- aardvark-dns
-
- Add patch for bsc#1248744:
* 0001-serve-parse-resolv.conf-ourselves.patch
- bash
-
- Add patch bsc1245199.patch
* Fix histfile missing timestamp for the oldest record (bsc#1245199)
- bind
-
- ensure file descriptors 0-2 are in use before using libuv (bsc#1230649)
* bind-ensure-file-descriptors-0-2-are-in-use-before-using-.patch
- chrony
-
- bsc#1246544: Fix racy socket creation
* Add chrony-unix-socket.patch
* Add chrony-remove-chmod.patch
- Use make quickcheck to speedup build.
- cloud-regionsrv-client
-
- Update version to 10.5.2 (bsc#1247539)
+ When an instance fails verification server side the default credentials
were left behind requireing manual intervantion prior to the next
registration attempt.
+ Fix issue triggered when using instance-billing-flavor-check due to
IP address handling as object rather than string introduced 10.5.0
- Update version to 10.5.1
+ Fix issue with picking up configured server names from the
regionsrv config file. Previously only IP addresses were collected
+ Update scriptlet for package uninstall to avoid issues in the
build service
- Update version to 10.5.0
+ Use region server IP addresses to determine Internet access rather
than a generic address. Region server IP addresses may not be blocked
in the network construct. (bsc#1245305)
- container-selinux
-
- Update to version 2.236.0:
* Allow super privileged containers to use RealtimeKit for scheduling
* Add container_ro_file_t to the podman artifact store
- Update to version 2.235.0:
* Bump to v2.235.0
* OWNERS: add wrabcak and zpytela
* OWNERS: initial commit
* container_log{reader,writer}_t: allow watch file
* RPM: Update gating config
* Enable aarch64 testing
* TMT: simplify podman tests
* feat: support /var/lib/crio
- OBS service file: use the tagged commit for archive versioning and don't
just archive the latest changes from the main branch using the latest tag
- Update to version 2.234.2:
* TMT: enable epel idomatically
* Packit: switch back to fedora-all
* RPM: Bump Epoch to 4
* rpm: ship manpage
* Add proper labeling for RamaLama
* Packit: remove rhel / epel jobs
* packit: remove unused file
- Add BuildRequires selinux-policy-%{selinuxtype} to enable building
for SLFO. Might be removed in the future again when 1231252
is fixed.
- Update to version 2.233.0:
* container_engine_t: small change to allow non root exec in a container
* RPM: explicitly list ghosted paths and skip mode verification
* container-selinux install on non selinux-policy-targeted systems (#332)
* set container_log_t type for /var/log/kube-apiserver
* Allow kubelet_t to create a sock file kubelet_var_lib_t
* dontaudit spc_t to mmap_zero
* Packit: update targets (#330)
* container_engine_t: another round of small improvements (#327)
* Allow container_device_plugin_t to use the network (#325)
* RPM: cleanup changelog (#324)
* TMT: Simplify tests
- curl
-
- tool_operate: fix return code when --retry is used but not
triggered [bsc#1249367]
* Add curl-tool_operate-fix-return-code-when-retry-is-used.patch
- Security fixes:
* [bsc#1249191, CVE-2025-9086] Out of bounds read for cookie path
* [bsc#1249348, CVE-2025-10148] Predictable WebSocket mask
* Add patches:
- curl-CVE-2025-9086.patch
- curl-CVE-2025-10148.patch
- Fix the --ftp-pasv option in curl v8.14.1 [bsc#1246197]
* tool_getparam: fix --ftp-pasv [5f805ee]
* Add curl-fix--ftp-pasv.patch
- Update to 8.14.1: [jsc#PED-13055, jsc#PED-13056]
* Add _multibuild
* Rebase patches:
- curl-disabled-redirect-protocol-message.patch
- curl-secure-getenv.patch
- dont-mess-with-rpmoptflags.patch
- libcurl-ocloexec.patch
* Remove patches fixed in the update:
- curl-CVE-2023-28319.patch
- curl-CVE-2023-28320.patch
- curl-CVE-2023-28321.patch
- curl-CVE-2023-28322.patch
- curl-CVE-2023-32001.patch
- curl-CVE-2023-38039.patch
- curl-CVE-2023-38545.patch
- curl-CVE-2023-38546.patch
- curl-CVE-2023-46218.patch
- curl-CVE-2023-46219.patch
- curl-CVE-2024-11053.patch
- curl-CVE-2024-2004.patch
- curl-CVE-2024-2398.patch
- curl-CVE-2024-7264.patch
- curl-CVE-2024-8096.patch
- curl-CVE-2024-9681.patch
- curl-CVE-2025-0167.patch
- curl-CVE-2025-0725.patch
- curl-aws_sigv4-canonicalise-valueless-query-params.patch
- curl-aws_sigv4-canonicalize-the-query.patch
- curl-aws_sigv4-skip-the-op-if-the-query-pair-is-zero-bytes.patch
- curl-aws_sigv4-the-query-canon-code-miscounted-url-encoded-input.patch
- curl-aws_sigv4-url-encode-the-canonical-path.patch
- curl-aws_sigv4-verify-query-canonization.patch
- curl-libssh_Implement_SFTP_packet_size_limit.patch
- Sync spec file with SLE codestreams: [jsc#PED-13055, jsc#PED-13056]
* Add curl-mini.rpmlintrc to avoid rpmlint shlib-policy-name-error
when building the curl-mini package in SLE.
* Add libssh minimum version requirements.
* Use ldconfig_scriptlets when available.
* Remove unused option --disable-ntlm-wb.
- docker
-
- Update to Docker 28.3.3-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/28/#2833>
CVE-2025-54388 bsc#1247367
- Update to docker-buildx v0.26.1. Upstream changelog:
<https://github.com/docker/buildx/releases/tag/v0.26.1>
- Update to docker-buildx v0.26.0. Upstream changelog:
<https://github.com/docker/buildx/releases/tag/v0.26.0>
- Update to Go 1.24 for builds, to match upstream.
- Update to Docker 28.3.2-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/28/#2832>
- Update to Docker 28.3.1-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/28/#2831>
- Update to Docker 28.3.0-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/28/#2830>
bsc#1246556
- Rebase patches:
* 0001-SECRETS-SUSE-always-clear-our-internal-secrets.patch
* 0002-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
* 0003-SECRETS-SUSE-implement-SUSE-container-secrets.patch
* 0004-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
* 0005-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
* 0006-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
- dracut
-
- Update to version 055+suse.398.g8f75016e:
* fix(dracut-util): crash if CMDLINE ends with quotation mark (bsc#1247819)
* fix(rngd): adjust license to match the license of the whole project
- grub2
-
- Skip mount point in grub_find_device function (bsc#1246231)
* 0001-getroot-Skip-mount-points-in-grub_find_device.patch
- Fix CVE-2024-56738: side-channel attack due to not constant-time
algorithm in grub_crypto_memcmp (bsc#1234959)
* grub2-constant-time-grub_crypto_memcmp.patch
- hwinfo
-
- merge gh#openSUSE/hwinfo#168
- fix usb network card detection (bsc#1245950)
- 21.89
- jq
-
- Add patches CVE-2025-48060-1.patch and CVE-2025-48060-2.patch
(CVE-2025-48060, bsc#1244116)
- kernel-default
-
- net/sched: ets: use old 'nbands' while purging unused classes
(git-fixes).
- commit b4fe27e
- Update
patches.suse/0216-drm-amdgpu-SDMA-update-use-unlocked-iterator.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 jsc#PED-2849
CVE-2022-50393 bsc#1250278).
- Update
patches.suse/ASoC-Intel-avs-Fix-potential-RX-buffer-overflow.patch
(git-fixes CVE-2022-50325 bsc#1249704).
- Update
patches.suse/Bluetooth-avoid-hci_dev_test_and_set_flag-in-mgmt_in.patch
(jsc#PED-1407 CVE-2022-50339 bsc#1249913).
- Update
patches.suse/Bluetooth-hci_conn-Fix-crash-on-hci_create_cis_sync.patch
(jsc#PED-1407 CVE-2022-50447 bsc#1250771).
- Update
patches.suse/Bluetooth-use-RCU-for-hci_conn_params-and-iterate-sa.patch
(git-fixes CVE-2023-53252 bsc#1249756).
- Update
patches.suse/dma-buf-dma-resv-Stop-leaking-on-krealloc-failure.patch
(git-fixes CVE-2023-53181 bsc#1249824).
- Update
patches.suse/drivers-net-qlcnic-Fix-potential-memory-leak-in-qlcn.patch
(jsc#PED-1523 CVE-2022-50242 bsc#1249696).
- Update
patches.suse/drm-amd-display-Fix-possible-underflow-for-displays-.patch
(git-fixes CVE-2023-53258 bsc#1249780).
- Update
patches.suse/drm-amdgpu-fix-amdgpu_irq_put-call-trace-in-gmc_v10_.patch
(git-fixes CVE-2023-53193 bsc#1249816).
- Update
patches.suse/drm-amdgpu-fix-amdgpu_irq_put-call-trace-in-gmc_v11_.patch
(git-fixes CVE-2023-53237 bsc#1249782).
- Update
patches.suse/drm-amdgpu-fix-calltrace-warning-in-amddrm_buddy_fin.patch
(git-fixes CVE-2023-53152 bsc#1249883).
- Update
patches.suse/drm-amdgpu-fix-memory-leak-in-mes-self-test.patch
(git-fixes CVE-2023-53370 bsc#1250208).
- Update
patches.suse/drm-amdkfd-Fix-double-release-compute-pasid.patch
(bsc#1206843 CVE-2022-50303 bsc#1249884).
- Update
patches.suse/drm-amdkfd-Fix-kfd_process_device_init_vm-error-hand.patch
(bsc#1206843 CVE-2022-50354 bsc#1250215).
- Update
patches.suse/drm-bridge-adv7511-unregister-cec-i2c-device-after-c.patch
(git-fixes CVE-2022-50412 bsc#1250189).
- Update
patches.suse/drm-i915-bios-fix-a-memory-leak-in-generate_lfp_data.patch
(git-fixes CVE-2022-50287 bsc#1249757).
- Update
patches.suse/drm-i915-dpt-Treat-the-DPT-BO-as-a-framebuffer.patch
(git-fixes CVE-2023-53378 bsc#1250134).
- Update
patches.suse/drm-meson-reorder-driver-deinit-sequence-to-fix-use-.patch
(git-fixes CVE-2022-50378 bsc#1250306).
- Update
patches.suse/drm-msm-dp-add-atomic_check-to-bridge-ops.patch
(git-fixes CVE-2022-50398 bsc#1250103).
- Update patches.suse/drm-msm-dp-fix-aux-bus-EP-lifetime.patch
(git-fixes CVE-2022-50360 bsc#1250037).
- Update patches.suse/drm-msm-dp-fix-bridge-lifetime.patch
(git-fixes CVE-2022-50292 bsc#1249800).
- Update
patches.suse/drm-msm-dpu-check-for-null-return-of-devm_kzalloc-in.patch
(git-fixes CVE-2023-53284 bsc#1249940).
- Update
patches.suse/drm-nouveau-disp-fix-use-after-free-in-error-handlin.patch
(bsc#1214073 CVE-2023-53263 bsc#1249861).
- Update
patches.suse/drm-ttm-fix-bulk_move-corruption-when-adding-a-entry.patch
(git-fixes CVE-2023-53444 bsc#1250157).
- Update
patches.suse/drm-ttm-fix-undefined-behavior-in-bit-shift-for-TTM_.patch
(git-fixes CVE-2022-50390 bsc#1250130).
- Update
patches.suse/efi-ssdt-Don-t-free-memory-if-ACPI-table-was-loaded-.patch
(git-fixes CVE-2022-50433 bsc#1250814).
- Update
patches.suse/fbdev-imxfb-Removed-unneeded-release_mem_region.patch
(git-fixes CVE-2023-53448 bsc#1250873).
- Update
patches.suse/genirq-ipi-Fix-NULL-pointer-deref-in-irq_data_get_af.patch
(git-fixes CVE-2023-53332 bsc#1249951).
- Update
patches.suse/ice-Block-switchdev-mode-when-ADQ-is-active-and-vice.patch
(git-fixes CVE-2023-53442 bsc#1250201).
- Update
patches.suse/io_uring-fix-fget-leak-when-fs-don-t-support-nowait.patch
(bsc#1205205 CVE-2023-53511 bsc#1250913).
- Update
patches.suse/iomap-iomap-fix-memory-corruption-when-recording-err.patch
(git-fixes CVE-2022-50406 bsc#1250165).
- Update
patches.suse/iommu-Fix-error-unwind-in-iommu_group_alloc.patch
(git-fixes CVE-2023-53482 bsc#1250832).
- Update
patches.suse/ipv6-addrconf-fix-a-potential-refcount-underflow-for.patch
(git-fixes CVE-2023-53189 bsc#1249894).
- Update
patches.suse/irqchip-gicv3-Workaround-for-NVIDIA-erratum-T241-FABRIC-4.patch
(bsc#1213533 CVE-2023-53383 bsc#1250327).
- Update
patches.suse/kobject-Add-sanity-check-for-kset-kobj.ktype-in-kset_register.patch
(bsc#1234639 CVE-2023-53480 bsc#1250861).
- Update
patches.suse/md-raid10-check-slab-out-of-bounds-in-md_bitmap_get_-3018.patch
(git-fixes CVE-2023-53357 bsc#1249994).
- Update
patches.suse/md-raid5-cache-fix-null-ptr-deref-for-r5l_flush_stri-0d0b.patch
(git-fixes CVE-2023-53210 bsc#1249673).
- Update
patches.suse/mlx5-fix-possible-ptp-queue-fifo-use-after-free.patch
(jsc#PED-1549 CVE-2023-53398 bsc#1250144).
- Update
patches.suse/msft-hv-3329-hv_netvsc-Fix-panic-during-namespace-deletion-with-V.patch
(bsc#1248111 CVE-2025-38683 bsc#1249159).
- Update
patches.suse/mt76-mt7915-Fix-PCI-device-refcount-leak-in-mt7915_p.patch
(bsc#1209980 CVE-2022-50464 bsc#1250881).
- Update
patches.suse/mt76-mt7921-fix-kernel-panic-by-accessing-unallocate.patch
(git-fixes CVE-2023-53232 bsc#1249648).
- Update
patches.suse/net-do-not-sense-pfmemalloc-status-in-skb_append_pag.patch
(git-fixes bsc#1223959 CVE-2022-50323 bsc#1249708).
- Update
patches.suse/net-mlx5-Collect-command-failures-data-only-for-know.patch
(jsc#PED-1549 CVE-2023-53340 bsc#1250075).
- Update
patches.suse/net-mlx5-Handle-pairing-of-E-switch-via-uplink-un-lo.patch
(jsc#PED-1549 CVE-2023-53347 bsc#1250017).
- Update
patches.suse/net-mlx5-Lag-fix-failure-to-cancel-delayed-bond-work.patch
(jsc#PED-1549 CVE-2022-50441 bsc#1250849).
- Update
patches.suse/net-mlx5e-fix-memory-leak-in-mlx5e_fs_tt_redirect_an.patch
(git-fixes CVE-2023-53371 bsc#1250112).
- Update
patches.suse/net-sched-cake-fix-null-pointer-access-issue-when-ca.patch
(bsc#1207361 CVE-2022-50452 bsc#1250793).
- Update
patches.suse/net-sched-fix-memory-leak-in-tcindex_set_parms.patch
(bsc#1207361 CVE-2022-50396 bsc#1250104).
- Update
patches.suse/net-sched-sfb-fix-null-pointer-access-issue-when-sfb.patch
(bsc#1207361 CVE-2022-50356 bsc#1250040).
- Update
patches.suse/null_blk-fix-poll-request-timeout-handling-5a26.patch
(git-fixes CVE-2023-53531 bsc#1250931).
- Update
patches.suse/qlcnic-prevent-dcb-use-after-free-on-qlcnic_dcb_enab.patch
(jsc#PED-1523 CVE-2022-50288 bsc#1249802).
- Update
patches.suse/sched-fair-Don-t-balance-task-to-its-current-running-CPU.patch
(git fixes (sched) CVE-2023-53215 bsc#1250397).
- Update
patches.suse/scsi-mpi3mr-Fix-issues-in-mpi3mr_get_all_tgt_info.patch
(git-fixes CVE-2023-53320 bsc#1250068).
- Update
patches.suse/scsi-qla4xxx-Add-length-check-when-parsing-nlattrs.patch
(git-fixes CVE-2023-53456 bsc#1250765).
- Update
patches.suse/shmem-use-ramfs_kill_sb-for-kill_sb-method-of-ramfs-based-tmpfs.patch
(git-fixes CVE-2023-53391 bsc#1250117).
- Update
patches.suse/tcp-udp-Fix-memleaks-of-sk-and-zerocopy-skbs-with-TX.patch
(git-fixes CVE-2023-53489 bsc#1250829).
- Update
patches.suse/usb-cdns3-Put-the-cdns-set-active-part-outside-the-s.patch
(git-fixes CVE-2023-53287 bsc#1250089).
- Update patches.suse/usb-dwc3-core-fix-some-leaks-in-probe.patch
(git-fixes CVE-2022-50357 bsc#1250042).
- Update
patches.suse/usb-ucsi_acpi-Increase-the-command-completion-timeou.patch
(git-fixes CVE-2023-53168 bsc#1249874).
- Update
patches.suse/wifi-ath11k-fix-deinitialization-of-firmware-resourc.patch
(git-fixes CVE-2023-53532 bsc#1250932).
- Update
patches.suse/wifi-ath11k-mhi-fix-potential-memory-leak-in-ath11k_.patch
(bsc#1206451 CVE-2022-50418 bsc#1250285).
- Update
patches.suse/wifi-mt76-mt7915-fix-memory-leak-in-mt7915_mcu_exit.patch
(git-fixes CVE-2023-53466 bsc#1250862).
- commit f85a51b
- net: If sock is dead don't access sock's sk_wq in
sk_stream_wait_memory (CVE-2022-50409 bsc#1250392).
- commit 89e3be4
- net/mdiobus: Fix potential out-of-bounds read/write access
(CVE-2025-38111 bsc#1245666).
- igb: Do not free q_vector unless new one was allocated
(CVE-2022-50252 bsc#1249846).
- commit ce67a8c
- Update
patches.suse/0001-mm-mempolicy-fix-memory-leak-in-set_mempolicy_home_n.patch
(bsc#1206468 CVE-2022-50391 bsc#1250138).
- Update
patches.suse/0001-ubi-ensure-that-VID-header-offset-VID-header-size-al.patch
(bsc#1210584 CVE-2023-53265 bsc#1249908).
- Update
patches.suse/0014-md-Replace-snprintf-with-scnprintf.patch
(git-fixes bsc#1164051 CVE-2022-50299 bsc#1249734).
- Update
patches.suse/0054-block-bfq-fix-uaf-for-bfqq-in-bfq_exit_icq_bfqq.patch
(git-fixes CVE-2022-50329 bsc#1249699).
- Update
patches.suse/ACPI-tables-FPDT-Don-t-call-acpi_os_map_memory-on-in.patch
(git-fixes CVE-2022-50320 bsc#1249858).
- Update
patches.suse/ACPICA-Add-AML_NO_OPERAND_RESOLVE-flag-to-Timer.patch
(git-fixes CVE-2023-53395 bsc#1250358).
- Update
patches.suse/ACPICA-Avoid-undefined-behavior-applying-zero-offset.patch
(git-fixes CVE-2023-53182 bsc#1250010).
- Update
patches.suse/ACPICA-Fix-error-code-path-in-acpi_ds_call_control_m.patch
(git-fixes CVE-2022-50411 bsc#1250393).
- Update
patches.suse/ACPICA-Fix-use-after-free-in-acpi_ut_copy_ipackage_t.patch
(git-fixes CVE-2022-50423 bsc#1250784).
- Update
patches.suse/ALSA-ac97-fix-possible-memory-leak-in-snd_ac97_dev_r.patch
(git-fixes CVE-2022-50427 bsc#1250787).
- Update
patches.suse/ALSA-aoa-i2sbus-fix-possible-memory-leak-in-i2sbus_a.patch
(git-fixes CVE-2022-50431 bsc#1250790).
- Update
patches.suse/ALSA-hda-Fix-Oops-by-9.1-surround-channel-names.patch
(git-fixes CVE-2023-53400 bsc#1250328).
- Update
patches.suse/ALSA-hda-fix-a-possible-null-pointer-dereference-due.patch
(git-fixes CVE-2023-53275 bsc#1250459).
- Update
patches.suse/ASoC-fsl_mqs-move-of_node_put-to-the-correct-locatio.patch
(git-fixes CVE-2023-53268 bsc#1249914).
- Update
patches.suse/ASoC-mediatek-mt8173-Enable-IRQ-when-pdata-is-ready.patch
(git-fixes CVE-2022-50439 bsc#1250948).
- Update
patches.suse/ASoC-mediatek-mt8183-fix-refcount-leak-in-mt8183_mt6.patch
(git-fixes CVE-2022-50392 bsc#1250105).
- Update patches.suse/ASoC-qcom-Add-checks-for-devm_kcalloc.patch
(git-fixes CVE-2022-50308 bsc#1249722).
- Update
patches.suse/Bluetooth-Fix-potential-use-after-free-when-clear-ke.patch
(git-fixes CVE-2023-53386 bsc#1250106).
- Update patches.suse/Bluetooth-L2CAP-Fix-use-after-free.patch
(git-fixes CVE-2023-53305 bsc#1250049).
- Update patches.suse/Bluetooth-L2CAP-Fix-user-after-free.patch
(git-fixes CVE-2022-50386 bsc#1250301).
- Update
patches.suse/Bluetooth-L2CAP-fix-bad-unlock-balance-in-l2cap_disc.patch
(git-fixes CVE-2023-53297 bsc#1250322).
- Update
patches.suse/Bluetooth-hci_-ldisc-serdev-check-percpu_init_rwsem-.patch
(git-fixes CVE-2022-50374 bsc#1250060).
- Update
patches.suse/Bluetooth-hci_sysfs-Fix-attempting-to-call-device_ad.patch
(git-fixes CVE-2022-50419 bsc#1250394).
- Update
patches.suse/FS-JFS-Fix-null-ptr-deref-Read-in-txBegin.patch
(git-fixes CVE-2023-53457 bsc#1250763).
- Update
patches.suse/HID-multitouch-Correct-devm-device-reference-for-hid.patch
(git-fixes CVE-2023-53454 bsc#1250759).
- Update
patches.suse/IB-hfi1-Fix-possible-panic-during-hotplug-remove.patch
(git-fixes CVE-2023-53488 bsc#1250825).
- Update
patches.suse/KVM-s390-diag-fix-racy-access-of-physical-cpu-number-in-diag-9c-handler.patch
(git-fixes bsc#1215911 CVE-2023-53205 bsc#1249677).
- Update patches.suse/NFS-Fix-an-Oops-in-nfs_d_automount.patch
(git-fixes CVE-2022-50385 bsc#1250131).
- Update
patches.suse/NFSD-Protect-against-send-buffer-overflow-in-NFSv2-R.patch
(bsc#1205128 CVE-2022-43945 CVE-2022-50410 bsc#1250187).
- Update
patches.suse/NFSD-Protect-against-send-buffer-overflow-in-NFSv2-Rdir.patch
(bsc#1205128 CVE-2022-43945 CVE-2022-50235 bsc#1249667).
- Update
patches.suse/NFSD-fix-leaked-reference-count-of-nfsd4_ssc_umount_.patch
(git-fixes CVE-2023-53381 bsc#1250118).
- Update
patches.suse/NFSD-fix-use-after-free-on-source-server-when-doing-.patch
(git-fixes CVE-2022-50241 bsc#1249691).
- Update
patches.suse/PCI-ASPM-Disable-ASPM-on-MFD-function-removal-to-avo.patch
(git-fixes CVE-2023-53446 bsc#1250145).
- Update
patches.suse/PM-devfreq-Fix-leak-in-devfreq_dev_release.patch
(git-fixes CVE-2023-53518 bsc#1250923).
- Update
patches.suse/PNP-fix-name-memory-leak-in-pnp_alloc_dev.patch
(git-fixes CVE-2022-50278 bsc#1249715).
- Update
patches.suse/RDMA-bnxt_re-wraparound-mbox-producer-index.patch
(git-fixes CVE-2023-53201 bsc#1249687).
- Update
patches.suse/RDMA-cma-Allow-UD-qp_type-to-join-multicast-only.patch
(git-fixes CVE-2023-53525 bsc#1250927).
- Update
patches.suse/RDMA-cxgb4-Fix-potential-null-ptr-deref-in-pass_esta.patch
(git-fixes CVE-2023-53335 bsc#1250072).
- Update
patches.suse/RDMA-mlx5-Fix-mlx5_ib_get_hw_stats-when-used-for-dev.patch
(git-fixes CVE-2023-53393 bsc#1250114).
- Update
patches.suse/RDMA-mlx5-Return-the-firmware-result-upon-destroying.patch
(git-fixes CVE-2023-53286 bsc#1250325).
- Update
patches.suse/USB-chipidea-fix-memory-leak-with-using-debugfs_look.patch
(git-fixes CVE-2023-53334 bsc#1250077).
- Update
patches.suse/USB-dwc3-fix-memory-leak-with-using-debugfs_lookup.patch
(git-fixes CVE-2023-53415 bsc#1250412).
- Update
patches.suse/USB-fix-memory-leak-with-using-debugfs_lookup.patch
(git-fixes CVE-2023-53359 bsc#1250316).
- Update
patches.suse/USB-fotg210-fix-memory-leak-with-using-debugfs_looku.patch
(git-fixes CVE-2023-53404 bsc#1250331).
- Update
patches.suse/USB-gadget-gr_udc-fix-memory-leak-with-using-debugfs.patch
(git-fixes CVE-2023-53405 bsc#1250454).
- Update
patches.suse/USB-gadget-pxa25x_udc-fix-memory-leak-with-using-deb.patch
(git-fixes CVE-2023-53406 bsc#1250362).
- Update
patches.suse/USB-isp116x-fix-memory-leak-with-using-debugfs_looku.patch
(git-fixes CVE-2023-53413 bsc#1250370).
- Update
patches.suse/USB-isp1362-fix-memory-leak-with-using-debugfs_looku.patch
(git-fixes CVE-2023-53416 bsc#1250428).
- Update
patches.suse/USB-uhci-fix-memory-leak-with-using-debugfs_lookup.patch
(git-fixes CVE-2023-53197 bsc#1249791).
- Update
patches.suse/VMCI-check-context-notify_page-after-call-to-get_use.patch
(git-fixes CVE-2023-53259 bsc#1249767).
- Update
patches.suse/arm64-efi-Make-efi_rt_lock-a-raw_spinlock.patch
(git-fixes CVE-2023-53216 bsc#1249669).
- Update
patches.suse/blk-mq-fix-possible-memleak-when-register-hctx-failed-4b7a.patch
(git-fixes CVE-2022-50434 bsc#1250792).
- Update
patches.suse/brcmfmac-return-error-when-getting-invalid-max_flowr.patch
(git-fixes CVE-2022-50358 bsc#1250264).
- Update
patches.suse/btrfs-fix-race-between-quota-enable-and-quota-rescan.patch
(bsc#1207158 CVE-2022-50379 bsc#1250245).
- Update
patches.suse/btrfs-fix-resolving-backrefs-for-inline-extent-follo.patch
(bsc#1206456 CVE-2022-50456 bsc#1250856).
- Update
patches.suse/caif-fix-memory-leak-in-cfctrl_linkup_request.patch
(git-fixes CVE-2023-53330 bsc#1249954).
- Update
patches.suse/can-bcm-bcm_tx_setup-fix-KMSAN-uninit-value-in-vfs_w.patch
(git-fixes CVE-2023-53344 bsc#1250023).
- Update
patches.suse/cassini-Fix-a-memory-leak-in-the-error-handling-path.patch
(git-fixes CVE-2023-53435 bsc#1250159).
- Update
patches.suse/chardev-fix-error-handling-in-cdev_device_add.patch
(git-fixes CVE-2022-50282 bsc#1249739).
- Update
patches.suse/cifs-Fix-memory-leak-when-build-ntlmssp-negotiate-blob-failed.patch
(bsc#1193629 CVE-2022-50372 bsc#1250052).
- Update
patches.suse/cifs-Fix-warning-and-UAF-when-destroy-the-MR-list.patch
(git-fixes CVE-2023-53427 bsc#1250168).
- Update patches.suse/cifs-Fix-xid-leak-in-cifs_create-.patch
(bsc#1193629 CVE-2022-50351 bsc#1249925).
- Update patches.suse/cifs-Fix-xid-leak-in-cifs_flock-.patch
(bsc#1193629 CVE-2022-50460 bsc#1250879).
- Update
patches.suse/cifs-fix-DFS-traversal-oops-without-CONFIG_CIFS_DFS_UPCALL.patch
(bsc#1193629 CVE-2023-53246 bsc#1249867).
- Update
patches.suse/cifs-prevent-use-after-free-by-freeing-the-cfile-later.patch
(bsc#1193629 CVE-2023-53377 bsc#1250161).
- Update
patches.suse/clk-imx-clk-imx8mn-fix-memory-leak-in-imx8mn_clocks_.patch
(git-fixes CVE-2023-53249 bsc#1249642).
- Update
patches.suse/clk-samsung-Fix-memory-leak-in-_samsung_clk_register.patch
(git-fixes CVE-2022-50449 bsc#1250889).
- Update
patches.suse/clk-socfpga-Fix-memory-leak-in-socfpga_gate_init.patch
(git-fixes CVE-2022-50264 bsc#1249685).
- Update
patches.suse/clk-tegra-Fix-refcount-leak-in-tegra210_clock_init.patch
(git-fixes CVE-2022-50458 bsc#1250891).
- Update
patches.suse/clk-tegra-tegra124-emc-Fix-potential-memory-leak.patch
(git-fixes CVE-2023-53505 bsc#1250807).
- Update
patches.suse/clk-tegra20-Fix-refcount-leak-in-tegra20_clock_init.patch
(git-fixes CVE-2022-50444 bsc#1250767).
- Update
patches.suse/cpufreq-qcom-fix-writes-in-read-only-memory-region.patch
(git-fixes CVE-2022-50239 bsc#1249836).
- Update
patches.suse/crypto-cavium-prevent-integer-overflow-loading-firmw.patch
(git-fixes CVE-2022-50330 bsc#1249700).
- Update patches.suse/crypto-seqiv-Handle-EBUSY-correctly.patch
(git-fixes CVE-2023-53373 bsc#1250137).
- Update patches.suse/crypto-xts-Handle-EBUSY-correctly.patch
(git-fixes CVE-2023-53494 bsc#1250822).
- Update
patches.suse/dmaengine-hisilicon-Add-multi-thread-support-for-a-D.patch
(git-fixes CVE-2022-50362 bsc#1250039).
- Update
patches.suse/drivers-base-component-fix-memory-leak-with-using-de.patch
(git-fixes CVE-2023-53409 bsc#1250418).
- Update
patches.suse/drivers-base-dd-fix-memory-leak-with-using-debugfs_l.patch
(git-fixes CVE-2023-53390 bsc#1250453).
- Update
patches.suse/drivers-md-md-bitmap-check-the-return-value-of-md_bitmap_get_counter-3bd5.patch
(git-fixes CVE-2022-50402 bsc#1250363).
- Update
patches.suse/drivers-serial-jsm-fix-some-leaks-in-probe.patch
(git-fixes CVE-2022-50312 bsc#1249716).
- Update
patches.suse/drivers-staging-rtl8723bs-Fix-locking-in-_rtw_join_t.patch
(git-fixes CVE-2023-53281 bsc#1249939).
- Update
patches.suse/drm-amd-display-Fix-potential-null-dereference.patch
(git-fixes CVE-2023-53498 bsc#1250819).
- Update
patches.suse/drm-amdgpu-gfx-disable-gfx9-cp_ecc_error_irq-only-wh.patch
(git-fixes CVE-2023-53471 bsc#1250866).
- Update
patches.suse/drm-bridge-megachips-Fix-a-null-pointer-dereference-.patch
(git-fixes CVE-2022-50317 bsc#1249713).
- Update
patches.suse/drm-client-Fix-memory-leak-in-drm_client_modeset_pro.patch
(git-fixes CVE-2023-53288 bsc#1250058).
- Update
patches.suse/drm-mediatek-Clean-dangling-pointer-on-bind-error-pa.patch
(git-fixes CVE-2023-53388 bsc#1250191).
- Update
patches.suse/drm-msm-Make-.remove-and-.shutdown-HW-shutdown-consi.patch
(git-fixes CVE-2022-50260 bsc#1249885).
- Update
patches.suse/drm-msm-dp-Free-resources-after-unregistering-them.patch
(git-fixes CVE-2023-53316 bsc#1250066).
- Update
patches.suse/drm-msm-dsi-Add-missing-check-for-alloc_ordered_work.patch
(git-fixes CVE-2023-53223 bsc#1250080).
- Update
patches.suse/drm-msm-dsi-fix-memory-corruption-with-too-many-brid.patch
(git-fixes CVE-2022-50368 bsc#1250009).
- Update
patches.suse/drm-msm-hdmi-fix-memory-corruption-with-too-many-bri.patch
(git-fixes CVE-2022-50437 bsc#1250797).
- Update patches.suse/drm-msm-mdp5-Add-check-for-kzalloc.patch
(git-fixes CVE-2023-53239 bsc#1249781).
- Update
patches.suse/drm-msm-mdp5-Don-t-leak-some-plane-state.patch
(git-fixes CVE-2023-53324 bsc#1250070).
- Update
patches.suse/drm-nouveau-fix-a-use-after-free-in-nouveau_gem_prim.patch
(git-fixes CVE-2022-50454 bsc#1250890).
- Update
patches.suse/drm-panfrost-Fix-GEM-handle-creation-ref-counting.patch
(git-fixes CVE-2022-50417 bsc#1250184).
- Update
patches.suse/drm-radeon-Add-the-missed-acpi_put_table-to-fix-memo.patch
(git-fixes CVE-2022-50275 bsc#1249705).
- Update
patches.suse/drm-radeon-Fix-integer-overflow-in-radeon_cs_parser_.patch
(git-fixes CVE-2023-53309 bsc#1250055).
