newt
- don't ignore CFLAGS when building snack (#1757093)
udisks2
- iscsi: Fix login on firmware-discovered nodes (#2213193)
- tests: Extend iscsi method call timeouts (#2213715)
popt
- Rebase to popt 1.18 (https://github.com/rpm-software-management/popt/releases/tag/popt-1.18-release)
- Update URLs to rebooted upstream
- Clean up ancient cruft from spec, use modern build macros
python3-pyyaml
- Remove the Python 2 subpackage
  https://bugzilla.redhat.com/show_bug.cgi?id=1590281
pcre
- Rebuild for BZ#1954441
audit-libs
- Introduce new fanotify record fields
Resolves: rhbz#2216668
- invalid use of flexible array member
Resolves: rhbz#2116867
dmidecode
- Resolves: rhbz#2186860
crypto-policies
- krb5: sort enctypes mac-first, cipher-second, prioritize SHA-2 ones
- krb5: fix policy generator to account for macs
- docs: replace `FIPS 140-2` with just `FIPS 140`
python3-policycoreutils
- Update translations (#2124826)
chkconfig
- alternatives: --keep-foreign incorrectly handles non-existent files
- alternatives: isLink should return 0 in case of lstat error
- spec: Replace not working awk command with sed (#63)
polkit-pkla-compat
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
python3-unbound
- Rebuilt again with z-stream target
dbus-tools
- Fix CVE-2023-34969 (#2213400)
libattr
- temporarily provide attr/xattr.h symlink until users are migrated (#1601482)
libzstd
- Rebase to 1.4.4
Resolvese: 1807452
libblockdev-fs
- Fix double free in write_escrow_data_file
  Resolves: rhbz#2142660
e2fsprogs
- Update e2fsprogs with upstream fixes and improvements (#2083621)
- Fix out-of-bounds read/write via crafter filesystem (#2073548)
elfutils-libs
- Add elfutils-0.189-elf_getdata_rawchunk.patch
- Add elfutils-0.189-debuginfod_config_cache-double-close.patch
dnf
- rebuild for SLES ES platform
python3-cryptography
- Fix FTBFS caused by rsa_pkcs1_implicit_rejection OpenSSL feature, resolves: RHEL-17873
gnutls
- Fix memleak with older GMP (RHEL-28957)
cloud-utils-growpart
- Rebased to cloud-utils-growpart-0.33-0.el8
- Resolves: bz#2122575
  ([RHEL-8] Add redhat build support for cloud-utils rebase 0.33 for RHEL8.8
libdb-utils
- Apply the previous change only on aarch64 to limit the risk of unwanted impact
- Resolves: #1992402
dhcp-libs
- Change bug tracker path
libblockdev-crypto
- Fix double free in write_escrow_data_file
  Resolves: rhbz#2142660
libsemanage
- always write kernel policy when check_ext_changes is specified (#2129139)
python3-jwt
- Drop python2 subpackage
  Resolves: rhbz#1567177
geolite2-city
- Latest upstream
efibootmgr
- efibootmgr 16
- better coverity and clang-analyzer support
- better CI
- minor fixes
libtirpc
- rpcb_clnt.c add mechanism to try v2 protocol first (bz 2107650)
- Multithreaded cleanup (bz 2112116)
policycoreutils
- Update translations (#2124826)
elfutils-libelf
- Add elfutils-0.189-elf_getdata_rawchunk.patch
- Add elfutils-0.189-debuginfod_config_cache-double-close.patch
rpm-libs
- Backport file handling code from rpm-4.19 to fix CVE-2021-35937,
  CVE-2021-35938 and CVE-2021-35939
libreport-filesystem
- version bump up
libdb
- Apply the previous change only on aarch64 to limit the risk of unwanted impact
- Resolves: #1992402
rpm
- Backport file handling code from rpm-4.19 to fix CVE-2021-35937,
  CVE-2021-35938 and CVE-2021-35939
polkit-libs
- pkttyagent gets stopped if killed in the background
- Resolves: rhbz#2128989
libidn2
- Update to 2.2.0 (#1674201)
- Drop obsolete scriptlets
libblockdev-swap
- Fix double free in write_escrow_data_file
  Resolves: rhbz#2142660
libgpg-error
- new upstream release 1.31
pigz
- Rebuild to kick process (no changes from previous build) [1624161]
rpm-plugin-selinux
- Backport file handling code from rpm-4.19 to fix CVE-2021-35937,
  CVE-2021-35938 and CVE-2021-35939
rpm-build-libs
- Backport file handling code from rpm-4.19 to fix CVE-2021-35937,
  CVE-2021-35938 and CVE-2021-35939
platform-python
- Security fix for CVE-2023-27043
Resolves: RHEL-5563
hardlink
- Added gcc to build requirements
oddjob
- Always set the home directory permissions according to HOME_MODE
- Resolves: rhbz#2135793
glibc-common
- CVE-2024-2961: Out of bounds write in iconv conversion to ISO-2022-CN-EXT (RHEL-32475)
dbus-glib
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
procps-ng
- CVE-2023-4016: ps: possible buffer overflow
- Resolves: rhbz#2228503
python3-libdnf
- rebuild for SLES ES platform
shadow-utils
- gpasswd: fix password leak. Resolves: #2215947
libunistring
- Fix invalid license tag
- Resolves: rhbz#1611728
keyutils-libs
- Fix potential strcat overflow found by Coverity in CI test (#1661674).
