openSUSE-2025-181 moderate openSUSE Backports SLE-15-SP7 Update This update for ollama fixes the following issues: Introduce version 0.7.0: * Ollama now supports multimodal models via Ollama's new engine, starting with new vision multimodal models: ~ Meta Llama 4 ~ Google Gemma 3 ~ Qwen 2.5 VL ~ Qwen 2.5 VL * Ollama now supports providing WebP images as input to multimodal models * Improved performance of importing safetensors models via ollama create * Various bug fixes and performance enhancements ollama-0.7.0-bp157.2.1.src.rpm ollama-0.7.0-bp157.2.1.x86_64.rpm ollama-0.7.0-bp157.2.1.aarch64.rpm ollama-0.7.0-bp157.2.1.ppc64le.rpm ollama-0.7.0-bp157.2.1.s390x.rpm openSUSE-2025-182 moderate openSUSE Backports SLE-15-SP7 Update This update for afterburn fixes the following issues: - Update to version 5.8.2: * cargo: Afterburn release 5.8.2 * docs/release-notes: update for release 5.8.2 * cargo: update dependencies * cargo: Afterburn release 5.8.1 * cargo: Afterburn release 5.8.0 * docs/release-notes: update for release 5.8.0 * cargo: update dependencies * packit: add initial support - Update to version 5.7.0.git103.bae893c: * Sync repo templates * build(deps): bump crossbeam-channel from 0.5.13 to 0.5.15 * build(deps): bump tokio from 1.40.0 to 1.44.2 * build(deps): bump openssl from 0.10.71 to 0.10.72 fixes RUSTSEC-2025-0022 AKA CVE-2025-3416 * build(deps): bump zbus from 4.4.0 to 5.5.0 * mod.rs: Fix clippy lint errors * release-notes.md: add release notes for rust version update * Cargo.toml: bump MSRV to 1.84.1 * Fix clippy lint issues * Sync repo templates * build(deps): bump mockito from 1.6.1 to 1.7.0 * build(deps): bump serde_json from 1.0.139 to 1.0.140 * build(deps): bump tempfile from 3.17.1 to 3.19.1 * build(deps): bump clap from 4.5.31 to 4.5.35 * build(deps): bump reqwest from 0.12.12 to 0.12.15 * Update release notes. * proxmoxve: Add more context to log messages. * proxmoxve: Remove unneeded fields * proxmoxve: Add tests for static network configuration from cloud-init. * proxmoxve: Add support for static network configuration from cloud-init. * build(deps): bump mailparse from 0.15.0 to 0.16.1 * Sync repo templates * build(deps): bump ring from 0.17.8 to 0.17.13 * build(deps): bump anyhow from 1.0.95 to 1.0.96 * release notes: add notes for tempfile bump from 3.16.0 to 3.17.1 * build(deps): bump serde from 1.0.217 to 1.0.218 * build(deps): bump openssl from 0.10.70 to 0.10.71 * build(deps): bump tempfile from 3.16.0 to 3.17.1 * build(deps): bump serde_json from 1.0.138 to 1.0.139 * build(deps): bump clap from 4.5.27 to 4.5.31 * add makefile targets for fmt,lint and test * providers/openstack: ignore ec2 metadata if not present * build(deps): bump openssl from 0.10.66 to 0.10.70 * build(deps): bump serde_json from 1.0.137 to 1.0.138 * build(deps): bump tempfile from 3.14.0 to 3.16.0 * build(deps): bump openssl from 0.10.66 to 0.10.69 * build(deps): bump ipnetwork from 0.20.0 to 0.21.1 * build(deps): bump serde from 1.0.215 to 1.0.217 * build(deps): bump serde_json from 1.0.133 to 1.0.137 * build(deps): bump anyhow from 1.0.93 to 1.0.95 * build(deps): bump clap from 4.5.21 to 4.5.27 * build(deps): bump reqwest from 0.12.7 to 0.12.12 * Sync repo templates * build(deps): bump mockito from 1.5.0 to 1.6.1 * build(deps): bump serde_json from 1.0.128 to 1.0.133 * build(deps): bump clap from 4.5.17 to 4.5.21 * build(deps): bump tempfile from 3.12.0 to 3.14.0 * build(deps): bump anyhow from 1.0.89 to 1.0.93 * build(deps): bump serde from 1.0.210 to 1.0.215 * docs: add changelog entry * proxmox: use noop provider if no configdrive * add noop provider * release-notes: remove "upcoming" - Update to version 5.7.0: * cargo: Afterburn release 5.7.0 * docs/release-notes: update for release 5.7.0 * cargo: update dependencies * dhcp: replace dbus_proxy with proxy, and zbus traits * build(deps): bump zbus from 3.15.2 to 4.4.0 * build(deps): bump tempfile from 3.10.1 to 3.12.0 * build(deps): bump serde from 1.0.205 to 1.0.210 * build(deps): bump serde_json from 1.0.121 to 1.0.127 * build(deps): bump reqwest from 0.12.5 to 0.12.7 * build(deps): bump uzers from 0.12.0 to 0.12.1 * build(deps): bump clap from 4.5.13 to 4.5.16 * build(deps): bump serde from 1.0.203 to 1.0.205 * build(deps): bump serde_json from 1.0.119 to 1.0.121 * build(deps): bump mockito from 1.4.0 to 1.5.0 * build(deps): bump openssh-keys from 0.6.3 to 0.6.4 * build(deps): bump clap from 4.5.8 to 4.5.13 * build(deps): bump openssl from 0.10.64 to 0.10.66 * providers/hetzner: private ipv4 addresses in attributes * openstack: Document the two platforms * build(deps): bump zerovec-derive from 0.10.2 to 0.10.3 * build(deps): bump zerovec from 0.10.2 to 0.10.4 * build(deps): bump nix from 0.27.1 to 0.29.0 * build(deps): bump clap from 4.5.7 to 4.5.8 * build(deps): bump serde_json from 1.0.117 to 1.0.119 * microsoft/azure: allow empty certificate chain in PKCS12 file * proxmoxve: implement proxmoxve provider * providers/hetzner: fix duplicate attribute prefix * build(deps): bump pnet_base from 0.34.0 to 0.35.0 * cargo: Afterburn release 5.6.0 * docs/release-notes: update for release 5.6.0 * cargo: update dependencies * build(deps): bump libflate from 1.4.0 to 2.1.0 * build(deps): bump base64 from 0.21.7 to 0.22.1 * build(deps): bump uzers from 0.11.3 to 0.12.0 * build(deps): bump pnet_datalink from 0.34.0 to 0.35.0 * build(deps): bump nix from 0.28.0 to 0.29.0 * lint: silence deadcode warnings * lint: address latest lint's from msrv update * workflows/rust: directly update toolchain to 1.75.0 * cargo: update msrv to 1.75 * Sync repo templates * build(deps): bump reqwest from 0.12.2 to 0.12.4 * build(deps): bump serde from 1.0.197 to 1.0.200 * build(deps): bump anyhow from 1.0.81 to 1.0.82 * build(deps): bump mailparse from 0.14.1 to 0.15.0 * build(deps): bump serde_json from 1.0.115 to 1.0.116 * providers: Add "akamai" provider * build(deps): bump h2 from 0.3.24 to 0.3.26 * build(deps): bump anyhow from 1.0.79 to 1.0.81 * build(deps): bump serde_json from 1.0.113 to 1.0.115 * build(deps): bump reqwest from 0.11.24 to 0.12.2 * build(deps): bump serde_yaml from 0.9.32 to 0.9.34+deprecated * build(deps): bump mio from 0.8.10 to 0.8.11 * build(deps): bump mailparse from 0.14.0 to 0.14.1 * build(deps): bump openssl from 0.10.62 to 0.10.64 * build(deps): bump nix from 0.27.1 to 0.28.0 * build(deps): bump mockito from 1.2.0 to 1.4.0 * build(deps): bump tempfile from 3.9.0 to 3.10.1 * build(deps): bump serde_yaml from 0.9.31 to 0.9.32 * build(deps): bump serde from 1.0.195 to 1.0.197 * build(deps): bump h2 from 0.3.23 to 0.3.24 * build(deps): bump slog-term from 2.9.0 to 2.9.1 * build(deps): bump serde_yaml from 0.9.30 to 0.9.31 * build(deps): bump serde_json from 1.0.111 to 1.0.113 * build(deps): bump clap from 4.4.16 to 4.4.18 * build(deps): bump reqwest from 0.11.23 to 0.11.24 * cargo: Afterburn release 5.5.1 * docs/release-notes: update for release 5.5.1 * cargo: update dependencies * build(deps): bump anyhow from 1.0.75 to 1.0.78 * build(deps): bump serde_yaml from 0.9.27 to 0.9.29 * build(deps): bump reqwest from 0.11.22 to 0.11.23 * build(deps): bump serde_json from 1.0.108 to 1.0.109 * build(deps): bump openssl from 0.10.60 to 0.10.62 * build(deps): bump tempfile from 3.8.1 to 3.9.0 * build(deps): bump clap from 4.4.10 to 4.4.12 * build(deps): bump unsafe-libyaml from 0.2.9 to 0.2.10 * providers/vmware: add missing public functions for non-amd64 * build(deps): bump clap from 4.4.8 to 4.4.10 * cargo: Afterburn release 5.5.0 * build(deps): bump openssl from 0.10.59 to 0.10.60 * docs/release-notes: update for release 5.5.0 * cargo: update dependencies * ci: cancel previous build on PR update * build(deps): allow building with libsystemd 0.7.0 * providers/vmware: Process guestinfo.metadata netplan configuration * kubevirt: Run afterburn-hostname service * build(deps): bump reqwest from 0.11.20 to 0.11.22 * build(deps): bump tempfile from 3.8.0 to 3.8.1 * build(deps): bump clap from 4.4.6 to 4.4.7 * build(deps): bump serde_json from 1.0.107 to 1.0.108 * build(deps): bump serde_yaml from 0.9.25 to 0.9.27 * build(deps): bump rustix from 0.37.19 to 0.37.25 * build(deps): bump clap from 4.4.2 to 4.4.6 * build(deps): bump serde_json from 1.0.105 to 1.0.107 * build(deps): bump mockito from 1.1.0 to 1.2.0 * providers: add support for scaleway * Move away from deprecated `users` to `uzers` * providers/hetzner: add support for Hetzner Cloud * build(deps): bump clap from 4.4.1 to 4.4.2 * cargo: update MSRV to 1.71 * build(deps): bump clap from 4.3.19 to 4.4.1 * chore: Get rid of Clippy warnings * cargo: specify required features for nix dependency * build(deps): bump nix from 0.26.2 to 0.27.1 * build(deps): bump slog-async from 2.7.0 to 2.8.0 * build(deps): bump openssl from 0.10.56 to 0.10.57 * build(deps): bump reqwest from 0.11.18 to 0.11.20 * build(deps): bump serde from 1.0.185 to 1.0.188 * build(deps): bump tempfile from 3.7.1 to 3.8.0 * build(deps): bump serde from 1.0.183 to 1.0.185 * build(deps): bump anyhow from 1.0.72 to 1.0.75 * build(deps): bump serde_json from 1.0.104 to 1.0.105 * build(deps): bump openssl from 0.10.55 to 0.10.56 * build(deps): bump tempfile from 3.7.0 to 3.7.1 * build(deps): bump serde from 1.0.180 to 1.0.183 * Sync repo templates * build(deps): bump serde from 1.0.179 to 1.0.180 * build(deps): bump serde_json from 1.0.103 to 1.0.104 * build(deps): bump serde from 1.0.175 to 1.0.179 * build(deps): bump pnet_datalink from 0.33.0 to 0.34.0 * build(deps): bump serde from 1.0.171 to 1.0.175 * build(deps): bump clap from 4.3.14 to 4.3.19 * build(deps): bump pnet_base from 0.33.0 to 0.34.0 * build(deps): bump serde_yaml from 0.9.23 to 0.9.25 * build(deps): bump tempfile from 3.6.0 to 3.7.0 * build(deps): bump clap from 4.3.11 to 4.3.14 * build(deps): bump serde_yaml from 0.9.22 to 0.9.23 * build(deps): bump anyhow from 1.0.71 to 1.0.72 * build(deps): bump serde_json from 1.0.100 to 1.0.103 * build(deps): bump clap from 4.3.10 to 4.3.11 * build(deps): bump serde_json from 1.0.99 to 1.0.100 * build(deps): bump openssh-keys from 0.6.1 to 0.6.2 * build(deps): bump zbus from 3.13.1 to 3.14.1 * build(deps): bump clap from 4.3.8 to 4.3.10 * build(deps): bump serde from 1.0.164 to 1.0.165 * build(deps): bump serde_json from 1.0.96 to 1.0.99 * build(deps): bump clap from 4.3.3 to 4.3.8 * build(deps): bump serde_yaml from 0.9.21 to 0.9.22 * build(deps): bump openssl from 0.10.54 to 0.10.55 * build(deps): bump mockito from 1.0.2 to 1.1.0 * openstack: Add attribute OPENSTACK_INSTANCE_UUID * build(deps): bump serde from 1.0.163 to 1.0.164 * build(deps): bump clap from 4.3.2 to 4.3.3 * build(deps): bump tempfile from 3.5.0 to 3.6.0 * cargo: Afterburn release 5.4.3 * docs/release-notes: update for release 5.4.3 * cargo: update dependencies * cargo: allow openssl 0.10.46 * build(deps): bump openssl from 0.10.52 to 0.10.54 * build(deps): bump openssh-keys from 0.6.0 to 0.6.1 * build(deps): bump vmw_backdoor from 0.2.3 to 0.2.4 * ci: strip debug symbols * build-sys: Use new tier = 2 for cargo-vendor-filterer * build(deps): bump reqwest from 0.11.17 to 0.11.18 * cargo: Afterburn release 5.4.2 * docs/release-notes: update for release * docs/release-notes: note Azure SSH regression fix with new openssl * cargo: fix minimum version of openssl crate * build(deps): bump serde from 1.0.162 to 1.0.163 * build(deps): bump zbus from 3.12.0 to 3.13.1 * build(deps): bump serde from 1.0.160 to 1.0.162 * build(deps): bump anyhow from 1.0.70 to 1.0.71 * build(deps): bump openssl from 0.10.51 to 0.10.52 * build(deps): bump reqwest from 0.11.16 to 0.11.17 * build(deps): bump openssl from 0.10.50 to 0.10.51 * build(deps): bump enumflags2 from 0.7.5 to 0.7.7 * build(deps): bump openssl from 0.10.48 to 0.10.50 * build(deps): bump zbus from 3.11.1 to 3.12.0 * build(deps): bump serde_json from 1.0.95 to 1.0.96 * build(deps): bump h2 from 0.3.15 to 0.3.17 * build(deps): bump openssl from 0.10.47 to 0.10.48 * microsoft/crypto/mod: replace deprecated function `parse` with `parse2` * build(deps): bump serde from 1.0.159 to 1.0.160 * build(deps): bump serde_yaml from 0.9.19 to 0.9.21 * build(deps): bump tempfile from 3.4.0 to 3.5.0 * build(deps): bump serde from 1.0.158 to 1.0.159 * build(deps): bump mockito from 1.0.1 to 1.0.2 * Update mockito to 1.0.1 * build(deps): bump reqwest from 0.11.15 to 0.11.16 * build(deps): bump serde_json from 1.0.94 to 1.0.95 * cli: switch to clap derive * cli: add descriptive value names for option arguments in --help * build(deps): bump zbus from 3.11.0 to 3.11.1 * build(deps): bump openssl from 0.10.45 to 0.10.47 * build(deps): bump reqwest from 0.11.14 to 0.11.15 * build(deps): bump serde from 1.0.155 to 1.0.158 * build(deps): bump anyhow from 1.0.69 to 1.0.70 * cli: have clap require exactly one of --cmdline/--provider * providers/*: move endpoint mocking into retry::Client * retry/client: move URL parsing into helper function * providers/microsoft: import crate::retry * providers/microsoft: use stored client for all fetches * providers/packet: use stored client for boot checkin * build(deps): bump zbus from 3.10.0 to 3.11.0 * build(deps): bump serde from 1.0.152 to 1.0.155 * docs: Use upstream theme and update to 0.4.1 * build(deps): bump serde_json from 1.0.93 to 1.0.94 * build(deps): bump serde_yaml from 0.9.17 to 0.9.19 * build(deps): bump mockito from 0.32.3 to 0.32.4 * build(deps): bump tempfile from 3.3.0 to 3.4.0 * initrd: remember to write trailing newline to network kargs file * util: drop obsolete "OEM" terminology * Update to clap 4 * build(deps): bump mockito from 0.31.1 to 0.32.3 * workflows: update clippy to 1.67 * Fix clippy lints * Inline variables into format strings * build(deps): bump zbus from 3.9.0 to 3.10.0 * build(deps): bump serde_json from 1.0.92 to 1.0.93 afterburn-5.8.2-bp157.2.3.1.src.rpm afterburn-5.8.2-bp157.2.3.1.x86_64.rpm afterburn-dracut-5.8.2-bp157.2.3.1.noarch.rpm afterburn-5.8.2-bp157.2.3.1.i586.rpm afterburn-5.8.2-bp157.2.3.1.aarch64.rpm afterburn-5.8.2-bp157.2.3.1.ppc64le.rpm afterburn-5.8.2-bp157.2.3.1.s390x.rpm openSUSE-2025-175 important openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: Update to version 137.0.7151.55 (stable release 2025-05-27) (boo#1243741) - CVE-2025-5063: Use after free in Compositing - CVE-2025-5280: Out of bounds write in V8 - CVE-2025-5064: Inappropriate implementation in Background Fetch API - CVE-2025-5065: Inappropriate implementation in FileSystemAccess API - CVE-2025-5066: Inappropriate implementation in Messages - CVE-2025-5281: Inappropriate implementation in BFCache - CVE-2025-5283: Use after free in libvpx - CVE-2025-5067: Inappropriate implementation in Tab Strip chromedriver-137.0.7151.55-bp157.2.3.2.x86_64.rpm chromium-137.0.7151.55-bp157.2.3.2.src.rpm chromium-137.0.7151.55-bp157.2.3.2.x86_64.rpm chromedriver-137.0.7151.55-bp157.2.3.2.aarch64.rpm chromium-137.0.7151.55-bp157.2.3.2.aarch64.rpm openSUSE-2025-180 important openSUSE Backports SLE-15-SP7 Update This update for varnish fixes the following issues: - Update to release 7.7.1 * VSV-16: Resolve request smuggling attack - Update to release 7.7.0 * The `linux` jail gained control of transparent huge pages settings. * An issue has been fixed which could cause a crash when varnishd receives an invalid Content-Range header from a backend. * Timestamping for HTTP/2 requests (when idle period begins) has been switched to be more in line with HTTP/1. * VSV-15: The client connection is now always closed when a malformed request is received. [CVE-2025-30346, boo#1239892] - Update to release 7.6.0 * The Varnish Delivery Processor (VDP) filter API has been generalized to also accommodate future use for backend request bodies. * VDPs with no vdp_bytes_f function are now supported if the vdp_init_f returns a value greater than zero to signify that the filter is not to be added to the chain. This is useful to support VDPs which only need to work on headers. * The epoll and kqueue waiters have been improved to correctly report WAITER_REMCLOSE, which increases the WAITER.*.remclose counter. * varnishtest now supports the shutdown command corresponding to the shutdown(2) standard C library call. * VSC counters for waiters have been added: * conns to count waits on idle connections * remclose to count idle connections closed by the peer * timeout to count idle connections which timed out in the waiter * action to count idle connections which resulted in a read * The port of a listen_endpoint given with the -a argument to varnishd can now also be a numerical port range like "80-89". * The warning "mlock() of VSM failed" message is now emitted when locking of shared memory segments (via mlock(2)) fails. * A bug has been fixed where string comparisons in VCL could fail with the nonsensical error message "Comparison of different types: STRING '==' STRING". * An issue has been addressed in the builtin.vcl where backend responses would fail if they contained a Content-Range header when no range was requested. * Additional SessError VSL events are now generated for various HTTP/2 protocol errors. * A new Linux jail has been added which is now the default on Linux. For now, it is almost identical to the Unix jail with one addition: * When the new Linux jail is used, the working directory not mounted on tmpfs partition. * A race condition with VCL temperature transitions has been addressed. * Internal management of probes has been reworked to address race conditions. * Backend tasks can now be instructed to queue if the backend has reached its max_connections. * The size of the buffer to hold panic messages is now tunable through the new panic_buffer parameter. * The Varnish Shared Memory (VSM) and Varnish Shared Counters (VSC) consumer implementation in libvarnishapi have been improved for stability and performance. * An issue has been fixed where Varnish Shared Log (VSL) queries (for example using ``varnishlog -q``) with numerical values would fail in unexpected ways due to truncation. * The ``ObjWaitExtend()`` Object API function gained a statep argument to optionally return the busy object state consistent with the current extension. A NULL value may be passed if the caller does not require it. * For backends using the ``.via`` attribute to connect through a proxy, the connect_timeout, ``first_byte_timeout`` and ``between_bytes_timeout`` attributes are now inherited from proxy unless explicitly given. * varnishd now creates a worker_tmpdir which can be used by VMODs for temporary files. The VMOD developer documentation has details. * The environment variable VARNISH_DEFAULT_N now provides the default "varnish name" / "workdir" as otherwise specified by the ``-n`` argument to varnishd and varnish* utilities except varnishtest. * A glitch with TTL comparisons has been fixed which could, for example, lead to unexpected behavior with purge.soft(). - Update to release 7.5.0 * Resolved CVE-2023-44487, CVE-2024-30156 [boo#1221942] * The default value of cli_limit has been increased from 48KB to 64KB. * A new ``pipe_task_deadline`` directive specifies the maximum duration of a pipe transaction. * All the timeout parameters that can be disabled accept the "never" value. * Added parameters to control the HTTP/2 Rapid Reset attach. - update to 7.4.2 (boo#1216123, CVE-2023-44487): * The ``vcl_req_reset`` feature (controllable through the ``feature`` parameter, see `varnishd(1)`) has been added and enabled by default to terminate client side VCL processing early when the client is gone. *req_reset* events trigger a VCL failure and are reported to `vsl(7)` as ``Timestamp: Reset`` and accounted to ``main.req_reset`` in `vsc` as visible through ``varnishstat(1)``. In particular, this feature is used to reduce resource consumption of HTTP/2 "rapid reset" attacks (see below). Note that *req_reset* events may lead to client tasks for which no VCL is called ever. Presumably, this is thus the first time that valid `vcl(7)` client transactions may not contain any ``VCL_call`` records. * Added mitigation options and visibility for HTTP/2 "rapid reset" attacks Global rate limit controls have been added as parameters, which can be overridden per HTTP/2 session from VCL using the new vmod ``h2``: * The ``h2_rapid_reset`` parameter and ``h2.rapid_reset()`` function define a threshold duration for an ``RST_STREAM`` to be classified as "rapid": If an ``RST_STREAM`` frame is parsed sooner than this duration after a ``HEADERS`` frame, it is accounted against the rate limit described below. * The ``h2_rapid_reset_limit`` parameter and ``h2.rapid_reset_limit()`` function define how many "rapid" resets may be received during the time span defined by the ``h2_rapid_reset_period`` parameter / ``h2.rapid_reset_period()`` function before the HTTP/2 connection is forcibly closed with a ``GOAWAY`` and all ongoing VCL client tasks of the connection are aborted. The defaults are 100 and 60 seconds, corresponding to an allowance of 100 "rapid" resets per minute. * The ``h2.rapid_reset_budget()`` function can be used to query the number of currently allowed "rapid" resets. * Sessions closed due to rapid reset rate limiting are reported as ``SessClose RAPID_RESET`` in `vsl(7)` and accounted to ``main.sc_rapid_reset`` in `vsc` as visible through ``varnishstat(1)``. * The ``cli_limit`` parameter default has been increased from 48KB to 64KB. * ``VSUB_closefrom()`` now falls back to the base implementation not only if ``close_range()`` was determined to be unusable at compile time, but also at run time. That is to say, even if ``close_range()`` is compiled in, the fallback to the naive implementation remains. libvarnishapi3-7.7.1-bp157.2.3.1.x86_64.rpm varnish-7.7.1-bp157.2.3.1.src.rpm varnish-7.7.1-bp157.2.3.1.x86_64.rpm varnish-devel-7.7.1-bp157.2.3.1.x86_64.rpm libvarnishapi3-7.7.1-bp157.2.3.1.i586.rpm varnish-7.7.1-bp157.2.3.1.i586.rpm varnish-devel-7.7.1-bp157.2.3.1.i586.rpm libvarnishapi3-7.7.1-bp157.2.3.1.aarch64.rpm varnish-7.7.1-bp157.2.3.1.aarch64.rpm varnish-devel-7.7.1-bp157.2.3.1.aarch64.rpm libvarnishapi3-7.7.1-bp157.2.3.1.ppc64le.rpm varnish-7.7.1-bp157.2.3.1.ppc64le.rpm varnish-devel-7.7.1-bp157.2.3.1.ppc64le.rpm libvarnishapi3-7.7.1-bp157.2.3.1.s390x.rpm varnish-7.7.1-bp157.2.3.1.s390x.rpm varnish-devel-7.7.1-bp157.2.3.1.s390x.rpm openSUSE-2025-191 moderate openSUSE Backports SLE-15-SP7 Update This update for micropython, micropython-lib, webrepl fixes the following issues: This update ships micropython in version 1.25.0. micropython-lib-1.25.0-bp157.2.1.noarch.rpm micropython-lib-1.25.0-bp157.2.1.src.rpm micropython-1.25.0-bp157.2.1.src.rpm micropython-1.25.0-bp157.2.1.x86_64.rpm mpremote-1.25.0-bp157.2.1.noarch.rpm mpy-tools-1.25.0-bp157.2.1.x86_64.rpm webrepl-20221108.1e09d9a-bp157.2.1.noarch.rpm webrepl-20221108.1e09d9a-bp157.2.1.src.rpm micropython-1.25.0-bp157.2.1.aarch64.rpm mpy-tools-1.25.0-bp157.2.1.aarch64.rpm micropython-1.25.0-bp157.2.1.s390x.rpm mpy-tools-1.25.0-bp157.2.1.s390x.rpm openSUSE-2025-189 moderate openSUSE Backports SLE-15-SP7 Update This update for opi fixes the following issues: Version 5.8.5: * add librewolf plugin (#205) * Install .NET 9 * Add verbose mode * Change the order of the process in the github module * Add rustdesk plugin Version 5.8.4; * Use arm64 rpm for libation on aarch64 Version 5.8.3: * Install dependencies rpm-build and squashfs at runtime if needed * Drop DNF support Version 5.8.2: * Warn about adding staging repos * Gracefully handle zypper exit code 106 (repos without cache present) Version 5.8.1: * Fix SyntaxWarning: invalid escape sequence '\s' Version 5.8.0: * Add mullvad-brower opi-5.8.5-bp157.2.3.1.noarch.rpm opi-5.8.5-bp157.2.3.1.src.rpm openSUSE-2025-194 moderate openSUSE Backports SLE-15-SP7 Update This update for virtme fixes the following issues: Update to version 1.36: * vng: Fix remote build * virtme_ng: run: --exec and positional arguments are mutually exclusive * virtme-ng: run: Fix quoting * virtme_ng: run: Fix `vng -- ''` virtme-1.36-bp157.2.3.1.noarch.rpm virtme-1.36-bp157.2.3.1.src.rpm openSUSE-2025-196 moderate openSUSE Backports SLE-15-SP7 Update This update for claws-mail fixes the following issues: - Update to 4.3.1: * The configuration option, "Don't popup error dialog on receive error" has been changed to "Show error dialog on receive error". Your previous choice will be automatically changed to the new format. * The option "Warn when pasting files as attachments" has been added to the Compose/Writing preferences page. This option was previously hidden. * chmod 0600 is now set on *history files in the configuration directory. * A new preference has been added to enable setting the chmod value of saved attachments: "Save attachments with chmod [ ]", found on the Other/Miscelleanous preferences page. The default value is 600. * The creation and updating of .mh_sequences files in MH mailbox folders is now optional and disabled by default. This is controlled by a new hidden preference, mh_compat_mode. If you were previously relying on this feature, set mh_compat_mode=1 in clawsrc before running this version. * A new hidden preference has been added, passphrase_dialog_msg_title_switch. This switches the placement of the dialogue message with the dialogue title in the passphrase dialogue. This can be useful for interacting with third-party programs such as KeePassXC. * The top-level 'Mark' menu item has been renamed to 'Marks'. If you have set custom hotkeys for any items in this menu you will need to re-set them. * New accounts now have all secure options activated by default, including TLS connections and SMTP AUTH. * The option to accept valid TLS certificates is now activated by default on new accounts. * Notification plugin: support for Ayatana indicator has been added. * PDF Viewer plugin: support for image/x-eps (encapsulated postscript) images has been added. * Libravatar plugin: the https URL, https://seccdn.libravatar.org/avatar, is now used by default. * vCalendar plugin: CREATED/LAST_MODIFIED are correctly handled, and the VTIMEZONE component is used when present * Various code cleanups. * The English, Spanish and French manuals have been updated. * Updated translations: Albanian, Brazilian Portuguese, British English, Catalan, Czech, Dutch, French, Polish, Portuguese, Romanian, Russian, Simplified Chinese, Slovak, Spanish, Swedish, Turkish. * bug fixes: * bug 3964, 'Attachment icon doesn't show in message list unless the message is clicked and then disappears later' * bug 4658, 'Headers unfolded incorrectly in message view' * bug 4817, 'Edit button in Messages view->Text settings not translatable' * bug 4818, 'Your Claws Mail configuration is from a newer...' dialog is shown more than once' * bug 4819, 'Text wrapping broken when text contains an URL' * bug 4821, 'If the Mail folder is on another partition, folder chmod settings are not applied to draft and queue' * bug 4824, 'No syntax highlighting after exiting external editor' * bug 4828, '"Mark" not translated anymore' * bug 4835, 'Disallow a forward slash in (IMAP) account names' * bug 4840, 'core dump unsubscribing from newsgroups' * CID 1491093: attrib leaked if attvalue is null * CID 1491370: unchecked return value. * archive plugin build in debug mode. * keep newsgroup subscription window on top when 'subscribe to newsgroup...' fails and newsgroup list can't be retrieved * don't silently fail to save a sent msg * IMAP: show the clip icon in the message list as soon as possible * stop needlessly checking which folders want sycnhronising every time we select a msg in an MH mailbox - Update to 4.3.0: * Compose window: when the focus is in the message text, copied files can be pasted as attachments using /Edit/paste or Ctrl+V. (The context menu's Paste will still insert the list of files into the message body.) * '/Mark/Mark all read in folder' and 'Mark/Mark all unread in folder' have been re-added to the Message List context menu. * It is now possible to use '/Tools/Remove references' when forwarding mail. * Keyboard shortcuts: The "Choose preset keyboard shortcuts" selector has been integrated into the main preferences page. When 'Current' is the selected preset, Apply/OK will keep the existing settings. * An MBOX file can now be imported from the command line using `claws-mail --import-mbox %f` where %f is the full path to the MBOX file. * OAUTH2 support for Microsoft 365 GCC High has been added. * LiteHTML Viewer plugin: Updated to LiteHTML 0.9. * The menurc file is now backed-up on startup. * Removed support for the obsolete Avant Window Navigator. * Various code cleanups. * The manual has been updated. * New translation: Albanian. * Updated translations: Catalan, Czech, French, Hungarian, Indonesian, Polish, Romanian, Slovak, Spanish, Swedish, Turkish. * bug 4668, 'Sometimes, at program start, message list takes all the vertical space' * bug 4720, 'matcher: release regex_t in matcherprop_string_match' * bug 4724, 'set proper availability status to sign/encrypt toolbar buttons' * bug 4725, 'oauth2: remove trailing zero from transmit buffer in oauth2_contact_server' * bug 4728, 'socket: handle GNUTLS_E_PREMATURE_TERMINATION in ssl_read' * bug 4730, 'oauth2: fix string handling in oauth2_contact_server' * bug 4733, 'Line breaks lost in headers' * bug 4734, 'ssl_certificate: remove unhelpful warnings from certificate check' * bug 4746, 'matcher: remove incorrect condition in matcherprop_free' * bug 4747, 'matcher: simplify matcherprop_new' * bug 4749, 'release regex_t in summary_compile_simplify_regexp' * bug 4750, 'remove regcomp wrapper and call regcomp directly' * bug 4752, 'Adjust incorrect debug_printf call in pgp plugins' * bug 4754, 'text/enriched literal less-than sign sequence handled incorrectly * bug 4757, 'remove AX_FUNC_MKDIR' * bug 4758, 'remove unused check for bind_textdomain_codeset' * bug 4759, 'remove unused function checks from AC_CHECK_FUNCS' * bug 4760, 'use correct type for move_bar_id' * bug 4762, 'oauth2: preserve an existing refresh token' * bug 4765, 'only store smtp auth if authorization method is OAUTH2' * bug 4766, 'preserve the expiry value of SMTP auth type is not OAUTH2' * bug 4768, 'Adjust logic while evaluating enable_avatars' * bug 4770, 'remove intl from list of include directories' * bug 4773, 'remove obsolescent AC_C_CONST' * bug 4780, 'use proper prototype for two archiver functions' * bug 4781, 'use correct prototype for privacy_free_signature_data' * bug 4782, 'use correct prototype for stop_archiving' * bug 4786, 'remove type confusion in getsockopt call in sock_connect_async_cb' * bug 4787, 'Use correct function for memory transfer in crypt_cfb_buf' * bug 4788, '"Change primary passphrase" disabled status handling' * bug 4790, 'widget spacing in "Changing primary passphrase" dialog' * bug 4791, 'remove obsolete glib version check' * bug 4795, 'Please remove -no-cpp-precomp flag for Apple' * bug 4796, 'URL with wide character doesn't work' * bug 4798, 'Quoting wrong when format=flowed and respect_flowed_format is set' * CIDs 1220325, 1491306 and 1491315, 'Explicit null dereferenced (FORWARD_NULL)' * CIDs 1491064, 1491074, 1491211, 1491105, 1491139, 1491164, 1491166, 1491168, 1491169, 1491178, 1491232, 1491242, 1492281 and 1591844 'Use after free (USE_AFTER_FREE)' * CID 1491137 'Out-of-bounds access (OVERRUN)' * CID 1591952 values overwritten before being used * CID 1596594 (CHECKED_RETURN) * CID 1596595 'Resource leak' * errors caused by invalid MIME viewer command-line * building on non-X11 systems * Use CFLAGS provided by nettle.pc * Fancy plugin, recognise mid and data embedded images claws-mail-4.3.1-bp157.2.3.1.src.rpm claws-mail-4.3.1-bp157.2.3.1.x86_64.rpm claws-mail-devel-4.3.1-bp157.2.3.1.x86_64.rpm claws-mail-lang-4.3.1-bp157.2.3.1.noarch.rpm claws-mail-4.3.1-bp157.2.3.1.aarch64.rpm claws-mail-devel-4.3.1-bp157.2.3.1.aarch64.rpm claws-mail-4.3.1-bp157.2.3.1.ppc64le.rpm claws-mail-devel-4.3.1-bp157.2.3.1.ppc64le.rpm claws-mail-4.3.1-bp157.2.3.1.s390x.rpm claws-mail-devel-4.3.1-bp157.2.3.1.s390x.rpm openSUSE-2025-188 important openSUSE Backports SLE-15-SP7 Update Chromium was updated to 137.0.7151.68 (stable release 2025-06-03) (boo#1244019) * CVE-2025-5419: Out of bounds read and write in V8 * CVE-2025-5068: Use after free in Blink - Google is aware that an exploit for CVE-2025-5419 exists in the wild. chromedriver-137.0.7151.68-bp157.2.6.2.x86_64.rpm chromium-137.0.7151.68-bp157.2.6.2.src.rpm chromium-137.0.7151.68-bp157.2.6.2.x86_64.rpm chromedriver-137.0.7151.68-bp157.2.6.2.aarch64.rpm chromium-137.0.7151.68-bp157.2.6.2.aarch64.rpm openSUSE-2025-204 low openSUSE Backports SLE-15-SP7 Update This update for atop fixes the following issues: - Update to 2.11.1: * Atop will not connect to the TCP port of 'atopgpud' daemon any more by default. The flag -k can be used explicitly when 'atopgpud' is active. Also the code to parse the received strings is improved to avoid future issues with heap corruption. * The flag -K has been implemented to connect to netatop/netatop-bpf. * Fix CVE-2025-31160 (boo#1240393) - Update to 2.11.0: * Cgroups (version 2) support. Show the hierarchical structure of cgroups and the related metrics with key/option 'G', and define the cgroup depth with the keys/options 2 till 7. Key/option 8 also shows the processes per cgroup level, except the kernel processes in the root cgroup. Key/option 9 shows the related processes per cgroup level including the kernel processes in the root cgroup. With key/option 'C' the output is sorted on CPU consumption (default), with key/option 'M' on memory consumption, and with key/option 'D' (requires root privileges) on disk utilization. Note: The collection of cgroup information per process is not supported any more. * Twin mode: live measurement with review option. In twin mode atop spawns into a lower level process that gathers the counters and writes them to a temporary raw file, and an upper level process that reads the counters from the temporary raw file and presents them to the user. The reading of the upper level process keeps in pace with the written samples of the lower level process for live measurements. However, when pressing the 'r' (reset to measurement begin), the 'b' (branch to time stamp), or the 'T' (previous sample), the upper level process implicitly pauses with the possibility to review previous samples. The 'z' (explicit pause) can also be used to pause the live measurement. When pressing the 'z' again (continue after pause) viewing of the live measurement will be continued. * Various corrections related to JSON output. * Improved gathering of current CPU frequency. * Support more than 500 CPUs. * The format of the raw file is incompatible with previous versions. Raw files from previous versions can be converted to the new layout with the atopconvert command. - Update to 2.10.0: * Additional memory statistics on system level: amount of available memory, amount of memory used for Transparant Huge Pages, amount of memory used by two categories of static huge pages (usually 2MiB and 1GiB), and the number of pages transferred to/from zswap. * Additional counters for the number of idle threads on system level and process level. * Refined view of memory bar graph, including free static huge pages. * Generic way to determine the container id or pod name for containerized processes. * Support for a BPF-based alternative[1] for the netatop kernel module to gather network statistics per process/thread. * Use the -z flag followed by a regex to prepend matching environment variables to the full command line that is shown per process (with key 'c'). * Various bugfixes (like memory leak when switching to bar graph mode) and minor improvements. * Bugfix: failing malloc while starting atopsar (unprivileged) for a live measurement. * The program atophide can be used to make an extraction from an input raw log to an output raw log, optionally specifying a begin time and/or an end time. The output raw log can be anonymized, i.e. the hostname will be replaced, command names of non-standard commands will be replaced, all command arguments will be wiped, logical volume names will be replaced and NFS mounted volume names will be replaced. * The format of the raw file is incompatible with previous versions. Raw files from previous versions can be converted to the new layout with the atopconvert command. - Update to 2.9.0: * Avoid compiler warning by limiting PSI average * Install cleanup function to avoid termination of parent process * add man for PAG steal * Oomkills event should not remain orange after boot values * Clarified atop man page * Closing bracket missing in synopsis * Add highlight concerning bar graph mode * Introduce bar graph mode Besides all detailed information that is supplied by atop on system and process level, a (character-based) bar graph can be shown about the utilization of the most critical system resources * Freeing ethlink should depend of ifdef * Added reset to indicate shadow file to be closed * fix atopacctd.c: failed to start atopacct.service * acctatop: reacquire acctfd to collect nprocexit for some bad cases * Calibrate nprocexit to avoid atop coredumps unexpectedly * json.c: fix avque counters output * Resolve compiler warnings from latest versions of GCC * Added versdate.h to make clean target * Revert "Added versdate.h to make clean target" * Added versdate.h to make clean target * fix calculation for scan and steal * only call str.decode if nvml returned bytes * Add exit epoch to parseable output PRG (solves issue #242) * Minor correction in man page for NVCSW/NIVCSW * Context switches (voluntary and involuntary) on process level incorrect * Various modifications releated to (non)voluntary context switches * Add nvcsw and nivcsw for each process * ifprop.c: Fix possible memory leak * Code cleanup and prototype additions * Consistency check on number of threads (solves issue #232) * atop-rotate.service: use restart instead of try-restart * Add link to atophttpd atop-2.11.1-bp157.2.3.1.src.rpm atop-2.11.1-bp157.2.3.1.x86_64.rpm atop-daemon-2.11.1-bp157.2.3.1.x86_64.rpm atop-daemon-debuginfo-2.11.1-bp157.2.3.1.x86_64.rpm atop-debuginfo-2.11.1-bp157.2.3.1.x86_64.rpm atop-debugsource-2.11.1-bp157.2.3.1.x86_64.rpm atop-2.11.1-bp157.2.3.1.i586.rpm atop-daemon-2.11.1-bp157.2.3.1.i586.rpm atop-daemon-debuginfo-2.11.1-bp157.2.3.1.i586.rpm atop-debuginfo-2.11.1-bp157.2.3.1.i586.rpm atop-debugsource-2.11.1-bp157.2.3.1.i586.rpm atop-2.11.1-bp157.2.3.1.aarch64.rpm atop-daemon-2.11.1-bp157.2.3.1.aarch64.rpm atop-daemon-debuginfo-2.11.1-bp157.2.3.1.aarch64.rpm atop-debuginfo-2.11.1-bp157.2.3.1.aarch64.rpm atop-debugsource-2.11.1-bp157.2.3.1.aarch64.rpm atop-2.11.1-bp157.2.3.1.ppc64le.rpm atop-daemon-2.11.1-bp157.2.3.1.ppc64le.rpm atop-daemon-debuginfo-2.11.1-bp157.2.3.1.ppc64le.rpm atop-debuginfo-2.11.1-bp157.2.3.1.ppc64le.rpm atop-debugsource-2.11.1-bp157.2.3.1.ppc64le.rpm atop-2.11.1-bp157.2.3.1.s390x.rpm atop-daemon-2.11.1-bp157.2.3.1.s390x.rpm atop-daemon-debuginfo-2.11.1-bp157.2.3.1.s390x.rpm atop-debuginfo-2.11.1-bp157.2.3.1.s390x.rpm atop-debugsource-2.11.1-bp157.2.3.1.s390x.rpm openSUSE-2025-200 important openSUSE Backports SLE-15-SP7 Update This update for orafce and timescaledb rebuilds them against current postgresql. postgresql12-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.src.rpm postgresql12-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.x86_64.rpm postgresql12-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.x86_64.rpm postgresql12-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.x86_64.rpm postgresql13-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.src.rpm postgresql13-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.x86_64.rpm postgresql13-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.x86_64.rpm postgresql13-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.x86_64.rpm postgresql14-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.src.rpm postgresql14-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.x86_64.rpm postgresql14-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.x86_64.rpm postgresql14-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.x86_64.rpm postgresql15-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.src.rpm postgresql15-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.x86_64.rpm postgresql15-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.x86_64.rpm postgresql15-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.x86_64.rpm postgresql16-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.src.rpm postgresql16-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.x86_64.rpm postgresql16-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.x86_64.rpm postgresql16-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.x86_64.rpm postgresql17-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.src.rpm postgresql17-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.x86_64.rpm postgresql17-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.x86_64.rpm postgresql17-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.x86_64.rpm postgresql14-timescaledb-2.17.1-bp157.2.2.1.src.rpm postgresql14-timescaledb-2.17.1-bp157.2.2.1.x86_64.rpm postgresql15-timescaledb-2.17.1-bp157.2.2.1.src.rpm postgresql15-timescaledb-2.17.1-bp157.2.2.1.x86_64.rpm postgresql16-timescaledb-2.17.1-bp157.2.2.1.src.rpm postgresql16-timescaledb-2.17.1-bp157.2.2.1.x86_64.rpm postgresql17-timescaledb-2.17.1-bp157.2.2.1.src.rpm postgresql17-timescaledb-2.17.1-bp157.2.2.1.x86_64.rpm postgresql12-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.i586.rpm postgresql12-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.i586.rpm postgresql12-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.i586.rpm postgresql13-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.i586.rpm postgresql13-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.i586.rpm postgresql13-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.i586.rpm postgresql14-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.i586.rpm postgresql14-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.i586.rpm postgresql14-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.i586.rpm postgresql15-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.i586.rpm postgresql15-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.i586.rpm postgresql15-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.i586.rpm postgresql16-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.i586.rpm postgresql16-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.i586.rpm postgresql16-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.i586.rpm postgresql17-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.i586.rpm postgresql17-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.i586.rpm postgresql17-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.i586.rpm postgresql14-timescaledb-2.17.1-bp157.2.2.1.i586.rpm postgresql15-timescaledb-2.17.1-bp157.2.2.1.i586.rpm postgresql16-timescaledb-2.17.1-bp157.2.2.1.i586.rpm postgresql17-timescaledb-2.17.1-bp157.2.2.1.i586.rpm postgresql12-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.aarch64.rpm postgresql12-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.aarch64.rpm postgresql12-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.aarch64.rpm postgresql13-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.aarch64.rpm postgresql13-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.aarch64.rpm postgresql13-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.aarch64.rpm postgresql14-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.aarch64.rpm postgresql14-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.aarch64.rpm postgresql14-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.aarch64.rpm postgresql15-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.aarch64.rpm postgresql15-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.aarch64.rpm postgresql15-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.aarch64.rpm postgresql16-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.aarch64.rpm postgresql16-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.aarch64.rpm postgresql16-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.aarch64.rpm postgresql17-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.aarch64.rpm postgresql17-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.aarch64.rpm postgresql17-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.aarch64.rpm postgresql14-timescaledb-2.17.1-bp157.2.2.1.aarch64.rpm postgresql15-timescaledb-2.17.1-bp157.2.2.1.aarch64.rpm postgresql16-timescaledb-2.17.1-bp157.2.2.1.aarch64.rpm postgresql17-timescaledb-2.17.1-bp157.2.2.1.aarch64.rpm postgresql12-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.ppc64le.rpm postgresql12-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.ppc64le.rpm postgresql12-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.ppc64le.rpm postgresql13-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.ppc64le.rpm postgresql13-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.ppc64le.rpm postgresql13-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.ppc64le.rpm postgresql14-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.ppc64le.rpm postgresql14-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.ppc64le.rpm postgresql14-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.ppc64le.rpm postgresql15-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.ppc64le.rpm postgresql15-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.ppc64le.rpm postgresql15-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.ppc64le.rpm postgresql16-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.ppc64le.rpm postgresql16-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.ppc64le.rpm postgresql16-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.ppc64le.rpm postgresql17-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.ppc64le.rpm postgresql17-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.ppc64le.rpm postgresql17-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.ppc64le.rpm postgresql14-timescaledb-2.17.1-bp157.2.2.1.ppc64le.rpm postgresql15-timescaledb-2.17.1-bp157.2.2.1.ppc64le.rpm postgresql16-timescaledb-2.17.1-bp157.2.2.1.ppc64le.rpm postgresql17-timescaledb-2.17.1-bp157.2.2.1.ppc64le.rpm postgresql12-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.s390x.rpm postgresql12-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.s390x.rpm postgresql12-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.s390x.rpm postgresql13-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.s390x.rpm postgresql13-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.s390x.rpm postgresql13-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.s390x.rpm postgresql14-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.s390x.rpm postgresql14-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.s390x.rpm postgresql14-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.s390x.rpm postgresql15-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.s390x.rpm postgresql15-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.s390x.rpm postgresql15-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.s390x.rpm postgresql16-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.s390x.rpm postgresql16-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.s390x.rpm postgresql16-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.s390x.rpm postgresql17-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.s390x.rpm postgresql17-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.s390x.rpm postgresql17-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.s390x.rpm postgresql14-timescaledb-2.17.1-bp157.2.2.1.s390x.rpm postgresql15-timescaledb-2.17.1-bp157.2.2.1.s390x.rpm postgresql16-timescaledb-2.17.1-bp157.2.2.1.s390x.rpm postgresql17-timescaledb-2.17.1-bp157.2.2.1.s390x.rpm openSUSE-2025-201 important openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: Chromium 137.0.7151.103 (stable release 2025-06-10) (boo#1244452) - CVE-2025-5958: Use after free in Media - CVE-2025-5959: Type Confusion in V8 chromedriver-137.0.7151.103-bp157.2.9.1.x86_64.rpm chromium-137.0.7151.103-bp157.2.9.1.src.rpm chromium-137.0.7151.103-bp157.2.9.1.x86_64.rpm chromedriver-137.0.7151.103-bp157.2.9.1.aarch64.rpm chromium-137.0.7151.103-bp157.2.9.1.aarch64.rpm openSUSE-2025-206 important openSUSE Backports SLE-15-SP7 Update This update for konsole fixes the following issues: - CVE-2025-49091: Fixed potential remote code execution in a certain scenario with url open (boo#1244569) konsole-23.08.5-bp157.2.3.1.src.rpm konsole-23.08.5-bp157.2.3.1.x86_64.rpm konsole-debuginfo-23.08.5-bp157.2.3.1.x86_64.rpm konsole-debugsource-23.08.5-bp157.2.3.1.x86_64.rpm konsole-part-23.08.5-bp157.2.3.1.x86_64.rpm konsole-part-debuginfo-23.08.5-bp157.2.3.1.x86_64.rpm konsole-part-lang-23.08.5-bp157.2.3.1.noarch.rpm konsole-zsh-completion-23.08.5-bp157.2.3.1.noarch.rpm konsole-23.08.5-bp157.2.3.1.aarch64.rpm konsole-debuginfo-23.08.5-bp157.2.3.1.aarch64.rpm konsole-debugsource-23.08.5-bp157.2.3.1.aarch64.rpm konsole-part-23.08.5-bp157.2.3.1.aarch64.rpm konsole-part-debuginfo-23.08.5-bp157.2.3.1.aarch64.rpm konsole-23.08.5-bp157.2.3.1.ppc64le.rpm konsole-debuginfo-23.08.5-bp157.2.3.1.ppc64le.rpm konsole-debugsource-23.08.5-bp157.2.3.1.ppc64le.rpm konsole-part-23.08.5-bp157.2.3.1.ppc64le.rpm konsole-part-debuginfo-23.08.5-bp157.2.3.1.ppc64le.rpm konsole-23.08.5-bp157.2.3.1.s390x.rpm konsole-debuginfo-23.08.5-bp157.2.3.1.s390x.rpm konsole-debugsource-23.08.5-bp157.2.3.1.s390x.rpm konsole-part-23.08.5-bp157.2.3.1.s390x.rpm konsole-part-debuginfo-23.08.5-bp157.2.3.1.s390x.rpm openSUSE-2025-212 moderate openSUSE Backports SLE-15-SP7 Update This update for kanidm fixes the following issues: kanidm was updated to version 1.6.4~git2.a4b3b0f7b: * Remove dead code * OpenSUSE build fix Update to version 1.6.4~git0.e1d26ed10: * Allow deferring spans in unixd * Dark mode improvements (#3660) * Fix SCIM filter parser for quoted values with spaces and escaped quotes (#3673) * fix: strip comments from UNIX files before parsing (#3674) * Fix healthcheck to use ENV for config path (#3656) * Investigate and reduce memory consumption of unixd (#3645) * Swap bytes mut at buffer limits (#3651) * fix: Improve unixd & unixd-tasks startup coupling (#3638) * reload schema before verify (#3643) * Defend against split_at panic (#3636) Update to version 1.6.3~git0.389493eb1: * Fix minor issue with untagged version handling (#3634) * Move shadow processing out of task event loop (#3631) * Dont specify config path in container (#3630) * Accept SSHA with different salt lengths (#3629) * Resolve flaw with ssh key parse if the key has no comment (#3628) * Indicate that this is an ip list, not a range (#3626) * Test for corrupted unicode in SSH keys, keep the key title on error/resubmit (#3618) * Reduce replication logging verbosity * cargo publish (#3613) kanidm-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.src.rpm kanidm-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.x86_64.rpm kanidm-clients-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.x86_64.rpm kanidm-clients-debuginfo-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.x86_64.rpm kanidm-debuginfo-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.x86_64.rpm kanidm-debugsource-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.x86_64.rpm kanidm-docs-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.x86_64.rpm kanidm-server-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.x86_64.rpm kanidm-server-debuginfo-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.x86_64.rpm kanidm-unixd-clients-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.x86_64.rpm kanidm-unixd-clients-debuginfo-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.x86_64.rpm kanidm-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.aarch64.rpm kanidm-clients-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.aarch64.rpm kanidm-clients-debuginfo-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.aarch64.rpm kanidm-debuginfo-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.aarch64.rpm kanidm-debugsource-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.aarch64.rpm kanidm-docs-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.aarch64.rpm kanidm-server-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.aarch64.rpm kanidm-server-debuginfo-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.aarch64.rpm kanidm-unixd-clients-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.aarch64.rpm kanidm-unixd-clients-debuginfo-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.aarch64.rpm openSUSE-2025-215 moderate openSUSE Backports SLE-15-SP7 Update This update for python-certbot-dns-google, python-google-api-python-client, python-google-auth-httplib2, python-uritemplate fixes the following issues: Changes in python-uritemplate, python-google-auth-httplib2, python-google-api-python-client: - shipped for use by python-certbot-dns-google. Changes in python-certbot-dns-google: Update to version 2.11.0: * sync with the main certbot package Update to 2.9.0: * Support for Python 3.12 was added. * Updates `joinpath` syntax to only use one addition per call, because the multiple inputs version was causing mypy errors on Python 3.10. * Makes the `reconfigure` verb actually use the staging server for the dry run to check the new configuration. Update to version 2.7.3: * Filter zones in certbot-dns-google to avoid usage of private DNS zones to create records Update to version 2.6.0: * Support for Python 3.11 was added to Certbot and all of its components. * All Certbot components now require pytest to run tests. * Packaged tests for all Certbot components besides josepy were moved inside the _internal/tests module. * There is now a new Other annotated challenge object to allow plugins to support entirely novel challenges. * --dns-google-project optionally allows for specifying the project that the DNS zone(s) reside in, which allows for Certbot usage in scenarios where the auth credentials reside in a different project to the zone(s) that are being managed. * certbot-dns-google now loads credentials using the standard Application Default Credentials strategy, rather than explicitly requiring the Google Compute metadata server to be present if a service account is not provided using --dns-google-credentials. * --dns-google-credentials now supports additional types of file-based credential, such as External Account Credentials created by Workload Identity Federation. All file-based credentials implemented by the Google Auth library are supported. * certbot-dns-google no longer requires deprecated oauth2client library. * Certbot no longer depends on zope. Update to 1.29.0: * --allow-subset-of-names will now additionally retry in cases where domains are rejected while creating or finalizing orders. This requires subproblem support from the ACME server * The show_account subcommand now uses the "newAccount" ACME endpoint to fetch the account data, so it doesn't rely on the locally stored account URL. This fixes situations where Certbot would use old ACMEv1 registration info with non-functional account URLs. * The generated Certificate Signing Requests are now generated as version 1 instead of version 3. This resolves situations in where strict enforcement of PKCS#10 meant that CSRs that were generated as version 3 were rejected Update to version 1.26.0: * GCP Permission list for certbot-dns-google in plugin documentation python-certbot-dns-google-2.11.0-bp157.2.3.1.src.rpm python311-certbot-dns-google-2.11.0-bp157.2.3.1.noarch.rpm python-google-api-python-client-2.170.0-bp157.2.1.src.rpm python311-google-api-python-client-2.170.0-bp157.2.1.noarch.rpm python-google-auth-httplib2-0.2.0-bp157.2.1.src.rpm python311-google-auth-httplib2-0.2.0-bp157.2.1.noarch.rpm python-uritemplate-4.1.1-bp157.2.1.src.rpm python311-uritemplate-4.1.1-bp157.2.1.noarch.rpm openSUSE-2025-213 moderate openSUSE Backports SLE-15-SP7 Update This update for ollama fixes the following issues: Update to version 0.9.0: * Ollama now has the ability to enable or disable thinking. This gives users the flexibility to choose the model’s thinking behavior for different applications and use cases. Update to version 0.8.0: * Ollama will now stream responses with tool calls * Logs will now include better memory estimate debug information when running models in Ollama's engine. Update to version 0.7.1: * Improved model memory management to allocate sufficient memory to prevent crashes when running multimodal models in certain situations * Enhanced memory estimation for models to prevent unintended memory offloading * ollama show will now show ... when data is truncated * Fixed crash that would occur with qwen2.5vl * Fixed crash on Nvidia's CUDA for llama3.2-vision * Support for Alibaba's Qwen 3 and Qwen 2 architectures in Ollama's new multimodal engine ollama-0.9.0-bp157.5.1.src.rpm ollama-0.9.0-bp157.5.1.x86_64.rpm ollama-0.9.0-bp157.5.1.aarch64.rpm ollama-0.9.0-bp157.5.1.ppc64le.rpm ollama-0.9.0-bp157.5.1.s390x.rpm openSUSE-2025-214 moderate openSUSE Backports SLE-15-SP7 Update This update for openQA fixes the following issues: - Update to version 5.1749832158.cc746ea0: * Bump @eslint/config-helpers from 0.2.2 to 0.2.3 * Docs: Convert images/openqa-in-5-minutes.gif to webm * Add test for failing save_needle with abort call * Document considerations for zero-downtime upgrades * Bump @eslint/config-array from 0.20.0 to 0.20.1 * Bump @eslint/plugin-kit from 0.3.1 to 0.3.2 * Change `do_cleanup` definition in test using `scm git` * apparmor: Allow file lock in fixed iso/hdd images * apparmor: Allow using 'git-lfs' * Disable git_auto_update by default * Re-add git_auto_commit and improved docs for the git settings * Tweak git config access in _git_clone_all * Disentangle git_auto_clone and git_auto_update * Bump brace-expansion from 1.1.11 to 1.1.12 * Update documentation with the new postgres format * Avoid showing too much probably disturbing errors on test details page * Update deprecated postgresql repository * Print one URL per line in test settings * Bump eslint-scope from 8.3.0 to 8.4.0 * Bump espree from 10.3.0 to 10.4.0 * Verify log output when cleanup fail in _save_needles * Improve error handling when loading test module results * Simplify the `createElement()` function * Restore behavior in case of empty details JSON after ca86aec6 * Verify abort job when git is disabled and do_cleanup is 'no' * Avoid job terminated unexpectedly by add signal handler * Bump datatables.net-bs5 from 2.3.1 to 2.3.2 * Bump acorn from 8.14.1 to 8.15.0 * Use regex when checking worker config for relevant sections * Allow appending values in worker config via `+=` * Streamline coding style in `t/24-worker-settings.t` * Allow using list and range specifiers in worker config file - Update to version 5.1749214996.3536da99: * Bump @types/estree from 1.0.7 to 1.0.8 * Support sass generation in all product versions * Avoid sporadic test failures due to warning about closed ws connection * Increase chart testing verbosity for better log trace * Bump ace-builds from 1.41.0 to 1.42.0 * Bump eslint from 9.27.0 to 9.28.0 * Bump @pkgr/core from 0.2.4 to 0.2.7 * Remove nested .gitignore from openQA rpm * Add permissions to avoid the warnings in openQA build - Update to version 5.1748615746.d50d8e24: * Bump synckit from 0.11.6 to 0.11.8 * Bump eslint-plugin-prettier from 5.4.0 to 5.4.1 * Support repeated query params in filter parsing * Replace deprecated ingress class annotation with ingressClassName * CI: Update python version in check-helm-chart * Avoid database error when more than one limit parameter is specified * Use signatures in all functions of `t/ui/18-tests-details.t` * Improve details of test details test * Refactor search_args construction for multi-valued query parameters * Allow comma-separated filtering of flavor * Dependency cron 2025-05-26 * t: Test if flavor options from URL are carried over to the form * t: Add more testing of comma-separated values * t: Check URL contains single flavor * Apply macro to support upcoming opensuse/sle 16 build - Update to version 5.1748004971.d2bfe8ce: * CI: Enable Leap 16.0 OBS build checks * systemd: Increase availability of openqa-webui with ordering * systemd: Remove obsolete ordering of websockets after scheduler * Update GettingStarted.asciidoc Fedora instructions * Deprecate skip-checks and add check-repos option * Switch overly verbose "Updating seen from worker" messages to trace * t: Also use default test database in full-stack+deploy * Fix quoting issue in run-tests-within-container script * Bump eslint from 9.26.0 to 9.27.0 * Bump @modelcontextprotocol/sdk from 1.11.3 to 1.11.4 * Bump synckit from 0.11.5 to 0.11.6 * Create link to the common prove_wrapper * Avoid repeated calls to $t->app->minion * Add linear backoff in hook script * Sync the subrepo external/os-autoinst-common * Bump datatables.net-bs5 from 2.3.0 to 2.3.1 * Dependency cron 2025-05-16 * Bump @modelcontextprotocol/sdk from 1.11.2 to 1.11.3 * Bump eventsource-parser from 3.0.1 to 3.0.2 * Set TESTS_FAILED_FLAG to 1 instead of touching file * Explain container execution and CONTAINER_TEST implications * Remove section which checks unused variable * Update checkstyle invocation in run-tests-within-container script - Update to version 5.1747282262.9a4e6bb5: * load-templates: with --clean, empty job group YAML templates * Fix phrasing in jobs comment carry over unit test * Bump debug from 4.4.0 to 4.4.1 * Bump synckit from 0.11.4 to 0.11.5 * Avoid workers getting stuck with old jobs * Avoid duplicate `use Mojo::JSON` * Follow consistent database DUMP_FOLDER target directory * Create new systemd service and timer for database dump and cleanup * dump-templates: dump job groups as they exist, fix group checks * t: load-templates: check harder for what gets loaded * load-templates: job groups: simplify, don't error on group exists * load-templates: fix loading of job templates openQA-5.1749832158.cc746ea0-bp157.2.4.1.src.rpm openQA-5.1749832158.cc746ea0-bp157.2.4.1.x86_64.rpm openQA-auto-update-5.1749832158.cc746ea0-bp157.2.4.1.x86_64.rpm openQA-bootstrap-5.1749832158.cc746ea0-bp157.2.4.1.x86_64.rpm openQA-client-5.1749832158.cc746ea0-bp157.2.4.1.x86_64.rpm openQA-common-5.1749832158.cc746ea0-bp157.2.4.1.x86_64.rpm openQA-continuous-update-5.1749832158.cc746ea0-bp157.2.4.1.x86_64.rpm openQA-devel-5.1749832158.cc746ea0-bp157.2.4.1.x86_64.rpm openQA-doc-5.1749832158.cc746ea0-bp157.2.4.1.x86_64.rpm openQA-local-db-5.1749832158.cc746ea0-bp157.2.4.1.x86_64.rpm openQA-munin-5.1749832158.cc746ea0-bp157.2.4.1.x86_64.rpm openQA-python-scripts-5.1749832158.cc746ea0-bp157.2.4.1.x86_64.rpm openQA-single-instance-5.1749832158.cc746ea0-bp157.2.4.1.x86_64.rpm openQA-single-instance-nginx-5.1749832158.cc746ea0-bp157.2.4.1.x86_64.rpm openQA-worker-5.1749832158.cc746ea0-bp157.2.4.1.x86_64.rpm openQA-client-test-5.1749832158.cc746ea0-bp157.2.4.1.src.rpm openQA-test-5.1749832158.cc746ea0-bp157.2.4.1.src.rpm openQA-worker-test-5.1749832158.cc746ea0-bp157.2.4.1.src.rpm openQA-5.1749832158.cc746ea0-bp157.2.4.1.aarch64.rpm openQA-auto-update-5.1749832158.cc746ea0-bp157.2.4.1.aarch64.rpm openQA-bootstrap-5.1749832158.cc746ea0-bp157.2.4.1.aarch64.rpm openQA-client-5.1749832158.cc746ea0-bp157.2.4.1.aarch64.rpm openQA-common-5.1749832158.cc746ea0-bp157.2.4.1.aarch64.rpm openQA-continuous-update-5.1749832158.cc746ea0-bp157.2.4.1.aarch64.rpm openQA-devel-5.1749832158.cc746ea0-bp157.2.4.1.aarch64.rpm openQA-doc-5.1749832158.cc746ea0-bp157.2.4.1.aarch64.rpm openQA-local-db-5.1749832158.cc746ea0-bp157.2.4.1.aarch64.rpm openQA-munin-5.1749832158.cc746ea0-bp157.2.4.1.aarch64.rpm openQA-python-scripts-5.1749832158.cc746ea0-bp157.2.4.1.aarch64.rpm openQA-single-instance-5.1749832158.cc746ea0-bp157.2.4.1.aarch64.rpm openQA-single-instance-nginx-5.1749832158.cc746ea0-bp157.2.4.1.aarch64.rpm openQA-worker-5.1749832158.cc746ea0-bp157.2.4.1.aarch64.rpm openQA-5.1749832158.cc746ea0-bp157.2.4.1.ppc64le.rpm openQA-auto-update-5.1749832158.cc746ea0-bp157.2.4.1.ppc64le.rpm openQA-bootstrap-5.1749832158.cc746ea0-bp157.2.4.1.ppc64le.rpm openQA-client-5.1749832158.cc746ea0-bp157.2.4.1.ppc64le.rpm openQA-common-5.1749832158.cc746ea0-bp157.2.4.1.ppc64le.rpm openQA-continuous-update-5.1749832158.cc746ea0-bp157.2.4.1.ppc64le.rpm openQA-devel-5.1749832158.cc746ea0-bp157.2.4.1.ppc64le.rpm openQA-doc-5.1749832158.cc746ea0-bp157.2.4.1.ppc64le.rpm openQA-local-db-5.1749832158.cc746ea0-bp157.2.4.1.ppc64le.rpm openQA-munin-5.1749832158.cc746ea0-bp157.2.4.1.ppc64le.rpm openQA-python-scripts-5.1749832158.cc746ea0-bp157.2.4.1.ppc64le.rpm openQA-single-instance-5.1749832158.cc746ea0-bp157.2.4.1.ppc64le.rpm openQA-single-instance-nginx-5.1749832158.cc746ea0-bp157.2.4.1.ppc64le.rpm openQA-worker-5.1749832158.cc746ea0-bp157.2.4.1.ppc64le.rpm openQA-5.1749832158.cc746ea0-bp157.2.4.1.s390x.rpm openQA-auto-update-5.1749832158.cc746ea0-bp157.2.4.1.s390x.rpm openQA-bootstrap-5.1749832158.cc746ea0-bp157.2.4.1.s390x.rpm openQA-client-5.1749832158.cc746ea0-bp157.2.4.1.s390x.rpm openQA-common-5.1749832158.cc746ea0-bp157.2.4.1.s390x.rpm openQA-continuous-update-5.1749832158.cc746ea0-bp157.2.4.1.s390x.rpm openQA-devel-5.1749832158.cc746ea0-bp157.2.4.1.s390x.rpm openQA-doc-5.1749832158.cc746ea0-bp157.2.4.1.s390x.rpm openQA-local-db-5.1749832158.cc746ea0-bp157.2.4.1.s390x.rpm openQA-munin-5.1749832158.cc746ea0-bp157.2.4.1.s390x.rpm openQA-python-scripts-5.1749832158.cc746ea0-bp157.2.4.1.s390x.rpm openQA-single-instance-5.1749832158.cc746ea0-bp157.2.4.1.s390x.rpm openQA-single-instance-nginx-5.1749832158.cc746ea0-bp157.2.4.1.s390x.rpm openQA-worker-5.1749832158.cc746ea0-bp157.2.4.1.s390x.rpm openSUSE-2025-210 important openSUSE Backports SLE-15-SP7 Update Chromium was updated to 137.0.7151.119 (stable release 2025-06-17) (boo#1244711): * CVE-2025-6191: Integer overflow in V8 * CVE-2025-6192: Use after free in Profiler chromedriver-137.0.7151.119-bp157.2.12.1.x86_64.rpm chromium-137.0.7151.119-bp157.2.12.1.src.rpm chromium-137.0.7151.119-bp157.2.12.1.x86_64.rpm chromedriver-137.0.7151.119-bp157.2.12.1.aarch64.rpm chromium-137.0.7151.119-bp157.2.12.1.aarch64.rpm openSUSE-2025-217 moderate openSUSE Backports SLE-15-SP7 Update This update for python-libvirt-python fixes the following issues: python-libvirt-python updated to 11.0.0. python-libvirt-python-11.0.0-bp157.4.1.src.rpm python-libvirt-python-debugsource-11.0.0-bp157.4.1.x86_64.rpm python311-libvirt-python-11.0.0-bp157.4.1.x86_64.rpm python311-libvirt-python-debuginfo-11.0.0-bp157.4.1.x86_64.rpm python-libvirt-python-debugsource-11.0.0-bp157.4.1.i586.rpm python311-libvirt-python-11.0.0-bp157.4.1.i586.rpm python311-libvirt-python-debuginfo-11.0.0-bp157.4.1.i586.rpm python-libvirt-python-debugsource-11.0.0-bp157.4.1.aarch64.rpm python311-libvirt-python-11.0.0-bp157.4.1.aarch64.rpm python311-libvirt-python-debuginfo-11.0.0-bp157.4.1.aarch64.rpm python-libvirt-python-debugsource-11.0.0-bp157.4.1.ppc64le.rpm python311-libvirt-python-11.0.0-bp157.4.1.ppc64le.rpm python311-libvirt-python-debuginfo-11.0.0-bp157.4.1.ppc64le.rpm python-libvirt-python-debugsource-11.0.0-bp157.4.1.s390x.rpm python311-libvirt-python-11.0.0-bp157.4.1.s390x.rpm python311-libvirt-python-debuginfo-11.0.0-bp157.4.1.s390x.rpm openSUSE-2025-208 important openSUSE Backports SLE-15-SP7 Update This update for velociraptor fixes the following issues: - Update to version 0.7.0.4.git152.fb24dfd: * audit: fix watch rules in artifacts * audit: update go-libaudit dependency for pcc64le arch filter fix * Use execsnoop plugin in artifacts when possible * Add execsnoop plugin to capture execve system calls * github-actions: update ubuntu runners to 22.04 * Fix failing tls unit test on new go versions - Update to version 0.7.0.4.git142.862ef23: * github: fix deprecated upload artifact again * Update npm packages Includes fixes for the following vulnerabilities: CVE-2023-45133 CVE-2023-46234 CVE-2024-55565 CVE-2024-45296 CVE-2023-44270 CVE-2024-47068 CVE-2024-23331 CVE-2024-31207 CVE-2024-45812 CVE-2024-45811 * Update go dependencies Includes fixes for the following vulnerabilities: CVE-2024-45338 CVE-2024-37298 CVE-2024-24786 CVE-2023-45683 (boo#1216310) CVE-2023-1732 * Update jwt to 4.5.1 Fixes CVE-2024-51744 (boo#1232944) * Update go-retryablehttp to 0.7.7 Fixes CVE-2024-6104 (boo#1227061) * Update go-oidc and go-jose Fixes CVE-2024-28180 (boo#1235168) * Update dompurify to 3.1.3 Fixes CVE-2024-47875 (boo#1231574) * Update package-lock.json * Update micromatch to 4.0.8 Partial fix for CVE-2024-4067 (boo#1224367) Partial fix for CVE-2024-4068 (boo#1224296) * Update axios to 1.7.9 Fixes CVE-2024-39338 (boo#1229424) * Update cross-spawn to 7.0.6 Fixes CVE-2024-21538 (boo#1233845) * Update elliptic to 6.6.1 Update contains fixes for: CVE-2024-48949 (boo#1231558) CVE-2024-48948 (boo#1231685) CVE-2024-42459 (boo#1232543) CVE-2024-42460 (boo#1232543) CVE-2024-42461 (boo#1232543) * Update follow-redirects to 1.15.6 Fixes CVE-2024-28849 (boo#1221456) * fix: gui/velociraptor/package.json to reduce vulnerabilities Fixes CVE-2022-25883 (boo#1212572) - Update to version 0.7.0.4.git126.27cfbe1: * bpf: fix plugins not stopping when context cancelled * tcpsnoop: move parsing to its own function * bpf plugins: remove depreciated libbpfgo calls * bpf plugins: add context to error logs * chattrsnoop: fix files not getting closed * chattrsnoop: move hashing from plugin to artifact * RPM artifact: start checks immediately on artifact load * rpm plugin: fix ndb magic error * audit s390x: fix arch filter rules errors * github: fix deprecated upload artifact * tcpsnoop: fix ipv6 local and remote addresses order * tcpsnoop: fix missing ipv6 outbound connections * Linux.Events.ProcessExecutions: remove parent cmdline * audit: reduce FileBufferLeaseSize to ease GC overhead * audit: fix auditBuf allocation and go vet warnings * audit: fix plugin shutdown race condition * audit: fix audit client data races * audit: fix race in subscriber * audit: prevent Windows loading audit package * sdjournal: fix package causing test failures * github: run linux unit tests - Update node modules with security fixes. * Fixes CVE-2024-39338 (boo#1229424) - Update to version 0.7.0.4.git97.675e45f9: * kafka-humio-gateway: update go version and dependency list * kafka-humio-gateway: specific mTLS cert paths in config.yml * docker-compose: set kafka replication factor and min ISRs * kafka-humio-gateway: add http post retry mechanism * kafka-humio-gateway: add pprof debugging option * kafka-humio-gateway: format with gofmt * kafka-humio-gateway: fix go-staticcheck issues * kafka-humio-gateway: fix sendEvents() never exiting * Kafka.Events.Client: Update to use new artifactset type * docker-compose: add optional Kafka cluser * kafka-humio-gateway: add mTLS support * contrib/kafka-humio-gateway: add new debug option for noisy events * contrib/kafka-humio-gateway: backoff and retry for metadata * kafka-humio-gateway: add sample config file * kafka-humio-gateway: update sarama and dependencies * Add Kafka-Humio Gateway [Depends on PR#10] (#8) * vql/server/kafka: connect sarama logging to velociraptor logging * vql/server/kafka: add exponential backoff (limited to 30s) for metadata retries * vql/server/kafka: set appropriate ClientID * Add a Kafka export plugin - Update to version 0.7.0.4.git74.3426c0a: * Fix services artifact symbol pid not found error * chattrsnoop: correct read size for flags * chattrsnoop: fix wrong FS_IOC_SETFLAGS value for ppc * chattrsnoop: fix do_vfs_ioctl kprobe failure - Update to version 0.7.0.4.git68.ad1f4e5: * Fix undefined binary.NativeEndian build errors - Add llvm16-libclang13 dependency for SLE 15 SP5 and above - Update to version 0.7.0.4.git66.eea7659: * dnssnoop: fix loading protocol from ip header on s390 * dnssnoop: fix htons() so it works on s390 too * Fix systemd Services artifact missing events * chattrsnoop: replace global variables with locals * tcpsnoop: fix garbled results on s390 * chattrsnoop: fix immutable attribute set on s390 * chattrsnoop: fix bpf_probe_read for s390 * tcpsnoop: remove unused filtering code * Add artifact to collect new files without owner * bpf plugins: set a logger callback - Update to version 0.7.0.4.git47.0f8a4de1: * Rename SUSE specific artifacts to have SUSE prefix * Add SUSE.Linux.Events.NewZeroSizeLogFile artifact * Move NewFiles artifact to SUSE * Move ImmutableFile artifact to SUSE * Make ImmutableFile artifact consistent with others * Fix absolute path case in ExecutableFiles artifact * Add client monitoring artifact for RPMs * Add artifact to collect new hidden files * Add artifact to monitor ssh authorized_keys files * Fix split_records error on older clients * Add hash fields to Linux.Events.ProcessExecutions * Add artifact to collect systemd service events * Fix SystemLogins artifacts file extensions * Add SUSE.Linux.Events.Timers artifact * Fix audit filter key typo in Linux.Events.NewFiles * Add server artifact to delete old client data on server * Add SUSE.Linux.Sys.At artifact * chattrsnoop: include full error details in logs * chattrsnoop: handle os.Stat() error properly * chattrsnoop: don't log.Fatal() on hash error * Fix Linux.Events.ImmutableFile not showing hash in GUI * SUSE.Linux.Events.Crontab: Add task execution artifacts * Raise client connection log level to ERROR * sdjournal: Correctly seek to current tail - Update to version 0.7.0.4.git6.7b40b8b: * go.mod: increase go version to 1.19 velociraptor-0.7.0.4.git152.fb24dfd-bp157.2.3.1.src.rpm velociraptor-0.7.0.4.git152.fb24dfd-bp157.2.3.1.x86_64.rpm system-user-velociraptor-1.0.0-bp157.2.3.1.noarch.rpm velociraptor-client-0.7.0.4.git152.fb24dfd-bp157.2.3.1.src.rpm velociraptor-client-0.7.0.4.git152.fb24dfd-bp157.2.3.1.x86_64.rpm velociraptor-client-0.7.0.4.git152.fb24dfd-bp157.2.3.1.aarch64.rpm velociraptor-client-0.7.0.4.git152.fb24dfd-bp157.2.3.1.ppc64le.rpm velociraptor-client-0.7.0.4.git152.fb24dfd-bp157.2.3.1.s390x.rpm openSUSE-2025-235 moderate openSUSE Backports SLE-15-SP7 Update This update for openQA-devel-container fixes the following issues: - Update to version 5.1749650866.7a5a615c8: * Update to latest openQA version openQA-5.1749832158.cc746ea0-bp157.2.6.1.src.rpm openQA-5.1749832158.cc746ea0-bp157.2.6.1.x86_64.rpm openQA-auto-update-5.1749832158.cc746ea0-bp157.2.6.1.x86_64.rpm openQA-bootstrap-5.1749832158.cc746ea0-bp157.2.6.1.x86_64.rpm openQA-client-5.1749832158.cc746ea0-bp157.2.6.1.x86_64.rpm openQA-common-5.1749832158.cc746ea0-bp157.2.6.1.x86_64.rpm openQA-continuous-update-5.1749832158.cc746ea0-bp157.2.6.1.x86_64.rpm openQA-devel-5.1749832158.cc746ea0-bp157.2.6.1.x86_64.rpm openQA-doc-5.1749832158.cc746ea0-bp157.2.6.1.x86_64.rpm openQA-local-db-5.1749832158.cc746ea0-bp157.2.6.1.x86_64.rpm openQA-munin-5.1749832158.cc746ea0-bp157.2.6.1.x86_64.rpm openQA-python-scripts-5.1749832158.cc746ea0-bp157.2.6.1.x86_64.rpm openQA-single-instance-5.1749832158.cc746ea0-bp157.2.6.1.x86_64.rpm openQA-single-instance-nginx-5.1749832158.cc746ea0-bp157.2.6.1.x86_64.rpm openQA-worker-5.1749832158.cc746ea0-bp157.2.6.1.x86_64.rpm openQA-client-test-5.1749832158.cc746ea0-bp157.2.6.1.src.rpm openQA-test-5.1749832158.cc746ea0-bp157.2.6.1.src.rpm openQA-worker-test-5.1749832158.cc746ea0-bp157.2.6.1.src.rpm openQA-5.1749832158.cc746ea0-bp157.2.6.1.aarch64.rpm openQA-auto-update-5.1749832158.cc746ea0-bp157.2.6.1.aarch64.rpm openQA-bootstrap-5.1749832158.cc746ea0-bp157.2.6.1.aarch64.rpm openQA-client-5.1749832158.cc746ea0-bp157.2.6.1.aarch64.rpm openQA-common-5.1749832158.cc746ea0-bp157.2.6.1.aarch64.rpm openQA-continuous-update-5.1749832158.cc746ea0-bp157.2.6.1.aarch64.rpm openQA-devel-5.1749832158.cc746ea0-bp157.2.6.1.aarch64.rpm openQA-doc-5.1749832158.cc746ea0-bp157.2.6.1.aarch64.rpm openQA-local-db-5.1749832158.cc746ea0-bp157.2.6.1.aarch64.rpm openQA-munin-5.1749832158.cc746ea0-bp157.2.6.1.aarch64.rpm openQA-python-scripts-5.1749832158.cc746ea0-bp157.2.6.1.aarch64.rpm openQA-single-instance-5.1749832158.cc746ea0-bp157.2.6.1.aarch64.rpm openQA-single-instance-nginx-5.1749832158.cc746ea0-bp157.2.6.1.aarch64.rpm openQA-worker-5.1749832158.cc746ea0-bp157.2.6.1.aarch64.rpm openQA-5.1749832158.cc746ea0-bp157.2.6.1.ppc64le.rpm openQA-auto-update-5.1749832158.cc746ea0-bp157.2.6.1.ppc64le.rpm openQA-bootstrap-5.1749832158.cc746ea0-bp157.2.6.1.ppc64le.rpm openQA-client-5.1749832158.cc746ea0-bp157.2.6.1.ppc64le.rpm openQA-common-5.1749832158.cc746ea0-bp157.2.6.1.ppc64le.rpm openQA-continuous-update-5.1749832158.cc746ea0-bp157.2.6.1.ppc64le.rpm openQA-devel-5.1749832158.cc746ea0-bp157.2.6.1.ppc64le.rpm openQA-doc-5.1749832158.cc746ea0-bp157.2.6.1.ppc64le.rpm openQA-local-db-5.1749832158.cc746ea0-bp157.2.6.1.ppc64le.rpm openQA-munin-5.1749832158.cc746ea0-bp157.2.6.1.ppc64le.rpm openQA-python-scripts-5.1749832158.cc746ea0-bp157.2.6.1.ppc64le.rpm openQA-single-instance-5.1749832158.cc746ea0-bp157.2.6.1.ppc64le.rpm openQA-single-instance-nginx-5.1749832158.cc746ea0-bp157.2.6.1.ppc64le.rpm openQA-worker-5.1749832158.cc746ea0-bp157.2.6.1.ppc64le.rpm openQA-5.1749832158.cc746ea0-bp157.2.6.1.s390x.rpm openQA-auto-update-5.1749832158.cc746ea0-bp157.2.6.1.s390x.rpm openQA-bootstrap-5.1749832158.cc746ea0-bp157.2.6.1.s390x.rpm openQA-client-5.1749832158.cc746ea0-bp157.2.6.1.s390x.rpm openQA-common-5.1749832158.cc746ea0-bp157.2.6.1.s390x.rpm openQA-continuous-update-5.1749832158.cc746ea0-bp157.2.6.1.s390x.rpm openQA-devel-5.1749832158.cc746ea0-bp157.2.6.1.s390x.rpm openQA-doc-5.1749832158.cc746ea0-bp157.2.6.1.s390x.rpm openQA-local-db-5.1749832158.cc746ea0-bp157.2.6.1.s390x.rpm openQA-munin-5.1749832158.cc746ea0-bp157.2.6.1.s390x.rpm openQA-python-scripts-5.1749832158.cc746ea0-bp157.2.6.1.s390x.rpm openQA-single-instance-5.1749832158.cc746ea0-bp157.2.6.1.s390x.rpm openQA-single-instance-nginx-5.1749832158.cc746ea0-bp157.2.6.1.s390x.rpm openQA-worker-5.1749832158.cc746ea0-bp157.2.6.1.s390x.rpm openSUSE-2025-220 moderate openSUSE Backports SLE-15-SP7 Update This update for libetebase fixes the following issues: Update to version 0.5.8: * CVE-2025-3416: Fixed rust openssl: Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate (bsc#1242638) * Deps: run cargo update. libetebase-0.5.8-bp157.2.3.1.src.rpm libetebase-devel-0.5.8-bp157.2.3.1.x86_64.rpm libetebase0-0.5.8-bp157.2.3.1.x86_64.rpm libetebase-devel-0.5.8-bp157.2.3.1.i586.rpm libetebase0-0.5.8-bp157.2.3.1.i586.rpm libetebase-devel-0.5.8-bp157.2.3.1.aarch64.rpm libetebase0-0.5.8-bp157.2.3.1.aarch64.rpm libetebase-devel-0.5.8-bp157.2.3.1.ppc64le.rpm libetebase0-0.5.8-bp157.2.3.1.ppc64le.rpm libetebase-devel-0.5.8-bp157.2.3.1.s390x.rpm libetebase0-0.5.8-bp157.2.3.1.s390x.rpm openSUSE-2025-224 moderate openSUSE Backports SLE-15-SP7 Update This update for queue fixes the following issues: Version 1.2.0: - Ignore broken pipe error (e.g. when piping to head) Version 1.2.0: - Only use dark_grey if available Version 1.1.0: - Color scheduled and running entries differently - Enable multi column limiting - Add hint about config location Version 1.3.0: - Ignore broken pipe error (e.g. when piping to head) Version 1.2.0: - Only use dark_grey if available Version 1.1.0: - Color scheduled and running entries differently - Enable multi column limiting - Add hint about config location queue-1.3.0-bp157.2.3.1.noarch.rpm queue-1.3.0-bp157.2.3.1.src.rpm openSUSE-2025-232 important openSUSE Backports SLE-15-SP7 Update this update for chromium 138.0.7204.96 (stable released 2025-06-30) (boo#1245544) fixes the following issues: * cve-2025-6554: type confusion in v8 * CVE-2025-6555: Use after free in Animation * CVE-2025-6556: Insufficient policy enforcement in Loader * CVE-2025-6557: Insufficient data validation in DevTools chromedriver-138.0.7204.96-bp157.2.19.1.x86_64.rpm chromedriver-debuginfo-138.0.7204.96-bp157.2.19.1.x86_64.rpm chromium-138.0.7204.96-bp157.2.19.1.src.rpm chromium-138.0.7204.96-bp157.2.19.1.x86_64.rpm chromium-debuginfo-138.0.7204.96-bp157.2.19.1.x86_64.rpm gh-2.74.2-bp157.2.3.1.src.rpm gh-2.74.2-bp157.2.3.1.x86_64.rpm gh-bash-completion-2.74.2-bp157.2.3.1.noarch.rpm gh-debuginfo-2.74.2-bp157.2.3.1.x86_64.rpm gh-fish-completion-2.74.2-bp157.2.3.1.noarch.rpm gh-zsh-completion-2.74.2-bp157.2.3.1.noarch.rpm gn-0.20250520-bp157.2.3.1.src.rpm gn-0.20250520-bp157.2.3.1.x86_64.rpm gn-debuginfo-0.20250520-bp157.2.3.1.x86_64.rpm gn-debugsource-0.20250520-bp157.2.3.1.x86_64.rpm gh-2.74.2-bp157.2.3.1.i586.rpm gh-debuginfo-2.74.2-bp157.2.3.1.i586.rpm gn-0.20250520-bp157.2.3.1.i586.rpm gn-debuginfo-0.20250520-bp157.2.3.1.i586.rpm gn-debugsource-0.20250520-bp157.2.3.1.i586.rpm chromedriver-138.0.7204.96-bp157.2.19.1.aarch64.rpm chromedriver-debuginfo-138.0.7204.96-bp157.2.19.1.aarch64.rpm chromium-138.0.7204.96-bp157.2.19.1.aarch64.rpm chromium-debuginfo-138.0.7204.96-bp157.2.19.1.aarch64.rpm gh-2.74.2-bp157.2.3.1.aarch64.rpm gh-debuginfo-2.74.2-bp157.2.3.1.aarch64.rpm gn-0.20250520-bp157.2.3.1.aarch64.rpm gn-debuginfo-0.20250520-bp157.2.3.1.aarch64.rpm gn-debugsource-0.20250520-bp157.2.3.1.aarch64.rpm gh-2.74.2-bp157.2.3.1.ppc64le.rpm gh-debuginfo-2.74.2-bp157.2.3.1.ppc64le.rpm gn-0.20250520-bp157.2.3.1.ppc64le.rpm gn-debuginfo-0.20250520-bp157.2.3.1.ppc64le.rpm gn-debugsource-0.20250520-bp157.2.3.1.ppc64le.rpm gh-2.74.2-bp157.2.3.1.s390x.rpm gh-debuginfo-2.74.2-bp157.2.3.1.s390x.rpm gn-0.20250520-bp157.2.3.1.s390x.rpm gn-debuginfo-0.20250520-bp157.2.3.1.s390x.rpm gn-debugsource-0.20250520-bp157.2.3.1.s390x.rpm openSUSE-2025-228 moderate openSUSE Backports SLE-15-SP7 Update This update for gitea-tea fixes the following issues: - update to 0.10.1: * Update release ci * chore(deps): update crazy-max/ghaction-import-gpg action to v6 * fix(deps): update module github.com/urfave/cli/v3 to v3.3.8 - update to 0.10.0: * fix: support SSH remotes with non-standard ports * minor helper fixes * Bump Table Dep * Login via oauth2 flow * Feat: interactive issue edit command * Use flakes vs devbox * Fix helper panic * Add --note-file flag to read release notes from a file * Fix/Login Edit Use Editor Env * Gitea Actions support * Expose --labels option * Add git helper * Support auto detecting branch for PRs * context: move human readable note to stderr * Add repos rm/delete command * Release Asset Management * tea branches list/protect/unprotect * Add OTP and scopes to login * Initial CLI docs * Fix for go tools called from make * fix interactive login add * issues list can show filtered by owner/org instead of repo too * fix: non-standard ssh port URL's repo can't be recognized * updated dependencies gitea-tea-0.10.1-bp157.2.3.1.src.rpm gitea-tea-0.10.1-bp157.2.3.1.x86_64.rpm gitea-tea-bash-completion-0.10.1-bp157.2.3.1.noarch.rpm gitea-tea-zsh-completion-0.10.1-bp157.2.3.1.noarch.rpm gitea-tea-0.10.1-bp157.2.3.1.i586.rpm gitea-tea-0.10.1-bp157.2.3.1.aarch64.rpm gitea-tea-0.10.1-bp157.2.3.1.ppc64le.rpm gitea-tea-0.10.1-bp157.2.3.1.s390x.rpm openSUSE-2025-230 important openSUSE Backports SLE-15-SP7 Update This update for roundcubemail fixes the following issues: Update to 1.6.11: This is a security update to the stable version 1.6 of Roundcube Webmail. It provides fixes to recently reported security vulnerabilities: * Fix Post-Auth RCE via PHP Object Deserialization reported by firs0v. - CHANGELOG * Managesieve: Fix match-type selector (remove unsupported options) in delete header action (#9610) * Improve installer to fix confusion about disabling SMTP authentication (#9801) * Fix PHP warning in index.php (#9813) * OAuth: Fix/improve token refresh * Fix dark mode bug where wrong colors were used for blockquotes in HTML mail preview (#9820) * Fix HTML message preview if it contains floating tables (#9804) * Fix removing/expiring redis/memcache records when using a key prefix * Fix bug where a wrong SPECIAL-USE folder could have been detected, if there were more than one per-type (#9781) * Fix a default value and documentation of password_ldap_encodage option (#9658) * Remove mobile/floating Create button from the list in Settings > Folders (#9661) * Fix Delete and Empty buttons state while creating a folder (#9047) * Fix connecting to LDAP using ldapi:// URI (#8990) * Fix cursor position on "below the quote" reply in HTML mode (#8700) * Fix bug where attachments with content type of application/vnd.ms-tnef were not parsed (#7119) roundcubemail-1.6.11-bp157.2.3.1.noarch.rpm roundcubemail-1.6.11-bp157.2.3.1.src.rpm openSUSE-2025-231 important openSUSE Backports SLE-15-SP7 Update This update for sslh fixes the following issues: sslh was updated to 2.2.4: * Fix CVE-2025-46806 (boo#1243120) for "Misaligned Memory Accesses in `is_openvpn_protocol()`" * Fix CVE-2025-46807 (boo#1243122) for "File Descriptor Exhaustion in sslh-select and sslh-ev" * Fix potential parsing of undefined data in syslog probe (no CVE assigned) Update to 2.2.3: * Reverse older commit: version.h cannot be included without breaking the build (everything recompiles every time) and the release archive creation (which relies on git tags). Update to 2.2.2: * Fix potential vulnerability similar to CVE-2020-28935 Update to 2.2.1: * Fix compilation when libproxyprotocol is not present Update to 2.2.0: * Add a boolean setting "is_unix" for listen and protocol entries. This will use the 'host' setting as a path name to a socket file, and connections (listening or connecting) will be performed on Unix socket instead of Internet sockets. * Support HAProxy's proxyprotocol on the backend server side. * Lots of documentation about a new, simpler way to perform transparent proxying. * New "verbose" option that overrides all other verbose settings. Update to 2.1.3: * Landlock access fix Update to 2.1.2: * Fix inetd Update to 2.1.1: * Fix MacOS build error Update to 2.1.0: * Support for the Landlock LSM. After initial setup, sslh gives up all local file access rights. * Reintroduced --ssl as an alias to --tls. * Introduce autoconf to adapt to landlock presence. * Close connexion without error message if remote client forcefully closes connexion, for Windows. Update to 2.0.1: * New semver-compatible version number * New sslh-ev: this is functionaly equivalent to sslh-select (mono-process, only forks for specified protocols), but based on libev, which should make it scalable to large numbers of connections. * New log system: instead of –verbose with arbitrary levels, there are now several message classes. Each message class can be set to go to stderr, syslog, or both. Classes are documented in example.cfg. * UDP connections are now managed in a hash to avoid linear searches. The downside is that the number of UDP connections is a hard limit, configurable with the ‘udp_max_connections’, which defaults to 1024. Timeouts are managed with lists. * inetd merges stderr output to what is sent to the client, which is a security issue as it might give information to an attacker. When inetd is activated, stderr is forcibly closed. * New protocol-level option resolve_on_forward, requests that target names are resolved at each connection instead of at startup. Useful for dynamic DNS situations. sslh-2.2.4-bp157.2.3.1.src.rpm sslh-2.2.4-bp157.2.3.1.x86_64.rpm sslh-2.2.4-bp157.2.3.1.i586.rpm sslh-2.2.4-bp157.2.3.1.aarch64.rpm sslh-2.2.4-bp157.2.3.1.ppc64le.rpm sslh-2.2.4-bp157.2.3.1.s390x.rpm openSUSE-2025-237 moderate openSUSE Backports SLE-15-SP7 Update This update for mosquitto fixes the following issues: mosquitto was update to version 2.0.21: * Broker * Fix clients sending a RESERVED packet not being quickly disconnected. * Fix bind_interface producing an error when used with an interface that has an IPv6 link-local address and no other IPv6 addresses. * Fix mismatched wrapped/unwrapped memory alloc/free in properties. * Fix allow_anonymous false not being applied in local only mode. * Add retain_expiry_interval option to fix expired retained message not being removed from memory if they are not subscribed to. * Produce an error if invalid combinations of cafile/capath/certfile/keyfile are used. * Backport keepalive checking from develop to fix problems in current implementation. * Client library * Fix potential deadlock in mosquitto_sub if -W is used. * Apps * mosquitto_ctrl dynsec now also allows -i to specify a clientid as well as -c. This matches the documentation which states -i. - systemd service: Wait till the network got setup to avoid