- Update
patches.suse/drm-radeon-free-iio-for-atombios-when-driver-shutdow.patch
(git-fixes CVE-2023-53453 bsc#1250761).
- Update
patches.suse/drm-rockchip-lvds-fix-PM-usage-counter-unbalance-in-.patch
(git-fixes CVE-2022-50443 bsc#1250768).
- Update
patches.suse/drm-sti-Fix-return-type-of-sti_-dvo-hda-hdmi-_connec.patch
(git-fixes CVE-2022-50261 bsc#1249742).
- Update
patches.suse/drm-ttm-check-null-pointer-before-accessing-when-swa.patch
(git-fixes CVE-2023-53352 bsc#1250006).
- Update patches.suse/drm-vkms-Fix-memory-leak-in-vkms_init.patch
(git-fixes CVE-2022-50269 bsc#1249777).
- Update
patches.suse/drm-vkms-Fix-null-ptr-deref-in-vkms_release.patch
(git-fixes CVE-2022-50369 bsc#1250026).
- Update
patches.suse/drm-vmwgfx-Validate-the-box-size-for-the-snooped-cur.patch
(bsc#1203332 CVE-2022-36280 git-fixes CVE-2022-50440
bsc#1250853).
- Update
patches.suse/ext4-avoid-crash-when-inline-data-creation-follows-D.patch
(bsc#1206883 CVE-2022-50435 bsc#1250799).
- Update
patches.suse/ext4-avoid-deadlock-in-fs-reclaim-with-page-writebac.patch
(bsc#1213016 CVE-2023-53149 bsc#1249882).
- Update
patches.suse/ext4-don-t-allow-journal-inode-to-have-encrypt-flag.patch
(bsc#1207621 CVE-2022-50277 bsc#1249750).
- Update
patches.suse/ext4-don-t-set-up-encryption-key-during-jbd2-transac.patch
(bsc#1207624 CVE-2022-50436 bsc#1250846).
- Update patches.suse/ext4-fix-WARNING-in-mb_find_extent.patch
(bsc#1213099 CVE-2023-53317 bsc#1250081).
- Update
patches.suse/ext4-fix-delayed-allocation-bug-in-ext4_clu_mapped-f.patch
(bsc#1207631 CVE-2022-50286 bsc#1249753).
- Update
patches.suse/ext4-fix-i_disksize-exceeding-i_size-problem-in-pari.patch
(bsc#1213015 CVE-2023-53270 bsc#1249872).
- Update
patches.suse/ext4-fix-leaking-uninitialized-memory-in-fast-commit.patch
(bsc#1207625 CVE-2022-50465 bsc#1250883).
- Update
patches.suse/ext4-fix-null-ptr-deref-in-ext4_write_info.patch
(bsc#1206884 CVE-2022-50344 bsc#1250014).
- Update
patches.suse/ext4-fix-off-by-one-errors-in-fast-commit-block-fill.patch
(bsc#1207628 CVE-2022-50428 bsc#1250786).
- Update
patches.suse/ext4-improve-error-handling-from-ext4_dirhash.patch
(bsc#1213104 CVE-2023-53473 bsc#1250848).
- Update
patches.suse/ext4-init-quota-for-old.inode-in-ext4_rename.patch
(bsc#1207629 CVE-2022-50346 bsc#1250044).
- Update
patches.suse/fbdev-ep93xx-fb-Do-not-assign-to-struct-fb_info.dev.patch
(git-fixes CVE-2023-53314 bsc#1250065).
- Update
patches.suse/fbdev-fbcon-release-buffer-when-fbcon_do_set_font-fa.patch
(git-fixes CVE-2022-50404 bsc#1250153).
- Update
patches.suse/firmware-dmi-sysfs-Fix-null-ptr-deref-in-dmi_sysfs_r.patch
(git-fixes CVE-2023-53250 bsc#1249727).
- Update
patches.suse/firmware-stratix10-svc-Fix-a-potential-resource-leak.patch
(git-fixes CVE-2023-53255 bsc#1249762).
- Update
patches.suse/floppy-Fix-memory-leak-in-do_floppy_init.patch
(git-fixes CVE-2022-50342 bsc#1249890).
- Update
patches.suse/fs-binfmt_elf-Fix-memory-leak-in-load_elf_binary.patch
(git-fixes CVE-2022-50466 bsc#1250875).
- Update patches.suse/fs-dlm-fix-race-in-lowcomms.patch (git-fixes
CVE-2022-50373 bsc#1250287).
- Update
patches.suse/fs-fix-UAF-GPF-bug-in-nilfs_mdt_destroy.patch
(CVE-2022-2978 bsc#1202700 CVE-2022-50367 bsc#1250277).
- Update
patches.suse/fs-jfs-Fix-UBSAN-array-index-out-of-bounds-in-dbAllocDmapLev.patch
(git-fixes CVE-2023-53485 bsc#1250872).
- Update
patches.suse/fs-jfs-fix-shift-out-of-bounds-in-dbDiscardAG.patch
(git-fixes CVE-2022-50333 bsc#1249860).
- Update
patches.suse/gpiolib-cdev-fix-NULL-pointer-dereferences.patch
(git-fixes CVE-2022-50453 bsc#1250887).
- Update
patches.suse/i2c-designware-Fix-handling-of-real-but-unexpected-d.patch
(git-fixes CVE-2022-50370 bsc#1250011).
- Update
patches.suse/i2c-ismt-Fix-an-out-of-bounds-bug-in-ismt_access.patch
(git-fixes CVE-2022-50394 bsc#1250107).
- Update
patches.suse/i2c-mux-reg-check-return-value-after-calling-platfor.patch
(git-fixes CVE-2022-50364 bsc#1250083).
- Update
patches.suse/ibmvnic-Do-not-reset-dql-stats-on-NON_FATAL-err.patch
(bsc#1212603 ltc#202604 CVE-2023-53463 bsc#1250867).
- Update
patches.suse/integrity-Fix-memory-leakage-in-keyring-allocation-e.patch
(git-fixes CVE-2022-50395 bsc#1250211).
- Update
patches.suse/io_uring-af_unix-defer-registered-files-gc-to-io_uri.patch
(bsc#1204228 CVE-2022-2602 CVE-2022-50234 bsc#1249664).
- Update patches.suse/iommu-omap-Fix-buffer-overflow-in-debugfs
(git-fixes CVE-2022-50301 bsc#1249733).
- Update
patches.suse/iw_cxgb4-Fix-potential-NULL-dereference-in-c4iw_fill.patch
(git-fixes CVE-2023-53476 bsc#1250839).
- Update
patches.suse/jbd2-check-jh-b_transaction-before-removing-it-from-.patch
(bsc#1214953 CVE-2023-53526 bsc#1250928).
- Update
patches.suse/jbd2-fix-potential-use-after-free-in-jbd2_fc_wait_bu.patch
(bsc#1207645 CVE-2022-50328 bsc#1250181).
- Update
patches.suse/jfs-jfs_dmap-Validate-db_l2nbperpage-while-mounting.patch
(git-fixes CVE-2023-53222 bsc#1249864).
- Update
patches.suse/kernfs-fix-use-after-free-in-__kernfs_remove.patch
(git-fixes CVE-2022-50432 bsc#1250851).
- Update
patches.suse/kprobes-Fix-check-for-probe-enabled-in-kill_kprobe.patch
(git-fixes CVE-2022-50266 bsc#1249810).
- Update patches.suse/md-fix-a-crash-in-mempool_free-3410.patch
(git-fixes CVE-2022-50381 bsc#1250257).
- Update
patches.suse/md-raid10-fix-leak-of-r10bio-remaining-for-recovery-2620.patch
(git-fixes CVE-2023-53299 bsc#1249927).
- Update
patches.suse/md-raid10-fix-null-ptr-deref-of-mreplace-in-raid10_s-3481.patch
(git-fixes CVE-2023-53380 bsc#1250198).
- Update
patches.suse/md-raid10-fix-wrong-setting-of-max_corr_read_errors-f8b2.patch
(git-fixes CVE-2023-53313 bsc#1249911).
- Update
patches.suse/md-raid10-prevent-soft-lockup-while-flush-writes-0104.patch
(git-fixes CVE-2023-53151 bsc#1249865).
- Update
patches.suse/media-atomisp-prevent-integer-overflow-in-sh_css_set.patch
(git-fixes CVE-2022-50399 bsc#1250108).
- Update
patches.suse/media-cx23885-Fix-a-null-ptr-deref-bug-in-buffer_pre.patch
(git-fixes CVE-2023-53458 bsc#1250864).
- Update
patches.suse/media-cx88-Fix-a-null-ptr-deref-bug-in-buffer_prepar.patch
(git-fixes CVE-2022-50359 bsc#1250269).
- Update
patches.suse/media-dvb-usb-az6027-fix-null-ptr-deref-in-az6027_i2.patch
(git-fixes bsc#1209291 CVE-2023-28328 CVE-2022-50272
bsc#1249808).
- Update
patches.suse/media-netup_unidvb-fix-use-after-free-at-del_timer.patch
(git-fixes CVE-2023-53219 bsc#1249661).
- Update
patches.suse/media-ov2740-Fix-memleak-in-ov2740_init_controls.patch
(git-fixes CVE-2023-53349 bsc#1250015).
- Update
patches.suse/media-pci-tw68-Fix-null-ptr-deref-bug-in-buf-prepare.patch
(git-fixes CVE-2023-53244 bsc#1249868).
- Update
patches.suse/media-uvcvideo-Handle-cameras-with-invalid-descripto.patch
(git-fixes CVE-2023-53437 bsc#1250178).
- Update
patches.suse/media-v4l2-mem2mem-add-lock-to-protect-parameter-num.patch
(git-fixes CVE-2023-53519 bsc#1250964).
- Update
patches.suse/media-vimc-Fix-wrong-function-called-when-vimc_init-.patch
(git-fixes CVE-2022-50340 bsc#1249892).
- Update
patches.suse/media-xilinx-vipp-Fix-refcount-leak-in-xvip_graph_dm.patch
(git-fixes CVE-2022-50309 bsc#1249718).
- Update
patches.suse/memory-of-Fix-refcount-leak-bug-in-of_get_ddr_timing.patch
(git-fixes CVE-2022-50249 bsc#1249747).
- Update
patches.suse/memory-of-Fix-refcount-leak-bug-in-of_lpddr3_get_ddr.patch
(git-fixes CVE-2022-50429 bsc#1250811).
- Update
patches.suse/mfd-arizona-Use-pm_runtime_resume_and_get-to-prevent.patch
(git-fixes CVE-2023-53443 bsc#1250457).
- Update
patches.suse/misc-tifm-fix-possible-memory-leak-in-tifm_7xx1_swit.patch
(git-fixes CVE-2022-50349 bsc#1249920).
- Update
patches.suse/mmc-moxart-fix-return-value-check-of-mmc_add_host.patch
(git-fixes CVE-2022-50268 bsc#1249741).
- Update
patches.suse/mmc-rtsx_pci-fix-return-value-check-of-mmc_add_host.patch
(git-fixes CVE-2022-50267 bsc#1249749).
- Update
patches.suse/mmc-rtsx_usb_sdmmc-fix-return-value-check-of-mmc_add.patch
(git-fixes CVE-2022-50347 bsc#1249928).
- Update
patches.suse/mmc-vub300-fix-return-value-check-of-mmc_add_host.patch
(git-fixes CVE-2022-50251 bsc#1249745).
- Update
patches.suse/mmc-vub300-fix-warning-do-not-call-blocking-ops-when.patch
(git-fixes CVE-2022-50430 bsc#1250791).
- Update
patches.suse/mmc-wmt-sdmmc-fix-return-value-check-of-mmc_add_host.patch
(git-fixes CVE-2022-50353 bsc#1250047).
- Update
patches.suse/msft-hv-2770-Drivers-vmbus-Check-for-channel-allocation-before-lo.patch
(git-fixes CVE-2023-53273 bsc#1249930).
- Update
patches.suse/msft-hv-2841-scsi-storvsc-Fix-handling-of-virtual-Fibre-Channel-t.patch
(git-fixes CVE-2023-53245 bsc#1249641).
- Update
patches.suse/mtd-maps-pxa2xx-flash-fix-memory-leak-in-probe.patch
(git-fixes CVE-2022-50324 bsc#1249701).
- Update
patches.suse/net-ena-fix-shift-out-of-bounds-in-exponential-backo.patch
(git-fixes CVE-2023-53272 bsc#1249917).
- Update
patches.suse/netfilter-conntrack-dccp-copy-entire-header-to-stack.patch
(CVE-2023-39197 bsc#1216976 CVE-2023-53333 bsc#1249949).
- Update
patches.suse/netfilter-ipset-add-the-missing-IP_SET_HASH_WITH_NET.patch
(CVE-2023-42753 bsc#1215150 CVE-2023-53179 bsc#1249825).
- Update
patches.suse/netfilter-nf_tables-do-not-ignore-genmask-when-looki.patch
(CVE-2023-31248 bsc#1213061 CVE-2023-53492 bsc#1250823).
- Update
patches.suse/netfilter-nft_set_rbtree-fix-overlap-expiration-walk.patch
(CVE-2023-52923 bsc#1236104 CVE-2023-53304 bsc#1249923).
- Update
patches.suse/nfc-fix-memory-leak-of-se_io-context-in-nfc_genl_se_.patch
(git-fixes CVE-2023-53298 bsc#1249944).
- Update
patches.suse/nfsd-Fix-a-memory-leak-in-an-error-handling-path.patch
(git-fixes CVE-2022-50348 bsc#1249924).
- Update
patches.suse/nfsd-call-op_release-even-when-op_func-returns-an-er.patch
(git-fixes CVE-2023-53241 bsc#1249638).
- Update
patches.suse/nfsd-under-NFSv4.1-fix-double-svc_xprt_put-on-rpc_cr.patch
(git-fixes CVE-2022-50401 bsc#1250140).
- Update
patches.suse/nilfs2-do-not-write-dirty-data-after-degenerating-to.patch
(git-fixes CVE-2023-53337 bsc#1250315).
- Update patches.suse/nilfs2-fix-sysfs-interface-lifetime.patch
(git-fixes CVE-2023-53440 bsc#1250151).
- Update
patches.suse/nilfs2-fix-use-after-free-of-nilfs_root-in-dirtying-.patch
(git-fixes CVE-2023-53311 bsc#1250062).
- Update
patches.suse/nvme-fix-multipath-crash-caused-by-flush-request-whe.patch
(git-fixes CVE-2022-50388 bsc#1250293).
- Update
patches.suse/ocfs2-fix-memory-leak-in-ocfs2_stack_glue_init.patch
(bsc#1207651 CVE-2022-50289 bsc#1249981).
- Update
patches.suse/orangefs-Fix-kmemleak-in-orangefs_-kernel-client-_debug_init.patch
(git-fixes CVE-2022-50376 bsc#1250209).
- Update
patches.suse/perf-x86-intel-uncore-Fix-reference-count-leak-in-hswep_has_limit_sbox.patch
(git fixes CVE-2022-50318 bsc#1249709).
- Update
patches.suse/phy-hisilicon-Fix-an-out-of-bounds-check-in-hisi_inn.patch
(git-fixes CVE-2023-53238 bsc#1249707).
- Update
patches.suse/platform-chrome-cros_usbpd_notify-Fix-error-handling.patch
(git-fixes CVE-2022-50468 bsc#1250877).
- Update
patches.suse/power-supply-fix-null-pointer-dereferencing-in-power.patch
(git-fixes CVE-2022-50276 bsc#1249651).
- Update
patches.suse/powerpc-Don-t-try-to-copy-PPR-for-task-with-NULL-pt_.patch
(bsc#1065729 CVE-2023-53326 bsc#1250071).
- Update
patches.suse/powerpc-rtas_flash-allow-user-copy-to-flash-block-ca.patch
(bsc#1194869 CVE-2023-53487 bsc#1250830).
- Update
patches.suse/pstore-ram-Check-start-of-empty-przs-during-init.patch
(git-fixes CVE-2023-53331 bsc#1249950).
- Update
patches.suse/pwm-lpc32xx-Remove-handling-of-PWM-channels.patch
(git-fixes CVE-2023-53472 bsc#1250841).
- Update patches.suse/qed-allow-sleep-in-qed_mcp_trace_dump.patch
(jsc#SLE-19001 CVE-2023-53509 bsc#1250810).
- Update
patches.suse/regulator-core-fix-use_count-leakage-when-handling-b.patch
(git-fixes CVE-2022-50250 bsc#1249844).
- Update
patches.suse/s390-dasd-Fix-potential-memleak-in-dasd_eckd_init.patch
(git-fixes CVE-2023-53449 bsc#1250874).
- Update
patches.suse/scsi-core-Fix-possible-memory-leak-if-device_add-fails.patch
(git-fixes CVE-2023-53174 bsc#1250024).
- Update
patches.suse/scsi-fcoe-Fix-transport-not-deattached-when-fcoe_if_init-fails.patch
(git-fixes CVE-2022-50414 bsc#1250183).
- Update
patches.suse/scsi-iscsi-iscsi_tcp-Fix-null-ptr-deref-while-calling-getpeername.patch
(git-fixes CVE-2022-50459 bsc#1250850).
- Update
patches.suse/scsi-iscsi_tcp-Check-that-sock-is-valid-before-iscsi_set_param.patch
(git-fixes CVE-2023-53464 bsc#1250868).
- Update
patches.suse/scsi-libsas-Fix-use-after-free-bug-in-smp_execute_task_sg.patch
(git-fixes CVE-2022-50422 bsc#1250774).
- Update
patches.suse/scsi-lpfc-Fix-null-ndlp-ptr-dereference-in-abnormal-.patch
(bsc#1203063 CVE-2022-50467 bsc#1250847).
- Update
patches.suse/scsi-lpfc-Fix-use-after-free-KFENCE-violation-during.patch
(bsc#1208607 CVE-2023-53282 bsc#1250311).
- Update patches.suse/scsi-mpt3sas-Fix-a-memory-leak.patch
(git-fixes CVE-2023-53512 bsc#1250915).
- Update
patches.suse/scsi-qla2xxx-Fix-potential-NULL-pointer-dereference.patch
(bsc#1213747 CVE-2023-53451 bsc#1250831).
- Update
patches.suse/scsi-qla2xxx-Pointer-may-be-dereferenced.patch
(bsc#1213747 CVE-2023-53150 bsc#1249853).
- Update
patches.suse/scsi-qla2xxx-Remove-unused-nvme_ls_waitq-wait-queue.patch
(bsc#1213747 CVE-2023-53280 bsc#1249938).
- Update
patches.suse/scsi-qla2xxx-Use-raw_smp_processor_id-instead-of-smp.patch
(git-fixes CVE-2023-53530 bsc#1250949).
- Update
patches.suse/scsi-qla2xxx-Wait-for-io-return-on-terminate-rport.patch
(bsc#1211960 CVE-2023-53322 bsc#1250323).
- Update
patches.suse/scsi-ses-Fix-slab-out-of-bounds-in-ses_intf_remove.patch
(git-fixes CVE-2023-53521 bsc#1250965).
- Update
patches.suse/scsi-ses-Handle-enclosure-with-just-a-primary-component-gracefully.patch
(git-fixes CVE-2023-53431 bsc#1250374).
- Update
patches.suse/scsi-snic-Fix-memory-leak-with-using-debugfs_lookup.patch
(git-fixes CVE-2023-53414 bsc#1250425).
- Update
patches.suse/scsi-snic-Fix-possible-memory-leak-if-device_add-fails.patch
(git-fixes CVE-2023-53436 bsc#1250156).
- Update
patches.suse/serial-8250-Reinit-port-pm-on-port-specific-driver-u.patch
(git-fixes CVE-2023-53176 bsc#1249991).
- Update
patches.suse/slimbus-qcom-ngd-cleanup-in-probe-error-path.patch
(git-fixes CVE-2022-50298 bsc#1249934).
- Update
patches.suse/smb-client-fix-warning-in-cifs_smb3_do_mount-.patch
(bsc#1193629 CVE-2023-53230 bsc#1249866).
- Update
patches.suse/soundwire-qcom-fix-storing-port-config-out-of-bounds.patch
(git-fixes CVE-2023-53465 bsc#1250863).
- Update
patches.suse/staging-rtl8723bs-fix-potential-memory-leak-in-rtw_i.patch
(git-fixes CVE-2022-50469 bsc#1250824).
- Update
patches.suse/staging-vt6655-fix-some-erroneous-memory-clean-up-lo.patch
(git-fixes CVE-2022-50355 bsc#1250041).
- Update
patches.suse/thermal-drivers-hisi-Drop-second-sensor-hi3660.patch
(git-fixes CVE-2023-53242 bsc#1249639).
- Update
patches.suse/tls-separate-no-async-decryption-request-handling-fr.patch
(CVE-2024-26583 CVE-2024-26584 bsc#1220185 bsc#1220186
CVE-2024-58240 bsc#1248847).
- Update
patches.suse/tpm-tpm_crb-Add-the-missed-acpi_put_table-to-fix-mem.patch
(git-fixes CVE-2022-50389 bsc#1250121).
- Update
patches.suse/tracing-Fix-null-pointer-dereference-in-tracing_err_log_open.patch
(git-fixes CVE-2023-53167 bsc#1249712).
- Update
patches.suse/tracing-Fix-race-issue-between-cpu-buffer-write-and-swap.patch
(git-fixes CVE-2023-53368 bsc#1249979).
- Update
patches.suse/tracing-Fix-reading-strings-from-synthetic-events.patch
(git-fixes CVE-2022-50255 bsc#1249910).
- Update
patches.suse/tracing-Free-error-logs-of-tracing-instances.patch
(git-fixes CVE-2023-53375 bsc#1250197).
- Update
patches.suse/tty-serial-fsl_lpuart-disable-dma-rx-tx-use-flags-in.patch
(git-fixes CVE-2022-50375 bsc#1250132).
- Update patches.suse/ubifs-Fix-memory-leak-in-alloc_wbufs.patch
(git-fixes CVE-2023-53468 bsc#1250888).
- Update patches.suse/ubifs-Fix-memory-leak-in-do_rename.patch
(git-fixes CVE-2023-53396 bsc#1250200).
- Update patches.suse/ubifs-Free-memory-for-tmpfile-name.patch
(git-fixes CVE-2023-53276 bsc#1250309).
- Update
patches.suse/udf-Do-not-bother-merging-very-long-extents.patch
(bsc#1213040 CVE-2023-53506 bsc#1250963).
- Update
patches.suse/udf-Do-not-update-file-length-for-failed-writes-to-i.patch
(bsc#1213041 CVE-2023-53295 bsc#1250324).
- Update
patches.suse/udf-Fix-uninitialized-array-access-for-some-pathname.patch
(bsc#1214967 CVE-2023-53165 bsc#1250395).
- Update
patches.suse/usb-dwc3-qcom-Fix-potential-memory-leak.patch
(git-fixes CVE-2023-53196 bsc#1249758).
- Update
patches.suse/usb-gadget-u_serial-Add-null-pointer-check-in-gseria-2f6ecb89fe8f.patch
(git-fixes CVE-2023-53356 bsc#1249997).
- Update
patches.suse/usb-phy-phy-tahvo-fix-memory-leak-in-tahvo_usb_probe.patch
(git-fixes CVE-2023-53379 bsc#1250128).
- Update
patches.suse/usb-typec-tcpci-fix-of-node-refcount-leak-in-tcpci_r.patch
(git-fixes CVE-2022-50246 bsc#1249746).
- Update
patches.suse/usb-xhci-mtk-fix-leakage-of-shared-hcd-when-fail-to-.patch
(git-fixes CVE-2022-50247 bsc#1249681).
- Update
patches.suse/usb-xhci-tegra-fix-sleep-in-atomic-call.patch
(git-fixes CVE-2023-53475 bsc#1250843).
- Update
patches.suse/vfio-type1-prevent-underflow-of-locked_vm-via-exec.patch
(git-fixes CVE-2023-53171 bsc#1249933).
- Update
patches.suse/vhost-vsock-Use-kvmalloc-kvfree-for-larger-packets.patch
(git-fixes CVE-2022-50271 bsc#1249740).
- Update
patches.suse/virtio-mmio-don-t-break-lifecycle-of-vm_dev.patch
(git-fixes CVE-2023-53515 bsc#1250917).
- Update
patches.suse/virtio_net-Fix-error-unwinding-of-XDP-initialization.patch
(git-fixes CVE-2023-53499 bsc#1250818).
- Update
patches.suse/watchdog-Fix-kmemleak-in-watchdog_cdev_register.patch
(git-fixes CVE-2023-53234 bsc#1249784).
- Update
patches.suse/wifi-ath11k-Fix-SKB-corruption-in-REO-destination-ri.patch
(git-fixes CVE-2023-53315 bsc#1250303).
- Update
patches.suse/wifi-ath9k-don-t-allow-to-overwrite-ENDPOINT0-attrib.patch
(git-fixes CVE-2023-53185 bsc#1249820).
- Update
patches.suse/wifi-ath9k-hif_usb-clean-up-skbs-if-ath9k_hif_usb_rx.patch
(git-fixes CVE-2023-53199 bsc#1249683).
- Update
patches.suse/wifi-ath9k-verify-the-expected-usb_endpoints-are-pre.patch
(git-fixes CVE-2022-50297 bsc#1250250).
- Update
patches.suse/wifi-brcmfmac-Fix-potential-stack-out-of-bounds-in-b.patch
(git-fixes CVE-2022-50258 bsc#1249947).
- Update
patches.suse/wifi-brcmfmac-fix-potential-memory-leak-in-brcmf_net.patch
(git-fixes CVE-2022-50321 bsc#1249706).
- Update
patches.suse/wifi-brcmfmac-fix-use-after-free-bug-in-brcmf_netdev.patch
(git-fixes CVE-2022-50408 bsc#1250391).
- Update
patches.suse/wifi-brcmfmac-slab-out-of-bounds-read-in-brcmf_get_a.patch
(git-fixes bsc#1209287 CVE-2023-1380 CVE-2023-53213
bsc#1249918).
- Update
patches.suse/wifi-cfg80211-Fix-use-after-free-for-wext.patch
(git-fixes CVE-2023-53153 bsc#1249877).
- Update
patches.suse/wifi-iwl3945-Add-missing-check-for-create_singlethre.patch
(git-fixes CVE-2023-53277 bsc#1249936).
- Update
patches.suse/wifi-iwl4965-Add-missing-check-for-create_singlethre.patch
(git-fixes CVE-2023-53302 bsc#1249958).
- Update
patches.suse/wifi-iwlwifi-fw-fix-memory-leak-in-debugfs.patch
(git-fixes CVE-2023-53422 bsc#1250182).
- Update
patches.suse/wifi-iwlwifi-mvm-fix-double-free-on-tx-path.patch
(git-fixes CVE-2022-50248 bsc#1249840).
- Update
patches.suse/wifi-iwlwifi-pcie-Fix-integer-overflow-in-iwl_write_.patch
(git-fixes CVE-2023-53524 bsc#1250953).
- Update
patches.suse/wifi-iwlwifi-pcie-fix-NULL-pointer-dereference-in-iw.patch
(git-fixes CVE-2023-53251 bsc#1249730).
- Update
patches.suse/wifi-libertas-fix-memory-leak-in-lbs_init_adapter.patch
(git-fixes CVE-2022-50294 bsc#1249799).
- Update
patches.suse/wifi-mac80211-fix-invalid-drv_sta_pre_rcu_remove-cal.patch
(git-fixes CVE-2023-53229 bsc#1249650).
- Update
patches.suse/wifi-mwifiex-Fix-OOB-and-integer-underflow-when-rx-p.patch
(git-fixes CVE-2023-53226 bsc#1249658).
- Update
patches.suse/wifi-mwifiex-avoid-possible-NULL-skb-pointer-derefer.patch
(git-fixes CVE-2023-53384 bsc#1250127).
- Update
patches.suse/wifi-rtlwifi-Fix-global-out-of-bounds-bug-in-_rtl881.patch
(git-fixes CVE-2022-50279 bsc#1249751).
- Update
patches.suse/wifi-rtw89-fix-potential-race-condition-between-napi.patch
(git-fixes CVE-2023-53452 bsc#1250762).
- Update
patches.suse/wwan_hwsim-fix-possible-memory-leak-in-wwan_hwsim_de.patch
(git-fixes CVE-2022-50331 bsc#1249695).
- Update
patches.suse/x86-fpu-fix-copy_xstate_to_uabi-to-copy-init-states-correctly.patch
(git-fixes CVE-2022-50425 bsc#1250781).
- Update patches.suse/x86-mce-amd-use-an-u64-for-bank_map.patch
(git-fixes CVE-2023-53474 bsc#1250842).
- Update
patches.suse/x86-platform-uv-Use-alternate-source-for-socket-to-n.patch
(bsc#1215696 bsc#1217790 CVE-2023-53496 bsc#1250905).
- Update patches.suse/xen-gntdev-Prevent-leaking-grants.patch
(git-fixes CVE-2022-50257 bsc#1249743).
- Update
patches.suse/xfrm-add-NULL-check-in-xfrm_update_ae_params.patch
(bsc#1213666 CVE-2023-3772 CVE-2023-53147 bsc#1249880).
- commit 3e8722f
- Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen()
(CVE-2025-39860 bsc#1250247).
- commit a1c6acf
- HID: asus: fix UAF via HID_CLAIMED_INPUT validation
(CVE-2025-39824 bsc#1250007).
- commit 4aec876
- net/smc: fix UAF on smcsk after smc_listen_out() (CVE-2025-38734
bsc#1249324).
- commit fe18faf
- s390/ism: fix concurrency management in ism_cmd() (git-fixes
bsc#1249266 CVE-2025-39726).
- commit ac040b4
- dmaengine: ti: edma: Fix memory allocation size for
queue_priority_map (CVE-2025-39869 bsc#1250406).
- commit 9685491
- KVM: x86: use array_index_nospec with indices that come from
guest (CVE-2025-39823 bsc#1250002).
- commit d9de1fd
- mm/huge_memory: fix dereferencing invalid pmd migration entry
(CVE-2025-37958 bsc#1243539).
- commit 521422d
- ext4: ignore xattrs past end (bsc#1242846 CVE-2025-37738).
- commit 4630cc6
- fs/buffer: fix use-after-free when call bh_read() helper
(bsc#1249374 CVE-2025-39691).
- commit 996c520
- Bluetooth: eir: Fix using strlen with
hdev->{dev_name,short_name} (CVE-2022-50233 bsc#1246968).
- commit 2e1f686
- mm: fix zswap writeback race condition (CVE-2023-53178
bsc#1249827).
- Refresh
patches.suse/mm-zswap-properly-synchronize-freeing-resources-duri.patch.
- commit 42ab563
- mm: zswap: fix missing folio cleanup in writeback race path
(CVE-2023-53178 bsc#1249827 git-fix).
- commit ccc740f
- wifi: mac80211_hwsim: drop short frames (CVE-2023-53321
bsc#1250313).
- commit 19db60e
- x86/MCE: Always save CS register on AMD Zen IF Poison errors
(CVE-2023-53438 bsc#1250180).
- commit b12ae2d
- wifi: mac80211: check S1G action frame size (CVE-2023-53257
bsc#1249869).
- commit 3efa6da
- Limit patch filenames to 100 characters (bsc#1249604).
- commit 34d0532
- kernel-source.spec: Depend on python3-base for build
Both kernel-binary and kernel-docs already have this dependency.
Adding it to kernel-source makes it possible to use python in shared
build scripts.
- commit 72fdedd
- kernel-source: Do not list mkspec and its inputs as sources
(bsc#1250522).
This excludes the files from the src.rpm. The next step is to remove
these files in tar-up so that they do not get uploaded to OBS either.
As there is only one version of tar-up these files need to be removed
from all kernels.
- commit e72b8a2
- rpm: Link arch-symbols script from scripts directory.
- commit 90b2abb
- use uniform permission checks for all mount propagation changes
(git-fixes).
- commit 7dba905
- Refresh
patches.suse/smb-During-unmount-ensure-all-cached-dir-instances-drop-their-dent.patch.
A badly done backport/rebase introduced a double free of cfid_put_wq
workqueue on 'rmmod cifs'.
The original patch did introduce a memory leak of the workqueue, but
it's been addressed on a further fix.
Refreshing this patch to its original form.
- commit d4181c1
- rpm: Link guards script from scripts directory.
- commit e19a893
- Delete ARMv7 configs.
There is no longer a 5.14 based Leap.
- commit c9e0295
- hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc()
(bsc#1249200 CVE-2025-38713).
- commit 0f4fe03
- Revert backported patches for bsc#1238160 because the CVSS less than 7.0
- Delete
patches.suse/Bluetooth-hci_event-Fix-checking-conn-for-le_conn_co.patch.
- Delete
patches.suse/Bluetooth-hci_event-Fix-checking-for-invalid-handle-.patch.
- Delete
patches.suse/Bluetooth-hci_event-Ignore-multiple-conn-complete-ev.patch.
(bsc#1238160 CVE-2022-49138)
- commit 58636bb
- Update config files. (bsc#1249186)
Enable where we define KABI refs + rely on Kconfig deps.
- commit 40e5ff4
- xfs: rework datasync tracking and execution (bsc#1237449).
- commit 6d2ba43
- ASoC: core: Check for rtd == NULL in
snd_soc_remove_pcm_runtime() (CVE-2025-38706 bsc#1249195).
- commit 00df3f7
- net, hsr: reject HSR frame if skb can't hold tag (CVE-2025-39703
bsc#1249315).
- commit 4aa620b
- Revert selinux patches that caused regressions (bsc#1249353)
Deleted:
patches.suse/security-lsm-Introduce-security_mptcp_add_subflow.patch
patches.suse/selinux-Implement-mptcp_add_subflow-hook.patch
- commit 1be528b
- i2c/designware: Fix an initialization issue (git-fixes
CVE-2025-38380 bsc#1247028).
- commit 3969bae
- kabi/severities: ignore kABI for atheros helper modules
The symbols are used only internally by atheros drivers.
- commit 35d7d9d
- ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control
(CVE-2025-39751 bsc#1249538).
- commit 2fa5c70
- wifi: ath10k: shutdown driver when hardware is unreliable
(CVE-2025-39746 bsc#1249516).