rubygem-json
- rebuild for SLES ES platform
sg3_utils
- Fix sg_ses --page argument override when --control and --data are specified (#2078107)
nspr
- Upste to NSPR 4.35
openssh
- Fix Terrapin attack
  Resolves: RHEL-19762
libpsl
- increase release number (#1764048)
hwdata
- Update pci, usb and vendor ids
  Resolves: #2169697
python3-linux-procfs
- Rebase to upstream version python-linux-procfs-0.7.1
Resolves: rhbz#2121522
device-mapper-libs
- rebuilt for SLES ES platform
rootfiles
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
libselinux
- restorecon: Fix memory leak - xattr_value (#2137965)
NetworkManager-tui
- rebuild for SUSE Liberty Linux
tar
- Fix CVE-2022-48303
- Resolves: CVE-2022-48303
libblockdev-mdraid
- Fix double free in write_escrow_data_file
  Resolves: rhbz#2142660
libsss_autofs
- rebuild for SLES ES platform
tpm2-tss
- Ensure layer number is in bounds
  Resolves: rhbz#2160302
  Resolves: rhbz#2162611
libxmlb

      
libnsl2
- Update to 1.2.0-2.20181605git4a062cf
  Resolves: rhbz#1573895
libestr
- Rebuild due to the following message: libestr-0.1.10-2.el8 has already been built
  resolves: rhbz#2056293
kbd
- Fix vlock when console or terminal is closed abruptly
  Resolves: #2178798
nss-softokn-freebl
- rebuild for SLES ES platform
libteam
- teamd: do no remove the ports on shutdown with -N [2148856]
- teamd: stop iterating callbacks when a loop restart is requested [2148855]
p11-kit
- Rebase to 0.23.22 to fix memory safety issues (CVE-2020-29361, CVE-2020-29362, and CVE-2020-29363)
- Preserve DT_NEEDED information from the previous version, flagged by rpmdiff
- Add xsltproc to BR
gnupg2
- Fix CVE-2022-34903 (#2108447)
lz4-libs
- Fix memory corruption due to an integer overflow
_ Resolves: CVE-2021-3520
dbus-common
- Fix CVE-2023-34969 (#2213400)
libsss_idmap
- rebuild for SLES ES platform
dhcp-common
- Change bug tracker path
nss
- rebuild for SLES ES platform
NetworkManager-libnm
- rebuild for SUSE Liberty Linux
libref_array
- Resolves: rhbz#2048668 - Request to add libdhash-devel package into CRB
python3-pytz
- Bump to add gating
Related: RHEL-677
libss
- Update e2fsprogs with upstream fixes and improvements (#2083621)
- Fix out-of-bounds read/write via crafter filesystem (#2073548)
volume_key-libs
- Make volume_key working in FIPS mode
  Resolves: #2143223
libnl3-cli
- Update to 3.7.0 (rh #2078874)
python3-pysocks
- Remove the Python 2 subpackage
  https://bugzilla.redhat.com/show_bug.cgi?id=1590407
libuuid
- fix RHEL-13741 - lscpu: avoid EBUSY on cpuinfo_max_freq
readline
- Move USAGE to %license as it describes usage in a licensing context
libcom_err
- Update e2fsprogs with upstream fixes and improvements (#2083621)
- Fix out-of-bounds read/write via crafter filesystem (#2073548)
cronie
- Set 'missingok' for /etc/cron.deny to not recreate it on update
libcomps
- Update to 0.1.18
- Fix issues detected by static analyzers
- Remove Python 2 support
os-prober
- Another build but with a gating.yaml to allow leaving gating
  Resolves: rhbz#1624158
xz
- Fix arbitrary file write vulnerability
  Resolves: CVE-2022-1271
cpio
- Fixed CVE-2021-38185 (#1992511)
rubygem-did_you_mean
- rebuild for SLES ES platform
python3-idna
- Drop Python 2 subpackage from RHEL 8, fixes RHBZ#1590399
bzip2-libs
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
libmodman
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
filesystem
- Make /proc and /sys ghost to workaround issue in container
- Revert restorecon change
libedit
- Add gcc BR
- Build verbosely
- Drop obsolete --enable-widec configure option
- Fix "unused direct shared library dependency" warning from rpmlint again
- Fix man page error due to BSD nroff macro that is not available on Linux
- Drop explicit R on pkgconfig from the -devel package, autogenerated
libmaxminddb
- Resolves: RHEL-20594 - improper initialization in dump_entry_data_list() in maxminddb.c
gzip
- fix an arbitrary-file-write vulnerability in zgrep
Resolves: CVE-2022-1271
libmodulemd
- 2.13.0 bump (bug #1984402)
libfdisk
- fix RHEL-13741 - lscpu: avoid EBUSY on cpuinfo_max_freq
bash
- Fix a crash in buffered_getchar() function
  Resolves: #2062291
file
- Improve thermocam magic (rhbz#2158115)
lua-libs
- Fix segfault in getlocal and setlocal (#1880445)
libcurl
- cap SFTP packet size sent (RHEL-5485)
trousers
- Rebase to 0.3.15
- Fix CVE-2020-24330 CVE-2020-24331 CVE-2020-24332
resolves: rhbz#1725782 rhbz#1877517 rhbz#1882402 rhbz#1882414
libcap
- Bump release version to restore upgrade path
  Resolves: RHEL-19362
coreutils-common
- basic support for checking NFSv4 ACLs (#2158747)
libsecret
- Update to 0.18.6
