone's MANIFEST.MF files - Use EISOP Checker Framework version 3.34.0-eisop1 - NotJavadoc pattern does not allow Javadoc on module declarations - ErrorProneInjector incorrectly picks up the no-args constructor - Several high CVEs related to dependency com.google.protobuf:protobuf-java:3.19.2 - Upgrade protobuf-java to 3.19.6 * Changes of version 2.19.1: + This release fixes a binary compatibility issue when running on JDK 11 * Changes of version 2.19.0: + New Checkers: NotJavadoc, StringCaseLocaleUsage, UnnecessaryTestMethodPrefix + Fixes issues: - Exclude inner classes annotated with @Nested from ClassCanBeStatic rule - Optimize VisitorState#getSymbolFromName - ClassCanBeStatic: Exclude JUnit @Nested classes - BadImport: flag static import of newInstance methods - Support given for enforcing DirectInvocationOnMock: issue 3396 - Handle yield statement case in ASTHelpers#targetType - Should ASTHelpers.getSymbol(Tree) be annotated with @Nullable? - Fix '@' character in javadoc code snippets - Replace guava cache with caffeine - Discourage APIs locale-dependent APIs like String.to{Lower,Upper}Case - Introduce StringCaseLocaleUsage check * Changes of version 2.18.0: + New Checkers: InjectOnBugCheckers, LabelledBreakTarget, UnusedLabel, YodaCondition + Fixes issues: - @SuppressWarnings('InlineFormatString') doesn't work - Refaster: support method invocation type argument inlining - java.lang.IllegalArgumentException: Cannot edit synthetic AST nodes with specific record constructor - Rename class to match filename - Optimize VisitorState#getSymbolFromName - refactor: refactor bad smell UnusedLabel - LambdaFunctionalInterface crash with IllegalArgumentException when processing an enum constructor taking a lambda - Fix JDK 20-ea build compatibility - UngroupedOverloads: ignore generated constructors - [errorprone 2.17.0] NPE in StatementSwitchToExpressionSwitch.analyzeSwitchTree - StatementSwitchToExpressionSwitch: handle empty statement blocks - StatementSwitchToExpressionSwitch: only trigger on compatible target versions - Fix Finalize bugpattern to match protected finalize() - Make MemoizeConstantVisitorStateLookups check suppressible * Changes of version 2.17.0: + New Checkers: AvoidObjectArrays, Finalize, IgnoredPureGetter, ImpossibleNullComparison, MathAbsoluteNegative, NewFileSystem, StatementSwitchToExpressionSwitch, UnqualifiedYield + Fixed issues: - InvalidParam warning on Javadoc for Java record components - UnusedMethod flags @JsonValue methods as unused - UnusedMethod: Add more JPA lifecycle annotations or make annotations configurable - UnusedMethod: Support additional exempting method annotations - Have InvalidParam support records - Fix -XepDisableAllWarnings flag when passed on its own - ASTHelpersSuggestions does not flag call to packge() on com.sun.tools.javac.code.Symbol.ClassSymbol - @SupressWarnings on record compact constructor causes crash * Changes of version 2.16.0: + New Checkers: ASTHelpersSuggestions, CanIgnoreReturnValueSuggester, LenientFormatStringValidation, UnnecessarilyUsedValue + Fixed issues: - Avoid using non-ASCII Unicode characters outside of comments and literals - NullPointerException thrown during analysis - NPE analysing new style switch statement (2.14.0) - ImmutableChecker handles null types - Drop pre-JDK 11 logic from Refaster's Inliner class * Changes of version 2.15.0: + New Checkers: BuilderReturnThis, CanIgnoreReturnValueSuggester, CannotMockFinalClass, CannotMockFinalMethod, DirectInvocationOnMock, ExtendsObject, MockNotUsedInProduction, NoCanIgnoreReturnValueOnClasses, NullArgumentForNonNullParameter, SelfAlwaysReturnsThis, UnsafeWildcard, UnusedTypeParameter * Changes of version 2.14.0: + New checkers: BanJNDI, EmptyTopLevelDeclaration, ErroneousBitwiseExpression, FuzzyEqualsShouldNotBeUsedInEqualsMethod, Interruption, NullableOnContainingClass * Changes of version 2.13.1: + Fix a crash in UnnecessaryBoxedVariable + Include the unicode character in the diagnostic message * Changes of version 2.13.0: + Handle all annotations with the simple name Generated in -XepDisableWarningsInGeneratedCode + Reconcile BugChecker#isSuppressed with suppression handling in ErrorProneScanner + Fix a bug in enclosingPackage + Improve performance of fix application + Implicitly treat @AutoBuilder setter methods as @CanIgnoreReturnValue. + Remove some obsolete checks (PublicConstructorForAbstractClass, HashCodeToString) * Changes of version 2.12.1: + This release adds an infrastructure optimization to AppliedFix source code processing. * Changes of version 2.12.0: + New checks: BoxedPrimitiveEquality, DoubleBraceInitialization, IgnoredPureGetter, LockOnBoxedPrimitive, IncorrectMainMethod, LongDoubleConversion, RobolectricShadowDirectlyOn, StaticAssignmentOfThrowable, UnnecessaryLongToIntConversion, Varifier - Do not require maven-javadoc-plugin as it's not being used ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:1962-1 Released: Mon Jun 10 13:09:11 2024 Summary: Security update for libvirt Type: security Severity: moderate References: 1222584,1223849,CVE-2024-4418 This update for libvirt fixes the following issues: - CVE-2024-4418: Fixed a stack use-after-free by ensuring temporary GSource is removed from client event loop. (bsc#1223849) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:1963-1 Released: Mon Jun 10 13:09:41 2024 Summary: Security update for apache2 Type: security Severity: important References: 1221401,1222330,1222332,CVE-2023-38709,CVE-2024-24795,CVE-2024-27316 This update for apache2 fixes the following issues: - CVE-2023-38709: Fixed HTTP response splitting (bsc#1222330). - CVE-2024-24795: Fixed HTTP response splitting in multiple modules (bsc#1222332). - CVE-2024-27316: Fixed HTTP/2 CONTINUATION frames can be utilized for DoS attacks (bsc#1221401). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:1994-1 Released: Tue Jun 11 15:03:55 2024 Summary: Recommended update for iputils Type: recommended Severity: moderate References: This update for iputils fixes the following issue: - After upstream merged the fix, update git commit hashes. ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:1997-1 Released: Tue Jun 11 17:24:32 2024 Summary: Recommended update for e2fsprogs Type: recommended Severity: moderate References: 1223596 This update for e2fsprogs fixes the following issues: - EA Inode handling fixes: - e2fsck: add more checks for ea inode consistency (bsc#1223596) - e2fsck: fix golden output of several tests (bsc#1223596) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:1998-1 Released: Tue Jun 11 22:53:43 2024 Summary: Recommended update for yast2-registration Type: recommended Severity: moderate References: 1223301 This update for yast2-registration fixes the following issue: - Ensure add_on_others in autoyast profile are added (bsc#1223301) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:2024-1 Released: Thu Jun 13 16:15:18 2024 Summary: Recommended update for jitterentropy Type: recommended Severity: moderate References: 1209627 This update for jitterentropy fixes the following issues: - Fixed a stack corruption on s390x: [bsc#1209627] * Output size of the STCKE command on s390x is 16 bytes, compared to 8 bytes of the STCK command. Fix a stack corruption in the s390x version of jent_get_nstime(). Add some more detailed information on the STCKE command. Updated to 3.4.1 * add FIPS 140 hints to man page * simplify the test tool to search for optimal configurations * fix: jent_loop_shuffle: re-add setting the time that was lost with 3.4.0 * enhancement: add ARM64 assembler code to read high-res timer ----------------------------------------------------------------- Advisory ID: 33664 Released: Thu Jun 13 21:03:11 2024 Summary: Recommended update for libsolv, libzypp, zypper, PackageKit-branding-SLE, PackageKit, libyui, yast2-pkg-bindings Type: recommended Severity: important References: 1222086,1223430,1223766,1224242 This update for libsolv, libzypp, zypper, PackageKit-branding-SLE, PackageKit, libyui, yast2-pkg-bindings fixes the following issues: - Fix the dependency for Packagekit-backend-zypp in SUMa 4.3 (bsc#1224242) - Improve updating of installed multiversion packages - Fix decision introspection going into an endless loop in some cases - Split libsolv-tools into libsolv-tools-base [jsc#PED-8153] - Improve checks against corrupt rpm - Fixed check for outdated repo metadata as non-root user (bsc#1222086) - Add ZYPP_API for exported functions and switch to visibility=hidden (jsc#PED-8153) - Dynamically resolve libproxy (jsc#PED-8153) - Fix download from gpgkey URL (bsc#1223430) - Delay zypp lock until command options are parsed (bsc#1223766) - Unify message format ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:2059-1 Released: Tue Jun 18 13:11:29 2024 Summary: Security update for openssl-1_1 Type: security Severity: important References: 1225551,CVE-2024-4741 This update for openssl-1_1 fixes the following issues: - CVE-2024-4741: Fixed a use-after-free with SSL_free_buffers. (bsc#1225551) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:2060-1 Released: Tue Jun 18 13:11:47 2024 Summary: Security update for less Type: security