- commit b79070e
- bus: mhi: host: Detect events pointing to unexpected TREs
(CVE-2025-39790 bsc#1249548).
- commit 8f23ea7
- netfilter: nf_tables: reject duplicate device on updates
(CVE-2025-38678 bsc#1249126).
- commit ed53d59
- dmaengine: idxd: Fix refcount underflow on module unload
(CVE-2025-38014 bsc#1244732).
- commit 7288c92
- Limit patch filenames to 100 characters (bsc#1249604).
- commit 864f4b6
- supported.conf: mark hyperv_drm as external
- hv_netvsc: Fix panic during namespace deletion with VF (bsc#1248111).
- commit 2dd0e8c
- kernel-subpackage-build: Decompress ghost file when compressed version exists (bsc#1249346)
- commit 40606b5
- fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (bsc#1249220 CVE-2025-38685)
- commit 92b9def
- btrfs: avoid NULL pointer dereference if no valid extent tree
(bsc#1249158).
- commit 6c3a163
- smb: client: fix use-after-free in crypt_message when using
async crypto (bsc#1247239, CVE-2025-38488).
- commit 03f19df
- ipv6: reject malicious packets in ipv6_gso_segment()
(CVE-2025-38572 bsc#1248399).
- net/sched: Restrict conditions for adding duplicating netems
to qdisc tree (CVE-2025-38553 bsc#1248255).
- commit 27382a9
- rpm: Configure KABI checkingness macro (bsc#1249186)
The value of the config should match presence of KABI reference data. If
it mismatches:
- !CONFIG & reference -> this is bug, immediate fail
- CONFIG & no reference -> OK temporarily, must be resolved eventually
- commit 23c1536
- Kconfig.suse: Add KABI checkiness macro (config) (bsc#1249186)
The motivation: there are patches.kabi/ patches that restore KABI and
they check validity of the approach with static_assert()s to prevent
accidental KABI breakage.
These asserts are invoked on each arch-flavor and they may signal false
negatives -- that is KABI restoration patch could break KABI but the
given arch-flavor defines no KABI.
The intended use is to disable the compile time checks in patches.kabi/
(but not to be confused with __GENKSYMS__ that affects how reference is
calculated).
The name is chosen so that it mimics HAVE_* macros that are not
configured manually (but is selected by an arch). In our case it's
(un)selected by build script depending on whether KABI reference is
defined for given arch-flavor and whether check is really requested by
the user. Default value is 'n' so that people building merely via
Makefile (not RPM with KABI checking) obtain consistent config.
- commit a007049
- gfs2: No more self recovery (bsc#1248639 CVE-2025-38659).
- gfs2: Get rid of gfs2_glock_queue_put in signal_our_withdraw
(bsc#1248639 CVE-2025-38659).
- commit d2aba16
- usb: gadget: udc: core: Offload usb_udc_vbus_handler processing
(CVE-2022-49980 bsc#1245110).
- commit b9c8803
- ice: Fix a null pointer dereference in ice_copy_and_init_pkg()
(CVE-2025-38664 bsc#1248628).
- commit 5eff097
- wifi: mac80211: reject TDLS operations when station is not
associated (CVE-2025-38644 bsc#1248748).
- commit a8c476b
- vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1248511
CVE-2025-38618).
- commit 33452e8
- USB: gadget: Fix obscure lockdep violation for udc_mutex
(CVE-2022-49980 bsc#1245110).
- commit 25d2f46
- usb: gadget: core: do not try to disconnect gadget if it is
not connected (CVE-2022-49980 bsc#1245110).
- commit a760fdc
- tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (CVE-2025-38184 bsc#1245956)
- commit 9365d7a
- kernel-binary: Another installation ordering fix (bsc#1241353).
- commit fe14ab5
- USB: gadget: Fix use-after-free Read in usb_udc_uevent()
(CVE-2022-49980 bsc#1245110).
- commit dffc69a
- atm: clip: Fix memory leak of struct clip_vcc (CVE-2025-38546
bsc#1248223).
- atm: clip: Fix potential null-ptr-deref in to_atmarpd()
(CVE-2025-38460 bsc#1247143).
- tls: stop recv() if initial process_rx_list gave us non-DATA
(CVE-2024-58239 bsc#1248614).
- tls: rx: drop pointless else after goto (CVE-2024-58239
bsc#1248614).
- commit 47416a2
- x86/sev: Evict cache lines during SNP memory validation
(CVE-2025-38560 bsc#1248312).
- commit 766631f
- selftests/perf_events: Add a mmap() correctness test
(CVE-2025-38563 bsc#1248306 selftest).
- commit b58bec8
- perf/core: Prevent VMA split of buffer mappings (CVE-2025-38563
bsc#1248306).
- commit 30b2db8
- perf/core: Exit early on perf_mmap() fail (CVE-2025-38563
bsc#1248306 dependency).
- commit 037df8e
- perf/core: Don't leak AUX buffer refcount on allocation failure
(CVE-2025-38563 bsc#1248306 dependency).
- commit 4273af9
- bpf, ktls: Fix data corruption when using bpf_msg_pop_data()
in ktls (bsc#1248338 CVE-2025-38608).
- commit 43a92df
- build_bug.h: Add KABI assert (bsc#1249186).
- commit 6e38849
- usb: gadget : fix use-after-free in composite_dev_cleanup()
(CVE-2025-38555 bsc#1248297).
- commit d29d36a
- clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (CVE-2025-38499 bsc#1247976)
- commit 767ab57
- net/packet: fix a race in packet_set_ring() and
packet_notifier() (CVE-2025-38617 bsc#1248621).
- commit a477bef
- Update config files. Disable N_GSM (jsc#PED-8240, bsc#1244824, CVE-2022-50116)
- commit 98bb21f
- selinux: Implement mptcp_add_subflow hook (bsc#1240375).
- security, lsm: Introduce security_mptcp_add_subflow()
(bsc#1240375).
- commit 2547a6d
- nvme-multipath: defer partition scanning (bsc#122824 git-fixes
CVE-2024-53093 bsc#1233640).
- commit 7846c6e
- Move pesign-obs-integration requirement from kernel-syms to kernel devel
subpackage (bsc#1248108).
- commit e707e41
- NFSv4.1: fix backchannel max_resp_sz verification check
(bsc#1247518).
- commit 3b06caf
- smb: prevent use-after-free due to open_cached_dir error paths
(bsc#1234896, CVE-2024-53177).
- commit 99ad7d6
- posix-cpu-timers: fix race between handle_posix_cpu_timers()
and posix_cpu_timer_del() (bsc#1246911 CVE-2025-38352).
- commit 5c74715
- do_change_type(): refuse to operate on unmounted/not ours mounts (CVE-2025-38498 bsc#1247374)
- commit 16fc04a
- kabi fix for NFSv4: fairly test all delegations on a SEQ4_
revocation (bsc#1246211).
- commit 6f389a0
- NFSv4: fairly test all delegations on a SEQ4_ revocation
(bsc#1246211).
- Refresh
patches.kabi/kabi-fix-for-NFSv4-Prevent-NULL-pointer-dereference-in.patch.
- Refresh
patches.suse/NFS-Avoid-unnecessary-rescanning-of-the-per-server-delegation-list.patch.
- Refresh
patches.suse/NFSv4-Prevent-NULL-pointer-dereference-in-nfs42_complete_copies.patch.
- commit 10bdb9b
- net: atm: fix /proc/net/atm/lec handling (CVE-2025-38180
bsc#1245970).
- net: atm: add lec_mutex (CVE-2025-38323 bsc#1246473).
- commit d88adbc
- protect the fetch of ->fd[fd] in do_dup2() from mispredictions
(bsc#1229334 CVE-2024-42265).
- fs: prevent out-of-bounds array speculation when closing a
file descriptor (CVE-2023-53117 bsc#1242780).
- commit 832757a
- net/sched: sch_qfq: Avoid triggering might_sleep in atomic
context in qfq_delete_class (CVE-2025-38477 bsc#1247314).
- net/sched: Return NULL when htb_lookup_leaf encounters an
empty rbtree (CVE-2025-38468 bsc#1247437).
- net/sched: sch_qfq: Fix race condition on qfq_aggregate
(CVE-2025-38477 bsc#1247314).
- net/sched: Always pass notifications when child class becomes
empty (CVE-2025-38350 bsc#1246781).
- commit 03528bf
- net_sched: Prevent creation of classes with TC_H_ROOT
(CVE-2025-21971 bsc#1240799).
- commit c846a50
- kernel-syms.spec: Drop old rpm release number hack (bsc#1247172).
- commit b4fa2d1
- Update
patches.suse/netfilter-nf_set_pipapo_avx2-fix-initial-map-fill.patch
(git-fixes CVE-2024-57947 bsc#1236333 CVE-2025-38120
bsc#1245711).
- Update
patches.suse/powerpc-powernv-memtrace-Fix-out-of-bounds-issue-in-.patch
(bsc#1244309 ltc#213790 CVE-2025-38088 bsc#1245506).
- Update
patches.suse/sch_hfsc-make-hfsc_qlen_notify-idempotent.patch
(CVE-2025-37798 bsc#1242414 CVE-2025-38177 bsc#1245986).
- commit c5b1aff
- HID: core: do not bypass hid_hw_raw_request (CVE-2025-38494
bsc#1247349).
- HID: core: ensure the allocated report buffer can contain the
reserved report ID (CVE-2025-38495 bsc#1247348).
- commit 8b00261
- net: avoid race between device unregistration and ethnl ops
(CVE-2025-21701 bsc#1237164).
- commit ef7f4cc
- usb: gadget: configfs: Fix OOB read on empty string write
(CVE-2025-38497 bsc#1247347).
- commit 2908061
- rpm/kernel-subpackage-spec: Skip brp-strip-debug to avoid file truncation (bsc#1246879)
Put the same workaround to avoid file truncation of vmlinux and co in
kernel-default-base package, too.
- commit 2329734
- rpm/kernel-binary.spec.in: Ignore return code from ksymtypes compare
When using suse-kabi-tools, the RPM build invokes 'ksymvers compare' to
compare the resulting symbol CRCs with the reference data. If the values
differ, it then invokes 'ksymtypes compare' to provide a detailed report
explaining why the symbols differ. The build expects the latter
'ksymtypes compare' command to always return zero, even if the two
compared kABI corpuses are different.
This is currently the case for 'ksymtypes compare'. However, I plan to
update the command to return a non-zero code when the comparison detects
any differences. This should ensure consistent behavior with 'ksymvers
compare'.
Since the build uses 'ksymtypes compare' only for more detailed
diagnostics, ignore its return code.
- commit 5ac1381
- netfilter: nf_tables: mark set as dead when unbinding anonymous
set with timeout (CVE-2024-26643 bsc#1221829).
- commit 4daa764
- netfilter: allow exp not to be removed in nf_ct_find_expectation
(CVE-2023-52927 bsc#1239644).
- commit b3f811c
- netfilter: nf_tables: split async and sync catchall in two
functions (CVE-2023-52923 bsc#1236104).
- Refresh
patches.suse/netfilter-nf_tables-use-timestamp-to-check-for-set-element.patch.
- commit 11c8f5d
- netfilter: nft_set_hash: unaligned atomic read on struct
nft_set_ext (CVE-2023-52923 bsc#1236104).
- commit 81059b2
- netfilter: nft_set_rbtree: skip end interval element from gc
(CVE-2023-52923 bsc#1236104).
- commit f47327b
- netfilter: nf_tables: remove catchall element in GC sync path
(CVE-2023-52923 bsc#1236104).
- Refresh
patches.suse/netfilter-nf_tables-use-timestamp-to-check-for-set-element.patch.
- commit 9970986
- netfilter: nf_tables: nft_set_rbtree: fix spurious insertion
failure (CVE-2023-52923 bsc#1236104).
- commit e63b022
- netfilter: nft_set_hash: skip duplicated elements pending gc
run (CVE-2023-52923 bsc#1236104).
- commit 828ecf9
- netfilter: nft_set_pipapo: prefer gfp_kernel allocation
(CVE-2023-52923 bsc#1236104).
- commit 65fa0d6
- netfilter: nft_set_hash: try later when GC hits EAGAIN on
iteration (CVE-2023-52923 bsc#1236104).
- commit 10f2b11
- net: usb: usbnet: restore usb%d name exception for local mac
addresses (bsc#1234480 bsc#1246555).
- commit acb1d49
- netfilter: nft_set_pipapo: call nft_trans_gc_queue_sync()
in catchall GC (CVE-2023-52923 bsc#1236104).
- Refresh
patches.suse/netfilter-nf_tables-use-timestamp-to-check-for-set-element.patch.
- commit 01a51e7
- netfilter: nft_set_rbtree: use read spinlock to avoid datapath
contention (CVE-2023-52923 bsc#1236104).
- commit 3a9efbc
- netfilter: nft_set_rbtree: skip sync GC for new elements in
this transaction (CVE-2023-52923 bsc#1236104).
- commit 20a6d45
- netfilter: nf_tables: defer gc run if previous batch is still
pending (CVE-2023-52923 bsc#1236104).
- commit 8c98aa6
- netfilter: nf_tables: adapt set backend to use GC transaction
API (CVE-2023-52923 bsc#1236104).
- Refresh
patches.suse/netfilter-nf_tables-check-if-catch-all-set-element-i.patch.
- Refresh
patches.suse/netfilter-nf_tables-don-t-fail-inserts-if-duplicate-has-ex.patch.
- Refresh
patches.suse/netfilter-nf_tables-fix-kdoc-warnings-after-gc-rewor.patch.
- Refresh
patches.suse/netfilter-nf_tables-use-timestamp-to-check-for-set-element.patch.
- commit 84a46c0
- netfilter: nft_set_rbtree: fix overlap expiration walk
(CVE-2023-52923 bsc#1236104).
- commit 314088b
- netfilter: nft_set_rbtree: fix null deref on element insertion
(CVE-2023-52923 bsc#1236104).
- commit 5658720
- netfilter: nft_set_rbtree: skip elements in transaction from
garbage collection (CVE-2023-52923 bsc#1236104).
- commit da32326
- netfilter: nft_set_rbtree: Switch to node list walk for overlap
detection (CVE-2023-52923 bsc#1236104).
- Refresh
patches.suse/netfilter-nf_tables-use-timestamp-to-check-for-set-element.patch.
- commit fb97724
- netfilter: nft_set_rbtree: overlap detection with element
re-addition after deletion (CVE-2023-52923 bsc#1236104).
- commit 043eda8
- net: sched: fix ordering of qlen adjustment (CVE-2024-53164 bsc#1234863)
- commit 40219c0
- scsi: lpfc: Avoid potential ndlp use-after-free in
dev_loss_tmo_callbk (CVE-2025-38289 bsc#1246287).
- commit 7088af6
- ipc: fix to protect IPCS lookups using RCU (CVE-2025-38212
bsc#1246029).
- commit d87772b
- s390/pkey: Prevent overflow in size calculation for
memdup_user() (git-fixes CVE-2025-38257 bsc#1246186).
- commit 95d7e4c
- i40e: fix MMIO write access to an invalid page in i40e_clear_hw
(CVE-2025-38200 bsc#1246045).
- commit 1f55e7a
- Revert "hugetlb: unshare some PMDs when splitting VMAs (bsc#1245431)."
This reverts commit 42d0bfa0c264cdd972320d70cf30244e83ed6d45.
Fix requires more work.
- commit bd9ff6c
- Revert "mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race"
This reverts commit 5ac7828c47ade79e31bb3a63af46f7ba40385d3c.
Fix requires more work.
Conflicts:
series.conf
- commit b735458
- Revert "mm/hugetlb: unshare page tables during VMA split, not before"
This reverts commit 16c03c20551418e44e64746e1adb153a94eb8624.
Fix requires more work.
Conflicts:
series.conf
- commit 6f94b5c
- calipso: Fix null-ptr-deref in calipso_req_{set,del}attr()
(CVE-2025-38181 bsc#1246000).
- commit 84f7580
- vgacon: Add check for vc_origin address range in vgacon_scroll()
(CVE-2025-38213 bsc#1246037).
- commit 8cddace
- rpm/mkspec: Fix missing kernel-syms-rt creation (bsc#1244337)
- commit 630f139
- exfat: fix double free in delayed_free (bsc#1246073
CVE-2025-38206).
- commit e34f200
- Bluetooth: hci_event: Fix checking conn for le_conn_complete_evt
(bsc#1238160 CVE-2022-49138).
- commit 5955361
- Bluetooth: hci_event: Fix checking for invalid handle on error
status (bsc#1238160 CVE-2022-49138).
- commit bf7f8a7
- Bluetooth: hci_event: Ignore multiple conn complete events
(bsc#1238160 CVE-2022-49138).
- commit fa787ad
- crypto: algif_hash - fix double free in hash_accept
(CVE-2025-38079 bsc#1245217).
- commit 6c6cb3d
- net_sched: hfsc: Fix a UAF vulnerability in class handling
(CVE-2025-37797 bsc#1242417).
- commit 3ddb4b2
- net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT
(CVE-2024-53057 bsc#1233551).
- commit 1066e4f
- netfilter: nf_set_pipapo_avx2: fix initial map fill (git-fixes
CVE-2024-57947 bsc#1236333).
- commit 1758014
- netfilter: nf_set_pipapo: fix initial map fill (CVE-2024-57947
bsc#1236333).
- commit 233ce6a
- rpm: Drop support for kabi/arch/ignore-flavor (bsc#1249186)
It's not used in any active branches and it cannot solve contemporary
problems.
- commit f86a16a
- krb5
-
- Remove des3-cbc-sha1 and arcfour-hmac-md5 from permitted
enctypes unless new special options "allow_des3" or "allow_rc4"
are set; (CVE-2025-3576); (bsc#1241219).
- Add patch 0013-CVE-2025-3576.patch
- expat
-
- Fix CVE-2025-59375 / bsc#1249584.
- Add patch file:
* CVE-2025-59375.patch
- gcc14
-
- Exclude shared objects present for link editing in the GCC specific
subdirectory from provides processing via __provides_exclude_from.
[bsc#1244050][bsc#1243991]
- Make cross-*-gcc14-bootstrap package conflict with the non-bootstrap
variant conflict with the unversioned cross-*-gcc package.
- Disable build of glibc cross to loongarch64 and hppa in SLFO
and SLE15.
- Update to GCC 14.3 release, bb24b4c804f3d95b0ba95b7496, git11799
- Remove gcc14-pr120061.patch which is now included upstream.
- Add gcc14-pr120061.patch to fix the PR108900 fix instead of
reverting it.
- Remove gcc14-pr108900.patch
- Add gcc14-pr108900.patch to revert it, fixing libqt6webengine build.
- Update to gcc-14 branch head, 3418d740b344e0ba38022f3be, git11702
* Remove gcc14-pr118780.patch now on the upstream branch
- Fix build on s390x [bsc#1241549]
- Make sure link editing is done against our own shared library
copy rather than the installed system runtime. [bsc#1240788]
- Add gcc14-pr119680.patch to fix cross-compiler builds with
- -enable-host-pie.
- libgcrypt
-
- Security fix [bsc#1221107, CVE-2024-2236]
* Add --enable-marvin-workaround to spec to enable workaround
* Fix timing based side-channel in RSA implementation ( Marvin attack )
* Add libgcrypt-CVE-2024-2236_01.patch
* Add libgcrypt-CVE-2024-2236_02.patch
* Add libgcrypt-CVE-2024-2236_03.patch
- gnutls
-
- Fix heap buffer overread when handling the CT SCT extension during X.509
certificate parsing [bsc#1246233, CVE-2025-32989]
* Add patch gnutls-CVE-2025-32989.patch
- Fix double-free due to incorrect ownership handling in the export logic of
SAN entries containing an otherName [bsc#1246232, CVE-2025-32988]
* Add patch gnutls-CVE-2025-32988.patch
- Fix 1-byte heap buffer overflow when parsing templates with certtool
[bsc#1246267, CVE-2025-32990]
* Add patch gnutls-CVE-2025-32990.patch
- Fix NULL pointer dereference when 2nd Client Hello omits PSK
[bsc#1246299, CVE-2025-6395]
* Add patch gnutls-CVE-2025-6395.patch
- openssl-1_1
-
- Security fix: [bsc#1250232 CVE-2025-9230]
* Fix out-of-bounds read & write in RFC 3211 KEK unwrap
* Add patch openssl3-CVE-2025-9230.patch
- python311
-
- Add CVE-2025-8194-tarfile-no-neg-offsets.patch which now
validates archives to ensure member offsets are non-negative
(gh#python/cpython#130577, CVE-2025-8194, bsc#1247249).
- python3
-
- Add CVE-2025-8194-tarfile-no-neg-offsets.patch which now
validates archives to ensure member offsets are non-negative
(gh#python/cpython#130577, CVE-2025-8194, bsc#1247249).
- Add CVE-2025-4435-normalize-lnk-trgts-tarfile.patch
Security fixes for CVE-2025-4517, CVE-2025-4330, CVE-2025-4138,
CVE-2024-12718, CVE-2025-4435 on tarfile (bsc#1244032,
bsc#1244061, bsc#1244059, bsc#1244060, bsc#1244056).
The backported fixes do not contain changes for ntpath.py and
related tests, because the support for symlinks and junctions
were added later in Python 3.9, and it does not make sense to
backport them to 3.6 here.
The patch is contains the following changes:
- python@42deeab fixes symlink handling for tarfile.data_filter
- python@9d2c2a8 fixes handling of existing files/symlinks in tarfile
- python@00af979 adds a new "strict" argument to realpath()
- python@dd8f187 fixes mulriple CVE fixes in the tarfile module
- downstream only fixes that makes the changes work and
compatible with Python 3.6
- Add CVE-2025-6069-quad-complex-HTMLParser.patch to avoid worst
case quadratic complexity when processing certain crafted
malformed inputs with HTMLParser (CVE-2025-6069, bsc#1244705).
- Add python36-* provides/obsoletes to enable SLE-12 -> SLE-15
migration, bsc#1233012
- Add ipaddress-update-pr60.patch from gh#phihag/ipaddress!60 to
update vendored ipaddress module to 3.8 equivalent
- Add gh-128840_parse-IPv6-with-emb-IPv4.patch to limit buffer
size for IPv6 address parsing (gh#python/cpython#128840,
bsc#1244401).
- Update CVE-2025-4516-DecodeError-handler.patch not to break
_PyBytes_DecodeEscape signature.
- Add CVE-2025-4516-DecodeError-handler.patch fixing
CVE-2025-4516 (bsc#1243273) blocking DecodeError handling
vulnerability, which could lead to DoS.
- libsolv
-
- add support for product-obsoletes() provides in the product
autopackage generation code
- bump version to 0.7.34
- improve transaction ordering by allowing more uninst->uninst
edges [bsc#1243457]
- implement color filtering when adding update targets
- support orderwithrequires dependencies in susedata.xml
- bump version to 0.7.33
- sqlite3
-
- Backpatch the URLs in sqlite3.n from https to http to avoid a
file conflict with the tcl package on SLE-15-GA up to SP2. In
SP3 and onwards the Tcl package does not contain the sqlite
extension anymore.
- Sync version 3.50.2 from Factory:
* CVE-2025-6965, bsc#1246597:
Raise an error early if the number of aggregate terms in a
query exceeds the maximum number of columns, to avoid
downstream assertion faults.
* Add subpackage for the lemon parser generator.
+ sqlite-3.49.0-fix-lemon-missing-cflags.patch
+ sqlite-3.6.23-lemon-system-template.patch
- libssh
-
- Security fix: [CVE-2025-8277, bsc#1249375]
* Memory Exhaustion via Repeated Key Exchange
* Add patches:
- libssh-CVE-2025-8277-packet-Adjust-packet-filter-to-work-wh.patch
- libssh-CVE-2025-8277-Fix-memory-leak-of-unused-ephemeral-ke.patch
- libssh-CVE-2025-8277-ecdh-Free-previously-allocated-pubkeys.patch
- Security fix: [CVE-2025-8114, bsc#1246974]
* NULL pointer dereference when calculating session ID during KEX
* Add libssh-CVE-2025-8114.patch
- systemd
-
- Start the systemd-coredump.socket unit on systemd-coredump package
installation.
- Restore the kernel default values of the coredump sysctl settings on
systemd-coredump package removal.
- Import commit 6b9681f9bb313728baa3ff0c16814eb33516cd54
a474df9866 coredump: get rid of a bogus assertion
d4546562f8 coredump: use %d in kernel core pattern (bsc#1243935 CVE-2025-4598)
a5784c2856 coredump: get rid of _META_MANDATORY_MAX
dbaa7bc4bd coredump: restore compatibility with older patterns
32b6cd311f basic/macro: add macro to iterate variadic args
- Apply coredump sysctl settings on systemd-coredump updates/removals
- libxml2
-
- security update
- added patches
CVE-2025-7425 [bsc#1246296], Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr
+ libxml2-CVE-2025-7425.patch
- libzypp
-
- runposttrans: strip root prefix from tmppath (bsc#1250343)
- fixup! Make ld.so ignore the subarch packages during install
(bsc#1246912)
- version 17.37.18 (35)
- Make ld.so ignore the subarch packages during install
(bsc#1246912)
- version 17.37.17 (35)
- Fix evaluation of libproxy results (bsc#1247690)
- Replace URL variables inside mirrorlist/metalink files
(fixes #667)
- version 17.37.16 (35)
- Append RepoInfo::path() to the mirror URLs in Preloader
(bsc#1247054)
- version 17.37.15 (35)
- During installation indicate the backend being used (bsc#1246038)
If some package actually needs to know, it should test for
ZYPP_CLASSIC_RPMTRANS being set in the environment.
Otherwise the transaction is driven by librpm.
- version 17.37.14 (35)
- Workaround 'rpm -vv' leaving scriptlets /var/tmp (bsc#1218459)
- Verbose log libproxy results if PX_DEBUG=1 is set.
- BuildRequires: cmake >= 3.17.
- version 17.37.13 (35)
- Allow explicit request to probe an added repo's URL
(bsc#1246466)
- Fix tests with -DISABLE_MEDIABACKEND_TESTS=1 (fixes #661)
- version 17.37.12 (35)
- Add runtime check for a broken rpm-4.18.0 --runpostrans
(bsc#1246149)
- Add regression test for bsc#1245220 and some other filesize
related tests.
- version 17.37.11 (35)
- BuildRequires: %{libsolv_devel_package} >= 0.7.34 (bsc#1243486)
Newer rpm versions no longer allow a ':' in rpm package names or
obsoletes. So injecting an
Obsoletes: product:oldproductname < oldproductversion
into the -release package to indicate a product rename is no longer
possible.
Since libsolv-0.7.34 you can and should use:
Provides: product-obsoletes(oldproductname) < oldproductversion
in the -release package. libsolv will then inject the appropriate
Obsoletes into the Product.
- version 17.37.10 (35)
- Ignore DeltaRpm download errors (bsc#1245672)
DeltaRpms are in fact optional resources. In case of a failure
the full rpm is downloaded.
- Improve fix for incorrect filesize handling (bsc#1245220)
- version 17.37.9 (35)
- Do not trigger download data exceeded errors on HTTP non data
responses (bsc#1245220)
In some cases a HTTP 401 or 407 did trigger a "filesize exceeded"
error, because the response payload size was compared against the
expected filesize. This patch adds some checks if the response
code is in the success range and only then takes expected
filesize into account. Otherwise the response content-length is
used or a fallback of 2Mb if no content-length is known.
- version 17.37.8 (35)
- Fix SEGV in MediaDISK handler (bsc#1245452)
- Explicitly selecting DownloadAsNeeded also selects the
classic_rpmtrans backend.
DownloadAsNeeded can not be combined with the rpm singletrans
installer backend because a rpm transaction requires all package
headers to be available the the beginning of the transaction. So
explicitly selecting this mode also turns on the classic_rpmtrans
backend.
- Fix evaluation of libproxy results (bsc#1244710)
- version 17.37.7 (35)
- Enhancements regarding mirror handling during repo refresh.
Added means to disable the use of mirrors when downloading
security relevant files. Requires updaing zypper to 1.14.91.
- Fix autotestcase writer if ZYPP_FULLLOG=1 (bsc#1244042)
If ZYPP_FULLLOG=1 a solver testcase to
"/var/log/YaST2/autoTestcase" should be written for each solver
run. There was no testcase written for the very first solver run.
This is now fixed.
- Pass $1==2 to %posttrans script if it's an update (bsc#1243279)
- version 17.37.6 (35)
- uyuni-tools
-
- version 0.1.36-0
* Bump the default image tag to 5.0.5.1
- net-tools
-
- Drop 0002-Do-not-warn-about-interface-socket-not-binded.patch. It
worked around a net-tools-1.60 specific problem, that does not
happen in net-tools-2.10. It is more harmful than useful, as it
can hide real problems. (bsc#430864#c15,
https://github.com/ecki/net-tools/issues/32#issuecomment-3265471116).
- Drop 0004-By-default-do-not-fopen-anything-in-netrom_gr.patch. It
was net-tools-1.60 specific leak fix and breaks netrom in
net-tools-2.10 (bnc#544339#c2).
- Drop old Fedora patch 0006-Allow-interface-stacking.patch. It
provided a fix for CVE-2025-46836 (bsc#142461), but it was fixes
by the upstream in 2025 in a different way. Revert interferring
net-tools-CVE-2025-46836.patch back to the upstream version.
- Fix stack buffer overflow in parse_hex (bsc#1248687,
GHSA-h667-qrp8-gj58, net-tools-parse_hex-stack-overflow.patch).
- Fix stack-based buffer overflow in proc_gen_fmt (bsc#1248687,
GHSA-w7jq-cmw2-cq59,
net-tools-proc_gen_fmt-buffer-overflow.patch).
- Avoid unsafe memcpy in ifconfig (bsc#1248687,
net-tools-ifconfig-avoid-unsafe-memcpy.patch).
- Prevent overflow in ax25 and netrom (bsc#1248687,
net-tools-ax25+netrom-overflow-1.patch,
net-tools-ax25+netrom-overflow-2.patch).
- Keep possibility to enter long interface names, even if they are
not accepted by the kernel, because it was always possible up to
CVE-2025-46836 fix. But issue a warning about an interface name
concatenation (bsc#1248410,
net-tools-ifconfig-long-name-warning.patch).
- Provide more readable error for interface name size checking
introduced by net-tools-CVE-2025-46836.patch
(bsc#1243581, net-tools-CVE-2025-46836-error-reporting.patch).
- Fix a regression in net-tools-CVE-2025-46836.patch (bsc#1246608).
- Perform bound checks when parsing interface labels in
/proc/net/dev (bsc#1243581, CVE-2025-46836, GHSA-pfwf-h6m3-63wf,
net-tools-CVE-2025-46836.patch,
net-tools-CVE-2025-46836-regression.patch).
- pam
-
- Make sure that the buffer containing encrypted passwords get's erased
bedore free.
- Replace to previous CVE fix which led to CPU performance issues.
[bsc#1246221, CVE-2024-10041,
+ libpam-introduce-secure-memory-erasure-helpers.patch
+ pam_modutil_get-overwrite-password-at-free.patch
- passverify-always-run-the-helper-to-obtain-shadow_pwd.patch]
- permissions
-
- Update to version 20201225:
* permissions: remove unnecessary static dirs and devices (bsc#1235873)
- Update to version 20201225:
* nvidia-modprobe: SLE-15-SP4 backport (bsc#1246776)
- podman
-
- Add patch for CVE-2025-9566 (bsc#1249154):
* 0009-CVE-2025-9566-kube-play-don-t-follow-volume-symlinks.patch
- Rebase patches:
* 0001-vendor-update-c-buildah-to-1.33.12.patch
* 0002-Backport-fix-for-CVE-2024-6104.patch
* 0003-Switch-hashicorp-go-retryablehttp-to-the-SUSE-fork.patch
* 0004-http2-close-connections-when-receiving-too-many-head.patch
* 0005-CVE-2025-27144-vendor-don-t-allow-unbounded-amounts-.patch
* 0006-CVE-2025-22869-ssh-limit-the-size-of-the-internal-pa.patch
* 0007-Fix-Remove-appending-rw-as-the-default-mount-option.patch
* 0008-CVE-2025-6032-machine-init-fix-tls-check.patch
- Add patch for CVE-2025-6032 (bsc#1245320):
* 0008-CVE-2025-6032-machine-init-fix-tls-check.patch
- Rebase patches:
* 0001-vendor-update-c-buildah-to-1.33.12.patch
* 0002-Backport-fix-for-CVE-2024-6104.patch
* 0003-Switch-hashicorp-go-retryablehttp-to-the-SUSE-fork.patch
* 0004-http2-close-connections-when-receiving-too-many-head.patch
* 0005-CVE-2025-27144-vendor-don-t-allow-unbounded-amounts-.patch
* 0006-CVE-2025-22869-ssh-limit-the-size-of-the-internal-pa.patch
* 0007-Fix-Remove-appending-rw-as-the-default-mount-option.patch
- python-appdirs
-
- Add python36-appdirs provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-asn1crypto
-
- Add python36-asn1crypto provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-attrs
-
- Add python36-attrs provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-certifi
-
- Add python36-certifi provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-chardet
-
- Add python36-chardet provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python3-cryptography
-
- Add python36-cryptography provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- Skipping failing test
- python-idna
-
- Add python36-idna provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-importlib-metadata
-
- Add python36-importlib-metadata provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python3-more-itertools
-
- Add python36-more-itertools provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-packaging
-
- Add python36-packaging provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-ply
-
- Add python36-ply provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python3-pyOpenSSL
-
- Add python36-pyOpenSSL provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-pyasn1
-
- Add python36-pyasn1 provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-pycparser
-
- Add python36-pycparser provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-pyparsing
-
- Add python36-pyparsing provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-pytz
-
- Add python36-pytz provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-py
-
- Add python36-py provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-requests
-
- Add python36- provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python3-setuptools
-
- Add python36-setuptools provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-six
-
- Add python36-six provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-urllib3
-
- Add patch CVE-2025-50181-poolmanager-redirects.patch:
* Pool managers now properly control redirects when retries is passed
(CVE-2025-50181, GHSA-pq67-6m6q-mj2v, bsc#1244925)
- Add python36-urllib3 provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-zipp
-
- Add python36-zipp provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-boto3
-
- Update to 1.34.144
* api-change:``acm-pca``: [``botocore``] Minor refactoring of C2J model for AWS Private CA
* api-change:``arc-zonal-shift``: [``botocore``] Adds the option to subscribe to get notifications
when a zonal autoshift occurs in a region.