- Use valgrind_arches macro instead of hardcoding valgrind arch list
NetworkManager-team
- rebuild for SUSE Liberty Linux
libcap-ng
resolves: rhbz#1939386 - Rebase libcap-ng to version 0.7.11
libnl3
- Update to 3.7.0 (rh #2078874)
chrony
- update to 4.2 (#2062356)
- fix chrony-helper to delete sources by their original name (#2061660)
- update ntp2chrony script (#2018045 #2063766)
gdisk
- Fix double byteswap on big-endian systems also while reading partition names
  resolves: #2065205
python3-configobj
- Remove the Python 2 version
  https://bugzilla.redhat.com/show_bug.cgi?id=1567146
librepo
- Fix termination of va_list in lr_metadatatarget_append_error()
- Detailed error message when using non-existing TMPDIR
python3-audit
- Introduce new fanotify record fields
Resolves: rhbz#2216668
- invalid use of flexible array member
Resolves: rhbz#2116867
nss-util
- rebuild for SLES ES platform
openssl
- rebuild for SLES ES platform
rubygems
- rebuild for SLES ES platform
libgcrypt
- Fix CVE-2021-33560 (#2018525)
libmnl
- Escape macros in %changelog
krb5-libs
- Bump release number
coreutils
- basic support for checking NFSv4 ACLs (#2158747)
python3-gpg
- Update pkgconfig files
  Related: #1953905
trousers-lib
- Rebase to 0.3.15
- Fix CVE-2020-24330 CVE-2020-24331 CVE-2020-24332
resolves: rhbz#1725782 rhbz#1877517 rhbz#1882402 rhbz#1882414
publicsuffix-list-dafsa
- Recent revision - 20180723
rubygem-psych
- rebuild for SLES ES platform
grub2-pc
- rebuild for SLES ES platform
ruby
- rebuild for SLES ES platform
kpartx
- Add OSCI tests directory
- Make kpartx_id installation location relative to /usr/lib/udev/rules.d
- Resolves: bz #2164871
util-linux
- fix RHEL-13741 - lscpu: avoid EBUSY on cpuinfo_max_freq
xkeyboard-config
- xkeyboard-config 2.28 (#1728817)
expat
- CVE-2023-52425 expat: parsing large tokens can trigger a denial of service
- Resolves: RHEL-29320
dbus-daemon
- Fix CVE-2023-34969 (#2213400)
iproute
- Bump version number (wrong exception build)
libxcrypt
+ libxcrypt-4.1.1-6
- Rebuilt with fixed binutils (#1954438)
python3-jsonschema
- Drop the Python2 subpackage
  https://bugzilla.redhat.com/show_bug.cgi?id=1584189
- Use sys.executable rather than unversioned "python" in tests
jansson
- Rebase to 2.14
  Related: rhbz#2001062
libkcapi
- Fix double free issue in hasher()
grub2-pc-modules
- rebuild for SLES ES platform
libsysfs
- Rebuilt for 8.6. Resolves: rhbz#2046426
python3-chardet
- Remove the Python 2 subpackage
  https://bugzilla.redhat.com/show_bug.cgi?id=1590397
python3-dateutil
- Change license to BSD
shim-x64
- rebuild for SLES ES 8
libssh-config
- Fix CVE-2023-48795: Prefix truncation attack
  on Binary Packet Protocol (BPP)
- Resolves: RHEL-19311
glibc
- CVE-2024-2961: Out of bounds write in iconv conversion to ISO-2022-CN-EXT (RHEL-32475)
man-db
- schedule interrupted cache update for the next boot, instead of blocking
  system reboot/shutdown
  resolves #1874010
yum
- rebuild for SLES ES platform
gmp
- Add gating.yaml
Related: #1681026
glibc-langpack-en
- CVE-2024-2961: Out of bounds write in iconv conversion to ISO-2022-CN-EXT (RHEL-32475)
gawk
- Rebuild with some gating tests disabled
Resolves: rhbz#2053515
teamd
- teamd: do no remove the ports on shutdown with -N [2148856]
- teamd: stop iterating callbacks when a loop restart is requested [2148855]
logrotate
- enforce stricter parsing of config files (#2148925)
gettext-libs
- Ported CI gating tests to Python 3.6
libassuan
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
elfutils-debuginfod-client
- Add elfutils-0.189-elf_getdata_rawchunk.patch
- Add elfutils-0.189-debuginfod_config_cache-double-close.patch
python3-oauthlib
- upgrade to latest upstream 2.1.0
- Resolves: rhbz#1612380
gettext
- Ported CI gating tests to Python 3.6
libgusb
- New upstream version
- Port to the Meson build system
timedatex
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
kernel-core
- rebuild for SLES ES platform
acl
- new upstream release
kernel-modules
- rebuild for SLES ES platform
json-glib
- Update to 1.4.4
python3-dnf-plugins-core
- rebuild for SLES ES platform
libblockdev-loop
- Fix double free in write_escrow_data_file
  Resolves: rhbz#2142660
libsmartcols
- fix RHEL-13741 - lscpu: avoid EBUSY on cpuinfo_max_freq
prefixdevname
- rebuild with non-SCL toolset
yum-utils
- rebuild for SLES ES platform
libarchive
- Fix for CVE-2022-36227
libgudev
+ libgudev-232-4
- Remove umockdev dependency
bubblewrap
- Rebase to 0.4.0 (#1788067)
sssd-common
- rebuild for SLES ES platform
grub2-tools-minimal
- rebuild for SLES ES platform
xz-libs
- Fix arbitrary file write vulnerability