Severity: important References: 1222849,CVE-2024-32487 This update for less fixes the following issues: - CVE-2024-32487: Fixed OS command injection via a newline character in the file name. (bsc#1222849) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:2066-1 Released: Tue Jun 18 13:16:09 2024 Summary: Security update for openssl-3 Type: security Severity: important References: 1223428,1224388,1225291,1225551,CVE-2024-4603,CVE-2024-4741 This update for openssl-3 fixes the following issues: Security issues fixed: - CVE-2024-4603: Check DSA parameters for excessive sizes before validating (bsc#1224388) - CVE-2024-4741: Fixed a use-after-free with SSL_free_buffers. (bsc#1225551) Other issues fixed: - Enable livepatching support (bsc#1223428) - Fix HDKF key derivation (bsc#1225291, gh#openssl/openssl#23448, + gh#openssl/openssl#23456) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:2075-1 Released: Tue Jun 18 17:52:50 2024 Summary: Recommended update for sudo Type: recommended Severity: moderate References: 1222104,1226008 This update for sudo fixes the following issues: - Revert the 'Match using canonicalized directories where possible.' feature just for SLE-15 This causes a breaking change in behavior for some customers (bsc#1222104, bsc#1226008) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:2083-1 Released: Wed Jun 19 08:33:38 2024 Summary: Security update for libarchive Type: security Severity: important References: 1225971,1225972,CVE-2024-20696,CVE-2024-20697 This update for libarchive fixes the following issues: - CVE-2024-20697: Fixed Out of bounds Remote Code Execution Vulnerability (bsc#1225972). - CVE-2024-20696: Fixed heap based out-of-bounds write (bsc#1225971). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:2085-1 Released: Wed Jun 19 11:36:00 2024 Summary: recommended update for python-requests Type: recommended Severity: moderate References: 1225912 This update for python-requests fixes the following issue: - Allow the usage of 'verify' parameter as a directory. (bsc#1225912) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:2086-1 Released: Wed Jun 19 11:48:24 2024 Summary: Recommended update for gcc13 Type: recommended Severity: moderate References: 1188441 This update for gcc13 fixes the following issues: Update to GCC 13.3 release - Removed Fiji support from the GCN offload compiler as that is requiring Code Object version 3 which is no longer supported by llvm18. - Avoid combine spending too much compile-time and memory doing nothing on s390x. [bsc#1188441] - Make requirement to lld version specific to avoid requiring the meta-package. ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:2104-1 Released: Thu Jun 20 10:44:39 2024 Summary: Recommended update for google-cloud SDK Type: recommended Severity: moderate References: This update for protobuf and python-grpcio fixes the following issue: - Add python311 binaries to Python Module. ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:2172-1 Released: Mon Jun 24 05:51:55 2024 Summary: Recommended update for iproute2 Type: recommended Severity: moderate References: 1204562 This update for iproute2 fixes the following issues: iproute2 was updated to version 6.4 (jsc#PED-6820 jsc#PED-6844, jsc#PED-8358): - Fixed display of bound but unconnected sockets (bsc#1204562) - Changes in version 6.4: * bridge: mdb: added underlay destination IP support, UDP destination port support, destination VNI support, source VNI support, outgoing interface support * macvlan: added the 'bclim' parameter - Changes in version 6.3: * New release of iproute2 corresponding to the 6.3 kernel. No large feature improvements only incremental improvements to the bridge mdb support, mostly just bug fixes. - Changes in version 6.2: * f_flower: Introduce L2TPv3 support * bridge: fdb: Add support for locked FDB entries * bridge: link: Add MAC Authentication Bypass (MAB) support * ip: Support --json on `ip neigh get` * tc: Add JSON output to tc-class - Changes in version 6.1: * man: ss.8: fix a typo * testsuite: fix build failure * genl: remove unused vars in Makefile * json: do not escape single quotes * ip-monitor: Do not error out when RTNLGRP_STATS is not available * ip-link: man: Document existence of netns argument in add command * macsec: add Extended Packet Number support * macsec: add user manual description for extended packet number feature * ip: xfrm: support 'external' (`collect_md`) mode in xfrm interfaces * ip: xfrm: support adding xfrm metadata as lwtunnel info in routes * ip: add NLM_F_ECHO support * libnetlink: add offset for