startup failure. - Update to version 2.0.19 (CVE-2024-3935 boo#1232635, CVE-2024-10525 boo#1232636): libmosquitto1-2.0.21-bp157.2.3.1.x86_64.rpm libmosquittopp1-2.0.21-bp157.2.3.1.x86_64.rpm mosquitto-2.0.21-bp157.2.3.1.src.rpm mosquitto-2.0.21-bp157.2.3.1.x86_64.rpm mosquitto-clients-2.0.21-bp157.2.3.1.x86_64.rpm mosquitto-devel-2.0.21-bp157.2.3.1.x86_64.rpm libmosquitto1-2.0.21-bp157.2.3.1.aarch64.rpm libmosquittopp1-2.0.21-bp157.2.3.1.aarch64.rpm mosquitto-2.0.21-bp157.2.3.1.aarch64.rpm mosquitto-clients-2.0.21-bp157.2.3.1.aarch64.rpm mosquitto-devel-2.0.21-bp157.2.3.1.aarch64.rpm libmosquitto1-2.0.21-bp157.2.3.1.ppc64le.rpm libmosquittopp1-2.0.21-bp157.2.3.1.ppc64le.rpm mosquitto-2.0.21-bp157.2.3.1.ppc64le.rpm mosquitto-clients-2.0.21-bp157.2.3.1.ppc64le.rpm mosquitto-devel-2.0.21-bp157.2.3.1.ppc64le.rpm libmosquitto1-2.0.21-bp157.2.3.1.s390x.rpm libmosquittopp1-2.0.21-bp157.2.3.1.s390x.rpm mosquitto-2.0.21-bp157.2.3.1.s390x.rpm mosquitto-clients-2.0.21-bp157.2.3.1.s390x.rpm mosquitto-devel-2.0.21-bp157.2.3.1.s390x.rpm openSUSE-2025-241 moderate openSUSE Backports SLE-15-SP7 Update This update for spdlog fixes the following issues: - CVE-2025-6140: Fixed input manipulation that may lead to resource consumption (boo#1244696) libspdlog1_11-1.11.0-bp157.2.3.1.x86_64.rpm spdlog-1.11.0-bp157.2.3.1.src.rpm spdlog-devel-1.11.0-bp157.2.3.1.x86_64.rpm libspdlog1_11-1.11.0-bp157.2.3.1.aarch64.rpm libspdlog1_11-64bit-1.11.0-bp157.2.3.1.aarch64_ilp32.rpm spdlog-devel-1.11.0-bp157.2.3.1.aarch64.rpm libspdlog1_11-1.11.0-bp157.2.3.1.ppc64le.rpm spdlog-devel-1.11.0-bp157.2.3.1.ppc64le.rpm libspdlog1_11-1.11.0-bp157.2.3.1.s390x.rpm spdlog-devel-1.11.0-bp157.2.3.1.s390x.rpm openSUSE-2025-247 moderate openSUSE Backports SLE-15-SP7 Update This update for sassist fixes the following issues: Update to 0.8.7 * sos and supportconfig fixes. * documentation updates. * update the revision in _service file sassist-0.8.7-bp157.2.3.1.noarch.rpm sassist-0.8.7-bp157.2.3.1.src.rpm openSUSE-2025-243 important openSUSE Backports SLE-15-SP7 Update This update for chmlib fixes the following issues: - CVE-2025-48172: Fixed integer overflow in _chm_decompress_block of chm_lib.c, that could lead to heap buffer overflow (boo#1245803). chmlib-0.40-bp157.2.3.1.src.rpm chmlib-devel-0.40-bp157.2.3.1.x86_64.rpm chmlib-examples-0.40-bp157.2.3.1.x86_64.rpm libchm0-0.40-bp157.2.3.1.x86_64.rpm chmlib-devel-0.40-bp157.2.3.1.i586.rpm chmlib-devel-32bit-0.40-bp157.2.3.1.x86_64.rpm chmlib-examples-0.40-bp157.2.3.1.i586.rpm libchm0-0.40-bp157.2.3.1.i586.rpm libchm0-32bit-0.40-bp157.2.3.1.x86_64.rpm chmlib-devel-0.40-bp157.2.3.1.aarch64.rpm chmlib-devel-64bit-0.40-bp157.2.3.1.aarch64_ilp32.rpm chmlib-examples-0.40-bp157.2.3.1.aarch64.rpm libchm0-0.40-bp157.2.3.1.aarch64.rpm libchm0-64bit-0.40-bp157.2.3.1.aarch64_ilp32.rpm chmlib-devel-0.40-bp157.2.3.1.ppc64le.rpm chmlib-examples-0.40-bp157.2.3.1.ppc64le.rpm libchm0-0.40-bp157.2.3.1.ppc64le.rpm chmlib-devel-0.40-bp157.2.3.1.s390x.rpm chmlib-examples-0.40-bp157.2.3.1.s390x.rpm libchm0-0.40-bp157.2.3.1.s390x.rpm openSUSE-2025-250 important openSUSE Backports SLE-15-SP7 Update This update for pdns-recursor fixes the following issues: - update to 5.1.3: * Implement rfc6303 special zones (mostly v6 reverse mappings) * Distinguish OS imposed limits from app imposed limits, specifically on chains. - update to 5.1.2 (boo#1231292 CVE-2024-25590) https://doc.powerdns.com/recursor/changelog/5.1.html#change-5.1.2 - update to 5.1.1 https://doc.powerdns.com/recursor/changelog/5.1.html#change-5.1.1 https://doc.powerdns.com/recursor/changelog/5.0.html#change-5.0.8 - update to 5.0.5: * Do not count RRSIGs using unsupported algorithms toward RRSIGs limit * Correctly count NSEC3s considered when chasing the closest encloser. * Let NetmaskGroup parse dont-throttle-netmasks, allowing negations. * Fix types of two YAML settings (incoming.edns_padding_from, incoming.proxy_protocol_from) that should be sequences of subnets * Fix trace=fail regression and add regression test for it pdns-recursor-5.1.3-bp157.2.3.1.src.rpm pdns-recursor-5.1.3-bp157.2.3.1.x86_64.rpm pdns-recursor-5.1.3-bp157.2.3.1.aarch64.rpm pdns-recursor-5.1.3-bp157.2.3.1.ppc64le.rpm openSUSE-2025-254 moderate openSUSE Backports SLE-15-SP7 Update This update for icecast fixes the following issues: - Fix logrotate configuration to set the proper owner (boo#1245967); also dropping the corresponding rpmlintrc entry - Provide user/group symbol for user created during pre. icecast-2.4.4-bp157.2.3.1.src.rpm icecast-2.4.4-bp157.2.3.1.x86_64.rpm icecast-doc-2.4.4-bp157.2.3.1.noarch.rpm icecast-2.4.4-bp157.2.3.1.i586.rpm icecast-2.4.4-bp157.2.3.1.aarch64.rpm icecast-2.4.4-bp157.2.3.1.ppc64le.rpm icecast-2.4.4-bp157.2.3.1.s390x.rpm openSUSE-2025-257 moderate openSUSE Backports SLE-15-SP7 Update This update for munin fixes the following issues: - Let munin-node use its own log and run sub-directory to avoid privilege escalation (boo#1246089) - Drop dependency on fast-cgi which was replaced in 2.0.x by munin-httpd https://guide.munin-monitoring.org/en/latest/reference/munin-httpd.html - Add /srv/www directories to filelist [boo#1231027] - Fix dependenices: the FastCGI perl module is called FCGI. - remove package name based perl requires - remove dependency on /usr/bin/python3 using %python3_fix_shebang_path macro, [boo#1212476] - Provide user(munin) and group(munin): the user and group are created during in the pre script. - Use IO::Socket::IP instead of IO::Socket::INET[6] * Remove the dependency on perl(IO::Socket::INET6) as it has been deprecated by upstream, is no longer suitable for use and its not being maintained. A compatible replacement for this package is perl(IO::Socket::IP) which is shipped by the perl-base package. * Upstream commit back-ported: https://github.com/munin-monitoring/munin/commit/012b33a7 * Add upstream munin-remove-deprecated-INET6.patch - Drop manual requires for python (boo#1210588) munin-2.0.72-bp157.2.3.1.noarch.rpm munin-2.0.72-bp157.2.3.1.src.rpm munin-node-2.0.72-bp157.2.3.1.noarch.rpm openSUSE-2025-259 moderate openSUSE Backports SLE-15-SP7 Update This update for git-credential-oauth fixes the following issues: Introduce version 0.15.0: git-credential-oauth-0.15.0-bp157.2.1.src.rpm git-credential-oauth-0.15.0-bp157.2.1.x86_64.rpm git-credential-oauth-0.15.0-bp157.2.1.i586.rpm git-credential-oauth-0.15.0-bp157.2.1.aarch64.rpm git-credential-oauth-0.15.0-bp157.2.1.ppc64le.rpm git-credential-oauth-0.15.0-bp157.2.1.s390x.rpm openSUSE-2025-261 moderate openSUSE Backports SLE-15-SP7 Update This update for chafa fixes the following issues: - Update to 1.16.1: * Bug fixes: #282 Fish completion not included in release tarball #283 Piping and redirection are broken in Windows - Update to 1.16.0: * Added terminal probing. Currently we can determine geometry, colors and sixel capabilities this way. This supplements the existing heuristics. * The internal terminal database and heuristics were refactored for clarity, with new API added to simplify the configuration process. * I/O is now threaded, resulting in improved responsiveness and pipelining. * New option: --grid=WxH, --grid=[auto|on|off] or -g. This lays out multiple images in a grid for easy browsing. * New option: --label=[on|off] or -l. Labels each image with its filename. Works in both continuous and grid layouts. * New option: --probe=[auto|on|off]. Controls whether to actively probe the terminal. Can take a real number denoting how long to wait for a response. * Sixel quality improved significantly. The quantizer was reimplemented with modern algorithms (#174), and blue noise dithering was introduced (#238). * The new blue noise dithering is also available in symbols mode, and can be turned on with --dither noise. It can be turned off with --dither none. * Numerous small improvements were made to sixel handling: + Terminal cursor placement quirks are now represented and handled. + Images can now cover their cell extents completely. + Workaround for animations "walking up the screen" on quirky terminals. * The JPEG XL loader was improved with optional memory mapping and better container support * Enabled wildcard expansion in Windows builds (#266). * Added completions for the fish shell and updated those for zsh. * Bug fixes: + #111 Provide auto detection of background for perception of transparency + #228 Sixel capability not detected in foot + tmux + #236 Ghostty shows pwd/lock indicator when using Chafa + #238 Sixel image quality significantly different from img2sixel and ImageMagick + #239 Chafa leaves echo on + #245 JPEG file not recognized + #246 Examples using deprecated functions + #249 Sixel detection doesn't set default values + #254 -t 1 doesn't work with -f iterm + #255 Animations scroll/walk up the screen + #265 Enable Kitty image protocol for Warp + #266 On Windows, in a cmd.exe window, filename wildcard expansion is broken + #273 -t 1 messes up some images + #274 -f {kitty,iterm} swaps BG color channels for SVG + #278 Images not always padded to cell boundary + [unfiled] Fix broken bashisms resulting in logic failure + [unfiled] Small leak in chafa_canvas_print_rows() + [unfiled] Uninitialized histogram in nearest-neighbor interp. - Update to 1.14.5: Fixes: * Improve sixel and general terminal support inside tmux * Support JPEGs with CMYK color space * Fix --font-ratio doing nothing * Ensure CLI tool gets linked with libm. - Update to 1.14.4: * Bug fixes: #216 Dither intensity does not work properly - Update to 1.14.3: * Sixel transparency has been reenabled for still frames. Animations will be pre-composited on an opaque background to prevent flicker/glitchiness (#211) * Now supports the Ghostty terminal, defaulting to the Kitty graphics protocol there. * Bug fixes: #185 Chafa version 1.14 breaks image preview on lf. #210 Crash with -f sixels. #211 Sixels are too small in Windows Terminal. #212 Aspect-preserving calculations are off in some cases. [unfiled] Inconsistent fraction parsing in CLI arguments. [unfiled] A few small memory leaks in the JPEG XL loader. - Update to 1.14.2: * #203 Chafa 1.14.1 fails to build on i686 * #205 Symbols mode not working since 1.14.1 * #206 Crash when importing more than 32767 glyphs * Fix erroneous base64 encoding of final byte in some circumstances - Update to 1.14.1: * A JPEG XL (.jxl) loader was added using libjxl (#188). * Added detection of the Eat "Emulate a Terminal" Emacs terminal. * Symbols mode was sped up significantly on AVX2-capable platforms. * Tests: A new test driver was added. It will log the specifics of any failures, which aids debugging of CI builds. * Bug fixes: #189 Fix installation of zsh completions. #190 Fix a small memory leak in ChafaCanvas. #192 Wrong sixel padding in some circumstances. #195 tmux passthrough enabled when already set. #196 iTerm mode not enabled automatically. - Enable optional image formats * jpeg * svg * tiff * webp - Update to 1.14.0: * Removed ImageMagick loader support. Packagers can now remove this dependency * Polite mode is now off by default. The new default eliminates cursor flicker and makes the output more robust against unusual terminal settings. The old behavior can be restored with --polite on. * Added image loaders for the AVIF and QOI formats. * sRGB gamma is now handled correctly in scaling operations. * New option: --passthrough=<auto|none|screen|tmux>. This allows passing graphics protocols like Sixels, iTerm and Kitty through a terminal multiplexer. It will be enabled automatically for Kitty, and can be enabled manually for other protocols with more limited support * New option: --view-size=<WxH>. Specifies width and height of the viewport, overriding the detected terminal size * New option: --fit-width. Fits images to the width of the viewport, allowing them to be taller than the viewport's height * New option: --relative=<bool>. Enables relative cursor positioning. Useful if you've pre-positioned the cursor at a particular offset where you want frames to appear, but tends to make the output illegible in pagers, e.g. less -R * New option: --exact-size=<auto|on|off>. Preserves the input pixel size when possible. Useful to avoid artifacts caused by resampling * New symbol selector: imported. This selects glyphs loaded with --glyph-file * Fontgen: Added a BDF font writer * Fontgen: Cleanup and modernization * The help text and manual page were overhauled for readability, and the API documentation now includes symbol indexes by version and deprecation status. * Added a zsh completion script * Fix "unknown file format" when using AVIF on stdin * Fix broken linking with libwebp-1.3.1 * Fix make check with --without-tools * Fix --duration not working well with still images * Fix sixel rendering of animations * Fix operator precedence in geometry calculation chafa-1.16.1-bp157.2.3.1.src.rpm chafa-1.16.1-bp157.2.3.1.x86_64.rpm chafa-devel-1.16.1-bp157.2.3.1.x86_64.rpm chafa-doc-1.16.1-bp157.2.3.1.noarch.rpm libchafa0-1.16.1-bp157.2.3.1.x86_64.rpm chafa-1.16.1-bp157.2.3.1.i586.rpm chafa-devel-1.16.1-bp157.2.3.1.i586.rpm libchafa0-1.16.1-bp157.2.3.1.i586.rpm chafa-1.16.1-bp157.2.3.1.aarch64.rpm chafa-devel-1.16.1-bp157.2.3.1.aarch64.rpm libchafa0-1.16.1-bp157.2.3.1.aarch64.rpm chafa-1.16.1-bp157.2.3.1.ppc64le.rpm chafa-devel-1.16.1-bp157.2.3.1.ppc64le.rpm libchafa0-1.16.1-bp157.2.3.1.ppc64le.rpm chafa-1.16.1-bp157.2.3.1.s390x.rpm chafa-devel-1.16.1-bp157.2.3.1.s390x.rpm libchafa0-1.16.1-bp157.2.3.1.s390x.rpm openSUSE-2025-256 low openSUSE Backports SLE-15-SP7 Update This update for tinyproxy fixes the following issues: - Add userswitching to logrotate snippet [boo#1246092] - Replace sysvinit call in logrotate snippet by systemctl tinyproxy-1.11.2-bp157.2.3.1.src.rpm tinyproxy-1.11.2-bp157.2.3.1.x86_64.rpm tinyproxy-1.11.2-bp157.2.3.1.i586.rpm tinyproxy-1.11.2-bp157.2.3.1.aarch64.rpm tinyproxy-1.11.2-bp157.2.3.1.ppc64le.rpm tinyproxy-1.11.2-bp157.2.3.1.s390x.rpm openSUSE-2026-19 moderate openSUSE Backports SLE-15-SP7 Update This update for ansible-sap-launchpad fixes the following issues: Update to version 1.2.1: - software_center_download: Improved logic for skipping existing files and getting valid filename - sap_software_download: Add SLES 16 python313 support and update changelog ansible-sap-launchpad-1.2.1-bp157.2.3.34.noarch.rpm ansible-sap-launchpad-1.2.1-bp157.2.3.34.src.rpm openSUSE-2025-267 important openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: - Chromium 138.0.7204.157 (boo#1246558): * CVE-2025-7656: Integer overflow in V8 * CVE-2025-6558: Incorrect validation of untrusted input in ANGLE and GPU * CVE-2025-7657: Use after free in WebRTC - Chromium 138.0.7204.100: * tweaks to the Google services settings page chromedriver-138.0.7204.157-bp157.2.22.1.x86_64.rpm chromium-138.0.7204.157-bp157.2.22.1.src.rpm chromium-138.0.7204.157-bp157.2.22.1.x86_64.rpm chromedriver-138.0.7204.157-bp157.2.22.1.aarch64.rpm chromium-138.0.7204.157-bp157.2.22.1.aarch64.rpm openSUSE-2025-269 moderate openSUSE Backports SLE-15-SP7 Update This update for python3-pycares fixes the following issues: - CVE-2025-48945: Fixed a use-after-free in the Channel object garbage collection (boo#1244691) python3-pycares-3.1.1-bp157.2.3.1.src.rpm python3-pycares-3.1.1-bp157.2.3.1.x86_64.rpm python3-pycares-3.1.1-bp157.2.3.1.i586.rpm python3-pycares-3.1.1-bp157.2.3.1.aarch64.rpm python3-pycares-3.1.1-bp157.2.3.1.ppc64le.rpm python3-pycares-3.1.1-bp157.2.3.1.s390x.rpm openSUSE-2025-270 moderate openSUSE Backports SLE-15-SP7 Update This update for xtrabackup fixes the following issues: - CVE-2025-5916: Prevented signed integer overflow while reading warcfile (boo#1244383). - CVE-2025-5917: Fixed overflow in build_ustar_entry_name() (boo#1244333). - CVE-2025-5914: Fixed double free due to an integer overflow (boo#1244389). xtrabackup-2.4.26-bp157.2.3.1.src.rpm xtrabackup-2.4.26-bp157.2.3.1.x86_64.rpm xtrabackup-test-2.4.26-bp157.2.3.1.x86_64.rpm xtrabackup-2.4.26-bp157.2.3.1.i586.rpm xtrabackup-test-2.4.26-bp157.2.3.1.i586.rpm xtrabackup-2.4.26-bp157.2.3.1.aarch64.rpm xtrabackup-test-2.4.26-bp157.2.3.1.aarch64.rpm xtrabackup-2.4.26-bp157.2.3.1.ppc64le.rpm xtrabackup-test-2.4.26-bp157.2.3.1.ppc64le.rpm xtrabackup-2.4.26-bp157.2.3.1.s390x.rpm xtrabackup-test-2.4.26-bp157.2.3.1.s390x.rpm openSUSE-2025-273 important openSUSE Backports SLE-15-SP7 Update This security update to chromium 138.0.7204.168 boo#1246902 * CVE-2025-8010: Type Confusion in V8 * CVE-2025-8011: Type Confusion in V8 * Various fixes from internal audits, fuzzing and other initiatives chromedriver-138.0.7204.168-bp157.2.25.1.x86_64.rpm chromedriver-debuginfo-138.0.7204.168-bp157.2.25.1.x86_64.rpm chromium-138.0.7204.168-bp157.2.25.1.src.rpm chromium-138.0.7204.168-bp157.2.25.1.x86_64.rpm chromium-debuginfo-138.0.7204.168-bp157.2.25.1.x86_64.rpm chromedriver-138.0.7204.168-bp157.2.25.1.aarch64.rpm chromedriver-debuginfo-138.0.7204.168-bp157.2.25.1.aarch64.rpm chromium-138.0.7204.168-bp157.2.25.1.aarch64.rpm chromium-debuginfo-138.0.7204.168-bp157.2.25.1.aarch64.rpm openSUSE-2025-276 moderate openSUSE Backports SLE-15-SP7 Update This update for gitea-tea fixes the following issues: - Fix argument parsing. gitea-tea-0.10.1-bp157.2.6.1.src.rpm gitea-tea-0.10.1-bp157.2.6.1.x86_64.rpm gitea-tea-bash-completion-0.10.1-bp157.2.6.1.noarch.rpm gitea-tea-zsh-completion-0.10.1-bp157.2.6.1.noarch.rpm gitea-tea-0.10.1-bp157.2.6.1.i586.rpm gitea-tea-0.10.1-bp157.2.6.1.aarch64.rpm gitea-tea-0.10.1-bp157.2.6.1.ppc64le.rpm gitea-tea-0.10.1-bp157.2.6.1.s390x.rpm openSUSE-2025-277 important openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: Chromium 138.0.7204.183 (boo#1247365): - CVE-2025-8292: Use after free in Media Stream chromedriver-138.0.7204.183-bp157.2.28.1.x86_64.rpm chromium-138.0.7204.183-bp157.2.28.1.src.rpm chromium-138.0.7204.183-bp157.2.28.1.x86_64.rpm chromedriver-138.0.7204.183-bp157.2.28.1.aarch64.rpm chromium-138.0.7204.183-bp157.2.28.1.aarch64.rpm openSUSE-2025-278 important openSUSE Backports SLE-15-SP7 Update This update for kmozillahelper fixes the following issue: - Drop the requirement on mozilla-kde4-version. It's only provided by old versions of MozillaFirefox and MozillaThunderbird, which we don't want to pull in (boo#1247369) kmozillahelper-5.0.6-bp157.2.3.1.src.rpm kmozillahelper-5.0.6-bp157.2.3.1.x86_64.rpm kmozillahelper-5.0.6-bp157.2.3.1.i586.rpm kmozillahelper-5.0.6-bp157.2.3.1.aarch64.rpm kmozillahelper-5.0.6-bp157.2.3.1.ppc64le.rpm kmozillahelper-5.0.6-bp157.2.3.1.s390x.rpm openSUSE-2025-281 moderate openSUSE Backports SLE-15-SP7 Update This update for kanidm fixes the following issues: - Update to version 1.7.0~git0.621ac7be0: * Release 1.7.0 * Fix a couple of commands in the OAuth2 Proxy examples (#3758) - Update to version 1.7.0-pre~git0.7d9da9dc8: * Release 1.7.0-pre * 20250729 pre release (#3756) * Helps to enable features like defer spans (#3755) * Downgrade notify-debouncer (#3747) * Reduce memory usage on unixd (#3754) * Bump the all group with 4 updates (#3753) * 20250723 application passwords again (#3748) * Docs oauth2 examples (#3750) * Groups WebUI, modify description (#3734) * Improve replication logging (#3746) * 20250711 type migrations (#3741) * Bump the all group with 3 updates (#3743) * Use constants for /etc/shadow and related paths (#3740) * fix: don't show people's whole tokens in debugs (#3742) * Updates to makefile (#3736) * Add a new paragraph in the installation quickstart for installing required client tools, and clarify the client tool setup paragraph (#3735) * Bump the all group with 4 updates (#3737) * Add ppc64le support for docker images (#3733) * Basic interface to get and regenerate the RADIUS password (#3728) * book: fix command example in pam_and_nsswitch.md (#3732) * fix docgen (#3731) * Fix for Failed to deserialize query: missing field 'state' (#3726) * Add user facing SCIM pagination / sorting (#3725) * Admin UI Group name modification (#3717) * fix typo in documentation: tls_path to tls_key (#3727) * Pre-validate and extract UAT into ClientAuthInfo (#3714) * Security policy updates (re: #3719) (#3722) * Fix using wrong template when setting POSIX password (#3719) (#3720) * Resolve startup failure with client TLS certificates (#3712) * Bump the all group with 2 updates (#3718) * Simple group list (#3713) * Update repos (#3711) * 20250621 application passwords (#3700) * Update docs, doc fmt (#3710) * Apply review feedback * Correctly log connection information * Refactor middleware/extractors * [htmx] basic profile updating (#2994) * Correct 389DS command (#3707) * Schema again (#3706) * examples: small grammar fix (#3705) * Clippy (#3702) * 20250627 update hsm crypto (#3701) * Update 389 content sync instructions (#3699) * Corrections to radius examples (#3697) * fix: wording (#3696) * Update radius.md (Explain: NAS == Network Access Server) (#3691) * updating docs around packages (#3695) * 20250618 rustls (#3687) * fix: error message that wasn't an error (#3690) * Only generate passwords on service accounts (#3688) * Add hmac 256 for cryptography operations (#3663) * Update Nextcloud example (#3683) * Bump the all group with 8 updates (#3684) * Allow deferring spans in unixd (#3680) * OpenSUSE build fix (#3681) * Dark mode improvements (#3660) * Add port examples for server.toml (#3679) * Fix SCIM filter parser for quoted values with spaces and escaped quotes (#3673) * fix: strip comments from UNIX files before parsing (#3674) * Bump the all group across 1 directory with 11 updates (#3675) * Start to implement SCIM apis (#3535) * Fix healthcheck to use ENV for config path (#3656) * maint: rewrite crypto Password::try_from (#3637) * doc(book): Add option to Nextcloud Oauth2.0 example (#3654) * Bump the all group with 4 updates (#3655) * Make it clearer that the http address section is needed (#3652) * TODO trimming (#3641) * Investigate and reduce memory consumption of unixd (#3645) * Swap bytes mut at buffer limits (#3651) * Clippy for 1.87 (#3644) * fix: Improve unixd & unixd-tasks startup coupling (#3638) * Bump the all group with 2 updates (#3648) * reload schema before verify (#3643) * Defend against split_at panic (#3636) * Fix minor issue with untagged version handling (#3634) * Move shadow processing out of task event loop (#3631) * Dont specify config path in container (#3630) * Accept SSHA with different salt lengths (#3629) * Bye poetry, hi uv for python things (#3627) * Resolve flaw with ssh key parse if the key has no comment (#3628) * Indicate that this is an ip list, not a range (#3626) * Test for corrupted unicode in SSH keys, keep the key title on error/resubmit (#3618) * Reduce replication logging verbosity * Bump the all group across 1 directory with 7 updates (#3623) * Bump the all group in /pykanidm with 2 updates (#3621) * cargo publish (#3613) * fix: clippy * maint: typo in log message * Set kid manually to prevent divergence * Order keys in application JWKS / Fix rotation bug * Fix toml issues with strings * OAuth2 Client ID's should be processed as lowercase (#3605) * Resolve reload of oauth2 on startup (#3604) * Bump petgraph from 0.7.1 to 0.8.1 in the all group (#3595) * Bump the all group in /pykanidm with 2 updates (#3596) * Avoid openssl for md4 (#3594) * Fixes #3586, inverts the navbar button color (#3593) * Update to 1.7.0-dev (#3592) kanidm-1.7.0~git0.621ac7be0-bp157.2.6.1.src.rpm kanidm-1.7.0~git0.621ac7be0-bp157.2.6.1.x86_64.rpm kanidm-clients-1.7.0~git0.621ac7be0-bp157.2.6.1.x86_64.rpm kanidm-docs-1.7.0~git0.621ac7be0-bp157.2.6.1.x86_64.rpm kanidm-server-1.7.0~git0.621ac7be0-bp157.2.6.1.x86_64.rpm kanidm-unixd-clients-1.7.0~git0.621ac7be0-bp157.2.6.1.x86_64.rpm kanidm-1.7.0~git0.621ac7be0-bp157.2.6.1.aarch64.rpm kanidm-clients-1.7.0~git0.621ac7be0-bp157.2.6.1.aarch64.rpm kanidm-docs-1.7.0~git0.621ac7be0-bp157.2.6.1.aarch64.rpm kanidm-server-1.7.0~git0.621ac7be0-bp157.2.6.1.aarch64.rpm kanidm-unixd-clients-1.7.0~git0.621ac7be0-bp157.2.6.1.aarch64.rpm openSUSE-2025-282 moderate openSUSE Backports SLE-15-SP7 Update This update for exim fixes the following issues: Exim is shipped in release 4.98.2. exim-4.98.2-bp157.2.1.src.rpm exim-4.98.2-bp157.2.1.x86_64.rpm eximon-4.98.2-bp157.2.1.x86_64.rpm eximstats-html-4.98.2-bp157.2.1.x86_64.rpm exim-4.98.2-bp157.2.1.aarch64.rpm eximon-4.98.2-bp157.2.1.aarch64.rpm eximstats-html-4.98.2-bp157.2.1.aarch64.rpm exim-4.98.2-bp157.2.1.ppc64le.rpm eximon-4.98.2-bp157.2.1.ppc64le.rpm eximstats-html-4.98.2-bp157.2.1.ppc64le.rpm exim-4.98.2-bp157.2.1.s390x.rpm eximon-4.98.2-bp157.2.1.s390x.rpm eximstats-html-4.98.2-bp157.2.1.s390x.rpm openSUSE-2025-288 moderate openSUSE Backports SLE-15-SP7 Update This update for kubo fixes the following issues: - 0.35.0 * Opt-in HTTP Retrieval client * Dedicated Reprovider.Strategy for MFS * Experimental support for MFS as a FUSE mount point * Grid view in WebUI * Enhanced DAG-Shaping Controls * Datastore Metrics Now Opt-In * Improved performance of data onboarding * Optimized, dedicated queue for providing fresh CIDs * New Provider configuration options * Deprecated ipfs stats provider * New Bitswap configuration options * Bitswap.Libp2pEnabled * Bitswap.ServerEnabled * Internal.Bitswap.ProviderSearchMaxResults * New Routing configuration options * Routing.IgnoreProviders * Routing.DelegatedRouters * New Pebble database format config * New environment variables * Improved Log Output Setting * New Repo Lock Optional Wait * Updated golang.org/x/net to 0.40.0 (boo#1241776, CVE-2025-22872) - Update to 0.34.1 - for details see * https://github.com/ipfs/kubo/releases/tag/v0.34.1 * Dependency updates - Update to 0.34.0 - for details see * https://github.com/ipfs/kubo/releases/tag/v0.34.0 * AutoTLS now enabled by default for nodes with 1 hour uptime * New WebUI features: CAR file import and QR code sharing * RPC and CLI command changes ~ ipfs config is now validating json fields ~ Deprecated the bitswap reprovide command ~ The stats reprovide command now shows additional stats ~ ipfs files cp now performs basic codec check * Bitswap improvements from Boxo * IPNS publishing TTL change ~ we've lowered the default IPNS Record TTL during publishing to 5 minutes * IPFS_LOG_LEVEL deprecated * Pebble datastore format update * Badger datastore update * Datastore Implementation Updates * Datastore Implementation Updates * Fix hanging pinset operations during reprovides * Important dependency updates - Update to 0.33.1 - for details see * https://github.com/ipfs/kubo/releases/tag/v0.33.1 * Bitswap improvements from Boxo * Improved IPNS interop - Update to 0.33.0 - for details see * https://github.com/ipfs/kubo/releases/tag/v0.33.0 * Shared TCP listeners: Kubo now supports sharing the same TCP port (4001 by default) by both raw TCP and WebSockets libp2p transports. * AutoTLS takes care of Secure WebSockets setup: It is no longer necessary to manually add /tcp/../ws listeners to Addresses.Swarm when AutoTLS.Enabled is set to true. Kubo will detect if /ws listener is missing and add one on the same port as pre-existing TCP (e.g. /tcp/4001), removing the need for any extra configuration. * Bitswap improvements from Boxo * Using default libp2p_rcmgr metrics: Bespoke rcmgr metrics were removed, Kubo now exposes only the default libp2p_rcmgr metrics from go-libp2p. * Flatfs does not sync on each write: New repositories initialized with flatfs in Datastore.Spec will have sync set to false. * ipfs add --to-files no longer works with --wrap * ipfs --api supports HTTPS RPC endpoints * New options for faster writes: WriteThrough, BlockKeyCacheSize, BatchMaxNodes, BatchMaxSize * MFS stability with large number of writes * New DoH resolvers for non-ICANN DNSLinks: .eth and .crypto * Reliability improvements to the WebRTC Direct listener * Fix: Escape Redirect URL for Directory kubo-0.35.0-bp157.2.3.1.src.rpm kubo-0.35.0-bp157.2.3.1.x86_64.rpm kubo-0.35.0-bp157.2.3.1.i586.rpm kubo-0.35.0-bp157.2.3.1.aarch64.rpm kubo-0.35.0-bp157.2.3.1.ppc64le.rpm kubo-0.35.0-bp157.2.3.1.s390x.rpm openSUSE-2025-286 important openSUSE Backports SLE-15-SP7 Update Chromium was updated to fix: - CVE-2025-54874 fix missing error check in openjpeg (bsc#1247661) Chromium 139.0.7258.66 (boo#1247664): * CVE-2025-8576: Use after free in Extensions * CVE-2025-8577: Inappropriate implementation in Picture In Picture * CVE-2025-8578: Use after free in Cast * CVE-2025-8579: Inappropriate implementation in Gemini Live in Chrome * CVE-2025-8580: Inappropriate implementation in Filesystems * CVE-2025-8581: Inappropriate implementation in Extensions * CVE-2025-8582: Insufficient validation of untrusted input in DOM * CVE-2025-8583: Inappropriate implementation in Permissions chromedriver-139.0.7258.66-bp157.2.31.1.x86_64.rpm chromium-139.0.7258.66-bp157.2.31.1.src.rpm chromium-139.0.7258.66-bp157.2.31.1.x86_64.rpm chromedriver-139.0.7258.66-bp157.2.31.1.aarch64.rpm chromium-139.0.7258.66-bp157.2.31.1.aarch64.rpm openSUSE-2025-290 moderate openSUSE Backports SLE-15-SP7 Update This update for kanidm fixes the following issues: Update to version 1.7.1~git0.130a31d29: * Release 1.7.1 * Update tracing-forest * Handle SEC1 private key (#3761) kanidm-1.7.1~git0.130a31d29-bp157.2.9.1.src.rpm kanidm-1.7.1~git0.130a31d29-bp157.2.9.1.x86_64.rpm kanidm-clients-1.7.1~git0.130a31d29-bp157.2.9.1.x86_64.rpm kanidm-docs-1.7.1~git0.130a31d29-bp157.2.9.1.x86_64.rpm kanidm-server-1.7.1~git0.130a31d29-bp157.2.9.1.x86_64.rpm kanidm-unixd-clients-1.7.1~git0.130a31d29-bp157.2.9.1.x86_64.rpm kanidm-1.7.1~git0.130a31d29-bp157.2.9.1.aarch64.rpm kanidm-clients-1.7.1~git0.130a31d29-bp157.2.9.1.aarch64.rpm kanidm-docs-1.7.1~git0.130a31d29-bp157.2.9.1.aarch64.rpm kanidm-server-1.7.1~git0.130a31d29-bp157.2.9.1.aarch64.rpm kanidm-unixd-clients-1.7.1~git0.130a31d29-bp157.2.9.1.aarch64.rpm openSUSE-2025-294 moderate openSUSE Backports SLE-15-SP7 Update This update for python-CppHeaderParser fixes the following issues: - Initial version CppHeaderParser 2.7.4 (PED#13362, PED#13381). python-CppHeaderParser-2.7.4-bp157.2.1.src.rpm python3-CppHeaderParser-2.7.4-bp157.2.1.noarch.rpm openSUSE-2025-293 moderate openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: - install libffmpeg.so if using the bundled one and block the extra dependency chromedriver-139.0.7258.66-bp157.2.34.1.x86_64.rpm chromium-139.0.7258.66-bp157.2.34.1.src.rpm chromium-139.0.7258.66-bp157.2.34.1.x86_64.rpm chromedriver-139.0.7258.66-bp157.2.34.1.aarch64.rpm chromium-139.0.7258.66-bp157.2.34.1.aarch64.rpm openSUSE-2025-298 moderate openSUSE Backports SLE-15-SP7 Update This update for virtme fixes the following issues: Update to 1.37: The most interesting feature in this new version is the initial support for systemd. Until now, virtme-ng didn't support systemd because it relied on a custom init system (virtme-ng-init) to speed up boot time. As a result, tests requiring systemd couldn't run inside the virtme-ng session. With the new --systemd option, virtme-ng can now (optionally) boot with systemd in the virtualized environment, enabling full systemd interaction during testing. virtme-1.37-bp157.2.6.1.noarch.rpm virtme-1.37-bp157.2.6.1.src.rpm openSUSE-2025-301 important openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: Chromium 139.0.7258.127 (boo#1247981): * CVE-2025-8879: Heap buffer overflow in libaom * CVE-2025-8880: Race in V8 * CVE-2025-8901: Out of bounds write in ANGLE * CVE-2025-8881: Inappropriate implementation in File Picker * CVE-2025-8882: Use after free in Aura * Various fixes from internal audits, fuzzing and other initiatives chromedriver-139.0.7258.127-bp157.2.37.1.x86_64.rpm chromedriver-debuginfo-139.0.7258.127-bp157.2.37.1.x86_64.rpm chromium-139.0.7258.127-bp157.2.37.1.src.rpm chromium-139.0.7258.127-bp157.2.37.1.x86_64.rpm chromium-debuginfo-139.0.7258.127-bp157.2.37.1.x86_64.rpm chromedriver-139.0.7258.127-bp157.2.37.1.aarch64.rpm chromedriver-debuginfo-139.0.7258.127-bp157.2.37.1.aarch64.rpm chromium-139.0.7258.127-bp157.2.37.1.aarch64.rpm chromium-debuginfo-139.0.7258.127-bp157.2.37.1.aarch64.rpm chromedriver-139.0.7258.127-bp157.2.37.1.ppc64le.rpm chromedriver-debuginfo-139.0.7258.127-bp157.2.37.1.ppc64le.rpm chromium-139.0.7258.127-bp157.2.37.1.ppc64le.rpm chromium-debuginfo-139.0.7258.127-bp157.2.37.1.ppc64le.rpm openSUSE-2025-306 moderate openSUSE Backports SLE-15-SP7 Update This update for kanidm fixes the following issues: Update to version 1.7.2~git0.d331ea986: * Release 1.7.2 * Resolve replication show-cert issue (#3792) * Add json codec wrapper for unix integration (#3789) * Trying to clean up order of operations in kanidm_unixd_tasks (#3762) * Break-glass account disable command (#3780) * Make it clearer why the user can't login with unixd (#3778) * Improve argon2id parameter search speed (#3768) kanidm-1.7.2~git0.d331ea986-bp157.2.12.1.src.rpm kanidm-1.7.2~git0.d331ea986-bp157.2.12.1.x86_64.rpm kanidm-clients-1.7.2~git0.d331ea986-bp157.2.12.1.x86_64.rpm kanidm-docs-1.7.2~git0.d331ea986-bp157.2.12.1.x86_64.rpm kanidm-server-1.7.2~git0.d331ea986-bp157.2.12.1.x86_64.rpm kanidm-unixd-clients-1.7.2~git0.d331ea986-bp157.2.12.1.x86_64.rpm kanidm-1.7.2~git0.d331ea986-bp157.2.12.1.aarch64.rpm kanidm-clients-1.7.2~git0.d331ea986-bp157.2.12.1.aarch64.rpm kanidm-docs-1.7.2~git0.d331ea986-bp157.2.12.1.aarch64.rpm kanidm-server-1.7.2~git0.d331ea986-bp157.2.12.1.aarch64.rpm kanidm-unixd-clients-1.7.2~git0.d331ea986-bp157.2.12.1.aarch64.rpm openSUSE-2025-307 moderate openSUSE Backports SLE-15-SP7 Update This update for gh fixes the following issues: - Update to version 2.76.2: * Refactor tab completion test * Test `gh pr create --reviewer` tab completion * Include org teams for PR reviewers * docs(ci): delete obsolete comment - Update to version 2.76.1: * Updated third-party license compliance content * Add tests for reviewer team handling in PR creation * Refactor and improve RepoMetadata teams test * Refactor error assertion in Test_RepoMetadataTeams * FIX: conditionally fetching team reviewers * Add TeamReviewers flag to RepoMetadataInput * Update .github/workflows/scripts/spam-detection/generate-sys-prompt.sh * Use gh go templating for user prompt * Update eval script comments * Remove unnecessary file for heredoc * First pass to optimize and improve * Limit permissions of govulncheck workflow * Incorporate govulncheck into workflows * update ownership of pkg/cmd/release/shared/ * Run Lint and Tests on `push` to `trunk` branch * ci: echo spam detection result * ci: add `models: read` permission * ci: correct `sed` usage to remove Markdown front matter * docs: fix typo in script docs * ci: fix potentially confusing typo in system prompt * ci: use `issue.html_url` instead of `issue.url` * ci: remove unused env vars * ci: add spam issue detection workflow * ci: add spam issue detection scripts * chore(deps): bump github.com/sigstore/sigstore-go from 1.0.0 to 1.1.0 * chore(deps): bump advanced-security/filter-sarif from 1.0.0 to 1.0.1 * Improve `api` `--preview` docs * add tenancy aware for san matcher - Update to version 2.76.0: * Copilot Pro+ / Enterprise subscribers can now assign issues to Copilot during issue creation * Display immutable field in release view command * Do not fetch logs for skipped jobs * Transform extension and filename qualifiers into path qualifier for web code search - Update to version 2.75.0: * Quote Windows rsyso script global hook * test(search): verify `URL` returns quoted query * test(search): test pagination with multi-word quoted queries * fix(search): fix mutating query state fields * Add setup-go to bump-go * Update contribution design link * test(pr merge): always assert stderr * test(pr merge): verify `deleteRemoteBranch` behaviour when API returns error * fix(pr merge): ignore 404 as error when deleting remote branch * Ensure go mod tidy is run in bump-go * Inject token into bump-go workflow * Reformat gh run view help * docs(run view): explain restrictions of fallback API calls * test(run view): delete unused ZIP archive * refactor(run view): remove `Log` field from DTO types * test(run view): update tests * refactor(run view): use API as fallback to fetch job logs * test: add `BinaryResponse` helper function * Ensure bump go script has git user configured * Support --no-repos-selected on secret set * docs: consistently use apt in installation instructions * Consume dependabot minor versions for go modules * test: add test for `ParseURL` * Update microsoft dev-tunnels to v0.1.13 * Bump all dependencies except dev-tunnels * Fix inconsistent use of tabs and spaces * docs: explain PR URL parsing reason * test: improve test case to highlight host name override * test: remove references to `AssignedActorsUsed` field * test: verify providing a URL arg affects the base repo * refactor: select PR fields based on detected features * test: remove tests verifying assigne-related behaviour * fix: remove assignee-related intervention * fix: remove `AssignedActorsUsed` field * Add workflow to automate go version bumping * fix: expose `ParseURL` as a public func * Remove unused GH_TOKEN env variable from workflow * Add `workflow_dispatch` support to PR Help Wanted check (#11179) * chore: improve error message when `versioninfo.json` is not found * Fix: `gh pr create` prioritize `--title` and `--body` over `--fill` when `--web` is present (#10547) * chore: create `.syso` libs only on Windows * chore: delete `script/winres.json` * chore: add `versioninfo.template.json` * refactor: switch to `github.com/josephspurrier/goversioninfo` * chore: exclude generated `.syso` files from git repo * Ensure automation uses pinned go-licenses version * Fix missing newline in install_linux.md * Apply suggestions from code review * Update missed Go 1.23 references * chore: update Go version to 1.24 in devcontainer configuration * Use `make` for license generation and checks * Use temp directory for license checks * Update 3rd party licenses * Restored original test setup, clarified * Enhance Activetoken prioritize test * improve the description for gh release verify cmd * chore: fix function name * Push up * Use active token stubbing on auth config * refactor to simplify implementation * Primer formatting * Fix spacing * Add missing files * Rename READMEs * Initial restore of Primer CLI docs * use standardize color roles logic for the logging * moved to shared lib * moved to shared lib * update the artifact and bundle for testing * empty commit * clean the code * revert the workflow * debug windows env * debug windows env * debug windows env * chore: fix variable name casing * Avoid analyzing 3rd party license content with CodeQL * chore: ensure output path is a directory * clean the path * clean the path * Update 3rd party license information * Adopt license compliance scripts into workflows, docs * clean the path * improve test * fix test * add unit test * chore: prepare Windows resources `.syso` files before build * chore: add script to create Windows resources * Cleanup * fix: get token for active user instead of blank if possible * remove filepath test * update Sprintf * removed unused file * added the unit test * add json format * change verify-asset logic * minor fix * clean up the code * update the lng * wip * remove comment * wip * init * docs: install_linux.md: add Solus linux install instructions gh-2.76.2-bp157.2.6.1.src.rpm gh-2.76.2-bp157.2.6.1.x86_64.rpm gh-bash-completion-2.76.2-bp157.2.6.1.noarch.rpm gh-fish-completion-2.76.2-bp157.2.6.1.noarch.rpm gh-zsh-completion-2.76.2-bp157.2.6.1.noarch.rpm gh-2.76.2-bp157.2.6.1.i586.rpm gh-2.76.2-bp157.2.6.1.aarch64.rpm gh-2.76.2-bp157.2.6.1.ppc64le.rpm gh-2.76.2-bp157.2.6.1.s390x.rpm openSUSE-2025-302 important openSUSE Backports SLE-15-SP7 Update This update for trivy fixes the following issues: - CVE-2025-53547: Fixed code execution in Helm Chart (boo#1246151) - Update to version 0.64.1: * release: v0.64.1 [release/v0.64] (#9122) * fix(misconf): skip rewriting expr if attr is nil [backport: release/v0.64] (#9127) * fix(cli): Add more non-sensitive flags to telemetry [backport: release/v0.64] (#9124) * fix(rootio): check full version to detect `root.io` packages [backport: release/v0.64] (#9120) * fix(alma): parse epochs from rpmqa file [backport: release/v0.64] (#9119) * release: v0.64.0 [main] (#8955) * docs(python): fix type with METADATA file name (#9090) * feat: reject unsupported artifact types in remote image retrieval (#9052) * chore(deps): bump github.com/go-viper/mapstructure/v2 from 2.2.1 to 2.3.0 (#9088) * refactor(misconf): rewrite Rego module filtering using functional filters (#9061) * feat(terraform): add partial evaluation for policy templates (#8967) * feat(vuln): add Root.io support for container image scanning (#9073) * feat(sbom): add manufacturer field to CycloneDX tools metadata (#9019) * fix(cli): add some values to the telemetry call (#9056) * feat(ubuntu): add end of life date for Ubuntu 25.04 (#9077) * refactor: centralize HTTP transport configuration (#9058) * test: include integration tests in linting and fix all issues (#9060) * chore(deps): bump the common group across 1 directory with 26 updates (#9063) * feat(java): dereference all maven settings.xml env placeholders (#9024) * fix(misconf): reduce log noise on incompatible check (#9029) * fix(misconf): .Config.User always takes precedence over USER in .History (#9050) * chore(deps): update Docker to v28.2.2 and fix compatibility issues (#9037) * docs(misconf): simplify misconfiguration docs (#9030) * fix(misconf): move disabled checks filtering after analyzer scan (#9002) * docs: add PR review policy for maintainers (#9032) * fix(sbom): remove unnecessary OS detection check in SBOM decoding (#9034) * test: improve and extend tests for iac/adapters/arm (#9028) * chore: bump up Go version to 1.24.4 (#9031) * feat(cli): add version constraints to annoucements (#9023) * fix(misconf): correct Azure value-to-time conversion in AsTimeValue (#9015) * feat(ubuntu): add eol date for 20.04-ESM (#8981) * fix(report): don't panic when report contains vulns, but doesn't contain packages for `table` format (#8549) * fix(nodejs): correctly parse `packages` array of `bun.lock` file (#8998) * refactor: use strings.SplitSeq instead of strings.Split in for-loop (#8983) * docs: change --disable-metrics to --disable-telemetry in example (#8999) (#9003) * feat(misconf): add OpenTofu file extension support (#8747) * refactor(misconf): set Trivy version by default in Rego scanner (#9001) * docs: fix assets with versioning (#8996) * docs: add partners page (#8988) * chore(alpine): add EOL date for Alpine 3.22 (#8992) * fix: don't show corrupted trivy-db warning for first run (#8991) * Update installation.md (#8979) * feat(misconf): normalize CreatedBy for buildah and legacy docker builder (#8953) * chore(k8s): update comments with deprecated command format (#8964) * chore: fix errors and typos in docs (#8963) * fix: Add missing version check flags (#8951) * feat(redhat): Add EOL date for RHEL 10. (#8910) * fix: Correctly check for semver versions for trivy version check (#8948) * refactor(server): change custom advisory and vulnerability data types fr… (#8923) * ci(helm): bump Trivy version to 0.63.0 for Trivy Helm Chart 0.15.0 (#8946) * release: v0.63.0 [main] (#8809) * fix(misconf): use argument value in WithIncludeDeprecatedChecks (#8942) * chore(deps): Bump trivy-checks (#8934) * fix(julia): add `Relationship` field support (#8939) * feat(minimos): Add support for MinimOS (#8792) * feat(alpine): add maintainer field extraction for APK packages (#8930) * feat(echo): Add Echo Support (#8833) * fix(redhat): Also try to find buildinfo in root layer (layer 0) (#8924) * fix(wolfi): support new APK database location (#8937) * feat(k8s): get components from namespaced resources (#8918) * refactor(cloudformation): remove unused ScanFile method from Scanner (#8927) * refactor(terraform): remove result sorting from scanner (#8928) * feat(misconf): Add support for `Minimum Trivy Version` (#8880) * docs: improve skipping files documentation (#8749) * feat(cli): Add available version checking (#8553) * feat(nodejs): add a bun.lock analyzer (#8897) * feat: terraform parser option to set current working directory (#8909) * perf(secret): only match secrets of meaningful length, allow example strings to not be matched (#8602) * feat(misconf): export raw Terraform data to Rego (#8741) * refactor(terraform): simplify AllReferences method signature in Attribute (#8906) * fix: check post-analyzers for StaticPaths (#8904) * feat: add Bottlerocket OS package analyzer (#8653) * feat(license): improve work text licenses with custom classification (#8888) * chore(deps): bump github.com/containerd/containerd/v2 from 2.1.0 to 2.1.1 (#8901) * chore(deps): bump the common group across 1 directory with 9 updates (#8887) * refactor(license): simplify compound license scanning (#8896) * feat(license): Support compound licenses (licenses using SPDX operators) (#8816) * fix(k8s): use in-memory cache backend during misconfig scanning (#8873) * feat(nodejs): add bun.lock parser (#8851) * feat(license): improve work with custom classification of licenses from config file (#8861) * fix(cli): disable `--skip-dir` and `--skip-files` flags for `sbom` command (#8886) * fix: julia parser panicing (#8883) * refactor(db): change logic to detect wrong DB (#8864) * fix(cli): don't use allow values for `--compliance` flag (#8881) * docs(misconf): Reorganize misconfiguration scan pages (#8206) * fix(server): add missed Relationship field for `rpc` (#8872) * feat: add JSONC support for comments and trailing commas (#8862) * fix(vex): use `lo.IsNil` to check `VEX` from OCI artifact (#8858) * feat(go): support license scanning in both GOPATH and vendor (#8843) * fix(redhat): save contentSets for OS packages in fs/vm modes (#8820) * fix: filter all files when processing files installed from package managers (#8842) * feat(misconf): add misconfiguration location to junit template (#8793) * docs(vuln): remove OSV for Python from data sources (#8841) * chore: add an issue template for maintainers (#8838) * chore: enable staticcheck (#8815) * ci(helm): bump Trivy version to 0.62.1 for Trivy Helm Chart 0.14.1 (#8836) * feat(license): scan vendor directory for license for go.mod files (#8689) * docs(java): Update info about dev deps in gradle lock (#8830) * chore(deps): bump golang.org/x/sync from 0.13.0 to 0.14.0 in the common group (#8822) * fix(java): exclude dev dependencies in gradle lockfile (#8803) * fix: octalLiteral from go-critic (#8811) * fix(redhat): trim invalid suffix from content_sets in manifest parsing (#8818) * chore(deps): bump the common group across 1 directory with 10 updates (#8817) * fix: use-any from revive (#8810) * fix: more revive rules (#8814) * docs: change in java.md: fix the Trity -to-> Trivy typo (#8813) * fix(misconf): check if for-each is known when expanding dyn block (#8808) * ci(helm): bump Trivy version to 0.62.0 for Trivy Helm Chart 0.14.0 (#8802) - Update to version 0.62.1: * release: v0.62.1 [release/v0.62] (#8825) * chore(deps): bump the common group across 1 directory with 10 updates [backport: release/v0.62] (#8831) * fix(misconf): check if for-each is known when expanding dyn block [backport: release/v0.62] (#8826) * fix(redhat): trim invalid suffix from content_sets in manifest parsing [backport: release/v0.62] (#8824) * release: v0.62.0 [main] (#8669) * feat(nodejs): add root and workspace for `yarn` packages (#8535) * fix: unused-parameter rule from revive (#8794) * chore(deps): Update trivy-checks (#8798) * fix: early-return, indent-error-flow and superfluous-else rules from revive (#8796) * fix(k8s): remove using `last-applied-configuration` (#8791) * refactor(misconf): remove unused methods from providers (#8781) * refactor(misconf): remove unused methods from iac types (#8782) * fix(misconf): filter null nodes when parsing json manifest (#8785) * fix: testifylint last issues (#8768) * fix(misconf): perform operations on attribute safely (#8774) * refactor(ubuntu): update time handling for fixing time (#8780) * chore(deps): bump golangci-lint to v2.1.2 (#8766) * feat(image): save layers metadata into report (#8394) * feat(misconf): convert AWS managed policy to document (#8757) * chore(deps): bump the docker group across 1 directory with 3 updates (#8762) * ci(helm): bump Trivy version to 0.61.1 for Trivy Helm Chart 0.13.1 (#8753) * ci(helm): create a helm branch for patches from main (#8673) * fix(terraform): hcl object expressions to return references (#8271) * chore(terraform): option to pass in instanced logger (#8738) * ci: use `Skitionek/notify-microsoft-teams` instead of `aquasecurity` fork (#8740) * chore(terraform): remove os.OpenPath call from terraform file functions (#8737) * chore(deps): bump the common group across 1 directory with 23 updates (#8733) * feat(rust): add root and workspace relationships/package for `cargo` lock files (#8676) * refactor(misconf): remove module outputs from parser.EvaluateAll (#8587) * fix(misconf): populate context correctly for module instances (#8656) * fix(misconf): check if metadata is not nil (#8647) * refactor(misconf): switch to x/json (#8719) * fix(report): clean buffer after flushing (#8725) * ci: improve PR title validation workflow (#8720) * refactor(flag): improve flag system architecture and extensibility (#8718) * fix(terraform): `evaluateStep` to correctly set `EvalContext` for multiple instances of blocks (#8555) * refactor: migrate from `github.com/aquasecurity/jfather` to `github.com/go-json-experiment/json` (#8591) * feat(misconf): support auto_provisioning_defaults in google_container_cluster (#8705) * ci: use `github.event.pull_request.user.login` for release PR check workflow (#8702) * refactor: add hook interface for extended functionality (#8585) * fix(misconf): add missing variable as unknown (#8683) * docs: Update maintainer docs (#8674) * ci(vuln): reduce github action script injection attack risk (#8610) * fix(secret): ignore .dist-info directories during secret scanning (#8646) * fix(server): fix redis key when trying to delete blob (#8649) * chore(deps): bump the testcontainers group with 2 updates (#8650) * test: use `aquasecurity` repository for test images (#8677) * chore(deps): bump the aws group across 1 directory with 5 updates (#8652) * fix(k8s): skip passed misconfigs for the summary report (#8684) * fix(k8s): correct compare artifact versions (#8682) * chore: update Docker lib (#8681) * refactor(misconf): remove unused terraform attribute methods (#8657) * feat(misconf): add option to pass Rego scanner to IaC scanner (#8369) * chore: typo fix to replace `rego` with `repo` on the RepoFlagGroup options error output (#8643) * docs: Add info about helm charts release (#8640) * ci(helm): bump Trivy version to 0.61.0 for Trivy Helm Chart 0.13.0 (#8638) - Update to version 0.61.1: * release: v0.61.1 [release/v0.61] (#8704) * fix(k8s): skip passed misconfigs for the summary report [backport: release/v0.61] (#8748) * fix(k8s): correct compare artifact versions [backport: release/v0.61] (#8699) * test: use `aquasecurity` repository for test images [backport: release/v0.61] (#8698) * release: v0.61.0 [main] (#8507) * fix(misconf): Improve logging for unsupported checks (#8634) * feat(k8s): add support for controllers (#8614) * fix(debian): don't include empty licenses for `dpkgs` (#8623) * fix(misconf): Check values wholly prior to evalution (#8604) * chore(deps): Bump trivy-checks (#8619) * fix(k8s): show report for `--report all` (#8613) * chore(deps): bump github.com/golang-jwt/jwt/v4 from 4.5.1 to 4.5.2 (#8597) * refactor: rename scanner to service (#8584) * fix(misconf): do not skip loading documents from subdirectories (#8526) * refactor(misconf): get a block or attribute without calling HasChild (#8586) * fix(misconf): identify the chart file exactly by name (#8590) * test: use table-driven tests in Helm scanner tests (#8592) * refactor(misconf): Simplify misconfig checks bundle parsing (#8533) * chore(deps): bump the common group across 1 directory with 10 updates (#8566) * fix(misconf): do not use cty.NilVal for non-nil values (#8567) * docs(cli): improve flag value display format (#8560) * fix(misconf): set default values for AWS::EKS::Cluster.ResourcesVpcConfig (#8548) * docs: remove slack (#8565) * fix: use `--file-patterns` flag for all post analyzers (#7365) * docs(python): Mention pip-compile (#8484) * feat(misconf): adapt aws_opensearch_domain (#8550) * feat(misconf): adapt AWS::EC2::VPC (#8534) * docs: fix a broken link (#8546) * fix(fs): check postAnalyzers for StaticPaths (#8543) * refactor(misconf): remove unused methods for ec2.Instance (#8536) * feat(misconf): adapt aws_default_security_group (#8538) * feat(fs): optimize scanning performance by direct file access for known paths (#8525) * feat(misconf): adapt AWS::DynamoDB::Table (#8529) * style: Fix MD syntax in self-hosting.md (#8523) * perf(misconf): retrieve check metadata from annotations once (#8478) * feat(misconf): Add support for aws_ami (#8499) * fix(misconf): skip Azure CreateUiDefinition (#8503) * refactor(misconf): use OPA v1 (#8518) * fix(misconf): add ephemeral block type to config schema (#8513) * perf(misconf): parse input for Rego once (#8483) * feat: replace TinyGo with standard Go for WebAssembly modules (#8496) * chore: replace deprecated tenv linter with usetesting (#8504) * fix(spdx): save text licenses into `otherLicenses` without normalize (#8502) * chore(deps): bump the common group across 1 directory with 13 updates (#8491) * chore: use go.mod for managing Go tools (#8493) * ci(helm): bump Trivy version to 0.60.0 for Trivy Helm Chart 0.12.0 (#8494) * release: v0.60.0 [main] (#8327) * fix(sbom): improve logic for binding direct dependency to parent component (#8489) * chore(deps): remove missed replace of `trivy-db` (#8492) * chore(deps): bump alpine from 3.21.0 to 3.21.3 in the docker group across 1 directory (#8490) * chore(deps): update Go to 1.24 and switch to go-version-file (#8388) * docs: add abbreviation list (#8453) * chore(terraform): assign *terraform.Module 'parent' field (#8444) * feat: add report summary table (#8177) * chore(deps): bump the github-actions group with 3 updates (#8473) * refactor(vex): improve SBOM reference handling with project standards (#8457) * ci: update GitHub Actions cache to v4 (#8475) * feat: add `--vuln-severity-source` flag (#8269) * fix(os): add mapping OS aliases (#8466) * chore(deps): bump the aws group across 1 directory with 7 updates (#8468) * chore(deps): Bump trivy-checks to v1.7.1 (#8467) * refactor(report): write tables after rendering all results (#8357) * docs: update VEX documentation index page (#8458) * fix(db): fix case when 2 trivy-db were copied at the same time (#8452) * feat(misconf): render causes for Terraform (#8360) * fix(misconf): fix incorrect k8s locations due to JSON to YAML conversion (#8073) * feat(cyclonedx): Add initial support for loading external VEX files from SBOM references (#8254) * chore(deps): update go-rustaudit location (#8450) * fix: update all documentation links (#8045) * chore(deps): bump github.com/go-jose/go-jose/v4 from 4.0.4 to 4.0.5 (#8443) * chore(deps): bump the common group with 6 updates (#8411) * fix(k8s): add missed option `PkgRelationships` (#8442) * fix(sbom): add SBOM file's filePath as Application FilePath if we can't detect its path (#8346) * feat(go): fix parsing main module version for go >= 1.24 (#8433) * refactor(misconf): make Rego scanner independent of config type (#7517) * fix(image): disable AVD-DS-0007 for history scanning (#8366) * fix(server): secrets inspectation for the config analyzer in client server mode (#8418) * chore: remove mockery (#8417) * test(server): replace mock driver with memory cache in server tests (#8416) * test: replace mock with memory cache and fix non-deterministic tests (#8410) * test: replace mock with memory cache in scanner tests (#8413) * test: use memory cache (#8403) * fix(spdx): init `pkgFilePaths` map for all formats (#8380) * chore(deps): bump the common group across 1 directory with 11 updates (#8381) * docs: correct Ruby documentation (#8402) * chore: bump `mockery` to update v2.52.2 version and rebuild mock files (#8390) * fix: don't use `scope` for `trivy registry login` command (#8393) * fix(go): merge nested flags into string for ldflags for Go binaries (#8368) * chore(terraform): export module path on terraform modules (#8374) * fix(terraform): apply parser options to submodule parsing (#8377) * docs: Fix typos in documentation (#8361) * docs: fix navigate links (#8336) * ci(helm): bump Trivy version to 0.59.1 for Trivy Helm Chart 0.11.1 (#8354) * ci(spdx): add `aqua-installer` step to fix `mage` error (#8353) * chore: remove debug prints (#8347) * fix(misconf): do not log scanners when misconfig scanning is disabled (#8345) * fix(report): remove html escaping for `shortDescription` and `fullDescription` fields for sarif reports (#8344) * chore(deps): bump Go to `v1.23.5` (#8341) * fix(python): add `poetry` v2 support (#8323) * chore(deps): bump the github-actions group across 1 directory with 4 updates (#8331) * fix(misconf): ecs include enhanced for container insights (#8326) * fix(sbom): preserve OS packages from multiple SBOMs (#8325) * ci(helm): bump Trivy version to 0.59.0 for Trivy Helm Chart 0.11.0 (#8311) trivy-0.64.1-bp157.2.3.1.src.rpm trivy-0.64.1-bp157.2.3.1.x86_64.rpm trivy-0.64.1-bp157.2.3.1.i586.rpm trivy-0.64.1-bp157.2.3.1.aarch64.rpm trivy-0.64.1-bp157.2.3.1.ppc64le.rpm trivy-0.64.1-bp157.2.3.1.s390x.rpm openSUSE-2025-313 moderate openSUSE Backports SLE-15-SP7 Update This update for fuc fixes the following issues: - Update to version 3.1.1: * fix recursive copy detection for multiple directories * Upgrade deps - Update to version 3.1.0: * Support hard linking files in cpz! * Fixed bugs with --force and symlinks. * Upgrade deps - Update to version 3.0.1: * dependency bumps, including Rustix1.0 - Update to version 3.0.0: * Upgrade deps * Fix bug when trying to copy "." into a directory * Eliminate pointless statx when removing files with unknown d_type * requires Rust 2024 edition * Remove extra mkdir (push that responsibility outside the library so we don't have a ton of redundant mkdirs) * Avoid pointless copy_file_range calls that we know won't copy anything * Remember cross-device copy failures per directory * Swap binary name and arch for better sorting * Add docs on progress indicator - Update to version 2.2.0: * Stable rust patch * Upgrade deps * Add -L / --dereference option (#36) * Add NO_UNSHARE envvar support to avoid calling unshare for default docker configs which block the syscall (closes #34) * Use official cache-size version * Use my own cache-size dep to fix the build * Remove cargo warning about "no edition set" * Clarify what rmz/cpz are - Update to version 2.1.0: * Stable rust patch * Upgrade FTZZ * Add progress feature (closes #14) * Upgrade deps * Remove release_max_level_off since tracing is completely compiled out by default anyway * Add tip for merging directories * Integrate tracing - Update to version 2.0.0: * Improved handling of deeply nested folders and other IO errors * Never follow symlinks for deletion - Update to version 1.1.9: * Upgrade deps * Don't show stack traces in errors * Tweak copy error message slightly * Use better pattern matching * Fix inconsistent badge sytling * Support flipping cpz argument order * Slight efficiency improvement (at the expense of throughput in hopefully rare cases) * Update README.md fuc-3.1.1-bp157.2.3.1.src.rpm fuc-3.1.1-bp157.2.3.1.x86_64.rpm fuc-3.1.1-bp157.2.3.1.aarch64.rpm openSUSE-2025-304 important openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: Chromium 139.0.7258.138 (boo#1248315): * CVE-2025-9132: Out of bounds write in V8 chromedriver-139.0.7258.138-bp157.2.40.1.x86_64.rpm chromium-139.0.7258.138-bp157.2.40.1.src.rpm chromium-139.0.7258.138-bp157.2.40.1.x86_64.rpm chromedriver-139.0.7258.138-bp157.2.40.1.aarch64.rpm chromium-139.0.7258.138-bp157.2.40.1.aarch64.rpm chromedriver-139.0.7258.138-bp157.2.40.1.ppc64le.rpm chromium-139.0.7258.138-bp157.2.40.1.ppc64le.rpm openSUSE-2025-321 moderate openSUSE Backports SLE-15-SP7 Update This update for rpi-imager fixes the following issues: - Turned off dependency vendoring, to get security fixes for libarchive and others. Includes a fix for CVE-2025-5916 (boo#1244387) rpi-imager-1.7.5-bp157.2.3.1.src.rpm rpi-imager-1.7.5-bp157.2.3.1.x86_64.rpm rpi-imager-1.7.5-bp157.2.3.1.i586.rpm rpi-imager-1.7.5-bp157.2.3.1.aarch64.rpm rpi-imager-1.7.5-bp157.2.3.1.ppc64le.rpm openSUSE-2025-315 important openSUSE Backports SLE-15-SP7 Update This update for proftpd fixes the following issues: - CVE-2024-57392: Null pointer dereference vulnerability by sending a maliciously crafted message (boo#1236889). - CVE-2024-48651: Supplemental group inheritance grants unintended access to GID 0 (boo#1233997). proftpd-1.3.8d-bp157.2.3.1.src.rpm proftpd-1.3.8d-bp157.2.3.1.x86_64.rpm proftpd-debuginfo-1.3.8d-bp157.2.3.1.x86_64.rpm proftpd-debugsource-1.3.8d-bp157.2.3.1.x86_64.rpm proftpd-devel-1.3.8d-bp157.2.3.1.x86_64.rpm proftpd-doc-1.3.8d-bp157.2.3.1.x86_64.rpm proftpd-lang-1.3.8d-bp157.2.3.1.noarch.rpm proftpd-ldap-1.3.8d-bp157.2.3.1.x86_64.rpm proftpd-ldap-debuginfo-1.3.8d-bp157.2.3.1.x86_64.rpm proftpd-mysql-1.3.8d-bp157.2.3.1.x86_64.rpm proftpd-mysql-debuginfo-1.3.8d-bp157.2.3.1.x86_64.rpm proftpd-pgsql-1.3.8d-bp157.2.3.1.x86_64.rpm proftpd-pgsql-debuginfo-1.3.8d-bp157.2.3.1.x86_64.rpm proftpd-radius-1.3.8d-bp157.2.3.1.x86_64.rpm proftpd-radius-debuginfo-1.3.8d-bp157.2.3.1.x86_64.rpm proftpd-sqlite-1.3.8d-bp157.2.3.1.x86_64.rpm proftpd-sqlite-debuginfo-1.3.8d-bp157.2.3.1.x86_64.rpm proftpd-1.3.8d-bp157.2.3.1.i586.rpm proftpd-debuginfo-1.3.8d-bp157.2.3.1.i586.rpm proftpd-debugsource-1.3.8d-bp157.2.3.1.i586.rpm proftpd-devel-1.3.8d-bp157.2.3.1.i586.rpm proftpd-doc-1.3.8d-bp157.2.3.1.i586.rpm proftpd-ldap-1.3.8d-bp157.2.3.1.i586.rpm proftpd-ldap-debuginfo-1.3.8d-bp157.2.3.1.i586.rpm proftpd-mysql-1.3.8d-bp157.2.3.1.i586.rpm proftpd-mysql-debuginfo-1.3.8d-bp157.2.3.1.i586.rpm proftpd-pgsql-1.3.8d-bp157.2.3.1.i586.rpm proftpd-pgsql-debuginfo-1.3.8d-bp157.2.3.1.i586.rpm proftpd-radius-1.3.8d-bp157.2.3.1.i586.rpm proftpd-radius-debuginfo-1.3.8d-bp157.2.3.1.i586.rpm proftpd-sqlite-1.3.8d-bp157.2.3.1.i586.rpm proftpd-sqlite-debuginfo-1.3.8d-bp157.2.3.1.i586.rpm proftpd-1.3.8d-bp157.2.3.1.aarch64.rpm proftpd-debuginfo-1.3.8d-bp157.2.3.1.aarch64.rpm proftpd-debugsource-1.3.8d-bp157.2.3.1.aarch64.rpm proftpd-devel-1.3.8d-bp157.2.3.1.aarch64.rpm proftpd-doc-1.3.8d-bp157.2.3.1.aarch64.rpm proftpd-ldap-1.3.8d-bp157.2.3.1.aarch64.rpm proftpd-ldap-debuginfo-1.3.8d-bp157.2.3.1.aarch64.rpm proftpd-mysql-1.3.8d-bp157.2.3.1.aarch64.rpm proftpd-mysql-debuginfo-1.3.8d-bp157.2.3.1.aarch64.rpm proftpd-pgsql-1.3.8d-bp157.2.3.1.aarch64.rpm proftpd-pgsql-debuginfo-1.3.8d-bp157.2.3.1.aarch64.rpm proftpd-radius-1.3.8d-bp157.2.3.1.aarch64.rpm proftpd-radius-debuginfo-1.3.8d-bp157.2.3.1.aarch64.rpm proftpd-sqlite-1.3.8d-bp157.2.3.1.aarch64.rpm proftpd-sqlite-debuginfo-1.3.8d-bp157.2.3.1.aarch64.rpm proftpd-1.3.8d-bp157.2.3.1.ppc64le.rpm proftpd-debuginfo-1.3.8d-bp157.2.3.1.ppc64le.rpm proftpd-debugsource-1.3.8d-bp157.2.3.1.ppc64le.rpm proftpd-devel-1.3.8d-bp157.2.3.1.ppc64le.rpm proftpd-doc-1.3.8d-bp157.2.3.1.ppc64le.rpm proftpd-ldap-1.3.8d-bp157.2.3.1.ppc64le.rpm proftpd-ldap-debuginfo-1.3.8d-bp157.2.3.1.ppc64le.rpm proftpd-mysql-1.3.8d-bp157.2.3.1.ppc64le.rpm proftpd-mysql-debuginfo-1.3.8d-bp157.2.3.1.ppc64le.rpm proftpd-pgsql-1.3.8d-bp157.2.3.1.ppc64le.rpm proftpd-pgsql-debuginfo-1.3.8d-bp157.2.3.1.ppc64le.rpm proftpd-radius-1.3.8d-bp157.2.3.1.ppc64le.rpm proftpd-radius-debuginfo-1.3.8d-bp157.2.3.1.ppc64le.rpm proftpd-sqlite-1.3.8d-bp157.2.3.1.ppc64le.rpm proftpd-sqlite-debuginfo-1.3.8d-bp157.2.3.1.ppc64le.rpm proftpd-1.3.8d-bp157.2.3.1.s390x.rpm proftpd-debuginfo-1.3.8d-bp157.2.3.1.s390x.rpm proftpd-debugsource-1.3.8d-bp157.2.3.1.s390x.rpm proftpd-devel-1.3.8d-bp157.2.3.1.s390x.rpm proftpd-doc-1.3.8d-bp157.2.3.1.s390x.rpm proftpd-ldap-1.3.8d-bp157.2.3.1.s390x.rpm proftpd-ldap-debuginfo-1.3.8d-bp157.2.3.1.s390x.rpm proftpd-mysql-1.3.8d-bp157.2.3.1.s390x.rpm proftpd-mysql-debuginfo-1.3.8d-bp157.2.3.1.s390x.rpm proftpd-pgsql-1.3.8d-bp157.2.3.1.s390x.rpm proftpd-pgsql-debuginfo-1.3.8d-bp157.2.3.1.s390x.rpm proftpd-radius-1.3.8d-bp157.2.3.1.s390x.rpm proftpd-radius-debuginfo-1.3.8d-bp157.2.3.1.s390x.rpm proftpd-sqlite-1.3.8d-bp157.2.3.1.s390x.rpm proftpd-sqlite-debuginfo-1.3.8d-bp157.2.3.1.s390x.rpm openSUSE-2025-328 moderate openSUSE Backports SLE-15-SP7 Update This update for kanidm fixes the following issues: Update to version 1.7.3~git0.10847190e: * Release 1.7.3 * Make it clearer why acceptor isnt available (#3812) * Minor: reduce logging verbosity during debug (#3810) * Handle IP addresses in replication SAN field (#3811) * Update to use the codec properly (#3807) kanidm-1.7.3~git0.10847190e-bp157.2.15.1.src.rpm kanidm-1.7.3~git0.10847190e-bp157.2.15.1.x86_64.rpm kanidm-clients-1.7.3~git0.10847190e-bp157.2.15.1.x86_64.rpm kanidm-docs-1.7.3~git0.10847190e-bp157.2.15.1.x86_64.rpm kanidm-server-1.7.3~git0.10847190e-bp157.2.15.1.x86_64.rpm kanidm-unixd-clients-1.7.3~git0.10847190e-bp157.2.15.1.x86_64.rpm kanidm-1.7.3~git0.10847190e-bp157.2.15.1.aarch64.rpm kanidm-clients-1.7.3~git0.10847190e-bp157.2.15.1.aarch64.rpm kanidm-docs-1.7.3~git0.10847190e-bp157.2.15.1.aarch64.rpm kanidm-server-1.7.3~git0.10847190e-bp157.2.15.1.aarch64.rpm kanidm-unixd-clients-1.7.3~git0.10847190e-bp157.2.15.1.aarch64.rpm openSUSE-2025-317 important openSUSE Backports SLE-15-SP7 Update This update for minikube fixes the following issues: - Update to version 1.36.0: * Features - Support Kubernetes version v1.33.1 #20784 - New flag "-f" to allow passing a config file for addon configure command. #20255 - vfkit: bump to Preferred driver on macOs #20808 - vfkit: new network option "--network vment-shared' for vfkit driver #20501 * Bug Fixes: - fix bootpd check on macOS >= 15 #20400 - fix bug in parsing proxies with dashes #20648 - fix waiting for all pods having specified labels to be Ready #20315 - fix: incorrect finalImg affecting downloading kic form github assets #20316 - fix: reference missing files in schema (Closes #20752) #20761 - Improvements: - Additional checks for 9p support #20288 - vfkit: Graceful shutdown on stop #20504 - vfkit: More robust state management #20506 - vfkit vmnet: support running without sudoers configuration #20719 - Revert "fix --wait's failure to work on coredns pods" #20313 * Languages: - Add Indonesian translation #20494 - Add more french translation #20361 - Add more Korean translations #20634 - Add more Chinese translations #20543#20543 - fixed minor typo in german translation #20546 - Version Updates: - Addon cloud-spanner: Update cloud-spanner-emulator/emulator image from 1.5.28 to 1.5.34 #20451 #20539 #20602#20623 #20670 #20704 #20795 - Addon headlamp: Update headlamp-k8s/headlamp image from v0.26.0 to v0.28.0 #20311 - Addon ingress: Update ingress-nginx/controller image from v1.11.3 to v1.12.2 #20789 - Addon inspektor-gadget: Update inspektor-gadget image from v0.36.0 to v0.40.0 #20325#20354#20512 #20736 - Addon kong: Update kong image from 3.8.0 to 3.9.0 #20151 #20384 #20728 - Addon kong: Update kong/kubernetes-ingress-controller image from 3.3.1 to 3.4.5 #20319#20446#20788 - Addon kubevirt: Update bitnami/kubectl image from 1.31.3 to 1.33.1 #20321#20349#20665#20731#20790 - Addon nvidia-device-plugin: Update nvidia/k8s-device-plugin image from v0.17.0 to v0.17.2 #20786#20534 - Addon registry: Update kube-registry-proxy image from 0.0.8 to 0.0.9 #20717 - Addon registry: Update registry image from 2.8.3 to 3.0.0 #20242 #20425 - Addon Volcano: Update volcano images from v1.10.0 to v1.11.2 #20318 #20616 #20697 - CNI: Update cilium from v1.17.0 to v3.30.0 #20419 #20390 #20584 #20734 #20317 #20383 #20535 #20637 #20787 - CNI: Update flannel from v0.26.2 to v0.26.7 #20385#20617 #20639 - CNI: Update kindnetd from v20241108-5c6d2daf to v20250512-df8de77b #20327#20427 #20797 - HA (multi-control plane): Update kube-vip from v0.8.10 to v0.9.1 #20638#20238#20598 #20699 - Kicbase: Bump ubuntu:jammy from 20240911.1 to 20250126 #20387 #20718 - Kicbase/ISO: Update buildroot from 2023.02.9 to 2025.2 #20720 - Kicbase/ISO: Update cni-plugins from v1.6.2 to v1.7.1 #20771 - Kicbase/ISO: Update cri-dockerd from v0.3.15 to v0.4.0 #20747 - Kicbase/ISO: Update docker from 27.4.0 to 28.0.4 #20436 #20523 #20591 - Kicbase/ISO: Update runc from v1.2.3 to v1.3.0#20433#20604 #20764 - update to 1.35.0 (boo#1234528, CVE-2024-45337): * Features: - Add support for AMD GPUs via --gpus=amd #19749 - publish & download kicbase image in github release assets #19464 - Support latest Kubernetes v1.32.0 #20091 - Adds support for kubeadm.k8s.io/v1beta4 available since k8s v1.31 #19790 * Improvements: - Merge nvidia-gpu-device-plugin and nvidia-device-plugin. #19545 - cilium: remove appArmorProfile for k8s<v1.30.0 #19888 - auto-pause: restart service after configuration #19900 - Revert "Change MINIKUBE_HOME logic" #20045 - HA (multi-control plane): Update kube-vip from v0.8.6 to v0.8.7 #20053 - don't pollute minikube profile list with errors if exitcode is absent #19728 - unified minikube cluster status query #18998 - Vfkit driver: fix TestMachineType failing on macOS #19726 - No more arch restriction on nerdctld #19730 - remove helm-tiller addon #19636 - More robust MAC address matching #19750 - Add instructions to resolve docker context error #19197 * Bug fixes: - fix --wait's failure to work on coredns pods #19748 - Fix panic when no services in namespace with --all specified #19957 - fix timeout when stopping KVM machine with CRI-O container runtime #19758 - Fix long lines in lastStart.txt not outputting in log outputs #19740 - Fix wrongly detecting kicbase arch as incorrect #19664 * Breaking Changes: - skip building kvm2-arm64 till 19959 is resolved #20062 - remove arm64 kvm #19985 * Languages: - Add more Chinese translations #19490 - Add more Chinese translations #19508 - Fix chinnese translation on wrong line #19718 - Add more chinnese translations #19962 - Add more chinnese translations #19772 - Fix french translation #19978 - Improve french translation #19654 * - Version Updates: - Please see the full changelog - https://github.com/kubernetes/minikube/releases/tag/v0.35.0 docker-machine-driver-kvm2-1.36.0-bp157.2.3.1.x86_64.rpm minikube-1.36.0-bp157.2.3.1.src.rpm minikube-1.36.0-bp157.2.3.1.x86_64.rpm minikube-bash-completion-1.36.0-bp157.2.3.1.noarch.rpm minikube-fish-completion-1.36.0-bp157.2.3.1.noarch.rpm minikube-zsh-completion-1.36.0-bp157.2.3.1.noarch.rpm minikube-1.36.0-bp157.2.3.1.i586.rpm docker-machine-driver-kvm2-1.36.0-bp157.2.3.1.aarch64.rpm minikube-1.36.0-bp157.2.3.1.aarch64.rpm openSUSE-2025-323 important openSUSE Backports SLE-15-SP7 Update This update for v2ray-core fixes the following issues: - Update version to 5.33.0 * bump github.com/quic-go/quic-go from 0.51.0 to 0.52.0(boo#1243946 and CVE-2025-297850) * Update other vendor source - Update version to 5.31.0 * Add Dns Proxy Response TTL Control * Fix call newError Base with a nil value error * Update vendor (boo#1235164) - Update version to 5.29.3 * Enable restricted mode load for http protocol client * Correctly implement QUIC sniffer when handling multiple initial packets * Fix unreleased cache buffer in QUIC sniffing * A temporary testing fix for the buffer corruption issue * QUIC Sniffer Restructure - Update version to 5.22.0 * Add packetEncoding for Hysteria * Add ECH Client Support * Add support for parsing some shadowsocks links * Add Mekya Transport * Fix bugs - Update version to 5.18.0 * Add timeout for http request roundtripper * Fix ss2022 auth reader size overflow * Add pie build mode to all binary builds * Support "services" root config in cfgv4 * packet_encoding for config v4 * add MPTCP support * Add (Experimental) Meyka Building Blocks to request Transport * Add timeout for http request roundtripper * Hysteria2: Add Hysteria2 Protocol * Add AllowInsecureIfPinnedPeerCertificate option to tls security * Add tls certChainHash command * add support for socket activation * Add pprof flag for debugging * Fix bugs - Update version to 5.16.1 * Add Keep-Alive to removed headers - Update version to 5.15.1 * feat: RandomStrategy AliveOnly * Improve container image tags and timestamp * Add delay_auth_write to Socks5 Client Advanced Config * Add MaxMin TLS version support in TLS Setting * feat: RandomStrategy AliveOnly * Improve container image tags and timestamp * Fixed an encrypted traffic's malleable vulnerability that allow integrity corruption by an attacker with a privileged network position to silently drop segments of traffic from an encrypted traffic stream. * Update documents * Fix bugs - Update vendor, fix CVE-2024-22189 boo#1222488 - Update version to 5.12.1 * Shadowsocks2022 Client Support * Apply DomainStrategy to outbound target * Add DomainStrategy to JSONv5 outbound * Add sniffing for TUN * Add HTTPUpgrade transport * It is a reduced version of WebSocket Transport that can pass many reverse proxies and CDNs without running a WebSocket protocol stack * TUN Support * Add uTLS support for h2 transport * Fix bugs golang-github-v2fly-v2ray-core-5.33.0-bp157.2.3.1.noarch.rpm v2ray-core-5.33.0-bp157.2.3.1.src.rpm v2ray-core-5.33.0-bp157.2.3.1.x86_64.rpm v2ray-core-5.33.0-bp157.2.3.1.i586.rpm v2ray-core-5.33.0-bp157.2.3.1.aarch64.rpm v2ray-core-5.33.0-bp157.2.3.1.ppc64le.rpm v2ray-core-5.33.0-bp157.2.3.1.s390x.rpm openSUSE-2025-324 important openSUSE Backports SLE-15-SP7 Update This update for etcd fixes the following issues: - Update to version 3.6.2: * Avoid lowering revision of watchers in the future after restore * Add verification to verify the watch response have a bigger revision than minRev * Disable progress notify validation until we can guarantee response * Skip sending progress notification for watch with starting revision in the future - See upgrade guide: https://etcd.io/docs/v3.6/upgrades/upgrade_3_6/ - Update to version 3.6.1: * etcd server: - Replaced the deprecated/removed UnaryServerInterceptor and StreamServerInterceptor in otelgrpc with NewServerHandler - Add protection on PromoteMember and UpdateRaftAttributes to prevent panicking - Fix the issue that --force-new-cluster can't remove all other members in a corner case - Fix mvcc: avoid double decrement of watcher gauge on close/cancel race - Add validation to ensure there is no empty v3discovery endpoint * etcdctl: - Fix command etcdctl endpoint health doesn't work when options are set via environment variables - Update to version 3.6.0: https://github.com/etcd-io/etcd/compare/v3.5.21...v3.6.0 * Dropped flags in v3.6.0: ETCD_ENABLE_V2 ETCD_PROXY ETCD_PROXY_DIAL_TIMEOUT ETCD_PROXY_FAILURE_WAIT ETCD_PROXY_READ_TIMEOUT ETCD_PROXY_REFRESH_INTERVAL ETCD_PROXY_WRITE_TIMEOUT - Update to version 3.5.21: * bump golang.org/x/net from v0.36.0 to v0.38.0 * bump github.com/golang-jwt/jwt/v4 from 4.5.1 to 4.5.2 to address CVE-2025-30204 (boo#1240515) - Update to version 3.5.20: * Fix the issue that learner promotion command doesn't support json output * overwrite the member if already exist * add verification to check whether membership data is in sync between v2store and v3store * fix: grpcproxy can get stuck in and endless loop causing high cpu usage * perf(release3.5): use RLock in Demoted method for read-only access to expiry - Update to version 3.5.19: * Bump go toolchain to 1.23.7 * fix a compaction induce latency issue * Add learner id into log when being promoted or removed * add learner check to readyz * tools: add mixed read-write performance evaluation scripts - Update to version 3.5.18: * Ensure all goroutines created by StartEtcd to exit before closing the errc * mvcc: restore tombstone index if it's first revision * Bump go toolchain to 1.22.11 * Avoid deadlock in etcd.Close when stopping during bootstrapping * etcdutl/etcdutl: use datadir package to build wal/snapdir * Remove duplicated <-s.ReadyNotify() * Do not wait for ready notify if the server is stopping * Fix mixVersion test case: ensure a snapshot to be sent out * *: support custom content check offline in v2store * Print warning message for deprecated flags if set * fix runtime error: comparing uncomparable type * add tls min/max version to grpc proxy - Fixing a configuration data loss bug: Fillup really really wants that the template and the target file actually follow the sysconfig format. The current config and the current template do not fulfill this requirement. Move the current /etc/sysconfig/etcd to /etc/default/etcd and install a new sysconfig file which only adds the ETCD_OPTIONS option, which is actually used by the unit file. This also makes it a bit cleaner to move etcd to use --config-file in the long run. - Update etcd configuration file based on https://github.com/etcd-io/etcd/blob/v3.5.17/etcd.conf.yml.sample - Update to version 3.5.17: * fix(defrag): close temp file in case of error * Bump go toolchain to 1.22.9 * fix(defrag): handle defragdb failure * fix(defrag): handle no space left error * [3.5] Fix risk of a partial write txn being applied * [serverWatchStream] terminate recvLoop on sws.close() - Update to version 3.5.16: * Bump go toolchain to 1.22.7 * Introduce compaction sleep interval flag * Fix passing default grpc call options in Kubernetes client * Skip leadership check if the etcd instance is active processing heartbeats * Introduce Kubernetes KV interface to etcd client - Update to version 3.5.15: * Differentiate the warning message for rejected client and peer * connections * Suppress noisy basic auth token deletion log * Support multiple values for allowed client and peer TLS identities(#18015) * print error log when validation on conf change failed - Update to version 3.5.14: * etcdutl: Fix snapshot restore memory alloc issue * server: Implement WithMmapSize option for backend config * gRPC health server sets serving status to NOT_SERVING on defrag * server/mvcc: introduce compactBeforeSetFinishedCompact failpoint * Update the compaction log when bootstrap and update compact's signature * add experimental-snapshot-catchup-entries flag. * Fix retry requests when receiving ErrGPRCNotSupportedForLearner - Update to version 3.5.13: * Fix progress notification for watch that doesn't get any events * pkg/types: Support Unix sockets in NewURLS * added arguments to the grpc-proxy: dial-keepalive-time, dial-keepalive-timeout, permit-without-stream * server: fix comment to match function name * Make CGO_ENABLED configurable for etcd 3.5 * etcdserver: drain leaky goroutines before test completed etcd-3.6.2-bp157.2.3.1.src.rpm etcd-3.6.2-bp157.2.3.1.x86_64.rpm etcdctl-3.6.2-bp157.2.3.1.x86_64.rpm etcdutl-3.6.2-bp157.2.3.1.x86_64.rpm etcd-3.6.2-bp157.2.3.1.aarch64.rpm etcdctl-3.6.2-bp157.2.3.1.aarch64.rpm etcdutl-3.6.2-bp157.2.3.1.aarch64.rpm etcd-3.6.2-bp157.2.3.1.ppc64le.rpm etcdctl-3.6.2-bp157.2.3.1.ppc64le.rpm etcdutl-3.6.2-bp157.2.3.1.ppc64le.rpm etcd-3.6.2-bp157.2.3.1.s390x.rpm etcdctl-3.6.2-bp157.2.3.1.s390x.rpm etcdutl-3.6.2-bp157.2.3.1.s390x.rpm openSUSE-2025-332 moderate openSUSE Backports SLE-15-SP7 Update This update for go-sendxmpp fixes the following issues: - Update to 0.15.0: Added: * Add flag --verbose to show debug information. * Add flag --recipients to specify recipients by file. * Add flag --retry-connect to try after a waiting time if the connection fails. * Add flag --retry-connect-max to specify the amount of retry attempts. * Add flag --legacy-pgp for using XEP-0027 PGP encryption with Ox keys. * Add support for punycode domains. Changed: * Update gopenpgp library to v3. * Improve error detection for MUC joins. * Don't try to connect to other SRV record targets if error contains 'auth-failure'. * Remove support for old SSDP version (via go-xmpp v0.2.15). * Http-upload: Stop checking other disco items after finding upload component. * Increase default TLS version to 1.3. - CVE-2025-22872: Fixed golang.org/x/net/html: incorrectly interpreted tags can cause content to be placed wrong scope during DOM construction (boo#1241814) - Update to 0.14.1: * Use prettier date format for error messages. * Update XEP-0474 to version 0.4.0 (requires go-xmpp >= 0.2.10). go-sendxmpp-0.15.0-bp157.2.3.1.src.rpm go-sendxmpp-0.15.0-bp157.2.3.1.x86_64.rpm go-sendxmpp-0.15.0-bp157.2.3.1.i586.rpm go-sendxmpp-0.15.0-bp157.2.3.1.aarch64.rpm go-sendxmpp-0.15.0-bp157.2.3.1.ppc64le.rpm go-sendxmpp-0.15.0-bp157.2.3.1.s390x.rpm openSUSE-2025-327 important openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: Chromium 139.0.7258.154 (boo#1248769) * CVE-2025-9478: Use after free in ANGLE chromedriver-139.0.7258.154-bp157.2.43.1.x86_64.rpm chromium-139.0.7258.154-bp157.2.43.1.src.rpm chromium-139.0.7258.154-bp157.2.43.1.x86_64.rpm chromedriver-139.0.7258.154-bp157.2.43.1.aarch64.rpm chromium-139.0.7258.154-bp157.2.43.1.aarch64.rpm chromedriver-139.0.7258.154-bp157.2.43.1.ppc64le.rpm chromium-139.0.7258.154-bp157.2.43.1.ppc64le.rpm openSUSE-2025-334 moderate openSUSE Backports SLE-15-SP7 Update This update for dcmtk fixes the following issues: - CVE-2025-9732: Fixed a memory corruption in dcm2img (boo#1248995). dcmtk-3.6.9-bp157.3.3.1.src.rpm dcmtk-3.6.9-bp157.3.3.1.x86_64.rpm dcmtk-debuginfo-3.6.9-bp157.3.3.1.x86_64.rpm dcmtk-debugsource-3.6.9-bp157.3.3.1.x86_64.rpm dcmtk-devel-3.6.9-bp157.3.3.1.x86_64.rpm libdcmtk19-3.6.9-bp157.3.3.1.x86_64.rpm libdcmtk19-debuginfo-3.6.9-bp157.3.3.1.x86_64.rpm dcmtk-3.6.9-bp157.3.3.1.i586.rpm dcmtk-debuginfo-3.6.9-bp157.3.3.1.i586.rpm dcmtk-debugsource-3.6.9-bp157.3.3.1.i586.rpm dcmtk-devel-3.6.9-bp157.3.3.1.i586.rpm libdcmtk19-3.6.9-bp157.3.3.1.i586.rpm libdcmtk19-debuginfo-3.6.9-bp157.3.3.1.i586.rpm dcmtk-3.6.9-bp157.3.3.1.aarch64.rpm dcmtk-debuginfo-3.6.9-bp157.3.3.1.aarch64.rpm dcmtk-debugsource-3.6.9-bp157.3.3.1.aarch64.rpm dcmtk-devel-3.6.9-bp157.3.3.1.aarch64.rpm libdcmtk19-3.6.9-bp157.3.3.1.aarch64.rpm libdcmtk19-debuginfo-3.6.9-bp157.3.3.1.aarch64.rpm dcmtk-3.6.9-bp157.3.3.1.ppc64le.rpm dcmtk-debuginfo-3.6.9-bp157.3.3.1.ppc64le.rpm dcmtk-debugsource-3.6.9-bp157.3.3.1.ppc64le.rpm dcmtk-devel-3.6.9-bp157.3.3.1.ppc64le.rpm libdcmtk19-3.6.9-bp157.3.3.1.ppc64le.rpm libdcmtk19-debuginfo-3.6.9-bp157.3.3.1.ppc64le.rpm dcmtk-3.6.9-bp157.3.3.1.s390x.rpm dcmtk-debuginfo-3.6.9-bp157.3.3.1.s390x.rpm dcmtk-debugsource-3.6.9-bp157.3.3.1.s390x.rpm dcmtk-devel-3.6.9-bp157.3.3.1.s390x.rpm libdcmtk19-3.6.9-bp157.3.3.1.s390x.rpm libdcmtk19-debuginfo-3.6.9-bp157.3.3.1.s390x.rpm openSUSE-2025-337 important openSUSE Backports SLE-15-SP7 Update This update for chromium, gn fixes the following issues: - Chromium 140.0.7339.80 (boo#1249093): * new permission prompt for local network access * CVE-2025-9864: Use after free in V8 * CVE-2025-9865: Inappropriate implementation in Toolbar * CVE-2025-9866: Inappropriate implementation in Extensions * CVE-2025-9867: Inappropriate implementation in Downloads * Various fixes from internal audits, fuzzing and other initiatives chromedriver-140.0.7339.80-bp157.2.46.1.x86_64.rpm chromium-140.0.7339.80-bp157.2.46.1.src.rpm chromium-140.0.7339.80-bp157.2.46.1.x86_64.rpm gn-0.20250619-bp157.2.6.1.src.rpm gn-0.20250619-bp157.2.6.1.x86_64.rpm gn-debuginfo-0.20250619-bp157.2.6.1.x86_64.rpm gn-debugsource-0.20250619-bp157.2.6.1.x86_64.rpm gn-0.20250619-bp157.2.6.1.i586.rpm gn-debuginfo-0.20250619-bp157.2.6.1.i586.rpm gn-debugsource-0.20250619-bp157.2.6.1.i586.rpm chromedriver-140.0.7339.80-bp157.2.46.1.aarch64.rpm chromium-140.0.7339.80-bp157.2.46.1.aarch64.rpm gn-0.20250619-bp157.2.6.1.aarch64.rpm gn-debuginfo-0.20250619-bp157.2.6.1.aarch64.rpm gn-debugsource-0.20250619-bp157.2.6.1.aarch64.rpm gn-0.20250619-bp157.2.6.1.ppc64le.rpm gn-debuginfo-0.20250619-bp157.2.6.1.ppc64le.rpm gn-debugsource-0.20250619-bp157.2.6.1.ppc64le.rpm gn-0.20250619-bp157.2.6.1.s390x.rpm gn-debuginfo-0.20250619-bp157.2.6.1.s390x.rpm gn-debugsource-0.20250619-bp157.2.6.1.s390x.rpm openSUSE-2025-338 moderate openSUSE Backports SLE-15-SP7 Update This update for opi fixes the following issues: - Version 5.8.7 * Fix ocenaudio url * Add LocalSend plugin * Run all tests in verbose mode * Print written repo files in verbose mode * Increase timeouts in test/06_install_non_interactive.py * Remove DNF references from README.md opi-5.8.7-bp157.2.6.1.noarch.rpm opi-5.8.7-bp157.2.6.1.src.rpm openSUSE-2025-345 moderate openSUSE Backports SLE-15-SP7 Update This update for gh fixes the following issues: - Update to version 2.78.0: * Add `--force` flag to `gh run cancel` (#11513) * Update third-party license versions (#11557) * chore(deps): bump github.com/go-viper/mapstructure/v2 (#11556) * Merge pull request #11536 from cli/copilot/fix-11535 * chore(deps): bump github.com/cli/go-gh/v2 from 2.12.1 to 2.12.2 * Update pkg/cmd/release/verify/verify.go * Update pkg/cmd/release/verify-asset/verify_asset.go * Hidden trusted root flag for release verify * Update Go dependencies to latest versions * chore(deps): bump actions/checkout from 4 to 5 * udpate the test * replace /git/refs/tags/ to /git/ref/tags/ * Update feature_detection.go * Update PR tests for v2 projects * Base changes for PR project items * Update `gh issue view` to show v2 projects * PR feedback from @bagtoad * Update v1 project detection logic * Update govulncheck workflow to scan source code * add test for FetchRefSHA * Apply suggestion from @Copilot * Update docs/install_windows.md * Consolidate repo profile, fix headings * chore(deps): bump google.golang.org/grpc from 1.73.0 to 1.74.2 * chore(deps): bump github.com/yuin/goldmark from 1.7.12 to 1.7.13 * Update docs on contributing new install methods * markdown lint fixes * Formatting * Initial installation doc refactor * Pushing empty commit to run CI * Bump Go to 1.24.6 * Fix linter * Update pkg/cmd/search/search.go * chore(deps): bump actions/download-artifact from 4 to 5 * Update docs/triage.md * Update docs/triage.md * Update issue triage guidelines and label usage * fix error for ErrReleaseNotFound when fetching ref * Apply suggestion from @Copilot * Update .github/workflows/scripts/spam-detection/process-issue.sh * docs(search): move search syntax note to `gh search --help` * Update spam detection to comment on and close issue * Update permissions and events for workflow * ci: use `help wanted` label link in comment * ci: anchor regexp for `help wanted` label * Improve spam detection evals (#11419) * v1 project feature detection spike using version * docs(help): rename `search-syntax` help topic * docs(search): add reference to `gh help search` * Add help topic for search syntax in gh commands * docs(search): add note for exclusion search syntax * Regenerate third-party licenses on trunk pushes * chore(deps): bump github.com/spf13/pflag from 1.0.6 to 1.0.7 gh-2.78.0-bp157.2.9.1.src.rpm gh-2.78.0-bp157.2.9.1.x86_64.rpm gh-bash-completion-2.78.0-bp157.2.9.1.noarch.rpm gh-fish-completion-2.78.0-bp157.2.9.1.noarch.rpm gh-zsh-completion-2.78.0-bp157.2.9.1.noarch.rpm gh-2.78.0-bp157.2.9.1.i586.rpm gh-2.78.0-bp157.2.9.1.aarch64.rpm gh-2.78.0-bp157.2.9.1.s390x.rpm openSUSE-2025-347 moderate openSUSE Backports SLE-15-SP7 Update This update for kubo fixes the following issues: - CVE-2025-22872: Fixed golang.org/x/net/html issue where incorrectly interpreted tags can cause content to be placed wrong scope during DOM construction (boo#1241776). kubo-0.35.0-bp157.2.6.1.src.rpm kubo-0.35.0-bp157.2.6.1.x86_64.rpm kubo-0.35.0-bp157.2.6.1.i586.rpm kubo-0.35.0-bp157.2.6.1.aarch64.rpm kubo-0.35.0-bp157.2.6.1.ppc64le.rpm kubo-0.35.0-bp157.2.6.1.s390x.rpm openSUSE-2025-349 moderate openSUSE Backports SLE-15-SP7 Update This update for mkdud fixes the following issues: Update to version 2.0: - merge gh#openSUSE/mkdud#42 - make mkdud SLE-16 aware (jsc#PED-13262) - update man page - documentation update - adjust package dependencies mkdud-2.0-bp157.2.3.1.noarch.rpm mkdud-2.0-bp157.2.3.1.src.rpm openSUSE-2025-343 important openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: - Chromium 140.0.7339.127 (boo#1249388) * CVE-2025-10200: Use after free in Serviceworker * CVE-2025-10201: Inappropriate implementation in Mojo chromedriver-140.0.7339.127-bp157.2.49.1.x86_64.rpm chromium-140.0.7339.127-bp157.2.49.1.src.rpm chromium-140.0.7339.127-bp157.2.49.1.x86_64.rpm chromedriver-140.0.7339.127-bp157.2.49.1.aarch64.rpm chromium-140.0.7339.127-bp157.2.49.1.aarch64.rpm openSUSE-2025-352 important openSUSE Backports