  Resolves: CVE-2022-1271
grep
- Fixed FTBFS with glibc-2.28
  Resolves: rhbz#1611721
vim-minimal
- fix issue reported by covscan
psmisc
- pstree -al incorrectly handles large empty cmdline
- Resolves: rhbz#1715509
python3-dnf
- rebuild for SLES ES platform
libksba
- Fix for CVE-2022-47629 (#2161571)
file-libs
- Improve thermocam magic (rhbz#2158115)
libkcapi-hmaccalc
- Fix double free issue in hasher()
gnupg2-smime
- Fix CVE-2022-34903 (#2108447)
python3-cffi
- Backport from_buffer(..., require_writable=True), resolves rhbz#2172416
- Enable upstream tests
lsscsi
- Fix WWN ID truncation (#1981038)
cyrus-sasl-lib
- Fix for CVE-2022-24407
- Resolves: rhbz#2055846
unbound-libs
- Rebuilt again with z-stream target
libutempter
- build with hardening LDFLAGS (#1548717)
- remove obsolete macro and comments
- add gcc to build requirements
which
- Related: #2140566, bring test over from Brew dist-git
kmod-libs
- depmod: fix parallel execution issues
  Resolves: rhbz#2026938
basesystem
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
libpng
- Fix important Covscan defects (#1602588)
sssd-kcm
- rebuild for SLES ES platform
gdbm
- Add backward compatibility patch
- Resolves: #2097704
- Backport from upstream commit: 00ba17479ff31c6825f0e6f28b965f11525e83f6
gpgme
- Update pkgconfig files
  Related: #1953905
libsss_sudo
- rebuild for SLES ES platform
python3-perf
- rebuild for SLES ES platform
gdbm-libs
- Add backward compatibility patch
- Resolves: #2097704
- Backport from upstream commit: 00ba17479ff31c6825f0e6f28b965f11525e83f6
langpacks-en
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
libblockdev-part
- Fix double free in write_escrow_data_file
  Resolves: rhbz#2142660
libuser
- Man-page update
- Resolves: rhbz#2070941 - small typo in lchage man page
nss-softokn
- rebuild for SLES ES platform
squashfs-tools
- rhbz#1895017 - unsquashfs does not preserve file capabilities
  rhbz#1754815 - Kdump: Building kdump initramfs img may fail with 'dracut: Failed making squash image' occasionally
  Resolves: rhbz#1895017, rhbz#1754815
device-mapper
- rebuilt for SLES ES platform
rubygem-bigdecimal
- rebuild for SLES ES platform
libacl
- new upstream release
c-ares
- Resolves: RHEL-11931 - Buffer Underwrite in ares_inet_net_pton() [rhel-8.9.0.z]
libsepol
- cil: Fix out-of-bound read of file context pattern ending with "\"
- cil: Destroy classperms list when resetting classpermission (#1983517)
- cil: Destroy classperm list when resetting map perms (#1983521)
- cil: cil_reset_classperms_set() should not reset classpermission (#1983525)
- cil: Set class field to NULL when resetting struct cil_classperms
- cil: More strict verification of constraint leaf expressions
- cil: Exit with an error if declaration name is a reserved word
- cil: Allow permission expressions when using map classes
- cil: Reorder checks for invalid rules when building AST
- cil: Cleanup build AST helper functions
- cil: Create new first child helper function for building AST
- cil: Remove unused field from struct cil_args_resolve
- cil: Destroy disabled optional blocks after pass is complete
- cil: Check if name is a macro parameter first
- cil: fix NULL pointer dereference in __cil_insert_name
- cil: Report disabling an optional block only at high verbose levels
- cil: Use AST to track blocks and optionals when resolving
- cil: Reorder checks for invalid rules when resolving AST
- cil: Sync checks for invalid rules in booleanifs
- cil: Check for statements not allowed in optional blocks (#1983530)
libcroco
- Fix CVE-2020-12825
  Resolves: #1866484
libatasmart
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
xfsprogs
- rebuild for SLES ES platform
libblockdev-utils
- Fix double free in write_escrow_data_file
  Resolves: rhbz#2142660
checkpolicy
- SELinux userspace 2.9 release
fuse-libs
- Add feature_notify_inode_expire_only
- Fixes rhbz#2171095
cracklib
- Fix regression in dictionary creation and lookup
pciutils-libs
- fix dependency of devel subpkg on libs (#2111644)
sqlite-libs
- Fixed CVE-2023-7104
gobject-introspection
- Update to 1.56.1
libzypp
- Rebuilding with new libsolv-0.7.4
platform-python-pip
- Require Python with tarfile filters
Resolves: RHEL-25449
sles_es-release
- Rebuild for 8.9 release
authselect
- Fix Japanese translations (RHBZ #2216755)
- Update translations (RHBZ #2189557)
- Do not prompt for password twice when changing password of local user (RHBZ #2179607)
libpath_utils
- Resolves: rhbz#2048668 - Request to add libdhash-devel package into CRB
glibc-gconv-extra
- CVE-2024-2961: Out of bounds write in iconv conversion to ISO-2022-CN-EXT (RHEL-32475)