nl_dump_ext_ack_done * tc/tc_monitor: print netlink extack message * rtnetlink: add new function rtnl_echo_talk() * ip: fix return value for rtnl_talk failures * iplink_bridge: Add no_linklocal_learn option support * devlink: use dl_no_arg instead of checking dl_argc == 0 * devlink: remove dl_argv_parse_put * mnlg: remove unnused mnlg_socket structure * utils: extract CTRL_ATTR_MAXATTR and save it * devlink: expose nested devlink for a line card object * devlink: load port-ifname map on demand * devlink: fix parallel flash notifications processing * devlink: move use_iec into struct dl * devlink: fix typo in variable name in ifname_map_cb() * devlink: load ifname map on demand from ifname_map_rev_lookup() as well * dcb: unblock mnl_socket_recvfrom if not message received * libnetlink: Fix memory leak in __rtnl_talk_iov() * tc_util: Fix no error return when large parent id used * tc_util: Change datatype for maj to avoid overflow issue * ss: man: add missing entries for MPTCP * ss: man: add missing entries for TIPC * ss: usage: add missing parameters * ss: re-add TIPC query support * devlink: Fix setting parent for 'rate add' * link: display 'allmulti' counter * seg6: add support for flavors in SRv6 End* behaviors * tc: ct: Fix invalid pointer dereference * uapi: update from 6.1 pre rc1 * u32: fix json formatting of flowid * tc_stab: remove dead code * uapi: update for in.h and ip.h * remove #if 0 code * tc: add json support to size table * tc: put size table options in json object * tc/basic: fix json output filter * iplink: support JSON in MPLS output * tc: print errors on stderr * ip: print mpls errors on stderr * tc: make prefix const * man: add missing tc class show * iplink_can: add missing `]' of the bitrate, dbitrate and termination arrays * ip link: add sub-command to view and change DSA conduit interface - Changes in version 6.0: * ipstats: Add param.h for musl * Update kernel headers * libbpf: add xdp program name support * iplink: bond_slave: add per port prio support * seg6: add support for SRv6 Headend Reduced Encapsulation * lib: Introduce ppp protocols * f_flower: Introduce PPPoE support - Changes in version 5.19: * ip/iplink_virt_wifi: add support for virt_wifi * Update kernel headers * libnetlink: Add filtering to rtnl_statsdump_req_filter() * ipstats: Add a 'set' command * ipstats: Add a group 'link' * libbpf: Use bpf_object__load instead of bpf_object__load_xattr * uapi: change name for zerocopy sendfile in tls * bridge: vxlan device vnifilter support * f_flower: Add num of vlans parameter - Changes in version 5.18: * The build issues with libbpf should be fixed now. * Building with clang is now supported. * There are still some warnings with gcc-12 that will need to be fixed in the upstream kernel headers. - Changes in version 5.17: * lib/fs: fix memory leak in get_task_name() * bridge: Remove vlan listing from `bridge link` * bond: add arp_missed_max option * libnetlink: fix socket leak in rtnl_open_byproto() * dcb: Fix error reporting when accessing 'dcb app' * tc_util: Fix parsing action control with space and slash * lib: fix ax25.h include for musl * uapi: add missing rose and ax25 files * rdma: Fix res_print_uint() and add res_print_u64() * tc: Add support for ce_threshold_value/mask in fq_codel - Add tmpfiles.d conf for /run/netns - Changes in version 5.16: * devlink: Fix cmd_dev_param_set() to check configuration mode * ip: add AMT support * iplink_can: fix configuration ranges in print_usage() and add unit * tc: flower: Fix buffer overflow on large labels * ip/ipnexthop: fix unsigned overflow in parse_nh_group_type_res() * tc/m_vlan: fix print_vlan() conditional on TCA_VLAN_ACT_PUSH_ETH * iplink_can: add new CAN FD bittiming parameters: Transmitter Delay Compensation (TDC) - Changes in version 5.15: * lib: bpf_legacy: fix bpffs mount when /sys/fs/bpf exists * man: devlink-port: fix the devlink port add synopsis * man: devlink-port: fix pfnum for devlink port add * iptuntap: fix multi-queue flag display * mptcp: unbreak JSON endpoint list * ipneigh: add support to print brief output of neigh cache in tabular format * ip/bond: add LACP active support * ip/tunnel: always print all known attributes * Add, show, link, remove IOAM namespaces and schemas * New IOAM6 encap type for routes * tc/skbmod: Introduce SKBMOD_F_ECN option * tc/f_flower: fix port range parsing ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:2179-1 Released: Mon Jun 24 11:30:16 2024 Summary: Recommended update for sssd Type: recommended Severity: moderate References: 1226407 This update for sssd fixes the following