SLE-15-SP7 Update This update for java-11-openj9 fixes the following issues: Update to OpenJDK 11.0.28 with OpenJ9 0.53.0 virtual machine Including Oracle July 2025 CPU changes * CVE-2025-30749 (boo#1246595), CVE-2025-30754 (boo#1246598), CVE-2025-30761 (boo#1246580), CVE-2025-50059 (boo#1246575), CVE-2025-50106 (boo#1246584) * OpenJ9 changes, see https://www.eclipse.org/openj9/docs/version0.53/ Update to OpenJDK 11.0.27 with OpenJ9 0.51.0 virtual machine Including Oracle April 2025 CPU changes * CVE-2025-21587 (boo#1241274), CVE-2025-30691 (boo#1241275), CVE-2025-30698 (boo#1241276) * OpenJ9 changes, see https://www.eclipse.org/openj9/docs/version0.51/ java-11-openj9-11.0.28.0-bp157.2.3.1.src.rpm java-11-openj9-11.0.28.0-bp157.2.3.1.x86_64.rpm java-11-openj9-demo-11.0.28.0-bp157.2.3.1.x86_64.rpm java-11-openj9-devel-11.0.28.0-bp157.2.3.1.x86_64.rpm java-11-openj9-headless-11.0.28.0-bp157.2.3.1.x86_64.rpm java-11-openj9-javadoc-11.0.28.0-bp157.2.3.1.noarch.rpm java-11-openj9-jmods-11.0.28.0-bp157.2.3.1.x86_64.rpm java-11-openj9-src-11.0.28.0-bp157.2.3.1.x86_64.rpm java-11-openj9-11.0.28.0-bp157.2.3.1.aarch64.rpm java-11-openj9-demo-11.0.28.0-bp157.2.3.1.aarch64.rpm java-11-openj9-devel-11.0.28.0-bp157.2.3.1.aarch64.rpm java-11-openj9-headless-11.0.28.0-bp157.2.3.1.aarch64.rpm java-11-openj9-jmods-11.0.28.0-bp157.2.3.1.aarch64.rpm java-11-openj9-src-11.0.28.0-bp157.2.3.1.aarch64.rpm java-11-openj9-11.0.28.0-bp157.2.3.1.ppc64le.rpm java-11-openj9-demo-11.0.28.0-bp157.2.3.1.ppc64le.rpm java-11-openj9-devel-11.0.28.0-bp157.2.3.1.ppc64le.rpm java-11-openj9-headless-11.0.28.0-bp157.2.3.1.ppc64le.rpm java-11-openj9-jmods-11.0.28.0-bp157.2.3.1.ppc64le.rpm java-11-openj9-src-11.0.28.0-bp157.2.3.1.ppc64le.rpm java-11-openj9-11.0.28.0-bp157.2.3.1.s390x.rpm java-11-openj9-demo-11.0.28.0-bp157.2.3.1.s390x.rpm java-11-openj9-devel-11.0.28.0-bp157.2.3.1.s390x.rpm java-11-openj9-headless-11.0.28.0-bp157.2.3.1.s390x.rpm java-11-openj9-jmods-11.0.28.0-bp157.2.3.1.s390x.rpm java-11-openj9-src-11.0.28.0-bp157.2.3.1.s390x.rpm openSUSE-2025-354 important openSUSE Backports SLE-15-SP7 Update This update for java-17-openj9 fixes the following issues: Update to OpenJDK 17.0.16 with OpenJ9 0.53.0 virtual machine Including Oracle July 2025 CPU changes * CVE-2025-30749 (boo#1246595), CVE-2025-30754 (boo#1246598), CVE-2025-50059 (boo#1246575), CVE-2025-50106 (boo#1246584) * OpenJ9 changes, see https://www.eclipse.org/openj9/docs/version0.53/ Update to OpenJDK 17.0.15 with OpenJ9 0.51.0 virtual machine Including Oracle April 2025 CPU changes * CVE-2025-21587 (boo#1241274), CVE-2025-30691 (boo#1241275), CVE-2025-30698 (boo#1241276) * OpenJ9 changes, see https://www.eclipse.org/openj9/docs/version0.51/ java-17-openj9-17.0.16.0-bp157.2.3.1.src.rpm java-17-openj9-17.0.16.0-bp157.2.3.1.x86_64.rpm java-17-openj9-demo-17.0.16.0-bp157.2.3.1.x86_64.rpm java-17-openj9-devel-17.0.16.0-bp157.2.3.1.x86_64.rpm java-17-openj9-headless-17.0.16.0-bp157.2.3.1.x86_64.rpm java-17-openj9-javadoc-17.0.16.0-bp157.2.3.1.noarch.rpm java-17-openj9-jmods-17.0.16.0-bp157.2.3.1.x86_64.rpm java-17-openj9-src-17.0.16.0-bp157.2.3.1.x86_64.rpm java-17-openj9-17.0.16.0-bp157.2.3.1.aarch64.rpm java-17-openj9-demo-17.0.16.0-bp157.2.3.1.aarch64.rpm java-17-openj9-devel-17.0.16.0-bp157.2.3.1.aarch64.rpm java-17-openj9-headless-17.0.16.0-bp157.2.3.1.aarch64.rpm java-17-openj9-jmods-17.0.16.0-bp157.2.3.1.aarch64.rpm java-17-openj9-src-17.0.16.0-bp157.2.3.1.aarch64.rpm java-17-openj9-17.0.16.0-bp157.2.3.1.ppc64le.rpm java-17-openj9-demo-17.0.16.0-bp157.2.3.1.ppc64le.rpm java-17-openj9-devel-17.0.16.0-bp157.2.3.1.ppc64le.rpm java-17-openj9-headless-17.0.16.0-bp157.2.3.1.ppc64le.rpm java-17-openj9-jmods-17.0.16.0-bp157.2.3.1.ppc64le.rpm java-17-openj9-src-17.0.16.0-bp157.2.3.1.ppc64le.rpm java-17-openj9-17.0.16.0-bp157.2.3.1.s390x.rpm java-17-openj9-demo-17.0.16.0-bp157.2.3.1.s390x.rpm java-17-openj9-devel-17.0.16.0-bp157.2.3.1.s390x.rpm java-17-openj9-headless-17.0.16.0-bp157.2.3.1.s390x.rpm java-17-openj9-jmods-17.0.16.0-bp157.2.3.1.s390x.rpm java-17-openj9-src-17.0.16.0-bp157.2.3.1.s390x.rpm openSUSE-2025-361 moderate openSUSE Backports SLE-15-SP7 Update This update for ntpd-rs fixes the following issues: Update to version 1.6.1 * Fixed mistake in the calculation of root dispersion used in serving and observability. Update to version 1.6.0 Added * Support draft versions of NTPv5 with configuration changes. * Allow disabling ntp versions in the server. Changed * NTPv5 draft support now targets draft 4. * Time jumps now emit warnings. * Updated dependencies. Fixed * Fixed a crash in force-sync when using many servers. * Fixed root dispersion of the server not properly updating over time. * Fixed a bug in handling unsigned ntp deny messages. Update to version 1.5.0 Added * Support for PPS based sources (this support can be disabled with a compile flag for now). * Per source configuration of poll intervals. * Allow setting a custom reference id for stratum 1 servers. Changed * Our algorithm can now handle periodic sources. * ntpd-rs runs single-threaded when only configured as a client, servers still run multithreaded. * The reference timestamp field is now set to the truncated receive timestamp instead of being zero. * Support of rustls 0.21 and 0.22 is removed. * Certificate validation is now done through rustls-platform-verifier, following platform certificate validation more closely. * Updated dependencies Fixed * Fixed parsing of IPv6 addresses. * Fixed incorrect display of date in force-sync command. * Fixed a client denial of service vulnerability with zero-sized NTS cookies. * Fixed a client denial of service vulnerability with NTS cookies that are too large. Update to version 1.4.0 Added * Support for GPS based sources via a GPSd socket. * Added a setting to allow disabling of colors in our logs (observability.ansi-colors) Changed * Fallback to V4 should V5 not work for some reason (if NTPv5 is enabled) * Make the NTP version of a source configurable. * We now support rustls from 0.21 and up, to allow compilation on more targets. Fixed * Force sync did not work when a single source was configured. * Fix incorrect indexing in decode of ReferenceIdRequest for NTPv5 messages. Update to version 1.3.1 * Updated dependencies. Includes fixes for RUSTSEC-2024-0399. Update to version 1.3.0 Added * Added force-sync command to ntp-ctl to help with getting a decent initial time if the clock is far away from reality. * Added information on NTS to the ntp-ctl status overview. Changed * Made the logs a little less chatty. * Updated dependencies. ntpd-rs-1.6.1-bp157.2.3.1.src.rpm ntpd-rs-1.6.1-bp157.2.3.1.x86_64.rpm ntpd-rs-common-1.6.1-bp157.2.3.1.noarch.rpm ntpd-rs-1.6.1-bp157.2.3.1.i586.rpm ntpd-rs-1.6.1-bp157.2.3.1.aarch64.rpm openSUSE-2025-363 moderate openSUSE Backports SLE-15-SP7 Update This update for mkdud fixes the following issues: Update to version 2.2: - fix "How to apply" output Update to version 2.1: - support expressing installation ISO changes in DUDs (jsc#PED-13262) - add --dracut-hook option - update documentation mkdud-2.2-bp157.2.6.1.noarch.rpm mkdud-2.2-bp157.2.6.1.src.rpm openSUSE-2025-365 moderate openSUSE Backports SLE-15-SP7 Update This update for shadowsocks-v2ray-plugin fixes the following issues: Update version to 5.37.0 * Update v2ray-core to 5.37.0 * Fixed CVE-2025-29785 in dependency ackhandler (bsc#1243954) golang-github-teddysun-v2ray-plugin-5.37.0-bp157.2.3.1.noarch.rpm shadowsocks-v2ray-plugin-5.37.0-bp157.2.3.1.src.rpm shadowsocks-v2ray-plugin-5.37.0-bp157.2.3.1.x86_64.rpm shadowsocks-v2ray-plugin-5.37.0-bp157.2.3.1.i586.rpm shadowsocks-v2ray-plugin-5.37.0-bp157.2.3.1.aarch64.rpm shadowsocks-v2ray-plugin-5.37.0-bp157.2.3.1.ppc64le.rpm shadowsocks-v2ray-plugin-5.37.0-bp157.2.3.1.s390x.rpm openSUSE-2025-357 important openSUSE Backports SLE-15-SP7 Update This update for perl-JSON-XS fixes the following issues: Updated to version 4.40.0 (4.04) - CVE-2025-40928: Fixed integer overflow in parsing (boo#1249330). perl-JSON-XS-4.40.0-bp157.2.3.1.src.rpm perl-JSON-XS-4.40.0-bp157.2.3.1.x86_64.rpm perl-JSON-XS-4.40.0-bp157.2.3.1.i586.rpm perl-JSON-XS-4.40.0-bp157.2.3.1.aarch64.rpm perl-JSON-XS-4.40.0-bp157.2.3.1.ppc64le.rpm perl-JSON-XS-4.40.0-bp157.2.3.1.s390x.rpm openSUSE-2025-367 important openSUSE Backports SLE-15-SP7 Update Chromium was updated to 140.0.7339.185 (stable released 2025-09-17) boo#1249999 Security issues fixed: * CVE-2025-10585: Type Confusion in V8 * CVE-2025-10500: Use after free in Dawn * CVE-2025-10501: Use after free in WebRTC * CVE-2025-10502: Heap buffer overflow in ANGLE chromedriver-140.0.7339.185-bp157.2.52.1.x86_64.rpm chromium-140.0.7339.185-bp157.2.52.1.src.rpm chromium-140.0.7339.185-bp157.2.52.1.x86_64.rpm chromedriver-140.0.7339.185-bp157.2.52.1.aarch64.rpm chromium-140.0.7339.185-bp157.2.52.1.aarch64.rpm openSUSE-2025-373 moderate openSUSE Backports SLE-15-SP7 Update This update for tor fixes the following issues: - 0.4.8.18 * CVE-2025-4444: onion service descriptor resource consumption issue (boo#1250101) - 0.4.8.17 * Minor features and bugfixes * use quantum-resistant MLKEM-768 cipher - tor 0.4.8.16 * fix typo in a directory authority rule file * fix a sandbox issue for bandwidth authority and a conflux issue on the control port * client fix about relay flag usage - tor 0.4.8.14 * bugfix for onion service directory cache * test-network now unconditionally includes IPv6 * Regenerate fallback directories 2025-02-05 * Update the geoip files to 2025-02-05 * Fix a pointer free - tor 0.4.8.13 * Conflux related client circuit building performance bugfix * Fix minor memory leaks * Add STATUS TYPE=version handler for Pluggable Transport - tor 0.4.8.12 * Minor features and bugfixes * See https://gitlab.torproject.org/tpo/core/tor/-/raw/release-0.4.8/ReleaseNotes tor-0.4.8.18-bp157.2.3.1.src.rpm tor-0.4.8.18-bp157.2.3.1.x86_64.rpm tor-debuginfo-0.4.8.18-bp157.2.3.1.x86_64.rpm tor-debugsource-0.4.8.18-bp157.2.3.1.x86_64.rpm tor-0.4.8.18-bp157.2.3.1.aarch64.rpm tor-debuginfo-0.4.8.18-bp157.2.3.1.aarch64.rpm tor-debugsource-0.4.8.18-bp157.2.3.1.aarch64.rpm tor-0.4.8.18-bp157.2.3.1.ppc64le.rpm tor-debuginfo-0.4.8.18-bp157.2.3.1.ppc64le.rpm tor-debugsource-0.4.8.18-bp157.2.3.1.ppc64le.rpm tor-0.4.8.18-bp157.2.3.1.s390x.rpm tor-debuginfo-0.4.8.18-bp157.2.3.1.s390x.rpm tor-debugsource-0.4.8.18-bp157.2.3.1.s390x.rpm openSUSE-2025-374 moderate openSUSE Backports SLE-15-SP7 Update This update for bird fixes the following issues: - redownload sources, seem like they changed a little - Minor polishing * use %tmpfiles_create macro * use install -D instead of mkdir && install - Update to version 2.17.1 * BSD: Fix build on NetBSD * BGP: Fix crash when incoming connection for disabled protocol arrives * Documentation fixes - Drop extra spaces in sysusers file and drop explicit group creation - Use prebuild PDF documentation for the docs package - Drop explicit User & Group Provides, should be handled automatically - Drop perl dependency for docs package because: * we currently don't build the documentation * real dependencies are different anyway - Update description - Migrate user creation to sysuser-tools - Update to version 2.17 * Babel: next hop control for IPv4 * BGP: link-local next hop format configuration * TCP-AO implementation for Linux - Update to version 2.16 * BFD: Set password per session * BFD: Accept zero checksum for IPv6-UDP * BMP: Refactoring and optimizations * OSPF: Allow loopback nexthop in OSPFv3-IPv4 * RPKI: TCP-MD5 authentication option * Filters: Add enum types to filter grammar * CLI: Configurable additional control sockets * CLI: Timeformat command * CLI: Dump commands need a target file * ASPA support in filters, Static and RPKI * Formalized contributions and credits policy * Many bugfixes and improvements bird-2.17.1-bp157.2.3.1.src.rpm bird-2.17.1-bp157.2.3.1.x86_64.rpm bird-doc-2.17.1-bp157.2.3.1.noarch.rpm bird-2.17.1-bp157.2.3.1.i586.rpm bird-2.17.1-bp157.2.3.1.aarch64.rpm bird-2.17.1-bp157.2.3.1.ppc64le.rpm bird-2.17.1-bp157.2.3.1.s390x.rpm openSUSE-2025-375 moderate openSUSE Backports SLE-15-SP7 Update This update for monitoring-plugins-zypper fixes the following issues: - update to 1.98.12 + remove openSUSE Leap 15.4, 15.5 + add SLE-15-SP7 + add Tumbleweed 2025 - update to 1.98.11 + Update AppArmor profile to work with Tumbleweed monitoring-plugins-zypper-1.98.12-bp157.2.3.1.noarch.rpm monitoring-plugins-zypper-1.98.12-bp157.2.3.1.src.rpm openSUSE-2025-379 important openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: Chromium 140.0.7339.207 (boo#1250472) * CVE-2025-10890: Side-channel information leakage in V8 * CVE-2025-10891: Integer overflow in V8 * CVE-2025-10892: Integer overflow in V8 chromedriver-140.0.7339.207-bp157.2.55.1.x86_64.rpm chromium-140.0.7339.207-bp157.2.55.1.src.rpm chromium-140.0.7339.207-bp157.2.55.1.x86_64.rpm chromedriver-140.0.7339.207-bp157.2.55.1.aarch64.rpm chromium-140.0.7339.207-bp157.2.55.1.aarch64.rpm openSUSE-2025-377 important openSUSE Backports SLE-15-SP7 Update This update for afterburn fixes the following issues: - Update to version 5.9.0.git21.a73f509: * docs/release-notes: update for release 5.10.0 * cargo: update dependencies * microsoft/azure: Add XML attribute alias for serde-xml-rs Fedora compat * docs/release-notes: Add entry for Azure SharedConfig XML parsing fix * microsoft/azure: Fix SharedConfig parsing of XML attributes * microsoft/azure: Mock goalstate.SharedConfig output in tests * providers/azure: switch SSH key retrieval from certs endpoint to IMDS as azure stopped providing keys in the old one, fixes boo#1250471 * build(deps): bump the build group with 8 updates * build(deps): bump slab from 0.4.10 to 0.4.11 * build(deps): bump actions/checkout from 4 to 5 * upcloud: implement UpCloud provider * build(deps): bump the build group with 4 updates * Sync repo templates ⚙ - Update to version 5.9.0: * cargo: Afterburn release 5.9.0 * docs/release-notes: update for release 5.9.0 * cargo: update dependencies * Add TMT test structure and basic smoke test * build(deps): bump openssl from 0.10.72 to 0.10.73 * build(deps): bump reqwest from 0.12.15 to 0.12.18 * docs/release-notes: Update changelog entry * dracut: Return 255 in module-setup * oraclecloud: add release note and move base URL to constant * oraclecloud: implement oraclecloud provider * build(deps): bump nix from 0.29.0 to 0.30.1 * build(deps): bump zbus from 5.7.0 to 5.7.1 * build(deps): bump serde-xml-rs from 0.6.0 to 0.8.1 * build(deps): bump ipnetwork from 0.20.0 to 0.21.1 * build(deps): bump clap from 4.5.38 to 4.5.39 - Fix Requires in noarch package to not be arch specific (boo#1244675) afterburn-5.9.0.git21.a73f509-bp157.2.6.1.src.rpm afterburn-5.9.0.git21.a73f509-bp157.2.6.1.x86_64.rpm afterburn-dracut-5.9.0.git21.a73f509-bp157.2.6.1.noarch.rpm afterburn-5.9.0.git21.a73f509-bp157.2.6.1.i586.rpm afterburn-5.9.0.git21.a73f509-bp157.2.6.1.aarch64.rpm afterburn-5.9.0.git21.a73f509-bp157.2.6.1.ppc64le.rpm afterburn-5.9.0.git21.a73f509-bp157.2.6.1.s390x.rpm openSUSE-2025-381 moderate openSUSE Backports SLE-15-SP7 Update This update for virtme fixes the following issues: Update to 1.38: * Fix the infamous Stale file handle (ESTALE) errors with virtiofsd * Fix for systemctl daemon-reload when systemd support is enabled * Fix for a kernel symlink issue affecting openSUSE/SLE * README/docs improvements * Various coding style cleanups virtme-1.38-bp157.2.9.1.noarch.rpm virtme-1.38-bp157.2.9.1.src.rpm openSUSE-2025-382 moderate openSUSE Backports SLE-15-SP7 Update This update for galera-4 fixes the following issues: - libboost_system was removed upstream, fixes boo#1249900 Update to 26.4.22: * New feature for applications to define sequential consistency parameters for the certification process, via wsrep_certify_v1() which takes an application defined callback * Fixed assertions in report_last_committed() that could cause issues under certain thread scheduling conditions * Removed unnecessary assertions that could trigger due to normal timing variations in distributed environments * Fixed string format warnings that were appearing during builds on Debian Sid 26.4.21 changelog: * remove the dependency on openssl/engine.h - fixes codership/galera#663 * writeset serialization during IST fails because the seqno locking mechanism does not prevent underlying data stores from discarding released actions, requiring the locked seqno to be passed to stores to enforce discard limits. * fixed ssl_cipher parameter type to string * when a node progresses from JOINED to SYNCED, a race condition may prevent it from being counted in the commit cut; ensure it is included upon announcing SYNCED and delay advancing the commit cut until the node's last applied value exceeds the current commit cut. GCS protocol version bumped. * expose versions of all protocols agreed on by quorum via status call. 26.4.20 changelog: * improve error and warning messages handling in the library. System error numbers and messages are hidden from thrown exceptions, except for the cases where the exception is thrown because of error from system call. Some warning level messages in gcomm and GCS have been changed to info level in cases where the message does not require action from the administrator. Update to 26.4.19: * WSREP_KEY_SHARED key type is being phased out since it had insufficiently strict certification rules that may lead to certification test passes where it should fail. WSREP_KEY_REFERENCE fixes this, and all new writesets will be constructed using this. WSREP_KEY_SHARED is supported for backwards compatibility. * A memory leak in the commit cut action has been fixed. * Network level node isolation, which can help shut down all communication with the rest of the cluster to achieve a fail-silent crash. * GCS level protocol bumped, as error voting for joiner in the JOINED state was broken when group-wide commit cut (implied SUCCESS vote) was not taken into account when processing error vote requests from the JOINED node. - Switch to mariadb fork of galera-4. update to 26.4.18: * The garbd process hangs due to exceptions in the GCS layer not being caught within the receive loop, necessitating a forceful termination. Fixing this requires catching all exceptions within the loop, closing the connection first, and then continuing until a 'SELF-LEAVE' message ensures graceful exit. * When using SSL, crashes of garbd during graceful node shutdowns may occur, and result in the cluster becoming non-Primary; garbd now ignores the SIGPIPE signal to prevent this. * socket_ssl_compression is deprecated, now it isn't attempt to be set, and the user receives a warning if it was explicitly set. * Fixed commit cut tracking on node leave, and bumped GCS protocol version for backwards compatibility. * Executing the gcomm join process in the database server thread can lead to issues during allowlist callbacks, which should only be handled by Galera service threads. The gcomm join process is run within the gcomm service thread now. Update to 26.4.17: - "Zero-level" certification keys are implemented. Currently there are 3 levels of resource keys: schema, table, row, yet one common resource used by every writeset, a node. The key is added by default to every writeset with the default type WSREP_KEY_SHARED. Now, node-wide operations can be performed with the same semantics as regular transactions. - Non-SYNCED nodes are not counted when calculating commit cut - maximum seqno that is no longer needed in certification index; situations may arise when group commit cut is applied before all preceding events are committed on a non-SYNCED node, now drain all monitors to ensure that preceding events are committed. - Stability of node joining process for gmcast improved when new nodes are connecting concurrently as nodes previously may arrive at a different conclusion on which nodes will be blocked, however now, connections are explicitly allowed from all nodes which may be accepted as members in the next view. - Stability of node joining process for EVS improved by dropping EVS join messages without own identified in joining state, to avoid starting membership protocol before at least one of the existing nodes has seen at least one join message from a joiner. - Improve "Failed to report last committed" warning to make it more accurate and user-friendly. Update to 26.4.16: - Removed out-of-order certification for BF aborted transactions. - Better error handling when the socket is closed, also cleaned up excessive debug logging. Update to 26.4.15: - an assertion is relaxed when Galera is configured with commit order disabled - in certificate index preload, an assertion in handle_ist_trx_preload() fails if the first handled IST preload write set has failed certification, and incrementing the index position caused the certificate index to end up with the wrong position; now fixed by appending dummy writeset sequence numbers into Certification::trx_map_ - ASAN reported memory leak if gcs is closed after becoming joined but before reaching synced galera-4-26.4.22-bp157.2.3.1.src.rpm galera-4-26.4.22-bp157.2.3.1.x86_64.rpm galera-4-wsrep-provider-26.4.22-bp157.2.3.1.x86_64.rpm galera-4-26.4.22-bp157.2.3.1.i586.rpm galera-4-wsrep-provider-26.4.22-bp157.2.3.1.i586.rpm galera-4-26.4.22-bp157.2.3.1.aarch64.rpm galera-4-wsrep-provider-26.4.22-bp157.2.3.1.aarch64.rpm galera-4-26.4.22-bp157.2.3.1.ppc64le.rpm galera-4-wsrep-provider-26.4.22-bp157.2.3.1.ppc64le.rpm galera-4-26.4.22-bp157.2.3.1.s390x.rpm galera-4-wsrep-provider-26.4.22-bp157.2.3.1.s390x.rpm openSUSE-2025-387 important openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: - Chromium 141.0.7390.54 (stable released 2025-09-30) (boo#1250780) * CVE-2025-11205: Heap buffer overflow in WebGPU * CVE-2025-11206: Heap buffer overflow in Video * CVE-2025-11207: Side-channel information leakage in Storage * CVE-2025-11208: Inappropriate implementation in Media * CVE-2025-11209: Inappropriate implementation in Omnibox * CVE-2025-11210: Side-channel information leakage in Tab * CVE-2025-11211: Out of bounds read in Media * CVE-2025-11212: Inappropriate implementation in Media * CVE-2025-11213: Inappropriate implementation in Omnibox * CVE-2025-11215: Off by one error in V8 * CVE-2025-11216: Inappropriate implementation in Storage * CVE-2025-11219: Use after free in V8 * Various fixes from internal audits, fuzzing and other initiatives chromedriver-141.0.7390.54-bp157.2.58.1.x86_64.rpm chromium-141.0.7390.54-bp157.2.58.1.src.rpm chromium-141.0.7390.54-bp157.2.58.1.x86_64.rpm chromedriver-141.0.7390.54-bp157.2.58.1.aarch64.rpm chromium-141.0.7390.54-bp157.2.58.1.aarch64.rpm chromedriver-141.0.7390.54-bp157.2.58.1.ppc64le.rpm chromium-141.0.7390.54-bp157.2.58.1.ppc64le.rpm openSUSE-2025-390 important openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: Chromium 141.0.7390.65 (boo#1251334): * CVE-2025-11458: Heap buffer overflow in Sync * CVE-2025-11460: Use after free in Storage * CVE-2025-11211: Out of bounds read in WebCodecs chromedriver-141.0.7390.65-bp157.2.61.1.x86_64.rpm chromium-141.0.7390.65-bp157.2.61.1.src.rpm chromium-141.0.7390.65-bp157.2.61.1.x86_64.rpm chromedriver-141.0.7390.65-bp157.2.61.1.aarch64.rpm chromium-141.0.7390.65-bp157.2.61.1.aarch64.rpm chromedriver-141.0.7390.65-bp157.2.61.1.ppc64le.rpm chromium-141.0.7390.65-bp157.2.61.1.ppc64le.rpm openSUSE-2025-393 moderate openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: - Chromium 141.0.7390.76: * Do not send URLs as AIM input. This is to resolve a privacy concern, around passing urls to AI Mode. - exclude the main tarball from the src.rpm to reduce size (it is anyway fully referenced, so no supply chain concern) chromedriver-141.0.7390.76-bp157.2.64.1.x86_64.rpm chromium-141.0.7390.76-bp157.2.64.1.nosrc.rpm chromium-141.0.7390.76-bp157.2.64.1.x86_64.rpm chromedriver-141.0.7390.76-bp157.2.64.1.aarch64.rpm chromium-141.0.7390.76-bp157.2.64.1.aarch64.rpm chromedriver-141.0.7390.76-bp157.2.64.1.ppc64le.rpm chromium-141.0.7390.76-bp157.2.64.1.ppc64le.rpm openSUSE-2025-394 moderate openSUSE Backports SLE-15-SP7 Update This update for gh fixes the following issues: Update to version 2.81.0: * test(auth status): correctly replace JSON-escaped paths * update the description * refactor: use strings.FieldsFuncSeq to reduce memory allocations * fix(pr checkout): add alias `co` * remove hidden value for release verify cmd * fix latest tag for relase verify asset * docs(auth status): explain `--json` will always exit with zero * fix(auth status): return JSON entries under `hosts` * fixup! examples * fix error missing in json output * examples * remove showToken from authEntry * address copilot comment on parameter order * add examples * simplify exporter usage * remove includeScope * do not mutate opts.ShowToken * move displayToken to String method * move flag validation to RunE * refactor without VisitAll * introduce AddJSONFlagsWithoutShorthand * fix show token when using json * fix exit code * revert showToken change * mutually exclusive flags * flag duplicate check * add ExpectCommandToSupportJSONFields * do not export authState * handle -t conflict * do not fetch scope if not necessary * json flags * auth state enum * Refactor entry to a single type * Fix missing assertions - Packaging improvements: * Update to BuildRequires: golang(API) >= 1.24 matching go.mod Update to version 2.80.0: * chore: update third-party licenses * Add math package import to sessions.go * Add TODO for better integer handling in GetPullRequestDatabaseID * chore: update third-party licenses * update the test * Update pkg/cmd/attestation/api/client.go * add initiator_type for attestations * fix(agent-task/capi): return proper error message when resp is not a JSON * test(agent-task view): populate `Session.Name` in all test cases * fix(agent-task view): improve session overview * refactor(agent-task view): merge empty println calls with next * fix(agent-task view): re-fetch session to get all pieces of data * fix(agent-task/capi): remove fallback to viewer when user id is zero * test(agent-tassk/capi): update `ListSessionsByResourceID` tests * docs(agent-task/capi): add TODO note for dropping local ID generation * fix(agent-task/capi): fetch viewer when resource session user id is zero * fix(agent-task/capi): handle unpopulated resource session `LastUpdatedAt` * refactor(agent-task/capi): keep `resource` private * update agents resource route * fix(agent-task view): improve session error * fix(agent-task view): display session error * fix(agent-task/capi): add `WorkflowRunID` field to `Session` * refactor(agent-task/capi): remove unused slice * fix(agent-task/capi): add `Error` field to `Session` * fix(agent-task create): block empty problem statement arg * fix(agent-task create): use pager when following logs * fix(agent-task create): avoid prompting when problem statement is provided * fix(agent-task list): show capitalised session state * fix(agent-task/shared): fix session state value * docs(agent-task list): add "(preview)" note to cmd docs * chore(agent-task/shared): regenerate `LogRenderer` mock * test(agent-task/capi): assert session with zero resource ID are kept * fix(agent-task/capi): keep sessions with no resource attached * refactor(agent-task list): remove unused `BaseRepo` from `ListOptions` * docs(agent-task/capi): fix test case explanation * Fix session deduplication and add test for paging * Remove repo-scoped session listing and related code * docs(agent-task): use `heredoc.Doc` * docs(pr/shared): add a `TODO` on decoupling PR finder from IO * fix(agent-task view): display zero premium requests * fix(agent-task/shared): make capitalised status names consistent * Update pkg/cmd/agent-task/agent_task.go * Update pkg/cmd/agent-task/agent_task.go * Enhance agent-task command help and usage info * Refactor comments in stripDiffFormat function * Remove obsolete log-3 test data files * fix(agent-task view): omit session overview in log mode * fix(agent-task view): display premium requests used * fix(agent-task/capi): add `PremiumRequests` field to `Session` * fix(agent-task view): display session duration * fix(agent-task view): display completed sessions as "Ready for review" * fix(agent-task view): disable PR finder progress indicator * test(pr/shared): assert `FindOptions.DisableProgress` is respected * fix(pr/shared): add `DisableProgress` field to `FindOptions` * Refactor stripDiffFormat guard clause logic * Use filepath.Ext to detect file extension in markdown renderer * Improve log rendering error handling and test coverage * Prefix rendered shell commands with '$ ' in logs * Clarify comment on CRLF normalization in tests * Refactor generic tool call titles map to package scope * Add pager support to log output in printLogs * test(agent-task create): add test for `--follow` * docs(agent-task create): add example for `--follow` flag * feat(agent-task create): add `--follow` flag * refactor(agent-task create): extract session URL polling into a func * Add TODO for bash-related tool call details * Update comment for reasoning text formatting * Enable Bash session tool handling in log rendering * Rename testdata log files for clarity * Normalize line endings in log testdata files too * Fix line ending conversion in tests * Add note for updating testdata files in log tests * Make log tests OS-agnostic by normalizing line endings * Fix comment for GetSessionLogs method * Add and improve function documentation in log.go * Update log test expectation files * Rename renderToolCall to renderToolCallTitle * Rename relativePath to relativeFilePath in log rendering * Refactor markdown rendering helper function names * Improve log rendering and tool call handling * Refactor JSON content rendering in log entries * Various log rendering improvements * feat(agent-task view): add `--log` and `--follow` flags * feat(agent-task view): add `--log` and `--follow` flags * fix(agent-task/shared): add log renderer * feat(agent-task/capi): add `GetSessionLogs` method * Add error type assertion to createRun tests * Add test for non-interactive problem statement input * Update test to use edited task description * Remove unused stdin field from create command tests * Refactor create command tests and add base branch case * refactor(pr/shared): rename `rest` to `tail` * refactor(agent-task/shared): enhance symbol names * Update command examples for agent-task create * Refactor agent-task create to improve file input handling * fix(pr/shared): ensure `ParseURL` regexp is backward-compatible * refactor(agent-task/shared): extract uuid pattern * refactor(agent-task view): rename `resourceID` to `prID` * feat(agent-task view): support PR `/agent-sessions/*` URL as argument * fix(agent-task/shared): add `ParsePullRequestAgentSessionURL` * fix(pr/shared): add rest return value to `ParseURL` * docs(agent-task view): improve `--help` docs * refactor(agent-task create): assign `Config` at instantiation * fix(agent-task create): only prompt for problem statement if not provided * fix(agent-task view): stop progress indicator before opening browser * test(agent-task view): enhance naming and stubs * test(agent-task view): add `--web` mode tests * feat(agent-task view): add `--web` mode * refactor: move Copilot Agents home URL to capi * fix(agent-task/capi): also return PR URL from `GetPullRequestDatabaseID` * Still prompt for task desc with -F * Add interactive prompt for task description in agent-task create * Fix default value in session selection prompt * Show session name instead of ID in agent-task list * docs(agent-task view): explain test case rationale * docs(agent-task view): explain when condition is met * docs(agent-task/capi): remove redundant comment * test(agent-task/capi): fix test case args * fix(agent-task/capi): skip unpopulated resource ID when hydrating * docs(agent-task/shared): add godoc to `SessionStateString` * test(agent-task view): update tests * fix(agent-task view): use lower limit for fetching sessions * fix(agent-task view): use `CapiClient.GetPullRequestDatabaseID` * fix(agent-task/capi): add `GetPullRequestDatabaseID` to `CapiClient` interface * test(agent-task/capi): add tests for `GetPullRequestDatabaseID` * feat(agent-task/capi): add `GetPullRequestDatabaseID` method * test(agent-task/capi): add tests for `GetSessionByResourceID` * feat(agent-task view): support PR arg * fix(agent-task/shared): add `SessionSymbol` func * test(agent-task/shared): add test for `IsSessionID` * fix(agent-task/shared): add `IsSessionID` * test(pr/shared): add test for `ParseFullReference` * fix(pr/shared): add `ParseFullReference` func * feat(agent-task/capi): add `ListSessionsByResourceID` method to `CapiClient` interface * feat(agent-task/capi): add `ListSessionsByResourceID` * test(agent-task view): add tests for the `view` command * feat(agent-task view): add `view` command * test(agent-task list): remove unused `stubs` * feat(agent-task/capi): add `GetSession` method to `CapiClient` interface * test(agent-task/capi): add tests for `GetSession` * feat(agent-task/capi): add `GetSession` method * refactor(agent-task/capi): populate PRs `IsDraft` * refactor(agent-task/capi): hydrate user data * test(agent-task create): quote file paths to pass CI on Windows * refactor(agent-task list): simplify cmd initialisation * refactor(agent-task create): remove redundant `if` * test(agent-task create): use `CapiClientMock` * fix(agent-task create): simplify command initialisation * test(agent-task list): update `TestNewCmdCreate` * fix(agent-task create): allow no positional arg * test(agent-task list): apply test args anyway * test(agent-task list): use `CapiClientMock` * test(agent-task list): update `TestNewCmdList` * refactor(agent-task/capi): drop embedding of unexported struct * test(agent-task/capi): add `CapiClientMock` * test(agent-task/capi): add `go:generate` directive to gen mock * test(agent-task/capi): add tests for job-related methods * test(agent-task/capi): add tests for session-related methods * fix(agent-task/capi): handle non-JSON error response * fix(agent-task/capi): improve returned errs * refactor(agent-task/capi): improve pagination * refactor(agent-task list): use shared `CapiClientFunc` * fix(agent-task/shared): add `CapiClientFunc` helper * Improve agent-task create command help text * Refactor test case struct in create_test.go * Add base branch option to agent task creation * Support reading task description from stdin * Increase backoff timing for agent task creation * Add file input support to agent-task create command * Update error messages and test repo handling in agent-task create * Simplify error handling in CreateJob response * Simplify stdout assertion in createRun test * Improve job error handling and update tests * Use Job struct in request * Escape URL path parameters in GetJob request * Escape owner and repo in job creation URL * Escape URL path segments in agent session links * Remove nil check for job in agentSessionWebURL * Update test to expect 500 error response * Update error message in createRun test * Remove redundant 'error:' prefix from repo error * Update command usage for agent task creation * Update agent-task create command argument handling * Add agent task creation command and job API * Add pager support to agent-task list output * Replace panic with require.FailNow in test * Add test for web mode with repo flag in listRun * Add comment on web dashboard filtering limitation * Add test case for negative limit in list command * Return NoResultsError when no agent tasks found * Add comment explaining error handling in listRun * Simplify time calculation in listRun test * Simplify BaseRepo assignment in list command * Handle repo resolution errors gracefully in agent-task list * Add --web flag to agent-task list command * Show default limit in agent-task list flag help * Add limit flag to agent-task list command * Add repo-scoped agent session listing support * Refactor session state color logic to shared package * Optimize session pull request hydration logic * Refactor error handling in generatePullRequestNodeID * Update API query name for session PR fetch * Refactor variable names in ListSessionsForViewer * Remove commented-out fields from sessionPullRequest * Refactor agent-task list command client initialization * Refactor session filtering in listRun function * Fix import alias for shared package in agent-task list * Add agent task listing command and CAPI client * Refactor agent task tests into table-driven format * Refactor test to use require.Empty assertion * Show help on agent-task command execution * Add agent-task command with OAuth token validation Update to version 2.79.0: * fix(featuredetection): remove redundant `AdvancedIssueSearchWebInIssuesTab` field * docs(featuredetection): remove unknown dates * docs(search prs): mention advanced issue search syntax support * docs(search issues): mention advanced issue search syntax support * docs(pr list): mention advanced issue search syntax support * docs(issue list): mention advanced issue search syntax support * refactor(search): rename `Query.String` to `StandardSearchString` * test(search): improve test cases * chore(deps): bump actions/stale from 9 to 10 * chore(deps): bump actions/setup-go from 5 to 6 * Bump sigstore/rekor to v1.4.1 * Remove mention of public preview in trustedroot.go * docs(featuredetection): add godoc for min GHES version for advanced issue search * docs(issue pr): fix incorrect formatting * docs(issue list): fix incorrect formatting * docs: add cleanup/future TODO marks for advanced issue search changes * docs(pr list): explain use of advanced issue search syntax * docs(issue list): explain use of advanced issue search syntax * test(issue/pr list): assert integration with advanced issue search * test(pr shared): assert `ListURLWithQuery` works with advanced search syntax * refactor(issue/pr list): support advanced issue search * docs(search): improve `Searcher.URL` method docs * docs(search prs): mention advanced issue search takeover * docs(search issues): mention advanced issue search takeover * docs(search): improve docs for `Query.String` and `Query.AdvancedIssueSearchString` methods * refactor(search): improve special qualifier grouping * test(search): test advanced search support * fix(search): use advanced issue search when available * refactor: improve mock feature detector names * refactor(search): sort qualifiers in query * test(search): provide feature detection dependency * fix(search): add feature detection dependency * test(search): explain why `is:` and `in:` qualifiers used in test case * fix(search): sort qualifiers in advacned issue search syntax * test(search): add tests for `AdvancedIssueSearchString` method * fix(search): add `AdvancedIssueSearchString` method * test(featuredetection): add tests for advanced issue search detection * fix(featuredetection): add feature detection for advanced issue search * test(cache delete): combine test cases for invalid/non-existent refs * test(cache delete): replace `HTTP 204` with `200` to match API behaviour * docs(cache delete): explain different API responses * test(cache delete): add test case for key arg and `--all` * refactor(cache delete): simplify error handling * refactor(cache delete): simplify condition * fix(cache): validate `--ref` flag usage with cache ID * fix(cache): prevent using `--ref` flag with cache ID * refactor(cache): extract cache ID parsing logic * fix(cache): update error message for missing cache key with `--ref` flag * chore(cache): improve help text for `--ref` flag in cache deletion * test(cache): add tests for `--ref` flag in cache deletion * feat(cache): add support for `--ref` flag in cache deletion * refactor: use slices.Equal to simplify code (#11364) * feat: `gh auth` Automatically copy one-time OAuth code to clipboard (#11518) * docs(release create): difference `--generate-notes` and `--notes-from-tag` (#11534) * Fix pr create when branch name contains slashes gh-2.81.0-bp157.2.12.1.src.rpm gh-2.81.0-bp157.2.12.1.x86_64.rpm gh-bash-completion-2.81.0-bp157.2.12.1.noarch.rpm gh-fish-completion-2.81.0-bp157.2.12.1.noarch.rpm gh-zsh-completion-2.81.0-bp157.2.12.1.noarch.rpm gh-2.81.0-bp157.2.12.1.i586.rpm gh-2.81.0-bp157.2.12.1.aarch64.rpm gh-2.81.0-bp157.2.12.1.ppc64le.rpm gh-2.81.0-bp157.2.12.1.s390x.rpm openSUSE-2025-397 moderate openSUSE Backports SLE-15-SP7 Update This update for skanpage fixes the following issues: - Work around a tesseract bug which causes a crash if /usr/share/tessdata doesn't exist (but doesn't if it's empty) (boo#1243103) - Recommend installing tesseract-ocr skanpage-23.08.5-bp157.2.3.1.src.rpm skanpage-23.08.5-bp157.2.3.1.x86_64.rpm skanpage-debuginfo-23.08.5-bp157.2.3.1.x86_64.rpm skanpage-lang-23.08.5-bp157.2.3.1.noarch.rpm skanpage-23.08.5-bp157.2.3.1.aarch64.rpm skanpage-debuginfo-23.08.5-bp157.2.3.1.aarch64.rpm skanpage-23.08.5-bp157.2.3.1.ppc64le.rpm skanpage-debuginfo-23.08.5-bp157.2.3.1.ppc64le.rpm skanpage-23.08.5-bp157.2.3.1.s390x.rpm skanpage-debuginfo-23.08.5-bp157.2.3.1.s390x.rpm openSUSE-2025-399 important openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: - Chromium 141.0.7390.107: * CVE-2025-11756: Use after free in Safe Browsing (boo#1252013) chromedriver-141.0.7390.107-bp157.2.67.1.x86_64.rpm chromium-141.0.7390.107-bp157.2.67.1.nosrc.rpm chromium-141.0.7390.107-bp157.2.67.1.x86_64.rpm chromedriver-141.0.7390.107-bp157.2.67.1.aarch64.rpm chromium-141.0.7390.107-bp157.2.67.1.aarch64.rpm chromedriver-141.0.7390.107-bp157.2.67.1.ppc64le.rpm chromium-141.0.7390.107-bp157.2.67.1.ppc64le.rpm openSUSE-2025-401 moderate openSUSE Backports SLE-15-SP7 Update This update for coredns fixes the following issues: - CVE-2025-58063: Fixed Lease ID Confusion (bsc#1249389) - Update to version 1.12.4: * bump deps * fix(transfer): goroutine leak on axfr err (#7516) * plugin/etcd: fix import order for ttl test (#7515) * fix(grpc): check proxy list length in policies (#7512) * fix(https): propagate HTTP request context (#7491) * fix(plugin): guard nil lookups across plugins (#7494) * lint: add missing prealloc to backend lookup test (#7510) * fix(grpc): span leak on error attempt (#7487) * test(plugin): improve backend lookup coverage (#7496) * lint: enable prealloc (#7493) * lint: enable durationcheck (#7492) * Add Sophotech to adopters list (#7495) * plugin: Use %w to wrap user error (#7489) * fix(metrics): add timeouts to metrics HTTP server (#7469) * chore(ci): restrict token permissions (#7470) * chore(ci): pin workflow dependencies (#7471) * fix(forward): use netip package for parsing (#7472) * test(plugin): improve test coverage for pprof (#7473) * build(deps): bump github.com/go-viper/mapstructure/v2 (#7468) * plugin/file: fix label offset problem in ClosestEncloser (#7465) * feat(trace): migrate dd-trace-go v1 to v2 (#7466) * test(multisocket): deflake restart by using a fresh port and coordinated cleanup (#7438) * chore: update Go version to 1.24.6 (#7437) * plugin/header: Remove deprecated syntax (#7436) * plugin/loadbalance: support prefer option (#7433) * Improve caddy.GracefulServer conformance checks (#7416) - Update to version 1.12.3: * chore: Minor changes to `Dockerfile` (#7428) * Properly create hostname from IPv6 (#7431) * Bump deps * fix: handle cached connection closure in forward plugin (#7427) * plugin/test: fix TXT record comparison for multi-chunk vs multiple records * plugin/file: preserve case in SRV record names and targets per RFC 6763 * fix(auto/file): return REFUSED when no next plugin is available (#7381) * Port to AWS Go SDK v2 (#6588) * fix(cache): data race when refreshing cached messages (#7398) * fix(cache): data race when updating the TTL of cached messages (#7397) * chore: fix docs incompatibility (#7390) * plugin/rewrite: Add EDNS0 Unset Action (#7380) * add args: startup_timeout for kubernetes plugin (#7068) * [plugin/cache] create a copy of a response to ensure original data is never modified * Add support for fallthrough to the grpc plugin (#7359) * view: Add IPv6 example match (#7355) * chore: enable more rules from revive (#7352) * chore: enable early-return and superfluous-else from revive (#7129) * test(plugin): improve tests for auto (#7348) * fix(proxy): flaky dial tests (#7349) * test: add t.Helper() calls to test helper functions (#7351) * fix(kubernetes): multicluster DNS race condition (#7350) * lint: enable wastedassign linter (#7340) * test(plugin): add tests for any (#7341) * Actually invoke make release -f Makefile.release during test (#7338) * Keep golang to 1.24.2 due to build issues in 1.24.3 (#7337) * lint: enable protogetter linter (#7336) * lint: enable nolintlint linter (#7332) * fix: missing intrange lint fix (#7333) * perf(kubernetes): optimize AutoPath slice allocation (#7323) * lint: enable intrange linter (#7331) * feat(plugin/file): fallthrough (#7327) * lint: enable canonicalheader linter (#7330) * fix(proxy): avoid Dial hang after Transport stopped (#7321) * test(plugin): add tests for pkg/rand (#7320) * test(dnsserver): add unit tests for gRPC and QUIC servers (#7319) * fix: loop variable capture and linter (#7328) * lint: enable usetesting linter (#7322) * test: skip certain network-specific tests on non-Linux (#7318) * test(dnsserver): improve core/dnsserver test coverage (#7317) * fix(metrics): preserve request size from plugins (#7313) * fix: ensure DNS query name reset in plugin.NS error path (#7142) * feat: enable plugins via environment during build (#7310) * fix(plugin/bind): remove zone for link-local IPv4 (#7295) * test(request): improve coverage across package (#7307) * test(coremain): Add unit tests (#7308) * ci(test-e2e): add Go version setup to workflow (#7309) * kubernetes: add multicluster support (#7266) * chore: Add new maintainer thevilledev (#7298) * Update golangci-lint (#7294) * feat: limit concurrent DoQ streams and goroutines (#7296) * docs: add man page for multisocket plugin (#7297) * Prepare for the k8s api upgrade (#7293) * fix(rewrite): truncated upstream response (#7277) * fix(plugin/secondary): make transfer property mandatory (#7249) * plugin/bind: remove macOS bug mention in docs (#7250) * Remove `?bla=foo:443` for `POST` DoH (#7257) * Do not interrupt querying readiness probes for plugins (#6975) * Added `SetProxyOptions` function for `forward` plugin (#7229) coredns-1.12.4-bp157.2.3.1.src.rpm coredns-1.12.4-bp157.2.3.1.x86_64.rpm coredns-extras-1.12.4-bp157.2.3.1.noarch.rpm coredns-1.12.4-bp157.2.3.1.aarch64.rpm coredns-1.12.4-bp157.2.3.1.ppc64le.rpm coredns-1.12.4-bp157.2.3.1.s390x.rpm openSUSE-2025-403 important openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: - Chromium 141.0.7390.122: * CVE-2025-12036: Inappropriate implementation in V8 (boo#1252402) chromedriver-141.0.7390.122-bp157.2.70.1.x86_64.rpm chromium-141.0.7390.122-bp157.2.70.1.nosrc.rpm chromium-141.0.7390.122-bp157.2.70.1.x86_64.rpm chromedriver-141.0.7390.122-bp157.2.70.1.aarch64.rpm chromium-141.0.7390.122-bp157.2.70.1.aarch64.rpm chromedriver-141.0.7390.122-bp157.2.70.1.ppc64le.rpm chromium-141.0.7390.122-bp157.2.70.1.ppc64le.rpm openSUSE-2025-409 moderate openSUSE Backports SLE-15-SP7 Update This update for exim fixes the following issues: - CVE-2025-53881: Fixed potential security issue with logfile rotation (boo#1246457). exim-4.98.2-bp157.5.1.src.rpm exim-4.98.2-bp157.5.1.x86_64.rpm eximon-4.98.2-bp157.5.1.x86_64.rpm eximstats-html-4.98.2-bp157.5.1.x86_64.rpm exim-4.98.2-bp157.5.1.aarch64.rpm eximon-4.98.2-bp157.5.1.aarch64.rpm eximstats-html-4.98.2-bp157.5.1.aarch64.rpm exim-4.98.2-bp157.5.1.ppc64le.rpm eximon-4.98.2-bp157.5.1.ppc64le.rpm eximstats-html-4.98.2-bp157.5.1.ppc64le.rpm exim-4.98.2-bp157.5.1.s390x.rpm eximon-4.98.2-bp157.5.1.s390x.rpm eximstats-html-4.98.2-bp157.5.1.s390x.rpm openSUSE-2025-410 moderate openSUSE Backports SLE-15-SP7 Update This update for etcd fixes the following issue: - etcd 3.5.21 is provided as an intermediate version for transitioning from 3.5.x to 3.6.x. etcd-3.5.21-bp157.2.6.1.src.rpm etcd-3.5.21-bp157.2.6.1.x86_64.rpm etcdctl-3.5.21-bp157.2.6.1.x86_64.rpm etcdutl-3.5.21-bp157.2.6.1.x86_64.rpm etcd-3.5.21-bp157.2.6.1.aarch64.rpm etcdctl-3.5.21-bp157.2.6.1.aarch64.rpm etcdutl-3.5.21-bp157.2.6.1.aarch64.rpm etcd-3.5.21-bp157.2.6.1.ppc64le.rpm etcdctl-3.5.21-bp157.2.6.1.ppc64le.rpm etcdutl-3.5.21-bp157.2.6.1.ppc64le.rpm etcd-3.5.21-bp157.2.6.1.s390x.rpm etcdctl-3.5.21-bp157.2.6.1.s390x.rpm etcdutl-3.5.21-bp157.2.6.1.s390x.rpm openSUSE-2025-415 moderate openSUSE Backports SLE-15-SP7 Update This update for etcd provides the current version 3.6.5. etcd-3.6.5-bp157.2.9.1.src.rpm etcd-3.6.5-bp157.2.9.1.x86_64.rpm etcdctl-3.6.5-bp157.2.9.1.x86_64.rpm etcdutl-3.6.5-bp157.2.9.1.x86_64.rpm etcd-3.6.5-bp157.2.9.1.aarch64.rpm etcdctl-3.6.5-bp157.2.9.1.aarch64.rpm etcdutl-3.6.5-bp157.2.9.1.aarch64.rpm etcd-3.6.5-bp157.2.9.1.ppc64le.rpm etcdctl-3.6.5-bp157.2.9.1.ppc64le.rpm etcdutl-3.6.5-bp157.2.9.1.ppc64le.rpm etcd-3.6.5-bp157.2.9.1.s390x.rpm etcdctl-3.6.5-bp157.2.9.1.s390x.rpm etcdutl-3.6.5-bp157.2.9.1.s390x.rpm openSUSE-2025-411 moderate openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: - Chromium 142.0.7444.59 - Chromium 142.0.7444.52 chromedriver-142.0.7444.59-bp157.2.73.1.x86_64.rpm chromium-142.0.7444.59-bp157.2.73.1.nosrc.rpm chromium-142.0.7444.59-bp157.2.73.1.x86_64.rpm chromedriver-142.0.7444.59-bp157.2.73.1.aarch64.rpm chromium-142.0.7444.59-bp157.2.73.1.aarch64.rpm chromedriver-142.0.7444.59-bp157.2.73.1.ppc64le.rpm chromium-142.0.7444.59-bp157.2.73.1.ppc64le.rpm openSUSE-2025-418 moderate openSUSE Backports SLE-15-SP7 Update This update for git-bug fixes the following issues: - Revendor to include golang.org/x/net/html v 0.45.0 to prevent possible DoS by various algorithms with quadratic complexity when parsing HTML documents (boo#1251463, CVE-2025-47911 and boo#1251664, CVE-2025-58190). - Update to version 0.10.1: - cli: ignore missing sections when removing configuration (ddb22a2f) - Update to version 0.10.0: - bridge: correct command used to create a new bridge (9942337b) - web: simplify header navigation (7e95b169) - webui: remark upgrade + gfm + syntax highlighting (6ee47b96) - BREAKING CHANGE: dev-infra: remove gokart (89b880bd) - Update to version 0.10.0 - bridge: correct command used to create a new bridge (9942337b) - web: simplify header navigation (7e95b169) - web: remark upgrade + gfm + syntax highlighting (6ee47b96) - Update to version 0.9.0: - completion: remove errata from string literal (aa102c91) - tui: improve readability of the help bar (23be684a) - Update to version 0.8.1+git.1746484874.96c7a111: * docs: update install, contrib, and usage documentation (#1222) * fix: resolve the remote URI using url.*.insteadOf (#1394) * build(deps): bump the go_modules group across 1 directory with 3 updates (#1376) * chore: gofmt simplify gitlab/export_test.go (#1392) * fix: checkout repo before setting up go environment (#1390) * feat: bump to go v1.24.2 (#1389) * chore: update golang.org/x/net (#1379) * fix: use -0700 when formatting time (#1388) * fix: use correct url for gitlab PATs (#1384) * refactor: remove depdendency on pnpm for auto-label action (#1383) * feat: add action: auto-label (#1380) * feat: remove lifecycle/frozen (#1377) * build(deps): bump the npm_and_yarn group across 1 directory with 12 updates (#1378) * feat: support new exclusion label: lifecycle/pinned (#1375) * fix: refactor how gitlab title changes are detected (#1370) * revert: "Create Dependabot config file" (#1374) * refactor: rename //:git-bug.go to //:main.go (#1373) * build(deps): bump github.com/vektah/gqlparser/v2 from 2.5.16 to 2.5.25 (#1361) * fix: set GitLastTag to an empty string when git-describe errors (#1355) * chore: update go-git to v5@masterupdate_mods (#1284) * refactor: Directly swap two variables to optimize code (#1272) * Update README.md Matrix link to new room (#1275) - Update to version 0.8.0+git.1742269202.0ab94c9: * deps(crypto): bump golang.org/x/crypto from v0.26.0 to v0.31.0 (fix for CVE-2024-45337) (#1312) git-bug-0.10.1-bp157.2.3.1.src.rpm git-bug-0.10.1-bp157.2.3.1.x86_64.rpm git-bug-bash-completion-0.10.1-bp157.2.3.1.noarch.rpm git-bug-fish-completion-0.10.1-bp157.2.3.1.noarch.rpm git-bug-zsh-completion-0.10.1-bp157.2.3.1.noarch.rpm git-bug-0.10.1-bp157.2.3.1.i586.rpm git-bug-0.10.1-bp157.2.3.1.aarch64.rpm git-bug-0.10.1-bp157.2.3.1.ppc64le.rpm git-bug-0.10.1-bp157.2.3.1.s390x.rpm openSUSE-2025-419 moderate openSUSE Backports SLE-15-SP7 Update This update for bash-git-prompt fixes the following issues: - Fixed insecure predictable /tmp file usage (boo#1247489). bash-git-prompt-2.7.1-bp157.2.3.1.noarch.rpm bash-git-prompt-2.7.1-bp157.2.3.1.src.rpm openSUSE-2025-414 important openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: Security fixes (boo#1252881): * CVE-2025-12428: Type Confusion in V8 * CVE-2025-12429: Inappropriate implementation in V8 * CVE-2025-12430: Object lifecycle issue in Media * CVE-2025-12431: Inappropriate implementation in Extensions * CVE-2025-12432: Race in V8 * CVE-2025-12433: Inappropriate implementation in V8 * CVE-2025-12434: Race in Storage * CVE-2025-12435: Incorrect security UI in Omnibox * CVE-2025-12436: Policy bypass in Extensions * CVE-2025-12437: Use after free in PageInfo * CVE-2025-12438: Use after free in Ozone * CVE-2025-12439: Inappropriate implementation in App-Bound Encryption * CVE-2025-12440: Inappropriate implementation in Autofill * CVE-2025-12441: Out of bounds read in V8 * CVE-2025-12443: Out of bounds read in WebXR * CVE-2025-12444: Incorrect security UI in Fullscreen UI * CVE-2025-12445: Policy bypass in Extensions * CVE-2025-12446: Incorrect security UI in SplitView * CVE-2025-12447: Incorrect security UI in Omnibox chromedriver-142.0.7444.59-bp157.2.76.1.x86_64.rpm chromium-142.0.7444.59-bp157.2.76.1.nosrc.rpm chromium-142.0.7444.59-bp157.2.76.1.x86_64.rpm chromedriver-142.0.7444.59-bp157.2.76.1.aarch64.rpm chromium-142.0.7444.59-bp157.2.76.1.aarch64.rpm chromedriver-142.0.7444.59-bp157.2.76.1.ppc64le.rpm chromium-142.0.7444.59-bp157.2.76.1.ppc64le.rpm openSUSE-2025-424 moderate openSUSE Backports SLE-15-SP7 Update This update for catfish, elementary-xfce-icon-theme, gigolo, libxfce4ui, libxfce4windowing, menulibre, orage, parole, pragha, thunar, thunar-archive-plugin, thunar-media-tags-plugin, thunar-shares-plugin, thunar-vcs-plugin, tumbler, xfburn, xfce4-battery-plugin, xfce4-calculator-plugin, xfce4-clipman-plugin, xfce4-cpufreq-plugin, xfce4-cpugraph-plugin, xfce4-dict, xfce4-diskperf-plugin, xfce4-docklike-plugin, xfce4-eyes-plugin, xfce4-fsguard-plugin, xfce4-genmon-plugin, xfce4-mailwatch-plugin, xfce4-mount-plugin, xfce4-mpc-plugin, xfce4-netload-plugin, xfce4-notes-plugin, xfce4-panel, xfce4-panel-profiles, xfce4-places-plugin, xfce4-screenshooter, xfce4-sensors-plugin, xfce4-session, xfce4-settings, xfce4-smartbookmark-plugin, xfce4-stopwatch-plugin, xfce4-systemload-plugin, xfce4-taskmanager, xfce4-time-out-plugin, xfce4-timer-plugin, xfce4-verve-plugin, xfce4-wavelan-plugin, xfce4-weather-plugin, xfce4-whiskermenu-plugin, xfce4-xkb-plugin, xfdashboard, xfdesktop, xfmpc fixes the following issues: Changes in catfish: - Update to version 4.20.1 - build: Require defs.py - build: Relax meson requirements - build: Document dependency version requirements - Prevent selection change on right-click - Support opening multiple files with enter key - Improve TreeView performance - Deprecated exo with libxfce4ui 4.21.0 - Update files found in real time - Display search time in status bar - Fix unintended search - Add hotkey for copy location - Add delete hotkey - Rename Files - Add a context menu option to send selected files to a folder - Complete copyright in about dialog - Translation Updates - Update to version 0.21+git12.dff5c11f with the following highlights: * Major New Feature: HiDPI Support * Application Icons: Many application icons were added or redesigned from scratch * File Type Icons (Mimetypes): icons for different file types were added or updated * System & Status Icons: A major effort was made to colorize and unify the panel and status indicator icons. * Theme Removal: The -darker and -darkest theme variants have been removed * File Deletion: A massive number of unused, duplicate, and broken symlinks were removed across all icon categories. * App Icon Removal: Icons for old or less common applications were removed to streamline the theme. * Better Standards Compliance: The theme was updated to improve compliance with the FreeDesktop.org Icon Specification. * License Update: The project's license was updated to GPLv3. Changes in gigolo: - Update to version 0.6.0 * Update README after switchover to meson * Add suport to Meson * Replace deprecated exo with libxfce4ui 4.21.0 * Translation Updates Changes in libxfce4ui: - Update to version 4.20.2 * clipboard-manager: Use GtkClipboard iff image-only format is available * I18n: Update po/LINGUAS list * clipboard-manager: Fix potential leak on targets * clipboard-manager: Use separate struct for each call to set_with_data() * clipboard-manager: Use GtkTargetList instead of manual allocation * Translation Updates Changes in libxfce4windowing: - Update to version 4.20.4 * XfwMonitorWayland: Delay monitor finalization until gdk data are set * XfwSeatWayland: Store global name for matching when seat is removed * XfwMonitorWayland: Fix release order in _global_removed() * XfwMonitorManagerWayland: Use g_hash_table_iter_remove when iterating * XfwMonitorWayland: Store global name for matching when output is removed * XfwScreenWayland: Rename id to name in registry_global(_remove)? * XfwMonitorWayland: Don't make XfwScreen emit signal with null monitor * XfwWorkspaceGroupWayland: Connect to XfwScreen::monitor-(added|removed) * Add mnemonics for workspace names in workspace menu * Revert "Update README after switchover to meson" * Update README after switchover to meson * Destroy wl_output & xdg_output together when wl_output global removed * XfwWorkspaceWayland: Fix typo * XfwWorkspace: Fix id property management * Defer binding to the workspace manager until after we have the outputs * I18n: Update po/LINGUAS list * meson-build: Add Vala language bindings option * Translation Updates - Update to version 4.20.3: - Support absolute icon paths - meson-build: Add GNU visibility files to sources - I18n: Update po/LINGUAS list - autotools-build: Search for xdt-gen-visibility also in the working tree - build: Automate copyright year management - docs: Fix warnings - XfwWindowX11: Fix memory leak - Try to match the app id in lower case to find the .desktop file - XfwWindowX11: Keep a ref on workspace - XfwWnckIcon: Fix wrong compare func - meson-build: Add missing conditional for ext-workspace - meson-build: Reintroduce tests option - meson-build: Use SPDX license expression - meson-build: Specify wayland-scanner as a native dependency - meson-build: Update debug/optimization flag management - Translation Updates Changes in menulibre: - update to version 2.4.0: * Improved desktop environment integration * The new "Exec Editor" makes editing command arguments easier * Help dialogs replace the wall-of-text tooltips * Separators are displayed in the sidebar again * Numerous UX tweaks make MenuLibre easier on the eyes Changes in orage: - Update to version 4.20.2 * Changed recurrence limits from 100 to 9999 (MR !78). * Minor cleanup of log messages. Changes in parole: - Update to version 4.12.0 * Update README after switchover to meson * build: Automate copyright year management * Add meson build * build: Use @ENUMPREFIX@ in glib-mkenums template * build: Simplify desktop file generation * build: Fix shellcheck issues in mime scripts * build: Remove clutter support * build: Replace xdt-csource with glib-compile-resources * Translation Updates Changes in pragha: - Drop rygel-devel BuildRequires, what pragha checks for is pkgconfig(rygel-server-2.6), and currently rygel-devel provides pkgconfig(rygel-server-2.8). Changes in thunar-archive-plugin: - Update to version 0.6.0 * Update README after switchover to meson * Fix -Wunterminated-string-initialization warnings with GCC 15.1 * Add Meson support * Remove deprecated and unused exo * Translation Updates Changes in thunar-media-tags-plugin: - Update to version 0.6.0: * Update README after switchover to meson * Add support to Meson * Translation Updates Changes in thunar-shares-plugin: - Update to version 0.5.0: * Update README after switchover to meson * Add support to Meson * Translation Updates Changes in thunar: - Update to 4.20.5 * Prevent GFileMonitor leak for folders (#1724) * Don't use variables for strings in ngettext (#1683) * Fix 'MOUNTED' state on file reload when unmounted * Translation Updates - Update to 4.20.5 * Update shortcut model asynchronously (#1022) * Clear selection before updating selection (#1672) * Translation Updates - Dropped git bcond as we no longer use it - Update to 4.20.4 * Improve file add/remove checks for ThunarFolder (#1649) * Properly update view after hidden file rename * Always reload ThunarFiles on change notice (#1650) * Directly notify after file reload (#1650) * Set initial state of "Restore" button (#1663) * Fix quoting when running shell scripts in a terminal (#1661) * Avoid use-after-free in rename dialog when file is changed * Fix a GFile leak in _thunar_io_jobs_rename * Fix use-after-free in thunar_renamer_dialog_response (#1458) * Fix use-after-free on exit with search tabs open (#1593) * Translation Updates - Update to 4.20.3 * Always warn user before permanent deleting files * Fix string leaks when UCAs use a submenu * Fix a potential leak in thunar_action_manager_append_custom_actions * Fix leaks with ThunarMenuX objects * Fix thunarx_menu_get_items leak when multiple UCAs share a submenu * Fix refresh on row-changed in list view (#1584) * Add missing NULL check before unref call * Fix popup position of DnD menu * UCA: Correct PWD for submenu folder items (#1615) * wayland: Fix popup menu not closing (#1592) * Check if file exists before opening its location (#1257) * Prevent popups on wrong window (#1591) * thunar-tpa: Fix libxfce4panel include * Prevent criticals when switching current view (#1344) * Fix crash when destroying folder in list view (#1330) (#1568) * Fix crash in properties dialog (#1585) * Fix invalid filenames when copying to exFAT FS (#1570) * Fix typo in preferences dialog * Hide shortcuts editor when accel map uninitialized (#1488) * Update statusbar when searching (#1560) * Always update statusbar on file changes in list view (#1560) * Fix item activation on double-click in list view (#1567) * Use 'malloc_trim' after search (#1552) * Fix missing dialog for folder errors in list view (#1538) * Fix leak on search update * Fix missing dialog window icon (#1506) * Fix leaks on "cancel search" * Properly check if a file can be trashed (#1554) * Translation Updates Changes in thunar-vcs-plugin: - Update to 0.4.0: Meson has been added as a build system in this release, and the associated archive has been generated by 'meson dist'. Although autotools has been retained for the time being and can still be used via 'autogen.sh', meson is now the preferred build system, and autotools will be removed in a future release. * Update README after switchover to meson * Fix a ThunarxMenu leak in tvp_svn_action_create_menu_item * Fix a ThunarxMenu leak in tvp_git_action_create_menu_item * Fix string leaks in git-log parser * Fix warnings * Add support to Meson * Fix a -Wunused-macros warning with GCC * Replace deprecated exo with libxfce4ui 4.21.0 * Translation Updates - Don't install the ...16x16/apps/subversion.png icon as it creates a file conflict with package kdevelop. Changes in tumbler: - Update to version 4.20.1: * Update Copyright year * gepub-thumbnailer: Get pixbuf in "area-prepared" signal handler * gst-thumbnailer: Fix TumblerThumbnailFlavor leak * ffmpeg-thumbnailer: Update mime type list from upstream desktop file * xdg-cache: Fix TumblerThumbnailFlavor leaks * cover-thumbnailer: Capture regex matchinfo for series episodes * cover-thumbnailer: Update the base URL for TMDB * cover-thumbnailer: Use correct parameter types with curl * poppler-thumbnailer: Only use embedded thumbnail if resolution suffices * gst-thumbnailer: Make mime type checking more flexible * Translation Updates - Replace packageand(package1:package2) with (package1 and package2) - tumbler-folder-thumbnailer and tumbler-webp-thumbnailer are noarch packages. Changes in xfburn: - Update to version 0.8.0 * Add support for Meson * Support large BD discs (thanks @ToddAWalter) * Check for ID_TYPE "cd/dvd" (thanks @luik) * Update xfburn.desktop.in file * Replace deprecated exo with libxfce4ui 4.21.0 * Remove dead code * I18n: Update po/LINGUAS list * Translation Updates Changes in xfce4-battery-plugin: - Update to version 1.2.0 Meson has been added as a build system in this release, and the associated archive has been generated by 'meson dist'. Although autotools has been retained for the time being and can still be used via 'autogen.sh', meson is now the preferred build system, and autotools will be removed in a future release. * Update README after switchover to meson * build: Automate copyright year management * meson-build: Use shared_module() * Replace deprecated exo with libxfce4ui 4.21.0 * meson-build: Do not install Makefile.in * build: Use VERSION_FULL instead of PACKAGE_VERSION * Add meson build * Translation Updates Changes in xfce4-calculator-plugin: - Update to version 0.8.0: Meson has been added as a build system in this release, and the associated archive has been generated by 'meson dist'. Although autotools has been retained for the time being and can still be used via 'autogen.sh', meson is now the preferred build system, and autotools will be removed in a future release. * Update README after switchover to meson * autotools-build: Explicitly require glib, gtk3 * build: Automate copyright year management * meson-build: Use shared_module() * I18n: Update po/LINGUAS list * build: Fix -Werror={missing-declarations,old-style-definition} * Add meson build * Remove generated gmon.out * tests: Use PATH to search for calctest program * I18n: Update po/LINGUAS list * Translation Updates Changes in xfce4-clipman-plugin: - Update to version 1.7.0: Meson has been added as a build system in this release, and the associated archive has been generated by 'meson dist'. Although autotools has been retained for the time being and can still be used via 'autogen.sh', meson is now the preferred build system, and autotools will be removed in a future release. * Update README after switchover to meson * build: Automate copyright year management * build: Replace xdt-csource with glib-compile-resources * meson-build: Use shared_module() * Replace deprecated exo with libxfce4ui 4.21.0 * Use HTTPS for action URLs * history: Add missing sanity checks * history: Update size when max values change at runtime * history: Fix truncation when max_images changes * collector: Avoid default clipboard restoration while waiting for image * tests: Print more test results * gcc-analyzer: Adapt regexes to meson * Add meson build * build: Add missing dep flags * Translation Updates Changes in xfce4-cpufreq-plugin: - Update to version 1.3.0: Meson has been added as a build system in this release, and the associated archive has been generated by 'meson dist'. Although autotools has been retained for the time being and can still be used via 'autogen.sh', meson is now the preferred build system, and autotools will be removed in a future release. * Update README after switchover to meson * build: Automate copyright year management * meson-build: Use shared_module() * build: Add missing check for malloc_trim * Add meson build * autotools-build: Remove gthread-2.0 dependency * autotools-build: Don't build libxfce4_pp * overview: Make cpufreq overview scrollable * I18n: Update po/LINGUAS list * Translation Updates Changes in xfce4-cpugraph-plugin: - Update to version 1.3.0 - Update README after switchover to meson - autotools-build: Explicitly require glib, gtk3, libxfce4util - build: Automate copyright year management - meson-build: Use shared_module() - cpu.h: Fix -Wundef warning - Add meson build - Translation Updates Changes in xfce4-dict: - Update to version 0.8.9 * Hide web search link in results if not set * Fix enchant binary names * autotools-build: Add missing compile flags * meson-build: Remove --manual-register flag from compile_resources() * Replace deprecated exo with libxfce4ui 4.21.0 * Meson version can be older * build: Automate copyright year management * Add suport to Meson * I18n: Update po/LINGUAS list * Remove x11 includes * Drop libx11 as dependency * Translation Updates Changes in xfce4-diskperf-plugin: - Update to version 2.8.0 - Update README after switchover to meson - autotools-build: Explicitly require glib, gtk3, libxfce4util - build: Automate copyright year management - meson-build: Use shared_module() - Add meson build - I18n: Update po/LINGUAS list - Translation Updates Changes in xfce4-docklike-plugin: - Update to version 0.5.0 - Update README after switchover to meson - Add missing files to translate and fix about dialog - Fix licensing - GroupMenuItem: Show window action menu as context menu - Group: Remove window action menu from context menu - x11: Add exceptions where instance-id should be preferred to class-id - Group: Don't show group menu when context menu is shown - Allow user to create a launcher if not found - AppInfos: Print a warning if app launch fails - cleanup: AppInfos: Use class member instead of creating new object - cleanup: AppInfos: Use naming conventions of other objects - AppInfos: Avoid using hard-coded aliases - Allow user to manually select a launcher if not found - Helpers: Extend String::pathBasename and use it everywhere - AppInfos: Extend excluded binary list and use a container - cleanup: Replace NULL/TRUE with nullptr/true - autotools-build: Explicitly require libxfce4util - build: Automate copyright year management - meson-build: Use shared_module() - Activate/minimize all group windows on left click on the group icon - Replace deprecated exo with libxfce4ui 4.21.0 - Group: Reset mTopWindowIndex when it becomes out of bounds - Revert "Group: Reset mTopWindowIndex when active window becomes inactive" - Group: Reset mTopWindowIndex when active window becomes inactive - Fix several issues with context menu for undockable apps - Fix memory leak when getting indicator color from theme - Add meson build - autotools-build: Require libXi - {State,Store}.ipp: Renamed from {State,Store}.tpp - I18n: Update po/LINGUAS list - Translation Updates Changes in xfce4-eyes-plugin: - Update to version 4.7.0 - Update README after switchover to meson - autotools-build: Explicitly require libxfce4util - build: Automate copyright year management - meson-build: Use shared_module() - Add about dialog - Add meson build - themes: Unify capitalization in file names - Translation Updates Changes in xfce4-fsguard-plugin: - Update to version 1.2.0 - Update README after switchover to meson - autotools-build: Explicitly require glib, gtk3 - build: Automate copyright year management - meson-build: Use shared_module() - Replace deprecated exo with libxfce4ui 4.21.0 - Add about dialog - Add meson build - Fix memory leak - Translation Updates Changes in xfce4-genmon-plugin: - Update to version 4.3.0 - Update README after switchover to meson - autotools-build: Explicitly require glib, gtk3 - meson-build: Use shared_module() - Replace deprecated exo with libxfce4ui 4.21.0 - build: Automate copyright year management - Add meson build - autotools-build: Explicitly require libxfce4util - Fix libxfce4panel include - Translation Updates Changes in xfce4-mailwatch-plugin: - Update to version 1.4.0 * autotools-build: Explicitly require libxfce4util * meson-build: Use shared_module() * Replace deprecated exo with libxfce4ui 4.21.0 * build: Automate copyright year management * Add meson build * Fix incomplete use of XfceTitledDialog * Translation Updates Changes in xfce4-mount-plugin: - Update to version 1.2.0 * autotools-build: Explicitly require glib, gtk3 * meson-build: Use shared_module() * Replace deprecated exo with libxfce4ui 4.21.0 * gcc-analyzer: Adapt regexes to meson * README: Remove outdated version info * build: Automate copyright year management * Add meson build * autotools-build: Explicitly require libxfce4util * Fix libxfce4panel include * Translation Updates Changes in xfce4-mpc-plugin: - Update to version 0.6.0 * autotools-build: Explicitly require glib, gtk3 * meson-build: Use shared_module() * build: Automate copyright year management * Add meson build * autotools-build: Explicitly require libxfce4util * Reapply "build: Use #ifdef instead of #if" * Only define HAVE_LIBMPD when libmpd is found * Translation Updates Changes in xfce4-netload-plugin: - Update to version 1.5.0 * meson-build: Use shared_module() * commandline: Fix -Werror={missing-declarations,suggest-attribute=noreturn} * build: Automate copyright year management * Add meson build * netload: Fix link to wiki page * autotools-build: Fix typo * autotools-build: Explicitly require glib, gtk3, libxfce4util * Translation Updates Changes in xfce4-notes-plugin: - Update to version 1.12.0 * meson-build: Use shared_module() * Replace deprecated exo with libxfce4ui 4.21.0 * build: Automate copyright year management * Add meson build * Translation Updates Changes in xfce4-panel-profiles: - Update to version 1.1.1 - build: Allow skip checking runtime dependencies - Parameterize version and copyright year in man page - Bump version in configure - Update to version 1.1.0 - Update README after switchover to meson - build: Automate copyright year management - org.xfce.PanelProfiles.desktop: Unbreak desktop-file-validate - build: Require libxfce4ui 4.16.0 - Add about dialog - Add meson build - Deprecated exo with libxfce4ui 4.21.0 - I18n: Update po/LINGUAS list - Save and restore launchers as is - Translation Updates Changes in xfce4-panel: - Update to version 4.20.5 * wayland: panel: Ensure panel window is shown at least once * panel: Don't show panel window too early * panel: Restrict X-XFCE-Unique=SCREEN to X11 * Fix string comparison when searching for plugin dirs * wayland: Support multiple workspace groups where it makes sense * tasklist: Deactivate context menu when its button is destroyed * x11: Let GtkSocket expand if possible * libxfce4panel: Restore possibility to oversize icons * wayland: autohide: Try to trigger size_allocate() more reliably * panel: Show window when new output is connected * Translation Updates Changes in xfce4-places-plugin: - Update to version 1.9.0 * Replace deprecated exo with libxfce4ui 4.21.0 * build: Require gio-unix-2.0 * build: Automate copyright year management * Add meson build * Add about dialog * I18n: Update po/LINGUAS list * Translation Updates Changes in xfce4-screenshooter: - Update to 1.11.2 * Fully free a GSList to fix a leak * Fix a string leak in screenshooter_get_filename_for_uri * Properly free a GdkPixbuf to fix a leak * meson-build: Fix manpage install dir * Improve selection background in black surfaces * Fix xfce_resource_save_location leak in main * Replace deprecated exo with libxfce4ui 4.21.0 * Remove imgur upload custom action automatically * Fix build with autotools * Drop Imgur custom action * preferences: Add link to the documentation for custom actions examples * Add support to Meson * Update xfce4-screenshooter.1 * Fix segfault in another location * Fix segfault when app command is NULL (#132) * Improved imgur upload script * Add support to WL_SHM_FORMAT_BGR888 * Check if file was correctly open before using it * Revert "Only restrict file permissions after sucessfully writing them" * Fix blurred preview images at scale >1 * Only restrict file permissions after sucessfully writing them * Translation Updates Changes in xfce4-sensors-plugin: - Update to version 1.5.0 * build: Automate copyright year management * Add meson build * autotools-build: xfce4-sensors.1.in -> xfce4-sensors.1 * autotools-build: Remove spec files * autotools-build: Make libxfce4sensors internal * autotools-build: Don't build libxfce4_pp * Fix libxfce4panel include * Translation Updates Changes in xfce4-session: - Add mic-mute and Windows-key handling for Wayland labwc (boo#1248802) - Yet more default key binding for Wayland labwc (boo#1248802) - Add more default key bindings for Wayland with labwc (boo#1248802): - Drop the previous workaround patch for wayland startup (boo#1247542): - Reduce the timeout for auto-start on Wayland (boo#1247542); This is a temporary workaround for the too slow start-up on Wayland desktop. Currently the error is ignored in anyway. - Use '?' for SUSE macro expansion, so that quilt setup works. - Update to version 4.20.3: * wayland: startxfce4: Remove definition of SDL_VIDEODRIVER variable * Add xapp for Settings in xfce-portals.conf * startxfce4: Add check for /etc/vconsole.conf * labwc: Add some default config values * xfce-portals.conf: Add wlr for ScreenCast * startxfce4: Improve keyboard layout detection on wayland * wayland: start a D-Bus session only if there isn't one already * Use syntax compatible with most sh shells. * labwc: Add window snapping range - Fix the audio mixer invocation on Wayland (boo#1247640): Changes in xfce4-settings: - Update to version 4.20.2: * display: Add/improve some debug logs * wayland: displays: Don't wl_display_roundtrip() on new output * settings-editor: Fix -Wcomma warning * common: Fix memory leak * common: Be more secure when parsing pnp.ids file * x11: display: Properly take XRRModeFlags into account * xfsettingsd: Use 2 decimals in warning about unknown mode * build: Fix resource not found at runtime * build: Automate copyright year management * build: Replace xdt-csource with glib-compile-resources * build: Define xfce4 min version >= 4.18 * display-settings: Add missing update of /ActiveProfile * Translation Updates Changes in xfce4-smartbookmark-plugin: - Update to version 0.6.0 - Update README after switchover to meson - build: Automate copyright year management - Add meson build - Add about dialog - Replace deprecated exo with libxfce4ui 4.21.0 - Translation Updates Changes in xfce4-stopwatch-plugin: - Update to 0.6.0 - Update README after switchover to meson - build: Automate copyright year management - Add meson build - Add about dialog - autotools-build: Avoid versioning libstopwatch - I18n: Update po/LINGUAS list - Translation Updates Changes in xfce4-systemload-plugin: - Update to 1.4.0 - Update README after switchover to meson - build: Automate copyright year management - Add meson build - autotools-build: Explicitly require glib, gtk3, libxfce4util - Fix libxfce4panel include - Translation Updates Changes in xfce4-taskmanager: - Update to version 1.6.0 - Update README after switchover to meson - process-window: Fix wrong use of g_signal_emit_by_name() - Fix process window being destroyed when status icon is visible - Remove manual registration of resources - Unify gresource files - Add support to Meson - build: Add missing dep flags - Translation Update Changes in xfce4-time-out-plugin: - Update to version 1.2.0 - Update README after switchover to meson - build: Automate copyright year management - Add meson build - autotools-build: Explicitly require libxfce4util - Fix libxfce4panel include - Translation Updates Changes in xfce4-timer-plugin: - Update to version 1.8.0 - Update README after switchover to meson - build: Automate copyright year management - Add meson build - Translation Updates Changes in xfce4-verve-plugin: - Update to version 2.1.0 - Update README after switchover to meson - build: Automate copyright year management - Add meson build - Add about dialog - build: Remove unused verve-dbus-service code - Replace deprecated exo with libxfce4ui 4.21.0 - Fix libxfce4panel include Changes in xfce4-wavelan-plugin: - Update to version 0.7.0 - Update README after switchover to meson - build: Automate copyright year management - Add meson build - Remove unused inline-icons.h - autotools-build: Explicitly require libxfce4util - Translation Updates Changes in xfce4-weather-plugin: - Update to 0.12.0 - Update README after switchover to meson - build: Automate copyright year management - Add meson build - build: Replace xdt-csource with glib-compile-resources - Replace deprecated exo with libxfce4ui 4.21.0 - prefs-dialog: Fix help button behavior - prefs-dialog: Fix typo - build: Bump dependency versions and fix deprecation warnings - I18n: Update po/LINGUAS list - I18n: Update po/LINGUAS list - Alignment fixes, only use single row when labels not shown - Make libsoup v3 support optional - Report UPower Glib support - libsoup: Port to libsoup-3.0 - parsers: Generalise input to array of gchar - libxfce4ui: Avoid deprecated functions - Translation Updates Changes in xfce4-whiskermenu-plugin: - Update to version 2.10.0 - Add meson build - po: Add LINGUAS and POTFILES - Remove outdated install instructions - Remove unused search flags variable - Replace deprecated exo with libxfce4ui 4.21.0 - Fix missing declaration warning - Fix shadowed variables - Fix unused lambda capture warning - Translation Updates Changes in xfce4-xkb-plugin: - Update to version 0.9.0 - Update README after switchover to meson - Remove vertical white line at left in the Mexican SVG flag (mx.svg) - Fix corrupted Argentinian SVG flag (ar.svg) - Optimize SVG flags using SVGO (https://github.com/svg/svgo) - build: Automate copyright year management - Add meson build - autotools-build: Install flags/me.svg - Fix libxfce4panel include - Translation Updates Changes in xfdashboard: - Update to 1.1.0 * Update README after switchover to meson * build: Fix -Wunused-but-set-variable * x11: Set wnck client type at the very first call * build: Fix -Werror=undef * Add meson build * build: Automate copyright year management * build: Unbreak example-search-provider * build: Install version.h * build: Drop dead code with glib 2.66 * build: Require clutter 1.24.0 * build: Require xfce 4.16.0 * build: Require gtk 3.22.0 * Replace deprecated exo with libxfce4ui 4.21.0 * I18n: Update po/LINGUAS list * I18n: Update po/LINGUAS list * I18n: Update po/LINGUAS list * I18n: Update po/LINGUAS list * xfdashboard: Fix translation in g_option_context_set_summary * build: Fix gettext warning about empty string * build: Use XDT_VERSION_INIT and get rid of configure.ac.in * build: Workaround *.theme translation * build: Switch from intltool to gettext * build: Fix deprecation warnings from glib * build: Fix redefined glib macros * build: Add new debug option to AS_CASE * Raise required minimum version of Glib 2.66 due to some functions of Glib used without #ifdef's and alternatives * Add icons at missing sizes, clean up SVG metadata * Remove ENABLE_NLS ifdefs * Post-release version bump to 1.1.0 * Translation Updates - Regenerate xfdashboard-desktop-category.diff and xfdashboard-desktopfile-without-binary.diff - Add xfdashboard-relax-some-package-versions.diff - Rewrite the "tee -a" construct to avoid compressed binary data being sent to stdout and cluttering the output - Add xfdashboard-rpmlintrc to avoid an unnecessary complex package name for libxdashboard0 - Add "-lm" to CFLAGS on Leap 15.6, because libxfdashboard0.so doesn't get automatically linked with libm. Changes in xfdesktop: - Switch to using meson for building; this allows building this package even in the upcoming development release Xfce-4.21 - Remove bcond_with git and related items - Ensure installed icon files land in _datadir/wallpapers/xfce, not in _datadir/backgrounds/xfce which is used by meson - Fix the monitor name pickup on Wayland, which resulted in broken background picture setup (boo#1247542): - Fix missing backslash for building in non-git mode Changes in xfmpc: - Update to 0.4.0 - Update README after switchover to meson - Add support to Meson - Add search shortcuts - Translation Updates catfish-4.20.1-bp157.3.3.1.noarch.rpm catfish-4.20.1-bp157.3.3.1.src.rpm catfish-lang-4.20.1-bp157.3.3.1.noarch.rpm elementary-xfce-icon-theme-0.21+git12.dff5c11f-bp157.2.3.1.noarch.rpm elementary-xfce-icon-theme-0.21+git12.dff5c11f-bp157.2.3.1.src.rpm gigolo-0.6.0-bp157.2.3.1.src.rpm gigolo-0.6.0-bp157.2.3.1.x86_64.rpm gigolo-debuginfo-0.6.0-bp157.2.3.1.x86_64.rpm gigolo-debugsource-0.6.0-bp157.2.3.1.x86_64.rpm gigolo-lang-0.6.0-bp157.2.3.1.noarch.rpm libxfce4kbd-private-3-0-4.20.2-bp157.2.3.1.x86_64.rpm libxfce4kbd-private-3-0-debuginfo-4.20.2-bp157.2.3.1.x86_64.rpm libxfce4ui-2-0-4.20.2-bp157.2.3.1.x86_64.rpm libxfce4ui-2-0-debuginfo-4.20.2-bp157.2.3.1.x86_64.rpm libxfce4ui-4.20.2-bp157.2.3.1.src.rpm libxfce4ui-branding-upstream-4.20.2-bp157.2.3.1.noarch.rpm libxfce4ui-debuginfo-4.20.2-bp157.2.3.1.x86_64.rpm libxfce4ui-debugsource-4.20.2-bp157.2.3.1.x86_64.rpm libxfce4ui-devel-4.20.2-bp157.2.3.1.x86_64.rpm libxfce4ui-devel-debuginfo-4.20.2-bp157.2.3.1.x86_64.rpm libxfce4ui-doc-4.20.2-bp157.2.3.1.noarch.rpm libxfce4ui-lang-4.20.2-bp157.2.3.1.noarch.rpm libxfce4ui-tools-4.20.2-bp157.2.3.1.x86_64.rpm libxfce4ui-tools-debuginfo-4.20.2-bp157.2.3.1.x86_64.rpm typelib-1_0-Libxfce4ui-2_0-4.20.2-bp157.2.3.1.x86_64.rpm libxfce4windowing-0-0-4.20.4-bp157.2.3.1.x86_64.rpm libxfce4windowing-0-0-debuginfo-4.20.4-bp157.2.3.1.x86_64.rpm libxfce4windowing-4.20.4-bp157.2.3.1.src.rpm libxfce4windowing-debuginfo-4.20.4-bp157.2.3.1.x86_64.rpm libxfce4windowing-debugsource-4.20.4-bp157.2.3.1.x86_64.rpm libxfce4windowing-devel-4.20.4-bp157.2.3.1.x86_64.rpm libxfce4windowing-devel-doc-4.20.4-bp157.2.3.1.noarch.rpm libxfce4windowing-lang-4.20.4-bp157.2.3.1.noarch.rpm libxfce4windowingui-0-0-4.20.4-bp157.2.3.1.x86_64.rpm libxfce4windowingui-0-0-debuginfo-4.20.4-bp157.2.3.1.x86_64.rpm typelib-1_0-Libxfce4windowing-0_0-4.20.4-bp157.2.3.1.x86_64.rpm typelib-1_0-Libxfce4windowingui-0_0-4.20.4-bp157.2.3.1.x86_64.rpm menulibre-2.4.0-bp157.3.3.1.noarch.rpm menulibre-2.4.0-bp157.3.3.1.src.rpm menulibre-lang-2.4.0-bp157.3.3.1.noarch.rpm orage-4.20.2-bp157.2.3.1.src.rpm orage-4.20.2-bp157.2.3.1.x86_64.rpm orage-debuginfo-4.20.2-bp157.2.3.1.x86_64.rpm orage-debugsource-4.20.2-bp157.2.3.1.x86_64.rpm orage-lang-4.20.2-bp157.2.3.1.noarch.rpm parole-4.20.0-bp157.2.3.1.src.rpm parole-4.20.0-bp157.2.3.1.x86_64.rpm parole-debuginfo-4.20.0-bp157.2.3.1.x86_64.rpm parole-debugsource-4.20.0-bp157.2.3.1.x86_64.rpm parole-devel-4.20.0-bp157.2.3.1.x86_64.rpm parole-lang-4.20.0-bp157.2.3.1.noarch.rpm pragha-1.3.99.1-bp157.2.3.1.src.rpm pragha-1.3.99.1-bp157.2.3.1.x86_64.rpm pragha-debuginfo-1.3.99.1-bp157.2.3.1.x86_64.rpm pragha-debugsource-1.3.99.1-bp157.2.3.1.x86_64.rpm pragha-lang-1.3.99.1-bp157.2.3.1.noarch.rpm pragha-plugins-1.3.99.1-bp157.2.3.1.x86_64.rpm pragha-plugins-debuginfo-1.3.99.1-bp157.2.3.1.x86_64.rpm pragha-plugins-devel-1.3.99.1-bp157.2.3.1.x86_64.rpm thunar-archive-plugin-0.6.0-bp157.2.3.1.src.rpm thunar-archive-plugin-0.6.0-bp157.2.3.1.x86_64.rpm thunar-archive-plugin-debuginfo-0.6.0-bp157.2.3.1.x86_64.rpm thunar-archive-plugin-debugsource-0.6.0-bp157.2.3.1.x86_64.rpm thunar-archive-plugin-lang-0.6.0-bp157.2.3.1.noarch.rpm thunar-media-tags-plugin-0.6.0-bp157.2.3.1.src.rpm thunar-media-tags-plugin-0.6.0-bp157.2.3.1.x86_64.rpm thunar-media-tags-plugin-debuginfo-0.6.0-bp157.2.3.1.x86_64.rpm thunar-media-tags-plugin-debugsource-0.6.0-bp157.2.3.1.x86_64.rpm thunar-media-tags-plugin-lang-0.6.0-bp157.2.3.1.noarch.rpm thunar-shares-plugin-0.5.0-bp157.2.3.1.src.rpm thunar-shares-plugin-0.5.0-bp157.2.3.1.x86_64.rpm thunar-shares-plugin-debuginfo-0.5.0-bp157.2.3.1.x86_64.rpm thunar-shares-plugin-debugsource-0.5.0-bp157.2.3.1.x86_64.rpm thunar-shares-plugin-lang-0.5.0-bp157.2.3.1.noarch.rpm thunar-vcs-plugin-0.4.0-bp157.2.3.1.src.rpm thunar-vcs-plugin-0.4.0-bp157.2.3.1.x86_64.rpm thunar-vcs-plugin-debuginfo-0.4.0-bp157.2.3.1.x86_64.rpm thunar-vcs-plugin-debugsource-0.4.0-bp157.2.3.1.x86_64.rpm thunar-vcs-plugin-lang-0.4.0-bp157.2.3.1.noarch.rpm libthunarx-3-0-4.20.6-bp157.2.3.2.x86_64.rpm libthunarx-3-0-debuginfo-4.20.6-bp157.2.3.2.x86_64.rpm thunar-4.20.6-bp157.2.3.2.src.rpm thunar-4.20.6-bp157.2.3.2.x86_64.rpm thunar-debuginfo-4.20.6-bp157.2.3.2.x86_64.rpm thunar-debugsource-4.20.6-bp157.2.3.2.x86_64.rpm thunar-devel-4.20.6-bp157.2.3.2.x86_64.rpm thunar-lang-4.20.6-bp157.2.3.2.noarch.rpm typelib-1_0-Thunarx-3_0-4.20.6-bp157.2.3.2.x86_64.rpm