npth
- Switch to %ldconfig_scriptlets
dracut-config-generic
- rebuilt for SLES ES platform
crypto-policies-scripts
- krb5: sort enctypes mac-first, cipher-second, prioritize SHA-2 ones
- krb5: fix policy generator to account for macs
- docs: replace `FIPS 140-2` with just `FIPS 140`
libffi
- Use /etc/sysconfig/libffi-force-shared-memory-check-first to
  override selinux permissions check for shared memory access (#2014228)
libdhash
- Resolves: rhbz#2048668 - Request to add libdhash-devel package into CRB
grub2-tools-extra
- rebuild for SLES ES platform
libsss_nss_idmap
- rebuild for SLES ES platform
systemd-udev
- rebuild for SLES ES
libtdb
- resolves: rhbz#2190421 - Rebuild to trigger distrobaker sync
python3-babel
- Include the /usr/bin/pybabel binary that runs on Python 3.6 in the
  python3-babel package
Resolves: rhbz#1967173
libselinux-utils
- restorecon: Fix memory leak - xattr_value (#2137965)
openssl-pkcs11
- Fix memory leak in PKCS11_pkey_meths (#2097690)
- Fix memory leak in RSA method (#2097690)
dracut-network
- rebuilt for SLES ES platform
authselect-compat
- Fix Japanese translations (RHBZ #2216755)
- Update translations (RHBZ #2189557)
- Do not prompt for password twice when changing password of local user (RHBZ #2179607)
python3-prettytable
- Remove the Python 2 subpackage
  https://bugzilla.redhat.com/show_bug.cgi?id=1567293
grub2-common
- rebuild for SLES ES platform
mozjs60
- Update enddianness.patch with more s390x fixes
- Enable tests on s390x again
- Resolves: #1803824
python3-requests
- Bump release to fix upgrade path
  from 2.20.0-2.1.el8_1 via 2.20.0-3.el8_8 to 2.20.0-4.el8
Related: rhbz#2209469
libnghttp2
- fix HTTP/2 Rapid Reset (CVE-2023-44487)
mpfr
- Update to MPFR version 3.1.6
- Use autosetup specfile macro for applying patches (patches 1 and 2 applied)
- Removed iconv calls, as they were breaking .info files, which are now unicode
  resolves #1299649
- Other minor cleanups
- BuildRequire gcc per https://fedoraproject.org/wiki/Packaging:C_and_C%2B%2B#BuildRequires_and_Requires
virt-what
- rebuild for SLES ES platform
lmdb-libs
RHEL 8.8.0 ERRATUM
- Please put lmdb in RHEL 8 CRB
- Rebuild
- Resolves: rhbz#1972979
libxkbcommon
- libxkbcommon 0.9.1 (#1728801)
efi-filesystem
- Ignore the mode bits when doing RPM verification of files in /boot/efi
  Resolves: rhbz#1845052
p11-kit-trust
- Rebase to 0.23.22 to fix memory safety issues (CVE-2020-29361, CVE-2020-29362, and CVE-2020-29363)
- Preserve DT_NEEDED information from the previous version, flagged by rpmdiff
- Add xsltproc to BR
dracut-config-rescue
- rebuilt for SLES ES platform
python3-libselinux
- restorecon: Fix memory leak - xattr_value (#2137965)
python3-setuptools-wheel
- Security fix for CVE-2022-40897
Resolves: rhbz#2158559
libsolv
- Backport Allow to break arch lock-step on erase operations (RhBug:2172288,2172292)
net-tools
- Resolves: #1711119 - netstat says "packetes" instead of "packets"
- Resolves: #1670355 - Exit code on wrong parameter is zero for many net-tools binaries
- Resolves: #1807989 - The output of `route -A inet6` does not display properly when the 'Use' column output is over 6 digits
python3-pycparser
- Conditionalize the python2 subpackage
python3-netifaces
- Conditionalize the python2 subpackage
python3-urllib3
- Security fix for CVE-2023-45803
Resolves: RHEL-16871
grub2-tools
- rebuild for SLES ES platform
libpipeline
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
cloud-init
- rebuilt for SLES ES platform
- ci-rhel-cloud.cfg-remove-ssh_genkeytypes-in-settings.py.patch
  (Remove ssh_genkeytypes in settings.py and set in cloud.cfg" to fix settings.py)
- ci-net-nm-check-for-presence-of-ifcfg-files-when-nm-con.patch
- ci-tests-unittests-add-a-new-unit-test-for-network-mana.patch
  (NetworkManagerActivator brings up interface failed when using sysconfig renderer)
dbus-libs
- Fix CVE-2023-34969 (#2213400)
libevent
- Install documentation files to an unversioned directory
- Resolves: rhbz#1638032
openssh-server
- Fix Terrapin attack
  Resolves: RHEL-19762
libyaml
- Switch to %ldconfig_scriptlets
python3-jinja2
- Fix CVE-2020-28493: ReDOS vulnerability due to the sub-pattern
Resolves: rhbz#1928707
shared-mime-info
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
grubby
- rebuild for SLES ES platform
libusbx
- Install README.md as README is only a symlink to .md
  Resolves: rhbz#1849682
NetworkManager
- rebuild for SUSE Liberty Linux
tzdata
- Rebase to tzdata-2024a
  - Kazakhstan will transition from UTC+6 to UTC+5 on 2024-03-01.
  - Palestine will spring forward a week later than previously
    predicted.