* api-change:``globalaccelerator``: [``botocore``] This feature adds exceptions to the Customer API
to avoid throwing Internal Service errors
* api-change:``pinpoint``: [``botocore``] Add v2 smoke tests and smithy smokeTests trait for SDK
testing.
* api-change:``quicksight``: [``botocore``] Vega ally control options and Support for Reviewed
Answers in Topics
- from version 1.34.143
* api-change:``batch``: [``botocore``] This feature allows AWS Batch Jobs with EKS container
orchestration type to be run as Multi-Node Parallel Jobs.
* api-change:``bedrock``: [``botocore``] Add support for contextual grounding check for Guardrails
for Amazon Bedrock.
* api-change:``bedrock-agent``: [``botocore``] Introduces new data sources and chunking strategies
for Knowledge bases, advanced parsing logic using FMs, session summary generation, and code
interpretation (preview) for Claude V3 Sonnet and Haiku models. Also introduces Prompt Flows
(preview) to link prompts, foundational models, and resources.
* api-change:``bedrock-agent-runtime``: [``botocore``] Introduces query decomposition, enhanced
Agents integration with Knowledge bases, session summary generation, and code interpretation
(preview) for Claude V3 Sonnet and Haiku models. Also introduces Prompt Flows (preview) to link
prompts, foundational models, and resources for end-to-end solutions.
* api-change:``bedrock-runtime``: [``botocore``] Add support for contextual grounding check and
ApplyGuardrail API for Guardrails for Amazon Bedrock.
* api-change:``ec2``: [``botocore``] Add parameters to enable provisioning IPAM BYOIPv4 space at a
Local Zone Network Border Group level
* api-change:``glue``: [``botocore``] Add recipe step support for recipe node
* api-change:``groundstation``: [``botocore``] Documentation update specifying OEM ephemeris units
of measurement
* api-change:``license-manager-linux-subscriptions``: [``botocore``] Add support for third party
subscription providers, starting with RHEL subscriptions through Red Hat Subscription Manager
(RHSM). Additionally, add support for tagging subscription provider resources, and detect when an
instance has more than one Linux subscription and notify the customer.
* api-change:``mediaconnect``: [``botocore``] AWS Elemental MediaConnect introduces the ability to
disable outputs. Disabling an output allows you to keep the output attached to the flow, but stop
streaming to the output destination. A disabled output does not incur data transfer costs.
- from version 1.34.142
* api-change:``datazone``: [``botocore``] This release deprecates dataProductItem field from
SearchInventoryResultItem, along with some unused DataProduct shapes
* api-change:``fsx``: [``botocore``] Adds support for FSx for NetApp ONTAP 2nd Generation file
systems, and FSx for OpenZFS Single AZ HA file systems.
* api-change:``opensearch``: [``botocore``] This release adds support for enabling or disabling
Natural Language Query Processing feature for Amazon OpenSearch Service domains, and provides
visibility into the current state of the setup or tear-down.
* api-change:``sagemaker``: [``botocore``] This release 1/ enables optimization jobs that allows
customers to perform Ahead-of-time compilation and quantization. 2/ allows customers to control
access to Amazon Q integration in SageMaker Studio. 3/ enables AdditionalModelDataSources for
CreateModel action.
- from version 1.34.141
* api-change:``codedeploy``: [``botocore``] Add v2 smoke tests and smithy smokeTests trait for SDK
testing.
* api-change:``devicefarm``: [``botocore``] Add v2 smoke tests and smithy smokeTests trait for SDK
testing.
* api-change:``dms``: [``botocore``] Add v2 smoke tests and smithy smokeTests trait for SDK testing.
* api-change:``elasticbeanstalk``: [``botocore``] Add v2 smoke tests and smithy smokeTests trait
for SDK testing.
* api-change:``es``: [``botocore``] Add v2 smoke tests and smithy smokeTests trait for SDK testing.
* api-change:``firehose``: [``botocore``] Add v2 smoke tests and smithy smokeTests trait for SDK
testing.
* api-change:``gamelift``: [``botocore``] Add v2 smoke tests and smithy smokeTests trait for SDK
testing.
* api-change:``qapps``: [``botocore``] This is a general availability (GA) release of Amazon Q
Apps, a capability of Amazon Q Business. Q Apps leverages data sources your company has provided to
enable users to build, share, and customize apps within your organization.
* api-change:``route53resolver``: [``botocore``] Add v2 smoke tests and smithy smokeTests trait for
SDK testing.
* api-change:``ses``: [``botocore``] Add v2 smoke tests and smithy smokeTests trait for SDK testing.
- from version 1.34.140
* api-change:``acm``: [``botocore``] Documentation updates, including fixes for xml formatting,
broken links, and ListCertificates description.
* api-change:``ecr``: [``botocore``] This release for Amazon ECR makes change to bring the SDK into
sync with the API.
* api-change:``payment-cryptography-data``: [``botocore``] Added further restrictions on logging of
potentially sensitive inputs and outputs.
* api-change:``qbusiness``: [``botocore``] Add personalization to Q Applications. Customers can
enable or disable personalization when creating or updating a Q application with the
personalization configuration.
- from version 1.34.139
* api-change:``application-autoscaling``: [``botocore``] Doc only update for Application Auto
Scaling that fixes resource name.
* api-change:``directconnect``: [``botocore``] This update includes documentation for support of
new native 400 GBps ports for Direct Connect.
* api-change:``organizations``: [``botocore``] Added a new reason under
ConstraintViolationException in RegisterDelegatedAdministrator API to prevent registering suspended
accounts as delegated administrator of a service.
* api-change:``rekognition``: [``botocore``] This release adds support for tagging projects and
datasets with the CreateProject and CreateDataset APIs.
* api-change:``workspaces``: [``botocore``] Fix create workspace bundle RootStorage/UserStorage to
accept non null values
- Update BuildRequires and Requires from setup.py
- Update to 1.34.138
* api-change:``ec2``: [``botocore``] Documentation updates for Elastic Compute Cloud (EC2).
* api-change:``fms``: [``botocore``] Increases Customer API's ManagedServiceData length
* api-change:``s3``: [``botocore``] Added response overrides to Head Object requests.
- from version 1.34.137
* api-change:``apigateway``: [``botocore``] Add v2 smoke tests and smithy smokeTests trait for SDK
testing.
* api-change:``cognito-identity``: [``botocore``] Add v2 smoke tests and smithy smokeTests trait
for SDK testing.
* api-change:``connect``: [``botocore``] Authentication profiles are Amazon Connect resources (in
gated preview) that allow you to configure authentication settings for users in your contact
center. This release adds support for new ListAuthenticationProfiles, DescribeAuthenticationProfile
and UpdateAuthenticationProfile APIs.
* api-change:``docdb``: [``botocore``] Add v2 smoke tests and smithy smokeTests trait for SDK
testing.
* api-change:``eks``: [``botocore``] Updates EKS managed node groups to support EC2 Capacity Blocks
for ML
* api-change:``payment-cryptography``: [``botocore``] Added further restrictions on logging of
potentially sensitive inputs and outputs.
* api-change:``payment-cryptography-data``: [``botocore``] Adding support for dynamic keys for
encrypt, decrypt, re-encrypt and translate pin functions. With this change, customers can use
one-time TR-31 keys directly in dataplane operations without the need to first import them into the
service.
* api-change:``stepfunctions``: [``botocore``] Add v2 smoke tests and smithy smokeTests trait for
SDK testing.
* api-change:``swf``: [``botocore``] Add v2 smoke tests and smithy smokeTests trait for SDK testing.
* api-change:``wafv2``: [``botocore``] JSON body inspection: Update documentation to clarify that
JSON parsing doesn't include full validation.
- from version 1.34.136
* api-change:``acm-pca``: [``botocore``] Added CCPC_LEVEL_1_OR_HIGHER KeyStorageSecurityStandard
and SM2 KeyAlgorithm and SM3WITHSM2 SigningAlgorithm for China regions.
* api-change:``cloudhsmv2``: [``botocore``] Added 3 new APIs to support backup sharing:
GetResourcePolicy, PutResourcePolicy, and DeleteResourcePolicy. Added BackupArn to the output of
the DescribeBackups API. Added support for BackupArn in the CreateCluster API.
* api-change:``connect``: [``botocore``] This release supports showing PreferredAgentRouting step
via DescribeContact API.
* api-change:``emr``: [``botocore``] This release provides the support for new allocation
strategies i.e. CAPACITY_OPTIMIZED_PRIORITIZED for Spot and PRIORITIZED for On-Demand by taking
input of priority value for each instance type for instance fleet clusters.
* api-change:``glue``: [``botocore``] Added AttributesToGet parameter to Glue GetDatabases,
allowing caller to limit output to include only the database name.
* api-change:``kinesisanalyticsv2``: [``botocore``] Support for Flink 1.19 in Managed Service for
Apache Flink
* api-change:``opensearch``: [``botocore``] This release removes support for enabling or disabling
Natural Language Query Processing feature for Amazon OpenSearch Service domains.
* api-change:``pi``: [``botocore``] Noting that the filter db.sql.db_id isn't available for RDS for
SQL Server DB instances.
* api-change:``workspaces``: [``botocore``] Added support for Red Hat Enterprise Linux 8 on Amazon
WorkSpaces Personal.
- from version 1.34.135
* api-change:``application-autoscaling``: [``botocore``] Amazon WorkSpaces customers can now use
Application Auto Scaling to automatically scale the number of virtual desktops in a WorkSpaces pool.
* api-change:``chime-sdk-media-pipelines``: [``botocore``] Added Amazon Transcribe multi language
identification to Chime SDK call analytics. Enabling customers sending single stream audio to
generate call recordings using Chime SDK call analytics
* api-change:``cloudfront``: [``botocore``] Doc only update for CloudFront that fixes
customer-reported issue
* api-change:``datazone``: [``botocore``] This release supports the data lineage feature of
business data catalog in Amazon DataZone.
* api-change:``elasticache``: [``botocore``] Add v2 smoke tests and smithy smokeTests trait for SDK
testing.
* api-change:``mq``: [``botocore``] This release makes the EngineVersion field optional for both
broker and configuration and uses the latest available version by default. The
AutoMinorVersionUpgrade field is also now optional for broker creation and defaults to 'true'.
* api-change:``qconnect``: [``botocore``] Adds CreateContentAssociation, ListContentAssociations,
GetContentAssociation, and DeleteContentAssociation APIs.
* api-change:``quicksight``: [``botocore``] Adding support for Repeating Sections, Nested Filters
* api-change:``rds``: [``botocore``] Updates Amazon RDS documentation for TAZ export to S3.
* api-change:``sagemaker``: [``botocore``] Add capability for Admins to customize Studio experience
for the user by showing or hiding Apps and MLTools.
* api-change:``workspaces``: [``botocore``] Added support for WorkSpaces Pools.
- from version 1.34.134
* api-change:``controltower``: [``botocore``] Added ListLandingZoneOperations API.
* api-change:``eks``: [``botocore``] Added support for disabling unmanaged addons during cluster
creation.
* api-change:``ivs-realtime``: [``botocore``] IVS Real-Time now offers customers the ability to
upload public keys for customer vended participant tokens.
* api-change:``kinesisanalyticsv2``: [``botocore``] This release adds support for new
ListApplicationOperations and DescribeApplicationOperation APIs. It adds a new configuration to
enable system rollbacks, adds field ApplicationVersionCreateTimestamp for clarity and improves
support for pagination for APIs.
* api-change:``opensearch``: [``botocore``] This release adds support for enabling or disabling
Natural Language Query Processing feature for Amazon OpenSearch Service domains, and provides
visibility into the current state of the setup or tear-down.
- from version 1.34.133
* api-change:``autoscaling``: [``botocore``] Doc only update for Auto Scaling's
TargetTrackingMetricDataQuery
* api-change:``ec2``: [``botocore``] This release is for the launch of the new u7ib-12tb.224xlarge,
R8g, c7gn.metal and mac2-m1ultra.metal instance types
* api-change:``networkmanager``: [``botocore``] This is model changes & documentation update for
the Asynchronous Error Reporting feature for AWS Cloud WAN. This feature allows customers to view
errors that occur while their resources are being provisioned, enabling customers to fix their
resources without needing external support.
* api-change:``workspaces-thin-client``: [``botocore``] This release adds the deviceCreationTags
field to CreateEnvironment API input, UpdateEnvironment API input and GetEnvironment API output.
- from version 1.34.132
* api-change:``bedrock-runtime``: [``botocore``] Increases Converse API's document name length
* api-change:``customer-profiles``: [``botocore``] This release includes changes to
ProfileObjectType APIs, adds functionality top set and get capacity for profile object types.
* api-change:``ec2``: [``botocore``] Fix EC2 multi-protocol info in models.
* api-change:``qbusiness``: [``botocore``] Allow enable/disable Q Apps when creating/updating a Q
application; Return the Q Apps enablement information when getting a Q application.
* api-change:``ssm``: [``botocore``] Add sensitive trait to SSM IPAddress property for CloudTrail
redaction
* api-change:``workspaces-web``: [``botocore``] Added ability to enable DeepLinking functionality
on a Portal via UserSettings as well as added support for IdentityProvider resource tagging.
- from version 1.34.131
* api-change:``bedrock-runtime``: [``botocore``] This release adds document support to Converse and
ConverseStream APIs
* api-change:``codeartifact``: [``botocore``] Add support for the Cargo package format.
* api-change:``compute-optimizer``: [``botocore``] This release enables AWS Compute Optimizer to
analyze and generate optimization recommendations for Amazon RDS MySQL and RDS PostgreSQL.
* api-change:``cost-optimization-hub``: [``botocore``] This release enables AWS Cost Optimization
Hub to show cost optimization recommendations for Amazon RDS MySQL and RDS PostgreSQL.
* api-change:``dynamodb``: [``botocore``] Doc-only update for DynamoDB. Fixed Important note in 6
Global table APIs - CreateGlobalTable, DescribeGlobalTable, DescribeGlobalTableSettings,
ListGlobalTables, UpdateGlobalTable, and UpdateGlobalTableSettings.
* api-change:``glue``: [``botocore``] Fix Glue paginators for Jobs, JobRuns, Triggers, Blueprints
and Workflows.
* api-change:``ivs-realtime``: [``botocore``] IVS Real-Time now offers customers the ability to
record individual stage participants to S3.
* api-change:``sagemaker``: [``botocore``] Adds support for model references in Hub service, and
adds support for cross-account access of Hubs
* api-change:``securityhub``: [``botocore``] Documentation updates for Security Hub
- from version 1.34.130
* api-change:``artifact``: [``botocore``] This release adds an acceptanceType field to the
ReportSummary structure (used in the ListReports API response).
* api-change:``athena``: [``botocore``] Add v2 smoke tests and smithy smokeTests trait for SDK
testing.
* api-change:``cur``: [``botocore``] Add v2 smoke tests and smithy smokeTests trait for SDK testing.
* api-change:``directconnect``: [``botocore``] Add v2 smoke tests and smithy smokeTests trait for
SDK testing.
* api-change:``elastictranscoder``: [``botocore``] Add v2 smoke tests and smithy smokeTests trait
for SDK testing.
* api-change:``opensearch``: [``botocore``] This release enables customers to use JSON Web Tokens
(JWT) for authentication on their Amazon OpenSearch Service domains.
- from version 1.34.129
* api-change:``bedrock-runtime``: [``botocore``] This release adds support for using Guardrails
with the Converse and ConverseStream APIs.
* api-change:``cloudtrail``: [``botocore``] Add v2 smoke tests and smithy smokeTests trait for SDK
testing.
* api-change:``config``: [``botocore``] Add v2 smoke tests and smithy smokeTests trait for SDK
testing.
* api-change:``eks``: [``botocore``] This release adds support to surface async fargate customer
errors from async path to customer through describe-fargate-profile API response.
* api-change:``lightsail``: [``botocore``] Add v2 smoke tests and smithy smokeTests trait for SDK
testing.
* api-change:``polly``: [``botocore``] Add v2 smoke tests and smithy smokeTests trait for SDK
testing.
* api-change:``rekognition``: [``botocore``] Add v2 smoke tests and smithy smokeTests trait for SDK
testing.
* api-change:``sagemaker``: [``botocore``] Launched a new feature in SageMaker to provide managed
MLflow Tracking Servers for customers to track ML experiments. This release also adds a new
capability of attaching additional storage to SageMaker HyperPod cluster instances.
* api-change:``shield``: [``botocore``] Add v2 smoke tests and smithy smokeTests trait for SDK
testing.
* api-change:``snowball``: [``botocore``] Add v2 smoke tests and smithy smokeTests trait for SDK
testing.
- from version 1.34.128
* api-change:``acm-pca``: [``botocore``] Doc-only update that adds name constraints as an allowed
extension for ImportCertificateAuthorityCertificate.
* api-change:``batch``: [``botocore``] Add v2 smoke tests and smithy smokeTests trait for SDK
testing.
* api-change:``codebuild``: [``botocore``] AWS CodeBuild now supports global and organization
GitHub webhooks
* api-change:``cognito-idp``: [``botocore``] Add v2 smoke tests and smithy smokeTests trait for SDK
testing.
* api-change:``ds``: [``botocore``] Add v2 smoke tests and smithy smokeTests trait for SDK testing.
* api-change:``efs``: [``botocore``] Add v2 smoke tests and smithy smokeTests trait for SDK testing.
* api-change:``glue``: [``botocore``] This release introduces a new feature, Usage profiles. Usage
profiles allow the AWS Glue admin to create different profiles for various classes of users within
the account, enforcing limits and defaults for jobs and sessions.
* api-change:``mediaconvert``: [``botocore``] This release includes support for creating I-frame
only video segments for DASH trick play.
* api-change:``secretsmanager``: [``botocore``] Doc only update for Secrets Manager
* api-change:``waf``: [``botocore``] Add v2 smoke tests and smithy smokeTests trait for SDK testing.
- from version 1.34.127
* api-change:``datazone``: [``botocore``] This release introduces a new default service blueprint
for custom environment creation.
* api-change:``ec2``: [``botocore``] Documentation updates for Amazon EC2.
* api-change:``macie2``: [``botocore``] This release adds support for managing the status of
automated sensitive data discovery for individual accounts in an organization, and determining
whether individual S3 buckets are included in the scope of the analyses.
* api-change:``mediaconvert``: [``botocore``] This release adds the ability to search for
historical job records within the management console using a search box and/or via the SDK/CLI with
partial string matching search on input file name.
* api-change:``route53domains``: [``botocore``] Add v2 smoke tests and smithy smokeTests trait for
SDK testing.
- from version 1.34.126
* api-change:``cloudhsmv2``: [``botocore``] Added support for hsm type hsm2m.medium. Added
supported for creating a cluster in FIPS or NON_FIPS mode.
* api-change:``glue``: [``botocore``] This release adds support for configuration of evaluation
method for composite rules in Glue Data Quality rulesets.
* api-change:``iotwireless``: [``botocore``] Add RoamingDeviceSNR and RoamingDeviceRSSI to Customer
Metrics.
* api-change:``kms``: [``botocore``] This feature allows customers to use their keys stored in KMS
to derive a shared secret which can then be used to establish a secured channel for communication,
provide proof of possession, or establish trust with other parties.
* api-change:``mediapackagev2``: [``botocore``] This release adds support for CMAF ingest (DASH-IF
live media ingest protocol interface 1)
- from version 1.34.125
* api-change:``apptest``: [``botocore``] AWS Mainframe Modernization Application Testing is an AWS
Mainframe Modernization service feature that automates functional equivalence testing for mainframe
application modernization and migration to AWS, and regression testing.
* api-change:``backupstorage``: [``botocore``] The backupstorage client has been removed following
the deprecation of the service.
* api-change:``ec2``: [``botocore``] Tagging support for Traffic Mirroring FilterRule resource
* api-change:``osis``: [``botocore``] SDK changes for self-managed vpc endpoint to OpenSearch
ingestion pipelines.
* api-change:``redshift``: [``botocore``] Updates to remove DC1 and DS2 node types.
* api-change:``secretsmanager``: [``botocore``] Introducing RotationToken parameter for
PutSecretValue API
* api-change:``securitylake``: [``botocore``] This release updates request validation regex to
account for non-commercial aws partitions.
* api-change:``sesv2``: [``botocore``] This release adds support for Amazon EventBridge as an email
sending events destination.
- from version 1.34.124
* api-change:``accessanalyzer``: [``botocore``] IAM Access Analyzer now provides policy
recommendations to help resolve unused permissions for IAM roles and users. Additionally, IAM
Access Analyzer now extends its custom policy checks to detect when IAM policies grant public
access or access to critical resources ahead of deployments.
* api-change:``guardduty``: [``botocore``] Added API support for GuardDuty Malware Protection for
S3.
* api-change:``networkmanager``: [``botocore``] This is model changes & documentation update for
Service Insertion feature for AWS Cloud WAN. This feature allows insertion of AWS/3rd party
security services on Cloud WAN. This allows to steer inter/intra segment traffic via security
appliances and provide visibility to the route updates.
* api-change:``pca-connector-scep``: [``botocore``] Connector for SCEP allows you to use a managed,
cloud CA to enroll mobile devices and networking gear. SCEP is a widely-adopted protocol used by
mobile device management (MDM) solutions for enrolling mobile devices. With the connector, you can
use AWS Private CA with popular MDM solutions.
* api-change:``sagemaker``: [``botocore``] Introduced Scope and AuthenticationRequestExtraParams to
SageMaker Workforce OIDC configuration; this allows customers to modify these options for their
private Workforce IdP integration. Model Registry Cross-account model package groups are
discoverable.
- from version 1.34.123
* api-change:``application-signals``: [``botocore``] This is the initial SDK release for Amazon
CloudWatch Application Signals. Amazon CloudWatch Application Signals provides curated application
performance monitoring for developers to monitor and troubleshoot application health using
pre-built dashboards and Service Level Objectives.
* api-change:``ecs``: [``botocore``] This release introduces a new cluster configuration to support
the customer-managed keys for ECS managed storage encryption.
* api-change:``imagebuilder``: [``botocore``] This release updates the regex pattern for Image
Builder ARNs.
- Update BuildRequires and Requires from setup.py
- Update to 1.34.122
* api-change:``auditmanager``: [``botocore``] New feature: common controls. When creating custom
controls, you can now use pre-grouped AWS data sources based on common compliance themes. Also, the
awsServices parameter is deprecated because we now manage services in scope for you. If used, the
input is ignored and an empty list is returned.
* api-change:``b2bi``: [``botocore``] Added exceptions to B2Bi List operations and
ConflictException to B2Bi StartTransformerJob operation. Also made capabilities field explicitly
required when creating a Partnership.
* api-change:``codepipeline``: [``botocore``] CodePipeline now supports overriding S3 Source Object
Key during StartPipelineExecution, as part of Source Overrides.
* api-change:``sagemaker``: [``botocore``] This release introduces a new optional parameter:
InferenceAmiVersion, in ProductionVariant.
* api-change:``verifiedpermissions``: [``botocore``] This release adds OpenIdConnect (OIDC)
configuration support for IdentitySources, allowing for external IDPs to be used in authorization
requests.
- from version 1.34.121
* api-change:``account``: [``botocore``] This release adds 3 new APIs (AcceptPrimaryEmailUpdate,
GetPrimaryEmail, and StartPrimaryEmailUpdate) used to centrally manage the root user email address
of member accounts within an AWS organization.
* api-change:``alexaforbusiness``: [``botocore``] The alexaforbusiness client has been removed
following the deprecation of the service.
* api-change:``firehose``: [``botocore``] Adds integration with Secrets Manager for Redshift,
Splunk, HttpEndpoint, and Snowflake destinations
* api-change:``fsx``: [``botocore``] This release adds support to increase metadata performance on
FSx for Lustre file systems beyond the default level provisioned when a file system is created.
This can be done by specifying MetadataConfiguration during the creation of Persistent_2 file
systems or by updating it on demand.
* api-change:``glue``: [``botocore``] This release adds support for creating and updating Glue Data
Catalog Views.
* api-change:``honeycode``: [``botocore``] The honeycode client has been removed following the
deprecation of the service.
* api-change:``iotwireless``: [``botocore``] Adds support for wireless device to be in Conflict
FUOTA Device Status due to a FUOTA Task, so it couldn't be attached to a new one.
* api-change:``location``: [``botocore``] Added two new APIs, VerifyDevicePosition and
ForecastGeofenceEvents. Added support for putting larger geofences up to 100,000 vertices with
Geobuf fields.
* api-change:``sns``: [``botocore``] Doc-only update for SNS. These changes include
customer-reported issues and TXC3 updates.
* api-change:``sqs``: [``botocore``] Doc only updates for SQS. These updates include
customer-reported issues and TCX3 modifications.
* api-change:``storagegateway``: [``botocore``] Adds SoftwareUpdatePreferences to
DescribeMaintenanceStartTime and UpdateMaintenanceStartTime, a structure which contains
AutomaticUpdatePolicy.
* enhancement:AWSCRT: [``botocore``] Update awscrt version to 0.20.11
- from version 1.34.120
* api-change:``globalaccelerator``: [``botocore``] This release contains a new optional
ip-addresses input field for the update accelerator and update custom routing accelerator apis.
This input enables consumers to replace IPv4 addresses on existing accelerators with addresses
provided in the input.
* api-change:``glue``: [``botocore``] AWS Glue now supports native SaaS connectivity: Salesforce
connector available now
* api-change:``s3``: [``botocore``] Added new params copySource and key to copyObject API for
supporting S3 Access Grants plugin. These changes will not change any of the existing S3 API
functionality.
- from version 1.34.119
* api-change:``ec2``: [``botocore``] U7i instances with up to 32 TiB of DDR5 memory and 896 vCPUs
are now available. C7i-flex instances are launched and are lower-priced variants of the Amazon EC2
C7i instances that offer a baseline level of CPU performance with the ability to scale up to the
full compute performance 95% of the time.
* api-change:``pipes``: [``botocore``] This release adds Timestream for LiveAnalytics as a
supported target in EventBridge Pipes
* api-change:``sagemaker``: [``botocore``] Extend DescribeClusterNode response with private DNS
hostname and IP address, and placement information about availability zone and availability zone ID.
* api-change:``taxsettings``: [``botocore``] Initial release of AWS Tax Settings API
- from version 1.34.118
* api-change:``amplify``: [``botocore``] This doc-only update identifies fields that are specific
to Gen 1 and Gen 2 applications.
* api-change:``batch``: [``botocore``] This release adds support for the AWS Batch
GetJobQueueSnapshot API operation.
* api-change:``eks``: [``botocore``] Adds support for EKS add-ons pod identity associations
integration
* api-change:``iottwinmaker``: [``botocore``] Support RESET_VALUE UpdateType for PropertyUpdates to
reset property value to default or null
- from version 1.34.117
* api-change:``codebuild``: [``botocore``] AWS CodeBuild now supports Self-hosted GitHub Actions
runners for Github Enterprise
* api-change:``codeguru-security``: [``botocore``] This release includes minor model updates and
documentation updates.
* api-change:``elasticache``: [``botocore``] Update to attributes of TestFailover and minor
revisions.
* api-change:``launch-wizard``: [``botocore``] This release adds support for describing workload
deployment specifications, deploying additional workload types, and managing tags for Launch Wizard
resources with API operations.
- from version 1.34.116
* api-change:``acm``: [``botocore``] add v2 smoke tests and smithy smokeTests trait for SDK testing.
* api-change:``bedrock-agent``: [``botocore``] With this release, Knowledge bases for Bedrock adds
support for Titan Text Embedding v2.
* api-change:``bedrock-runtime``: [``botocore``] This release adds Converse and ConverseStream APIs
to Bedrock Runtime
* api-change:``cloudtrail``: [``botocore``] CloudTrail Lake returns PartitionKeys in the
GetEventDataStore API response. Events are grouped into partitions based on these keys for better
query performance. For example, the calendarday key groups events by day, while combining the
calendarday key with the hour key groups them by day and hour.
* api-change:``connect``: [``botocore``] Adding associatedQueueIds as a SearchCriteria and response
field to the SearchRoutingProfiles API
* api-change:``emr-serverless``: [``botocore``] The release adds support for spark structured
streaming.
* api-change:``rds``: [``botocore``] Updates Amazon RDS documentation for Aurora Postgres DBname.
* api-change:``sagemaker``: [``botocore``] Adds Model Card information as a new component to Model
Package. Autopilot launches algorithm selection for TimeSeries modality to generate AutoML
candidates per algorithm.
- from version 1.34.115
* api-change:``athena``: [``botocore``] Throwing validation errors on CreateNotebook with Name
containing `/`,`:`,`\`
* api-change:``codebuild``: [``botocore``] AWS CodeBuild now supports manually creating GitHub
webhooks
* api-change:``connect``: [``botocore``] This release includes changes to DescribeContact API's
response by including ConnectedToSystemTimestamp, RoutingCriteria, Customer, Campaign,
AnsweringMachineDetectionStatus, CustomerVoiceActivity, QualityMetrics, DisconnectDetails, and
SegmentAttributes information from a contact in Amazon Connect.
* api-change:``glue``: [``botocore``] Add optional field JobMode to CreateJob and UpdateJob APIs.
* api-change:``securityhub``: [``botocore``] Add ROOT type for TargetType model
- from version 1.34.114
* api-change:``dynamodb``: [``botocore``] Doc-only update for DynamoDB. Specified the IAM actions
needed to authorize a user to create a table with a resource-based policy.
* api-change:``ec2``: [``botocore``] Providing support to accept BgpAsnExtended attribute
* api-change:``kafka``: [``botocore``] Adds ControllerNodeInfo in ListNodes response to support
Raft mode for MSK
* api-change:``swf``: [``botocore``] This release adds new APIs for deleting activity type and
workflow type resources.
- from version 1.34.113
* api-change:``dynamodb``: [``botocore``] Documentation only updates for DynamoDB.
* api-change:``iotfleetwise``: [``botocore``] AWS IoT FleetWise now supports listing vehicles with
attributes filter, ListVehicles API is updated to support additional attributes filter.
* api-change:``managedblockchain``: [``botocore``] This is a minor documentation update to address
the impact of the shut down of the Goerli and Polygon networks.
- from version 1.34.112
* api-change:``emr-serverless``: [``botocore``] This release adds the capability to run interactive
workloads using Apache Livy Endpoint.
* api-change:``opsworks``: [``botocore``] Documentation-only update for OpsWorks Stacks.
- from version 1.34.111
* api-change:``chatbot``: [``botocore``] This change adds support for tagging Chatbot
configurations.
* api-change:``cloudformation``: [``botocore``] Added DeletionMode FORCE_DELETE_STACK for deleting
a stack that is stuck in DELETE_FAILED state due to resource deletion failure.
* api-change:``kms``: [``botocore``] This release includes feature to import customer's asymmetric
(RSA, ECC and SM2) and HMAC keys into KMS in China.
* api-change:``opensearch``: [``botocore``] This release adds support for enabling or disabling a
data source configured as part of Zero-ETL integration with Amazon S3, by setting its status.
* api-change:``wafv2``: [``botocore``] You can now use Security Lake to collect web ACL traffic
data.
- from version 1.34.110
* api-change:``cloudfront``: [``botocore``] Model update; no change to SDK functionality.
* api-change:``glue``: [``botocore``] Add Maintenance window to CreateJob and UpdateJob APIs and
JobRun response. Add a new Job Run State for EXPIRED.
* api-change:``lightsail``: [``botocore``] This release adds support for Amazon Lightsail instances
to switch between dual-stack or IPv4 only and IPv6-only public IP address types.
* api-change:``mailmanager``: [``botocore``] This release includes a new Amazon SES feature called
Mail Manager, which is a set of email gateway capabilities designed to help customers strengthen
their organization's email infrastructure, simplify email workflow management, and streamline email
compliance control.
* api-change:``pi``: [``botocore``] Performance Insights added a new input parameter called
AuthorizedActions to support the fine-grained access feature. Performance Insights also restricted
the acceptable input characters.
* api-change:``rds``: [``botocore``] Updates Amazon RDS documentation for Db2 license through AWS
Marketplace.
* api-change:``storagegateway``: [``botocore``] Added new SMBSecurityStrategy enum named
MandatoryEncryptionNoAes128, new mode enforces encryption and disables AES 128-bit algorithums.
- from version 1.34.109
* api-change:``bedrock-agent``: [``botocore``] This release adds support for using Guardrails with
Bedrock Agents.
* api-change:``bedrock-agent-runtime``: [``botocore``] This release adds support for using
Guardrails with Bedrock Agents.
* api-change:``controltower``: [``botocore``] Added ListControlOperations API and filtering support
for ListEnabledControls API. Updates also includes added metadata for enabled controls and control
operations.
* api-change:``osis``: [``botocore``] Add support for creating an OpenSearch Ingestion pipeline
that is attached to a provided VPC. Add information about the destinations of an OpenSearch
Ingestion pipeline to the GetPipeline and ListPipelines APIs.
* api-change:``rds``: [``botocore``] This release adds support for EngineLifecycleSupport on
DBInstances, DBClusters, and GlobalClusters.
* api-change:``secretsmanager``: [``botocore``] add v2 smoke tests and smithy smokeTests trait for
SDK testing
- from version 1.34.108
* api-change:``application-autoscaling``: [``botocore``] add v2 smoke tests and smithy smokeTests
trait for SDK testing.
* api-change:``codebuild``: [``botocore``] Aws CodeBuild now supports 36 hours build timeout
* api-change:``elbv2``: [``botocore``] This release adds dualstack-without-public-ipv4 IP address
type for ALB.
* api-change:``lakeformation``: [``botocore``] Introduces a new API, GetDataLakePrincipal, that
returns the identity of the invoking principal
* api-change:``transfer``: [``botocore``] Enable use of CloudFormation traits in Smithy model to
improve generated CloudFormation schema from the Smithy API model.
- from version 1.34.107
* api-change:``acm-pca``: [``botocore``] This release adds support for waiters to fail on
AccessDeniedException when having insufficient permissions
* api-change:``connect``: [``botocore``] Adding Contact Flow metrics to the GetMetricDataV2 API
* api-change:``kafka``: [``botocore``] AWS MSK support for Broker Removal.