libtumbler-1-0-4.20.1-bp157.3.3.1.x86_64.rpm libtumbler-1-0-debuginfo-4.20.1-bp157.3.3.1.x86_64.rpm tumbler-4.20.1-bp157.3.3.1.src.rpm tumbler-4.20.1-bp157.3.3.1.x86_64.rpm tumbler-debuginfo-4.20.1-bp157.3.3.1.x86_64.rpm tumbler-debugsource-4.20.1-bp157.3.3.1.x86_64.rpm tumbler-devel-4.20.1-bp157.3.3.1.x86_64.rpm tumbler-doc-4.20.1-bp157.3.3.1.noarch.rpm tumbler-folder-thumbnailer-4.20.1-bp157.3.3.1.noarch.rpm tumbler-lang-4.20.1-bp157.3.3.1.noarch.rpm tumbler-webp-thumbnailer-4.20.1-bp157.3.3.1.noarch.rpm xfburn-0.8.0-bp157.2.3.1.src.rpm xfburn-0.8.0-bp157.2.3.1.x86_64.rpm xfburn-debuginfo-0.8.0-bp157.2.3.1.x86_64.rpm xfburn-debugsource-0.8.0-bp157.2.3.1.x86_64.rpm xfburn-lang-0.8.0-bp157.2.3.1.noarch.rpm xfce4-battery-plugin-1.2.0-bp157.2.3.1.src.rpm xfce4-battery-plugin-1.2.0-bp157.2.3.1.x86_64.rpm xfce4-battery-plugin-debuginfo-1.2.0-bp157.2.3.1.x86_64.rpm xfce4-battery-plugin-debugsource-1.2.0-bp157.2.3.1.x86_64.rpm xfce4-battery-plugin-lang-1.2.0-bp157.2.3.1.noarch.rpm xfce4-calculator-plugin-0.8.0-bp157.2.3.1.src.rpm xfce4-calculator-plugin-0.8.0-bp157.2.3.1.x86_64.rpm xfce4-calculator-plugin-debuginfo-0.8.0-bp157.2.3.1.x86_64.rpm xfce4-calculator-plugin-debugsource-0.8.0-bp157.2.3.1.x86_64.rpm xfce4-calculator-plugin-lang-0.8.0-bp157.2.3.1.noarch.rpm xfce4-clipman-plugin-1.7.0-bp157.2.3.1.src.rpm xfce4-clipman-plugin-1.7.0-bp157.2.3.1.x86_64.rpm xfce4-clipman-plugin-debuginfo-1.7.0-bp157.2.3.1.x86_64.rpm xfce4-clipman-plugin-debugsource-1.7.0-bp157.2.3.1.x86_64.rpm xfce4-clipman-plugin-lang-1.7.0-bp157.2.3.1.noarch.rpm xfce4-cpufreq-plugin-1.3.0-bp157.2.3.2.src.rpm xfce4-cpufreq-plugin-1.3.0-bp157.2.3.2.x86_64.rpm xfce4-cpufreq-plugin-debuginfo-1.3.0-bp157.2.3.2.x86_64.rpm xfce4-cpufreq-plugin-debugsource-1.3.0-bp157.2.3.2.x86_64.rpm xfce4-cpufreq-plugin-lang-1.3.0-bp157.2.3.2.noarch.rpm xfce4-cpugraph-plugin-1.3.0-bp157.2.3.2.src.rpm xfce4-cpugraph-plugin-1.3.0-bp157.2.3.2.x86_64.rpm xfce4-cpugraph-plugin-debuginfo-1.3.0-bp157.2.3.2.x86_64.rpm xfce4-cpugraph-plugin-debugsource-1.3.0-bp157.2.3.2.x86_64.rpm xfce4-cpugraph-plugin-lang-1.3.0-bp157.2.3.2.noarch.rpm xfce4-dict-0.8.9-bp157.2.3.1.src.rpm xfce4-dict-0.8.9-bp157.2.3.1.x86_64.rpm xfce4-dict-debuginfo-0.8.9-bp157.2.3.1.x86_64.rpm xfce4-dict-debugsource-0.8.9-bp157.2.3.1.x86_64.rpm xfce4-dict-lang-0.8.9-bp157.2.3.1.noarch.rpm xfce4-panel-plugin-dict-0.8.9-bp157.2.3.1.x86_64.rpm xfce4-panel-plugin-dict-debuginfo-0.8.9-bp157.2.3.1.x86_64.rpm xfce4-diskperf-plugin-2.8.0-bp157.2.3.2.src.rpm xfce4-diskperf-plugin-2.8.0-bp157.2.3.2.x86_64.rpm xfce4-diskperf-plugin-debuginfo-2.8.0-bp157.2.3.2.x86_64.rpm xfce4-diskperf-plugin-debugsource-2.8.0-bp157.2.3.2.x86_64.rpm xfce4-diskperf-plugin-lang-2.8.0-bp157.2.3.2.noarch.rpm xfce4-docklike-plugin-0.5.0-bp157.2.3.2.src.rpm xfce4-docklike-plugin-0.5.0-bp157.2.3.2.x86_64.rpm xfce4-docklike-plugin-debuginfo-0.5.0-bp157.2.3.2.x86_64.rpm xfce4-docklike-plugin-debugsource-0.5.0-bp157.2.3.2.x86_64.rpm xfce4-docklike-plugin-lang-0.5.0-bp157.2.3.2.noarch.rpm xfce4-eyes-plugin-4.7.0-bp157.2.3.2.src.rpm xfce4-eyes-plugin-4.7.0-bp157.2.3.2.x86_64.rpm xfce4-eyes-plugin-debuginfo-4.7.0-bp157.2.3.2.x86_64.rpm xfce4-eyes-plugin-debugsource-4.7.0-bp157.2.3.2.x86_64.rpm xfce4-eyes-plugin-lang-4.7.0-bp157.2.3.2.noarch.rpm xfce4-fsguard-plugin-1.2.0-bp157.2.3.2.src.rpm xfce4-fsguard-plugin-1.2.0-bp157.2.3.2.x86_64.rpm xfce4-fsguard-plugin-debuginfo-1.2.0-bp157.2.3.2.x86_64.rpm xfce4-fsguard-plugin-debugsource-1.2.0-bp157.2.3.2.x86_64.rpm xfce4-fsguard-plugin-lang-1.2.0-bp157.2.3.2.noarch.rpm xfce4-genmon-plugin-4.3.0-bp157.2.3.2.src.rpm xfce4-genmon-plugin-4.3.0-bp157.2.3.2.x86_64.rpm xfce4-genmon-plugin-debuginfo-4.3.0-bp157.2.3.2.x86_64.rpm xfce4-genmon-plugin-debugsource-4.3.0-bp157.2.3.2.x86_64.rpm xfce4-genmon-plugin-lang-4.3.0-bp157.2.3.2.noarch.rpm xfce4-mailwatch-plugin-1.4.0-bp157.2.3.1.src.rpm xfce4-mailwatch-plugin-1.4.0-bp157.2.3.1.x86_64.rpm xfce4-mailwatch-plugin-debuginfo-1.4.0-bp157.2.3.1.x86_64.rpm xfce4-mailwatch-plugin-debugsource-1.4.0-bp157.2.3.1.x86_64.rpm xfce4-mailwatch-plugin-lang-1.4.0-bp157.2.3.1.noarch.rpm xfce4-mount-plugin-1.2.0-bp157.2.3.2.src.rpm xfce4-mount-plugin-1.2.0-bp157.2.3.2.x86_64.rpm xfce4-mount-plugin-debuginfo-1.2.0-bp157.2.3.2.x86_64.rpm xfce4-mount-plugin-debugsource-1.2.0-bp157.2.3.2.x86_64.rpm xfce4-mount-plugin-lang-1.2.0-bp157.2.3.2.noarch.rpm xfce4-mpc-plugin-0.6.0-bp157.2.3.2.src.rpm xfce4-mpc-plugin-0.6.0-bp157.2.3.2.x86_64.rpm xfce4-mpc-plugin-debuginfo-0.6.0-bp157.2.3.2.x86_64.rpm xfce4-mpc-plugin-debugsource-0.6.0-bp157.2.3.2.x86_64.rpm xfce4-mpc-plugin-lang-0.6.0-bp157.2.3.2.noarch.rpm xfce4-netload-plugin-1.5.0-bp157.2.3.2.src.rpm xfce4-netload-plugin-1.5.0-bp157.2.3.2.x86_64.rpm xfce4-netload-plugin-debuginfo-1.5.0-bp157.2.3.2.x86_64.rpm xfce4-netload-plugin-debugsource-1.5.0-bp157.2.3.2.x86_64.rpm xfce4-netload-plugin-lang-1.5.0-bp157.2.3.2.noarch.rpm xfce4-notes-plugin-1.12.0-bp157.2.3.2.src.rpm xfce4-notes-plugin-1.12.0-bp157.2.3.2.x86_64.rpm xfce4-notes-plugin-debuginfo-1.12.0-bp157.2.3.2.x86_64.rpm xfce4-notes-plugin-debugsource-1.12.0-bp157.2.3.2.x86_64.rpm xfce4-notes-plugin-lang-1.12.0-bp157.2.3.2.noarch.rpm xfce4-panel-profiles-1.1.1-bp157.2.3.1.noarch.rpm xfce4-panel-profiles-1.1.1-bp157.2.3.1.src.rpm libxfce4panel-2_0-4-4.20.5-bp157.2.3.1.x86_64.rpm libxfce4panel-2_0-4-debuginfo-4.20.5-bp157.2.3.1.x86_64.rpm typelib-1_0-Libxfce4panel-2_0-4.20.5-bp157.2.3.1.x86_64.rpm xfce4-panel-4.20.5-bp157.2.3.1.src.rpm xfce4-panel-4.20.5-bp157.2.3.1.x86_64.rpm xfce4-panel-branding-upstream-4.20.5-bp157.2.3.1.noarch.rpm xfce4-panel-debuginfo-4.20.5-bp157.2.3.1.x86_64.rpm xfce4-panel-debugsource-4.20.5-bp157.2.3.1.x86_64.rpm xfce4-panel-devel-4.20.5-bp157.2.3.1.x86_64.rpm xfce4-panel-lang-4.20.5-bp157.2.3.1.noarch.rpm xfce4-panel-restore-defaults-4.20.5-bp157.2.3.1.x86_64.rpm xfce4-places-plugin-1.9.0-bp157.2.3.1.src.rpm xfce4-places-plugin-1.9.0-bp157.2.3.1.x86_64.rpm xfce4-places-plugin-debuginfo-1.9.0-bp157.2.3.1.x86_64.rpm xfce4-places-plugin-debugsource-1.9.0-bp157.2.3.1.x86_64.rpm xfce4-places-plugin-lang-1.9.0-bp157.2.3.1.noarch.rpm xfce4-screenshooter-1.11.2-bp157.2.3.1.src.rpm xfce4-screenshooter-1.11.2-bp157.2.3.1.x86_64.rpm xfce4-screenshooter-debuginfo-1.11.2-bp157.2.3.1.x86_64.rpm xfce4-screenshooter-debugsource-1.11.2-bp157.2.3.1.x86_64.rpm xfce4-screenshooter-lang-1.11.2-bp157.2.3.1.noarch.rpm xfce4-screenshooter-plugin-1.11.2-bp157.2.3.1.x86_64.rpm xfce4-screenshooter-plugin-debuginfo-1.11.2-bp157.2.3.1.x86_64.rpm xfce4-sensors-plugin-1.5.0-bp157.2.3.1.src.rpm xfce4-sensors-plugin-1.5.0-bp157.2.3.1.x86_64.rpm xfce4-sensors-plugin-debuginfo-1.5.0-bp157.2.3.1.x86_64.rpm xfce4-sensors-plugin-debugsource-1.5.0-bp157.2.3.1.x86_64.rpm xfce4-sensors-plugin-lang-1.5.0-bp157.2.3.1.noarch.rpm xfce4-session-4.20.3-bp157.2.3.1.src.rpm xfce4-session-4.20.3-bp157.2.3.1.x86_64.rpm xfce4-session-branding-upstream-4.20.3-bp157.2.3.1.noarch.rpm xfce4-session-debuginfo-4.20.3-bp157.2.3.1.x86_64.rpm xfce4-session-debugsource-4.20.3-bp157.2.3.1.x86_64.rpm xfce4-session-lang-4.20.3-bp157.2.3.1.noarch.rpm xfce4-settings-4.20.2-bp157.2.3.1.src.rpm xfce4-settings-4.20.2-bp157.2.3.1.x86_64.rpm xfce4-settings-branding-upstream-4.20.2-bp157.2.3.1.noarch.rpm xfce4-settings-color-4.20.2-bp157.2.3.1.x86_64.rpm xfce4-settings-color-debuginfo-4.20.2-bp157.2.3.1.x86_64.rpm xfce4-settings-debuginfo-4.20.2-bp157.2.3.1.x86_64.rpm xfce4-settings-debugsource-4.20.2-bp157.2.3.1.x86_64.rpm xfce4-settings-lang-4.20.2-bp157.2.3.1.noarch.rpm xfce4-smartbookmark-plugin-0.6.0-bp157.2.3.1.src.rpm xfce4-smartbookmark-plugin-0.6.0-bp157.2.3.1.x86_64.rpm xfce4-smartbookmark-plugin-debuginfo-0.6.0-bp157.2.3.1.x86_64.rpm xfce4-smartbookmark-plugin-debugsource-0.6.0-bp157.2.3.1.x86_64.rpm xfce4-smartbookmark-plugin-lang-0.6.0-bp157.2.3.1.noarch.rpm xfce4-stopwatch-plugin-0.6.0-bp157.2.3.1.src.rpm xfce4-stopwatch-plugin-0.6.0-bp157.2.3.1.x86_64.rpm xfce4-stopwatch-plugin-debuginfo-0.6.0-bp157.2.3.1.x86_64.rpm xfce4-stopwatch-plugin-debugsource-0.6.0-bp157.2.3.1.x86_64.rpm xfce4-stopwatch-plugin-lang-0.6.0-bp157.2.3.1.noarch.rpm xfce4-systemload-plugin-1.4.0-bp157.2.3.1.src.rpm xfce4-systemload-plugin-1.4.0-bp157.2.3.1.x86_64.rpm xfce4-systemload-plugin-debuginfo-1.4.0-bp157.2.3.1.x86_64.rpm xfce4-systemload-plugin-debugsource-1.4.0-bp157.2.3.1.x86_64.rpm xfce4-systemload-plugin-lang-1.4.0-bp157.2.3.1.noarch.rpm xfce4-taskmanager-1.6.0-bp157.2.3.1.src.rpm xfce4-taskmanager-1.6.0-bp157.2.3.1.x86_64.rpm xfce4-taskmanager-debuginfo-1.6.0-bp157.2.3.1.x86_64.rpm xfce4-taskmanager-debugsource-1.6.0-bp157.2.3.1.x86_64.rpm xfce4-taskmanager-lang-1.6.0-bp157.2.3.1.noarch.rpm xfce4-time-out-plugin-1.2.0-bp157.2.3.1.src.rpm xfce4-time-out-plugin-1.2.0-bp157.2.3.1.x86_64.rpm xfce4-time-out-plugin-debuginfo-1.2.0-bp157.2.3.1.x86_64.rpm xfce4-time-out-plugin-debugsource-1.2.0-bp157.2.3.1.x86_64.rpm xfce4-time-out-plugin-lang-1.2.0-bp157.2.3.1.noarch.rpm xfce4-timer-plugin-1.8.0-bp157.2.3.1.src.rpm xfce4-timer-plugin-1.8.0-bp157.2.3.1.x86_64.rpm xfce4-timer-plugin-debuginfo-1.8.0-bp157.2.3.1.x86_64.rpm xfce4-timer-plugin-debugsource-1.8.0-bp157.2.3.1.x86_64.rpm xfce4-timer-plugin-lang-1.8.0-bp157.2.3.1.noarch.rpm xfce4-verve-plugin-2.1.0-bp157.2.3.1.src.rpm xfce4-verve-plugin-2.1.0-bp157.2.3.1.x86_64.rpm xfce4-verve-plugin-debuginfo-2.1.0-bp157.2.3.1.x86_64.rpm xfce4-verve-plugin-debugsource-2.1.0-bp157.2.3.1.x86_64.rpm xfce4-verve-plugin-lang-2.1.0-bp157.2.3.1.noarch.rpm xfce4-wavelan-plugin-0.7.0-bp157.2.3.1.src.rpm xfce4-wavelan-plugin-0.7.0-bp157.2.3.1.x86_64.rpm xfce4-wavelan-plugin-debuginfo-0.7.0-bp157.2.3.1.x86_64.rpm xfce4-wavelan-plugin-debugsource-0.7.0-bp157.2.3.1.x86_64.rpm xfce4-wavelan-plugin-lang-0.7.0-bp157.2.3.1.noarch.rpm xfce4-weather-plugin-0.12.0-bp157.2.3.1.src.rpm xfce4-weather-plugin-0.12.0-bp157.2.3.1.x86_64.rpm xfce4-weather-plugin-debuginfo-0.12.0-bp157.2.3.1.x86_64.rpm xfce4-weather-plugin-debugsource-0.12.0-bp157.2.3.1.x86_64.rpm xfce4-weather-plugin-lang-0.12.0-bp157.2.3.1.noarch.rpm xfce4-whiskermenu-plugin-2.10.0-bp157.2.3.1.src.rpm xfce4-whiskermenu-plugin-2.10.0-bp157.2.3.1.x86_64.rpm xfce4-whiskermenu-plugin-debuginfo-2.10.0-bp157.2.3.1.x86_64.rpm xfce4-whiskermenu-plugin-debugsource-2.10.0-bp157.2.3.1.x86_64.rpm xfce4-whiskermenu-plugin-lang-2.10.0-bp157.2.3.1.noarch.rpm xfce4-xkb-plugin-0.9.0-bp157.2.3.1.src.rpm xfce4-xkb-plugin-0.9.0-bp157.2.3.1.x86_64.rpm xfce4-xkb-plugin-debuginfo-0.9.0-bp157.2.3.1.x86_64.rpm xfce4-xkb-plugin-debugsource-0.9.0-bp157.2.3.1.x86_64.rpm xfce4-xkb-plugin-lang-0.9.0-bp157.2.3.1.noarch.rpm libxfdashboard0-1.1.0-bp157.3.3.1.x86_64.rpm libxfdashboard0-debuginfo-1.1.0-bp157.3.3.1.x86_64.rpm xfdashboard-1.1.0-bp157.3.3.1.src.rpm xfdashboard-1.1.0-bp157.3.3.1.x86_64.rpm xfdashboard-debuginfo-1.1.0-bp157.3.3.1.x86_64.rpm xfdashboard-debugsource-1.1.0-bp157.3.3.1.x86_64.rpm xfdashboard-devel-1.1.0-bp157.3.3.1.x86_64.rpm xfdashboard-lang-1.1.0-bp157.3.3.1.noarch.rpm xfdashboard-themes-1.1.0-bp157.3.3.1.noarch.rpm xfdesktop-4.20.1-bp157.2.3.1.src.rpm xfdesktop-4.20.1-bp157.2.3.1.x86_64.rpm xfdesktop-branding-upstream-4.20.1-bp157.2.3.1.noarch.rpm xfdesktop-debuginfo-4.20.1-bp157.2.3.1.x86_64.rpm xfdesktop-debugsource-4.20.1-bp157.2.3.1.x86_64.rpm xfdesktop-lang-4.20.1-bp157.2.3.1.noarch.rpm xfmpc-0.4.0-bp157.2.3.1.src.rpm xfmpc-0.4.0-bp157.2.3.1.x86_64.rpm xfmpc-debuginfo-0.4.0-bp157.2.3.1.x86_64.rpm xfmpc-debugsource-0.4.0-bp157.2.3.1.x86_64.rpm xfmpc-lang-0.4.0-bp157.2.3.1.noarch.rpm gigolo-0.6.0-bp157.2.3.1.aarch64.rpm gigolo-debuginfo-0.6.0-bp157.2.3.1.aarch64.rpm gigolo-debugsource-0.6.0-bp157.2.3.1.aarch64.rpm libxfce4kbd-private-3-0-4.20.2-bp157.2.3.1.aarch64.rpm libxfce4kbd-private-3-0-debuginfo-4.20.2-bp157.2.3.1.aarch64.rpm libxfce4ui-2-0-4.20.2-bp157.2.3.1.aarch64.rpm libxfce4ui-2-0-debuginfo-4.20.2-bp157.2.3.1.aarch64.rpm libxfce4ui-debuginfo-4.20.2-bp157.2.3.1.aarch64.rpm libxfce4ui-debugsource-4.20.2-bp157.2.3.1.aarch64.rpm libxfce4ui-devel-4.20.2-bp157.2.3.1.aarch64.rpm libxfce4ui-devel-debuginfo-4.20.2-bp157.2.3.1.aarch64.rpm libxfce4ui-tools-4.20.2-bp157.2.3.1.aarch64.rpm libxfce4ui-tools-debuginfo-4.20.2-bp157.2.3.1.aarch64.rpm typelib-1_0-Libxfce4ui-2_0-4.20.2-bp157.2.3.1.aarch64.rpm libxfce4windowing-0-0-4.20.4-bp157.2.3.1.aarch64.rpm libxfce4windowing-0-0-debuginfo-4.20.4-bp157.2.3.1.aarch64.rpm libxfce4windowing-debuginfo-4.20.4-bp157.2.3.1.aarch64.rpm libxfce4windowing-debugsource-4.20.4-bp157.2.3.1.aarch64.rpm libxfce4windowing-devel-4.20.4-bp157.2.3.1.aarch64.rpm libxfce4windowingui-0-0-4.20.4-bp157.2.3.1.aarch64.rpm libxfce4windowingui-0-0-debuginfo-4.20.4-bp157.2.3.1.aarch64.rpm typelib-1_0-Libxfce4windowing-0_0-4.20.4-bp157.2.3.1.aarch64.rpm typelib-1_0-Libxfce4windowingui-0_0-4.20.4-bp157.2.3.1.aarch64.rpm orage-4.20.2-bp157.2.3.1.aarch64.rpm orage-debuginfo-4.20.2-bp157.2.3.1.aarch64.rpm orage-debugsource-4.20.2-bp157.2.3.1.aarch64.rpm parole-4.20.0-bp157.2.3.1.aarch64.rpm parole-debuginfo-4.20.0-bp157.2.3.1.aarch64.rpm parole-debugsource-4.20.0-bp157.2.3.1.aarch64.rpm parole-devel-4.20.0-bp157.2.3.1.aarch64.rpm pragha-1.3.99.1-bp157.2.3.1.aarch64.rpm pragha-debuginfo-1.3.99.1-bp157.2.3.1.aarch64.rpm pragha-debugsource-1.3.99.1-bp157.2.3.1.aarch64.rpm pragha-plugins-1.3.99.1-bp157.2.3.1.aarch64.rpm pragha-plugins-debuginfo-1.3.99.1-bp157.2.3.1.aarch64.rpm pragha-plugins-devel-1.3.99.1-bp157.2.3.1.aarch64.rpm thunar-archive-plugin-0.6.0-bp157.2.3.1.aarch64.rpm thunar-archive-plugin-debuginfo-0.6.0-bp157.2.3.1.aarch64.rpm thunar-archive-plugin-debugsource-0.6.0-bp157.2.3.1.aarch64.rpm thunar-media-tags-plugin-0.6.0-bp157.2.3.1.aarch64.rpm thunar-media-tags-plugin-debuginfo-0.6.0-bp157.2.3.1.aarch64.rpm thunar-media-tags-plugin-debugsource-0.6.0-bp157.2.3.1.aarch64.rpm thunar-shares-plugin-0.5.0-bp157.2.3.1.aarch64.rpm thunar-shares-plugin-debuginfo-0.5.0-bp157.2.3.1.aarch64.rpm thunar-shares-plugin-debugsource-0.5.0-bp157.2.3.1.aarch64.rpm thunar-vcs-plugin-0.4.0-bp157.2.3.1.aarch64.rpm thunar-vcs-plugin-debuginfo-0.4.0-bp157.2.3.1.aarch64.rpm thunar-vcs-plugin-debugsource-0.4.0-bp157.2.3.1.aarch64.rpm libthunarx-3-0-4.20.6-bp157.2.3.2.aarch64.rpm libthunarx-3-0-debuginfo-4.20.6-bp157.2.3.2.aarch64.rpm thunar-4.20.6-bp157.2.3.2.aarch64.rpm thunar-debuginfo-4.20.6-bp157.2.3.2.aarch64.rpm thunar-debugsource-4.20.6-bp157.2.3.2.aarch64.rpm thunar-devel-4.20.6-bp157.2.3.2.aarch64.rpm typelib-1_0-Thunarx-3_0-4.20.6-bp157.2.3.2.aarch64.rpm libtumbler-1-0-4.20.1-bp157.3.3.1.aarch64.rpm libtumbler-1-0-debuginfo-4.20.1-bp157.3.3.1.aarch64.rpm tumbler-4.20.1-bp157.3.3.1.aarch64.rpm tumbler-debuginfo-4.20.1-bp157.3.3.1.aarch64.rpm tumbler-debugsource-4.20.1-bp157.3.3.1.aarch64.rpm tumbler-devel-4.20.1-bp157.3.3.1.aarch64.rpm xfburn-0.8.0-bp157.2.3.1.aarch64.rpm xfburn-debuginfo-0.8.0-bp157.2.3.1.aarch64.rpm xfburn-debugsource-0.8.0-bp157.2.3.1.aarch64.rpm xfce4-battery-plugin-1.2.0-bp157.2.3.1.aarch64.rpm xfce4-battery-plugin-debuginfo-1.2.0-bp157.2.3.1.aarch64.rpm xfce4-battery-plugin-debugsource-1.2.0-bp157.2.3.1.aarch64.rpm xfce4-calculator-plugin-0.8.0-bp157.2.3.1.aarch64.rpm xfce4-calculator-plugin-debuginfo-0.8.0-bp157.2.3.1.aarch64.rpm xfce4-calculator-plugin-debugsource-0.8.0-bp157.2.3.1.aarch64.rpm xfce4-clipman-plugin-1.7.0-bp157.2.3.1.aarch64.rpm xfce4-clipman-plugin-debuginfo-1.7.0-bp157.2.3.1.aarch64.rpm xfce4-clipman-plugin-debugsource-1.7.0-bp157.2.3.1.aarch64.rpm xfce4-cpufreq-plugin-1.3.0-bp157.2.3.2.aarch64.rpm xfce4-cpufreq-plugin-debuginfo-1.3.0-bp157.2.3.2.aarch64.rpm xfce4-cpufreq-plugin-debugsource-1.3.0-bp157.2.3.2.aarch64.rpm xfce4-cpugraph-plugin-1.3.0-bp157.2.3.2.aarch64.rpm xfce4-cpugraph-plugin-debuginfo-1.3.0-bp157.2.3.2.aarch64.rpm xfce4-cpugraph-plugin-debugsource-1.3.0-bp157.2.3.2.aarch64.rpm xfce4-dict-0.8.9-bp157.2.3.1.aarch64.rpm xfce4-dict-debuginfo-0.8.9-bp157.2.3.1.aarch64.rpm xfce4-dict-debugsource-0.8.9-bp157.2.3.1.aarch64.rpm xfce4-panel-plugin-dict-0.8.9-bp157.2.3.1.aarch64.rpm xfce4-panel-plugin-dict-debuginfo-0.8.9-bp157.2.3.1.aarch64.rpm xfce4-diskperf-plugin-2.8.0-bp157.2.3.2.aarch64.rpm xfce4-diskperf-plugin-debuginfo-2.8.0-bp157.2.3.2.aarch64.rpm xfce4-diskperf-plugin-debugsource-2.8.0-bp157.2.3.2.aarch64.rpm xfce4-docklike-plugin-0.5.0-bp157.2.3.2.aarch64.rpm xfce4-docklike-plugin-debuginfo-0.5.0-bp157.2.3.2.aarch64.rpm xfce4-docklike-plugin-debugsource-0.5.0-bp157.2.3.2.aarch64.rpm xfce4-eyes-plugin-4.7.0-bp157.2.3.2.aarch64.rpm xfce4-eyes-plugin-debuginfo-4.7.0-bp157.2.3.2.aarch64.rpm xfce4-eyes-plugin-debugsource-4.7.0-bp157.2.3.2.aarch64.rpm xfce4-fsguard-plugin-1.2.0-bp157.2.3.2.aarch64.rpm xfce4-fsguard-plugin-debuginfo-1.2.0-bp157.2.3.2.aarch64.rpm xfce4-fsguard-plugin-debugsource-1.2.0-bp157.2.3.2.aarch64.rpm xfce4-genmon-plugin-4.3.0-bp157.2.3.2.aarch64.rpm xfce4-genmon-plugin-debuginfo-4.3.0-bp157.2.3.2.aarch64.rpm xfce4-genmon-plugin-debugsource-4.3.0-bp157.2.3.2.aarch64.rpm xfce4-mailwatch-plugin-1.4.0-bp157.2.3.1.aarch64.rpm xfce4-mailwatch-plugin-debuginfo-1.4.0-bp157.2.3.1.aarch64.rpm xfce4-mailwatch-plugin-debugsource-1.4.0-bp157.2.3.1.aarch64.rpm xfce4-mount-plugin-1.2.0-bp157.2.3.2.aarch64.rpm xfce4-mount-plugin-debuginfo-1.2.0-bp157.2.3.2.aarch64.rpm xfce4-mount-plugin-debugsource-1.2.0-bp157.2.3.2.aarch64.rpm xfce4-mpc-plugin-0.6.0-bp157.2.3.2.aarch64.rpm xfce4-mpc-plugin-debuginfo-0.6.0-bp157.2.3.2.aarch64.rpm xfce4-mpc-plugin-debugsource-0.6.0-bp157.2.3.2.aarch64.rpm xfce4-netload-plugin-1.5.0-bp157.2.3.2.aarch64.rpm xfce4-netload-plugin-debuginfo-1.5.0-bp157.2.3.2.aarch64.rpm xfce4-netload-plugin-debugsource-1.5.0-bp157.2.3.2.aarch64.rpm xfce4-notes-plugin-1.12.0-bp157.2.3.2.aarch64.rpm xfce4-notes-plugin-debuginfo-1.12.0-bp157.2.3.2.aarch64.rpm xfce4-notes-plugin-debugsource-1.12.0-bp157.2.3.2.aarch64.rpm libxfce4panel-2_0-4-4.20.5-bp157.2.3.1.aarch64.rpm libxfce4panel-2_0-4-debuginfo-4.20.5-bp157.2.3.1.aarch64.rpm typelib-1_0-Libxfce4panel-2_0-4.20.5-bp157.2.3.1.aarch64.rpm xfce4-panel-4.20.5-bp157.2.3.1.aarch64.rpm xfce4-panel-debuginfo-4.20.5-bp157.2.3.1.aarch64.rpm xfce4-panel-debugsource-4.20.5-bp157.2.3.1.aarch64.rpm xfce4-panel-devel-4.20.5-bp157.2.3.1.aarch64.rpm xfce4-panel-restore-defaults-4.20.5-bp157.2.3.1.aarch64.rpm xfce4-places-plugin-1.9.0-bp157.2.3.1.aarch64.rpm xfce4-places-plugin-debuginfo-1.9.0-bp157.2.3.1.aarch64.rpm xfce4-places-plugin-debugsource-1.9.0-bp157.2.3.1.aarch64.rpm xfce4-screenshooter-1.11.2-bp157.2.3.1.aarch64.rpm xfce4-screenshooter-debuginfo-1.11.2-bp157.2.3.1.aarch64.rpm xfce4-screenshooter-debugsource-1.11.2-bp157.2.3.1.aarch64.rpm xfce4-screenshooter-plugin-1.11.2-bp157.2.3.1.aarch64.rpm xfce4-screenshooter-plugin-debuginfo-1.11.2-bp157.2.3.1.aarch64.rpm xfce4-sensors-plugin-1.5.0-bp157.2.3.1.aarch64.rpm xfce4-sensors-plugin-debuginfo-1.5.0-bp157.2.3.1.aarch64.rpm xfce4-sensors-plugin-debugsource-1.5.0-bp157.2.3.1.aarch64.rpm xfce4-session-4.20.3-bp157.2.3.1.aarch64.rpm xfce4-session-debuginfo-4.20.3-bp157.2.3.1.aarch64.rpm xfce4-session-debugsource-4.20.3-bp157.2.3.1.aarch64.rpm xfce4-settings-4.20.2-bp157.2.3.1.aarch64.rpm xfce4-settings-color-4.20.2-bp157.2.3.1.aarch64.rpm xfce4-settings-color-debuginfo-4.20.2-bp157.2.3.1.aarch64.rpm xfce4-settings-debuginfo-4.20.2-bp157.2.3.1.aarch64.rpm xfce4-settings-debugsource-4.20.2-bp157.2.3.1.aarch64.rpm xfce4-smartbookmark-plugin-0.6.0-bp157.2.3.1.aarch64.rpm xfce4-smartbookmark-plugin-debuginfo-0.6.0-bp157.2.3.1.aarch64.rpm xfce4-smartbookmark-plugin-debugsource-0.6.0-bp157.2.3.1.aarch64.rpm xfce4-stopwatch-plugin-0.6.0-bp157.2.3.1.aarch64.rpm xfce4-stopwatch-plugin-debuginfo-0.6.0-bp157.2.3.1.aarch64.rpm xfce4-stopwatch-plugin-debugsource-0.6.0-bp157.2.3.1.aarch64.rpm xfce4-systemload-plugin-1.4.0-bp157.2.3.1.aarch64.rpm xfce4-systemload-plugin-debuginfo-1.4.0-bp157.2.3.1.aarch64.rpm xfce4-systemload-plugin-debugsource-1.4.0-bp157.2.3.1.aarch64.rpm xfce4-taskmanager-1.6.0-bp157.2.3.1.aarch64.rpm xfce4-taskmanager-debuginfo-1.6.0-bp157.2.3.1.aarch64.rpm xfce4-taskmanager-debugsource-1.6.0-bp157.2.3.1.aarch64.rpm xfce4-time-out-plugin-1.2.0-bp157.2.3.1.aarch64.rpm xfce4-time-out-plugin-debuginfo-1.2.0-bp157.2.3.1.aarch64.rpm xfce4-time-out-plugin-debugsource-1.2.0-bp157.2.3.1.aarch64.rpm xfce4-timer-plugin-1.8.0-bp157.2.3.1.aarch64.rpm xfce4-timer-plugin-debuginfo-1.8.0-bp157.2.3.1.aarch64.rpm xfce4-timer-plugin-debugsource-1.8.0-bp157.2.3.1.aarch64.rpm xfce4-verve-plugin-2.1.0-bp157.2.3.1.aarch64.rpm xfce4-verve-plugin-debuginfo-2.1.0-bp157.2.3.1.aarch64.rpm xfce4-verve-plugin-debugsource-2.1.0-bp157.2.3.1.aarch64.rpm xfce4-wavelan-plugin-0.7.0-bp157.2.3.1.aarch64.rpm xfce4-wavelan-plugin-debuginfo-0.7.0-bp157.2.3.1.aarch64.rpm xfce4-wavelan-plugin-debugsource-0.7.0-bp157.2.3.1.aarch64.rpm xfce4-weather-plugin-0.12.0-bp157.2.3.1.aarch64.rpm xfce4-weather-plugin-debuginfo-0.12.0-bp157.2.3.1.aarch64.rpm xfce4-weather-plugin-debugsource-0.12.0-bp157.2.3.1.aarch64.rpm xfce4-whiskermenu-plugin-2.10.0-bp157.2.3.1.aarch64.rpm xfce4-whiskermenu-plugin-debuginfo-2.10.0-bp157.2.3.1.aarch64.rpm xfce4-whiskermenu-plugin-debugsource-2.10.0-bp157.2.3.1.aarch64.rpm xfce4-xkb-plugin-0.9.0-bp157.2.3.1.aarch64.rpm xfce4-xkb-plugin-debuginfo-0.9.0-bp157.2.3.1.aarch64.rpm xfce4-xkb-plugin-debugsource-0.9.0-bp157.2.3.1.aarch64.rpm libxfdashboard0-1.1.0-bp157.3.3.1.aarch64.rpm libxfdashboard0-debuginfo-1.1.0-bp157.3.3.1.aarch64.rpm xfdashboard-1.1.0-bp157.3.3.1.aarch64.rpm xfdashboard-debuginfo-1.1.0-bp157.3.3.1.aarch64.rpm xfdashboard-debugsource-1.1.0-bp157.3.3.1.aarch64.rpm xfdashboard-devel-1.1.0-bp157.3.3.1.aarch64.rpm xfdesktop-4.20.1-bp157.2.3.1.aarch64.rpm xfdesktop-debuginfo-4.20.1-bp157.2.3.1.aarch64.rpm xfdesktop-debugsource-4.20.1-bp157.2.3.1.aarch64.rpm xfmpc-0.4.0-bp157.2.3.1.aarch64.rpm xfmpc-debuginfo-0.4.0-bp157.2.3.1.aarch64.rpm xfmpc-debugsource-0.4.0-bp157.2.3.1.aarch64.rpm gigolo-0.6.0-bp157.2.3.1.ppc64le.rpm gigolo-debuginfo-0.6.0-bp157.2.3.1.ppc64le.rpm gigolo-debugsource-0.6.0-bp157.2.3.1.ppc64le.rpm libxfce4kbd-private-3-0-4.20.2-bp157.2.3.1.ppc64le.rpm libxfce4kbd-private-3-0-debuginfo-4.20.2-bp157.2.3.1.ppc64le.rpm libxfce4ui-2-0-4.20.2-bp157.2.3.1.ppc64le.rpm libxfce4ui-2-0-debuginfo-4.20.2-bp157.2.3.1.ppc64le.rpm libxfce4ui-debuginfo-4.20.2-bp157.2.3.1.ppc64le.rpm libxfce4ui-debugsource-4.20.2-bp157.2.3.1.ppc64le.rpm libxfce4ui-devel-4.20.2-bp157.2.3.1.ppc64le.rpm libxfce4ui-devel-debuginfo-4.20.2-bp157.2.3.1.ppc64le.rpm libxfce4ui-tools-4.20.2-bp157.2.3.1.ppc64le.rpm libxfce4ui-tools-debuginfo-4.20.2-bp157.2.3.1.ppc64le.rpm typelib-1_0-Libxfce4ui-2_0-4.20.2-bp157.2.3.1.ppc64le.rpm libxfce4windowing-0-0-4.20.4-bp157.2.3.1.ppc64le.rpm libxfce4windowing-0-0-debuginfo-4.20.4-bp157.2.3.1.ppc64le.rpm libxfce4windowing-debuginfo-4.20.4-bp157.2.3.1.ppc64le.rpm libxfce4windowing-debugsource-4.20.4-bp157.2.3.1.ppc64le.rpm libxfce4windowing-devel-4.20.4-bp157.2.3.1.ppc64le.rpm libxfce4windowingui-0-0-4.20.4-bp157.2.3.1.ppc64le.rpm libxfce4windowingui-0-0-debuginfo-4.20.4-bp157.2.3.1.ppc64le.rpm typelib-1_0-Libxfce4windowing-0_0-4.20.4-bp157.2.3.1.ppc64le.rpm typelib-1_0-Libxfce4windowingui-0_0-4.20.4-bp157.2.3.1.ppc64le.rpm orage-4.20.2-bp157.2.3.1.ppc64le.rpm orage-debuginfo-4.20.2-bp157.2.3.1.ppc64le.rpm orage-debugsource-4.20.2-bp157.2.3.1.ppc64le.rpm parole-4.20.0-bp157.2.3.1.ppc64le.rpm parole-debuginfo-4.20.0-bp157.2.3.1.ppc64le.rpm parole-debugsource-4.20.0-bp157.2.3.1.ppc64le.rpm parole-devel-4.20.0-bp157.2.3.1.ppc64le.rpm pragha-1.3.99.1-bp157.2.3.1.ppc64le.rpm pragha-debuginfo-1.3.99.1-bp157.2.3.1.ppc64le.rpm pragha-debugsource-1.3.99.1-bp157.2.3.1.ppc64le.rpm pragha-plugins-1.3.99.1-bp157.2.3.1.ppc64le.rpm pragha-plugins-debuginfo-1.3.99.1-bp157.2.3.1.ppc64le.rpm pragha-plugins-devel-1.3.99.1-bp157.2.3.1.ppc64le.rpm thunar-archive-plugin-0.6.0-bp157.2.3.1.ppc64le.rpm thunar-archive-plugin-debuginfo-0.6.0-bp157.2.3.1.ppc64le.rpm thunar-archive-plugin-debugsource-0.6.0-bp157.2.3.1.ppc64le.rpm thunar-media-tags-plugin-0.6.0-bp157.2.3.1.ppc64le.rpm thunar-media-tags-plugin-debuginfo-0.6.0-bp157.2.3.1.ppc64le.rpm thunar-media-tags-plugin-debugsource-0.6.0-bp157.2.3.1.ppc64le.rpm thunar-shares-plugin-0.5.0-bp157.2.3.1.ppc64le.rpm thunar-shares-plugin-debuginfo-0.5.0-bp157.2.3.1.ppc64le.rpm thunar-shares-plugin-debugsource-0.5.0-bp157.2.3.1.ppc64le.rpm thunar-vcs-plugin-0.4.0-bp157.2.3.1.ppc64le.rpm thunar-vcs-plugin-debuginfo-0.4.0-bp157.2.3.1.ppc64le.rpm thunar-vcs-plugin-debugsource-0.4.0-bp157.2.3.1.ppc64le.rpm libthunarx-3-0-4.20.6-bp157.2.3.2.ppc64le.rpm libthunarx-3-0-debuginfo-4.20.6-bp157.2.3.2.ppc64le.rpm thunar-4.20.6-bp157.2.3.2.ppc64le.rpm thunar-debuginfo-4.20.6-bp157.2.3.2.ppc64le.rpm thunar-debugsource-4.20.6-bp157.2.3.2.ppc64le.rpm thunar-devel-4.20.6-bp157.2.3.2.ppc64le.rpm typelib-1_0-Thunarx-3_0-4.20.6-bp157.2.3.2.ppc64le.rpm libtumbler-1-0-4.20.1-bp157.3.3.1.ppc64le.rpm libtumbler-1-0-debuginfo-4.20.1-bp157.3.3.1.ppc64le.rpm tumbler-4.20.1-bp157.3.3.1.ppc64le.rpm tumbler-debuginfo-4.20.1-bp157.3.3.1.ppc64le.rpm tumbler-debugsource-4.20.1-bp157.3.3.1.ppc64le.rpm tumbler-devel-4.20.1-bp157.3.3.1.ppc64le.rpm xfburn-0.8.0-bp157.2.3.1.ppc64le.rpm xfburn-debuginfo-0.8.0-bp157.2.3.1.ppc64le.rpm xfburn-debugsource-0.8.0-bp157.2.3.1.ppc64le.rpm xfce4-battery-plugin-1.2.0-bp157.2.3.1.ppc64le.rpm xfce4-battery-plugin-debuginfo-1.2.0-bp157.2.3.1.ppc64le.rpm xfce4-battery-plugin-debugsource-1.2.0-bp157.2.3.1.ppc64le.rpm xfce4-calculator-plugin-0.8.0-bp157.2.3.1.ppc64le.rpm xfce4-calculator-plugin-debuginfo-0.8.0-bp157.2.3.1.ppc64le.rpm xfce4-calculator-plugin-debugsource-0.8.0-bp157.2.3.1.ppc64le.rpm xfce4-clipman-plugin-1.7.0-bp157.2.3.1.ppc64le.rpm xfce4-clipman-plugin-debuginfo-1.7.0-bp157.2.3.1.ppc64le.rpm xfce4-clipman-plugin-debugsource-1.7.0-bp157.2.3.1.ppc64le.rpm xfce4-cpufreq-plugin-1.3.0-bp157.2.3.2.ppc64le.rpm xfce4-cpufreq-plugin-debuginfo-1.3.0-bp157.2.3.2.ppc64le.rpm xfce4-cpufreq-plugin-debugsource-1.3.0-bp157.2.3.2.ppc64le.rpm xfce4-cpugraph-plugin-1.3.0-bp157.2.3.2.ppc64le.rpm xfce4-cpugraph-plugin-debuginfo-1.3.0-bp157.2.3.2.ppc64le.rpm xfce4-cpugraph-plugin-debugsource-1.3.0-bp157.2.3.2.ppc64le.rpm xfce4-dict-0.8.9-bp157.2.3.1.ppc64le.rpm xfce4-dict-debuginfo-0.8.9-bp157.2.3.1.ppc64le.rpm xfce4-dict-debugsource-0.8.9-bp157.2.3.1.ppc64le.rpm xfce4-panel-plugin-dict-0.8.9-bp157.2.3.1.ppc64le.rpm xfce4-panel-plugin-dict-debuginfo-0.8.9-bp157.2.3.1.ppc64le.rpm xfce4-diskperf-plugin-2.8.0-bp157.2.3.2.ppc64le.rpm xfce4-diskperf-plugin-debuginfo-2.8.0-bp157.2.3.2.ppc64le.rpm xfce4-diskperf-plugin-debugsource-2.8.0-bp157.2.3.2.ppc64le.rpm xfce4-docklike-plugin-0.5.0-bp157.2.3.2.ppc64le.rpm xfce4-docklike-plugin-debuginfo-0.5.0-bp157.2.3.2.ppc64le.rpm xfce4-docklike-plugin-debugsource-0.5.0-bp157.2.3.2.ppc64le.rpm xfce4-eyes-plugin-4.7.0-bp157.2.3.2.ppc64le.rpm xfce4-eyes-plugin-debuginfo-4.7.0-bp157.2.3.2.ppc64le.rpm xfce4-eyes-plugin-debugsource-4.7.0-bp157.2.3.2.ppc64le.rpm xfce4-fsguard-plugin-1.2.0-bp157.2.3.2.ppc64le.rpm xfce4-fsguard-plugin-debuginfo-1.2.0-bp157.2.3.2.ppc64le.rpm xfce4-fsguard-plugin-debugsource-1.2.0-bp157.2.3.2.ppc64le.rpm xfce4-genmon-plugin-4.3.0-bp157.2.3.2.ppc64le.rpm xfce4-genmon-plugin-debuginfo-4.3.0-bp157.2.3.2.ppc64le.rpm xfce4-genmon-plugin-debugsource-4.3.0-bp157.2.3.2.ppc64le.rpm xfce4-mailwatch-plugin-1.4.0-bp157.2.3.1.ppc64le.rpm xfce4-mailwatch-plugin-debuginfo-1.4.0-bp157.2.3.1.ppc64le.rpm xfce4-mailwatch-plugin-debugsource-1.4.0-bp157.2.3.1.ppc64le.rpm xfce4-mount-plugin-1.2.0-bp157.2.3.2.ppc64le.rpm xfce4-mount-plugin-debuginfo-1.2.0-bp157.2.3.2.ppc64le.rpm xfce4-mount-plugin-debugsource-1.2.0-bp157.2.3.2.ppc64le.rpm xfce4-mpc-plugin-0.6.0-bp157.2.3.2.ppc64le.rpm xfce4-mpc-plugin-debuginfo-0.6.0-bp157.2.3.2.ppc64le.rpm xfce4-mpc-plugin-debugsource-0.6.0-bp157.2.3.2.ppc64le.rpm xfce4-netload-plugin-1.5.0-bp157.2.3.2.ppc64le.rpm xfce4-netload-plugin-debuginfo-1.5.0-bp157.2.3.2.ppc64le.rpm xfce4-netload-plugin-debugsource-1.5.0-bp157.2.3.2.ppc64le.rpm xfce4-notes-plugin-1.12.0-bp157.2.3.2.ppc64le.rpm xfce4-notes-plugin-debuginfo-1.12.0-bp157.2.3.2.ppc64le.rpm xfce4-notes-plugin-debugsource-1.12.0-bp157.2.3.2.ppc64le.rpm libxfce4panel-2_0-4-4.20.5-bp157.2.3.1.ppc64le.rpm libxfce4panel-2_0-4-debuginfo-4.20.5-bp157.2.3.1.ppc64le.rpm typelib-1_0-Libxfce4panel-2_0-4.20.5-bp157.2.3.1.ppc64le.rpm xfce4-panel-4.20.5-bp157.2.3.1.ppc64le.rpm xfce4-panel-debuginfo-4.20.5-bp157.2.3.1.ppc64le.rpm xfce4-panel-debugsource-4.20.5-bp157.2.3.1.ppc64le.rpm xfce4-panel-devel-4.20.5-bp157.2.3.1.ppc64le.rpm xfce4-panel-restore-defaults-4.20.5-bp157.2.3.1.ppc64le.rpm xfce4-places-plugin-1.9.0-bp157.2.3.1.ppc64le.rpm xfce4-places-plugin-debuginfo-1.9.0-bp157.2.3.1.ppc64le.rpm xfce4-places-plugin-debugsource-1.9.0-bp157.2.3.1.ppc64le.rpm xfce4-screenshooter-1.11.2-bp157.2.3.1.ppc64le.rpm xfce4-screenshooter-debuginfo-1.11.2-bp157.2.3.1.ppc64le.rpm xfce4-screenshooter-debugsource-1.11.2-bp157.2.3.1.ppc64le.rpm xfce4-screenshooter-plugin-1.11.2-bp157.2.3.1.ppc64le.rpm xfce4-screenshooter-plugin-debuginfo-1.11.2-bp157.2.3.1.ppc64le.rpm xfce4-sensors-plugin-1.5.0-bp157.2.3.1.ppc64le.rpm xfce4-sensors-plugin-debuginfo-1.5.0-bp157.2.3.1.ppc64le.rpm xfce4-sensors-plugin-debugsource-1.5.0-bp157.2.3.1.ppc64le.rpm xfce4-session-4.20.3-bp157.2.3.1.ppc64le.rpm xfce4-session-debuginfo-4.20.3-bp157.2.3.1.ppc64le.rpm xfce4-session-debugsource-4.20.3-bp157.2.3.1.ppc64le.rpm xfce4-settings-4.20.2-bp157.2.3.1.ppc64le.rpm xfce4-settings-color-4.20.2-bp157.2.3.1.ppc64le.rpm xfce4-settings-color-debuginfo-4.20.2-bp157.2.3.1.ppc64le.rpm xfce4-settings-debuginfo-4.20.2-bp157.2.3.1.ppc64le.rpm xfce4-settings-debugsource-4.20.2-bp157.2.3.1.ppc64le.rpm xfce4-smartbookmark-plugin-0.6.0-bp157.2.3.1.ppc64le.rpm xfce4-smartbookmark-plugin-debuginfo-0.6.0-bp157.2.3.1.ppc64le.rpm xfce4-smartbookmark-plugin-debugsource-0.6.0-bp157.2.3.1.ppc64le.rpm xfce4-stopwatch-plugin-0.6.0-bp157.2.3.1.ppc64le.rpm xfce4-stopwatch-plugin-debuginfo-0.6.0-bp157.2.3.1.ppc64le.rpm xfce4-stopwatch-plugin-debugsource-0.6.0-bp157.2.3.1.ppc64le.rpm xfce4-systemload-plugin-1.4.0-bp157.2.3.1.ppc64le.rpm xfce4-systemload-plugin-debuginfo-1.4.0-bp157.2.3.1.ppc64le.rpm xfce4-systemload-plugin-debugsource-1.4.0-bp157.2.3.1.ppc64le.rpm xfce4-taskmanager-1.6.0-bp157.2.3.1.ppc64le.rpm xfce4-taskmanager-debuginfo-1.6.0-bp157.2.3.1.ppc64le.rpm xfce4-taskmanager-debugsource-1.6.0-bp157.2.3.1.ppc64le.rpm xfce4-time-out-plugin-1.2.0-bp157.2.3.1.ppc64le.rpm xfce4-time-out-plugin-debuginfo-1.2.0-bp157.2.3.1.ppc64le.rpm xfce4-time-out-plugin-debugsource-1.2.0-bp157.2.3.1.ppc64le.rpm xfce4-timer-plugin-1.8.0-bp157.2.3.1.ppc64le.rpm xfce4-timer-plugin-debuginfo-1.8.0-bp157.2.3.1.ppc64le.rpm xfce4-timer-plugin-debugsource-1.8.0-bp157.2.3.1.ppc64le.rpm xfce4-verve-plugin-2.1.0-bp157.2.3.1.ppc64le.rpm xfce4-verve-plugin-debuginfo-2.1.0-bp157.2.3.1.ppc64le.rpm xfce4-verve-plugin-debugsource-2.1.0-bp157.2.3.1.ppc64le.rpm xfce4-wavelan-plugin-0.7.0-bp157.2.3.1.ppc64le.rpm xfce4-wavelan-plugin-debuginfo-0.7.0-bp157.2.3.1.ppc64le.rpm xfce4-wavelan-plugin-debugsource-0.7.0-bp157.2.3.1.ppc64le.rpm xfce4-weather-plugin-0.12.0-bp157.2.3.1.ppc64le.rpm xfce4-weather-plugin-debuginfo-0.12.0-bp157.2.3.1.ppc64le.rpm xfce4-weather-plugin-debugsource-0.12.0-bp157.2.3.1.ppc64le.rpm xfce4-whiskermenu-plugin-2.10.0-bp157.2.3.1.ppc64le.rpm xfce4-whiskermenu-plugin-debuginfo-2.10.0-bp157.2.3.1.ppc64le.rpm xfce4-whiskermenu-plugin-debugsource-2.10.0-bp157.2.3.1.ppc64le.rpm xfce4-xkb-plugin-0.9.0-bp157.2.3.1.ppc64le.rpm xfce4-xkb-plugin-debuginfo-0.9.0-bp157.2.3.1.ppc64le.rpm xfce4-xkb-plugin-debugsource-0.9.0-bp157.2.3.1.ppc64le.rpm libxfdashboard0-1.1.0-bp157.3.3.1.ppc64le.rpm libxfdashboard0-debuginfo-1.1.0-bp157.3.3.1.ppc64le.rpm xfdashboard-1.1.0-bp157.3.3.1.ppc64le.rpm xfdashboard-debuginfo-1.1.0-bp157.3.3.1.ppc64le.rpm xfdashboard-debugsource-1.1.0-bp157.3.3.1.ppc64le.rpm xfdashboard-devel-1.1.0-bp157.3.3.1.ppc64le.rpm xfdesktop-4.20.1-bp157.2.3.1.ppc64le.rpm xfdesktop-debuginfo-4.20.1-bp157.2.3.1.ppc64le.rpm xfdesktop-debugsource-4.20.1-bp157.2.3.1.ppc64le.rpm xfmpc-0.4.0-bp157.2.3.1.ppc64le.rpm xfmpc-debuginfo-0.4.0-bp157.2.3.1.ppc64le.rpm xfmpc-debugsource-0.4.0-bp157.2.3.1.ppc64le.rpm gigolo-0.6.0-bp157.2.3.1.s390x.rpm gigolo-debuginfo-0.6.0-bp157.2.3.1.s390x.rpm gigolo-debugsource-0.6.0-bp157.2.3.1.s390x.rpm libxfce4kbd-private-3-0-4.20.2-bp157.2.3.1.s390x.rpm libxfce4kbd-private-3-0-debuginfo-4.20.2-bp157.2.3.1.s390x.rpm libxfce4ui-2-0-4.20.2-bp157.2.3.1.s390x.rpm libxfce4ui-2-0-debuginfo-4.20.2-bp157.2.3.1.s390x.rpm libxfce4ui-debuginfo-4.20.2-bp157.2.3.1.s390x.rpm libxfce4ui-debugsource-4.20.2-bp157.2.3.1.s390x.rpm libxfce4ui-devel-4.20.2-bp157.2.3.1.s390x.rpm libxfce4ui-devel-debuginfo-4.20.2-bp157.2.3.1.s390x.rpm libxfce4ui-tools-4.20.2-bp157.2.3.1.s390x.rpm libxfce4ui-tools-debuginfo-4.20.2-bp157.2.3.1.s390x.rpm typelib-1_0-Libxfce4ui-2_0-4.20.2-bp157.2.3.1.s390x.rpm libxfce4windowing-0-0-4.20.4-bp157.2.3.1.s390x.rpm libxfce4windowing-0-0-debuginfo-4.20.4-bp157.2.3.1.s390x.rpm libxfce4windowing-debuginfo-4.20.4-bp157.2.3.1.s390x.rpm libxfce4windowing-debugsource-4.20.4-bp157.2.3.1.s390x.rpm libxfce4windowing-devel-4.20.4-bp157.2.3.1.s390x.rpm libxfce4windowingui-0-0-4.20.4-bp157.2.3.1.s390x.rpm libxfce4windowingui-0-0-debuginfo-4.20.4-bp157.2.3.1.s390x.rpm typelib-1_0-Libxfce4windowing-0_0-4.20.4-bp157.2.3.1.s390x.rpm typelib-1_0-Libxfce4windowingui-0_0-4.20.4-bp157.2.3.1.s390x.rpm orage-4.20.2-bp157.2.3.1.s390x.rpm orage-debuginfo-4.20.2-bp157.2.3.1.s390x.rpm orage-debugsource-4.20.2-bp157.2.3.1.s390x.rpm parole-4.20.0-bp157.2.3.1.s390x.rpm parole-debuginfo-4.20.0-bp157.2.3.1.s390x.rpm parole-debugsource-4.20.0-bp157.2.3.1.s390x.rpm parole-devel-4.20.0-bp157.2.3.1.s390x.rpm pragha-1.3.99.1-bp157.2.3.1.s390x.rpm pragha-debuginfo-1.3.99.1-bp157.2.3.1.s390x.rpm pragha-debugsource-1.3.99.1-bp157.2.3.1.s390x.rpm pragha-plugins-1.3.99.1-bp157.2.3.1.s390x.rpm pragha-plugins-debuginfo-1.3.99.1-bp157.2.3.1.s390x.rpm pragha-plugins-devel-1.3.99.1-bp157.2.3.1.s390x.rpm thunar-archive-plugin-0.6.0-bp157.2.3.1.s390x.rpm thunar-archive-plugin-debuginfo-0.6.0-bp157.2.3.1.s390x.rpm thunar-archive-plugin-debugsource-0.6.0-bp157.2.3.1.s390x.rpm thunar-media-tags-plugin-0.6.0-bp157.2.3.1.s390x.rpm thunar-media-tags-plugin-debuginfo-0.6.0-bp157.2.3.1.s390x.rpm thunar-media-tags-plugin-debugsource-0.6.0-bp157.2.3.1.s390x.rpm thunar-shares-plugin-0.5.0-bp157.2.3.1.s390x.rpm thunar-shares-plugin-debuginfo-0.5.0-bp157.2.3.1.s390x.rpm thunar-shares-plugin-debugsource-0.5.0-bp157.2.3.1.s390x.rpm thunar-vcs-plugin-0.4.0-bp157.2.3.1.s390x.rpm thunar-vcs-plugin-debuginfo-0.4.0-bp157.2.3.1.s390x.rpm thunar-vcs-plugin-debugsource-0.4.0-bp157.2.3.1.s390x.rpm libthunarx-3-0-4.20.6-bp157.2.3.2.s390x.rpm libthunarx-3-0-debuginfo-4.20.6-bp157.2.3.2.s390x.rpm thunar-4.20.6-bp157.2.3.2.s390x.rpm thunar-debuginfo-4.20.6-bp157.2.3.2.s390x.rpm thunar-debugsource-4.20.6-bp157.2.3.2.s390x.rpm thunar-devel-4.20.6-bp157.2.3.2.s390x.rpm typelib-1_0-Thunarx-3_0-4.20.6-bp157.2.3.2.s390x.rpm libtumbler-1-0-4.20.1-bp157.3.3.1.s390x.rpm libtumbler-1-0-debuginfo-4.20.1-bp157.3.3.1.s390x.rpm tumbler-4.20.1-bp157.3.3.1.s390x.rpm tumbler-debuginfo-4.20.1-bp157.3.3.1.s390x.rpm tumbler-debugsource-4.20.1-bp157.3.3.1.s390x.rpm tumbler-devel-4.20.1-bp157.3.3.1.s390x.rpm xfburn-0.8.0-bp157.2.3.1.s390x.rpm xfburn-debuginfo-0.8.0-bp157.2.3.1.s390x.rpm xfburn-debugsource-0.8.0-bp157.2.3.1.s390x.rpm xfce4-battery-plugin-1.2.0-bp157.2.3.1.s390x.rpm xfce4-battery-plugin-debuginfo-1.2.0-bp157.2.3.1.s390x.rpm xfce4-battery-plugin-debugsource-1.2.0-bp157.2.3.1.s390x.rpm xfce4-calculator-plugin-0.8.0-bp157.2.3.1.s390x.rpm xfce4-calculator-plugin-debuginfo-0.8.0-bp157.2.3.1.s390x.rpm xfce4-calculator-plugin-debugsource-0.8.0-bp157.2.3.1.s390x.rpm xfce4-clipman-plugin-1.7.0-bp157.2.3.1.s390x.rpm xfce4-clipman-plugin-debuginfo-1.7.0-bp157.2.3.1.s390x.rpm xfce4-clipman-plugin-debugsource-1.7.0-bp157.2.3.1.s390x.rpm xfce4-cpufreq-plugin-1.3.0-bp157.2.3.2.s390x.rpm xfce4-cpufreq-plugin-debuginfo-1.3.0-bp157.2.3.2.s390x.rpm xfce4-cpufreq-plugin-debugsource-1.3.0-bp157.2.3.2.s390x.rpm xfce4-cpugraph-plugin-1.3.0-bp157.2.3.2.s390x.rpm xfce4-cpugraph-plugin-debuginfo-1.3.0-bp157.2.3.2.s390x.rpm xfce4-cpugraph-plugin-debugsource-1.3.0-bp157.2.3.2.s390x.rpm xfce4-dict-0.8.9-bp157.2.3.1.s390x.rpm xfce4-dict-debuginfo-0.8.9-bp157.2.3.1.s390x.rpm xfce4-dict-debugsource-0.8.9-bp157.2.3.1.s390x.rpm xfce4-panel-plugin-dict-0.8.9-bp157.2.3.1.s390x.rpm xfce4-panel-plugin-dict-debuginfo-0.8.9-bp157.2.3.1.s390x.rpm xfce4-diskperf-plugin-2.8.0-bp157.2.3.2.s390x.rpm xfce4-diskperf-plugin-debuginfo-2.8.0-bp157.2.3.2.s390x.rpm xfce4-diskperf-plugin-debugsource-2.8.0-bp157.2.3.2.s390x.rpm xfce4-docklike-plugin-0.5.0-bp157.2.3.2.s390x.rpm xfce4-docklike-plugin-debuginfo-0.5.0-bp157.2.3.2.s390x.rpm xfce4-docklike-plugin-debugsource-0.5.0-bp157.2.3.2.s390x.rpm xfce4-eyes-plugin-4.7.0-bp157.2.3.2.s390x.rpm xfce4-eyes-plugin-debuginfo-4.7.0-bp157.2.3.2.s390x.rpm xfce4-eyes-plugin-debugsource-4.7.0-bp157.2.3.2.s390x.rpm xfce4-fsguard-plugin-1.2.0-bp157.2.3.2.s390x.rpm xfce4-fsguard-plugin-debuginfo-1.2.0-bp157.2.3.2.s390x.rpm xfce4-fsguard-plugin-debugsource-1.2.0-bp157.2.3.2.s390x.rpm xfce4-genmon-plugin-4.3.0-bp157.2.3.2.s390x.rpm xfce4-genmon-plugin-debuginfo-4.3.0-bp157.2.3.2.s390x.rpm xfce4-genmon-plugin-debugsource-4.3.0-bp157.2.3.2.s390x.rpm xfce4-mailwatch-plugin-1.4.0-bp157.2.3.1.s390x.rpm xfce4-mailwatch-plugin-debuginfo-1.4.0-bp157.2.3.1.s390x.rpm xfce4-mailwatch-plugin-debugsource-1.4.0-bp157.2.3.1.s390x.rpm xfce4-mount-plugin-1.2.0-bp157.2.3.2.s390x.rpm xfce4-mount-plugin-debuginfo-1.2.0-bp157.2.3.2.s390x.rpm xfce4-mount-plugin-debugsource-1.2.0-bp157.2.3.2.s390x.rpm xfce4-mpc-plugin-0.6.0-bp157.2.3.2.s390x.rpm xfce4-mpc-plugin-debuginfo-0.6.0-bp157.2.3.2.s390x.rpm xfce4-mpc-plugin-debugsource-0.6.0-bp157.2.3.2.s390x.rpm xfce4-netload-plugin-1.5.0-bp157.2.3.2.s390x.rpm xfce4-netload-plugin-debuginfo-1.5.0-bp157.2.3.2.s390x.rpm xfce4-netload-plugin-debugsource-1.5.0-bp157.2.3.2.s390x.rpm xfce4-notes-plugin-1.12.0-bp157.2.3.2.s390x.rpm xfce4-notes-plugin-debuginfo-1.12.0-bp157.2.3.2.s390x.rpm xfce4-notes-plugin-debugsource-1.12.0-bp157.2.3.2.s390x.rpm libxfce4panel-2_0-4-4.20.5-bp157.2.3.1.s390x.rpm libxfce4panel-2_0-4-debuginfo-4.20.5-bp157.2.3.1.s390x.rpm typelib-1_0-Libxfce4panel-2_0-4.20.5-bp157.2.3.1.s390x.rpm xfce4-panel-4.20.5-bp157.2.3.1.s390x.rpm xfce4-panel-debuginfo-4.20.5-bp157.2.3.1.s390x.rpm xfce4-panel-debugsource-4.20.5-bp157.2.3.1.s390x.rpm xfce4-panel-devel-4.20.5-bp157.2.3.1.s390x.rpm xfce4-panel-restore-defaults-4.20.5-bp157.2.3.1.s390x.rpm xfce4-places-plugin-1.9.0-bp157.2.3.1.s390x.rpm xfce4-places-plugin-debuginfo-1.9.0-bp157.2.3.1.s390x.rpm xfce4-places-plugin-debugsource-1.9.0-bp157.2.3.1.s390x.rpm xfce4-screenshooter-1.11.2-bp157.2.3.1.s390x.rpm xfce4-screenshooter-debuginfo-1.11.2-bp157.2.3.1.s390x.rpm xfce4-screenshooter-debugsource-1.11.2-bp157.2.3.1.s390x.rpm xfce4-screenshooter-plugin-1.11.2-bp157.2.3.1.s390x.rpm xfce4-screenshooter-plugin-debuginfo-1.11.2-bp157.2.3.1.s390x.rpm xfce4-session-4.20.3-bp157.2.3.1.s390x.rpm xfce4-session-debuginfo-4.20.3-bp157.2.3.1.s390x.rpm xfce4-session-debugsource-4.20.3-bp157.2.3.1.s390x.rpm xfce4-settings-4.20.2-bp157.2.3.1.s390x.rpm xfce4-settings-color-4.20.2-bp157.2.3.1.s390x.rpm xfce4-settings-color-debuginfo-4.20.2-bp157.2.3.1.s390x.rpm xfce4-settings-debuginfo-4.20.2-bp157.2.3.1.s390x.rpm xfce4-settings-debugsource-4.20.2-bp157.2.3.1.s390x.rpm xfce4-smartbookmark-plugin-0.6.0-bp157.2.3.1.s390x.rpm xfce4-smartbookmark-plugin-debuginfo-0.6.0-bp157.2.3.1.s390x.rpm xfce4-smartbookmark-plugin-debugsource-0.6.0-bp157.2.3.1.s390x.rpm xfce4-stopwatch-plugin-0.6.0-bp157.2.3.1.s390x.rpm xfce4-stopwatch-plugin-debuginfo-0.6.0-bp157.2.3.1.s390x.rpm xfce4-stopwatch-plugin-debugsource-0.6.0-bp157.2.3.1.s390x.rpm xfce4-systemload-plugin-1.4.0-bp157.2.3.1.s390x.rpm xfce4-systemload-plugin-debuginfo-1.4.0-bp157.2.3.1.s390x.rpm xfce4-systemload-plugin-debugsource-1.4.0-bp157.2.3.1.s390x.rpm xfce4-taskmanager-1.6.0-bp157.2.3.1.s390x.rpm xfce4-taskmanager-debuginfo-1.6.0-bp157.2.3.1.s390x.rpm xfce4-taskmanager-debugsource-1.6.0-bp157.2.3.1.s390x.rpm xfce4-time-out-plugin-1.2.0-bp157.2.3.1.s390x.rpm xfce4-time-out-plugin-debuginfo-1.2.0-bp157.2.3.1.s390x.rpm xfce4-time-out-plugin-debugsource-1.2.0-bp157.2.3.1.s390x.rpm xfce4-timer-plugin-1.8.0-bp157.2.3.1.s390x.rpm xfce4-timer-plugin-debuginfo-1.8.0-bp157.2.3.1.s390x.rpm xfce4-timer-plugin-debugsource-1.8.0-bp157.2.3.1.s390x.rpm xfce4-verve-plugin-2.1.0-bp157.2.3.1.s390x.rpm xfce4-verve-plugin-debuginfo-2.1.0-bp157.2.3.1.s390x.rpm xfce4-verve-plugin-debugsource-2.1.0-bp157.2.3.1.s390x.rpm xfce4-wavelan-plugin-0.7.0-bp157.2.3.1.s390x.rpm xfce4-wavelan-plugin-debuginfo-0.7.0-bp157.2.3.1.s390x.rpm xfce4-wavelan-plugin-debugsource-0.7.0-bp157.2.3.1.s390x.rpm xfce4-weather-plugin-0.12.0-bp157.2.3.1.s390x.rpm xfce4-weather-plugin-debuginfo-0.12.0-bp157.2.3.1.s390x.rpm xfce4-weather-plugin-debugsource-0.12.0-bp157.2.3.1.s390x.rpm xfce4-whiskermenu-plugin-2.10.0-bp157.2.3.1.s390x.rpm xfce4-whiskermenu-plugin-debuginfo-2.10.0-bp157.2.3.1.s390x.rpm xfce4-whiskermenu-plugin-debugsource-2.10.0-bp157.2.3.1.s390x.rpm xfce4-xkb-plugin-0.9.0-bp157.2.3.1.s390x.rpm xfce4-xkb-plugin-debuginfo-0.9.0-bp157.2.3.1.s390x.rpm xfce4-xkb-plugin-debugsource-0.9.0-bp157.2.3.1.s390x.rpm libxfdashboard0-1.1.0-bp157.3.3.1.s390x.rpm libxfdashboard0-debuginfo-1.1.0-bp157.3.3.1.s390x.rpm xfdashboard-1.1.0-bp157.3.3.1.s390x.rpm xfdashboard-debuginfo-1.1.0-bp157.3.3.1.s390x.rpm xfdashboard-debugsource-1.1.0-bp157.3.3.1.s390x.rpm xfdashboard-devel-1.1.0-bp157.3.3.1.s390x.rpm xfdesktop-4.20.1-bp157.2.3.1.s390x.rpm xfdesktop-debuginfo-4.20.1-bp157.2.3.1.s390x.rpm xfdesktop-debugsource-4.20.1-bp157.2.3.1.s390x.rpm xfmpc-0.4.0-bp157.2.3.1.s390x.rpm xfmpc-debuginfo-0.4.0-bp157.2.3.1.s390x.rpm xfmpc-debugsource-0.4.0-bp157.2.3.1.s390x.rpm openSUSE-2025-423 important openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: - Chromium 142.0.7444.134 (boo#1253089): * CVE-2025-12725: Out of bounds write in WebGPU * CVE-2025-12726: Inappropriate implementation in Views * CVE-2025-12727: Inappropriate implementation in V8 * CVE-2025-12728: Inappropriate implementation in Omnibox * CVE-2025-12729: Inappropriate implementation in Omnibox chromedriver-142.0.7444.134-bp157.2.79.1.x86_64.rpm chromium-142.0.7444.134-bp157.2.79.1.nosrc.rpm chromium-142.0.7444.134-bp157.2.79.1.x86_64.rpm chromedriver-142.0.7444.134-bp157.2.79.1.aarch64.rpm chromium-142.0.7444.134-bp157.2.79.1.aarch64.rpm chromedriver-142.0.7444.134-bp157.2.79.1.ppc64le.rpm chromium-142.0.7444.134-bp157.2.79.1.ppc64le.rpm openSUSE-2025-428 important openSUSE Backports SLE-15-SP7 Update This update for python-pdfminer.six fixes the following issues: - CVE-2025-64512: Fixed executing of arbitrary code from a malicious pickle file (bsc#1253228). python-pdfminer.six-20200124-bp157.2.3.1.src.rpm python3-pdfminer.six-20200124-bp157.2.3.1.noarch.rpm openSUSE-2025-430 important openSUSE Backports SLE-15-SP7 Update Chromium was updated to 142.0.7444.162 (boo#1253267) to fix: * CVE-2025-13042: Inappropriate implementation in V8 chromedriver-142.0.7444.162-bp157.2.82.1.x86_64.rpm chromium-142.0.7444.162-bp157.2.82.1.nosrc.rpm chromium-142.0.7444.162-bp157.2.82.1.x86_64.rpm chromedriver-142.0.7444.162-bp157.2.82.1.aarch64.rpm chromium-142.0.7444.162-bp157.2.82.1.aarch64.rpm chromedriver-142.0.7444.162-bp157.2.82.1.ppc64le.rpm chromium-142.0.7444.162-bp157.2.82.1.ppc64le.rpm openSUSE-2025-431 moderate openSUSE Backports SLE-15-SP7 Update This update for nmon fixes the following issues: - update to 16q: * bugfixes - update to 16p: * Small improvements to on-screen use only : + CLI -B and GUI 'B' to toggle boxes around stats. + CLI -^ and '^' to change units for Disk I/O KB/s -> MB/s -> GB/s. This happen temporarily too if the size of the statistic will not fit on-scree. * Code changed to ensure clean compile for GCC 12 HAMA servers) and small fixes snprintf/strncpy. * POWER pool_capacity now correctly divided by 100. * Online view POWER Welcome panel on POWER reports the top MHz Small changes only: mode with "-J" stats (m) * Boottime shown online in the Kernel "k" panel * Utilisation stats: /proc/stat now reports 10 Utilisation stats * Bug caused Seg Faults core dumps fixed while collecting to a * Fix: Improved memory handling for extreme numbers of processes (1000's) or rapid exec of processes (100's in a millisecond) for large Linux servers. We have examples on Intel of 80 CPU * Online Dot "." command no longer also changes what is displayed as users said it was confusing. * Minor online start-up flash screen text changes to include C concise CPU stats and U for full Utilisation stats (all 10 of them) instead of a file. * Copyright and GPL v3 notice in the code plus online "h" and * Source code re-indented. * Fixes for Welcome screen on Mainframe * Fixed for Curses handling when collecting data to file - big bug for main frame and x86. * Fixes for Welcome screen on Mainframe * Fixed for Curses handling when collecting data to file - big bug for main frame and x86. + You need a S822LC With NVIDIA GPU(s) and Nvidia Library installed libnvidia-ml.so * CPU Wide View - online view for up to 192 CPUs * CPU MHz per Core ratings for machine that allow cores with different MHz - online & saved to file * lscpu stats capture - online & to file * Z experiment mode showing CPU interrupts - Renamed U stats in version 16b - online only * Online colourising stats to aid usability - online only * Massive improvement in help information: nmon -? and nmon -h * Code change to alphabetic order for getopt() and key input * New nmon logo on flash screen - online only * Extra kernel stats - online only nmon-16q-bp157.2.3.1.src.rpm nmon-16q-bp157.2.3.1.x86_64.rpm nmon-16q-bp157.2.3.1.i586.rpm nmon-16q-bp157.2.3.1.aarch64.rpm nmon-16q-bp157.2.3.1.ppc64le.rpm nmon-16q-bp157.2.3.1.s390x.rpm openSUSE-2025-456 low openSUSE Backports SLE-15-SP7 Update This update for rust-bindgen provides version 0.72.0, a build dependency of an upcoming version of Chromium (boo#1253246). rust-bindgen-0.72.0-bp157.2.3.2.src.rpm rust-bindgen-0.72.0-bp157.2.3.2.x86_64.rpm rust-bindgen-debuginfo-0.72.0-bp157.2.3.2.x86_64.rpm rust-bindgen-debugsource-0.72.0-bp157.2.3.2.x86_64.rpm rust-bindgen-0.72.0-bp157.2.3.2.i586.rpm rust-bindgen-debuginfo-0.72.0-bp157.2.3.2.i586.rpm rust-bindgen-debugsource-0.72.0-bp157.2.3.2.i586.rpm rust-bindgen-0.72.0-bp157.2.3.2.aarch64.rpm rust-bindgen-debuginfo-0.72.0-bp157.2.3.2.aarch64.rpm rust-bindgen-debugsource-0.72.0-bp157.2.3.2.aarch64.rpm rust-bindgen-0.72.0-bp157.2.3.2.ppc64le.rpm rust-bindgen-debuginfo-0.72.0-bp157.2.3.2.ppc64le.rpm rust-bindgen-debugsource-0.72.0-bp157.2.3.2.ppc64le.rpm rust-bindgen-0.72.0-bp157.2.3.2.s390x.rpm rust-bindgen-debuginfo-0.72.0-bp157.2.3.2.s390x.rpm rust-bindgen-debugsource-0.72.0-bp157.2.3.2.s390x.rpm openSUSE-2025-434 important openSUSE Backports SLE-15-SP7 Update This update for chromium 142.0.7444.175 (boo#1253698) fixes the following issues: * CVE-2025-13223: Type Confusion in V8 * CVE-2025-13224: Type Confusion in V8 chromedriver-142.0.7444.175-bp157.2.85.1.x86_64.rpm chromium-142.0.7444.175-bp157.2.85.1.nosrc.rpm chromium-142.0.7444.175-bp157.2.85.1.x86_64.rpm chromedriver-142.0.7444.175-bp157.2.85.1.aarch64.rpm chromium-142.0.7444.175-bp157.2.85.1.aarch64.rpm chromedriver-142.0.7444.175-bp157.2.85.1.ppc64le.rpm chromium-142.0.7444.175-bp157.2.85.1.ppc64le.rpm openSUSE-2025-435 moderate openSUSE Backports SLE-15-SP7 Update This update for monitoring-plugins, monitoring-plugins-smb fixes the following issues: monitoring-plugins is reintroduced in version 2.4.0. Changes in monitoring-plugins-smb: - Renamed package to monitoring-plugins-smb monitoring-plugins-2.4.0-bp157.2.1.src.rpm monitoring-plugins-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-all-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-breeze-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-by_ssh-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-cluster-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-common-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-cups-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-curl-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-dbi-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-dbi-mysql-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-dbi-pgsql-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-dbi-sqlite3-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-dhcp-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-dig-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-disk-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-disk_smb-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-dns-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-dummy-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-extras-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-file_age-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-flexlm-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-fping-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-hpjd-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-http-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-icmp-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-ide_smart-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-ifoperstatus-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-ifstatus-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-ircd-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-ldap-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-load-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-log-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-mailq-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-mrtg-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-mrtgtraf-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-mysql-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-nagios-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-nt-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-ntp_peer-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-ntp_time-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-nwstat-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-oracle-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-overcr-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-pgsql-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-ping-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-procs-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-radius-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-real-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-rpc-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-sensors-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-smtp-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-snmp-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-ssh-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-swap-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-tcp-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-time-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-ups-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-uptime-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-users-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-wave-2.4.0-bp157.2.1.x86_64.rpm monitoring-plugins-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-all-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-breeze-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-by_ssh-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-cluster-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-common-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-cups-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-curl-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-dbi-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-dbi-mysql-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-dbi-pgsql-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-dbi-sqlite3-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-dhcp-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-dig-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-disk-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-disk_smb-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-dns-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-dummy-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-extras-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-file_age-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-flexlm-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-fping-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-hpjd-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-http-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-icmp-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-ide_smart-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-ifoperstatus-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-ifstatus-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-ircd-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-ldap-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-load-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-log-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-mailq-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-mrtg-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-mrtgtraf-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-mysql-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-nagios-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-nt-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-ntp_peer-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-ntp_time-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-nwstat-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-oracle-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-overcr-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-pgsql-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-ping-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-procs-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-radius-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-real-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-rpc-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-sensors-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-smtp-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-snmp-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-ssh-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-swap-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-tcp-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-time-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-ups-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-uptime-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-users-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-wave-2.4.0-bp157.2.1.i586.rpm monitoring-plugins-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-all-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-breeze-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-by_ssh-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-cluster-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-common-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-cups-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-curl-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-dbi-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-dbi-mysql-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-dbi-pgsql-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-dbi-sqlite3-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-dhcp-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-dig-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-disk-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-disk_smb-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-dns-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-dummy-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-extras-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-file_age-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-flexlm-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-fping-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-hpjd-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-http-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-icmp-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-ide_smart-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-ifoperstatus-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-ifstatus-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-ircd-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-ldap-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-load-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-log-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-mailq-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-mrtg-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-mrtgtraf-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-mysql-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-nagios-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-nt-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-ntp_peer-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-ntp_time-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-nwstat-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-oracle-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-overcr-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-pgsql-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-ping-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-procs-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-radius-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-real-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-rpc-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-sensors-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-smtp-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-snmp-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-ssh-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-swap-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-tcp-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-time-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-ups-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-uptime-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-users-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-wave-2.4.0-bp157.2.1.aarch64.rpm monitoring-plugins-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-all-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-breeze-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-by_ssh-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-cluster-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-common-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-cups-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-curl-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-dbi-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-dbi-mysql-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-dbi-pgsql-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-dbi-sqlite3-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-dhcp-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-dig-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-disk-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-disk_smb-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-dns-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-dummy-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-extras-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-file_age-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-flexlm-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-fping-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-hpjd-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-http-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-icmp-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-ide_smart-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-ifoperstatus-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-ifstatus-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-ircd-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-ldap-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-load-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-log-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-mailq-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-mrtg-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-mrtgtraf-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-mysql-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-nagios-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-nt-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-ntp_peer-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-ntp_time-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-nwstat-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-oracle-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-overcr-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-pgsql-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-ping-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-procs-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-radius-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-real-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-rpc-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-sensors-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-smtp-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-snmp-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-ssh-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-swap-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-tcp-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-time-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-ups-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-uptime-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-users-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-wave-2.4.0-bp157.2.1.ppc64le.rpm monitoring-plugins-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-all-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-breeze-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-by_ssh-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-cluster-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-common-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-cups-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-curl-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-dbi-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-dbi-mysql-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-dbi-pgsql-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-dbi-sqlite3-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-dhcp-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-dig-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-disk-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-disk_smb-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-dns-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-dummy-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-extras-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-file_age-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-flexlm-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-fping-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-hpjd-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-http-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-icmp-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-ide_smart-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-ifoperstatus-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-ifstatus-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-ircd-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-ldap-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-load-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-log-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-mailq-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-mrtg-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-mrtgtraf-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-mysql-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-nagios-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-nt-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-ntp_peer-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-ntp_time-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-nwstat-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-oracle-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-overcr-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-pgsql-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-ping-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-procs-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-radius-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-real-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-rpc-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-smtp-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-snmp-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-ssh-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-swap-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-tcp-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-time-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-ups-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-uptime-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-users-2.4.0-bp157.2.1.s390x.rpm monitoring-plugins-wave-2.4.0-bp157.2.1.s390x.rpm openSUSE-2025-441 moderate openSUSE Backports SLE-15-SP7 Update This update for kanidm fixes the following issues: - Update to version 1.8.0~git0.42d0e864c: * Release 1.8.0 * 20251108 lld (#3944) * Improve uid/gid overlap message during IAM migration (#3943) * Release 1.8.0-pre * Release Prep (#3938) * 20251029 hmac name uniqueness (#3931) * sssshhhhh quiet there. (#3906) * Add support for proxyv1 (#3935) * 20251031 nss sync conn persist (#3921) * Improve offline authentication (#3934) * 20251005 multiple accept (#3933) * Add CSS to support forced-colors on the toggle switch (#3932) * Prevent replication certificate renewal deadlock * fix: ensure CLI exits with non-zero code on HTTP client errors (#3929) * Bump the all group with 5 updates (#3927) * 20251015 OIDC auth source (#3905) * Bump the all group with 2 updates (#3913) * Bump the all group with 2 updates (#3914) * Prevent users saving their credentials if there are none (#3805) * Fix passkey typos (#3907) * fix: Replace letter "d" by sink (#3909) * Bump the all group with 33 updates (#3898) * Fix: set OAuth2 JTI to session ID (#3901) * Open app links in new tabs (#3899) * 20251009 account/group schema changes (#3880) * [fix] Mail attribute on service accounts not accessible (#3893) * Correct RADIUS API token generation examples (#3890) * Foundations of message sending (#3878) * 20251010 drop eckeys (#3882) * Remove systemd notify-reload. (#3885) * Bump the all group with 3 updates (#3884) * 20250801 reference entries (#3863) * 20251009 3829 OIDC groups (#3879) * Bump the all group with 5 updates (#3876) * 20251003 im silly (#3874) * When no upgrade checks are performed, issue a status: PASS (#3873) * Example of ipv4 to ipv6 addr mapping. (#3871) * 20250919 csp again (#3856) * client_secret_post auth for oauth2 endpoints (#3833) * Fix some CLI things (#3870) * Bump the all group with 6 updates (#3869) * Use connection address for Proxy::Local Requests (#3868) * Dont prevalidate UAT on oauth2 routes (#3865) * Backup Compression (#3821) * fix: always throw error when pam_allowed_login_groups is empty in Kanidm unixd (#3840) * update oauth2 outline config example (#3826) * Syntax errors in openapi.json (#3859) * fix: stop duplicating logs in otel mode (#3704) * Update fedora docs, start to add authselect profile (#3806) * Document oauth2 shortnames in book (#3857) * Bump the all group with 9 updates (#3861) * fix: Revert adding fetching ui hints to the reset-credentials flow. (#3831) * 20250912 unixd performance (#3846) * Fix readme file for better readability (#3775) * Updates for rust 1.90 (#3855) * Add password check api (#3847) * Bump the all group with 3 updates (#3853) * Add form-action localhost to csp (#3849) * Bump the all group across 1 directory with 8 updates (#3845) * Bump actions/setup-python from 5 to 6 in the all group (#3842) * docs: Don't enable unixd Kanidm provider in safe default config (#3839) * Add yescrypt support (#3844) * fix: spelling (#3841) * Bump the all group with 2 updates (#3836) * Bump tracing-subscriber from 0.3.19 to 0.3.20 in the cargo group (#3832) * CLI gardening (#3819) * Bump the all group with 7 updates (#3823) * Bump actions/upload-pages-artifact from 3 to 4 in the all group (#3824) * Prevent memory exhaustion on freebsd builds (#3818) * Make it clearer why acceptor isnt available (#3812) * Minor: reduce logging verbosity during debug (#3810) * Handle IP addresses in replication SAN field (#3811) * Update to use the codec properly (#3807) * Show the admin page in the navbar when the user has experiment ui hint. (#3793) * Bump actions/checkout from 4 to 5 in the all group (#3803) * Bump the all group with 5 updates (#3804) * Update whatwg email validation regex (#3797) * Fix account recover-disable edge case (#3796) * Dynamic version for centos/fedora repository (#3794) * Resolve replication show-cert issue (#3792) * Add json codec wrapper for unix integration (#3789) * Break-glass account disable command (#3780) * Bump the all group across 1 directory with 11 updates (#3790) * Bump slab from 0.4.10 to 0.4.11 in the cargo group (#3788) * [webui] add members to group (#3786) * Bump actions/download-artifact from 4 to 5 in the all group (#3785) * Make it clearer why the user can't login with unixd (#3778) * fix: bump HSTS age to 2 years + 1 second (#3779) * updating packages (#3774) * Improve argon2id parameter search speed (#3768) * Improve error messages during server startup to identify failing cert… (#3771) * Update docs re PA and google (#3772) * Forget username if user no longer wants to be remembered (#3770) * 20250802 handle sec1 keys (#3769) * Trying to clean up order of operations in kanidm_unixd_tasks (#3762) * Bump the all group with 7 updates (#3764) * Provide correct access for RADIUS service accounts (#3759) * Fix a couple of commands in the OAuth2 Proxy examples (#3758) * Design doc for email messaging (#3729) * 20250725 unixd access token (#3751) * 20250729 dev version (#3757) kanidm-1.8.0~git0.42d0e864c-bp157.2.18.1.src.rpm kanidm-1.8.0~git0.42d0e864c-bp157.2.18.1.x86_64.rpm kanidm-clients-1.8.0~git0.42d0e864c-bp157.2.18.1.x86_64.rpm kanidm-docs-1.8.0~git0.42d0e864c-bp157.2.18.1.x86_64.rpm kanidm-server-1.8.0~git0.42d0e864c-bp157.2.18.1.x86_64.rpm kanidm-unixd-clients-1.8.0~git0.42d0e864c-bp157.2.18.1.x86_64.rpm kanidm-1.8.0~git0.42d0e864c-bp157.2.18.1.aarch64.rpm kanidm-clients-1.8.0~git0.42d0e864c-bp157.2.18.1.aarch64.rpm kanidm-docs-1.8.0~git0.42d0e864c-bp157.2.18.1.aarch64.rpm kanidm-server-1.8.0~git0.42d0e864c-bp157.2.18.1.aarch64.rpm kanidm-unixd-clients-1.8.0~git0.42d0e864c-bp157.2.18.1.aarch64.rpm openSUSE-2025-437 important openSUSE Backports SLE-15-SP7 Update This update for act fixes the following issues: - CVE-2025-47913: Prevent panic in embedded golang.org/x/crypto/ssh/agent client when receiving unexpected message types for key listing or signing requests by returning a descriptive error instead. (boo#1253608) act-0.2.45-bp157.3.3.1.src.rpm act-0.2.45-bp157.3.3.1.x86_64.rpm act-0.2.45-bp157.3.3.1.i586.rpm act-0.2.45-bp157.3.3.1.aarch64.rpm act-0.2.45-bp157.3.3.1.ppc64le.rpm act-0.2.45-bp157.3.3.1.s390x.rpm openSUSE-2025-444 moderate openSUSE Backports SLE-15-SP7 Update This update for monitoring-plugins-smb fixes the following issues: - Introduces monitoring-plugins-smb monitoring-plugins-smb-1.0-bp157.2.1.src.rpm monitoring-plugins-smb-1.0-bp157.2.1.x86_64.rpm monitoring-plugins-smb-1.0-bp157.2.1.i586.rpm monitoring-plugins-smb-1.0-bp157.2.1.aarch64.rpm monitoring-plugins-smb-1.0-bp157.2.1.ppc64le.rpm monitoring-plugins-smb-1.0-bp157.2.1.s390x.rpm openSUSE-2025-445 moderate openSUSE Backports SLE-15-SP7 Update This update for obs-service-cargo fixes the following issues: - Introduce obs-service-cargo version 7.2.0. obs-service-cargo-7.2.0-bp157.2.1.src.rpm obs-service-cargo-7.2.0-bp157.2.1.x86_64.rpm obs-service-cargo-7.2.0-bp157.2.1.i586.rpm obs-service-cargo-7.2.0-bp157.2.1.aarch64.rpm obs-service-cargo-7.2.0-bp157.2.1.ppc64le.rpm obs-service-cargo-7.2.0-bp157.2.1.s390x.rpm openSUSE-2025-438 important openSUSE Backports SLE-15-SP7 Update This update for libebml fixes the following issues: - update to 1.4.5 (boo#1218432, CVE-2023-52339): * Fix invalid memory access (reading beyond allocated memory) due to missing integer overflow check. libebml-1.4.5-bp157.2.3.1.src.rpm libebml-debugsource-1.4.5-bp157.2.3.1.x86_64.rpm libebml-devel-1.4.5-bp157.2.3.1.x86_64.rpm libebml5-1.4.5-bp157.2.3.1.x86_64.rpm libebml5-debuginfo-1.4.5-bp157.2.3.1.x86_64.rpm libebml-debugsource-1.4.5-bp157.2.3.1.i586.rpm libebml-devel-1.4.5-bp157.2.3.1.i586.rpm libebml5-1.4.5-bp157.2.3.1.i586.rpm libebml5-32bit-1.4.5-bp157.2.3.1.x86_64.rpm libebml5-32bit-debuginfo-1.4.5-bp157.2.3.1.x86_64.rpm libebml5-debuginfo-1.4.5-bp157.2.3.1.i586.rpm libebml-debugsource-1.4.5-bp157.2.3.1.aarch64.rpm libebml-devel-1.4.5-bp157.2.3.1.aarch64.rpm libebml5-1.4.5-bp157.2.3.1.aarch64.rpm libebml5-64bit-1.4.5-bp157.2.3.1.aarch64_ilp32.rpm libebml5-64bit-debuginfo-1.4.5-bp157.2.3.1.aarch64_ilp32.rpm libebml5-debuginfo-1.4.5-bp157.2.3.1.aarch64.rpm libebml-debugsource-1.4.5-bp157.2.3.1.ppc64le.rpm libebml-devel-1.4.5-bp157.2.3.1.ppc64le.rpm libebml5-1.4.5-bp157.2.3.1.ppc64le.rpm libebml5-debuginfo-1.4.5-bp157.2.3.1.ppc64le.rpm libebml-debugsource-1.4.5-bp157.2.3.1.s390x.rpm libebml-devel-1.4.5-bp157.2.3.1.s390x.rpm libebml5-1.4.5-bp157.2.3.1.s390x.rpm libebml5-debuginfo-1.4.5-bp157.2.3.1.s390x.rpm openSUSE-2025-448 moderate openSUSE Backports SLE-15-SP7 Update This update for unison fixes the following issues: - Update to version 2.53.8 * Add ability to use reflinking instead of copying * Experimental default-off support to detect moves/renames - Update to verison 2.53.7 * Time remaining, when over 24h, shown as days and HMS instead of just HMS. * Stop using deprecated [GdkPixbuf.from_xpm_data] (avoids problems with some versions of gdkpixbuf). Attempt to avoid soundness issues with lablgtk while doing so. * Deprecation warning: support for external rsync will be removed unison-2.53.8-bp157.2.3.1.src.rpm unison-2.53.8-bp157.2.3.1.x86_64.rpm unison-text-2.53.8-bp157.2.3.1.x86_64.rpm unison-doc-2.53.8-bp157.2.3.1.src.rpm unison-doc-2.53.8-bp157.2.3.1.x86_64.rpm unison-2.53.8-bp157.2.3.1.aarch64.rpm unison-text-2.53.8-bp157.2.3.1.aarch64.rpm unison-doc-2.53.8-bp157.2.3.1.aarch64.rpm unison-2.53.8-bp157.2.3.1.ppc64le.rpm unison-text-2.53.8-bp157.2.3.1.ppc64le.rpm unison-doc-2.53.8-bp157.2.3.1.ppc64le.rpm unison-2.53.8-bp157.2.3.1.s390x.rpm unison-text-2.53.8-bp157.2.3.1.s390x.rpm unison-doc-2.53.8-bp157.2.3.1.s390x.rpm openSUSE-2025-455 moderate openSUSE Backports SLE-15-SP7 Update This update for kanidm fixes the following issues: - Update to version 1.8.3~git0.471c021f2: * Release 1.8.3 * Resolve infinite reauth loop - Update to version 1.8.1~git0.3d1bdfd13: * Release 1.8.1 * Small fixes (#3965) * Make log messages more verbose for issues with resources server (#3954) * unixd_tasks: update home alias symlink conditionally and atomically (#3947) * Manually handle form bytes to allow optional encoding (#3968) * Improve handling of ready event (#3967) * Fix typo in kanidm-ldap-sync (#3964) kanidm-1.8.3~git0.471c021f2-bp157.2.23.1.src.rpm kanidm-1.8.3~git0.471c021f2-bp157.2.23.1.x86_64.rpm kanidm-clients-1.8.3~git0.471c021f2-bp157.2.23.1.x86_64.rpm kanidm-clients-debuginfo-1.8.3~git0.471c021f2-bp157.2.23.1.x86_64.rpm kanidm-debugsource-1.8.3~git0.471c021f2-bp157.2.23.1.x86_64.rpm kanidm-docs-1.8.3~git0.471c021f2-bp157.2.23.1.x86_64.rpm kanidm-server-1.8.3~git0.471c021f2-bp157.2.23.1.x86_64.rpm kanidm-server-debuginfo-1.8.3~git0.471c021f2-bp157.2.23.1.x86_64.rpm kanidm-unixd-clients-1.8.3~git0.471c021f2-bp157.2.23.1.x86_64.rpm kanidm-unixd-clients-debuginfo-1.8.3~git0.471c021f2-bp157.2.23.1.x86_64.rpm kanidm-1.8.3~git0.471c021f2-bp157.2.23.1.aarch64.rpm kanidm-clients-1.8.3~git0.471c021f2-bp157.2.23.1.aarch64.rpm kanidm-clients-debuginfo-1.8.3~git0.471c021f2-bp157.2.23.1.aarch64.rpm kanidm-debuginfo-1.8.3~git0.471c021f2-bp157.2.23.1.aarch64.rpm kanidm-debugsource-1.8.3~git0.471c021f2-bp157.2.23.1.aarch64.rpm kanidm-docs-1.8.3~git0.471c021f2-bp157.2.23.1.aarch64.rpm kanidm-server-1.8.3~git0.471c021f2-bp157.2.23.1.aarch64.rpm kanidm-server-debuginfo-1.8.3~git0.471c021f2-bp157.2.23.1.aarch64.rpm kanidm-unixd-clients-1.8.3~git0.471c021f2-bp157.2.23.1.aarch64.rpm kanidm-unixd-clients-debuginfo-1.8.3~git0.471c021f2-bp157.2.23.1.aarch64.rpm openSUSE-2025-454 moderate openSUSE Backports SLE-15-SP7 Update This update for gitea-tea fixes the following issues: - Do not make config file group-readable. - update to 0.11.1: * 61d4e57 Fix Pr Create crash (#823) * 4f33146 add test for matching logins (#820) * 08b8398 Update README.md (#819) - CVE-2025-58190: golang.org/x/net/html: excessive memory consumption by `html.ParseFragment` when processing specially crafted input (boo#1251663) - CVE-2025-47911: golang.org/x/net/html: various algorithms with quadratic complexity when parsing HTML documents (boo#1251471) - update to 0.11.0: * Fix yaml output single quote (#814) * generate man page (#811) * feat: add validation for object-format flag in repo create command (#741) * Fix release version (#815) * update gitea sdk to v0.22 (#813) * don't fallback login directly (#806) * Check duplicated login name in interact mode when creating new login (#803) * Fix bug when output json with special chars (#801) * add debug mode and update readme (#805) * update go.mod to retract the wrong tag v1.3.3 (#802) * revert completion scripts removal (#808) * Remove pagination from context (#807) * Continue auth when failed to open browser (#794) * Fix bug (#793) * Fix tea login add with ssh public key bug (#789) * Add temporary authentication via environment variables (#639) * Fix attachment size (#787) * deploy image when tagging (#792) * Add Zip URL for release list (#788) * Use bubbletea instead of survey for interacting with TUI (#786) * capitalize a few items * rm out of date comparison file * README: Document logging in to gitea (#790) * remove autocomplete command (#782) * chore(deps): update ghcr.io/devcontainers/features/git-lfs docker tag to v1.2.5 (#773) * replace arch package url (#783) * fix: Reenable -p and --limit switches (#778) - Update to 0.10.1+git.1757695903.cc20b52: - feat: add validation for object-format flag in repo create command (see gh#openSUSE/openSUSE-git#60) - Fix release version - update gitea sdk to v0.22 - don't fallback login directly - Check duplicated login name in interact mode when creating new login - Fix bug when output json with special chars - add debug mode and update readme - update go.mod to retract the wrong tag v1.3.3 - revert completion scripts removal - Remove pagination from context - Continue auth when failed to open browser - Fix bug - Fix tea login add with ssh public key bug - Add temporary authentication via environment variables - Fix attachment size - deploy image when tagging - Add Zip URL for release list - Use bubbletea instead of survey for interacting with TUI - capitalize a few items - rm out of date comparison file - README: Document logging in to gitea - remove autocomplete command - chore(deps): update ghcr.io/devcontainers/features/git-lfs docker tag to v1.2.5 - replace arch package url - fix: Reenable `-p` and `--limit` switches gitea-tea-0.11.1-bp157.2.9.1.src.rpm gitea-tea-0.11.1-bp157.2.9.1.x86_64.rpm gitea-tea-bash-completion-0.11.1-bp157.2.9.1.noarch.rpm gitea-tea-zsh-completion-0.11.1-bp157.2.9.1.noarch.rpm gitea-tea-0.11.1-bp157.2.9.1.i586.rpm gitea-tea-0.11.1-bp157.2.9.1.aarch64.rpm gitea-tea-0.11.1-bp157.2.9.1.ppc64le.rpm gitea-tea-0.11.1-bp157.2.9.1.s390x.rpm openSUSE-2025-460 moderate openSUSE Backports SLE-15-SP7 Update This update for python-mistralclient fixes the following issues: - CVE-2021-4472: Fixed a local file inclusion which may result in disclosure of arbitrary files content (boo#1254289) python-mistralclient-4.0.1-bp157.2.3.1.src.rpm python-mistralclient-doc-4.0.1-bp157.2.3.1.noarch.rpm python3-mistralclient-4.0.1-bp157.2.3.1.noarch.rpm openSUSE-2025-457 important openSUSE Backports SLE-15-SP7 Update This update for icinga2 fixes the following issues: - Update to 2.14.5 * Bug Fixes - Don't close anonymous connections before sending the response for a certificate request #10337 - Performance data: Don't discard min/max values even if crit/warn thresholds aren’t given #10339 - Fix a failing test case on systems time_t is only 32 bits #10343 * Documentation - Document the -X option for the mail-host-notification and mail-service-notification commands #10335 - Include Nagios in the migration docs #10324 - Remove RHEL 7 from installation instructions #10334 - Add instructions for installing build dependencies on Windows Server #10336 - Update to 2.14.4 * Crash Fixes - Invalid DateTime#format() arguments in config and console on Windows Server 2016 and older. #10112 - Downtime scheduling at runtime with non-existent trigger. #10049 - Object creation at runtime during Icinga DB initialization. #10151 - Comment on a service of a non-existent host. #9861 * Miscellaneous Bugfixes - Lost notifications after recovery outside the notification time period. #10187 - TimePeriod/ScheduledDowntime exceeding specified date range. #9983 #10107 - Clean up failure for obsolete Downtimes. #10062 - ifw-api check command: use correct process-finished handler. #10140 - Email notification scripts: strip 0x0D (CR) for a proper Content-Type. #10061 - Several fixes and improvements of the code quality. #10066 #10214 #10254 #10263 #10264 * Cluster and API - Sync runtime objects in topological order to honor their dependencies. #10000 - Make parallel config syncs more robust. #10013 - After object creation via API fails, clean up properly for the next try. #10111 - Close HTTPS connections properly to prevent leaks. #10005 #10006 - Reduce the number of cluster messages in memory at the same time. #9991 #9999 #10210 - Once a cluster connection shall be closed, stop communicating. #10213 #10221 - Remove unnecessary blocking of semaphores. #9992 #9994 - Reduce unnecessary cluster messages setting the next check time. #10011 * Icinga DB and IDO - IDO: fix object relations after aborted synchronization. #10065 - Icinga DB, IDO: limit all timestamps to four year digits. #10058 #10059 - Icinga DB: limit execution_time and latency (milliseconds) to database schema. #10060 * Troubleshooting - Add /v1/debug/malloc_info which calls malloc_info(3) if available. #10015 - Add log messages about own network I/O. #9993 #10141 #10207 - Several fixes and improvements of log messages. #9997 #10021 #10209 * Windows - Update OpenSSL shipped on Windows to v3.0.15. #10170 - Update Boost shipped on Windows to v1.86. #10114 - Support CMake v3.29. #10037 - Don't require to build .msi as admin. #10137 - Build configuration scripts: allow custom $CMAKE_ARGS. #10312 * Documentation - Distributed Monitoring: add section "External CA/PKI". #9825 - Explain how to enable/disable debug logging on the fly. #9981 - Update supported OS versions and repository configuration. #10064 #10090 #10120 #10135 #10136 #10205 - Several fixes and improvements. #9960 #10050 #10071 #10156 #10194 - Replace broken links. #10115 #10118 #10282 - Fix typographical and similarly trivial errors. #9953 #9967 #10056 #10116 #10152 #10153 #10204 - Update to 2.14.3 - Security: fix TLS certificate validation bypass. CVE-2024-49369 (boo#1233310) - Security: update OpenSSL shipped on Windows to v3.0.15. - Windows: sign MSI packages with a certificate the OS trusts by default. - Update to 2.14.2 - InfluxDB: truncate timestamps to whole seconds to save disk space. #9969 - HttpServerConnection: log request processing time as well. #9970 - Update Boost shipped on Windows to v1.84. #9970 - Update to 2.14.1 * Security - Automatically renew own root CA and distribute it to all nodes. #9933 - Update OpenSSL shipped on Windows to v3.0.12. #9946 - Disable TLS renegotiation (handshake on existing connection). #9946 * Bugfixes - Icinga DB feature: fix crash due to missing NULL pointer check. #9946 - Icinga DB feature: fix data written into Redis crashing the Go daemon. #9946 - GelfWriter: fix deadlock on stop/reload caused by busy queue. #9947 - Don't lose notifications due to too long output, truncate it. #9947 * Enhancements - Discard duplicate problem notifications due to state filtering. #9932 - Speed up API filters targeting specific hosts/services to O(1). #9944 - POST /v1/console/*: return HTTP 503 while Icinga is reloading. #9947 - Update Boost shipped on Windows to v1.83. #9946 - Documentation: several fixes and improvements. #9921 - Update to 2.14.0 * Breaking Changes - Remove CheckResultReader (which has been deprecated since v2.9). #9714 - Remove StatusDataWriter (which has been deprecated since v2.9). #9715 - ElasticsearchWriter: drop support for Elasticsearch < v7. #9812 - Consider a checkable unreachable once one Dependency fails. Previously all of them had to fail. (Consult the upgrading docs.) #8218 - API: reject config modifications during reload with HTTP status 503. #9445 - icinga2 daemon: to reduce config load time, write file needed by icinga2 object list only if --dump-objects is given. #9586 #9591 - Default email notification scripts: link to Icinga DB Web, not the monitoring module. (Consult the upgrading docs.) #9742 #9757 - API: for security reasons hide TicketSalt in /v1/variables. #7863 * Icinga 2 Config DSL - Disallow global variable modification after config commit start (i.e. inside object/apply T "x" { ... }) to reduce config load time. #9740 - Forbid Dependency cycles at config load time. #8389 - Allow only strings in the arrays Host#groups, Service#groups and User#groups. Needed for consistency, especially by the IDO. #9057 - Disallow empty object names. (They worked only partially anyway.) #9409 * Enhancements - Significantly reduce config load time of large setups. #8118 #9555 #9557 #9572 #9577 #9603 #9608 #9627 #9648 #9657 #9662 - Allow to connect dependencies via redundancy groups. Only parents within one group are assumed to provide redundancy for each other. #8218 - Built-in check command ifw-api, communicates directly with the Icinga for Windows REST API. (Doesn't spawn a PowerShell process for that.) #9062 - JournaldLogger which logs to systemd journal. #9000 - API: POST /v1/objects: allow to discard some previously modified attributes, i.e. to restore the config files' values. #9783 - ElasticsearchWriter: support Elasticsearch v8. #9812 - Support $env.ENV_VAR_NAME$ macros. #8302 - Speed up Icinga DB config dump. #9524 - Default mail notification scripts: also print $host.notes$ and $service.notes$. #9713 - Enable built-in OpenSSL DH parameters to allow DHE TLS ciphers. #9811 - Clean up global default TLS cipher list to improve security. #9809 - Influxdb(2)Writer: write more precise timestamps (nanoseconds). #9599 * Bugfixes - Icinga DB feature: normalize several Redis data not to crash the Go daemon. #9772 #9775 #9792 #9793 #9794 #9805 - Fix parsing of perfdata across multiple lines in plugin output. #8969 - icinga check: fix last reload failure time. #8429 #9827 - Resolve macros inside custom vars of IcingaApplication. #9779 - SELinux: allow Icinga and its plugins to write to syslog. #9688 - ElasticsearchWriter: fix data buffer flush race condition during stop. #9810 - Trigger flexible downtimes not in the past if checkable is already down. #9726 - Send downtime expiration notifications immediately, not after up to a minute. #9726 * Cluster - Don't hang in timed out connection attempt. #9711 #9725 - Fix lost acknowledgements after re-connect. #9718 - cluster-zone check: don't complain about not connected other local zone members if there aren't any. #8595 - Allow agent to update executions delegated to it via /v1/actions/execute-command. #8627 * API - Disallow breaking inter-object relationships by changing relationship attributes at runtime, e.g. Service#host_name. #9407 - Correct several HTTP response status codes. #7958 #9354 - Correct Boolean field types