sudo
RHEL 8.9.0.Z ERRATUM
- Rebase to 1.9.5p2
- CVE-2023-28486 sudo: Sudo does not escape control characters in log messages
Resolves: RHEL-21825
- CVE-2023-28487 sudo: Sudo does not escape control characters in sudoreplay output
Resolves: RHEL-21831
- CVE-2023-42465 sudo: Targeted Corruption of Register and Stack Variables
Resolves: RHEL-21820
libldb
- resolves: rhbz#2190427 - Rebuild to trigger distrobaker sync
ca-certificates
- Update to CKBI 2.60_v7.0.306 from NSS 3.91
-    Removing:
-     # Certificate "Camerfirma Global Chambersign Root"
-     # Certificate "Staat der Nederlanden EV Root CA"
-     # Certificate "OpenTrust Root CA G1"
-     # Certificate "Swedish Government Root Authority v1"
-     # Certificate "DigiNotar Root CA G2"
-     # Certificate "Federal Common Policy CA"
-     # Certificate "TC TrustCenter Universal CA III"
-     # Certificate "CCA India 2007"
-     # Certificate "ipsCA Global CA Root"
-     # Certificate "ipsCA Main CA Root"
-     # Certificate "Macao Post eSignTrust Root Certification Authority"
-     # Certificate "InfoNotary CSP Root"
-     # Certificate "DigiNotar Root CA"
-     # Certificate "Root CA"
-     # Certificate "GPKIRootCA"
-     # Certificate "D-TRUST Qualified Root CA 1 2007:PN"
-     # Certificate "TC TrustCenter Universal CA I"
-     # Certificate "TC TrustCenter Universal CA II"
-     # Certificate "TC TrustCenter Class 2 CA II"
-     # Certificate "TC TrustCenter Class 4 CA II"
-     # Certificate "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı"
-     # Certificate "CertRSA01"
-     # Certificate "KISA RootCA 3"
-     # Certificate "A-CERT ADVANCED"
-     # Certificate "A-Trust-Qual-01"
-     # Certificate "A-Trust-nQual-01"
-     # Certificate "Serasa Certificate Authority II"
-     # Certificate "TDC Internet"
-     # Certificate "America Online Root Certification Authority 2"
-     # Certificate "RSA Security Inc"
-     # Certificate "Public Notary Root"
-     # Certificate "Autoridade Certificadora Raiz Brasileira"
-     # Certificate "Post.Trust Root CA"
-     # Certificate "Entrust.net Secure Server Certification Authority"
-     # Certificate "ePKI EV SSL Certification Authority - G1"
-    Adding:
-     # Certificate "DigiCert TLS ECC P384 Root G5"
-     # Certificate "DigiCert TLS RSA4096 Root G5"
-     # Certificate "DigiCert SMIME ECC P384 Root G5"
-     # Certificate "DigiCert SMIME RSA4096 Root G5"
-     # Certificate "Certainly Root R1"
-     # Certificate "Certainly Root E1"
-     # Certificate "E-Tugra Global Root CA RSA v3"
-     # Certificate "E-Tugra Global Root CA ECC v3"
-     # Certificate "DIGITALSIGN GLOBAL ROOT RSA CA"
-     # Certificate "DIGITALSIGN GLOBAL ROOT ECDSA CA"
-     # Certificate "BJCA Global Root CA1"
-     # Certificate "BJCA Global Root CA2"
-     # Certificate "Symantec Enterprise Mobile Root for Microsoft"
-     # Certificate "A-Trust-Root-05"
-     # Certificate "ADOCA02"
-     # Certificate "StartCom Certification Authority G2"
-     # Certificate "ATHEX Root CA"
-     # Certificate "EBG Elektronik Sertifika Hizmet Sağlayıcısı"
-     # Certificate "GeoTrust Primary Certification Authority"
-     # Certificate "thawte Primary Root CA"
-     # Certificate "VeriSign Class 3 Public Primary Certification Authority - G5"
-     # Certificate "America Online Root Certification Authority 1"
-     # Certificate "Juur-SK"
-     # Certificate "ComSign CA"
-     # Certificate "ComSign Secured CA"
-     # Certificate "ComSign Advanced Security CA"
-     # Certificate "Global Chambersign Root"
-     # Certificate "Sonera Class2 CA"
-     # Certificate "VeriSign Class 3 Public Primary Certification Authority - G3"
-     # Certificate "VeriSign, Inc."
-     # Certificate "GTE CyberTrust Global Root"
-     # Certificate "Equifax Secure Global eBusiness CA-1"
-     # Certificate "Equifax"
-     # Certificate "Class 1 Primary CA"
-     # Certificate "Swiss Government Root CA III"
-     # Certificate "Application CA G4 Root"
-     # Certificate "SSC GDL CA Root A"
-     # Certificate "GlobalSign Code Signing Root E45"
-     # Certificate "GlobalSign Code Signing Root R45"
-     # Certificate "Entrust Code Signing Root Certification Authority - CSBR1"
SUSEConnect

      
mokutil
- Add ability to set fallback verbose mode
- Resolves: #2030704
kbd-misc
- Fix vlock when console or terminal is closed abruptly
  Resolves: #2178798
libsmbios
- rebuild with latest rpm build flags (rhbz#1540264)
libfastjson
- Address CVE-2020-12762
Resolves: rhbz#2203171
irqbalance
- Rebase to latest upstream commit (184c95029e)
libtalloc
- resolves: rhbz#2190419 - Rebuild to trigger distrobaker sync
polkit
- pkttyagent gets stopped if killed in the background
- Resolves: rhbz#2128989
cronie-anacron
- Set 'missingok' for /etc/cron.deny to not recreate it on update
libcollection
- Resolves: rhbz#2048668 - Request to add libdhash-devel package into CRB
lzo
- Added build notes to AS generated objects
  Resolves: rhbz#1630594
crontabs
- update to the latest release
- add sed require
- remove %clean section
- remove obsolete Group tag