* api-change:``mwaa``: [``botocore``] Amazon MWAA now supports Airflow web server auto scaling to
automatically handle increased demand from REST APIs, Command Line Interface (CLI), or more Airflow
User Interface (UI) users. Customers can specify maximum and minimum web server instances during
environment creation and update workflow.
* api-change:``quicksight``: [``botocore``] This release adds DescribeKeyRegistration and
UpdateKeyRegistration APIs to manage QuickSight Customer Managed Keys (CMK).
* api-change:``sagemaker``: [``botocore``] Introduced WorkerAccessConfiguration to SageMaker
Workteam. This allows customers to configure resource access for workers in a workteam.
* api-change:``secretsmanager``: [``botocore``] Documentation updates for AWS Secrets Manager
* bugfix:retries: [``botocore``] Fix backoff calculation for truncated binary exponential backoff
(`#3178 <https://github.com/boto/botocore/issues/3178>`__)
- from version 1.34.106
* api-change:``bedrock-agent-runtime``: [``botocore``] Updating Bedrock Knowledge Base Metadata &
Filters feature with two new filters listContains and stringContains
* api-change:``codebuild``: [``botocore``] CodeBuild Reserved Capacity VPC Support
* api-change:``datasync``: [``botocore``] Task executions now display a CANCELLING status when an
execution is in the process of being cancelled.
* api-change:``grafana``: [``botocore``] This release adds new ServiceAccount and
ServiceAccountToken APIs.
* api-change:``medical-imaging``: [``botocore``] Added support for importing medical imaging data
from Amazon S3 buckets across accounts and regions.
* api-change:``securityhub``: [``botocore``] Documentation-only update for AWS Security Hub
- Update BuildRequires and Requires from setup.py
- Update to 1.34.105
* api-change:``connect``: [``botocore``] Amazon Connect provides enhanced search capabilities for
flows & flow modules on the Connect admin website and programmatically using APIs. You can search
for flows and flow modules by name, description, type, status, and tags, to filter and identify a
specific flow in your Connect instances.
* api-change:``s3``: [``botocore``] Updated a few x-id in the http uri traits
- from version 1.34.104
* api-change:``events``: [``botocore``] Amazon EventBridge introduces KMS customer-managed key
(CMK) encryption support for custom and partner events published on EventBridge Event Bus
(including default bus) and UpdateEventBus API.
* api-change:``vpc-lattice``: [``botocore``] This release adds TLS Passthrough support. It also
increases max number of target group per rule to 10.
- from version 1.34.103
* api-change:``discovery``: [``botocore``] add v2 smoke tests and smithy smokeTests trait for SDK
testing
* api-change:``greengrassv2``: [``botocore``] Mark ComponentVersion in
ComponentDeploymentSpecification as required.
* api-change:``sagemaker``: [``botocore``] Introduced support for G6 instance types on Sagemaker
Notebook Instances and on SageMaker Studio for JupyterLab and CodeEditor applications.
* api-change:``sso-oidc``: [``botocore``] Updated request parameters for PKCE support.
- from version 1.34.102
* api-change:``bedrock-agent-runtime``: [``botocore``] This release adds support to provide
guardrail configuration and modify inference parameters that are then used in RetrieveAndGenerate
API in Agents for Amazon Bedrock.
* api-change:``pinpoint``: [``botocore``] This release adds support for specifying email message
headers for Email Templates, Campaigns, Journeys and Send Messages.
* api-change:``route53resolver``: [``botocore``] Update the DNS Firewall settings to correct a
spelling issue.
* api-change:``ssm-sap``: [``botocore``] Added support for application-aware start/stop of SAP
applications running on EC2 instances, with SSM for SAP
* api-change:``verifiedpermissions``: [``botocore``] Adds policy effect and actions fields to
Policy API's.
- from version 1.34.101
* api-change:``cognito-idp``: [``botocore``] Add EXTERNAL_PROVIDER enum value to UserStatusType.
* api-change:``ec2``: [``botocore``] Adding Precision Hardware Clock (PHC) to public API
DescribeInstanceTypes
* api-change:``ecr``: [``botocore``] This release adds pull through cache rules support for GitLab
container registry in Amazon ECR.
* api-change:``fms``: [``botocore``] The policy scope resource tag is always a string value, either
a non-empty string or an empty string.
* api-change:``polly``: [``botocore``] Add new engine - generative - that builds the most
expressive conversational voices.
* api-change:``sqs``: [``botocore``] This release adds MessageSystemAttributeNames to
ReceiveMessageRequest to replace AttributeNames.
- from version 1.34.100
* api-change:``b2bi``: [``botocore``] Documentation update to clarify the MappingTemplate
definition.
* api-change:``budgets``: [``botocore``] This release adds tag support for budgets and budget
actions.
* api-change:``resiliencehub``: [``botocore``] AWS Resilience Hub has expanded its drift detection
capabilities by introducing a new type of drift detection - application resource drift. This new
enhancement detects changes, such as the addition or deletion of resources within the application's
input sources.
* api-change:``route53profiles``: [``botocore``] Doc only update for Route 53 profiles that fixes
some link issues
- from version 1.34.99
* api-change:``medialive``: [``botocore``] AWS Elemental MediaLive now supports configuring how
SCTE 35 passthrough triggers segment breaks in HLS and MediaPackage output groups. Previously,
messages triggered breaks in all these output groups. The new option is to trigger segment breaks
only in groups that have SCTE 35 passthrough enabled.
- from version 1.34.98
* api-change:``bedrock-agent``: [``botocore``] This release adds support for using Provisioned
Throughput with Bedrock Agents.
* api-change:``connect``: [``botocore``] This release adds 5 new APIs for managing attachments:
StartAttachedFileUpload, CompleteAttachedFileUpload, GetAttachedFile, BatchGetAttachedFileMetadata,
DeleteAttachedFile. These APIs can be used to programmatically upload and download attachments to
Connect resources, like cases.
* api-change:``connectcases``: [``botocore``] This feature supports the release of Files related
items
* api-change:``datasync``: [``botocore``] Updated guidance on using private or self-signed
certificate authorities (CAs) with AWS DataSync object storage locations.
* api-change:``inspector2``: [``botocore``] This release adds CSV format to GetCisScanReport for
Inspector v2
* api-change:``sagemaker``: [``botocore``] Amazon SageMaker Inference now supports m6i, c6i, r6i,
m7i, c7i, r7i and g5 instance types for Batch Transform Jobs
* api-change:``sesv2``: [``botocore``] Adds support for specifying replacement headers per
BulkEmailEntry in SendBulkEmail in SESv2.
- from version 1.34.97
* api-change:``dynamodb``: [``botocore``] This release adds support to specify an optional, maximum
OnDemandThroughput for DynamoDB tables and global secondary indexes in the CreateTable or
UpdateTable APIs. You can also override the OnDemandThroughput settings by calling the ImportTable,
RestoreFromPointInTime, or RestoreFromBackup APIs.
* api-change:``ec2``: [``botocore``] This release includes a new API for retrieving the public
endorsement key of the EC2 instance's Nitro Trusted Platform Module (NitroTPM).
* api-change:``personalize``: [``botocore``] This releases ability to delete users and their data,
including their metadata and interactions data, from a dataset group.
* api-change:``redshift-serverless``: [``botocore``] Update Redshift Serverless List Scheduled
Actions Output Response to include Namespace Name.
- from version 1.34.96
* api-change:``bedrock-agent``: [``botocore``] This release adds support for using MongoDB Atlas as
a vector store when creating a knowledge base.
* api-change:``ec2``: [``botocore``] Documentation updates for Amazon EC2.
* api-change:``personalize-runtime``: [``botocore``] This release adds support for a Reason
attribute for predicted items generated by User-Personalization-v2.
* api-change:``securityhub``: [``botocore``] Updated CreateMembers API request with limits.
* api-change:``sesv2``: [``botocore``] Fixes ListContacts and ListImportJobs APIs to use POST
instead of GET.
- from version 1.34.95
* api-change:``chime-sdk-voice``: [``botocore``] Due to changes made by the Amazon Alexa service,
GetSipMediaApplicationAlexaSkillConfiguration and PutSipMediaApplicationAlexaSkillConfiguration
APIs are no longer available for use. For more information, refer to the Alexa Smart Properties
page.
* api-change:``codeartifact``: [``botocore``] Add support for the Ruby package format.
* api-change:``fms``: [``botocore``] AWS Firewall Manager now supports the network firewall service
stream exception policy feature for accounts within your organization.
* api-change:``omics``: [``botocore``] Add support for workflow sharing and dynamic run storage
* api-change:``opensearch``: [``botocore``] This release enables customers to create Route53 A and
AAAA alias record types to point custom endpoint domain to OpenSearch domain's dualstack search
endpoint.
* api-change:``pinpoint-sms-voice-v2``: [``botocore``] Amazon Pinpoint has added two new features
Multimedia services (MMS) and protect configurations. Use the three new MMS APIs to send media
messages to a mobile phone which includes image, audio, text, or video files. Use the ten new
protect configurations APIs to block messages to specific countries.
* api-change:``qbusiness``: [``botocore``] This is a general availability (GA) release of Amazon Q
Business. Q Business enables employees in an enterprise to get comprehensive answers to complex
questions and take actions through a unified, intuitive web-based chat experience - using an
enterprise's existing content, data, and systems.
* api-change:``quicksight``: [``botocore``] New Q embedding supporting Generative Q&A
* api-change:``route53resolver``: [``botocore``] Release of FirewallDomainRedirectionAction
parameter on the Route 53 DNS Firewall Rule. This allows customers to configure a DNS Firewall
rule to inspect all the domains in the DNS redirection chain (default) , such as CNAME, ALIAS,
DNAME, etc., or just the first domain and trust the rest.
* api-change:``sagemaker``: [``botocore``] Amazon SageMaker Training now supports the use of
attribute-based access control (ABAC) roles for training job execution roles. Amazon SageMaker
Inference now supports G6 instance types.
* api-change:``signer``: [``botocore``] Documentation updates for AWS Signer. Adds cross-account
signing constraint and definitions for cross-account actions.
- from version 1.34.94
* api-change:``amplify``: [``botocore``] Updating max results limit for listing any resources (Job,
Artifacts, Branch, BackendResources, DomainAssociation) to 50 with the exception of list apps that
where max results can be up to 100.
* api-change:``connectcases``: [``botocore``] This feature releases DeleteField, DeletedLayout, and
DeleteTemplate API's
* api-change:``inspector2``: [``botocore``] Update Inspector2 to include new Agentless API
parameters.
* api-change:``timestream-query``: [``botocore``] This change allows users to update and describe
account settings associated with their accounts.
* api-change:``transcribe``: [``botocore``] This update provides error messaging for generative
call summarization in Transcribe Call Analytics
* api-change:``trustedadvisor``: [``botocore``] This release adds the
BatchUpdateRecommendationResourceExclusion API to support batch updates of Recommendation Resource
exclusion statuses and introduces a new exclusion status filter to the ListRecommendationResources
and ListOrganizationRecommendationResources APIs.
- from version 1.34.93
* api-change:``codepipeline``: [``botocore``] Add ability to manually and automatically roll back a
pipeline stage to a previously successful execution.
* api-change:``cognito-idp``: [``botocore``] Add LimitExceededException to SignUp errors
* api-change:``connectcampaigns``: [``botocore``] This release adds support for specifying if
Answering Machine should wait for prompt sound.
* api-change:``marketplace-entitlement``: [``botocore``] Releasing minor endpoint updates.
* api-change:``oam``: [``botocore``] This release introduces support for Source Accounts to define
which Metrics and Logs to share with the Monitoring Account
* api-change:``rds``: [``botocore``] SupportsLimitlessDatabase field added to
describe-db-engine-versions to indicate whether the DB engine version supports Aurora Limitless
Database.
* api-change:``support``: [``botocore``] Releasing minor endpoint updates.
- from version 1.34.92
* api-change:``appsync``: [``botocore``] UpdateGraphQLAPI documentation update and datasource
introspection secret arn update
* api-change:``fms``: [``botocore``] AWS Firewall Manager adds support for network ACL policies to
manage Amazon Virtual Private Cloud (VPC) network access control lists (ACLs) for accounts in your
organization.
* api-change:``ivs``: [``botocore``] Bug Fix: IVS does not support arns with the `svs` prefix
* api-change:``ivs-realtime``: [``botocore``] Bug Fix: IVS Real Time does not support ARNs using
the `svs` prefix.
* api-change:``rds``: [``botocore``] Updates Amazon RDS documentation for setting local time zones
for RDS for Db2 DB instances.
* api-change:``stepfunctions``: [``botocore``] Add new ValidateStateMachineDefinition operation,
which performs syntax checking on the definition of a Amazon States Language (ASL) state machine.
- from version 1.34.91
* api-change:``datasync``: [``botocore``] This change allows users to disable and enable the
schedules associated with their tasks.
* api-change:``ec2``: [``botocore``] Launching capability for customers to enable or disable
automatic assignment of public IPv4 addresses to their network interface
* api-change:``emr-containers``: [``botocore``] EMRonEKS Service support for SecurityConfiguration
enforcement for Spark Jobs.
* api-change:``entityresolution``: [``botocore``] Support Batch Unique IDs Deletion.
* api-change:``gamelift``: [``botocore``] Amazon GameLift releases container fleets support for
public preview. Deploy Linux-based containerized game server software for hosting on Amazon
GameLift.
* api-change:``ssm``: [``botocore``] Add SSM DescribeInstanceProperties API to public AWS SDK.
- from version 1.34.90
* api-change:``bedrock``: [``botocore``] This release introduces Model Evaluation and Guardrails
for Amazon Bedrock.
* api-change:``bedrock-agent``: [``botocore``] Introducing the ability to create multiple data
sources per knowledge base, specify S3 buckets as data sources from external accounts, and exposing
levers to define the deletion behavior of the underlying vector store data.
* api-change:``bedrock-agent-runtime``: [``botocore``] This release introduces zero-setup file
upload support for the RetrieveAndGenerate API. This allows you to chat with your data without
setting up a Knowledge Base.
* api-change:``bedrock-runtime``: [``botocore``] This release introduces Guardrails for Amazon
Bedrock.
* api-change:``ce``: [``botocore``] Added additional metadata that might be applicable to your
reservation recommendations.
* api-change:``ec2``: [``botocore``] This release introduces EC2 AMI Deregistration Protection, a
new AMI property that can be enabled by customers to protect an AMI against an unintended
deregistration. This release also enables the AMI owners to view the AMI 'LastLaunchedTime' in
DescribeImages API.
* api-change:``pi``: [``botocore``] Clarifies how aggregation works for GetResourceMetrics in the
Performance Insights API.
* api-change:``rds``: [``botocore``] Fix the example ARN for ModifyActivityStreamRequest
* api-change:``sqs``: [``botocore``] This release enables customers to call SQS using AWS JSON-1.0
protocol
* api-change:``workspaces-web``: [``botocore``] Added InstanceType and MaxConcurrentSessions
parameters on CreatePortal and UpdatePortal Operations as well as the ability to read Customer
Managed Key & Additional Encryption Context parameters on supported resources (Portal,
BrowserSettings, UserSettings, IPAccessSettings)
- from version 1.34.89
* api-change:``bedrock-agent``: [``botocore``] Releasing the support for simplified configuration
and return of control
* api-change:``bedrock-agent-runtime``: [``botocore``] Releasing the support for simplified
configuration and return of control
* api-change:``payment-cryptography``: [``botocore``] Adding support to TR-31/TR-34 exports for
optional headers, allowing customers to add additional metadata (such as key version and KSN) when
exporting keys from the service.
* api-change:``redshift-serverless``: [``botocore``] Updates description of schedule field for
scheduled actions.
* api-change:``route53profiles``: [``botocore``] Route 53 Profiles allows you to apply a central
DNS configuration across many VPCs regardless of account.
* api-change:``sagemaker``: [``botocore``] This release adds support for Real-Time Collaboration
and Shared Space for JupyterLab App on SageMaker Studio.
* api-change:``servicediscovery``: [``botocore``] This release adds examples to several Cloud Map
actions.
* api-change:``transfer``: [``botocore``] Adding new API to support remote directory listing using
SFTP connector
- from version 1.34.88
* api-change:``glue``: [``botocore``] Adding RowFilter in the response for
GetUnfilteredTableMetadata API
* api-change:``internetmonitor``: [``botocore``] This update introduces the GetInternetEvent and
ListInternetEvents APIs, which provide access to internet events displayed on the Amazon CloudWatch
Internet Weather Map.
* api-change:``personalize``: [``botocore``] This releases auto training capability while creating
a solution and automatically syncing latest solution versions when creating/updating a campaign
- from version 1.34.87
* api-change:``drs``: [``botocore``] Outpost ARN added to Source Server and Recovery Instance
* api-change:``emr-serverless``: [``botocore``] This release adds the capability to publish
detailed Spark engine metrics to Amazon Managed Service for Prometheus (AMP) for enhanced
monitoring for Spark jobs.
* api-change:``guardduty``: [``botocore``] Added IPv6Address fields for local and remote IP
addresses
* api-change:``quicksight``: [``botocore``] This release adds support for the Cross Sheet Filter
and Control features, and support for warnings in asset imports for any permitted errors
encountered during execution
* api-change:``rolesanywhere``: [``botocore``] This release introduces the PutAttributeMapping and
DeleteAttributeMapping APIs. IAM Roles Anywhere now provides the capability to define a set of
mapping rules, allowing customers to specify which data is extracted from their X.509 end-entity
certificates.
* api-change:``sagemaker``: [``botocore``] Removed deprecated enum values and updated API
documentation.
* api-change:``workspaces``: [``botocore``] Adds new APIs for managing and sharing WorkSpaces BYOL
configuration across accounts.
- from version 1.34.86
* api-change:``ec2``: [``botocore``] Documentation updates for Elastic Compute Cloud (EC2).
* api-change:``qbusiness``: [``botocore``] This release adds support for IAM Identity Center (IDC)
as the identity gateway for Q Business. It also allows users to provide an explicit intent for Q
Business to identify how the Chat request should be handled.
- from version 1.34.85
* api-change:``bedrock-agent``: [``botocore``] For Create Agent API, the agentResourceRoleArn
parameter is no longer required.
* api-change:``emr-serverless``: [``botocore``] This release adds support for shuffle optimized
disks that allow larger disk sizes and higher IOPS to efficiently run shuffle heavy workloads.
* api-change:``entityresolution``: [``botocore``] Cross Account Resource Support .
* api-change:``iotwireless``: [``botocore``] Add PublicGateways in the GetWirelessStatistics call
response, indicating the LoRaWAN public network accessed by the device.
* api-change:``lakeformation``: [``botocore``] This release adds Lake Formation managed RAM support
for the 4 APIs - "DescribeLakeFormationIdentityCenterConfiguration",
"CreateLakeFormationIdentityCenterConfiguration",
"DescribeLakeFormationIdentityCenterConfiguration", and
"DeleteLakeFormationIdentityCenterConfiguration"
* api-change:``m2``: [``botocore``] Adding new ListBatchJobRestartPoints API and support for
restart batch job.
* api-change:``mediapackagev2``: [``botocore``] Dash v2 is a MediaPackage V2 feature to support
egressing on DASH manifest format.
* api-change:``outposts``: [``botocore``] This release adds new APIs to allow customers to
configure their Outpost capacity at order-time.
* api-change:``wellarchitected``: [``botocore``] AWS Well-Architected now has a Connector for Jira
to allow customers to efficiently track workload risks and improvement efforts and create
closed-loop mechanisms.
* enhancement:AWSCRT: [``botocore``] Update awscrt version to 0.20.9
- from version 1.34.84
* api-change:``cloudformation``: [``botocore``] Adding support for the new parameter
"IncludePropertyValues" in the CloudFormation DescribeChangeSet API. When this parameter is
included, the DescribeChangeSet response will include more detailed information such as before and
after values for the resource properties that will change.
* api-change:``config``: [``botocore``] Updates documentation for AWS Config
* api-change:``glue``: [``botocore``] Modifying request for GetUnfilteredTableMetadata for
view-related fields.
* api-change:``healthlake``: [``botocore``] Added new CREATE_FAILED status for data stores. Added
new errorCause to DescribeFHIRDatastore API and ListFHIRDatastores API response for additional
insights into data store creation and deletion workflows.
* api-change:``iotfleethub``: [``botocore``] Documentation updates for AWS IoT Fleet Hub to clarify
that Fleet Hub supports organization instance of IAM Identity Center.
* api-change:``kms``: [``botocore``] This feature supports the ability to specify a custom rotation
period for automatic key rotations, the ability to perform on-demand key rotations, and visibility
into your key material rotations.
* api-change:``mediatailor``: [``botocore``] Added InsertionMode to PlaybackConfigurations. This
setting controls whether players can use stitched or guided ad insertion. The default for players
that do not specify an insertion mode is stitched.
* api-change:``neptune-graph``: [``botocore``] Update to API documentation to resolve customer
reported issues.
* api-change:``outposts``: [``botocore``] This release adds EXPEDITORS as a valid shipment carrier.
* api-change:``redshift``: [``botocore``] Adds support for Amazon Redshift DescribeClusterSnapshots
API to include Snapshot ARN response field.
* api-change:``transfer``: [``botocore``] This change releases support for importing self signed
certificates to the Transfer Family for sending outbound file transfers over TLS/HTTPS.
- from version 1.34.83
* api-change:``batch``: [``botocore``] This release adds the task properties field to attempt
details and the name field on EKS container detail.
* api-change:``cloudfront``: [``botocore``] CloudFront origin access control extends support to AWS
Lambda function URLs and AWS Elemental MediaPackage v2 origins.
* api-change:``cloudwatch``: [``botocore``] This release adds support for Metric Characteristics
for CloudWatch Anomaly Detection. Anomaly Detector now takes Metric Characteristics object with
Periodic Spikes boolean field that tells Anomaly Detection that spikes that repeat at the same time
every week are part of the expected pattern.
* api-change:``codebuild``: [``botocore``] Support access tokens for Bitbucket sources
* api-change:``iam``: [``botocore``] For CreateOpenIDConnectProvider API, the ThumbprintList
parameter is no longer required.
* api-change:``medialive``: [``botocore``] AWS Elemental MediaLive introduces workflow monitor, a
new feature that enables the visualization and monitoring of your media workflows. Create signal
maps of your existing workflows and monitor them by creating notification and monitoring template
groups.
* api-change:``omics``: [``botocore``] This release adds support for retrieval of S3 direct access
metadata on sequence stores and read sets, and adds support for SHA256up and SHA512up HealthOmics
ETags.
* api-change:``pipes``: [``botocore``] LogConfiguration ARN validation fixes
* api-change:``rds``: [``botocore``] Updates Amazon RDS documentation for Standard Edition 2
support in RDS Custom for Oracle.
* api-change:``s3control``: [``botocore``] Documentation updates for Amazon S3-control.
- from version 1.34.82
* api-change:``cleanrooms``: [``botocore``] AWS Clean Rooms Differential Privacy is now fully
available. Differential privacy protects against user-identification attempts.
* api-change:``connect``: [``botocore``] This release adds new Submit Auto Evaluation Action for
Amazon Connect Rules.
* api-change:``networkmonitor``: [``botocore``] Examples were added to CloudWatch Network Monitor
commands.
* api-change:``qconnect``: [``botocore``] This release adds a new QiC public API updateSession and
updates an existing QiC public API createSession
* api-change:``rekognition``: [``botocore``] Added support for ContentType to content moderation
detections.
* api-change:``supplychain``: [``botocore``] This release includes API SendDataIntegrationEvent for
AWS Supply Chain
* api-change:``workspaces-thin-client``: [``botocore``] Adding tags field to SoftwareSet. Removing
tags fields from Summary objects. Changing the list of exceptions in tagging APIs. Fixing an issue
where the SDK returns empty tags in Get APIs.
- from version 1.34.81
* api-change:``codebuild``: [``botocore``] Add new webhook filter types for GitHub webhooks
* api-change:``mediaconvert``: [``botocore``] This release includes support for bringing your own
fonts to use for burn-in or DVB-Sub captioning workflows.
* api-change:``pinpoint``: [``botocore``] The OrchestrationSendingRoleArn has been added to the
email channel and is used to send emails from campaigns or journeys.
* api-change:``rds``: [``botocore``] This release adds support for specifying the CA certificate to
use for the new db instance when restoring from db snapshot, restoring from s3, restoring to point
in time, and creating a db instance read replica.
- from version 1.34.80
* api-change:``controlcatalog``: [``botocore``] This is the initial SDK release for AWS Control
Catalog, a central catalog for AWS managed controls. This release includes 3 new APIs -
ListDomains, ListObjectives, and ListCommonControls - that vend high-level data to categorize
controls across the AWS platform.
* api-change:``mgn``: [``botocore``] Added USE_SOURCE as default option to
LaunchConfigurationTemplate bootMode parameter.
* api-change:``networkmonitor``: [``botocore``] Updated the allowed monitorName length for
CloudWatch Network Monitor.
- from version 1.34.79
* api-change:``quicksight``: [``botocore``] Adding IAMIdentityCenterInstanceArn parameter to
CreateAccountSubscription
* api-change:``resource-groups``: [``botocore``] Added a new QueryErrorCode
RESOURCE_TYPE_NOT_SUPPORTED that is returned by the ListGroupResources operation if the group query
contains unsupported resource types.
* api-change:``verifiedpermissions``: [``botocore``] Adding BatchIsAuthorizedWithToken API which
supports multiple authorization requests against a PolicyStore given a bearer token.
- from version 1.34.78
* api-change:``b2bi``: [``botocore``] Adding support for X12 5010 HIPAA EDI version and associated
transaction sets.
* api-change:``cleanrooms``: [``botocore``] Feature: New schemaStatusDetails field to the existing
Schema object that displays a status on Schema API responses to show whether a schema is queryable
or not. New BatchGetSchemaAnalysisRule API to retrieve multiple schemaAnalysisRules using a single
API call.
* api-change:``ec2``: [``botocore``] Amazon EC2 G6 instances powered by NVIDIA L4 Tensor Core GPUs
can be used for a wide range of graphics-intensive and machine learning use cases. Gr6 instances
also feature NVIDIA L4 GPUs and can be used for graphics workloads with higher memory requirements.
* api-change:``emr-containers``: [``botocore``] This release adds support for integration with EKS
AccessEntry APIs to enable automatic Cluster Access for EMR on EKS.
* api-change:``ivs``: [``botocore``] API update to include an SRT ingest endpoint and passphrase
for all channels.
* api-change:``verifiedpermissions``: [``botocore``] Adds GroupConfiguration field to Identity
Source API's
- from version 1.34.77
* api-change:``cleanroomsml``: [``botocore``] The release includes a public SDK for AWS Clean Rooms
ML APIs, making them globally available to developers worldwide.
* api-change:``cloudformation``: [``botocore``] This release would return a new field -
PolicyAction in cloudformation's existed DescribeChangeSetResponse, showing actions we are going to
apply on the physical resource (e.g., Delete, Retain) according to the user's template
* api-change:``datazone``: [``botocore``] This release supports the feature of dataQuality to
enrich asset with dataQualityResult in Amazon DataZone.
* api-change:``docdb``: [``botocore``] This release adds Global Cluster Switchover capability which
enables you to change your global cluster's primary AWS Region, the region that serves writes,
while preserving the replication between all regions in the global cluster.
* api-change:``groundstation``: [``botocore``] This release adds visibilityStartTime and
visibilityEndTime to DescribeContact and ListContacts responses.
* api-change:``lambda``: [``botocore``] Add Ruby 3.3 (ruby3.3) support to AWS Lambda
* api-change:``medialive``: [``botocore``] Cmaf Ingest outputs are now supported in Media Live
* api-change:``medical-imaging``: [``botocore``] SearchImageSets API now supports following
enhancements - Additional support for searching on UpdatedAt and SeriesInstanceUID - Support for
searching existing filters between dates/times - Support for sorting the search result by
Ascending/Descending - Additional parameters returned in the response
* api-change:``transfer``: [``botocore``] Add ability to specify Security Policies for SFTP
Connectors
- from version 1.34.76
* api-change:``ecs``: [``botocore``] Documentation only update for Amazon ECS.
* api-change:``glue``: [``botocore``] Adding View related fields to responses of read-only Table
APIs.
* api-change:``ivschat``: [``botocore``] Doc-only update. Changed "Resources" to "Key Concepts" in
docs and updated text.
* api-change:``rolesanywhere``: [``botocore``] This release increases the limit on the roleArns
request parameter for the *Profile APIs that support it. This parameter can now take up to 250 role
ARNs.
* api-change:``securityhub``: [``botocore``] Documentation updates for AWS Security Hub
- from version 1.34.75
* api-change:``cloudwatch``: [``botocore``] This release adds support for CloudWatch Anomaly
Detection on cross-account metrics. SingleMetricAnomalyDetector and MetricDataQuery inputs to
Anomaly Detection APIs now take an optional AccountId field.
* api-change:``datazone``: [``botocore``] This release supports the feature of AI recommendations
for descriptions to enrich the business data catalog in Amazon DataZone.
* api-change:``deadline``: [``botocore``] AWS Deadline Cloud is a new fully managed service that
helps customers set up, deploy, and scale rendering projects in minutes, so they can improve the
efficiency of their rendering pipelines and take on more projects.
* api-change:``emr``: [``botocore``] This release fixes a broken link in the documentation.
* api-change:``lightsail``: [``botocore``] This release adds support to upgrade the TLS version of
the distribution.
- from version 1.34.74
* api-change:``b2bi``: [``botocore``] Supporting new EDI X12 transaction sets for X12 versions
4010, 4030, and 5010.
* api-change:``codebuild``: [``botocore``] Add new fleet status code for Reserved Capacity.
* api-change:``codeconnections``: [``botocore``] Duplicating the CodeStar Connections service into
the new, rebranded AWS CodeConnections service.
* api-change:``internetmonitor``: [``botocore``] This release adds support to allow customers to
track cross account monitors through ListMonitor, GetMonitor, ListHealthEvents, GetHealthEvent,
StartQuery APIs.
* api-change:``iotwireless``: [``botocore``] Add support for retrieving key historical and live
metrics for LoRaWAN devices and gateways
* api-change:``marketplace-catalog``: [``botocore``] This release enhances the ListEntities API to
support ResaleAuthorizationId filter and sort for OfferEntity in the request and the addition of a
ResaleAuthorizationId field in the response of OfferSummary.
* api-change:``neptune-graph``: [``botocore``] Add the new API Start-Import-Task for Amazon Neptune
Analytics.
* api-change:``sagemaker``: [``botocore``] This release adds support for custom images for the
CodeEditor App on SageMaker Studio
- from version 1.34.73
* api-change:``codecatalyst``: [``botocore``] This release adds support for understanding pending
changes to subscriptions by including two new response parameters for the GetSubscription API for
Amazon CodeCatalyst.
* api-change:``compute-optimizer``: [``botocore``] This release enables AWS Compute Optimizer to
analyze and generate recommendations with a new customization preference, Memory Utilization.
* api-change:``ec2``: [``botocore``] Amazon EC2 C7gd, M7gd and R7gd metal instances with up to 3.8
TB of local NVMe-based SSD block-level storage have up to 45% improved real-time NVMe storage
performance than comparable Graviton2-based instances.
* api-change:``eks``: [``botocore``] Add multiple customer error code to handle customer caused
failure when managing EKS node groups
* api-change:``guardduty``: [``botocore``] Add EC2 support for GuardDuty Runtime Monitoring auto
management.
* api-change:``neptune-graph``: [``botocore``] Update ImportTaskCancelled waiter to evaluate task
state correctly and minor documentation changes.
* api-change:``oam``: [``botocore``] This release adds support for sharing
AWS::InternetMonitor::Monitor resources.
* api-change:``quicksight``: [``botocore``] Amazon QuickSight: Adds support for setting up VPC
Endpoint restrictions for accessing QuickSight Website.
- from version 1.34.72
* api-change:``batch``: [``botocore``] This feature allows AWS Batch to support configuration of
imagePullSecrets and allowPrivilegeEscalation for jobs running on EKS
* api-change:``bedrock-agent``: [``botocore``] This changes introduces metadata documents
statistics and also updates the documentation for bedrock agent.
* api-change:``bedrock-agent-runtime``: [``botocore``] This release introduces filtering support on
Retrieve and RetrieveAndGenerate APIs.
* api-change:``elasticache``: [``botocore``] Added minimum capacity to Amazon ElastiCache
Serverless. This feature allows customer to ensure minimum capacity even without current load
* api-change:``secretsmanager``: [``botocore``] Documentation updates for Secrets Manager
- from version 1.34.71
* api-change:``bedrock-agent-runtime``: [``botocore``] This release adds support to customize
prompts sent through the RetrieveAndGenerate API in Agents for Amazon Bedrock.
* api-change:``ce``: [``botocore``] Adds support for backfill of cost allocation tags, with new
StartCostAllocationTagBackfill and ListCostAllocationTagBackfillHistory API.
* api-change:``ec2``: [``botocore``] Documentation updates for Elastic Compute Cloud (EC2).
* api-change:``ecs``: [``botocore``] This is a documentation update for Amazon ECS.
* api-change:``finspace``: [``botocore``] Add new operation delete-kx-cluster-node and add status
parameter to list-kx-cluster-node operation.
- from version 1.34.70
* api-change:``codebuild``: [``botocore``] Supporting GitLab and GitLab Self Managed as source
types in AWS CodeBuild.
* api-change:``ec2``: [``botocore``] Added support for ModifyInstanceMetadataDefaults and
GetInstanceMetadataDefaults to set Instance Metadata Service account defaults
* api-change:``ecs``: [``botocore``] Documentation only update for Amazon ECS.
* api-change:``emr-containers``: [``botocore``] This release increases the number of supported job
template parameters from 20 to 100.
* api-change:``globalaccelerator``: [``botocore``] AWS Global Accelerator now supports
cross-account sharing for bring your own IP addresses.
* api-change:``medialive``: [``botocore``] Exposing TileMedia H265 options
* api-change:``sagemaker``: [``botocore``] Introduced support for the following new instance types
on SageMaker Studio for JupyterLab and CodeEditor applications: m6i, m6id, m7i, c6i, c6id, c7i,
r6i, r6id, r7i, and p5
- from version 1.34.69
* api-change:``firehose``: [``botocore``] Updates Amazon Firehose documentation for message
regarding Enforcing Tags IAM Policy.