issue: - Reenable pam_sss after upgrade, was removed by sssd-common postun (bsc#1226407) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:2200-1 Released: Tue Jun 25 13:53:17 2024 Summary: Security update for avahi Type: security Severity: moderate References: 1216594,1216598,1226586,CVE-2023-38469,CVE-2023-38471 This update for avahi fixes the following issues: - CVE-2023-38471: Fixed a reachable assertion in dbus_set_host_name. (bsc#1216594) - CVE-2023-38469: Fixed a reachable assertion in avahi_dns_packet_append_record. (bsc#1216598) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:2214-1 Released: Tue Jun 25 17:11:26 2024 Summary: Recommended update for util-linux Type: recommended Severity: moderate References: 1225598 This update for util-linux fixes the following issue: - Fix hang of lscpu -e (bsc#1225598) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:2229-1 Released: Wed Jun 26 08:20:55 2024 Summary: Recommended update for apache2 Type: recommended Severity: important References: 1226217 This update for apache2 fixes the following issues: - Apache ignores headers sent by CGI scripts (bsc#1226217) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:2234-1 Released: Wed Jun 26 12:54:27 2024 Summary: Recommended update for suse-module-tools Type: recommended Severity: moderate References: 1224400 This update for suse-module-tools fixes the following issue: - Version update, udevrules: activate CPUs on hotplug for s390, too (bsc#1224400) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:2239-1 Released: Wed Jun 26 13:09:10 2024 Summary: Recommended update for systemd Type: recommended Severity: critical References: 1226415 This update for systemd contains the following fixes: - testsuite: move a misplaced %endif - Do not remove existing configuration files in /etc. If these files were modified on the systemd, that may cause unwanted side effects (bsc#1226415). - Import upstream commit (merge of v254.13) Use the pty slave fd opened from the namespace when transient service is running in a container. This revert the backport of the broken commit until a fix is released in the v254-stable tree. - Import upstream commit (merge of v254.11) For a complete list of changes, visit: https://github.com/openSUSE/systemd/compare/e8d77af4240894da620de74fbc7823aaaa448fef...85db84ee440eac202c4b5507e96e1704269179bc ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:2241-1 Released: Wed Jun 26 15:37:28 2024 Summary: Recommended update for wicked Type: recommended Severity: important References: 1218668 This update for wicked fixes the following issues: - Fix VLANs/bonds randomly not coming up after reboot or wicked restart. [bsc#1218668] ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:2264-1 Released: Tue Jul 2 10:14:25 2024 Summary: Recommended update for python-rpm-macros Type: recommended Severity: moderate References: This update for python-rpm-macros fixes the following issues: - Update to version 20240618.1e386da: * Fix python_clone sed regex - Update to version 20240614.02920b8: * Make sure that RPM_BUILD_ROOT env is set * don't eliminate any cmdline arguments in the shebang line * Create python313 macros - Update to version 20240415.c664b45: * Fix typo 310 -> 312 in default-prjconf - Update to version 20240202.501440e: * SPEC0: Drop python39, add python312 to buildset (#169) - Update to version 20231220.98427f3: * fix python2_compile macro - Update to version 20231207.46c2ec3: * make FLAVOR_compile compatible with python2 - Update to version 20231204.dd64e74: * Combine fix_shebang in one line * New macro FLAVOR_fix_shebang_path * Use realpath in %python_clone macro shebang replacement * Compile and fix_shebang in %python_install macros - Update to version 20231010.0a1f0d9: * Revert 'Compile and fix_shebang in %python_install macros' - Update to version 20231010.a32e110: * Compile and fix_shebang in %python_install macros - Update to version 20231005.bf2d3ab: * Fix shebang also in sbin with macro _fix_shebang - Update to version 20230609.6fe8111: * move compile loop to python * remove python38 ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:2266-1 Released: Tue Jul 2 10:14:58 2024 Summary: Security update for postgresql16 Type: security Severity: moderate References: 1224038,1224051,CVE-2024-4317 This update for postgresql16 fixes the following issues: PostgreSQL upgrade to version 16.3 (bsc#1224051): - CVE-2024-4317: Fixed visibility restriction of pg_stats_ext and pg_stats_ext_exprs entries to the table owner (bsc#1224038). Bug fixes: - Fix incompatibility with LLVM 18. - Prepare