- fix upstream URL
- Resolves: rhbz#1696449, rhbz#1703982
libnfsidmap
- Covscan Scan: Wrong Check of Return Value (bz 2151966)
- Covscan Scan: Clang (experimental) (bz 2151971)
dbus
- Fix CVE-2023-34969 (#2213400)
libtevent
- resolves: rhbz#2190425 - Rebuild to trigger distrobaker sync
initscripts
- ci: Update `.packit.yml` to run on `c8s`
- ci: Use Differential ShellCheck action
fwupd
- Rebuild with SUSE key and sbat
ncurses-base
- fix buffer overflow on terminfo with too many capabilities (CVE-2023-29491)
libdnf
- rebuild for SLES ES platform
zypper

      
libxml2
- rebuild for SLES ES platform
libgomp
- rebuilt for SLL 8
lshw
- Fix getting size of memory banks <32GiB
ruby-irb
- rebuild for SLES ES platform
rubygem-openssl
- rebuild for SLES ES platform
libgcc
- rebuilt for SLL 8
libsigsegv
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
rubygem-rdoc
- rebuild for SLES ES platform
groff-base
- Fix also SHELLCHECK_WARNING
  related: #1602530
python3-six
- Disable the Python 2 subpackage
  https://bugzilla.redhat.com/show_bug.cgi?id=1594157
systemd-pam
- rebuild for SLES ES
libproxy
- Drop pacrunner-mozjs (#1571640)
python3-hawkey
- rebuild for SLES ES platform
tuned
- debranding for SLL 8.9
python3-libcomps
- Update to 0.1.18
- Fix issues detected by static analyzers
- Remove Python 2 support
curl
- cap SFTP packet size sent (RHEL-5485)
python3-systemd
- Conditionalize the python2 subpackage
authselect-libs
- Fix Japanese translations (RHBZ #2216755)
- Update translations (RHBZ #2189557)
- Do not prompt for password twice when changing password of local user (RHBZ #2179607)
oddjob-mkhomedir
- Always set the home directory permissions according to HOME_MODE
- Resolves: rhbz#2135793
dracut
- rebuilt for SLES ES platform
mdadm
- Update to latest upstream and fix mdcheck service bug
- Resolves rhbz#2116418, rhbz#2150862, rhbz#2159584
pcre2
- Resolves: CVE-2022-1586
cryptsetup-libs
- Rebuild due to missing CI environment
- Resolves: #2212772 #2193342
systemd-libs
- rebuild for SLES ES
python3-libs
- Security fix for CVE-2023-27043
Resolves: RHEL-5563
libdaemon
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
sssd-nfs-idmap
- rebuild for SLES ES platform
slang
- don't use memcpy() on overlapping buffers (#1607024)
libssh
- Fix CVE-2023-48795: Prefix truncation attack
  on Binary Packet Protocol (BPP)
- Resolves: RHEL-19311
rsyslog
- rebuilt for SLES Expanded Support platform
memstrack
- Add missing tests directory
audit
- Introduce new fanotify record fields
Resolves: rhbz#2216668
- invalid use of flexible array member
Resolves: rhbz#2116867
python3-dbus
- Backport patch from Neal Gompa <ngompa13@gmail.com> to generate pythonXdist
  metadata
diffutils
- Resolves: #1732960 - cmp -b shows incorrect data
nettle
- Backport CVE-2021-3580 from upstream 3.7.3 release (#1967990)
python3-ply
- Include README.MD and LICENSE (#1464435)
openssl-libs
- rebuild for SLES ES platform
ncurses
- fix buffer overflow on terminfo with too many capabilities (CVE-2023-29491)
rubygem-io-console
- rebuild for SLES ES platform
libgcab1
- New upstream release
- Add git version in --version
- Fix list of new symbols in index page
libudisks2
- iscsi: Fix login on firmware-discovered nodes (#2213193)
- tests: Extend iscsi method call timeouts (#2213715)
kernel-tools-libs
- rebuild for SLES ES platform
e2fsprogs-libs
- Update e2fsprogs with upstream fixes and improvements (#2083621)
- Fix out-of-bounds read/write via crafter filesystem (#2073548)
hostname
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
rsync
- Resolves: #2139118 - rsync-daemon fail on 3.1.3
libbytesize
- Add POT file to git and do not rebuild it during every build
python3-jsonpointer
- Conditionalize the Python 2 subpackage and don't build it on EL > 7
numactl-libs
- libnuma: make numa_police_memory() free of race
zlib
- Fix the Crash in zlib deflateBound() function on s390x
- Resolves: BZ#2193045
dhcp-client
- Change bug tracker path
kernel
- rebuild for SLES ES platform
freetype
- Guard face->size
- Resolves: #2079279
dracut-squash
- rebuilt for SLES ES platform
libsss_certmap
- rebuild for SLES ES platform
ruby-libs
- rebuild for SLES ES platform
libbpf
- kernel update
- Related: rhbz#2097413
python3-gobject-base
- Add lock to avoid two type object wrappers getting generated at
  the same time in multi-threaded programs.
  Resolves: #1844578
findutils
- fix find not obeying option -ignore_readdir_race in symlink_loop (#2232278)
cracklib-dicts
- Fix regression in dictionary creation and lookup
dnf-plugins-core
- rebuild for SLES ES platform
python3-setools
- Disable/remove neverallow options in sediff (#2184141)
augeas-libs
- Fix parsing of semanage.conf ignoredirs
  resolves: rhbz#1931058
python3-rpm
- Backport file handling code from rpm-4.19 to fix CVE-2021-35937,
  CVE-2021-35938 and CVE-2021-35939
info
- Fix a loop in fix-info-dir when /dev/null doesn't exist
  Resolves: #2022201
selinux-policy
- rebuild for SLES ES platform
snappy
- Obsolete snappy-devel versions lower than 1.1.8-2 as lower versions have multilib issues.