* api-change:``kendra``: [``botocore``] Documentation update, March 2024. Corrects some docs for
Amazon Kendra.
* api-change:``pricing``: [``botocore``] Add ResourceNotFoundException to ListPriceLists and
GetPriceListFileUrl APIs
* api-change:``rolesanywhere``: [``botocore``] This release relaxes constraints on the
durationSeconds request parameter for the *Profile APIs that support it. This parameter can now
take on values that go up to 43200.
* api-change:``securityhub``: [``botocore``] Added new resource detail object to ASFF, including
resource for LastKnownExploitAt
- from version 1.34.68
* api-change:``codeartifact``: [``botocore``] This release adds Package groups to CodeArtifact so
you can more conveniently configure package origin controls for multiple packages.
- from version 1.34.67
* api-change:``accessanalyzer``: [``botocore``] This release adds support for policy validation and
external access findings for DynamoDB tables and streams. IAM Access Analyzer helps you author
functional and secure resource-based policies and identify cross-account access. Updated service
API, documentation, and paginators.
* api-change:``codebuild``: [``botocore``] This release adds support for new webhook events
(RELEASED and PRERELEASED) and filter types (TAG_NAME and RELEASE_NAME).
* api-change:``connect``: [``botocore``] This release updates the *InstanceStorageConfig APIs to
support a new ResourceType: REAL_TIME_CONTACT_ANALYSIS_CHAT_SEGMENTS. Use this resource type to
enable streaming for real-time analysis of chat contacts and to associate a Kinesis stream where
real-time analysis chat segments will be published.
* api-change:``dynamodb``: [``botocore``] This release introduces 3 new APIs ('GetResourcePolicy',
'PutResourcePolicy' and 'DeleteResourcePolicy') and modifies the existing 'CreateTable' API for the
resource-based policy support. It also modifies several APIs to accept a 'TableArn' for the
'TableName' parameter.
* api-change:``managedblockchain-query``: [``botocore``] AMB Query: update GetTransaction to
include transactionId as input
* api-change:``savingsplans``: [``botocore``] Introducing the Savings Plans Return feature enabling
customers to return their Savings Plans within 7 days of purchase.
- from version 1.34.66
* api-change:``cloudformation``: [``botocore``] Documentation update, March 2024. Corrects some
formatting.
* api-change:``ec2``: [``botocore``] This release adds the new DescribeMacHosts API operation for
getting information about EC2 Mac Dedicated Hosts. Users can now see the latest macOS versions that
their underlying Apple Mac can support without needing to be updated.
* api-change:``finspace``: [``botocore``] Adding new attributes readWrite and onDemand to dataview
models for Database Maintenance operations.
* api-change:``logs``: [``botocore``] Update LogSamples field in Anomaly model to be a list of
LogEvent
* api-change:``managedblockchain-query``: [``botocore``] Introduces a new API for Amazon Managed
Blockchain Query: ListFilteredTransactionEvents.
- from version 1.34.65
* api-change:``cloudformation``: [``botocore``] This release supports for a new API
ListStackSetAutoDeploymentTargets, which provider auto-deployment configuration as a describable
resource. Customers can now view the specific combinations of regions and OUs that are being
auto-deployed.
* api-change:``kms``: [``botocore``] Adds the ability to use the default policy name by omitting
the policyName parameter in calls to PutKeyPolicy and GetKeyPolicy
* api-change:``mediatailor``: [``botocore``] This release adds support to allow customers to show
different content within a channel depending on metadata associated with the viewer.
* api-change:``rds``: [``botocore``] This release launches the ModifyIntegration API and support
for data filtering for zero-ETL Integrations.
* api-change:``s3``: [``botocore``] Fix two issues with response root node names.
* api-change:``timestream-query``: [``botocore``] Documentation updates, March 2024
- from version 1.34.64
* api-change:``backup``: [``botocore``] This release introduces a boolean attribute
ManagedByAWSBackupOnly as part of ListRecoveryPointsByResource api to filter the recovery points
based on ownership. This attribute can be used to filter out the recovery points protected by
AWSBackup.
* api-change:``codebuild``: [``botocore``] AWS CodeBuild now supports overflow behavior on Reserved
Capacity.
* api-change:``connect``: [``botocore``] This release adds Hierarchy based Access Control fields to
Security Profile public APIs and adds support for UserAttributeFilter to SearchUsers API.
* api-change:``ec2``: [``botocore``] Add media accelerator and neuron device information on the
describe instance types API.
* api-change:``kinesisanalyticsv2``: [``botocore``] Support for Flink 1.18 in Managed Service for
Apache Flink
* api-change:``s3``: [``botocore``] Documentation updates for Amazon S3.
* api-change:``sagemaker``: [``botocore``] Adds m6i, m6id, m7i, c6i, c6id, c7i, r6i r6id, r7i, p5
instance type support to Sagemaker Notebook Instances and miscellaneous wording fixes for previous
Sagemaker documentation.
* api-change:``workspaces-thin-client``: [``botocore``] Removed unused parameter kmsKeyArn from
UpdateDeviceRequest
- from version 1.34.63
* api-change:``amplify``: [``botocore``] Documentation updates for Amplify. Identifies the APIs
available only to apps created using Amplify Gen 1.
* api-change:``ec2-instance-connect``: [``botocore``] This release includes a new exception type
"SerialConsoleSessionUnsupportedException" for SendSerialConsoleSSHPublicKey API.
* api-change:``elbv2``: [``botocore``] This release allows you to configure HTTP client keep-alive
duration for communication between clients and Application Load Balancers.
* api-change:``fis``: [``botocore``] This release adds support for previewing target resources
before running a FIS experiment. It also adds resource ARNs for actions, experiments, and
experiment templates to API responses.
* api-change:``iot-roborunner``: [``botocore``] The iot-roborunner client has been removed
following the deprecation of the service.
* api-change:``rds``: [``botocore``] Updates Amazon RDS documentation for EBCDIC collation for RDS
for Db2.
* api-change:``secretsmanager``: [``botocore``] Doc only update for Secrets Manager
* api-change:``timestream-influxdb``: [``botocore``] This is the initial SDK release for Amazon
Timestream for InfluxDB. Amazon Timestream for InfluxDB is a new time-series database engine that
makes it easy for application developers and DevOps teams to run InfluxDB databases on AWS for near
real-time time-series applications using open source APIs.
* enhancement:``urllib3``: [``botocore``] Added support for urllib3 2.2.1+ in Python 3.10+
- from version 1.34.62
* api-change:``ivs-realtime``: [``botocore``] adds support for multiple new composition layout
configuration options (grid, pip)
* api-change:``kinesisanalyticsv2``: [``botocore``] Support new RuntimeEnvironmentUpdate parameter
within UpdateApplication API allowing callers to change the Flink version upon which their
application runs.
* api-change:``s3``: [``botocore``] This release makes the default option for S3 on Outposts
request signing to use the SigV4A algorithm when using AWS Common Runtime (CRT).
- from version 1.34.61
* api-change:``cloudformation``: [``botocore``] CloudFormation documentation update for March, 2024
* api-change:``connect``: [``botocore``] This release increases MaxResults limit to 500 in request
for SearchUsers, SearchQueues and SearchRoutingProfiles APIs of Amazon Connect.
* api-change:``ec2``: [``botocore``] Documentation updates for Amazon EC2.
* api-change:``kafka``: [``botocore``] Added support for specifying the starting position of topic
replication in MSK-Replicator.
* api-change:``ssm``: [``botocore``] March 2024 doc-only updates for Systems Manager.
- from version 1.34.60
* api-change:``codestar-connections``: [``botocore``] Added a sync configuration enum to disable
publishing of deployment status to source providers (PublishDeploymentStatus). Added a sync
configuration enum (TriggerStackUpdateOn) to only trigger changes.
* api-change:``elasticache``: [``botocore``] Revisions to API text that are now to be carried over
to SDK text, changing usages of "SFO" in code examples to "us-west-1", and some other typos.
* api-change:``mediapackagev2``: [``botocore``] This release enables customers to safely update
their MediaPackage v2 channel groups, channels and origin endpoints using entity tags.
- from version 1.34.59
* api-change:``batch``: [``botocore``] This release adds JobStateTimeLimitActions setting to the
Job Queue API. It allows you to configure an action Batch can take for a blocking job in front of
the queue after the defined period of time. The new parameter applies for ECS, EKS, and FARGATE Job
Queues.
* api-change:``bedrock-agent-runtime``: [``botocore``] Documentation update for Bedrock Runtime
Agent
* api-change:``cloudtrail``: [``botocore``] Added exceptions to CreateTrail, DescribeTrails, and
ListImportFailures APIs.
* api-change:``codebuild``: [``botocore``] This release adds support for a new webhook event:
PULL_REQUEST_CLOSED.
* api-change:``cognito-idp``: [``botocore``] Add ConcurrentModificationException to
SetUserPoolMfaConfig
* api-change:``guardduty``: [``botocore``] Add RDS Provisioned and Serverless Usage types
* api-change:``transfer``: [``botocore``] Added DES_EDE3_CBC to the list of supported encryption
algorithms for messages sent with an AS2 connector.
- from version 1.34.58
* api-change:``appconfig``: [``botocore``] AWS AppConfig now supports dynamic parameters, which
enhance the functionality of AppConfig Extensions by allowing you to provide parameter values to
your Extensions at the time you deploy your configuration.
* api-change:``ec2``: [``botocore``] This release adds an optional parameter to RegisterImage and
CopyImage APIs to support tagging AMIs at the time of creation.
* api-change:``grafana``: [``botocore``] Adds support for the new GrafanaToken as part of the
Amazon Managed Grafana Enterprise plugins upgrade to associate your AWS account with a Grafana Labs
account.
* api-change:``lambda``: [``botocore``] Documentation updates for AWS Lambda
* api-change:``payment-cryptography-data``: [``botocore``] AWS Payment Cryptography EMV Decrypt
Feature Release
* api-change:``rds``: [``botocore``] Updates Amazon RDS documentation for io2 storage for Multi-AZ
DB clusters
* api-change:``snowball``: [``botocore``] Doc-only update for change to EKS-Anywhere ordering.
* api-change:``wafv2``: [``botocore``] You can increase the max request body inspection size for
some regional resources. The size setting is in the web ACL association config. Also, the
AWSManagedRulesBotControlRuleSet EnableMachineLearning setting now takes a Boolean instead of a
primitive boolean type, for languages like Java.
* api-change:``workspaces``: [``botocore``] Added note for user decoupling
- from version 1.34.57
* api-change:``dynamodb``: [``botocore``] Doc only updates for DynamoDB documentation
* api-change:``imagebuilder``: [``botocore``] Add PENDING status to Lifecycle Execution resource
status. Add StartTime and EndTime to ListLifecycleExecutionResource API response.
* api-change:``mwaa``: [``botocore``] Amazon MWAA adds support for Apache Airflow v2.8.1.
* api-change:``rds``: [``botocore``] Updated the input of CreateDBCluster and ModifyDBCluster to
support setting CA certificates. Updated the output of DescribeDBCluster to show current CA
certificate setting value.
* api-change:``redshift``: [``botocore``] Update for documentation only. Covers port ranges,
definition updates for data sharing, and definition updates to cluster-snapshot documentation.
* api-change:``verifiedpermissions``: [``botocore``] Deprecating details in favor of configuration
for GetIdentitySource and ListIdentitySources APIs.
- from version 1.34.56
* api-change:``apigateway``: [``botocore``] Documentation updates for Amazon API Gateway
* api-change:``chatbot``: [``botocore``] Minor update to documentation.
* api-change:``organizations``: [``botocore``] This release contains an endpoint addition
* api-change:``sesv2``: [``botocore``] Adds support for providing custom headers within SendEmail
and SendBulkEmail for SESv2.
- Update BuildRequires and Requires from setup.py
- Update to 1.34.55
* api-change:``docdb-elastic``: Launched Elastic Clusters Readable
Secondaries, Start/Stop, Configurable Shard Instance count, Automatic
Backups and Snapshot Copying
* api-change:``quicksight``: TooltipTarget for Combo chart visuals;
ColumnConfiguration limit increase to 2000; Documentation Update
* api-change:``amplifyuibuilder``: We have added the ability to tag resources
after they are created
* api-change:``internetmonitor``: This release adds IPv4 prefixes to health events
* api-change:``iotevents``: Increase the maximum length of descriptions for
Inputs, Detector Models, and Alarm Models
* api-change:``lambda``: Add .NET 8 (dotnet8) Runtime support to AWS Lambda.
* api-change:``chatbot``: This release adds support for AWS Chatbot. You can
now monitor, operate, and troubleshoot your AWS resources with interactive
ChatOps using the AWS SDK.
* api-change:``sns``: This release marks phone numbers as sensitive inputs.
* api-change:``artifact``: This is the initial SDK release for AWS Artifact.
AWS Artifact provides on-demand access to compliance and third-party
compliance reports. This release includes access to List and Get reports,
along with their metadata. This release also includes access to AWS
Artifact notifications settings.
* api-change:``guardduty``: Marked fields IpAddressV4, PrivateIpAddress, Email as Sensitive.
* api-change:``polly``: Amazon Polly adds 1 new voice - Burcu (tr-TR)
* bugfix:ContainerProvider: Properly refreshes token from file from EKS in ContainerProvider
* api-change:``resource-explorer-2``: Resource Explorer now uses newly
supported IPv4 'amazonaws.com' endpoints by default.
* api-change:``pricing``: Add Throttling Exception to all APIs.
* api-change:``mediaconvert``: This release includes support for
broadcast-mixed audio description tracks.
* api-change:``glue``: Update page size limits for GetJobRuns and GetTriggers APIs.
* Many more changes, see CHANGELOG.rst
- python-botocore
-
- Double physicalmemory for python-botocore:test in _constraints
- Update to 1.34.144
* api-change:``acm-pca``: Minor refactoring of C2J model for AWS Private CA
* api-change:``arc-zonal-shift``: Adds the option to subscribe to get notifications when a zonal
autoshift occurs in a region.
* api-change:``globalaccelerator``: This feature adds exceptions to the Customer API to avoid
throwing Internal Service errors
* api-change:``pinpoint``: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
* api-change:``quicksight``: Vega ally control options and Support for Reviewed Answers in Topics
- from version 1.34.143
* api-change:``batch``: This feature allows AWS Batch Jobs with EKS container orchestration type to
be run as Multi-Node Parallel Jobs.
* api-change:``bedrock``: Add support for contextual grounding check for Guardrails for Amazon
Bedrock.
* api-change:``bedrock-agent``: Introduces new data sources and chunking strategies for Knowledge
bases, advanced parsing logic using FMs, session summary generation, and code interpretation
(preview) for Claude V3 Sonnet and Haiku models. Also introduces Prompt Flows (preview) to link
prompts, foundational models, and resources.
* api-change:``bedrock-agent-runtime``: Introduces query decomposition, enhanced Agents integration
with Knowledge bases, session summary generation, and code interpretation (preview) for Claude V3
Sonnet and Haiku models. Also introduces Prompt Flows (preview) to link prompts, foundational
models, and resources for end-to-end solutions.
* api-change:``bedrock-runtime``: Add support for contextual grounding check and ApplyGuardrail API
for Guardrails for Amazon Bedrock.
* api-change:``ec2``: Add parameters to enable provisioning IPAM BYOIPv4 space at a Local Zone
Network Border Group level
* api-change:``glue``: Add recipe step support for recipe node
* api-change:``groundstation``: Documentation update specifying OEM ephemeris units of measurement
* api-change:``license-manager-linux-subscriptions``: Add support for third party subscription
providers, starting with RHEL subscriptions through Red Hat Subscription Manager (RHSM).
Additionally, add support for tagging subscription provider resources, and detect when an instance
has more than one Linux subscription and notify the customer.
* api-change:``mediaconnect``: AWS Elemental MediaConnect introduces the ability to disable
outputs. Disabling an output allows you to keep the output attached to the flow, but stop streaming
to the output destination. A disabled output does not incur data transfer costs.
- from version 1.34.142
* api-change:``datazone``: This release deprecates dataProductItem field from
SearchInventoryResultItem, along with some unused DataProduct shapes
* api-change:``fsx``: Adds support for FSx for NetApp ONTAP 2nd Generation file systems, and FSx
for OpenZFS Single AZ HA file systems.
* api-change:``opensearch``: This release adds support for enabling or disabling Natural Language
Query Processing feature for Amazon OpenSearch Service domains, and provides visibility into the
current state of the setup or tear-down.
* api-change:``sagemaker``: This release 1/ enables optimization jobs that allows customers to
perform Ahead-of-time compilation and quantization. 2/ allows customers to control access to Amazon
Q integration in SageMaker Studio. 3/ enables AdditionalModelDataSources for CreateModel action.
- from version 1.34.141
* api-change:``codedeploy``: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
* api-change:``devicefarm``: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
* api-change:``dms``: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
* api-change:``elasticbeanstalk``: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
* api-change:``es``: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
* api-change:``firehose``: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
* api-change:``gamelift``: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
* api-change:``qapps``: This is a general availability (GA) release of Amazon Q Apps, a capability
of Amazon Q Business. Q Apps leverages data sources your company has provided to enable users to
build, share, and customize apps within your organization.
* api-change:``route53resolver``: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
* api-change:``ses``: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
- from version 1.34.140
* api-change:``acm``: Documentation updates, including fixes for xml formatting, broken links, and
ListCertificates description.
* api-change:``ecr``: This release for Amazon ECR makes change to bring the SDK into sync with the
API.
* api-change:``payment-cryptography-data``: Added further restrictions on logging of potentially
sensitive inputs and outputs.
* api-change:``qbusiness``: Add personalization to Q Applications. Customers can enable or disable
personalization when creating or updating a Q application with the personalization configuration.
- from version 1.34.139
* api-change:``application-autoscaling``: Doc only update for Application Auto Scaling that fixes
resource name.
* api-change:``directconnect``: This update includes documentation for support of new native 400
GBps ports for Direct Connect.
* api-change:``organizations``: Added a new reason under ConstraintViolationException in
RegisterDelegatedAdministrator API to prevent registering suspended accounts as delegated
administrator of a service.
* api-change:``rekognition``: This release adds support for tagging projects and datasets with the
CreateProject and CreateDataset APIs.
* api-change:``workspaces``: Fix create workspace bundle RootStorage/UserStorage to accept non null
values
- Update to 1.34.138
* api-change:``ec2``: Documentation updates for Elastic Compute Cloud (EC2).
* api-change:``fms``: Increases Customer API's ManagedServiceData length
* api-change:``s3``: Added response overrides to Head Object requests.
- from version 1.34.137
* api-change:``apigateway``: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
* api-change:``cognito-identity``: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
* api-change:``connect``: Authentication profiles are Amazon Connect resources (in gated preview)
that allow you to configure authentication settings for users in your contact center. This release
adds support for new ListAuthenticationProfiles, DescribeAuthenticationProfile and
UpdateAuthenticationProfile APIs.
* api-change:``docdb``: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
* api-change:``eks``: Updates EKS managed node groups to support EC2 Capacity Blocks for ML
* api-change:``payment-cryptography``: Added further restrictions on logging of potentially
sensitive inputs and outputs.
* api-change:``payment-cryptography-data``: Adding support for dynamic keys for encrypt, decrypt,
re-encrypt and translate pin functions. With this change, customers can use one-time TR-31 keys
directly in dataplane operations without the need to first import them into the service.
* api-change:``stepfunctions``: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
* api-change:``swf``: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
* api-change:``wafv2``: JSON body inspection: Update documentation to clarify that JSON parsing
doesn't include full validation.
- from version 1.34.136
* api-change:``acm-pca``: Added CCPC_LEVEL_1_OR_HIGHER KeyStorageSecurityStandard and SM2
KeyAlgorithm and SM3WITHSM2 SigningAlgorithm for China regions.
* api-change:``cloudhsmv2``: Added 3 new APIs to support backup sharing: GetResourcePolicy,
PutResourcePolicy, and DeleteResourcePolicy. Added BackupArn to the output of the DescribeBackups
API. Added support for BackupArn in the CreateCluster API.
* api-change:``connect``: This release supports showing PreferredAgentRouting step via
DescribeContact API.
* api-change:``emr``: This release provides the support for new allocation strategies i.e.
CAPACITY_OPTIMIZED_PRIORITIZED for Spot and PRIORITIZED for On-Demand by taking input of priority
value for each instance type for instance fleet clusters.
* api-change:``glue``: Added AttributesToGet parameter to Glue GetDatabases, allowing caller to
limit output to include only the database name.
* api-change:``kinesisanalyticsv2``: Support for Flink 1.19 in Managed Service for Apache Flink
* api-change:``opensearch``: This release removes support for enabling or disabling Natural
Language Query Processing feature for Amazon OpenSearch Service domains.
* api-change:``pi``: Noting that the filter db.sql.db_id isn't available for RDS for SQL Server DB
instances.
* api-change:``workspaces``: Added support for Red Hat Enterprise Linux 8 on Amazon WorkSpaces
Personal.
- from version 1.34.135
* api-change:``application-autoscaling``: Amazon WorkSpaces customers can now use Application Auto
Scaling to automatically scale the number of virtual desktops in a WorkSpaces pool.
* api-change:``chime-sdk-media-pipelines``: Added Amazon Transcribe multi language identification
to Chime SDK call analytics. Enabling customers sending single stream audio to generate call
recordings using Chime SDK call analytics
* api-change:``cloudfront``: Doc only update for CloudFront that fixes customer-reported issue
* api-change:``datazone``: This release supports the data lineage feature of business data catalog
in Amazon DataZone.
* api-change:``elasticache``: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
* api-change:``mq``: This release makes the EngineVersion field optional for both broker and
configuration and uses the latest available version by default. The AutoMinorVersionUpgrade field
is also now optional for broker creation and defaults to 'true'.
* api-change:``qconnect``: Adds CreateContentAssociation, ListContentAssociations,
GetContentAssociation, and DeleteContentAssociation APIs.
* api-change:``quicksight``: Adding support for Repeating Sections, Nested Filters
* api-change:``rds``: Updates Amazon RDS documentation for TAZ export to S3.
* api-change:``sagemaker``: Add capability for Admins to customize Studio experience for the user
by showing or hiding Apps and MLTools.
* api-change:``workspaces``: Added support for WorkSpaces Pools.
- from version 1.34.134
* api-change:``controltower``: Added ListLandingZoneOperations API.
* api-change:``eks``: Added support for disabling unmanaged addons during cluster creation.
* api-change:``ivs-realtime``: IVS Real-Time now offers customers the ability to upload public keys
for customer vended participant tokens.
* api-change:``kinesisanalyticsv2``: This release adds support for new ListApplicationOperations
and DescribeApplicationOperation APIs. It adds a new configuration to enable system rollbacks, adds
field ApplicationVersionCreateTimestamp for clarity and improves support for pagination for APIs.
* api-change:``opensearch``: This release adds support for enabling or disabling Natural Language
Query Processing feature for Amazon OpenSearch Service domains, and provides visibility into the
current state of the setup or tear-down.
- from version 1.34.133
* api-change:``autoscaling``: Doc only update for Auto Scaling's TargetTrackingMetricDataQuery
* api-change:``ec2``: This release is for the launch of the new u7ib-12tb.224xlarge, R8g,
c7gn.metal and mac2-m1ultra.metal instance types
* api-change:``networkmanager``: This is model changes & documentation update for the Asynchronous
Error Reporting feature for AWS Cloud WAN. This feature allows customers to view errors that occur
while their resources are being provisioned, enabling customers to fix their resources without
needing external support.
* api-change:``workspaces-thin-client``: This release adds the deviceCreationTags field to
CreateEnvironment API input, UpdateEnvironment API input and GetEnvironment API output.
- from version 1.34.132
* api-change:``bedrock-runtime``: Increases Converse API's document name length
* api-change:``customer-profiles``: This release includes changes to ProfileObjectType APIs, adds
functionality top set and get capacity for profile object types.
* api-change:``ec2``: Fix EC2 multi-protocol info in models.
* api-change:``qbusiness``: Allow enable/disable Q Apps when creating/updating a Q application;
Return the Q Apps enablement information when getting a Q application.
* api-change:``ssm``: Add sensitive trait to SSM IPAddress property for CloudTrail redaction
* api-change:``workspaces-web``: Added ability to enable DeepLinking functionality on a Portal via
UserSettings as well as added support for IdentityProvider resource tagging.
- from version 1.34.131
* api-change:``bedrock-runtime``: This release adds document support to Converse and ConverseStream
APIs
* api-change:``codeartifact``: Add support for the Cargo package format.
* api-change:``compute-optimizer``: This release enables AWS Compute Optimizer to analyze and
generate optimization recommendations for Amazon RDS MySQL and RDS PostgreSQL.
* api-change:``cost-optimization-hub``: This release enables AWS Cost Optimization Hub to show cost
optimization recommendations for Amazon RDS MySQL and RDS PostgreSQL.
* api-change:``dynamodb``: Doc-only update for DynamoDB. Fixed Important note in 6 Global table
APIs - CreateGlobalTable, DescribeGlobalTable, DescribeGlobalTableSettings, ListGlobalTables,
UpdateGlobalTable, and UpdateGlobalTableSettings.
* api-change:``glue``: Fix Glue paginators for Jobs, JobRuns, Triggers, Blueprints and Workflows.
* api-change:``ivs-realtime``: IVS Real-Time now offers customers the ability to record individual
stage participants to S3.
* api-change:``sagemaker``: Adds support for model references in Hub service, and adds support for
cross-account access of Hubs
* api-change:``securityhub``: Documentation updates for Security Hub
- from version 1.34.130
* api-change:``artifact``: This release adds an acceptanceType field to the ReportSummary structure
(used in the ListReports API response).
* api-change:``athena``: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
* api-change:``cur``: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
* api-change:``directconnect``: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
* api-change:``elastictranscoder``: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
* api-change:``opensearch``: This release enables customers to use JSON Web Tokens (JWT) for
authentication on their Amazon OpenSearch Service domains.
- from version 1.34.129
* api-change:``bedrock-runtime``: This release adds support for using Guardrails with the Converse
and ConverseStream APIs.
* api-change:``cloudtrail``: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
* api-change:``config``: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
* api-change:``eks``: This release adds support to surface async fargate customer errors from async
path to customer through describe-fargate-profile API response.
* api-change:``lightsail``: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
* api-change:``polly``: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
* api-change:``rekognition``: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
* api-change:``sagemaker``: Launched a new feature in SageMaker to provide managed MLflow Tracking
Servers for customers to track ML experiments. This release also adds a new capability of attaching
additional storage to SageMaker HyperPod cluster instances.
* api-change:``shield``: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
* api-change:``snowball``: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
- from version 1.34.128
* api-change:``acm-pca``: Doc-only update that adds name constraints as an allowed extension for
ImportCertificateAuthorityCertificate.
* api-change:``batch``: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
* api-change:``codebuild``: AWS CodeBuild now supports global and organization GitHub webhooks
* api-change:``cognito-idp``: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
* api-change:``ds``: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
* api-change:``efs``: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
* api-change:``glue``: This release introduces a new feature, Usage profiles. Usage profiles allow
the AWS Glue admin to create different profiles for various classes of users within the account,
enforcing limits and defaults for jobs and sessions.
* api-change:``mediaconvert``: This release includes support for creating I-frame only video
segments for DASH trick play.
* api-change:``secretsmanager``: Doc only update for Secrets Manager
* api-change:``waf``: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
- from version 1.34.127
* api-change:``datazone``: This release introduces a new default service blueprint for custom
environment creation.
* api-change:``ec2``: Documentation updates for Amazon EC2.
* api-change:``macie2``: This release adds support for managing the status of automated sensitive
data discovery for individual accounts in an organization, and determining whether individual S3
buckets are included in the scope of the analyses.
* api-change:``mediaconvert``: This release adds the ability to search for historical job records
within the management console using a search box and/or via the SDK/CLI with partial string
matching search on input file name.
* api-change:``route53domains``: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
- from version 1.34.126
* api-change:``cloudhsmv2``: Added support for hsm type hsm2m.medium. Added supported for creating
a cluster in FIPS or NON_FIPS mode.
* api-change:``glue``: This release adds support for configuration of evaluation method for
composite rules in Glue Data Quality rulesets.
* api-change:``iotwireless``: Add RoamingDeviceSNR and RoamingDeviceRSSI to Customer Metrics.
* api-change:``kms``: This feature allows customers to use their keys stored in KMS to derive a
shared secret which can then be used to establish a secured channel for communication, provide
proof of possession, or establish trust with other parties.
* api-change:``mediapackagev2``: This release adds support for CMAF ingest (DASH-IF live media
ingest protocol interface 1)
- from version 1.34.125
* api-change:``apptest``: AWS Mainframe Modernization Application Testing is an AWS Mainframe
Modernization service feature that automates functional equivalence testing for mainframe
application modernization and migration to AWS, and regression testing.
* api-change:``backupstorage``: The backupstorage client has been removed following the deprecation
of the service.
* api-change:``ec2``: Tagging support for Traffic Mirroring FilterRule resource
* api-change:``osis``: SDK changes for self-managed vpc endpoint to OpenSearch ingestion pipelines.
* api-change:``redshift``: Updates to remove DC1 and DS2 node types.
* api-change:``secretsmanager``: Introducing RotationToken parameter for PutSecretValue API
* api-change:``securitylake``: This release updates request validation regex to account for
non-commercial aws partitions.
* api-change:``sesv2``: This release adds support for Amazon EventBridge as an email sending events
destination.
- from version 1.34.124
* api-change:``accessanalyzer``: IAM Access Analyzer now provides policy recommendations to help
resolve unused permissions for IAM roles and users. Additionally, IAM Access Analyzer now extends
its custom policy checks to detect when IAM policies grant public access or access to critical
resources ahead of deployments.
* api-change:``guardduty``: Added API support for GuardDuty Malware Protection for S3.
* api-change:``networkmanager``: This is model changes & documentation update for Service Insertion
feature for AWS Cloud WAN. This feature allows insertion of AWS/3rd party security services on
Cloud WAN. This allows to steer inter/intra segment traffic via security appliances and provide
visibility to the route updates.
* api-change:``pca-connector-scep``: Connector for SCEP allows you to use a managed, cloud CA to
enroll mobile devices and networking gear. SCEP is a widely-adopted protocol used by mobile device
management (MDM) solutions for enrolling mobile devices. With the connector, you can use AWS
Private CA with popular MDM solutions.
* api-change:``sagemaker``: Introduced Scope and AuthenticationRequestExtraParams to SageMaker
Workforce OIDC configuration; this allows customers to modify these options for their private
Workforce IdP integration. Model Registry Cross-account model package groups are discoverable.
- from version 1.34.123
* api-change:``application-signals``: This is the initial SDK release for Amazon CloudWatch
Application Signals. Amazon CloudWatch Application Signals provides curated application performance
monitoring for developers to monitor and troubleshoot application health using pre-built dashboards
and Service Level Objectives.
* api-change:``ecs``: This release introduces a new cluster configuration to support the
customer-managed keys for ECS managed storage encryption.
* api-change:``imagebuilder``: This release updates the regex pattern for Image Builder ARNs.
- Update to 1.34.122
* api-change:``auditmanager``: New feature: common controls. When creating custom controls, you can
now use pre-grouped AWS data sources based on common compliance themes. Also, the awsServices
parameter is deprecated because we now manage services in scope for you. If used, the input is
ignored and an empty list is returned.
* api-change:``b2bi``: Added exceptions to B2Bi List operations and ConflictException to B2Bi
StartTransformerJob operation. Also made capabilities field explicitly required when creating a
Partnership.
* api-change:``codepipeline``: CodePipeline now supports overriding S3 Source Object Key during
StartPipelineExecution, as part of Source Overrides.
* api-change:``sagemaker``: This release introduces a new optional parameter: InferenceAmiVersion,
in ProductionVariant.
* api-change:``verifiedpermissions``: This release adds OpenIdConnect (OIDC) configuration support
for IdentitySources, allowing for external IDPs to be used in authorization requests.
- from version 1.34.121
* api-change:``account``: This release adds 3 new APIs (AcceptPrimaryEmailUpdate, GetPrimaryEmail,
and StartPrimaryEmailUpdate) used to centrally manage the root user email address of member
accounts within an AWS organization.
* api-change:``alexaforbusiness``: The alexaforbusiness client has been removed following the
deprecation of the service.
* api-change:``firehose``: Adds integration with Secrets Manager for Redshift, Splunk,
HttpEndpoint, and Snowflake destinations
* api-change:``fsx``: This release adds support to increase metadata performance on FSx for Lustre
file systems beyond the default level provisioned when a file system is created. This can be done
by specifying MetadataConfiguration during the creation of Persistent_2 file systems or by updating
it on demand.
* api-change:``glue``: This release adds support for creating and updating Glue Data Catalog Views.
* api-change:``honeycode``: The honeycode client has been removed following the deprecation of the
service.
* api-change:``iotwireless``: Adds support for wireless device to be in Conflict FUOTA Device
Status due to a FUOTA Task, so it couldn't be attached to a new one.
* api-change:``location``: Added two new APIs, VerifyDevicePosition and ForecastGeofenceEvents.
Added support for putting larger geofences up to 100,000 vertices with Geobuf fields.
* api-change:``sns``: Doc-only update for SNS. These changes include customer-reported issues and
TXC3 updates.
* api-change:``sqs``: Doc only updates for SQS. These updates include customer-reported issues and
TCX3 modifications.
* api-change:``storagegateway``: Adds SoftwareUpdatePreferences to DescribeMaintenanceStartTime and
UpdateMaintenanceStartTime, a structure which contains AutomaticUpdatePolicy.
* enhancement:AWSCRT: Update awscrt version to 0.20.11
- from version 1.34.120
* api-change:``globalaccelerator``: This release contains a new optional ip-addresses input field
for the update accelerator and update custom routing accelerator apis. This input enables consumers
to replace IPv4 addresses on existing accelerators with addresses provided in the input.
* api-change:``glue``: AWS Glue now supports native SaaS connectivity: Salesforce connector
available now
* api-change:``s3``: Added new params copySource and key to copyObject API for supporting S3 Access
Grants plugin. These changes will not change any of the existing S3 API functionality.