previously reported by /v1/types as Number. #9514 * CLI - icinga2 daemon: fix -DConfiguration.Concurrency= flag which now allows to override the number of threads. #9643 - icinga2 node wizard: avoid unnecessary chown(2) which may fail and abort the wizard. #8744 - Correct several log messages. #8895 #8965 #9663 * ITL - Add linux_netdev check command. #9045 + Command Argument Changes - disk: don't pass -m (disk_megabytes) by default. #9642 - disk: pass -X fuse.portal (disk_exclude_type) by default. #9459 - http: support multiple -k (http_header) as array. #8574 - icmp: double defaults for -w (icmp_wpl) and -c (icmp_cpl). #9041 - logfiles: pass --winwarncrit (logfiles_winwarncrit) without argument. #9056 - nwc_health: pass SNMPv3-only args only when using SNMPv3. #9095 - vmware-esx-dc-runtime-tools and vmware-esx-soap-vm-runtime-tools: - rename --open-vm-tools to --open_vm_tools_ok (vmware_openvmtools). #9611 - Update to 2.13.8 * Bugfixes - Icinga DB feature: normalize several Redis data not to crash the Go daemon. #9814 - Don't hang in timed out connection attempt. #9815 - Trigger flexible downtimes not in the past if checkable is already down. #9817 - ElasticsearchWriter: fix data buffer flush race condition during stop. #9818 - SELinux: allow Icinga and its plugins to write to syslog. #9819 - Fix lost acknowledgements after re-connect. #9820 - Fix parsing of perfdata across multiple lines in plugin output. #9821 - cluster-zone check: don't complain about not connected other local zone members if there aren't any. #9822 * Updates - Update Boost shipped on Windows to v1.82. #9816 - Update OpenSSL shipped on Windows to v3.0.9. #9816 - Update vendored https://github.com/nlohmann/json to v3.9.1. #9816 - Update vendored https://github.com/nemtrif/utfcpp to v3.2.3. #9816 - Update to 2.13.7 * Security - Windows: update bundled OpenSSL to v1.1.1t. #9672 * Bugfixes - SELinux: fix user and domain creation by explicitly setting the role. #9690 - Signal handlers: don't interrupt and break plugins spawning. #9682 - Icinga DB: take check\_period into account during overdue calculation. #9679 - Avoid corrupted files: use fsync(2)/FlushFileBuffers() everywhere. #9681 - Solaris: fix compile error. #9680 * Enhancements - Windows: update bundled Boost to v1.81. #9678 - Documentation: several fixes and improvements. #9671 icinga2-2.14.5-bp157.3.3.1.src.rpm icinga2-2.14.5-bp157.3.3.1.x86_64.rpm icinga2-bin-2.14.5-bp157.3.3.1.x86_64.rpm icinga2-common-2.14.5-bp157.3.3.1.x86_64.rpm icinga2-doc-2.14.5-bp157.3.3.1.x86_64.rpm icinga2-ido-mysql-2.14.5-bp157.3.3.1.x86_64.rpm icinga2-ido-pgsql-2.14.5-bp157.3.3.1.x86_64.rpm nano-icinga2-2.14.5-bp157.3.3.1.x86_64.rpm vim-icinga2-2.14.5-bp157.3.3.1.x86_64.rpm icinga2-2.14.5-bp157.3.3.1.i586.rpm icinga2-bin-2.14.5-bp157.3.3.1.i586.rpm icinga2-common-2.14.5-bp157.3.3.1.i586.rpm icinga2-doc-2.14.5-bp157.3.3.1.i586.rpm icinga2-ido-mysql-2.14.5-bp157.3.3.1.i586.rpm icinga2-ido-pgsql-2.14.5-bp157.3.3.1.i586.rpm nano-icinga2-2.14.5-bp157.3.3.1.i586.rpm vim-icinga2-2.14.5-bp157.3.3.1.i586.rpm icinga2-2.14.5-bp157.3.3.1.aarch64.rpm icinga2-bin-2.14.5-bp157.3.3.1.aarch64.rpm icinga2-common-2.14.5-bp157.3.3.1.aarch64.rpm icinga2-doc-2.14.5-bp157.3.3.1.aarch64.rpm icinga2-ido-mysql-2.14.5-bp157.3.3.1.aarch64.rpm icinga2-ido-pgsql-2.14.5-bp157.3.3.1.aarch64.rpm nano-icinga2-2.14.5-bp157.3.3.1.aarch64.rpm vim-icinga2-2.14.5-bp157.3.3.1.aarch64.rpm openSUSE-2025-462 moderate openSUSE Backports SLE-15-SP7 Update This update for virtme fixes the following issues: - Update to 1.39: * The most noticeable change in this release is the new Model Context Protocol (MCP) server. This feature lets you connect with AI assistants such as Claude, Cursor, etc., and use natural human language to automate kernel development tasks. In this way, AI agents can automatically configure kernels, apply patches from lore.kernel.org, and run commands within recompiled kernels. You can even have the AI agent perform bug bisection for you and run specific commands/scripts inside each recompiled version to determine whether the kernel is good or bad. * An additional feature is vCPU pinning (using the --pin CPU_LIST option), which enables binding virtual CPUs to particular physical host CPUs. This ensures more consistent performance testing within the vng guest environment. * The release also adds support for memoryless NUMA nodes, enablingusers to specify size=0 with the --numa argument to create NUMA nodes without memory. This capability can be useful for simulating heterogeneous architectures, where devices like GPUs are represented as memoryless NUMA nodes to model their CPU locality relationships. * Last, but not least, there's a new --shell BINARY option which lets users choose a different shell to use within the vng session, rather than using their system's default shell and a new --empty-password option that creates empty passwords in the vng guest, instead of blocking login for other users, enabling easier debugging and SSH access during testing. * Updated Python versions in CI (dropped EOL 3.8 and 3.9) * Various bug fixes in virtme-init * Enhanced documentation and README updates * Improved error handling and validation virtme-1.39-bp157.2.12.1.noarch.rpm virtme-1.39-bp157.2.12.1.src.rpm openSUSE-2025-458 important openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: Chromium 143.0.7499.40 (boo#1254429): * CVE-2025-13630: Type Confusion in V8 * CVE-2025-13631: Inappropriate implementation in Google Updater * CVE-2025-13632: Inappropriate implementation in DevTools * CVE-2025-13633: Use after free in Digital Credentials * CVE-2025-13634: Inappropriate implementation in Downloads * CVE-2025-13720: Bad cast in Loader * CVE-2025-13721: Race in v8 * CVE-2025-13635: Inappropriate implementation in Downloads * CVE-2025-13636: Inappropriate implementation in Split View * CVE-2025-13637: Inappropriate implementation in Downloads * CVE-2025-13638: Use after free in Media Stream * CVE-2025-13639: Inappropriate implementation in WebRTC * CVE-2025-13640: Inappropriate implementation in Passwords chromedriver-143.0.7499.40-bp157.2.88.1.x86_64.rpm chromium-143.0.7499.40-bp157.2.88.1.nosrc.rpm chromium-143.0.7499.40-bp157.2.88.1.x86_64.rpm chromedriver-143.0.7499.40-bp157.2.88.1.aarch64.rpm chromium-143.0.7499.40-bp157.2.88.1.aarch64.rpm chromedriver-143.0.7499.40-bp157.2.88.1.ppc64le.rpm chromium-143.0.7499.40-bp157.2.88.1.ppc64le.rpm openSUSE-2025-468 moderate openSUSE Backports SLE-15-SP7 Update This update for virtme fixes the following issues: - Update to 1.40: * No significant change, this is just a very small hotfix release to solve a packaging problem introduced by a conflict with the new vng-mcp tool. * While at it, there're also some small improved hints in the MCP server, so that AI agents can better understand how to build the kernel using vng --build. virtme-1.40-bp157.2.15.1.noarch.rpm virtme-1.40-bp157.2.15.1.src.rpm openSUSE-2026-117 important openSUSE Backports SLE-15-SP7 Update This update for keybase-client fixes the following issues: - CVE-2025-47914: golang.org/x/crypto/ssh/agent: non validated message size can cause a panic due to an out of bounds read (boo#1254023) - CVE-2025-47913: golang.org/x/crypto/ssh/agent: client process termination when receiving an unexpected message type in response to a key listing or signing request (boo#1253563) - CVE-2025-58181: golang.org/x/crypto/ssh: invalidated number of mechanisms can cause unbounded memory consumption (boo#1253864) kbfs-6.2.8-bp157.2.3.15.x86_64.rpm kbfs-debuginfo-6.2.8-bp157.2.3.15.x86_64.rpm kbfs-git-6.2.8-bp157.2.3.15.x86_64.rpm kbfs-git-debuginfo-6.2.8-bp157.2.3.15.x86_64.rpm kbfs-tool-6.2.8-bp157.2.3.15.x86_64.rpm kbfs-tool-debuginfo-6.2.8-bp157.2.3.15.x86_64.rpm keybase-client-6.2.8-bp157.2.3.15.src.rpm keybase-client-6.2.8-bp157.2.3.15.x86_64.rpm keybase-client-debuginfo-6.2.8-bp157.2.3.15.x86_64.rpm kbfs-6.2.8-bp157.2.3.15.i586.rpm kbfs-debuginfo-6.2.8-bp157.2.3.15.i586.rpm kbfs-git-6.2.8-bp157.2.3.15.i586.rpm kbfs-git-debuginfo-6.2.8-bp157.2.3.15.i586.rpm kbfs-tool-6.2.8-bp157.2.3.15.i586.rpm kbfs-tool-debuginfo-6.2.8-bp157.2.3.15.i586.rpm keybase-client-6.2.8-bp157.2.3.15.i586.rpm keybase-client-debuginfo-6.2.8-bp157.2.3.15.i586.rpm kbfs-6.2.8-bp157.2.3.15.aarch64.rpm kbfs-debuginfo-6.2.8-bp157.2.3.15.aarch64.rpm kbfs-git-6.2.8-bp157.2.3.15.aarch64.rpm kbfs-git-debuginfo-6.2.8-bp157.2.3.15.aarch64.rpm kbfs-tool-6.2.8-bp157.2.3.15.aarch64.rpm kbfs-tool-debuginfo-6.2.8-bp157.2.3.15.aarch64.rpm keybase-client-6.2.8-bp157.2.3.15.aarch64.rpm keybase-client-debuginfo-6.2.8-bp157.2.3.15.aarch64.rpm kbfs-6.2.8-bp157.2.3.15.ppc64le.rpm kbfs-debuginfo-6.2.8-bp157.2.3.15.ppc64le.rpm kbfs-git-6.2.8-bp157.2.3.15.ppc64le.rpm kbfs-git-debuginfo-6.2.8-bp157.2.3.15.ppc64le.rpm kbfs-tool-6.2.8-bp157.2.3.15.ppc64le.rpm kbfs-tool-debuginfo-6.2.8-bp157.2.3.15.ppc64le.rpm keybase-client-6.2.8-bp157.2.3.15.ppc64le.rpm keybase-client-debuginfo-6.2.8-bp157.2.3.15.ppc64le.rpm kbfs-6.2.8-bp157.2.3.15.s390x.rpm kbfs-debuginfo-6.2.8-bp157.2.3.15.s390x.rpm kbfs-git-6.2.8-bp157.2.3.15.s390x.rpm kbfs-git-debuginfo-6.2.8-bp157.2.3.15.s390x.rpm kbfs-tool-6.2.8-bp157.2.3.15.s390x.rpm kbfs-tool-debuginfo-6.2.8-bp157.2.3.15.s390x.rpm keybase-client-6.2.8-bp157.2.3.15.s390x.rpm keybase-client-debuginfo-6.2.8-bp157.2.3.15.s390x.rpm openSUSE-2025-470 important openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: - Chromium 143.0.7499.109 (boo#1254776): * CVE-2025-14372: Use after free in Password Manager * CVE-2025-14373: Inappropriate implementation in Toolbar * third issue with an exploit is known to exist in the wild chromedriver-143.0.7499.109-bp157.2.91.1.x86_64.rpm chromium-143.0.7499.109-bp157.2.91.1.nosrc.rpm chromium-143.0.7499.109-bp157.2.91.1.x86_64.rpm chromedriver-143.0.7499.109-bp157.2.91.1.aarch64.rpm chromium-143.0.7499.109-bp157.2.91.1.aarch64.rpm chromedriver-143.0.7499.109-bp157.2.91.1.ppc64le.rpm chromium-143.0.7499.109-bp157.2.91.1.ppc64le.rpm openSUSE-2025-472 moderate openSUSE Backports SLE-15-SP7 Update This update for powerline fixes the following issues: - Fix TypeError with python 3.13 in vim status line; upstream PR + test fix - Update to version 2.8.4: * Minor improvements and bug fixes. - Remove manual python script hashbangs fix, that's done now automatically by the %python_install macro. Fix problem of package requiring /usr/bin/python3.11.11 - Only recommend python311-i3ipc if i3 is installed - Make git-core a suitable alternative instead of python311-pygit2 - Fix powerline requiring both python2 and python3 * Added `output` option to i3wm.workspaces segment to filter workspaces based on powerline-2.8.4-bp157.2.3.1.src.rpm powerline-2.8.4-bp157.2.3.1.x86_64.rpm powerline-docs-2.8.4-bp157.2.3.1.noarch.rpm powerline-fonts-2.8.4-bp157.2.3.1.noarch.rpm tmux-powerline-2.8.4-bp157.2.3.1.noarch.rpm vim-plugin-powerline-2.8.4-bp157.2.3.1.noarch.rpm powerline-2.8.4-bp157.2.3.1.aarch64.rpm powerline-2.8.4-bp157.2.3.1.ppc64le.rpm powerline-2.8.4-bp157.2.3.1.s390x.rpm openSUSE-2025-473 moderate openSUSE Backports SLE-15-SP7 Update This update for icinga-php-library, icingaweb2 fixes the following issues: Changes in icingaweb2: - Update to 2.12.6 - Search box shows many magnifying glasses for some community themes #5395 - Authentication hooks are not called with external backends #5415 - Improve Minimal layout #5386 - Update to 2.12.5 * PHP 8.4 Support We're again a little behind schedule, but now we support PHP 8.4! This means that installations on Ubuntu 25.04 and Fedora 42+ can now install Icinga Web without worrying about PHP related incompatibilities. Icinga packages will be available in the next few days. * Good Things Take Time There's only a single (notable) recent issue that is fixed with this release. All the others are a bit older. - External URLs set up as dashlets are not embedded the same as navigation items #5346 * But the team sat together a few weeks ago and fixed a bug here and there. And of course, also in Icinga Web! - Users who are not allowed to change the theme, cannot change the theme mode either #5385 - Improved compatibility with several SSO authentication providers #5000, #5227 - Filtering for older-than events with relative time does not work #5263 - Empty values are NULL in CSV exports #5350 * Breaking, Somewhat This is mainly for developers. With the support of PHP 8.4, we introduced a new environment variable, ICINGAWEB_ENVIRONMENT. Unless set to dev, Icinga Web will not show nor log deprecation notices anymore. - Update to 2.12.4 - Database login broken after upgrade #5343 - Update to 2.12.3 - XSS in embedded content CVE-2025-27405 - DOM-based XSS CVE-2025-27404 - Open redirect on login page CVE-2025-30164 - Reflected XSS CVE-2025-27609 - Login against Postgres DB is case-sensitive #5223 - Role list has no functioning quick search #5300 - After clicking on Check now, the page does not refresh itself #5293 - Service States display wrong since update to 2.12.2 #5290 - Set right version for icinga-php-library. - Fix usage of %requires_eq: invalid syntax previosly resulted in ignored lines and now properly returns an error. - Update to 2.12.2 - Sort by name of roles does not work properly #4789 - Settings menu flyout closes too fast / easy #5196 - CSP header is missing the script-src policy #5180 - Broken event overview due to IntlDateFormatter #5172 - Downtimes, which were started and canceled, are missing in the history #5176 - Usage of IcingaWeb2 api command returns 404, but is successful #5183 - Allow fontawesome icons as menu items #5205 - Error while opening a navigation root item #5177 - Dashlets twice in dashboard & not deletable #5203 - PluginOutputRenderer gets called twice #5271 - Graphs disappear after form controls are used #4996 - Make subgroups of custom variables fully collapsible #5256 - Provide group as required by RPM 4.19 - Update to 2.12.1 - Add PHP 8.3 support - Login Redirect Loop #5133 - UI database migration not fully compatible with PostgreSQL #5129 - Missing styles when logging out and in while CSP is enabled #5126 - Update to 2.12.0 - Support for PHP 8.2 #4918 - Support for Content-Security-Policy #4528 - Allow to initiate a refresh with __REFRESH__ #5108 - Don't refresh twice upon __CLOSE__ #5106 - Add event column-moved #5049 - Add copy-to-clipboard behavior #5041 - Access Oracle Database via tnsnames.ora / LDAP Naming Services #5062 - Reduce risk of crashing the x509 collector daemon #5115 - CSV export does not escape double quotes #4910 * Full changelog see: https://github.com/Icinga/icingaweb2/milestone/79?closed=1 - Massive changes in spec needed. - DB schema files are in schema not etc/schema in packaged tarball - Add subpackge php-fpm with php-fpm configuration. - Remove max php version restrictions for suse. - Fix rights for /etc/icingaweb2/enabledModules directory as upstream use. Changes in icinga-php-library: - Update to 1.17.0 - No changelog from upstream. - Update ot 0.14.1 - No changelog from upstream. - Remove unneded requires and buildrequires icinga-php-common. - Add missing requires. - Update to 0.13.0 - No changelog from upstream. - Update to 0.12.0 - No changelog from upstream. - Update to 0.11.0 - No changelog from upstream. icinga-php-library-0.17.0-bp157.2.3.1.noarch.rpm icinga-php-library-0.17.0-bp157.2.3.1.src.rpm icingacli-2.12.6-bp157.2.3.1.noarch.rpm icingaweb2-2.12.6-bp157.2.3.1.noarch.rpm icingaweb2-2.12.6-bp157.2.3.1.src.rpm icingaweb2-common-2.12.6-bp157.2.3.1.noarch.rpm icingaweb2-php-fpm-2.12.6-bp157.2.3.1.noarch.rpm php-icinga-2.12.6-bp157.2.3.1.noarch.rpm openSUSE-2025-474 important openSUSE Backports SLE-15-SP7 Update This update for flannel fixes the following issues: - Update to version 0.27.4: * Removed PodSecurityPolicy manifest creation * Fix interface IP address detection in dual-stack mode * Fix: recreate VXLAN device (flannel.*) when external interface is deleted and re-added (#2247) * golangci-lint: fix iptables_test * firewall: add option to disable fully-random mode for MASQUERADE * Bump the tencent group with 2 updates * Bump github.com/coreos/go-systemd/v22 in the other-go-modules group * Bump golang.org/x/sys in the other-go-modules group * Bump the etcd group with 4 updates * Bump etcd version in tests * Stop using deprecated cache.NewIndexerInformer function * Bump k8s test version * Bump k8s deps to v0.31.11 * Bump the other-go-modules group with 2 updates * helm chart: add nodeSelector in the helm chart * Updated Alpine image * Added flag to enable blackhole route locally for Canal * Bump golang.org/x/sync in the other-go-modules group * make enqueueLeaseEvent context aware and prevent dangling goroutines when context is done - fixed a typo/build error * make retry interval exp backoff * cont_when_cache_not_ready configurable with fail by default * use semaphore as opposed to raw signal channel * Update pkg/subnet/kube/kube.go * Fix deadlock in startup for large clusters * enable setting resources in helm chart * capture close() err on subnet file save (#2248) * doc: document flag --iptables-forward-rules * Bump netlink to v1.3.1 * fix: clean-up rules when starting instead of shutting down * Bump k8s and sles test version * Add modprobe br_netfilter step in test workflows * test: don't run the workflows on "push" events * Update to the latest flannel cni-plugins v1.7.1 * Move to go 1.23.6 - Update to version 0.26.6: * Bump github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common * Bump the etcd group with 4 updates * Bump the tencent group with 2 updates * Organize dependabot PR's more clearly by using groups * Use peer's wireguard port, not our own * Bump to codeql v3 * Pin all GHA to a specific SHA commit * Bump github.com/golang-jwt/jwt/v4 from 4.5.1 to 4.5.2 (fix CVE-2025-30204, boo#1240516) * Bump github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common * Bump go.etcd.io/etcd/tests/v3 from 3.5.18 to 3.5.20 * add missing GH_TOKEN env var in release.yaml * Bump github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vpc * Upload chart archive with the release files * make deps * refactor release.yaml to reduce use of potentially vulnerable GH Actions * Bump golang.org/x/net from 0.34.0 to 0.36.0 * enable setting CNI directory paths in helm chart * Added cni file configuration on the chart * Bump github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vpc * Bump github.com/avast/retry-go/v4 from 4.6.0 to 4.6.1 - Update to version 0.26.4: * Moved to github container registry * Bump github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vpc * Bump go.etcd.io/etcd/tests/v3 from 3.5.17 to 3.5.18 * fix: Fix high CPU usage when losing etcd connection and try to re-establish connection with exponential backoff * Bump github.com/containernetworking/plugins from 1.6.1 to 1.6.2 * Bump alpine from 20240923 to 20250108 in /images * Bump golang.org/x/net from 0.31.0 to 0.33.0 * Bump github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vpc * Bump github.com/jonboulle/clockwork from 0.4.0 to 0.5.0 * feat: add bool to control CNI config installation using Helm * fix: add missing MY_NODE_NAME env in chart * Bump k8s deps to 0.29.12 * Don't panic upon shutdown when running in standalone mode * Bump golang.org/x/crypto from 0.29.0 to 0.31.0 * Bump alpine from 20240807 to 20240923 in /images * Bump github.com/containernetworking/plugins from 1.6.0 to 1.6.1 * Bump github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vpc * Bump github.com/vishvananda/netns from 0.0.4 to 0.0.5 * Use the standard context library * Bump github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common * Updated flannel cni image to 1.6.0 * Updated CNI plugins version on the README * Bump sigs.k8s.io/knftables from 0.0.17 to 0.0.18 * Bump github.com/golang-jwt/jwt/v4 from 4.4.2 to 4.5.1 * Bump github.com/Microsoft/hcsshim from 0.12.8 to 0.12.9 * Added check to not check br_filter in case of windows * Bumo golangci-lint to latest version * Bump to go 1.23 * Added checks for br_netfilter module * Try not to cleanup multiple peers behind same PublicIP * fix trivy check * check that the lease includes an IP address of the requested family before configuring the flannel interface * Fixed IPv6 chosen in case of public-ipv6 configured * add timeout to e2e test pipelines * Update k8s version ine2e tests to v1.29.8 * Update netlink to v1.3.0 * Fixed values file on flannel chart * Bump k8s.io/klog/v2 from 2.120.1 to 2.130.1 * Updated Flannel chart with Netpol containter and removed clustercidr * Fix bug in hostgw-windows * Fix bug in the logic polling the interface * Added node-public-ip annotation * Try several times to contact kube-api before failing * Fixed IPv6 0 initialization * wireguard backend: avoid error message if route already exists * Bump github.com/avast/retry-go/v4 from 4.5.1 to 4.6.0 * use wait.PollUntilContextTimeout instead of deprecated wait.Poll * troubleshooting.md: add `ethtool -K flannel.1 tx-checksum-ip-generic off` for NAT * Added configuration for pulic-ip through node annotation * extension/vxlan: remove arp commands from vxlan examples * Refactor TrafficManager windows files to clarify logs * Add persistent-mac option to v6 too * fix comparison with previous networks in SetupAndEnsureMasqRules * show content of stdout and stderr when running iptables-restore returns an error * Add extra check before contacting kube-api * remove unimplemented error in windows trafficmngr * remove --dirty flags in git describe * Added leaseAttr string method with logs on VxLan * remove multiClusterCidr related-code. * Implement nftables masquerading for flannel * fix: ipv6 iptables rules were created even when IPv6 was disabled * Add tolerations to the flannel chart * Added additional check for n.spec.podCIDRs * Remove net-tools since it's an old package that we are not using * fix iptables_windows.go * Clean-up Makefile and use docker buildx locally * Use manual test to ensure iptables-* binaries are present * Bump github.com/containerd/containerd from 1.6.23 to 1.6.26 * Bump github.com/joho/godotenv * SubnetManager should use the main context * Simplify TrafficManager interface * refactor iptables package to prepare for nftables-based implementation - Update to version 0.24.2: * Prepare for v0.24.2 release * Increase the time out for interface checking in windows * Prepare for v0.24.1 release * Provide support to select the interface in Windows * Improve the log from powershell * Wait all the jobs to finish before deploy the github-page * remove remaining references to mips64le * add multi-arch dockerfile * add missing riscv64 in docker manifest create step * prepare for v0.24.0 release * Bump golang.org/x/crypto from 0.15.0 to 0.17.0 * Add the VNI to the error message in Windows * chart: add possibility for defining image pull secrets in daemonset * Remove multiclustercidr logic from code * Update opentelemetry dependencies * Bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc * Add riscv64 arch in GH actions * vxlan vni should not be type uint16 * Quote wireguard psk in helm chart * add riscv64 support - Update to 0.14.0: * Add tencent cloud VPC network support * moving go modules to flannel-io/flannel and updating to go 1.16 * fix(windows): nil pointer panic * Preserve environment for extension backend * Fix flannel hang if lease expired * Documentation for the Flannel upgrade/downgrade procedure * Move from glog to klog * fix(host-gw): failed to restart if gateway hnsep existed * ipsec: use well known paths of charon daemon * upgrade client-go to 1.19.4 * move from juju/errors to pkg/errors * subnets: move forward the cursor to skip illegal subnet * Fix Expired URL to Deploying Flannel with kubeadm * Modify kube-flannel.yaml to use rbac.authorization.k8s.io/v1 * preserve AccessKey & AccessKeySecret environment on sudo fix some typo in doc. * iptables: handle errors that prevent rule deletes - update to 0.13.0: * Use multi-arch Docker images in the Kubernetes manifest * Accept existing XMRF policies and update them intead of raising errors * Add --no-sanity-check to iptables-wrapper-installer.sh for architectures other than amd64 * Use "docker manifest" to publish multi-arch Docker images * Add NET_RAW capability to support cri-o * remove glide * switch to go modules * Add and implement iptables-wrapper-installer.sh from https://github.com/kubernetes-sigs/iptables-wrappers * documentation: set priorityClassName to system-node-critical * Added a hint for firewall rules * Disabling ipv6 accept_ra explicitely on the created interface * use alpine 3.12 everywhere * windows: replace old netsh (rakelkar/gonetsh) with powershell commands * fix CVE-2019-14697 * Bugfix: VtepMac would be empty when lease re-acquire for windows * Use stable os and arch label for node * doc(awsvpc): correct the required permissions - update to 0.12.0: * fix deleteLease * Use publicIP lookup iface if --public-ip indicated * kubernetes 1.16 cni error * Add cniVersion to general CNI plugin configuration. * Needs to clear NodeNetworkUnavailable flag on Kubernetes * Replaces gorillalabs go-powershell with bhendo/go-powershell * Make VXLAN device learning attribute configurable * change nodeSelector to nodeAffinity and schedule the pod to linux node * This PR adds the cni version to the cni-conf.yaml inside the kube-flannel-cfg configmap * EnableNonPersistent flag for Windows Overlay networks * snap package. * Update lease with DR Mac * main.go: add the "net-config-path" flag * Deploy Flannel with unprivileged PSP * Enable local host to local pod connectivity in Windows VXLAN * Update hcsshim for HostRoute policy in Windows VXLAN flannel-0.27.4-bp157.2.3.1.src.rpm flannel-0.27.4-bp157.2.3.1.x86_64.rpm flannel-k8s-yaml-0.27.4-bp157.2.3.1.noarch.rpm flannel-0.27.4-bp157.2.3.1.i586.rpm flannel-0.27.4-bp157.2.3.1.aarch64.rpm flannel-0.27.4-bp157.2.3.1.ppc64le.rpm flannel-0.27.4-bp157.2.3.1.s390x.rpm openSUSE-2025-479 moderate openSUSE Backports SLE-15-SP7 Update This update for kanidm fixes the following issues: - Update to version 1.8.4~git0.2449805e3: * Release 1.8.4 * Handle concurrent pam sessions. (#4001) * fix: correcting parsing of backup compression input (#3995) * fixing up docs builds (#4006) kanidm-1.8.4~git0.2449805e3-bp157.2.26.1.src.rpm kanidm-1.8.4~git0.2449805e3-bp157.2.26.1.x86_64.rpm kanidm-clients-1.8.4~git0.2449805e3-bp157.2.26.1.x86_64.rpm kanidm-docs-1.8.4~git0.2449805e3-bp157.2.26.1.x86_64.rpm kanidm-server-1.8.4~git0.2449805e3-bp157.2.26.1.x86_64.rpm kanidm-unixd-clients-1.8.4~git0.2449805e3-bp157.2.26.1.x86_64.rpm kanidm-1.8.4~git0.2449805e3-bp157.2.26.1.aarch64.rpm kanidm-clients-1.8.4~git0.2449805e3-bp157.2.26.1.aarch64.rpm kanidm-docs-1.8.4~git0.2449805e3-bp157.2.26.1.aarch64.rpm kanidm-server-1.8.4~git0.2449805e3-bp157.2.26.1.aarch64.rpm kanidm-unixd-clients-1.8.4~git0.2449805e3-bp157.2.26.1.aarch64.rpm openSUSE-2025-476 important openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: - Chromium 143.0.7499.146 (boo#1255115): * CVE-2025-14765: Use after free in WebGPU * CVE-2025-14766: Out of bounds read and write in V8 chromedriver-143.0.7499.146-bp157.2.94.1.x86_64.rpm chromium-143.0.7499.146-bp157.2.94.1.nosrc.rpm chromium-143.0.7499.146-bp157.2.94.1.x86_64.rpm chromedriver-143.0.7499.146-bp157.2.94.1.aarch64.rpm chromium-143.0.7499.146-bp157.2.94.1.aarch64.rpm chromedriver-143.0.7499.146-bp157.2.94.1.ppc64le.rpm chromium-143.0.7499.146-bp157.2.94.1.ppc64le.rpm openSUSE-2025-480 moderate openSUSE Backports SLE-15-SP7 Update This update for gh fixes the following issues: - Update to version 2.83.2: * Update licences * Bump dev-tunnels SDK 0.1.13 to 0.1.19 * Bump Go to 1.25.5 * Update licenses for go-containerregistry-0.20.7 bump * chore(deps): bump github.com/google/go-containerregistry * Update licenses for go-version-1.8.0 bump * chore(deps): bump github.com/hashicorp/go-version from 1.7.0 to 1.8.0 * Update licenses for tcell-2.13.1 bump * chore(deps): bump github.com/gdamore/tcell/v2 from 2.9.0 to 2.13.1 * chore: make licenses * refactor: drop multierror in favor of std * Bump Go to 1.25.4 * Update licenses for huh 0.8.0 bump * Fix accessible prompter tests with huh 0.8.0 upgrade * chore(deps): bump github.com/charmbracelet/huh from 0.7.0 to 0.8.0 * Update licenses with grpc-1.76.0 bump * chore(deps): bump google.golang.org/grpc from 1.75.0 to 1.76.0 * Update licenses for mimetype 1.4.11 bump * chore(deps): bump github.com/gabriel-vasile/mimetype * chore(deps): bump github.com/theupdateframework/go-tuf/v2 * chore(deps): bump golangci/golangci-lint-action from 9.0.0 to 9.1.0 * Update licenses for protobuf 1.36.10 bump * chore(deps): bump google.golang.org/protobuf from 1.36.9 to 1.36.10 * Error if go-licenses is not on the PATH * chore(deps): bump actions/checkout from 5 to 6 * Update licenses for crypto-0.45.0 bump * chore(deps): bump golang.org/x/crypto from 0.43.0 to 0.45.0 * Alphabetize Ubuntu section * Add Debian/Ubuntu to unofficial packages * Add PGP key rotation PoC (#12176) * refactor(pkg/search): rename `KeywordsVerbatim` to `ImmutableKeywords` * refactor(pkg/search): rewrite returns in a more verbose way * fix(pr/shared): delegate query compilation to `search` package * test(pkg/search): assert verbatim keywords are respected * fix(pkg/search): add `KeywordsVerbatim` field to `Query` type * Remove extra flag default from help usage * Refactor cfg out of CAPI Client - Update to version 2.83.1: * chore(deps): bump golangci/golangci-lint-action from 8.0.0 to 9.0.0 * Check user and teams nil state instead of length * Update third-party licenses and dependencies * Ensure empty arrays for reviewers in PR API calls * Update .github/workflows/lint.yml * Annotate go-licenses install with version tag * Integrate license checks back into lint workflow - Update to version 2.83.0: * chore(deps): bump github.com/cli/go-gh/v2 from 2.12.2 to 2.13.0 * Apply suggestions from code review * Add note on govulncheck source mode for Go 1.25 * docs(pkg/search): fix typo * docs(repo garden): improve func godoc * fix: ignore `nilerr` on intentionally swallowed error * fix: resolve `nilerr` issues * fix: resolve `copyloopvar` issues * fix: resolve `gocritic` issue * test(pkg/httpmock): ignore `bodyclose` on mock response value * refactor(repo garden): return pagination link instead of resp * fix: close resp body (bodyclose) * refactor: remove returned resp from `api.EndpointNeedsScopes` * refactor(pkg/search): remove passing resp for pagination * ci: enable basic linters * Update lint govulncheck to use source mode * chore: add `workflow_dispatch` to govulncheck triggers * Add example for --custom-agent usage * Update error messages in job creation tests * Update pkg/cmd/agent-task/capi/job.go * Add shorthand flag for custom-agent option * Fix: do not swallow job creation error * Clarify custom agent flag description * Add custom agent support to job creation * docs(release list): fix typo * docs(release list): reword comment * feat(release list): add `isImmutable` JSON field * fix(featuredetection): add `ReleaseFeatures` method * docs(api): add example for `--input` option * docs(api): mention use of `@<path>` and `@-` for `--field` * docs: update go version 1.25 * refactor: replace backport with `strings.CutSuffix` * chore: exclude `third-party` from Golangci-lint formatting paths * chore: bump Go in devcontainer * chore: apply `go fix` to remove deprecated `// +build` tags * fix: --interval flags docs in gh pr checks * test(gist/edit): add tests for single file edit and interactive multi-file selection * Update Go toolchain version to 1.24.9 * docs(run list): mention `pr checks` in help docs * ci: bump Golangci-lint to v2.6.0 * chore(deps): bump golang.org/x/crypto from 0.42.0 to 0.43.0 * chore(deps): bump golang.org/x/text from 0.29.0 to 0.30.0 * test(gist): fix failing tests * fix(gist): prevent fetching full content for already edited files * fix(gist): only include files that have changed in request * fix(gist): fetch full content for truncated files during editing * (repo delete) remove comprehensive assertions on check stderr output * Fix typo in comment for gh issue develop branch checkout command * (gh repo delete) Add warning when `--yes` is ignored without a repository, Closes: #12033 * chore(deps): bump github.com/rivo/tview * chore(deps): bump actions/download-artifact from 5 to 6 * chore(deps): bump actions/upload-artifact from 4 to 5 * Remove skipped tests * Make verifier choice more explicit * Return only basic pull request info when reverting a PR * chore(deps): bump mislav/bump-homebrew-formula-action from 3.4 to 3.6 * chore(deps): bump goreleaser/goreleaser-action from 6.3.0 to 6.4.0 * test fixup * Update release verify commands to use sentinel value * Initial plan * Make PGI verifier initialization non-fatal to allow GitHub attestation verification * Initial plan * improve docstring for release-create * Bump Go to 1.25.3 * Address remaining PR comments for revert implementation * Adjust PR revert based on new acceptance criteria * Return nil when err is nil * Fix revert unit tests by using renamed helper * feat: include revert PR info in message output * Undo autoformat changes * feat: implement `pr revert` * test(gist): add tests for handling truncated files in view command * test(gist): add tests for editing truncated gist files * test(gist): add tests for `GetRawGistFile` function * feat(gist): retrieve full content for truncated gist files * feat(gist): retrieve full content for truncated gist files * feat(gist): add `GetRawGistFile` function to retrieve raw gist content * feat(gist): add `RawURL` and `Truncated` fields to `GistFile` - Update to version 2.82.1: * Add test for non-interactive projects v1 unsupported * Inject Detector mock in edit command tests * Pass ProjectsV1Support to FetchOptions functions * chore(deps): bump github.com/gabriel-vasile/mimetype * Update .github/workflows/govulncheck.yml * chore(deps): bump github/codeql-action from 3 to 4 * chore(deps): Bump github.com/sigstore/sigstore-go from 1.1.0 to 1.1.3 * chore(deps): bump actions/attest-build-provenance from 2.4.0 to 3.0.0 - Update to version 2.82.0: * chore: run `go mod tidy` * refactor(auth refresh): use `PlainHttpClient` instead of zero `http.Client` * refactor(auth login): use `PlainHttpClient` for OAuth flow * refactor(authflow): receive HTTP client via args * fix(factory): add `PlainHttpClient` to factory * test(api): assert `SkipDefaultHeaders` is honoured * fix(api): expose `SkipDefaultHeaders` option * test(api): improve `NewHTTPClient` test assertions * Fix agentTaskCmd to use repoResolvingCmdFactory * Add new displaying message to test expectation * Fix --follow not killing the progress indicator * Apply suggestion from @babakks * Apply suggestion from @babakks * Fix argument order in httpStubs test functions * docs(cache delete): remove redundant comment * docs(cache delete): add godoc for `deleteCacheByKey` * Remove default empty slices in RemovePullRequestReviews * Fix typo in error message for required flags * Refactor reviewer partitioning in PR edit command * Escape repo owner and name in PR reviewer API paths * Remove unused ghIds function and githubv4 import * fix(cache): report correct deleted count for key and key+ref deletions * Refactor PR reviewer editing to use REST API and optimize team fetch gh-2.83.2-bp157.2.15.1.src.rpm gh-2.83.2-bp157.2.15.1.x86_64.rpm gh-bash-completion-2.83.2-bp157.2.15.1.noarch.rpm gh-fish-completion-2.83.2-bp157.2.15.1.noarch.rpm gh-zsh-completion-2.83.2-bp157.2.15.1.noarch.rpm gh-2.83.2-bp157.2.15.1.i586.rpm gh-2.83.2-bp157.2.15.1.aarch64.rpm gh-2.83.2-bp157.2.15.1.ppc64le.rpm gh-2.83.2-bp157.2.15.1.s390x.rpm openSUSE-2025-484 moderate openSUSE Backports SLE-15-SP7 Update This update for timescaledb fixes the following issues: - postgresql18 enablement. - Update to version 2.24.0 This release contains performance improvements and bug fixes since the 2.23.1 release. We recommend that you upgrade at the next available opportunity. Highlighted features in TimescaleDB v2.24.0 - Direct Compress just got smarter and faster: it now works seamlessly with hypertables generating continuous aggregates. Invalidation ranges are computed directly in-memory based on the ingested batches and written efficiently at transaction commit. This change reduces the IO footprint drastically by removing the write amplification of the invalidation logs. - Continuous aggregates now speak UUIDv7: hypertables partitioned by UUIDv7 are fully supported through an enhanced time_bucket that accepts UUIDv7 values and returns precise, timezone-aware timestamps — unlocking powerful time-series analytics on modern UUID-driven table schemas. - Lightning-fast recompression: the new recompress := true option on the compress_chunk API enables pure in-memory recompression, delivering a 4–5× speed boost over the previous disk-based process. - ARM support for bloom filters The sparse bloom filter indexes will stop working after upgrade to 2.24. If you are affected by this problem, the warning "bloom filter sparse indexes require action to re-enable" will appear in the Postgres log during upgrade. In versions before 2.24, the hashing scheme of the bloom filter sparse indexes used to depend on the build options of the TimescaleDB executables. These options are set by the package publishers and might differ between different package sources or even versions. After upgrading to a version with different postgresql15-timescaledb-2.24.0-bp157.2.5.1.src.rpm postgresql15-timescaledb-2.24.0-bp157.2.5.1.x86_64.rpm postgresql16-timescaledb-2.24.0-bp157.2.5.1.src.rpm postgresql16-timescaledb-2.24.0-bp157.2.5.1.x86_64.rpm postgresql17-timescaledb-2.24.0-bp157.2.5.1.src.rpm postgresql17-timescaledb-2.24.0-bp157.2.5.1.x86_64.rpm postgresql18-timescaledb-2.24.0-bp157.2.5.1.src.rpm postgresql18-timescaledb-2.24.0-bp157.2.5.1.x86_64.rpm postgresql15-timescaledb-2.24.0-bp157.2.5.1.i586.rpm postgresql16-timescaledb-2.24.0-bp157.2.5.1.i586.rpm postgresql17-timescaledb-2.24.0-bp157.2.5.1.i586.rpm postgresql18-timescaledb-2.24.0-bp157.2.5.1.i586.rpm postgresql15-timescaledb-2.24.0-bp157.2.5.1.aarch64.rpm postgresql16-timescaledb-2.24.0-bp157.2.5.1.aarch64.rpm postgresql17-timescaledb-2.24.0-bp157.2.5.1.aarch64.rpm postgresql18-timescaledb-2.24.0-bp157.2.5.1.aarch64.rpm postgresql15-timescaledb-2.24.0-bp157.2.5.1.ppc64le.rpm postgresql16-timescaledb-2.24.0-bp157.2.5.1.ppc64le.rpm postgresql17-timescaledb-2.24.0-bp157.2.5.1.ppc64le.rpm postgresql18-timescaledb-2.24.0-bp157.2.5.1.ppc64le.rpm postgresql15-timescaledb-2.24.0-bp157.2.5.1.s390x.rpm postgresql16-timescaledb-2.24.0-bp157.2.5.1.s390x.rpm postgresql17-timescaledb-2.24.0-bp157.2.5.1.s390x.rpm postgresql18-timescaledb-2.24.0-bp157.2.5.1.s390x.rpm openSUSE-2025-482 important openSUSE Backports SLE-15-SP7 Update This update for cheat fixes the following issues: Security: * CVE-2025-47913: Fix client process termination (boo#1253593) * CVE-2025-58181: Fix potential unbounded memory consumption (boo#1253922) * CVE-2025-47914: Fix panic due to an out of bounds read (boo#1254051) * Replace golang.org/x/crypto=golang.org/x/crypto@v0.45.0 * Replace golang.org/x/net=golang.org/x/net@v0.47.0 * Replace golang.org/x/sys=golang.org/x/sys@v0.38.0 - Packaging improvements: * Service go_modules replace dependencies with CVEs * Replace github.com/cloudflare/circl=github.com/cloudflare/circl@v1.6.1 Fix GO-2025-3754 GHSA-2x5j-vhc8-9cwm * Replace golang.org/x/net=golang.org/x/net@v0.36.0 Fixes GO-2025-3503 CVE-2025-22870 * Replace golang.org/x/crypto=golang.org/x/crypto@v0.35.0 Fixes GO-2023-2402 CVE-2023-48795 GHSA-45x7-px36-x8w8 Fixes GO-2025-3487 CVE-2025-22869 * Replace github.com/go-git/go-git/v5=github.com/go-git/go-git/v5@v5.13.0 Fixes GO-2025-3367 CVE-2025-21614 GHSA-r9px-m959-cxf4 Fixes GO-2025-3368 CVE-2025-21613 GHSA-v725-9546-7q7m * Service tar_scm set mode manual from disabled * Service tar_scm create archive from git so we can exclude vendor directory upstream committed to git. Committed vendor directory contents have build issues even after go mod tidy. * Service tar_scm exclude dir vendor * Service set_version set mode manual from disabled * Service set_version remove param basename not needed - boo#1247629 (CVE-2025-21613): * Use go-git 5.13.0 via replace in _service cheat-4.4.2-bp157.2.3.1.src.rpm cheat-4.4.2-bp157.2.3.1.x86_64.rpm cheat-4.4.2-bp157.2.3.1.i586.rpm cheat-4.4.2-bp157.2.3.1.aarch64.rpm cheat-4.4.2-bp157.2.3.1.ppc64le.rpm cheat-4.4.2-bp157.2.3.1.s390x.rpm openSUSE-2025-483 important openSUSE Backports SLE-15-SP7 Update This update for go-sendxmpp fixes the following issues: Update to 0.15.1: - Added * Add XEP-0359 Origin-ID to messages (requires go-xmpp >= v0.2.18). - Changed * HTTP upload: Ignore timeouts on disco IQs as some components do not reply. Upgrades the embedded golang.org/x/net to 0.46.0 * Fixes: boo#1251461, CVE-2025-47911: various algorithms with quadratic complexity when parsing HTML documents * Fixes: boo#1251677, CVE-2025-58190: excessive memory consumption by 'html.ParseFragment' when processing specially crafted input go-sendxmpp-0.15.1-bp157.2.6.1.src.rpm go-sendxmpp-0.15.1-bp157.2.6.1.x86_64.rpm go-sendxmpp-0.15.1-bp157.2.6.1.i586.rpm go-sendxmpp-0.15.1-bp157.2.6.1.aarch64.rpm go-sendxmpp-0.15.1-bp157.2.6.1.ppc64le.rpm go-sendxmpp-0.15.1-bp157.2.6.1.s390x.rpm openSUSE-2025-485 moderate openSUSE Backports SLE-15-SP7 Update This update for rpmrebuild fixes the following issues: update to 2.21: * allow multiline spec changes (Michel Bourget) * fix rpm2archive syntax for rhel 9 (Blair Zajac) * skip install test for gpg-pubkey packages update to 2.20: * cpio is legacy, replace it by tar (rpm2cpio => rpm2archive) * remove warning : Explicit %attr() mode not applicable to symlink * bugfix : the comment-missing option was not working on rpm files * tests : clean generated files * tests : only use RPMREBUILD_IGNORE_FILE_ERROR if necessary * tests : add test numbers in code * fix build on fedora 41 (buildroot) * use RPMREBUILD_NOQUOTE on some distribution if filenames contains meta-car * bugfix comment missing with spec-only on rpm file * bugfix file with space update to 2.19: * Set the directory mode to '-' instead of omit (xujing) * support filetrigger (merged from github repo) * fix IsPackageInstalled code * fix trailing space (yixian) * fix backslash in filename * add rpm tag BUGURL * add rpm tag VCS * new plugin empty_section * add in specfile a guide to use rpmbuild if spec-only * new plugin replacefile * new env variable RPMREBUILD_IGNORE_FILE_ERROR (allow to work if not root) update to 2.18: * bugs fix (thanks xujing) rpmrebuild-2.21-bp157.2.3.1.noarch.rpm rpmrebuild-2.21-bp157.2.3.1.src.rpm openSUSE-2025-486 moderate openSUSE Backports SLE-15-SP7 Update This update for icinga-php-thirdparty fixes the following issues: Update to 0.13.1 - No changelog from upstream. icinga-php-thirdparty-0.13.1-bp157.2.3.1.noarch.rpm icinga-php-thirdparty-0.13.1-bp157.2.3.1.src.rpm openSUSE-2025-487 moderate openSUSE Backports SLE-15-SP7 Update This update for duc fixes the following issues: Update to 1.4.6: * new: added LICENCE to 'make release' target * fix: fixed logic error in buffer_get() (boo#1254566, CVE-2025-13654) * cha: updated tests duc-1.4.6-bp157.2.3.1.src.rpm duc-1.4.6-bp157.2.3.1.x86_64.rpm duc-1.4.6-bp157.2.3.1.i586.rpm duc-1.4.6-bp157.2.3.1.aarch64.rpm duc-1.4.6-bp157.2.3.1.ppc64le.rpm duc-1.4.6-bp157.2.3.1.s390x.rpm openSUSE-2025-489 important openSUSE Backports SLE-15-SP7 Update This update for trivy fixes the following issues: Update to version 0.68.2: * fix(deps): bump alpine from `3.22.1` to `3.23.0` [backport: release/v0.68] (#9949) * ci: enable `check-latest` for `setup-go` [backport: release/v0.68] (#9946) Update to version 0.68.1 (boo#1251363, CVE-2025-47911, boo#1251547, CVE-2025-58190, boo#1253512, CVE-2025-47913, boo#1253512, CVE-2025-47913, boo#1253786, CVE-2025-58181, boo#1253977, CVE-2025-47914): * fix: update cosing settings for GoReleaser after bumping cosing to v3 (#9863) * chore(deps): bump the testcontainers group with 2 updates (#9506) * feat(aws): Add support for dualstack ECR endpoints (#9862) * fix(vex): use a separate `visited` set for each DFS path (#9760) * docs: catch some missed docs -> guide (#9850) * refactor(misconf): parse azure_policy_enabled to addonprofile.azurepolicy.enabled (#9851) * chore(cli): Remove Trivy Cloud (#9847) * fix(misconf): ensure value used as ignore marker is non-null and known (#9835) * fix(misconf): map healthcheck start period flag to --start-period instead of --startPeriod (#9837) * chore(deps): bump the docker group with 3 updates (#9776) * chore(deps): bump golang.org/x/crypto from 0.41.0 to 0.45.0 (#9827) * chore(deps): bump the common group across 1 directory with 20 updates (#9840) * feat(image): add Sigstore bundle SBOM support (#9516) * chore(deps): bump the aws group with 7 updates (#9691) * test(k8s): update k8s integrtion test (#9725) * chore(deps): bump github.com/containerd/containerd from 1.7.28 to 1.7.29 (#9764) * feat(sbom): add support for SPDX attestations (#9829) * docs(misconf): Remove duplicate sections (#9819) * feat(misconf): Update Azure network schema for new checks (#9791) * feat(misconf): Update AppService schema (#9792) * fix(misconf): ensure boolean metadata values are correctly interpreted (#9770) * feat(misconf): support https_traffic_only_enabled in Az storage account (#9784) * docs: restructure docs for new hosting (#9799) * docs(server): fix info about scanning licenses on the client side. (#9805) * ci: remove unused preinstalled software/images for build tests to free up disk space. (#9814) * feat(report): add fingerprint generation for vulnerabilities (#9794) * chore: trigger the trivy-www workflow (#9737) * fix: update all documentation links (#9777) * feat(suse): Add new openSUSE, Micro and SLES releases end of life dates (#9788) * test(go): set `GOPATH` for tests (#9785) * feat(flag): add `--cacert` flag (#9781) * fix(misconf): handle unsupported experimental flags in Dockerfile (#9769) * test(go): refactor mod_test.go to use txtar format (#9775) * docs: Fix typos and linguistic errors in documentation / hacktoberfest (#9586) * chore(deps): bump github.com/opencontainers/selinux from 1.12.0 to 1.13.0 (#9778) * chore(deps): bump github.com/containerd/containerd/v2 from 2.1.4 to 2.1.5 (#9763) * fix(java): use `true` as default value for Repository Release|Snapshot Enabled in pom.xml and settings.xml files (#9751) * docs: add info that `SSL_CERT_FILE` works on `Unix systems other than macOS` only (#9772) * docs: change SecObserve URLs in documentatio (#9771) * feat(db): enable concurrent access to vulnerability database (#9750) * feat(misconf): add agentpools to azure container schema (#9714) * feat(report): switch ReportID from UUIDv4 to UUIDv7 (#9749) * feat(misconf): Update Azure Compute schema (#9675) * feat(misconf): Update azure storage schema (#9728) * feat(misconf): Update SecurityCenter schema (#9674) * feat(image): pass global context to docker/podman image save func (#9733) * chore(deps): bump the github-actions group with 4 updates (#9739) * fix(flag): remove viper.SetDefault to fix IsSet() for config-only flags (#9732) * feat(license): use separate SPDX ids to ignore SPDX expressions (#9087) * feat(dotnet): add dependency graph support for .deps.json files (#9726) * feat(misconf): Add support for configurable Rego error limit (#9657) * feat(misconf): Add RoleAssignments attribute (#9396) * feat(report): add image reference to report metadata (#9729) * fix(os): Add photon 5.0 in supported OS (#9724) * fix(license): handle SPDX WITH exceptions as single license in category detection (#9380) * refactor: add case-insensitive string set implementation (#9720) * feat: include registry and repository in artifact ID calculation (#9689) * feat(java): add support remote repositories from settings.xml files (#9708) * fix(sbom): don’t panic on SBOM format if scanned CycloneDX file has empty metadata (#9562) * docs: update vulnerability reporting guidelines in SECURITY.md (#9395) * docs: add info about `java-db` subdir (#9706) * fix(report): correct field order in SARIF license results (#9712) * test: improve golden file management in integration tests (#9699) * ci: get base_sha using base.ref (#9704) * refactor(misconf): mark AVDID fields as deprecated and use ID internally (#9576) * fix(nodejs): fix npmjs parser.pkgNameFromPath() panic issue (#9688) * fix: close all opened resources if an error occurs (#9665) * refactor(misconf): type-safe parser results in generic scanner (#9685) * feat(image): add RepoTags support for Docker archives (#9690) * chore(deps): bump github.com/quic-go/quic-go from 0.52.0 to 0.54.1 (#9694) * feat(misconf): Update Azure Container Schema (#9673) * ci: use merge commit for apidiff to avoid false positives (#9622) * feat(misconf): include map key in manifest snippet for diagnostics (#9681) * refactor(misconf): add ManifestFromYAML for unified manifest parsing (#9680) * test: update golden files for TestRepository* integration tests (#9684) * refactor(cli): Update the cloud config command (#9676) * fix(sbom): add `buildInfo` info as properties (#9683) * feat: add ReportID field to scan reports (#9670) * docs: add vulnerability database contribution guide (#9667) * feat(cli): Add trivy cloud suppport (#9637) * feat: add ArtifactID field to uniquely identify scan targets (#9663) * fix(nodejs): use the default ID format to match licenses in pnpm packages. (#9661) * feat(sbom): use SPDX license IDs list to validate SPDX IDs (#9569) * fix: use context for analyzers (#9538) * chore(deps): bump the docker group with 3 updates (#9545) * chore(deps): bump the aws group with 6 updates (#9547) * ci(helm): bump Trivy version to 0.67.2 for Trivy Helm Chart 0.19.1 (#9641) * test(helm): bump up Yamale dependency for Helm chart-testing-action (#9653) * fix: Trim the end-of-range suffix (#9618) * test(k8s): use a specific bundle for k8s misconfig scan (#9633) * fix: Use `fetch-level: 1` to check out trivy-repo in the release workflow (#9636) * refactor: move the aws config (#9617) * fix(license): don't normalize `unlicensed` licenses into `unlicense` (#9611) * fix: using SrcVersion instead of Version for echo detector (#9552) * feat(fs): change artifact type to repository when git info is detected (#9613) * fix: add `buildInfo` for `BlobInfo` in `rpc` package (#9608) * fix(vex): don't use reused BOM (#9604) * ci: use pull_request_target for apidiff workflow to support fork PRs (#9605) * fix: restore compatibility for google.protobuf.Value (#9559) * ci: add API diff workflow (#9600) * chore(deps): update to module-compatible docker-credential-gcr/v2 (#9591) * docs: improve documentation for scanning raw IaC configurations (#9571) * feat: allow ignoring findings by type in Rego (#9578) * docs: bump pygments from 2.18.0 to 2.19.2 (#9596) * refactor(misconf): add ID to scan.Rule (#9573) * fix(java): update order for resolving package fields from multiple demManagement (#9575) * chore(deps): bump the github-actions group across 1 directory with 9 updates (#9563) * chore(deps): bump the common group across 1 directory with 7 updates (#9590) * chore(deps): Switch to go-viper/mapstructure (#9579) * chore: add context to the cache interface (#9565) * ci(helm): bump Trivy version to 0.67.0 for Trivy Helm Chart 0.19.0 (#9554) * fix: validate backport branch name (#9548) Update to version 0.67.2 (boo#1250625, CVE-2025-11065, boo#1248897, CVE-2025-58058): * fix: Use `fetch-level: 1` to check out trivy-repo in the release workflow [backport: release/v0.67] (#9638) * fix: restore compatibility for google.protobuf.Value [backport: release/v0.67] (#9631) * fix: using SrcVersion instead of Version for echo detector [backport: release/v0.67] (#9629) * fix: add `buildInfo` for `BlobInfo` in `rpc` package [backport: release/v0.67] (#9615) * fix(vex): don't use reused BOM [backport: release/v0.67] (#9612) * fix(vex): don't suppress vulns for packages with infinity loop (#9465) * fix(aws): use `BuildableClient` insead of `xhttp.Client` (#9436) * refactor(misconf): replace github.com/liamg/memoryfs with internal mapfs and testing/fstest (#9282) * docs: clarify inline ignore limitations for resource-less checks (#9537) * fix(k8s): disable parallel traversal with fs cache for k8s images (#9534) * fix(misconf): handle tofu files in module detection (#9486) * feat(seal): add seal support (#9370) * docs: fix modules path and update code example (#9539) * fix: close file descriptors and pipes on error paths (#9536) * feat: add documentation URL for database lock errors (#9531) * fix(db): Dowload database when missing but metadata still exists (#9393) * feat(cloudformation): support default values and list results in Fn::FindInMap (#9515) * fix(misconf): unmark cty values before access (#9495) * feat(cli): change --list-all-pkgs default to true (#9510) * fix(nodejs): parse workspaces as objects for package-lock.json files (#9518) * refactor(fs): use underlyingPath to determine virtual files more reliably (#9302) * refactor: remove google/wire dependency and implement manual DI (#9509) * chore(deps): bump the aws group with 6 updates (#9481) * chore(deps): bump the common group across 1 directory with 24 updates (#9507) * fix(misconf): wrap legacy ENV values in quotes to preserve spaces (#9497) * docs: move info about `detection priority` into coverage section (#9469) * feat(sbom): added support for CoreOS (#9448) * fix(misconf): strip build metadata suffixes from image history (#9498) * feat(cyclonedx): preserve SBOM structure when scanning SBOM files with vulnerability updates (#9439) * docs: Fix typo in terraform docs (#9492) * feat(redhat): add os-release detection for RHEL-based images (#9458) * ci(deps): add 3-day cooldown period for Dependabot updates (#9475) * refactor: migrate from go-json-experiment to encoding/json/v2 (#9422) * fix(vuln): compare `nuget` package names in lower case (#9456) * chore: Update release flow to include chocolatey (#9460) * docs: document eol supportability (#9434) * docs(report): add nuanses about secret/license scanner in summary table (#9442) * ci: use environment variables in GitHub Actions for improved security (#9433) * chore: bump Go to 1.24.7 (#9435) * fix(nodejs): use snapshot string as `Package.ID` for pnpm packages (#9330) * ci(helm): bump Trivy version to 0.66.0 for Trivy Helm Chart 0.18.0 (#9425) - Fix version number shown for 'trivy -v' Update to version 0.66.0 (boo#1248937, CVE-2025-58058): * chore(deps): bump the aws group with 7 updates (#9419) * refactor(secret): clarify secret scanner messages (#9409) * fix(cyclonedx): handle multiple license types (#9378) * fix(repo): sanitize git repo URL before inserting into report metadata (#9391) * test: add HTTP basic authentication to git test server (#9407) * fix(sbom): add support for `file` component type of `CycloneDX` (#9372) * fix(misconf): ensure module source is known (#9404) * ci: migrate GitHub Actions from version tags to SHA pinning (#9405) * fix: create temp file under composite fs dir (#9387) * chore(deps): bump github.com/ulikunitz/xz from 0.5.12 to 0.5.14 (#9403) * refactor: switch to stable azcontainerregistry SDK package (#9319) * chore(deps): bump the common group with 7 updates (#9382) * refactor(misconf): migrate from custom Azure JSON parser (#9222) * fix(repo): preserve RepoMetadata on FS cache hit (#9389) * refactor(misconf): use atomic.Int32 (#9385) * chore(deps): bump the aws group with 6 updates (#9383) * docs: Fix broken link to "Built-in Checks" (#9375) * fix(plugin): don't remove plugins when updating index.yaml file (#9358) * fix: persistent flag option typo (#9374) * chore(deps): bump the common group across 1 directory with 26 updates (#9347) * fix(image): use standardized HTTP client for ECR authentication (#9322) * refactor: export `systemFileFiltering` Post Handler (#9359) * docs: update links to Semaphore pages (#9352) * fix(conda): memory leak by adding closure method for `package.json` file (#9349) * feat: add timeout handling for cache database operations (#9307) * fix(misconf): use correct field log_bucket instead of target_bucket in gcp bucket (#9296) * fix(misconf): ensure ignore rules respect subdirectory chart paths (#9324) * chore(deps): bump alpine from 3.21.4 to 3.22.1 (#9301) * feat(terraform): use .terraform cache for remote modules in plan scanning (#9277) * chore: fix some function names in comment (#9314) * chore(deps): bump the aws group with 7 updates (#9311) * docs: add explanation for how to use non-system certificates (#9081) * chore(deps): bump the github-actions group across 1 directory with 2 updates (#8962) * fix(misconf): preserve original paths of remote submodules from .terraform (#9294) * refactor(terraform): make Scan method of Terraform plan scanner private (#9272) * fix: suppress debug log for context cancellation errors (#9298) * feat(secret): implement streaming secret scanner with byte offset tracking (#9264) * fix(python): impove package name normalization (#9290) * feat(misconf): added audit config attribute (#9249) * refactor(misconf): decouple input fs and track extracted files with fs references (#9281) * test(misconf): remove BenchmarkCalculate using outdated check metadata (#9291) * refactor: simplify Detect function signature (#9280) * ci(helm): bump Trivy version to 0.65.0 for Trivy Helm Chart 0.17.0 (#9288) * fix(fs): avoid shadowing errors in file.glob (#9286) * test(misconf): move terraform scan tests to integration tests (#9271) * test(misconf): drop gcp iam test covered by another case (#9285) * chore(deps): bump to alpine from `3.21.3` to `3.21.4` (#9283) Update to version 0.65.0: * fix(cli): ensure correct command is picked by telemetry (#9260) * feat(flag): add schema validation for `--server` flag (#9270) * chore(deps): bump github.com/docker/docker from 28.3.2+incompatible to 28.3.3+incompatible (#9274) * ci: skip undefined labels in discussion triage action (#9175) * feat(repo): add git repository metadata to reports (#9252) * fix(license): handle WITH operator for `LaxSplitLicenses` (#9232) * chore: add modernize tool integration for code modernization (#9251) * fix(secret): add UTF-8 validation in secret scanner to prevent protobuf marshalling errors (#9253) * chore: implement process-safe temp file cleanup (#9241) * fix: prevent graceful shutdown message on normal exit (#9244) * fix(misconf): correctly parse empty port ranges in google_compute_firewall (#9237) * feat: add graceful shutdown with signal handling (#9242) * chore: update template URL for brew formula (#9221) * test: add end-to-end testing framework with image scan and proxy tests (#9231) * refactor(db): use `Getter` interface with `GetParams` for trivy-db sources (#9239) * ci: specify repository for `gh cache delete` in canary worklfow (#9240) * ci: remove invalid `--confirm` flag from `gh cache delete` command in canary builds (#9236) * fix(misconf): fix log bucket in schema (#9235) * chore(deps): bump the common group across 1 directory with 24 updates (#9228) * ci: move runner.os context from job-level env to step-level in canary workflow (#9233) * chore(deps): bump up Trivy-kubernetes to v0.9.1 (#9214) * feat(misconf): added logging and versioning to the gcp storage bucket (#9226) * fix(server): add HTTP transport setup to server mode (#9217) * chore: update the rpm download Update (#9202) * feat(alma): add AlmaLinux 10 support (#9207) * fix(nodejs): don't use prerelease logic for compare npm constraints (#9208) * fix(rootio): fix severity selection (#9181) * fix(sbom): merge in-graph and out-of-graph OS packages in scan results (#9194) * fix(cli): panic: attempt to get os.Args[1] when len(os.Args) < 2 (#9206) * fix(misconf): correctly adapt azure storage account (#9138) * feat(misconf): add private ip google access attribute to subnetwork (#9199) * feat(report): add CVSS vectors in sarif report (#9157) * fix(terraform): `for_each` on a map returns a resource for every key (#9156) * fix: supporting .egg-info/METADATA in python.Packaging analyzer (#9151) * chore: migrate protoc setup from Docker to buf CLI (#9184) * ci: delete cache after artifacts upload in canary workflow (#9177) * refactor: remove aws flag helper message (#9080) * ci: use gh pr view to get PR number for forked repositories in auto-ready workflow (#9183) * ci: add auto-ready-for-review workflow (#9179) * feat(image): add Docker context resolution (#9166) * ci: optimize golangci-lint performance with cache-based strategy (#9173) * feat: add HTTP request/response tracing support (#9125) * fix(aws): update amazon linux 2 EOL date (#9176) * chore: Update release workflow to trigger version updates (#9162) * chore(deps): bump helm.sh/helm/v3 from 3.18.3 to 3.18.4 (#9164) * fix: also check `filepath` when removing duplicate packages (#9142) * chore: add debug log to show image source location (#9163) * docs: add section on customizing default check data (#9114) * chore(deps): bump the common group across 1 directory with 9 updates (#9153) * docs: partners page content updates (#9149) * chore(license): add missed spdx exceptions: (#9147) * docs: trivy partners page updates (#9133) * fix: migrate from `*.list` to `*.md5sums` files for `dpkg` (#9131) * ci(helm): bump Trivy version to 0.64.1 for Trivy Helm Chart 0.16.1 (#9135) * feat(sbom): add SHA-512 hash support for CycloneDX SBOM (#9126) * fix(misconf): skip rewriting expr if attr is nil (#9113) * fix(license): add missed `GFDL-NIV-1.1` and `GFDL-NIV-1.2` into Trivy mapping (#9116) * fix(cli): Add more non-sensitive flags to telemetry (#9110) * fix(alma): parse epochs from rpmqa file (#9101) * fix(rootio): check full version to detect `root.io` packages (#9117) * chore: drop FreeBSD 32-bit support (#9102) * fix(sbom): use correct field for licenses in CycloneDX reports (#9057) * fix(secret): fix line numbers for multiple-line secrets (#9104) * feat(license): observe pkg types option in license scanner (#9091) * ci(helm): bump Trivy version to 0.64.0 for Trivy Helm Chart 0.16.0 (#9107) - Update to version 0.64.1 (boo#1243633, CVE-2025-47291, (boo#1246730, CVE-2025-46569): - Update to version 0.62.1 (boo#1239225, CVE-2025-22868, boo#1241724, CVE-2025-22872): - Update to version 0.61.1 (boo#1239385, CVE-2025-22869, boo#1240466, CVE-2025-30204): trivy-0.68.2-bp157.2.6.1.src.rpm trivy-0.68.2-bp157.2.6.1.x86_64.rpm trivy-0.68.2-bp157.2.6.1.i586.rpm trivy-0.68.2-bp157.2.6.1.aarch64.rpm trivy-0.68.2-bp157.2.6.1.ppc64le.rpm trivy-0.68.2-bp157.2.6.1.s390x.rpm openSUSE-2026-1 moderate openSUSE Backports SLE-15-SP7 Update This update for wsdd fixes the following issues: - Drop rcwsdd symlink [jsc#PED-266] Update to 0.9: * Add command line argument to set source port for multicast message for better firewall interoperability * Add initial support for SunOS (#223), without dynamic address/interface monitoring. Thanks to Carsten Grzemba. * Add Socket-activated systemd service (#218). Thanks to Alessandro Astone. * Devices are now recorded based on their URI provided in the endpoint reference address, which is not neccessarily a UUID. This also affects API (see #226). * make `/etc/default/wsdd` optional for systemd (see #212) * Remove support for Python 3.7 and 3.8 in Github workflows. * Clean conection turn-down for Python pre-3.13. Thanks to Alessandro Astone * Handle TimeoutError in metadata exchange. * Proper handling of endpoint addresses as URIs, not UUIDs, see #226. Update to version 0.8: * Configuration files for firewalld added * Show device type and allow filtering in API's list command * Add option --metadata-timeout to set the timeout for the HTTP-based metadata exchange * The employed UUID is now read from /etc/{machine-id,hostid} before falling by back to the UUID derivation from the host name. * Handle addresses with zone id by ignoring the interface part * Do not crash with asyncio future error when non-existing interface is provided - Remove some bashism from wsdd-init.sh - Use the unmodified service files from wsdd for Leap 15.5 and below, else reuse ws-discovery-udp service from firewalld - remove dependency on /usr/bin/python3 using %python3_fix_shebang macro, [boo#1212476] - Fix previous change: really limit the forced change to python 3.10 on suse_version <= 1500 (up to SLE/Leap 15); newer products already use python 3.10 (or newer) as default. Update to version 0.7.1: * GitHub workflow for static analyses added (syntax, format, and type checks are performed). * Added EnvironmentFile and according example for systemd-based distros. * Make wsdd work (again) on MacOS (#139). Thanks to Eugene Gershnik. * Application profile for UFW has been added (#169) * Use of implicitly present async I/O loop instead created one for API servers. Fixes regression due to changed API in Python 3.10 (see #162) * Source code is spiced with type hints now. * man page moved to section 8. - Include ws-discovey-udp service from firewalld 1.0 as part of wsdd.xml - Add CONFIG parameter to %sysusers_generate_pre Version 0.7.0: * Using the server interface it is now possible to start and stop the host functionality (discoverable device) without terminating and restarting the daemon. * Support multiple IP addresses in 'hello' messages from other hosts (#89) * Support interfaces with IPv6-only configuration (#94) * Re-enable 'probe' command of API (#116) * Removed code marked as deprecated starting with Python 3.10. * The example systemd unit file now uses DynamicUser instead of the unsafe nobody:nobody combination. It also employs the rundir as chroot directory. * Code changed to use asyncio instead of selector-based * The server interface does not close connections after each command anymore. * For the 'list' command of the server interface, the list of discovered devices is terminated with a line containing only a single dot ('.') * Log device discovery only once per address and interface - Some systemd hardening - stop owning directories provided by filesystem rpm (boo#1184786) - Remove unneccessary (and deprecated) PermissionsStartOnly=true (boo#1184446). - Add %sysusers_requires: we are creating users in pre, thus need to ensure to have the tooling ready prior to package installation (boo#1183047). - Use sysuser-tools for creation of the wsdd user and group - Do not hijack the /run/sysconfig folder anymore - Add missing '/' - Fix a missed place for use of %{_tmpfilesdir} - Cleanup spec file * Use %{_tmpfilesdir} instead of explicit path * Fix requirements for %fillup_only - Version 0.6.4 * send proper HTTP status codes in case of server side errors * send unicast and multicast UDP traffic in a standard-compliant fashion * add -V/--version option * copyright year update - Version 0.6.3 * Skip Netlink messages smaller than 4 bytes correctly (#77, and maybe #59). * Messages are sent via the correct socket to comply with the intended/specified message flow. This also eases the firewall configuration (#72). * Include instructions for adding repository keys under Debian/Ubuntu in README. - Run spec-cleaner - Version 0.6.2 * Lowered priority of non-essential, protocol-related and internal log messages (#53). * Do not use PID in Netlink sockets in order to avoid issues with duplicated PIDs, e.g., when Docker is used. * Prevent exceptions due to invalid incoming messages. * HTTP server address family wrong when interface address is added (#62) * Fixed error when interface address is removed (#62) - Fix use of /usr/lib and /usr/libexec - Version 0.6.1 * ignore unknown interface indexes from Netlink message on Linux (caused "error in main loop") * prevent hosts from not being discovered due to misplaced socket registration at selector - Version 0.6 * new operation 'discovery' operation mode to scan for other hosts, exposed via minimalistic socket-based API * improved handling of address changes (prevents termination when system is currently starting up but no IP address has been assigned) * usage of tentative IPv6 addresses is avoided on Linux * chroot now works also an machines with international domain/host name * fixed handling of invalid messages * improved FreeBSD rc.d script * code heavily refactored - Fix handling of WSDD_WORKGROUP - Let WSDD_DOMAIN override WSDD_WORKGROUP - Use wsdd for user and group of the ghost directories - Replace wsdd-wrapper by an ExecStartPre script - Change the "WSD_" variable prefix by "WSDD_" - Run wsdd as user and group wsdd - Run wsdd in a chroot folder - Merge firewall files into one - Update to version 0.5 - Remove unneeded _service file - Remove debug output - Respect libexecdir in systemd service file - Determine domain, and/or hostname - Move wssd back to /usr/bin - Reload firewalld services - Remove fillup_prereq post requires - Initial package wsdd-0.9-bp157.2.1.noarch.rpm wsdd-0.9-bp157.2.1.src.rpm openSUSE-2026-2 moderate openSUSE Backports SLE-15-SP7 Update This update for orafce to version 4.16.2+git0.6a3cfa5: * fix update script from 4.15-4.16 and prepare for 4.16.2 - Update to version 4.16.1+git0.3eaa566: * fix meson build + prepare for 4.16.1 - Update to version 4.16.0+git0.38f69ed: * More accurace calculating months_between when time part of input is not truncated. * fix build on pg19 - Update to version 4.14.6+git0.2b21fee: * prepare for 4.14.6 * fix build pn pg19 * remove useless usage of short life memory context * remove useless (and buggy) usage of short life memory context - enable pg 18 - Update to version 4.14.5+git0.86c6e48: * prepare for 4.14.5 * regression tests for fix oracle.replace_empty_strings and oracle.replace_null_strings * Fix in function oracle.replace_empty_strings detection of empty string of type character(n). Fix in function oracle.replace_null_strings generating empty string of type character(n). * the names of roles created by regress tests should to use prefix "regress_" * fix build on master (pg19) * fix formatting * fix formatting * post pgindent sync * pgindent formatting * typedef list for pgindent postgresql13-orafce-4.16.2+git0.6a3cfa5-bp157.2.5.1.src.rpm postgresql13-orafce-4.16.2+git0.6a3cfa5-bp157.2.5.1.x86_64.rpm postgresql14-orafce-4.16.2+git0.6a3cfa5-bp157.2.5.1.src.rpm postgresql14-orafce-4.16.2+git0.6a3cfa5-bp157.2.5.1.x86_64.rpm postgresql15-orafce-4.16.2+git0.6a3cfa5-bp157.2.5.1.src.rpm postgresql15-orafce-4.16.2+git0.6a3cfa5-bp157.2.5.1.x86_64.rpm postgresql16-orafce-4.16.2+git0.6a3cfa5-bp157.2.5.1.src.rpm postgresql16-orafce-4.16.2+git0.6a3cfa5-bp157.2.5.1.x86_64.rpm postgresql17-orafce-4.16.2+git0.6a3cfa5-bp157.2.5.1.src.rpm postgresql17-orafce-4.16.2+git0.6a3cfa5-bp157.2.5.1.x86_64.rpm postgresql18-orafce-4.16.2+git0.6a3cfa5-bp157.2.5.1.src.rpm postgresql18-orafce-4.16.2+git0.6a3cfa5-bp157.2.5.1.x86_64.rpm postgresql13-orafce-4.16.2+git0.6a3cfa5-bp157.2.5.1.i586.rpm postgresql14-orafce-4.16.2+git0.6a3cfa5-bp157.2.5.1.i586.rpm postgresql15-orafce-4.16.2+git0.6a3cfa5-bp157.2.5.1.i586.rpm postgresql16-orafce-4.16.2+git0.6a3cfa5-bp157.2.5.1.i586.rpm postgresql17-orafce-4.16.2+git0.6a3cfa5-bp157.2.5.1.i586.rpm postgresql18-orafce-4.16.2+git0.6a3cfa5-bp157.2.5.1.i586.rpm postgresql13-orafce-4.16.2+git0.6a3cfa5-bp157.2.5.1.aarch64.rpm postgresql14-orafce-4.16.2+git0.6a3cfa5-bp157.2.5.1.aarch64.rpm postgresql15-orafce-4.16.2+git0.6a3cfa5-bp157.2.5.1.aarch64.rpm postgresql16-orafce-4.16.2+git0.6a3cfa5-bp157.2.5.1.aarch64.rpm postgresql17-orafce-4.16.2+git0.6a3cfa5-bp157.2.5.1.aarch64.rpm postgresql18-orafce-4.16.2+git0.6a3cfa5-bp157.2.5.1.aarch64.rpm postgresql13-orafce-4.16.2+git0.6a3cfa5-bp157.2.5.1.ppc64le.rpm postgresql14-orafce-4.16.2+git0.6a3cfa5-bp157.2.5.1.ppc64le.rpm postgresql15-orafce-4.16.2+git0.6a3cfa5-bp157.2.5.1.ppc64le.rpm postgresql16-orafce-4.16.2+git0.6a3cfa5-bp157.2.5.1.ppc64le.rpm postgresql17-orafce-4.16.2+git0.6a3cfa5-bp157.2.5.1.ppc64le.rpm postgresql18-orafce-4.16.2+git0.6a3cfa5-bp157.2.5.1.ppc64le.rpm postgresql13-orafce-4.16.2+git0.6a3cfa5-bp157.2.5.1.s390x.rpm postgresql14-orafce-4.16.2+git0.6a3cfa5-bp157.2.5.1.s390x.rpm postgresql15-orafce-4.16.2+git0.6a3cfa5-bp157.2.5.1.s390x.rpm postgresql16-orafce-4.16.2+git0.6a3cfa5-bp157.2.5.1.s390x.rpm postgresql17-orafce-4.16.2+git0.6a3cfa5-bp157.2.5.1.s390x.rpm postgresql18-orafce-4.16.2+git0.6a3cfa5-bp157.2.5.1.s390x.rpm openSUSE-2026-5 moderate openSUSE Backports SLE-15-SP7 Update This update for dcmtk fixes the following issues: - Update to 3.7.0. See docs/CHANGES.370 for the full list of changes * CVE-2025-14841: invalid messages may trigger a segmentation fault due to a NULL pointer dereference (boo#1255292). * CVE-2025-14607: manipulation to component dcmdata could lead to memory corruption (boo#1255464). - Avoid unnecessary dependencies (boo#1254123): dcmtk-3.7.0-bp157.3.6.1.src.rpm dcmtk-3.7.0-bp157.3.6.1.x86_64.rpm dcmtk-debuginfo-3.7.0-bp157.3.6.1.x86_64.rpm dcmtk-debugsource-3.7.0-bp157.3.6.1.x86_64.rpm dcmtk-devel-3.7.0-bp157.3.6.1.x86_64.rpm libdcmtk20-3.7.0-bp157.3.6.1.x86_64.rpm libdcmtk20-debuginfo-3.7.0-bp157.3.6.1.x86_64.rpm dcmtk-3.7.0-bp157.3.6.1.i586.rpm dcmtk-debuginfo-3.7.0-bp157.3.6.1.i586.rpm dcmtk-debugsource-3.7.0-bp157.3.6.1.i586.rpm dcmtk-devel-3.7.0-bp157.3.6.1.i586.rpm libdcmtk20-3.7.0-bp157.3.6.1.i586.rpm libdcmtk20-debuginfo-3.7.0-bp157.3.6.1.i586.rpm dcmtk-3.7.0-bp157.3.6.1.aarch64.rpm dcmtk-debuginfo-3.7.0-bp157.3.6.1.aarch64.rpm dcmtk-debugsource-3.7.0-bp157.3.6.1.aarch64.rpm dcmtk-devel-3.7.0-bp157.3.6.1.aarch64.rpm libdcmtk20-3.7.0-bp157.3.6.1.aarch64.rpm libdcmtk20-debuginfo-3.7.0-bp157.3.6.1.aarch64.rpm dcmtk-3.7.0-bp157.3.6.1.ppc64le.rpm dcmtk-debuginfo-3.7.0-bp157.3.6.1.ppc64le.rpm dcmtk-debugsource-3.7.0-bp157.3.6.1.ppc64le.rpm dcmtk-devel-3.7.0-bp157.3.6.1.ppc64le.rpm libdcmtk20-3.7.0-bp157.3.6.1.ppc64le.rpm libdcmtk20-debuginfo-3.7.0-bp157.3.6.1.ppc64le.rpm dcmtk-3.7.0-bp157.3.6.1.s390x.rpm dcmtk-debuginfo-3.7.0-bp157.3.6.1.s390x.rpm dcmtk-debugsource-3.7.0-bp157.3.6.1.s390x.rpm dcmtk-devel-3.7.0-bp157.3.6.1.s390x.rpm libdcmtk20-3.7.0-bp157.3.6.1.s390x.rpm libdcmtk20-debuginfo-3.7.0-bp157.3.6.1.s390x.rpm openSUSE-2026-4 important openSUSE Backports SLE-15-SP7 Update This update for chromium, noopenh264 fixes the following issues: Changes in chromium: - Chromium 143.0.7499.192 (boo#1256067): * CVE-2026-0628: Insufficient policy enforcement in WebView tag - Chromium 143.0.7499.169 (stable released 2025-12-18) * no cve listed yet Changes in noopenh264: - Introducing the package. chromedriver-143.0.7499.192-bp157.2.97.1.x86_64.rpm chromium-143.0.7499.192-bp157.2.97.1.nosrc.rpm chromium-143.0.7499.192-bp157.2.97.1.x86_64.rpm libopenh264-8-2.6.0~noopenh264-bp157.2.1.x86_64.rpm libopenh264-8-debuginfo-2.6.0~noopenh264-bp157.2.1.x86_64.rpm libopenh264-devel-2.6.0~noopenh264-bp157.2.1.x86_64.rpm noopenh264-2.6.0~noopenh264-bp157.2.1.src.rpm noopenh264-debugsource-2.6.0~noopenh264-bp157.2.1.x86_64.rpm libopenh264-8-2.6.0~noopenh264-bp157.2.1.i586.rpm libopenh264-8-32bit-2.6.0~noopenh264-bp157.2.1.x86_64.rpm libopenh264-8-32bit-debuginfo-2.6.0~noopenh264-bp157.2.1.x86_64.rpm libopenh264-8-debuginfo-2.6.0~noopenh264-bp157.2.1.i586.rpm libopenh264-devel-2.6.0~noopenh264-bp157.2.1.i586.rpm noopenh264-debugsource-2.6.0~noopenh264-bp157.2.1.i586.rpm chromedriver-143.0.7499.192-bp157.2.97.1.aarch64.rpm chromium-143.0.7499.192-bp157.2.97.1.aarch64.rpm libopenh264-8-2.6.0~noopenh264-bp157.2.1.aarch64.rpm libopenh264-8-64bit-2.6.0~noopenh264-bp157.2.1.aarch64_ilp32.rpm libopenh264-8-64bit-debuginfo-2.6.0~noopenh264-bp157.2.1.aarch64_ilp32.rpm libopenh264-8-debuginfo-2.6.0~noopenh264-bp157.2.1.aarch64.rpm libopenh264-devel-2.6.0~noopenh264-bp157.2.1.aarch64.rpm noopenh264-debugsource-2.6.0~noopenh264-bp157.2.1.aarch64.rpm chromedriver-143.0.7499.192-bp157.2.97.1.ppc64le.rpm chromium-143.0.7499.192-bp157.2.97.1.ppc64le.rpm libopenh264-8-2.6.0~noopenh264-bp157.2.1.ppc64le.rpm libopenh264-8-debuginfo-2.6.0~noopenh264-bp157.2.1.ppc64le.rpm libopenh264-devel-2.6.0~noopenh264-bp157.2.1.ppc64le.rpm noopenh264-debugsource-2.6.0~noopenh264-bp157.2.1.ppc64le.rpm libopenh264-8-2.6.0~noopenh264-bp157.2.1.s390x.rpm libopenh264-8-debuginfo-2.6.0~noopenh264-bp157.2.1.s390x.rpm libopenh264-devel-2.6.0~noopenh264-bp157.2.1.s390x.rpm noopenh264-debugsource-2.6.0~noopenh264-bp157.2.1.s390x.rpm openSUSE-2026-7 important openSUSE Backports SLE-15-SP7 Update This update for cpp-httplib fixes the following issues: - CVE-2025-53629: Fixed that a header can allocate memory arbitrarily in the server, potentially leading to its exhaustion (boo#1246471) - CVE-2025-53628: Fixed HTTP header smuggling due to insecure trailers merge (boo#1246468) - CVE-2025-52887: Fixed that the number of HTTP header fields was not limited, which can lead to potential exhaustion of system memory (boo#1245414) cpp-httplib-0.20.1-bp157.2.3.1.src.rpm cpp-httplib-devel-0.20.1-bp157.2.3.1.x86_64.rpm libcpp-httplib0_20-0.20.1-bp157.2.3.1.x86_64.rpm cpp-httplib-devel-0.20.1-bp157.2.3.1.i586.rpm libcpp-httplib0_20-0.20.1-bp157.2.3.1.i586.rpm cpp-httplib-devel-0.20.1-bp157.2.3.1.aarch64.rpm libcpp-httplib0_20-0.20.1-bp157.2.3.1.aarch64.rpm cpp-httplib-devel-0.20.1-bp157.2.3.1.ppc64le.rpm libcpp-httplib0_20-0.20.1-bp157.2.3.1.ppc64le.rpm cpp-httplib-devel-0.20.1-bp157.2.3.1.s390x.rpm libcpp-httplib0_20-0.20.1-bp157.2.3.1.s390x.rpm openSUSE-2026-9 moderate openSUSE Backports SLE-15-SP7 Update This update for python-cbor2 fixes the following issues: - CVE-2025-68131: Fixed that a attacker-controlled message can read data from previously decoded messages if the decoder is reused across trust boundaries (boo#1255783) python-cbor2-5.5.1-bp157.2.3.1.src.rpm python311-cbor2-5.5.1-bp157.2.3.1.x86_64.rpm python311-cbor2-5.5.1-bp157.2.3.1.i586.rpm python311-cbor2-5.5.1-bp157.2.3.1.aarch64.rpm python311-cbor2-5.5.1-bp157.2.3.1.ppc64le.rpm python311-cbor2-5.5.1-bp157.2.3.1.s390x.rpm openSUSE-2026-32 important openSUSE Backports SLE-15-SP7 Update This update for coredns fixes the following issues: - Update to version 1.14.1: * This release primarily addresses security vulnerabilities affecting Go versions prior to Go 1.25.6 and Go 1.24.12 (CVE-2025-61728, CVE-2025-61726, CVE-2025-68121, CVE-2025-61731, CVE-2025-68119). It also includes performance improvements to the proxy plugin via multiplexed connections, along with various documentation updates. - CVE-2025-68156: Fixed a denial of service due to uncontrolled recursion in expression evaluation (bsc#1255345) - Update to version 1.14.0: * core: Fix gosec G115 integer overflow warnings * core: Add regex length limit * plugin/azure: Fix slice init length * plugin/errors: Add optional show_first flag to consolidate directive * plugin/file: Fix for misleading SOA parser warnings * plugin/kubernetes: Rate limits to api server * plugin/metrics: Implement plugin chain tracking * plugin/sign: Report parser err before missing SOA * build(deps): bump github.com/expr-lang/expr from 1.17.6 to 1.17.7 - Update to version 1.13.2: * core: Add basic support for DoH3 * core: Avoid proxy unnecessary alloc in Yield * core: Fix usage of sync.Pool to save an alloc * core: Fix data race with sync.RWMutex for uniq * core: Prevent QUIC reload panic by lazily initializing the listener * core: Refactor/use reflect.TypeFor * plugin/auto: Limit regex length * plugin/cache: Remove superfluous allocations in item.toMsg * plugin/cache: Isolate metadata in prefetch goroutine * plugin/cache: Correct spelling of MaximumDefaultTTL in cache and dnsutil packages * plugin/dnstap: Better error handling (redial & logging) when Dnstap is busy * plugin/file: Performance finetuning * plugin/forward: Disallow NOERROR in failover * plugin/forward: Added support for per-nameserver TLS SNI * plugin/forward: Prevent busy loop on connection err * plugin/forward: Add max connect attempts knob * plugin/geoip: Add ASN schema support * plugin/geoip: Add support for subdivisions * plugin/kubernetes: Fix kubernetes plugin logging * plugin/multisocket: Cap num sockets to prevent OOM * plugin/nomad: Support service filtering * plugin/rewrite: Pre-compile CNAME rewrite regexp * plugin/secondary: Fix reload causing secondary plugin goroutine to leak - Update to version 1.13.1: * core: Avoid string concatenation in loops * core: Update golang to 1.25.2 and golang.org/x/net to v0.45.0 on CVE fixes * plugin/sign: Reject invalid UTF‑8 dbfile token - Update to version 1.13.0: * core: Export timeout values in dnsserver.Server * core: Fix Corefile infinite loop on unclosed braces * core: Fix Corefile related import cycle issue * core: Normalize panics on invalid origins * core: Rely on dns.Server.ShutdownContext to gracefully stop * plugin/dnstap: Add bounds for plugin args * plugin/file: Fix data race in tree Elem.Name * plugin/forward: No failover to next upstream when receiving SERVFAIL or REFUSED response codes * plugin/grpc: Enforce DNS message size limits * plugin/loop: Prevent panic when ListenHosts is empty * plugin/loop: Avoid panic on invalid server block * plugin/nomad: Add a Nomad plugin * plugin/reload: Prevent SIGTERM/reload deadlock coredns-1.14.1-bp157.2.10.1.src.rpm coredns-1.14.1-bp157.2.10.1.x86_64.rpm coredns-debuginfo-1.14.1-bp157.2.10.1.x86_64.rpm coredns-extras-1.14.1-bp157.2.10.1.noarch.rpm coredns-1.14.1-bp157.2.10.1.aarch64.rpm coredns-debuginfo-1.14.1-bp157.2.10.1.aarch64.rpm coredns-1.14.1-bp157.2.10.1.ppc64le.rpm coredns-debuginfo-1.14.1-bp157.2.10.1.ppc64le.rpm openSUSE-2026-14 moderate openSUSE Backports SLE-15-SP7 Update This update for fluidsynth fixes the following issues: - CVE-2025-56225: Fixed NULL pointer deference when loading and invalid MIDI file (boo#1256435). fluidsynth-2.3.4-bp157.2.3.1.src.rpm fluidsynth-2.3.4-bp157.2.3.1.x86_64.rpm fluidsynth-devel-2.3.4-bp157.2.3.1.x86_64.rpm libfluidsynth3-2.3.4-bp157.2.3.1.x86_64.rpm fluidsynth-2.3.4-bp157.2.3.1.i586.rpm fluidsynth-devel-2.3.4-bp157.2.3.1.i586.rpm libfluidsynth3-2.3.4-bp157.2.3.1.i586.rpm libfluidsynth3-32bit-2.3.4-bp157.2.3.1.x86_64.rpm fluidsynth-2.3.4-bp157.2.3.1.aarch64.rpm fluidsynth-devel-2.3.4-bp157.2.3.1.aarch64.rpm libfluidsynth3-2.3.4-bp157.2.3.1.aarch64.rpm libfluidsynth3-64bit-2.3.4-bp157.2.3.1.aarch64_ilp32.rpm fluidsynth-2.3.4-bp157.2.3.1.ppc64le.rpm fluidsynth-devel-2.3.4-bp157.2.3.1.ppc64le.rpm libfluidsynth3-2.3.4-bp157.2.3.1.ppc64le.rpm fluidsynth-2.3.4-bp157.2.3.1.s390x.rpm fluidsynth-devel-2.3.4-bp157.2.3.1.s390x.rpm libfluidsynth3-2.3.4-bp157.2.3.1.s390x.rpm openSUSE-2026-15 moderate openSUSE Backports SLE-15-SP7 Update This update for gosec fixes the following issues: - Update to version 2.22.4: * Update to go version 1.24.3 and 1.23.9 * update: updated the build command to include version metadata * chore(deps): update all dependencies * Update the AI provider API key value when provided as an argument * chore(deps): update module google.golang.org/api to v0.230.0 * chore(deps): update module google.golang.org/api to v0.229.0 * chore(deps): update all dependencies * Comment the reason why the file can be nil when an issue is created * Handle nil file when creating a new issue * chore(deps): update all dependencies (#1333) - Update to version 2.22.3: * Update version in 'action.yml' to 2.22.3 (anticipating next version (#1332) * Update go version to 1.24.2 and 1.23.8 (#1331) * remove G113. It only affects old/unsupported versions of Go (#1328) * chore(deps): update all dependencies (#1325) * Add SSOJet (#1320) * chore(deps): update all dependencies (#1319) * Update the integrity sha for babel dependency in html report (#1316) * Add support for `//gosec:disable` directive (#1314) * chore(deps): update all dependencies (#1315) - Update to version 2.22.2: * Update to go version 1.24.1 and 1.23.7 (#1313) * chore(deps): update all dependencies (#1310) * chore(deps): update all dependencies (#1308) * Update gosec version in the GitHub action to v2.22.1 (#1307) * chore(deps): update module google.golang.org/api to v0.221.0 (#1305) - Update to version 2.22.1: * Update cosign to v2.4.2 (#1303) * Add support for go 1.24 and phased out support for go 1.22 (#1302) * chore(deps): update all dependencies (#1300) * Update to go version 1.23.6 and 1.22.12 (#1299) * chore(deps): update module google.golang.org/api to v0.219.0 (#1296) * chore(deps): update module google.golang.org/api to v0.218.0 (#1294) * Add test to conver unit parssing for G115 rule (#1293) * Update to go version 1.23.5 and 1.22.11 (#1291) * chore(deps): update all dependencies (#1290) * Update gosec in github action to 2.22.0 (#1286) gosec-2.22.4-bp157.2.3.1.src.rpm gosec-2.22.4-bp157.2.3.1.x86_64.rpm gosec-2.22.4-bp157.2.3.1.aarch64.rpm gosec-2.22.4-bp157.2.3.1.ppc64le.rpm gosec-2.22.4-bp157.2.3.1.s390x.rpm openSUSE-2026-16 moderate openSUSE Backports SLE-15-SP7 Update This update for zk fixes the following issues: - Update to version 0.15.2 * Find notes with missing backlinks using zk list --missing-backlink * LSP diagnostic for missing backlinks when other notes link to current note without reciprocal links * Code action to add missing backlinks * LSP diagnostic for self-referential links * Release tarballs now output the program version * Config path can be set with $ZK_CONFIG_DIR * bump deps: golang.org/x/crypto v0.45.0 fixes CVE-2025-58181 - Update to version 0.15.0 * fixed LSP crashes when editing code fences and/or working in text files with code fences * new feature to set a group path "by name", in that any directory with the same name can share the same group rules, no matter how deep in the notebook. See references below. - Update to version 0.14.2 * Path in .zk/config.toml for the default note template now accepts UNIX "~/paths" * Find notes without tags with zk list --tagless * fix: LSP ignores magnet links as links to notes * fix: Note titles with double quoted words no longer break json output * fix: Grammar in error output * fix: Group rules could not be nested - Update to version 0.14.1 * Fixed parsing large notes @khimaros in #339 * fix day range parsing (#382) by @tjex in #384 * accept tripple dash file URIs as valid links by @tjex in #391 * fix(lsp): fix trigger completion of zk LSP by @Rahlir in #397 * fix(lsp): ignore diagnostic check within code blocks by @Rahlir in #399 * allow notebook as hidden dir by @tjex in #402 * documentation fixes zk-0.15.2-bp157.2.3.1.src.rpm zk-0.15.2-bp157.2.3.1.x86_64.rpm zk-0.15.2-bp157.2.3.1.i586.rpm zk-0.15.2-bp157.2.3.1.aarch64.rpm zk-0.15.2-bp157.2.3.1.ppc64le.rpm zk-0.15.2-bp157.2.3.1.s390x.rpm openSUSE-2026-20 moderate openSUSE Backports SLE-15-SP7 Update This update for powerline fixes the following issues: - Use %python3_fix_shebang_path to fix python binaries hashbangs (boo#1255982) powerline-2.8.4-bp157.2.6.1.src.rpm powerline-2.8.4-bp157.2.6.1.x86_64.rpm powerline-docs-2.8.4-bp157.2.6.1.noarch.rpm powerline-fonts-2.8.4-bp157.2.6.1.noarch.rpm tmux-powerline-2.8.4-bp157.2.6.1.noarch.rpm vim-plugin-powerline-2.8.4-bp157.2.6.1.noarch.rpm powerline-2.8.4-bp157.2.6.1.aarch64.rpm powerline-2.8.4-bp157.2.6.1.ppc64le.rpm powerline-2.8.4-bp157.2.6.1.s390x.rpm openSUSE-2026-22 moderate openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: - Chromium 144.0.7559.59 (boo#1256614) * CVE-2026-0899: Out of bounds memory access in V8 * CVE-2026-0900: Inappropriate implementation in V8 * CVE-2026-0901: Inappropriate implementation in Blink * CVE-2026-0902: Inappropriate implementation in V8 * CVE-2026-0903: Insufficient validation of untrusted input in Downloads * CVE-2026-0904: Incorrect security UI in Digital Credentials * CVE-2026-0905: Insufficient policy enforcement in Network * CVE-2026-0906: Incorrect security UI * CVE-2026-0907: Incorrect security UI in Split View * CVE-2026-0908: Use after free in ANGLE - use noopenh264 where available chromedriver-144.0.7559.59-bp157.2.100.1.x86_64.rpm chromium-144.0.7559.59-bp157.2.100.1.nosrc.rpm chromium-144.0.7559.59-bp157.2.100.1.x86_64.rpm chromedriver-144.0.7559.59-bp157.2.100.1.aarch64.rpm chromium-144.0.7559.59-bp157.2.100.1.aarch64.rpm chromedriver-144.0.7559.59-bp157.2.100.1.ppc64le.rpm chromium-144.0.7559.59-bp157.2.100.1.ppc64le.rpm openSUSE-2026-24 important openSUSE Backports SLE-15-SP7 Update This update for python-weasyprint fixes the following issues: - CVE-2025-68616: Fixed a server-side request forgery in default fetcher (boo#1256936). python-weasyprint-60.2-bp157.2.3.1.src.rpm python311-weasyprint-60.2-bp157.2.3.1.noarch.rpm openSUSE-2026-28 moderate openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: - Chromium 144.0.7559.96 (boo#1257011) * CVE-2026-1220: Race in V8 - update INSTALL.sh to handle the addded tags in the desktop file (boo#1256938) chromedriver-144.0.7559.96-bp157.2.103.1.x86_64.rpm chromium-144.0.7559.96-bp157.2.103.1.nosrc.rpm chromium-144.0.7559.96-bp157.2.103.1.x86_64.rpm chromedriver-144.0.7559.96-bp157.2.103.1.aarch64.rpm chromium-144.0.7559.96-bp157.2.103.1.aarch64.rpm chromedriver-144.0.7559.96-bp157.2.103.1.ppc64le.rpm chromium-144.0.7559.96-bp157.2.103.1.ppc64le.rpm openSUSE-2026-30 low openSUSE Backports SLE-15-SP7 Update This optional update makes available minisign. It is an implementation of a source tarball verification mechanism, alternative to OpenPGP format signatures. It is a dependency of an upcoming update to obs-source_validator. minisign-0.12-bp157.2.1.src.rpm minisign-0.12-bp157.2.1.x86_64.rpm minisign-debuginfo-0.12-bp157.2.1.x86_64.rpm minisign-debugsource-0.12-bp157.2.1.x86_64.rpm minisign-0.12-bp157.2.1.i586.rpm minisign-debuginfo-0.12-bp157.2.1.i586.rpm minisign-debugsource-0.12-bp157.2.1.i586.rpm minisign-0.12-bp157.2.1.aarch64.rpm minisign-debuginfo-0.12-bp157.2.1.aarch64.rpm minisign-debugsource-0.12-bp157.2.1.aarch64.rpm minisign-0.12-bp157.2.1.ppc64le.rpm minisign-debuginfo-0.12-bp157.2.1.ppc64le.rpm minisign-debugsource-0.12-bp157.2.1.ppc64le.rpm minisign-0.12-bp157.2.1.s390x.rpm minisign-debuginfo-0.12-bp157.2.1.s390x.rpm minisign-debugsource-0.12-bp157.2.1.s390x.rpm openSUSE-2026-40 moderate openSUSE Backports SLE-15-SP7 Update This update for vlc fixes the following issues: - Update to version 3.0.23: + Codecs: * Fix WebVTT line positioning * Expose additional audio codec information (notably for Flac 24bit) + Demuxers: * fix some JPEG files wih JFIF headers + Security: * Fix null deref in libass, undefined shift in theora and cc-708, integer overflow in daala, Infinite loop in h264 parsing, buffer overflow in png and multiple format-overflows + Misc: * Prepare compatibility for taglib 2.0, Qt6, FFmpeg8, mingw-w64 v13 and newer versions of libplacebo and pupnp - Update to version 3.0.22: + Core: Assume subpictures are in SDR by default + Decoders: * Fix Opus channel mapping * Fix hardware decoding with VideoToolbox of XVID MPEG-4 video * Add dav1d-all-layers option * Fix DVD CEA-608 captions parsing * Fix ProRes 4:4:4:4 * Disable decoding using libdca, libmpeg2 and liba52 by default in favor of libavcodec + Demuxers: * Add support for DMX audio music (MUS) files * Handle mkv-use-chapter-codec option * Add A_ATRAC/AT1 support in matroska * Prevent FLAC seeking logic get stuck * Handle pictures in FLAC * Fix VOB/AOB LPCM/MLP detection failing occasionally * Cut QNap title on first invalid character * Fix display of certain JPEG files * Fix playback of very short ASF files (duration less than 1s) * Multiple fixes in MPEG-TS * Fix crashes in multiple demuxers (reported by rub.de, oss-fuzz and others) + Input: Fix SFTP seeking for large files on 32-bit OS + Interface: * Qt: Add option to use dark palette * Qt: Add compilation support for newer versions of Qt5 * Qt: Fix scrolling on volume slider * KDE: fix MPRIS state when started from file + Service Discovery: UPnP: remove SAT>IP channel list fallback + Video Output: * Use a better stretch mode in wingdi * Fetch missing device information when running in UWP + Video Filter: * Add AMD GPU Frame Rate Doubler (Direct3D11) * Improve visualization of low frequencies in spectrogram - Pin to ffmpeg-7; even the master branch does not yet build against ffmpeg 8. - opus_header: fix channel mapping family 1 parsing (boo#1244167). - Drop opencv sub-package, and hence no longer needed pkgconfig(opencv) libvlc5-3.0.23-bp157.2.5.1.x86_64.rpm libvlc5-debuginfo-3.0.23-bp157.2.5.1.x86_64.rpm libvlccore9-3.0.23-bp157.2.5.1.x86_64.rpm libvlccore9-debuginfo-3.0.23-bp157.2.5.1.x86_64.rpm vlc-3.0.23-bp157.2.5.1.src.rpm vlc-3.0.23-bp157.2.5.1.x86_64.rpm vlc-codec-fluidsynth-3.0.23-bp157.2.5.1.x86_64.rpm vlc-codec-fluidsynth-debuginfo-3.0.23-bp157.2.5.1.x86_64.rpm vlc-codec-gstreamer-3.0.23-bp157.2.5.1.x86_64.rpm vlc-codec-gstreamer-debuginfo-3.0.23-bp157.2.5.1.x86_64.rpm vlc-debuginfo-3.0.23-bp157.2.5.1.x86_64.rpm vlc-debugsource-3.0.23-bp157.2.5.1.x86_64.rpm vlc-devel-3.0.23-bp157.2.5.1.x86_64.rpm vlc-jack-3.0.23-bp157.2.5.1.x86_64.rpm vlc-jack-debuginfo-3.0.23-bp157.2.5.1.x86_64.rpm vlc-lang-3.0.23-bp157.2.5.1.noarch.rpm vlc-noX-3.0.23-bp157.2.5.1.x86_64.rpm vlc-noX-debuginfo-3.0.23-bp157.2.5.1.x86_64.rpm vlc-qt-3.0.23-bp157.2.5.1.x86_64.rpm vlc-qt-debuginfo-3.0.23-bp157.2.5.1.x86_64.rpm libvlc5-3.0.23-bp157.2.5.1.aarch64.rpm libvlc5-debuginfo-3.0.23-bp157.2.5.1.aarch64.rpm libvlccore9-3.0.23-bp157.2.5.1.aarch64.rpm libvlccore9-debuginfo-3.0.23-bp157.2.5.1.aarch64.rpm vlc-3.0.23-bp157.2.5.1.aarch64.rpm vlc-codec-fluidsynth-3.0.23-bp157.2.5.1.aarch64.rpm vlc-codec-fluidsynth-debuginfo-3.0.23-bp157.2.5.1.aarch64.rpm vlc-codec-gstreamer-3.0.23-bp157.2.5.1.aarch64.rpm vlc-codec-gstreamer-debuginfo-3.0.23-bp157.2.5.1.aarch64.rpm vlc-debuginfo-3.0.23-bp157.2.5.1.aarch64.rpm vlc-debugsource-3.0.23-bp157.2.5.1.aarch64.rpm vlc-devel-3.0.23-bp157.2.5.1.aarch64.rpm vlc-jack-3.0.23-bp157.2.5.1.aarch64.rpm vlc-jack-debuginfo-3.0.23-bp157.2.5.1.aarch64.rpm vlc-noX-3.0.23-bp157.2.5.1.aarch64.rpm vlc-noX-debuginfo-3.0.23-bp157.2.5.1.aarch64.rpm vlc-qt-3.0.23-bp157.2.5.1.aarch64.rpm vlc-qt-debuginfo-3.0.23-bp157.2.5.1.aarch64.rpm libvlc5-3.0.23-bp157.2.5.1.ppc64le.rpm libvlc5-debuginfo-3.0.23-bp157.2.5.1.ppc64le.rpm libvlccore9-3.0.23-bp157.2.5.1.ppc64le.rpm libvlccore9-debuginfo-3.0.23-bp157.2.5.1.ppc64le.rpm vlc-3.0.23-bp157.2.5.1.ppc64le.rpm vlc-codec-fluidsynth-3.0.23-bp157.2.5.1.ppc64le.rpm vlc-codec-fluidsynth-debuginfo-3.0.23-bp157.2.5.1.ppc64le.rpm vlc-codec-gstreamer-3.0.23-bp157.2.5.1.ppc64le.rpm vlc-codec-gstreamer-debuginfo-3.0.23-bp157.2.5.1.ppc64le.rpm vlc-debuginfo-3.0.23-bp157.2.5.1.ppc64le.rpm vlc-debugsource-3.0.23-bp157.2.5.1.ppc64le.rpm vlc-devel-3.0.23-bp157.2.5.1.ppc64le.rpm vlc-jack-3.0.23-bp157.2.5.1.ppc64le.rpm vlc-jack-debuginfo-3.0.23-bp157.2.5.1.ppc64le.rpm vlc-noX-3.0.23-bp157.2.5.1.ppc64le.rpm vlc-noX-debuginfo-3.0.23-bp157.2.5.1.ppc64le.rpm vlc-qt-3.0.23-bp157.2.5.1.ppc64le.rpm vlc-qt-debuginfo-3.0.23-bp157.2.5.1.ppc64le.rpm openSUSE-2026-33 critical openSUSE Backports SLE-15-SP7 Update This update for cacti, cacti-spine fixes the following issues: cacti 1.2.30: - Unable to add new users - When using Automation Rules, specifying graph criteria may cause issues - When transferring a system from a backup if the poller has not run recently rrdtool issues are found - When translating, quotes may cause incorrect text to appear - When using Boost for the first time, warnings may appear - When refreshing forms, items may be checked incorrectly by xmacan cacti 1.2.29: - CVE-2025-22604 GHSA-c5j8-jxj3-hh36 - Authenticated RCE via multi-line SNMP responses (bsc#1236488) - CVE-2025-24368 GHSA-f9c7-7rc3-574c - SQL Injection vulnerability when using tree rules through Automation API (bsc#1236490) - CVE-2024-54145 GHSA-fh3x-69rr-qqpp - SQL Injection vulnerability when request automation devices (bsc#1236487) - CVE-2025-24367 GHSA-fxrq-fr7h-9rqq - Arbitrary File Creation leading to RCE (bsc#1236489) - CVE-2024-45598 GHSA-pv2c-97pp-vxwg - Local File Inclusion (LFI) Vulnerability via Poller Standard Error Log Path (bsc#1236482) - CVE-2024-54146 GHSA-vj9g-P7F2-4wqj - SQL Injection vulnerability when view host template (bsc#1236486) - issue: Temporary table names may incorrectly think they have a schema - issue: When using Preset Time to view graphs, it is using a fixed point rather than relative time - issue: Fix issue where RRA files are not automatically removed - issue: Fix invalid help link for Automation Networks - issue: Unable to disable a tree within the GUI - issue: When removing graphs, RRA files may be left behind - issue: Improve compatibility with ping under FreeBSD - issue: Improve compatibility wtih Slice RRD tool under PHP 8.x - issue: Allow IPv6 formats to use colons without port - issue: Update Fortigate, Aruba OSCX and Clearpass templates - issue: When a plugin is disabled, unable to use GUI to enable it again - issue: When upgrading, ensure that replication only runs as necessary - issue: Improve caching and syncing issues with replication - issue: Improve caching techniques for database calls - issue: Improve compatibility for Error constants under PHP 8.4 - issue: When running the upgrade database script, cursor is left in the middle of the row - issue: Guest page does not automatically refresh - issue: When installing, conversion of tables may produce collation errors - feature: Add HPE Nimble/Alletra template - feature: When installing, only convert core cacti tables - Add /srv/www directories to filelist [boo#1231027] - fix for cacti-cron.timer & cacti-cron.service failing after upgrade has already removed - replace cacti-cron.timer & cacti-cron.service with cactid.service to fix thold & other "sub poller" poller processes not running. cacti 1.2.28: - CVE-2024-43365 GHSA-49f2-hwx9-qffr: XSS vulnerability when creating external links with the consolenewsection parameter (bsc#1231372) - CVE-2024-43364 GHSA-fgc6-g8gc-wcg5: XSS vulnerability when creating external links with the title parameter (bsc#1231371) - CVE-2024-43363 GHSA-gxq4-mv8h-6qj4: RCE vulnerability can be executed via Log Poisoning (bsc#1231370) - CVE-2024-43362 GHSA-wh9c-v56x-v77c: XSS vulnerability when creating external links with the fileurl parameter - issue: When using LDAP authentication the first time, warnings may appear in logs - issue: When installing, a replication loop for plugin_realms may occur - issue: When installing, remote poller may attempt to sync with other pollers - issue: When a Data Query has a space, indexes may not be properly escaped - issue: Boost does not always order data source records properly - issue: Add IP address to the login audit for successful logins by xmacan - issue: Undefined variable error may sometimes occur when dealing with RRD output by MSS970 - issue: When export to CSV, only the first line of notes is included - issue: When rendering forms, missing default value can cause errors - issue: Allow hosted content to be executable for the links page - issue: When closing database connections, some may linger incorrectly - issue: When changing passwords, an infinite loop may occur by ddb4github - issue: When using Cacti Daemon, a "Cron out of sync" message may be reported - issue: Add ability to filter/sort users by group or last login time - issue: When using List View, unable to add Graphs to a Report - issue: When using SNMPv3, some devices may show polling issues - issue: Limit table conversion to Cacti core tables - issue: Fix issues with posix-based kills on Windows - issue: When installing, password changes may fail on new installations - issue: When using structured RRD folders, permission issues may be flagged incorrectly - issue: When unable to locate a valid theme, new default will be Modern - issue: Properly cache the data source information for dsstats processing - issue: When reindexing, verify all fields may not work as intended - feature: Add ability to log database connections/disconnections - feature: Add Ping Method where connection refused assumes host is up - feature: When displaying graphs, default end time does not show full 24 hour period - feature: Add --id to remove_device.php - feature: Add Location and Site to Graph List View - feature: Add more verbose logging to Boost - feature: Update jQuery to 3.7.1 - feature: Update jQueryUI to 1.14.0 - feature: Update Purify.js to 3.1.6 - feature: Update billboard.js to 3.13.0 - feature: Improve the performance of the repopulation of the poller cache Changes in cacti-spine: cacti-spine 1.2.30: - no changes - Bump/rebuild to match Cacti 1.2.30 cacti-spine 1.2.28: - When using Ping or SNMP Uptime, host is not always detected properly - Add Ping Method where connection refused assumes host is up cacti-spine-1.2.30-bp157.2.3.1.src.rpm cacti-spine-1.2.30-bp157.2.3.1.x86_64.rpm cacti-spine-debuginfo-1.2.30-bp157.2.3.1.x86_64.rpm cacti-spine-debugsource-1.2.30-bp157.2.3.1.x86_64.rpm cacti-spine-1.2.30-bp157.2.3.1.i586.rpm cacti-spine-debuginfo-1.2.30-bp157.2.3.1.i586.rpm cacti-spine-debugsource-1.2.30-bp157.2.3.1.i586.rpm cacti-spine-1.2.30-bp157.2.3.1.aarch64.rpm cacti-spine-debuginfo-1.2.30-bp157.2.3.1.aarch64.rpm cacti-spine-debugsource-1.2.30-bp157.2.3.1.aarch64.rpm cacti-spine-1.2.30-bp157.2.3.1.ppc64le.rpm cacti-spine-debuginfo-1.2.30-bp157.2.3.1.ppc64le.rpm cacti-spine-debugsource-1.2.30-bp157.2.3.1.ppc64le.rpm cacti-spine-1.2.30-bp157.2.3.1.s390x.rpm cacti-spine-debuginfo-1.2.30-bp157.2.3.1.s390x.rpm cacti-spine-debugsource-1.2.30-bp157.2.3.1.s390x.rpm openSUSE-2026-148 critical openSUSE Backports SLE-15-SP7 Update This update for cacti, cacti-spine fixes the following issues: cacti 1.2.30: - Unable to add new users - When using Automation Rules, specifying graph criteria may cause issues - When transferring a system from a backup if the poller has not run recently rrdtool issues are found - When translating, quotes may cause incorrect text to appear - When using Boost for the first time, warnings may appear - When refreshing forms, items may be checked incorrectly by xmacan cacti 1.2.29: - CVE-2025-22604 GHSA-c5j8-jxj3-hh36 - Authenticated RCE via multi-line SNMP responses (bsc#1236488) - CVE-2025-24368 GHSA-f9c7-7rc3-574c - SQL Injection vulnerability when using tree rules through Automation API (bsc#1236490) - CVE-2024-54145 GHSA-fh3x-69rr-qqpp - SQL Injection vulnerability when request automation devices (bsc#1236487) - CVE-2025-24367 GHSA-fxrq-fr7h-9rqq - Arbitrary File Creation leading to RCE (bsc#1236489) - CVE-2024-45598 GHSA-pv2c-97pp-vxwg - Local File Inclusion (LFI) Vulnerability via Poller Standard Error Log Path (bsc#1236482) - CVE-2024-54146 GHSA-vj9g-P7F2-4wqj - SQL Injection vulnerability when view host template (bsc#1236486) - issue: Temporary table names may incorrectly think they have a schema - issue: When using Preset Time to view graphs, it is using a fixed point rather than relative time - issue: Fix issue where RRA files are not automatically removed - issue: Fix invalid help link for Automation Networks - issue: Unable to disable a tree within the GUI - issue: When removing graphs, RRA files may be left behind - issue: Improve compatibility with ping under FreeBSD - issue: Improve compatibility wtih Slice RRD tool under PHP 8.x - issue: Allow IPv6 formats to use colons without port - issue: Update Fortigate, Aruba OSCX and Clearpass templates - issue: When a plugin is disabled, unable to use GUI to enable it again - issue: When upgrading, ensure that replication only runs as necessary - issue: Improve caching and syncing issues with replication - issue: Improve caching techniques for database calls - issue: Improve compatibility for Error constants under PHP 8.4 - issue: When running the upgrade database script, cursor is left in the middle of the row - issue: Guest page does not automatically refresh - issue: When installing, conversion of tables may produce collation errors - feature: Add HPE Nimble/Alletra template - feature: When installing, only convert core cacti tables - Add /srv/www directories to filelist [boo#1231027] - fix for cacti-cron.timer & cacti-cron.service failing after upgrade has already removed - replace cacti-cron.timer & cacti-cron.service with cactid.service to fix thold & other "sub poller" poller processes not running. cacti 1.2.28: - CVE-2024-43365 GHSA-49f2-hwx9-qffr: XSS vulnerability when creating external links with the consolenewsection parameter (bsc#1231372) - CVE-2024-43364 GHSA-fgc6-g8gc-wcg5: XSS vulnerability when creating external links with the title parameter (bsc#1231371) - CVE-2024-43363 GHSA-gxq4-mv8h-6qj4: RCE vulnerability can be executed via Log Poisoning (bsc#1231370) - CVE-2024-43362 GHSA-wh9c-v56x-v77c: XSS vulnerability when creating external links with the fileurl parameter - issue: When using LDAP authentication the first time, warnings may appear in logs - issue: When installing, a replication loop for plugin_realms may occur - issue: When installing, remote poller may attempt to sync with other pollers - issue: When a Data Query has a space, indexes may not be properly escaped - issue: Boost does not always order data source records properly - issue: Add IP address to the login audit for successful logins by xmacan - issue: Undefined variable error may sometimes occur when dealing with RRD output by MSS970 - issue: When export to CSV, only the first line of notes is included - issue: When rendering forms, missing default value can cause errors - issue: Allow hosted content to be executable for the links page - issue: When closing database connections, some may linger incorrectly - issue: When changing passwords, an infinite loop may occur by ddb4github - issue: When using Cacti Daemon, a "Cron out of sync" message may be reported - issue: Add ability to filter/sort users by group or last login time - issue: When using List View, unable to add Graphs to a Report - issue: When using SNMPv3, some devices may show polling issues - issue: Limit table conversion to Cacti core tables - issue: Fix issues with posix-based kills on Windows - issue: When installing, password changes may fail on new installations - issue: When using structured RRD folders, permission issues may be flagged incorrectly - issue: When unable to locate a valid theme, new default will be Modern - issue: Properly cache the data source information for dsstats processing - issue: When reindexing, verify all fields may not work as intended - feature: Add ability to log database connections/disconnections - feature: Add Ping Method where connection refused assumes host is up - feature: When displaying graphs, default end time does not show full 24 hour period - feature: Add --id to remove_device.php - feature: Add Location and Site to Graph List View - feature: Add more verbose logging to Boost - feature: Update jQuery to 3.7.1 - feature: Update jQueryUI to 1.14.0 - feature: Update Purify.js to 3.1.6 - feature: Update billboard.js to 3.13.0 - feature: Improve the performance of the repopulation of the poller cache Changes in cacti-spine: cacti-spine 1.2.30: - no changes - Bump/rebuild to match Cacti 1.2.30 cacti-spine 1.2.28: - When using Ping or SNMP Uptime, host is not always detected properly - Add Ping Method where connection refused assumes host is up cacti-1.2.30-bp157.2.3.1.noarch.rpm cacti-1.2.30-bp157.2.3.1.src.rpm openSUSE-2026-35 important openSUSE Backports SLE-15-SP7 Update Chromium was updated to fix the following issues: Chromium 144.0.7559.109 (boo#1257404) * CVE-2026-1504: Inappropriate implementation in Background Fetch API chromedriver-144.0.7559.109-bp157.2.106.1.x86_64.rpm chromium-144.0.7559.109-bp157.2.106.1.nosrc.rpm chromium-144.0.7559.109-bp157.2.106.1.x86_64.rpm chromedriver-144.0.7559.109-bp157.2.106.1.aarch64.rpm chromium-144.0.7559.109-bp157.2.106.1.aarch64.rpm chromedriver-144.0.7559.109-bp157.2.106.1.ppc64le.rpm chromium-144.0.7559.109-bp157.2.106.1.ppc64le.rpm openSUSE-2026-38 moderate openSUSE Backports SLE-15-SP7 Update This update for python-djangorestframework fixes the following issues: - CVE-2024-21520: Fixed improper input sanitization before splitting and joining with 'br' tags (boo#1227077) - Tests can be run only on (newer) python311 stack - Make it at least installable on python3 stack (no guarantees for it to run) - Use sle15allpythons to get the Python 3.6 packages (jsc#PED-8919) python-djangorestframework-3.14.0-bp157.2.3.1.src.rpm python3-djangorestframework-3.14.0-bp157.2.3.1.noarch.rpm python311-djangorestframework-3.14.0-bp157.2.3.1.noarch.rpm python-djangorestframework-test-3.14.0-bp157.2.3.1.src.rpm openSUSE-2026-41 important openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: - Chromium 144.0.7559.132 (boo#1257650) * CVE-2026-1861: Heap buffer overflow in libvpx in Google Chrome prior to 144.0.7559.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. * CVE-2026-1862: Type Confusion in V8 in Google Chrome prior to 144.0.7559.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. chromedriver-144.0.7559.132-bp157.2.109.1.x86_64.rpm chromium-144.0.7559.132-bp157.2.109.1.nosrc.rpm chromium-144.0.7559.132-bp157.2.109.1.x86_64.rpm chromedriver-144.0.7559.132-bp157.2.109.1.aarch64.rpm chromium-144.0.7559.132-bp157.2.109.1.aarch64.rpm chromedriver-144.0.7559.132-bp157.2.109.1.ppc64le.rpm chromium-144.0.7559.132-bp157.2.109.1.ppc64le.rpm openSUSE-2026-50 low openSUSE Backports SLE-15-SP7 Update This update for micropython fixes the following issues: - CVE-2026-1998: Fixed a segmentation fault in 'mp_map_lookup' via 'mp_import_all' (boo#1257803) - Version 1.26.1 * esp32: update esp_tinyusb component to v1.7.6 * tools: add an environment variable MICROPY_MAINTAINER_BUILD * esp32: add IDF Component Lockfiles to git repo * shared/tinyusb: fix hang from new tx_overwritabe_if_not_connected flag * shared/tinyusb/mp_usbd_cdc: rewrite USB CDC TX loop * tools/mpremote: don't apply Espressif DTR/RTS quirk to TinyUSB CDC dev - Fix building on single core systems * Skip tests/thread/stress_schedule.py when single core system detected - Build with mbedtls-3.6.5 instead of bundled 3.6.2 to fix CVE-2025-59438 - Version 1.26.0 * Added machine.I2CTarget for creating I2C target devices on multiple ports. * New MCU support: STM32N6xx (800 MHz, ML accel) and ESP32-C2 (WiFi + BLE). * Major float accuracy boost (~28% ~98%), constant folding in compiler. * Optimized native/Viper emitters; reduced heap use for slices. * Time functions standardized (1970 2099); new boards across ESP32, SAMD, STM32, Zephyr. * ESP32: ESP-IDF 5.4.2, flash auto-detect, PCNT class, LAN8670 PHY. * RP2: compressed errors, better lightsleep, hard IRQ timers. * Zephyr v4.0.0: PWM, SoftI2C/SPI, BLE runtime services, boot.py/main.py support. * mpremote adds fs tree, improved df, portable config paths. * Updated lwIP, LittleFS, libhydrogen, stm32lib; expanded hardware/CI tests. micropython-1.26.1-bp157.5.1.src.rpm micropython-1.26.1-bp157.5.1.x86_64.rpm mpremote-1.26.1-bp157.5.1.noarch.rpm mpy-tools-1.26.1-bp157.5.1.x86_64.rpm micropython-1.26.1-bp157.5.1.aarch64.rpm mpy-tools-1.26.1-bp157.5.1.aarch64.rpm openSUSE-2026-49 moderate openSUSE Backports SLE-15-SP7 Update This update for gn fixes the following issues: - Update to version 0.20251217: * Fix sha2 on big endian * [Windows] Reduce the number of worker threads on many-core machines * Add a sha256 hash implementation and use it for string_hash * Opt-in to the Windows SegmentHeap * Add a `module_name` flag to source_set. * Refactor module name to be dynamic. * Optimize vector creation in compile_commands_writer.cc. * Run 'tools/run_formatter.sh' * Implement `string_hash` function. * Support weak_libraries * Do not add .inputdeps paths to --ninja-outputs-file * Make clang modules output -fmodule-file=foo=<pcm>. * infra: Revert CIPD autoconf * infra: Include autoconf bin directory to PATH * infra: Fix autoconf executable path * infra: Use CIPD autoconf * Allow led access in GN via http://go/ciba * Revert "Build non-linkable deps async with Ninja's validaitons" * Upgrade linux bots from ubuntu 22.04 to ubuntu 24.04 * Use unordered_map instead of map in HeaderChecker * Add --file_relation to gn refs command * Optimize vector initialization and preallocation in desc_builder.cc. * Add `reserve` statement when vector size is known beforehand. * Refactor container update by preferring the range insert. * Handle symlinked directories correctly during gn clean on Windows. * Fix relative imports from args.gn. - Update to version 0.20250918: * update reference.md * Include -fmodule-file flags in compile_commands.json * Refactor C++ module dependency logic into a new utility * Gitiles navigation bar * Adds a len() function * Avoid clashes of include_dir in rust-project.json. * Check all targets to find duplicated outputs. * infra/config: Remove luci.recipes.use_python3 experiment * Handle empty outputs in WriteInputDepsStampOrPhonyAndGetDep * build: Propagate module dependencies through group targets * Deduplicate item in 'deps', 'sources' and related lists * infra: Update comment for macOS version used in CQ/CI * [Apple] Allow passing a manifest to the post-processing script * Update link to buganizer in README.md * [Apple] Fix `gn gen` when using swift and no_stamp_files * [Apple] Remove deprecated aliases for `post_processing_$var` * Revert "Allow newline in string literal" * Use std::ranges::all_of in parse_tree_unittest * infra: Correctly use macOS 13 instead of 11 * Update Xcode and macOS version in bots * infra: Add shadow buckets to trigger led job * Allow newline in string literal * Revert "Update macOS version to 13 used in CQ/CI" * Update macOS version to 13 used in CQ/CI * Refactor command_format.cc * Shorten targets from //path/to/foo:foo to //path/to/foo * Modernize and improve parse_tree.cc * Auto-format the codebase * Remove hardcoded -fmodules-embed-all-files flag * Reland "Use JSON escaping for JSON string output" gn-0.20251217-bp157.2.9.1.src.rpm gn-0.20251217-bp157.2.9.1.x86_64.rpm gn-0.20251217-bp157.2.9.1.i586.rpm gn-0.20251217-bp157.2.9.1.aarch64.rpm gn-0.20251217-bp157.2.9.1.ppc64le.rpm gn-0.20251217-bp157.2.9.1.s390x.rpm openSUSE-2026-44 important openSUSE Backports SLE-15-SP7 Update This update for tcpreplay fixes the following issues: - update to 4.5.2: * features added since 4.4.4 - fix/recalculate header checksum for ipv6-frag - IPv6 frag checksum support - AF_XDP socket support - tcpreplay -w (write into a pcap file) - tcpreaplay --fixhdrlen - --include and --exclude options - SLL2 support - Haiku support * security fixes reported for 4.4.4 fixed in 4.5.2 - CVE-2023-4256 / boo#1218249 - CVE-2023-43279 / boo#1221324 - CVE-2024-3024 / boo#1222131 (likely) - CVE-2024-22654 / boo#1243845 - CVE-2025-9157 / boo#1248322 - CVE-2025-9384 / boo#1248595 - CVE-2025-9385 / boo#1248596 - CVE-2025-9386 / boo#1248597 - CVE-2025-9649 / boo#1248964 - CVE-2025-51006 / boo#1250356 - see https://github.com/appneta/tcpreplay/compare/v4.4.4...v4.5.2 for full changelog - security fix for CVE-2025-8746 / boo#1247919 tcpreplay-4.5.2-bp157.2.3.1.src.rpm tcpreplay-4.5.2-bp157.2.3.1.x86_64.rpm tcpreplay-4.5.2-bp157.2.3.1.i586.rpm tcpreplay-4.5.2-bp157.2.3.1.aarch64.rpm tcpreplay-4.5.2-bp157.2.3.1.ppc64le.rpm tcpreplay-4.5.2-bp157.2.3.1.s390x.rpm openSUSE-2026-46 important openSUSE Backports SLE-15-SP7 Update This update for htmldoc fixes the following issues: - CVE-2024-46478: Fixed buffer overflow when handling tabs through the parse_pre function (boo#1232380). htmldoc-1.9.16-bp157.3.3.1.src.rpm htmldoc-1.9.16-bp157.3.3.1.x86_64.rpm htmldoc-1.9.16-bp157.3.3.1.i586.rpm htmldoc-1.9.16-bp157.3.3.1.aarch64.rpm htmldoc-1.9.16-bp157.3.3.1.ppc64le.rpm htmldoc-1.9.16-bp157.3.3.1.s390x.rpm openSUSE-2026-53 important openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: - fix INSTALL.sh again to replace the tags in desktop file, appdata and manpage (boo#1258199) - Chromium 145.0.7632.75: * CVE-2026-2441: Use after free in CSS (boo#1258185) - Chromium 145.0.7632.67: * Revert a change in url_fixer that may have caused crashes - Chromium 145.0.7632.45 (boo#1258116) * jpeg-xl support has been readded * CVE-2026-2313: Use after free in CSS * CVE-2026-2314: Heap buffer overflow in Codecs * CVE-2026-2315: Inappropriate implementation in WebGPU * CVE-2026-2316: Insufficient policy enforcement in Frames * CVE-2026-2317: Inappropriate implementation in Animation * CVE-2026-2318: Inappropriate implementation in PictureInPicture * CVE-2026-2319: Race in DevTools * CVE-2026-2320: Inappropriate implementation in File input * CVE-2026-2321: Use after free in Ozone * CVE-2026-2322: Inappropriate implementation in File input * CVE-2026-2323: Inappropriate implementation in Downloads chromedriver-145.0.7632.75-bp157.2.118.1.x86_64.rpm chromium-145.0.7632.75-bp157.2.118.1.nosrc.rpm chromium-145.0.7632.75-bp157.2.118.1.x86_64.rpm chromedriver-145.0.7632.75-bp157.2.118.1.aarch64.rpm chromium-145.0.7632.75-bp157.2.118.1.aarch64.rpm openSUSE-2026-54 moderate openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: - more fixes for desktop file, some variables were lowercased, further adaptions in INSTALL script (boo#1258199) - also copy rollup into third_party/node/node_modules - stay on llvm-10 for swiftshader but bring a similar patch - drop use of rollup binaries and use rollup-3.x which does not use prebuilt binaries (that fail at least on older ppc64le) follow the approach of the debian packaging - update/resync ppc64le patches from fedora chromedriver-145.0.7632.75-bp157.2.121.1.x86_64.rpm chromium-145.0.7632.75-bp157.2.121.1.nosrc.rpm chromium-145.0.7632.75-bp157.2.121.1.x86_64.rpm chromedriver-145.0.7632.75-bp157.2.121.1.aarch64.rpm chromium-145.0.7632.75-bp157.2.121.1.aarch64.rpm chromedriver-145.0.7632.75-bp157.2.121.1.ppc64le.rpm chromium-145.0.7632.75-bp157.2.121.1.ppc64le.rpm openSUSE-2026-59 important openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: - Chromium 145.0.7632.109 (boo#1258438): * CVE-2026-2648: Heap buffer overflow in PDFium * CVE-2026-2649: Integer overflow in V8 * CVE-2026-2650: Heap buffer overflow in Media chromedriver-145.0.7632.109-bp157.2.124.1.x86_64.rpm chromium-145.0.7632.109-bp157.2.124.1.nosrc.rpm chromium-145.0.7632.109-bp157.2.124.1.x86_64.rpm chromedriver-145.0.7632.109-bp157.2.124.1.aarch64.rpm chromium-145.0.7632.109-bp157.2.124.1.aarch64.rpm chromedriver-145.0.7632.109-bp157.2.124.1.ppc64le.rpm chromium-145.0.7632.109-bp157.2.124.1.ppc64le.rpm openSUSE-2026-56 important openSUSE Backports SLE-15-SP7 Update This update for python-nltk fixes the following issues: - CVE-2025-14009: Fixed Secure ZIP extraction (boo#1258436) python-nltk-3.7-bp157.3.3.1.src.rpm python3-nltk-3.7-bp157.3.3.1.noarch.rpm openSUSE-2026-66 moderate openSUSE Backports SLE-15-SP7 Update This update for gitea-tea fixes the following issues: - Fixed terminal rendering errors gitea-tea-0.11.1-bp157.2.12.1.src.rpm gitea-tea-0.11.1-bp157.2.12.1.x86_64.rpm gitea-tea-bash-completion-0.11.1-bp157.2.12.1.noarch.rpm gitea-tea-zsh-completion-0.11.1-bp157.2.12.1.noarch.rpm gitea-tea-0.11.1-bp157.2.12.1.i586.rpm gitea-tea-0.11.1-bp157.2.12.1.aarch64.rpm gitea-tea-0.11.1-bp157.2.12.1.ppc64le.rpm gitea-tea-0.11.1-bp157.2.12.1.s390x.rpm openSUSE-2026-63 important openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: - Chromium 145.0.7632.116 (boo#1258733): * CVE-2026-3061: Out of bounds read in Media * CVE-2026-3062: Out of bounds read and write in Tint * CVE-2025-3063: Inappropriate implementation in DevTools chromedriver-145.0.7632.116-bp157.2.127.1.x86_64.rpm chromium-145.0.7632.116-bp157.2.127.1.nosrc.rpm chromium-145.0.7632.116-bp157.2.127.1.x86_64.rpm chromedriver-145.0.7632.116-bp157.2.127.1.aarch64.rpm chromium-145.0.7632.116-bp157.2.127.1.aarch64.rpm chromedriver-145.0.7632.116-bp157.2.127.1.ppc64le.rpm chromium-145.0.7632.116-bp157.2.127.1.ppc64le.rpm openSUSE-2026-61 important openSUSE Backports SLE-15-SP7 Update This update for phpunit fixes the following issues: version 9.6.34: - CVE-2026-24765: prevent Poisoned Pipeline Execution (PPE) attacks using prepared .coverage (boo#1257381) php7-phpunit-9.6.34-bp157.2.3.1.noarch.rpm php7-phpunit-9.6.34-bp157.2.3.1.src.rpm php8-phpunit-9.6.34-bp157.2.3.1.noarch.rpm php8-phpunit-9.6.34-bp157.2.3.1.src.rpm openSUSE-2026-64 important openSUSE Backports SLE-15-SP7 Update This update for mosquitto fixes the following issues: - update to 2.0.23 (boo#1258671) * Fix handling of disconnected sessions for `per_listener_settings true` * Check return values of openssl *_get_ex_data() and *_set_ex_data() to prevent possible crash. This could occur only in extremely unlikely situations * Check return value of openssl ASN1_string_[get0_]data() functions for NULL. This prevents a crash in case of incorrect certificate handling in openssl * Fix potential crash on startup if a malicious/corrupt persistence file from mosquitto 1.5 or earlier is loaded * Limit auto_id_prefix to 50 characters - Update to version 2.0.22 Broker * Bridge: Fix idle_timeout never occurring for lazy bridges. * Fix case where max_queued_messages = 0 was not treated as unlimited. * Fix --version exit code and output. * Fix crash on receiving a $CONTROL message over a bridge, if per_listener_settings is set true and the bridge is carrying out topic remapping. * Fix incorrect reference clock being selected on startup on Linux. Closes #3238. * Fix reporting of client disconnections being incorrectly attributed to "out of memory". * Fix compilation when using WITH_OLD_KEEPALIVE. * Fix problems with secure websockets. * Fix crash on exit when using WITH_EPOLL=no. * Fix clients being incorrectly expired when they have keepalive == max_keepalive. Closes #3226, #3286. Dynamic security plugin * Fix mismatch memory free when saving config which caused memory tracking to be incorrect. Client library * Fix C++ symbols being removed when compiled with link time optimisation. * TLS error handling was incorrectly setting a protocol error for non-TLS errors. This would cause the mosquitto_loop_start() thread to exit if no broker was available on the first connection attempt. This has been fixed. Closes #3258. * Fix linker errors on some architectures using cmake. libmosquitto1-2.0.23-bp157.2.6.1.x86_64.rpm libmosquittopp1-2.0.23-bp157.2.6.1.x86_64.rpm mosquitto-2.0.23-bp157.2.6.1.src.rpm mosquitto-2.0.23-bp157.2.6.1.x86_64.rpm mosquitto-clients-2.0.23-bp157.2.6.1.x86_64.rpm mosquitto-devel-2.0.23-bp157.2.6.1.x86_64.rpm libmosquitto1-2.0.23-bp157.2.6.1.aarch64.rpm libmosquittopp1-2.0.23-bp157.2.6.1.aarch64.rpm mosquitto-2.0.23-bp157.2.6.1.aarch64.rpm mosquitto-clients-2.0.23-bp157.2.6.1.aarch64.rpm mosquitto-devel-2.0.23-bp157.2.6.1.aarch64.rpm libmosquitto1-2.0.23-bp157.2.6.1.ppc64le.rpm libmosquittopp1-2.0.23-bp157.2.6.1.ppc64le.rpm mosquitto-2.0.23-bp157.2.6.1.ppc64le.rpm mosquitto-clients-2.0.23-bp157.2.6.1.ppc64le.rpm mosquitto-devel-2.0.23-bp157.2.6.1.ppc64le.rpm libmosquitto1-2.0.23-bp157.2.6.1.s390x.rpm libmosquittopp1-2.0.23-bp157.2.6.1.s390x.rpm mosquitto-2.0.23-bp157.2.6.1.s390x.rpm mosquitto-clients-2.0.23-bp157.2.6.1.s390x.rpm mosquitto-devel-2.0.23-bp157.2.6.1.s390x.rpm openSUSE-2026-72 moderate openSUSE Backports SLE-15-SP7 Update This update for libaec fixes the following issues: Libaec was updated to version 1.1.6 to fix a buffer overflow [bnc#1258965]. libaec-1.1.6-bp157.2.4.1.src.rpm libaec-debugsource-1.1.6-bp157.2.4.1.x86_64.rpm libaec-devel-1.1.6-bp157.2.4.1.x86_64.rpm libaec0-1.1.6-bp157.2.4.1.x86_64.rpm libaec0-debuginfo-1.1.6-bp157.2.4.1.x86_64.rpm libsz2-1.1.6-bp157.2.4.1.x86_64.rpm libsz2-debuginfo-1.1.6-bp157.2.4.1.x86_64.rpm sz2-devel-1.1.6-bp157.2.4.1.x86_64.rpm libaec-debugsource-1.1.6-bp157.2.4.1.i586.rpm libaec-devel-1.1.6-bp157.2.4.1.i586.rpm libaec0-1.1.6-bp157.2.4.1.i586.rpm libaec0-32bit-1.1.6-bp157.2.4.1.x86_64.rpm libaec0-32bit-debuginfo-1.1.6-bp157.2.4.1.x86_64.rpm libaec0-debuginfo-1.1.6-bp157.2.4.1.i586.rpm libsz2-1.1.6-bp157.2.4.1.i586.rpm libsz2-32bit-1.1.6-bp157.2.4.1.x86_64.rpm libsz2-32bit-debuginfo-1.1.6-bp157.2.4.1.x86_64.rpm libsz2-debuginfo-1.1.6-bp157.2.4.1.i586.rpm sz2-devel-1.1.6-bp157.2.4.1.i586.rpm libaec-debugsource-1.1.6-bp157.2.4.1.aarch64.rpm libaec-devel-1.1.6-bp157.2.4.1.aarch64.rpm libaec0-1.1.6-bp157.2.4.1.aarch64.rpm libaec0-64bit-1.1.6-bp157.2.4.1.aarch64_ilp32.rpm libaec0-64bit-debuginfo-1.1.6-bp157.2.4.1.aarch64_ilp32.rpm libaec0-debuginfo-1.1.6-bp157.2.4.1.aarch64.rpm libsz2-1.1.6-bp157.2.4.1.aarch64.rpm libsz2-64bit-1.1.6-bp157.2.4.1.aarch64_ilp32.rpm libsz2-64bit-debuginfo-1.1.6-bp157.2.4.1.aarch64_ilp32.rpm libsz2-debuginfo-1.1.6-bp157.2.4.1.aarch64.rpm sz2-devel-1.1.6-bp157.2.4.1.aarch64.rpm libaec-debugsource-1.1.6-bp157.2.4.1.ppc64le.rpm libaec-devel-1.1.6-bp157.2.4.1.ppc64le.rpm libaec0-1.1.6-bp157.2.4.1.ppc64le.rpm libaec0-debuginfo-1.1.6-bp157.2.4.1.ppc64le.rpm libsz2-1.1.6-bp157.2.4.1.ppc64le.rpm libsz2-debuginfo-1.1.6-bp157.2.4.1.ppc64le.rpm sz2-devel-1.1.6-bp157.2.4.1.ppc64le.rpm libaec-debugsource-1.1.6-bp157.2.4.1.s390x.rpm libaec-devel-1.1.6-bp157.2.4.1.s390x.rpm libaec0-1.1.6-bp157.2.4.1.s390x.rpm libaec0-debuginfo-1.1.6-bp157.2.4.1.s390x.rpm libsz2-1.1.6-bp157.2.4.1.s390x.rpm libsz2-debuginfo-1.1.6-bp157.2.4.1.s390x.rpm sz2-devel-1.1.6-bp157.2.4.1.s390x.rpm openSUSE-2026-74 moderate openSUSE Backports SLE-15-SP7 Update This update for gitea-tea fixes the following issues: - update to 0.12.0: * New Features - Add tea actions commands for managing workflow runs and workflows in #880, #796 - Add tea api subcommand for arbitrary API calls not covered by existing commands in #879 - Add repository webhook management commands in #798 - Add JSON output support for single PR view in #864 - Add JSON output and file redirection for issue detail view in #841 - Support creating AGit flow pull requests in #867 * Bug Fixes - Fix authentication via environment variables when specifying repo argument in #809 - Fix issue detail view ignoring --owner flag in #899 - Fix PR create crash in #823 - Fix TTY prompt handling in #897 - Fix termenv OSC RGBA handling in #907 - Fix labels delete command and --id flag type in #865 - Fix delete repo command description in #858 - Fix pagination flags for secrets list, webhooks list, and pull requests list in #853, #852, - #851 - Enable git worktree support and improve PR create error handling in #850 - Only prompt for SSH passphrase when necessary in #844 - Only prompt for login confirmation when no default login is set in #839 - Skip token uniqueness check when using SSH authentication in #898 - Require non-empty token in GetLoginByToken in #895 - Fix config file permissions to remove group read/write in #856 * Improvements - Add file locking for safe concurrent access to config file in #881 - Improve error messages throughout the CLI in #871 - Send consistent HTTP request headers in #888 - Revert requiring HTTP/HTTPS login URLs; restore SSH as a login method in #891 - Refactor context into dedicated subpackages in #873, #888 - General code cleanup and improvements in #869, #870 - Add test coverage for login matching in #820 * Build & Dependencies - Build with Go 1.25 in #886 - Build for Windows aarch64 - Update Gitea SDK version in #868 - Update Nix flake in #872 - Update dependencies including lipgloss v2, urfave/cli v3.6.2, go-git v5.16.5, and various Go modules in #849, #875, #876, #878, #884, #885, #900, #901, #904, #905 - Update CI actions (checkout v6, setup-go v6) in #882, #883 gitea-tea-0.12.0-bp157.2.15.1.src.rpm gitea-tea-0.12.0-bp157.2.15.1.x86_64.rpm gitea-tea-bash-completion-0.12.0-bp157.2.15.1.noarch.rpm gitea-tea-zsh-completion-0.12.0-bp157.2.15.1.noarch.rpm gitea-tea-0.12.0-bp157.2.15.1.i586.rpm gitea-tea-0.12.0-bp157.2.15.1.aarch64.rpm gitea-tea-0.12.0-bp157.2.15.1.ppc64le.rpm gitea-tea-0.12.0-bp157.2.15.1.s390x.rpm openSUSE-2026-76 moderate openSUSE Backports SLE-15-SP7 Update This update for kanidm fixes the following issues: - Update to version 1.9.1~git0.36055feca: * Release 1.9.1 * 20260220 prevent migration accidents (#4156) * Alert on unsaved changes (#4155) * Warn about systemd-userdb (#4147) * Dont be as upset when migration dir doesnt exist (#4146) - Update to version 1.9.0~git0.2df2bfc4a: * Release 1.9.0 * Allow LDAP CA verification to be disabled in sync (#4133) * Add oauth2 example, fix inter-migration reference handling (#4136) * Corrected recycle_bin.md typo (#4135) * Set docker tag properly * Release "1.9.0-pre"-pre * chore: Release Notes (#4129) * Update to use hjson (#4128) * Python OpenAPI-based internals (#4119) * Allow reseting (aka clearing) softlocks (#4111) * 20260122 SCIM batch (#4088) * Improve upgrade/downgrade testing and checks (#4125) * Adding scripts for testing nginx and proxyv1 ldap, updating haproxy-protocol (#4087) * Allow extra characters in claim names (#4110) * Add ability to backup via stdout (#4114) * Remove mozilla webauthn authenticator backend (#4118) * 20260205 truncate service acct tokens (#4113) * clarify ssh_publickeys oidc claim (#4116) * Add note about building client tools locked (#4117) * add RFC8693 to features section of the book (#4112) * FIX: make tracing-forest stop panic'ing things when enabling otel (#4105) * Bump bytes from 1.11.0 to 1.11.1 (#4107) * Tweaking rm_if_exist to remove a race condition (#4103) * Set `sudo_provider = none` in sssd.conf; Update default value for LDAP_MAXIMUM_QUERYABLE_ATTRIBUTES (#4098) * Improve secure origin handling in OAuth2 (#4097) * Radius support for SAN-DN (#4094) * Bump the all group with 10 updates (#4093) * Allow UUID when Name also allowed (#4089) * Disallow methods that should not be used (#4083) * Prevent panic (#4082) * 20260116 kanidmd json mode (#4075) * Return http409 on AttrUniqueness error (#4079) * Hardening against process errors (#4061) * 20260108 sync polish (#4054) * Allow overriding css (#4077) * Bump the all group with 8 updates (#4078) * Support homeDirectory virtual attribute (#4073) * Bump the uv group across 2 directories with 3 updates (#4074) * Allow invalid passwords to be skipped (#4071) * shrinking logo.svg and re-brotli-ing others (#4069) * fallback for target_os dependency management in kanidm_tools webauthn-authenticator-rs (#4067) * allows service desk to change account validity (#4068) * kanidm-ipa-sync aws-lc-rs crypto provider fix (#4065) * 20260107 unixd documentation (#4046) * Bump the all group with 12 updates (#4059) * Bump lru from 0.16.2 to 0.16.3 (#4047) * Prevent server crashing on requests with low log level (#4039) * Correct rw flag in service account documentation (#4042) * Bump rsa from 0.9.9 to 0.9.10 (#4041) * Implement OIDC auth for service-accounts (RFC8963) (#4021) * 20251219 Uint64/Int64 syntax types (#4022) * Bump the all group across 1 directory with 16 updates (#4036) * update askama, askama_web to v0.15 (#4030) * Bump the all group with 11 updates (#4024) * Bump yescrypt from 0.1.0-rc.0 to 0.1.0-rc.1 in the all group (#4017) * Bump the all group with 2 updates (#4016) * OAuth2 CSP form-action (#4011) * Handle concurrent pam sessions. (#4001) * Bump the all group with 5 updates (#4005) * fix: correcting parsing of backup compression input (#3995) * Add a home strategy framework (#3985) * Bump the all group with 8 updates (#3996) * Resolve infinite reauth loop (#3992) * Ignore CredentialTypeMinimum during migrations (#3991) * Allow disabling OAuth2 consent prompt (#3972) * Report correct client IP in request log (#3990) * Ensure that privileged sessions expirations are synced (#3984) * Add reference to the Kanidm anthem (#3987) * Missing constraint on skip upgrade process (#3983) * Changing how we parse environment variables in kanidmd (#3977) * Document the upgrade process through versions. (#3982) * Bump actions/checkout from 5 to 6 in the all group (#3979) * Bump the all group with 8 updates (#3980) * lib crypto should not depend on proto (#3975) * Change AttributeUniqueness to yield BAD_REQUEST (#3974) * fix: kanidm_build_profiles has unwrap which can cause builds to fail (#3973) * Small fixes (#3965) * Make log messages more verbose for issues with resources server (#3954) * unixd_tasks: update home alias symlink conditionally and atomically (#3947) * Manually handle form bytes to allow optional encoding (#3968) * Improve handling of ready event (#3967) * Fix typo in kanidm-ldap-sync (#3964) * Bump the all group with 10 updates (#3963) * Bump js-yaml (#3957) * Bump the all group with 3 updates (#3948) * 20251108 lld (#3944) * Improve uid/gid overlap message during IAM migration (#3943) * 1.9.0-dev (#3939) - Enable python bindings for the primary python version on newer distributions and 3.11 on 15.x - Update to version 1.8.6~git0.268c71d0a: * Release 1.8.6 * Release 1.8.5 * OAuth2 CSP form-action (#4011) * Force webauthn 0.5.4 kanidm-1.9.1~git0.36055feca-bp157.2.29.1.src.rpm kanidm-1.9.1~git0.36055feca-bp157.2.29.1.x86_64.rpm kanidm-clients-1.9.1~git0.36055feca-bp157.2.29.1.x86_64.rpm kanidm-docs-1.9.1~git0.36055feca-bp157.2.29.1.x86_64.rpm kanidm-server-1.9.1~git0.36055feca-bp157.2.29.1.x86_64.rpm kanidm-unixd-clients-1.9.1~git0.36055feca-bp157.2.29.1.x86_64.rpm kanidm-1.9.1~git0.36055feca-bp157.2.29.1.aarch64.rpm kanidm-clients-1.9.1~git0.36055feca-bp157.2.29.1.aarch64.rpm kanidm-docs-1.9.1~git0.36055feca-bp157.2.29.1.aarch64.rpm kanidm-server-1.9.1~git0.36055feca-bp157.2.29.1.aarch64.rpm kanidm-unixd-clients-1.9.1~git0.36055feca-bp157.2.29.1.aarch64.rpm openSUSE-2026-69 important openSUSE Backports SLE-15-SP7 Update This update for python-nltk fixes the following issues: - CVE-2026-0847: Fixed an issue where improper sanitization of file paths could lead to path traversal (boo#1259232) python-nltk-3.7-bp157.3.6.1.src.rpm python3-nltk-3.7-bp157.3.6.1.noarch.rpm openSUSE-2026-70 important openSUSE Backports SLE-15-SP7 Update This update for roundcubemail fixes the following issues: - update to 1.6.13 This is a security update to the stable version 1.6 of Roundcube Webmail. It provides fixes to recently reported security vulnerabilities: + Fix CSS injection vulnerability reported by CERT Polska (boo#1258052, CVE-2026-26079). + Fix remote image blocking bypass via SVG content reported by nullcathedral (boo#1257909, CVE-2026-25916). This version is considered stable and we recommend to update all productive installations of Roundcube 1.6.x with it. Please do backup your data before updating! CHANGELOG + Managesieve: Fix handling of string-list format values for date tests in Out of Office (#10075) + Fix CSS injection vulnerability reported by CERT Polska. + Fix remote image blocking bypass via SVG content reported by nullcathedral. - update to 1.6.12 This is a security update to the stable version 1.6 of Roundcube Webmail. It provides fixes to recently reported security vulnerabilities: + Fix Cross-Site-Scripting vulnerability via SVG's animate tag reported by Valentin T., CrowdStrike (boo#1255308, CVE-2025-68461). + Fix Information Disclosure vulnerability in the HTML style sanitizer reported by somerandomdev (boo#1255306, CVE-2025-68460). This version is considered stable and we recommend to update all productive installations of Roundcube 1.6.x with it. + Support IPv6 in database DSN (#9937) + Don't force specific error_reporting setting + Fix compatibility with PHP 8.5 regarding array_first() + Remove X-XSS-Protection example from .htaccess file (#9875) + Fix "Assign to group" action state after creation of a first group (#9889) + Fix bug where contacts search would fail if contactlist_fields contained vcard fields (#9850) + Fix bug where an mbox export file could include inconsistent message delimiters (#9879) + Fix parsing of inline styles that aren't well-formatted (#9948) + Fix Cross-Site-Scripting vulnerability via SVG's animate tag + Fix Information Disclosure vulnerability in the HTML style sanitizer roundcubemail-1.6.13-bp157.2.6.1.noarch.rpm roundcubemail-1.6.13-bp157.2.6.1.src.rpm openSUSE-2026-78 important openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: Chromium 145.0.7632.159 (boo#1259213) * CVE-2026-3536: Integer overflow in ANGLE * CVE-2026-3537: Object lifecycle issue in PowerVR * CVE-2026-3538: Integer overflow in Skia * CVE-2026-3539: Object lifecycle issue in DevTools * CVE-2026-3540: Inappropriate implementation in WebAudio * CVE-2026-3541: Inappropriate implementation in CSS * CVE-2026-3542: Inappropriate implementation in WebAssembly * CVE-2026-3543: Inappropriate implementation in V8 * CVE-2026-3544: Heap buffer overflow in WebCodecs * CVE-2026-3545: Insufficient data validation in Navigation chromedriver-145.0.7632.159-bp157.2.130.1.x86_64.rpm chromium-145.0.7632.159-bp157.2.130.1.nosrc.rpm chromium-145.0.7632.159-bp157.2.130.1.x86_64.rpm chromedriver-145.0.7632.159-bp157.2.130.1.aarch64.rpm chromium-145.0.7632.159-bp157.2.130.1.aarch64.rpm chromedriver-145.0.7632.159-bp157.2.130.1.ppc64le.rpm chromium-145.0.7632.159-bp157.2.130.1.ppc64le.rpm openSUSE-2026-80 important openSUSE Backports SLE-15-SP7 Update This update for coredns fixes the following issues: Update to version 1.14.2: - CVE-2026-26017: Fixed DNS access control bypass due to default execution order of plugins and TOCTOU flaw (bsc#1259320). - CVE-2026-26018: Fixed denial of service in the loop detection plugin due to predictable PRNG combined with fatal error handler (bsc#1259319). - CVE-2025-68156: Fixed uncontrolled recursion in expression evaluation can cause a denial of service (bsc#1255345). coredns-1.14.2-bp157.2.13.1.src.rpm coredns-1.14.2-bp157.2.13.1.x86_64.rpm coredns-extras-1.14.2-bp157.2.13.1.noarch.rpm coredns-1.14.2-bp157.2.13.1.aarch64.rpm coredns-1.14.2-bp157.2.13.1.ppc64le.rpm openSUSE-2026-92 moderate openSUSE Backports SLE-15-SP7 Update This update for keepassxc fixes the following issues: - update to 2.7.12: - changes - Passkeys: Set BE and BS flags to true (NOTE: MAY BREAK EXISTING PASSKEYS) [#13042] - Support TIMEOTP autotype and entry placeholder [#13117] - Browser: Show URLs in browser access dialog [#12906] - Bitwarden Import: Add support for nested folders [#13081] - Fixes - Prevent exploits through OpenSSL configurations [#13118, #13124] - Auto-Type: Revert change that caused race condition on Linux [#12738] - Auto-Type: Fix help button enablement [#12937] - Browser: Fix showing correct checkbox value in entry Browser Integration settings [#12980] - Browser: Fix setting browser related values to customData [#13026] - Passkeys: Add publicKey to register response [#12757] - Fix main entry URL validation when using placeholders [#12964] - Fix minor font and theme issues [#12814] - Fix 'Remove' button in Plugin Data being enabled when no row is selected [#12916] - Sanitize attachment file names before saving [#13114] - update to 2.7.11: - Changes - Add image, HTML, Markdown preview, and text editing support to inline attachment viewer [#12085, #12244, #12654] - Add database merge confirmation dialog [#10173] - Add option to auto-generate a password for new entries [#12593] - Add support for group sync in KeeShare [#11593] - Add {UUID} placeholder for use in references [#12511] - Add 'Wait for Enter' search option [#12263] - Add keyboard shortcut to 'Jump to Group' from search results [#12225] - Add predefined search for TOTP entries [#12199] - Add confirmation when closing database via ESC key [#11963] - Add support for escaping placeholder expressions [#11904] - Reduce tab indentation width in notes fields [#11919] - Cap default Argon2 parallelism when creating a new database [#11853] - Database lock after inactivity now enabled by default and set to 900 seconds [#12689, #12609] - Copying TOTP now opens setup dialog if none is configured for entry [#12584] - Make double click action configurable [#12322] - Remove unused 'Last Accessed' from GUI [#12602] - Auto-Type: Add more granular confirmation settings [#12370] - Auto-Type: Add URL typing preset and add copy options to menu [#12341] - Browser: Do not allow sites automatically if entry added from browser extension [#12413] - Browser: Add options to restrict exposed groups [#9852, #12119] - Bitwarden Import: Add support for timestamps and password history [#12588] - macOS: Add Liquid Glass icon [#12642] - macOS: Remove theme-based menubar icon toggle [#12685] - macOS: Add Window and Help menus [#12357] - Windows: Add option to add KeePassXC to PATH during installation [#12171] - Fixes - Fix window geometry not being restored properly when KeePassXC starts in tray [#12683] - Fix potential database truncation when using direct write save method with YubiKeys [#11841] - Fix issue with database backup saving [#11874] - Fix UI lockups during startup with multiple tabs [#12053] - Fix keyboard shortcuts when menubar is hidden [#12431] - Fix clipboard being cleared on exit even if no password was copied [#12603] - Fix single-instance detection when username contains invalid filename characters [#12559] - Fix 'Search Wait for Enter' setting not being save [#12614] - Fix hotkey accelerators not being escaped properly on database tabs [#12630] - Fix confusing error if user cancels out of key file edit dialog [#12639] - Fix issues with saved searches and 'Press Enter to Search' option [#12314] - Fix URL wildcard matching [#12257] - Fix TOTP visibility on unlock and settings change [#12220] - Fix KeeShare entries with reference attributes not updating [#11809] - Fix sort order not being maintained when toggling filters in database reports [#11849] - Fix several UI font and layout issues [#11967, #12102] - Prevent mouse wheel scroll on edit username field [#12398] - Improve base translation consistency [#12432] - Improve inactivity timer [#12246] - Documentation improvements [#12373, #12506] - Browser: Fix ordering of clientDataJSON in Passkey response object [#12120] - Browser: Fix URL matching for additional URLs [#12196] - Browser: Fix group settings inheritance [#12368] - Browser: Allow read-only native messaging config files [#12236] - Browser: Optimise entry iteration in browser access control dialog [#11817] - Browser: Fix 'Do not ask permission for HTTP Basic Auth' option [#11871] - Browser: Fix native messaging path for Tor Browser launcher on Linux [#12005] - Auto-Type: Fix empty window behaviour [#12622] - Auto-Type: Take delays into account when typing TOTP [#12691] - SSH Agent: Fix out-of-memory crash with malformed SSH keys [#12606] - CSV Import: Fix modified and creation time import [#12379] - CSV Import: Fix duplication of root groups on import [#12240] - Proton Pass Import: Fix email addresses not being imported when no username set [#11888] - macOS: Fix secure input getting stuck [#11928] - Windows: Prevent launch as SYSTEM user from MSI installer [#12705] - Windows: Remove broken check for MSVC Redistributable from MSI installer [#11950] - Linux: Fix startup delay due to StartupNotify setting in desktop file [#12306] - Linux: Fix memory initialisation when --pw-stdin is used with a pipe [#12050] keepassxc-2.7.12-bp157.2.3.1.src.rpm keepassxc-2.7.12-bp157.2.3.1.x86_64.rpm keepassxc-debuginfo-2.7.12-bp157.2.3.1.x86_64.rpm keepassxc-debugsource-2.7.12-bp157.2.3.1.x86_64.rpm keepassxc-lang-2.7.12-bp157.2.3.1.noarch.rpm keepassxc-2.7.12-bp157.2.3.1.aarch64.rpm keepassxc-debuginfo-2.7.12-bp157.2.3.1.aarch64.rpm keepassxc-debugsource-2.7.12-bp157.2.3.1.aarch64.rpm keepassxc-2.7.12-bp157.2.3.1.ppc64le.rpm keepassxc-debuginfo-2.7.12-bp157.2.3.1.ppc64le.rpm keepassxc-debugsource-2.7.12-bp157.2.3.1.ppc64le.rpm keepassxc-2.7.12-bp157.2.3.1.s390x.rpm keepassxc-debuginfo-2.7.12-bp157.2.3.1.s390x.rpm keepassxc-debugsource-2.7.12-bp157.2.3.1.s390x.rpm openSUSE-2026-83 moderate openSUSE Backports SLE-15-SP7 Update This update for gh fixes the following issues: - Update to version 2.88.0: * fix: add if guard to no-response job to prevent running on workflow_dispatch * Add pitch surfacing workflow (monthly + manual dispatch) * fix: address review feedback on squash merge commit message * fix: gofmt alignment in test struct literals * feat(repo): add --squash-merge-commit-message flag to gh repo edit * chore(deps): bump golang.org/x/sync from 0.19.0 to 0.20.0 * refactor: change extractFileName param from []byte to string * Update Go version requirement to 1.26+ * Bump golangci-lint from v2.6.0 to v2.11.0 for Go 1.26 support * Bump Go from 1.25.7 to 1.26.1 to fix stdlib vulnerabilities * Address review comments: use actorDisplayName for Copilot author display * Show friendly display names in gh issue view * Add generic actorDisplayName for all actor display names * Show friendly Copilot (AI) name in gh pr view * fix: align example indentation with codebase convention * fix: address review feedback for --exclude flag * fix: share diffHeaderRegexp between changedFilesNames and extractFileName, fix gofmt * feat(pr diff): add --exclude flag to filter files from diff output * Fetch org teams via repository.owner inline fragment * chore(deps): bump google.golang.org/grpc from 1.79.1 to 1.79.2 * Exclude PR author from reviewer candidates in SuggestedReviewerActors * Fix duplicate reviewers in gh pr edit by passing logins as defaults * Exclude current user from suggested reviewers in gh pr create * Replace @copilot with Copilot reviewer login in gh pr create * Add TODO requestReviewsByLoginCleanup on GHES ID-based reviewer path * Remove /slug team reviewer shorthand normalization * Add TODO requestReviewsByLoginCleanup on static reviewer MultiSelect * Check state.ActorReviewers in MetadataSurvey reviewer search gate * Label Copilot detection in SuggestedReviewerActorsForRepo as a hack * Add TODO requestReviewsByLoginCleanup in CreatePullRequest * refactor: deduplicate scope error handling between api/client.go and project queries * Fix extension install error message showing raw struct instead of owner/repo (#12836) * chore(deps): bump github.com/docker/cli * Remove StateReason feature detection for issue close * Remove unnecessary StateReasonDuplicate feature detection * docs: add examples to gh issue close help text (#12830) * Fix incorrect integer conversion from int to uint16 in port forwarder (#12831) * Combine issue feature detection into a single GraphQL query * feat(browse): add blame flag * Reword `--no-upstream` help doc * test(issue list): cover additional PR search qualifier variants * fix(issue list): reject pull request-only search qualifiers * chore(deps): bump goreleaser/goreleaser-action from 6.4.0 to 7.0.0 * chore(deps): bump github.com/gabriel-vasile/mimetype * chore(deps): bump google.golang.org/grpc from 1.78.0 to 1.79.1 * chore(deps): bump actions/attest-build-provenance from 3.2.0 to 4.1.0 * chore(deps): bump actions/download-artifact from 7 to 8 * chore(deps): bump actions/upload-artifact from 6 to 7 * Set COPILOT_GH env var when launching Copilot CLI * Simplify progress indicators in issue develop * Emit null for zero createdAt/updatedAt values * Address Copilot review feedback * Polish --json support for agent-task view * Polish --json support for agent-task list * Fix gofmt alignment in view_test.go * feat(pr): add changeType field to files JSON output * Add --duplicate-of flag and duplicate reason to gh issue close * Add --json support to `gh agent-task view` * Add --json support to `gh agent-task list` * fix(project/item-edit): preserve title/body when editing draft issue with partial flags * Add databaseId to assignees GraphQL fragment * fix(licenses): implement VCS-friendly embedding * chore(gitignore): ignore generated license files * Use pre-compiled regexp for matching Content-Type * chore(script/licenses): fix indentation * fix(script/licenses): generate licenses in separate dirs * Fix invalid ANSI SGR escape code in JSON and diff colorization * Add --no-upstream flag to gh repo clone * Clarify ReviewerCandidate relationship to AssignableActor * Move PR review queries from queries_pr.go to queries_pr_review.go * Use org/slug format in test fixtures and remove /slug normalization * Normalize /slug team shorthand to org/slug and fix docs * Include bot logins in login-based reviewer mutation guard * Skip reviewer metadata fetch when using search-based selection * Update test assertions to expect org/slug team format * Wire bot reviewer logins through CreatePullRequest * Partition bot reviewers separately for RequestReviewsByLogin * Preserve org/slug format for team reviewer slugs * Apply suggestion from @BagToad * Remove redundant comment * Don't swallow error from FD * Remove redundant comments * Fix issue develop repeated invocation with named branches * Fix redundant API call in gh issue view --comments (#12606) * Add toGitHubV4Strings helper to reduce code duplication * Address PR review comments * gh pr create: CCR and multiselectwithsearch * trigger rerun * test: TestGenerateScopeErrorForGQL and TestRequiredScopesFromServerMessage * fix: clarify scope error while creating issues for projects * fix: error when --remote flag used with repo argument * build: customizable install `prefix` - Update to version 2.87.3: * Fix project mutation query variable usage - Update to version 2.87.2: * chore(deps): bump golang.org/x/crypto from 0.47.0 to 0.48.0 * fix(agent-task/capi): fix capi API version * Remove debris licenses - Update to version 2.87.0: * Bundle licenses at release time (#12625) * Rename query for clarity * Remove pointer comments * Simplify error message * Remove DTO concept * Add `--query` flag to `project item-list` (#12696) * Clarify --clobber flag deletes assets before re-uploading * Add usage examples to gh gist edit command * Remove feedback issue template * Migrate PR triage workflows to shared workflows * Rename triage workflow to triage-discussion-label * Pass environment as input to shared triage workflow * Add missing environment and label check to triage workflow * Initial plan * fix(workflow run): bail out on feature detection error * refactor(featuredetection): remove temp in favour of early returns * docs(workflow run): improve help docs * docs(workflow run): add cleanup marker with explanation on future changes * fix(workflow run): apply `url.PathEscape` when compiling URL * refactor(workflow run): remove temp `out` * Add missing TODO comments for featuredetection if-statements * docs(featuredetection): fix typo in comment * test(featuredetection): fix test case name * test(workflow run): verify retrieval of workflow run details * feat(workflow run): retrieve workflow run if supported by the API * test(featuredetection): add tests for `ActionsFeatures` * fix(featuredetection): add `ActionsFeatures` to detect workflow dispatch features * pin REST API version to 2022-11-28 * Migrate stale workflow to shared workflow * Respect --exit-status with --log and --log-failed * document fork default branch behavior * Migrate issue triage workflows to shared workflows * fork default branch only in pr create * update third party licenses * chore(deps): bump golang.org/x/crypto from 0.46.0 to 0.47.0 * Add manual dispatch to bump-go workflow * bump go to 1.25.7 * update third party licenses * chore(deps): bump golang.org/x/term from 0.38.0 to 0.39.0 * update third party licenses * chore(deps): bump golang.org/x/text from 0.32.0 to 0.33.0 * Add toGitHubV4Strings helper to reduce code duplication * Address PR review comments * update third party licenses * chore(deps): bump github.com/gdamore/tcell/v2 from 2.13.4 to 2.13.7 * Update third party licenses * chore(deps): bump github.com/theupdateframework/go-tuf/v2 * Update third-party licenses * Clarify comment on reviewer API behavior * Clarify assignee/reviewer fetching behavior * Clarify EditableReviewers comment * Clarify Copilot assignee comment * Use unfiltered totalCount for reviewer 'more results' display * Include name in reviewer display for existing review requests * update Go 1.25.6 * Implement cascading quota for reviewer suggestions * fix(pr edit): send empty slices to clear reviewers in replace mode * Fix return proper slug only for ReviewerTeam * Remove redundant comment * chore: update licenses * chore: bump `cli/oauth` to `v1.2.2` * Add CCR and reviewer MultiSelectWithSearch * chore(deps): bump actions/attest-build-provenance from 3.1.0 to 3.2.0 * Remove outdated comment in SuggestedAssignableActors * Apply suggestions from code review * Remove outdated TODO comments in survey.go * Remove redundant comment in editRun test * Return total assignee count in SuggestedAssignableActors * Add test for MultiSelectWithSearch error propagation * Add test for legacy assignee flow on GHES * Remove unused Viewer struct from SuggestedAssignableActors * Add comments to assigneeSearchFunc for clarity * Simplify variables map in SuggestedAssignableActors * Simplify suggested assignable actors * Fix linter and mock prompter signature * Apply suggestions from code review * Apply suggestions from code review * Clarify TODO comment for reviewer search function * Only support assignee searchfunc on GitHub.com * Update edit tests * Refactor MultiSelectWithSearch to use result struct * Add comment describing logger * Pass editable to assigneeSearchFunc and update metadata * Add dynamic assignee search to PR edit flow * MultiSelectWithSearch initial implementation * prshared: named prompt interface parameters * typo: dont to don't * chore(deps): bump goreleaser/goreleaser-action from 6.0.0 to 6.4.0 * chore: update licenses * chore(deps): bump github.com/sigstore/rekor from 1.4.3 to 1.5.0 * chore(deps): bump github.com/theupdateframework/go-tuf/v2 * chore: update licenses * chore(deps): bump github.com/sigstore/sigstore from 1.10.0 to 1.10.4 * docs: lint source.md * fix(pr/shared): improve `ParseFullReference` error message * Fix fmt.Errorf format argument in ParseFullReference * chore(deps): bump actions/upload-artifact from 5 to 6 * chore(deps): bump actions/download-artifact from 6 to 7 - Update to version 2.86.0: * refactor: address review comments * Update contributing guidelines for clarity * test(copilot): fix windows asset URL * fix(cache delete): add unit tests and expand help doc * feat(cache delete): allow for delete all caches for a ref * Fix OS name in test archive filename to 'win32' * fix(copilot): replace `windows` with `win32` to match asset names * fix(root): avoid command name collision when registering extensions * chore(root): register `copilot` command * feat: add `copilot` command * refactor(run download): extract zip extraction func into a separate package * fix: error when head and base refs are identical in pr create - Update to version 2.85.0: * fix: simplify set-default remote parsing * Handle repo argument before remote name * chore: update licenses * chore(deps): bump github.com/yuin/goldmark from 1.7.13 to 1.7.16 * chore: update licenses using `go-licenses@v2` * chore: install `go-licenses@v2` in scripts * Update go-licenses for 1.25 * chore: update licenses * chore: bump `github.com/sigstore/sigstore-go` to `v1.1.4` * chore: remove redundant comment * ci: enable noop linters * Add shell specification for temporary tag creation * ci: shorten `run` block * ci: improve step name * ci: tag per build job * Update Azure Code Signing endpoint URL * Update Azure Code Signing client to 1.0.95 * Update actions/checkout to v6 in extension workflow templates * feat: allow git remote names in gh repo set-default * Add test to ensure null values are skipped * ci: disable create storage record for artifacts * chore(deps): bump actions/attest-build-provenance from 3.0.0 to 3.1.0 * chore: run `go mod tidy` * chore: update licenses * chore: upgrade `github.com/cli/oauth` to `v1.2.1` * fix: prevent panic when processing null project items * ci: fix binary artficat dirs used in macos job * ci: fix binary artifact dir paths used in Windows job * ci: upgrade to GoReleaser v2 CLI syntax for `--skip` * ci: limit deb/rpm packages to `linux` build * ci: replace `archives.format` with `archives.formats` array * ci: remove redundant `archives.rlcp` * ci: replace `archives.builds` with `archives.ids` * ci: quote 386 arch * ci: upgrade `.goreleaser.yml` to v2 * ci: upgrade to GoReleaser v2 * chore: update licenses * chore(deps): bump golang.org/x/crypto from 0.45.0 to 0.46.0 * chore: update licenses * chore(deps): bump github.com/gdamore/tcell/v2 from 2.13.2 to 2.13.4 * chore(deps): bump golangci/golangci-lint-action from 9.1.0 to 9.2.0 * chore: update licenses * chore: update licenses * chore(deps): bump github.com/spf13/cobra from 1.10.1 to 1.10.2 * chore: update licenses * chore(deps): bump golang.org/x/term from 0.37.0 to 0.38.0 * chore: update licenses * chore(deps): bump golang.org/x/text from 0.31.0 to 0.32.0 * chore: update licenses * chore(deps): bump golang.org/x/sync from 0.18.0 to 0.19.0 * Fix Debian CLI package link in installation guide * Add tests of browse --actions * Add gh browse --actions flag * chore(deps): bump github.com/gdamore/tcell/v2 from 2.13.1 to 2.13.2 gh-2.88.0-bp157.2.18.1.src.rpm gh-2.88.0-bp157.2.18.1.x86_64.rpm gh-bash-completion-2.88.0-bp157.2.18.1.noarch.rpm gh-fish-completion-2.88.0-bp157.2.18.1.noarch.rpm gh-zsh-completion-2.88.0-bp157.2.18.1.noarch.rpm gh-2.88.0-bp157.2.18.1.i586.rpm gh-2.88.0-bp157.2.18.1.aarch64.rpm gh-2.88.0-bp157.2.18.1.ppc64le.rpm gh-2.88.0-bp157.2.18.1.s390x.rpm openSUSE-2026-90 moderate openSUSE Backports SLE-15-SP7 Update This update for ansible-sap-launchpad fixes the following issues: Refactor Ansible Modules and adjust for ansible-core 2.19. - 1.3.1 - Bugfixes: - collection: Add ansible-test sanity workflow and fix sanity errors - 1.3.0 - Changes: - collection: Refactor all Ansible Modules - sap_software_download: Update for ansible-core 2.19 - Bugfixes: - sap_software_download: Fix for failed checksums not correctly retrying ansible-sap-launchpad-1.3.1-bp157.2.6.1.noarch.rpm ansible-sap-launchpad-1.3.1-bp157.2.6.1.src.rpm openSUSE-2026-85 important openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: - Chromium 146.0.7680.80: * CVE-2026-3909: Out of bounds write in Skia (boo#1259659) - Chromium 146.0.7680.75: * CVE-2026-3910: Inappropriate implementation in V8 (boo#1259648) - Chromium 146.0.7680.71 (released 2026-03-11) (boo#1259530) * CVE-2026-3913: Heap buffer overflow in WebML * CVE-2026-3914: Integer overflow in WebML * CVE-2026-3915: Heap buffer overflow in WebML * CVE-2026-3916: Out of bounds read in Web Speech * CVE-2026-3917: Use after free in Agents * CVE-2026-3918: Use after free in WebMCP * CVE-2026-3919: Use after free in Extensions * CVE-2026-3920: Out of bounds memory access in WebML * CVE-2026-3921: Use after free in TextEncoding * CVE-2026-3922: Use after free in MediaStream * CVE-2026-3923: Use after free in WebMIDI * CVE-2026-3924: Use after free in WindowDialog * CVE-2026-3925: Incorrect security UI in LookalikeChecks * CVE-2026-3926: Out of bounds read in V8 * CVE-2026-3927: Incorrect security UI in PictureInPicture * CVE-2026-3928: Insufficient policy enforcement in Extensions * CVE-2026-3929: Side-channel information leakage in ResourceTiming * CVE-2026-3930: Unsafe navigation in Navigation * CVE-2026-3931: Heap buffer overflow in Skia * CVE-2026-3932: Insufficient policy enforcement in PDF * CVE-2026-3934: Insufficient policy enforcement in ChromeDriver * CVE-2026-3935: Incorrect security UI in WebAppInstalls * CVE-2026-3936: Use after free in WebView * CVE-2026-3937: Incorrect security UI in Downloads * CVE-2026-3938: Insufficient policy enforcement in Clipboard * CVE-2026-3939: Insufficient policy enforcement in PDF * CVE-2026-3940: Insufficient policy enforcement in DevTools * CVE-2026-3941: Insufficient policy enforcement in DevTools * CVE-2026-3942: Incorrect security UI in PictureInPicture chromedriver-146.0.7680.80-bp157.2.133.1.x86_64.rpm chromium-146.0.7680.80-bp157.2.133.1.nosrc.rpm chromium-146.0.7680.80-bp157.2.133.1.x86_64.rpm chromedriver-146.0.7680.80-bp157.2.133.1.aarch64.rpm chromium-146.0.7680.80-bp157.2.133.1.aarch64.rpm chromedriver-146.0.7680.80-bp157.2.133.1.ppc64le.rpm chromium-146.0.7680.80-bp157.2.133.1.ppc64le.rpm openSUSE-2026-87 important openSUSE Backports SLE-15-SP7 Update This update for python-simpleeval fixes the following issues: - CVE-2026-32640: Objects (including modules) can leak dangerous modules through to direct access inside the sandbox (boo#1259685) python-simpleeval-0.9.13-bp157.2.3.1.src.rpm python311-simpleeval-0.9.13-bp157.2.3.1.noarch.rpm openSUSE-2026-88 critical openSUSE Backports SLE-15-SP7 Update This update for krb5-appl fixes the following issues: - CVE-2026-32746: Remote Pre-Auth Buffer Overflow in GNU Inetutils telnetd LINEMODE (boo#1259691) krb5-appl-1.0.3-bp157.2.3.1.src.rpm krb5-appl-clients-1.0.3-bp157.2.3.1.x86_64.rpm krb5-appl-servers-1.0.3-bp157.2.3.1.x86_64.rpm krb5-appl-clients-1.0.3-bp157.2.3.1.i586.rpm krb5-appl-servers-1.0.3-bp157.2.3.1.i586.rpm krb5-appl-clients-1.0.3-bp157.2.3.1.aarch64.rpm krb5-appl-servers-1.0.3-bp157.2.3.1.aarch64.rpm krb5-appl-clients-1.0.3-bp157.2.3.1.ppc64le.rpm krb5-appl-servers-1.0.3-bp157.2.3.1.ppc64le.rpm krb5-appl-clients-1.0.3-bp157.2.3.1.s390x.rpm krb5-appl-servers-1.0.3-bp157.2.3.1.s390x.rpm openSUSE-2026-106 moderate openSUSE Backports SLE-15-SP7 Update This update for libjxl fixes the following issues: - Update to release 0.8.5 (boo#1258090): * fix tile dimension in low memory rendering pipeline [CVE-2025-12474]. - Update to release 0.8.4 * Huffman lookup table size fix [CVE-2024-11403] * Check height limit in modular trees [CVE-2024-11498] libjxl-0.8.5-bp157.2.3.1.src.rpm libjxl-devel-0.8.5-bp157.2.3.1.x86_64.rpm libjxl-tools-0.8.5-bp157.2.3.1.x86_64.rpm libjxl0_8-0.8.5-bp157.2.3.1.x86_64.rpm gdk-pixbuf-loader-jxl-0.8.5-bp157.2.3.1.x86_64.rpm gimp-plugin-jxl-0.8.5-bp157.2.3.1.x86_64.rpm jxl-thumbnailer-0.8.5-bp157.2.3.1.noarch.rpm libjxl-gtk-0.8.5-bp157.2.3.1.src.rpm libjxl-devel-0.8.5-bp157.2.3.1.i586.rpm libjxl-tools-0.8.5-bp157.2.3.1.i586.rpm libjxl0_8-0.8.5-bp157.2.3.1.i586.rpm libjxl0_8-32bit-0.8.5-bp157.2.3.1.x86_64.rpm gdk-pixbuf-loader-jxl-0.8.5-bp157.2.3.1.i586.rpm gimp-plugin-jxl-0.8.5-bp157.2.3.1.i586.rpm libjxl-devel-0.8.5-bp157.2.3.1.aarch64.rpm libjxl-tools-0.8.5-bp157.2.3.1.aarch64.rpm libjxl0_8-0.8.5-bp157.2.3.1.aarch64.rpm libjxl0_8-64bit-0.8.5-bp157.2.3.1.aarch64_ilp32.rpm gdk-pixbuf-loader-jxl-0.8.5-bp157.2.3.1.aarch64.rpm gimp-plugin-jxl-0.8.5-bp157.2.3.1.aarch64.rpm libjxl-devel-0.8.5-bp157.2.3.1.s390x.rpm libjxl-tools-0.8.5-bp157.2.3.1.s390x.rpm libjxl0_8-0.8.5-bp157.2.3.1.s390x.rpm gdk-pixbuf-loader-jxl-0.8.5-bp157.2.3.1.s390x.rpm gimp-plugin-jxl-0.8.5-bp157.2.3.1.s390x.rpm openSUSE-2026-94 important openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: - Chromium 146.0.7680.153 (boo#1259964): * CVE-2026-4439: Out of bounds memory access in WebGL * CVE-2026-4440: Out of bounds read and write in WebGL * CVE-2026-4441: Use after free in Base * CVE-2026-4442: Heap buffer overflow in CSS * CVE-2026-4443: Heap buffer overflow in WebAudio * CVE-2026-4444: Stack buffer overflow in WebRTC * CVE-2026-4445: Use after free in WebRTC * CVE-2026-4446: Use after free in WebRTC * CVE-2026-4447: Inappropriate implementation in V8 * CVE-2026-4448: Heap buffer overflow in ANGLE * CVE-2026-4449: Use after free in Blink * CVE-2026-4450: Out of bounds write in V8 * CVE-2026-4451: Insufficient validation of untrusted input in Navigation * CVE-2026-4452: Integer overflow in ANGLE * CVE-2026-4453: Integer overflow in Dawn * CVE-2026-4454: Use after free in Network * CVE-2026-4455: Heap buffer overflow in PDFium * CVE-2026-4456: Use after free in Digital Credentials API * CVE-2026-4457: Type Confusion in V8 * CVE-2026-4458: Use after free in Extensions * CVE-2026-4459: Out of bounds read and write in WebAudio * CVE-2026-4460: Out of bounds read in Skia * CVE-2026-4461: Inappropriate implementation in V8 * CVE-2026-4462: Out of bounds read in Blink * CVE-2026-4463: Heap buffer overflow in WebRTC * CVE-2026-4464: Integer overflow in ANGLE - fix INSTALL.sh (upstream changed CHANNEL to channel in wrapper) chromedriver-146.0.7680.153-bp157.2.136.1.x86_64.rpm chromium-146.0.7680.153-bp157.2.136.1.nosrc.rpm chromium-146.0.7680.153-bp157.2.136.1.x86_64.rpm chromedriver-146.0.7680.153-bp157.2.136.1.aarch64.rpm chromium-146.0.7680.153-bp157.2.136.1.aarch64.rpm chromedriver-146.0.7680.153-bp157.2.136.1.ppc64le.rpm chromium-146.0.7680.153-bp157.2.136.1.ppc64le.rpm openSUSE-2026-101 moderate openSUSE Backports SLE-15-SP7 Update This update for claws-mail fixes the following issues: - Update to 4.4.0: * Several updates to strings and icons. * The word 'Write' is now used in place of 'Compose'. e.g. 'Write email'; 'Write' preferences page, etc. * Hide Message List's horizontal scrollbar by default if not using GENERIC_UMPC. * Added a new hidden preference, 'mainwin_toolbar_always_enable_actions', (turned off by default). Activating this option means that toolbar items bound to user Actions (in the main window) will be active even when no messages are selected. * Navigation using the numpad arrow keys is now possible. * A new Colour preference has been added: 'Messages marked for moving or deletion'. This is used when 'execute immediately' is switched off. * Compose window: When re-editing a drafted message, the user will now be prompted to save any changes made to the message headers. * Compose window: when the contents of a header field are cleared, the Clear button becomes a Delete button, enabling the now empty row to be removed completely. * Folder properties: two new options to handle HTML content have been added to the General page: 'Render HTML messages as text' and 'Render HTML messages with plugin if possible'. * Folder properties: a new option, 'Show tags' has been added. This controls whether any message tags are displayed at the top of the Message View. * SpamAssassin: updated third-party code to 4.0.1. * Mail Archiver: added support for Zstandard compression (zstd) (libarchive >= 3.4.0 required). * RSSyl: the default User-Agent string has been changed to ClawsMailRSSyl/$VERSION ($URL); this can be changed in the plugin's preferences, and can be further set on a per-feed basis on the 'Feed properties' page. * RSSyl: added a preference so that feeds configured for manual updates only are not updated when refreshing all feeds (recursively by the context menu, timer or at start-up, if enabled). * RSSyl: store and send ETag and Last-Modified headers. * RSSyl: postpone auto-updates if the server sends a Retry-After: header. A successful manual update clears the Retry-After value. * PGP: display a specific message, ("This key is not in your keyring") in the NoticeView area when a key is not in the keyring. * PGP: added an option to automatically locate missing keys when sending encrypted messages. * PGP: a missing key can now optionally be retrieved by clicking the NoticeView icon. * PGP: added a 'Search for PGP key' context menu item to email addresses in the Message View. * Notification: Ayatana indicator can now be configured to limit notifications to certain folders only. * Notification: added 'Open address book' entry to Ayatana indicator's tray menu. * Configuration is now stored in a dedicated file: oauth2rc, located in the configuration directory. This file allows a user to accommodate an API change by a service provider, or to add a completely new Oauth2-based email provider of their choice. Setting protected=1 within an edited or bespoke block protects it from being overwritten by a new version of Claws Mail. * GnuTLS >= 3.4.0 is now the minimum requirement. * libetpan >= 1.9.4 is now the minimum requirement. * dbus-glib support has been migrated to GDBus (GIO) >= 2.26 and D-Bus (>= 0.60). * The summary of the configure output has been completed. * A new hidden preference has been added: "show_contact_pic". When viewing a message, if the sender is in your address book and you have saved a picture for the contact there, this option will display that picture unless the Header Pane is displayed or you have chosen not to display (X-)Face or "enable_avatars" is set to '0'. If you have a large address book it is recommended that you leave this option turned off to avoid delays in displaying messages. * The wizard now uses secure defaults. * Various code cleanups, fixes, and enhancements. * The English, French and Spanish manuals have been updated. * Updated translations: British English, Catalan, Czech, Dutch, French, German, Romanian, Slovak, Spanish, Swedish, Turkish. * bug fixes: * bug 4498, 'About window resizing issues' * bug 4586, 'PDF Viewer view breaks in Three Column layout' * bug 4764, 'Wrapped UTF8 encoded subject line displayed with nonexistent quotation marks' * bug 4834, 'Long email addresses in vCalendar invites cause the attachments bar on the right side to be hidden until restart' * bug 4841, 'qutoted-printable encoding breaks text/html file with extraordinarily long lines, base64 does not' * bug 4846, 'Preferences-> Toolbars: always show icon preview on button' * bug 4848, 'The new ayatana tray icon displays no icon when there are new messages' * bug 4850, 'Show error dialog on receive error translation' * bug 4852, 'Cancel messages contain Approved-header' * bug 4854, 'auto-wrapping off not respected when using external editor' * bug 4856, 'Build fails with gettext 0.24' * bug 4863, 'Account Preferences Minor UI inconsistency' * bug 4882, 'IMAP can not use client certificate with passphrase' * bug 4887, 'Dillo processes are not killed when an HTML message is no longer being viewed' * bug 4893, 'Clamd plugin not checking any mail' * bug 4897, ''small screen' view: crash when exiting view message list after deleting all messages/mails in folder.' * bug 4898, 'When entering folder message list is not scrolling to selected message' * bug 4902, 'memory leak in the spam_report plug-in' * bug 4930, 'remove duplicate signature flag from MimeView' * bug 4931, 'avoid memory leak in summary_set_header' * fix bug where viewing msgs in the separate msg view are not marked as read when the msgview panel is hidden * litehtml plugin build failure on Windows * 'Save email as...' from the separate message view would save whatever was selected in the summaryview rather than what was open in the message view. * when message view is closed 1. select a msg; 2. hit [v] (key), 3. open the mime structure list 4. select a part in the structure tree 5. hit [v] --[crash]-- * fix header pane bug whereby a very long header value would push the mime icons panel out of the visible area. * do not attempt to delete a tag from list when the edit tag entry has focus. - Enable vcalendar plugin default - adjust gpgme dependencies for future-proofing claws-mail-4.4.0-bp157.2.6.1.src.rpm claws-mail-4.4.0-bp157.2.6.1.x86_64.rpm claws-mail-devel-4.4.0-bp157.2.6.1.x86_64.rpm claws-mail-lang-4.4.0-bp157.2.6.1.noarch.rpm claws-mail-4.4.0-bp157.2.6.1.aarch64.rpm claws-mail-devel-4.4.0-bp157.2.6.1.aarch64.rpm claws-mail-4.4.0-bp157.2.6.1.ppc64le.rpm claws-mail-devel-4.4.0-bp157.2.6.1.ppc64le.rpm claws-mail-4.4.0-bp157.2.6.1.s390x.rpm claws-mail-devel-4.4.0-bp157.2.6.1.s390x.rpm openSUSE-2026-102 important openSUSE Backports SLE-15-SP7 Update This update for python-pydicom fixes the following issues: - CVE-2026-32711: path traversal in FileSet/DICOMDIR ReferencedFileID can allow file access outside the File-set root (boo#1259973) python-pydicom-2.3.1-bp157.2.3.1.src.rpm python3-pydicom-2.3.1-bp157.2.3.1.noarch.rpm python311-pydicom-2.3.1-bp157.2.3.1.noarch.rpm openSUSE-2026-95 important openSUSE Backports SLE-15-SP7 Update This update for python-cbor2 fixes the following issues: - CVE-2026-26209: Fixed uncontrolled recursion via crafted CBOR payloads that could cause a denial of service (boo#1260367) python-cbor2-5.5.1-bp157.2.6.1.src.rpm python311-cbor2-5.5.1-bp157.2.6.1.x86_64.rpm python311-cbor2-5.5.1-bp157.2.6.1.i586.rpm python311-cbor2-5.5.1-bp157.2.6.1.aarch64.rpm python311-cbor2-5.5.1-bp157.2.6.1.ppc64le.rpm python311-cbor2-5.5.1-bp157.2.6.1.s390x.rpm openSUSE-2026-97 important openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: - Chromium 146.0.7680.164 (boo#1260376) * CVE-2026-4673: Heap buffer overflow in WebAudio * CVE-2026-4674: Out of bounds read in CSS * CVE-2026-4675: Heap buffer overflow in WebGL * CVE-2026-4676: Use after free in Dawn * CVE-2026-4677: Out of bounds read in WebAudio * CVE-2026-4678: Use after free in WebGPU * CVE-2026-4679: Integer overflow in Fonts * CVE-2026-4680: Use after free in FedCM chromedriver-146.0.7680.164-bp157.2.139.1.x86_64.rpm chromium-146.0.7680.164-bp157.2.139.1.nosrc.rpm chromium-146.0.7680.164-bp157.2.139.1.x86_64.rpm chromedriver-146.0.7680.164-bp157.2.139.1.aarch64.rpm chromium-146.0.7680.164-bp157.2.139.1.aarch64.rpm chromedriver-146.0.7680.164-bp157.2.139.1.ppc64le.rpm chromium-146.0.7680.164-bp157.2.139.1.ppc64le.rpm openSUSE-2026-98 important openSUSE Backports SLE-15-SP7 Update This update for python-nltk fixes the following issues: - CVE-2026-33230: reflected cross-site scripting issue in the `lookup_...