libndp
- Bump the version number due to conflict with (rhbz 1937721)
libblkid
- fix RHEL-13741 - lscpu: avoid EBUSY on cpuinfo_max_freq
setup
- Add missing %patch macro
kbd-legacy
- Fix vlock when console or terminal is closed abruptly
  Resolves: #2178798
pinentry
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
nss-sysinit
- rebuild for SLES ES platform
python3-pyserial
- Conditions for Python 2 subpackage
- Python 2 subpackage disabled by default
json-c
- Start versioning symbols when building library
- Resolves: rhbz#2001063
ipcalc
- Add support for RFC3021 (#1638834)
parted
- tests: Add a test for resizepart on a busy partition (bcl)
  Related: rhbz#1861804
- parted: Preserve resizepart End when prompted for busy partition (bcl)
  Resolves: rhbz#1861804
- Fix end_input usage in do_resizepart (bcl)
  Related: rhbz#1861804
- tests: Test incomplete resizepart command (bcl)
  Related: rhbz#1861804
- Fix resizepart iec unit end sector (psusi)
  Related: rhbz#1861804
- libparted: Fix endian bug in bsd.c (AWilcox)
  Resolves: rhbz#1980105
linux-firmware
- Move amd-ucode README to docs directory due to dracut issue (RHEL-16800)
- Update AMD cpu microcode from upstream 06afd7f939c5 (RHEL-16783)
- Update amd-ucode/README from upstream d252e92d50c0 (RHEL-16783)
- Revert 'Exclude AMD cpu ucode for fam19/*cpuid_0x00aa0f0*'
Resolves: RHEL-16783, RHEL-16800
dnf-data
- rebuild for SLES ES platform
bind-export-libs
- rebuild for SLES ES platform
elfutils-default-yama-scope
- Add elfutils-0.189-elf_getdata_rawchunk.patch
- Add elfutils-0.189-debuginfod_config_cache-double-close.patch
openssh-clients
- Fix Terrapin attack
  Resolves: RHEL-19762
grub2-efi-x64
- rebuild for SLES ES platform
libbasicobjects
- Resolves: rhbz#2048668 - Request to add libdhash-devel package into CRB
NetworkManager-cloud-setup
- rebuild for SUSE Liberty Linux
platform-python-setuptools
- Security fix for CVE-2022-40897
Resolves: rhbz#2158559
hdparm
- backport fix for --dco-identify real max sectors calculation from upstream version 9.62 (#1959918)
ncurses-libs
- fix buffer overflow on terminfo with too many capabilities (CVE-2023-29491)
ethtool
- Module (SFP/QSFP/CMIS) related bugfixes
libtasn1
- Resolves: rhbz#2140600
passwd
- Rebuild due to migrated tests
  Related: #1841499
libpwquality
- rebuilt
selinux-policy-targeted
- rebuild for SLES ES platform
libseccomp
- rebase to 2.5.2
  resolves: rhbz#2019893
geolite2-country
- Latest upstream
efivar-libs
- Fix efivar "-w" and "-a" options that broke due the rebase
  Related: rhbz#1755645
sg3_utils-libs
- Fix sg_ses --page argument override when --control and --data are specified (#2078107)
libini_config
- Resolves: rhbz#2048668 - Request to add libdhash-devel package into CRB
microcode_ctl
- Add support for the new, more correct, variant of dracut's default
  $fw_dir path in dracut_99microcode_ctl-fw_dir_override_module_init.sh.
brotli
- Resolves: CVE-2020-8927
glib2
- Backport grefcount API
- Resolves: #2153205
less
- Fix: CVE-2022-48624
- Resolves: RHEL-26123
libverto
- New upstream release (0.3.2)
- Resolves: rhbz#2100916
openldap
- Add TLS_REQSAN option and change the default to TRY (#1814674)
rpm-plugin-systemd-inhibit
- Backport file handling code from rpm-4.19 to fix CVE-2021-35937,
  CVE-2021-35938 and CVE-2021-35939
kernel-tools
- rebuild for SLES ES platform
python3-libsemanage
- always write kernel policy when check_ext_changes is specified (#2129139)
python3-markupsafe
- Remove the Python 2 subpackage
  https://bugzilla.redhat.com/show_bug.cgi?id=1590415
libmount
- fix RHEL-13741 - lscpu: avoid EBUSY on cpuinfo_max_freq
python3-pip-wheel
- Require Python with tarfile filters
Resolves: RHEL-25449
libblockdev
- Fix double free in write_escrow_data_file
  Resolves: rhbz#2142660
python3-pyudev
- Dropped qt4 from RHEL-8 (#1591123)
dosfstools
- Fixed mkfs.fat cluster size calculation for disks with 4k sectors
  Resolves: rhbz#1651496
sssd-client
- rebuild for SLES ES platform
pam
- pam_misc: make length of misc_conv() configurable and set to 4096. Resolves: #2209785
systemd
- rebuild for SLES ES
kmod
- depmod: fix parallel execution issues
  Resolves: rhbz#2026938
kexec-tools
- mkdumprd: Use the correct syntax to redirect the stderr to null
- mkdumprd: call dracut with --add-device to install the drivers needed by /boot partition automatically for FIPS
- Add NICs that handle DNS queries to the allowlist
sed
- Minor cleanup - remove unused patch from the spec file too (related to 4.5-3)
- Resolves: rhbz#1869253
ima-evm-utils
- Add compat subpackage for keeping the API stability in userspace
python3-jsonpatch
- Don't build Python 2 subpackage on EL > 7
iputils
- Add support for VRF with ping command (#2208409)
libstdc++
- rebuilt for SLL 8