- from version 1.34.119
* api-change:``ec2``: U7i instances with up to 32 TiB of DDR5 memory and 896 vCPUs are now
available. C7i-flex instances are launched and are lower-priced variants of the Amazon EC2 C7i
instances that offer a baseline level of CPU performance with the ability to scale up to the full
compute performance 95% of the time.
* api-change:``pipes``: This release adds Timestream for LiveAnalytics as a supported target in
EventBridge Pipes
* api-change:``sagemaker``: Extend DescribeClusterNode response with private DNS hostname and IP
address, and placement information about availability zone and availability zone ID.
* api-change:``taxsettings``: Initial release of AWS Tax Settings API
- from version 1.34.118
* api-change:``amplify``: This doc-only update identifies fields that are specific to Gen 1 and Gen
2 applications.
* api-change:``batch``: This release adds support for the AWS Batch GetJobQueueSnapshot API
operation.
* api-change:``eks``: Adds support for EKS add-ons pod identity associations integration
* api-change:``iottwinmaker``: Support RESET_VALUE UpdateType for PropertyUpdates to reset property
value to default or null
- from version 1.34.117
* api-change:``codebuild``: AWS CodeBuild now supports Self-hosted GitHub Actions runners for
Github Enterprise
* api-change:``codeguru-security``: This release includes minor model updates and documentation
updates.
* api-change:``elasticache``: Update to attributes of TestFailover and minor revisions.
* api-change:``launch-wizard``: This release adds support for describing workload deployment
specifications, deploying additional workload types, and managing tags for Launch Wizard resources
with API operations.
- from version 1.34.116
* api-change:``acm``: add v2 smoke tests and smithy smokeTests trait for SDK testing.
* api-change:``bedrock-agent``: With this release, Knowledge bases for Bedrock adds support for
Titan Text Embedding v2.
* api-change:``bedrock-runtime``: This release adds Converse and ConverseStream APIs to Bedrock
Runtime
* api-change:``cloudtrail``: CloudTrail Lake returns PartitionKeys in the GetEventDataStore API
response. Events are grouped into partitions based on these keys for better query performance. For
example, the calendarday key groups events by day, while combining the calendarday key with the
hour key groups them by day and hour.
* api-change:``connect``: Adding associatedQueueIds as a SearchCriteria and response field to the
SearchRoutingProfiles API
* api-change:``emr-serverless``: The release adds support for spark structured streaming.
* api-change:``rds``: Updates Amazon RDS documentation for Aurora Postgres DBname.
* api-change:``sagemaker``: Adds Model Card information as a new component to Model Package.
Autopilot launches algorithm selection for TimeSeries modality to generate AutoML candidates per
algorithm.
- from version 1.34.115
* api-change:``athena``: Throwing validation errors on CreateNotebook with Name containing
`/`,`:`,`\`
* api-change:``codebuild``: AWS CodeBuild now supports manually creating GitHub webhooks
* api-change:``connect``: This release includes changes to DescribeContact API's response by
including ConnectedToSystemTimestamp, RoutingCriteria, Customer, Campaign,
AnsweringMachineDetectionStatus, CustomerVoiceActivity, QualityMetrics, DisconnectDetails, and
SegmentAttributes information from a contact in Amazon Connect.
* api-change:``glue``: Add optional field JobMode to CreateJob and UpdateJob APIs.
* api-change:``securityhub``: Add ROOT type for TargetType model
- from version 1.34.114
* api-change:``dynamodb``: Doc-only update for DynamoDB. Specified the IAM actions needed to
authorize a user to create a table with a resource-based policy.
* api-change:``ec2``: Providing support to accept BgpAsnExtended attribute
* api-change:``kafka``: Adds ControllerNodeInfo in ListNodes response to support Raft mode for MSK
* api-change:``swf``: This release adds new APIs for deleting activity type and workflow type
resources.
- from version 1.34.113
* api-change:``dynamodb``: Documentation only updates for DynamoDB.
* api-change:``iotfleetwise``: AWS IoT FleetWise now supports listing vehicles with attributes
filter, ListVehicles API is updated to support additional attributes filter.
* api-change:``managedblockchain``: This is a minor documentation update to address the impact of
the shut down of the Goerli and Polygon networks.
- from version 1.34.112
* api-change:``emr-serverless``: This release adds the capability to run interactive workloads
using Apache Livy Endpoint.
* api-change:``opsworks``: Documentation-only update for OpsWorks Stacks.
- from version 1.34.111
* api-change:``chatbot``: This change adds support for tagging Chatbot configurations.
* api-change:``cloudformation``: Added DeletionMode FORCE_DELETE_STACK for deleting a stack that is
stuck in DELETE_FAILED state due to resource deletion failure.
* api-change:``kms``: This release includes feature to import customer's asymmetric (RSA, ECC and
SM2) and HMAC keys into KMS in China.
* api-change:``opensearch``: This release adds support for enabling or disabling a data source
configured as part of Zero-ETL integration with Amazon S3, by setting its status.
* api-change:``wafv2``: You can now use Security Lake to collect web ACL traffic data.
- from version 1.34.110
* api-change:``cloudfront``: Model update; no change to SDK functionality.
* api-change:``glue``: Add Maintenance window to CreateJob and UpdateJob APIs and JobRun response.
Add a new Job Run State for EXPIRED.
* api-change:``lightsail``: This release adds support for Amazon Lightsail instances to switch
between dual-stack or IPv4 only and IPv6-only public IP address types.
* api-change:``mailmanager``: This release includes a new Amazon SES feature called Mail Manager,
which is a set of email gateway capabilities designed to help customers strengthen their
organization's email infrastructure, simplify email workflow management, and streamline email
compliance control.
* api-change:``pi``: Performance Insights added a new input parameter called AuthorizedActions to
support the fine-grained access feature. Performance Insights also restricted the acceptable input
characters.
* api-change:``rds``: Updates Amazon RDS documentation for Db2 license through AWS Marketplace.
* api-change:``storagegateway``: Added new SMBSecurityStrategy enum named
MandatoryEncryptionNoAes128, new mode enforces encryption and disables AES 128-bit algorithums.
- from version 1.34.109
* api-change:``bedrock-agent``: This release adds support for using Guardrails with Bedrock Agents.
* api-change:``bedrock-agent-runtime``: This release adds support for using Guardrails with Bedrock
Agents.
* api-change:``controltower``: Added ListControlOperations API and filtering support for
ListEnabledControls API. Updates also includes added metadata for enabled controls and control
operations.
* api-change:``osis``: Add support for creating an OpenSearch Ingestion pipeline that is attached
to a provided VPC. Add information about the destinations of an OpenSearch Ingestion pipeline to
the GetPipeline and ListPipelines APIs.
* api-change:``rds``: This release adds support for EngineLifecycleSupport on DBInstances,
DBClusters, and GlobalClusters.
* api-change:``secretsmanager``: add v2 smoke tests and smithy smokeTests trait for SDK testing
- from version 1.34.108
* api-change:``application-autoscaling``: add v2 smoke tests and smithy smokeTests trait for SDK
testing.
* api-change:``codebuild``: Aws CodeBuild now supports 36 hours build timeout
* api-change:``elbv2``: This release adds dualstack-without-public-ipv4 IP address type for ALB.
* api-change:``lakeformation``: Introduces a new API, GetDataLakePrincipal, that returns the
identity of the invoking principal
* api-change:``transfer``: Enable use of CloudFormation traits in Smithy model to improve generated
CloudFormation schema from the Smithy API model.
- from version 1.34.107
* api-change:``acm-pca``: This release adds support for waiters to fail on AccessDeniedException
when having insufficient permissions
* api-change:``connect``: Adding Contact Flow metrics to the GetMetricDataV2 API
* api-change:``kafka``: AWS MSK support for Broker Removal.
* api-change:``mwaa``: Amazon MWAA now supports Airflow web server auto scaling to automatically
handle increased demand from REST APIs, Command Line Interface (CLI), or more Airflow User
Interface (UI) users. Customers can specify maximum and minimum web server instances during
environment creation and update workflow.
* api-change:``quicksight``: This release adds DescribeKeyRegistration and UpdateKeyRegistration
APIs to manage QuickSight Customer Managed Keys (CMK).
* api-change:``sagemaker``: Introduced WorkerAccessConfiguration to SageMaker Workteam. This allows
customers to configure resource access for workers in a workteam.
* api-change:``secretsmanager``: Documentation updates for AWS Secrets Manager
* bugfix:retries: Fix backoff calculation for truncated binary exponential backoff (`#3178
<https://github.com/boto/botocore/issues/3178>`__)
- from version 1.34.106
* api-change:``bedrock-agent-runtime``: Updating Bedrock Knowledge Base Metadata & Filters feature
with two new filters listContains and stringContains
* api-change:``codebuild``: CodeBuild Reserved Capacity VPC Support
* api-change:``datasync``: Task executions now display a CANCELLING status when an execution is in
the process of being cancelled.
* api-change:``grafana``: This release adds new ServiceAccount and ServiceAccountToken APIs.
* api-change:``medical-imaging``: Added support for importing medical imaging data from Amazon S3
buckets across accounts and regions.
* api-change:``securityhub``: Documentation-only update for AWS Security Hub
- Update to 1.34.105
* api-change:``connect``: Amazon Connect provides enhanced search capabilities for flows & flow
modules on the Connect admin website and programmatically using APIs. You can search for flows and
flow modules by name, description, type, status, and tags, to filter and identify a specific flow
in your Connect instances.
* api-change:``s3``: Updated a few x-id in the http uri traits
- from version 1.34.104
* api-change:``events``: Amazon EventBridge introduces KMS customer-managed key (CMK) encryption
support for custom and partner events published on EventBridge Event Bus (including default bus)
and UpdateEventBus API.
* api-change:``vpc-lattice``: This release adds TLS Passthrough support. It also increases max
number of target group per rule to 10.
- from version 1.34.103
* api-change:``discovery``: add v2 smoke tests and smithy smokeTests trait for SDK testing
* api-change:``greengrassv2``: Mark ComponentVersion in ComponentDeploymentSpecification as
required.
* api-change:``sagemaker``: Introduced support for G6 instance types on Sagemaker Notebook
Instances and on SageMaker Studio for JupyterLab and CodeEditor applications.
* api-change:``sso-oidc``: Updated request parameters for PKCE support.
- from version 1.34.102
* api-change:``bedrock-agent-runtime``: This release adds support to provide guardrail
configuration and modify inference parameters that are then used in RetrieveAndGenerate API in
Agents for Amazon Bedrock.
* api-change:``pinpoint``: This release adds support for specifying email message headers for Email
Templates, Campaigns, Journeys and Send Messages.
* api-change:``route53resolver``: Update the DNS Firewall settings to correct a spelling issue.
* api-change:``ssm-sap``: Added support for application-aware start/stop of SAP applications
running on EC2 instances, with SSM for SAP
* api-change:``verifiedpermissions``: Adds policy effect and actions fields to Policy API's.
- from version 1.34.101
* api-change:``cognito-idp``: Add EXTERNAL_PROVIDER enum value to UserStatusType.
* api-change:``ec2``: Adding Precision Hardware Clock (PHC) to public API DescribeInstanceTypes
* api-change:``ecr``: This release adds pull through cache rules support for GitLab container
registry in Amazon ECR.
* api-change:``fms``: The policy scope resource tag is always a string value, either a non-empty
string or an empty string.
* api-change:``polly``: Add new engine - generative - that builds the most expressive
conversational voices.
* api-change:``sqs``: This release adds MessageSystemAttributeNames to ReceiveMessageRequest to
replace AttributeNames.
- from version 1.34.100
* api-change:``b2bi``: Documentation update to clarify the MappingTemplate definition.
* api-change:``budgets``: This release adds tag support for budgets and budget actions.
* api-change:``resiliencehub``: AWS Resilience Hub has expanded its drift detection capabilities by
introducing a new type of drift detection - application resource drift. This new enhancement
detects changes, such as the addition or deletion of resources within the application's input
sources.
* api-change:``route53profiles``: Doc only update for Route 53 profiles that fixes some link issues
- from version 1.34.99
* api-change:``medialive``: AWS Elemental MediaLive now supports configuring how SCTE 35
passthrough triggers segment breaks in HLS and MediaPackage output groups. Previously, messages
triggered breaks in all these output groups. The new option is to trigger segment breaks only in
groups that have SCTE 35 passthrough enabled.
- from version 1.34.98
* api-change:``bedrock-agent``: This release adds support for using Provisioned Throughput with
Bedrock Agents.
* api-change:``connect``: This release adds 5 new APIs for managing attachments:
StartAttachedFileUpload, CompleteAttachedFileUpload, GetAttachedFile, BatchGetAttachedFileMetadata,
DeleteAttachedFile. These APIs can be used to programmatically upload and download attachments to
Connect resources, like cases.
* api-change:``connectcases``: This feature supports the release of Files related items
* api-change:``datasync``: Updated guidance on using private or self-signed certificate authorities
(CAs) with AWS DataSync object storage locations.
* api-change:``inspector2``: This release adds CSV format to GetCisScanReport for Inspector v2
* api-change:``sagemaker``: Amazon SageMaker Inference now supports m6i, c6i, r6i, m7i, c7i, r7i
and g5 instance types for Batch Transform Jobs
* api-change:``sesv2``: Adds support for specifying replacement headers per BulkEmailEntry in
SendBulkEmail in SESv2.
- from version 1.34.97
* api-change:``dynamodb``: This release adds support to specify an optional, maximum
OnDemandThroughput for DynamoDB tables and global secondary indexes in the CreateTable or
UpdateTable APIs. You can also override the OnDemandThroughput settings by calling the ImportTable,
RestoreFromPointInTime, or RestoreFromBackup APIs.
* api-change:``ec2``: This release includes a new API for retrieving the public endorsement key of
the EC2 instance's Nitro Trusted Platform Module (NitroTPM).
* api-change:``personalize``: This releases ability to delete users and their data, including their
metadata and interactions data, from a dataset group.
* api-change:``redshift-serverless``: Update Redshift Serverless List Scheduled Actions Output
Response to include Namespace Name.
- from version 1.34.96
* api-change:``bedrock-agent``: This release adds support for using MongoDB Atlas as a vector store
when creating a knowledge base.
* api-change:``ec2``: Documentation updates for Amazon EC2.
* api-change:``personalize-runtime``: This release adds support for a Reason attribute for
predicted items generated by User-Personalization-v2.
* api-change:``securityhub``: Updated CreateMembers API request with limits.
* api-change:``sesv2``: Fixes ListContacts and ListImportJobs APIs to use POST instead of GET.
- from version 1.34.95
* api-change:``chime-sdk-voice``: Due to changes made by the Amazon Alexa service,
GetSipMediaApplicationAlexaSkillConfiguration and PutSipMediaApplicationAlexaSkillConfiguration
APIs are no longer available for use. For more information, refer to the Alexa Smart Properties
page.
* api-change:``codeartifact``: Add support for the Ruby package format.
* api-change:``fms``: AWS Firewall Manager now supports the network firewall service stream
exception policy feature for accounts within your organization.
* api-change:``omics``: Add support for workflow sharing and dynamic run storage
* api-change:``opensearch``: This release enables customers to create Route53 A and AAAA alias
record types to point custom endpoint domain to OpenSearch domain's dualstack search endpoint.
* api-change:``pinpoint-sms-voice-v2``: Amazon Pinpoint has added two new features Multimedia
services (MMS) and protect configurations. Use the three new MMS APIs to send media messages to a
mobile phone which includes image, audio, text, or video files. Use the ten new protect
configurations APIs to block messages to specific countries.
* api-change:``qbusiness``: This is a general availability (GA) release of Amazon Q Business. Q
Business enables employees in an enterprise to get comprehensive answers to complex questions and
take actions through a unified, intuitive web-based chat experience - using an enterprise's
existing content, data, and systems.
* api-change:``quicksight``: New Q embedding supporting Generative Q&A
* api-change:``route53resolver``: Release of FirewallDomainRedirectionAction parameter on the Route
53 DNS Firewall Rule. This allows customers to configure a DNS Firewall rule to inspect all the
domains in the DNS redirection chain (default) , such as CNAME, ALIAS, DNAME, etc., or just the
first domain and trust the rest.
* api-change:``sagemaker``: Amazon SageMaker Training now supports the use of attribute-based
access control (ABAC) roles for training job execution roles. Amazon SageMaker Inference now
supports G6 instance types.
* api-change:``signer``: Documentation updates for AWS Signer. Adds cross-account signing
constraint and definitions for cross-account actions.
- from version 1.34.94
* api-change:``amplify``: Updating max results limit for listing any resources (Job, Artifacts,
Branch, BackendResources, DomainAssociation) to 50 with the exception of list apps that where max
results can be up to 100.
* api-change:``connectcases``: This feature releases DeleteField, DeletedLayout, and DeleteTemplate
API's
* api-change:``inspector2``: Update Inspector2 to include new Agentless API parameters.
* api-change:``timestream-query``: This change allows users to update and describe account settings
associated with their accounts.
* api-change:``transcribe``: This update provides error messaging for generative call summarization
in Transcribe Call Analytics
* api-change:``trustedadvisor``: This release adds the BatchUpdateRecommendationResourceExclusion
API to support batch updates of Recommendation Resource exclusion statuses and introduces a new
exclusion status filter to the ListRecommendationResources and
ListOrganizationRecommendationResources APIs.
- from version 1.34.93
* api-change:``codepipeline``: Add ability to manually and automatically roll back a pipeline stage
to a previously successful execution.
* api-change:``cognito-idp``: Add LimitExceededException to SignUp errors
* api-change:``connectcampaigns``: This release adds support for specifying if Answering Machine
should wait for prompt sound.
* api-change:``marketplace-entitlement``: Releasing minor endpoint updates.
* api-change:``oam``: This release introduces support for Source Accounts to define which Metrics
and Logs to share with the Monitoring Account
* api-change:``rds``: SupportsLimitlessDatabase field added to describe-db-engine-versions to
indicate whether the DB engine version supports Aurora Limitless Database.
* api-change:``support``: Releasing minor endpoint updates.
- from version 1.34.92
* api-change:``appsync``: UpdateGraphQLAPI documentation update and datasource introspection secret
arn update
* api-change:``fms``: AWS Firewall Manager adds support for network ACL policies to manage Amazon
Virtual Private Cloud (VPC) network access control lists (ACLs) for accounts in your organization.
* api-change:``ivs``: Bug Fix: IVS does not support arns with the `svs` prefix
* api-change:``ivs-realtime``: Bug Fix: IVS Real Time does not support ARNs using the `svs` prefix.
* api-change:``rds``: Updates Amazon RDS documentation for setting local time zones for RDS for Db2
DB instances.
* api-change:``stepfunctions``: Add new ValidateStateMachineDefinition operation, which performs
syntax checking on the definition of a Amazon States Language (ASL) state machine.
- from version 1.34.91
* api-change:``datasync``: This change allows users to disable and enable the schedules associated
with their tasks.
* api-change:``ec2``: Launching capability for customers to enable or disable automatic assignment
of public IPv4 addresses to their network interface
* api-change:``emr-containers``: EMRonEKS Service support for SecurityConfiguration enforcement for
Spark Jobs.
* api-change:``entityresolution``: Support Batch Unique IDs Deletion.
* api-change:``gamelift``: Amazon GameLift releases container fleets support for public preview.
Deploy Linux-based containerized game server software for hosting on Amazon GameLift.
* api-change:``ssm``: Add SSM DescribeInstanceProperties API to public AWS SDK.
- from version 1.34.90
* api-change:``bedrock``: This release introduces Model Evaluation and Guardrails for Amazon
Bedrock.
* api-change:``bedrock-agent``: Introducing the ability to create multiple data sources per
knowledge base, specify S3 buckets as data sources from external accounts, and exposing levers to
define the deletion behavior of the underlying vector store data.
* api-change:``bedrock-agent-runtime``: This release introduces zero-setup file upload support for
the RetrieveAndGenerate API. This allows you to chat with your data without setting up a Knowledge
Base.
* api-change:``bedrock-runtime``: This release introduces Guardrails for Amazon Bedrock.
* api-change:``ce``: Added additional metadata that might be applicable to your reservation
recommendations.
* api-change:``ec2``: This release introduces EC2 AMI Deregistration Protection, a new AMI property
that can be enabled by customers to protect an AMI against an unintended deregistration. This
release also enables the AMI owners to view the AMI 'LastLaunchedTime' in DescribeImages API.
* api-change:``pi``: Clarifies how aggregation works for GetResourceMetrics in the Performance
Insights API.
* api-change:``rds``: Fix the example ARN for ModifyActivityStreamRequest
* api-change:``sqs``: This release enables customers to call SQS using AWS JSON-1.0 protocol
* api-change:``workspaces-web``: Added InstanceType and MaxConcurrentSessions parameters on
CreatePortal and UpdatePortal Operations as well as the ability to read Customer Managed Key &
Additional Encryption Context parameters on supported resources (Portal, BrowserSettings,
UserSettings, IPAccessSettings)
- from version 1.34.89
* api-change:``bedrock-agent``: Releasing the support for simplified configuration and return of
control
* api-change:``bedrock-agent-runtime``: Releasing the support for simplified configuration and
return of control
* api-change:``payment-cryptography``: Adding support to TR-31/TR-34 exports for optional headers,
allowing customers to add additional metadata (such as key version and KSN) when exporting keys
from the service.
* api-change:``redshift-serverless``: Updates description of schedule field for scheduled actions.
* api-change:``route53profiles``: Route 53 Profiles allows you to apply a central DNS configuration
across many VPCs regardless of account.
* api-change:``sagemaker``: This release adds support for Real-Time Collaboration and Shared Space
for JupyterLab App on SageMaker Studio.
* api-change:``servicediscovery``: This release adds examples to several Cloud Map actions.
* api-change:``transfer``: Adding new API to support remote directory listing using SFTP connector
- from version 1.34.88
* api-change:``glue``: Adding RowFilter in the response for GetUnfilteredTableMetadata API
* api-change:``internetmonitor``: This update introduces the GetInternetEvent and
ListInternetEvents APIs, which provide access to internet events displayed on the Amazon CloudWatch
Internet Weather Map.
* api-change:``personalize``: This releases auto training capability while creating a solution and
automatically syncing latest solution versions when creating/updating a campaign
- from version 1.34.87
* api-change:``drs``: Outpost ARN added to Source Server and Recovery Instance
* api-change:``emr-serverless``: This release adds the capability to publish detailed Spark engine
metrics to Amazon Managed Service for Prometheus (AMP) for enhanced monitoring for Spark jobs.
* api-change:``guardduty``: Added IPv6Address fields for local and remote IP addresses
* api-change:``quicksight``: This release adds support for the Cross Sheet Filter and Control
features, and support for warnings in asset imports for any permitted errors encountered during
execution
* api-change:``rolesanywhere``: This release introduces the PutAttributeMapping and
DeleteAttributeMapping APIs. IAM Roles Anywhere now provides the capability to define a set of
mapping rules, allowing customers to specify which data is extracted from their X.509 end-entity
certificates.
* api-change:``sagemaker``: Removed deprecated enum values and updated API documentation.
* api-change:``workspaces``: Adds new APIs for managing and sharing WorkSpaces BYOL configuration
across accounts.
- from version 1.34.86
* api-change:``ec2``: Documentation updates for Elastic Compute Cloud (EC2).
* api-change:``qbusiness``: This release adds support for IAM Identity Center (IDC) as the identity
gateway for Q Business. It also allows users to provide an explicit intent for Q Business to
identify how the Chat request should be handled.
- from version 1.34.85
* api-change:``bedrock-agent``: For Create Agent API, the agentResourceRoleArn parameter is no
longer required.
* api-change:``emr-serverless``: This release adds support for shuffle optimized disks that allow
larger disk sizes and higher IOPS to efficiently run shuffle heavy workloads.
* api-change:``entityresolution``: Cross Account Resource Support .
* api-change:``iotwireless``: Add PublicGateways in the GetWirelessStatistics call response,
indicating the LoRaWAN public network accessed by the device.
* api-change:``lakeformation``: This release adds Lake Formation managed RAM support for the 4 APIs
- "DescribeLakeFormationIdentityCenterConfiguration",
"CreateLakeFormationIdentityCenterConfiguration",
"DescribeLakeFormationIdentityCenterConfiguration", and
"DeleteLakeFormationIdentityCenterConfiguration"
* api-change:``m2``: Adding new ListBatchJobRestartPoints API and support for restart batch job.
* api-change:``mediapackagev2``: Dash v2 is a MediaPackage V2 feature to support egressing on DASH
manifest format.
* api-change:``outposts``: This release adds new APIs to allow customers to configure their Outpost
capacity at order-time.
* api-change:``wellarchitected``: AWS Well-Architected now has a Connector for Jira to allow
customers to efficiently track workload risks and improvement efforts and create closed-loop
mechanisms.
* enhancement:AWSCRT: Update awscrt version to 0.20.9
- from version 1.34.84
* api-change:``cloudformation``: Adding support for the new parameter "IncludePropertyValues" in
the CloudFormation DescribeChangeSet API. When this parameter is included, the DescribeChangeSet
response will include more detailed information such as before and after values for the resource
properties that will change.
* api-change:``config``: Updates documentation for AWS Config
* api-change:``glue``: Modifying request for GetUnfilteredTableMetadata for view-related fields.
* api-change:``healthlake``: Added new CREATE_FAILED status for data stores. Added new errorCause
to DescribeFHIRDatastore API and ListFHIRDatastores API response for additional insights into data
store creation and deletion workflows.
* api-change:``iotfleethub``: Documentation updates for AWS IoT Fleet Hub to clarify that Fleet Hub
supports organization instance of IAM Identity Center.
* api-change:``kms``: This feature supports the ability to specify a custom rotation period for
automatic key rotations, the ability to perform on-demand key rotations, and visibility into your
key material rotations.
* api-change:``mediatailor``: Added InsertionMode to PlaybackConfigurations. This setting controls
whether players can use stitched or guided ad insertion. The default for players that do not
specify an insertion mode is stitched.
* api-change:``neptune-graph``: Update to API documentation to resolve customer reported issues.
* api-change:``outposts``: This release adds EXPEDITORS as a valid shipment carrier.
* api-change:``redshift``: Adds support for Amazon Redshift DescribeClusterSnapshots API to include
Snapshot ARN response field.
* api-change:``transfer``: This change releases support for importing self signed certificates to
the Transfer Family for sending outbound file transfers over TLS/HTTPS.
- from version 1.34.83
* api-change:``batch``: This release adds the task properties field to attempt details and the name
field on EKS container detail.
* api-change:``cloudfront``: CloudFront origin access control extends support to AWS Lambda
function URLs and AWS Elemental MediaPackage v2 origins.
* api-change:``cloudwatch``: This release adds support for Metric Characteristics for CloudWatch
Anomaly Detection. Anomaly Detector now takes Metric Characteristics object with Periodic Spikes
boolean field that tells Anomaly Detection that spikes that repeat at the same time every week are
part of the expected pattern.
* api-change:``codebuild``: Support access tokens for Bitbucket sources
* api-change:``iam``: For CreateOpenIDConnectProvider API, the ThumbprintList parameter is no
longer required.
* api-change:``medialive``: AWS Elemental MediaLive introduces workflow monitor, a new feature that
enables the visualization and monitoring of your media workflows. Create signal maps of your
existing workflows and monitor them by creating notification and monitoring template groups.
* api-change:``omics``: This release adds support for retrieval of S3 direct access metadata on
sequence stores and read sets, and adds support for SHA256up and SHA512up HealthOmics ETags.
* api-change:``pipes``: LogConfiguration ARN validation fixes
* api-change:``rds``: Updates Amazon RDS documentation for Standard Edition 2 support in RDS Custom
for Oracle.
* api-change:``s3control``: Documentation updates for Amazon S3-control.
- from version 1.34.82
* api-change:``cleanrooms``: AWS Clean Rooms Differential Privacy is now fully available.
Differential privacy protects against user-identification attempts.
* api-change:``connect``: This release adds new Submit Auto Evaluation Action for Amazon Connect
Rules.
* api-change:``networkmonitor``: Examples were added to CloudWatch Network Monitor commands.
* api-change:``qconnect``: This release adds a new QiC public API updateSession and updates an
existing QiC public API createSession
* api-change:``rekognition``: Added support for ContentType to content moderation detections.
* api-change:``supplychain``: This release includes API SendDataIntegrationEvent for AWS Supply
Chain
* api-change:``workspaces-thin-client``: Adding tags field to SoftwareSet. Removing tags fields
from Summary objects. Changing the list of exceptions in tagging APIs. Fixing an issue where the
SDK returns empty tags in Get APIs.
- from version 1.34.81
* api-change:``codebuild``: Add new webhook filter types for GitHub webhooks
* api-change:``mediaconvert``: This release includes support for bringing your own fonts to use for
burn-in or DVB-Sub captioning workflows.
* api-change:``pinpoint``: The OrchestrationSendingRoleArn has been added to the email channel and
is used to send emails from campaigns or journeys.
* api-change:``rds``: This release adds support for specifying the CA certificate to use for the
new db instance when restoring from db snapshot, restoring from s3, restoring to point in time, and
creating a db instance read replica.
- from version 1.34.80
* api-change:``controlcatalog``: This is the initial SDK release for AWS Control Catalog, a central
catalog for AWS managed controls. This release includes 3 new APIs - ListDomains, ListObjectives,
and ListCommonControls - that vend high-level data to categorize controls across the AWS platform.
* api-change:``mgn``: Added USE_SOURCE as default option to LaunchConfigurationTemplate bootMode
parameter.
* api-change:``networkmonitor``: Updated the allowed monitorName length for CloudWatch Network
Monitor.
- from version 1.34.79
* api-change:``quicksight``: Adding IAMIdentityCenterInstanceArn parameter to
CreateAccountSubscription
* api-change:``resource-groups``: Added a new QueryErrorCode RESOURCE_TYPE_NOT_SUPPORTED that is
returned by the ListGroupResources operation if the group query contains unsupported resource types.
* api-change:``verifiedpermissions``: Adding BatchIsAuthorizedWithToken API which supports multiple
authorization requests against a PolicyStore given a bearer token.
- from version 1.34.78
* api-change:``b2bi``: Adding support for X12 5010 HIPAA EDI version and associated transaction
sets.
* api-change:``cleanrooms``: Feature: New schemaStatusDetails field to the existing Schema object
that displays a status on Schema API responses to show whether a schema is queryable or not. New
BatchGetSchemaAnalysisRule API to retrieve multiple schemaAnalysisRules using a single API call.
* api-change:``ec2``: Amazon EC2 G6 instances powered by NVIDIA L4 Tensor Core GPUs can be used for
a wide range of graphics-intensive and machine learning use cases. Gr6 instances also feature
NVIDIA L4 GPUs and can be used for graphics workloads with higher memory requirements.
* api-change:``emr-containers``: This release adds support for integration with EKS AccessEntry
APIs to enable automatic Cluster Access for EMR on EKS.
* api-change:``ivs``: API update to include an SRT ingest endpoint and passphrase for all channels.
* api-change:``verifiedpermissions``: Adds GroupConfiguration field to Identity Source API's
- from version 1.34.77
* api-change:``cleanroomsml``: The release includes a public SDK for AWS Clean Rooms ML APIs,
making them globally available to developers worldwide.
* api-change:``cloudformation``: This release would return a new field - PolicyAction in
cloudformation's existed DescribeChangeSetResponse, showing actions we are going to apply on the
physical resource (e.g., Delete, Retain) according to the user's template
* api-change:``datazone``: This release supports the feature of dataQuality to enrich asset with
dataQualityResult in Amazon DataZone.
* api-change:``docdb``: This release adds Global Cluster Switchover capability which enables you to
change your global cluster's primary AWS Region, the region that serves writes, while preserving
the replication between all regions in the global cluster.
* api-change:``groundstation``: This release adds visibilityStartTime and visibilityEndTime to
DescribeContact and ListContacts responses.
* api-change:``lambda``: Add Ruby 3.3 (ruby3.3) support to AWS Lambda
* api-change:``medialive``: Cmaf Ingest outputs are now supported in Media Live
* api-change:``medical-imaging``: SearchImageSets API now supports following enhancements -
Additional support for searching on UpdatedAt and SeriesInstanceUID - Support for searching
existing filters between dates/times - Support for sorting the search result by
Ascending/Descending - Additional parameters returned in the response
* api-change:``transfer``: Add ability to specify Security Policies for SFTP Connectors
- from version 1.34.76
* api-change:``ecs``: Documentation only update for Amazon ECS.
* api-change:``glue``: Adding View related fields to responses of read-only Table APIs.
* api-change:``ivschat``: Doc-only update. Changed "Resources" to "Key Concepts" in docs and
updated text.
* api-change:``rolesanywhere``: This release increases the limit on the roleArns request parameter
for the *Profile APIs that support it. This parameter can now take up to 250 role ARNs.
* api-change:``securityhub``: Documentation updates for AWS Security Hub
- from version 1.34.75
* api-change:``cloudwatch``: This release adds support for CloudWatch Anomaly Detection on
cross-account metrics. SingleMetricAnomalyDetector and MetricDataQuery inputs to Anomaly Detection
APIs now take an optional AccountId field.
* api-change:``datazone``: This release supports the feature of AI recommendations for descriptions
to enrich the business data catalog in Amazon DataZone.
* api-change:``deadline``: AWS Deadline Cloud is a new fully managed service that helps customers
set up, deploy, and scale rendering projects in minutes, so they can improve the efficiency of
their rendering pipelines and take on more projects.
* api-change:``emr``: This release fixes a broken link in the documentation.
* api-change:``lightsail``: This release adds support to upgrade the TLS version of the
distribution.
- from version 1.34.74
* api-change:``b2bi``: Supporting new EDI X12 transaction sets for X12 versions 4010, 4030, and
5010.
* api-change:``codebuild``: Add new fleet status code for Reserved Capacity.
* api-change:``codeconnections``: Duplicating the CodeStar Connections service into the new,
rebranded AWS CodeConnections service.
* api-change:``internetmonitor``: This release adds support to allow customers to track cross
account monitors through ListMonitor, GetMonitor, ListHealthEvents, GetHealthEvent, StartQuery APIs.