for PostgreSQL 17. - Make sure all compilation and doc generation happens in %build. - Require LLVM <= 17 for now, because LLVM 18 doesn't seem to work. - Remove constraints file because improved memory usage for s390x - Use %patch -P N instead of deprecated %patchN. Release notes: - https://www.postgresql.org/docs/release/16.3/ ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:2275-1 Released: Tue Jul 2 16:33:30 2024 Summary: Security update for openssh Type: security Severity: important References: 1226642,CVE-2024-6387 This update for openssh fixes the following issues: - CVE-2024-6387: Fixed race condition in a signal handler (bsc#1226642) ----------------------------------------------------------------- Advisory ID: SUSE-OU-2024:2282-1 Released: Tue Jul 2 22:41:28 2024 Summary: Optional update for openscap, scap-security-guide Type: optional Severity: moderate References: This update for scap-security-guide and openscap provides the SCAP tooling for SLE Micro 5.3, 5.4, 5.5. This includes shipping openscap dependencies libxmlsec1-1 and libxmlsec1-openssl for SLE Micro. ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:2284-1 Released: Wed Jul 3 05:27:30 2024 Summary: Recommended update for gmavenplus-plugin, istack-commons, replacer, xmvn Type: recommended Severity: moderate References: This update for gmavenplus-plugin, istack-commons, replacer, xmvn fixes the following issues: gmavenplus-plugin, istack-commons, replacer, xmvn: - Fixed build with `maven-plugin-plugin` ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:2290-1 Released: Wed Jul 3 11:35:00 2024 Summary: Security update for libxml2 Type: security Severity: low References: 1224282,CVE-2024-34459 This update for libxml2 fixes the following issues: - CVE-2024-34459: Fixed buffer over-read in xmlHTMLPrintFileContext in xmllint.c (bsc#1224282). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:2306-1 Released: Fri Jul 5 10:28:10 2024 Summary: Recommended update for libvirt Type: recommended Severity: moderate References: 1226492 This update for libvirt fixes the following issue: - qemu: Fix migration with custom XML (bsc#1226492) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:2307-1 Released: Fri Jul 5 12:04:34 2024 Summary: Security update for krb5 Type: security Severity: important References: 1227186,1227187,CVE-2024-37370,CVE-2024-37371 This update for krb5 fixes the following issues: - CVE-2024-37370: Fixed confidential GSS krb5 wrap tokens with invalid fields were errouneously accepted (bsc#1227186). - CVE-2024-37371: Fixed invalid memory read when processing message tokens with invalid length fields (bsc#1227187). ----------------------------------------------------------------- Advisory ID: SUSE-OU-2024:2316-1 Released: Mon Jul 8 11:18:56 2024 Summary: Optional update for NetworkManager Type: optional Severity: low References: 1227333 This optional update for NetworkManager fixes the following issue: - No-change rebuild to include NetworkManager-wwan in the SLE-Module-Desktop-Applications_15-SP6 product (bsc#1227333) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:2393-1 Released: Wed Jul 10 17:33:47 2024 Summary: Security update for openssh Type: security Severity: moderate References: 1218215,1224392,1225904,1227318,1227350,CVE-2023-51385,CVE-2024-39894 This update for openssh fixes the following issues: Security fixes: - CVE-2024-39894: Fixed timing attacks against echo-off password entry (bsc#1227318). Other fixes: - Add obsoletes for openssh-server-config-rootlogin (bsc#1227350). - Add #include in some files added by the ldap patch to fix build with gcc14 (bsc#1225904). - Remove the recommendation for openssh-server-config-rootlogin from openssh-server (bsc#1224392). The following package changes have been done: - glibc-2.38-150600.14.5.1 updated - libxml2-2-2.10.3-150500.5.17.1 updated - libsmartcols1-2.39.3-150600.4.6.2 updated - libgcc_s1-13.3.0+git8781-150000.1.12.1 updated - libsolv-tools-base-0.7.29-150400.3.22.4 added - libprocps8-3.3.17-150000.7.39.1 updated - procps-3.3.17-150000.7.39.1 updated - libgobject-2_0-0-2.78.6-150600.4.3.1 updated - libglib-2_0-0-2.78.6-150600.4.3.1 updated - grafana-formula-0.10.2-150600.1.1 updated - image-sync-formula-0.1.1713446632.c61236a-150600.1.1 updated - libcom_err2-1.47.0-150600.4.3.2 updated - gio-branding-SLE-15-150600.35.2.1 updated - libblkid1-2.39.3-150600.4.6.2 updated - libprotobuf-lite25_1_0-25.1-150600.16.4.2 updated - libuuid1-2.39.3-150600.4.6.2 updated - libsystemd0-254.13-150600.4.5.1 updated - openssl-3-3.1.4-150600.5.7.1 updated - libopenssl-3-fips-provider-3.1.4-150600.5.7.1 updated - krb5-1.20.1-150600.11.3.1 updated - fdupes-2.3.0-150400.3.3.1 updated - libzypp-17.34.1-150600.3.4.6 updated - dwz-0.12-150000.3.8.1 updated - libgio-2_0-0-2.78.6-150600.4.3.1 updated - util-linux-2.39.3-150600.4.6.2 updated - libsolv-tools-0.7.29-150400.3.22.4 updated - zypper-1.14.71-150600.10.2.7 updated - iputils-20221126-150500.3.8.2 updated - libavahi-common3-0.8-150600.15.3.1 updated - aaa_base-84.87+git20180409.04c9dae-150300.10.20.1 updated - libmount1-2.39.3-150600.4.6.2 updated - libfdisk1-2.39.3-150600.4.6.2 updated - systemd-254.13-150600.4.5.1 updated - libopenssl3-3.1.4-150600.5.7.1 updated - libstdc++6-13.3.0+git8781-150000.1.12.1 updated - libudev1-254.13-150600.4.5.1 updated - libarchive13-3.7.2-150600.3.3.1 updated - libatomic1-13.3.0+git8781-150000.1.12.1 updated - libgmodule-2_0-0-2.78.6-150600.4.3.1 updated - glib2-tools-2.78.6-150600.4.3.1 updated - glibc-locale-base-2.38-150600.14.5.1 updated - libbpf1-1.2.2-150600.3.3.1 added - libgomp1-13.3.0+git8781-150000.1.12.1 updated - libipa_hbac0-2.9.3-150600.3.6.2 updated - libitm1-13.3.0+git8781-150000.1.12.1 updated - libjitterentropy3-3.4.1-150000.1.12.1 updated - liblsan0-13.3.0+git8781-150000.1.12.1 updated - libpq5-16.2-150600.16.2.1 updated - libquadmath0-13.3.0+git8781-150000.1.12.1 updated - libsgutils2-1_48-2-1.48+11.56e7b2f-150600.3.3.11 updated - libsss_idmap0-2.9.3-150600.3.6.2 updated - libsss_nss_idmap0-2.9.3-150600.3.6.2 updated - libxml2-tools-2.10.3-150500.5.17.1 updated - openssh-common-9.6p1-150600.6.6.1 updated - python-rpm-macros-20240618.1e386da-150400.3.13.1 updated - release-notes-susemanager-5.0.0-150600.19.1 updated - ruby-solv-0.7.29-150400.3.22.4 updated - sitemesh-2.1-0.150600.8.70 updated - sudo-1.9.15p5-150600.3.3.2 updated - susemanager-schema-utility-5.0.10-150600.1.1 updated - util-linux-systemd-2.39.3-150600.4.6.2 updated - uyuni-config-modules-5.0.9-150600.1.1 updated - woodstox-4.4.2-150600.1.104 updated - libyui16-4.5.3-150500.3.7.8 updated - libyui-ncurses16-4.5.3-150500.3.7.8 updated - glibc-locale-2.38-150600.14.5.1 updated - libavahi-client3-0.8-150600.15.3.1 updated - libopenssl1_1-1.1.1w-150600.5.3.1 updated - postgresql16-16.2-150600.16.2.1 updated - sg3_utils-1.48+11.56e7b2f-150600.3.3.11 updated - libsss_certmap0-2.9.3-150600.3.6.2 updated - iproute2-6.4-150600.7.3.1 updated - glibc-devel-2.38-150600.14.5.1 updated - openssh-fips-9.6p1-150600.6.6.1 updated - susemanager-docs_en-5.0-150600.9.1 updated - spacewalk-java-lib-5.0.11-150600.1.5 updated - uyuni-reportdb-schema-5.0.6-150600.1.4 updated - suse-module-tools-15.6.10-150600.3.6.2 updated - less-643-150600.3.3.1 updated - libyui-ncurses-pkg16-4.5.3-150500.3.7.9 updated - apache2-prefork-2.4.58-150600.5.6.1 updated - openssh-server-9.6p1-150600.6.6.1 updated - openssh-clients-9.6p1-150600.6.6.1 updated - wicked-0.6.75-150600.11.6.1 updated - wicked-service-0.6.75-150600.11.6.1 updated - postgresql16-server-16.2-150600.16.2.1 updated - postfix-3.8.4-150600.3.3.1 updated - susemanager-docs_en-pdf-5.0-150600.9.1 updated - susemanager-schema-5.0.10-150600.1.1 updated - susemanager-sync-data-5.0.5-150600.1.1 updated - udev-254.13-150600.4.5.1 updated - yast2-pkg-bindings-4.6.5-150600.3.2.8 updated - apache2-2.4.58-150600.5.6.1 updated - openssh-9.6p1-150600.6.6.1 updated - grub2-2.12-150600.6.13 updated - grub2-i386-pc-2.12-150600.6.13 updated - python3-uyuni-common-libs-5.0.4-150600.1.42.1 updated - python3-susemanager-retail-1.0.1658330139.861779d-150600.1.2 updated - python3-solv-0.7.29-150400.3.22.4 updated - python3-schema-0.6.7-150600.1.2 updated - python3-looseversion-1.0.2-150600.3.6.2 updated - python3-itsdangerous-1.1.0-1.6 added - python3-click-7.0-1.27 added - python3-Werkzeug-1.0.1-150300.3.8.1 added - prometheus-exporters-formula-1.4.1-150600.1.1 updated - libvirt-libs-10.0.0-150600.8.6.2 updated - postgresql16-contrib-16.2-150600.16.2.1 updated - sssd-ldap-2.9.3-150600.3.6.2 updated - sssd-2.9.3-150600.3.6.2 updated - sssd-krb5-common-2.9.3-150600.3.6.2 updated - libnm0-1.44.2-150600.3.2.1 updated - susemanager-build-keys-15.5.1-150600.3.1 updated - grub2-x86_64-efi-2.12-150600.6.13 updated - susemanager-retail-tools-1.0.1658330139.861779d-150600.1.2 updated - virtual-host-gatherer-1.0.27-150600.7.7.2 updated - python3-libxml2-2.10.3-150500.5.17.1 updated - inter-server-sync-0.3.4-150600.1.3 updated - spacewalk-backend-sql-postgresql-5.0.8-150600.3.44.7 updated - sssd-krb5-2.9.3-150600.3.6.2 updated - sssd-dbus-2.9.3-150600.3.6.2 updated - python3-sssd-config-2.9.3-150600.3.6.2 updated - sssd-ad-2.9.3-150600.3.6.2 updated - typelib-1_0-NM-1_0-1.44.2-150600.3.2.1 updated - jdom-1.1.3-150200.12.8.2 updated - jackson-core-2.16.1-150200.3.14.7 updated - jackson-annotations-2.16.1-150200.3.14.4 updated - dom4j-2.1.4-150200.12.10.2 updated - spacewalk-base-minimal-5.0.9-150600.1.9 updated - susemanager-build-keys-web-15.5.1-150600.3.1 updated - spacecmd-5.0.8-150600.3.118.1 updated - python3-Jinja2-2.10.1-150000.3.13.1 updated - virtual-host-gatherer-Nutanix-1.0.27-150600.7.7.2 updated - virtual-host-gatherer-Libvirt-1.0.27-150600.7.7.2 updated - sssd-tools-2.9.3-150600.3.6.2 updated - sssd-ipa-2.9.3-150600.3.6.2 updated - guava-33.1.0-150200.3.10.1 updated - jackson-databind-2.16.1-150200.3.18.1 updated - istack-commons-runtime-3.0.7-150200.5.8.1 updated - tomcat-taglibs-standard-1_2_5-1.2.5-150600.1.101 updated - quartz-2.3.0-150600.1.104 updated - protobuf-java-25.1-150600.16.4.2 updated - prometheus-client-java-0.3.0-150600.1.100 updated - objectweb-asm-9.7-150200.3.15.2 updated - mvel2-2.2.6.Final-150600.1.102 updated - lucene-2.4.1-150600.1.104 updated - kie-soup-7.17.0.Final-150600.1.95 updated - kie-api-7.17.0-150600.1.94 updated - jpa-api-2.2.2-150600.1.9 updated - ical4j-3.0.18-150600.1.90 updated - hibernate-commons-annotations-5.0.4-150600.1.103 updated - ehcache-2.10.1-150600.1.105 updated - drools-7.17.0-150600.1.91 updated - spacewalk-base-minimal-config-5.0.9-150600.1.9 updated - python3-Flask-1.0.4-150400.7.64 added - pgjdbc-ng-0.8.7-150600.1.99 updated - jackson-module-jaxb-annotations-2.16.1-150200.5.11.1 updated - byte-buddy-dep-1.11.12-150600.1.9 updated - optaplanner-7.17.0-150600.1.92 updated - hibernate-types-2.16.2-150600.1.5 updated - byte-buddy-1.11.12-150600.1.9 updated - xmlsec-2.0.7-150600.1.96 updated - statistics-1.0.2-150600.1.99 updated - spark-core-2.9.3-150600.1.135 updated - python3-rhnlib-5.0.3-150600.3.45.1 updated - subscription-matcher-0.38-150600.1.1 updated - jakarta-commons-validator-1.1.4-21.150600.19.115 updated - python3-requests-2.25.1-150300.3.12.2 updated - spacewalk-backend-5.0.8-150600.3.44.7 updated - python3-spacewalk-client-tools-5.0.6-150600.3.90.8 updated - spacewalk-client-tools-5.0.6-150600.3.90.8 updated - spacewalk-base-5.0.9-150600.1.9 updated - hibernate5-core-5.3.25-150600.1.88 updated - struts-1.2.9-162.150600.33.5 updated - spacewalk-backend-sql-5.0.8-150600.3.44.7 updated - python3-spacewalk-certs-tools-5.0.6-150600.1.1 updated - spacewalk-certs-tools-5.0.6-150600.1.1 updated - spacewalk-admin-5.0.7-150600.1.1 updated - hibernate5-ehcache-5.3.25-150600.1.88 updated - hibernate5-c3p0-5.3.25-150600.1.88 updated - spacewalk-java-postgresql-5.0.11-150600.1.5 updated - virtual-host-gatherer-VMware-1.0.27-150600.7.7.2 updated - virtual-host-gatherer-libcloud-1.0.27-150600.7.7.2 updated - cobbler-3.3.3-150600.3.3 updated - spacewalk-backend-server-5.0.8-150600.3.44.7 updated - susemanager-sls-5.0.9-150600.1.1 updated - spacewalk-html-5.0.9-150600.1.9 updated - yast2-registration-4.6.2-150600.3.3.2 updated - spacewalk-java-config-5.0.11-150600.1.5 updated - spacewalk-backend-xmlrpc-5.0.8-150600.3.44.7 updated - spacewalk-backend-xml-export-libs-5.0.8-150600.3.44.7 updated - spacewalk-backend-package-push-server-5.0.8-150600.3.44.7 updated - spacewalk-backend-iss-5.0.8-150600.3.44.7 updated - spacewalk-backend-app-5.0.8-150600.3.44.7 updated - spacewalk-taskomatic-5.0.11-150600.1.5 updated - spacewalk-java-5.0.11-150600.1.5 updated - spacewalk-backend-iss-export-5.0.8-150600.3.44.7 updated - billing-data-service-5.0.3-150600.1.1 added - spacewalk-common-5.0.3-150600.1.1 updated - susemanager-tools-5.0.8-150600.1.1 updated - spacewalk-backend-tools-5.0.8-150600.3.44.7 updated - spacewalk-setup-5.0.5-150600.1.1 updated - spacewalk-utils-5.0.4-150600.1.1 updated - spacewalk-postgresql-5.0.3-150600.1.1 updated - spacewalk-utils-extras-5.0.4-150600.1.1 updated - susemanager-5.0.8-150600.1.1 updated - container:suse-manager-5.0-init-5.0.0-5.0.0-5.19 added - bea-stax-1.2.0-9.63 removed - bea-stax-api-1.2.0-9.63 removed - container:suse-manager-5.0-init-5.0.0-rc-5.0.0-rc-4.59 removed - geronimo-stax-1_0-api-1.2-150200.15.8.1 removed - golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1 removed - isorelax-0.1-150200.11.4.4 removed - jaxen-1.1.6-150200.12.4.4 removed - libduktape206-2.6.0-150500.4.5.1 removed - libproxy1-0.5.3-150600.2.2 removed - libpxbackend-1_0-0.5.3-150600.2.1 removed - spacewalk-backend-applet-5.0.6-150600.3.42.13 removed - ws-jaxme-0.5.2-150200.12.4.3 removed - xom-1.2b1-150200.12.4.4 removed - xpp2-2.1.10-150200.11.4.3 removed