` route (boo#1260066) - CVE-2026-33231: unauthenticated remote shutdown of the local WordNet Browser HTTP server when it is started in its default mode (boo#1260067) - CVE-2026-33236: Attackers can control a remote XML index server to provide malicious values containing path traversal sequences (boo#1260068) python-nltk-3.7-bp157.3.9.1.src.rpm python3-nltk-3.7-bp157.3.9.1.noarch.rpm openSUSE-2026-103 important openSUSE Backports SLE-15-SP7 Update This update for v2ray-core fixes the following issues: - Update version to 5.47.0 * Add sticky choice option for leastping * Add support for enrollment links in tlsmirror * Add Wireguard Outbound (unreleased) * Add sticky choice option for leastping * Generalize IP address parsing in TUN stack options * Fix bugs - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2 :path pseudo-header (boo#1260329) - Update version to 5.44.1 * uTLS: bundled library updated to v1.8.2 for Chrome120 imitation profile identification * Update golang toolchain to v1.25.6, which fixed an vulnerable (tls.Config).Clone function * Fix bugs - Update version to 5.42.0 * Add TLSMirror bootstrap enrollment and self enrollment feature * TLSMirror Inverse Role Request Tripper Enrollment Server Support - CVE-2025-47911: v2ray-core: golang.org/x/net/html: various algorithms with quadratic complexity when parsing HTML documents (boo#1251404) * Update golang.org/x/net to 0.45.0 in vendor - Update version to 5.38.0 * TLSMirror Connection Enrollment System * Add TLSMirror Sequence Watermarking * LSMirror developer preview protocol is now a part of mainline V2Ray * proxy dns with NOTIMP error * Add TLSMirror looks like TLS censorship resistant transport protocol as a developer preview transport * proxy dns with NOTIMP error * fix false success from SOCKS server when Dispatch() fails * HTTP inbound: Directly forward plain HTTP 1xx response header * add a option to override domain used to query https record * Fix bugs * Update vendor golang-github-v2fly-v2ray-core-5.47.0-bp157.2.6.1.noarch.rpm v2ray-core-5.47.0-bp157.2.6.1.src.rpm v2ray-core-5.47.0-bp157.2.6.1.x86_64.rpm v2ray-core-5.47.0-bp157.2.6.1.i586.rpm v2ray-core-5.47.0-bp157.2.6.1.aarch64.rpm v2ray-core-5.47.0-bp157.2.6.1.ppc64le.rpm v2ray-core-5.47.0-bp157.2.6.1.s390x.rpm openSUSE-2026-99 important openSUSE Backports SLE-15-SP7 Update This update for glusterfs fixes the following issues: - Update to release 11.2 * Next minor release tentative date: Release will be based on requirement only * Users are highly encouraged to upgrade to newer releases of GlusterFS. * Important fixes in this release - Regression suite tests failures are addressed - Fixed notify stack-based buffer over-read (boo#1208519, CVE-2023-26253) - Update to release 11.1 * Fix upgrade issue by reverting posix change related to storage.reserve value * Fix possible data loss during rebalance if there is any linkfile on the system - Disable IO_uring for now [boo#1210894] - Update to release 11 [boo#1208517] [boo#1208519] * Major performance impovement of ~36% with rmdir operations * Extension of ZFS support for snapshots * Qouta implimentation based on namespace * Major cleanups and readdir/readdirp improvements * Fixed use-after-free in dht_setxattr_mds_cbk (CVE-2022-48340) - Update to release 10.2 * Some 165 bugfixes with none particularly sticking out glusterfs-11.2-bp157.2.3.1.src.rpm glusterfs-11.2-bp157.2.3.1.x86_64.rpm glusterfs-devel-11.2-bp157.2.3.1.x86_64.rpm libgfapi0-11.2-bp157.2.3.1.x86_64.rpm libgfchangelog0-11.2-bp157.2.3.1.x86_64.rpm libgfrpc0-11.2-bp157.2.3.1.x86_64.rpm libgfxdr0-11.2-bp157.2.3.1.x86_64.rpm libglusterfs0-11.2-bp157.2.3.1.x86_64.rpm python3-gluster-11.2-bp157.2.3.1.noarch.rpm glusterfs-11.2-bp157.2.3.1.i586.rpm glusterfs-devel-11.2-bp157.2.3.1.i586.rpm libgfapi0-11.2-bp157.2.3.1.i586.rpm libgfchangelog0-11.2-bp157.2.3.1.i586.rpm libgfrpc0-11.2-bp157.2.3.1.i586.rpm libgfxdr0-11.2-bp157.2.3.1.i586.rpm libglusterfs0-11.2-bp157.2.3.1.i586.rpm glusterfs-11.2-bp157.2.3.1.aarch64.rpm glusterfs-devel-11.2-bp157.2.3.1.aarch64.rpm libgfapi0-11.2-bp157.2.3.1.aarch64.rpm libgfchangelog0-11.2-bp157.2.3.1.aarch64.rpm libgfrpc0-11.2-bp157.2.3.1.aarch64.rpm libgfxdr0-11.2-bp157.2.3.1.aarch64.rpm libglusterfs0-11.2-bp157.2.3.1.aarch64.rpm glusterfs-11.2-bp157.2.3.1.ppc64le.rpm glusterfs-devel-11.2-bp157.2.3.1.ppc64le.rpm libgfapi0-11.2-bp157.2.3.1.ppc64le.rpm libgfchangelog0-11.2-bp157.2.3.1.ppc64le.rpm libgfrpc0-11.2-bp157.2.3.1.ppc64le.rpm libgfxdr0-11.2-bp157.2.3.1.ppc64le.rpm libglusterfs0-11.2-bp157.2.3.1.ppc64le.rpm glusterfs-11.2-bp157.2.3.1.s390x.rpm glusterfs-devel-11.2-bp157.2.3.1.s390x.rpm libgfapi0-11.2-bp157.2.3.1.s390x.rpm libgfchangelog0-11.2-bp157.2.3.1.s390x.rpm libgfrpc0-11.2-bp157.2.3.1.s390x.rpm libgfxdr0-11.2-bp157.2.3.1.s390x.rpm libglusterfs0-11.2-bp157.2.3.1.s390x.rpm openSUSE-2026-108 moderate openSUSE Backports SLE-15-SP7 Update This update for obs-service-set_version fixes the following issues: - Update to version 0.6.6: * Hardcode "0" as release for PKGBUILD as well - expand __python3 with python3 to work outside suse rpm packaging - Update to version 0.6.5: * Update spec file to the one used in the packaging * Move revision detection into _revision_detect - Fix shebang of the script to use the explicit version of Python (boo#1212476). - Update to version 0.6.4: * Treat LegacyVersion as InvalidVersion * Add testing python 3.10 - 3.12 - Update to version 0.6.3: * [dist] import spec file from O:S:U * Mute warning about missing EMAIL env variable in unit tests * Fix unit tests * Replace invalid use of os.errno with errno module * Replace @VERSION@ placeholders in .dsc files * Remove usage of deprecated imp module with importlib * Detect revision and set pkgrel for Arch packages - add support for AL2023 - Builds on CentOS_[5678] and possibly other distros failed because their 'rpm' didn't recognize the "Recommends:" tag. I've wrapped that tag in an "%if 0%{?suse_version}" to work around it. Build is now passing on the CentOS distros. - Update to version 0.6.2: * Avoid the Flake8 warning and restore conditional import - Update to version 0.6.1: * Handle already converted versions gracefully * Flake8 fixes (missing import) * Test python3 by default - Update to version 0.6.0: * Test against Python 3.10 which is the Tumbleweed default * Remove TravisCI - we switched to GitHub Actions * handle removed packaging.version.LegacyVersion (Fixes #83) - simplifiy conditions for all rhel like distros to skip testsuite - Update to version 0.5.14: * changed debugging output to logging module * Explicitely specifying --fromfile should win over .obsinfo * Add new switch --fromfile * Add zst to recognized suffixes (zstd support) - Update to version 0.5.13: * add license file * fixing suffixes - remove backslashes * fix suffixes to begin with a dot * enhanced debug mode * tests for directory pristine-tar - Update to version 0.5.12: * debian: set script shebang to python3 * debian: add python3 as a runtime dependency * conditionally define PYTHON in Makefile * debian: use python3 for building * try to fix set_version:157:13: E117 over-indented (comment) - Modified .spec file to better suit Fedora OS (let's just assume all Fedora versions has python 3) - Update to version 0.5.11: * try to fix set_version:157:13: E117 over-indented (comment) - enable test suite by default * if it does not build, it can also not be executed on the distro - fix requires for SLE 12 distro - Changed source files to support python 3 - fix for Fedora 30/Rawhide - for now obs_scm_testsuite only for > 1315, needed python stuff not available otherwise - Update to version 0.5.11: * fix code to pass flake8 tests for python3 * fix zipfile crash also for python2.7 * avoid error with latest flake8 about unused variable * allow running tests with python3 * second place where zip file handling can crash * avoid crashes due to false is_zipfile() response * Add python-flake8 to test suite package list * Fix indentation of condition * Fix basename to match documentation (#54) - Update to version 0.5.10: * fix zipfile crash also for python2.7 - Wrap make check in bcond obs_scm_testsuite - Update to version 0.5.9: * avoid crashes due to false is_zipfile() response - enable test suite - Update to version 0.5.8: * fixes boo#1072359 * code cleanup and some refactoring * cli options --debug and --regex * new targets (test/clean) for Makefile * initial .gitignore * Mention that tests may take some time in README.md * Fix pip/zypper tests for python3 * enforce files to be decoded as UTF-8 * Don't let version check get beyond path boundary * Slightly reorganize README.md file - add requires to python3, since Leap 15.0 still does not have the fileprovides - Update to version 0.5.7: * added gitignore * added target 'clean' in Makefile * Added new target 'test' to Makefile * fix flake8 error 'do not use bare except' * Reverting patch for setlocale as it breaks in containers - Update to version 0.5.7: * workaround for python3 locale problems in factory * add a hint to flake8 * satisfy flake8 * skip also sha256sums check for Arch - switch to python3 for less ancient distros - Avoid half-converting Debian native pkgs to non-native pkgs - Simplify the pip version handling - travis: Do not use "--use-mirrors" when using pip - travis: Test python 3.6 - try to avoid python-packaging to support non-SUSE distros - Update to version 0.5.6: * strip \n from version in obsinfo - Update to version 0.5.5: * read version from .obsinfo file if available * Add support for Collax build recipes - Update to version 0.5.4: * support obscpio archives * do not strip release number in debian, but setting it back - Update to version 0.5.3: * VersionDetector._autodetect: prioritize the directory name over the file name - Update to version 0.5.3: * Don't add unconverted_version unconditionally - Update to version 0.5.3: + Use old version from testing data instead of hardcoding + Fix replacement of empty tags + Fix empty version checks for debian/changelog + fix when switching from .dev to non-dev version - Update to version 0.5.3: + Set pkgver and pkgrel for PKGBUILD files (fixes #21) + Fix python3 compat - Update to version 0.5.2: + fix it ... it only worked with "disabledrun" mode by luck - Update to version 0.5.1: + Make python-packaging runtime dep optional + Fix %setup handling for python spec files - Recommends python-packaging - Require python-packaging - Update to version 0.5.0: + Add Makefile with install target + Change debian source format to 'native' + Fix tar file detection for PKGBUILD + Add Testsuite and README.md + - empty dummy commit to test travis hook + Disable py26, enable py{33,34} for tests + Add basic test for debian changelogs + Add travis build status image to README + Also do negative test for debian/changelog + Move testdata to .json files + Move _write_tarfile() to base test class + Remove python 2.6 compat import + Reuse test data for debian changelog tests + Rewrite set_version in python + Install devscripts in travis-ci test env + Restructure version detection code + Allow files in test tarballs + Add package type detection for python + Add version converter for python packages + Run python version converter tests with dpkg + Add function to add or replace a %define + Fix problem with replacing tags in spec files + Add function to replace %{version} in %setup + Add custom line support for _write_specfile func + Finally use version conversion for python packages + Skip some tests if zypper or dpkg are unavailable + Use python binary from virtualenv - Update to version 0.4.2: + Release 0.4.2 - Update Debian changelog - Update to version 0.4.2: + the extension needs to be \. + test with defined() at ./set_version line 118. + Fix processing of --file parameter + Add support for setting the version in debian.changelog + Sort local file list based on modification time (newest first) - Update to version 0.4.1: + Add support to automatically detect version based on Debian changelog file + Initial debianization + Handle PKGBUILD files generated by services - Update to version 0.4.1: + - drop old bash version + - fix PKGBUILD version setting + fix help text + support detection from tar ball content + use warnings pragma + - replace bash script with a more secure perl version + fix urgent quoting bugs + Be more liberal in root-dir version detection - Update to version 0.4.1: + - drop old bash version + - fix PKGBUILD version setting + fix help text - Update to version 0.4.0: + support detection from tar ball content + use warnings pragma - Update to version 0.4.0: This is a rewrite in perl This fixes also a sed commandline injection (boo#866966 CVE-2014-0593) - Update to version 0.3.3: + ERROR: git log --pretty=format:%s --no-merges 4b090f0cad..4fc9fcb0c2 failed; aborting! - Update to version 0.3.3: + - drop two echo lines which can be used to run random commands - Update to version 0.3.2: + Be more liberal in root-dir version detection - Update to version 0.3.1: + Check tarball content's root-dir for version + Use a for-loop for different endings - Move service to github.com/openSUSE/obs-service-set_version - Add _service file to update package from there - Drop local sources and use tarball from source services - Take Debian version and revision number from debian.changelog file - add support for PKGBUILD aka Arch Linux files - Preserve whitespaces in Version: and Requires: lines - only change the first occurrence of Version: header - output useful info during run - when auto-detecting the version, use the newest matching file - patch License to follow spdx.org standard - add --basename to usage help text - do not delete mandriva/fedora macros in release when reset the release number - support detecting the version from *.tbz2 files - initial package of service - fix set version, when also release number is reset obs-service-set_version-0.6.6-bp157.2.1.noarch.rpm obs-service-set_version-0.6.6-bp157.2.1.src.rpm openSUSE-2026-109 moderate openSUSE Backports SLE-15-SP7 Update This update for obs-service-recompress, obs-service-tar_scm fixes the following issues: Changes in obs-service-tar_scm: - Update to version 0.11.0: * Replace deprecated ConfigParser.readfp() with read_file() * Remove six from all metadata as well. * Convert all six.assertRaisesRegex to the standard library self. form. * Remove encoding of the first parameter of subprocess.Popen - Update to version 0.10.53: * Add new --extract-rename option * debian: recommend on brz instead of depending on bzr - Update to version 0.10.52: * [archive] fix include/exclude glob to regex conversion - Update to version 0.10.51: * [core] new options `--include-re/--exclude-re` * [tests] disable test_tar_exclude_re and fix warnings * [core] revert removal of fnmatch - Update to version 0.10.50: * remove check if obsinfo is None from tar service - Update to version 0.10.49: * add test case to exclude with regex * disable partial clone if started by osc * refactor TarSCM.archive to unify exclude mechanism * fix testsuite * Sync spec file with the one in package * improve doc in *.service * change python version for github workflow * fix KankuFile * disabling test cases for bzr and hg * fix excludes for obscpio * Add test for the new changes entry format * Include real name in generated changelog entries * unset git global configs * fix syntax of spec file - use the python-flavor for requires, not python3 so that build service can determine dependencies properly - Update to version 0.10.46: * [dist] fix BuildRequires for older distros like SLE12 - Update to version 0.10.45: * [dist] fix shebang substitution in spec for py2 - Update to version 0.10.44: * import submit request change * Support updating submodules to main branch * do not skip "--reference" if package-meta ... * cpio: Do not follow symlinks in 'touch' * Support URL hostname in keyring * gbp: use --git-export * Update debian/changelog for 0.10.43 * disable compile python in debian package * update dist/debian.dsc to match debian packaging * Update debian debhelper dependency * Fix description-synopsis-starts-with-article * Fix priority-extra-is-replaced-by-priority-optional * Debian compat from 8 to 10 * Debian X-Python version no longer needed * Fix Lintian error about missing python3 dep * enable the GBP service * Fixed filtering of include/exclude when topdir has escape characters. * Fix setting svn credentials in the command line - update to version 0.10.44: * Support updating submodules to main branch * Debian packaging for gbp service * do not skip "--reference" if package-meta is enabled and git's partial clone is used. * Fixed filtering of include/exclude when topdir has escape characters. * Fix setting svn credentials in the command line * cpio: Do not follow symlinks in 'touch' * Support URL hostname in keyring * debian package updates - "Downgrade" bzr, mercurial and subversion Recommends to Suggests. - Fix shebang of the script to use the explicit version of Python (boo#1212476). - Update to version 0.10.43: * Allow to use "tar" service also standalone. - add support for AL2023 - Update to version 0.10.41: * fix for python2 - Update to version 0.10.40: * [dist] updated debian changelog * Add Python 3.12 to GitHub Actions * Switch from ConfigParser.readfp to ConfigParser.read_string - Update to version 0.10.39: * Add gpg as a dependency (needed for gpg validation) - Update to version 0.10.38: * Python 2 is no longer supported by GitHub actions, stop testing it * FD leak / flake8 / py311 fixes * updated debian files * disabled pylint 'no-member' because of false positives in py311 * removed unittest2 from BuildRequires in spec * fixed fixtures and new Exception class * updated KankuFile to Tumbleweed and removed python2 tests - Update to version 0.10.36: * fix broken tar ball from 0.10.35 release - Update to version 0.10.35 * Avoid getting confused by _scmsync.obsinfo files - Update to version 0.10.34.1667392550.026bf0e: * Fix testing in GH actions * make linters happy again * new find_latest_signed_commit algorithm - Update to version 0.10.33.1664344889.48d1960: * check if lock is older than 24 hours - Update to version 0.10.32.1662712308.31d1884: * [dist] added Requires to python_path * improve tar service to handle multiple obsinfo files to create tarball from obscpio * new ENV 'TAR_SCM_SKIP_CLEANUP' to make test development/debugging easier * staple pylint version lower than 2.14 because of breaking changes in config * do not use python mock * fix pylint errors in commontests.py * Fixed testing * use extra cache dir for partial clone * fix cache update in case of partial clone * disable partial clone when subdir is set * do not set default subdir to '.' * fixes to pass pylint * enable partial clone feature in git scm * partial clone feature * simplify locking to avoid race conditions * TarSCM.cli: set some defaults to make usage in testing easier * unlink .lock file after unlocking the cache - Update to version 0.10.30.1641993356.a87e7af: * Simplifiy conditions for all rhel like distros * Changed gendered pronoun to be gender neutral - Update to version 0.10.30.1641990734.bdad8f9: * fixes for python2.7 compatibility * fix test cases * fix various linter problems with pylint 2.11.1 * disable consider-using-f-string in pylint * added TC for _stash_pop_required * assertTarIsDeeply now more verbose in case of failure * remove tearDown/Trace from testenv.py * fix regression to keep local changes when running in osc * various fixes to make linter happy * fix tests for python 2.7 - Update to version 0.10.29.1634038025.85bfc3f: * fix test cases * fix various linter problems with pylint 2.11.1 * disable consider-using-f-string in pylint * added TC for _stash_pop_required * assertTarIsDeeply now more verbose in case of failure * remove tearDown/Trace from testenv.py * fix regression to keep local changes when running in osc - Update to version 0.10.28.1632141620.a8837d3: * fix missing "checkout" when running in osc * fix breakage on version detection * change locale - Update to version 0.10.27.1626072657.0fb7a03: * [ci] enhanced github actions for multiple python versions * Create main.yml * Change date format from short to %Y%m%d. - Update to version 0.10.26.1624258505.aed4969: * almalinux in spec file * fix include filters for obscpio files * fix python interpreter for mageia 8 * TarScm: use owner/group root in .obscpio files - Update to version 0.10.26.1623775884.87f49a8: * fixed include/exclude filtering * add '--' to git log command if file/dir equal revision exists * add '--source' to git log command * disabled consider-using-with in .pylint*rc * package .gitignore files * Fix version _none_ generate tarball with '-' * Prevent KeyError in check_for_branch_request method * removed skipped test case (obsolete since 5 yrs) * testing for obscpio/obsinfo * fix regression - obsinfo included the version string * Revert "remove useless variables" * remove useless variables * added param --without-version * extracted dstname to _dstname * cleanup TarSCM/tasks.py for pylint * add date/time to logging output for better debugging * Fix typos - Update to version 0.10.22.1615538418.07a353d: * Fix filelist: align config(noreplace) usage with obs-service-download_files * Support gitlab/github merge requests - Update to version 0.10.21.1612422695.2fdf897: * fixes boo#1127353 * fixes boo#1168573 * activate pylint3.8 and fixed false positives * don`t sanitize version if versionrewrite_pattern is set - Update to version 0.10.20.1606128060.135ac94: * fix build for CentOS adn RHEL 8 * filter dirs with "include" filter option - Update to version 0.10.19.1605080719.3b79112: * [dist] prefer python3 over python2 - Update to version 0.10.18.1600256320.569e5be: * add license file (issue 257) * additional option verification * new option '--maintainers-asc' and '--last-signed-tag' * new option '--latest-signed-commit' * Remove superflous ')' in an error message. - Update to version 0.10.16.1595259906.d3308f5: * [dist] updated debian control file for use in OBS - Update to version 0.10.16.1595245235.15a0df2: * Build with python 3 for Debian and Ubuntu * [doc] added allowed urls in documentation of tar_scm.service - remove unused unittest2 dependency - Update to version 0.10.16.1590752286.5c27247: * [dist] fix for gbp/fedora (python*-base) * fix situation when revision has been modified in _service - Update to version 0.10.15.1588842879.5c43eef: * dist: Convert to multibuild; run test suite in a separate flavor - Update to version 0.10.15.1588146746.5cfeeb8: * fix #boo 1168573 (obsservicerun,obsrun) not exists in client side installation * Update debian/changelog for latest version * Helpers: when a command fail, print the command itself too with its output * git: add support for @PARENT_TAG@ in revision * Fix build on non-openSUSE distro - Update to version 0.10.14.1584435160.d912143: * [dist] don't install gbp files by default * [dist] remove python-keyring* from dependcies * [dist] make gbp switchable in spec file - Update to version 0.10.14.1583853599.ccbb399: * support server side credentials for SCM repos - Update to version 0.10.12.1582901608.a1c02c1: * simplify osc git update case a lot * fixing revision usage on a commit hash - Update to version 0.10.12.1582709176.d82a692: * fix lost commits on local run * fix breakage when working on a specific tag/commit * git-lfs should not be mandatory as tar_scm will never use it * Allow use of git-lfs only when running obs_scm * Document _none_ special version in .service * Version cleanup: don't strip hyphen when building Debian packages * Add new archive option for Debian: git-buildpackage * call git stash with LANG=C * improved comment for method get_changesrevision * Add debian package dep to git-lfs * Implement git LFS blobs retrieval - Update to version 0.10.11.1579870213.888e79c: * Add testcase for appimage with empty build section * Handle missing build entry in appimage.yml * Fix --mirror argument position for git clone * Re-enable compatibility with Python 2.6 * fix decoding for locale -a containg non-ASCII * update_cache in git now does merge * prefer local branch over remote * added UnicodeDecodeError to exeption list in archive.py * fetch rev explicitly if using CACHEDIRECTORY and rev could not be found * tar_scm.service.in: Add example to match-tag. - Fix building and installation for CentOS8, RHEL8 and RES8 - Update to version 0.10.10.1566390389.9f923f8: * Revert "Merge pull request #323 from e4t/master" * Make service 'tar' work with a cachedir as well * Fix unit tests for modified scm directory handling * Append '_service' to repository directory * separate language and encoding * git: really print the error message * tar_scm.service: fix exclude documentation * Don`t break testsuite if cwd contains colons * disabling hg tests in travis - Fixes boo#1138377 - Update to version 0.10.9.1559745964.22c86cd: * [dist] python3 for SLE12 and openSUSE 42.3 * [dist] enable python3 in SLE >= 12 * fix encoding error for surrogates * glibc-common was used up to FC23 and RHEL7 * Compile python files before install * change order in GNUMakefile to prefer python3 * More thorought spec file cleanup * predefine python version in spec file for GNUMAkefile * [dist] spec file: python3 only and multidist * Git also uses the LANGUAGE variable * centos_version and rhel_version are triple digits * Minimize diff with the version in openSUSE:Tools * Fix the logic to pick the locale package on Fedora * Forgot the guard 0 in one conditional * Require packages to get the en_US.UTF-8 locales * enforce bytes for cpio file list - Update to version 0.10.9.1559647449.d965035: * [dist] enable python3 in SLE >= 12 - Require external argparse for RHEL6 - Update to version 0.10.9.1557261720.32a1cdb: * fix encoding error for surrogates * glibc-common was used up to FC23 and RHEL7 - Update to version 0.10.8.1556896538.0693a62: * Compile python files before install * change order in GNUMakefile to prefer python3 * More thorought spec file cleanup * predefine python version in spec file for GNUMAkefile - the current guessing code is finding python2 and then uses that, because python2 still seems to be available in the build env, as we already know which python version we want we can just pass the path to make and skip the whole guessing. - Update to version 0.10.7.1556277536.7e9915a: * [dist] spec file: python3 only and multidist * Git also uses the LANGUAGE variable * centos_version and rhel_version are triple digits * Minimize diff with the version in openSUSE:Tools * Fix the logic to pick the locale package on Fedora * Forgot the guard 0 in one conditional - centos_version and rhel_version are triple digits - locally apply fixes from https://github.com/openSUSE/obs-service-tar_scm/pull/298 - Change requirement locale_package to glibc-common to fix building for CentOS6 and CentOS7 - Update to version 0.10.6.1551887937.e42c270: * Require packages to get the en_US.UTF-8 locales - Update to version 0.10.6.1551448746.2759df2: * enforce bytes for cpio file list * fixes boo#1127907 - Update to version 0.10.5.1551309990.79898c7: * Prefer UTF-8 locale as output format for changes - Update to version 0.10.4.1551193322.b7a79f4: * added KankuFile * fix problems with unicode source files * added python-six to Requires in specfile * better encoding handling - Update to version 0.10.1.1550758451.f88bd41: * fixes boo#1082696 and boo#1076410 * more fixes py3 unicode * fix unicode in containers - Update to version 0.10.0.1550647779.25999e8: * fix spec for RH/Fedora - glibc-locale -> glibc-common - Update to version 0.10.0.1550589094.e2ae17d: * move to python3 * add python 3.6 and 3.7 to testing * added logging for better debugging changesgenerate * raise exception if no changesauthor given * removed python 2.6 from travis - Update to version 0.9.5.1548407358.b62685b: * Stop using @opensuse.org addresses to indicate a missing address * move argparse dep to -common package * allow submodule and ssl options in appimage * sync spec file as used in openSUSE:Tools project - Update to version 0.9.5.1545082095.8dbc95f: * [dist] fix service files installation in Makefile - Update to version 0.9.5.1545064321.5c10ac0: * check encoding problems for svn and print proper error msg * added new param '--locale' * separate service file installation in GNUmakefile * added glibc as Recommends in spec file * cleanup for broken svn caches * another fix for unicode problem in obs_scm - Update to version 0.9.5.1544099104.f52adb7: * Final fix for unicode in filenames * Another attempt to fix unicode filenames in prep_tree_for_archive - Update to version 0.9.5.1544015491.08dd948: * Another attempt to fix unicode filenames in prep_tree_for_archive - Update to version 0.9.5.1543865445.4e2fbad: * fix bug with unicode filenames in prep_tree_for_archive * reuse _service*_servicedata/changes files from previous service runs - Update to version 0.9.5.1543588452.b19491f: * fix problems with unicode characters in commit messages for changeloggenerate - Update to version 0.9.5.1543502111.e576bd6: * fix encoding issues if commit message contains utf8 char - Update to version 0.9.5.1543424658.8740ef1: * revert encoding for old changes file - Update to version 0.9.5.1543418966.30359e4: * change pylint/flake8 back to 2.7 for now * remove hardcoded utf-8 encodings - Update to version 0.9.5.1542905297.a6e346a: * make code python3 ready * Add support for extract globbing - Update to version 0.9.4.1537959361.56833cb: * enable flake8 in hound * cleanup for pylint and flake8 * split pylint2 in GNUmakefile * fix check for "--reproducible" * create reproducible obscpio archives * fix flake warning - Update to version 0.9.3.1537869751.51a17c5: * fix regression from 44b3bee * Support also SSH urls for Git - Update to version 0.9.2.1537788075.fefaa74: * fix CVE-2018-12473 (boo#1105361) * fix CVE-2018-12474 (boo#1107507) * fix CVE-2018-12476 (boo#1107944) * check name/version option in obsinfo for slashes * check url for remote url * check symlinks in subdir parameter * check filename for slashes * disable follow_symlinks in extract feature - switch to obs_scm for this package - Update to version 0.9.1.1537341862.5348694: * run download_files in appimage and snapcraft case * check --extract file path for parent dir * Fix parameter descriptions - Update to version 0.9.1.1534504824.0732756: * changed os.removedirs -> shutil.rmtree * Adding information regarding the *package-metadata* option for the *tar* service The tar service is highly useful in combination with the *obscpio* service. After the fix for the metadata for the latter one, it is important to inform the users of the *tar* service that metadata is kept only if the flag *package-metadata* is enabled. Add the flag to the .service file for mentioning that. * Allow metadata packing for CPIO archives when desired As of now, metadata are always excluded from *obscpio* packages. This is because the *package-metadata* flag is ignored; this change (should) make *obscpio* aware of it. - Update to version 0.9.1.1530616709.1329314: * improve handling of corrupt git cache directories * only do git stash save/pop if we have a non-empty working tree (#228) * sort imports * don't allow DEBUG_TAR_SCM to change behaviour (#240) * add stub user docs in lieu of something proper (#238) * [dist] fix build for distros not yet supporting Recommends tag * Remove clone_dir if clone fails * python-unittest2 is only required for the optional make check * move python-unittest2 dep to test suite only part (submission by olh) - Update to version v0.9.0.1523267117.de861d8: * Removing redundant pass statement * fixing indentation warnings from flake8 * fixing flake8 warnings, missing imports * missing import for logging functions. * [backend] Adding http proxy support - python-unittest2 is only required for the optional make check - Update to version 0.8.0.1520581079.e26b0ae: * make installation of scm's optional * add a lot more detail to README * Git clone with --no-checkout in prepare_working_copy * Refactor and simplify git prepare_working_copy * Cleanup flake8 checks * Only use current dir if it actually looks like git (Fixes #202) * reactivate test_obscpio_extract_d * fix broken test create_archive * fix broken tests for broken-links * changed PREFIX in Gnumakefile to /usr * new cli option --skip-cleanup * fix for broken links * fix reference to snapcraft YAML file * fix docstring typo in TarSCM.scm.tar.fetch_upstream * acknowledge deficiencies in dev docs * wrap long lines in README - Update to version 0.8.0.1507129410.0cb2d44: * mention _none_ version string for people who need it for kiwi root archives for example * git: Support url change * change ordering so that latest change is on top * also override timestamps of files in cpio * Sort cpio file list * [dist] fix spec file py_compile for fedora * Sort tar file list - Update to version 0.8.0.1499787575.2419460: * [test] refactor of fake classes * [bugfix] fix UnboundLocalError: local variable 'parent_tag' - Update to version 0.8.0.1499787575.2419460: * [dist] changed to %py_compile in spec file * [bugfix] fixes issue #173 * [bugfix] Decoupled self.scm from class name in TarSCM/scm/* * [lint] make tests/unittestcases.py flake8 ready * [lint] more fixes for pylint readiness * [lint] refactor unittestcases.py * [test] increase cov for TarSCM.archive from 61% to 92% * [doc] added comment to --use-obs-scm * [test] refactor of fake classes * [bugfix] fix UnboundLocalError: local variable 'parent_tag' - hotfix runtime of obs_scm - Update to version 0.8.0.1498846582.8799787: * fix for gh issue #169 * new version placeholder for empty version string * fix for bzr locale problem in testsuite * pylint and flake8 in testsuite for better code quality * code cleanup to be more pylint and flake8 compatible - Update to version 0.7.0.1497261741.b1aa4cb: * Move spec file to git - Update to version 0.7.0.1496831936.d960322: * fix for nonexistant build section in appimage.yml * more documentation for README.md * Update control - add python-yaml for debian distros - added Requires: python2 for Fedora >= 25 - Only BuildRequire packages needed for testsuite if the testsuite is enabled - Update to version 0.7.0.1492101301.747de50: * skip broken tests temporarily - Update to version 0.7.0.1492095435.eda090e: * revision, repodir and repocachedir as attribute for TarSCM.<scm> * new class TarSCM.cli to make testing easier * testing script name more reliable * fixed arguments for singletask in case of snapcraft * refactored snapcraft code + first tests for snapcraft * added testcase for snapcraft finalize * split classes into several files * track module dependencies in requirements.txt * use unittest2 in Python 2.6 * more testing for TarSCM.tasks * clone_dir/repodir/arch_dir(tar_dir)/args now attributes of scm objects * test case for save_run * major refactor of git cache handling * consolidation of archive.obscpio and archive.tar parameters * next test cases * unset CACHEDIRECTORY env variable in unit tests * update atime/mtime of repocachedir if already exists * prevent key errors when $HOME is not set * fix PEP8 problems and reenable PEP8 testing * keep checkout while running with osc * fix local checkout when running in osc * force remove of files while 'make clean' * fix: also exclude directories when called .git * fix problems with generatechanges when ~/.obs/tar_scm exists * initial appimage support * Provide version rewrite using a regex pattern and replacement. * new parameter --match-tag to filter tags * keep .gitlab/.github directories - Update to version 0.7.0.1491998613.3890456: * refactor of detect_changes into classes * url as attribute of TarSCM.scm * run_cmd and safe_run moved into class helpers * combine os.path.join statement * refactoring fetch_upstream to be part of TarSCM.scm * new classes for archives * common method 'get_current_commit' to get rid of exception for git * refactored detect_changes to get rid of changesgenerate exception * get_repocachedir -> TarSCM.scm * Add description to the README.md file - split services into own rpms - Update to version 0.7.0.1490358243.8de854e: * keep .gitlab/.github directories - Update to version 0.7.0.1490263157.682db30: * Provide version rewrite using a regex pattern and replacement. * initial appimage support * make pep8 happy again * test cases for version rewrite * new parameter --match-tag to filter tags - Replayce python-yaml Requires/Buildrequires with python-PyYAML, which is actually its correct name. - Update to version 0.7.0.1484082405.7671be8: * fix problems with generatechanges when ~/.obs/tar_scm exists - Update to version 0.7.0.1481203567.804351a: * fix: also exclude directories when called .git - Update to version 0.7.0.1480953937.a4b8b09: * fix local checkout when running in osc * force remove of files while 'make clean' - Update to version 0.7.0.1480000004.4027270: * fixed pip8 problems * keep checkout while running with osc - Update to version 0.7.0.1478249268.e162c66: * prevent key errors when $HOME is not set - Update to version 0.7.0.1477858520.51a62fb: * added locking for cachedir in jailed mode * removed setup_tracking_branches and '--dissociate' * inital version of TarSCM classes * scm_object generation moved to singletask * FETCH_UPSTREAM_COMMANDS into classes * moved update_cache_* to classes * moved detect_version into classes and refactored calls of get_timestamp_* * moved get_timestamp functions into scm classes * git_ref_exists -> TarSCM.git._ref_exists * fetch_upstream_git_submodules -> fetch_submodules to get rid of exceptions for git * just moved some functions for better overview * refactor of detect_changes into classes * url as attribute of TarSCM.scm * run_cmd and safe_run moved into class helpers * combine os.path.join statement * refactoring fetch_upstream to be part of TarSCM.scm * new classes for archives * common method 'get_current_commit' to get rid of execption for git * refactored detect_changes to get rid of changesgenerate exception * get_repocachedir -> TarSCM.scm * revision, repodir and repocachedir as attribute for TarSCM.<scm> * new class TarSCM.cli to make testing easier * testing script name more reliable * fixed arguments for singletask in case of snapcraft * refactored snapcraft code + first tests for snapcraft * added testcase for snapcraft finalize * split classes into serveral files * more testing for TarSCM.tasks * clone_dir/repodir/arch_dir(tar_dir) now attributes of scm objects * test case for save_run * major refactor of git cache handling * consolidation of archive.obscpio and archive.tar parameters * next test cases * sytnax fix for "tar" service * fixed tests for tar * unset CACHEDIRECTORY env variable in unit tests * update atime/mtime of repocachedir if already exists - Update to version 0.7.0.1474270818.3e05f80: * - Update to version 0.7.0.1477567374.d44d677: * use '--dissociate' for git if package-meta is set * added locking for cachedir in jailed mode * removed setup_tracking_branches and '--dissociate' * inital version of TarSCM classes * scm_object generation moved to singletask * FETCH_UPSTREAM_COMMANDS into classes * moved update_cache_* to classes * moved detect_version into classes and refactored calls of get_timestamp_* * moved get_timestamp functions into scm classes * git_ref_exists -> TarSCM.git._ref_exists * fetch_upstream_git_submodules -> fetch_submodules to get rid of exceptions for git * just moved some functions for better overview * refactor of detect_changes into classes * url as attribute of TarSCM.scm * run_cmd and safe_run moved into class helpers * combine os.path.join statement * refactoring fetch_upstream to be part of TarSCM.scm * new classes for archives * common method 'get_current_commit' to get rid of execption for git * refactored detect_changes to get rid of changesgenerate exception * get_repocachedir -> TarSCM.scm * revision, repodir and repocachedir as attribute for TarSCM.<scm> * new class TarSCM.cli to make testing easier * testing script name more reliable * fixed arguments for singletask in case of snapcraft * refactored snapcraft code + first tests for snapcraft * added testcase for snapcraft finalize * split classes into serveral files * more testing for TarSCM.tasks * clone_dir/repodir/arch_dir(tar_dir) now attributes of scm objects * test case for save_run * major refactor of git cache handling * consolidation of archive.obscpio and archive.tar parameters * next test cases * sytnax fix for "tar" service - Update to version 0.7.0.1476904507.e88eed1: * fixed arguments for singletask in case of snapcraft * refactored snapcraft code + first tests for snapcraft * added testcase for snapcraft finalize * split classes into serveral files * more testing for TarSCM.tasks * clone_dir/repodir/arch_dir(tar_dir) now attributes of scm objects * test case for save_run * major refactor of git cache handling * consolidation of archive.obscpio and archive.tar parameters * next test cases - Update to version 0.6.1.1473925745.c5264bb: * jailed mode for docker integration * added setup of remote branches in jailed mode * new handling for remote/local branches when caching * fix permission problem of .changes files when running jailed in docker * fix problem with outdated git refs in cache - Update to version 0.6.1.1472657181.ff9a5ca: * make yaml dependency optional for travis * Add an option 'master' to submodules to fetch the latest mater branch. * tar_scm.py: Always use an absolute path for the 'output' directory * do not set files back to 1970... * transfer mtime via obsinfo * create needed sub directories for cache handling * prefer local cache directory * - weak dependency to mercurial for debian * add python-dateutil require for debian * testing on debian is broken atm - Update to version 0.6.1.1472656157.58c52d8: * make yaml dependency optional for travis * Add an option 'master' to submodules to fetch the latest mater branch. * tar_scm.py: Always use an absolute path for the 'output' directory * do not set files back to 1970... * transfer mtime via obsinfo * create needed sub directories for cache handling * prefer local cache directory * - weak dependency to mercurial for debian * add python-dateutil require for debian * testing on debian is broken atm - Update to version 0.6.1.1472655284.4930b81: * add python-dateutil require for debian * testing on debian is broken atm - fix debian builds - Update to version 0.6.1.1472636708.355b59a: * fix some more merge regressions * pep8 fixes/workarounds * make yaml dependency optional for travis * Add an option 'master' to submodules to fetch the latest mater branch. * tar_scm.py: Always use an absolute path for the 'output' directory * do not set files back to 1970... * transfer mtime via obsinfo * create needed sub directories for cache handling * prefer local cache directory * - weak dependency to mercurial for debian - Update to version 0.6.1.1471594222.d257927: * prefer local cache directory * jailed mode for docker integration * added setup of remote branches in jailed mode * new handling for remote/local branches when caching - cache handling will be refactored to have only one implementation in future. - fix mtime handling - Update to version 0.6.0.1469628830.67456b7: * pep8 fixes/workarounds * make yaml dependency optional for travis * Add an option 'master' to submodules to fetch the latest mater branch. * do not set files back to 1970... * transfer mtime via obsinfo * create needed sub directories for cache handling - update to official version 0.6.0 (latest package became official) - Update to version 0.6.0.1467889501.49c9462: + very first obs_scm implementation + allow extracting of (spec) files + allow to include local changes when using "obs_scm" service via local osc commands. + make obsinfo parameter for tar service optional + support filtering on creation of cpio archives + - add debian provides + - make cleaning message a debug message + report error when specified revision got not found + add snapcraft.yaml support + merge upstream + minor cleanup + fix typo, wrong file name of new snapcraft.yaml + fix some more merge regressions + pep8 fixes/workarounds + make yaml dependency optional for travis - added snapcraft support via own service - Update to version 0.6.0~pre.1467126663.ec976d1: * Allow to manually specify a base for @TAG_OFFSET@ * - make cleaning message a debug message * Honour "subdir" param for changesgenerate * report error when specified revision got not found * Extend fixture to create commits with a specific timestamp * Use commit timestamp as mtime for files and directories in tarball * Workaround bug in Mercurial localdate filter * fix breakage from conflict of #63 and #85 * Provide test for git tag fetching * Add ability to generate changes file when using svn * add snapcraft.yaml support - Update to version 0.6.0~pre.1461678268.e8b5d73: * fix TESTING.md link in CONTRIBUTING.md * Use correct level 2 bullet point (*) * very first obs_scm implementation * allow extracting of (spec) files * allow to include local changes when using "obs_scm" service via local osc commands. * make obsinfo parameter for tar service optional * support filtering on creation of cpio archives * - add debian provides - add debian provides - fix dependency on SLE 11 to python-argparse - Correctly reference patch in previous entry - Update to version 0.6.0~pre.1460377105.35a4ea4: * support filtering on creation of cpio archives - Update to version 0.6.0~pre.1460098798.dda5411: + make obsinfo parameter for tar service optional - Update to version 0.6.0.1460017418.4e4b2d6: + Correct error message about lack of git tags + GNUmakefile: Use default python in $PATH unless it is a python 3. + fix TESTING.md link in CONTRIBUTING.md + Use correct level 2 bullet point (*) + very first obs_scm implementation + allow extracting of (spec) files + allow to include local changes when using "obs_scm" service via local osc commands. - building this pre-version currently from private branch as discussed with Adam - only require git-core to not pull in git-web and gitk - Fix build on Ubuntu by disabling mercurial tests * 0001-Debianization-disable-running-mercurial-tests.patch - Update to version 0.5.3.1434983686.0b4ce51: + Add missing extension parameter to service file + Fix build on Debian 7.0/8.0 - Update to version 0.5.3.1433158390.b0e72e1: + use the same Python interpreter for testing tar_scm + Split up the steps of git cloning and submodule initialization + fix Makefile test runner for Debian - Update to version 0.5.2.1432717816.cff60cf: + be explicit about python2, python may be python3 + Fix newline at the end of @PARENT_TAG@ + Fix Mercurial version format strings in unittest + Refactoring of package metadata regex matching + Refactor resetting of uid/gid so that it is reusable + Fix handling of --include option + Fix handling of --exclude option + Refactor subdir handling of tarchecker's to prevent code duplication + ignore PEP8's E731 check for lambdas + PEP8 E402 fix: set PYTHONPATH outside code + add @TAG_OFFSET@ support in versionformat for git + fix inconsistencies in tar_scm.service + - fix .service file syntax (OBS 2.6.1 is checking now) + mention need to set PYTHONPATH when running tests + keep STDERR separate + don't allow --subdir to wander outside repo (boo#927120, #71) - Update to version 0.5.1.1426664483.de67b88: + be explicit about python2, python may be python3 + Fix newline at the end of @PARENT_TAG@ + Fix Mercurial version format strings in unittest + Refactoring of package metadata regex matching + Refactor resetting of uid/gid so that it is reusable + Fix handling of --include option + Fix handling of --exclude option + Refactor subdir handling of tarchecker's to prevent code duplication + ignore PEP8's E731 check for lambdas + PEP8 E402 fix: set PYTHONPATH outside code + add @TAG_OFFSET@ support in versionformat for git + fix inconsistencies in tar_scm.service + - fix .service file syntax (OBS 2.6.1 is checking now) - Update to version 0.5.0.1412769870.6cda976: + change default git versionformat to %ct.%h + fix changes generation when version is blank + lots of refactoring + add info and caveats about data persisting between tests + gittests: give default author test a unique name - Update to version 0.4.2.1412467141.df3329e. Many changes, including: + Retrieve tags for a cached git repo + Add PEP8 checking everywhere + Significantly improved tests + Fixed checkout of a hg url that ends with a trailing slash + Fix Debian build dependencies for python + Change Debian package format to 3.0 (native) + Install into /usr on Debian + Honor submodules=disable as before (fixes #38) + Fix directory name of repository clone + Fix handling of symbolic links + Fix crash when changesrevision <param> is missing + Improved usage text + Store git and hg hashes in full + Fix crash during copy of _servicedata + Fix format of new changes to match old shell tar_scm + Fix bug when temp file is on a different filesystem + Fix change generation bug introduced by Python rewrite + Fix retrieval of email address from ~/.oscrc + Refactor changesgenerate code - Update to version 0.4.0.1410288598.7f38281: + Python rewrite of tar_scm + Make pep8 happy (except for regex in tar_scm:299) + Address some feedback from pylint + make Python version PEP8-compliant + Let Travis execute pep8 + Strip newline ('\n') characters from safe_run output in detect_version() + Make potentially long-running tasks print output in real-time + Improve efficiency of stdout handling in safe_run() + Release obs-service-tar_scm 0.4.0 - Update to version 0.3.2.1404723797.745a470: + Initial debianization + switch git submodule versions correctly + add some basic documentation to the tests + split off info into TESTING.md + add CONTRIBUTING.md + improve formatting + whitelist accepted chars in arguments. + Correct/update install information + Reverse changes lines again with tac - Update to version 0.3.2.1386694317.b85b342: + Fix adding to already existing _servicedata case + Don't reverse changes lines with 'tac' + Fix Python FutureWarning about comparison with None + Improve description of the versionformat parameter. - Enable changes generation - Bump version to 0.3.2 * changes file generation support written by Sascha - Bump version to 0.3.1 * do not execute tar base file name - Bump version to 0.3.0 and include git timestamp / SHA1 in version. - Update to latest git (9de0986): + add git submodule update test + extract submodule_path() method + allow git commands to run from cwd + rename opts to args + annotate cwd + ensure all scm invocations succeed when expected + record revisions per repository path + allow creation of git submodules + Fixtures.create_commits(): add repository path parameter + GitFixtures.create_repo(): add repository path parameter + fix hg tests when run in timezone east of UTC + add hint about running tests quicker + don't hardcode revision in helper method + quoting tweak + make test output more consistent + get line spacing right + Travis: also test with Python 2.6 + tweak debugging for mv invocations + a bit more info on the test suite + leave temporary files behind on failure, for debugging + add some docstrings to a few of the more complex tests + make switching to a given git revision more robust + try to make test output a little easier to understand + improve README.md + switch README to markdown and add Travis build status icon + replace XML entities with dollar-curlies + Properly encode XML reserved entities (&,<,>) + add better revision description/documentation for git + We are still not allowed to have dashes inside version. Fix for mercurial. + allow-different-naming-schemes-for-resulting-tar-files + Fix breakage when LANG is not English (issue #8) + Make test.py executable + README: add information about the test suite + Don't rely on git error codes for "git describe", catch all + Better error handling for @PARENT_TAG@ expansion + the correct tag is 'param', 'parameter' won't work + Tell Travis where to find the tests + Cleanup testing tmp_dir afterwards + Add description for @PARENT_TAG@ + Ignore .coverage + Move tests into sub-directory + Last change for some bonus points + Naa, typo + Update package database before installing dependencies + Add initial Travis-CI configuration + Add .gitignore file + Add test for @PARENT_TAG@ - Pass --tags to "git describe" for @PARENT_TAG@ - Disable testsuite on SLE_11_SP2 to fix build - Use upstream github repository and download via _service file - Add custom git versionformat extensions: + @PARENT_TAG@: Replaced by first tag that is reachable from the current commit (see 'git describe') Future custom additions could follow the @NAME@ scheme - Fix usage text for submodules option - change default versionformat from author date (%at) to commiter date (%ct) for git, to fix issues with cherry-picked commits resulting in decreased version - add --date=short to get_vesion of git and remove '-' chars by sed. This allows us to use %ad as versionformat and have something like "20120916" as version instead of terrible Unix timestamps. - Prevent local users from appearing as user/group owner in generated tar files (thanks bmwiedemann for this) - fix option for submodule update - Fixed error with cache - Added an option to disable git submodules - Replaced --exclude=.$MYSCM with --exclude-vcs tar option - Added support for git submodules - Re-iterating the last change once again, 'git rev-parse --verify $REV' will return false even if $REV is a normal branch upon first clone of the repo. Thus 'git fetch $URL +$REV:$REV" is run initially. However, the 'git checkout $REV' then fails because it's missing tracking information. Therefore, try a normal checkout first and fetch the specific $REV only when that fails (due to reasons described below). - Allow git revision to refer to revisions not available from a default clone/fetch (i.e. refs other than refs/heads/* or refs/tags/*) - Check that git pull succeeds - Remove accidental reference to keep-source parameter which was never pushed upstream (obsoleted by new cache). - When the cache is used, output location of repo in the cache - add new 'versionformat' option to determine how version is extracted via git show --pretty=... - support caching of cloned repositories to speed up fetch from upstream Mon Feb 13 15:52:19 GMT 2012 - aspiers@suse.com - Add test suite - Fix --subdir with --scm svn - Fix --scm bzr - patch license to follow spdx.org standard - add new option to specify a subset of files/subdirectories to pack in the tar ball - Checking out a specific revision cannot work when only the latest version is cloned. - make svn checkout --trust-server-cert option conditional, since this option is not supported by versions prior to subversion 1.6. - Trim user prefix from tarball filename. This enables tar_scm service to be used with git and ssh transport (in conjuction with a passphrase less ssh-pubkey). Example Git URL: git@gitrepo.tld:foobar.git - git 1.6.x and very likely other version only support "show --pretty=format:%at" as parameter with "format:" prefix. git show --pretty=%at is also support by recent git versions. - make it possible to create tar balls without version tag (#714542) - support old tar bar lookup also for OBS 2.3 bs_service using .old/ directory - drop broken code for same-commit-detection as suggested by Markus - history-depth parameter: use hackish depth=999999999 if "full" is given so that a shallow clone will be fully deepened if the _service file is changed. Also, fix git clone cmd line (remove a pair of quotes that cause problems). - add support for (git) checkout depth, original patch by Markus Lehtonen <markus.lehtonen@linux.intel.com> - make packaging of meta data optional to reduce tar ball size - fix exclude expansion - add support for bzr - Fix: recompressed tars were never reused - cleanup mercurial commands - always trust svn server certificate. We don't have a secure handling for it anyway. Trust needs to established via extra service. - fix subdir usage for git - add option exclude files/directories when creating the tar ball - git clone runs now with --depth 1 option - support mercurial repositories - Fix --filename parameter use - initial version to checkout/update svn or git repos and create a tar Changes in obs-service-recompress: - zstd is now available on SLE 15 SP0 Adding dependency there as well to fix boo#1216361 - update to version 0.5.2: * zstd compression with rsyncable and higher compression - disable zstd on RHEL, the package is not available on OBS - use filebased requires on gzip so that zstd can supplement it as well - Fixed checking for zstd support on different distributions - Update to version 0.5.1: * Use at least 2 threads for xz compression - Update to version 0.5.0: * do not follow symlinks (issue 9) * add license file * compression using # of core threads for zstd and xz * Add support for keeping of original file * use --threads=0 - Update to version 0.4.0+git20200123.696d003: * run test suite during build - Update to version 0.4.0+git20200123.946b23f: * add zstd compression support - Update to version 0.3.1+git20170704.59bf231: * Add README.md file * [dist] added spec file to git - Update to version 0.3.1+git20160217.7897d3f: + security fixes (boo#967265) - Fix build for Debian 8.0 - Use install target from Makefile - Include git revision in version number - Update to version 0.3.1+git20150622.d908b54: + Tell rm not to prompt + Change debian source format to 'native' + Add Makefile with install target - Update to version 0.3.1: + debian: use install-file to simplify rules-file + Initial debianization + - avoid problematic quoting + Fix typo - Update to version 0.3.1: + Fix diffing uncompressed files - Update to version 0.3: + Don't overwrite identical files - Move service to github.com/openSUSE/obs-service-recompress - Add _service file to update package from there - Drop local sources and use tarball from source services - Display message on successful (re)compression. - always remove uncompressed files - fix rpmlint warnings obs-service-recompress-0.5.2-bp157.2.1.noarch.rpm obs-service-recompress-0.5.2-bp157.2.1.src.rpm obs-service-appimage-0.11.0-bp157.2.1.noarch.rpm obs-service-obs_scm-0.11.0-bp157.2.1.noarch.rpm obs-service-obs_scm-common-0.11.0-bp157.2.1.noarch.rpm obs-service-snapcraft-0.11.0-bp157.2.1.noarch.rpm obs-service-tar-0.11.0-bp157.2.1.noarch.rpm obs-service-tar_scm-0.11.0-bp157.2.1.noarch.rpm obs-service-tar_scm-0.11.0-bp157.2.1.src.rpm openSUSE-2026-114 moderate openSUSE Backports SLE-15-SP7 Update This update for putty fixes the following issues: - Update to release 0.83 * Support for ML-KEM, a NIST-standardised post-quantum key exchange mechanism. * Bug fix: psftp -b works again. * Fixed bug which crashed Pageant if an SSH connection is abandoned while waiting for a deferred decryption passphrase. * Fix a tight loop bug occurring if PuTTY tried to send an empty answerback string. * Fixed a bug where some configuration edit boxes' contents were accidentally truncated to 127 characters. * Bug fix: the small keypad keys did not reliably work in the terminal on Unix. - Update to release 0.82 * Major refactoring of Unicode handling to allow the use of 'foreign' Unicode characters outside the system's configured default character set. * Bracketed paste mode can now be turned off in the Terminal > Features panel. * The "border width" configuration option is now honoured even when the window is maximised. putty-0.83-bp157.2.3.1.src.rpm putty-0.83-bp157.2.3.1.x86_64.rpm putty-0.83-bp157.2.3.1.i586.rpm putty-0.83-bp157.2.3.1.aarch64.rpm putty-0.83-bp157.2.3.1.ppc64le.rpm putty-0.83-bp157.2.3.1.s390x.rpm openSUSE-2026-110 important openSUSE Backports SLE-15-SP7 Update This update for perl-Crypt-URandom fixes the following issues: - updated to 0.550.0 (0.55) see /usr/share/doc/packages/perl-Crypt-URandom/Changes 0.55 Tue Feb 17 07:01:43 2026 - Fix for sysread/read failures. Thanks to Miha Purg for GH#20 - Fix for test suite failures on STDOUT encoding. Thanks to Lukas Mai for GH#19 - CVE-2026-2474: Fix for heap buffer overflow in the XS function crypt_urandom_getrandom() (boo#1258266) - updated to 0.540.0 (0.54) see /usr/share/doc/packages/perl-Crypt-URandom/Changes 0.54 Sat Mar 15 20:37:13 2025 - Reverse solaris changes and remove errstr checks. Thanks to eserte for GH#18 perl-Crypt-URandom-0.550.0-bp157.2.3.1.src.rpm perl-Crypt-URandom-0.550.0-bp157.2.3.1.x86_64.rpm perl-Crypt-URandom-0.550.0-bp157.2.3.1.i586.rpm perl-Crypt-URandom-0.550.0-bp157.2.3.1.aarch64.rpm perl-Crypt-URandom-0.550.0-bp157.2.3.1.ppc64le.rpm perl-Crypt-URandom-0.550.0-bp157.2.3.1.s390x.rpm openSUSE-2026-111 important openSUSE Backports SLE-15-SP7 Update This update for tinyproxy fixes the following issues: - CVE-2026-3945: Fixed denial of service by unauthenticated remote attacker (boo#1261024) - Update to release 1.11.3 * conf: add BasicAuthRealm feature * basic auth: fix error status 401 vs 407 * tinyproxy.conf.5: explain what a site_spec looks like * tinyproxy.conf.5: add an IPv6 example to allow/deny section * reqs: fix integer overflow in port number processing tinyproxy-1.11.3-bp157.2.6.1.src.rpm tinyproxy-1.11.3-bp157.2.6.1.x86_64.rpm tinyproxy-1.11.3-bp157.2.6.1.i586.rpm tinyproxy-1.11.3-bp157.2.6.1.aarch64.rpm tinyproxy-1.11.3-bp157.2.6.1.ppc64le.rpm tinyproxy-1.11.3-bp157.2.6.1.s390x.rpm openSUSE-2026-113 important openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: Chromium 146.0.7680.177 (boo#1261249) * CVE-2026-5273: Use after free in CSS * CVE-2026-5272: Heap buffer overflow in GPU * CVE-2026-5274: Integer overflow in Codecs * CVE-2026-5275: Heap buffer overflow in ANGLE * CVE-2026-5276: Insufficient policy enforcement in WebUSB * CVE-2026-5277: Integer overflow in ANGLE * CVE-2026-5278: Use after free in Web MIDI * CVE-2026-5279: Object corruption in V8 * CVE-2026-5280: Use after free in WebCodecs * CVE-2026-5281: Use after free in Dawn * CVE-2026-5282: Out of bounds read in WebCodecs * CVE-2026-5283: Inappropriate implementation in ANGLE * CVE-2026-5284: Use after free in Dawn * CVE-2026-5285: Use after free in WebGL * CVE-2026-5286: Use after free in Dawn * CVE-2026-5287: Use after free in PDF * CVE-2026-5288: Use after free in WebView * CVE-2026-5289: Use after free in Navigation * CVE-2026-5290: Use after free in Compositing * CVE-2026-5291: Inappropriate implementation in WebGL * CVE-2026-5292: Out of bounds read in WebCodecs chromedriver-146.0.7680.177-bp157.2.142.1.x86_64.rpm chromium-146.0.7680.177-bp157.2.142.1.nosrc.rpm chromium-146.0.7680.177-bp157.2.142.1.x86_64.rpm chromedriver-146.0.7680.177-bp157.2.142.1.aarch64.rpm chromium-146.0.7680.177-bp157.2.142.1.aarch64.rpm chromedriver-146.0.7680.177-bp157.2.142.1.ppc64le.rpm chromium-146.0.7680.177-bp157.2.142.1.ppc64le.rpm openSUSE-2026-116 critical openSUSE Backports SLE-15-SP7 Update This update for osslsigncode fixes the following issues: - Update to 2.13 (boo#1260680, CVE-2025-70888): * fixed integer overflows when processing APPX compressed data streams * fixed double-free vulnerabilities in APPX file processing * fixed multiple memory corruption issues in PE page hash computation - Changes from 2.12: * fixed a buffer overflow while extracting message digests - Changes from 2.11: * added keyUsage validation for signer certificate * added printing CRL details during signature verification * implemented a workaround for CRL servers returning the HTTP Content-Type header other than application/pkix-crl * fixed HTTP keep-alive handling * fixed macOS compiler and linker flags * fixed undefined BIO_get_fp() behavior with BIO_FLAGS_UPLINK_INTERNAL - update to 2.10: * added JavaScript signing * added PKCS#11 provider support (requires OpenSSL 3.0+) * added support for providers without specifying "-pkcs11module" option * (OpenSSL 3.0+, e.g., for the upcoming CNG provider) * added compatibility with the CNG engine version 1.1 or later * added the "-engineCtrl" option to control hardware and CNG engines * added the '-blobFile' option to specify a file containing the blob content * improved unauthenticated blob support (thanks to Asger Hautop Drewsen) * improved UTF-8 handling for certificate subjects and issuers * fixed support for multiple signerInfo contentType OIDs (CTL and Authenticode) * fixed tests for python-cryptography >= 43.0.0 - update to version 2.9: * added a 64 bit long pseudo-random NONCE in the TSA request * missing NID_pkcs9_signingTime is no longer an error * added support for PEM-encoded CRLs * fixed the APPX central directory sorting order * added a special "-" file name to read the passphrase from stdin * used native HTTP client with OpenSSL 3.x, removing libcurl dependency * added '-login' option to force a login to PKCS11 engines * added the "-ignore-crl" option to disable fetching and verifying CRL Distribution Points * changed error output to stderr instead of stdout * various testing framework improvements * various memory corruption fixes - update to version 2.8: * Microsoft PowerShell signing sponsored by Cisco Systems, Inc. * fixed setting unauthenticated attributes (Countersignature, Unauthenticated * Data Blob) in a nested signature * added the "-index" option to verify a specific signature or modify its unauthenticated attributes * added CAT file verification * added listing the contents of a CAT file with the "-verbose" option * added the new "extract-data" command to extract a PKCS#7 data content to be signed with "sign" and attached with "attach-signature" * added PKCS9_SEQUENCE_NUMBER authenticated attribute support * added the "-ignore-cdp" option to disable CRL Distribution Points (CDP) online verification * unsuccessful CRL retrieval and verification changed into a critical error the "-p" option modified to also use to configured proxy to connect CRL Distribution Points * added implicit allowlisting of the Microsoft Root Authority serial number 00C1008B3C3C8811D13EF663ECDF40 * added listing of certificate chain retrieved from the signature in case of verification failure - update to 2.7.0 * fixed signing CAB files (by Michael Brown) * fixed handling of unsupported commands (by Maxim Bagryantsev) * fixed writing DIFAT sectors * added APPX support (by Maciej Panek and Małgorzata Olszówka) * added a built-in TSA response generation (-TSA-certs, -TSA-key and -TSA-time options) * added verification of CRLs specified in the signing certificate * added MSI DIFAT sectors support (by Max Bagryantsev) * added the "-h" option to set the cryptographic hash function for the "attach -signature" and "add" commands * set the default hash function to "sha256" * added the "attach-signature" option to compute and compare the leaf certificate hash for the "add" command * renamed the "-st" option "-time" * updated the "-time" option to also set explicit verification time * added the "-ignore-timestamp" option * removed the "-timestamp-expiration" option * numerous bugfixes * documentation updates osslsigncode-2.13-bp157.2.3.1.src.rpm osslsigncode-2.13-bp157.2.3.1.x86_64.rpm osslsigncode-2.13-bp157.2.3.1.i586.rpm osslsigncode-2.13-bp157.2.3.1.aarch64.rpm osslsigncode-2.13-bp157.2.3.1.ppc64le.rpm osslsigncode-2.13-bp157.2.3.1.s390x.rpm openSUSE-2026-118 moderate openSUSE Backports SLE-15-SP7 Update This update for etcd fixes the following issues: - Update to version 3.6.10: * etcdserver: allow non-admin to fetch member list and alarms * Bump golang.org/x/image to v0.38.0 to resolve GO-2026-4815 * Fix etcdctl endpoint command with option --cluster when auth is enabled - Update to version 3.6.9: * dependency: Bump google.golang.org/grpc from v1.75.0 to 1.79.3 * server/etcdserver: guard unauthenticated endpoints with auth checks * server/etcdserver: enforce auth checks for nested txn ops * build(deps): bump distroless/static-debian12 from `3f2b64e` to `20bc6c0` * Revert "Reuse events between sync loops" * Bump golang.org/x/net@ v0.51.0 fixes GO-2026-4559 * Don't reuse same ReadIndex * etcdctl: add license header * etcdctl: add unit test for Argify * etcdctl: fix slice bounds trimming single-quoted args * Add defer-recover block to prevent panic when cc is nil * Print the endpoint the grpc client connected to in unary interceptor * Fix race berween read index and leader change causing a stale read * server/etcdmain: fix deadlock issue for grpcproxy * dependency: bump go.opentelemetry.io/otel/sdk from v1.34.0 to v1.40.0 * server/etcdserver/api/v3rpc: run metrics interceptors before handlers - Update to version 3.6.8: * version: bump up to 3.6.8 * [release-3.6] Bump go version to 1.24.13 * Remove the use of grpc-go's Metadata field * Bump go version to 1.24.11 * Keep the --snapshot-count flag * Remove flag --max-snapshots in 3.8 rather than 3.7 * tools: explicitly require golang.org/x/tools/cmd/goimports * dependency: Bump golang.org/x/crypto from 0.42.0 to 0.45.0 - Update to version 3.6.7: * dependency: Bump golang.org/x/net from 0.38.0 to 0.45.0 * Bump go to 1.24.11 * Print token fingerprint instead of the original tokens in log messages - Update to version 3.6.6: * v3rpc: add and use getServerMetrics() with global metricsServerCached * Fix the '--force-new-cluster' can't clean up learners issue * etcdserver: follow convention to extract auth token in cluster_util.go * etcdserver: fix cannot promote with auth from follower * Fix endpoint status not retuning the correct storage quota * server/embed: Log EOF on DEBUG in TLS handshake * Reject watch request with -1 revision and make rangeEvents safe against negative revision etcd-3.6.10-bp157.2.12.1.src.rpm etcd-3.6.10-bp157.2.12.1.x86_64.rpm etcdctl-3.6.10-bp157.2.12.1.x86_64.rpm etcdutl-3.6.10-bp157.2.12.1.x86_64.rpm etcd-3.6.10-bp157.2.12.1.aarch64.rpm etcdctl-3.6.10-bp157.2.12.1.aarch64.rpm etcdutl-3.6.10-bp157.2.12.1.aarch64.rpm etcd-3.6.10-bp157.2.12.1.ppc64le.rpm etcdctl-3.6.10-bp157.2.12.1.ppc64le.rpm etcdutl-3.6.10-bp157.2.12.1.ppc64le.rpm etcd-3.6.10-bp157.2.12.1.s390x.rpm etcdctl-3.6.10-bp157.2.12.1.s390x.rpm etcdutl-3.6.10-bp157.2.12.1.s390x.rpm openSUSE-2026-119 moderate openSUSE Backports SLE-15-SP7 Update This update for virtme fixes the following issues: - Update to 1.41: * Improve the consistency and reliability of the guest init process (virtme-ng-init / virtme-init). * Broader support across different distributions and architectures, including better compatibility with minimal rootfs environments. * Debugging capabilities have been enhanced with support for customizing the GDB port for each guest session. * Networking has been refined as well, with improved SSH handling and new options for PCI device passthrough via --vfio-pci. * Integration with AI agents has also been enhanced. In particular, vng can now be used more effectively in non-interactive sessions, allowing AI agents to automate fairly advanced workflows for kernel testing and patch validation. virtme-1.41-bp157.2.18.1.noarch.rpm virtme-1.41-bp157.2.18.1.src.rpm openSUSE-2026-123 important openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: Chromium 147.0.7727.55 (boo#1261758): * CVE-2026-5858: Heap buffer overflow in WebML * CVE-2026-5859: Integer overflow in WebML * CVE-2026-5860: Use after free in WebRTC * CVE-2026-5861: Use after free in V8 * CVE-2026-5862: Inappropriate implementation in V8 * CVE-2026-5863: Inappropriate implementation in V8 * CVE-2026-5864: Heap buffer overflow in WebAudio * CVE-2026-5865: Type Confusion in V8 * CVE-2026-5866: Use after free in Media * CVE-2026-5867: Heap buffer overflow in WebML * CVE-2026-5868: Heap buffer overflow in ANGLE * CVE-2026-5869: Heap buffer overflow in WebML * CVE-2026-5870: Integer overflow in Skia * CVE-2026-5871: Type Confusion in V8 * CVE-2026-5872: Use after free in Blink * CVE-2026-5873: Out of bounds read and write in V8 * CVE-2026-5874: Use after free in PrivateAI * CVE-2026-5875: Policy bypass in Blink * CVE-2026-5876: Side-channel information leakage in Navigation * CVE-2026-5877: Use after free in Navigation * CVE-2026-5878: Incorrect security UI in Blink * CVE-2026-5879: Insufficient validation of untrusted input in ANGLE * CVE-2026-5880: Incorrect security UI in browser UI * CVE-2026-5881: Policy bypass in LocalNetworkAccess * CVE-2026-5882: Incorrect security UI in Fullscreen * CVE-2026-5883: Use after free in Media * CVE-2026-5884: Insufficient validation of untrusted input in Media * CVE-2026-5885: Insufficient validation of untrusted input in WebML * CVE-2026-5886: Out of bounds read in WebAudio * CVE-2026-5887: Insufficient validation of untrusted input in Downloads * CVE-2026-5888: Uninitialized Use in WebCodecs * CVE-2026-5889: Cryptographic Flaw in PDFium * CVE-2026-5890: Race in WebCodecs * CVE-2026-5891: Insufficient policy enforcement in browser UI * CVE-2026-5892: Insufficient policy enforcement in PWAs * CVE-2026-5893: Race in V8 * CVE-2026-5894: Inappropriate implementation in PDF * CVE-2026-5895: Incorrect security UI in Omnibox * CVE-2026-5896: Policy bypass in Audio * CVE-2026-5897: Incorrect security UI in Downloads * CVE-2026-5898: Incorrect security UI in Omnibox * CVE-2026-5899: Incorrect security UI in History Navigation * CVE-2026-5900: Policy bypass in Downloads * CVE-2026-5901: Policy bypass in DevTools * CVE-2026-5902: Race in Media * CVE-2026-5903: Policy bypass in IFrameSandbox * CVE-2026-5904: Use after free in V8 * CVE-2026-5905: Incorrect security UI in Permissions * CVE-2026-5906: Incorrect security UI in Omnibox * CVE-2026-5907: Insufficient data validation in Media * CVE-2026-5908: Integer overflow in Media * CVE-2026-5909: Integer overflow in Media * CVE-2026-5910: Integer overflow in Media * CVE-2026-5911: Policy bypass in ServiceWorkers * CVE-2026-5912: Integer overflow in WebRTC * CVE-2026-5913: Out of bounds read in Blink * CVE-2026-5914: Type Confusion in CSS * CVE-2026-5915: Insufficient validation of untrusted input in WebML * CVE-2026-5918: Inappropriate implementation in Navigation * CVE-2026-5919: Insufficient validation of untrusted input in WebSockets * enforce a num,ber of new Local Area Network (LAN) restrictions * New Web Printing API * vertical tabs support (trial) - new in 147 (for developers): * Element-scoped view transitions exposes startViewTransition on arbitrary HTML elements. * CSS contrast-color() helps meet accessibility requirements * The CSS border-shape property lets you create non-rectangular borders * CVE-2025-4096: Heap buffer overflow in HTML * CVE-2025-4050: Out of bounds memory access in DevTools * CVE-2025-4051: Insufficient data validation in DevTools * CVE-2025-4052: Inappropriate implementation in DevTools * CVE-2024-7000: Use after free in CSS * CVE-2024-3834: Use after free in Downloads * CVE-2020-6465: Use after free in reader mode * CVE-2020-6466: Use after free in media * CVE-2020-6467: Use after free in WebRTC * CVE-2020-6468: Type Confusion in V8 * CVE-2020-6469: Insufficient policy enforcement in developer tools * CVE-2020-6470: Insufficient validation of untrusted input in clipboard * CVE-2020-6471: Insufficient policy enforcement in developer tools * CVE-2020-6472: Insufficient policy enforcement in developer tools * CVE-2020-6473: Insufficient policy enforcement in Blink * CVE-2020-6474: Use after free in Blink * CVE-2020-6475: Incorrect security UI in full screen * CVE-2020-6476: Insufficient policy enforcement in tab strip * CVE-2020-6477: Inappropriate implementation in installer * CVE-2020-6478: Inappropriate implementation in full screen * CVE-2020-6479: Inappropriate implementation in sharing * CVE-2020-6480: Insufficient policy enforcement in enterprise * CVE-2020-6481: Insufficient policy enforcement in URL formatting * CVE-2020-6482: Insufficient policy enforcement in developer tools * CVE-2020-6483: Insufficient policy enforcement in payments * CVE-2020-6484: Insufficient data validation in ChromeDriver * CVE-2020-6485: Insufficient data validation in media router * CVE-2020-6486: Insufficient policy enforcement in navigations * CVE-2020-6487: Insufficient policy enforcement in downloads * CVE-2020-6488: Insufficient policy enforcement in downloads * CVE-2020-6489: Inappropriate implementation in developer tools * CVE-2020-6490: Insufficient data validation in loader * CVE-2020-6491: Incorrect security UI in site information * CVE-2019-5754: Inappropriate implementation in QUIC Networking * CVE-2019-5782: Inappropriate implementation in V8 * CVE-2019-5755: Inappropriate implementation in V8 * CVE-2019-5756: Use after free in PDFium * CVE-2019-5757: Type Confusion in SVG * CVE-2019-5758: Use after free in Blink * CVE-2019-5759: Use after free in HTML select elements * CVE-2019-5760: Use after free in WebRTC * CVE-2019-5761: Use after free in SwiftShader * CVE-2019-5762: Use after free in PDFium * CVE-2019-5763: Insufficient validation of untrusted input in V8 * CVE-2019-5764: Use after free in WebRTC * CVE-2019-5765: Insufficient policy enforcement in the browser * CVE-2019-5766: Insufficient policy enforcement in Canvas * CVE-2019-5767: Incorrect security UI in WebAPKs * CVE-2019-5768: Insufficient policy enforcement in DevTools * CVE-2019-5769: Insufficient validation of untrusted input in Blink * CVE-2019-5770: Heap buffer overflow in WebGL * CVE-2019-5771: Heap buffer overflow in SwiftShader * CVE-2019-5772: Use after free in PDFium * CVE-2019-5773: Insufficient data validation in IndexedDB * CVE-2019-5774: Insufficient validation of untrusted input in SafeBrowsing * CVE-2019-5775: Insufficient policy enforcement in Omnibox * CVE-2019-5776: Insufficient policy enforcement in Omnibox * CVE-2019-5777: Insufficient policy enforcement in Omnibox * CVE-2019-5778: Insufficient policy enforcement in Extensions * CVE-2019-5779: Insufficient policy enforcement in ServiceWorker * CVE-2019-5780: Insufficient policy enforcement * CVE-2019-5781: Insufficient policy enforcement in Omnibox * High CVE-2018-6031: Use after free in PDFium * High CVE-2018-6032: Same origin bypass in Shared Worker * High CVE-2018-6033: Race when opening downloaded files * Medium CVE-2018-6034: Integer overflow in Blink * Medium CVE-2018-6035: Insufficient isolation of devtools from extensions * Medium CVE-2018-6036: Integer underflow in WebAssembly * Medium CVE-2018-6037: Insufficient user gesture requirements in autofill * Medium CVE-2018-6038: Heap buffer overflow in WebGL * Medium CVE-2018-6039: XSS in DevTools * Medium CVE-2018-6040: Content security policy bypass * Medium CVE-2018-6041: URL spoof in Navigation * Medium CVE-2018-6042: URL spoof in OmniBox * Medium CVE-2018-6043: Insufficient escaping with external URL handlers * Medium CVE-2018-6045: Insufficient isolation of devtools from extensions * Medium CVE-2018-6046: Insufficient isolation of devtools from extensions * Medium CVE-2018-6047: Cross origin URL leak in WebGL * Low CVE-2018-6048: Referrer policy bypass in Blink * Low CVE-2017-15420: URL spoofing in Omnibox * Low CVE-2018-6049: UI spoof in Permissions * Low CVE-2018-6050: URL spoof in OmniBox * Low CVE-2018-6051: Referrer leak in XSS Auditor * Low CVE-2018-6052: Incomplete no-referrer policy implementation * Low CVE-2018-6053: Leak of page thumbnails in New Tab Page * Low CVE-2018-6054: Use after free in WebUI * CVE-2017-5070: Type confusion in V8 * CVE-2017-5071: Out of bounds read in V8 * CVE-2017-5072: Address spoofing in Omnibox * CVE-2017-5073: Use after free in print preview * CVE-2017-5074: Use after free in Apps Bluetooth * CVE-2017-5075: Information leak in CSP reporting * CVE-2017-5086: Address spoofing in Omnibox * CVE-2017-5076: Address spoofing in Omnibox * CVE-2017-5077: Heap buffer overflow in Skia * CVE-2017-5078: Possible command injection in mailto handling * CVE-2017-5079: UI spoofing in Blink * CVE-2017-5080: Use after free in credit card autofill * CVE-2017-5081: Extension verification bypass * CVE-2017-5082: Insufficient hardening in credit card editor * CVE-2017-5083: UI spoofing in Blink * CVE-2017-5085: Inappropriate javascript execution on WebUI pages - CVE-2016-1663: Use-after-free in Blink's V8 bindings * CVE-2013-6643: Unprompted sync with an attacker's * Use Google's online spellchecker to identify misspelled words chromedriver-147.0.7727.55-bp157.2.145.1.x86_64.rpm chromium-147.0.7727.55-bp157.2.145.1.nosrc.rpm chromium-147.0.7727.55-bp157.2.145.1.x86_64.rpm chromedriver-147.0.7727.55-bp157.2.145.1.aarch64.rpm chromium-147.0.7727.55-bp157.2.145.1.aarch64.rpm chromedriver-147.0.7727.55-bp157.2.145.1.ppc64le.rpm chromium-147.0.7727.55-bp157.2.145.1.ppc64le.rpm openSUSE-2026-122 moderate openSUSE Backports SLE-15-SP7 Update This update for python-Flask-HTTPAuth fixes the following issues: - CVE-2026-34531: Do not accept empty tokens (boo#1261355) python-Flask-HTTPAuth-4.8.0-bp157.2.3.1.src.rpm python311-Flask-HTTPAuth-4.8.0-bp157.2.3.1.noarch.rpm openSUSE-2026-127 moderate openSUSE Backports SLE-15-SP7 Update This update for certbot-systemd-timer fixes the following issues: - Require just 'certbot' to work with any python flavour - Fix build with RPM 4.20: referencing ../ in %doc/%license is not guaranteed. certbot-systemd-timer-0.0-bp157.2.3.1.noarch.rpm certbot-systemd-timer-0.0-bp157.2.3.1.src.rpm openSUSE-2026-143 moderate openSUSE Backports SLE-15-SP7 Update This update for coturn fixes the following issues: - Update to version 4.9.0 * Multiple security fixes. * Fix to Web Admin password check. * Cleanup of deprecated openssl APIs. * CVE-2026-27624: bypass localhost and IP range block using IPv4-mapped IPv6. (boo#1258847) - Update to version 4.8.0 * Faster packet validation on listener threads to improve handling of DDoS attacks. * Make socket buffer size configurable with sock-buf-size. * Address memory leaks and potential crashes. * CVE-2025-69217: Improve random number usage to address (boo#1255744) - Update to version 4.7.0 * Breaking changes in order to get to sane defaults for improved security by default + Support for openssl 1.1.1 and 3.x only. + Cleanup deprecated options - if your scripts have them turnserver will fail to start. + Reverse SOFTWARE_ATTRIBUTE_OPT to avoid inverse logic - now need to explicitly enable it. + Deprecate response-origin-only-with-rfc5780. + Invert no-stun-backward-compatibility to be default on. * TLSv1 and TLSv1_1 are now optional (no need to turn them off). * Minor bug fixes and regressions. * Improved support for modern version of prometheus. - Upgrade to coturn 4.6.3 * Release highlights: - Multiple memory fixes - New drain feature - Better support for new versions of Redis - Add support for raw public keys * Complete change list - Add clang-tidy, include-what-you-use, and msvc-analyzer github actions - Add CodeQL workflow - added missing function prototype of turn_random_number() - Added sessionID to some log lines - added support for amazon linux and renamed tests.yml - added warnings for prometheus apt unavailability - Add github action that runs tests with compiler sanitizers - Additional refactoring of ns_turn_allocation.