* api-change:``iotwireless``: Add support for retrieving key historical and live metrics for
LoRaWAN devices and gateways
* api-change:``marketplace-catalog``: This release enhances the ListEntities API to support
ResaleAuthorizationId filter and sort for OfferEntity in the request and the addition of a
ResaleAuthorizationId field in the response of OfferSummary.
* api-change:``neptune-graph``: Add the new API Start-Import-Task for Amazon Neptune Analytics.
* api-change:``sagemaker``: This release adds support for custom images for the CodeEditor App on
SageMaker Studio
- from version 1.34.73
* api-change:``codecatalyst``: This release adds support for understanding pending changes to
subscriptions by including two new response parameters for the GetSubscription API for Amazon
CodeCatalyst.
* api-change:``compute-optimizer``: This release enables AWS Compute Optimizer to analyze and
generate recommendations with a new customization preference, Memory Utilization.
* api-change:``ec2``: Amazon EC2 C7gd, M7gd and R7gd metal instances with up to 3.8 TB of local
NVMe-based SSD block-level storage have up to 45% improved real-time NVMe storage performance than
comparable Graviton2-based instances.
* api-change:``eks``: Add multiple customer error code to handle customer caused failure when
managing EKS node groups
* api-change:``guardduty``: Add EC2 support for GuardDuty Runtime Monitoring auto management.
* api-change:``neptune-graph``: Update ImportTaskCancelled waiter to evaluate task state correctly
and minor documentation changes.
* api-change:``oam``: This release adds support for sharing AWS::InternetMonitor::Monitor resources.
* api-change:``quicksight``: Amazon QuickSight: Adds support for setting up VPC Endpoint
restrictions for accessing QuickSight Website.
- from version 1.34.72
* api-change:``batch``: This feature allows AWS Batch to support configuration of imagePullSecrets
and allowPrivilegeEscalation for jobs running on EKS
* api-change:``bedrock-agent``: This changes introduces metadata documents statistics and also
updates the documentation for bedrock agent.
* api-change:``bedrock-agent-runtime``: This release introduces filtering support on Retrieve and
RetrieveAndGenerate APIs.
* api-change:``elasticache``: Added minimum capacity to Amazon ElastiCache Serverless. This
feature allows customer to ensure minimum capacity even without current load
* api-change:``secretsmanager``: Documentation updates for Secrets Manager
- from version 1.34.71
* api-change:``bedrock-agent-runtime``: This release adds support to customize prompts sent through
the RetrieveAndGenerate API in Agents for Amazon Bedrock.
* api-change:``ce``: Adds support for backfill of cost allocation tags, with new
StartCostAllocationTagBackfill and ListCostAllocationTagBackfillHistory API.
* api-change:``ec2``: Documentation updates for Elastic Compute Cloud (EC2).
* api-change:``ecs``: This is a documentation update for Amazon ECS.
* api-change:``finspace``: Add new operation delete-kx-cluster-node and add status parameter to
list-kx-cluster-node operation.
- from version 1.34.70
* api-change:``codebuild``: Supporting GitLab and GitLab Self Managed as source types in AWS
CodeBuild.
* api-change:``ec2``: Added support for ModifyInstanceMetadataDefaults and
GetInstanceMetadataDefaults to set Instance Metadata Service account defaults
* api-change:``ecs``: Documentation only update for Amazon ECS.
* api-change:``emr-containers``: This release increases the number of supported job template
parameters from 20 to 100.
* api-change:``globalaccelerator``: AWS Global Accelerator now supports cross-account sharing for
bring your own IP addresses.
* api-change:``medialive``: Exposing TileMedia H265 options
* api-change:``sagemaker``: Introduced support for the following new instance types on SageMaker
Studio for JupyterLab and CodeEditor applications: m6i, m6id, m7i, c6i, c6id, c7i, r6i, r6id, r7i,
and p5
- from version 1.34.69
* api-change:``firehose``: Updates Amazon Firehose documentation for message regarding Enforcing
Tags IAM Policy.
* api-change:``kendra``: Documentation update, March 2024. Corrects some docs for Amazon Kendra.
* api-change:``pricing``: Add ResourceNotFoundException to ListPriceLists and GetPriceListFileUrl
APIs
* api-change:``rolesanywhere``: This release relaxes constraints on the durationSeconds request
parameter for the *Profile APIs that support it. This parameter can now take on values that go up
to 43200.
* api-change:``securityhub``: Added new resource detail object to ASFF, including resource for
LastKnownExploitAt
- from version 1.34.68
* api-change:``codeartifact``: This release adds Package groups to CodeArtifact so you can more
conveniently configure package origin controls for multiple packages.
- from version 1.34.67
* api-change:``accessanalyzer``: This release adds support for policy validation and external
access findings for DynamoDB tables and streams. IAM Access Analyzer helps you author functional
and secure resource-based policies and identify cross-account access. Updated service API,
documentation, and paginators.
* api-change:``codebuild``: This release adds support for new webhook events (RELEASED and
PRERELEASED) and filter types (TAG_NAME and RELEASE_NAME).
* api-change:``connect``: This release updates the *InstanceStorageConfig APIs to support a new
ResourceType: REAL_TIME_CONTACT_ANALYSIS_CHAT_SEGMENTS. Use this resource type to enable streaming
for real-time analysis of chat contacts and to associate a Kinesis stream where real-time analysis
chat segments will be published.
* api-change:``dynamodb``: This release introduces 3 new APIs ('GetResourcePolicy',
'PutResourcePolicy' and 'DeleteResourcePolicy') and modifies the existing 'CreateTable' API for the
resource-based policy support. It also modifies several APIs to accept a 'TableArn' for the
'TableName' parameter.
* api-change:``managedblockchain-query``: AMB Query: update GetTransaction to include transactionId
as input
* api-change:``savingsplans``: Introducing the Savings Plans Return feature enabling customers to
return their Savings Plans within 7 days of purchase.
- from version 1.34.66
* api-change:``cloudformation``: Documentation update, March 2024. Corrects some formatting.
* api-change:``ec2``: This release adds the new DescribeMacHosts API operation for getting
information about EC2 Mac Dedicated Hosts. Users can now see the latest macOS versions that their
underlying Apple Mac can support without needing to be updated.
* api-change:``finspace``: Adding new attributes readWrite and onDemand to dataview models for
Database Maintenance operations.
* api-change:``logs``: Update LogSamples field in Anomaly model to be a list of LogEvent
* api-change:``managedblockchain-query``: Introduces a new API for Amazon Managed Blockchain Query:
ListFilteredTransactionEvents.
- from version 1.34.65
* api-change:``cloudformation``: This release supports for a new API
ListStackSetAutoDeploymentTargets, which provider auto-deployment configuration as a describable
resource. Customers can now view the specific combinations of regions and OUs that are being
auto-deployed.
* api-change:``kms``: Adds the ability to use the default policy name by omitting the policyName
parameter in calls to PutKeyPolicy and GetKeyPolicy
* api-change:``mediatailor``: This release adds support to allow customers to show different
content within a channel depending on metadata associated with the viewer.
* api-change:``rds``: This release launches the ModifyIntegration API and support for data
filtering for zero-ETL Integrations.
* api-change:``s3``: Fix two issues with response root node names.
* api-change:``timestream-query``: Documentation updates, March 2024
- from version 1.34.64
* api-change:``backup``: This release introduces a boolean attribute ManagedByAWSBackupOnly as part
of ListRecoveryPointsByResource api to filter the recovery points based on ownership. This
attribute can be used to filter out the recovery points protected by AWSBackup.
* api-change:``codebuild``: AWS CodeBuild now supports overflow behavior on Reserved Capacity.
* api-change:``connect``: This release adds Hierarchy based Access Control fields to Security
Profile public APIs and adds support for UserAttributeFilter to SearchUsers API.
* api-change:``ec2``: Add media accelerator and neuron device information on the describe instance
types API.
* api-change:``kinesisanalyticsv2``: Support for Flink 1.18 in Managed Service for Apache Flink
* api-change:``s3``: Documentation updates for Amazon S3.
* api-change:``sagemaker``: Adds m6i, m6id, m7i, c6i, c6id, c7i, r6i r6id, r7i, p5 instance type
support to Sagemaker Notebook Instances and miscellaneous wording fixes for previous Sagemaker
documentation.
* api-change:``workspaces-thin-client``: Removed unused parameter kmsKeyArn from UpdateDeviceRequest
- from version 1.34.63
* api-change:``amplify``: Documentation updates for Amplify. Identifies the APIs available only to
apps created using Amplify Gen 1.
* api-change:``ec2-instance-connect``: This release includes a new exception type
"SerialConsoleSessionUnsupportedException" for SendSerialConsoleSSHPublicKey API.
* api-change:``elbv2``: This release allows you to configure HTTP client keep-alive duration for
communication between clients and Application Load Balancers.
* api-change:``fis``: This release adds support for previewing target resources before running a
FIS experiment. It also adds resource ARNs for actions, experiments, and experiment templates to
API responses.
* api-change:``iot-roborunner``: The iot-roborunner client has been removed following the
deprecation of the service.
* api-change:``rds``: Updates Amazon RDS documentation for EBCDIC collation for RDS for Db2.
* api-change:``secretsmanager``: Doc only update for Secrets Manager
* api-change:``timestream-influxdb``: This is the initial SDK release for Amazon Timestream for
InfluxDB. Amazon Timestream for InfluxDB is a new time-series database engine that makes it easy
for application developers and DevOps teams to run InfluxDB databases on AWS for near real-time
time-series applications using open source APIs.
* enhancement:``urllib3``: Added support for urllib3 2.2.1+ in Python 3.10+
- from version 1.34.62
* api-change:``ivs-realtime``: adds support for multiple new composition layout configuration
options (grid, pip)
* api-change:``kinesisanalyticsv2``: Support new RuntimeEnvironmentUpdate parameter within
UpdateApplication API allowing callers to change the Flink version upon which their application
runs.
* api-change:``s3``: This release makes the default option for S3 on Outposts request signing to
use the SigV4A algorithm when using AWS Common Runtime (CRT).
- from version 1.34.61
* api-change:``cloudformation``: CloudFormation documentation update for March, 2024
* api-change:``connect``: This release increases MaxResults limit to 500 in request for
SearchUsers, SearchQueues and SearchRoutingProfiles APIs of Amazon Connect.
* api-change:``ec2``: Documentation updates for Amazon EC2.
* api-change:``kafka``: Added support for specifying the starting position of topic replication in
MSK-Replicator.
* api-change:``ssm``: March 2024 doc-only updates for Systems Manager.
- from version 1.34.60
* api-change:``codestar-connections``: Added a sync configuration enum to disable publishing of
deployment status to source providers (PublishDeploymentStatus). Added a sync configuration enum
(TriggerStackUpdateOn) to only trigger changes.
* api-change:``elasticache``: Revisions to API text that are now to be carried over to SDK text,
changing usages of "SFO" in code examples to "us-west-1", and some other typos.
* api-change:``mediapackagev2``: This release enables customers to safely update their MediaPackage
v2 channel groups, channels and origin endpoints using entity tags.
- from version 1.34.59
* api-change:``batch``: This release adds JobStateTimeLimitActions setting to the Job Queue API. It
allows you to configure an action Batch can take for a blocking job in front of the queue after the
defined period of time. The new parameter applies for ECS, EKS, and FARGATE Job Queues.
* api-change:``bedrock-agent-runtime``: Documentation update for Bedrock Runtime Agent
* api-change:``cloudtrail``: Added exceptions to CreateTrail, DescribeTrails, and
ListImportFailures APIs.
* api-change:``codebuild``: This release adds support for a new webhook event: PULL_REQUEST_CLOSED.
* api-change:``cognito-idp``: Add ConcurrentModificationException to SetUserPoolMfaConfig
* api-change:``guardduty``: Add RDS Provisioned and Serverless Usage types
* api-change:``transfer``: Added DES_EDE3_CBC to the list of supported encryption algorithms for
messages sent with an AS2 connector.
- from version 1.34.58
* api-change:``appconfig``: AWS AppConfig now supports dynamic parameters, which enhance the
functionality of AppConfig Extensions by allowing you to provide parameter values to your
Extensions at the time you deploy your configuration.
* api-change:``ec2``: This release adds an optional parameter to RegisterImage and CopyImage APIs
to support tagging AMIs at the time of creation.
* api-change:``grafana``: Adds support for the new GrafanaToken as part of the Amazon Managed
Grafana Enterprise plugins upgrade to associate your AWS account with a Grafana Labs account.
* api-change:``lambda``: Documentation updates for AWS Lambda
* api-change:``payment-cryptography-data``: AWS Payment Cryptography EMV Decrypt Feature Release
* api-change:``rds``: Updates Amazon RDS documentation for io2 storage for Multi-AZ DB clusters
* api-change:``snowball``: Doc-only update for change to EKS-Anywhere ordering.
* api-change:``wafv2``: You can increase the max request body inspection size for some regional
resources. The size setting is in the web ACL association config. Also, the
AWSManagedRulesBotControlRuleSet EnableMachineLearning setting now takes a Boolean instead of a
primitive boolean type, for languages like Java.
* api-change:``workspaces``: Added note for user decoupling
- from version 1.34.57
* api-change:``dynamodb``: Doc only updates for DynamoDB documentation
* api-change:``imagebuilder``: Add PENDING status to Lifecycle Execution resource status. Add
StartTime and EndTime to ListLifecycleExecutionResource API response.
* api-change:``mwaa``: Amazon MWAA adds support for Apache Airflow v2.8.1.
* api-change:``rds``: Updated the input of CreateDBCluster and ModifyDBCluster to support setting
CA certificates. Updated the output of DescribeDBCluster to show current CA certificate setting
value.
* api-change:``redshift``: Update for documentation only. Covers port ranges, definition updates
for data sharing, and definition updates to cluster-snapshot documentation.
* api-change:``verifiedpermissions``: Deprecating details in favor of configuration for
GetIdentitySource and ListIdentitySources APIs.
- from version 1.34.56
* api-change:``apigateway``: Documentation updates for Amazon API Gateway
* api-change:``chatbot``: Minor update to documentation.
* api-change:``organizations``: This release contains an endpoint addition
* api-change:``sesv2``: Adds support for providing custom headers within SendEmail and
SendBulkEmail for SESv2.
- Update to 1.34.55
* api-change:``docdb-elastic``: Launched Elastic Clusters Readable
Secondaries, Start/Stop, Configurable Shard Instance count, Automatic
Backups and Snapshot Copying
* api-change:``quicksight``: TooltipTarget for Combo chart visuals;
ColumnConfiguration limit increase to 2000; Documentation Update
* api-change:``amplifyuibuilder``: We have added the ability to tag resources
after they are created
* api-change:``internetmonitor``: This release adds IPv4 prefixes to health events
* api-change:``iotevents``: Increase the maximum length of descriptions for
Inputs, Detector Models, and Alarm Models
* api-change:``lambda``: Add .NET 8 (dotnet8) Runtime support to AWS Lambda.
* api-change:``chatbot``: This release adds support for AWS Chatbot. You can
now monitor, operate, and troubleshoot your AWS resources with interactive
ChatOps using the AWS SDK.
* api-change:``sns``: This release marks phone numbers as sensitive inputs.
* api-change:``artifact``: This is the initial SDK release for AWS Artifact.
AWS Artifact provides on-demand access to compliance and third-party
compliance reports. This release includes access to List and Get reports,
along with their metadata. This release also includes access to AWS
Artifact notifications settings.
* api-change:``guardduty``: Marked fields IpAddressV4, PrivateIpAddress, Email as Sensitive.
* api-change:``polly``: Amazon Polly adds 1 new voice - Burcu (tr-TR)
* bugfix:ContainerProvider: Properly refreshes token from file from EKS in ContainerProvider
* api-change:``resource-explorer-2``: Resource Explorer now uses newly
supported IPv4 'amazonaws.com' endpoints by default.
* api-change:``pricing``: Add Throttling Exception to all APIs.
* api-change:``mediaconvert``: This release includes support for
broadcast-mixed audio description tracks.
* api-change:``glue``: Update page size limits for GetJobRuns and GetTriggers APIs.
* Many more changes, see CHANGELOG.rst
- python-pluggy
-
- Update to 1.5.0:
* Features
+ Add support for deprecating specific hook parameters, or more
generally, for issuing a warning whenever a hook implementation
requests certain parameters.
+ A warning ~pluggy.PluggyTeardownRaisedWarning is now issued when an
old-style hookwrapper raises an exception during teardown.
+ Add PluginManager.unblock <pluggy.PluginManager.unblock> method to
unblock a plugin by plugin name.
* Bug Fixes
+ PluginManager.get_plugins() no longer returns None for blocked plugins.
+ Fix ~pluggy.HookCaller.call_extra() extra methods getting ordered
before everything else in some circumstances. Regressed in pluggy 1.1.0.
+ Fix plugins registering other plugins in a hook when the other plugins
implement the same hook itself. Regressed in pluggy 1.1.0.
- Switch to pyproject macros.
- Revert to 1.3.0
* Pytest 7 is not compatible with pluggy 1.4 but many packages
are not compatible with pytest 8 yet
- update to 1.4.0:
* A warning :class:`~pluggy.PluggyTeardownRaisedWarning`
is now issued when an old-style hookwrapper raises an
exception during teardown. See the warning documentation for
more details.
* Add :func:`PluginManager.unblock
<pluggy.PluginManager.unblock>` method to unblock a plugin by
plugin name.
* Fix :func:`~pluggy.HookCaller.call_extra()` extra
methods getting ordered before everything else in some
circumstances. Regressed in pluggy 1.1.0.
* Fix plugins registering other plugins in a hook when
the other plugins implement the same hook itself. Regressed
in pluggy 1.1.0.
- update to 1.3.0:
* Python 3.7 is no longer supported.
* Pluggy now exposes its typings to static type checkers.
* Some fields and classes are marked ``Final`` and ``@final``.
* The :ref:`api-reference` is updated to clearly delineate
pluggy's public API.
Compatibility aliases are put in place for the renamed types.
Please note that pluggy is currently unable to provide strong
typing for hook calls, e.g. ``pm.hook.my_hook(...)``,
nor to statically check that a hook implementation matches
the hook specification's type.
* The new-style hook wrappers, added in the yanked 1.1.0
release, now require an explicit ``wrapper=True`` designation
in the ``@hookimpl()`` decorator.
- regionServiceClientConfigEC2
-
- Update to version 5.0.0 (bsc#1246995)
+ SLE 16 python-requests requiers SSL v3 certificates. Update 2
region server certs to support SLE 16 when it gets released.
- Update dependency to accomodate metadata binary package name change
in SLE 16 (bsc#1243419)
- selinux-policy
-
- Update to version 20230511+git32.d19008bdb:
* Make wicked script backwards compatible (bsc#1251923)
* Allow wicket to manage its proc directories (bsc#1235731)
* Allow NM to manage wicked pid files (bsc#1235731)
* Allow NM to reach systemd unit files (bsc#1235731)
* Dontaudit getty and plymouth the checkpoint_restore capability
* allow wicked to connect to networkmanager and mange pid files for it (bsc#1243291)
* Introduce unconfined wicked_script_t (bsc#1205770, bsc#1250661)
- suse-build-key
-
- adjust UID (name + email) of SLES16 signing key with official
names. (bsc#1245223)
- server-attestation-image
-
n/a
- server-hub-xmlrpc-api-image
-
n/a
- server-image
-
n/a
- server-migration-14-16-image
-
n/a
- suse-module-tools
-
- Update to version 15.5.7:
* add blacklist entry for reiserfs (jsc#PED-6167)
* Add more modules to file system blacklist (jsc#PED-6167)
* Add hfsplus to file system blacklist (bsc#1240950, jsc#PED-12632)
- Update to version 15.5.6:
* udevrules: activate CPUs on hotplug for s390, too (bsc#1224400)
- sysconfig
-
- version 0.85.10
* codespell run for all repository files and changes file
* spec: define permissions for ghost file attrs to avoid
rpm --restore resets them to 0 (bsc#1237595).
* spec: fix name-repeated-in-summary rpmlint warning
- systemd-presets-branding-SMO
-
- Enable sysstat_collect.timer and sysstat_summary.timer.
Bugs: bsc#1244553 / bsc#1246835
- Modified sources:
* 50-default-SUSE_MicroOS.preset
- systemd-rpm-macros
-
- Bump version to 16
- Introduce %udev_trigger_with_reload() for packages that need to trigger events
in theirs scriplets. The new macro automatically triggers a reload of the udev
rule files as this step is often overlooked by packages (bsc#1237143).
- vim
-
- Fix the following CVEs and bugs:
* bsc#1246602 (CVE-2025-53906)
* bsc#1246604 (CVE-2025-53905)
* bsc#1247939 (CVE-2025-55158)
* bsc#1247938 (CVE-2025-55157)
- Update to 9.1.1629:
9.1.1629: Vim9: Not able to use more than 10 type arguments in a generic function
9.1.1628: fuzzy.c has a few issues
9.1.1627: fuzzy matching can be improved
9.1.1626: cindent: does not handle compound literals
9.1.1625: Autocompletion slow with include- and tag-completion
9.1.1624: Cscope not enabled on MacOS
9.1.1623: Buffer menu does not handle unicode names correctly
9.1.1622: Patch v9.1.1432 causes performance regressions
9.1.1621: flicker in popup menu during cmdline autocompletion
9.1.1620: filetype: composer.lock and symfony.lock files not recognized
9.1.1619: Incorrect E535 error message
9.1.1618: completion: incorrect selected index returned from complete_info()
9.1.1617: Vim9: some error messages can be improved
9.1.1616: xxd: possible buffer overflow with bitwise output
9.1.1615: diff format erroneously detected
9.1.1614: Vim9: possible variable type change
9.1.1613: tests: test_search leaves a few swapfiles behind
9.1.1612: Ctrl-G/Ctrl-T do not ignore the end search delimiter
9.1.1611: possible undefined behaviour in mb_decompose()
9.1.1610: completion: hang or E684 when 'tagfunc' calls complete()
9.1.1609: complete: Heap-buffer overflow with complete function
9.1.1608: No command-line completion for :unsilent {command}
9.1.1607: :apple command detected as :append
9.1.1606: filetype: a few more files are not recognized
9.1.1605: cannot specify scope for chdir()
9.1.1604: completion: incsearch highlight might be lost
9.1.1603: completion: cannot use autoloaded funcs in 'complete' F{func}
9.1.1602: filetype: requirements-*.txt files are not recognized
9.1.1601: Patch v8.1.0425 was wrong
9.1.1600: using diff anchors with hidden buffers fails silently
9.1.1599: :bnext doesn't go to unlisted help buffers
9.1.1598: filetype: waybar config file is not recognized
9.1.1597: CI reports leaks in libgtk3 library
9.1.1596: tests: Test_search_wildmenu_iminsert() depends on help file
9.1.1595: Wayland: non-portable use of select()
9.1.1594: completion: search completion throws errors
9.1.1593: Confusing error when compiling incomplete try block
9.1.1592: Vim9: crash with classes and garbage collection
9.1.1591: VMS support can be improved
9.1.1590: cannot perform autocompletion
9.1.1589: Cannot disable cscope interface using configure
9.1.1588: Vim9: cannot split dict inside command block
9.1.1587: Wayland: timeout not updated before select()
9.1.1586: Vim9: can define an enum/interface in a function
9.1.1585: Wayland: gvim still needs GVIM_ENABLE_WAYLAND
9.1.1584: using ints as boolean type
9.1.1583: gvim window lost its icons
9.1.1582: style issue in vim9type.c and vim9generics.c
9.1.1581: possible memory leak in vim9generics.c
9.1.1580: possible memory leak in vim9type.c
9.1.1579: Coverity complains about unchecked return value
9.1.1578: configure: comment still mentions autoconf 2.71
9.1.1577: Vim9: no generic support yet
9.1.1576: cannot easily trigger wildcard expansion
9.1.1575: tabpanel not drawn correctly with wrapped lines
9.1.1574: Dead code in mbyte.c
9.1.1573: Memory leak when pressing Ctrl-D in cmdline mode
9.1.1572: expanding $var does not escape whitespace for 'path'
9.1.1571: CmdlineChanged triggered to often
9.1.1570: Copilot suggested some improvements in cmdexpand.c
9.1.1569: tests: Vim9 tests can be improved
9.1.1568: need a few more default highlight groups
9.1.1567: crash when using inline diff mode
9.1.1566: self-referenced enum may not get freed
9.1.1565: configure: does not consider tiny version for wayland
9.1.1564: crash when opening popup to closing buffer
9.1.1563: completion: ruler may disappear
9.1.1562: close button always visible in the 'tabline'
9.1.1561: configure: wayland test can be improved
9.1.1560: configure: uses $PKG_CONFIG before it is defined
9.1.1559: tests: Test_popup_complete_info_01() fails when run alone
9.1.1558: str2blob() treats NULL string and empty string differently
9.1.1557: not possible to anchor specific lines in difff mode
9.1.1556: string handling in cmdexpand.c can be improved
9.1.1555: completion: repeated insertion of leader
9.1.1554: crash when omni-completion opens command-line window
9.1.1553: Vim9: crash when accessing a variable in if condition
9.1.1552: [security]: path traversal issue in tar.vim
9.1.1551: [security]: path traversal issue in zip.vim
9.1.1550: defaults: 'showcmd' is not enabled in non-compatible mode on Unix
9.1.1549: filetype: pkl files are not recognized
9.1.1548: filetype: OpenFGA files are not recognized
9.1.1547: Wayland: missing ifdef
9.1.1546: Vim9: error with has() and short circuit evaluation
9.1.1545: typo in os_unix.c
9.1.1544: :retab cannot be limited to indentation only
9.1.1543: Wayland: clipboard appears to not be working
9.1.1542: Coverity complains about uninitialized variable
9.1.1541: Vim9: error when last enum value ends with a comma
9.1.1540: completion: menu state wrong on interruption
9.1.1539: completion: messages don't respect 'shm' setting
9.1.1537: helptoc: still some issues when markdown code blocks
9.1.1536: tests: test_plugin_comment uses wrong :Check command
9.1.1535: the maximum search count uses hard-coded value 99
9.1.1534: unnecessary code in tabpanel.c
9.1.1533: helptoc: does not handle code sections in markdown well
9.1.1532: termdebug: not enough ways to configure breakpoints
9.1.1531: confusing error with nested legacy function
9.1.1530: Missing version change in v9.1.1529
9.1.1529: Win32: the toolbar in the GUI is old and dated
9.1.1528: completion: crash with getcompletion()
9.1.1527: Vim9: Crash with string compound assignment
9.1.1526: completion: search completion match may differ in case
9.1.1525: tests: testdir/ is a bit messy
9.1.1524: tests: too many imports in the test suite
9.1.1523: tests: test_clipmethod fails in non X11 environment
9.1.1522: tests: still some ANSI escape sequences in test output
9.1.1521: completion: pum does not reset scroll pos on reopen with 'noselect'
9.1.1520: completion: search completion doesn't handle 'smartcase' well
9.1.1519: tests: Test_termdebug_decimal_breakpoints() may fail
9.1.1518: getcompletiontype() may crash
9.1.1517: filetype: autopkgtest files are not recognized
9.1.1516: tests: no test that 'incsearch' is updated after search completion
9.1.1515: Coverity complains about potential unterminated strings
9.1.1514: Coverity complains about the use of tmpfile()
9.1.1513: resizing Vim window causes unexpected internal window width
9.1.1512: completion: can only complete from keyword characters
9.1.1511: tests: two edit tests change v:testing from 1 to 0
9.1.1510: Search completion may use invalid memory
9.1.1509: patch 9.1.1505 was not good
9.1.1508: string manipulation can be improved in cmdexpand.c
9.1.1507: symlinks are resolved on :cd commands
9.1.1506: tests: missing cleanup in Test_search_cmdline_incsearch_highlight()
9.1.1505: not possible to return completion type for :ex command
9.1.1504: filetype: numbat files are not recognized
9.1.1503: filetype: haxe files are not recognized
9.1.1502: filetype: quickbms files are not recognized
9.1.1501: filetype: flix files are not recognized
9.1.1500: if_python: typo in python error variable
9.1.1499: MS-Windows: no indication of ARM64 architecture
9.1.1498: completion: 'complete' funcs behave different to 'omnifunc'
9.1.1497: Link error with shm_open()
9.1.1496: terminal: still not highlighting empty cells correctly
9.1.1495: Wayland: uses $XDG_SEAT to determine seat
9.1.1494: runtime(tutor): no French translation for Chapter 2
9.1.1493: manually comparing positions on buffer
9.1.1492: tests: failure when Wayland compositor fails to start
9.1.1491: missing out-of-memory checks in cmdexpand.c
9.1.1490: 'wildchar' does not work in search contexts
9.1.1489: terminal: no visual highlight of empty cols with empty 'listchars'
9.1.1488: configure: using obsolete macro AC_PROG_GCC_TRADITIONAL
9.1.1487: :cl doesn't invoke :clist
9.1.1486: documentation issues with Wayland
9.1.1485: missing Wayland clipboard support
9.1.1484: tests: Turkish locale tests fails on Mac
9.1.1483: not possible to translation position in buffer
9.1.1482: scrolling with 'splitkeep' and line()
9.1.1481: gcc complains about uninitialized variable
9.1.1480: Turkish translation outdated
9.1.1479: regression when displaying localized percentage position
9.1.1478: Unused assignment in ex_uniq()
9.1.1476: no easy way to deduplicate text
9.1.1476: missing out-of-memory checks in cmdexpand.c
9.1.1475: completion: regression when "nearest" in 'completeopt'
9.1.1474: missing out-of-memory check in mark.c
9.1.1473: inconsistent range arg for :diffget/diffput
9.1.1472: if_python: PySequence_Fast_{GET_SIZE,GET_ITEM} removed
9.1.1471: completion: inconsistent ordering with CTRL-P
9.1.1470: use-after-free with popup callback on error
9.1.1469: potential buffer-underflow with invalid hl_id
9.1.1468: filetype: bright(er)script files are not recognized
9.1.1467: too many strlen() calls
9.1.1466: filetype: not all lex files are recognized
9.1.1465: tabpanel: not correctly drawn with 'equalalways'
9.1.1464: gv does not work in operator-pending mode
9.1.1463: Integer overflow in getmarklist() after linewise operation
9.1.1462: missing change from patch v9.1.1461
9.1.1461: tabpanel: tabpanel vanishes with popup menu
9.1.1460: MS-Windows: too many strlen() calls in os_win32.c
9.1.1459: xxd: coloring output is inefficient
9.1.1458: tabpanel: tabs not properly updated with 'stpl'
9.1.1457: compile warning with tabpanelopt
9.1.1456: comment plugin fails toggling if 'cms' contains \
9.1.1455: Haiku: dailog objects created with no reference
9.1.1454: tests: no test for pum at line break position
9.1.1453: tests: Test_geometry() may fail
9.1.1452: completion: redundant check for completion flags
9.1.1451: tabpanel rendering artifacts when scrolling
9.1.1450: Session has wrong arglist with :tcd and :arglocal
9.1.1449: typo in pum_display()
9.1.1448: tabpanel is not displayed correctly when msg_scrolled
9.1.1447: completion: crash when backspacing with fuzzy completion
9.1.1446: filetype: cuda-gdb config files are not recognized
9.1.1445: negative matchfuzzy scores although there is a match
9.1.1444: Unused assignment in set_fuzzy_score()
9.1.1443: potential buffer underflow in insertchar()
9.1.1442: tests: Test_diff_fold_redraw() is insufficient
9.1.1441: completion: code can be improved
9.1.1440: too many strlen() calls in os_win32.c
9.1.1439: Last diff folds not merged
9.1.1438: tests: Test_breakindent_list_split() fails
9.1.1437: MS-Windows: internal compile error in uc_list()
9.1.1436: GUI control code is displayed on the console on startup
9.1.1435: completion: various flaws in fuzzy completion
9.1.1434: MS-Windows: missing out-of-memory checks in os_win32.c
9.1.1433: Unnecessary :if when writing session
9.1.1432: GTK GUI: Buffer menu does not handle unicode correctly
9.1.1431: Hit-Enter Prompt when loading session files
9.1.1430: tabpanel may flicker in the GUI
9.1.1429: dragging outside the tabpanel changes tabpagenr
9.1.1428: completion: register completion needs cleanup
9.1.1427: rendering artifacts with the tabpanel
9.1.1426: completion: register contents not completed
9.1.1425: tabpanel: there are still some problems with the tabpanel
9.1.1424: PMenu selection broken with multi-line selection and limits
9.1.1423: :tag command not working correctly using Vim9 Script
9.1.1422: scheduling of complete function can be improved
9.1.1421: tests: need a test for the new-style tutor.tutor
9.1.1420: tests: could need some more tests for shebang lines
9.1.1419: It is difficult to ignore all but some events
9.1.1418: configures GUI auto detection favors GTK2
9.1.1417: missing info about register completion in complete_info()
9.1.1416: completion limits not respected for fuzzy completions
9.1.1415: potential use-after free when there is an error in 'tabpanel'
9.1.1414: MS-Windows: compile warnings in os_win32.c
9.1.1413: spurious CursorHold triggered in GUI on startup
9.1.1412: tests: Test_tabpanel_tabonly() fails on larger screens
9.1.1411: crash when calling non-existing function for tabpanel
9.1.1410: out-of-bounds access with 'completefunc'
9.1.1409: using f-flag in 'complete' conflicts with Neovim
9.1.1408: not easily possible to complete from register content
9.1.1407: Can't use getpos('v') in OptionSet when using setbufvar()
- branding-SLE
-
- Update plymouth theme to fix splash screen element placement issue.
(bsc#1236818)
- zypper
-
- Fixed `bash-completion`: `zypper refresh` now ignores
repository priority lines.
- Changes to support building against restructured libzypp in
stack build (bsc#1230267)
- version 1.14.94
- Fix addrepo to handle explicit --check and --no-check requests
(bsc#1246466)
- Accept "show" as alias for "info" (bsc#1245985)
- version 1.14.93
- sh: Reset solver options after command (bsc#1245496)
- Explicitly selecting DownloadAsNeeded also selects the
classic_rpmtrans backend.
- version 1.14.92
- BuildRequires: libzypp-devel >= 17.37.6.
Enhancements regarding mirror handling during repo refresh. Adapt
to libzypp API changes. (bsc#1230267)
- version 1.14.91