* to address security scanner concerns - Add MariaDB support to README.md - Add new Drain feature - Add prometheus setting suggestions on turn.conf in example folder - Address clang-tidy warnings in db files - Address some build issues introduced by api changes - Add support for raw public keys - Add the InsertBraces command for clang-format to ensure that all conditionals always have braces - Add warning and disable web admin if no-tls option used - Adjust wording in cmake message when prometheous cannot be found. - Allow authenticating with a username to redis - Always run lint, regardless of branch - Avoid nullptr dereference of server variable in various functions - avoid potential nullptr derefernence in udp_create_server_socket - Avoid read-past-end of string in get_bold_admin_title - Avoid writing potentially uninitialized data to aes_128 key file - changed variables in stunclient.c to bool - Change minimal required cmake version to 3.16 - Change printf() to TURN_LOG_FUNC() for --no-stdout-log - Change the various map functions to return bool instead of inconsistantly return 0, 1, or -1 - Check allocation results in add_static_user_account - Check the result of calloc in handle_logon_request - Check the result of malloc in del_alt_server - Check the result of malloc in mongo_set_realm_option_one - Check the result of malloc in send_message_to_redis - Check the result of malloc in string_list_add - Check the result of realloc and calloc in ch_map_get - CMake: Declare the variable nearby - configure: data files shouldn't be executable - defined a magic number for stun fingerprinting - Delete dead code - Delete unused variable - Doc: add flowchart - Easy installation of coturn on AWS - Fix buffer overflow in generate_enc_password with increase rsalt by 2 - Fix build with libressl 3.6+ - Fix clang-format lint warnings - Fix cli auth - Fix Cmake find issue in libevent - Fix cmake find prometheus(fix #1304) - Fix compiler warnings from continuous integration - Fix const during free warning in rfc5769check app - Fix error of make command in Cygwin environment - Fix formatting to fix lint error - Fix lint complaint about comment - Fix lint errors - Fix linting error in mainrelay.c - Fix make lint - Fix memcpy len checks stun_is_challenge_response_str - Fix memleak in pgsql_reread_realms - Fix memory leak in netengine.c - Fix memory leak in rfc5769check.c - Fix memory leak on http_server.c - Fix mingw build - Fix missing strncpy in fix_stun_check_message_integrity_str - Fix msvc analyzer error on goto label on rfc5769check - Fix nodejs/glibc problem with old container images. - Fix no-tls warning typo - Fix potential null passed to function expecting nonnull - Fix recursive call in delete alternate server - Fix return correct error code for `create_relay_connection` in case of `RESERVATION-TOKEN` failure - Fix rpm version scripts - Fix run cmake.yml in any github action - Fix typos - Fix ubuntu 16 build with GH action checkout version to v3 - Implement custom prometheus http handler - Include what you use - Install openssl-1.1.1 on amazonlinux:2 instead of openssl-1.0.1 - malloc now allocates space for string terminator - Memset user_db before reading conf file, not after - Missing session ID in coturn logs for denied IP - 1330 - Move the hiredis_libevent2 code from common to relay - Only set MHD_USE_DUAL_STACK if IPv6 is available - Print version only, no extra lines - Reduce ifdefs in code: TURN_NO_PROMETHEUS - Refactor: peer_input_handle - Reformat code - Remove unimplemented test folder reference from CMakeLists.txt - Replace HeapAlloc with malloc - Replace srand/rand with srandom/random - Return a 400 response to HTTP requests - Run all of the CI except for Docker builds on any change - Simplify macOS detection macros - Simplify workflow for codeql - strncpy doesn't return size_t - ubuntu build dependencies extracted to composite actions - Update FlowChart - Update libtelnet - Update lukka/run - Update SQLite.md - Update turnserver.conf Example about listening-ip - Update turnserver.spec - Update version in vcpkg.json - Use active CPU number instead of total number - Use bool, instead of int, for the functions in ns_turn_msg.c - Use bool over int for the turnutils_uclient program - Use calloc where appropriate, avoid memset when normal buffer initialization works - Windows: Only attempt to bind when the network interface is up - workflow tidying - Don't hard require systemd -- not needed in containers - enable 'verbose' log to see listening IPs and more, not just server start/stop - have a meaningful turnserver.conf.default - create a ready-to-run turnserver.conf - fix logrotate script - Update README.SUSE for Let's Encrypt Certificates - move certs to /etc/coturn/tls - Update apparmor profile - rework sysusers.d config file coturn-4.9.0-bp157.2.3.1.src.rpm coturn-4.9.0-bp157.2.3.1.x86_64.rpm coturn-debuginfo-4.9.0-bp157.2.3.1.x86_64.rpm coturn-debugsource-4.9.0-bp157.2.3.1.x86_64.rpm coturn-devel-4.9.0-bp157.2.3.1.x86_64.rpm coturn-utils-4.9.0-bp157.2.3.1.x86_64.rpm coturn-utils-debuginfo-4.9.0-bp157.2.3.1.x86_64.rpm coturn-4.9.0-bp157.2.3.1.aarch64.rpm coturn-debuginfo-4.9.0-bp157.2.3.1.aarch64.rpm coturn-debugsource-4.9.0-bp157.2.3.1.aarch64.rpm coturn-devel-4.9.0-bp157.2.3.1.aarch64.rpm coturn-utils-4.9.0-bp157.2.3.1.aarch64.rpm coturn-utils-debuginfo-4.9.0-bp157.2.3.1.aarch64.rpm coturn-4.9.0-bp157.2.3.1.ppc64le.rpm coturn-debuginfo-4.9.0-bp157.2.3.1.ppc64le.rpm coturn-debugsource-4.9.0-bp157.2.3.1.ppc64le.rpm coturn-devel-4.9.0-bp157.2.3.1.ppc64le.rpm coturn-utils-4.9.0-bp157.2.3.1.ppc64le.rpm coturn-utils-debuginfo-4.9.0-bp157.2.3.1.ppc64le.rpm coturn-4.9.0-bp157.2.3.1.s390x.rpm coturn-debuginfo-4.9.0-bp157.2.3.1.s390x.rpm coturn-debugsource-4.9.0-bp157.2.3.1.s390x.rpm coturn-devel-4.9.0-bp157.2.3.1.s390x.rpm coturn-utils-4.9.0-bp157.2.3.1.s390x.rpm coturn-utils-debuginfo-4.9.0-bp157.2.3.1.s390x.rpm openSUSE-2026-133 moderate openSUSE Backports SLE-15-SP7 Update This update for gitea-tea fixes the following issues: - update to 0.13.0: * docs: add v0.13.0 release notes to CHANGELOG (#945) * feat(pulls): add edit subcommand for pull requests (#944) * fix(deps): update module github.com/go-git/go-git/v5 to v5.17.2 (#943) * fix(deps): update module github.com/go-git/go-git/v5 to v5.17.1 (#942) * fix(deps): update module code.gitea.io/sdk/gitea to v0.24.1 (#936) * fix(deps): update module github.com/go-authgate/sdk-go to v0.6.1 (#935) * fix(deps): update module github.com/urfave/cli/v3 to v3.8.0 (#937) * replace log.Fatal/os.Exit with error returns (#941) * chore(deps): update docker.gitea.com/gitea docker tag to v1.25.5 (#934) * fix(deps): update module github.com/olekukonko/tablewriter to v1.1.4 (#933) * chore(deps): update mcr.microsoft.com/devcontainers/go docker tag to v2.1 (#930) * chore(deps): update Go dependencies and CI workflow action versions (#932) * feat(repos): support owner-based repository listing with robust lookup (#931) * feat(repos): add repo edit subcommand (#928) * feat: store OAuth tokens in OS keyring via credstore (#926) * add function comment * make vet&fmt pass * Update to charm libraries v2 (#923) * fix(deps): update module golang.org/x/oauth2 to v0.36.0 (#919) * go 1.26 * fix(deps): update module github.com/go-git/go-git/v5 to v5.17.0 (#910) * Parse multiple values in api subcommand (#911) gitea-tea-0.13.0-bp157.2.18.1.src.rpm gitea-tea-0.13.0-bp157.2.18.1.x86_64.rpm gitea-tea-bash-completion-0.13.0-bp157.2.18.1.noarch.rpm gitea-tea-zsh-completion-0.13.0-bp157.2.18.1.noarch.rpm gitea-tea-0.13.0-bp157.2.18.1.i586.rpm gitea-tea-0.13.0-bp157.2.18.1.aarch64.rpm gitea-tea-0.13.0-bp157.2.18.1.ppc64le.rpm gitea-tea-0.13.0-bp157.2.18.1.s390x.rpm openSUSE-2026-135 moderate openSUSE Backports SLE-15-SP7 Update This update for kubo fixes the following issues: - Update to 0.40.1 * IPIP-499: UnixFS CID Profiles * Automatic cleanup of interrupted imports * Light clients can now use your node for delegated routing * See total size when pinning * IPIP-523: ?format= takes precedence over Accept header * IPIP-524: Gateway codec conversion disabled by default * More reliable IPNS over PubSub * New ipfs diag datastore commands * New ipfs swarm addrs autonat command * Improved ipfs p2p tunnels with foreground mode * Friendlier ipfs dag stat output * ipfs key improvements * More reliable content providing after startup * No unnecessary DNS lookups for AutoTLS addresses * Configurable gateway request duration limit * Recovery from corrupted MFS root * RPC Content-Type headers for binary responses * New ipfs name get|put commands * Long listing format for ipfs ls * WebUI Improvements * Fixed Prometheus metrics bloat on popular subdomain gateways * libp2p announces all interface addresses * Badger v1 datastore slated for removal this year * Go 1.26 * Dependency updates - github.com/ipld/go-ipld-prime v0.22.0 (boo#1261818, CVE-2026-35480) - Update to 0.39.0 * Made DHT Sweep provider the default * Fast root CID providing for immediate content discovery * Persist provider state across restarts * Detailed statistics with ipfs provide stat * Add warnings about slow reprovide * Rename: provider_provides_total * Automatic UPnP recovery after router restarts * No longer publish deprecated go-ipfs name * Limit for gateway range request for CDN compatibility - golang.org/x/net v0.47.0 (boo#1251613, CVE-2025-58190, boo#1251419, CVE-2025-47911) - golang.org/x/crypto v0.45.0 (boo#1253857, CVE-2025-58181) - 0.38.0 * Repository migration: simplified provide configuration * Add Experimental Sweeping DHT Provider * Expose DHT metrics * Improve gateway error pages with diagnostic tools * Update WebUI * Pin name improvements * Enforce identity CID size and ipfs files write fixes * Provide Filestore and Urlstore blocks on write * Limit MFS operation for --flush=false - Bump golang build requirement to 1.25 - Update to 0.37.0: * Anonymous telemetry for better feature prioritization * Repository migration from v16 to v17 with embedded tooling * Gateway concurrent request limits and retrieval timeouts * AutoConf: Complete control over network defaults * Clear provide queue when reprovide strategy changes * Revamped ipfs log level command * Named pins in ipfs add command * New IPNS publishing options * Custom sequence numbers in ipfs name publish * Reprovider.Strategy is now consistently respected * Reprovider.Strategy=all: improved memory efficiency * Removed unnecessary dependencies * Improved ipfs cid * Deprecated ipfs stats reprovide * AutoRelay now uses all connected peers for relay discovery * Full changelog at https://github.com/ipfs/kubo/releases/tag/v0.37.0 - Update to 0.36.0: * Full changelog at https://github.com/ipfs/kubo/releases/tag/v0.36.0 * HTTP Retrieval Client Now Enabled by Default * Bitswap Broadcast Reduction * Update go-log to v2 * Kubo now uses AutoNATv2 as a client * Overwrite option for files cp command * Gateway now supports negative HTTP Range requests * Option for filestore command to remove bad blocks * ConnMgr.SilencePeriod configuration setting exposed * Fix handling of EDITOR env var * Dependency updates kubo-0.40.1-bp157.2.9.1.src.rpm kubo-0.40.1-bp157.2.9.1.x86_64.rpm kubo-0.40.1-bp157.2.9.1.i586.rpm kubo-0.40.1-bp157.2.9.1.aarch64.rpm kubo-0.40.1-bp157.2.9.1.ppc64le.rpm kubo-0.40.1-bp157.2.9.1.s390x.rpm openSUSE-2026-129 important openSUSE Backports SLE-15-SP7 Update This update for python-jwcrypto fixes the following issues: - CVE-2022-3102: jwcrypto token substitution can lead to authentication bypass (boo#1209496) - CVE-2023-6681: denial of service Via specifically crafted JWE (boo#1219837) - CVE-2024-28102: malicious JWE token can cause denial of service (boo#1221230) - CVE-2026-39373: Memory exhaustion via crafted compressed JWE tokens (boo#1261802) python-jwcrypto-0.7-bp157.2.3.1.src.rpm python3-jwcrypto-0.7-bp157.2.3.1.noarch.rpm openSUSE-2026-136 moderate openSUSE Backports SLE-15-SP7 Update This update for mkdud fixes the following issues: version 2.6: - merge gh#openSUSE/mkdud#49 - fix "How to apply" report - minor spec file adjustments version 2.5: - merge gh#openSUSE/mkdud#48 - align with latest Agama adjustment and support Slowroll (boo#1261030) - adapt to also work with xorriso (boo#1260860) - simplify spec file - update documentation version 2.4: - merge gh#openSUSE/mkdud#47 - de-duplicate files to reduce size (boo#1258149) - update dist handling to match our official product naming more closely - update supported architecture list version 2.3: - merge gh#openSUSE/mkdud#46 - make dependence on osc package optional (boo#1254110) mkdud-2.6-bp157.2.9.1.noarch.rpm mkdud-2.6-bp157.2.9.1.src.rpm openSUSE-2026-140 low openSUSE Backports SLE-15-SP7 Update security update to Chromium 147.0.7727.101 (boo#1262174) chromedriver-147.0.7727.101-bp157.2.148.1.x86_64.rpm chromium-147.0.7727.101-bp157.2.148.1.nosrc.rpm chromium-147.0.7727.101-bp157.2.148.1.x86_64.rpm chromedriver-147.0.7727.101-bp157.2.148.1.aarch64.rpm chromium-147.0.7727.101-bp157.2.148.1.aarch64.rpm chromedriver-147.0.7727.101-bp157.2.148.1.ppc64le.rpm chromium-147.0.7727.101-bp157.2.148.1.ppc64le.rpm openSUSE-2026-145 moderate openSUSE Backports SLE-15-SP7 Update This update for ocaml-patch, opam fixes the following issues: Changes in opam: - Update to version 2.5.1 (CVE-2026-41082 boo#1262281) see included CHANGES file for details - Update to version 2.5.0 see included CHANGES file for details - Update to version 2.4.1 see included CHANGES file for details - Update to version 2.4.0 see included CHANGES file for details Changes in ocaml-patch: - Relax requirement for ocaml-rpm-macros, remove ExclusiveArch - Update to version 3.1.0 see included CHANGES.md file for details - Initial version 3.0.0 ocaml-patch-3.1.0-bp157.2.1.src.rpm ocaml-patch-3.1.0-bp157.2.1.x86_64.rpm ocaml-patch-debuginfo-3.1.0-bp157.2.1.x86_64.rpm ocaml-patch-devel-3.1.0-bp157.2.1.x86_64.rpm opam-2.5.1-bp157.2.3.1.src.rpm opam-2.5.1-bp157.2.3.1.x86_64.rpm opam-devel-2.5.1-bp157.2.3.1.x86_64.rpm opam-installer-2.5.1-bp157.2.3.1.x86_64.rpm ocaml-patch-3.1.0-bp157.2.1.i586.rpm ocaml-patch-debuginfo-3.1.0-bp157.2.1.i586.rpm ocaml-patch-devel-3.1.0-bp157.2.1.i586.rpm ocaml-patch-3.1.0-bp157.2.1.aarch64.rpm ocaml-patch-debuginfo-3.1.0-bp157.2.1.aarch64.rpm ocaml-patch-devel-3.1.0-bp157.2.1.aarch64.rpm opam-2.5.1-bp157.2.3.1.aarch64.rpm opam-devel-2.5.1-bp157.2.3.1.aarch64.rpm opam-installer-2.5.1-bp157.2.3.1.aarch64.rpm ocaml-patch-3.1.0-bp157.2.1.ppc64le.rpm ocaml-patch-debuginfo-3.1.0-bp157.2.1.ppc64le.rpm ocaml-patch-devel-3.1.0-bp157.2.1.ppc64le.rpm opam-2.5.1-bp157.2.3.1.ppc64le.rpm opam-devel-2.5.1-bp157.2.3.1.ppc64le.rpm opam-installer-2.5.1-bp157.2.3.1.ppc64le.rpm ocaml-patch-3.1.0-bp157.2.1.s390x.rpm ocaml-patch-debuginfo-3.1.0-bp157.2.1.s390x.rpm ocaml-patch-devel-3.1.0-bp157.2.1.s390x.rpm opam-2.5.1-bp157.2.3.1.s390x.rpm opam-devel-2.5.1-bp157.2.3.1.s390x.rpm opam-installer-2.5.1-bp157.2.3.1.s390x.rpm openSUSE-2026-147 moderate openSUSE Backports SLE-15-SP7 Update This update for tor fixes the following issues: - update to 0.4.8.23: * Fix a memory compare using the wrong length. This could lead to a remote crash when using the conflux subsystem (TROVE-2026-004, boo#1262302) * Fix a series of defense in depth security issues found across the codebase * Regenerate fallback directories generated on March 25, 2026. * Update the geoip files to match the IPFire Location Database, as retrieved on 2026/03/25. - includes changes from 0.4.8.22: * Avoid an out-of-bounds read error that could occur with V1-formatted EXTEND cells (TROVE-2025-016, boo#1262301) * Allow old clients to fetch the consensus even if they use version 0 of the SENDME protocol * Do not check for compression bombs for buffers smaller than 5MB (increased from 64 KB) * Improvements to directory server statistics - update to 0.4.8.21: * This release is a continuation of the previous one and addresses additional Conflux-related issues identified through further testing and feedback from relay operators. We strongly recommend upgrading as soon as possible. * Major bugfixes (conflux, exit): - When dequeuing out-of-order conflux cells, the circuit could be close in between two dequeue which could lead to a mishandling of a NULL pointer. Fixes bug 41162; * Add -mbranch-protection=standard for arm64. * Regenerate fallback directories generated on November * Update the geoip files to match the IPFire Location Database, as retrieved on 2025/11/17. * Fix a bug causing the initial tor process to hang intead of exiting with RunAsDaemon, when pluggable transports are used. - 0.4.8.20 * Add a new hardening compiler flag -fcf-protection=full * Fix the root cause of some conflux fragile asserts * Fix a series of conflux edge cases - 0.4.8.19 * Fix some clients not being able to connect to LibreSSL relays * Improve stream flow control performance tor-0.4.8.23-bp157.2.6.1.src.rpm tor-0.4.8.23-bp157.2.6.1.x86_64.rpm tor-debuginfo-0.4.8.23-bp157.2.6.1.x86_64.rpm tor-debugsource-0.4.8.23-bp157.2.6.1.x86_64.rpm tor-0.4.8.23-bp157.2.6.1.aarch64.rpm tor-debuginfo-0.4.8.23-bp157.2.6.1.aarch64.rpm tor-debugsource-0.4.8.23-bp157.2.6.1.aarch64.rpm tor-0.4.8.23-bp157.2.6.1.ppc64le.rpm tor-debuginfo-0.4.8.23-bp157.2.6.1.ppc64le.rpm tor-debugsource-0.4.8.23-bp157.2.6.1.ppc64le.rpm tor-0.4.8.23-bp157.2.6.1.s390x.rpm tor-debuginfo-0.4.8.23-bp157.2.6.1.s390x.rpm tor-debugsource-0.4.8.23-bp157.2.6.1.s390x.rpm openSUSE-2026-141 important openSUSE Backports SLE-15-SP7 Update This update for roundcubemail fixes the following issues: - update to 1.6.15 This is a security update to the stable version 1.6 of Roundcube Webmail. It provides fixes to some regressions introduced in the previous release as well a recently reported security vulnerability: SVG Animate FUNCIRI Attribute Bypass — Remote Image Loading via fill/filter/stroke, reported by class_nzm. This version is considered stable and we recommend to update all productive installations of Roundcube 1.6.x with it. Please do backup your data before updating! + Fix regression where mail search would fail on non-ascii search criteria (#10121) + Fix regression where some data url images could get ignored/lost (#10128) + Fix SVG Animate FUNCIRI Attribute Bypass — Remote Image Loading via fill/filter/stroke (boo#1261157) - update to 1.6.14 This is a security update to the stable version 1.6 of Roundcube Webmail. + Fix Postgres connection using IPv6 address (#10104) + Security: Fix pre-auth arbitrary file write via unsafe deserialization in redis/memcache session handler (boo#1261488, CVE-2026-35537) + Security: Fix bug where a password could get changed without providing the old password + Security: Fix IMAP Injection + CSRF bypass in mail search + Security: Fix remote image blocking bypass via various SVG animate attributes + Security: Fix remote image blocking bypass via a crafted body background attribute + Security: Fix fixed position mitigation bypass via use of !important + Security: Fix XSS issue in a HTML attachment preview + Security: Fix SSRF + Information Disclosure via stylesheet links to a local network hosts roundcubemail-1.6.15-bp157.2.9.1.noarch.rpm roundcubemail-1.6.15-bp157.2.9.1.src.rpm openSUSE-2026-142 important openSUSE Backports SLE-15-SP7 Update This update for Botan fixes the following issues: - CVE-2026-34582: client authentication bypass in TLS 1.3 implementation (boo#1261880) Botan-3.5.0-bp157.2.3.1.src.rpm Botan-3.5.0-bp157.2.3.1.x86_64.rpm Botan-doc-3.5.0-bp157.2.3.1.noarch.rpm libbotan-3-5-3.5.0-bp157.2.3.1.x86_64.rpm libbotan-devel-3.5.0-bp157.2.3.1.x86_64.rpm python3-botan-3.5.0-bp157.2.3.1.x86_64.rpm Botan-3.5.0-bp157.2.3.1.i586.rpm libbotan-3-5-3.5.0-bp157.2.3.1.i586.rpm libbotan-3-5-32bit-3.5.0-bp157.2.3.1.x86_64.rpm libbotan-devel-3.5.0-bp157.2.3.1.i586.rpm libbotan-devel-32bit-3.5.0-bp157.2.3.1.x86_64.rpm python3-botan-3.5.0-bp157.2.3.1.i586.rpm Botan-3.5.0-bp157.2.3.1.aarch64.rpm libbotan-3-5-3.5.0-bp157.2.3.1.aarch64.rpm libbotan-3-5-64bit-3.5.0-bp157.2.3.1.aarch64_ilp32.rpm libbotan-devel-3.5.0-bp157.2.3.1.aarch64.rpm libbotan-devel-64bit-3.5.0-bp157.2.3.1.aarch64_ilp32.rpm python3-botan-3.5.0-bp157.2.3.1.aarch64.rpm Botan-3.5.0-bp157.2.3.1.ppc64le.rpm libbotan-3-5-3.5.0-bp157.2.3.1.ppc64le.rpm libbotan-devel-3.5.0-bp157.2.3.1.ppc64le.rpm python3-botan-3.5.0-bp157.2.3.1.ppc64le.rpm Botan-3.5.0-bp157.2.3.1.s390x.rpm libbotan-3-5-3.5.0-bp157.2.3.1.s390x.rpm libbotan-devel-3.5.0-bp157.2.3.1.s390x.rpm python3-botan-3.5.0-bp157.2.3.1.s390x.rpm openSUSE-2026-151 critical openSUSE Backports SLE-15-SP7 Update This update for rclone fixes the following issues: - Update to version 1.73.5: (boo#1262439 boo#1262438) * operations: add AuthRequired to operations/fsinfo to prevent backend creation CVE-2026-41179 * rc: snapshot NoAuth at startup to prevent runtime auth bypass CVE-2026-41176 * rc: add AuthRequired to options/set to prevent auth bypass CVE-2026-41176 * s3: fix empty delimiter parameter rejected by Archiware P5 server * azureblob/auth: add Microsoft Partner Network User-Agent prefix * drime: fix User.EntryPermissions JSON unmarshalling * filter: fix debug logs that fire before logger is configured - fixes #9291 * s3: fix TencentCOS CDN endpoint failing on bucket check * iclouddrive: fix 'directory not found' error when the directory contains accent marks * Start v1.73.5-DEV development - Update to version 1.73.4: * Version v1.73.4 * Update to go 1.25.9 to fix multiple CVEs * build: fix Denial of Service due to Panic in AWS SDK for Go v2 SDK EventStream Decoder * docs: fix markdown issues in mount docs * docs: fix header level for metadata option * fix(docs): Fix link to not be language specific * filen: update SDK version * build(deps): bump golang.org/x/image from 0.36.0 to 0.38.0 * docs: note macOS 10.15 (Catalina) support with version v1.70.3 * Start v1.73.4-DEV development - Update to version 1.73.3: (CVE-2026-33186 GHSA-6g7g-w4f8-9c9x) * Version v1.73.3 * build(deps): bump github.com/buger/jsonparser from 1.1.1 to 1.1.2 * docs/jottacloud: fix broken link * docs: clarify Filen password change requires updating both password and API key in rclone config * docs: note that Filen API key changes on password change * build(deps): bump google.golang.org/grpc from 1.79.1 to 1.79.3 * s3: add multi tenant support for Cubbit * lib/rest: fix URLPathEscapeAll breaking WebDAV servers (eg nzbdav) with strict path matching * list: fix nil pointer panic in Sorter when temp file creation fails * docs: update RELEASE procedure to avoid mistakes * docs: added text to the label showing version-introduced info * Start v1.73.3-DEV development * docs: update sponsors - Update to version 1.73.2: * Version v1.73.2 * Update to go 1.25.8 to fix multiple CVEs * build: update to golang.org/x/net v0.51.0 to fix CVE-2026-27141 #9220 * docs: fix new drive flag typo in changelog * webdav: add missing headers for CORS * docs: Document unsupported S3 object keys with double slashes * docs: note that --use-server-modtime only works on some backends * internxt: fix Entry doesn't belong in directory errors on windows * drime: fix chunk-uploaded files ignoring workspace ID * docs: Fix headers hierarchy for mount.md * webdav: escape reserved characters in URL path segments * bisync: add group Sync to the bisync command * archive: extract: strip "./" prefix from tar entry paths * docs: add instructions on how to update Go version * buid: update github.com/cloudflare/circl to v1.6.3 to fix CVE-2026-1229 * Start v1.73.2-DEV development - Update to version 1.73.1: * Version v1.73.1 * build: fix build using go 1.26.0 instead of go 1.25.7 * fs/march: fix runtime: program exceeds 10000-thread limit * accounting: fix missing server side stats from core/stats rc * pacer: re-read the sleep time as it may be stale * pacer: fix deadlock between pacer token and --max-connections * build: fix CVE-2025-68121 by updating go to 1.25.7 or later - fixes #9167 * drime: fix files and directories being created in the default workspace * docs: update sponsors * copyurl: Extend copyurl docs with an example of CSV FILENAMEs starting with a path. * internxt: implement re-login under refresh logic, improve retry logic - fixes #9174 * docs: add ExchangeRate-API as a sponsor * build: bump github.com/go-chi/chi/v5 from 5.2.3 to 5.2.5 to fix GO-2026-4316 * Set list_version to 2 for FileLu S3 configuration * filelu: add multipart upload support with configurable cutoff * filelu: add multipart init response type * filelu: add comment for response body wrapping * filelu: avoid buffering entire file in memory * docs: update sponsor logos * filen: fix potential panic in case of error during upload * filen: fix 32 bit targets not being able to list directories Fixes #9142 * Start v1.73.1-DEV development - Update to version 1.73.0: * Version v1.73.0 * drive: fix crash when trying to creating shortcut to a Google doc * azureblob,azurefiles: factor the common auth into a library * test: allow backends to return fs.ErrorCantListRoot to skip Root tests * build: add privatebeta Makefile target * docs: add Internxt as a sponsor * internxt: remove use of CVE laden github.com/disintegration/imaging * docs: fix Internxt docs after merge * docs: update making a new backend docs * docs: build overview page from the backend data * docs: add tiering to the documentation - fixes #8873 * docs: add data about each backend in YAML format * docs: add bin/manage_backends.py for managing the backend data files * internxt: use rclone's http.Client to enable more features * internxt: fix lint problems * Add StarHack to contributors * Add lullius to contributors * Add jzunigax2 to contributors * internxt: add Internxt backend - fixes #7610 * drive: add --drive-metadata-force-expansive-access flag - Fixes #8980 * test_all: allow drime more time to complete * onedrive: fix permissions on onedrive Personal * onedrive: fix require sign in for Onedrive Personal * onedrive: Onedrive Personal no longer supports description * onedrive: fix setting modification time on directories for onedrive Personal * onedrive: fix cancelling multipart upload * docs: fix WinFsp link in mount documentation * cmount: make work under OpenBSD - fixes #1727 * vfs: make mount tests run on OpenBSD * docs: improve alignment of icons * protondrive: update to use forks of upstream modules * Add hyusap to contributors * Add Nick Owens to contributors * Add Mikel Olasagasti Uranga to contributors * docs: fix googlephotos custom client_id instructions * cmount: fix OpenBSD mount support. * fs: fix bwlimit: correctly report minutes * fs: fix bwlimit: use %d instead of %q for ints * mega: reverts TLS workaround * docs: fix formatting * docs: add faq entry about re-enabling old TLS ciphers * Add Marc-Philip to contributors * Add yy to contributors * filen: swap to blake3 hashes * docs: fix echo command syntax for password input * docs: fix typos in comments and messages * docs: fix use of removed rem macro * uptobox: remove backend as service is no longer available * rc: add operations/hashsumfile to sum a single file only * docs: update sponsor link * filen: add Filen backend - Fixes #6728 * sftp: fix proxy initialisation * fstest: skip Copy mutation test with --sftp-copy-is-hardlink * fstest: Make Copy mutation test work properly * Add Qingwei Li to contributors * Add Nicolas Dessart to contributors * log: fix systemd adding extra newline - fixes #9086 * oracleobjectstorage, sftp: eliminate unnecessary heap allocation * sftp,ftp: add http proxy authentication support * Add Drime backend * lib/rest: add opts.MultipartContentType to explicitly set Content-Type of attachements * dircache: allow empty string as root parent id * docs: update sponsors * s3: add provider Bizfly Cloud Simple Storage * docs: update sponsor logos * Add sys6101 to contributors * Add darkdragon-001 to contributors * Add vupn0712 to contributors * docs: add cloudinary to readme * docs: fix headers hierarchy in mount docs * s3: fix Copy ignoring storage class * serve s3: make errors in --s3-auth-key fatal - fixes #9044 * Add masrlinu to contributors * pcloud: add support for real-time updates in mount * memory: add --memory-discard flag for speed testing - fixes #9037 * Add vyv03354 to contributors * shade: Fix VFS test issues * docs: mention use of ListR feature in ls docs * build: bump actions/download-artifact from 6 to 7 * build: bump actions/upload-artifact from 5 to 6 * build: bump actions/cache from 4 to 5 * docs: reflects the fact that pCloud supports ListR * S3: Linode: updated endpoints to use ISO 3166-1 alpha-2 standard * sync: fix error propagation in tests (#9025) * Changelog updates from Version v1.72.1 * s3: add more regions for Selectel * Add jhasse-shade to contributors * Add Shade backend * log: fix backtrace not going to the --log-file #9014 * build: fix lint warning after linter upgrade * Add Jonas Tingeborn to contributors * Add Tingsong Xu to contributors * configfile: add piped config support - fixes #9012 * fs/log: fix PID not included in JSON log output * build: adjust lint rules to exclude new errors from linter update * proxy: fix error handling in tests spotted by the linter * Add Johannes Rothe to contributors * Add Leo to contributors * Add Vladislav Tropnikov to contributors * Add Cliff Frey to contributors * Add vicerace to contributors * b2: Fix listing root buckets with unrestricted API key * googlecloudstorage: improve endpoint parameter docs * serve webdav: implement download-directory-as-zip * s3: The ability to specify an IAM role for cross-account interaction * azureblob: add metadata and tags support across upload and copy paths * refactor: use strings.Cut to simplify code * docs: note where a provider has an S3 compatible alternative * Add Shade as sponsor * Add Duncan Smart to contributors * Add Diana to contributors * docs: Clarify OAuth scopes for readonly Google Drive access * b2: support authentication with new bucket restricted application keys * docs: update sponsor logos * docs: fix lint error in changelog * Start v1.73.0-DEV development - Update to version 1.72.1: * Version v1.72.1 * s3: add more regions for Selectel * log: fix backtrace not going to the --log-file #9014 * build: fix lint warning after linter upgrade * configfile: add piped config support - fixes #9012 * fs/log: fix PID not included in JSON log output * build: adjust lint rules to exclude new errors from linter update * proxy: fix error handling in tests spotted by the linter * googlecloudstorage: improve endpoint parameter docs * docs: note where a provider has an S3 compatible alternative * Add Shade as sponsor * docs: Clarify OAuth scopes for readonly Google Drive access * docs: update sponsor logos * docs: fix lint error in changelog * Start v1.72.1-DEV development - Update to version 1.72.0: * Version v1.72.0 * rc: fix formatting in job/batch * test speed: fix formatting of help * docs: update sponsor logos * build: bump actions/checkout from 5 to 6 * s3: add multi-part-upload support for If-Match and If-None-Match * rc: config/unlock: rename parameter to `configPassword` accept old as well * rc: correct names of parameters in job/list output * Add Nikolay Kiryanov to contributors * rc: add `executeId` to job statuses - fixes #8972 * build: bump golang.org/x/crypto from 0.43.0 to 0.45.0 to fix CVE-2025-58181 * s3: fix single file copying behavior with low permission - Fixes #8975 * docs: onedrive: note how to backup up any user's data * Add Dominik Sander to contributors * Add jijamik to contributors * box: allow to configure with config file contents * http: add basic metadata and provide it via serve * ftp: fix transfers from servers that return 250 ok messages * b2: allow individual old versions to be deleted with --b2-versions - fixes #1626 * build: fix tls: failed to verify certificate: x509: negative serial number * Add Sean Turner to contributors * s3: add support for --upload-header If-Match and If-None-Match * fix: comment typos * dropbox: fix error moving just created objects - fixes #8881 * s3: add --s3-use-data-integrity-protections to fix BadDigest error in Alibaba, Tencent * rc: make sure fatal errors don't crash rclone - fixes #8955 * pacer: factor call stack searching into its own package * rc: add osVersion, osKernel and osArch to core/version * build: update all dependencies * build(deps): bump golangci/golangci-lint-action from 8 to 9 * webdav: fix out of memory with sharepoint-ntlm when uploading large file * testserver: fix owncloud test server startup * Add aliaj1 to contributors * ulozto: Fix downloads returning HTML error page * docs: adjust spectra logic example endpoint name * docs: update version introduced to v1.70 in doi docs * testserver: fix HDFS server after run.bash adjustments * testserver: remind developers about allocating a port * testserver: make run.bash variables less likely to collide with scripts * testserver: fix seafile servers messing up _connect string * testserver: make sure TestWebdavInfiniteScale uses an assigned port * testserver: make sure we don't overwrite the NAME variable set * Add n4n5 to contributors * Add Alex to contributors * Add Copilot to contributors * docs: update contributing docs regarding backend documentation * rc: add jobs stats * docs: fix alignment of some of the icons in the storage system dropdown * docs: run markdownlint on _index.md * docs: fix markdownlint issues and other styling improvements in backend command docs * docs: fix markdownlint issue md046/code-block-style in backend command docs * docs: fix missing punctuation in backend commands short description * docs: fix markdownlint issues in backend command generated output * build: improve backend docs autogenerated marker line * backend/compress: add zstd compression * sftp: fix zombie SSH processes with --sftp-ssh - Fixes #8929 * testserver: fix tests failing due to stopped servers * docs: add new integration tester site link * docs: update the method for running integration tests * bisync: fix failing tests * Add SublimePeace to contributors * b2: fix "expected a FileSseMode but found: ''" * docs: s3: clarify multipart uploads memory usage * test_all: fix detection of running servers * accounting: add AccountReadN for use in cluster * fs: add NonDefaultRC for discovering options in use * fs: move tests into correct files * rc: add NewJobFromBytes for reading jobs from non HTTP transactions * rc: add job/batch for sending batches of rc commands to run concurrently * Add Ted Robertson to contributors * Add Joseph Brownlee to contributors * Add fries1234 to contributors * Add Fawzib Rojas to contributors * Add Riaz Arbi to contributors * Add Lukas Krejci to contributors * Add Adam Dinwoodie to contributors * Add dulanting to contributors * docs: add AppArmor restrictions to rclone mount * check: improved reporting of differences in sizes and contents * mega: implement 2FA login * docs: change to light code block style to better match overall theme * docs: fix various markdownlint issues * build: restrict the markdown languages to use for code blocks * docs: fix various markdownlint issues * docs: fix markdownlint issue md013/line-length * docs: change syntax hightlighting for command examples from sh to console * docs: Clarify remote naming convention * b2: Add Server-Side encryption support * Added rclone archive command to create and read archive files * accounting: add io.Seeker/io.ReaderAt support to accounting.Account * operations: add ReadAt method to ReOpen * fstest: add ResetRun to allow the remote to be reset in tests * gcs: fix --gcs-storage-class to work with server side copy for objects * ulozto: implement the about functionality * local: add --skip-specials to ignore special files * swift: Report disk usage in segment containers * refactor: use strings.Builder to improve performance * Archive backend to read archives on cloud storage. * vfs: remove unecessary import in tests to fix import cycles * Add Lakshmi-Surekha to contributors * Add Andrew Gunnerson to contributors * Add divinity76 to contributors * build: enable support for aix/ppc64 * rc: fix name of "queue" JSON key in docs for vfs/cache * cmount: windows: improve error message on missing winfsp * docs: add the Provider to the options examples in the backend docs * Add Aneesh Agrawal to contributors * Add viocha to contributors * Add reddaisyy to contributors * fs: remove unnecessary Seek call on log file * s3: make it easier to add new S3 providers * build(deps): bump actions/upload-artifact from 4 to 5 * build(deps): bump actions/download-artifact from 5 to 6 * ftp: fix SOCK proxy support - fixes #8892 (#8918) * webdav: Add Access-Control-Max-Age header for CORS preflight caching - fixes #5078 * webdav: use SpaceSepList to parse bearer token command * refactor: use strings.Builder to improve performance * docs: re-arrange sponsors page * docs: add Spectra Logic as a sponsor * Add Oleksandr Redko to contributors * build: enable all govet checks (except fieldalignment and shadow) and fix issues. * march: fix --no-traverse being very slow - fixes #8860 * Add vastonus to contributors * s3: add new FileLu S5 endpoints * build: remove obsolete build tag * azurefiles: add ListP interface - #4788 * dropbox: add ListP interface - #4788 * webdav: add ListP interface - #4788 * pcloud: add ListP interface - #4788 * box: add ListP interface - #4788 * onedrive: add ListP interface - #4788 * drive: add ListP interface - #4788 * Add hunshcn to contributors * webdav: optimize bearer token fetching with singleflight * Changelog updates from Version v1.71.2 * lib/http: cleanup indentation and other whitespace in http serve template * docs: improve formatting of http serve template parameters * build: stop markdown linter leaving behind docker containers * Add Marco Ferretti to contributors * s3: add cubbit as provider * s3: add servercore as a provider * docs: update sponsors * docs: update sponsor images * docs: update privacy policy with a section on user data * Add Dulani Woods to contributors * Add spiffytech to contributors * gcs: add region us-east5 - fixes #8863 * jottacloud: refactor service list from map to slice to get predefined order * jottacloud: added support for traditional oauth authentication also for the main service * oauthutil: improved debug logs from token refresh * backend: add S3 provider for Hetzner object storage #8183 * jottacloud: improved token refresh handling * s3: provider reordering * index: add missing providers * docs: add missing ` * s3: add rabata as a provider * mega: fix 402 payment required errors - fixes #8758 * Add Andrew Ruthven to contributors * Add Microscotch to contributors * Add iTrooz to contributors * build: Bump SwiftAIO container to a newer one * build: Retry stopping the test server * build: Increase attempts to connect to test server * swift: If storage_policy isn't set, use the root containers policy * proton: automated 2FA login with OTP secret key * serve s3: fix log output to remove the EXTRA messages * docs/jottacloud: update description of invalid_grant error according to changes * jottacloud: add support for MediaMarkt Cloud as a whitelabel service * s3: add FileLu S5 provider * docs: fix variants of --user-from-header * vfs: fix chunker integration test * test_all: give TestZoho: extra time as it has been timing out * test_all: give TestCompressDrive: extra time as it has been timing out * rclone config string: reduce quoting with Human rendering for strings #8859 * Add juejinyuxitu to contributors * docs/jottacloud: update documentation with new whitelabel services and changed configuration flow * jottacloud: abort attempts to run unsupported rclone authorize command * jottacloud: minor adjustment of texts in config ui * jottacloud: add support for Let's Go Cloud (from MediaMarkt) as a whitelabel service * jottacloud: fix authentication for whitelabel services from Elkjøp subsidiaries * jottacloud: refactor config handling of whitelabel services to use openid provider configuration * jottacloud: remove nil error object from error message * jottacloud: fix legacy authentication * docs: add remote setup page to main docs dropdown * docs: update remote setup page * docs: add link from authorize command docs to remote setup docs * docs: lowercase internet and web browser instead of Internet browser * docs: use the term backend name instead of fs name for authorize command * add `rclone config string` for making connection strings #8859 * config: add more human readable configmap.Simple output * serve http: download folders as zip * s3: reorder providers to be in alphabetical order * refactor: use strings.FieldsFuncSeq to reduce memory allocations * accounting: add SetMaxCompletedTransfers method to fix bisync race #8815 * accounting: add RemoveDoneTransfers method to fix bisync race #8815 * bisync: fix race when CaptureOutput is used concurrently #8815 * build: update all dependencies * Makefile: remove deprecated go mod usage * azurefiles: Fix server side copy not waiting for completion - fixes #8848 * Changelog updates from Version v1.71.1 * test_all: fix branch name in test report * pacer: fix deadlock with --max-connections * Revert "azureblob: fix deadlock with --max-connections with InvalidBlockOrBlob errors" * Add Youfu Zhang to contributors * Add Matt LaPaglia to contributors * smb: optimize smb mount performance by avoiding stat checks during initialization * pikpak: fix unnecessary retries by using URL expire parameter - fixes #8601 * serve http: fix: logging url on start * docs: fix typo * b2: fix 1TB+ uploads * march: fix deadlock when using --fast-list on syncs - fixes #8811 * build: slices.Contains, added in go1.21 * build: use strings.CutPrefix introduced in go1.20 * build: use sequence Split introduced in go1.24 * build: use "for i := range n", added in go1.22 * build: modernize benchmark usage * build: in tests use t.Context, added in go1.24 * build: replace interface{} by the 'any' type added in go1.18 * build: use the built-in min or max functions added in go1.21 * Add russcoss to contributors * build: remove x := x made unnecessary by the new semantics of loops in go1.22 * lib/pool: fix unreliable TestPoolMaxBufferMemory test * Update S-Pegg1 email * Add Jean-Christophe Cura to contributors * pool: fix flaky unreliability test * copyurl: reworked code, added concurrency and tests * copyurl: Added --url to read urls from csv file - #8127 * docs: HDFS: erasure coding limitation #8808 * fstest: fix slice bounds out of range error when using -remotes local * local: fix time zones on tests * s3: added SpectraLogic as a provider * local: fix rmdir "Access is denied" on windows - fixes #8363 * bisync: fix error handling for renamed conflicts * docs: pcloud: update root_folder_id instructions * operations: fix partial name collisions for non --inplace copies * drive: docs: update making your own client ID instructions * swift: add ListP interface - #4788 * memory: add ListP interface - #4788 * oraceobjectstorage: add ListP interface - #4788 * B2: add ListP interface - #4788 * azureblob: add ListP interface - #4788 * googlecloudstorage: add ListP interface - Fixes #8763 * build: bump actions/github-script from 7 to 8 * build: bump actions/setup-go from 5 to 6 * bisync: fix chunker integration tests * bisync: fix koofr integration tests * internetarchive: fix server side copy files with spaces * lib/rest: add URLPathEscapeAll to URL escape as many chars as possible * Add alternate email for dougal to contributors * test speed: add command to test a specified remotes speed * docs: add link to MEGA S4 from MEGA page * Add Robin Rolf to contributors * Add anon-pradip to contributors * s3: Add Intercolo provider * gendocs: refactor and add logging of skipped command docs * gendocs: ignore missing rclone_mount.md, rclone_nfsmount.md, rclone_serve_nfs.md on windows * bin: add bisync.md generator * fstest: refactor to decouple package from implementation * gendocs: ignore missing rclone_mount.md on macOS * bisync: ignore expected "nothing to transfer" differences on tests * bisync: fix TestBisyncConcurrent ignoring -case * bisync: make number of parallel tests configurable * docs: clarify subcommand description in rclone usage * docs: fix description of regex syntax of name transform * docs: add some more details about supported regex syntax * makefile: fix lib/transform docs not getting updated * lib/pool: fix flaky test which was causing timeouts * Add dougal to contributors * vfs: fix SIGHUP killing serve instead of flushing directory caches * bisync: use unique stats groups on tests * fstest: stop errors in test cleanup changing the global stats * Add Motte to contributors * Add Claudius Ellsel to contributors * build: add local markdown linting to make check * lsf: add support for unix and unixnano time formats * docs: remove broken links from rc to commands * hashsum: changed output format when listing algorithms * docs: add example of how to add date as suffix * box: fix about after change in API return - fixes #8776 * Add skbeh to contributors * Add Tilman Vogel to contributors * docs: fix incorrectly escaped windows path separators * build: restore error handling in gendocs * combine: propagate SlowHash feature * docs/oracleobjectstorage: add introduction before external links and remove broken link * docs: fix markdown lint issues in backend docs * docs: fix markdown lint issues in command docs * docs: update markdown code block json indent size 2 * mount: do not log successful unmount as an error - fixes #8766 * Start v1.72.0-DEV development - Update to version 1.71.2: * Version v1.71.2 * docs: update sponsors * docs: update sponsor images * docs: update privacy policy with a section on user data * gcs: add region us-east5 - fixes #8863 * index: add missing providers * docs: add missing ` * mega: fix 402 payment required errors - fixes #8758 * docs: fix variants of --user-from-header * docs: add remote setup page to main docs dropdown * docs: update remote setup page * docs: add link from authorize command docs to remote setup docs * docs: lowercase internet and web browser instead of Internet browser * docs: use the term backend name instead of fs name for authorize command * bisync: fix race when CaptureOutput is used concurrently #8815 * azurefiles: Fix server side copy not waiting for completion - fixes #8848 * pikpak: fix unnecessary retries by using URL expire parameter - fixes #8601 * serve http: fix: logging url on start * docs: fix typo * b2: fix 1TB+ uploads * Start v1.71.2-DEV development - Update to version 1.71.1: * Version v1.71.1 * pacer: fix deadlock with --max-connections * Revert "azureblob: fix deadlock with --max-connections with InvalidBlockOrBlob errors" * march: fix deadlock when using --fast-list on syncs - fixes #8811 * docs: HDFS: erasure coding limitation #8808 * local: fix rmdir "Access is denied" on windows - fixes #8363 * bisync: fix error handling for renamed conflicts * docs: pcloud: update root_folder_id instructions * operations: fix partial name collisions for non --inplace copies * drive: docs: update making your own client ID instructions * internetarchive: fix server side copy files with spaces * lib/rest: add URLPathEscapeAll to URL escape as many chars as possible * docs: add link to MEGA S4 from MEGA page * docs: clarify subcommand description in rclone usage * docs: fix description of regex syntax of name transform * docs: add some more details about supported regex syntax * makefile: fix lib/transform docs not getting updated * vfs: fix SIGHUP killing serve instead of flushing directory caches * docs: remove broken links from rc to commands * docs: add example of how to add date as suffix * box: fix about after change in API return - fixes #8776 * docs: fix incorrectly escaped windows path separators * build: restore error handling in gendocs * combine: propagate SlowHash feature * docs/oracleobjectstorage: add introduction before external links and remove broken link * docs: fix markdown lint issues in backend docs * docs: fix markdown lint issues in command docs * docs: update markdown code block json indent size 2 * mount: do not log successful unmount as an error - fixes #8766 * Start v1.71.1-DEV development - Update to version 1.71.0: * Version v1.71.0 * fs: tls: add --client-pass support for encrypted --client-key files * ftp: make TLS config default to global TLS config - Fixes #6671 * fshttp: return *Transport rather than http.RoundTripper from NewTransport * bisync: release from beta * bisync: fix markdown formatting issues flagged by linter in docs * bisync: fix --no-slow-hash settings on path2 * Add cui to contributors * docs: add code of conduct * lib/mmap: convert to using unsafe.Slice to avoid deprecated reflect.SliceHeader * build: bump golangci/golangci-lint-action from 6 to 8 * build: update golangci-lint configuration * build: ignore revive lint issue var-naming: avoid meaningless package names * build: fix lint issue: should omit type error from declaration * Revert "build: downgrade linter to use go1.24 until it is fixed for go1.25" * build: migrate golangci-lint configuration to v2 format * s3: add --s3-use-arn-region flag - fixes #8686 * Add Binbin Qian to contributors * Add Lucas Bremgartner to contributors * docs: add tips about outdated certificates * FAQ: specify the availability of SSL_CERT_* env vars * pikpak: add file name integrity check during upload * bisync: skip TestBisyncConcurrent on non-local * internetarchive: fix server side copy files with & * Revert "s3: set useAlreadyExists to false for Alibaba OSS" * Add huangnauh to contributors * smb: improve multithreaded upload performance using multiple connections * bisync: fix data races on tests * bisync: remove unused parameters * bisync: deglobalize to fix concurrent runs via rc - fixes #8675 * mount: fix identification of symlinks in directory listings * s3: fix Content-Type: aws-chunked causing upload errors with --metadata * config: fix problem reading pasted tokens over 4095 bytes * config: fix test failure on local machine with a config file * log: add log rotation to --log-file - fixes #2259 * accounting: Fix stats (speed=0 and eta=nil) when starting jobs via rc * docs: update overview table for oracle object storage * Add praveen-solanki-oracle to contributors * oracleobjectstorage: add read only metadata support - Fixes #8705 * doc: sync doesn't symlinks in dest without --link - Fixes #8749 * s3: sort providers in docs * s3: add docs for Exaba Object Storage * azureblob: fix double accounting for multipart uploads - fixes #8718 * pool: fix deadlock with --max-buffer-memory * azureblob: fix deadlock with --max-connections with InvalidBlockOrBlob errors * build: downgrade linter to use go1.24 until it is fixed for go1.25 * build: update all dependencies * build: update to go1.25 and make go1.24 the minimum required version * Add Timothy Jacobs to contributors * bisync: fix time.Local data race on tests - fixes #8272 * googlecloudstorage: fix rateLimitExceeded error on bisync tests * accounting: populate transfer snapshot with "what" value * build(deps): bump actions/checkout from 4 to 5 * build(deps): bump actions/download-artifact from 4 to 5 * googlecloudstorage: enable bisync integration tests * fstest: fix parsing of commas in -remotes * azurefiles: fix hash getting erased when modtime is set * bisync: disable --sftp-copy-is-hardlink on sftp tests * local: fix --copy-links on Windows when listing Junction points * operations: fix too many connections open when using --max-memory * pool: fix deadlock with --max-memory and multipart transfers * pool: unify memory between multipart and asyncreader to use one pool * docs: update links to rcloneui * docs: add MEGA S4 as a gold sponsor * about: fix potential overflow of about in various backends * box: fix about: cannot unmarshal number 1.0e+18 into Go struct field * oauthutil: fix nil pointer crash when started with expired token * rc: listremotes should send an empty array instead of nil * config: add error if RCLONE_CONFIG_PASS was supplied but didn't decrypt config * rc: add config/unlock to unlock the config file * ftp: allow insecure TLS ciphers - fixes #8701 * s3: set useAlreadyExists to false for Alibaba OSS * docs: update sponsors page * fs: allow global variables to be overriden or set on backend creation * fs: allow setting of --http_proxy from command line * tests: cloudinary: remove test ignore after merging fix from #8707 * Add Antonin Goude to contributors * Add Yu Xin to contributors * Add houance to contributors * Add Florent Vennetier to contributors * Add n4n5 to contributors * Add Albin Parou to contributors * Add liubingrun to contributors * sync: fix testLoggerVsLsf when backend only reads modtime * sync: fix testLoggerVsLsf checking wrong fs * docs: fix make opengraph tags absolute as not all sites understand relative * docs: update contributing guide regarding markdown documentation * build: add markdown linting to workflow * build: add markdownlint configuration * docs: minor format cleanup install.md * docs: fix markdownlint issue md049/emphasis-style * docs: fix markdownlint issue md036/no-emphasis-as-heading * docs: fix markdownlint issue md033/no-inline-html * docs: fix markdownlint issue md025/single-title * docs: fix markdownlint issue md041/first-line-heading * docs: fix markdownlint issue md001/heading-increment * docs: fix markdownlint issue md003/heading-style * docs: fix markdownlint issue md034/no-bare-urls * docs: fix markdownlint issue md010/no-hard-tabs * docs: fix markdownlint issue md013/line-length * docs: fix markdownlint issue md038/no-space-in-code * docs: fix markdownlint issue md040/fenced-code-language * docs: fix markdownlint issue md046/code-block-style * docs: fix markdownlint issue md037/no-space-in-emphasis * docs: fix markdownlint issue md059/descriptive-link-text * docs: fix markdownlint issues md007/ul-indent md004/ul-style * docs: fix markdownlint issue md012/no-multiple-blanks * docs: fix markdownlint issue md058/blanks-around-tables * docs: fix markdownlint issue md022/blanks-around-headings * docs: fix markdownlint issue md031/blanks-around-fences * docs: fix markdownlint issue md032/blanks-around-lists * docs: fix markdownlint issue md009/no-trailing-spaces * docs: fix markdownlint issue md014/commands-show-output * docs: fix markdownlint issues md007/ul-indent md004/ul-style (bin/update-authors.py) * docs: fix markdownlint issues md007/ul-indent md004/ul-style (authors.md) * docs: add opengraph tags for website social media previews * mount: note that bucket based remotes can use directory markers * pikpak: add docs for methods to clarify name collision handling and restrictions * pikpak: enhance Copy method to handle name collisions and improve error management * pikpak: enhance Move for better handling of error and name collision * accounting: fix incorrect stats with --transfers=1 - fixes #8670 * rc: fix `operations/check` ignoring `oneWay` parameter * s3: add OVHcloud Object Storage provider * docs: rc: fix description of how to read local config * build: limit check for edits of autogenerated files to only commits in a pull request * build: extend check for edits of autogenerated files to all commits in a pull request * smb: refresh Kerberos credentials when ccache file changes * s3: fix multipart upload and server side copy when using bucket policy SSE-C * backend/s3: Fix memory leak by cloning strings #8683 * purge: exit with a fatal error if filters are set on `rclone purge` * docs: Add Backblaze as a Platinum sponsor * Add Sam Pegg to contributors * googlephotos: added warning for Google Photos compatability-fixes #8672 * test: remove flakey TestChunkerChunk50bYandex: test * docs: Consolidate entries for Josh Soref in contributors * docs: remove dead link to example of writing a plugin * filescom: document that hashes need to be enabled - fixes #8674 * Add Sudipto Baral to contributors * docs: fix incorrect json syntax in sample output * docs: ignore author email piyushgarg80 * docs: fix header level for --dump option section * docs: use stringArray as parameter type * docs: use consistent markdown heading syntax * imagekit: remove server side Copy method as it was downloading and uploading * imagekit: don't low level retry uploads * imagekit: return correct error when attempting to upload zero length files * smb: add --smb-kerberos-ccache option to set kerberos ccache per smb backend * test: fix smb kerberos integration tests * Changelog updates from Version v1.70.3 * config: make parsing of duration options consistent * docs: cleanup usage * docs: break long lines * docs: add option value type to header where missing * docs: mention that identifiers in option values are case insensitive * docs: rewrite dump option examples * docs: use markdown inline code format for dump option headers that are real examples * docs: change spelling from server side to server-side * docs: cleanup header casing * docs: rename OSX to macOS * docs: fix list and code block issue * docs: consistent markdown list format * docs: split section with general description of options with that documenting actual main options * docs: improve description of option types * docs: use space instead of equal sign to separate option and value in headers * docs: use comma to separate short and long option format in headers * docs: remove use of uncommon parameter types * docs: remove use of parameter type FILE * docs: remove use of parameter type DIR * docs: remove use of parameter type CONFIG_FILE * docs: change use of parameter type N and NUMBER to int consistent with flags and cli help * docs: change use of parameter type TIME to Duration consistent with flags and cli help * docs: change use of parameter type BANDWIDTH_SPEC to BwTimetable consistent with flags and cli help * docs: change use of parameter type SIZE to SizeSuffix consistent with flags and cli help * docs: cleanup markdown header format * docs: explain separated list parameters * azureblob: fix server side copy error "requires exactly one scope" * test: remove and ignore failing integration tests * docs: explain the json log format in more detail * check: fix difference report (was reporting error counts) * serve sftp: add support for more hashes (crc32, sha256, blake3, xxh3, xxh128) * serve sftp: extract function refactoring for handling hashsum commands * sftp: add support for more hashes (crc32, sha256, blake3, xxh3, xxh128) * local: configurable supported hashes * hash: add support for BLAKE3, XXH3, XXH128 * vfs: make integration TestDirEntryModTimeInvalidation test more reliable * smb: skip non integration tests when doing integration tests * seafile: fix integration test errors by adding dot to encoding * linkbox: fix upload error "user upload file not exist" * build: remove integration tests which are too slow * march: fix deadlock when using --no-traverse - fixes #8656 * pikpak: improve error handling for missing links and unrecoverable 500s * pikpak: rewrite upload to bypass AWS S3 manager - fixes #8629 * test: fix TestSMBKerberos password expiring errors * Add Vikas Bhansali to contributors * Add Ross Smith II to contributors * azureblob,azurefiles: add support for client assertion based authentication * webdav: fix setting modtime to that of local object instead of remote * build: set default shell to bash in build.yml * docs: fix filescom/filelu link mixup * Add Davide Bizzarri to contributors * fix: b2 versionAt read metadata * test: make TestWebdavInfiniteScale startup more reliable * test_all: add _connect_delay for slow starting servers * docs: update link for filescom * test_all: make TestWebdav InfiniteScale integration tests run * test_all: make SMB with Kerberos integration tests run properly * test_all: allow an env parameter to set environment variables * Changelog updates from Version v1.70.2 * Add Ali Zein Yousuf to contributors * Add $@M@RTH_ to contributors * docs: update client ID instructions to current Azure AD portal - fixes #8027 * s3: add Zata provider * pacer: fix nil pointer deref in RetryError - fixes #8077 * docs: Remove Warp as a sponsor * docs: add files.com as a Gold sponsor * docs: add links to SecureBuild docker image * Add curlwget to contributors * convmv: fix moving to unicode-equivalent name - fixes #8634 * transform: add truncate_keep_extension and truncate_bytes * convmv: make --dry-run logs less noisy * sync: avoid copying dir metadata to itself * docs: fix some function names in comments * combine: fix directory not found errors with ListP interface - Fixes #8627 * local: fix --skip-links on Windows when skipping Junction points * Add Marvin Rösch to contributors * build: bump github.com/go-chi/chi/v5 from 5.2.1 to 5.2.2 to fix GHSA-vrw8-fxc6-2r93 * copy,copyto,move,moveto: implement logger flags to store result of sync * log: fix deadlock when using systemd logging - fixes #8621 * docs: googlephotos: detail how to make your own client_id - fixes #8622 * Add necaran to contributors * mega: fix tls handshake failure - fixes #8565 * Changelog updates from Version v1.70.1 * Add jinjingroad to contributors * docs: DOI grammar error * docs: lib/transform: cleanup formatting * lib/transform: avoid empty charmap entry * chore: fix function name * convmv: fix spurious "error running command echo" on Windows * docs: client-credentials is not support by all backends * Start v1.71.0-DEV development - Update to version 1.70.3: * Version v1.70.3 * azureblob: fix server side copy error "requires exactly one scope" * docs: explain the json log format in more detail * check: fix difference report (was reporting error counts) * linkbox: fix upload error "user upload file not exist" * march: fix deadlock when using --no-traverse - fixes #8656 * pikpak: improve error handling for missing links and unrecoverable 500s * webdav: fix setting modtime to that of local object instead of remote * fix: b2 versionAt read metadata * Start v1.70.3-DEV development * docs: fix filescom/filelu link mixup * docs: update link for filescom - Update to version 1.70.2: * Version v1.70.2 * docs: update client ID instructions to current Azure AD portal - fixes #8027 * mega: fix tls handshake failure - fixes #8565 * pacer: fix nil pointer deref in RetryError - fixes #8077 * convmv: fix moving to unicode-equivalent name - fixes #8634 * convmv: make --dry-run logs less noisy * sync: avoid copying dir metadata to itself * combine: fix directory not found errors with ListP interface - Fixes #8627 * local: fix --skip-links on Windows when skipping Junction points * build: bump github.com/go-chi/chi/v5 from 5.2.1 to 5.2.2 to fix GHSA-vrw8-fxc6-2r93 * log: fix deadlock when using systemd logging - fixes #8621 * docs: googlephotos: detail how to make your own client_id - fixes #8622 * pikpak: fix uploads fail with "aws-chunked encoding is not supported" error * Start v1.70.2-DEV development * docs: Remove Warp as a sponsor * docs: add files.com as a Gold sponsor * docs: add links to SecureBuild docker image - Update to version 1.70.1: * Version v1.70.1 * docs: DOI grammar error * docs: lib/transform: cleanup formatting * lib/transform: avoid empty charmap entry * chore: fix function name * convmv: fix spurious "error running command echo" on Windows * docs: client-credentials is not support by all backends * Start v1.70.1-DEV development - Update to version 1.70.0: * Version v1.70.0 * ftp: add --ftp-http-proxy to connect via HTTP CONNECT proxy * pcloud: fix "Access denied. You do not have permissions to perform this operation" on large uploads * operations: fix TransformFile when can't server-side copy/move * fstest: fix -verbose flag after logging revamp * googlecloudstorage: fix directory marker after // changes in #5858 * s3: fix directory marker after // changes in #5858 * azureblob: fix directory marker after // changes in #5858 * tests: ignore some more habitually failing tests * googlephotos: fix typo in error message - Fixes #8600 * s3: MEGA S4 support * Add Ser-Bul to contributors * chunker: fix double-transform * docs: mailru: added note about permissions level choice for the apps password * tests: ignore habitually failing tests and backends * docs: link to asciinema rather than including the js * docs: target="_blank" must have rel="noopener" * sync: fix testLoggerVsLsf when dst is local * docs: fix FileLu docs * build: update all dependencies * onedrive: fix crash if no metadata was updated * Add kingston125 to contributors * Add Flora Thiebaut to contributors * Add FileLu cloud storage backend * doi: add new doi backend * build: fix check_autogenerated_edits.py flagging up files that didn't exist * docs: rc: add more info on how to discover _config and _filter parameters #8584 * s3: add Exaba provider * convmv: add convmv command * lib/transform: add transform library and --name-transform flag * march: split src and dst * Add ahxxm to contributors * Add Nathanael Demacon to contributors * b2: use file id from listing when not presented in headers - fixes #8113 * fs: fix goroutine leak and improve stats accounting process * march: fix syncing with a duplicate file and directory * Add PrathameshLakawade to contributors * Add Oleksiy Stashok to contributors * docs: fix page_facing_up typo next to Lyve Cloud in README.md * backend/s3: require custom endpoint for Lyve Cloud v2 support * backend: skip hash calculation when the hashType is None - fixes #8518 * azureblob: fix multipart server side copies of 0 sized files * Add Jeremy Daer to contributors * Add wbulot to contributors * s3: add Pure Storage FlashBlade provider support (#8575) * backend/gofile: update to use new direct upload endpoint * log: add --windows-event-log-level to support Windows Event Log * fs: Remove github.com/sirupsen/logrus and replace with log/slog * Add fhuber to contributors * cmd serve s3: fix ListObjectsV2 response * Changelog updates from Version v1.69.3 * onedrive: re-add --onedrive-upload-cutoff flag * onedrive: fix "The upload session was not found" errors * Add Germán Casares to contributors * Add Jeff Geerling to contributors * googlephotos: update read only and read write scopes to meet Google's requirements. * build: update github.com/ebitengine/purego to v0.8.3 to fix mac_amd64 build * docs: add hint about config touch and config file not found * docs: add FAQ for dismissing 'rclone.conf not found' * docs: document how to keep an out of tree backend * Add Clément Wehrung to contributors * iclouddrive: fix panic and files potentially downloaded twice * docs: move --max-connections documentation to the correct place * Add Ben Boeckel to contributors * Add Tho Neyugn to contributors * docs: fix typo in s3/storj docs * serve s3: remove redundant handler initialization * Changelog updates from Version 1.69.2 * sftp: add --sftp-http-proxy to connect via HTTP CONNECT proxy * Add Jugal Kishore to contributors * docs: correct SSL docs anchor link from #ssl-tls to #tls-ssl * drive: metadata: fix error when setting copy-requires-writer-permission on a folder * docs: Update contributors * build: bump golang.org/x/net from 0.36.0 to 0.38.0 * Update README.md * docs: fix typos via codespell * webdav: add an ownCloud Infinite Scale vendor that enables tus chunked upload support * onedrive: fix metadata ordering in permissions * Add Ben Alex to contributors * Add simwai to contributors * iclouddrive: fix so created files are writable * cmd/authorize: show required arguments in help text * cloudinary: var naming convention - #8416 * cloudinary: automatically add/remove known media files extensions #8416 * Add Markus Gerstel to contributors * Add Enduriel to contributors * Add huanghaojun to contributors * Add simonmcnair to contributors * Add Samantha Bowen to contributors * s3: documentation regression - fixes #8438 * hash: add SHA512 support for file hashes * vfs: fix inefficient directory caching when directory reads are slow * docs: update fuse version in docker docs * fs/config: Read configuration passwords from stdin even when terminated with EOF - fixes #8480 * cmd/gitannex: Reject unknown layout modes in INITREMOTE * cmd/gitannex: Add configparse.go and refactor * cmd/gitannex: Permit remotes with options * serve ftp: add serve rc interface * serve sftp: add serve rc interface * serve restic: add serve rc interface * serve s3: add serve rc interface * serve dlna: add serve rc interface * serve webdav: add serve rc interface - fixes #4505 * serve http: add serve rc interface * serve nfs: add serve rc interface * serve: Add rc control for serve commands #4505 * configstruct: add SetAny to parse config from the rc * rc: In options/info make FieldName contain a "." if it should be nested * serve restic: convert options to new style * serve s3: convert options to new style * serve http: convert options to new style * serve webdav: convert options to new style * auth proxy: convert options to new style * auth proxy: add VFS options parameter for use for default VFS * serve: make the servers self registering * lib/http: fix race between Serve() and Shutdown() * lib/http: add Addr() method to return the first configured server address * Add Danny Garside to contributors * docs: fix minor typo in box docs * sync: implement --list-cutoff to allow on disk sorting for reduced memory use * march: Implement callback based syncing * list: add ListDirSortedFn for callback oriented directory listing * list: Implement Sorter to sort directory entries * cache: mark ListP as not supported yet * hasher: implement ListP interface * compress: implement ListP interface * chunker: mark ListP as not supported yet * union: mark ListP as not supported yet * crypt: implement ListP interface * combine: implement ListP interface * s3: Implement paged listing interface ListP * list: add WithListP helper to implement List for ListP backends * walk: move NewListRHelper into list.Helper to avoid circular dependency * fs: define ListP interface for paged listing #4788 * accounting: Add listed stat for number of directory entries listed * walk: factor Listing helpers into their own file and add tests * serve nfs: make metadata files have special file handles * serve nfs: change the format of --nfs-cache-type symlink file handles * vfs: add --vfs-metadata-extension to expose metadata sidecar files * docs: Add rcloneui.com as Silver Sponsor * Add Klaas Freitag to contributors * Add eccoisle to contributors * Add Fernando Fernández to contributors * Add alingse to contributors * Add Jörn Friedrich Dreyer to contributors * docs: replace option --auto-filename-header with --header-filename * build: update github.com/golang-jwt/jwt/v5 from 5.2.1 to 5.2.2 to fix CVE-2025-30204 * docs/googlephotos: fix typos * build: bump github.com/golang-jwt/jwt/v4 from 4.5.1 to 4.5.2 * operations: fix call fmt.Errorf with wrong err * webdav: retry propfind on 425 status * Add --max-connections to control maximum backend concurrency * rc: fix debug/* commands not being available over unix sockets * cmd/gitannex: Prevent tests from hanging when assertion fails * cmd/gitannex: Add explicit timeout for mock stdout reads in tests * http: correct root if definitely pointing to a file - fixes #8428 * pool: add --max-buffer-memory to limit total buffer memory usage * filter: Add `--hash-filter` to deterministically select a subset of files * build: update golang.org/x/net to 0.36.0. to fix CVE-2025-22869 * rc: add add short parameter to core/stats to not return transferring and checking * fs: fix corruption of SizeSuffix with "B" suffix in config (eg --min-size) * filters: show --min-size and --max-size in --dump filters * build: check docs for edits of autogenerated sections * Add jack to contributors * docs: fix incorrect mentions of vfs-cache-min-free-size * fs/object: fix memory object out of bounds Seek * serve nfs: fix unlikely crash * docs: update minimum OS requirements for go1.24 * cmd/gitannex: Tweak parsing of "rcloneremotename" config * cmd/gitannex: Drop var rebindings now that we have go1.23 * docs: add note for using rclone cat for slicing out a byte range from a file * rcserver: improve content-type check * build: modernize Go usage * build: update all dependencies and fix deprecations * build: update golang.org/x/crypto to v0.35.0 to fix CVE-2025-22869 * build: make go1.23 the minimum go version * cmd/gitannex: Add to integration tests * cmd/gitannex: Simplify verbose failures in tests * cmd/gitannex: Port unit tests to fstest * vfs: fix integration test failures * azureblob: fix errors not being retried when doing single part copy * azureblob: handle retry error codes more carefully * touch: make touch obey --transfers * Add luzpaz to contributors * Add Dave Vasilevsky to contributors * docs: fix various typos * dropbox: Retry link without expiry * Dropbox: Support Dropbox Paper * chore: update contributor email * docs: correct stable release workflow * Add Lorenz Brun to contributors * Add Michael Kebe to contributors * vfs: fix directory cache serving stale data * build: fix docker plugin build - fixes #8394 * docs: improved sftp limitations * Changelog updates from Version v1.69.1 * docs: add FileLu as sponsors and tidy sponsor logos * accounting: fix percentDiff calculation -- fixes #8345 * vfs: fix the cache failing to upload symlinks when --links was specified * Add jbagwell-akamai to contributors * Add ll3006 to contributors * doc: add note on concurrency of rclone purge * s3: add latest Linode Object Storage endpoints * cmd: fix crash if rclone is invoked without any arguments - Fixes #8378 * build: disable docker builds on PRs & add missing dockerfile changes * sync: copy dir modtimes even when copyEmptySrcDirs is false - fixes #8317 * sync: add tests to check dir modtimes are kept when syncing * fix golangci-lint errors * bisync: fix false positive on integration tests * s3: split the GCS quirks into -s3-use-x-id and -s3-sign-accept-encoding #8373 * Add Joel K Biju to contributors * stats: fix the speed not getting updated after a pause in the processing * opendrive: added --opendrive-access flag to handle permissions * bisync: fix listings missing concurrent modifications - fixes #8359 * Added parallel docker builds and caching for go build in the container * smb: improve connection pooling efficiency * lib/oauthutil: fix redirect URL mismatch errors - fixes #8351 * b2: fix "fatal error: concurrent map writes" - fixes #8355 * Add Alexander Minbaev to contributors * Add Zachary Vorhies to contributors * Add Jess to contributors * s3: add IBM IAM signer - fixes #7617 * serve nfs: update docs to note Windows is not supported - fixes #8352 * cmd/config(update remote): introduce --no-output option * s3: add DigitalOcean regions SFO2, LON1, TOR1, BLR1 * sync: fix cpu spinning when empty directory finding with leading slashes * s3: fix handling of objects with // in #5858 * azureblob: fix handling of objects with // in #5858 * fstest: add integration tests objects with // on bucket based backends #5858 * fs/list: tweak directory listing assertions after allowing // names * lib/bucket: fix tidying of // in object keys #5858 * lib/bucket: add IsAllSlashes function * azureblob: remove uncommitted blocks on InvalidBlobOrBlock error * azureblob: implement multipart server side copy * azureblob: speed up server side copies for small files #8249 * azureblob: cleanup uncommitted blocks on upload errors * azureblob: factor readMetaData into readMetaDataAlways returning blob properties * Add b-wimmer to contributors * azurefiles: add --azurefiles-use-az and --azurefiles-disable-instance-discovery * onedrive: mark German (de) region as deprecated * Add Trevor Starick to contributors * Add hiddenmarten to contributors * Add Corentin Barreau to contributors * Add Bruno Fernandes to contributors * Add Moises Lima to contributors * Add izouxv to contributors * Add Robin Schneider to contributors * Add Tim White to contributors * Add Christoph Berger to contributors * azureblob: add support for `x-ms-tags` header * rc: disable the metrics server when running `rclone rc` * internetarchive: add --internetarchive-metadata="key=value" for setting item metadata * lib/batcher: Deprecate unused option: batch_commit_timeout * s3: Added new storage class to magalu provider * http servers: add --user-from-header to use for authentication * b2: add SkipDestructive handling to backend commands - fixes #8194 * vfs: close the change notify channel on Shutdown * Docker image: Add label org.opencontainers.image.source for release notes in Renovate dependency updates * docs: add OneDrive Impersonate instructions - fixes #5610 * docs: explain the stringArray flag parameter descriptor * iclouddrive: add notes on ADP and Missing PCS cookies - fixes #8310 * docs: fix typos found by codespell in docs and code comments * fs: fix confusing "didn't find section in config file" error * vfs: fix race detected by race detector * Add Jonathan Giannuzzi to contributors * Add Spencer McCullough to contributors * Add Matt Ickstadt to contributors * smb: add support for kerberos authentication * drive: added `backend moveid` command * docs: fix reference to serves3 setting disable_multipart_uploads which was renamed * docs: fix link to Rclone Serve S3 * serve s3: fix list objects encoding-type * build: update gopkg.in/yaml.v2 to v3 * build: update all dependencies * bisync: fix go vet problems with go1.24 * build: update to go1.24rc1 and make go1.22 the minimum required version * version: add --deps flag to show dependencies and other build info * doc: make man page well formed for whatis - fixes #7430 * Start v1.70.0-DEV development rclone-1.73.5-bp157.2.3.1.src.rpm rclone-1.73.5-bp157.2.3.1.x86_64.rpm rclone-bash-completion-1.73.5-bp157.2.3.1.noarch.rpm rclone-debuginfo-1.73.5-bp157.2.3.1.x86_64.rpm rclone-zsh-completion-1.73.5-bp157.2.3.1.noarch.rpm rclone-1.73.5-bp157.2.3.1.i586.rpm rclone-debuginfo-1.73.5-bp157.2.3.1.i586.rpm rclone-1.73.5-bp157.2.3.1.aarch64.rpm rclone-debuginfo-1.73.5-bp157.2.3.1.aarch64.rpm rclone-1.73.5-bp157.2.3.1.ppc64le.rpm rclone-debuginfo-1.73.5-bp157.2.3.1.ppc64le.rpm rclone-1.73.5-bp157.2.3.1.s390x.rpm rclone-debuginfo-1.73.5-bp157.2.3.1.s390x.rpm openSUSE-2026-155 moderate openSUSE Backports SLE-15-SP7 Update This update for freeciv fixes the following issues: - CVE-2026-33250: Fix a vulnerability allowing remote crashing of the server (boo#1260036). - update to version 3.0.10: * Generic bugfix release* Generic bugfix release * Fixed nation color selection assert failures when moving from pre-game to turn 1 * Fixed a crash when city removal left a unit stranded * Fixed growing of the internal string handling buffer, fixing, e.g., issues with very long lines in the savegame * Fixed fc_vsnprintf() return value on Windows, fixing, e.g., issues on loading the tutorial scenario * Various internal changes which should only affect developers * Fixed bad memory access while loading freeciv-2.6 format ruleset * Miscellaneous improvements to in-game text and user documentation * Miscellaneous changes to developer/install/ruleset docs * Updated translations * see https://freeciv.fandom.com/wiki/NEWS-3.0.10 - update to version 3.0.9: * Generic bugfix release * Set diplomatic relations state correctly between team members osdn#48295 * Fixed assert failures when city grows to freeciv's internal max city size (255) * Sammarinese city name Borgo Maggiore corrected osdn#48316 * Cargo gets bounced when transport is lost due to terrain change * Fixed crash with recursive autoattacks in case of occupychance setting being > 0 * Fixed memory corruption when transport is not bounced, but cargo is * Corrected amount treasury gets increased by a city in some situations * Cities stop working tiles turned unworkable at turn change * Fixed clearing city border claims when player gets removed from the game osdn#48837 * see https://freeciv.fandom.com/wiki/NEWS-3.0.9 freeciv-3.1.6-bp157.2.3.1.src.rpm freeciv-3.1.6-bp157.2.3.1.x86_64.rpm freeciv-debuginfo-3.1.6-bp157.2.3.1.x86_64.rpm freeciv-debugsource-3.1.6-bp157.2.3.1.x86_64.rpm freeciv-gtk3-3.1.6-bp157.2.3.1.x86_64.rpm freeciv-gtk3-debuginfo-3.1.6-bp157.2.3.1.x86_64.rpm freeciv-gtk4-3.1.6-bp157.2.3.1.x86_64.rpm freeciv-gtk4-debuginfo-3.1.6-bp157.2.3.1.x86_64.rpm freeciv-lang-3.1.6-bp157.2.3.1.noarch.rpm freeciv-qt-3.1.6-bp157.2.3.1.x86_64.rpm freeciv-qt-debuginfo-3.1.6-bp157.2.3.1.x86_64.rpm freeciv-3.1.6-bp157.2.3.1.aarch64.rpm freeciv-debuginfo-3.1.6-bp157.2.3.1.aarch64.rpm freeciv-debugsource-3.1.6-bp157.2.3.1.aarch64.rpm freeciv-gtk3-3.1.6-bp157.2.3.1.aarch64.rpm freeciv-gtk3-debuginfo-3.1.6-bp157.2.3.1.aarch64.rpm freeciv-gtk4-3.1.6-bp157.2.3.1.aarch64.rpm freeciv-gtk4-debuginfo-3.1.6-bp157.2.3.1.aarch64.rpm freeciv-qt-3.1.6-bp157.2.3.1.aarch64.rpm freeciv-qt-debuginfo-3.1.6-bp157.2.3.1.aarch64.rpm freeciv-3.1.6-bp157.2.3.1.ppc64le.rpm freeciv-debuginfo-3.1.6-bp157.2.3.1.ppc64le.rpm freeciv-debugsource-3.1.6-bp157.2.3.1.ppc64le.rpm freeciv-gtk3-3.1.6-bp157.2.3.1.ppc64le.rpm freeciv-gtk3-debuginfo-3.1.6-bp157.2.3.1.ppc64le.rpm freeciv-gtk4-3.1.6-bp157.2.3.1.ppc64le.rpm freeciv-gtk4-debuginfo-3.1.6-bp157.2.3.1.ppc64le.rpm freeciv-qt-3.1.6-bp157.2.3.1.ppc64le.rpm freeciv-qt-debuginfo-3.1.6-bp157.2.3.1.ppc64le.rpm freeciv-3.1.6-bp157.2.3.1.s390x.rpm freeciv-debuginfo-3.1.6-bp157.2.3.1.s390x.rpm freeciv-debugsource-3.1.6-bp157.2.3.1.s390x.rpm freeciv-gtk3-3.1.6-bp157.2.3.1.s390x.rpm freeciv-gtk3-debuginfo-3.1.6-bp157.2.3.1.s390x.rpm freeciv-gtk4-3.1.6-bp157.2.3.1.s390x.rpm freeciv-gtk4-debuginfo-3.1.6-bp157.2.3.1.s390x.rpm freeciv-qt-3.1.6-bp157.2.3.1.s390x.rpm freeciv-qt-debuginfo-3.1.6-bp157.2.3.1.s390x.rpm openSUSE-2026-152 important openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: - Chromium 147.0.7727.116 (boo#1262586) chromedriver-147.0.7727.116-bp157.2.151.1.x86_64.rpm chromium-147.0.7727.116-bp157.2.151.1.nosrc.rpm chromium-147.0.7727.116-bp157.2.151.1.x86_64.rpm chromedriver-147.0.7727.116-bp157.2.151.1.aarch64.rpm chromium-147.0.7727.116-bp157.2.151.1.aarch64.rpm chromedriver-147.0.7727.116-bp157.2.151.1.ppc64le.rpm chromium-147.0.7727.116-bp157.2.151.1.ppc64le.rpm openSUSE-2026-149 important openSUSE Backports SLE-15-SP7 Update This update for flannel fixes the following issues: - Update to version 0.28.4: * fix go version (don't set patch version) (#2428) * Bump flannel-cni-plugin to v1.9.1-flannel1 (#2427) * Bump the other-go-modules group across 1 directory with 3 updates (#2425) * Bump the tencent group with 2 updates (#2417) * Bump the etcd group with 4 updates (#2398), includes fix for CVE-2026-33413 (boo#1260853) and CVE-2026-33343 (boo#1260847) * Bump go.opentelemetry.io/otel/sdk from 1.40.0 to 1.43.0 (#2420) * Bump go to 1.25 (#2424) * Bump actions/upload-pages-artifact from 4.0.0 to 5.0.0 * Bump docker/build-push-action from 7.0.0 to 7.1.0 * Bump docker/login-action from 4.0.0 to 4.1.0 * Verify the kubectl sha256sum * Secure makefile (#2414) * Improve the security of Dockerfile * Bump github/codeql-action from 4.34.1 to 4.35.1 (#2409) * Bump actions/deploy-pages from 4.0.5 to 5.0.0 * lease: only print BackendData when json.Marshal succeeds * vxlan: delete v6 direct route with correct Route struct * fix: honor --stderrthreshold flag when --logtostderr is enabled * Bump actions/configure-pages from 5.0.0 to 6.0.0 * Bump actions/setup-go from 6.3.0 to 6.4.0 * don't use unquoted shell vars in extensions backend example * Don't use shell invocations in extensions backend. * Bump google.golang.org/grpc from 1.71.1 to 1.79.3 * Bump ossf/scorecard-action from 2.4.1 to 2.4.3 * Bump actions/upload-artifact from 4.6.1 to 7.0.0 * Bump docker/metadata-action from 5.10.0 to 6.0.0 * Bump actions/checkout from 4.2.2 to 6.0.2 * Bump docker/setup-buildx-action from 3.12.0 to 4.0.0 * Bump aquasecurity/trivy-action from 0.33.1 to 0.35.0 * Bump docker/setup-qemu-action from 3.7.0 to 4.0.0 * [StepSecurity] Apply security best practices * Bump actions/attest-build-provenance from 3.2.0 to 4.1.0 * Fix logic in AddBlackholeV4Route and AddBlackholeV6Route to correctly check for existing routes * Added check for nftables before checking br_netfilter module * Bump golang.org/x/crypto from 0.36.0 to 0.45.0 * Bump k8s deps to v0.32.10 * Bump golang-ci-lint to v2.7.2 * Bump golangci/golangci-lint-action from 6.1.1 to 9.2.0 * Additional check on podCIDR * ip: improve primary address selection to account for address flags * Added TAG to fix bin version flannel-0.28.4-bp157.2.6.1.src.rpm flannel-0.28.4-bp157.2.6.1.x86_64.rpm flannel-k8s-yaml-0.28.4-bp157.2.6.1.noarch.rpm flannel-0.28.4-bp157.2.6.1.i586.rpm flannel-0.28.4-bp157.2.6.1.aarch64.rpm flannel-0.28.4-bp157.2.6.1.ppc64le.rpm flannel-0.28.4-bp157.2.6.1.s390x.rpm openSUSE-2026-156 moderate openSUSE Backports SLE-15-SP7 Update This update for cacti fixes the following issues: - Update to version 1.2.30+git306.82d5aef5: * add a collapse icon (#7047) * security: consolidated defense-in-depth hardening (1.2.x) (#7039) * fix(security): harden boost cache, deserialization, GET_LOCK, and process management (#7021) * CVE-2026-0540 - Update DOMPurify to 3.3.3. phpseclib's AES-CBC unpadding susceptible to padding oracle timing attack (#7022) * fix(security): harden exec_background, log path redirection, and CLI argument handling (#7016) * fix: IPv6 support hardening for SNMP sessions, ping validation, and binary transport (#7014) * fix(security): enforce strict metric serialization at RRDtool IPC boundary (#7012) * fix(security): harden rrd.php, database.php, and html_utility.php (1.2.x) (#7002) * fix(security): harden auth lockout, CSPRNG fallback, error escaping, and redirect (1.2.x) (#7000) * fix(security): harden core execution boundaries and XML processing (#7010) * fix(security): harden utility.php PHP binary validation, SQL injection, PRNG, and XSS (#7006) * fix(security): escape html_filter form attributes and JS context (1.2.x) (#6995) * fix: prevent empty CDEF RPN expressions in aggregate graphs (1.2.x) (#6985) * fix: aggregate 95th percentile uses SUM instead of MAX for SIMILAR (1.2.x) (#6984) * fix: CF fallback selection overwritten by cf_reference (1.2.x) (#6982) * fix: remove unconditional overwrite of coerced multi-DS values (1.2.x) (#6981) * fix: cacti_snmp_validate_oid accepts non-numeric OIDs (1.2.x) (#6980) * fix(scripts): return 'U' on error in ss_webseer, ss_gexport, query_host_cpu (1.2.x) (#6983) * fix: Fixing additional review issues (#6979) * fix: Fixing issues with dns call (#6977) * fix: Fixing wrong variable use (#6976) * fix(security): cast effective_user to int and validate OID format in remote_agent (1.2.x) (#6969) * fix(security): escape rrdtool tune arguments to prevent command injection (#6967) * fix(security): forward-verify PTR result in remote_client_authorized() (#6968) * fix(security): validate graph_theme with basename() to prevent LFI (#6966) * fix(security): escape error message output in auth_login.php (#6958) * fix: Simplify redirect handling in Cacti and Fix Multi-Sort (#6955) * fix(security): use strict comparisons in auth and restrict unserialize (#6960) * fix: correct spikekill user/default inversion and add RRD file check (1.2.x) (#6962) * fix(security): parameterize SQL, add column allow-list, and type-safe counter math (#6961) * fix(hardening): replace raw $_REQUEST with input wrapper functions (#6959) * fix graph debug (#6956) * fix: return text error in graph debug mode when RRD file missing (1.2.x) (#6924) * security: fix XSS in JavaScript contexts across UI pages (1.2.x) (#6929) * fix: correct colourBrightness calculation for negative and integer percentages (1.2.x) (#6928) * Fix: Removing backtick operator from code (#6922) * fix: remove noisy RRD file-not-found log message (#6918) * security: remaining hardening backports to 1.2.x (#6917) * Fix: Issuesing changing poller and audit plugin (#6915) * Fix: Add missing functiosn rrdtool_file_exists (#6914) * security: harden shell command execution against injection (1.2.x backport) (#6902) * security: fix SSRF and SSL verification in help.php (1.2.x backport) (#6906) * fix: backport spikekill and realtime graph fixes to 1.2.x (#6909) * security: fix XSS and open redirect in auth and UI pages (1.2.x backport) (#6910) * security: parameterize SQL in sequence functions and data_queries.php (1.2.x backport) (#6911) * security: fix SSRF, command injection, and XSS in core functions (1.2.x) (#6913) * security: support array arguments in exec_background and __rrd_execute (1.2.x backport) (#6912) * Fixing managers actions not taking action (#6901) * security: harden SQL query construction against injection (1.2.x backport) (#6897) * security: fix XSS, path traversal, open redirect, and IDOR (1.2.x backport) (#6899) * security: fix unsafe deserialization in managers.php (1.2.x backport) (#6898) * Update translation files * Translated using Weblate (Swedish) * Update translation files * Translated using Weblate (Swedish) * Update translation files * Translated using Weblate (Swedish) * fix(1.2.x): correct codespell-detected spelling errors in PHP source files (#6808) * qa: Removing php7.4 and php8.0 from our validation matrix due recent plugin changes (#6817) * Update translation files * Translated using Weblate (Swedish) * [1.2.x] fix: exec_with_timeout operator precedence, child kill, and stderr handling (#6732) * fix(auth): add column-name whitelist to is_view_allowed() (#6708) * fix: parameterize SQL in cli/add_device.php (#6710) * fix: remove PHP_EOL from force_https redirect header (#6711) * fix: three one-line typos in spikekill subsystem (#6712) * fix: add output_format to ifName and ifDescr in interface.xml (#6713) * fix: strict comparison in replicate_table_to_poller column exclusion (#6714) * fix: escape values in array_to_sql_or() to prevent SQL injection (#6709) * fix: correct JOIN condition in is_view_allowed() group membership query (#6734) * fix false down status in gui (#6706) * add dell idrac template (#6681) * Backport check_all_pages.sh to 1.2.x (#6678) - Update to version 1.2.30+git233.9b67d5e98: * remove wrong styles (#6654) * Fix paper-plane theme (#6640) - Update to latest release/1.2.30+git231.bca15e70c: - Updates since 1.2.30: * security#GHSA-6RVG-2VM8-5WRF: CVE-2026-22802 Authentication Bypass leads to information disclosure * security: CVE-2026-1513 billboard.js before 3.18.0 Improper Input Sanitization Allows Remote JavaScript Execution * issue#6168: When purging RRD files, paths are not correctly handled * issue#6202: When using automation, devices may not be added as expected * issue#6204: Attempting to match a field in automation may cause unexpected errors * issue#6210: Ensure column names are escaped to prevent reserved word issues * issue#6240: Improve sort order for incorrect RRA's * issue#6249: Unable to send Email to users without a domain name * issue#6251: When viewing a graph, do not produce unnecessary errors if graph has been removed * issue#6253: When i18n formatting numbers, assume null means 0 by xmacan * issue#6257: When data sources are removed, ensure only RRD files are removed by xmacan * issue#6262: When the database connection drops during query, retry to ensure success * issue#6270: Incorrect escaping may prevent drop downs working as intended * issue#6271: When validation errors occur, provide more information to help diagnosis * issue#6283: When calculating total pages, ensure math errors do not occur * issue#6292: When validating null request variables, fatal errors may occur * issue#6294: Automation may produce unexpected warnings when detecting the OS * issue#6296: Process timeouts may not end processes as expected * issue#6297: Improve support for Secure SMTP * issue#6299: Improve email address handling to support UTF8 * issue#6313: When editing multiple devices, unexpected errors may be recorded * issue#6314: When editing an Aggregation Graph, total count may not reflect number of items correctly * issue#6315: When duplicating a Data Input Method, unexpected errors may occur * issue#6326: Improve SNMP v3 support for Cisco devices * issue#6327: Implement Autocomplete standards for Login and Change Password * issue#6329: When using LDAP, checking a user's groups may cause unexpected errors * issue#6331: When upgrading from pre-1.0.5, unexpected errors may occur by YATV * issue#6334: When creating Aggregate graphs, unable to hide HRULE and COMMENT based items * issue#6335: Email addresses with leading or trailing spaces can cause issues * issue#6441: Spikekill uses the wrong option for retention periods by 3432 * issue#6444: When a Data Input's Title is applied, unexpected errors and values may be seen * issue#6490: When using Clear All on Selective Debug, first item is reselected * issue#6507: Importing packages may not work as expected by xmacan * issue#6508: When exporting graphs, data issues may lead to unexpected errors by xmacan * issue#6516: When modifying Graph Automation Rules, unexpected errors may be logged * issue#6518: Improve security of CSRF Secret by SMark-Black * issue#6519: When using Real Time graphing, unexpected errors may appear if graph is removed * issue#6546: Restore some missing SNMP Script Server configurations * issue#6551: Improve support for FreeBSD when Auditing Databases by xmacan * issue#6573: Create new device_change_javascript hook for THOLD plugin by xmacan * issue#6598: Improve PHP 8 support by TheWitness * issue#6600: When replicating plugins, unexpected errors may appear due to missing tables * issue#6605: Prevent Row Data Loss When Rebuilding RRD Files * issue#6606: When using SpikeKill, actions would not always lead to expected results * feature#6523: When disabling users, ensure that their authentication cookies and sessions cleared * feature#6524: When changing your password, log off from all sessions * feature#6534: Improve Cacti Session ID security * feature#6607: Implement session security on Password change * feature: Update DOMPurify to 3.3.0 * feature: Update PHPMailer to 6.10 to support SMTPUTF8 * feature: Update phpseclib for the Service Check plugi - Update requires/recommends for better fresh install experience - Requires: php-intl - Recommends: php-gettext php-pcntl mysql-tools cacti-1.2.30+git306.82d5aef5-bp157.2.6.1.noarch.rpm cacti-1.2.30+git306.82d5aef5-bp157.2.6.1.src.rpm openSUSE-2026-159 moderate openSUSE Backports SLE-15-SP7 Update This update for gn fixes the following issues: - Update to version 0.20260331: * Add modulemap generation to GN. * Support building gn without a .git directory. * Limit the maximum number of GN worker threads to 32. * Remove premature target writing before validation during `gn gen`. * Only run target checks in background threads during resolution. * Add additional files to gitignore * Add `inputs` parameter to `tool`. * Unit test foo* not just *foo patterns * Unit test edge cases around consecutive \b in patterns * Reject newlines in string config values (defines, cflags, etc.) * Set clang-format to use C++20 * Run formatter * Bump min mac version flag. * Add --error-limit flag to control error output count * [gn] Fix Value::operator== for empty lists * [gn] Optimize Value::LIST with Copy-On-Write using nullptr * Capture C++ modules compilation commands in compile_commands.json * Output -fmodule-map-file as well as -fmodule-file for module dependencies. * Optimize HeaderChecker by parallelizing ReachabilityCache pre-calculation and removing lock contention. * Optimize HeaderChecker file I/O by parsing files only once * Optimize reachability cache to drastically reduce BFS executions * Remove unused targets_count_ in HeaderChecker * Apply clang-format * Use high-performance cores on Apple Silicon for worker pool * Optimize HeaderChecker::IsDependencyOf using HashTableBase * [perf] Optimize HeaderChecker BFS using reserve() * [perf] Share ResolvedTargetData across worker threads * [perf] Cache dependency checks in HeaderChecker * [test] Fix SetupTest.AbsolutePythonPathInsideRootDir on macOS * [mac] Update minimum macOS version to 10.12 * Include validations when collecting metadata * Fix target being written twice under certain circumstances * Add validation support to gn analyze/desc/path/refs * Fix race condition when using validations * Add pcm files to the deps of phony target * Add `validations` dependency type to targets * Fix result of Scheduler::Run() with empty work queue * Add conductor setup files * Improve writing runtime deps * Unit test label user visible name * Improve error message for rebase_path builtin * Minor table-driven test refactor * win: Use relative path for python in ninja files if possible gn-0.20260331-bp157.2.12.1.src.rpm gn-0.20260331-bp157.2.12.1.x86_64.rpm gn-0.20260331-bp157.2.12.1.i586.rpm gn-0.20260331-bp157.2.12.1.aarch64.rpm gn-0.20260331-bp157.2.12.1.ppc64le.rpm gn-0.20260331-bp157.2.12.1.s390x.rpm openSUSE-2026-161 critical openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: - Chromium 147.0.7727.137 (boo#1263158) * CVE-2026-7363: Use after free in Canvas * CVE-2026-7361: Use after free in iOS * CVE-2026-7344: Use after free in Accessibility * CVE-2026-7343: Use after free in Views * CVE-2026-7333: Use after free in GPU * CVE-2026-7360: Insufficient validation of untrusted input in Compositing * CVE-2026-7359: Use after free in ANGLE * CVE-2026-7358: Use after free in Animation * CVE-2026-7334: Use after free in Views * CVE-2026-7357: Use after free in GPU * CVE-2026-7356: Use after free in Navigation * CVE-2026-7354: Out of bounds read and write in Angle * CVE-2026-7353: Heap buffer overflow in Skia * CVE-2026-7352: Use after free in Media * CVE-2026-7351: Race in MHTML * CVE-2026-7350: Use after free in WebMIDI * CVE-2026-7349: Use after free in Cast * CVE-2026-7348: Use after free in Codecs * CVE-2026-7335: Use after free in media * CVE-2026-7336: Use after free in WebRTC * CVE-2026-7337: Type Confusion in V8 * CVE-2026-7347: Use after free in Chromoting * CVE-2026-7346: Inappropriate implementation in Tint * CVE-2026-7345: Insufficient validation of untrusted input in Feedback * CVE-2026-7338: Use after free in Cast * CVE-2026-7342: Use after free in WebView * CVE-2026-7341: Use after free in WebRTC * CVE-2026-7339: Heap buffer overflow in WebRTC * CVE-2026-7340: Integer overflow in ANGLE * CVE-2026-7355: Use after free in Media chromedriver-147.0.7727.137-bp157.2.154.1.x86_64.rpm chromium-147.0.7727.137-bp157.2.154.1.nosrc.rpm chromium-147.0.7727.137-bp157.2.154.1.x86_64.rpm chromedriver-147.0.7727.137-bp157.2.154.1.aarch64.rpm chromium-147.0.7727.137-bp157.2.154.1.aarch64.rpm chromedriver-147.0.7727.137-bp157.2.154.1.ppc64le.rpm chromium-147.0.7727.137-bp157.2.154.1.ppc64le.rpm